diff --git a/.dockerignore b/.dockerignore index 6c20d71..885ab8c 100644 --- a/.dockerignore +++ b/.dockerignore @@ -1,3 +1,5 @@ +backups + **/Dockerfile **/*.dockerfile **/.dockerignore diff --git a/.gitignore b/.gitignore index 7bbd68f..f212a25 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,4 @@ +backups .kamal/secrets* diff --git a/Makefile b/Makefile deleted file mode 100644 index 3b8b6f8..0000000 --- a/Makefile +++ /dev/null @@ -1,61 +0,0 @@ -ifeq ($(ENV),) -$(error ENV variable is not defined. Please set it to one of development|staging|production) -endif - -.PHONY: flux - -namespaces: - ./scripts/k8s-namespaces.sh - -secrets: - dotenvx run -f .env.${ENV} -- ./scripts/k8s-secrets.sh - -flux: - ./scripts/flux-bootstrap.sh - -cluster: echoenv kind namespaces gateway secrets velero flux metrics chisel - -gateway: - kubectl apply -f https://github.com/kubernetes-sigs/gateway-api/releases/download/v1.2.0/standard-install.yaml - -metrics: - ./scripts/k8s-metrics.sh - -echoenv: - echo "[echoenv] Using ${ENV} environment. If this is not what you want, export ENV=development|staging|production" - -scrap: namespaces secrets velero flux - -velero: - ./scripts/velero-create.sh - -tilt: - kind get kubeconfig > ~/.kube/futureporn.yaml - KUBECONFIG=~/.kube/futureporn.yaml tilt up -f ./Tiltfile - -cert-manager: - kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.15.1/cert-manager.yaml - -exoscale: - kubectl apply -f https://raw.githubusercontent.com/exoscale/cert-manager-webhook-exoscale/master/deploy/exoscale-webhook-kustomize/deploy.yaml - -kind: - ./scripts/kind-with-local-registry.sh - -kindload: - ./scripts/kind-load.sh - -clean: - kind delete cluster - dotenvx run -f .env.${ENV} -- node ./packages/infra/vultr-delete-orphaned-resources.js - -deps: - echo "use `devbox install`" - -# A gitea act runner which runs locally -# https://docs.gitea.com/next/usage/actions/overview -# this doesnt work because of missing docker in docker -# I'm running this using systemd instead -#runner: -# docker run -d --rm -e GITEA_INSTANCE_URL=https://gitea.futureporn.net -e GITEA_RUNNER_REGISTRATION_TOKEN=${GITEA_RUNNER_REGISTRATION_TOKEN} -v /var/run/docker.sock:/var/run/docker.sock -v $$HOME/.local/share/applications/fp/act-runner-data:/data --privileged --name fp-gitea-act-runner gitea/act_runner - diff --git a/README.md b/README.md index fcf6396..b1175b9 100644 --- a/README.md +++ b/README.md @@ -17,15 +17,22 @@ The main gist is as follows devbox install -3. Start a local KIND Kubernetes cluster +3. - make cluster +## backup/restore dev database -4. Start Tilt +@see https://stackoverflow.com/a/29913462/1004931 - make tilt +### backup + +Use devbox helper script + + devbox run backup + +### restore + + cat ./backups/your-backup.sql | docker exec -i postgres_db psql -U postgres -Tilt will manage the KIND cluster, downloading necessary docker containers and building the containers listed in the fp helm chart at ./Charts/fp. Making changes to these charts or the application code will update or re-build the images as necessary. ## Metrics Notes diff --git a/Tiltfile b/Tiltfile deleted file mode 100644 index 22df057..0000000 --- a/Tiltfile +++ /dev/null @@ -1,646 +0,0 @@ -## Tiltfile for working with Futureporn cluster - -## remote development settings -# allow_k8s_contexts('vke-e01a95c7-aa18-45a9-b8c2-ca36b6bb33f3') -# default_registry('ttl.sh/cjfuturepornnet-98ajf9iwejf9iupawh4efu8hawe') - -## don't scrub secrets so we can more easily debug -secret_settings( - disable_scrub=True -) - -## @warning Don't use kubefwd, it's unreliable. In my testing, it deleted important /etc/hosts entries. -## Our workaround for SSL in dev is to use a VPS with caddy and chisel. -## Caddy handles SSL certs/termination and chisel proxies into our cluster. -## This means that cert-manager is only used in staging and production env (not development.) -## This also means Gateway and HTTPRoute is only used in staging and production. -## @todo Caddy/Chisel is not ideal since that setup is out-of-scope of the monorepo. For now it's the best solution because it unblocks our DX -## -## @see https://blog.tilt.dev/2021/09/09/kubefwd-operator.html -# v1alpha1.extension_repo(name='default', url='https://github.com/tilt-dev/tilt-extensions') -# v1alpha1.extension(name='kubefwd:config', repo_name='default', repo_path='kubefwd') - - -## helm_remote and deploy_cert_manager are BANNED because they use too much bandwidth and crash my computer -## -## cert-manager slows down Tilt updates so I prefer to keep it commented unless I specifically need to test certs -## cert-manager loaded using this extension is PAINFULLY SLOW, and it must re-install and re-test every time the Tiltfile changes. -## additionally, it is SYNCRHONOUS, which means nothing else can update until cert-manager is updated. @see https://github.com/tilt-dev/tilt-extensions/pull/90#issuecomment-704381205 -## TL;DR: This is convenient, but it's much faster to use a helm chart for working with cert-manager. -# load('ext://cert_manager', 'deploy_cert_manager') -# deploy_cert_manager( -# load_to_kind=True, -# version='v1.15.1', -# ) -# load('ext://helm_remote', 'helm_remote') - -load('ext://dotenv', 'dotenv') -dotenv(fn='.env.development') - - -## Right now we use Tilt/Helm in dev and Flux/Kustomize/Helm in production. -## It is a pipedream to use the same deployment/templating tool in development as we do in production. This vastly simplifies deployment. -## We can't use Flux in development unless we figure out a way for flux/kustomize to reference our fp Helm chart as a relative directory. -## Right now, we reference gitea.futureporn.net (kind: GitRepository) where Kustomize downloads the fp Helm chart. -## We could possibly rewrite our fp Helm chart as a Kustomization and then deprecate Helm in development. -## k8s_yaml(kustomize('./flux/apps/development')) -## We are constrained to CrossNamespaceObjectReference kind list -## @see https://fluxcd.io/flux/components/helm/api/v2/#helm.toolkit.fluxcd.io/v2.CrossNamespaceObjectReference -## @see https://github.com/fluxcd/helm-controller/blob/c8ae4b6ad225d37b19bacb634db784d6096908ac/api/v2beta2/reference_types.go#L53 - - - - -# helm_remote( -# 'nitter', -# repo_name='truecharts', -# repo_url='https://charts.truecharts.org', -# namespace='futureporn', -# version='7.1.4', -# ) - - -# helm_remote( -# 'kubernetes-ingress-controller', -# repo_name='kubernetes-ingress-controller', -# repo_url='https://ngrok.github.io/kubernetes-ingress-controller', -# namespace='futureporn', -# create_namespace='false', -# set=[ -# 'credentials.apiKey=%s' % os.getenv('NGROK_API_KEY'), -# 'credentials.authtoken=%s' % os.getenv('NGROK_AUTHTOKEN') -# ] -# ) - - -# k8s_yaml(helm( -# './charts/nitter', -# values=['./charts/nitter/values.yaml'], -# )) - - - -k8s_yaml(helm( - './charts/traefik/traefik', - namespace='futureporn', - values=[ - './charts/traefik/values-overrides.yaml' - ] -)) - -k8s_yaml(helm( - './charts/fp', - values=['./charts/fp/values.yaml'], -)) -# we are using a local helm chart instead of using helm_remote because that command makes the tilt builds Hella slow. -# to download this chart, we used the following commands. -# future re-pulling is needed to keep things up-to-date. -# -# helm repo add bitnami https://charts.bitnami.com/bitnami -# helm pull bitnami/postgresql --untar --destination ./charts/postgresql -k8s_yaml(helm( - './charts/postgresql/postgresql', - namespace='futureporn', - values=[ - './charts/postgresql/values-overrides.yaml' - ] -)) - - -# k8s_yaml(helm( -# './charts/velero/velero', -# namespace='velero', -# values=[ -# './charts/velero/values.yaml' -# ] -# )) - - - -# k8s_yaml(helm( -# './charts/drupal/drupal', -# namespace='futureporn', -# values=[ -# './charts/drupal/values-overrides.yaml' -# ] -# )) - -# k8s_yaml(helm( -# './charts/phpmyadmin/phpmyadmin', -# namespace='futureporn', -# values=[ -# './charts/phpmyadmin/values-overrides.yaml' -# ] -# )) - -# k8s_yaml(helm( -# './charts/mariadb/mariadb', -# namespace='futureporn', -# values=[ -# './charts/mariadb/values-overrides.yaml' -# ] -# )) - -# k8s_yaml(helm( -# './charts/external-secrets/external-secrets', -# namespace='futureporn', -# )) - - - - -# ## redis is for uppy -# ## before you think of switching to valkey, dragonfly, or one of the other redis alternatives, STOP. Uppy is picky. -# ## I tested dragonfly, valkey, and KeyDB. Uppy's ioredis client was unable to connect. "ECONNREFUSED" ... -# ## Uppy was only happy connecting to official redis. -k8s_yaml(helm( - './charts/redis/redis', - namespace='futureporn', - values=[ - './charts/redis/values-overrides.yaml' - ] -)) -k8s_resource( - workload='redis-master', - labels=['database'] -) - -k8s_yaml(helm( - './charts/cert-manager/cert-manager', - namespace='cert-manager', - values=['./charts/cert-manager/values-overrides.yaml'] -)) - -k8s_yaml(helm( - './charts/chisel-operator/chisel-operator', - namespace='futureporn', - values=['./charts/chisel-operator/values-overrides.yaml'] -)) -k8s_resource( - workload='chisel-operator', - labels=['networking'], -) - -## ngrok -# k8s_yaml(helm( -# './charts/kubernetes-ingress-controller/kubernetes-ingress-controller', -# namespace='futureporn', -# values=['./charts/kubernetes-ingress-controller/values-overrides.yaml'] -# )) - - -# docker_build('fp/link2cid', './packages/link2cid') - - -# docker_build( -# 'fp/bot', -# '.', -# only=[ -# './.npmrc', -# './package.json', -# './pnpm-lock.yaml', -# './pnpm-workspace.yaml', -# './services/bot', -# './packages/types', -# './packages/utils', -# './packages/fetchers', -# ], -# dockerfile='./dockerfiles/bot.dockerfile', -# target='dev', -# live_update=[ -# sync('./services/bot', '/app/services/bot') -# ] -# ) - -# docker_build( -# 'fp/scout', -# '.', -# only=[ -# './.npmrc', -# './package.json', -# './pnpm-lock.yaml', -# './pnpm-workspace.yaml', -# './packages/types', -# './packages/utils', -# './packages/fetchers', -# './services/scout', -# ], -# dockerfile='./dockerfiles/scout.dockerfile', -# target='dev', -# # target='prod', -# live_update=[ -# sync('./services/scout', '/app/services/scout') -# ] -# ) - - - - - - -load('ext://uibutton', 'cmd_button') - - -cmd_button('postgres:restore', - argv=['./scripts/postgres-restore.sh'], - resource='postgresql-primary', - icon_name='upload', - text='restore db from backup', -) -cmd_button('postgres:drop', - argv=['sh', './scripts/postgres-drop.sh'], - resource='postgresql-primary', - icon_name='delete', - text='DROP all databases' -) -cmd_button('postgres:create:bright', - argv=['sh', './scripts/postgres-create-bright.sh'], - resource='bright', - icon_name='star', - text='Create bright db' -) -cmd_button('postgres:create:superstreamer', - argv=['sh', './scripts/postgres-create-superstreamer.sh'], - resource='superstreamer-api', - icon_name='star', - text='Create superstreamer db' -) -# cmd_button('migrations-schema:refresh', -# argv=['echo', '@todo please restart postgrest container manually.'], -# resource='migrations-schema', -# icon_name='refresh', -# text='Refresh schema cache' -# ) -# cmd_button('migrations-data:refresh', -# argv=['echo', '@todo please restart postgrest container manually.'], -# resource='migrations-data', -# icon_name='refresh', -# text='Refresh schema cache' -# ) -## @todo let's make this get a random room from scout then use the random room to record via POST /recordings -# cmd_button('capture-worker:create', -# argv=['./scripts/capture-integration.sh'], -# resource='capture-worker', -# icon_name='send', -# text='Recording Integration Test' -# ) -# k8s_resource( -# workload='capture-worker', -# labels=['backend'], -# resource_deps=['postgrest', 'postgresql-primary'], -# ) -k8s_resource( - workload='superstreamer-app', - labels=['app'], - resource_deps=['postgresql-primary', 'redis-master'], - port_forwards=['52002'] -) -k8s_resource( - workload='superstreamer-api', - labels=['app'], - resource_deps=['postgresql-primary', 'redis-master'], - port_forwards=['52001'] -) -k8s_resource( - workload='superstreamer-stitcher', - labels=['app'], - resource_deps=['postgresql-primary', 'redis-master'], -) -k8s_resource( - workload='superstreamer-artisan', - labels=['app'], - resource_deps=['postgresql-primary', 'redis-master'], -) - - -cmd_button('pgadmin4:restore', - argv=['./scripts/pgadmin-import-connection.sh'], - resource='pgadmin4', - icon_name='hub', - text='import connection', -) -cmd_button('build:test', - argv=['./scripts/build-test.sh'], - resource='build', - icon_name='build', - text='test', -) - -## we ignore unused image warnings because we do actually use this image. -## instead of being invoked by helm, we start a container using this image manually via Tilt UI -# update_settings(suppress_unused_image_warnings=["fp/migrations"]) -# docker_build( -# 'fp/migrations-schema', -# '.', -# dockerfile='dockerfiles/migrations-schema.dockerfile', -# target='migrations-schema', -# pull=False, -# only=[ -# './.npmrc', -# './package.json', -# './pnpm-lock.yaml', -# './pnpm-workspace.yaml', -# './services/migrations-schema' -# ], -# ) -# docker_build( -# 'fp/migrations-data', -# '.', -# dockerfile='dockerfiles/migrations-data.dockerfile', -# target='migrations-data', -# pull=False, -# only=[ -# './.npmrc', -# './package.json', -# './pnpm-lock.yaml', -# './pnpm-workspace.yaml', -# './services/migrations-data' -# ], -# ) - -## Uncomment the following for fp/next in dev mode -## this is useful for changing the UI and seeing results -# docker_build( -# 'fp/next', -# '.', -# dockerfile='dockerfiles/next.dockerfile', -# target='dev', -# live_update=[ -# sync('./services/next', '/app/services/next') -# ], -# pull=False, -# ) -# docker_build( -# 'fp/superstreamer-artisan', -# './contrib/superstreamer/packages/artisan', -# dockerfile='contrib/superstreamer/packages/artisan/Dockerfile', -# ) -# docker_build( -# 'fp/superstreamer-api', -# './contrib/superstreamer/packages/api', -# dockerfile='contrib/superstreamer/packages/api/Dockerfile', -# ) -# docker_build( -# 'fp/superstreamer-app', -# './contrib/superstreamer/packages/app', -# dockerfile='contrib/superstreamer/packages/app/Dockerfile', -# ) -# docker_build( -# 'fp/superstreamer-stitcher', -# './contrib/superstreamer/packages/stitcher', -# dockerfile='contrib/superstreamer/packages/stitcher/Dockerfile', -# ) - -docker_build( - 'fp/bright', - '.', - dockerfile='dockerfiles/bright.dockerfile', - live_update=[ - sync('./services/bright', '/app') - ], - target='dev' -) - - - - - -# docker_build( -# 'fp/mailbox', -# '.', -# dockerfile='dockerfiles/mailbox.dockerfile', -# target='mailbox', -# only=[ -# './.npmrc', -# './package.json', -# './pnpm-lock.yaml', -# './pnpm-workspace.yaml', -# './services/mailbox', -# './packages/types', -# './packages/utils', -# './packages/fetchers', -# './packages/video', -# './packages/storage', -# ], -# live_update=[ -# sync('./services/mailbox', '/app'), -# run('cd /app && pnpm i', trigger=['./services/mailbox/package.json', './services/mailbox/pnpm-lock.yaml']), -# ], -# pull=False, -# # entrypoint='pnpm nodemon --ext js,ts,json,yaml --exec node --no-warnings=ExperimentalWarning --loader ts-node/esm ./src/index.ts' -# ) - - - - -# docker_build( -# 'fp/capture', -# '.', -# dockerfile='dockerfiles/capture.dockerfile', -# target='dev', -# only=[ -# './.npmrc', -# './package.json', -# './pnpm-lock.yaml', -# './pnpm-workspace.yaml', -# './packages/types', -# './packages/utils', -# './packages/fetchers', -# './services/capture', -# ], -# live_update=[ -# sync('./services/capture', '/app/services/capture'), -# ], -# pull=False, -# ) - - - - - - -# k8s_resource( -# workload='scout', -# resource_deps=['postgresql-primary'], -# # port_forwards=['8134'], -# labels=['backend'], -# ) -# k8s_resource( -# workload='uppy', -# links=[ -# link('https://uppy.fp.sbtp.xyz'), -# ], -# resource_deps=['redis-master'], -# labels=['backend'], -# ) -# k8s_resource( -# workload='next', -# links=[ -# link('https://next.fp.sbtp.xyz') -# ], -# resource_deps=['postgrest', 'postgresql-primary'], -# labels=['frontend'], -# port_forwards=['3000'], -# ) -k8s_resource( - workload='bright', - links=[ - link('https://bright.fp.sbtp.xyz') - ], - resource_deps=['postgresql-primary'], - labels=['app'], - port_forwards=['4000'], -) - -# whoami is for testing routing -k8s_resource( - workload='whoami', - labels=['app'], - links=[ - link('https://whoami.fp.sbtp.xyz/') - ] -) -k8s_resource( - workload='postgresql-primary', - # port_forwards=['5432'], - labels=['database'], -) -k8s_resource( - workload='postgresql-read', - labels=['database'] -) - - -# k8s_resource( -# workload='chart-velero', -# resource_deps=['postgresql-primary'], -# labels=['backend'], -# ) -# k8s_resource( -# workload='chart-velero-upgrade-crds', -# resource_deps=['postgresql-primary'], -# labels=['backend'], -# ) - - - - -# k8s_resource( -# workload='mailbox', -# resource_deps=['postgresql-primary', 'postgrest'], -# labels=['backend'], -# ) - -# k8s_resource( -# workload='nitter', -# port_forwards=['6060:10606'], -# ) - -# temporarily disabled to save CPU resources -# helm_remote( -# 'kube-prometheus-stack', -# repo_name='kube-prometheus-stack', -# repo_url='https://prometheus-community.github.io/helm-charts', -# namespace='futureporn', -# version='61.1.1', -# set=[ -# 'prometheus.prometheusSpec.storageSpec.volumeClaimTemplate.spec.storageClassName=vultr-block-storage', -# 'admin.existingSecret=grafana', -# 'sidecar.dashboards.enabled=true', -# 'grafana.admin.existingSecret=grafana', -# 'grafana.sidecar.dashboards.enabled=true', -# 'grafana.sidecar.dashboards.defaultFolderName=balls', -# 'grafana.sidecar.dashboards.label=grafana_dashboard', -# 'grafana.sidecar.dashboards.provider.foldersFromFileStructure=true' -# ] -# ) - - - -k8s_resource( - workload='external-dns', - labels=['networking'], -) - -k8s_resource( - workload='cert-manager-webhook-exoscale', - labels=['networking'], -) - - -# k8s_resource( -# workload='factory', -# labels=['backend'], -# ) -# docker_build( -# 'fp/factory', -# '.', -# dockerfile='./dockerfiles/factory.dockerfile', -# target='dev', -# live_update=[ -# sync('./services/factory', '/app/services/factory') -# ], -# pull=False, -# ) - - -# k8s_resource( -# workload='bot', -# labels=['backend'], -# resource_deps=['postgrest'], -# ) - -# k8s_resource( -# workload='chihaya', -# labels=['backend'] -# ) -# k8s_resource( -# workload='postgrest', -# # port_forwards=['9000'], -# labels=['database'], -# links=[ -# link('https://postgrest.fp.sbtp.xyz'), -# ], -# resource_deps=['postgresql-primary'], -# ) -k8s_resource( - workload='traefik', - links=[ - link('https://traefik.fp.sbtp.xyz/whoami'), - link('https://traefik.fp.sbtp.xyz/postgrest'), - ], - labels=['networking'], -) -k8s_resource( - workload='pgadmin4', - port_forwards=['5050:80'], - labels=['database'], -) -# k8s_resource( -# workload='migrations-schema', -# labels=['database'], -# resource_deps=['postgresql-primary'], -# ) -# k8s_resource( -# workload='migrations-data', -# labels=['database'], -# resource_deps=['postgresql-primary'], -# ) - -k8s_resource( - workload='cert-manager', - labels=['certificates'], -) -k8s_resource( - workload='cert-manager-cainjector', - labels=['certificates'], -) -k8s_resource( - workload='cert-manager-webhook', - labels=['certificates'], -) -k8s_resource( - workload='cert-manager-startupapicheck', - labels=['certificates'], -) - diff --git a/certs/letsencrypt-stg-root-x1.pem b/certs/letsencrypt-stg-root-x1.pem deleted file mode 100644 index 37655b2..0000000 --- a/certs/letsencrypt-stg-root-x1.pem +++ /dev/null @@ -1,32 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIFmDCCA4CgAwIBAgIQU9C87nMpOIFKYpfvOHFHFDANBgkqhkiG9w0BAQsFADBm -MQswCQYDVQQGEwJVUzEzMDEGA1UEChMqKFNUQUdJTkcpIEludGVybmV0IFNlY3Vy -aXR5IFJlc2VhcmNoIEdyb3VwMSIwIAYDVQQDExkoU1RBR0lORykgUHJldGVuZCBQ -ZWFyIFgxMB4XDTE1MDYwNDExMDQzOFoXDTM1MDYwNDExMDQzOFowZjELMAkGA1UE -BhMCVVMxMzAxBgNVBAoTKihTVEFHSU5HKSBJbnRlcm5ldCBTZWN1cml0eSBSZXNl -YXJjaCBHcm91cDEiMCAGA1UEAxMZKFNUQUdJTkcpIFByZXRlbmQgUGVhciBYMTCC -AiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALbagEdDTa1QgGBWSYkyMhsc -ZXENOBaVRTMX1hceJENgsL0Ma49D3MilI4KS38mtkmdF6cPWnL++fgehT0FbRHZg -jOEr8UAN4jH6omjrbTD++VZneTsMVaGamQmDdFl5g1gYaigkkmx8OiCO68a4QXg4 -wSyn6iDipKP8utsE+x1E28SA75HOYqpdrk4HGxuULvlr03wZGTIf/oRt2/c+dYmD -oaJhge+GOrLAEQByO7+8+vzOwpNAPEx6LW+crEEZ7eBXih6VP19sTGy3yfqK5tPt -TdXXCOQMKAp+gCj/VByhmIr+0iNDC540gtvV303WpcbwnkkLYC0Ft2cYUyHtkstO -fRcRO+K2cZozoSwVPyB8/J9RpcRK3jgnX9lujfwA/pAbP0J2UPQFxmWFRQnFjaq6 -rkqbNEBgLy+kFL1NEsRbvFbKrRi5bYy2lNms2NJPZvdNQbT/2dBZKmJqxHkxCuOQ -FjhJQNeO+Njm1Z1iATS/3rts2yZlqXKsxQUzN6vNbD8KnXRMEeOXUYvbV4lqfCf8 -mS14WEbSiMy87GB5S9ucSV1XUrlTG5UGcMSZOBcEUpisRPEmQWUOTWIoDQ5FOia/ -GI+Ki523r2ruEmbmG37EBSBXdxIdndqrjy+QVAmCebyDx9eVEGOIpn26bW5LKeru -mJxa/CFBaKi4bRvmdJRLAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMB -Af8EBTADAQH/MB0GA1UdDgQWBBS182Xy/rAKkh/7PH3zRKCsYyXDFDANBgkqhkiG -9w0BAQsFAAOCAgEAncDZNytDbrrVe68UT6py1lfF2h6Tm2p8ro42i87WWyP2LK8Y -nLHC0hvNfWeWmjZQYBQfGC5c7aQRezak+tHLdmrNKHkn5kn+9E9LCjCaEsyIIn2j -qdHlAkepu/C3KnNtVx5tW07e5bvIjJScwkCDbP3akWQixPpRFAsnP+ULx7k0aO1x -qAeaAhQ2rgo1F58hcflgqKTXnpPM02intVfiVVkX5GXpJjK5EoQtLceyGOrkxlM/ -sTPq4UrnypmsqSagWV3HcUlYtDinc+nukFk6eR4XkzXBbwKajl0YjztfrCIHOn5Q -CJL6TERVDbM/aAPly8kJ1sWGLuvvWYzMYgLzDul//rUF10gEMWaXVZV51KpS9DY/ -5CunuvCXmEQJHo7kGcViT7sETn6Jz9KOhvYcXkJ7po6d93A/jy4GKPIPnsKKNEmR -xUuXY4xRdh45tMJnLTUDdC9FIU0flTeO9/vNpVA8OPU1i14vCz+MU8KX1bV3GXm/ -fxlB7VBBjX9v5oUep0o/j68R/iDlCOM4VVfRa8gX6T2FU7fNdatvGro7uQzIvWof -gN9WUwCbEMBy/YhBSrXycKA8crgGg3x1mIsopn88JKwmMBa68oS7EHM9w7C4y71M -7DiA+/9Qdp9RBWJpTS9i/mDnJg1xvo8Xz49mrrgfmcAXTCJqXi24NatI3Oc= ------END CERTIFICATE----- diff --git a/certs/letsencrypt-stg-root-x2.pem b/certs/letsencrypt-stg-root-x2.pem deleted file mode 100644 index f627e1d..0000000 --- a/certs/letsencrypt-stg-root-x2.pem +++ /dev/null @@ -1,15 +0,0 @@ ------BEGIN CERTIFICATE----- -MIICTjCCAdSgAwIBAgIRAIPgc3k5LlLVLtUUvs4K/QcwCgYIKoZIzj0EAwMwaDEL -MAkGA1UEBhMCVVMxMzAxBgNVBAoTKihTVEFHSU5HKSBJbnRlcm5ldCBTZWN1cml0 -eSBSZXNlYXJjaCBHcm91cDEkMCIGA1UEAxMbKFNUQUdJTkcpIEJvZ3VzIEJyb2Nj -b2xpIFgyMB4XDTIwMDkwNDAwMDAwMFoXDTQwMDkxNzE2MDAwMFowaDELMAkGA1UE -BhMCVVMxMzAxBgNVBAoTKihTVEFHSU5HKSBJbnRlcm5ldCBTZWN1cml0eSBSZXNl -YXJjaCBHcm91cDEkMCIGA1UEAxMbKFNUQUdJTkcpIEJvZ3VzIEJyb2Njb2xpIFgy -MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEOvS+w1kCzAxYOJbA06Aw0HFP2tLBLKPo -FQqR9AMskl1nC2975eQqycR+ACvYelA8rfwFXObMHYXJ23XLB+dAjPJVOJ2OcsjT -VqO4dcDWu+rQ2VILdnJRYypnV1MMThVxo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYD -VR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU3tGjWWQOwZo2o0busBB2766XlWYwCgYI -KoZIzj0EAwMDaAAwZQIwRcp4ZKBsq9XkUuN8wfX+GEbY1N5nmCRc8e80kUkuAefo -uc2j3cICeXo1cOybQ1iWAjEA3Ooawl8eQyR4wrjCofUE8h44p0j7Yl/kBlJZT8+9 -vbtH7QiVzeKCOTQPINyRql6P ------END CERTIFICATE----- diff --git a/charts/README.md b/charts/README.md deleted file mode 100644 index ce99127..0000000 --- a/charts/README.md +++ /dev/null @@ -1,49 +0,0 @@ -# Futureporn Helm charts - -These charts define the bulk of Futureporn's Kubernetes (k8s) payload. (Some of the infrastrucutre-specific payload is at `/flux/`) -In production, Flux CD deploys these charts into the k8s cluster. - - -## development - -We are using a local Helm charts instead of using Tilt's `helm_remote` because that command makes the Tilt builds Hella slow. - -We override default values in the parent folder. - -/charts/postgresql/postgresql/values.yaml -/charts/postgresql/values-overrides.yaml - -### postgresql - - helm repo add bitnami https://charts.bitnami.com/bitnami --force-update - helm pull bitnami/postgresql --untar --destination ./charts/postgresql - -### cert-manager - - helm repo add jetstack https://charts.jetstack.io --force-update - helm pull jetstack/cert-manager --untar --destination ./charts/cert-manager - -### redis - - helm repo add bitnami https://charts.bitnami.com/bitnami - helm pull bitnami/redis --version 20.0.1 --untar --destination ./charts/redis - -### chisel-operator - - helm pull oci://ghcr.io/fyralabs/chisel-operator/chisel-operator --version 0.1.0 --untar --destination ./charts/chisel-operator - -### traefik - - helm repo add traefik https://traefik.github.io/charts - helm pull traefik/traefik --version 33.0.0 --untar --destination ./charts/traefik - -### velero - - helm repo add vmware-tanzu https://vmware-tanzu.github.io/helm-charts/ - helm pull vmware-tanzu/velero --version 7.2.1 --untar --destination ./charts/velero - -### external-secrets-operator - - helm repo add external-secrets https://charts.external-secrets.io - helm pull external-secrets/external-secrets --version 0.10.2 --untar --destination ./charts/external-secrets - diff --git a/charts/cert-manager/cert-manager/Chart.yaml b/charts/cert-manager/cert-manager/Chart.yaml deleted file mode 100644 index 1402a65..0000000 --- a/charts/cert-manager/cert-manager/Chart.yaml +++ /dev/null @@ -1,26 +0,0 @@ -annotations: - artifacthub.io/category: security - artifacthub.io/license: Apache-2.0 - artifacthub.io/prerelease: "false" - artifacthub.io/signKey: | - fingerprint: 1020CF3C033D4F35BAE1C19E1226061C665DF13E - url: https://cert-manager.io/public-keys/cert-manager-keyring-2021-09-20-1020CF3C033D4F35BAE1C19E1226061C665DF13E.gpg -apiVersion: v2 -appVersion: v1.15.1 -description: A Helm chart for cert-manager -home: https://cert-manager.io -icon: https://raw.githubusercontent.com/cert-manager/community/4d35a69437d21b76322157e6284be4cd64e6d2b7/logo/logo-small.png -keywords: -- cert-manager -- kube-lego -- letsencrypt -- tls -kubeVersion: '>= 1.22.0-0' -maintainers: -- email: cert-manager-maintainers@googlegroups.com - name: cert-manager-maintainers - url: https://cert-manager.io -name: cert-manager -sources: -- https://github.com/cert-manager/cert-manager -version: v1.15.1 diff --git a/charts/cert-manager/cert-manager/README.md b/charts/cert-manager/cert-manager/README.md deleted file mode 100644 index c5a5607..0000000 --- a/charts/cert-manager/cert-manager/README.md +++ /dev/null @@ -1,1884 +0,0 @@ -# cert-manager - -cert-manager is a Kubernetes addon to automate the management and issuance of -TLS certificates from various issuing sources. - -It will ensure certificates are valid and up to date periodically, and attempt -to renew certificates at an appropriate time before expiry. - -## Prerequisites - -- Kubernetes 1.22+ - -## Installing the Chart - -Full installation instructions, including details on how to configure extra -functionality in cert-manager can be found in the [installation docs](https://cert-manager.io/docs/installation/kubernetes/). - -Before installing the chart, you must first install the cert-manager CustomResourceDefinition resources. -This is performed in a separate step to allow you to easily uninstall and reinstall cert-manager without deleting your installed custom resources. - -```bash -$ kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.15.1/cert-manager.crds.yaml -``` - -To install the chart with the release name `cert-manager`: - -```console -## Add the Jetstack Helm repository -$ helm repo add jetstack https://charts.jetstack.io --force-update - -## Install the cert-manager helm chart -$ helm install cert-manager --namespace cert-manager --version v1.15.1 jetstack/cert-manager -``` - -In order to begin issuing certificates, you will need to set up a ClusterIssuer -or Issuer resource (for example, by creating a 'letsencrypt-staging' issuer). - -More information on the different types of issuers and how to configure them -can be found in [our documentation](https://cert-manager.io/docs/configuration/). - -For information on how to configure cert-manager to automatically provision -Certificates for Ingress resources, take a look at the -[Securing Ingresses documentation](https://cert-manager.io/docs/usage/ingress/). - -> **Tip**: List all releases using `helm list` - -## Upgrading the Chart - -Special considerations may be required when upgrading the Helm chart, and these -are documented in our full [upgrading guide](https://cert-manager.io/docs/installation/upgrading/). - -**Please check here before performing upgrades!** - -## Uninstalling the Chart - -To uninstall/delete the `cert-manager` deployment: - -```console -$ helm delete cert-manager --namespace cert-manager -``` - -The command removes all the Kubernetes components associated with the chart and deletes the release. - -If you want to completely uninstall cert-manager from your cluster, you will also need to -delete the previously installed CustomResourceDefinition resources: - -```console -$ kubectl delete -f https://github.com/cert-manager/cert-manager/releases/download/v1.15.1/cert-manager.crds.yaml -``` - -## Configuration - - -### Global - -#### **global.imagePullSecrets** ~ `array` -> Default value: -> ```yaml -> [] -> ``` - -Reference to one or more secrets to be used when pulling images. For more information, see [Pull an Image from a Private Registry](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/). - -For example: - -```yaml -imagePullSecrets: - - name: "image-pull-secret" -``` -#### **global.commonLabels** ~ `object` -> Default value: -> ```yaml -> {} -> ``` - -Labels to apply to all resources. -Please note that this does not add labels to the resources created dynamically by the controllers. For these resources, you have to add the labels in the template in the cert-manager custom resource: For example, podTemplate/ ingressTemplate in ACMEChallengeSolverHTTP01Ingress. For more information, see the [cert-manager documentation](https://cert-manager.io/docs/reference/api-docs/#acme.cert-manager.io/v1.ACMEChallengeSolverHTTP01Ingress). -For example, secretTemplate in CertificateSpec -For more information, see the [cert-manager documentation](https://cert-manager.io/docs/reference/api-docs/#cert-manager.io/v1.CertificateSpec). -#### **global.revisionHistoryLimit** ~ `number` - -The number of old ReplicaSets to retain to allow rollback (if not set, the default Kubernetes value is set to 10). - -#### **global.priorityClassName** ~ `string` -> Default value: -> ```yaml -> "" -> ``` - -The optional priority class to be used for the cert-manager pods. -#### **global.rbac.create** ~ `bool` -> Default value: -> ```yaml -> true -> ``` - -Create required ClusterRoles and ClusterRoleBindings for cert-manager. -#### **global.rbac.aggregateClusterRoles** ~ `bool` -> Default value: -> ```yaml -> true -> ``` - -Aggregate ClusterRoles to Kubernetes default user-facing roles. For more information, see [User-facing roles](https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles) -#### **global.podSecurityPolicy.enabled** ~ `bool` -> Default value: -> ```yaml -> false -> ``` - -Create PodSecurityPolicy for cert-manager. - -Note that PodSecurityPolicy was deprecated in Kubernetes 1.21 and removed in Kubernetes 1.25. -#### **global.podSecurityPolicy.useAppArmor** ~ `bool` -> Default value: -> ```yaml -> true -> ``` - -Configure the PodSecurityPolicy to use AppArmor. -#### **global.logLevel** ~ `number` -> Default value: -> ```yaml -> 2 -> ``` - -Set the verbosity of cert-manager. A range of 0 - 6, with 6 being the most verbose. -#### **global.leaderElection.namespace** ~ `string` -> Default value: -> ```yaml -> kube-system -> ``` - -Override the namespace used for the leader election lease. -#### **global.leaderElection.leaseDuration** ~ `string` - -The duration that non-leader candidates will wait after observing a leadership renewal until attempting to acquire leadership of a led but unrenewed leader slot. This is effectively the maximum duration that a leader can be stopped before it is replaced by another candidate. - -#### **global.leaderElection.renewDeadline** ~ `string` - -The interval between attempts by the acting master to renew a leadership slot before it stops leading. This must be less than or equal to the lease duration. - -#### **global.leaderElection.retryPeriod** ~ `string` - -The duration the clients should wait between attempting acquisition and renewal of a leadership. - -#### **installCRDs** ~ `bool` -> Default value: -> ```yaml -> false -> ``` - -This option is equivalent to setting crds.enabled=true and crds.keep=true. Deprecated: use crds.enabled and crds.keep instead. -#### **crds.enabled** ~ `bool` -> Default value: -> ```yaml -> false -> ``` - -This option decides if the CRDs should be installed as part of the Helm installation. -#### **crds.keep** ~ `bool` -> Default value: -> ```yaml -> true -> ``` - -This option makes it so that the "helm.sh/resource-policy": keep annotation is added to the CRD. This will prevent Helm from uninstalling the CRD when the Helm release is uninstalled. WARNING: when the CRDs are removed, all cert-manager custom resources -(Certificates, Issuers, ...) will be removed too by the garbage collector. -### Controller - -#### **replicaCount** ~ `number` -> Default value: -> ```yaml -> 1 -> ``` - -The number of replicas of the cert-manager controller to run. - -The default is 1, but in production set this to 2 or 3 to provide high availability. - -If `replicas > 1`, consider setting `podDisruptionBudget.enabled=true`. - -Note that cert-manager uses leader election to ensure that there can only be a single instance active at a time. -#### **strategy** ~ `object` -> Default value: -> ```yaml -> {} -> ``` - -Deployment update strategy for the cert-manager controller deployment. For more information, see the [Kubernetes documentation](https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy). - -For example: - -```yaml -strategy: - type: RollingUpdate - rollingUpdate: - maxSurge: 0 - maxUnavailable: 1 -``` -#### **podDisruptionBudget.enabled** ~ `bool` -> Default value: -> ```yaml -> false -> ``` - -Enable or disable the PodDisruptionBudget resource. - -This prevents downtime during voluntary disruptions such as during a Node upgrade. For example, the PodDisruptionBudget will block `kubectl drain` if it is used on the Node where the only remaining cert-manager -Pod is currently running. -#### **podDisruptionBudget.minAvailable** ~ `number` - -This configures the minimum available pods for disruptions. It can either be set to an integer (e.g. 1) or a percentage value (e.g. 25%). -It cannot be used if `maxUnavailable` is set. - -#### **podDisruptionBudget.maxUnavailable** ~ `number` - -This configures the maximum unavailable pods for disruptions. It can either be set to an integer (e.g. 1) or a percentage value (e.g. 25%). it cannot be used if `minAvailable` is set. - -#### **featureGates** ~ `string` -> Default value: -> ```yaml -> "" -> ``` - -A comma-separated list of feature gates that should be enabled on the controller pod. -#### **maxConcurrentChallenges** ~ `number` -> Default value: -> ```yaml -> 60 -> ``` - -The maximum number of challenges that can be scheduled as 'processing' at once. -#### **image.registry** ~ `string` - -The container registry to pull the manager image from. - -#### **image.repository** ~ `string` -> Default value: -> ```yaml -> quay.io/jetstack/cert-manager-controller -> ``` - -The container image for the cert-manager controller. - -#### **image.tag** ~ `string` - -Override the image tag to deploy by setting this variable. If no value is set, the chart's appVersion is used. - -#### **image.digest** ~ `string` - -Setting a digest will override any tag. - -#### **image.pullPolicy** ~ `string` -> Default value: -> ```yaml -> IfNotPresent -> ``` - -Kubernetes imagePullPolicy on Deployment. -#### **clusterResourceNamespace** ~ `string` -> Default value: -> ```yaml -> "" -> ``` - -Override the namespace used to store DNS provider credentials etc. for ClusterIssuer resources. By default, the same namespace as cert-manager is deployed within is used. This namespace will not be automatically created by the Helm chart. -#### **namespace** ~ `string` -> Default value: -> ```yaml -> "" -> ``` - -This namespace allows you to define where the services are installed into. If not set then they use the namespace of the release. This is helpful when installing cert manager as a chart dependency (sub chart). -#### **serviceAccount.create** ~ `bool` -> Default value: -> ```yaml -> true -> ``` - -Specifies whether a service account should be created. -#### **serviceAccount.name** ~ `string` - -The name of the service account to use. -If not set and create is true, a name is generated using the fullname template. - -#### **serviceAccount.annotations** ~ `object` - -Optional additional annotations to add to the controller's Service Account. - -#### **serviceAccount.labels** ~ `object` - -Optional additional labels to add to the controller's Service Account. - -#### **serviceAccount.automountServiceAccountToken** ~ `bool` -> Default value: -> ```yaml -> true -> ``` - -Automount API credentials for a Service Account. -#### **automountServiceAccountToken** ~ `bool` - -Automounting API credentials for a particular pod. - -#### **enableCertificateOwnerRef** ~ `bool` -> Default value: -> ```yaml -> false -> ``` - -When this flag is enabled, secrets will be automatically removed when the certificate resource is deleted. -#### **config** ~ `object` -> Default value: -> ```yaml -> {} -> ``` - -This property is used to configure options for the controller pod. This allows setting options that would usually be provided using flags. An APIVersion and Kind must be specified in your values.yaml file. -Flags will override options that are set here. - -For example: - -```yaml -config: - apiVersion: controller.config.cert-manager.io/v1alpha1 - kind: ControllerConfiguration - logging: - verbosity: 2 - format: text - leaderElectionConfig: - namespace: kube-system - kubernetesAPIQPS: 9000 - kubernetesAPIBurst: 9000 - numberOfConcurrentWorkers: 200 - featureGates: - AdditionalCertificateOutputFormats: true - DisallowInsecureCSRUsageDefinition: true - ExperimentalCertificateSigningRequestControllers: true - ExperimentalGatewayAPISupport: true - LiteralCertificateSubject: true - SecretsFilteredCaching: true - ServerSideApply: true - StableCertificateRequestName: true - UseCertificateRequestBasicConstraints: true - ValidateCAA: true - metricsTLSConfig: - dynamic: - secretNamespace: "cert-manager" - secretName: "cert-manager-metrics-ca" - dnsNames: - - cert-manager-metrics - - cert-manager-metrics.cert-manager - - cert-manager-metrics.cert-manager.svc -``` -#### **dns01RecursiveNameservers** ~ `string` -> Default value: -> ```yaml -> "" -> ``` - -A comma-separated string with the host and port of the recursive nameservers cert-manager should query. -#### **dns01RecursiveNameserversOnly** ~ `bool` -> Default value: -> ```yaml -> false -> ``` - -Forces cert-manager to use only the recursive nameservers for verification. Enabling this option could cause the DNS01 self check to take longer owing to caching performed by the recursive nameservers. -#### **disableAutoApproval** ~ `bool` -> Default value: -> ```yaml -> false -> ``` - -Option to disable cert-manager's build-in auto-approver. The auto-approver approves all CertificateRequests that reference issuers matching the 'approveSignerNames' option. This 'disableAutoApproval' option is useful when you want to make all approval decisions using a different approver (like approver-policy - https://github.com/cert-manager/approver-policy). -#### **approveSignerNames** ~ `array` -> Default value: -> ```yaml -> - issuers.cert-manager.io/* -> - clusterissuers.cert-manager.io/* -> ``` - -List of signer names that cert-manager will approve by default. CertificateRequests referencing these signer names will be auto-approved by cert-manager. Defaults to just approving the cert-manager.io Issuer and ClusterIssuer issuers. When set to an empty array, ALL issuers will be auto-approved by cert-manager. To disable the auto-approval, because eg. you are using approver-policy, you can enable 'disableAutoApproval'. -ref: https://cert-manager.io/docs/concepts/certificaterequest/#approval - -#### **extraArgs** ~ `array` -> Default value: -> ```yaml -> [] -> ``` - -Additional command line flags to pass to cert-manager controller binary. To see all available flags run `docker run quay.io/jetstack/cert-manager-controller: --help`. - -Use this flag to enable or disable arbitrary controllers. For example, to disable the CertificiateRequests approver. - -For example: - -```yaml -extraArgs: - - --controllers=*,-certificaterequests-approver -``` -#### **extraEnv** ~ `array` -> Default value: -> ```yaml -> [] -> ``` - -Additional environment variables to pass to cert-manager controller binary. -#### **resources** ~ `object` -> Default value: -> ```yaml -> {} -> ``` - -Resources to provide to the cert-manager controller pod. - -For example: - -```yaml -requests: - cpu: 10m - memory: 32Mi -``` - -For more information, see [Resource Management for Pods and Containers](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/). -#### **securityContext** ~ `object` -> Default value: -> ```yaml -> runAsNonRoot: true -> seccompProfile: -> type: RuntimeDefault -> ``` - -Pod Security Context. -For more information, see [Configure a Security Context for a Pod or Container](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/). - -#### **containerSecurityContext** ~ `object` -> Default value: -> ```yaml -> allowPrivilegeEscalation: false -> capabilities: -> drop: -> - ALL -> readOnlyRootFilesystem: true -> ``` - -Container Security Context to be set on the controller component container. For more information, see [Configure a Security Context for a Pod or Container](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/). - -#### **volumes** ~ `array` -> Default value: -> ```yaml -> [] -> ``` - -Additional volumes to add to the cert-manager controller pod. -#### **volumeMounts** ~ `array` -> Default value: -> ```yaml -> [] -> ``` - -Additional volume mounts to add to the cert-manager controller container. -#### **deploymentAnnotations** ~ `object` - -Optional additional annotations to add to the controller Deployment. - -#### **podAnnotations** ~ `object` - -Optional additional annotations to add to the controller Pods. - -#### **podLabels** ~ `object` -> Default value: -> ```yaml -> {} -> ``` - -Optional additional labels to add to the controller Pods. -#### **serviceAnnotations** ~ `object` - -Optional annotations to add to the controller Service. - -#### **serviceLabels** ~ `object` - -Optional additional labels to add to the controller Service. - -#### **serviceIPFamilyPolicy** ~ `string` - -Optionally set the IP family policy for the controller Service to configure dual-stack; see [Configure dual-stack](https://kubernetes.io/docs/concepts/services-networking/dual-stack/#services). - -#### **serviceIPFamilies** ~ `array` - -Optionally set the IP families for the controller Service that should be supported, in the order in which they should be applied to ClusterIP. Can be IPv4 and/or IPv6. - -#### **podDnsPolicy** ~ `string` - -Pod DNS policy. -For more information, see [Pod's DNS Policy](https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-s-dns-policy). - -#### **podDnsConfig** ~ `object` - -Pod DNS configuration. The podDnsConfig field is optional and can work with any podDnsPolicy settings. However, when a Pod's dnsPolicy is set to "None", the dnsConfig field has to be specified. For more information, see [Pod's DNS Config](https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-dns-config). - -#### **hostAliases** ~ `array` -> Default value: -> ```yaml -> [] -> ``` - -Optional hostAliases for cert-manager-controller pods. May be useful when performing ACME DNS-01 self checks. -#### **nodeSelector** ~ `object` -> Default value: -> ```yaml -> kubernetes.io/os: linux -> ``` - -The nodeSelector on Pods tells Kubernetes to schedule Pods on the nodes with matching labels. For more information, see [Assigning Pods to Nodes](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/). - -This default ensures that Pods are only scheduled to Linux nodes. It prevents Pods being scheduled to Windows nodes in a mixed OS cluster. - -#### **ingressShim.defaultIssuerName** ~ `string` - -Optional default issuer to use for ingress resources. - -#### **ingressShim.defaultIssuerKind** ~ `string` - -Optional default issuer kind to use for ingress resources. - -#### **ingressShim.defaultIssuerGroup** ~ `string` - -Optional default issuer group to use for ingress resources. - -#### **http_proxy** ~ `string` - -Configures the HTTP_PROXY environment variable where a HTTP proxy is required. - -#### **https_proxy** ~ `string` - -Configures the HTTPS_PROXY environment variable where a HTTP proxy is required. - -#### **no_proxy** ~ `string` - -Configures the NO_PROXY environment variable where a HTTP proxy is required, but certain domains should be excluded. - -#### **affinity** ~ `object` -> Default value: -> ```yaml -> {} -> ``` - -A Kubernetes Affinity, if required. For more information, see [Affinity v1 core](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#affinity-v1-core). - -For example: - -```yaml -affinity: - nodeAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - nodeSelectorTerms: - - matchExpressions: - - key: foo.bar.com/role - operator: In - values: - - master -``` -#### **tolerations** ~ `array` -> Default value: -> ```yaml -> [] -> ``` - -A list of Kubernetes Tolerations, if required. For more information, see [Toleration v1 core](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#toleration-v1-core). - -For example: - -```yaml -tolerations: -- key: foo.bar.com/role - operator: Equal - value: master - effect: NoSchedule -``` -#### **topologySpreadConstraints** ~ `array` -> Default value: -> ```yaml -> [] -> ``` - -A list of Kubernetes TopologySpreadConstraints, if required. For more information, see [Topology spread constraint v1 core](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#topologyspreadconstraint-v1-core - -For example: - -```yaml -topologySpreadConstraints: -- maxSkew: 2 - topologyKey: topology.kubernetes.io/zone - whenUnsatisfiable: ScheduleAnyway - labelSelector: - matchLabels: - app.kubernetes.io/instance: cert-manager - app.kubernetes.io/component: controller -``` -#### **livenessProbe** ~ `object` -> Default value: -> ```yaml -> enabled: true -> failureThreshold: 8 -> initialDelaySeconds: 10 -> periodSeconds: 10 -> successThreshold: 1 -> timeoutSeconds: 15 -> ``` - -LivenessProbe settings for the controller container of the controller Pod. - -This is enabled by default, in order to enable the clock-skew liveness probe that restarts the controller in case of a skew between the system clock and the monotonic clock. LivenessProbe durations and thresholds are based on those used for the Kubernetes controller-manager. For more information see the following on the -[Kubernetes GitHub repository](https://github.com/kubernetes/kubernetes/blob/806b30170c61a38fedd54cc9ede4cd6275a1ad3b/cmd/kubeadm/app/util/staticpod/utils.go#L241-L245) - -#### **enableServiceLinks** ~ `bool` -> Default value: -> ```yaml -> false -> ``` - -enableServiceLinks indicates whether information about services should be injected into the pod's environment variables, matching the syntax of Docker links. -### Prometheus - -#### **prometheus.enabled** ~ `bool` -> Default value: -> ```yaml -> true -> ``` - -Enable Prometheus monitoring for the cert-manager controller to use with the. Prometheus Operator. If this option is enabled without enabling `prometheus.servicemonitor.enabled` or -`prometheus.podmonitor.enabled`, 'prometheus.io' annotations are added to the cert-manager Deployment -resources. Additionally, a service is created which can be used together with your own ServiceMonitor (managed outside of this Helm chart). Otherwise, a ServiceMonitor/ PodMonitor is created. -#### **prometheus.servicemonitor.enabled** ~ `bool` -> Default value: -> ```yaml -> false -> ``` - -Create a ServiceMonitor to add cert-manager to Prometheus. -#### **prometheus.servicemonitor.prometheusInstance** ~ `string` -> Default value: -> ```yaml -> default -> ``` - -Specifies the `prometheus` label on the created ServiceMonitor. This is used when different Prometheus instances have label selectors matching different ServiceMonitors. -#### **prometheus.servicemonitor.targetPort** ~ `number` -> Default value: -> ```yaml -> 9402 -> ``` - -The target port to set on the ServiceMonitor. This must match the port that the cert-manager controller is listening on for metrics. -#### **prometheus.servicemonitor.path** ~ `string` -> Default value: -> ```yaml -> /metrics -> ``` - -The path to scrape for metrics. -#### **prometheus.servicemonitor.interval** ~ `string` -> Default value: -> ```yaml -> 60s -> ``` - -The interval to scrape metrics. -#### **prometheus.servicemonitor.scrapeTimeout** ~ `string` -> Default value: -> ```yaml -> 30s -> ``` - -The timeout before a metrics scrape fails. -#### **prometheus.servicemonitor.labels** ~ `object` -> Default value: -> ```yaml -> {} -> ``` - -Additional labels to add to the ServiceMonitor. -#### **prometheus.servicemonitor.annotations** ~ `object` -> Default value: -> ```yaml -> {} -> ``` - -Additional annotations to add to the ServiceMonitor. -#### **prometheus.servicemonitor.honorLabels** ~ `bool` -> Default value: -> ```yaml -> false -> ``` - -Keep labels from scraped data, overriding server-side labels. -#### **prometheus.servicemonitor.endpointAdditionalProperties** ~ `object` -> Default value: -> ```yaml -> {} -> ``` - -EndpointAdditionalProperties allows setting additional properties on the endpoint such as relabelings, metricRelabelings etc. - -For example: - -```yaml -endpointAdditionalProperties: - relabelings: - - action: replace - sourceLabels: - - __meta_kubernetes_pod_node_name - targetLabel: instance -``` - - - -#### **prometheus.podmonitor.enabled** ~ `bool` -> Default value: -> ```yaml -> false -> ``` - -Create a PodMonitor to add cert-manager to Prometheus. -#### **prometheus.podmonitor.prometheusInstance** ~ `string` -> Default value: -> ```yaml -> default -> ``` - -Specifies the `prometheus` label on the created PodMonitor. This is used when different Prometheus instances have label selectors matching different PodMonitors. -#### **prometheus.podmonitor.path** ~ `string` -> Default value: -> ```yaml -> /metrics -> ``` - -The path to scrape for metrics. -#### **prometheus.podmonitor.interval** ~ `string` -> Default value: -> ```yaml -> 60s -> ``` - -The interval to scrape metrics. -#### **prometheus.podmonitor.scrapeTimeout** ~ `string` -> Default value: -> ```yaml -> 30s -> ``` - -The timeout before a metrics scrape fails. -#### **prometheus.podmonitor.labels** ~ `object` -> Default value: -> ```yaml -> {} -> ``` - -Additional labels to add to the PodMonitor. -#### **prometheus.podmonitor.annotations** ~ `object` -> Default value: -> ```yaml -> {} -> ``` - -Additional annotations to add to the PodMonitor. -#### **prometheus.podmonitor.honorLabels** ~ `bool` -> Default value: -> ```yaml -> false -> ``` - -Keep labels from scraped data, overriding server-side labels. -#### **prometheus.podmonitor.endpointAdditionalProperties** ~ `object` -> Default value: -> ```yaml -> {} -> ``` - -EndpointAdditionalProperties allows setting additional properties on the endpoint such as relabelings, metricRelabelings etc. - -For example: - -```yaml -endpointAdditionalProperties: - relabelings: - - action: replace - sourceLabels: - - __meta_kubernetes_pod_node_name - targetLabel: instance -``` - - - -### Webhook - -#### **webhook.replicaCount** ~ `number` -> Default value: -> ```yaml -> 1 -> ``` - -Number of replicas of the cert-manager webhook to run. - -The default is 1, but in production set this to 2 or 3 to provide high availability. - -If `replicas > 1`, consider setting `webhook.podDisruptionBudget.enabled=true`. -#### **webhook.timeoutSeconds** ~ `number` -> Default value: -> ```yaml -> 30 -> ``` - -The number of seconds the API server should wait for the webhook to respond before treating the call as a failure. The value must be between 1 and 30 seconds. For more information, see -[Validating webhook configuration v1](https://kubernetes.io/docs/reference/kubernetes-api/extend-resources/validating-webhook-configuration-v1/). - -The default is set to the maximum value of 30 seconds as users sometimes report that the connection between the K8S API server and the cert-manager webhook server times out. If *this* timeout is reached, the error message will be "context deadline exceeded", which doesn't help the user diagnose what phase of the HTTPS connection timed out. For example, it could be during DNS resolution, TCP connection, TLS negotiation, HTTP negotiation, or slow HTTP response from the webhook server. By setting this timeout to its maximum value the underlying timeout error message has more chance of being returned to the end user. -#### **webhook.config** ~ `object` -> Default value: -> ```yaml -> {} -> ``` - -This is used to configure options for the webhook pod. This allows setting options that would usually be provided using flags. An APIVersion and Kind must be specified in your values.yaml file. -Flags override options that are set here. - -For example: - -```yaml -apiVersion: webhook.config.cert-manager.io/v1alpha1 -kind: WebhookConfiguration -# The port that the webhook listens on for requests. -# In GKE private clusters, by default Kubernetes apiservers are allowed to -# talk to the cluster nodes only on 443 and 10250. Configuring -# securePort: 10250 therefore will work out-of-the-box without needing to add firewall -# rules or requiring NET_BIND_SERVICE capabilities to bind port numbers < 1000. -# This should be uncommented and set as a default by the chart once -# the apiVersion of WebhookConfiguration graduates beyond v1alpha1. -securePort: 10250 -``` -#### **webhook.strategy** ~ `object` -> Default value: -> ```yaml -> {} -> ``` - -The update strategy for the cert-manager webhook deployment. For more information, see the [Kubernetes documentation](https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy) - -For example: - -```yaml -strategy: - type: RollingUpdate - rollingUpdate: - maxSurge: 0 - maxUnavailable: 1 -``` -#### **webhook.securityContext** ~ `object` -> Default value: -> ```yaml -> runAsNonRoot: true -> seccompProfile: -> type: RuntimeDefault -> ``` - -Pod Security Context to be set on the webhook component Pod. For more information, see [Configure a Security Context for a Pod or Container](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/). - -#### **webhook.containerSecurityContext** ~ `object` -> Default value: -> ```yaml -> allowPrivilegeEscalation: false -> capabilities: -> drop: -> - ALL -> readOnlyRootFilesystem: true -> ``` - -Container Security Context to be set on the webhook component container. For more information, see [Configure a Security Context for a Pod or Container](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/). - -#### **webhook.podDisruptionBudget.enabled** ~ `bool` -> Default value: -> ```yaml -> false -> ``` - -Enable or disable the PodDisruptionBudget resource. - -This prevents downtime during voluntary disruptions such as during a Node upgrade. For example, the PodDisruptionBudget will block `kubectl drain` if it is used on the Node where the only remaining cert-manager -Pod is currently running. -#### **webhook.podDisruptionBudget.minAvailable** ~ `number` - -This property configures the minimum available pods for disruptions. Can either be set to an integer (e.g. 1) or a percentage value (e.g. 25%). -It cannot be used if `maxUnavailable` is set. - -#### **webhook.podDisruptionBudget.maxUnavailable** ~ `number` - -This property configures the maximum unavailable pods for disruptions. Can either be set to an integer (e.g. 1) or a percentage value (e.g. 25%). -It cannot be used if `minAvailable` is set. - -#### **webhook.deploymentAnnotations** ~ `object` - -Optional additional annotations to add to the webhook Deployment. - -#### **webhook.podAnnotations** ~ `object` - -Optional additional annotations to add to the webhook Pods. - -#### **webhook.serviceAnnotations** ~ `object` - -Optional additional annotations to add to the webhook Service. - -#### **webhook.mutatingWebhookConfigurationAnnotations** ~ `object` - -Optional additional annotations to add to the webhook MutatingWebhookConfiguration. - -#### **webhook.validatingWebhookConfigurationAnnotations** ~ `object` - -Optional additional annotations to add to the webhook ValidatingWebhookConfiguration. - -#### **webhook.validatingWebhookConfiguration.namespaceSelector** ~ `object` -> Default value: -> ```yaml -> matchExpressions: -> - key: cert-manager.io/disable-validation -> operator: NotIn -> values: -> - "true" -> ``` - -Configure spec.namespaceSelector for validating webhooks. - -#### **webhook.mutatingWebhookConfiguration.namespaceSelector** ~ `object` -> Default value: -> ```yaml -> {} -> ``` - -Configure spec.namespaceSelector for mutating webhooks. - -#### **webhook.extraArgs** ~ `array` -> Default value: -> ```yaml -> [] -> ``` - -Additional command line flags to pass to cert-manager webhook binary. To see all available flags run `docker run quay.io/jetstack/cert-manager-webhook: --help`. -#### **webhook.featureGates** ~ `string` -> Default value: -> ```yaml -> "" -> ``` - -Comma separated list of feature gates that should be enabled on the webhook pod. -#### **webhook.resources** ~ `object` -> Default value: -> ```yaml -> {} -> ``` - -Resources to provide to the cert-manager webhook pod. - -For example: - -```yaml -requests: - cpu: 10m - memory: 32Mi -``` - -For more information, see [Resource Management for Pods and Containers](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/). -#### **webhook.livenessProbe** ~ `object` -> Default value: -> ```yaml -> failureThreshold: 3 -> initialDelaySeconds: 60 -> periodSeconds: 10 -> successThreshold: 1 -> timeoutSeconds: 1 -> ``` - -Liveness probe values. -For more information, see [Container probes](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes). - -#### **webhook.readinessProbe** ~ `object` -> Default value: -> ```yaml -> failureThreshold: 3 -> initialDelaySeconds: 5 -> periodSeconds: 5 -> successThreshold: 1 -> timeoutSeconds: 1 -> ``` - -Readiness probe values. -For more information, see [Container probes](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes). - -#### **webhook.nodeSelector** ~ `object` -> Default value: -> ```yaml -> kubernetes.io/os: linux -> ``` - -The nodeSelector on Pods tells Kubernetes to schedule Pods on the nodes with matching labels. For more information, see [Assigning Pods to Nodes](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/). - -This default ensures that Pods are only scheduled to Linux nodes. It prevents Pods being scheduled to Windows nodes in a mixed OS cluster. - -#### **webhook.affinity** ~ `object` -> Default value: -> ```yaml -> {} -> ``` - -A Kubernetes Affinity, if required. For more information, see [Affinity v1 core](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#affinity-v1-core). - -For example: - -```yaml -affinity: - nodeAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - nodeSelectorTerms: - - matchExpressions: - - key: foo.bar.com/role - operator: In - values: - - master -``` -#### **webhook.tolerations** ~ `array` -> Default value: -> ```yaml -> [] -> ``` - -A list of Kubernetes Tolerations, if required. For more information, see [Toleration v1 core](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#toleration-v1-core). - -For example: - -```yaml -tolerations: -- key: foo.bar.com/role - operator: Equal - value: master - effect: NoSchedule -``` -#### **webhook.topologySpreadConstraints** ~ `array` -> Default value: -> ```yaml -> [] -> ``` - -A list of Kubernetes TopologySpreadConstraints, if required. For more information, see [Topology spread constraint v1 core](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#topologyspreadconstraint-v1-core). - -For example: - -```yaml -topologySpreadConstraints: -- maxSkew: 2 - topologyKey: topology.kubernetes.io/zone - whenUnsatisfiable: ScheduleAnyway - labelSelector: - matchLabels: - app.kubernetes.io/instance: cert-manager - app.kubernetes.io/component: controller -``` -#### **webhook.podLabels** ~ `object` -> Default value: -> ```yaml -> {} -> ``` - -Optional additional labels to add to the Webhook Pods. -#### **webhook.serviceLabels** ~ `object` -> Default value: -> ```yaml -> {} -> ``` - -Optional additional labels to add to the Webhook Service. -#### **webhook.serviceIPFamilyPolicy** ~ `string` -> Default value: -> ```yaml -> "" -> ``` - -Optionally set the IP family policy for the controller Service to configure dual-stack; see [Configure dual-stack](https://kubernetes.io/docs/concepts/services-networking/dual-stack/#services). -#### **webhook.serviceIPFamilies** ~ `array` -> Default value: -> ```yaml -> [] -> ``` - -Optionally set the IP families for the controller Service that should be supported, in the order in which they should be applied to ClusterIP. Can be IPv4 and/or IPv6. -#### **webhook.image.registry** ~ `string` - -The container registry to pull the webhook image from. - -#### **webhook.image.repository** ~ `string` -> Default value: -> ```yaml -> quay.io/jetstack/cert-manager-webhook -> ``` - -The container image for the cert-manager webhook - -#### **webhook.image.tag** ~ `string` - -Override the image tag to deploy by setting this variable. If no value is set, the chart's appVersion will be used. - -#### **webhook.image.digest** ~ `string` - -Setting a digest will override any tag - -#### **webhook.image.pullPolicy** ~ `string` -> Default value: -> ```yaml -> IfNotPresent -> ``` - -Kubernetes imagePullPolicy on Deployment. -#### **webhook.serviceAccount.create** ~ `bool` -> Default value: -> ```yaml -> true -> ``` - -Specifies whether a service account should be created. -#### **webhook.serviceAccount.name** ~ `string` - -The name of the service account to use. -If not set and create is true, a name is generated using the fullname template. - -#### **webhook.serviceAccount.annotations** ~ `object` - -Optional additional annotations to add to the controller's Service Account. - -#### **webhook.serviceAccount.labels** ~ `object` - -Optional additional labels to add to the webhook's Service Account. - -#### **webhook.serviceAccount.automountServiceAccountToken** ~ `bool` -> Default value: -> ```yaml -> true -> ``` - -Automount API credentials for a Service Account. -#### **webhook.automountServiceAccountToken** ~ `bool` - -Automounting API credentials for a particular pod. - -#### **webhook.securePort** ~ `number` -> Default value: -> ```yaml -> 10250 -> ``` - -The port that the webhook listens on for requests. In GKE private clusters, by default Kubernetes apiservers are allowed to talk to the cluster nodes only on 443 and 10250. Configuring securePort: 10250, therefore will work out-of-the-box without needing to add firewall rules or requiring NET_BIND_SERVICE capabilities to bind port numbers <1000. -#### **webhook.hostNetwork** ~ `bool` -> Default value: -> ```yaml -> false -> ``` - -Specifies if the webhook should be started in hostNetwork mode. - -Required for use in some managed kubernetes clusters (such as AWS EKS) with custom. CNI (such as calico), because control-plane managed by AWS cannot communicate with pods' IP CIDR and admission webhooks are not working - -Since the default port for the webhook conflicts with kubelet on the host network, `webhook.securePort` should be changed to an available port if running in hostNetwork mode. -#### **webhook.serviceType** ~ `string` -> Default value: -> ```yaml -> ClusterIP -> ``` - -Specifies how the service should be handled. Useful if you want to expose the webhook outside of the cluster. In some cases, the control plane cannot reach internal services. -#### **webhook.loadBalancerIP** ~ `string` - -Specify the load balancer IP for the created service. - -#### **webhook.url** ~ `object` -> Default value: -> ```yaml -> {} -> ``` - -Overrides the mutating webhook and validating webhook so they reach the webhook service using the `url` field instead of a service. -#### **webhook.networkPolicy.enabled** ~ `bool` -> Default value: -> ```yaml -> false -> ``` - -Create network policies for the webhooks. -#### **webhook.networkPolicy.ingress** ~ `array` -> Default value: -> ```yaml -> - from: -> - ipBlock: -> cidr: 0.0.0.0/0 -> ``` - -Ingress rule for the webhook network policy. By default, it allows all inbound traffic. - -#### **webhook.networkPolicy.egress** ~ `array` -> Default value: -> ```yaml -> - ports: -> - port: 80 -> protocol: TCP -> - port: 443 -> protocol: TCP -> - port: 53 -> protocol: TCP -> - port: 53 -> protocol: UDP -> - port: 6443 -> protocol: TCP -> to: -> - ipBlock: -> cidr: 0.0.0.0/0 -> ``` - -Egress rule for the webhook network policy. By default, it allows all outbound traffic to ports 80 and 443, as well as DNS ports. - -#### **webhook.volumes** ~ `array` -> Default value: -> ```yaml -> [] -> ``` - -Additional volumes to add to the cert-manager controller pod. -#### **webhook.volumeMounts** ~ `array` -> Default value: -> ```yaml -> [] -> ``` - -Additional volume mounts to add to the cert-manager controller container. -#### **webhook.enableServiceLinks** ~ `bool` -> Default value: -> ```yaml -> false -> ``` - -enableServiceLinks indicates whether information about services should be injected into the pod's environment variables, matching the syntax of Docker links. -### CA Injector - -#### **cainjector.enabled** ~ `bool` -> Default value: -> ```yaml -> true -> ``` - -Create the CA Injector deployment -#### **cainjector.replicaCount** ~ `number` -> Default value: -> ```yaml -> 1 -> ``` - -The number of replicas of the cert-manager cainjector to run. - -The default is 1, but in production set this to 2 or 3 to provide high availability. - -If `replicas > 1`, consider setting `cainjector.podDisruptionBudget.enabled=true`. - -Note that cert-manager uses leader election to ensure that there can only be a single instance active at a time. -#### **cainjector.config** ~ `object` -> Default value: -> ```yaml -> {} -> ``` - -This is used to configure options for the cainjector pod. It allows setting options that are usually provided via flags. An APIVersion and Kind must be specified in your values.yaml file. -Flags override options that are set here. - -For example: - -```yaml -apiVersion: cainjector.config.cert-manager.io/v1alpha1 -kind: CAInjectorConfiguration -logging: - verbosity: 2 - format: text -leaderElectionConfig: - namespace: kube-system -``` -#### **cainjector.strategy** ~ `object` -> Default value: -> ```yaml -> {} -> ``` - -Deployment update strategy for the cert-manager cainjector deployment. For more information, see the [Kubernetes documentation](https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy). - -For example: - -```yaml -strategy: - type: RollingUpdate - rollingUpdate: - maxSurge: 0 - maxUnavailable: 1 -``` -#### **cainjector.securityContext** ~ `object` -> Default value: -> ```yaml -> runAsNonRoot: true -> seccompProfile: -> type: RuntimeDefault -> ``` - -Pod Security Context to be set on the cainjector component Pod. For more information, see [Configure a Security Context for a Pod or Container](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/). - -#### **cainjector.containerSecurityContext** ~ `object` -> Default value: -> ```yaml -> allowPrivilegeEscalation: false -> capabilities: -> drop: -> - ALL -> readOnlyRootFilesystem: true -> ``` - -Container Security Context to be set on the cainjector component container. For more information, see [Configure a Security Context for a Pod or Container](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/). - -#### **cainjector.podDisruptionBudget.enabled** ~ `bool` -> Default value: -> ```yaml -> false -> ``` - -Enable or disable the PodDisruptionBudget resource. - -This prevents downtime during voluntary disruptions such as during a Node upgrade. For example, the PodDisruptionBudget will block `kubectl drain` if it is used on the Node where the only remaining cert-manager -Pod is currently running. -#### **cainjector.podDisruptionBudget.minAvailable** ~ `number` - -`minAvailable` configures the minimum available pods for disruptions. It can either be set to -an integer (e.g. 1) or a percentage value (e.g. 25%). -Cannot be used if `maxUnavailable` is set. - -#### **cainjector.podDisruptionBudget.maxUnavailable** ~ `number` - -`maxUnavailable` configures the maximum unavailable pods for disruptions. It can either be set to -an integer (e.g. 1) or a percentage value (e.g. 25%). -Cannot be used if `minAvailable` is set. - -#### **cainjector.deploymentAnnotations** ~ `object` - -Optional additional annotations to add to the cainjector Deployment. - -#### **cainjector.podAnnotations** ~ `object` - -Optional additional annotations to add to the cainjector Pods. - -#### **cainjector.extraArgs** ~ `array` -> Default value: -> ```yaml -> [] -> ``` - -Additional command line flags to pass to cert-manager cainjector binary. To see all available flags run `docker run quay.io/jetstack/cert-manager-cainjector: --help`. -#### **cainjector.featureGates** ~ `string` -> Default value: -> ```yaml -> "" -> ``` - -Comma separated list of feature gates that should be enabled on the cainjector pod. -#### **cainjector.resources** ~ `object` -> Default value: -> ```yaml -> {} -> ``` - -Resources to provide to the cert-manager cainjector pod. - -For example: - -```yaml -requests: - cpu: 10m - memory: 32Mi -``` - -For more information, see [Resource Management for Pods and Containers](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/). -#### **cainjector.nodeSelector** ~ `object` -> Default value: -> ```yaml -> kubernetes.io/os: linux -> ``` - -The nodeSelector on Pods tells Kubernetes to schedule Pods on the nodes with matching labels. For more information, see [Assigning Pods to Nodes](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/). - -This default ensures that Pods are only scheduled to Linux nodes. It prevents Pods being scheduled to Windows nodes in a mixed OS cluster. - -#### **cainjector.affinity** ~ `object` -> Default value: -> ```yaml -> {} -> ``` - -A Kubernetes Affinity, if required. For more information, see [Affinity v1 core](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#affinity-v1-core). - -For example: - -```yaml -affinity: - nodeAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - nodeSelectorTerms: - - matchExpressions: - - key: foo.bar.com/role - operator: In - values: - - master -``` -#### **cainjector.tolerations** ~ `array` -> Default value: -> ```yaml -> [] -> ``` - -A list of Kubernetes Tolerations, if required. For more information, see [Toleration v1 core](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#toleration-v1-core). - -For example: - -```yaml -tolerations: -- key: foo.bar.com/role - operator: Equal - value: master - effect: NoSchedule -``` -#### **cainjector.topologySpreadConstraints** ~ `array` -> Default value: -> ```yaml -> [] -> ``` - -A list of Kubernetes TopologySpreadConstraints, if required. For more information, see [Topology spread constraint v1 core](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#topologyspreadconstraint-v1-core). - -For example: - -```yaml -topologySpreadConstraints: -- maxSkew: 2 - topologyKey: topology.kubernetes.io/zone - whenUnsatisfiable: ScheduleAnyway - labelSelector: - matchLabels: - app.kubernetes.io/instance: cert-manager - app.kubernetes.io/component: controller -``` -#### **cainjector.podLabels** ~ `object` -> Default value: -> ```yaml -> {} -> ``` - -Optional additional labels to add to the CA Injector Pods. -#### **cainjector.image.registry** ~ `string` - -The container registry to pull the cainjector image from. - -#### **cainjector.image.repository** ~ `string` -> Default value: -> ```yaml -> quay.io/jetstack/cert-manager-cainjector -> ``` - -The container image for the cert-manager cainjector - -#### **cainjector.image.tag** ~ `string` - -Override the image tag to deploy by setting this variable. If no value is set, the chart's appVersion will be used. - -#### **cainjector.image.digest** ~ `string` - -Setting a digest will override any tag. - -#### **cainjector.image.pullPolicy** ~ `string` -> Default value: -> ```yaml -> IfNotPresent -> ``` - -Kubernetes imagePullPolicy on Deployment. -#### **cainjector.serviceAccount.create** ~ `bool` -> Default value: -> ```yaml -> true -> ``` - -Specifies whether a service account should be created. -#### **cainjector.serviceAccount.name** ~ `string` - -The name of the service account to use. -If not set and create is true, a name is generated using the fullname template - -#### **cainjector.serviceAccount.annotations** ~ `object` - -Optional additional annotations to add to the controller's Service Account. - -#### **cainjector.serviceAccount.labels** ~ `object` - -Optional additional labels to add to the cainjector's Service Account. - -#### **cainjector.serviceAccount.automountServiceAccountToken** ~ `bool` -> Default value: -> ```yaml -> true -> ``` - -Automount API credentials for a Service Account. -#### **cainjector.automountServiceAccountToken** ~ `bool` - -Automounting API credentials for a particular pod. - -#### **cainjector.volumes** ~ `array` -> Default value: -> ```yaml -> [] -> ``` - -Additional volumes to add to the cert-manager controller pod. -#### **cainjector.volumeMounts** ~ `array` -> Default value: -> ```yaml -> [] -> ``` - -Additional volume mounts to add to the cert-manager controller container. -#### **cainjector.enableServiceLinks** ~ `bool` -> Default value: -> ```yaml -> false -> ``` - -enableServiceLinks indicates whether information about services should be injected into the pod's environment variables, matching the syntax of Docker links. -### ACME Solver - -#### **acmesolver.image.registry** ~ `string` - -The container registry to pull the acmesolver image from. - -#### **acmesolver.image.repository** ~ `string` -> Default value: -> ```yaml -> quay.io/jetstack/cert-manager-acmesolver -> ``` - -The container image for the cert-manager acmesolver. - -#### **acmesolver.image.tag** ~ `string` - -Override the image tag to deploy by setting this variable. If no value is set, the chart's appVersion is used. - -#### **acmesolver.image.digest** ~ `string` - -Setting a digest will override any tag. - -#### **acmesolver.image.pullPolicy** ~ `string` -> Default value: -> ```yaml -> IfNotPresent -> ``` - -Kubernetes imagePullPolicy on Deployment. -### Startup API Check - - -This startupapicheck is a Helm post-install hook that waits for the webhook endpoints to become available. The check is implemented using a Kubernetes Job - if you are injecting mesh sidecar proxies into cert-manager pods, ensure that they are not injected into this Job's pod. Otherwise, the installation may time out owing to the Job never being completed because the sidecar proxy does not exit. For more information, see [this note](https://github.com/cert-manager/cert-manager/pull/4414). -#### **startupapicheck.enabled** ~ `bool` -> Default value: -> ```yaml -> true -> ``` - -Enables the startup api check. -#### **startupapicheck.securityContext** ~ `object` -> Default value: -> ```yaml -> runAsNonRoot: true -> seccompProfile: -> type: RuntimeDefault -> ``` - -Pod Security Context to be set on the startupapicheck component Pod. For more information, see [Configure a Security Context for a Pod or Container](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/). - -#### **startupapicheck.containerSecurityContext** ~ `object` -> Default value: -> ```yaml -> allowPrivilegeEscalation: false -> capabilities: -> drop: -> - ALL -> readOnlyRootFilesystem: true -> ``` - -Container Security Context to be set on the controller component container. For more information, see [Configure a Security Context for a Pod or Container](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/). - -#### **startupapicheck.timeout** ~ `string` -> Default value: -> ```yaml -> 1m -> ``` - -Timeout for 'kubectl check api' command. -#### **startupapicheck.backoffLimit** ~ `number` -> Default value: -> ```yaml -> 4 -> ``` - -Job backoffLimit -#### **startupapicheck.jobAnnotations** ~ `object` -> Default value: -> ```yaml -> helm.sh/hook: post-install -> helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded -> helm.sh/hook-weight: "1" -> ``` - -Optional additional annotations to add to the startupapicheck Job. - -#### **startupapicheck.podAnnotations** ~ `object` - -Optional additional annotations to add to the startupapicheck Pods. - -#### **startupapicheck.extraArgs** ~ `array` -> Default value: -> ```yaml -> - -v -> ``` - -Additional command line flags to pass to startupapicheck binary. To see all available flags run `docker run quay.io/jetstack/cert-manager-startupapicheck: --help`. - -Verbose logging is enabled by default so that if startupapicheck fails, you can know what exactly caused the failure. Verbose logs include details of the webhook URL, IP address and TCP connect errors for example. - -#### **startupapicheck.resources** ~ `object` -> Default value: -> ```yaml -> {} -> ``` - -Resources to provide to the cert-manager controller pod. - -For example: - -```yaml -requests: - cpu: 10m - memory: 32Mi -``` - -For more information, see [Resource Management for Pods and Containers](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/). -#### **startupapicheck.nodeSelector** ~ `object` -> Default value: -> ```yaml -> kubernetes.io/os: linux -> ``` - -The nodeSelector on Pods tells Kubernetes to schedule Pods on the nodes with matching labels. For more information, see [Assigning Pods to Nodes](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/). - -This default ensures that Pods are only scheduled to Linux nodes. It prevents Pods being scheduled to Windows nodes in a mixed OS cluster. - -#### **startupapicheck.affinity** ~ `object` -> Default value: -> ```yaml -> {} -> ``` - -A Kubernetes Affinity, if required. For more information, see [Affinity v1 core](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#affinity-v1-core). -For example: - -```yaml -affinity: - nodeAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - nodeSelectorTerms: - - matchExpressions: - - key: foo.bar.com/role - operator: In - values: - - master -``` -#### **startupapicheck.tolerations** ~ `array` -> Default value: -> ```yaml -> [] -> ``` - -A list of Kubernetes Tolerations, if required. For more information, see [Toleration v1 core](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#toleration-v1-core). - -For example: - -```yaml -tolerations: -- key: foo.bar.com/role - operator: Equal - value: master - effect: NoSchedule -``` -#### **startupapicheck.podLabels** ~ `object` -> Default value: -> ```yaml -> {} -> ``` - -Optional additional labels to add to the startupapicheck Pods. -#### **startupapicheck.image.registry** ~ `string` - -The container registry to pull the startupapicheck image from. - -#### **startupapicheck.image.repository** ~ `string` -> Default value: -> ```yaml -> quay.io/jetstack/cert-manager-startupapicheck -> ``` - -The container image for the cert-manager startupapicheck. - -#### **startupapicheck.image.tag** ~ `string` - -Override the image tag to deploy by setting this variable. If no value is set, the chart's appVersion is used. - -#### **startupapicheck.image.digest** ~ `string` - -Setting a digest will override any tag. - -#### **startupapicheck.image.pullPolicy** ~ `string` -> Default value: -> ```yaml -> IfNotPresent -> ``` - -Kubernetes imagePullPolicy on Deployment. -#### **startupapicheck.rbac.annotations** ~ `object` -> Default value: -> ```yaml -> helm.sh/hook: post-install -> helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded -> helm.sh/hook-weight: "-5" -> ``` - -annotations for the startup API Check job RBAC and PSP resources. - -#### **startupapicheck.automountServiceAccountToken** ~ `bool` - -Automounting API credentials for a particular pod. - -#### **startupapicheck.serviceAccount.create** ~ `bool` -> Default value: -> ```yaml -> true -> ``` - -Specifies whether a service account should be created. -#### **startupapicheck.serviceAccount.name** ~ `string` - -The name of the service account to use. -If not set and create is true, a name is generated using the fullname template. - -#### **startupapicheck.serviceAccount.annotations** ~ `object` -> Default value: -> ```yaml -> helm.sh/hook: post-install -> helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded -> helm.sh/hook-weight: "-5" -> ``` - -Optional additional annotations to add to the Job's Service Account. - -#### **startupapicheck.serviceAccount.automountServiceAccountToken** ~ `bool` -> Default value: -> ```yaml -> true -> ``` - -Automount API credentials for a Service Account. - -#### **startupapicheck.serviceAccount.labels** ~ `object` - -Optional additional labels to add to the startupapicheck's Service Account. - -#### **startupapicheck.volumes** ~ `array` -> Default value: -> ```yaml -> [] -> ``` - -Additional volumes to add to the cert-manager controller pod. -#### **startupapicheck.volumeMounts** ~ `array` -> Default value: -> ```yaml -> [] -> ``` - -Additional volume mounts to add to the cert-manager controller container. -#### **startupapicheck.enableServiceLinks** ~ `bool` -> Default value: -> ```yaml -> false -> ``` - -enableServiceLinks indicates whether information about services should be injected into pod's environment variables, matching the syntax of Docker links. -#### **extraObjects** ~ `array` -> Default value: -> ```yaml -> [] -> ``` - -Create dynamic manifests via values. - -For example: - -```yaml -extraObjects: - - | - apiVersion: v1 - kind: ConfigMap - metadata: - name: '{{ template "cert-manager.name" . }}-extra-configmap' -``` - - -### Default Security Contexts - -The default pod-level and container-level security contexts, below, adhere to the [restricted](https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted) Pod Security Standards policies. - -Default pod-level securityContext: -```yaml -runAsNonRoot: true -seccompProfile: - type: RuntimeDefault -``` - -Default containerSecurityContext: -```yaml -allowPrivilegeEscalation: false -capabilities: - drop: - - ALL -``` - -### Assigning Values - -Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. - -Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example, - -```console -$ helm install my-release -f values.yaml . -``` -> **Tip**: You can use the default [values.yaml](https://github.com/cert-manager/cert-manager/blob/master/deploy/charts/cert-manager/values.yaml) - -## Contributing - -This chart is maintained at [github.com/cert-manager/cert-manager](https://github.com/cert-manager/cert-manager/tree/master/deploy/charts/cert-manager). diff --git a/charts/cert-manager/cert-manager/templates/NOTES.txt b/charts/cert-manager/cert-manager/templates/NOTES.txt deleted file mode 100644 index 341d101..0000000 --- a/charts/cert-manager/cert-manager/templates/NOTES.txt +++ /dev/null @@ -1,18 +0,0 @@ -{{- if .Values.installCRDs }} -⚠️ WARNING: `installCRDs` is deprecated, use `crds.enabled` instead. -{{- end }} -cert-manager {{ .Chart.AppVersion }} has been deployed successfully! - -In order to begin issuing certificates, you will need to set up a ClusterIssuer -or Issuer resource (for example, by creating a 'letsencrypt-staging' issuer). - -More information on the different types of issuers and how to configure them -can be found in our documentation: - -https://cert-manager.io/docs/configuration/ - -For information on how to configure cert-manager to automatically provision -Certificates for Ingress resources, take a look at the `ingress-shim` -documentation: - -https://cert-manager.io/docs/usage/ingress/ diff --git a/charts/cert-manager/cert-manager/templates/_helpers.tpl b/charts/cert-manager/cert-manager/templates/_helpers.tpl deleted file mode 100644 index 9902c08..0000000 --- a/charts/cert-manager/cert-manager/templates/_helpers.tpl +++ /dev/null @@ -1,202 +0,0 @@ -{{/* vim: set filetype=mustache: */}} -{{/* -Expand the name of the chart. -*/}} -{{- define "cert-manager.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -*/}} -{{- define "cert-manager.fullname" -}} -{{- if .Values.fullnameOverride -}} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- $name := default .Chart.Name .Values.nameOverride -}} -{{- if contains $name .Release.Name -}} -{{- .Release.Name | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} -{{- end -}} -{{- end -}} -{{- end -}} - -{{/* -Create the name of the service account to use -*/}} -{{- define "cert-manager.serviceAccountName" -}} -{{- if .Values.serviceAccount.create -}} - {{ default (include "cert-manager.fullname" .) .Values.serviceAccount.name }} -{{- else -}} - {{ default "default" .Values.serviceAccount.name }} -{{- end -}} -{{- end -}} - -{{/* -Webhook templates -*/}} - -{{/* -Expand the name of the chart. -Manually fix the 'app' and 'name' labels to 'webhook' to maintain -compatibility with the v0.9 deployment selector. -*/}} -{{- define "webhook.name" -}} -{{- printf "webhook" -}} -{{- end -}} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "webhook.fullname" -}} -{{- $trimmedName := printf "%s" (include "cert-manager.fullname" .) | trunc 55 | trimSuffix "-" -}} -{{- printf "%s-webhook" $trimmedName | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{- define "webhook.caRef" -}} -{{- template "cert-manager.namespace" }}/{{ template "webhook.fullname" . }}-ca -{{- end -}} - -{{/* -Create the name of the service account to use -*/}} -{{- define "webhook.serviceAccountName" -}} -{{- if .Values.webhook.serviceAccount.create -}} - {{ default (include "webhook.fullname" .) .Values.webhook.serviceAccount.name }} -{{- else -}} - {{ default "default" .Values.webhook.serviceAccount.name }} -{{- end -}} -{{- end -}} - -{{/* -cainjector templates -*/}} - -{{/* -Expand the name of the chart. -Manually fix the 'app' and 'name' labels to 'cainjector' to maintain -compatibility with the v0.9 deployment selector. -*/}} -{{- define "cainjector.name" -}} -{{- printf "cainjector" -}} -{{- end -}} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "cainjector.fullname" -}} -{{- $trimmedName := printf "%s" (include "cert-manager.fullname" .) | trunc 52 | trimSuffix "-" -}} -{{- printf "%s-cainjector" $trimmedName | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create the name of the service account to use -*/}} -{{- define "cainjector.serviceAccountName" -}} -{{- if .Values.cainjector.serviceAccount.create -}} - {{ default (include "cainjector.fullname" .) .Values.cainjector.serviceAccount.name }} -{{- else -}} - {{ default "default" .Values.cainjector.serviceAccount.name }} -{{- end -}} -{{- end -}} - -{{/* -startupapicheck templates -*/}} - -{{/* -Expand the name of the chart. -Manually fix the 'app' and 'name' labels to 'startupapicheck' to maintain -compatibility with the v0.9 deployment selector. -*/}} -{{- define "startupapicheck.name" -}} -{{- printf "startupapicheck" -}} -{{- end -}} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "startupapicheck.fullname" -}} -{{- $trimmedName := printf "%s" (include "cert-manager.fullname" .) | trunc 52 | trimSuffix "-" -}} -{{- printf "%s-startupapicheck" $trimmedName | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create the name of the service account to use -*/}} -{{- define "startupapicheck.serviceAccountName" -}} -{{- if .Values.startupapicheck.serviceAccount.create -}} - {{ default (include "startupapicheck.fullname" .) .Values.startupapicheck.serviceAccount.name }} -{{- else -}} - {{ default "default" .Values.startupapicheck.serviceAccount.name }} -{{- end -}} -{{- end -}} - -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "chartName" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Labels that should be added on each resource -*/}} -{{- define "labels" -}} -app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} -{{- if eq (default "helm" .Values.creator) "helm" }} -app.kubernetes.io/managed-by: {{ .Release.Service }} -helm.sh/chart: {{ include "chartName" . }} -{{- end -}} -{{- if .Values.global.commonLabels}} -{{ toYaml .Values.global.commonLabels }} -{{- end }} -{{- end -}} - -{{/* -Namespace for all resources to be installed into -If not defined in values file then the helm release namespace is used -By default this is not set so the helm release namespace will be used - -This gets around an problem within helm discussed here -https://github.com/helm/helm/issues/5358 -*/}} -{{- define "cert-manager.namespace" -}} - {{ .Values.namespace | default .Release.Namespace }} -{{- end -}} - -{{/* -Util function for generating the image URL based on the provided options. -IMPORTANT: This function is standarized across all charts in the cert-manager GH organization. -Any changes to this function should also be made in cert-manager, trust-manager, approver-policy, ... -See https://github.com/cert-manager/cert-manager/issues/6329 for a list of linked PRs. -*/}} -{{- define "image" -}} -{{- $defaultTag := index . 1 -}} -{{- with index . 0 -}} -{{- if .registry -}}{{ printf "%s/%s" .registry .repository }}{{- else -}}{{- .repository -}}{{- end -}} -{{- if .digest -}}{{ printf "@%s" .digest }}{{- else -}}{{ printf ":%s" (default $defaultTag .tag) }}{{- end -}} -{{- end }} -{{- end }} - -{{/* -Check that the user has not set both .installCRDs and .crds.enabled or -set .installCRDs and disabled .crds.keep. -.installCRDs is deprecated and users should use .crds.enabled and .crds.keep instead. -*/}} -{{- define "cert-manager.crd-check" -}} - {{- if and (.Values.installCRDs) (.Values.crds.enabled) }} - {{- fail "ERROR: the deprecated .installCRDs option cannot be enabled at the same time as its replacement .crds.enabled" }} - {{- end }} - {{- if and (.Values.installCRDs) (not .Values.crds.keep) }} - {{- fail "ERROR: .crds.keep is not compatible with .installCRDs, please use .crds.enabled and .crds.keep instead" }} - {{- end }} -{{- end -}} diff --git a/charts/cert-manager/cert-manager/templates/cainjector-config.yaml b/charts/cert-manager/cert-manager/templates/cainjector-config.yaml deleted file mode 100644 index 82399cc..0000000 --- a/charts/cert-manager/cert-manager/templates/cainjector-config.yaml +++ /dev/null @@ -1,18 +0,0 @@ -{{- if .Values.cainjector.config -}} -{{- $_ := .Values.cainjector.config.apiVersion | required ".Values.cainjector.config.apiVersion must be set !" -}} -{{- $_ := .Values.cainjector.config.kind | required ".Values.cainjector.config.kind must be set !" -}} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "cainjector.fullname" . }} - namespace: {{ include "cert-manager.namespace" . }} - labels: - app: {{ include "cainjector.name" . }} - app.kubernetes.io/name: {{ include "cainjector.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "cainjector" - {{- include "labels" . | nindent 4 }} -data: - config.yaml: | - {{- .Values.cainjector.config | toYaml | nindent 4 }} -{{- end -}} \ No newline at end of file diff --git a/charts/cert-manager/cert-manager/templates/cainjector-deployment.yaml b/charts/cert-manager/cert-manager/templates/cainjector-deployment.yaml deleted file mode 100644 index 8f9f7f3..0000000 --- a/charts/cert-manager/cert-manager/templates/cainjector-deployment.yaml +++ /dev/null @@ -1,140 +0,0 @@ -{{- if .Values.cainjector.enabled }} -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "cainjector.fullname" . }} - namespace: {{ include "cert-manager.namespace" . }} - labels: - app: {{ include "cainjector.name" . }} - app.kubernetes.io/name: {{ include "cainjector.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "cainjector" - {{- include "labels" . | nindent 4 }} - {{- with .Values.cainjector.deploymentAnnotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - replicas: {{ .Values.cainjector.replicaCount }} - {{- /* The if statement below is equivalent to {{- if $value }} but will also return true for 0. */ -}} - {{- if not (has (quote .Values.global.revisionHistoryLimit) (list "" (quote ""))) }} - revisionHistoryLimit: {{ .Values.global.revisionHistoryLimit }} - {{- end }} - selector: - matchLabels: - app.kubernetes.io/name: {{ include "cainjector.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "cainjector" - {{- with .Values.cainjector.strategy }} - strategy: - {{- toYaml . | nindent 4 }} - {{- end }} - template: - metadata: - labels: - app: {{ include "cainjector.name" . }} - app.kubernetes.io/name: {{ include "cainjector.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "cainjector" - {{- include "labels" . | nindent 8 }} - {{- with .Values.cainjector.podLabels }} - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.cainjector.podAnnotations }} - annotations: - {{- toYaml . | nindent 8 }} - {{- end }} - spec: - serviceAccountName: {{ template "cainjector.serviceAccountName" . }} - {{- if hasKey .Values.cainjector "automountServiceAccountToken" }} - automountServiceAccountToken: {{ .Values.cainjector.automountServiceAccountToken }} - {{- end }} - enableServiceLinks: {{ .Values.cainjector.enableServiceLinks }} - {{- with .Values.global.priorityClassName }} - priorityClassName: {{ . | quote }} - {{- end }} - {{- with .Values.cainjector.securityContext }} - securityContext: - {{- toYaml . | nindent 8 }} - {{- end }} - containers: - - name: {{ .Chart.Name }}-cainjector - image: "{{ template "image" (tuple .Values.cainjector.image $.Chart.AppVersion) }}" - imagePullPolicy: {{ .Values.cainjector.image.pullPolicy }} - args: - {{- /* The if statement below is equivalent to {{- if $value }} but will also return true for 0. */ -}} - {{- if not (has (quote .Values.global.logLevel) (list "" (quote ""))) }} - - --v={{ .Values.global.logLevel }} - {{- end }} - {{- if .Values.cainjector.config }} - - --config=/var/cert-manager/config/config.yaml - {{- end }} - {{- with .Values.global.leaderElection }} - - --leader-election-namespace={{ .namespace }} - {{- if .leaseDuration }} - - --leader-election-lease-duration={{ .leaseDuration }} - {{- end }} - {{- if .renewDeadline }} - - --leader-election-renew-deadline={{ .renewDeadline }} - {{- end }} - {{- if .retryPeriod }} - - --leader-election-retry-period={{ .retryPeriod }} - {{- end }} - {{- end }} - {{- with .Values.cainjector.featureGates}} - - --feature-gates={{ . }} - {{- end}} - {{- with .Values.cainjector.extraArgs }} - {{- toYaml . | nindent 10 }} - {{- end }} - env: - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - {{- with .Values.cainjector.containerSecurityContext }} - securityContext: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- with .Values.cainjector.resources }} - resources: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- if or .Values.cainjector.config .Values.cainjector.volumeMounts }} - volumeMounts: - {{- if .Values.cainjector.config }} - - name: config - mountPath: /var/cert-manager/config - {{- end }} - {{- with .Values.cainjector.volumeMounts }} - {{- toYaml . | nindent 12 }} - {{- end }} - {{- end }} - {{- with .Values.cainjector.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.cainjector.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.cainjector.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.cainjector.topologySpreadConstraints }} - topologySpreadConstraints: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- if or .Values.cainjector.volumes .Values.cainjector.config }} - volumes: - {{- if .Values.cainjector.config }} - - name: config - configMap: - name: {{ include "cainjector.fullname" . }} - {{- end }} - {{ with .Values.cainjector.volumes }} - {{- toYaml . | nindent 8 }} - {{- end }} - {{- end }} -{{- end }} diff --git a/charts/cert-manager/cert-manager/templates/cainjector-poddisruptionbudget.yaml b/charts/cert-manager/cert-manager/templates/cainjector-poddisruptionbudget.yaml deleted file mode 100644 index 6a7d609..0000000 --- a/charts/cert-manager/cert-manager/templates/cainjector-poddisruptionbudget.yaml +++ /dev/null @@ -1,29 +0,0 @@ -{{- if .Values.cainjector.podDisruptionBudget.enabled }} -apiVersion: policy/v1 -kind: PodDisruptionBudget -metadata: - name: {{ include "cainjector.fullname" . }} - namespace: {{ include "cert-manager.namespace" . }} - labels: - app: {{ include "cainjector.name" . }} - app.kubernetes.io/name: {{ include "cainjector.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "cainjector" - {{- include "labels" . | nindent 4 }} -spec: - selector: - matchLabels: - app.kubernetes.io/name: {{ include "cainjector.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "cainjector" - - {{- if not (or (hasKey .Values.cainjector.podDisruptionBudget "minAvailable") (hasKey .Values.cainjector.podDisruptionBudget "maxUnavailable")) }} - minAvailable: 1 # Default value because minAvailable and maxUnavailable are not set - {{- end }} - {{- if hasKey .Values.cainjector.podDisruptionBudget "minAvailable" }} - minAvailable: {{ .Values.cainjector.podDisruptionBudget.minAvailable }} - {{- end }} - {{- if hasKey .Values.cainjector.podDisruptionBudget "maxUnavailable" }} - maxUnavailable: {{ .Values.cainjector.podDisruptionBudget.maxUnavailable }} - {{- end }} -{{- end }} diff --git a/charts/cert-manager/cert-manager/templates/cainjector-psp-clusterrole.yaml b/charts/cert-manager/cert-manager/templates/cainjector-psp-clusterrole.yaml deleted file mode 100644 index b75b9eb..0000000 --- a/charts/cert-manager/cert-manager/templates/cainjector-psp-clusterrole.yaml +++ /dev/null @@ -1,20 +0,0 @@ -{{- if .Values.cainjector.enabled }} -{{- if .Values.global.podSecurityPolicy.enabled }} -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: {{ template "cainjector.fullname" . }}-psp - labels: - app: {{ include "cainjector.name" . }} - app.kubernetes.io/name: {{ include "cainjector.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "cainjector" - {{- include "labels" . | nindent 4 }} -rules: -- apiGroups: ['policy'] - resources: ['podsecuritypolicies'] - verbs: ['use'] - resourceNames: - - {{ template "cainjector.fullname" . }} -{{- end }} -{{- end }} diff --git a/charts/cert-manager/cert-manager/templates/cainjector-psp-clusterrolebinding.yaml b/charts/cert-manager/cert-manager/templates/cainjector-psp-clusterrolebinding.yaml deleted file mode 100644 index e2bfa26..0000000 --- a/charts/cert-manager/cert-manager/templates/cainjector-psp-clusterrolebinding.yaml +++ /dev/null @@ -1,22 +0,0 @@ -{{- if .Values.cainjector.enabled }} -{{- if .Values.global.podSecurityPolicy.enabled }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: {{ template "cainjector.fullname" . }}-psp - labels: - app: {{ include "cainjector.name" . }} - app.kubernetes.io/name: {{ include "cainjector.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "cainjector" - {{- include "labels" . | nindent 4 }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: {{ template "cainjector.fullname" . }}-psp -subjects: - - kind: ServiceAccount - name: {{ template "cainjector.serviceAccountName" . }} - namespace: {{ include "cert-manager.namespace" . }} -{{- end }} -{{- end }} diff --git a/charts/cert-manager/cert-manager/templates/cainjector-psp.yaml b/charts/cert-manager/cert-manager/templates/cainjector-psp.yaml deleted file mode 100644 index 24f01da..0000000 --- a/charts/cert-manager/cert-manager/templates/cainjector-psp.yaml +++ /dev/null @@ -1,51 +0,0 @@ -{{- if .Values.cainjector.enabled }} -{{- if .Values.global.podSecurityPolicy.enabled }} -apiVersion: policy/v1beta1 -kind: PodSecurityPolicy -metadata: - name: {{ template "cainjector.fullname" . }} - labels: - app: {{ include "cainjector.name" . }} - app.kubernetes.io/name: {{ include "cainjector.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "cainjector" - {{- include "labels" . | nindent 4 }} - annotations: - seccomp.security.alpha.kubernetes.io/allowedProfileNames: 'docker/default' - seccomp.security.alpha.kubernetes.io/defaultProfileName: 'docker/default' - {{- if .Values.global.podSecurityPolicy.useAppArmor }} - apparmor.security.beta.kubernetes.io/allowedProfileNames: 'runtime/default' - apparmor.security.beta.kubernetes.io/defaultProfileName: 'runtime/default' - {{- end }} -spec: - privileged: false - allowPrivilegeEscalation: false - allowedCapabilities: [] # default set of capabilities are implicitly allowed - volumes: - - 'configMap' - - 'emptyDir' - - 'projected' - - 'secret' - - 'downwardAPI' - hostNetwork: false - hostIPC: false - hostPID: false - runAsUser: - rule: 'MustRunAs' - ranges: - - min: 1000 - max: 1000 - seLinux: - rule: 'RunAsAny' - supplementalGroups: - rule: 'MustRunAs' - ranges: - - min: 1000 - max: 1000 - fsGroup: - rule: 'MustRunAs' - ranges: - - min: 1000 - max: 1000 -{{- end }} -{{- end }} diff --git a/charts/cert-manager/cert-manager/templates/cainjector-rbac.yaml b/charts/cert-manager/cert-manager/templates/cainjector-rbac.yaml deleted file mode 100644 index 2aa59ee..0000000 --- a/charts/cert-manager/cert-manager/templates/cainjector-rbac.yaml +++ /dev/null @@ -1,103 +0,0 @@ -{{- if .Values.cainjector.enabled }} -{{- if .Values.global.rbac.create }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: {{ template "cainjector.fullname" . }} - labels: - app: {{ include "cainjector.name" . }} - app.kubernetes.io/name: {{ include "cainjector.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "cainjector" - {{- include "labels" . | nindent 4 }} -rules: - - apiGroups: ["cert-manager.io"] - resources: ["certificates"] - verbs: ["get", "list", "watch"] - - apiGroups: [""] - resources: ["secrets"] - verbs: ["get", "list", "watch"] - - apiGroups: [""] - resources: ["events"] - verbs: ["get", "create", "update", "patch"] - - apiGroups: ["admissionregistration.k8s.io"] - resources: ["validatingwebhookconfigurations", "mutatingwebhookconfigurations"] - verbs: ["get", "list", "watch", "update", "patch"] - - apiGroups: ["apiregistration.k8s.io"] - resources: ["apiservices"] - verbs: ["get", "list", "watch", "update", "patch"] - - apiGroups: ["apiextensions.k8s.io"] - resources: ["customresourcedefinitions"] - verbs: ["get", "list", "watch", "update", "patch"] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: {{ template "cainjector.fullname" . }} - labels: - app: {{ include "cainjector.name" . }} - app.kubernetes.io/name: {{ include "cainjector.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "cainjector" - {{- include "labels" . | nindent 4 }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: {{ template "cainjector.fullname" . }} -subjects: - - name: {{ template "cainjector.serviceAccountName" . }} - namespace: {{ include "cert-manager.namespace" . }} - kind: ServiceAccount - ---- -# leader election rules -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: {{ template "cainjector.fullname" . }}:leaderelection - namespace: {{ .Values.global.leaderElection.namespace }} - labels: - app: {{ include "cainjector.name" . }} - app.kubernetes.io/name: {{ include "cainjector.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "cainjector" - {{- include "labels" . | nindent 4 }} -rules: - # Used for leader election by the controller - # cert-manager-cainjector-leader-election is used by the CertificateBased injector controller - # see cmd/cainjector/start.go#L113 - # cert-manager-cainjector-leader-election-core is used by the SecretBased injector controller - # see cmd/cainjector/start.go#L137 - - apiGroups: ["coordination.k8s.io"] - resources: ["leases"] - resourceNames: ["cert-manager-cainjector-leader-election", "cert-manager-cainjector-leader-election-core"] - verbs: ["get", "update", "patch"] - - apiGroups: ["coordination.k8s.io"] - resources: ["leases"] - verbs: ["create"] - ---- - -# grant cert-manager permission to manage the leaderelection configmap in the -# leader election namespace -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: {{ include "cainjector.fullname" . }}:leaderelection - namespace: {{ .Values.global.leaderElection.namespace }} - labels: - app: {{ include "cainjector.name" . }} - app.kubernetes.io/name: {{ include "cainjector.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "cainjector" - {{- include "labels" . | nindent 4 }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: {{ template "cainjector.fullname" . }}:leaderelection -subjects: - - kind: ServiceAccount - name: {{ template "cainjector.serviceAccountName" . }} - namespace: {{ include "cert-manager.namespace" . }} -{{- end }} -{{- end }} diff --git a/charts/cert-manager/cert-manager/templates/cainjector-serviceaccount.yaml b/charts/cert-manager/cert-manager/templates/cainjector-serviceaccount.yaml deleted file mode 100644 index fedc731..0000000 --- a/charts/cert-manager/cert-manager/templates/cainjector-serviceaccount.yaml +++ /dev/null @@ -1,27 +0,0 @@ -{{- if .Values.cainjector.enabled }} -{{- if .Values.cainjector.serviceAccount.create }} -apiVersion: v1 -kind: ServiceAccount -automountServiceAccountToken: {{ .Values.cainjector.serviceAccount.automountServiceAccountToken }} -metadata: - name: {{ template "cainjector.serviceAccountName" . }} - namespace: {{ include "cert-manager.namespace" . }} - {{- with .Values.cainjector.serviceAccount.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} - labels: - app: {{ include "cainjector.name" . }} - app.kubernetes.io/name: {{ include "cainjector.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "cainjector" - {{- include "labels" . | nindent 4 }} - {{- with .Values.cainjector.serviceAccount.labels }} - {{ toYaml . | nindent 4 }} - {{- end }} -{{- with .Values.global.imagePullSecrets }} -imagePullSecrets: - {{- toYaml . | nindent 2 }} -{{- end }} -{{- end }} -{{- end }} diff --git a/charts/cert-manager/cert-manager/templates/controller-config.yaml b/charts/cert-manager/cert-manager/templates/controller-config.yaml deleted file mode 100644 index 25f62ef..0000000 --- a/charts/cert-manager/cert-manager/templates/controller-config.yaml +++ /dev/null @@ -1,18 +0,0 @@ -{{- if .Values.config -}} -{{- $_ := .Values.config.apiVersion | required ".Values.config.apiVersion must be set !" -}} -{{- $_ := .Values.config.kind | required ".Values.config.kind must be set !" -}} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "cert-manager.fullname" . }} - namespace: {{ include "cert-manager.namespace" . }} - labels: - app: {{ include "cert-manager.name" . }} - app.kubernetes.io/name: {{ include "cert-manager.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "controller" - {{- include "labels" . | nindent 4 }} -data: - config.yaml: | - {{- .Values.config | toYaml | nindent 4 }} -{{- end -}} \ No newline at end of file diff --git a/charts/cert-manager/cert-manager/templates/crds.yaml b/charts/cert-manager/cert-manager/templates/crds.yaml deleted file mode 100644 index 2c70ca3..0000000 --- a/charts/cert-manager/cert-manager/templates/crds.yaml +++ /dev/null @@ -1,8179 +0,0 @@ -# {{- include "cert-manager.crd-check" . }} -# START crd {{- if or .Values.crds.enabled .Values.installCRDs }} -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: certificaterequests.cert-manager.io - # START annotations {{- if .Values.crds.keep }} - annotations: - helm.sh/resource-policy: keep - # END annotations {{- end }} - labels: - app: '{{ template "cert-manager.name" . }}' - app.kubernetes.io/name: '{{ template "cert-manager.name" . }}' - app.kubernetes.io/instance: '{{ .Release.Name }}' - # Generated labels {{- include "labels" . | nindent 4 }} -spec: - group: cert-manager.io - names: - kind: CertificateRequest - listKind: CertificateRequestList - plural: certificaterequests - shortNames: - - cr - - crs - singular: certificaterequest - categories: - - cert-manager - scope: Namespaced - versions: - - name: v1 - subresources: - status: {} - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=="Approved")].status - name: Approved - type: string - - jsonPath: .status.conditions[?(@.type=="Denied")].status - name: Denied - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .spec.issuerRef.name - name: Issuer - type: string - - jsonPath: .spec.username - name: Requestor - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - priority: 1 - type: string - - jsonPath: .metadata.creationTimestamp - description: CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. - name: Age - type: date - schema: - openAPIV3Schema: - description: |- - A CertificateRequest is used to request a signed certificate from one of the - configured issuers. - - - All fields within the CertificateRequest's `spec` are immutable after creation. - A CertificateRequest will either succeed or fail, as denoted by its `Ready` status - condition and its `status.failureTime` field. - - - A CertificateRequest is a one-shot resource, meaning it represents a single - point in time request for a certificate and cannot be re-used. - type: object - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: |- - Specification of the desired state of the CertificateRequest resource. - https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status - type: object - required: - - issuerRef - - request - properties: - duration: - description: |- - Requested 'duration' (i.e. lifetime) of the Certificate. Note that the - issuer may choose to ignore the requested duration, just like any other - requested attribute. - type: string - extra: - description: |- - Extra contains extra attributes of the user that created the CertificateRequest. - Populated by the cert-manager webhook on creation and immutable. - type: object - additionalProperties: - type: array - items: - type: string - groups: - description: |- - Groups contains group membership of the user that created the CertificateRequest. - Populated by the cert-manager webhook on creation and immutable. - type: array - items: - type: string - x-kubernetes-list-type: atomic - isCA: - description: |- - Requested basic constraints isCA value. Note that the issuer may choose - to ignore the requested isCA value, just like any other requested attribute. - - - NOTE: If the CSR in the `Request` field has a BasicConstraints extension, - it must have the same isCA value as specified here. - - - If true, this will automatically add the `cert sign` usage to the list - of requested `usages`. - type: boolean - issuerRef: - description: |- - Reference to the issuer responsible for issuing the certificate. - If the issuer is namespace-scoped, it must be in the same namespace - as the Certificate. If the issuer is cluster-scoped, it can be used - from any namespace. - - - The `name` field of the reference must always be specified. - type: object - required: - - name - properties: - group: - description: Group of the resource being referred to. - type: string - kind: - description: Kind of the resource being referred to. - type: string - name: - description: Name of the resource being referred to. - type: string - request: - description: |- - The PEM-encoded X.509 certificate signing request to be submitted to the - issuer for signing. - - - If the CSR has a BasicConstraints extension, its isCA attribute must - match the `isCA` value of this CertificateRequest. - If the CSR has a KeyUsage extension, its key usages must match the - key usages in the `usages` field of this CertificateRequest. - If the CSR has a ExtKeyUsage extension, its extended key usages - must match the extended key usages in the `usages` field of this - CertificateRequest. - type: string - format: byte - uid: - description: |- - UID contains the uid of the user that created the CertificateRequest. - Populated by the cert-manager webhook on creation and immutable. - type: string - usages: - description: |- - Requested key usages and extended key usages. - - - NOTE: If the CSR in the `Request` field has uses the KeyUsage or - ExtKeyUsage extension, these extensions must have the same values - as specified here without any additional values. - - - If unset, defaults to `digital signature` and `key encipherment`. - type: array - items: - description: |- - KeyUsage specifies valid usage contexts for keys. - See: - https://tools.ietf.org/html/rfc5280#section-4.2.1.3 - https://tools.ietf.org/html/rfc5280#section-4.2.1.12 - - - Valid KeyUsage values are as follows: - "signing", - "digital signature", - "content commitment", - "key encipherment", - "key agreement", - "data encipherment", - "cert sign", - "crl sign", - "encipher only", - "decipher only", - "any", - "server auth", - "client auth", - "code signing", - "email protection", - "s/mime", - "ipsec end system", - "ipsec tunnel", - "ipsec user", - "timestamping", - "ocsp signing", - "microsoft sgc", - "netscape sgc" - type: string - enum: - - signing - - digital signature - - content commitment - - key encipherment - - key agreement - - data encipherment - - cert sign - - crl sign - - encipher only - - decipher only - - any - - server auth - - client auth - - code signing - - email protection - - s/mime - - ipsec end system - - ipsec tunnel - - ipsec user - - timestamping - - ocsp signing - - microsoft sgc - - netscape sgc - username: - description: |- - Username contains the name of the user that created the CertificateRequest. - Populated by the cert-manager webhook on creation and immutable. - type: string - status: - description: |- - Status of the CertificateRequest. - This is set and managed automatically. - Read-only. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status - type: object - properties: - ca: - description: |- - The PEM encoded X.509 certificate of the signer, also known as the CA - (Certificate Authority). - This is set on a best-effort basis by different issuers. - If not set, the CA is assumed to be unknown/not available. - type: string - format: byte - certificate: - description: |- - The PEM encoded X.509 certificate resulting from the certificate - signing request. - If not set, the CertificateRequest has either not been completed or has - failed. More information on failure can be found by checking the - `conditions` field. - type: string - format: byte - conditions: - description: |- - List of status conditions to indicate the status of a CertificateRequest. - Known condition types are `Ready`, `InvalidRequest`, `Approved` and `Denied`. - type: array - items: - description: CertificateRequestCondition contains condition information for a CertificateRequest. - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: |- - LastTransitionTime is the timestamp corresponding to the last status - change of this condition. - type: string - format: date-time - message: - description: |- - Message is a human readable description of the details of the last - transition, complementing reason. - type: string - reason: - description: |- - Reason is a brief machine readable explanation for the condition's last - transition. - type: string - status: - description: Status of the condition, one of (`True`, `False`, `Unknown`). - type: string - enum: - - "True" - - "False" - - Unknown - type: - description: |- - Type of the condition, known values are (`Ready`, `InvalidRequest`, - `Approved`, `Denied`). - type: string - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - failureTime: - description: |- - FailureTime stores the time that this CertificateRequest failed. This is - used to influence garbage collection and back-off. - type: string - format: date-time - served: true - storage: true - -# END crd {{- end }} - ---- -# START crd {{- if or .Values.crds.enabled .Values.installCRDs }} -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: certificates.cert-manager.io - # START annotations {{- if .Values.crds.keep }} - annotations: - helm.sh/resource-policy: keep - # END annotations {{- end }} - labels: - app: '{{ template "cert-manager.name" . }}' - app.kubernetes.io/name: '{{ template "cert-manager.name" . }}' - app.kubernetes.io/instance: '{{ .Release.Name }}' - # Generated labels {{- include "labels" . | nindent 4 }} -spec: - group: cert-manager.io - names: - kind: Certificate - listKind: CertificateList - plural: certificates - shortNames: - - cert - - certs - singular: certificate - categories: - - cert-manager - scope: Namespaced - versions: - - name: v1 - subresources: - status: {} - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .spec.secretName - name: Secret - type: string - - jsonPath: .spec.issuerRef.name - name: Issuer - priority: 1 - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - priority: 1 - type: string - - jsonPath: .metadata.creationTimestamp - description: CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. - name: Age - type: date - schema: - openAPIV3Schema: - description: |- - A Certificate resource should be created to ensure an up to date and signed - X.509 certificate is stored in the Kubernetes Secret resource named in `spec.secretName`. - - - The stored certificate will be renewed before it expires (as configured by `spec.renewBefore`). - type: object - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: |- - Specification of the desired state of the Certificate resource. - https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status - type: object - required: - - issuerRef - - secretName - properties: - additionalOutputFormats: - description: |- - Defines extra output formats of the private key and signed certificate chain - to be written to this Certificate's target Secret. - - - This is a Beta Feature enabled by default. It can be disabled with the - `--feature-gates=AdditionalCertificateOutputFormats=false` option set on both - the controller and webhook components. - type: array - items: - description: |- - CertificateAdditionalOutputFormat defines an additional output format of a - Certificate resource. These contain supplementary data formats of the signed - certificate chain and paired private key. - type: object - required: - - type - properties: - type: - description: |- - Type is the name of the format type that should be written to the - Certificate's target Secret. - type: string - enum: - - DER - - CombinedPEM - commonName: - description: |- - Requested common name X509 certificate subject attribute. - More info: https://datatracker.ietf.org/doc/html/rfc5280#section-4.1.2.6 - NOTE: TLS clients will ignore this value when any subject alternative name is - set (see https://tools.ietf.org/html/rfc6125#section-6.4.4). - - - Should have a length of 64 characters or fewer to avoid generating invalid CSRs. - Cannot be set if the `literalSubject` field is set. - type: string - dnsNames: - description: Requested DNS subject alternative names. - type: array - items: - type: string - duration: - description: |- - Requested 'duration' (i.e. lifetime) of the Certificate. Note that the - issuer may choose to ignore the requested duration, just like any other - requested attribute. - - - If unset, this defaults to 90 days. - Minimum accepted duration is 1 hour. - Value must be in units accepted by Go time.ParseDuration https://golang.org/pkg/time/#ParseDuration. - type: string - emailAddresses: - description: Requested email subject alternative names. - type: array - items: - type: string - encodeUsagesInRequest: - description: |- - Whether the KeyUsage and ExtKeyUsage extensions should be set in the encoded CSR. - - - This option defaults to true, and should only be disabled if the target - issuer does not support CSRs with these X509 KeyUsage/ ExtKeyUsage extensions. - type: boolean - ipAddresses: - description: Requested IP address subject alternative names. - type: array - items: - type: string - isCA: - description: |- - Requested basic constraints isCA value. - The isCA value is used to set the `isCA` field on the created CertificateRequest - resources. Note that the issuer may choose to ignore the requested isCA value, just - like any other requested attribute. - - - If true, this will automatically add the `cert sign` usage to the list - of requested `usages`. - type: boolean - issuerRef: - description: |- - Reference to the issuer responsible for issuing the certificate. - If the issuer is namespace-scoped, it must be in the same namespace - as the Certificate. If the issuer is cluster-scoped, it can be used - from any namespace. - - - The `name` field of the reference must always be specified. - type: object - required: - - name - properties: - group: - description: Group of the resource being referred to. - type: string - kind: - description: Kind of the resource being referred to. - type: string - name: - description: Name of the resource being referred to. - type: string - keystores: - description: Additional keystore output formats to be stored in the Certificate's Secret. - type: object - properties: - jks: - description: |- - JKS configures options for storing a JKS keystore in the - `spec.secretName` Secret resource. - type: object - required: - - create - - passwordSecretRef - properties: - alias: - description: |- - Alias specifies the alias of the key in the keystore, required by the JKS format. - If not provided, the default alias `certificate` will be used. - type: string - create: - description: |- - Create enables JKS keystore creation for the Certificate. - If true, a file named `keystore.jks` will be created in the target - Secret resource, encrypted using the password stored in - `passwordSecretRef`. - The keystore file will be updated immediately. - If the issuer provided a CA certificate, a file named `truststore.jks` - will also be created in the target Secret resource, encrypted using the - password stored in `passwordSecretRef` - containing the issuing Certificate Authority - type: boolean - passwordSecretRef: - description: |- - PasswordSecretRef is a reference to a key in a Secret resource - containing the password used to encrypt the JKS keystore. - type: object - required: - - name - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. - Some instances of this field may be defaulted, in others it may be - required. - type: string - name: - description: |- - Name of the resource being referred to. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - pkcs12: - description: |- - PKCS12 configures options for storing a PKCS12 keystore in the - `spec.secretName` Secret resource. - type: object - required: - - create - - passwordSecretRef - properties: - create: - description: |- - Create enables PKCS12 keystore creation for the Certificate. - If true, a file named `keystore.p12` will be created in the target - Secret resource, encrypted using the password stored in - `passwordSecretRef`. - The keystore file will be updated immediately. - If the issuer provided a CA certificate, a file named `truststore.p12` will - also be created in the target Secret resource, encrypted using the - password stored in `passwordSecretRef` containing the issuing Certificate - Authority - type: boolean - passwordSecretRef: - description: |- - PasswordSecretRef is a reference to a key in a Secret resource - containing the password used to encrypt the PKCS12 keystore. - type: object - required: - - name - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. - Some instances of this field may be defaulted, in others it may be - required. - type: string - name: - description: |- - Name of the resource being referred to. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - profile: - description: |- - Profile specifies the key and certificate encryption algorithms and the HMAC algorithm - used to create the PKCS12 keystore. Default value is `LegacyRC2` for backward compatibility. - - - If provided, allowed values are: - `LegacyRC2`: Deprecated. Not supported by default in OpenSSL 3 or Java 20. - `LegacyDES`: Less secure algorithm. Use this option for maximal compatibility. - `Modern2023`: Secure algorithm. Use this option in case you have to always use secure algorithms - (eg. because of company policy). Please note that the security of the algorithm is not that important - in reality, because the unencrypted certificate and private key are also stored in the Secret. - type: string - enum: - - LegacyRC2 - - LegacyDES - - Modern2023 - literalSubject: - description: |- - Requested X.509 certificate subject, represented using the LDAP "String - Representation of a Distinguished Name" [1]. - Important: the LDAP string format also specifies the order of the attributes - in the subject, this is important when issuing certs for LDAP authentication. - Example: `CN=foo,DC=corp,DC=example,DC=com` - More info [1]: https://datatracker.ietf.org/doc/html/rfc4514 - More info: https://github.com/cert-manager/cert-manager/issues/3203 - More info: https://github.com/cert-manager/cert-manager/issues/4424 - - - Cannot be set if the `subject` or `commonName` field is set. - type: string - nameConstraints: - description: |- - x.509 certificate NameConstraint extension which MUST NOT be used in a non-CA certificate. - More Info: https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.10 - - - This is an Alpha Feature and is only enabled with the - `--feature-gates=NameConstraints=true` option set on both - the controller and webhook components. - type: object - properties: - critical: - description: if true then the name constraints are marked critical. - type: boolean - excluded: - description: |- - Excluded contains the constraints which must be disallowed. Any name matching a - restriction in the excluded field is invalid regardless - of information appearing in the permitted - type: object - properties: - dnsDomains: - description: DNSDomains is a list of DNS domains that are permitted or excluded. - type: array - items: - type: string - emailAddresses: - description: EmailAddresses is a list of Email Addresses that are permitted or excluded. - type: array - items: - type: string - ipRanges: - description: |- - IPRanges is a list of IP Ranges that are permitted or excluded. - This should be a valid CIDR notation. - type: array - items: - type: string - uriDomains: - description: URIDomains is a list of URI domains that are permitted or excluded. - type: array - items: - type: string - permitted: - description: Permitted contains the constraints in which the names must be located. - type: object - properties: - dnsDomains: - description: DNSDomains is a list of DNS domains that are permitted or excluded. - type: array - items: - type: string - emailAddresses: - description: EmailAddresses is a list of Email Addresses that are permitted or excluded. - type: array - items: - type: string - ipRanges: - description: |- - IPRanges is a list of IP Ranges that are permitted or excluded. - This should be a valid CIDR notation. - type: array - items: - type: string - uriDomains: - description: URIDomains is a list of URI domains that are permitted or excluded. - type: array - items: - type: string - otherNames: - description: |- - `otherNames` is an escape hatch for SAN that allows any type. We currently restrict the support to string like otherNames, cf RFC 5280 p 37 - Any UTF8 String valued otherName can be passed with by setting the keys oid: x.x.x.x and UTF8Value: somevalue for `otherName`. - Most commonly this would be UPN set with oid: 1.3.6.1.4.1.311.20.2.3 - You should ensure that any OID passed is valid for the UTF8String type as we do not explicitly validate this. - type: array - items: - type: object - properties: - oid: - description: |- - OID is the object identifier for the otherName SAN. - The object identifier must be expressed as a dotted string, for - example, "1.2.840.113556.1.4.221". - type: string - utf8Value: - description: |- - utf8Value is the string value of the otherName SAN. - The utf8Value accepts any valid UTF8 string to set as value for the otherName SAN. - type: string - privateKey: - description: |- - Private key options. These include the key algorithm and size, the used - encoding and the rotation policy. - type: object - properties: - algorithm: - description: |- - Algorithm is the private key algorithm of the corresponding private key - for this certificate. - - - If provided, allowed values are either `RSA`, `ECDSA` or `Ed25519`. - If `algorithm` is specified and `size` is not provided, - key size of 2048 will be used for `RSA` key algorithm and - key size of 256 will be used for `ECDSA` key algorithm. - key size is ignored when using the `Ed25519` key algorithm. - type: string - enum: - - RSA - - ECDSA - - Ed25519 - encoding: - description: |- - The private key cryptography standards (PKCS) encoding for this - certificate's private key to be encoded in. - - - If provided, allowed values are `PKCS1` and `PKCS8` standing for PKCS#1 - and PKCS#8, respectively. - Defaults to `PKCS1` if not specified. - type: string - enum: - - PKCS1 - - PKCS8 - rotationPolicy: - description: |- - RotationPolicy controls how private keys should be regenerated when a - re-issuance is being processed. - - - If set to `Never`, a private key will only be generated if one does not - already exist in the target `spec.secretName`. If one does exists but it - does not have the correct algorithm or size, a warning will be raised - to await user intervention. - If set to `Always`, a private key matching the specified requirements - will be generated whenever a re-issuance occurs. - Default is `Never` for backward compatibility. - type: string - enum: - - Never - - Always - size: - description: |- - Size is the key bit size of the corresponding private key for this certificate. - - - If `algorithm` is set to `RSA`, valid values are `2048`, `4096` or `8192`, - and will default to `2048` if not specified. - If `algorithm` is set to `ECDSA`, valid values are `256`, `384` or `521`, - and will default to `256` if not specified. - If `algorithm` is set to `Ed25519`, Size is ignored. - No other values are allowed. - type: integer - renewBefore: - description: |- - How long before the currently issued certificate's expiry cert-manager should - renew the certificate. For example, if a certificate is valid for 60 minutes, - and `renewBefore=10m`, cert-manager will begin to attempt to renew the certificate - 50 minutes after it was issued (i.e. when there are 10 minutes remaining until - the certificate is no longer valid). - - - NOTE: The actual lifetime of the issued certificate is used to determine the - renewal time. If an issuer returns a certificate with a different lifetime than - the one requested, cert-manager will use the lifetime of the issued certificate. - - - If unset, this defaults to 1/3 of the issued certificate's lifetime. - Minimum accepted value is 5 minutes. - Value must be in units accepted by Go time.ParseDuration https://golang.org/pkg/time/#ParseDuration. - type: string - revisionHistoryLimit: - description: |- - The maximum number of CertificateRequest revisions that are maintained in - the Certificate's history. Each revision represents a single `CertificateRequest` - created by this Certificate, either when it was created, renewed, or Spec - was changed. Revisions will be removed by oldest first if the number of - revisions exceeds this number. - - - If set, revisionHistoryLimit must be a value of `1` or greater. - If unset (`nil`), revisions will not be garbage collected. - Default value is `nil`. - type: integer - format: int32 - secretName: - description: |- - Name of the Secret resource that will be automatically created and - managed by this Certificate resource. It will be populated with a - private key and certificate, signed by the denoted issuer. The Secret - resource lives in the same namespace as the Certificate resource. - type: string - secretTemplate: - description: |- - Defines annotations and labels to be copied to the Certificate's Secret. - Labels and annotations on the Secret will be changed as they appear on the - SecretTemplate when added or removed. SecretTemplate annotations are added - in conjunction with, and cannot overwrite, the base set of annotations - cert-manager sets on the Certificate's Secret. - type: object - properties: - annotations: - description: Annotations is a key value map to be copied to the target Kubernetes Secret. - type: object - additionalProperties: - type: string - labels: - description: Labels is a key value map to be copied to the target Kubernetes Secret. - type: object - additionalProperties: - type: string - subject: - description: |- - Requested set of X509 certificate subject attributes. - More info: https://datatracker.ietf.org/doc/html/rfc5280#section-4.1.2.6 - - - The common name attribute is specified separately in the `commonName` field. - Cannot be set if the `literalSubject` field is set. - type: object - properties: - countries: - description: Countries to be used on the Certificate. - type: array - items: - type: string - localities: - description: Cities to be used on the Certificate. - type: array - items: - type: string - organizationalUnits: - description: Organizational Units to be used on the Certificate. - type: array - items: - type: string - organizations: - description: Organizations to be used on the Certificate. - type: array - items: - type: string - postalCodes: - description: Postal codes to be used on the Certificate. - type: array - items: - type: string - provinces: - description: State/Provinces to be used on the Certificate. - type: array - items: - type: string - serialNumber: - description: Serial number to be used on the Certificate. - type: string - streetAddresses: - description: Street addresses to be used on the Certificate. - type: array - items: - type: string - uris: - description: Requested URI subject alternative names. - type: array - items: - type: string - usages: - description: |- - Requested key usages and extended key usages. - These usages are used to set the `usages` field on the created CertificateRequest - resources. If `encodeUsagesInRequest` is unset or set to `true`, the usages - will additionally be encoded in the `request` field which contains the CSR blob. - - - If unset, defaults to `digital signature` and `key encipherment`. - type: array - items: - description: |- - KeyUsage specifies valid usage contexts for keys. - See: - https://tools.ietf.org/html/rfc5280#section-4.2.1.3 - https://tools.ietf.org/html/rfc5280#section-4.2.1.12 - - - Valid KeyUsage values are as follows: - "signing", - "digital signature", - "content commitment", - "key encipherment", - "key agreement", - "data encipherment", - "cert sign", - "crl sign", - "encipher only", - "decipher only", - "any", - "server auth", - "client auth", - "code signing", - "email protection", - "s/mime", - "ipsec end system", - "ipsec tunnel", - "ipsec user", - "timestamping", - "ocsp signing", - "microsoft sgc", - "netscape sgc" - type: string - enum: - - signing - - digital signature - - content commitment - - key encipherment - - key agreement - - data encipherment - - cert sign - - crl sign - - encipher only - - decipher only - - any - - server auth - - client auth - - code signing - - email protection - - s/mime - - ipsec end system - - ipsec tunnel - - ipsec user - - timestamping - - ocsp signing - - microsoft sgc - - netscape sgc - status: - description: |- - Status of the Certificate. - This is set and managed automatically. - Read-only. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status - type: object - properties: - conditions: - description: |- - List of status conditions to indicate the status of certificates. - Known condition types are `Ready` and `Issuing`. - type: array - items: - description: CertificateCondition contains condition information for an Certificate. - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: |- - LastTransitionTime is the timestamp corresponding to the last status - change of this condition. - type: string - format: date-time - message: - description: |- - Message is a human readable description of the details of the last - transition, complementing reason. - type: string - observedGeneration: - description: |- - If set, this represents the .metadata.generation that the condition was - set based upon. - For instance, if .metadata.generation is currently 12, but the - .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the Certificate. - type: integer - format: int64 - reason: - description: |- - Reason is a brief machine readable explanation for the condition's last - transition. - type: string - status: - description: Status of the condition, one of (`True`, `False`, `Unknown`). - type: string - enum: - - "True" - - "False" - - Unknown - type: - description: Type of the condition, known values are (`Ready`, `Issuing`). - type: string - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - failedIssuanceAttempts: - description: |- - The number of continuous failed issuance attempts up till now. This - field gets removed (if set) on a successful issuance and gets set to - 1 if unset and an issuance has failed. If an issuance has failed, the - delay till the next issuance will be calculated using formula - time.Hour * 2 ^ (failedIssuanceAttempts - 1). - type: integer - lastFailureTime: - description: |- - LastFailureTime is set only if the lastest issuance for this - Certificate failed and contains the time of the failure. If an - issuance has failed, the delay till the next issuance will be - calculated using formula time.Hour * 2 ^ (failedIssuanceAttempts - - 1). If the latest issuance has succeeded this field will be unset. - type: string - format: date-time - nextPrivateKeySecretName: - description: |- - The name of the Secret resource containing the private key to be used - for the next certificate iteration. - The keymanager controller will automatically set this field if the - `Issuing` condition is set to `True`. - It will automatically unset this field when the Issuing condition is - not set or False. - type: string - notAfter: - description: |- - The expiration time of the certificate stored in the secret named - by this resource in `spec.secretName`. - type: string - format: date-time - notBefore: - description: |- - The time after which the certificate stored in the secret named - by this resource in `spec.secretName` is valid. - type: string - format: date-time - renewalTime: - description: |- - RenewalTime is the time at which the certificate will be next - renewed. - If not set, no upcoming renewal is scheduled. - type: string - format: date-time - revision: - description: |- - The current 'revision' of the certificate as issued. - - - When a CertificateRequest resource is created, it will have the - `cert-manager.io/certificate-revision` set to one greater than the - current value of this field. - - - Upon issuance, this field will be set to the value of the annotation - on the CertificateRequest resource used to issue the certificate. - - - Persisting the value on the CertificateRequest resource allows the - certificates controller to know whether a request is part of an old - issuance or if it is part of the ongoing revision's issuance by - checking if the revision value in the annotation is greater than this - field. - type: integer - served: true - storage: true - -# END crd {{- end }} - ---- -# START crd {{- if or .Values.crds.enabled .Values.installCRDs }} -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: challenges.acme.cert-manager.io - # START annotations {{- if .Values.crds.keep }} - annotations: - helm.sh/resource-policy: keep - # END annotations {{- end }} - labels: - app: '{{ template "cert-manager.name" . }}' - app.kubernetes.io/name: '{{ template "cert-manager.name" . }}' - app.kubernetes.io/instance: '{{ .Release.Name }}' - # Generated labels {{- include "labels" . | nindent 4 }} -spec: - group: acme.cert-manager.io - names: - kind: Challenge - listKind: ChallengeList - plural: challenges - singular: challenge - categories: - - cert-manager - - cert-manager-acme - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .status.state - name: State - type: string - - jsonPath: .spec.dnsName - name: Domain - type: string - - jsonPath: .status.reason - name: Reason - priority: 1 - type: string - - description: CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1 - schema: - openAPIV3Schema: - description: Challenge is a type to represent a Challenge request with an ACME server - type: object - required: - - metadata - - spec - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - type: object - required: - - authorizationURL - - dnsName - - issuerRef - - key - - solver - - token - - type - - url - properties: - authorizationURL: - description: |- - The URL to the ACME Authorization resource that this - challenge is a part of. - type: string - dnsName: - description: |- - dnsName is the identifier that this challenge is for, e.g. example.com. - If the requested DNSName is a 'wildcard', this field MUST be set to the - non-wildcard domain, e.g. for `*.example.com`, it must be `example.com`. - type: string - issuerRef: - description: |- - References a properly configured ACME-type Issuer which should - be used to create this Challenge. - If the Issuer does not exist, processing will be retried. - If the Issuer is not an 'ACME' Issuer, an error will be returned and the - Challenge will be marked as failed. - type: object - required: - - name - properties: - group: - description: Group of the resource being referred to. - type: string - kind: - description: Kind of the resource being referred to. - type: string - name: - description: Name of the resource being referred to. - type: string - key: - description: |- - The ACME challenge key for this challenge - For HTTP01 challenges, this is the value that must be responded with to - complete the HTTP01 challenge in the format: - `.`. - For DNS01 challenges, this is the base64 encoded SHA256 sum of the - `.` - text that must be set as the TXT record content. - type: string - solver: - description: |- - Contains the domain solving configuration that should be used to - solve this challenge resource. - type: object - properties: - dns01: - description: |- - Configures cert-manager to attempt to complete authorizations by - performing the DNS01 challenge flow. - type: object - properties: - acmeDNS: - description: |- - Use the 'ACME DNS' (https://github.com/joohoi/acme-dns) API to manage - DNS01 challenge records. - type: object - required: - - accountSecretRef - - host - properties: - accountSecretRef: - description: |- - A reference to a specific 'key' within a Secret resource. - In some instances, `key` is a required field. - type: object - required: - - name - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. - Some instances of this field may be defaulted, in others it may be - required. - type: string - name: - description: |- - Name of the resource being referred to. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - host: - type: string - akamai: - description: Use the Akamai DNS zone management API to manage DNS01 challenge records. - type: object - required: - - accessTokenSecretRef - - clientSecretSecretRef - - clientTokenSecretRef - - serviceConsumerDomain - properties: - accessTokenSecretRef: - description: |- - A reference to a specific 'key' within a Secret resource. - In some instances, `key` is a required field. - type: object - required: - - name - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. - Some instances of this field may be defaulted, in others it may be - required. - type: string - name: - description: |- - Name of the resource being referred to. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - clientSecretSecretRef: - description: |- - A reference to a specific 'key' within a Secret resource. - In some instances, `key` is a required field. - type: object - required: - - name - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. - Some instances of this field may be defaulted, in others it may be - required. - type: string - name: - description: |- - Name of the resource being referred to. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - clientTokenSecretRef: - description: |- - A reference to a specific 'key' within a Secret resource. - In some instances, `key` is a required field. - type: object - required: - - name - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. - Some instances of this field may be defaulted, in others it may be - required. - type: string - name: - description: |- - Name of the resource being referred to. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - serviceConsumerDomain: - type: string - azureDNS: - description: Use the Microsoft Azure DNS API to manage DNS01 challenge records. - type: object - required: - - resourceGroupName - - subscriptionID - properties: - clientID: - description: |- - Auth: Azure Service Principal: - The ClientID of the Azure Service Principal used to authenticate with Azure DNS. - If set, ClientSecret and TenantID must also be set. - type: string - clientSecretSecretRef: - description: |- - Auth: Azure Service Principal: - A reference to a Secret containing the password associated with the Service Principal. - If set, ClientID and TenantID must also be set. - type: object - required: - - name - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. - Some instances of this field may be defaulted, in others it may be - required. - type: string - name: - description: |- - Name of the resource being referred to. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - environment: - description: name of the Azure environment (default AzurePublicCloud) - type: string - enum: - - AzurePublicCloud - - AzureChinaCloud - - AzureGermanCloud - - AzureUSGovernmentCloud - hostedZoneName: - description: name of the DNS zone that should be used - type: string - managedIdentity: - description: |- - Auth: Azure Workload Identity or Azure Managed Service Identity: - Settings to enable Azure Workload Identity or Azure Managed Service Identity - If set, ClientID, ClientSecret and TenantID must not be set. - type: object - properties: - clientID: - description: client ID of the managed identity, can not be used at the same time as resourceID - type: string - resourceID: - description: |- - resource ID of the managed identity, can not be used at the same time as clientID - Cannot be used for Azure Managed Service Identity - type: string - resourceGroupName: - description: resource group the DNS zone is located in - type: string - subscriptionID: - description: ID of the Azure subscription - type: string - tenantID: - description: |- - Auth: Azure Service Principal: - The TenantID of the Azure Service Principal used to authenticate with Azure DNS. - If set, ClientID and ClientSecret must also be set. - type: string - cloudDNS: - description: Use the Google Cloud DNS API to manage DNS01 challenge records. - type: object - required: - - project - properties: - hostedZoneName: - description: |- - HostedZoneName is an optional field that tells cert-manager in which - Cloud DNS zone the challenge record has to be created. - If left empty cert-manager will automatically choose a zone. - type: string - project: - type: string - serviceAccountSecretRef: - description: |- - A reference to a specific 'key' within a Secret resource. - In some instances, `key` is a required field. - type: object - required: - - name - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. - Some instances of this field may be defaulted, in others it may be - required. - type: string - name: - description: |- - Name of the resource being referred to. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - cloudflare: - description: Use the Cloudflare API to manage DNS01 challenge records. - type: object - properties: - apiKeySecretRef: - description: |- - API key to use to authenticate with Cloudflare. - Note: using an API token to authenticate is now the recommended method - as it allows greater control of permissions. - type: object - required: - - name - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. - Some instances of this field may be defaulted, in others it may be - required. - type: string - name: - description: |- - Name of the resource being referred to. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - apiTokenSecretRef: - description: API token used to authenticate with Cloudflare. - type: object - required: - - name - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. - Some instances of this field may be defaulted, in others it may be - required. - type: string - name: - description: |- - Name of the resource being referred to. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - email: - description: Email of the account, only required when using API key based authentication. - type: string - cnameStrategy: - description: |- - CNAMEStrategy configures how the DNS01 provider should handle CNAME - records when found in DNS zones. - type: string - enum: - - None - - Follow - digitalocean: - description: Use the DigitalOcean DNS API to manage DNS01 challenge records. - type: object - required: - - tokenSecretRef - properties: - tokenSecretRef: - description: |- - A reference to a specific 'key' within a Secret resource. - In some instances, `key` is a required field. - type: object - required: - - name - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. - Some instances of this field may be defaulted, in others it may be - required. - type: string - name: - description: |- - Name of the resource being referred to. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - rfc2136: - description: |- - Use RFC2136 ("Dynamic Updates in the Domain Name System") (https://datatracker.ietf.org/doc/rfc2136/) - to manage DNS01 challenge records. - type: object - required: - - nameserver - properties: - nameserver: - description: |- - The IP address or hostname of an authoritative DNS server supporting - RFC2136 in the form host:port. If the host is an IPv6 address it must be - enclosed in square brackets (e.g [2001:db8::1]) ; port is optional. - This field is required. - type: string - tsigAlgorithm: - description: |- - The TSIG Algorithm configured in the DNS supporting RFC2136. Used only - when ``tsigSecretSecretRef`` and ``tsigKeyName`` are defined. - Supported values are (case-insensitive): ``HMACMD5`` (default), - ``HMACSHA1``, ``HMACSHA256`` or ``HMACSHA512``. - type: string - tsigKeyName: - description: |- - The TSIG Key name configured in the DNS. - If ``tsigSecretSecretRef`` is defined, this field is required. - type: string - tsigSecretSecretRef: - description: |- - The name of the secret containing the TSIG value. - If ``tsigKeyName`` is defined, this field is required. - type: object - required: - - name - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. - Some instances of this field may be defaulted, in others it may be - required. - type: string - name: - description: |- - Name of the resource being referred to. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - route53: - description: Use the AWS Route53 API to manage DNS01 challenge records. - type: object - required: - - region - properties: - accessKeyID: - description: |- - The AccessKeyID is used for authentication. - Cannot be set when SecretAccessKeyID is set. - If neither the Access Key nor Key ID are set, we fall-back to using env - vars, shared credentials file or AWS Instance metadata, - see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials - type: string - accessKeyIDSecretRef: - description: |- - The SecretAccessKey is used for authentication. If set, pull the AWS - access key ID from a key within a Kubernetes Secret. - Cannot be set when AccessKeyID is set. - If neither the Access Key nor Key ID are set, we fall-back to using env - vars, shared credentials file or AWS Instance metadata, - see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials - type: object - required: - - name - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. - Some instances of this field may be defaulted, in others it may be - required. - type: string - name: - description: |- - Name of the resource being referred to. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - auth: - description: Auth configures how cert-manager authenticates. - type: object - required: - - kubernetes - properties: - kubernetes: - description: |- - Kubernetes authenticates with Route53 using AssumeRoleWithWebIdentity - by passing a bound ServiceAccount token. - type: object - required: - - serviceAccountRef - properties: - serviceAccountRef: - description: |- - A reference to a service account that will be used to request a bound - token (also known as "projected token"). To use this field, you must - configure an RBAC rule to let cert-manager request a token. - type: object - required: - - name - properties: - audiences: - description: |- - TokenAudiences is an optional list of audiences to include in the - token passed to AWS. The default token consisting of the issuer's namespace - and name is always included. - If unset the audience defaults to `sts.amazonaws.com`. - type: array - items: - type: string - name: - description: Name of the ServiceAccount used to request a token. - type: string - hostedZoneID: - description: If set, the provider will manage only this zone in Route53 and will not do an lookup using the route53:ListHostedZonesByName api call. - type: string - region: - description: Always set the region when using AccessKeyID and SecretAccessKey - type: string - role: - description: |- - Role is a Role ARN which the Route53 provider will assume using either the explicit credentials AccessKeyID/SecretAccessKey - or the inferred credentials from environment variables, shared credentials file or AWS Instance metadata - type: string - secretAccessKeySecretRef: - description: |- - The SecretAccessKey is used for authentication. - If neither the Access Key nor Key ID are set, we fall-back to using env - vars, shared credentials file or AWS Instance metadata, - see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials - type: object - required: - - name - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. - Some instances of this field may be defaulted, in others it may be - required. - type: string - name: - description: |- - Name of the resource being referred to. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - webhook: - description: |- - Configure an external webhook based DNS01 challenge solver to manage - DNS01 challenge records. - type: object - required: - - groupName - - solverName - properties: - config: - description: |- - Additional configuration that should be passed to the webhook apiserver - when challenges are processed. - This can contain arbitrary JSON data. - Secret values should not be specified in this stanza. - If secret values are needed (e.g. credentials for a DNS service), you - should use a SecretKeySelector to reference a Secret resource. - For details on the schema of this field, consult the webhook provider - implementation's documentation. - x-kubernetes-preserve-unknown-fields: true - groupName: - description: |- - The API group name that should be used when POSTing ChallengePayload - resources to the webhook apiserver. - This should be the same as the GroupName specified in the webhook - provider implementation. - type: string - solverName: - description: |- - The name of the solver to use, as defined in the webhook provider - implementation. - This will typically be the name of the provider, e.g. 'cloudflare'. - type: string - http01: - description: |- - Configures cert-manager to attempt to complete authorizations by - performing the HTTP01 challenge flow. - It is not possible to obtain certificates for wildcard domain names - (e.g. `*.example.com`) using the HTTP01 challenge mechanism. - type: object - properties: - gatewayHTTPRoute: - description: |- - The Gateway API is a sig-network community API that models service networking - in Kubernetes (https://gateway-api.sigs.k8s.io/). The Gateway solver will - create HTTPRoutes with the specified labels in the same namespace as the challenge. - This solver is experimental, and fields / behaviour may change in the future. - type: object - properties: - labels: - description: |- - Custom labels that will be applied to HTTPRoutes created by cert-manager - while solving HTTP-01 challenges. - type: object - additionalProperties: - type: string - parentRefs: - description: |- - When solving an HTTP-01 challenge, cert-manager creates an HTTPRoute. - cert-manager needs to know which parentRefs should be used when creating - the HTTPRoute. Usually, the parentRef references a Gateway. See: - https://gateway-api.sigs.k8s.io/api-types/httproute/#attaching-to-gateways - type: array - items: - description: |- - ParentReference identifies an API object (usually a Gateway) that can be considered - a parent of this resource (usually a route). There are two kinds of parent resources - with "Core" support: - - - * Gateway (Gateway conformance profile) - * Service (Mesh conformance profile, ClusterIP Services only) - - - This API may be extended in the future to support additional kinds of parent - resources. - - - The API object must be valid in the cluster; the Group and Kind must - be registered in the cluster for this reference to be valid. - type: object - required: - - name - properties: - group: - description: |- - Group is the group of the referent. - When unspecified, "gateway.networking.k8s.io" is inferred. - To set the core API group (such as for a "Service" kind referent), - Group must be explicitly set to "" (empty string). - - - Support: Core - type: string - default: gateway.networking.k8s.io - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - kind: - description: |- - Kind is kind of the referent. - - - There are two kinds of parent resources with "Core" support: - - - * Gateway (Gateway conformance profile) - * Service (Mesh conformance profile, ClusterIP Services only) - - - Support for other resources is Implementation-Specific. - type: string - default: Gateway - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - name: - description: |- - Name is the name of the referent. - - - Support: Core - type: string - maxLength: 253 - minLength: 1 - namespace: - description: |- - Namespace is the namespace of the referent. When unspecified, this refers - to the local namespace of the Route. - - - Note that there are specific rules for ParentRefs which cross namespace - boundaries. Cross-namespace references are only valid if they are explicitly - allowed by something in the namespace they are referring to. For example: - Gateway has the AllowedRoutes field, and ReferenceGrant provides a - generic way to enable any other kind of cross-namespace reference. - - - - ParentRefs from a Route to a Service in the same namespace are "producer" - routes, which apply default routing rules to inbound connections from - any namespace to the Service. - - - ParentRefs from a Route to a Service in a different namespace are - "consumer" routes, and these routing rules are only applied to outbound - connections originating from the same namespace as the Route, for which - the intended destination of the connections are a Service targeted as a - ParentRef of the Route. - - - - Support: Core - type: string - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - port: - description: |- - Port is the network port this Route targets. It can be interpreted - differently based on the type of parent resource. - - - When the parent resource is a Gateway, this targets all listeners - listening on the specified port that also support this kind of Route(and - select this Route). It's not recommended to set `Port` unless the - networking behaviors specified in a Route must apply to a specific port - as opposed to a listener(s) whose port(s) may be changed. When both Port - and SectionName are specified, the name and port of the selected listener - must match both specified values. - - - - When the parent resource is a Service, this targets a specific port in the - Service spec. When both Port (experimental) and SectionName are specified, - the name and port of the selected port must match both specified values. - - - - Implementations MAY choose to support other parent resources. - Implementations supporting other types of parent resources MUST clearly - document how/if Port is interpreted. - - - For the purpose of status, an attachment is considered successful as - long as the parent resource accepts it partially. For example, Gateway - listeners can restrict which Routes can attach to them by Route kind, - namespace, or hostname. If 1 of 2 Gateway listeners accept attachment - from the referencing Route, the Route MUST be considered successfully - attached. If no Gateway listeners accept attachment from this Route, - the Route MUST be considered detached from the Gateway. - - - Support: Extended - type: integer - format: int32 - maximum: 65535 - minimum: 1 - sectionName: - description: |- - SectionName is the name of a section within the target resource. In the - following resources, SectionName is interpreted as the following: - - - * Gateway: Listener name. When both Port (experimental) and SectionName - are specified, the name and port of the selected listener must match - both specified values. - * Service: Port name. When both Port (experimental) and SectionName - are specified, the name and port of the selected listener must match - both specified values. - - - Implementations MAY choose to support attaching Routes to other resources. - If that is the case, they MUST clearly document how SectionName is - interpreted. - - - When unspecified (empty string), this will reference the entire resource. - For the purpose of status, an attachment is considered successful if at - least one section in the parent resource accepts it. For example, Gateway - listeners can restrict which Routes can attach to them by Route kind, - namespace, or hostname. If 1 of 2 Gateway listeners accept attachment from - the referencing Route, the Route MUST be considered successfully - attached. If no Gateway listeners accept attachment from this Route, the - Route MUST be considered detached from the Gateway. - - - Support: Core - type: string - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - serviceType: - description: |- - Optional service type for Kubernetes solver service. Supported values - are NodePort or ClusterIP. If unset, defaults to NodePort. - type: string - ingress: - description: |- - The ingress based HTTP01 challenge solver will solve challenges by - creating or modifying Ingress resources in order to route requests for - '/.well-known/acme-challenge/XYZ' to 'challenge solver' pods that are - provisioned by cert-manager for each Challenge to be completed. - type: object - properties: - class: - description: |- - This field configures the annotation `kubernetes.io/ingress.class` when - creating Ingress resources to solve ACME challenges that use this - challenge solver. Only one of `class`, `name` or `ingressClassName` may - be specified. - type: string - ingressClassName: - description: |- - This field configures the field `ingressClassName` on the created Ingress - resources used to solve ACME challenges that use this challenge solver. - This is the recommended way of configuring the ingress class. Only one of - `class`, `name` or `ingressClassName` may be specified. - type: string - ingressTemplate: - description: |- - Optional ingress template used to configure the ACME challenge solver - ingress used for HTTP01 challenges. - type: object - properties: - metadata: - description: |- - ObjectMeta overrides for the ingress used to solve HTTP01 challenges. - Only the 'labels' and 'annotations' fields may be set. - If labels or annotations overlap with in-built values, the values here - will override the in-built values. - type: object - properties: - annotations: - description: Annotations that should be added to the created ACME HTTP01 solver ingress. - type: object - additionalProperties: - type: string - labels: - description: Labels that should be added to the created ACME HTTP01 solver ingress. - type: object - additionalProperties: - type: string - name: - description: |- - The name of the ingress resource that should have ACME challenge solving - routes inserted into it in order to solve HTTP01 challenges. - This is typically used in conjunction with ingress controllers like - ingress-gce, which maintains a 1:1 mapping between external IPs and - ingress resources. Only one of `class`, `name` or `ingressClassName` may - be specified. - type: string - podTemplate: - description: |- - Optional pod template used to configure the ACME challenge solver pods - used for HTTP01 challenges. - type: object - properties: - metadata: - description: |- - ObjectMeta overrides for the pod used to solve HTTP01 challenges. - Only the 'labels' and 'annotations' fields may be set. - If labels or annotations overlap with in-built values, the values here - will override the in-built values. - type: object - properties: - annotations: - description: Annotations that should be added to the create ACME HTTP01 solver pods. - type: object - additionalProperties: - type: string - labels: - description: Labels that should be added to the created ACME HTTP01 solver pods. - type: object - additionalProperties: - type: string - spec: - description: |- - PodSpec defines overrides for the HTTP01 challenge solver pod. - Check ACMEChallengeSolverHTTP01IngressPodSpec to find out currently supported fields. - All other fields will be ignored. - type: object - properties: - affinity: - description: If specified, the pod's scheduling constraints - type: object - properties: - nodeAffinity: - description: Describes node affinity scheduling rules for the pod. - type: object - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: |- - The scheduler will prefer to schedule pods to nodes that satisfy - the affinity expressions specified by this field, but it may choose - a node that violates one or more of the expressions. The node that is - most preferred is the one with the greatest sum of weights, i.e. - for each node that meets all of the scheduling requirements (resource - request, requiredDuringScheduling affinity expressions, etc.), - compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node matches the corresponding matchExpressions; the - node(s) with the highest sum are the most preferred. - type: array - items: - description: |- - An empty preferred scheduling term matches all objects with implicit weight 0 - (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). - type: object - required: - - preference - - weight - properties: - preference: - description: A node selector term, associated with the corresponding weight. - type: object - properties: - matchExpressions: - description: A list of node selector requirements by node's labels. - type: array - items: - description: |- - A node selector requirement is a selector that contains values, a key, and an operator - that relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: The label key that the selector applies to. - type: string - operator: - description: |- - Represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - type: string - values: - description: |- - An array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. If the operator is Gt or Lt, the values - array must have a single element, which will be interpreted as an integer. - This array is replaced during a strategic merge patch. - type: array - items: - type: string - x-kubernetes-list-type: atomic - x-kubernetes-list-type: atomic - matchFields: - description: A list of node selector requirements by node's fields. - type: array - items: - description: |- - A node selector requirement is a selector that contains values, a key, and an operator - that relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: The label key that the selector applies to. - type: string - operator: - description: |- - Represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - type: string - values: - description: |- - An array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. If the operator is Gt or Lt, the values - array must have a single element, which will be interpreted as an integer. - This array is replaced during a strategic merge patch. - type: array - items: - type: string - x-kubernetes-list-type: atomic - x-kubernetes-list-type: atomic - x-kubernetes-map-type: atomic - weight: - description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. - type: integer - format: int32 - x-kubernetes-list-type: atomic - requiredDuringSchedulingIgnoredDuringExecution: - description: |- - If the affinity requirements specified by this field are not met at - scheduling time, the pod will not be scheduled onto the node. - If the affinity requirements specified by this field cease to be met - at some point during pod execution (e.g. due to an update), the system - may or may not try to eventually evict the pod from its node. - type: object - required: - - nodeSelectorTerms - properties: - nodeSelectorTerms: - description: Required. A list of node selector terms. The terms are ORed. - type: array - items: - description: |- - A null or empty node selector term matches no objects. The requirements of - them are ANDed. - The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. - type: object - properties: - matchExpressions: - description: A list of node selector requirements by node's labels. - type: array - items: - description: |- - A node selector requirement is a selector that contains values, a key, and an operator - that relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: The label key that the selector applies to. - type: string - operator: - description: |- - Represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - type: string - values: - description: |- - An array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. If the operator is Gt or Lt, the values - array must have a single element, which will be interpreted as an integer. - This array is replaced during a strategic merge patch. - type: array - items: - type: string - x-kubernetes-list-type: atomic - x-kubernetes-list-type: atomic - matchFields: - description: A list of node selector requirements by node's fields. - type: array - items: - description: |- - A node selector requirement is a selector that contains values, a key, and an operator - that relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: The label key that the selector applies to. - type: string - operator: - description: |- - Represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - type: string - values: - description: |- - An array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. If the operator is Gt or Lt, the values - array must have a single element, which will be interpreted as an integer. - This array is replaced during a strategic merge patch. - type: array - items: - type: string - x-kubernetes-list-type: atomic - x-kubernetes-list-type: atomic - x-kubernetes-map-type: atomic - x-kubernetes-list-type: atomic - x-kubernetes-map-type: atomic - podAffinity: - description: Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). - type: object - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: |- - The scheduler will prefer to schedule pods to nodes that satisfy - the affinity expressions specified by this field, but it may choose - a node that violates one or more of the expressions. The node that is - most preferred is the one with the greatest sum of weights, i.e. - for each node that meets all of the scheduling requirements (resource - request, requiredDuringScheduling affinity expressions, etc.), - compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the - node(s) with the highest sum are the most preferred. - type: array - items: - description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) - type: object - required: - - podAffinityTerm - - weight - properties: - podAffinityTerm: - description: Required. A pod affinity term, associated with the corresponding weight. - type: object - required: - - topologyKey - properties: - labelSelector: - description: |- - A label query over a set of resources, in this case pods. - If it's null, this PodAffinityTerm matches with no Pods. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - type: array - items: - type: string - x-kubernetes-list-type: atomic - x-kubernetes-list-type: atomic - matchLabels: - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - additionalProperties: - type: string - x-kubernetes-map-type: atomic - matchLabelKeys: - description: |- - MatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both matchLabelKeys and labelSelector. - Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - type: array - items: - type: string - x-kubernetes-list-type: atomic - mismatchLabelKeys: - description: |- - MismatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. - Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - type: array - items: - type: string - x-kubernetes-list-type: atomic - namespaceSelector: - description: |- - A label query over the set of namespaces that the term applies to. - The term is applied to the union of the namespaces selected by this field - and the ones listed in the namespaces field. - null selector and null or empty namespaces list means "this pod's namespace". - An empty selector ({}) matches all namespaces. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - type: array - items: - type: string - x-kubernetes-list-type: atomic - x-kubernetes-list-type: atomic - matchLabels: - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - additionalProperties: - type: string - x-kubernetes-map-type: atomic - namespaces: - description: |- - namespaces specifies a static list of namespace names that the term applies to. - The term is applied to the union of the namespaces listed in this field - and the ones selected by namespaceSelector. - null or empty namespaces list and null namespaceSelector means "this pod's namespace". - type: array - items: - type: string - x-kubernetes-list-type: atomic - topologyKey: - description: |- - This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching - the labelSelector in the specified namespaces, where co-located is defined as running on a node - whose value of the label with key topologyKey matches that of any node on which any of the - selected pods is running. - Empty topologyKey is not allowed. - type: string - weight: - description: |- - weight associated with matching the corresponding podAffinityTerm, - in the range 1-100. - type: integer - format: int32 - x-kubernetes-list-type: atomic - requiredDuringSchedulingIgnoredDuringExecution: - description: |- - If the affinity requirements specified by this field are not met at - scheduling time, the pod will not be scheduled onto the node. - If the affinity requirements specified by this field cease to be met - at some point during pod execution (e.g. due to a pod label update), the - system may or may not try to eventually evict the pod from its node. - When there are multiple elements, the lists of nodes corresponding to each - podAffinityTerm are intersected, i.e. all terms must be satisfied. - type: array - items: - description: |- - Defines a set of pods (namely those matching the labelSelector - relative to the given namespace(s)) that this pod should be - co-located (affinity) or not co-located (anti-affinity) with, - where co-located is defined as running on a node whose value of - the label with key matches that of any node on which - a pod of the set of pods is running - type: object - required: - - topologyKey - properties: - labelSelector: - description: |- - A label query over a set of resources, in this case pods. - If it's null, this PodAffinityTerm matches with no Pods. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - type: array - items: - type: string - x-kubernetes-list-type: atomic - x-kubernetes-list-type: atomic - matchLabels: - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - additionalProperties: - type: string - x-kubernetes-map-type: atomic - matchLabelKeys: - description: |- - MatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both matchLabelKeys and labelSelector. - Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - type: array - items: - type: string - x-kubernetes-list-type: atomic - mismatchLabelKeys: - description: |- - MismatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. - Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - type: array - items: - type: string - x-kubernetes-list-type: atomic - namespaceSelector: - description: |- - A label query over the set of namespaces that the term applies to. - The term is applied to the union of the namespaces selected by this field - and the ones listed in the namespaces field. - null selector and null or empty namespaces list means "this pod's namespace". - An empty selector ({}) matches all namespaces. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - type: array - items: - type: string - x-kubernetes-list-type: atomic - x-kubernetes-list-type: atomic - matchLabels: - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - additionalProperties: - type: string - x-kubernetes-map-type: atomic - namespaces: - description: |- - namespaces specifies a static list of namespace names that the term applies to. - The term is applied to the union of the namespaces listed in this field - and the ones selected by namespaceSelector. - null or empty namespaces list and null namespaceSelector means "this pod's namespace". - type: array - items: - type: string - x-kubernetes-list-type: atomic - topologyKey: - description: |- - This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching - the labelSelector in the specified namespaces, where co-located is defined as running on a node - whose value of the label with key topologyKey matches that of any node on which any of the - selected pods is running. - Empty topologyKey is not allowed. - type: string - x-kubernetes-list-type: atomic - podAntiAffinity: - description: Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). - type: object - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: |- - The scheduler will prefer to schedule pods to nodes that satisfy - the anti-affinity expressions specified by this field, but it may choose - a node that violates one or more of the expressions. The node that is - most preferred is the one with the greatest sum of weights, i.e. - for each node that meets all of the scheduling requirements (resource - request, requiredDuringScheduling anti-affinity expressions, etc.), - compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the - node(s) with the highest sum are the most preferred. - type: array - items: - description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) - type: object - required: - - podAffinityTerm - - weight - properties: - podAffinityTerm: - description: Required. A pod affinity term, associated with the corresponding weight. - type: object - required: - - topologyKey - properties: - labelSelector: - description: |- - A label query over a set of resources, in this case pods. - If it's null, this PodAffinityTerm matches with no Pods. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - type: array - items: - type: string - x-kubernetes-list-type: atomic - x-kubernetes-list-type: atomic - matchLabels: - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - additionalProperties: - type: string - x-kubernetes-map-type: atomic - matchLabelKeys: - description: |- - MatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both matchLabelKeys and labelSelector. - Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - type: array - items: - type: string - x-kubernetes-list-type: atomic - mismatchLabelKeys: - description: |- - MismatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. - Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - type: array - items: - type: string - x-kubernetes-list-type: atomic - namespaceSelector: - description: |- - A label query over the set of namespaces that the term applies to. - The term is applied to the union of the namespaces selected by this field - and the ones listed in the namespaces field. - null selector and null or empty namespaces list means "this pod's namespace". - An empty selector ({}) matches all namespaces. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - type: array - items: - type: string - x-kubernetes-list-type: atomic - x-kubernetes-list-type: atomic - matchLabels: - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - additionalProperties: - type: string - x-kubernetes-map-type: atomic - namespaces: - description: |- - namespaces specifies a static list of namespace names that the term applies to. - The term is applied to the union of the namespaces listed in this field - and the ones selected by namespaceSelector. - null or empty namespaces list and null namespaceSelector means "this pod's namespace". - type: array - items: - type: string - x-kubernetes-list-type: atomic - topologyKey: - description: |- - This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching - the labelSelector in the specified namespaces, where co-located is defined as running on a node - whose value of the label with key topologyKey matches that of any node on which any of the - selected pods is running. - Empty topologyKey is not allowed. - type: string - weight: - description: |- - weight associated with matching the corresponding podAffinityTerm, - in the range 1-100. - type: integer - format: int32 - x-kubernetes-list-type: atomic - requiredDuringSchedulingIgnoredDuringExecution: - description: |- - If the anti-affinity requirements specified by this field are not met at - scheduling time, the pod will not be scheduled onto the node. - If the anti-affinity requirements specified by this field cease to be met - at some point during pod execution (e.g. due to a pod label update), the - system may or may not try to eventually evict the pod from its node. - When there are multiple elements, the lists of nodes corresponding to each - podAffinityTerm are intersected, i.e. all terms must be satisfied. - type: array - items: - description: |- - Defines a set of pods (namely those matching the labelSelector - relative to the given namespace(s)) that this pod should be - co-located (affinity) or not co-located (anti-affinity) with, - where co-located is defined as running on a node whose value of - the label with key matches that of any node on which - a pod of the set of pods is running - type: object - required: - - topologyKey - properties: - labelSelector: - description: |- - A label query over a set of resources, in this case pods. - If it's null, this PodAffinityTerm matches with no Pods. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - type: array - items: - type: string - x-kubernetes-list-type: atomic - x-kubernetes-list-type: atomic - matchLabels: - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - additionalProperties: - type: string - x-kubernetes-map-type: atomic - matchLabelKeys: - description: |- - MatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both matchLabelKeys and labelSelector. - Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - type: array - items: - type: string - x-kubernetes-list-type: atomic - mismatchLabelKeys: - description: |- - MismatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. - Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - type: array - items: - type: string - x-kubernetes-list-type: atomic - namespaceSelector: - description: |- - A label query over the set of namespaces that the term applies to. - The term is applied to the union of the namespaces selected by this field - and the ones listed in the namespaces field. - null selector and null or empty namespaces list means "this pod's namespace". - An empty selector ({}) matches all namespaces. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - type: array - items: - type: string - x-kubernetes-list-type: atomic - x-kubernetes-list-type: atomic - matchLabels: - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - additionalProperties: - type: string - x-kubernetes-map-type: atomic - namespaces: - description: |- - namespaces specifies a static list of namespace names that the term applies to. - The term is applied to the union of the namespaces listed in this field - and the ones selected by namespaceSelector. - null or empty namespaces list and null namespaceSelector means "this pod's namespace". - type: array - items: - type: string - x-kubernetes-list-type: atomic - topologyKey: - description: |- - This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching - the labelSelector in the specified namespaces, where co-located is defined as running on a node - whose value of the label with key topologyKey matches that of any node on which any of the - selected pods is running. - Empty topologyKey is not allowed. - type: string - x-kubernetes-list-type: atomic - imagePullSecrets: - description: If specified, the pod's imagePullSecrets - type: array - items: - description: |- - LocalObjectReference contains enough information to let you locate the - referenced object inside the same namespace. - type: object - properties: - name: - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - TODO: Add other useful fields. apiVersion, kind, uid? - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. - type: string - default: "" - x-kubernetes-map-type: atomic - nodeSelector: - description: |- - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that node. - More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ - type: object - additionalProperties: - type: string - priorityClassName: - description: If specified, the pod's priorityClassName. - type: string - serviceAccountName: - description: If specified, the pod's service account - type: string - tolerations: - description: If specified, the pod's tolerations. - type: array - items: - description: |- - The pod this Toleration is attached to tolerates any taint that matches - the triple using the matching operator . - type: object - properties: - effect: - description: |- - Effect indicates the taint effect to match. Empty means match all taint effects. - When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: |- - Key is the taint key that the toleration applies to. Empty means match all taint keys. - If the key is empty, operator must be Exists; this combination means to match all values and all keys. - type: string - operator: - description: |- - Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod can - tolerate all taints of a particular category. - type: string - tolerationSeconds: - description: |- - TolerationSeconds represents the period of time the toleration (which must be - of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, - it is not set, which means tolerate the taint forever (do not evict). Zero and - negative values will be treated as 0 (evict immediately) by the system. - type: integer - format: int64 - value: - description: |- - Value is the taint value the toleration matches to. - If the operator is Exists, the value should be empty, otherwise just a regular string. - type: string - serviceType: - description: |- - Optional service type for Kubernetes solver service. Supported values - are NodePort or ClusterIP. If unset, defaults to NodePort. - type: string - selector: - description: |- - Selector selects a set of DNSNames on the Certificate resource that - should be solved using this challenge solver. - If not specified, the solver will be treated as the 'default' solver - with the lowest priority, i.e. if any other solver has a more specific - match, it will be used instead. - type: object - properties: - dnsNames: - description: |- - List of DNSNames that this solver will be used to solve. - If specified and a match is found, a dnsNames selector will take - precedence over a dnsZones selector. - If multiple solvers match with the same dnsNames value, the solver - with the most matching labels in matchLabels will be selected. - If neither has more matches, the solver defined earlier in the list - will be selected. - type: array - items: - type: string - dnsZones: - description: |- - List of DNSZones that this solver will be used to solve. - The most specific DNS zone match specified here will take precedence - over other DNS zone matches, so a solver specifying sys.example.com - will be selected over one specifying example.com for the domain - www.sys.example.com. - If multiple solvers match with the same dnsZones value, the solver - with the most matching labels in matchLabels will be selected. - If neither has more matches, the solver defined earlier in the list - will be selected. - type: array - items: - type: string - matchLabels: - description: |- - A label selector that is used to refine the set of certificate's that - this challenge solver will apply to. - type: object - additionalProperties: - type: string - token: - description: |- - The ACME challenge token for this challenge. - This is the raw value returned from the ACME server. - type: string - type: - description: |- - The type of ACME challenge this resource represents. - One of "HTTP-01" or "DNS-01". - type: string - enum: - - HTTP-01 - - DNS-01 - url: - description: |- - The URL of the ACME Challenge resource for this challenge. - This can be used to lookup details about the status of this challenge. - type: string - wildcard: - description: |- - wildcard will be true if this challenge is for a wildcard identifier, - for example '*.example.com'. - type: boolean - status: - type: object - properties: - presented: - description: |- - presented will be set to true if the challenge values for this challenge - are currently 'presented'. - This *does not* imply the self check is passing. Only that the values - have been 'submitted' for the appropriate challenge mechanism (i.e. the - DNS01 TXT record has been presented, or the HTTP01 configuration has been - configured). - type: boolean - processing: - description: |- - Used to denote whether this challenge should be processed or not. - This field will only be set to true by the 'scheduling' component. - It will only be set to false by the 'challenges' controller, after the - challenge has reached a final state or timed out. - If this field is set to false, the challenge controller will not take - any more action. - type: boolean - reason: - description: |- - Contains human readable information on why the Challenge is in the - current state. - type: string - state: - description: |- - Contains the current 'state' of the challenge. - If not set, the state of the challenge is unknown. - type: string - enum: - - valid - - ready - - pending - - processing - - invalid - - expired - - errored - served: true - storage: true - subresources: - status: {} - -# END crd {{- end }} - ---- -# START crd {{- if or .Values.crds.enabled .Values.installCRDs }} -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: clusterissuers.cert-manager.io - # START annotations {{- if .Values.crds.keep }} - annotations: - helm.sh/resource-policy: keep - # END annotations {{- end }} - labels: - app: '{{ template "cert-manager.name" . }}' - app.kubernetes.io/name: '{{ template "cert-manager.name" . }}' - app.kubernetes.io/instance: '{{ .Release.Name }}' - # Generated labels {{- include "labels" . | nindent 4 }} -spec: - group: cert-manager.io - names: - kind: ClusterIssuer - listKind: ClusterIssuerList - plural: clusterissuers - singular: clusterissuer - categories: - - cert-manager - scope: Cluster - versions: - - name: v1 - subresources: - status: {} - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - priority: 1 - type: string - - jsonPath: .metadata.creationTimestamp - description: CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. - name: Age - type: date - schema: - openAPIV3Schema: - description: |- - A ClusterIssuer represents a certificate issuing authority which can be - referenced as part of `issuerRef` fields. - It is similar to an Issuer, however it is cluster-scoped and therefore can - be referenced by resources that exist in *any* namespace, not just the same - namespace as the referent. - type: object - required: - - spec - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: Desired state of the ClusterIssuer resource. - type: object - properties: - acme: - description: |- - ACME configures this issuer to communicate with a RFC8555 (ACME) server - to obtain signed x509 certificates. - type: object - required: - - privateKeySecretRef - - server - properties: - caBundle: - description: |- - Base64-encoded bundle of PEM CAs which can be used to validate the certificate - chain presented by the ACME server. - Mutually exclusive with SkipTLSVerify; prefer using CABundle to prevent various - kinds of security vulnerabilities. - If CABundle and SkipTLSVerify are unset, the system certificate bundle inside - the container is used to validate the TLS connection. - type: string - format: byte - disableAccountKeyGeneration: - description: |- - Enables or disables generating a new ACME account key. - If true, the Issuer resource will *not* request a new account but will expect - the account key to be supplied via an existing secret. - If false, the cert-manager system will generate a new ACME account key - for the Issuer. - Defaults to false. - type: boolean - email: - description: |- - Email is the email address to be associated with the ACME account. - This field is optional, but it is strongly recommended to be set. - It will be used to contact you in case of issues with your account or - certificates, including expiry notification emails. - This field may be updated after the account is initially registered. - type: string - enableDurationFeature: - description: |- - Enables requesting a Not After date on certificates that matches the - duration of the certificate. This is not supported by all ACME servers - like Let's Encrypt. If set to true when the ACME server does not support - it, it will create an error on the Order. - Defaults to false. - type: boolean - externalAccountBinding: - description: |- - ExternalAccountBinding is a reference to a CA external account of the ACME - server. - If set, upon registration cert-manager will attempt to associate the given - external account credentials with the registered ACME account. - type: object - required: - - keyID - - keySecretRef - properties: - keyAlgorithm: - description: |- - Deprecated: keyAlgorithm field exists for historical compatibility - reasons and should not be used. The algorithm is now hardcoded to HS256 - in golang/x/crypto/acme. - type: string - enum: - - HS256 - - HS384 - - HS512 - keyID: - description: keyID is the ID of the CA key that the External Account is bound to. - type: string - keySecretRef: - description: |- - keySecretRef is a Secret Key Selector referencing a data item in a Kubernetes - Secret which holds the symmetric MAC key of the External Account Binding. - The `key` is the index string that is paired with the key data in the - Secret and should not be confused with the key data itself, or indeed with - the External Account Binding keyID above. - The secret key stored in the Secret **must** be un-padded, base64 URL - encoded data. - type: object - required: - - name - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. - Some instances of this field may be defaulted, in others it may be - required. - type: string - name: - description: |- - Name of the resource being referred to. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - preferredChain: - description: |- - PreferredChain is the chain to use if the ACME server outputs multiple. - PreferredChain is no guarantee that this one gets delivered by the ACME - endpoint. - For example, for Let's Encrypt's DST crosssign you would use: - "DST Root CA X3" or "ISRG Root X1" for the newer Let's Encrypt root CA. - This value picks the first certificate bundle in the combined set of - ACME default and alternative chains that has a root-most certificate with - this value as its issuer's commonname. - type: string - maxLength: 64 - privateKeySecretRef: - description: |- - PrivateKey is the name of a Kubernetes Secret resource that will be used to - store the automatically generated ACME account private key. - Optionally, a `key` may be specified to select a specific entry within - the named Secret resource. - If `key` is not specified, a default of `tls.key` will be used. - type: object - required: - - name - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. - Some instances of this field may be defaulted, in others it may be - required. - type: string - name: - description: |- - Name of the resource being referred to. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - server: - description: |- - Server is the URL used to access the ACME server's 'directory' endpoint. - For example, for Let's Encrypt's staging endpoint, you would use: - "https://acme-staging-v02.api.letsencrypt.org/directory". - Only ACME v2 endpoints (i.e. RFC 8555) are supported. - type: string - skipTLSVerify: - description: |- - INSECURE: Enables or disables validation of the ACME server TLS certificate. - If true, requests to the ACME server will not have the TLS certificate chain - validated. - Mutually exclusive with CABundle; prefer using CABundle to prevent various - kinds of security vulnerabilities. - Only enable this option in development environments. - If CABundle and SkipTLSVerify are unset, the system certificate bundle inside - the container is used to validate the TLS connection. - Defaults to false. - type: boolean - solvers: - description: |- - Solvers is a list of challenge solvers that will be used to solve - ACME challenges for the matching domains. - Solver configurations must be provided in order to obtain certificates - from an ACME server. - For more information, see: https://cert-manager.io/docs/configuration/acme/ - type: array - items: - description: |- - An ACMEChallengeSolver describes how to solve ACME challenges for the issuer it is part of. - A selector may be provided to use different solving strategies for different DNS names. - Only one of HTTP01 or DNS01 must be provided. - type: object - properties: - dns01: - description: |- - Configures cert-manager to attempt to complete authorizations by - performing the DNS01 challenge flow. - type: object - properties: - acmeDNS: - description: |- - Use the 'ACME DNS' (https://github.com/joohoi/acme-dns) API to manage - DNS01 challenge records. - type: object - required: - - accountSecretRef - - host - properties: - accountSecretRef: - description: |- - A reference to a specific 'key' within a Secret resource. - In some instances, `key` is a required field. - type: object - required: - - name - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. - Some instances of this field may be defaulted, in others it may be - required. - type: string - name: - description: |- - Name of the resource being referred to. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - host: - type: string - akamai: - description: Use the Akamai DNS zone management API to manage DNS01 challenge records. - type: object - required: - - accessTokenSecretRef - - clientSecretSecretRef - - clientTokenSecretRef - - serviceConsumerDomain - properties: - accessTokenSecretRef: - description: |- - A reference to a specific 'key' within a Secret resource. - In some instances, `key` is a required field. - type: object - required: - - name - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. - Some instances of this field may be defaulted, in others it may be - required. - type: string - name: - description: |- - Name of the resource being referred to. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - clientSecretSecretRef: - description: |- - A reference to a specific 'key' within a Secret resource. - In some instances, `key` is a required field. - type: object - required: - - name - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. - Some instances of this field may be defaulted, in others it may be - required. - type: string - name: - description: |- - Name of the resource being referred to. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - clientTokenSecretRef: - description: |- - A reference to a specific 'key' within a Secret resource. - In some instances, `key` is a required field. - type: object - required: - - name - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. - Some instances of this field may be defaulted, in others it may be - required. - type: string - name: - description: |- - Name of the resource being referred to. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - serviceConsumerDomain: - type: string - azureDNS: - description: Use the Microsoft Azure DNS API to manage DNS01 challenge records. - type: object - required: - - resourceGroupName - - subscriptionID - properties: - clientID: - description: |- - Auth: Azure Service Principal: - The ClientID of the Azure Service Principal used to authenticate with Azure DNS. - If set, ClientSecret and TenantID must also be set. - type: string - clientSecretSecretRef: - description: |- - Auth: Azure Service Principal: - A reference to a Secret containing the password associated with the Service Principal. - If set, ClientID and TenantID must also be set. - type: object - required: - - name - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. - Some instances of this field may be defaulted, in others it may be - required. - type: string - name: - description: |- - Name of the resource being referred to. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - environment: - description: name of the Azure environment (default AzurePublicCloud) - type: string - enum: - - AzurePublicCloud - - AzureChinaCloud - - AzureGermanCloud - - AzureUSGovernmentCloud - hostedZoneName: - description: name of the DNS zone that should be used - type: string - managedIdentity: - description: |- - Auth: Azure Workload Identity or Azure Managed Service Identity: - Settings to enable Azure Workload Identity or Azure Managed Service Identity - If set, ClientID, ClientSecret and TenantID must not be set. - type: object - properties: - clientID: - description: client ID of the managed identity, can not be used at the same time as resourceID - type: string - resourceID: - description: |- - resource ID of the managed identity, can not be used at the same time as clientID - Cannot be used for Azure Managed Service Identity - type: string - resourceGroupName: - description: resource group the DNS zone is located in - type: string - subscriptionID: - description: ID of the Azure subscription - type: string - tenantID: - description: |- - Auth: Azure Service Principal: - The TenantID of the Azure Service Principal used to authenticate with Azure DNS. - If set, ClientID and ClientSecret must also be set. - type: string - cloudDNS: - description: Use the Google Cloud DNS API to manage DNS01 challenge records. - type: object - required: - - project - properties: - hostedZoneName: - description: |- - HostedZoneName is an optional field that tells cert-manager in which - Cloud DNS zone the challenge record has to be created. - If left empty cert-manager will automatically choose a zone. - type: string - project: - type: string - serviceAccountSecretRef: - description: |- - A reference to a specific 'key' within a Secret resource. - In some instances, `key` is a required field. - type: object - required: - - name - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. - Some instances of this field may be defaulted, in others it may be - required. - type: string - name: - description: |- - Name of the resource being referred to. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - cloudflare: - description: Use the Cloudflare API to manage DNS01 challenge records. - type: object - properties: - apiKeySecretRef: - description: |- - API key to use to authenticate with Cloudflare. - Note: using an API token to authenticate is now the recommended method - as it allows greater control of permissions. - type: object - required: - - name - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. - Some instances of this field may be defaulted, in others it may be - required. - type: string - name: - description: |- - Name of the resource being referred to. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - apiTokenSecretRef: - description: API token used to authenticate with Cloudflare. - type: object - required: - - name - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. - Some instances of this field may be defaulted, in others it may be - required. - type: string - name: - description: |- - Name of the resource being referred to. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - email: - description: Email of the account, only required when using API key based authentication. - type: string - cnameStrategy: - description: |- - CNAMEStrategy configures how the DNS01 provider should handle CNAME - records when found in DNS zones. - type: string - enum: - - None - - Follow - digitalocean: - description: Use the DigitalOcean DNS API to manage DNS01 challenge records. - type: object - required: - - tokenSecretRef - properties: - tokenSecretRef: - description: |- - A reference to a specific 'key' within a Secret resource. - In some instances, `key` is a required field. - type: object - required: - - name - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. - Some instances of this field may be defaulted, in others it may be - required. - type: string - name: - description: |- - Name of the resource being referred to. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - rfc2136: - description: |- - Use RFC2136 ("Dynamic Updates in the Domain Name System") (https://datatracker.ietf.org/doc/rfc2136/) - to manage DNS01 challenge records. - type: object - required: - - nameserver - properties: - nameserver: - description: |- - The IP address or hostname of an authoritative DNS server supporting - RFC2136 in the form host:port. If the host is an IPv6 address it must be - enclosed in square brackets (e.g [2001:db8::1]) ; port is optional. - This field is required. - type: string - tsigAlgorithm: - description: |- - The TSIG Algorithm configured in the DNS supporting RFC2136. Used only - when ``tsigSecretSecretRef`` and ``tsigKeyName`` are defined. - Supported values are (case-insensitive): ``HMACMD5`` (default), - ``HMACSHA1``, ``HMACSHA256`` or ``HMACSHA512``. - type: string - tsigKeyName: - description: |- - The TSIG Key name configured in the DNS. - If ``tsigSecretSecretRef`` is defined, this field is required. - type: string - tsigSecretSecretRef: - description: |- - The name of the secret containing the TSIG value. - If ``tsigKeyName`` is defined, this field is required. - type: object - required: - - name - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. - Some instances of this field may be defaulted, in others it may be - required. - type: string - name: - description: |- - Name of the resource being referred to. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - route53: - description: Use the AWS Route53 API to manage DNS01 challenge records. - type: object - required: - - region - properties: - accessKeyID: - description: |- - The AccessKeyID is used for authentication. - Cannot be set when SecretAccessKeyID is set. - If neither the Access Key nor Key ID are set, we fall-back to using env - vars, shared credentials file or AWS Instance metadata, - see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials - type: string - accessKeyIDSecretRef: - description: |- - The SecretAccessKey is used for authentication. If set, pull the AWS - access key ID from a key within a Kubernetes Secret. - Cannot be set when AccessKeyID is set. - If neither the Access Key nor Key ID are set, we fall-back to using env - vars, shared credentials file or AWS Instance metadata, - see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials - type: object - required: - - name - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. - Some instances of this field may be defaulted, in others it may be - required. - type: string - name: - description: |- - Name of the resource being referred to. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - auth: - description: Auth configures how cert-manager authenticates. - type: object - required: - - kubernetes - properties: - kubernetes: - description: |- - Kubernetes authenticates with Route53 using AssumeRoleWithWebIdentity - by passing a bound ServiceAccount token. - type: object - required: - - serviceAccountRef - properties: - serviceAccountRef: - description: |- - A reference to a service account that will be used to request a bound - token (also known as "projected token"). To use this field, you must - configure an RBAC rule to let cert-manager request a token. - type: object - required: - - name - properties: - audiences: - description: |- - TokenAudiences is an optional list of audiences to include in the - token passed to AWS. The default token consisting of the issuer's namespace - and name is always included. - If unset the audience defaults to `sts.amazonaws.com`. - type: array - items: - type: string - name: - description: Name of the ServiceAccount used to request a token. - type: string - hostedZoneID: - description: If set, the provider will manage only this zone in Route53 and will not do an lookup using the route53:ListHostedZonesByName api call. - type: string - region: - description: Always set the region when using AccessKeyID and SecretAccessKey - type: string - role: - description: |- - Role is a Role ARN which the Route53 provider will assume using either the explicit credentials AccessKeyID/SecretAccessKey - or the inferred credentials from environment variables, shared credentials file or AWS Instance metadata - type: string - secretAccessKeySecretRef: - description: |- - The SecretAccessKey is used for authentication. - If neither the Access Key nor Key ID are set, we fall-back to using env - vars, shared credentials file or AWS Instance metadata, - see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials - type: object - required: - - name - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. - Some instances of this field may be defaulted, in others it may be - required. - type: string - name: - description: |- - Name of the resource being referred to. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - webhook: - description: |- - Configure an external webhook based DNS01 challenge solver to manage - DNS01 challenge records. - type: object - required: - - groupName - - solverName - properties: - config: - description: |- - Additional configuration that should be passed to the webhook apiserver - when challenges are processed. - This can contain arbitrary JSON data. - Secret values should not be specified in this stanza. - If secret values are needed (e.g. credentials for a DNS service), you - should use a SecretKeySelector to reference a Secret resource. - For details on the schema of this field, consult the webhook provider - implementation's documentation. - x-kubernetes-preserve-unknown-fields: true - groupName: - description: |- - The API group name that should be used when POSTing ChallengePayload - resources to the webhook apiserver. - This should be the same as the GroupName specified in the webhook - provider implementation. - type: string - solverName: - description: |- - The name of the solver to use, as defined in the webhook provider - implementation. - This will typically be the name of the provider, e.g. 'cloudflare'. - type: string - http01: - description: |- - Configures cert-manager to attempt to complete authorizations by - performing the HTTP01 challenge flow. - It is not possible to obtain certificates for wildcard domain names - (e.g. `*.example.com`) using the HTTP01 challenge mechanism. - type: object - properties: - gatewayHTTPRoute: - description: |- - The Gateway API is a sig-network community API that models service networking - in Kubernetes (https://gateway-api.sigs.k8s.io/). The Gateway solver will - create HTTPRoutes with the specified labels in the same namespace as the challenge. - This solver is experimental, and fields / behaviour may change in the future. - type: object - properties: - labels: - description: |- - Custom labels that will be applied to HTTPRoutes created by cert-manager - while solving HTTP-01 challenges. - type: object - additionalProperties: - type: string - parentRefs: - description: |- - When solving an HTTP-01 challenge, cert-manager creates an HTTPRoute. - cert-manager needs to know which parentRefs should be used when creating - the HTTPRoute. Usually, the parentRef references a Gateway. See: - https://gateway-api.sigs.k8s.io/api-types/httproute/#attaching-to-gateways - type: array - items: - description: |- - ParentReference identifies an API object (usually a Gateway) that can be considered - a parent of this resource (usually a route). There are two kinds of parent resources - with "Core" support: - - - * Gateway (Gateway conformance profile) - * Service (Mesh conformance profile, ClusterIP Services only) - - - This API may be extended in the future to support additional kinds of parent - resources. - - - The API object must be valid in the cluster; the Group and Kind must - be registered in the cluster for this reference to be valid. - type: object - required: - - name - properties: - group: - description: |- - Group is the group of the referent. - When unspecified, "gateway.networking.k8s.io" is inferred. - To set the core API group (such as for a "Service" kind referent), - Group must be explicitly set to "" (empty string). - - - Support: Core - type: string - default: gateway.networking.k8s.io - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - kind: - description: |- - Kind is kind of the referent. - - - There are two kinds of parent resources with "Core" support: - - - * Gateway (Gateway conformance profile) - * Service (Mesh conformance profile, ClusterIP Services only) - - - Support for other resources is Implementation-Specific. - type: string - default: Gateway - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - name: - description: |- - Name is the name of the referent. - - - Support: Core - type: string - maxLength: 253 - minLength: 1 - namespace: - description: |- - Namespace is the namespace of the referent. When unspecified, this refers - to the local namespace of the Route. - - - Note that there are specific rules for ParentRefs which cross namespace - boundaries. Cross-namespace references are only valid if they are explicitly - allowed by something in the namespace they are referring to. For example: - Gateway has the AllowedRoutes field, and ReferenceGrant provides a - generic way to enable any other kind of cross-namespace reference. - - - - ParentRefs from a Route to a Service in the same namespace are "producer" - routes, which apply default routing rules to inbound connections from - any namespace to the Service. - - - ParentRefs from a Route to a Service in a different namespace are - "consumer" routes, and these routing rules are only applied to outbound - connections originating from the same namespace as the Route, for which - the intended destination of the connections are a Service targeted as a - ParentRef of the Route. - - - - Support: Core - type: string - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - port: - description: |- - Port is the network port this Route targets. It can be interpreted - differently based on the type of parent resource. - - - When the parent resource is a Gateway, this targets all listeners - listening on the specified port that also support this kind of Route(and - select this Route). It's not recommended to set `Port` unless the - networking behaviors specified in a Route must apply to a specific port - as opposed to a listener(s) whose port(s) may be changed. When both Port - and SectionName are specified, the name and port of the selected listener - must match both specified values. - - - - When the parent resource is a Service, this targets a specific port in the - Service spec. When both Port (experimental) and SectionName are specified, - the name and port of the selected port must match both specified values. - - - - Implementations MAY choose to support other parent resources. - Implementations supporting other types of parent resources MUST clearly - document how/if Port is interpreted. - - - For the purpose of status, an attachment is considered successful as - long as the parent resource accepts it partially. For example, Gateway - listeners can restrict which Routes can attach to them by Route kind, - namespace, or hostname. If 1 of 2 Gateway listeners accept attachment - from the referencing Route, the Route MUST be considered successfully - attached. If no Gateway listeners accept attachment from this Route, - the Route MUST be considered detached from the Gateway. - - - Support: Extended - type: integer - format: int32 - maximum: 65535 - minimum: 1 - sectionName: - description: |- - SectionName is the name of a section within the target resource. In the - following resources, SectionName is interpreted as the following: - - - * Gateway: Listener name. When both Port (experimental) and SectionName - are specified, the name and port of the selected listener must match - both specified values. - * Service: Port name. When both Port (experimental) and SectionName - are specified, the name and port of the selected listener must match - both specified values. - - - Implementations MAY choose to support attaching Routes to other resources. - If that is the case, they MUST clearly document how SectionName is - interpreted. - - - When unspecified (empty string), this will reference the entire resource. - For the purpose of status, an attachment is considered successful if at - least one section in the parent resource accepts it. For example, Gateway - listeners can restrict which Routes can attach to them by Route kind, - namespace, or hostname. If 1 of 2 Gateway listeners accept attachment from - the referencing Route, the Route MUST be considered successfully - attached. If no Gateway listeners accept attachment from this Route, the - Route MUST be considered detached from the Gateway. - - - Support: Core - type: string - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - serviceType: - description: |- - Optional service type for Kubernetes solver service. Supported values - are NodePort or ClusterIP. If unset, defaults to NodePort. - type: string - ingress: - description: |- - The ingress based HTTP01 challenge solver will solve challenges by - creating or modifying Ingress resources in order to route requests for - '/.well-known/acme-challenge/XYZ' to 'challenge solver' pods that are - provisioned by cert-manager for each Challenge to be completed. - type: object - properties: - class: - description: |- - This field configures the annotation `kubernetes.io/ingress.class` when - creating Ingress resources to solve ACME challenges that use this - challenge solver. Only one of `class`, `name` or `ingressClassName` may - be specified. - type: string - ingressClassName: - description: |- - This field configures the field `ingressClassName` on the created Ingress - resources used to solve ACME challenges that use this challenge solver. - This is the recommended way of configuring the ingress class. Only one of - `class`, `name` or `ingressClassName` may be specified. - type: string - ingressTemplate: - description: |- - Optional ingress template used to configure the ACME challenge solver - ingress used for HTTP01 challenges. - type: object - properties: - metadata: - description: |- - ObjectMeta overrides for the ingress used to solve HTTP01 challenges. - Only the 'labels' and 'annotations' fields may be set. - If labels or annotations overlap with in-built values, the values here - will override the in-built values. - type: object - properties: - annotations: - description: Annotations that should be added to the created ACME HTTP01 solver ingress. - type: object - additionalProperties: - type: string - labels: - description: Labels that should be added to the created ACME HTTP01 solver ingress. - type: object - additionalProperties: - type: string - name: - description: |- - The name of the ingress resource that should have ACME challenge solving - routes inserted into it in order to solve HTTP01 challenges. - This is typically used in conjunction with ingress controllers like - ingress-gce, which maintains a 1:1 mapping between external IPs and - ingress resources. Only one of `class`, `name` or `ingressClassName` may - be specified. - type: string - podTemplate: - description: |- - Optional pod template used to configure the ACME challenge solver pods - used for HTTP01 challenges. - type: object - properties: - metadata: - description: |- - ObjectMeta overrides for the pod used to solve HTTP01 challenges. - Only the 'labels' and 'annotations' fields may be set. - If labels or annotations overlap with in-built values, the values here - will override the in-built values. - type: object - properties: - annotations: - description: Annotations that should be added to the create ACME HTTP01 solver pods. - type: object - additionalProperties: - type: string - labels: - description: Labels that should be added to the created ACME HTTP01 solver pods. - type: object - additionalProperties: - type: string - spec: - description: |- - PodSpec defines overrides for the HTTP01 challenge solver pod. - Check ACMEChallengeSolverHTTP01IngressPodSpec to find out currently supported fields. - All other fields will be ignored. - type: object - properties: - affinity: - description: If specified, the pod's scheduling constraints - type: object - properties: - nodeAffinity: - description: Describes node affinity scheduling rules for the pod. - type: object - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: |- - The scheduler will prefer to schedule pods to nodes that satisfy - the affinity expressions specified by this field, but it may choose - a node that violates one or more of the expressions. The node that is - most preferred is the one with the greatest sum of weights, i.e. - for each node that meets all of the scheduling requirements (resource - request, requiredDuringScheduling affinity expressions, etc.), - compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node matches the corresponding matchExpressions; the - node(s) with the highest sum are the most preferred. - type: array - items: - description: |- - An empty preferred scheduling term matches all objects with implicit weight 0 - (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). - type: object - required: - - preference - - weight - properties: - preference: - description: A node selector term, associated with the corresponding weight. - type: object - properties: - matchExpressions: - description: A list of node selector requirements by node's labels. - type: array - items: - description: |- - A node selector requirement is a selector that contains values, a key, and an operator - that relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: The label key that the selector applies to. - type: string - operator: - description: |- - Represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - type: string - values: - description: |- - An array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. If the operator is Gt or Lt, the values - array must have a single element, which will be interpreted as an integer. - This array is replaced during a strategic merge patch. - type: array - items: - type: string - x-kubernetes-list-type: atomic - x-kubernetes-list-type: atomic - matchFields: - description: A list of node selector requirements by node's fields. - type: array - items: - description: |- - A node selector requirement is a selector that contains values, a key, and an operator - that relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: The label key that the selector applies to. - type: string - operator: - description: |- - Represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - type: string - values: - description: |- - An array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. If the operator is Gt or Lt, the values - array must have a single element, which will be interpreted as an integer. - This array is replaced during a strategic merge patch. - type: array - items: - type: string - x-kubernetes-list-type: atomic - x-kubernetes-list-type: atomic - x-kubernetes-map-type: atomic - weight: - description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. - type: integer - format: int32 - x-kubernetes-list-type: atomic - requiredDuringSchedulingIgnoredDuringExecution: - description: |- - If the affinity requirements specified by this field are not met at - scheduling time, the pod will not be scheduled onto the node. - If the affinity requirements specified by this field cease to be met - at some point during pod execution (e.g. due to an update), the system - may or may not try to eventually evict the pod from its node. - type: object - required: - - nodeSelectorTerms - properties: - nodeSelectorTerms: - description: Required. A list of node selector terms. The terms are ORed. - type: array - items: - description: |- - A null or empty node selector term matches no objects. The requirements of - them are ANDed. - The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. - type: object - properties: - matchExpressions: - description: A list of node selector requirements by node's labels. - type: array - items: - description: |- - A node selector requirement is a selector that contains values, a key, and an operator - that relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: The label key that the selector applies to. - type: string - operator: - description: |- - Represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - type: string - values: - description: |- - An array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. If the operator is Gt or Lt, the values - array must have a single element, which will be interpreted as an integer. - This array is replaced during a strategic merge patch. - type: array - items: - type: string - x-kubernetes-list-type: atomic - x-kubernetes-list-type: atomic - matchFields: - description: A list of node selector requirements by node's fields. - type: array - items: - description: |- - A node selector requirement is a selector that contains values, a key, and an operator - that relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: The label key that the selector applies to. - type: string - operator: - description: |- - Represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - type: string - values: - description: |- - An array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. If the operator is Gt or Lt, the values - array must have a single element, which will be interpreted as an integer. - This array is replaced during a strategic merge patch. - type: array - items: - type: string - x-kubernetes-list-type: atomic - x-kubernetes-list-type: atomic - x-kubernetes-map-type: atomic - x-kubernetes-list-type: atomic - x-kubernetes-map-type: atomic - podAffinity: - description: Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). - type: object - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: |- - The scheduler will prefer to schedule pods to nodes that satisfy - the affinity expressions specified by this field, but it may choose - a node that violates one or more of the expressions. The node that is - most preferred is the one with the greatest sum of weights, i.e. - for each node that meets all of the scheduling requirements (resource - request, requiredDuringScheduling affinity expressions, etc.), - compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the - node(s) with the highest sum are the most preferred. - type: array - items: - description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) - type: object - required: - - podAffinityTerm - - weight - properties: - podAffinityTerm: - description: Required. A pod affinity term, associated with the corresponding weight. - type: object - required: - - topologyKey - properties: - labelSelector: - description: |- - A label query over a set of resources, in this case pods. - If it's null, this PodAffinityTerm matches with no Pods. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - type: array - items: - type: string - x-kubernetes-list-type: atomic - x-kubernetes-list-type: atomic - matchLabels: - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - additionalProperties: - type: string - x-kubernetes-map-type: atomic - matchLabelKeys: - description: |- - MatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both matchLabelKeys and labelSelector. - Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - type: array - items: - type: string - x-kubernetes-list-type: atomic - mismatchLabelKeys: - description: |- - MismatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. - Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - type: array - items: - type: string - x-kubernetes-list-type: atomic - namespaceSelector: - description: |- - A label query over the set of namespaces that the term applies to. - The term is applied to the union of the namespaces selected by this field - and the ones listed in the namespaces field. - null selector and null or empty namespaces list means "this pod's namespace". - An empty selector ({}) matches all namespaces. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - type: array - items: - type: string - x-kubernetes-list-type: atomic - x-kubernetes-list-type: atomic - matchLabels: - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - additionalProperties: - type: string - x-kubernetes-map-type: atomic - namespaces: - description: |- - namespaces specifies a static list of namespace names that the term applies to. - The term is applied to the union of the namespaces listed in this field - and the ones selected by namespaceSelector. - null or empty namespaces list and null namespaceSelector means "this pod's namespace". - type: array - items: - type: string - x-kubernetes-list-type: atomic - topologyKey: - description: |- - This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching - the labelSelector in the specified namespaces, where co-located is defined as running on a node - whose value of the label with key topologyKey matches that of any node on which any of the - selected pods is running. - Empty topologyKey is not allowed. - type: string - weight: - description: |- - weight associated with matching the corresponding podAffinityTerm, - in the range 1-100. - type: integer - format: int32 - x-kubernetes-list-type: atomic - requiredDuringSchedulingIgnoredDuringExecution: - description: |- - If the affinity requirements specified by this field are not met at - scheduling time, the pod will not be scheduled onto the node. - If the affinity requirements specified by this field cease to be met - at some point during pod execution (e.g. due to a pod label update), the - system may or may not try to eventually evict the pod from its node. - When there are multiple elements, the lists of nodes corresponding to each - podAffinityTerm are intersected, i.e. all terms must be satisfied. - type: array - items: - description: |- - Defines a set of pods (namely those matching the labelSelector - relative to the given namespace(s)) that this pod should be - co-located (affinity) or not co-located (anti-affinity) with, - where co-located is defined as running on a node whose value of - the label with key matches that of any node on which - a pod of the set of pods is running - type: object - required: - - topologyKey - properties: - labelSelector: - description: |- - A label query over a set of resources, in this case pods. - If it's null, this PodAffinityTerm matches with no Pods. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - type: array - items: - type: string - x-kubernetes-list-type: atomic - x-kubernetes-list-type: atomic - matchLabels: - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - additionalProperties: - type: string - x-kubernetes-map-type: atomic - matchLabelKeys: - description: |- - MatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both matchLabelKeys and labelSelector. - Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - type: array - items: - type: string - x-kubernetes-list-type: atomic - mismatchLabelKeys: - description: |- - MismatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. - Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - type: array - items: - type: string - x-kubernetes-list-type: atomic - namespaceSelector: - description: |- - A label query over the set of namespaces that the term applies to. - The term is applied to the union of the namespaces selected by this field - and the ones listed in the namespaces field. - null selector and null or empty namespaces list means "this pod's namespace". - An empty selector ({}) matches all namespaces. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - type: array - items: - type: string - x-kubernetes-list-type: atomic - x-kubernetes-list-type: atomic - matchLabels: - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - additionalProperties: - type: string - x-kubernetes-map-type: atomic - namespaces: - description: |- - namespaces specifies a static list of namespace names that the term applies to. - The term is applied to the union of the namespaces listed in this field - and the ones selected by namespaceSelector. - null or empty namespaces list and null namespaceSelector means "this pod's namespace". - type: array - items: - type: string - x-kubernetes-list-type: atomic - topologyKey: - description: |- - This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching - the labelSelector in the specified namespaces, where co-located is defined as running on a node - whose value of the label with key topologyKey matches that of any node on which any of the - selected pods is running. - Empty topologyKey is not allowed. - type: string - x-kubernetes-list-type: atomic - podAntiAffinity: - description: Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). - type: object - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: |- - The scheduler will prefer to schedule pods to nodes that satisfy - the anti-affinity expressions specified by this field, but it may choose - a node that violates one or more of the expressions. The node that is - most preferred is the one with the greatest sum of weights, i.e. - for each node that meets all of the scheduling requirements (resource - request, requiredDuringScheduling anti-affinity expressions, etc.), - compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the - node(s) with the highest sum are the most preferred. - type: array - items: - description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) - type: object - required: - - podAffinityTerm - - weight - properties: - podAffinityTerm: - description: Required. A pod affinity term, associated with the corresponding weight. - type: object - required: - - topologyKey - properties: - labelSelector: - description: |- - A label query over a set of resources, in this case pods. - If it's null, this PodAffinityTerm matches with no Pods. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - type: array - items: - type: string - x-kubernetes-list-type: atomic - x-kubernetes-list-type: atomic - matchLabels: - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - additionalProperties: - type: string - x-kubernetes-map-type: atomic - matchLabelKeys: - description: |- - MatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both matchLabelKeys and labelSelector. - Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - type: array - items: - type: string - x-kubernetes-list-type: atomic - mismatchLabelKeys: - description: |- - MismatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. - Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - type: array - items: - type: string - x-kubernetes-list-type: atomic - namespaceSelector: - description: |- - A label query over the set of namespaces that the term applies to. - The term is applied to the union of the namespaces selected by this field - and the ones listed in the namespaces field. - null selector and null or empty namespaces list means "this pod's namespace". - An empty selector ({}) matches all namespaces. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - type: array - items: - type: string - x-kubernetes-list-type: atomic - x-kubernetes-list-type: atomic - matchLabels: - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - additionalProperties: - type: string - x-kubernetes-map-type: atomic - namespaces: - description: |- - namespaces specifies a static list of namespace names that the term applies to. - The term is applied to the union of the namespaces listed in this field - and the ones selected by namespaceSelector. - null or empty namespaces list and null namespaceSelector means "this pod's namespace". - type: array - items: - type: string - x-kubernetes-list-type: atomic - topologyKey: - description: |- - This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching - the labelSelector in the specified namespaces, where co-located is defined as running on a node - whose value of the label with key topologyKey matches that of any node on which any of the - selected pods is running. - Empty topologyKey is not allowed. - type: string - weight: - description: |- - weight associated with matching the corresponding podAffinityTerm, - in the range 1-100. - type: integer - format: int32 - x-kubernetes-list-type: atomic - requiredDuringSchedulingIgnoredDuringExecution: - description: |- - If the anti-affinity requirements specified by this field are not met at - scheduling time, the pod will not be scheduled onto the node. - If the anti-affinity requirements specified by this field cease to be met - at some point during pod execution (e.g. due to a pod label update), the - system may or may not try to eventually evict the pod from its node. - When there are multiple elements, the lists of nodes corresponding to each - podAffinityTerm are intersected, i.e. all terms must be satisfied. - type: array - items: - description: |- - Defines a set of pods (namely those matching the labelSelector - relative to the given namespace(s)) that this pod should be - co-located (affinity) or not co-located (anti-affinity) with, - where co-located is defined as running on a node whose value of - the label with key matches that of any node on which - a pod of the set of pods is running - type: object - required: - - topologyKey - properties: - labelSelector: - description: |- - A label query over a set of resources, in this case pods. - If it's null, this PodAffinityTerm matches with no Pods. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - type: array - items: - type: string - x-kubernetes-list-type: atomic - x-kubernetes-list-type: atomic - matchLabels: - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - additionalProperties: - type: string - x-kubernetes-map-type: atomic - matchLabelKeys: - description: |- - MatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both matchLabelKeys and labelSelector. - Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - type: array - items: - type: string - x-kubernetes-list-type: atomic - mismatchLabelKeys: - description: |- - MismatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. - Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - type: array - items: - type: string - x-kubernetes-list-type: atomic - namespaceSelector: - description: |- - A label query over the set of namespaces that the term applies to. - The term is applied to the union of the namespaces selected by this field - and the ones listed in the namespaces field. - null selector and null or empty namespaces list means "this pod's namespace". - An empty selector ({}) matches all namespaces. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - type: array - items: - type: string - x-kubernetes-list-type: atomic - x-kubernetes-list-type: atomic - matchLabels: - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - additionalProperties: - type: string - x-kubernetes-map-type: atomic - namespaces: - description: |- - namespaces specifies a static list of namespace names that the term applies to. - The term is applied to the union of the namespaces listed in this field - and the ones selected by namespaceSelector. - null or empty namespaces list and null namespaceSelector means "this pod's namespace". - type: array - items: - type: string - x-kubernetes-list-type: atomic - topologyKey: - description: |- - This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching - the labelSelector in the specified namespaces, where co-located is defined as running on a node - whose value of the label with key topologyKey matches that of any node on which any of the - selected pods is running. - Empty topologyKey is not allowed. - type: string - x-kubernetes-list-type: atomic - imagePullSecrets: - description: If specified, the pod's imagePullSecrets - type: array - items: - description: |- - LocalObjectReference contains enough information to let you locate the - referenced object inside the same namespace. - type: object - properties: - name: - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - TODO: Add other useful fields. apiVersion, kind, uid? - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. - type: string - default: "" - x-kubernetes-map-type: atomic - nodeSelector: - description: |- - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that node. - More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ - type: object - additionalProperties: - type: string - priorityClassName: - description: If specified, the pod's priorityClassName. - type: string - serviceAccountName: - description: If specified, the pod's service account - type: string - tolerations: - description: If specified, the pod's tolerations. - type: array - items: - description: |- - The pod this Toleration is attached to tolerates any taint that matches - the triple using the matching operator . - type: object - properties: - effect: - description: |- - Effect indicates the taint effect to match. Empty means match all taint effects. - When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: |- - Key is the taint key that the toleration applies to. Empty means match all taint keys. - If the key is empty, operator must be Exists; this combination means to match all values and all keys. - type: string - operator: - description: |- - Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod can - tolerate all taints of a particular category. - type: string - tolerationSeconds: - description: |- - TolerationSeconds represents the period of time the toleration (which must be - of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, - it is not set, which means tolerate the taint forever (do not evict). Zero and - negative values will be treated as 0 (evict immediately) by the system. - type: integer - format: int64 - value: - description: |- - Value is the taint value the toleration matches to. - If the operator is Exists, the value should be empty, otherwise just a regular string. - type: string - serviceType: - description: |- - Optional service type for Kubernetes solver service. Supported values - are NodePort or ClusterIP. If unset, defaults to NodePort. - type: string - selector: - description: |- - Selector selects a set of DNSNames on the Certificate resource that - should be solved using this challenge solver. - If not specified, the solver will be treated as the 'default' solver - with the lowest priority, i.e. if any other solver has a more specific - match, it will be used instead. - type: object - properties: - dnsNames: - description: |- - List of DNSNames that this solver will be used to solve. - If specified and a match is found, a dnsNames selector will take - precedence over a dnsZones selector. - If multiple solvers match with the same dnsNames value, the solver - with the most matching labels in matchLabels will be selected. - If neither has more matches, the solver defined earlier in the list - will be selected. - type: array - items: - type: string - dnsZones: - description: |- - List of DNSZones that this solver will be used to solve. - The most specific DNS zone match specified here will take precedence - over other DNS zone matches, so a solver specifying sys.example.com - will be selected over one specifying example.com for the domain - www.sys.example.com. - If multiple solvers match with the same dnsZones value, the solver - with the most matching labels in matchLabels will be selected. - If neither has more matches, the solver defined earlier in the list - will be selected. - type: array - items: - type: string - matchLabels: - description: |- - A label selector that is used to refine the set of certificate's that - this challenge solver will apply to. - type: object - additionalProperties: - type: string - ca: - description: |- - CA configures this issuer to sign certificates using a signing CA keypair - stored in a Secret resource. - This is used to build internal PKIs that are managed by cert-manager. - type: object - required: - - secretName - properties: - crlDistributionPoints: - description: |- - The CRL distribution points is an X.509 v3 certificate extension which identifies - the location of the CRL from which the revocation of this certificate can be checked. - If not set, certificates will be issued without distribution points set. - type: array - items: - type: string - issuingCertificateURLs: - description: |- - IssuingCertificateURLs is a list of URLs which this issuer should embed into certificates - it creates. See https://www.rfc-editor.org/rfc/rfc5280#section-4.2.2.1 for more details. - As an example, such a URL might be "http://ca.domain.com/ca.crt". - type: array - items: - type: string - ocspServers: - description: |- - The OCSP server list is an X.509 v3 extension that defines a list of - URLs of OCSP responders. The OCSP responders can be queried for the - revocation status of an issued certificate. If not set, the - certificate will be issued with no OCSP servers set. For example, an - OCSP server URL could be "http://ocsp.int-x3.letsencrypt.org". - type: array - items: - type: string - secretName: - description: |- - SecretName is the name of the secret used to sign Certificates issued - by this Issuer. - type: string - selfSigned: - description: |- - SelfSigned configures this issuer to 'self sign' certificates using the - private key used to create the CertificateRequest object. - type: object - properties: - crlDistributionPoints: - description: |- - The CRL distribution points is an X.509 v3 certificate extension which identifies - the location of the CRL from which the revocation of this certificate can be checked. - If not set certificate will be issued without CDP. Values are strings. - type: array - items: - type: string - vault: - description: |- - Vault configures this issuer to sign certificates using a HashiCorp Vault - PKI backend. - type: object - required: - - auth - - path - - server - properties: - auth: - description: Auth configures how cert-manager authenticates with the Vault server. - type: object - properties: - appRole: - description: |- - AppRole authenticates with Vault using the App Role auth mechanism, - with the role and secret stored in a Kubernetes Secret resource. - type: object - required: - - path - - roleId - - secretRef - properties: - path: - description: |- - Path where the App Role authentication backend is mounted in Vault, e.g: - "approle" - type: string - roleId: - description: |- - RoleID configured in the App Role authentication backend when setting - up the authentication backend in Vault. - type: string - secretRef: - description: |- - Reference to a key in a Secret that contains the App Role secret used - to authenticate with Vault. - The `key` field must be specified and denotes which entry within the Secret - resource is used as the app role secret. - type: object - required: - - name - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. - Some instances of this field may be defaulted, in others it may be - required. - type: string - name: - description: |- - Name of the resource being referred to. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - kubernetes: - description: |- - Kubernetes authenticates with Vault by passing the ServiceAccount - token stored in the named Secret resource to the Vault server. - type: object - required: - - role - properties: - mountPath: - description: |- - The Vault mountPath here is the mount path to use when authenticating with - Vault. For example, setting a value to `/v1/auth/foo`, will use the path - `/v1/auth/foo/login` to authenticate with Vault. If unspecified, the - default value "/v1/auth/kubernetes" will be used. - type: string - role: - description: |- - A required field containing the Vault Role to assume. A Role binds a - Kubernetes ServiceAccount with a set of Vault policies. - type: string - secretRef: - description: |- - The required Secret field containing a Kubernetes ServiceAccount JWT used - for authenticating with Vault. Use of 'ambient credentials' is not - supported. - type: object - required: - - name - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. - Some instances of this field may be defaulted, in others it may be - required. - type: string - name: - description: |- - Name of the resource being referred to. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - serviceAccountRef: - description: |- - A reference to a service account that will be used to request a bound - token (also known as "projected token"). Compared to using "secretRef", - using this field means that you don't rely on statically bound tokens. To - use this field, you must configure an RBAC rule to let cert-manager - request a token. - type: object - required: - - name - properties: - audiences: - description: |- - TokenAudiences is an optional list of extra audiences to include in the token passed to Vault. The default token - consisting of the issuer's namespace and name is always included. - type: array - items: - type: string - name: - description: Name of the ServiceAccount used to request a token. - type: string - tokenSecretRef: - description: TokenSecretRef authenticates with Vault by presenting a token. - type: object - required: - - name - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. - Some instances of this field may be defaulted, in others it may be - required. - type: string - name: - description: |- - Name of the resource being referred to. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - caBundle: - description: |- - Base64-encoded bundle of PEM CAs which will be used to validate the certificate - chain presented by Vault. Only used if using HTTPS to connect to Vault and - ignored for HTTP connections. - Mutually exclusive with CABundleSecretRef. - If neither CABundle nor CABundleSecretRef are defined, the certificate bundle in - the cert-manager controller container is used to validate the TLS connection. - type: string - format: byte - caBundleSecretRef: - description: |- - Reference to a Secret containing a bundle of PEM-encoded CAs to use when - verifying the certificate chain presented by Vault when using HTTPS. - Mutually exclusive with CABundle. - If neither CABundle nor CABundleSecretRef are defined, the certificate bundle in - the cert-manager controller container is used to validate the TLS connection. - If no key for the Secret is specified, cert-manager will default to 'ca.crt'. - type: object - required: - - name - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. - Some instances of this field may be defaulted, in others it may be - required. - type: string - name: - description: |- - Name of the resource being referred to. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - clientCertSecretRef: - description: |- - Reference to a Secret containing a PEM-encoded Client Certificate to use when the - Vault server requires mTLS. - type: object - required: - - name - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. - Some instances of this field may be defaulted, in others it may be - required. - type: string - name: - description: |- - Name of the resource being referred to. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - clientKeySecretRef: - description: |- - Reference to a Secret containing a PEM-encoded Client Private Key to use when the - Vault server requires mTLS. - type: object - required: - - name - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. - Some instances of this field may be defaulted, in others it may be - required. - type: string - name: - description: |- - Name of the resource being referred to. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - namespace: - description: |- - Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows Vault environments to support Secure Multi-tenancy. e.g: "ns1" - More about namespaces can be found here https://www.vaultproject.io/docs/enterprise/namespaces - type: string - path: - description: |- - Path is the mount path of the Vault PKI backend's `sign` endpoint, e.g: - "my_pki_mount/sign/my-role-name". - type: string - server: - description: 'Server is the connection address for the Vault server, e.g: "https://vault.example.com:8200".' - type: string - venafi: - description: |- - Venafi configures this issuer to sign certificates using a Venafi TPP - or Venafi Cloud policy zone. - type: object - required: - - zone - properties: - cloud: - description: |- - Cloud specifies the Venafi cloud configuration settings. - Only one of TPP or Cloud may be specified. - type: object - required: - - apiTokenSecretRef - properties: - apiTokenSecretRef: - description: APITokenSecretRef is a secret key selector for the Venafi Cloud API token. - type: object - required: - - name - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. - Some instances of this field may be defaulted, in others it may be - required. - type: string - name: - description: |- - Name of the resource being referred to. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - url: - description: |- - URL is the base URL for Venafi Cloud. - Defaults to "https://api.venafi.cloud/v1". - type: string - tpp: - description: |- - TPP specifies Trust Protection Platform configuration settings. - Only one of TPP or Cloud may be specified. - type: object - required: - - credentialsRef - - url - properties: - caBundle: - description: |- - Base64-encoded bundle of PEM CAs which will be used to validate the certificate - chain presented by the TPP server. Only used if using HTTPS; ignored for HTTP. - If undefined, the certificate bundle in the cert-manager controller container - is used to validate the chain. - type: string - format: byte - credentialsRef: - description: |- - CredentialsRef is a reference to a Secret containing the username and - password for the TPP server. - The secret must contain two keys, 'username' and 'password'. - type: object - required: - - name - properties: - name: - description: |- - Name of the resource being referred to. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - url: - description: |- - URL is the base URL for the vedsdk endpoint of the Venafi TPP instance, - for example: "https://tpp.example.com/vedsdk". - type: string - zone: - description: |- - Zone is the Venafi Policy Zone to use for this issuer. - All requests made to the Venafi platform will be restricted by the named - zone policy. - This field is required. - type: string - status: - description: Status of the ClusterIssuer. This is set and managed automatically. - type: object - properties: - acme: - description: |- - ACME specific status options. - This field should only be set if the Issuer is configured to use an ACME - server to issue certificates. - type: object - properties: - lastPrivateKeyHash: - description: |- - LastPrivateKeyHash is a hash of the private key associated with the latest - registered ACME account, in order to track changes made to registered account - associated with the Issuer - type: string - lastRegisteredEmail: - description: |- - LastRegisteredEmail is the email associated with the latest registered - ACME account, in order to track changes made to registered account - associated with the Issuer - type: string - uri: - description: |- - URI is the unique account identifier, which can also be used to retrieve - account details from the CA - type: string - conditions: - description: |- - List of status conditions to indicate the status of a CertificateRequest. - Known condition types are `Ready`. - type: array - items: - description: IssuerCondition contains condition information for an Issuer. - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: |- - LastTransitionTime is the timestamp corresponding to the last status - change of this condition. - type: string - format: date-time - message: - description: |- - Message is a human readable description of the details of the last - transition, complementing reason. - type: string - observedGeneration: - description: |- - If set, this represents the .metadata.generation that the condition was - set based upon. - For instance, if .metadata.generation is currently 12, but the - .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the Issuer. - type: integer - format: int64 - reason: - description: |- - Reason is a brief machine readable explanation for the condition's last - transition. - type: string - status: - description: Status of the condition, one of (`True`, `False`, `Unknown`). - type: string - enum: - - "True" - - "False" - - Unknown - type: - description: Type of the condition, known values are (`Ready`). - type: string - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - served: true - storage: true - -# END crd {{- end }} - ---- -# START crd {{- if or .Values.crds.enabled .Values.installCRDs }} -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: issuers.cert-manager.io - # START annotations {{- if .Values.crds.keep }} - annotations: - helm.sh/resource-policy: keep - # END annotations {{- end }} - labels: - app: '{{ template "cert-manager.name" . }}' - app.kubernetes.io/name: '{{ template "cert-manager.name" . }}' - app.kubernetes.io/instance: '{{ .Release.Name }}' - app.kubernetes.io/component: "crds" - # Generated labels {{- include "labels" . | nindent 4 }} -spec: - group: cert-manager.io - names: - kind: Issuer - listKind: IssuerList - plural: issuers - singular: issuer - categories: - - cert-manager - scope: Namespaced - versions: - - name: v1 - subresources: - status: {} - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - priority: 1 - type: string - - jsonPath: .metadata.creationTimestamp - description: CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. - name: Age - type: date - schema: - openAPIV3Schema: - description: |- - An Issuer represents a certificate issuing authority which can be - referenced as part of `issuerRef` fields. - It is scoped to a single namespace and can therefore only be referenced by - resources within the same namespace. - type: object - required: - - spec - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: Desired state of the Issuer resource. - type: object - properties: - acme: - description: |- - ACME configures this issuer to communicate with a RFC8555 (ACME) server - to obtain signed x509 certificates. - type: object - required: - - privateKeySecretRef - - server - properties: - caBundle: - description: |- - Base64-encoded bundle of PEM CAs which can be used to validate the certificate - chain presented by the ACME server. - Mutually exclusive with SkipTLSVerify; prefer using CABundle to prevent various - kinds of security vulnerabilities. - If CABundle and SkipTLSVerify are unset, the system certificate bundle inside - the container is used to validate the TLS connection. - type: string - format: byte - disableAccountKeyGeneration: - description: |- - Enables or disables generating a new ACME account key. - If true, the Issuer resource will *not* request a new account but will expect - the account key to be supplied via an existing secret. - If false, the cert-manager system will generate a new ACME account key - for the Issuer. - Defaults to false. - type: boolean - email: - description: |- - Email is the email address to be associated with the ACME account. - This field is optional, but it is strongly recommended to be set. - It will be used to contact you in case of issues with your account or - certificates, including expiry notification emails. - This field may be updated after the account is initially registered. - type: string - enableDurationFeature: - description: |- - Enables requesting a Not After date on certificates that matches the - duration of the certificate. This is not supported by all ACME servers - like Let's Encrypt. If set to true when the ACME server does not support - it, it will create an error on the Order. - Defaults to false. - type: boolean - externalAccountBinding: - description: |- - ExternalAccountBinding is a reference to a CA external account of the ACME - server. - If set, upon registration cert-manager will attempt to associate the given - external account credentials with the registered ACME account. - type: object - required: - - keyID - - keySecretRef - properties: - keyAlgorithm: - description: |- - Deprecated: keyAlgorithm field exists for historical compatibility - reasons and should not be used. The algorithm is now hardcoded to HS256 - in golang/x/crypto/acme. - type: string - enum: - - HS256 - - HS384 - - HS512 - keyID: - description: keyID is the ID of the CA key that the External Account is bound to. - type: string - keySecretRef: - description: |- - keySecretRef is a Secret Key Selector referencing a data item in a Kubernetes - Secret which holds the symmetric MAC key of the External Account Binding. - The `key` is the index string that is paired with the key data in the - Secret and should not be confused with the key data itself, or indeed with - the External Account Binding keyID above. - The secret key stored in the Secret **must** be un-padded, base64 URL - encoded data. - type: object - required: - - name - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. - Some instances of this field may be defaulted, in others it may be - required. - type: string - name: - description: |- - Name of the resource being referred to. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - preferredChain: - description: |- - PreferredChain is the chain to use if the ACME server outputs multiple. - PreferredChain is no guarantee that this one gets delivered by the ACME - endpoint. - For example, for Let's Encrypt's DST crosssign you would use: - "DST Root CA X3" or "ISRG Root X1" for the newer Let's Encrypt root CA. - This value picks the first certificate bundle in the combined set of - ACME default and alternative chains that has a root-most certificate with - this value as its issuer's commonname. - type: string - maxLength: 64 - privateKeySecretRef: - description: |- - PrivateKey is the name of a Kubernetes Secret resource that will be used to - store the automatically generated ACME account private key. - Optionally, a `key` may be specified to select a specific entry within - the named Secret resource. - If `key` is not specified, a default of `tls.key` will be used. - type: object - required: - - name - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. - Some instances of this field may be defaulted, in others it may be - required. - type: string - name: - description: |- - Name of the resource being referred to. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - server: - description: |- - Server is the URL used to access the ACME server's 'directory' endpoint. - For example, for Let's Encrypt's staging endpoint, you would use: - "https://acme-staging-v02.api.letsencrypt.org/directory". - Only ACME v2 endpoints (i.e. RFC 8555) are supported. - type: string - skipTLSVerify: - description: |- - INSECURE: Enables or disables validation of the ACME server TLS certificate. - If true, requests to the ACME server will not have the TLS certificate chain - validated. - Mutually exclusive with CABundle; prefer using CABundle to prevent various - kinds of security vulnerabilities. - Only enable this option in development environments. - If CABundle and SkipTLSVerify are unset, the system certificate bundle inside - the container is used to validate the TLS connection. - Defaults to false. - type: boolean - solvers: - description: |- - Solvers is a list of challenge solvers that will be used to solve - ACME challenges for the matching domains. - Solver configurations must be provided in order to obtain certificates - from an ACME server. - For more information, see: https://cert-manager.io/docs/configuration/acme/ - type: array - items: - description: |- - An ACMEChallengeSolver describes how to solve ACME challenges for the issuer it is part of. - A selector may be provided to use different solving strategies for different DNS names. - Only one of HTTP01 or DNS01 must be provided. - type: object - properties: - dns01: - description: |- - Configures cert-manager to attempt to complete authorizations by - performing the DNS01 challenge flow. - type: object - properties: - acmeDNS: - description: |- - Use the 'ACME DNS' (https://github.com/joohoi/acme-dns) API to manage - DNS01 challenge records. - type: object - required: - - accountSecretRef - - host - properties: - accountSecretRef: - description: |- - A reference to a specific 'key' within a Secret resource. - In some instances, `key` is a required field. - type: object - required: - - name - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. - Some instances of this field may be defaulted, in others it may be - required. - type: string - name: - description: |- - Name of the resource being referred to. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - host: - type: string - akamai: - description: Use the Akamai DNS zone management API to manage DNS01 challenge records. - type: object - required: - - accessTokenSecretRef - - clientSecretSecretRef - - clientTokenSecretRef - - serviceConsumerDomain - properties: - accessTokenSecretRef: - description: |- - A reference to a specific 'key' within a Secret resource. - In some instances, `key` is a required field. - type: object - required: - - name - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. - Some instances of this field may be defaulted, in others it may be - required. - type: string - name: - description: |- - Name of the resource being referred to. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - clientSecretSecretRef: - description: |- - A reference to a specific 'key' within a Secret resource. - In some instances, `key` is a required field. - type: object - required: - - name - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. - Some instances of this field may be defaulted, in others it may be - required. - type: string - name: - description: |- - Name of the resource being referred to. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - clientTokenSecretRef: - description: |- - A reference to a specific 'key' within a Secret resource. - In some instances, `key` is a required field. - type: object - required: - - name - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. - Some instances of this field may be defaulted, in others it may be - required. - type: string - name: - description: |- - Name of the resource being referred to. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - serviceConsumerDomain: - type: string - azureDNS: - description: Use the Microsoft Azure DNS API to manage DNS01 challenge records. - type: object - required: - - resourceGroupName - - subscriptionID - properties: - clientID: - description: |- - Auth: Azure Service Principal: - The ClientID of the Azure Service Principal used to authenticate with Azure DNS. - If set, ClientSecret and TenantID must also be set. - type: string - clientSecretSecretRef: - description: |- - Auth: Azure Service Principal: - A reference to a Secret containing the password associated with the Service Principal. - If set, ClientID and TenantID must also be set. - type: object - required: - - name - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. - Some instances of this field may be defaulted, in others it may be - required. - type: string - name: - description: |- - Name of the resource being referred to. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - environment: - description: name of the Azure environment (default AzurePublicCloud) - type: string - enum: - - AzurePublicCloud - - AzureChinaCloud - - AzureGermanCloud - - AzureUSGovernmentCloud - hostedZoneName: - description: name of the DNS zone that should be used - type: string - managedIdentity: - description: |- - Auth: Azure Workload Identity or Azure Managed Service Identity: - Settings to enable Azure Workload Identity or Azure Managed Service Identity - If set, ClientID, ClientSecret and TenantID must not be set. - type: object - properties: - clientID: - description: client ID of the managed identity, can not be used at the same time as resourceID - type: string - resourceID: - description: |- - resource ID of the managed identity, can not be used at the same time as clientID - Cannot be used for Azure Managed Service Identity - type: string - resourceGroupName: - description: resource group the DNS zone is located in - type: string - subscriptionID: - description: ID of the Azure subscription - type: string - tenantID: - description: |- - Auth: Azure Service Principal: - The TenantID of the Azure Service Principal used to authenticate with Azure DNS. - If set, ClientID and ClientSecret must also be set. - type: string - cloudDNS: - description: Use the Google Cloud DNS API to manage DNS01 challenge records. - type: object - required: - - project - properties: - hostedZoneName: - description: |- - HostedZoneName is an optional field that tells cert-manager in which - Cloud DNS zone the challenge record has to be created. - If left empty cert-manager will automatically choose a zone. - type: string - project: - type: string - serviceAccountSecretRef: - description: |- - A reference to a specific 'key' within a Secret resource. - In some instances, `key` is a required field. - type: object - required: - - name - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. - Some instances of this field may be defaulted, in others it may be - required. - type: string - name: - description: |- - Name of the resource being referred to. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - cloudflare: - description: Use the Cloudflare API to manage DNS01 challenge records. - type: object - properties: - apiKeySecretRef: - description: |- - API key to use to authenticate with Cloudflare. - Note: using an API token to authenticate is now the recommended method - as it allows greater control of permissions. - type: object - required: - - name - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. - Some instances of this field may be defaulted, in others it may be - required. - type: string - name: - description: |- - Name of the resource being referred to. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - apiTokenSecretRef: - description: API token used to authenticate with Cloudflare. - type: object - required: - - name - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. - Some instances of this field may be defaulted, in others it may be - required. - type: string - name: - description: |- - Name of the resource being referred to. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - email: - description: Email of the account, only required when using API key based authentication. - type: string - cnameStrategy: - description: |- - CNAMEStrategy configures how the DNS01 provider should handle CNAME - records when found in DNS zones. - type: string - enum: - - None - - Follow - digitalocean: - description: Use the DigitalOcean DNS API to manage DNS01 challenge records. - type: object - required: - - tokenSecretRef - properties: - tokenSecretRef: - description: |- - A reference to a specific 'key' within a Secret resource. - In some instances, `key` is a required field. - type: object - required: - - name - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. - Some instances of this field may be defaulted, in others it may be - required. - type: string - name: - description: |- - Name of the resource being referred to. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - rfc2136: - description: |- - Use RFC2136 ("Dynamic Updates in the Domain Name System") (https://datatracker.ietf.org/doc/rfc2136/) - to manage DNS01 challenge records. - type: object - required: - - nameserver - properties: - nameserver: - description: |- - The IP address or hostname of an authoritative DNS server supporting - RFC2136 in the form host:port. If the host is an IPv6 address it must be - enclosed in square brackets (e.g [2001:db8::1]) ; port is optional. - This field is required. - type: string - tsigAlgorithm: - description: |- - The TSIG Algorithm configured in the DNS supporting RFC2136. Used only - when ``tsigSecretSecretRef`` and ``tsigKeyName`` are defined. - Supported values are (case-insensitive): ``HMACMD5`` (default), - ``HMACSHA1``, ``HMACSHA256`` or ``HMACSHA512``. - type: string - tsigKeyName: - description: |- - The TSIG Key name configured in the DNS. - If ``tsigSecretSecretRef`` is defined, this field is required. - type: string - tsigSecretSecretRef: - description: |- - The name of the secret containing the TSIG value. - If ``tsigKeyName`` is defined, this field is required. - type: object - required: - - name - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. - Some instances of this field may be defaulted, in others it may be - required. - type: string - name: - description: |- - Name of the resource being referred to. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - route53: - description: Use the AWS Route53 API to manage DNS01 challenge records. - type: object - required: - - region - properties: - accessKeyID: - description: |- - The AccessKeyID is used for authentication. - Cannot be set when SecretAccessKeyID is set. - If neither the Access Key nor Key ID are set, we fall-back to using env - vars, shared credentials file or AWS Instance metadata, - see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials - type: string - accessKeyIDSecretRef: - description: |- - The SecretAccessKey is used for authentication. If set, pull the AWS - access key ID from a key within a Kubernetes Secret. - Cannot be set when AccessKeyID is set. - If neither the Access Key nor Key ID are set, we fall-back to using env - vars, shared credentials file or AWS Instance metadata, - see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials - type: object - required: - - name - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. - Some instances of this field may be defaulted, in others it may be - required. - type: string - name: - description: |- - Name of the resource being referred to. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - auth: - description: Auth configures how cert-manager authenticates. - type: object - required: - - kubernetes - properties: - kubernetes: - description: |- - Kubernetes authenticates with Route53 using AssumeRoleWithWebIdentity - by passing a bound ServiceAccount token. - type: object - required: - - serviceAccountRef - properties: - serviceAccountRef: - description: |- - A reference to a service account that will be used to request a bound - token (also known as "projected token"). To use this field, you must - configure an RBAC rule to let cert-manager request a token. - type: object - required: - - name - properties: - audiences: - description: |- - TokenAudiences is an optional list of audiences to include in the - token passed to AWS. The default token consisting of the issuer's namespace - and name is always included. - If unset the audience defaults to `sts.amazonaws.com`. - type: array - items: - type: string - name: - description: Name of the ServiceAccount used to request a token. - type: string - hostedZoneID: - description: If set, the provider will manage only this zone in Route53 and will not do an lookup using the route53:ListHostedZonesByName api call. - type: string - region: - description: Always set the region when using AccessKeyID and SecretAccessKey - type: string - role: - description: |- - Role is a Role ARN which the Route53 provider will assume using either the explicit credentials AccessKeyID/SecretAccessKey - or the inferred credentials from environment variables, shared credentials file or AWS Instance metadata - type: string - secretAccessKeySecretRef: - description: |- - The SecretAccessKey is used for authentication. - If neither the Access Key nor Key ID are set, we fall-back to using env - vars, shared credentials file or AWS Instance metadata, - see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials - type: object - required: - - name - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. - Some instances of this field may be defaulted, in others it may be - required. - type: string - name: - description: |- - Name of the resource being referred to. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - webhook: - description: |- - Configure an external webhook based DNS01 challenge solver to manage - DNS01 challenge records. - type: object - required: - - groupName - - solverName - properties: - config: - description: |- - Additional configuration that should be passed to the webhook apiserver - when challenges are processed. - This can contain arbitrary JSON data. - Secret values should not be specified in this stanza. - If secret values are needed (e.g. credentials for a DNS service), you - should use a SecretKeySelector to reference a Secret resource. - For details on the schema of this field, consult the webhook provider - implementation's documentation. - x-kubernetes-preserve-unknown-fields: true - groupName: - description: |- - The API group name that should be used when POSTing ChallengePayload - resources to the webhook apiserver. - This should be the same as the GroupName specified in the webhook - provider implementation. - type: string - solverName: - description: |- - The name of the solver to use, as defined in the webhook provider - implementation. - This will typically be the name of the provider, e.g. 'cloudflare'. - type: string - http01: - description: |- - Configures cert-manager to attempt to complete authorizations by - performing the HTTP01 challenge flow. - It is not possible to obtain certificates for wildcard domain names - (e.g. `*.example.com`) using the HTTP01 challenge mechanism. - type: object - properties: - gatewayHTTPRoute: - description: |- - The Gateway API is a sig-network community API that models service networking - in Kubernetes (https://gateway-api.sigs.k8s.io/). The Gateway solver will - create HTTPRoutes with the specified labels in the same namespace as the challenge. - This solver is experimental, and fields / behaviour may change in the future. - type: object - properties: - labels: - description: |- - Custom labels that will be applied to HTTPRoutes created by cert-manager - while solving HTTP-01 challenges. - type: object - additionalProperties: - type: string - parentRefs: - description: |- - When solving an HTTP-01 challenge, cert-manager creates an HTTPRoute. - cert-manager needs to know which parentRefs should be used when creating - the HTTPRoute. Usually, the parentRef references a Gateway. See: - https://gateway-api.sigs.k8s.io/api-types/httproute/#attaching-to-gateways - type: array - items: - description: |- - ParentReference identifies an API object (usually a Gateway) that can be considered - a parent of this resource (usually a route). There are two kinds of parent resources - with "Core" support: - - - * Gateway (Gateway conformance profile) - * Service (Mesh conformance profile, ClusterIP Services only) - - - This API may be extended in the future to support additional kinds of parent - resources. - - - The API object must be valid in the cluster; the Group and Kind must - be registered in the cluster for this reference to be valid. - type: object - required: - - name - properties: - group: - description: |- - Group is the group of the referent. - When unspecified, "gateway.networking.k8s.io" is inferred. - To set the core API group (such as for a "Service" kind referent), - Group must be explicitly set to "" (empty string). - - - Support: Core - type: string - default: gateway.networking.k8s.io - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - kind: - description: |- - Kind is kind of the referent. - - - There are two kinds of parent resources with "Core" support: - - - * Gateway (Gateway conformance profile) - * Service (Mesh conformance profile, ClusterIP Services only) - - - Support for other resources is Implementation-Specific. - type: string - default: Gateway - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - name: - description: |- - Name is the name of the referent. - - - Support: Core - type: string - maxLength: 253 - minLength: 1 - namespace: - description: |- - Namespace is the namespace of the referent. When unspecified, this refers - to the local namespace of the Route. - - - Note that there are specific rules for ParentRefs which cross namespace - boundaries. Cross-namespace references are only valid if they are explicitly - allowed by something in the namespace they are referring to. For example: - Gateway has the AllowedRoutes field, and ReferenceGrant provides a - generic way to enable any other kind of cross-namespace reference. - - - - ParentRefs from a Route to a Service in the same namespace are "producer" - routes, which apply default routing rules to inbound connections from - any namespace to the Service. - - - ParentRefs from a Route to a Service in a different namespace are - "consumer" routes, and these routing rules are only applied to outbound - connections originating from the same namespace as the Route, for which - the intended destination of the connections are a Service targeted as a - ParentRef of the Route. - - - - Support: Core - type: string - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - port: - description: |- - Port is the network port this Route targets. It can be interpreted - differently based on the type of parent resource. - - - When the parent resource is a Gateway, this targets all listeners - listening on the specified port that also support this kind of Route(and - select this Route). It's not recommended to set `Port` unless the - networking behaviors specified in a Route must apply to a specific port - as opposed to a listener(s) whose port(s) may be changed. When both Port - and SectionName are specified, the name and port of the selected listener - must match both specified values. - - - - When the parent resource is a Service, this targets a specific port in the - Service spec. When both Port (experimental) and SectionName are specified, - the name and port of the selected port must match both specified values. - - - - Implementations MAY choose to support other parent resources. - Implementations supporting other types of parent resources MUST clearly - document how/if Port is interpreted. - - - For the purpose of status, an attachment is considered successful as - long as the parent resource accepts it partially. For example, Gateway - listeners can restrict which Routes can attach to them by Route kind, - namespace, or hostname. If 1 of 2 Gateway listeners accept attachment - from the referencing Route, the Route MUST be considered successfully - attached. If no Gateway listeners accept attachment from this Route, - the Route MUST be considered detached from the Gateway. - - - Support: Extended - type: integer - format: int32 - maximum: 65535 - minimum: 1 - sectionName: - description: |- - SectionName is the name of a section within the target resource. In the - following resources, SectionName is interpreted as the following: - - - * Gateway: Listener name. When both Port (experimental) and SectionName - are specified, the name and port of the selected listener must match - both specified values. - * Service: Port name. When both Port (experimental) and SectionName - are specified, the name and port of the selected listener must match - both specified values. - - - Implementations MAY choose to support attaching Routes to other resources. - If that is the case, they MUST clearly document how SectionName is - interpreted. - - - When unspecified (empty string), this will reference the entire resource. - For the purpose of status, an attachment is considered successful if at - least one section in the parent resource accepts it. For example, Gateway - listeners can restrict which Routes can attach to them by Route kind, - namespace, or hostname. If 1 of 2 Gateway listeners accept attachment from - the referencing Route, the Route MUST be considered successfully - attached. If no Gateway listeners accept attachment from this Route, the - Route MUST be considered detached from the Gateway. - - - Support: Core - type: string - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - serviceType: - description: |- - Optional service type for Kubernetes solver service. Supported values - are NodePort or ClusterIP. If unset, defaults to NodePort. - type: string - ingress: - description: |- - The ingress based HTTP01 challenge solver will solve challenges by - creating or modifying Ingress resources in order to route requests for - '/.well-known/acme-challenge/XYZ' to 'challenge solver' pods that are - provisioned by cert-manager for each Challenge to be completed. - type: object - properties: - class: - description: |- - This field configures the annotation `kubernetes.io/ingress.class` when - creating Ingress resources to solve ACME challenges that use this - challenge solver. Only one of `class`, `name` or `ingressClassName` may - be specified. - type: string - ingressClassName: - description: |- - This field configures the field `ingressClassName` on the created Ingress - resources used to solve ACME challenges that use this challenge solver. - This is the recommended way of configuring the ingress class. Only one of - `class`, `name` or `ingressClassName` may be specified. - type: string - ingressTemplate: - description: |- - Optional ingress template used to configure the ACME challenge solver - ingress used for HTTP01 challenges. - type: object - properties: - metadata: - description: |- - ObjectMeta overrides for the ingress used to solve HTTP01 challenges. - Only the 'labels' and 'annotations' fields may be set. - If labels or annotations overlap with in-built values, the values here - will override the in-built values. - type: object - properties: - annotations: - description: Annotations that should be added to the created ACME HTTP01 solver ingress. - type: object - additionalProperties: - type: string - labels: - description: Labels that should be added to the created ACME HTTP01 solver ingress. - type: object - additionalProperties: - type: string - name: - description: |- - The name of the ingress resource that should have ACME challenge solving - routes inserted into it in order to solve HTTP01 challenges. - This is typically used in conjunction with ingress controllers like - ingress-gce, which maintains a 1:1 mapping between external IPs and - ingress resources. Only one of `class`, `name` or `ingressClassName` may - be specified. - type: string - podTemplate: - description: |- - Optional pod template used to configure the ACME challenge solver pods - used for HTTP01 challenges. - type: object - properties: - metadata: - description: |- - ObjectMeta overrides for the pod used to solve HTTP01 challenges. - Only the 'labels' and 'annotations' fields may be set. - If labels or annotations overlap with in-built values, the values here - will override the in-built values. - type: object - properties: - annotations: - description: Annotations that should be added to the create ACME HTTP01 solver pods. - type: object - additionalProperties: - type: string - labels: - description: Labels that should be added to the created ACME HTTP01 solver pods. - type: object - additionalProperties: - type: string - spec: - description: |- - PodSpec defines overrides for the HTTP01 challenge solver pod. - Check ACMEChallengeSolverHTTP01IngressPodSpec to find out currently supported fields. - All other fields will be ignored. - type: object - properties: - affinity: - description: If specified, the pod's scheduling constraints - type: object - properties: - nodeAffinity: - description: Describes node affinity scheduling rules for the pod. - type: object - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: |- - The scheduler will prefer to schedule pods to nodes that satisfy - the affinity expressions specified by this field, but it may choose - a node that violates one or more of the expressions. The node that is - most preferred is the one with the greatest sum of weights, i.e. - for each node that meets all of the scheduling requirements (resource - request, requiredDuringScheduling affinity expressions, etc.), - compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node matches the corresponding matchExpressions; the - node(s) with the highest sum are the most preferred. - type: array - items: - description: |- - An empty preferred scheduling term matches all objects with implicit weight 0 - (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). - type: object - required: - - preference - - weight - properties: - preference: - description: A node selector term, associated with the corresponding weight. - type: object - properties: - matchExpressions: - description: A list of node selector requirements by node's labels. - type: array - items: - description: |- - A node selector requirement is a selector that contains values, a key, and an operator - that relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: The label key that the selector applies to. - type: string - operator: - description: |- - Represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - type: string - values: - description: |- - An array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. If the operator is Gt or Lt, the values - array must have a single element, which will be interpreted as an integer. - This array is replaced during a strategic merge patch. - type: array - items: - type: string - x-kubernetes-list-type: atomic - x-kubernetes-list-type: atomic - matchFields: - description: A list of node selector requirements by node's fields. - type: array - items: - description: |- - A node selector requirement is a selector that contains values, a key, and an operator - that relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: The label key that the selector applies to. - type: string - operator: - description: |- - Represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - type: string - values: - description: |- - An array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. If the operator is Gt or Lt, the values - array must have a single element, which will be interpreted as an integer. - This array is replaced during a strategic merge patch. - type: array - items: - type: string - x-kubernetes-list-type: atomic - x-kubernetes-list-type: atomic - x-kubernetes-map-type: atomic - weight: - description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. - type: integer - format: int32 - x-kubernetes-list-type: atomic - requiredDuringSchedulingIgnoredDuringExecution: - description: |- - If the affinity requirements specified by this field are not met at - scheduling time, the pod will not be scheduled onto the node. - If the affinity requirements specified by this field cease to be met - at some point during pod execution (e.g. due to an update), the system - may or may not try to eventually evict the pod from its node. - type: object - required: - - nodeSelectorTerms - properties: - nodeSelectorTerms: - description: Required. A list of node selector terms. The terms are ORed. - type: array - items: - description: |- - A null or empty node selector term matches no objects. The requirements of - them are ANDed. - The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. - type: object - properties: - matchExpressions: - description: A list of node selector requirements by node's labels. - type: array - items: - description: |- - A node selector requirement is a selector that contains values, a key, and an operator - that relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: The label key that the selector applies to. - type: string - operator: - description: |- - Represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - type: string - values: - description: |- - An array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. If the operator is Gt or Lt, the values - array must have a single element, which will be interpreted as an integer. - This array is replaced during a strategic merge patch. - type: array - items: - type: string - x-kubernetes-list-type: atomic - x-kubernetes-list-type: atomic - matchFields: - description: A list of node selector requirements by node's fields. - type: array - items: - description: |- - A node selector requirement is a selector that contains values, a key, and an operator - that relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: The label key that the selector applies to. - type: string - operator: - description: |- - Represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - type: string - values: - description: |- - An array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. If the operator is Gt or Lt, the values - array must have a single element, which will be interpreted as an integer. - This array is replaced during a strategic merge patch. - type: array - items: - type: string - x-kubernetes-list-type: atomic - x-kubernetes-list-type: atomic - x-kubernetes-map-type: atomic - x-kubernetes-list-type: atomic - x-kubernetes-map-type: atomic - podAffinity: - description: Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). - type: object - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: |- - The scheduler will prefer to schedule pods to nodes that satisfy - the affinity expressions specified by this field, but it may choose - a node that violates one or more of the expressions. The node that is - most preferred is the one with the greatest sum of weights, i.e. - for each node that meets all of the scheduling requirements (resource - request, requiredDuringScheduling affinity expressions, etc.), - compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the - node(s) with the highest sum are the most preferred. - type: array - items: - description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) - type: object - required: - - podAffinityTerm - - weight - properties: - podAffinityTerm: - description: Required. A pod affinity term, associated with the corresponding weight. - type: object - required: - - topologyKey - properties: - labelSelector: - description: |- - A label query over a set of resources, in this case pods. - If it's null, this PodAffinityTerm matches with no Pods. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - type: array - items: - type: string - x-kubernetes-list-type: atomic - x-kubernetes-list-type: atomic - matchLabels: - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - additionalProperties: - type: string - x-kubernetes-map-type: atomic - matchLabelKeys: - description: |- - MatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both matchLabelKeys and labelSelector. - Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - type: array - items: - type: string - x-kubernetes-list-type: atomic - mismatchLabelKeys: - description: |- - MismatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. - Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - type: array - items: - type: string - x-kubernetes-list-type: atomic - namespaceSelector: - description: |- - A label query over the set of namespaces that the term applies to. - The term is applied to the union of the namespaces selected by this field - and the ones listed in the namespaces field. - null selector and null or empty namespaces list means "this pod's namespace". - An empty selector ({}) matches all namespaces. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - type: array - items: - type: string - x-kubernetes-list-type: atomic - x-kubernetes-list-type: atomic - matchLabels: - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - additionalProperties: - type: string - x-kubernetes-map-type: atomic - namespaces: - description: |- - namespaces specifies a static list of namespace names that the term applies to. - The term is applied to the union of the namespaces listed in this field - and the ones selected by namespaceSelector. - null or empty namespaces list and null namespaceSelector means "this pod's namespace". - type: array - items: - type: string - x-kubernetes-list-type: atomic - topologyKey: - description: |- - This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching - the labelSelector in the specified namespaces, where co-located is defined as running on a node - whose value of the label with key topologyKey matches that of any node on which any of the - selected pods is running. - Empty topologyKey is not allowed. - type: string - weight: - description: |- - weight associated with matching the corresponding podAffinityTerm, - in the range 1-100. - type: integer - format: int32 - x-kubernetes-list-type: atomic - requiredDuringSchedulingIgnoredDuringExecution: - description: |- - If the affinity requirements specified by this field are not met at - scheduling time, the pod will not be scheduled onto the node. - If the affinity requirements specified by this field cease to be met - at some point during pod execution (e.g. due to a pod label update), the - system may or may not try to eventually evict the pod from its node. - When there are multiple elements, the lists of nodes corresponding to each - podAffinityTerm are intersected, i.e. all terms must be satisfied. - type: array - items: - description: |- - Defines a set of pods (namely those matching the labelSelector - relative to the given namespace(s)) that this pod should be - co-located (affinity) or not co-located (anti-affinity) with, - where co-located is defined as running on a node whose value of - the label with key matches that of any node on which - a pod of the set of pods is running - type: object - required: - - topologyKey - properties: - labelSelector: - description: |- - A label query over a set of resources, in this case pods. - If it's null, this PodAffinityTerm matches with no Pods. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - type: array - items: - type: string - x-kubernetes-list-type: atomic - x-kubernetes-list-type: atomic - matchLabels: - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - additionalProperties: - type: string - x-kubernetes-map-type: atomic - matchLabelKeys: - description: |- - MatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both matchLabelKeys and labelSelector. - Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - type: array - items: - type: string - x-kubernetes-list-type: atomic - mismatchLabelKeys: - description: |- - MismatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. - Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - type: array - items: - type: string - x-kubernetes-list-type: atomic - namespaceSelector: - description: |- - A label query over the set of namespaces that the term applies to. - The term is applied to the union of the namespaces selected by this field - and the ones listed in the namespaces field. - null selector and null or empty namespaces list means "this pod's namespace". - An empty selector ({}) matches all namespaces. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - type: array - items: - type: string - x-kubernetes-list-type: atomic - x-kubernetes-list-type: atomic - matchLabels: - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - additionalProperties: - type: string - x-kubernetes-map-type: atomic - namespaces: - description: |- - namespaces specifies a static list of namespace names that the term applies to. - The term is applied to the union of the namespaces listed in this field - and the ones selected by namespaceSelector. - null or empty namespaces list and null namespaceSelector means "this pod's namespace". - type: array - items: - type: string - x-kubernetes-list-type: atomic - topologyKey: - description: |- - This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching - the labelSelector in the specified namespaces, where co-located is defined as running on a node - whose value of the label with key topologyKey matches that of any node on which any of the - selected pods is running. - Empty topologyKey is not allowed. - type: string - x-kubernetes-list-type: atomic - podAntiAffinity: - description: Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). - type: object - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: |- - The scheduler will prefer to schedule pods to nodes that satisfy - the anti-affinity expressions specified by this field, but it may choose - a node that violates one or more of the expressions. The node that is - most preferred is the one with the greatest sum of weights, i.e. - for each node that meets all of the scheduling requirements (resource - request, requiredDuringScheduling anti-affinity expressions, etc.), - compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the - node(s) with the highest sum are the most preferred. - type: array - items: - description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) - type: object - required: - - podAffinityTerm - - weight - properties: - podAffinityTerm: - description: Required. A pod affinity term, associated with the corresponding weight. - type: object - required: - - topologyKey - properties: - labelSelector: - description: |- - A label query over a set of resources, in this case pods. - If it's null, this PodAffinityTerm matches with no Pods. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - type: array - items: - type: string - x-kubernetes-list-type: atomic - x-kubernetes-list-type: atomic - matchLabels: - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - additionalProperties: - type: string - x-kubernetes-map-type: atomic - matchLabelKeys: - description: |- - MatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both matchLabelKeys and labelSelector. - Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - type: array - items: - type: string - x-kubernetes-list-type: atomic - mismatchLabelKeys: - description: |- - MismatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. - Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - type: array - items: - type: string - x-kubernetes-list-type: atomic - namespaceSelector: - description: |- - A label query over the set of namespaces that the term applies to. - The term is applied to the union of the namespaces selected by this field - and the ones listed in the namespaces field. - null selector and null or empty namespaces list means "this pod's namespace". - An empty selector ({}) matches all namespaces. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - type: array - items: - type: string - x-kubernetes-list-type: atomic - x-kubernetes-list-type: atomic - matchLabels: - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - additionalProperties: - type: string - x-kubernetes-map-type: atomic - namespaces: - description: |- - namespaces specifies a static list of namespace names that the term applies to. - The term is applied to the union of the namespaces listed in this field - and the ones selected by namespaceSelector. - null or empty namespaces list and null namespaceSelector means "this pod's namespace". - type: array - items: - type: string - x-kubernetes-list-type: atomic - topologyKey: - description: |- - This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching - the labelSelector in the specified namespaces, where co-located is defined as running on a node - whose value of the label with key topologyKey matches that of any node on which any of the - selected pods is running. - Empty topologyKey is not allowed. - type: string - weight: - description: |- - weight associated with matching the corresponding podAffinityTerm, - in the range 1-100. - type: integer - format: int32 - x-kubernetes-list-type: atomic - requiredDuringSchedulingIgnoredDuringExecution: - description: |- - If the anti-affinity requirements specified by this field are not met at - scheduling time, the pod will not be scheduled onto the node. - If the anti-affinity requirements specified by this field cease to be met - at some point during pod execution (e.g. due to a pod label update), the - system may or may not try to eventually evict the pod from its node. - When there are multiple elements, the lists of nodes corresponding to each - podAffinityTerm are intersected, i.e. all terms must be satisfied. - type: array - items: - description: |- - Defines a set of pods (namely those matching the labelSelector - relative to the given namespace(s)) that this pod should be - co-located (affinity) or not co-located (anti-affinity) with, - where co-located is defined as running on a node whose value of - the label with key matches that of any node on which - a pod of the set of pods is running - type: object - required: - - topologyKey - properties: - labelSelector: - description: |- - A label query over a set of resources, in this case pods. - If it's null, this PodAffinityTerm matches with no Pods. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - type: array - items: - type: string - x-kubernetes-list-type: atomic - x-kubernetes-list-type: atomic - matchLabels: - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - additionalProperties: - type: string - x-kubernetes-map-type: atomic - matchLabelKeys: - description: |- - MatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both matchLabelKeys and labelSelector. - Also, matchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - type: array - items: - type: string - x-kubernetes-list-type: atomic - mismatchLabelKeys: - description: |- - MismatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. - Also, mismatchLabelKeys cannot be set when labelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - type: array - items: - type: string - x-kubernetes-list-type: atomic - namespaceSelector: - description: |- - A label query over the set of namespaces that the term applies to. - The term is applied to the union of the namespaces selected by this field - and the ones listed in the namespaces field. - null selector and null or empty namespaces list means "this pod's namespace". - An empty selector ({}) matches all namespaces. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - type: array - items: - type: string - x-kubernetes-list-type: atomic - x-kubernetes-list-type: atomic - matchLabels: - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - additionalProperties: - type: string - x-kubernetes-map-type: atomic - namespaces: - description: |- - namespaces specifies a static list of namespace names that the term applies to. - The term is applied to the union of the namespaces listed in this field - and the ones selected by namespaceSelector. - null or empty namespaces list and null namespaceSelector means "this pod's namespace". - type: array - items: - type: string - x-kubernetes-list-type: atomic - topologyKey: - description: |- - This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching - the labelSelector in the specified namespaces, where co-located is defined as running on a node - whose value of the label with key topologyKey matches that of any node on which any of the - selected pods is running. - Empty topologyKey is not allowed. - type: string - x-kubernetes-list-type: atomic - imagePullSecrets: - description: If specified, the pod's imagePullSecrets - type: array - items: - description: |- - LocalObjectReference contains enough information to let you locate the - referenced object inside the same namespace. - type: object - properties: - name: - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - TODO: Add other useful fields. apiVersion, kind, uid? - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. - type: string - default: "" - x-kubernetes-map-type: atomic - nodeSelector: - description: |- - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that node. - More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ - type: object - additionalProperties: - type: string - priorityClassName: - description: If specified, the pod's priorityClassName. - type: string - serviceAccountName: - description: If specified, the pod's service account - type: string - tolerations: - description: If specified, the pod's tolerations. - type: array - items: - description: |- - The pod this Toleration is attached to tolerates any taint that matches - the triple using the matching operator . - type: object - properties: - effect: - description: |- - Effect indicates the taint effect to match. Empty means match all taint effects. - When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: |- - Key is the taint key that the toleration applies to. Empty means match all taint keys. - If the key is empty, operator must be Exists; this combination means to match all values and all keys. - type: string - operator: - description: |- - Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod can - tolerate all taints of a particular category. - type: string - tolerationSeconds: - description: |- - TolerationSeconds represents the period of time the toleration (which must be - of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, - it is not set, which means tolerate the taint forever (do not evict). Zero and - negative values will be treated as 0 (evict immediately) by the system. - type: integer - format: int64 - value: - description: |- - Value is the taint value the toleration matches to. - If the operator is Exists, the value should be empty, otherwise just a regular string. - type: string - serviceType: - description: |- - Optional service type for Kubernetes solver service. Supported values - are NodePort or ClusterIP. If unset, defaults to NodePort. - type: string - selector: - description: |- - Selector selects a set of DNSNames on the Certificate resource that - should be solved using this challenge solver. - If not specified, the solver will be treated as the 'default' solver - with the lowest priority, i.e. if any other solver has a more specific - match, it will be used instead. - type: object - properties: - dnsNames: - description: |- - List of DNSNames that this solver will be used to solve. - If specified and a match is found, a dnsNames selector will take - precedence over a dnsZones selector. - If multiple solvers match with the same dnsNames value, the solver - with the most matching labels in matchLabels will be selected. - If neither has more matches, the solver defined earlier in the list - will be selected. - type: array - items: - type: string - dnsZones: - description: |- - List of DNSZones that this solver will be used to solve. - The most specific DNS zone match specified here will take precedence - over other DNS zone matches, so a solver specifying sys.example.com - will be selected over one specifying example.com for the domain - www.sys.example.com. - If multiple solvers match with the same dnsZones value, the solver - with the most matching labels in matchLabels will be selected. - If neither has more matches, the solver defined earlier in the list - will be selected. - type: array - items: - type: string - matchLabels: - description: |- - A label selector that is used to refine the set of certificate's that - this challenge solver will apply to. - type: object - additionalProperties: - type: string - ca: - description: |- - CA configures this issuer to sign certificates using a signing CA keypair - stored in a Secret resource. - This is used to build internal PKIs that are managed by cert-manager. - type: object - required: - - secretName - properties: - crlDistributionPoints: - description: |- - The CRL distribution points is an X.509 v3 certificate extension which identifies - the location of the CRL from which the revocation of this certificate can be checked. - If not set, certificates will be issued without distribution points set. - type: array - items: - type: string - issuingCertificateURLs: - description: |- - IssuingCertificateURLs is a list of URLs which this issuer should embed into certificates - it creates. See https://www.rfc-editor.org/rfc/rfc5280#section-4.2.2.1 for more details. - As an example, such a URL might be "http://ca.domain.com/ca.crt". - type: array - items: - type: string - ocspServers: - description: |- - The OCSP server list is an X.509 v3 extension that defines a list of - URLs of OCSP responders. The OCSP responders can be queried for the - revocation status of an issued certificate. If not set, the - certificate will be issued with no OCSP servers set. For example, an - OCSP server URL could be "http://ocsp.int-x3.letsencrypt.org". - type: array - items: - type: string - secretName: - description: |- - SecretName is the name of the secret used to sign Certificates issued - by this Issuer. - type: string - selfSigned: - description: |- - SelfSigned configures this issuer to 'self sign' certificates using the - private key used to create the CertificateRequest object. - type: object - properties: - crlDistributionPoints: - description: |- - The CRL distribution points is an X.509 v3 certificate extension which identifies - the location of the CRL from which the revocation of this certificate can be checked. - If not set certificate will be issued without CDP. Values are strings. - type: array - items: - type: string - vault: - description: |- - Vault configures this issuer to sign certificates using a HashiCorp Vault - PKI backend. - type: object - required: - - auth - - path - - server - properties: - auth: - description: Auth configures how cert-manager authenticates with the Vault server. - type: object - properties: - appRole: - description: |- - AppRole authenticates with Vault using the App Role auth mechanism, - with the role and secret stored in a Kubernetes Secret resource. - type: object - required: - - path - - roleId - - secretRef - properties: - path: - description: |- - Path where the App Role authentication backend is mounted in Vault, e.g: - "approle" - type: string - roleId: - description: |- - RoleID configured in the App Role authentication backend when setting - up the authentication backend in Vault. - type: string - secretRef: - description: |- - Reference to a key in a Secret that contains the App Role secret used - to authenticate with Vault. - The `key` field must be specified and denotes which entry within the Secret - resource is used as the app role secret. - type: object - required: - - name - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. - Some instances of this field may be defaulted, in others it may be - required. - type: string - name: - description: |- - Name of the resource being referred to. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - kubernetes: - description: |- - Kubernetes authenticates with Vault by passing the ServiceAccount - token stored in the named Secret resource to the Vault server. - type: object - required: - - role - properties: - mountPath: - description: |- - The Vault mountPath here is the mount path to use when authenticating with - Vault. For example, setting a value to `/v1/auth/foo`, will use the path - `/v1/auth/foo/login` to authenticate with Vault. If unspecified, the - default value "/v1/auth/kubernetes" will be used. - type: string - role: - description: |- - A required field containing the Vault Role to assume. A Role binds a - Kubernetes ServiceAccount with a set of Vault policies. - type: string - secretRef: - description: |- - The required Secret field containing a Kubernetes ServiceAccount JWT used - for authenticating with Vault. Use of 'ambient credentials' is not - supported. - type: object - required: - - name - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. - Some instances of this field may be defaulted, in others it may be - required. - type: string - name: - description: |- - Name of the resource being referred to. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - serviceAccountRef: - description: |- - A reference to a service account that will be used to request a bound - token (also known as "projected token"). Compared to using "secretRef", - using this field means that you don't rely on statically bound tokens. To - use this field, you must configure an RBAC rule to let cert-manager - request a token. - type: object - required: - - name - properties: - audiences: - description: |- - TokenAudiences is an optional list of extra audiences to include in the token passed to Vault. The default token - consisting of the issuer's namespace and name is always included. - type: array - items: - type: string - name: - description: Name of the ServiceAccount used to request a token. - type: string - tokenSecretRef: - description: TokenSecretRef authenticates with Vault by presenting a token. - type: object - required: - - name - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. - Some instances of this field may be defaulted, in others it may be - required. - type: string - name: - description: |- - Name of the resource being referred to. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - caBundle: - description: |- - Base64-encoded bundle of PEM CAs which will be used to validate the certificate - chain presented by Vault. Only used if using HTTPS to connect to Vault and - ignored for HTTP connections. - Mutually exclusive with CABundleSecretRef. - If neither CABundle nor CABundleSecretRef are defined, the certificate bundle in - the cert-manager controller container is used to validate the TLS connection. - type: string - format: byte - caBundleSecretRef: - description: |- - Reference to a Secret containing a bundle of PEM-encoded CAs to use when - verifying the certificate chain presented by Vault when using HTTPS. - Mutually exclusive with CABundle. - If neither CABundle nor CABundleSecretRef are defined, the certificate bundle in - the cert-manager controller container is used to validate the TLS connection. - If no key for the Secret is specified, cert-manager will default to 'ca.crt'. - type: object - required: - - name - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. - Some instances of this field may be defaulted, in others it may be - required. - type: string - name: - description: |- - Name of the resource being referred to. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - clientCertSecretRef: - description: |- - Reference to a Secret containing a PEM-encoded Client Certificate to use when the - Vault server requires mTLS. - type: object - required: - - name - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. - Some instances of this field may be defaulted, in others it may be - required. - type: string - name: - description: |- - Name of the resource being referred to. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - clientKeySecretRef: - description: |- - Reference to a Secret containing a PEM-encoded Client Private Key to use when the - Vault server requires mTLS. - type: object - required: - - name - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. - Some instances of this field may be defaulted, in others it may be - required. - type: string - name: - description: |- - Name of the resource being referred to. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - namespace: - description: |- - Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows Vault environments to support Secure Multi-tenancy. e.g: "ns1" - More about namespaces can be found here https://www.vaultproject.io/docs/enterprise/namespaces - type: string - path: - description: |- - Path is the mount path of the Vault PKI backend's `sign` endpoint, e.g: - "my_pki_mount/sign/my-role-name". - type: string - server: - description: 'Server is the connection address for the Vault server, e.g: "https://vault.example.com:8200".' - type: string - venafi: - description: |- - Venafi configures this issuer to sign certificates using a Venafi TPP - or Venafi Cloud policy zone. - type: object - required: - - zone - properties: - cloud: - description: |- - Cloud specifies the Venafi cloud configuration settings. - Only one of TPP or Cloud may be specified. - type: object - required: - - apiTokenSecretRef - properties: - apiTokenSecretRef: - description: APITokenSecretRef is a secret key selector for the Venafi Cloud API token. - type: object - required: - - name - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. - Some instances of this field may be defaulted, in others it may be - required. - type: string - name: - description: |- - Name of the resource being referred to. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - url: - description: |- - URL is the base URL for Venafi Cloud. - Defaults to "https://api.venafi.cloud/v1". - type: string - tpp: - description: |- - TPP specifies Trust Protection Platform configuration settings. - Only one of TPP or Cloud may be specified. - type: object - required: - - credentialsRef - - url - properties: - caBundle: - description: |- - Base64-encoded bundle of PEM CAs which will be used to validate the certificate - chain presented by the TPP server. Only used if using HTTPS; ignored for HTTP. - If undefined, the certificate bundle in the cert-manager controller container - is used to validate the chain. - type: string - format: byte - credentialsRef: - description: |- - CredentialsRef is a reference to a Secret containing the username and - password for the TPP server. - The secret must contain two keys, 'username' and 'password'. - type: object - required: - - name - properties: - name: - description: |- - Name of the resource being referred to. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - url: - description: |- - URL is the base URL for the vedsdk endpoint of the Venafi TPP instance, - for example: "https://tpp.example.com/vedsdk". - type: string - zone: - description: |- - Zone is the Venafi Policy Zone to use for this issuer. - All requests made to the Venafi platform will be restricted by the named - zone policy. - This field is required. - type: string - status: - description: Status of the Issuer. This is set and managed automatically. - type: object - properties: - acme: - description: |- - ACME specific status options. - This field should only be set if the Issuer is configured to use an ACME - server to issue certificates. - type: object - properties: - lastPrivateKeyHash: - description: |- - LastPrivateKeyHash is a hash of the private key associated with the latest - registered ACME account, in order to track changes made to registered account - associated with the Issuer - type: string - lastRegisteredEmail: - description: |- - LastRegisteredEmail is the email associated with the latest registered - ACME account, in order to track changes made to registered account - associated with the Issuer - type: string - uri: - description: |- - URI is the unique account identifier, which can also be used to retrieve - account details from the CA - type: string - conditions: - description: |- - List of status conditions to indicate the status of a CertificateRequest. - Known condition types are `Ready`. - type: array - items: - description: IssuerCondition contains condition information for an Issuer. - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: |- - LastTransitionTime is the timestamp corresponding to the last status - change of this condition. - type: string - format: date-time - message: - description: |- - Message is a human readable description of the details of the last - transition, complementing reason. - type: string - observedGeneration: - description: |- - If set, this represents the .metadata.generation that the condition was - set based upon. - For instance, if .metadata.generation is currently 12, but the - .status.condition[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the Issuer. - type: integer - format: int64 - reason: - description: |- - Reason is a brief machine readable explanation for the condition's last - transition. - type: string - status: - description: Status of the condition, one of (`True`, `False`, `Unknown`). - type: string - enum: - - "True" - - "False" - - Unknown - type: - description: Type of the condition, known values are (`Ready`). - type: string - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - served: true - storage: true - -# END crd {{- end }} - ---- -# START crd {{- if or .Values.crds.enabled .Values.installCRDs }} -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: orders.acme.cert-manager.io - # START annotations {{- if .Values.crds.keep }} - annotations: - helm.sh/resource-policy: keep - # END annotations {{- end }} - labels: - app: '{{ template "cert-manager.name" . }}' - app.kubernetes.io/name: '{{ template "cert-manager.name" . }}' - app.kubernetes.io/instance: '{{ .Release.Name }}' - app.kubernetes.io/component: "crds" - # Generated labels {{- include "labels" . | nindent 4 }} -spec: - group: acme.cert-manager.io - names: - kind: Order - listKind: OrderList - plural: orders - singular: order - categories: - - cert-manager - - cert-manager-acme - scope: Namespaced - versions: - - name: v1 - subresources: - status: {} - additionalPrinterColumns: - - jsonPath: .status.state - name: State - type: string - - jsonPath: .spec.issuerRef.name - name: Issuer - priority: 1 - type: string - - jsonPath: .status.reason - name: Reason - priority: 1 - type: string - - jsonPath: .metadata.creationTimestamp - description: CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. - name: Age - type: date - schema: - openAPIV3Schema: - description: Order is a type to represent an Order with an ACME server - type: object - required: - - metadata - - spec - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - type: object - required: - - issuerRef - - request - properties: - commonName: - description: |- - CommonName is the common name as specified on the DER encoded CSR. - If specified, this value must also be present in `dnsNames` or `ipAddresses`. - This field must match the corresponding field on the DER encoded CSR. - type: string - dnsNames: - description: |- - DNSNames is a list of DNS names that should be included as part of the Order - validation process. - This field must match the corresponding field on the DER encoded CSR. - type: array - items: - type: string - duration: - description: |- - Duration is the duration for the not after date for the requested certificate. - this is set on order creation as pe the ACME spec. - type: string - ipAddresses: - description: |- - IPAddresses is a list of IP addresses that should be included as part of the Order - validation process. - This field must match the corresponding field on the DER encoded CSR. - type: array - items: - type: string - issuerRef: - description: |- - IssuerRef references a properly configured ACME-type Issuer which should - be used to create this Order. - If the Issuer does not exist, processing will be retried. - If the Issuer is not an 'ACME' Issuer, an error will be returned and the - Order will be marked as failed. - type: object - required: - - name - properties: - group: - description: Group of the resource being referred to. - type: string - kind: - description: Kind of the resource being referred to. - type: string - name: - description: Name of the resource being referred to. - type: string - request: - description: |- - Certificate signing request bytes in DER encoding. - This will be used when finalizing the order. - This field must be set on the order. - type: string - format: byte - status: - type: object - properties: - authorizations: - description: |- - Authorizations contains data returned from the ACME server on what - authorizations must be completed in order to validate the DNS names - specified on the Order. - type: array - items: - description: |- - ACMEAuthorization contains data returned from the ACME server on an - authorization that must be completed in order validate a DNS name on an ACME - Order resource. - type: object - required: - - url - properties: - challenges: - description: |- - Challenges specifies the challenge types offered by the ACME server. - One of these challenge types will be selected when validating the DNS - name and an appropriate Challenge resource will be created to perform - the ACME challenge process. - type: array - items: - description: |- - Challenge specifies a challenge offered by the ACME server for an Order. - An appropriate Challenge resource can be created to perform the ACME - challenge process. - type: object - required: - - token - - type - - url - properties: - token: - description: |- - Token is the token that must be presented for this challenge. - This is used to compute the 'key' that must also be presented. - type: string - type: - description: |- - Type is the type of challenge being offered, e.g. 'http-01', 'dns-01', - 'tls-sni-01', etc. - This is the raw value retrieved from the ACME server. - Only 'http-01' and 'dns-01' are supported by cert-manager, other values - will be ignored. - type: string - url: - description: |- - URL is the URL of this challenge. It can be used to retrieve additional - metadata about the Challenge from the ACME server. - type: string - identifier: - description: Identifier is the DNS name to be validated as part of this authorization - type: string - initialState: - description: |- - InitialState is the initial state of the ACME authorization when first - fetched from the ACME server. - If an Authorization is already 'valid', the Order controller will not - create a Challenge resource for the authorization. This will occur when - working with an ACME server that enables 'authz reuse' (such as Let's - Encrypt's production endpoint). - If not set and 'identifier' is set, the state is assumed to be pending - and a Challenge will be created. - type: string - enum: - - valid - - ready - - pending - - processing - - invalid - - expired - - errored - url: - description: URL is the URL of the Authorization that must be completed - type: string - wildcard: - description: |- - Wildcard will be true if this authorization is for a wildcard DNS name. - If this is true, the identifier will be the *non-wildcard* version of - the DNS name. - For example, if '*.example.com' is the DNS name being validated, this - field will be 'true' and the 'identifier' field will be 'example.com'. - type: boolean - certificate: - description: |- - Certificate is a copy of the PEM encoded certificate for this Order. - This field will be populated after the order has been successfully - finalized with the ACME server, and the order has transitioned to the - 'valid' state. - type: string - format: byte - failureTime: - description: |- - FailureTime stores the time that this order failed. - This is used to influence garbage collection and back-off. - type: string - format: date-time - finalizeURL: - description: |- - FinalizeURL of the Order. - This is used to obtain certificates for this order once it has been completed. - type: string - reason: - description: |- - Reason optionally provides more information about a why the order is in - the current state. - type: string - state: - description: |- - State contains the current state of this Order resource. - States 'success' and 'expired' are 'final' - type: string - enum: - - valid - - ready - - pending - - processing - - invalid - - expired - - errored - url: - description: |- - URL of the Order. - This will initially be empty when the resource is first created. - The Order controller will populate this field when the Order is first processed. - This field will be immutable after it is initially set. - type: string - served: true - storage: true - -# END crd {{- end }} diff --git a/charts/cert-manager/cert-manager/templates/deployment.yaml b/charts/cert-manager/cert-manager/templates/deployment.yaml deleted file mode 100644 index e6f3f68..0000000 --- a/charts/cert-manager/cert-manager/templates/deployment.yaml +++ /dev/null @@ -1,231 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ template "cert-manager.fullname" . }} - namespace: {{ include "cert-manager.namespace" . }} - labels: - app: {{ template "cert-manager.name" . }} - app.kubernetes.io/name: {{ template "cert-manager.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "controller" - {{- include "labels" . | nindent 4 }} - {{- with .Values.deploymentAnnotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - replicas: {{ .Values.replicaCount }} - {{- /* The if statement below is equivalent to {{- if $value }} but will also return true for 0. */ -}} - {{- if not (has (quote .Values.global.revisionHistoryLimit) (list "" (quote ""))) }} - revisionHistoryLimit: {{ .Values.global.revisionHistoryLimit }} - {{- end }} - selector: - matchLabels: - app.kubernetes.io/name: {{ template "cert-manager.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "controller" - {{- with .Values.strategy }} - strategy: - {{- toYaml . | nindent 4 }} - {{- end }} - template: - metadata: - labels: - app: {{ template "cert-manager.name" . }} - app.kubernetes.io/name: {{ template "cert-manager.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "controller" - {{- include "labels" . | nindent 8 }} - {{- with .Values.podLabels }} - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.podAnnotations }} - annotations: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- if and .Values.prometheus.enabled (not (or .Values.prometheus.servicemonitor.enabled .Values.prometheus.podmonitor.enabled)) }} - {{- if not .Values.podAnnotations }} - annotations: - {{- end }} - prometheus.io/path: "/metrics" - prometheus.io/scrape: 'true' - prometheus.io/port: '9402' - {{- end }} - spec: - serviceAccountName: {{ template "cert-manager.serviceAccountName" . }} - {{- if hasKey .Values "automountServiceAccountToken" }} - automountServiceAccountToken: {{ .Values.automountServiceAccountToken }} - {{- end }} - enableServiceLinks: {{ .Values.enableServiceLinks }} - {{- with .Values.global.priorityClassName }} - priorityClassName: {{ . | quote }} - {{- end }} - {{- with .Values.securityContext }} - securityContext: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- if or .Values.volumes .Values.config}} - volumes: - {{- if .Values.config }} - - name: config - configMap: - name: {{ include "cert-manager.fullname" . }} - {{- end }} - {{ with .Values.volumes }} - {{- toYaml . | nindent 8 }} - {{- end }} - {{- end }} - containers: - - name: {{ .Chart.Name }}-controller - image: "{{ template "image" (tuple .Values.image $.Chart.AppVersion) }}" - imagePullPolicy: {{ .Values.image.pullPolicy }} - args: - {{- /* The if statement below is equivalent to {{- if $value }} but will also return true for 0. */ -}} - {{- if not (has (quote .Values.global.logLevel) (list "" (quote ""))) }} - - --v={{ .Values.global.logLevel }} - {{- end }} - {{- if .Values.config }} - - --config=/var/cert-manager/config/config.yaml - {{- end }} - {{- $config := default .Values.config "" }} - {{- if .Values.clusterResourceNamespace }} - - --cluster-resource-namespace={{ .Values.clusterResourceNamespace }} - {{- else }} - - --cluster-resource-namespace=$(POD_NAMESPACE) - {{- end }} - {{- with .Values.global.leaderElection }} - - --leader-election-namespace={{ .namespace }} - {{- if .leaseDuration }} - - --leader-election-lease-duration={{ .leaseDuration }} - {{- end }} - {{- if .renewDeadline }} - - --leader-election-renew-deadline={{ .renewDeadline }} - {{- end }} - {{- if .retryPeriod }} - - --leader-election-retry-period={{ .retryPeriod }} - {{- end }} - {{- end }} - {{- with .Values.acmesolver.image }} - - --acme-http01-solver-image={{- if .registry -}}{{ .registry }}/{{- end -}}{{ .repository }}{{- if (.digest) -}} @{{ .digest }}{{- else -}}:{{ default $.Chart.AppVersion .tag }} {{- end -}} - {{- end }} - {{- with .Values.extraArgs }} - {{- toYaml . | nindent 10 }} - {{- end }} - {{- with .Values.ingressShim }} - {{- if .defaultIssuerName }} - - --default-issuer-name={{ .defaultIssuerName }} - {{- end }} - {{- if .defaultIssuerKind }} - - --default-issuer-kind={{ .defaultIssuerKind }} - {{- end }} - {{- if .defaultIssuerGroup }} - - --default-issuer-group={{ .defaultIssuerGroup }} - {{- end }} - {{- end }} - {{- if .Values.featureGates }} - - --feature-gates={{ .Values.featureGates }} - {{- end }} - {{- if .Values.maxConcurrentChallenges }} - - --max-concurrent-challenges={{ .Values.maxConcurrentChallenges }} - {{- end }} - {{- if .Values.enableCertificateOwnerRef }} - - --enable-certificate-owner-ref=true - {{- end }} - {{- if .Values.dns01RecursiveNameserversOnly }} - - --dns01-recursive-nameservers-only=true - {{- end }} - {{- with .Values.dns01RecursiveNameservers }} - - --dns01-recursive-nameservers={{ . }} - {{- end }} - {{- if .Values.disableAutoApproval }} - - --controllers=-certificaterequests-approver - {{- end }} - ports: - - containerPort: 9402 - name: http-metrics - protocol: TCP - - containerPort: 9403 - name: http-healthz - protocol: TCP - {{- with .Values.containerSecurityContext }} - securityContext: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- if or .Values.config .Values.volumeMounts }} - volumeMounts: - {{- if .Values.config }} - - name: config - mountPath: /var/cert-manager/config - {{- end }} - {{- with .Values.volumeMounts }} - {{- toYaml . | nindent 12 }} - {{- end }} - {{- end }} - env: - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - {{- with .Values.extraEnv }} - {{- toYaml . | nindent 10 }} - {{- end }} - {{- with .Values.http_proxy }} - - name: HTTP_PROXY - value: {{ . }} - {{- end }} - {{- with .Values.https_proxy }} - - name: HTTPS_PROXY - value: {{ . }} - {{- end }} - {{- with .Values.no_proxy }} - - name: NO_PROXY - value: {{ . }} - {{- end }} - {{- with .Values.resources }} - resources: - {{- toYaml . | nindent 12 }} - {{- end }} - - {{- with .Values.livenessProbe }} - {{- if .enabled }} - # LivenessProbe settings are based on those used for the Kubernetes - # controller-manager. See: - # https://github.com/kubernetes/kubernetes/blob/806b30170c61a38fedd54cc9ede4cd6275a1ad3b/cmd/kubeadm/app/util/staticpod/utils.go#L241-L245 - livenessProbe: - httpGet: - port: http-healthz - path: /livez - scheme: HTTP - initialDelaySeconds: {{ .initialDelaySeconds }} - periodSeconds: {{ .periodSeconds }} - timeoutSeconds: {{ .timeoutSeconds }} - successThreshold: {{ .successThreshold }} - failureThreshold: {{ .failureThreshold }} - {{- end }} - {{- end }} - {{- with .Values.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.topologySpreadConstraints }} - topologySpreadConstraints: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.podDnsPolicy }} - dnsPolicy: {{ . }} - {{- end }} - {{- with .Values.podDnsConfig }} - dnsConfig: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.hostAliases }} - hostAliases: {{ toYaml . | nindent 8 }} - {{- end }} \ No newline at end of file diff --git a/charts/cert-manager/cert-manager/templates/extras-objects.yaml b/charts/cert-manager/cert-manager/templates/extras-objects.yaml deleted file mode 100644 index 9ec3a7e..0000000 --- a/charts/cert-manager/cert-manager/templates/extras-objects.yaml +++ /dev/null @@ -1,4 +0,0 @@ -{{ range .Values.extraObjects }} ---- -{{ tpl . $ }} -{{ end }} diff --git a/charts/cert-manager/cert-manager/templates/networkpolicy-egress.yaml b/charts/cert-manager/cert-manager/templates/networkpolicy-egress.yaml deleted file mode 100644 index 37f90bd..0000000 --- a/charts/cert-manager/cert-manager/templates/networkpolicy-egress.yaml +++ /dev/null @@ -1,19 +0,0 @@ -{{- if .Values.webhook.networkPolicy.enabled }} -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - name: {{ template "webhook.fullname" . }}-allow-egress - namespace: {{ include "cert-manager.namespace" . }} -spec: - egress: - {{- with .Values.webhook.networkPolicy.egress }} - {{- toYaml . | nindent 2 }} - {{- end }} - podSelector: - matchLabels: - app.kubernetes.io/name: {{ include "webhook.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "webhook" - policyTypes: - - Egress -{{- end }} diff --git a/charts/cert-manager/cert-manager/templates/networkpolicy-webhooks.yaml b/charts/cert-manager/cert-manager/templates/networkpolicy-webhooks.yaml deleted file mode 100644 index 3a0ed7a..0000000 --- a/charts/cert-manager/cert-manager/templates/networkpolicy-webhooks.yaml +++ /dev/null @@ -1,21 +0,0 @@ -{{- if .Values.webhook.networkPolicy.enabled }} - -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - name: {{ template "webhook.fullname" . }}-allow-ingress - namespace: {{ include "cert-manager.namespace" . }} -spec: - ingress: - {{- with .Values.webhook.networkPolicy.ingress }} - {{- toYaml . | nindent 2 }} - {{- end }} - podSelector: - matchLabels: - app.kubernetes.io/name: {{ include "webhook.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "webhook" - policyTypes: - - Ingress - -{{- end }} diff --git a/charts/cert-manager/cert-manager/templates/poddisruptionbudget.yaml b/charts/cert-manager/cert-manager/templates/poddisruptionbudget.yaml deleted file mode 100644 index ae71eed..0000000 --- a/charts/cert-manager/cert-manager/templates/poddisruptionbudget.yaml +++ /dev/null @@ -1,29 +0,0 @@ -{{- if .Values.podDisruptionBudget.enabled }} -apiVersion: policy/v1 -kind: PodDisruptionBudget -metadata: - name: {{ include "cert-manager.fullname" . }} - namespace: {{ include "cert-manager.namespace" . }} - labels: - app: {{ include "cert-manager.name" . }} - app.kubernetes.io/name: {{ include "cert-manager.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "controller" - {{- include "labels" . | nindent 4 }} -spec: - selector: - matchLabels: - app.kubernetes.io/name: {{ include "cert-manager.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "controller" - - {{- if not (or (hasKey .Values.podDisruptionBudget "minAvailable") (hasKey .Values.podDisruptionBudget "maxUnavailable")) }} - minAvailable: 1 # Default value because minAvailable and maxUnavailable are not set - {{- end }} - {{- if hasKey .Values.podDisruptionBudget "minAvailable" }} - minAvailable: {{ .Values.podDisruptionBudget.minAvailable }} - {{- end }} - {{- if hasKey .Values.podDisruptionBudget "maxUnavailable" }} - maxUnavailable: {{ .Values.podDisruptionBudget.maxUnavailable }} - {{- end }} -{{- end }} diff --git a/charts/cert-manager/cert-manager/templates/podmonitor.yaml b/charts/cert-manager/cert-manager/templates/podmonitor.yaml deleted file mode 100644 index 1adc060..0000000 --- a/charts/cert-manager/cert-manager/templates/podmonitor.yaml +++ /dev/null @@ -1,50 +0,0 @@ -{{- if and .Values.prometheus.enabled (and .Values.prometheus.podmonitor.enabled .Values.prometheus.servicemonitor.enabled) }} -{{- fail "Either .Values.prometheus.podmonitor.enabled or .Values.prometheus.servicemonitor.enabled can be enabled at a time, but not both." }} -{{- else if and .Values.prometheus.enabled .Values.prometheus.podmonitor.enabled }} -apiVersion: monitoring.coreos.com/v1 -kind: PodMonitor -metadata: - name: {{ template "cert-manager.fullname" . }} -{{- if .Values.prometheus.podmonitor.namespace }} - namespace: {{ .Values.prometheus.podmonitor.namespace }} -{{- else }} - namespace: {{ include "cert-manager.namespace" . }} -{{- end }} - labels: - app: {{ include "cert-manager.name" . }} - app.kubernetes.io/name: {{ include "cert-manager.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "controller" - {{- include "labels" . | nindent 4 }} - prometheus: {{ .Values.prometheus.podmonitor.prometheusInstance }} - {{- with .Values.prometheus.podmonitor.labels }} - {{- toYaml . | nindent 4 }} - {{- end }} -{{- if .Values.prometheus.podmonitor.annotations }} - annotations: - {{- with .Values.prometheus.podmonitor.annotations }} - {{- toYaml . | nindent 4 }} - {{- end }} -{{- end }} -spec: - jobLabel: {{ template "cert-manager.fullname" . }} - selector: - matchLabels: - app.kubernetes.io/name: {{ template "cert-manager.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "controller" -{{- if .Values.prometheus.podmonitor.namespace }} - namespaceSelector: - matchNames: - - {{ include "cert-manager.namespace" . }} -{{- end }} - podMetricsEndpoints: - - port: http-metrics - path: {{ .Values.prometheus.podmonitor.path }} - interval: {{ .Values.prometheus.podmonitor.interval }} - scrapeTimeout: {{ .Values.prometheus.podmonitor.scrapeTimeout }} - honorLabels: {{ .Values.prometheus.podmonitor.honorLabels }} - {{- with .Values.prometheus.servicemonitor.endpointAdditionalProperties }} - {{- toYaml . | nindent 4 }} - {{- end }} -{{- end }} diff --git a/charts/cert-manager/cert-manager/templates/psp-clusterrole.yaml b/charts/cert-manager/cert-manager/templates/psp-clusterrole.yaml deleted file mode 100644 index 1d40a02..0000000 --- a/charts/cert-manager/cert-manager/templates/psp-clusterrole.yaml +++ /dev/null @@ -1,18 +0,0 @@ -{{- if .Values.global.podSecurityPolicy.enabled }} -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: {{ template "cert-manager.fullname" . }}-psp - labels: - app: {{ include "cert-manager.name" . }} - app.kubernetes.io/name: {{ include "cert-manager.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "controller" - {{- include "labels" . | nindent 4 }} -rules: -- apiGroups: ['policy'] - resources: ['podsecuritypolicies'] - verbs: ['use'] - resourceNames: - - {{ template "cert-manager.fullname" . }} -{{- end }} diff --git a/charts/cert-manager/cert-manager/templates/psp-clusterrolebinding.yaml b/charts/cert-manager/cert-manager/templates/psp-clusterrolebinding.yaml deleted file mode 100644 index 4f09b6b..0000000 --- a/charts/cert-manager/cert-manager/templates/psp-clusterrolebinding.yaml +++ /dev/null @@ -1,20 +0,0 @@ -{{- if .Values.global.podSecurityPolicy.enabled }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: {{ template "cert-manager.fullname" . }}-psp - labels: - app: {{ include "cert-manager.name" . }} - app.kubernetes.io/name: {{ include "cert-manager.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "controller" - {{- include "labels" . | nindent 4 }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: {{ template "cert-manager.fullname" . }}-psp -subjects: - - kind: ServiceAccount - name: {{ template "cert-manager.serviceAccountName" . }} - namespace: {{ include "cert-manager.namespace" . }} -{{- end }} diff --git a/charts/cert-manager/cert-manager/templates/psp.yaml b/charts/cert-manager/cert-manager/templates/psp.yaml deleted file mode 100644 index 9e99f5c..0000000 --- a/charts/cert-manager/cert-manager/templates/psp.yaml +++ /dev/null @@ -1,49 +0,0 @@ -{{- if .Values.global.podSecurityPolicy.enabled }} -apiVersion: policy/v1beta1 -kind: PodSecurityPolicy -metadata: - name: {{ template "cert-manager.fullname" . }} - labels: - app: {{ include "cert-manager.name" . }} - app.kubernetes.io/name: {{ include "cert-manager.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "controller" - {{- include "labels" . | nindent 4 }} - annotations: - seccomp.security.alpha.kubernetes.io/allowedProfileNames: 'docker/default' - seccomp.security.alpha.kubernetes.io/defaultProfileName: 'docker/default' - {{- if .Values.global.podSecurityPolicy.useAppArmor }} - apparmor.security.beta.kubernetes.io/allowedProfileNames: 'runtime/default' - apparmor.security.beta.kubernetes.io/defaultProfileName: 'runtime/default' - {{- end }} -spec: - privileged: false - allowPrivilegeEscalation: false - allowedCapabilities: [] # default set of capabilities are implicitly allowed - volumes: - - 'configMap' - - 'emptyDir' - - 'projected' - - 'secret' - - 'downwardAPI' - hostNetwork: false - hostIPC: false - hostPID: false - runAsUser: - rule: 'MustRunAs' - ranges: - - min: 1000 - max: 1000 - seLinux: - rule: 'RunAsAny' - supplementalGroups: - rule: 'MustRunAs' - ranges: - - min: 1000 - max: 1000 - fsGroup: - rule: 'MustRunAs' - ranges: - - min: 1000 - max: 1000 -{{- end }} diff --git a/charts/cert-manager/cert-manager/templates/rbac.yaml b/charts/cert-manager/cert-manager/templates/rbac.yaml deleted file mode 100644 index 7a27d4f..0000000 --- a/charts/cert-manager/cert-manager/templates/rbac.yaml +++ /dev/null @@ -1,574 +0,0 @@ -{{- if .Values.global.rbac.create }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: {{ template "cert-manager.fullname" . }}:leaderelection - namespace: {{ .Values.global.leaderElection.namespace }} - labels: - app: {{ include "cert-manager.name" . }} - app.kubernetes.io/name: {{ include "cert-manager.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "controller" - {{- include "labels" . | nindent 4 }} -rules: - - apiGroups: ["coordination.k8s.io"] - resources: ["leases"] - resourceNames: ["cert-manager-controller"] - verbs: ["get", "update", "patch"] - - apiGroups: ["coordination.k8s.io"] - resources: ["leases"] - verbs: ["create"] - ---- - -# grant cert-manager permission to manage the leaderelection configmap in the -# leader election namespace -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: {{ include "cert-manager.fullname" . }}:leaderelection - namespace: {{ .Values.global.leaderElection.namespace }} - labels: - app: {{ include "cert-manager.name" . }} - app.kubernetes.io/name: {{ include "cert-manager.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "controller" - {{- include "labels" . | nindent 4 }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: {{ template "cert-manager.fullname" . }}:leaderelection -subjects: - - apiGroup: "" - kind: ServiceAccount - name: {{ template "cert-manager.serviceAccountName" . }} - namespace: {{ include "cert-manager.namespace" . }} - ---- - -# Issuer controller role -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: {{ template "cert-manager.fullname" . }}-controller-issuers - labels: - app: {{ include "cert-manager.name" . }} - app.kubernetes.io/name: {{ include "cert-manager.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "controller" - {{- include "labels" . | nindent 4 }} -rules: - - apiGroups: ["cert-manager.io"] - resources: ["issuers", "issuers/status"] - verbs: ["update", "patch"] - - apiGroups: ["cert-manager.io"] - resources: ["issuers"] - verbs: ["get", "list", "watch"] - - apiGroups: [""] - resources: ["secrets"] - verbs: ["get", "list", "watch", "create", "update", "delete"] - - apiGroups: [""] - resources: ["events"] - verbs: ["create", "patch"] ---- - -# ClusterIssuer controller role -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: {{ template "cert-manager.fullname" . }}-controller-clusterissuers - labels: - app: {{ include "cert-manager.name" . }} - app.kubernetes.io/name: {{ include "cert-manager.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "controller" - {{- include "labels" . | nindent 4 }} -rules: - - apiGroups: ["cert-manager.io"] - resources: ["clusterissuers", "clusterissuers/status"] - verbs: ["update", "patch"] - - apiGroups: ["cert-manager.io"] - resources: ["clusterissuers"] - verbs: ["get", "list", "watch"] - - apiGroups: [""] - resources: ["secrets"] - verbs: ["get", "list", "watch", "create", "update", "delete"] - - apiGroups: [""] - resources: ["events"] - verbs: ["create", "patch"] - ---- - -# Certificates controller role -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: {{ template "cert-manager.fullname" . }}-controller-certificates - labels: - app: {{ include "cert-manager.name" . }} - app.kubernetes.io/name: {{ include "cert-manager.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "controller" - {{- include "labels" . | nindent 4 }} -rules: - - apiGroups: ["cert-manager.io"] - resources: ["certificates", "certificates/status", "certificaterequests", "certificaterequests/status"] - verbs: ["update", "patch"] - - apiGroups: ["cert-manager.io"] - resources: ["certificates", "certificaterequests", "clusterissuers", "issuers"] - verbs: ["get", "list", "watch"] - # We require these rules to support users with the OwnerReferencesPermissionEnforcement - # admission controller enabled: - # https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#ownerreferencespermissionenforcement - - apiGroups: ["cert-manager.io"] - resources: ["certificates/finalizers", "certificaterequests/finalizers"] - verbs: ["update"] - - apiGroups: ["acme.cert-manager.io"] - resources: ["orders"] - verbs: ["create", "delete", "get", "list", "watch"] - - apiGroups: [""] - resources: ["secrets"] - verbs: ["get", "list", "watch", "create", "update", "delete", "patch"] - - apiGroups: [""] - resources: ["events"] - verbs: ["create", "patch"] - ---- - -# Orders controller role -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: {{ template "cert-manager.fullname" . }}-controller-orders - labels: - app: {{ include "cert-manager.name" . }} - app.kubernetes.io/name: {{ include "cert-manager.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "controller" - {{- include "labels" . | nindent 4 }} -rules: - - apiGroups: ["acme.cert-manager.io"] - resources: ["orders", "orders/status"] - verbs: ["update", "patch"] - - apiGroups: ["acme.cert-manager.io"] - resources: ["orders", "challenges"] - verbs: ["get", "list", "watch"] - - apiGroups: ["cert-manager.io"] - resources: ["clusterissuers", "issuers"] - verbs: ["get", "list", "watch"] - - apiGroups: ["acme.cert-manager.io"] - resources: ["challenges"] - verbs: ["create", "delete"] - # We require these rules to support users with the OwnerReferencesPermissionEnforcement - # admission controller enabled: - # https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#ownerreferencespermissionenforcement - - apiGroups: ["acme.cert-manager.io"] - resources: ["orders/finalizers"] - verbs: ["update"] - - apiGroups: [""] - resources: ["secrets"] - verbs: ["get", "list", "watch"] - - apiGroups: [""] - resources: ["events"] - verbs: ["create", "patch"] - ---- - -# Challenges controller role -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: {{ template "cert-manager.fullname" . }}-controller-challenges - labels: - app: {{ include "cert-manager.name" . }} - app.kubernetes.io/name: {{ include "cert-manager.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "controller" - {{- include "labels" . | nindent 4 }} -rules: - # Use to update challenge resource status - - apiGroups: ["acme.cert-manager.io"] - resources: ["challenges", "challenges/status"] - verbs: ["update", "patch"] - # Used to watch challenge resources - - apiGroups: ["acme.cert-manager.io"] - resources: ["challenges"] - verbs: ["get", "list", "watch"] - # Used to watch challenges, issuer and clusterissuer resources - - apiGroups: ["cert-manager.io"] - resources: ["issuers", "clusterissuers"] - verbs: ["get", "list", "watch"] - # Need to be able to retrieve ACME account private key to complete challenges - - apiGroups: [""] - resources: ["secrets"] - verbs: ["get", "list", "watch"] - # Used to create events - - apiGroups: [""] - resources: ["events"] - verbs: ["create", "patch"] - # HTTP01 rules - - apiGroups: [""] - resources: ["pods", "services"] - verbs: ["get", "list", "watch", "create", "delete"] - - apiGroups: ["networking.k8s.io"] - resources: ["ingresses"] - verbs: ["get", "list", "watch", "create", "delete", "update"] - - apiGroups: [ "gateway.networking.k8s.io" ] - resources: [ "httproutes" ] - verbs: ["get", "list", "watch", "create", "delete", "update"] - # We require the ability to specify a custom hostname when we are creating - # new ingress resources. - # See: https://github.com/openshift/origin/blob/21f191775636f9acadb44fa42beeb4f75b255532/pkg/route/apiserver/admission/ingress_admission.go#L84-L148 - - apiGroups: ["route.openshift.io"] - resources: ["routes/custom-host"] - verbs: ["create"] - # We require these rules to support users with the OwnerReferencesPermissionEnforcement - # admission controller enabled: - # https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#ownerreferencespermissionenforcement - - apiGroups: ["acme.cert-manager.io"] - resources: ["challenges/finalizers"] - verbs: ["update"] - # DNS01 rules (duplicated above) - - apiGroups: [""] - resources: ["secrets"] - verbs: ["get", "list", "watch"] - ---- - -# ingress-shim controller role -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: {{ template "cert-manager.fullname" . }}-controller-ingress-shim - labels: - app: {{ include "cert-manager.name" . }} - app.kubernetes.io/name: {{ include "cert-manager.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "controller" - {{- include "labels" . | nindent 4 }} -rules: - - apiGroups: ["cert-manager.io"] - resources: ["certificates", "certificaterequests"] - verbs: ["create", "update", "delete"] - - apiGroups: ["cert-manager.io"] - resources: ["certificates", "certificaterequests", "issuers", "clusterissuers"] - verbs: ["get", "list", "watch"] - - apiGroups: ["networking.k8s.io"] - resources: ["ingresses"] - verbs: ["get", "list", "watch"] - # We require these rules to support users with the OwnerReferencesPermissionEnforcement - # admission controller enabled: - # https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#ownerreferencespermissionenforcement - - apiGroups: ["networking.k8s.io"] - resources: ["ingresses/finalizers"] - verbs: ["update"] - - apiGroups: ["gateway.networking.k8s.io"] - resources: ["gateways", "httproutes"] - verbs: ["get", "list", "watch"] - - apiGroups: ["gateway.networking.k8s.io"] - resources: ["gateways/finalizers", "httproutes/finalizers"] - verbs: ["update"] - - apiGroups: [""] - resources: ["events"] - verbs: ["create", "patch"] - ---- - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: {{ template "cert-manager.fullname" . }}-controller-issuers - labels: - app: {{ include "cert-manager.name" . }} - app.kubernetes.io/name: {{ include "cert-manager.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "controller" - {{- include "labels" . | nindent 4 }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: {{ template "cert-manager.fullname" . }}-controller-issuers -subjects: - - name: {{ template "cert-manager.serviceAccountName" . }} - namespace: {{ include "cert-manager.namespace" . }} - kind: ServiceAccount - ---- - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: {{ template "cert-manager.fullname" . }}-controller-clusterissuers - labels: - app: {{ include "cert-manager.name" . }} - app.kubernetes.io/name: {{ include "cert-manager.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "controller" - {{- include "labels" . | nindent 4 }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: {{ template "cert-manager.fullname" . }}-controller-clusterissuers -subjects: - - name: {{ template "cert-manager.serviceAccountName" . }} - namespace: {{ include "cert-manager.namespace" . }} - kind: ServiceAccount - ---- - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: {{ template "cert-manager.fullname" . }}-controller-certificates - labels: - app: {{ include "cert-manager.name" . }} - app.kubernetes.io/name: {{ include "cert-manager.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "controller" - {{- include "labels" . | nindent 4 }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: {{ template "cert-manager.fullname" . }}-controller-certificates -subjects: - - name: {{ template "cert-manager.serviceAccountName" . }} - namespace: {{ include "cert-manager.namespace" . }} - kind: ServiceAccount - ---- - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: {{ template "cert-manager.fullname" . }}-controller-orders - labels: - app: {{ include "cert-manager.name" . }} - app.kubernetes.io/name: {{ include "cert-manager.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "controller" - {{- include "labels" . | nindent 4 }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: {{ template "cert-manager.fullname" . }}-controller-orders -subjects: - - name: {{ template "cert-manager.serviceAccountName" . }} - namespace: {{ include "cert-manager.namespace" . }} - kind: ServiceAccount - ---- - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: {{ template "cert-manager.fullname" . }}-controller-challenges - labels: - app: {{ include "cert-manager.name" . }} - app.kubernetes.io/name: {{ include "cert-manager.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "controller" - {{- include "labels" . | nindent 4 }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: {{ template "cert-manager.fullname" . }}-controller-challenges -subjects: - - name: {{ template "cert-manager.serviceAccountName" . }} - namespace: {{ include "cert-manager.namespace" . }} - kind: ServiceAccount - ---- - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: {{ template "cert-manager.fullname" . }}-controller-ingress-shim - labels: - app: {{ include "cert-manager.name" . }} - app.kubernetes.io/name: {{ include "cert-manager.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "controller" - {{- include "labels" . | nindent 4 }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: {{ template "cert-manager.fullname" . }}-controller-ingress-shim -subjects: - - name: {{ template "cert-manager.serviceAccountName" . }} - namespace: {{ include "cert-manager.namespace" . }} - kind: ServiceAccount - -{{- if .Values.global.rbac.aggregateClusterRoles }} ---- - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: {{ template "cert-manager.fullname" . }}-cluster-view - labels: - app: {{ include "cert-manager.name" . }} - app.kubernetes.io/name: {{ include "cert-manager.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "controller" - {{- include "labels" . | nindent 4 }} - rbac.authorization.k8s.io/aggregate-to-cluster-reader: "true" -rules: - - apiGroups: ["cert-manager.io"] - resources: ["clusterissuers"] - verbs: ["get", "list", "watch"] - -{{- end }} ---- - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: {{ template "cert-manager.fullname" . }}-view - labels: - app: {{ include "cert-manager.name" . }} - app.kubernetes.io/name: {{ include "cert-manager.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "controller" - {{- include "labels" . | nindent 4 }} - {{- if .Values.global.rbac.aggregateClusterRoles }} - rbac.authorization.k8s.io/aggregate-to-view: "true" - rbac.authorization.k8s.io/aggregate-to-edit: "true" - rbac.authorization.k8s.io/aggregate-to-admin: "true" - rbac.authorization.k8s.io/aggregate-to-cluster-reader: "true" - {{- end }} -rules: - - apiGroups: ["cert-manager.io"] - resources: ["certificates", "certificaterequests", "issuers"] - verbs: ["get", "list", "watch"] - - apiGroups: ["acme.cert-manager.io"] - resources: ["challenges", "orders"] - verbs: ["get", "list", "watch"] - - ---- - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: {{ template "cert-manager.fullname" . }}-edit - labels: - app: {{ include "cert-manager.name" . }} - app.kubernetes.io/name: {{ include "cert-manager.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "controller" - {{- include "labels" . | nindent 4 }} - {{- if .Values.global.rbac.aggregateClusterRoles }} - rbac.authorization.k8s.io/aggregate-to-edit: "true" - rbac.authorization.k8s.io/aggregate-to-admin: "true" - {{- end }} -rules: - - apiGroups: ["cert-manager.io"] - resources: ["certificates", "certificaterequests", "issuers"] - verbs: ["create", "delete", "deletecollection", "patch", "update"] - - apiGroups: ["cert-manager.io"] - resources: ["certificates/status"] - verbs: ["update"] - - apiGroups: ["acme.cert-manager.io"] - resources: ["challenges", "orders"] - verbs: ["create", "delete", "deletecollection", "patch", "update"] - ---- - -{{- if not .Values.disableAutoApproval -}} - -# Permission to approve CertificateRequests referencing cert-manager.io Issuers and ClusterIssuers -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: {{ template "cert-manager.fullname" . }}-controller-approve:cert-manager-io - labels: - app: {{ include "cert-manager.name" . }} - app.kubernetes.io/name: {{ include "cert-manager.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "cert-manager" - {{- include "labels" . | nindent 4 }} -rules: - - apiGroups: ["cert-manager.io"] - resources: ["signers"] - verbs: ["approve"] - {{- with .Values.approveSignerNames }} - resourceNames: - {{- range . }} - - {{ . | quote }} - {{- end }} - {{- end }} - ---- - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: {{ template "cert-manager.fullname" . }}-controller-approve:cert-manager-io - labels: - app: {{ include "cert-manager.name" . }} - app.kubernetes.io/name: {{ include "cert-manager.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "cert-manager" - {{- include "labels" . | nindent 4 }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: {{ template "cert-manager.fullname" . }}-controller-approve:cert-manager-io -subjects: - - name: {{ template "cert-manager.serviceAccountName" . }} - namespace: {{ include "cert-manager.namespace" . }} - kind: ServiceAccount - ---- - -{{- end -}} - -# Permission to: -# - Update and sign CertificatSigningeRequests referencing cert-manager.io Issuers and ClusterIssuers -# - Perform SubjectAccessReviews to test whether users are able to reference Namespaced Issuers -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: {{ template "cert-manager.fullname" . }}-controller-certificatesigningrequests - labels: - app: {{ include "cert-manager.name" . }} - app.kubernetes.io/name: {{ include "cert-manager.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "cert-manager" - {{- include "labels" . | nindent 4 }} -rules: - - apiGroups: ["certificates.k8s.io"] - resources: ["certificatesigningrequests"] - verbs: ["get", "list", "watch", "update"] - - apiGroups: ["certificates.k8s.io"] - resources: ["certificatesigningrequests/status"] - verbs: ["update", "patch"] - - apiGroups: ["certificates.k8s.io"] - resources: ["signers"] - resourceNames: ["issuers.cert-manager.io/*", "clusterissuers.cert-manager.io/*"] - verbs: ["sign"] - - apiGroups: ["authorization.k8s.io"] - resources: ["subjectaccessreviews"] - verbs: ["create"] - ---- - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: {{ template "cert-manager.fullname" . }}-controller-certificatesigningrequests - labels: - app: {{ include "cert-manager.name" . }} - app.kubernetes.io/name: {{ include "cert-manager.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "cert-manager" - {{- include "labels" . | nindent 4 }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: {{ template "cert-manager.fullname" . }}-controller-certificatesigningrequests -subjects: - - name: {{ template "cert-manager.serviceAccountName" . }} - namespace: {{ include "cert-manager.namespace" . }} - kind: ServiceAccount -{{- end }} diff --git a/charts/cert-manager/cert-manager/templates/service.yaml b/charts/cert-manager/cert-manager/templates/service.yaml deleted file mode 100644 index 360ec64..0000000 --- a/charts/cert-manager/cert-manager/templates/service.yaml +++ /dev/null @@ -1,37 +0,0 @@ -{{- if and .Values.prometheus.enabled (not .Values.prometheus.podmonitor.enabled) }} -apiVersion: v1 -kind: Service -metadata: - name: {{ template "cert-manager.fullname" . }} - namespace: {{ include "cert-manager.namespace" . }} -{{- with .Values.serviceAnnotations }} - annotations: -{{ toYaml . | indent 4 }} -{{- end }} - labels: - app: {{ include "cert-manager.name" . }} - app.kubernetes.io/name: {{ include "cert-manager.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "controller" - {{- include "labels" . | nindent 4 }} - {{- with .Values.serviceLabels }} - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - type: ClusterIP - {{- if .Values.serviceIPFamilyPolicy }} - ipFamilyPolicy: {{ .Values.serviceIPFamilyPolicy }} - {{- end }} - {{- if .Values.serviceIPFamilies }} - ipFamilies: {{ .Values.serviceIPFamilies | toYaml | nindent 2 }} - {{- end }} - ports: - - protocol: TCP - port: 9402 - name: tcp-prometheus-servicemonitor - targetPort: {{ .Values.prometheus.servicemonitor.targetPort }} - selector: - app.kubernetes.io/name: {{ include "cert-manager.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "controller" -{{- end }} diff --git a/charts/cert-manager/cert-manager/templates/serviceaccount.yaml b/charts/cert-manager/cert-manager/templates/serviceaccount.yaml deleted file mode 100644 index 87fc00e..0000000 --- a/charts/cert-manager/cert-manager/templates/serviceaccount.yaml +++ /dev/null @@ -1,25 +0,0 @@ -{{- if .Values.serviceAccount.create }} -apiVersion: v1 -kind: ServiceAccount -{{- with .Values.global.imagePullSecrets }} -imagePullSecrets: - {{- toYaml . | nindent 2 }} -{{- end }} -automountServiceAccountToken: {{ .Values.serviceAccount.automountServiceAccountToken }} -metadata: - name: {{ template "cert-manager.serviceAccountName" . }} - namespace: {{ include "cert-manager.namespace" . }} - {{- with .Values.serviceAccount.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} - labels: - app: {{ include "cert-manager.name" . }} - app.kubernetes.io/name: {{ include "cert-manager.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "controller" - {{- include "labels" . | nindent 4 }} - {{- with .Values.serviceAccount.labels }} - {{- toYaml . | nindent 4 }} - {{- end }} -{{- end }} diff --git a/charts/cert-manager/cert-manager/templates/servicemonitor.yaml b/charts/cert-manager/cert-manager/templates/servicemonitor.yaml deleted file mode 100644 index b638860..0000000 --- a/charts/cert-manager/cert-manager/templates/servicemonitor.yaml +++ /dev/null @@ -1,50 +0,0 @@ -{{- if and .Values.prometheus.enabled (and .Values.prometheus.podmonitor.enabled .Values.prometheus.servicemonitor.enabled) }} -{{- fail "Either .Values.prometheus.podmonitor.enabled or .Values.prometheus.servicemonitor.enabled can be enabled at a time, but not both." }} -{{- else if and .Values.prometheus.enabled .Values.prometheus.servicemonitor.enabled }} -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: {{ template "cert-manager.fullname" . }} -{{- if .Values.prometheus.servicemonitor.namespace }} - namespace: {{ .Values.prometheus.servicemonitor.namespace }} -{{- else }} - namespace: {{ include "cert-manager.namespace" . }} -{{- end }} - labels: - app: {{ include "cert-manager.name" . }} - app.kubernetes.io/name: {{ include "cert-manager.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "controller" - {{- include "labels" . | nindent 4 }} - prometheus: {{ .Values.prometheus.servicemonitor.prometheusInstance }} - {{- with .Values.prometheus.servicemonitor.labels }} - {{- toYaml . | nindent 4 }} - {{- end }} -{{- if .Values.prometheus.servicemonitor.annotations }} - annotations: - {{- with .Values.prometheus.servicemonitor.annotations }} - {{- toYaml . | nindent 4 }} - {{- end }} -{{- end }} -spec: - jobLabel: {{ template "cert-manager.fullname" . }} - selector: - matchLabels: - app.kubernetes.io/name: {{ template "cert-manager.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "controller" -{{- if .Values.prometheus.servicemonitor.namespace }} - namespaceSelector: - matchNames: - - {{ include "cert-manager.namespace" . }} -{{- end }} - endpoints: - - targetPort: {{ .Values.prometheus.servicemonitor.targetPort }} - path: {{ .Values.prometheus.servicemonitor.path }} - interval: {{ .Values.prometheus.servicemonitor.interval }} - scrapeTimeout: {{ .Values.prometheus.servicemonitor.scrapeTimeout }} - honorLabels: {{ .Values.prometheus.servicemonitor.honorLabels }} - {{- with .Values.prometheus.servicemonitor.endpointAdditionalProperties }} - {{- toYaml . | nindent 4 }} - {{- end }} -{{- end }} diff --git a/charts/cert-manager/cert-manager/templates/startupapicheck-job.yaml b/charts/cert-manager/cert-manager/templates/startupapicheck-job.yaml deleted file mode 100644 index 311b4c4..0000000 --- a/charts/cert-manager/cert-manager/templates/startupapicheck-job.yaml +++ /dev/null @@ -1,87 +0,0 @@ -{{- if .Values.startupapicheck.enabled }} -apiVersion: batch/v1 -kind: Job -metadata: - name: {{ include "startupapicheck.fullname" . }} - namespace: {{ include "cert-manager.namespace" . }} - labels: - app: {{ include "startupapicheck.name" . }} - app.kubernetes.io/name: {{ include "startupapicheck.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "startupapicheck" - {{- include "labels" . | nindent 4 }} - {{- with .Values.startupapicheck.jobAnnotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - backoffLimit: {{ .Values.startupapicheck.backoffLimit }} - template: - metadata: - labels: - app: {{ include "startupapicheck.name" . }} - app.kubernetes.io/name: {{ include "startupapicheck.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "startupapicheck" - {{- include "labels" . | nindent 8 }} - {{- with .Values.startupapicheck.podLabels }} - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.startupapicheck.podAnnotations }} - annotations: - {{- toYaml . | nindent 8 }} - {{- end }} - spec: - restartPolicy: OnFailure - serviceAccountName: {{ template "startupapicheck.serviceAccountName" . }} - {{- if hasKey .Values.startupapicheck "automountServiceAccountToken" }} - automountServiceAccountToken: {{ .Values.startupapicheck.automountServiceAccountToken }} - {{- end }} - enableServiceLinks: {{ .Values.startupapicheck.enableServiceLinks }} - {{- with .Values.global.priorityClassName }} - priorityClassName: {{ . | quote }} - {{- end }} - {{- with .Values.startupapicheck.securityContext }} - securityContext: - {{- toYaml . | nindent 8 }} - {{- end }} - containers: - - name: {{ .Chart.Name }}-startupapicheck - image: "{{ template "image" (tuple .Values.startupapicheck.image $.Chart.AppVersion) }}" - imagePullPolicy: {{ .Values.startupapicheck.image.pullPolicy }} - args: - - check - - api - - --wait={{ .Values.startupapicheck.timeout }} - {{- with .Values.startupapicheck.extraArgs }} - {{- toYaml . | nindent 10 }} - {{- end }} - {{- with .Values.startupapicheck.containerSecurityContext }} - securityContext: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- with .Values.startupapicheck.resources }} - resources: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- with .Values.startupapicheck.volumeMounts }} - volumeMounts: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- with .Values.startupapicheck.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.startupapicheck.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.startupapicheck.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.startupapicheck.volumes }} - volumes: - {{- toYaml . | nindent 8 }} - {{- end }} -{{- end }} diff --git a/charts/cert-manager/cert-manager/templates/startupapicheck-psp-clusterrole.yaml b/charts/cert-manager/cert-manager/templates/startupapicheck-psp-clusterrole.yaml deleted file mode 100644 index dacd4be..0000000 --- a/charts/cert-manager/cert-manager/templates/startupapicheck-psp-clusterrole.yaml +++ /dev/null @@ -1,24 +0,0 @@ -{{- if .Values.startupapicheck.enabled }} -{{- if .Values.global.podSecurityPolicy.enabled }} -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: {{ template "startupapicheck.fullname" . }}-psp - labels: - app: {{ include "startupapicheck.name" . }} - app.kubernetes.io/name: {{ include "startupapicheck.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "startupapicheck" - {{- include "labels" . | nindent 4 }} - {{- with .Values.startupapicheck.rbac.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -rules: -- apiGroups: ['policy'] - resources: ['podsecuritypolicies'] - verbs: ['use'] - resourceNames: - - {{ template "startupapicheck.fullname" . }} -{{- end }} -{{- end }} diff --git a/charts/cert-manager/cert-manager/templates/startupapicheck-psp-clusterrolebinding.yaml b/charts/cert-manager/cert-manager/templates/startupapicheck-psp-clusterrolebinding.yaml deleted file mode 100644 index 54d5a42..0000000 --- a/charts/cert-manager/cert-manager/templates/startupapicheck-psp-clusterrolebinding.yaml +++ /dev/null @@ -1,26 +0,0 @@ -{{- if .Values.startupapicheck.enabled }} -{{- if .Values.global.podSecurityPolicy.enabled }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: {{ template "startupapicheck.fullname" . }}-psp - labels: - app: {{ include "startupapicheck.name" . }} - app.kubernetes.io/name: {{ include "startupapicheck.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "startupapicheck" - {{- include "labels" . | nindent 4 }} - {{- with .Values.startupapicheck.rbac.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: {{ template "startupapicheck.fullname" . }}-psp -subjects: - - kind: ServiceAccount - name: {{ template "startupapicheck.serviceAccountName" . }} - namespace: {{ include "cert-manager.namespace" . }} -{{- end }} -{{- end }} diff --git a/charts/cert-manager/cert-manager/templates/startupapicheck-psp.yaml b/charts/cert-manager/cert-manager/templates/startupapicheck-psp.yaml deleted file mode 100644 index f09d60d..0000000 --- a/charts/cert-manager/cert-manager/templates/startupapicheck-psp.yaml +++ /dev/null @@ -1,51 +0,0 @@ -{{- if .Values.startupapicheck.enabled }} -{{- if .Values.global.podSecurityPolicy.enabled }} -apiVersion: policy/v1beta1 -kind: PodSecurityPolicy -metadata: - name: {{ template "startupapicheck.fullname" . }} - labels: - app: {{ include "startupapicheck.name" . }} - app.kubernetes.io/name: {{ include "startupapicheck.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "startupapicheck" - {{- include "labels" . | nindent 4 }} - annotations: - seccomp.security.alpha.kubernetes.io/allowedProfileNames: 'docker/default' - seccomp.security.alpha.kubernetes.io/defaultProfileName: 'docker/default' - {{- if .Values.global.podSecurityPolicy.useAppArmor }} - apparmor.security.beta.kubernetes.io/allowedProfileNames: 'runtime/default' - apparmor.security.beta.kubernetes.io/defaultProfileName: 'runtime/default' - {{- end }} - {{- with .Values.startupapicheck.rbac.annotations }} - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - privileged: false - allowPrivilegeEscalation: false - allowedCapabilities: [] # default set of capabilities are implicitly allowed - volumes: - - 'projected' - - 'secret' - hostNetwork: false - hostIPC: false - hostPID: false - runAsUser: - rule: 'MustRunAs' - ranges: - - min: 1000 - max: 1000 - seLinux: - rule: 'RunAsAny' - supplementalGroups: - rule: 'MustRunAs' - ranges: - - min: 1000 - max: 1000 - fsGroup: - rule: 'MustRunAs' - ranges: - - min: 1000 - max: 1000 -{{- end }} -{{- end }} diff --git a/charts/cert-manager/cert-manager/templates/startupapicheck-rbac.yaml b/charts/cert-manager/cert-manager/templates/startupapicheck-rbac.yaml deleted file mode 100644 index 606e725..0000000 --- a/charts/cert-manager/cert-manager/templates/startupapicheck-rbac.yaml +++ /dev/null @@ -1,48 +0,0 @@ -{{- if .Values.startupapicheck.enabled }} -{{- if .Values.global.rbac.create }} -# create certificate role -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: {{ template "startupapicheck.fullname" . }}:create-cert - namespace: {{ include "cert-manager.namespace" . }} - labels: - app: {{ include "startupapicheck.name" . }} - app.kubernetes.io/name: {{ include "startupapicheck.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "startupapicheck" - {{- include "labels" . | nindent 4 }} - {{- with .Values.startupapicheck.rbac.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -rules: - - apiGroups: ["cert-manager.io"] - resources: ["certificates"] - verbs: ["create"] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: {{ include "startupapicheck.fullname" . }}:create-cert - namespace: {{ include "cert-manager.namespace" . }} - labels: - app: {{ include "startupapicheck.name" . }} - app.kubernetes.io/name: {{ include "startupapicheck.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "startupapicheck" - {{- include "labels" . | nindent 4 }} - {{- with .Values.startupapicheck.rbac.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: {{ template "startupapicheck.fullname" . }}:create-cert -subjects: - - kind: ServiceAccount - name: {{ template "startupapicheck.serviceAccountName" . }} - namespace: {{ include "cert-manager.namespace" . }} -{{- end }} -{{- end }} diff --git a/charts/cert-manager/cert-manager/templates/startupapicheck-serviceaccount.yaml b/charts/cert-manager/cert-manager/templates/startupapicheck-serviceaccount.yaml deleted file mode 100644 index 8c41760..0000000 --- a/charts/cert-manager/cert-manager/templates/startupapicheck-serviceaccount.yaml +++ /dev/null @@ -1,27 +0,0 @@ -{{- if .Values.startupapicheck.enabled }} -{{- if .Values.startupapicheck.serviceAccount.create }} -apiVersion: v1 -kind: ServiceAccount -automountServiceAccountToken: {{ .Values.startupapicheck.serviceAccount.automountServiceAccountToken }} -metadata: - name: {{ template "startupapicheck.serviceAccountName" . }} - namespace: {{ include "cert-manager.namespace" . }} - {{- with .Values.startupapicheck.serviceAccount.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} - labels: - app: {{ include "startupapicheck.name" . }} - app.kubernetes.io/name: {{ include "startupapicheck.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "startupapicheck" - {{- include "labels" . | nindent 4 }} - {{- with .Values.startupapicheck.serviceAccount.labels }} - {{ toYaml . | nindent 4 }} - {{- end }} -{{- with .Values.global.imagePullSecrets }} -imagePullSecrets: - {{- toYaml . | nindent 2 }} -{{- end }} -{{- end }} -{{- end }} diff --git a/charts/cert-manager/cert-manager/templates/webhook-config.yaml b/charts/cert-manager/cert-manager/templates/webhook-config.yaml deleted file mode 100644 index 8f3ce20..0000000 --- a/charts/cert-manager/cert-manager/templates/webhook-config.yaml +++ /dev/null @@ -1,18 +0,0 @@ -{{- if .Values.webhook.config -}} -{{- $_ := .Values.webhook.config.apiVersion | required ".Values.webhook.config.apiVersion must be set !" -}} -{{- $_ := .Values.webhook.config.kind | required ".Values.webhook.config.kind must be set !" -}} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "webhook.fullname" . }} - namespace: {{ include "cert-manager.namespace" . }} - labels: - app: {{ include "webhook.name" . }} - app.kubernetes.io/name: {{ include "webhook.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "webhook" - {{- include "labels" . | nindent 4 }} -data: - config.yaml: | - {{- .Values.webhook.config | toYaml | nindent 4 }} -{{- end -}} \ No newline at end of file diff --git a/charts/cert-manager/cert-manager/templates/webhook-deployment.yaml b/charts/cert-manager/cert-manager/templates/webhook-deployment.yaml deleted file mode 100644 index ae5399e..0000000 --- a/charts/cert-manager/cert-manager/templates/webhook-deployment.yaml +++ /dev/null @@ -1,192 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "webhook.fullname" . }} - namespace: {{ include "cert-manager.namespace" . }} - labels: - app: {{ include "webhook.name" . }} - app.kubernetes.io/name: {{ include "webhook.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "webhook" - {{- include "labels" . | nindent 4 }} - {{- with .Values.webhook.deploymentAnnotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - replicas: {{ .Values.webhook.replicaCount }} - {{- /* The if statement below is equivalent to {{- if $value }} but will also return true for 0. */ -}} - {{- if not (has (quote .Values.global.revisionHistoryLimit) (list "" (quote ""))) }} - revisionHistoryLimit: {{ .Values.global.revisionHistoryLimit }} - {{- end }} - selector: - matchLabels: - app.kubernetes.io/name: {{ include "webhook.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "webhook" - {{- with .Values.webhook.strategy }} - strategy: - {{- toYaml . | nindent 4 }} - {{- end }} - template: - metadata: - labels: - app: {{ include "webhook.name" . }} - app.kubernetes.io/name: {{ include "webhook.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "webhook" - {{- include "labels" . | nindent 8 }} - {{- with .Values.webhook.podLabels }} - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.webhook.podAnnotations }} - annotations: - {{- toYaml . | nindent 8 }} - {{- end }} - spec: - serviceAccountName: {{ template "webhook.serviceAccountName" . }} - {{- if hasKey .Values.webhook "automountServiceAccountToken" }} - automountServiceAccountToken: {{ .Values.webhook.automountServiceAccountToken }} - {{- end }} - enableServiceLinks: {{ .Values.webhook.enableServiceLinks }} - {{- with .Values.global.priorityClassName }} - priorityClassName: {{ . | quote }} - {{- end }} - {{- with .Values.webhook.securityContext }} - securityContext: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- if .Values.webhook.hostNetwork }} - hostNetwork: true - {{- end }} - {{- if .Values.webhook.hostNetwork }} - dnsPolicy: ClusterFirstWithHostNet - {{- end }} - containers: - - name: {{ .Chart.Name }}-webhook - image: "{{ template "image" (tuple .Values.webhook.image $.Chart.AppVersion) }}" - imagePullPolicy: {{ .Values.webhook.image.pullPolicy }} - args: - {{- /* The if statement below is equivalent to {{- if $value }} but will also return true for 0. */ -}} - {{- if not (has (quote .Values.global.logLevel) (list "" (quote ""))) }} - - --v={{ .Values.global.logLevel }} - {{- end }} - {{- if .Values.webhook.config }} - - --config=/var/cert-manager/config/config.yaml - {{- end }} - {{- $config := default .Values.webhook.config "" }} - {{ if not $config.securePort -}} - - --secure-port={{ .Values.webhook.securePort }} - {{- end }} - {{- if .Values.webhook.featureGates }} - - --feature-gates={{ .Values.webhook.featureGates }} - {{- end }} - {{- $tlsConfig := default $config.tlsConfig "" }} - {{ if or (not $config.tlsConfig) (and (not $tlsConfig.dynamic) (not $tlsConfig.filesystem) ) -}} - - --dynamic-serving-ca-secret-namespace=$(POD_NAMESPACE) - - --dynamic-serving-ca-secret-name={{ template "webhook.fullname" . }}-ca - - --dynamic-serving-dns-names={{ template "webhook.fullname" . }} - - --dynamic-serving-dns-names={{ template "webhook.fullname" . }}.$(POD_NAMESPACE) - - --dynamic-serving-dns-names={{ template "webhook.fullname" . }}.$(POD_NAMESPACE).svc - {{ if .Values.webhook.url.host }} - - --dynamic-serving-dns-names={{ .Values.webhook.url.host }} - {{- end }} - {{- end }} - {{- with .Values.webhook.extraArgs }} - {{- toYaml . | nindent 10 }} - {{- end }} - ports: - - name: https - protocol: TCP - {{- if $config.securePort }} - containerPort: {{ $config.securePort }} - {{- else if .Values.webhook.securePort }} - containerPort: {{ .Values.webhook.securePort }} - {{- else }} - containerPort: 6443 - {{- end }} - - name: healthcheck - protocol: TCP - {{- if $config.healthzPort }} - containerPort: {{ $config.healthzPort }} - {{- else }} - containerPort: 6080 - {{- end }} - livenessProbe: - httpGet: - path: /livez - {{- if $config.healthzPort }} - port: {{ $config.healthzPort }} - {{- else }} - port: 6080 - {{- end }} - scheme: HTTP - initialDelaySeconds: {{ .Values.webhook.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.webhook.livenessProbe.periodSeconds }} - timeoutSeconds: {{ .Values.webhook.livenessProbe.timeoutSeconds }} - successThreshold: {{ .Values.webhook.livenessProbe.successThreshold }} - failureThreshold: {{ .Values.webhook.livenessProbe.failureThreshold }} - readinessProbe: - httpGet: - path: /healthz - {{- if $config.healthzPort }} - port: {{ $config.healthzPort }} - {{- else }} - port: 6080 - {{- end }} - scheme: HTTP - initialDelaySeconds: {{ .Values.webhook.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.webhook.readinessProbe.periodSeconds }} - timeoutSeconds: {{ .Values.webhook.readinessProbe.timeoutSeconds }} - successThreshold: {{ .Values.webhook.readinessProbe.successThreshold }} - failureThreshold: {{ .Values.webhook.readinessProbe.failureThreshold }} - {{- with .Values.webhook.containerSecurityContext }} - securityContext: - {{- toYaml . | nindent 12 }} - {{- end }} - env: - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - {{- with .Values.webhook.resources }} - resources: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- if or .Values.webhook.config .Values.webhook.volumeMounts }} - volumeMounts: - {{- if .Values.webhook.config }} - - name: config - mountPath: /var/cert-manager/config - {{- end }} - {{- with .Values.webhook.volumeMounts }} - {{- toYaml . | nindent 12 }} - {{- end }} - {{- end }} - {{- with .Values.webhook.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.webhook.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.webhook.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.webhook.topologySpreadConstraints }} - topologySpreadConstraints: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- if or .Values.webhook.config .Values.webhook.volumes }} - volumes: - {{- if .Values.webhook.config }} - - name: config - configMap: - name: {{ include "webhook.fullname" . }} - {{- end }} - {{- with .Values.webhook.volumes }} - {{- toYaml . | nindent 8 }} - {{- end }} - {{- end }} diff --git a/charts/cert-manager/cert-manager/templates/webhook-mutating-webhook.yaml b/charts/cert-manager/cert-manager/templates/webhook-mutating-webhook.yaml deleted file mode 100644 index 9ea2977..0000000 --- a/charts/cert-manager/cert-manager/templates/webhook-mutating-webhook.yaml +++ /dev/null @@ -1,48 +0,0 @@ -apiVersion: admissionregistration.k8s.io/v1 -kind: MutatingWebhookConfiguration -metadata: - name: {{ include "webhook.fullname" . }} - labels: - app: {{ include "webhook.name" . }} - app.kubernetes.io/name: {{ include "webhook.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "webhook" - {{- include "labels" . | nindent 4 }} - annotations: - cert-manager.io/inject-ca-from-secret: {{ printf "%s/%s-ca" (include "cert-manager.namespace" .) (include "webhook.fullname" .) | quote }} - {{- with .Values.webhook.mutatingWebhookConfigurationAnnotations }} - {{- toYaml . | nindent 4 }} - {{- end }} -webhooks: - - name: webhook.cert-manager.io - {{- with .Values.webhook.mutatingWebhookConfiguration.namespaceSelector }} - namespaceSelector: - {{- toYaml . | nindent 6 }} - {{- end }} - rules: - - apiGroups: - - "cert-manager.io" - apiVersions: - - "v1" - operations: - - CREATE - resources: - - "certificaterequests" - admissionReviewVersions: ["v1"] - # This webhook only accepts v1 cert-manager resources. - # Equivalent matchPolicy ensures that non-v1 resource requests are sent to - # this webhook (after the resources have been converted to v1). - matchPolicy: Equivalent - timeoutSeconds: {{ .Values.webhook.timeoutSeconds }} - failurePolicy: Fail - # Only include 'sideEffects' field in Kubernetes 1.12+ - sideEffects: None - clientConfig: - {{- if .Values.webhook.url.host }} - url: https://{{ .Values.webhook.url.host }}/mutate - {{- else }} - service: - name: {{ template "webhook.fullname" . }} - namespace: {{ include "cert-manager.namespace" . }} - path: /mutate - {{- end }} \ No newline at end of file diff --git a/charts/cert-manager/cert-manager/templates/webhook-poddisruptionbudget.yaml b/charts/cert-manager/cert-manager/templates/webhook-poddisruptionbudget.yaml deleted file mode 100644 index ab2a481..0000000 --- a/charts/cert-manager/cert-manager/templates/webhook-poddisruptionbudget.yaml +++ /dev/null @@ -1,29 +0,0 @@ -{{- if .Values.webhook.podDisruptionBudget.enabled }} -apiVersion: policy/v1 -kind: PodDisruptionBudget -metadata: - name: {{ include "webhook.fullname" . }} - namespace: {{ include "cert-manager.namespace" . }} - labels: - app: {{ include "webhook.name" . }} - app.kubernetes.io/name: {{ include "webhook.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "webhook" - {{- include "labels" . | nindent 4 }} -spec: - selector: - matchLabels: - app.kubernetes.io/name: {{ include "webhook.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "webhook" - - {{- if not (or (hasKey .Values.webhook.podDisruptionBudget "minAvailable") (hasKey .Values.webhook.podDisruptionBudget "maxUnavailable")) }} - minAvailable: 1 # Default value because minAvailable and maxUnavailable are not set - {{- end }} - {{- if hasKey .Values.webhook.podDisruptionBudget "minAvailable" }} - minAvailable: {{ .Values.webhook.podDisruptionBudget.minAvailable }} - {{- end }} - {{- if hasKey .Values.webhook.podDisruptionBudget "maxUnavailable" }} - maxUnavailable: {{ .Values.webhook.podDisruptionBudget.maxUnavailable }} - {{- end }} -{{- end }} diff --git a/charts/cert-manager/cert-manager/templates/webhook-psp-clusterrole.yaml b/charts/cert-manager/cert-manager/templates/webhook-psp-clusterrole.yaml deleted file mode 100644 index f6fa4c5..0000000 --- a/charts/cert-manager/cert-manager/templates/webhook-psp-clusterrole.yaml +++ /dev/null @@ -1,18 +0,0 @@ -{{- if .Values.global.podSecurityPolicy.enabled }} -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: {{ template "webhook.fullname" . }}-psp - labels: - app: {{ include "webhook.name" . }} - app.kubernetes.io/name: {{ include "webhook.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "webhook" - {{- include "labels" . | nindent 4 }} -rules: -- apiGroups: ['policy'] - resources: ['podsecuritypolicies'] - verbs: ['use'] - resourceNames: - - {{ template "webhook.fullname" . }} -{{- end }} diff --git a/charts/cert-manager/cert-manager/templates/webhook-psp-clusterrolebinding.yaml b/charts/cert-manager/cert-manager/templates/webhook-psp-clusterrolebinding.yaml deleted file mode 100644 index 858df8f..0000000 --- a/charts/cert-manager/cert-manager/templates/webhook-psp-clusterrolebinding.yaml +++ /dev/null @@ -1,20 +0,0 @@ -{{- if .Values.global.podSecurityPolicy.enabled }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: {{ template "webhook.fullname" . }}-psp - labels: - app: {{ include "webhook.name" . }} - app.kubernetes.io/name: {{ include "webhook.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "webhook" - {{- include "labels" . | nindent 4 }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: {{ template "webhook.fullname" . }}-psp -subjects: - - kind: ServiceAccount - name: {{ template "webhook.serviceAccountName" . }} - namespace: {{ include "cert-manager.namespace" . }} -{{- end }} diff --git a/charts/cert-manager/cert-manager/templates/webhook-psp.yaml b/charts/cert-manager/cert-manager/templates/webhook-psp.yaml deleted file mode 100644 index 4d5d959..0000000 --- a/charts/cert-manager/cert-manager/templates/webhook-psp.yaml +++ /dev/null @@ -1,54 +0,0 @@ -{{- if .Values.global.podSecurityPolicy.enabled }} -apiVersion: policy/v1beta1 -kind: PodSecurityPolicy -metadata: - name: {{ template "webhook.fullname" . }} - labels: - app: {{ include "webhook.name" . }} - app.kubernetes.io/name: {{ include "webhook.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "webhook" - {{- include "labels" . | nindent 4 }} - annotations: - seccomp.security.alpha.kubernetes.io/allowedProfileNames: 'docker/default' - seccomp.security.alpha.kubernetes.io/defaultProfileName: 'docker/default' - {{- if .Values.global.podSecurityPolicy.useAppArmor }} - apparmor.security.beta.kubernetes.io/allowedProfileNames: 'runtime/default' - apparmor.security.beta.kubernetes.io/defaultProfileName: 'runtime/default' - {{- end }} -spec: - privileged: false - allowPrivilegeEscalation: false - allowedCapabilities: [] # default set of capabilities are implicitly allowed - volumes: - - 'configMap' - - 'emptyDir' - - 'projected' - - 'secret' - - 'downwardAPI' - hostNetwork: {{ .Values.webhook.hostNetwork }} - {{- if .Values.webhook.hostNetwork }} - hostPorts: - - max: {{ .Values.webhook.securePort }} - min: {{ .Values.webhook.securePort }} - {{- end }} - hostIPC: false - hostPID: false - runAsUser: - rule: 'MustRunAs' - ranges: - - min: 1000 - max: 1000 - seLinux: - rule: 'RunAsAny' - supplementalGroups: - rule: 'MustRunAs' - ranges: - - min: 1000 - max: 1000 - fsGroup: - rule: 'MustRunAs' - ranges: - - min: 1000 - max: 1000 -{{- end }} diff --git a/charts/cert-manager/cert-manager/templates/webhook-rbac.yaml b/charts/cert-manager/cert-manager/templates/webhook-rbac.yaml deleted file mode 100644 index b075ffd..0000000 --- a/charts/cert-manager/cert-manager/templates/webhook-rbac.yaml +++ /dev/null @@ -1,83 +0,0 @@ -{{- if .Values.global.rbac.create }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: {{ template "webhook.fullname" . }}:dynamic-serving - namespace: {{ include "cert-manager.namespace" . }} - labels: - app: {{ include "webhook.name" . }} - app.kubernetes.io/name: {{ include "webhook.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "webhook" - {{- include "labels" . | nindent 4 }} -rules: -- apiGroups: [""] - resources: ["secrets"] - resourceNames: - - '{{ template "webhook.fullname" . }}-ca' - verbs: ["get", "list", "watch", "update"] -# It's not possible to grant CREATE permission on a single resourceName. -- apiGroups: [""] - resources: ["secrets"] - verbs: ["create"] ---- - -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: {{ template "webhook.fullname" . }}:dynamic-serving - namespace: {{ include "cert-manager.namespace" . }} - labels: - app: {{ include "webhook.name" . }} - app.kubernetes.io/name: {{ include "webhook.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "webhook" - {{- include "labels" . | nindent 4 }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: {{ template "webhook.fullname" . }}:dynamic-serving -subjects: -- apiGroup: "" - kind: ServiceAccount - name: {{ template "webhook.serviceAccountName" . }} - namespace: {{ include "cert-manager.namespace" . }} - ---- - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: {{ template "webhook.fullname" . }}:subjectaccessreviews - labels: - app: {{ include "webhook.name" . }} - app.kubernetes.io/name: {{ include "webhook.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "webhook" - {{- include "labels" . | nindent 4 }} -rules: -- apiGroups: ["authorization.k8s.io"] - resources: ["subjectaccessreviews"] - verbs: ["create"] ---- - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: {{ template "webhook.fullname" . }}:subjectaccessreviews - labels: - app: {{ include "webhook.name" . }} - app.kubernetes.io/name: {{ include "webhook.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "webhook" - {{- include "labels" . | nindent 4 }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: {{ template "webhook.fullname" . }}:subjectaccessreviews -subjects: -- apiGroup: "" - kind: ServiceAccount - name: {{ template "webhook.serviceAccountName" . }} - namespace: {{ include "cert-manager.namespace" . }} -{{- end }} diff --git a/charts/cert-manager/cert-manager/templates/webhook-service.yaml b/charts/cert-manager/cert-manager/templates/webhook-service.yaml deleted file mode 100644 index 86d47f1..0000000 --- a/charts/cert-manager/cert-manager/templates/webhook-service.yaml +++ /dev/null @@ -1,38 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: {{ template "webhook.fullname" . }} - namespace: {{ include "cert-manager.namespace" . }} -{{- with .Values.webhook.serviceAnnotations }} - annotations: -{{ toYaml . | indent 4 }} -{{- end }} - labels: - app: {{ include "webhook.name" . }} - app.kubernetes.io/name: {{ include "webhook.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "webhook" - {{- include "labels" . | nindent 4 }} - {{- with .Values.webhook.serviceLabels }} - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - type: {{ .Values.webhook.serviceType }} - {{- if .Values.webhook.serviceIPFamilyPolicy }} - ipFamilyPolicy: {{ .Values.webhook.serviceIPFamilyPolicy }} - {{- end }} - {{- if .Values.webhook.serviceIPFamilies }} - ipFamilies: {{ .Values.webhook.serviceIPFamilies | toYaml | nindent 2 }} - {{- end }} - {{- with .Values.webhook.loadBalancerIP }} - loadBalancerIP: {{ . }} - {{- end }} - ports: - - name: https - port: 443 - protocol: TCP - targetPort: "https" - selector: - app.kubernetes.io/name: {{ include "webhook.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "webhook" diff --git a/charts/cert-manager/cert-manager/templates/webhook-serviceaccount.yaml b/charts/cert-manager/cert-manager/templates/webhook-serviceaccount.yaml deleted file mode 100644 index dff5c06..0000000 --- a/charts/cert-manager/cert-manager/templates/webhook-serviceaccount.yaml +++ /dev/null @@ -1,25 +0,0 @@ -{{- if .Values.webhook.serviceAccount.create }} -apiVersion: v1 -kind: ServiceAccount -automountServiceAccountToken: {{ .Values.webhook.serviceAccount.automountServiceAccountToken }} -metadata: - name: {{ template "webhook.serviceAccountName" . }} - namespace: {{ include "cert-manager.namespace" . }} - {{- with .Values.webhook.serviceAccount.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} - labels: - app: {{ include "webhook.name" . }} - app.kubernetes.io/name: {{ include "webhook.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "webhook" - {{- include "labels" . | nindent 4 }} - {{- with .Values.webhook.serviceAccount.labels }} - {{ toYaml . | nindent 4 }} - {{- end }} -{{- with .Values.global.imagePullSecrets }} -imagePullSecrets: - {{- toYaml . | nindent 2 }} -{{- end }} -{{- end }} diff --git a/charts/cert-manager/cert-manager/templates/webhook-validating-webhook.yaml b/charts/cert-manager/cert-manager/templates/webhook-validating-webhook.yaml deleted file mode 100644 index 76235fd..0000000 --- a/charts/cert-manager/cert-manager/templates/webhook-validating-webhook.yaml +++ /dev/null @@ -1,49 +0,0 @@ -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - name: {{ include "webhook.fullname" . }} - labels: - app: {{ include "webhook.name" . }} - app.kubernetes.io/name: {{ include "webhook.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: "webhook" - {{- include "labels" . | nindent 4 }} - annotations: - cert-manager.io/inject-ca-from-secret: {{ printf "%s/%s-ca" (include "cert-manager.namespace" .) (include "webhook.fullname" .) | quote}} - {{- with .Values.webhook.validatingWebhookConfigurationAnnotations }} - {{- toYaml . | nindent 4 }} - {{- end }} -webhooks: - - name: webhook.cert-manager.io - {{- with .Values.webhook.validatingWebhookConfiguration.namespaceSelector }} - namespaceSelector: - {{- toYaml . | nindent 6 }} - {{- end }} - rules: - - apiGroups: - - "cert-manager.io" - - "acme.cert-manager.io" - apiVersions: - - "v1" - operations: - - CREATE - - UPDATE - resources: - - "*/*" - admissionReviewVersions: ["v1"] - # This webhook only accepts v1 cert-manager resources. - # Equivalent matchPolicy ensures that non-v1 resource requests are sent to - # this webhook (after the resources have been converted to v1). - matchPolicy: Equivalent - timeoutSeconds: {{ .Values.webhook.timeoutSeconds }} - failurePolicy: Fail - sideEffects: None - clientConfig: - {{- if .Values.webhook.url.host }} - url: https://{{ .Values.webhook.url.host }}/validate - {{- else }} - service: - name: {{ template "webhook.fullname" . }} - namespace: {{ include "cert-manager.namespace" . }} - path: /validate - {{- end }} diff --git a/charts/cert-manager/cert-manager/values.yaml b/charts/cert-manager/cert-manager/values.yaml deleted file mode 100644 index 7630c04..0000000 --- a/charts/cert-manager/cert-manager/values.yaml +++ /dev/null @@ -1,1349 +0,0 @@ -# +docs:section=Global - -# Default values for cert-manager. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. -global: - # Reference to one or more secrets to be used when pulling images. - # For more information, see [Pull an Image from a Private Registry](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/). - # - # For example: - # imagePullSecrets: - # - name: "image-pull-secret" - imagePullSecrets: [] - - # Labels to apply to all resources. - # Please note that this does not add labels to the resources created dynamically by the controllers. - # For these resources, you have to add the labels in the template in the cert-manager custom resource: - # For example, podTemplate/ ingressTemplate in ACMEChallengeSolverHTTP01Ingress - # For more information, see the [cert-manager documentation](https://cert-manager.io/docs/reference/api-docs/#acme.cert-manager.io/v1.ACMEChallengeSolverHTTP01Ingress). - # For example, secretTemplate in CertificateSpec - # For more information, see the [cert-manager documentation](https://cert-manager.io/docs/reference/api-docs/#cert-manager.io/v1.CertificateSpec). - commonLabels: {} - - # The number of old ReplicaSets to retain to allow rollback (if not set, the default Kubernetes value is set to 10). - # +docs:property - # revisionHistoryLimit: 1 - - # The optional priority class to be used for the cert-manager pods. - priorityClassName: "" - - rbac: - # Create required ClusterRoles and ClusterRoleBindings for cert-manager. - create: true - # Aggregate ClusterRoles to Kubernetes default user-facing roles. For more information, see [User-facing roles](https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles) - aggregateClusterRoles: true - - podSecurityPolicy: - # Create PodSecurityPolicy for cert-manager. - # - # Note that PodSecurityPolicy was deprecated in Kubernetes 1.21 and removed in Kubernetes 1.25. - enabled: false - # Configure the PodSecurityPolicy to use AppArmor. - useAppArmor: true - - # Set the verbosity of cert-manager. A range of 0 - 6, with 6 being the most verbose. - logLevel: 2 - - leaderElection: - # Override the namespace used for the leader election lease. - namespace: "kube-system" - - # The duration that non-leader candidates will wait after observing a - # leadership renewal until attempting to acquire leadership of a led but - # unrenewed leader slot. This is effectively the maximum duration that a - # leader can be stopped before it is replaced by another candidate. - # +docs:property - # leaseDuration: 60s - - # The interval between attempts by the acting master to renew a leadership - # slot before it stops leading. This must be less than or equal to the - # lease duration. - # +docs:property - # renewDeadline: 40s - - # The duration the clients should wait between attempting acquisition and - # renewal of a leadership. - # +docs:property - # retryPeriod: 15s - -# This option is equivalent to setting crds.enabled=true and crds.keep=true. -# Deprecated: use crds.enabled and crds.keep instead. -installCRDs: false - -crds: - # This option decides if the CRDs should be installed - # as part of the Helm installation. - enabled: false - - # This option makes it so that the "helm.sh/resource-policy": keep - # annotation is added to the CRD. This will prevent Helm from uninstalling - # the CRD when the Helm release is uninstalled. - # WARNING: when the CRDs are removed, all cert-manager custom resources - # (Certificates, Issuers, ...) will be removed too by the garbage collector. - keep: true - -# +docs:section=Controller - -# The number of replicas of the cert-manager controller to run. -# -# The default is 1, but in production set this to 2 or 3 to provide high -# availability. -# -# If `replicas > 1`, consider setting `podDisruptionBudget.enabled=true`. -# -# Note that cert-manager uses leader election to ensure that there can -# only be a single instance active at a time. -replicaCount: 1 - -# Deployment update strategy for the cert-manager controller deployment. -# For more information, see the [Kubernetes documentation](https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy). -# -# For example: -# strategy: -# type: RollingUpdate -# rollingUpdate: -# maxSurge: 0 -# maxUnavailable: 1 -strategy: {} - -podDisruptionBudget: - # Enable or disable the PodDisruptionBudget resource. - # - # This prevents downtime during voluntary disruptions such as during a Node upgrade. - # For example, the PodDisruptionBudget will block `kubectl drain` - # if it is used on the Node where the only remaining cert-manager - # Pod is currently running. - enabled: false - - # This configures the minimum available pods for disruptions. It can either be set to - # an integer (e.g. 1) or a percentage value (e.g. 25%). - # It cannot be used if `maxUnavailable` is set. - # +docs:property - # minAvailable: 1 - - # This configures the maximum unavailable pods for disruptions. It can either be set to - # an integer (e.g. 1) or a percentage value (e.g. 25%). - # it cannot be used if `minAvailable` is set. - # +docs:property - # maxUnavailable: 1 - -# A comma-separated list of feature gates that should be enabled on the -# controller pod. -featureGates: "" - -# The maximum number of challenges that can be scheduled as 'processing' at once. -maxConcurrentChallenges: 60 - -image: - # The container registry to pull the manager image from. - # +docs:property - # registry: quay.io - - # The container image for the cert-manager controller. - # +docs:property - repository: quay.io/jetstack/cert-manager-controller - - # Override the image tag to deploy by setting this variable. - # If no value is set, the chart's appVersion is used. - # +docs:property - # tag: vX.Y.Z - - # Setting a digest will override any tag. - # +docs:property - # digest: sha256:0e072dddd1f7f8fc8909a2ca6f65e76c5f0d2fcfb8be47935ae3457e8bbceb20 - - # Kubernetes imagePullPolicy on Deployment. - pullPolicy: IfNotPresent - -# Override the namespace used to store DNS provider credentials etc. for ClusterIssuer -# resources. By default, the same namespace as cert-manager is deployed within is -# used. This namespace will not be automatically created by the Helm chart. -clusterResourceNamespace: "" - -# This namespace allows you to define where the services are installed into. -# If not set then they use the namespace of the release. -# This is helpful when installing cert manager as a chart dependency (sub chart). -namespace: "" - -serviceAccount: - # Specifies whether a service account should be created. - create: true - - # The name of the service account to use. - # If not set and create is true, a name is generated using the fullname template. - # +docs:property - # name: "" - - # Optional additional annotations to add to the controller's Service Account. - # +docs:property - # annotations: {} - - # Optional additional labels to add to the controller's Service Account. - # +docs:property - # labels: {} - - # Automount API credentials for a Service Account. - automountServiceAccountToken: true - -# Automounting API credentials for a particular pod. -# +docs:property -# automountServiceAccountToken: true - -# When this flag is enabled, secrets will be automatically removed when the certificate resource is deleted. -enableCertificateOwnerRef: false - -# This property is used to configure options for the controller pod. -# This allows setting options that would usually be provided using flags. -# An APIVersion and Kind must be specified in your values.yaml file. -# Flags will override options that are set here. -# -# For example: -# config: -# apiVersion: controller.config.cert-manager.io/v1alpha1 -# kind: ControllerConfiguration -# logging: -# verbosity: 2 -# format: text -# leaderElectionConfig: -# namespace: kube-system -# kubernetesAPIQPS: 9000 -# kubernetesAPIBurst: 9000 -# numberOfConcurrentWorkers: 200 -# featureGates: -# AdditionalCertificateOutputFormats: true -# DisallowInsecureCSRUsageDefinition: true -# ExperimentalCertificateSigningRequestControllers: true -# ExperimentalGatewayAPISupport: true -# LiteralCertificateSubject: true -# SecretsFilteredCaching: true -# ServerSideApply: true -# StableCertificateRequestName: true -# UseCertificateRequestBasicConstraints: true -# ValidateCAA: true -# metricsTLSConfig: -# dynamic: -# secretNamespace: "cert-manager" -# secretName: "cert-manager-metrics-ca" -# dnsNames: -# - cert-manager-metrics -# - cert-manager-metrics.cert-manager -# - cert-manager-metrics.cert-manager.svc -config: {} - -# Setting Nameservers for DNS01 Self Check. -# For more information, see the [cert-manager documentation](https://cert-manager.io/docs/configuration/acme/dns01/#setting-nameservers-for-dns01-self-check). - -# A comma-separated string with the host and port of the recursive nameservers cert-manager should query. -dns01RecursiveNameservers: "" - -# Forces cert-manager to use only the recursive nameservers for verification. -# Enabling this option could cause the DNS01 self check to take longer owing to caching performed by the recursive nameservers. -dns01RecursiveNameserversOnly: false - -# Option to disable cert-manager's build-in auto-approver. The auto-approver -# approves all CertificateRequests that reference issuers matching the 'approveSignerNames' -# option. This 'disableAutoApproval' option is useful when you want to make all approval decisions -# using a different approver (like approver-policy - https://github.com/cert-manager/approver-policy). -disableAutoApproval: false - -# List of signer names that cert-manager will approve by default. CertificateRequests -# referencing these signer names will be auto-approved by cert-manager. Defaults to just -# approving the cert-manager.io Issuer and ClusterIssuer issuers. When set to an empty -# array, ALL issuers will be auto-approved by cert-manager. To disable the auto-approval, -# because eg. you are using approver-policy, you can enable 'disableAutoApproval'. -# ref: https://cert-manager.io/docs/concepts/certificaterequest/#approval -# +docs:property -approveSignerNames: -- issuers.cert-manager.io/* -- clusterissuers.cert-manager.io/* - -# Additional command line flags to pass to cert-manager controller binary. -# To see all available flags run `docker run quay.io/jetstack/cert-manager-controller: --help`. -# -# Use this flag to enable or disable arbitrary controllers. For example, to disable the CertificiateRequests approver. -# -# For example: -# extraArgs: -# - --controllers=*,-certificaterequests-approver -extraArgs: [] - -# Additional environment variables to pass to cert-manager controller binary. -extraEnv: [] -# - name: SOME_VAR -# value: 'some value' - -# Resources to provide to the cert-manager controller pod. -# -# For example: -# requests: -# cpu: 10m -# memory: 32Mi -# -# For more information, see [Resource Management for Pods and Containers](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/). -resources: {} - -# Pod Security Context. -# For more information, see [Configure a Security Context for a Pod or Container](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/). -# +docs:property -securityContext: - runAsNonRoot: true - seccompProfile: - type: RuntimeDefault - -# Container Security Context to be set on the controller component container. -# For more information, see [Configure a Security Context for a Pod or Container](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/). -# +docs:property -containerSecurityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - -# Additional volumes to add to the cert-manager controller pod. -volumes: [] - -# Additional volume mounts to add to the cert-manager controller container. -volumeMounts: [] - -# Optional additional annotations to add to the controller Deployment. -# +docs:property -# deploymentAnnotations: {} - -# Optional additional annotations to add to the controller Pods. -# +docs:property -# podAnnotations: {} - -# Optional additional labels to add to the controller Pods. -podLabels: {} - -# Optional annotations to add to the controller Service. -# +docs:property -# serviceAnnotations: {} - -# Optional additional labels to add to the controller Service. -# +docs:property -# serviceLabels: {} - -# Optionally set the IP family policy for the controller Service to configure dual-stack; see [Configure dual-stack](https://kubernetes.io/docs/concepts/services-networking/dual-stack/#services). -# +docs:property -# serviceIPFamilyPolicy: "" - -# Optionally set the IP families for the controller Service that should be supported, in the order in which they should be applied to ClusterIP. Can be IPv4 and/or IPv6. -# +docs:property -# serviceIPFamilies: [] - -# Optional DNS settings. These are useful if you have a public and private DNS zone for -# the same domain on Route 53. The following is an example of ensuring -# cert-manager can access an ingress or DNS TXT records at all times. -# Note that this requires Kubernetes 1.10 or `CustomPodDNS` feature gate enabled for -# the cluster to work. - -# Pod DNS policy. -# For more information, see [Pod's DNS Policy](https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-s-dns-policy). -# +docs:property -# podDnsPolicy: "None" - -# Pod DNS configuration. The podDnsConfig field is optional and can work with any podDnsPolicy -# settings. However, when a Pod's dnsPolicy is set to "None", the dnsConfig field has to be specified. -# For more information, see [Pod's DNS Config](https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-dns-config). -# +docs:property -# podDnsConfig: -# nameservers: -# - "1.1.1.1" -# - "8.8.8.8" - -# Optional hostAliases for cert-manager-controller pods. May be useful when performing ACME DNS-01 self checks. -hostAliases: [] -# - ip: 127.0.0.1 -# hostnames: -# - foo.local -# - bar.local -# - ip: 10.1.2.3 -# hostnames: -# - foo.remote -# - bar.remote - -# The nodeSelector on Pods tells Kubernetes to schedule Pods on the nodes with -# matching labels. -# For more information, see [Assigning Pods to Nodes](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/). -# -# This default ensures that Pods are only scheduled to Linux nodes. -# It prevents Pods being scheduled to Windows nodes in a mixed OS cluster. -# +docs:property -nodeSelector: - kubernetes.io/os: linux - -# +docs:ignore -ingressShim: {} - - # Optional default issuer to use for ingress resources. - # +docs:property=ingressShim.defaultIssuerName - # defaultIssuerName: "" - - # Optional default issuer kind to use for ingress resources. - # +docs:property=ingressShim.defaultIssuerKind - # defaultIssuerKind: "" - - # Optional default issuer group to use for ingress resources. - # +docs:property=ingressShim.defaultIssuerGroup - # defaultIssuerGroup: "" - -# Use these variables to configure the HTTP_PROXY environment variables. - -# Configures the HTTP_PROXY environment variable where a HTTP proxy is required. -# +docs:property -# http_proxy: "http://proxy:8080" - -# Configures the HTTPS_PROXY environment variable where a HTTP proxy is required. -# +docs:property -# https_proxy: "https://proxy:8080" - -# Configures the NO_PROXY environment variable where a HTTP proxy is required, -# but certain domains should be excluded. -# +docs:property -# no_proxy: 127.0.0.1,localhost - - -# A Kubernetes Affinity, if required. For more information, see [Affinity v1 core](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#affinity-v1-core). -# -# For example: -# affinity: -# nodeAffinity: -# requiredDuringSchedulingIgnoredDuringExecution: -# nodeSelectorTerms: -# - matchExpressions: -# - key: foo.bar.com/role -# operator: In -# values: -# - master -affinity: {} - -# A list of Kubernetes Tolerations, if required. For more information, see [Toleration v1 core](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#toleration-v1-core). -# -# For example: -# tolerations: -# - key: foo.bar.com/role -# operator: Equal -# value: master -# effect: NoSchedule -tolerations: [] - -# A list of Kubernetes TopologySpreadConstraints, if required. For more information, see [Topology spread constraint v1 core](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#topologyspreadconstraint-v1-core -# -# For example: -# topologySpreadConstraints: -# - maxSkew: 2 -# topologyKey: topology.kubernetes.io/zone -# whenUnsatisfiable: ScheduleAnyway -# labelSelector: -# matchLabels: -# app.kubernetes.io/instance: cert-manager -# app.kubernetes.io/component: controller -topologySpreadConstraints: [] - -# LivenessProbe settings for the controller container of the controller Pod. -# -# This is enabled by default, in order to enable the clock-skew liveness probe that -# restarts the controller in case of a skew between the system clock and the monotonic clock. -# LivenessProbe durations and thresholds are based on those used for the Kubernetes -# controller-manager. For more information see the following on the -# [Kubernetes GitHub repository](https://github.com/kubernetes/kubernetes/blob/806b30170c61a38fedd54cc9ede4cd6275a1ad3b/cmd/kubeadm/app/util/staticpod/utils.go#L241-L245) -# +docs:property -livenessProbe: - enabled: true - initialDelaySeconds: 10 - periodSeconds: 10 - timeoutSeconds: 15 - successThreshold: 1 - failureThreshold: 8 - -# enableServiceLinks indicates whether information about services should be -# injected into the pod's environment variables, matching the syntax of Docker -# links. -enableServiceLinks: false - -# +docs:section=Prometheus - -prometheus: - # Enable Prometheus monitoring for the cert-manager controller to use with the - # Prometheus Operator. If this option is enabled without enabling `prometheus.servicemonitor.enabled` or - # `prometheus.podmonitor.enabled`, 'prometheus.io' annotations are added to the cert-manager Deployment - # resources. Additionally, a service is created which can be used together - # with your own ServiceMonitor (managed outside of this Helm chart). - # Otherwise, a ServiceMonitor/ PodMonitor is created. - enabled: true - - servicemonitor: - # Create a ServiceMonitor to add cert-manager to Prometheus. - enabled: false - - # Specifies the `prometheus` label on the created ServiceMonitor. This is - # used when different Prometheus instances have label selectors matching - # different ServiceMonitors. - prometheusInstance: default - - # The target port to set on the ServiceMonitor. This must match the port that the - # cert-manager controller is listening on for metrics. - targetPort: 9402 - - # The path to scrape for metrics. - path: /metrics - - # The interval to scrape metrics. - interval: 60s - - # The timeout before a metrics scrape fails. - scrapeTimeout: 30s - - # Additional labels to add to the ServiceMonitor. - labels: {} - - # Additional annotations to add to the ServiceMonitor. - annotations: {} - - # Keep labels from scraped data, overriding server-side labels. - honorLabels: false - - # EndpointAdditionalProperties allows setting additional properties on the - # endpoint such as relabelings, metricRelabelings etc. - # - # For example: - # endpointAdditionalProperties: - # relabelings: - # - action: replace - # sourceLabels: - # - __meta_kubernetes_pod_node_name - # targetLabel: instance - # - # +docs:property - endpointAdditionalProperties: {} - - # Note that you can not enable both PodMonitor and ServiceMonitor as they are mutually exclusive. Enabling both will result in a error. - podmonitor: - # Create a PodMonitor to add cert-manager to Prometheus. - enabled: false - - # Specifies the `prometheus` label on the created PodMonitor. This is - # used when different Prometheus instances have label selectors matching - # different PodMonitors. - prometheusInstance: default - - # The path to scrape for metrics. - path: /metrics - - # The interval to scrape metrics. - interval: 60s - - # The timeout before a metrics scrape fails. - scrapeTimeout: 30s - - # Additional labels to add to the PodMonitor. - labels: {} - - # Additional annotations to add to the PodMonitor. - annotations: {} - - # Keep labels from scraped data, overriding server-side labels. - honorLabels: false - - # EndpointAdditionalProperties allows setting additional properties on the - # endpoint such as relabelings, metricRelabelings etc. - # - # For example: - # endpointAdditionalProperties: - # relabelings: - # - action: replace - # sourceLabels: - # - __meta_kubernetes_pod_node_name - # targetLabel: instance - # - # +docs:property - endpointAdditionalProperties: {} - -# +docs:section=Webhook - -webhook: - # Number of replicas of the cert-manager webhook to run. - # - # The default is 1, but in production set this to 2 or 3 to provide high - # availability. - # - # If `replicas > 1`, consider setting `webhook.podDisruptionBudget.enabled=true`. - replicaCount: 1 - - # The number of seconds the API server should wait for the webhook to respond before treating the call as a failure. - # The value must be between 1 and 30 seconds. For more information, see - # [Validating webhook configuration v1](https://kubernetes.io/docs/reference/kubernetes-api/extend-resources/validating-webhook-configuration-v1/). - # - # The default is set to the maximum value of 30 seconds as - # users sometimes report that the connection between the K8S API server and - # the cert-manager webhook server times out. - # If *this* timeout is reached, the error message will be "context deadline exceeded", - # which doesn't help the user diagnose what phase of the HTTPS connection timed out. - # For example, it could be during DNS resolution, TCP connection, TLS - # negotiation, HTTP negotiation, or slow HTTP response from the webhook - # server. - # By setting this timeout to its maximum value the underlying timeout error - # message has more chance of being returned to the end user. - timeoutSeconds: 30 - - # This is used to configure options for the webhook pod. - # This allows setting options that would usually be provided using flags. - # An APIVersion and Kind must be specified in your values.yaml file. - # Flags override options that are set here. - # - # For example: - # apiVersion: webhook.config.cert-manager.io/v1alpha1 - # kind: WebhookConfiguration - # # The port that the webhook listens on for requests. - # # In GKE private clusters, by default Kubernetes apiservers are allowed to - # # talk to the cluster nodes only on 443 and 10250. Configuring - # # securePort: 10250 therefore will work out-of-the-box without needing to add firewall - # # rules or requiring NET_BIND_SERVICE capabilities to bind port numbers < 1000. - # # This should be uncommented and set as a default by the chart once - # # the apiVersion of WebhookConfiguration graduates beyond v1alpha1. - # securePort: 10250 - config: {} - - # The update strategy for the cert-manager webhook deployment. - # For more information, see the [Kubernetes documentation](https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy) - # - # For example: - # strategy: - # type: RollingUpdate - # rollingUpdate: - # maxSurge: 0 - # maxUnavailable: 1 - strategy: {} - - # Pod Security Context to be set on the webhook component Pod. - # For more information, see [Configure a Security Context for a Pod or Container](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/). - # +docs:property - securityContext: - runAsNonRoot: true - seccompProfile: - type: RuntimeDefault - - # Container Security Context to be set on the webhook component container. - # For more information, see [Configure a Security Context for a Pod or Container](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/). - # +docs:property - containerSecurityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - - podDisruptionBudget: - # Enable or disable the PodDisruptionBudget resource. - # - # This prevents downtime during voluntary disruptions such as during a Node upgrade. - # For example, the PodDisruptionBudget will block `kubectl drain` - # if it is used on the Node where the only remaining cert-manager - # Pod is currently running. - enabled: false - - # This property configures the minimum available pods for disruptions. Can either be set to - # an integer (e.g. 1) or a percentage value (e.g. 25%). - # It cannot be used if `maxUnavailable` is set. - # +docs:property - # minAvailable: 1 - - # This property configures the maximum unavailable pods for disruptions. Can either be set to - # an integer (e.g. 1) or a percentage value (e.g. 25%). - # It cannot be used if `minAvailable` is set. - # +docs:property - # maxUnavailable: 1 - - # Optional additional annotations to add to the webhook Deployment. - # +docs:property - # deploymentAnnotations: {} - - # Optional additional annotations to add to the webhook Pods. - # +docs:property - # podAnnotations: {} - - # Optional additional annotations to add to the webhook Service. - # +docs:property - # serviceAnnotations: {} - - # Optional additional annotations to add to the webhook MutatingWebhookConfiguration. - # +docs:property - # mutatingWebhookConfigurationAnnotations: {} - - # Optional additional annotations to add to the webhook ValidatingWebhookConfiguration. - # +docs:property - # validatingWebhookConfigurationAnnotations: {} - - validatingWebhookConfiguration: - # Configure spec.namespaceSelector for validating webhooks. - # +docs:property - namespaceSelector: - matchExpressions: - - key: "cert-manager.io/disable-validation" - operator: "NotIn" - values: - - "true" - - mutatingWebhookConfiguration: - # Configure spec.namespaceSelector for mutating webhooks. - # +docs:property - namespaceSelector: {} - # matchLabels: - # key: value - # matchExpressions: - # - key: kubernetes.io/metadata.name - # operator: NotIn - # values: - # - kube-system - - - # Additional command line flags to pass to cert-manager webhook binary. - # To see all available flags run `docker run quay.io/jetstack/cert-manager-webhook: --help`. - extraArgs: [] - # Path to a file containing a WebhookConfiguration object used to configure the webhook. - # - --config= - - # Comma separated list of feature gates that should be enabled on the - # webhook pod. - featureGates: "" - - # Resources to provide to the cert-manager webhook pod. - # - # For example: - # requests: - # cpu: 10m - # memory: 32Mi - # - # For more information, see [Resource Management for Pods and Containers](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/). - resources: {} - - # Liveness probe values. - # For more information, see [Container probes](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes). - # - # +docs:property - livenessProbe: - failureThreshold: 3 - initialDelaySeconds: 60 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - - # Readiness probe values. - # For more information, see [Container probes](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes). - # - # +docs:property - readinessProbe: - failureThreshold: 3 - initialDelaySeconds: 5 - periodSeconds: 5 - successThreshold: 1 - timeoutSeconds: 1 - - # The nodeSelector on Pods tells Kubernetes to schedule Pods on the nodes with - # matching labels. - # For more information, see [Assigning Pods to Nodes](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/). - # - # This default ensures that Pods are only scheduled to Linux nodes. - # It prevents Pods being scheduled to Windows nodes in a mixed OS cluster. - # +docs:property - nodeSelector: - kubernetes.io/os: linux - - # A Kubernetes Affinity, if required. For more information, see [Affinity v1 core](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#affinity-v1-core). - # - # For example: - # affinity: - # nodeAffinity: - # requiredDuringSchedulingIgnoredDuringExecution: - # nodeSelectorTerms: - # - matchExpressions: - # - key: foo.bar.com/role - # operator: In - # values: - # - master - affinity: {} - - # A list of Kubernetes Tolerations, if required. For more information, see [Toleration v1 core](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#toleration-v1-core). - # - # For example: - # tolerations: - # - key: foo.bar.com/role - # operator: Equal - # value: master - # effect: NoSchedule - tolerations: [] - - # A list of Kubernetes TopologySpreadConstraints, if required. For more information, see [Topology spread constraint v1 core](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#topologyspreadconstraint-v1-core). - # - # For example: - # topologySpreadConstraints: - # - maxSkew: 2 - # topologyKey: topology.kubernetes.io/zone - # whenUnsatisfiable: ScheduleAnyway - # labelSelector: - # matchLabels: - # app.kubernetes.io/instance: cert-manager - # app.kubernetes.io/component: controller - topologySpreadConstraints: [] - - # Optional additional labels to add to the Webhook Pods. - podLabels: {} - - # Optional additional labels to add to the Webhook Service. - serviceLabels: {} - - # Optionally set the IP family policy for the controller Service to configure dual-stack; see [Configure dual-stack](https://kubernetes.io/docs/concepts/services-networking/dual-stack/#services). - serviceIPFamilyPolicy: "" - - # Optionally set the IP families for the controller Service that should be supported, in the order in which they should be applied to ClusterIP. Can be IPv4 and/or IPv6. - serviceIPFamilies: [] - - image: - # The container registry to pull the webhook image from. - # +docs:property - # registry: quay.io - - # The container image for the cert-manager webhook - # +docs:property - repository: quay.io/jetstack/cert-manager-webhook - - # Override the image tag to deploy by setting this variable. - # If no value is set, the chart's appVersion will be used. - # +docs:property - # tag: vX.Y.Z - - # Setting a digest will override any tag - # +docs:property - # digest: sha256:0e072dddd1f7f8fc8909a2ca6f65e76c5f0d2fcfb8be47935ae3457e8bbceb20 - - # Kubernetes imagePullPolicy on Deployment. - pullPolicy: IfNotPresent - - serviceAccount: - # Specifies whether a service account should be created. - create: true - - # The name of the service account to use. - # If not set and create is true, a name is generated using the fullname template. - # +docs:property - # name: "" - - # Optional additional annotations to add to the controller's Service Account. - # +docs:property - # annotations: {} - - # Optional additional labels to add to the webhook's Service Account. - # +docs:property - # labels: {} - - # Automount API credentials for a Service Account. - automountServiceAccountToken: true - - # Automounting API credentials for a particular pod. - # +docs:property - # automountServiceAccountToken: true - - # The port that the webhook listens on for requests. - # In GKE private clusters, by default Kubernetes apiservers are allowed to - # talk to the cluster nodes only on 443 and 10250. Configuring - # securePort: 10250, therefore will work out-of-the-box without needing to add firewall - # rules or requiring NET_BIND_SERVICE capabilities to bind port numbers <1000. - securePort: 10250 - - # Specifies if the webhook should be started in hostNetwork mode. - # - # Required for use in some managed kubernetes clusters (such as AWS EKS) with custom - # CNI (such as calico), because control-plane managed by AWS cannot communicate - # with pods' IP CIDR and admission webhooks are not working - # - # Since the default port for the webhook conflicts with kubelet on the host - # network, `webhook.securePort` should be changed to an available port if - # running in hostNetwork mode. - hostNetwork: false - - # Specifies how the service should be handled. Useful if you want to expose the - # webhook outside of the cluster. In some cases, the control plane cannot - # reach internal services. - serviceType: ClusterIP - - # Specify the load balancer IP for the created service. - # +docs:property - # loadBalancerIP: "10.10.10.10" - - # Overrides the mutating webhook and validating webhook so they reach the webhook - # service using the `url` field instead of a service. - url: {} - # host: - - # Enables default network policies for webhooks. - networkPolicy: - # Create network policies for the webhooks. - enabled: false - - # Ingress rule for the webhook network policy. By default, it allows all - # inbound traffic. - # +docs:property - ingress: - - from: - - ipBlock: - cidr: 0.0.0.0/0 - - # Egress rule for the webhook network policy. By default, it allows all - # outbound traffic to ports 80 and 443, as well as DNS ports. - # +docs:property - egress: - - ports: - - port: 80 - protocol: TCP - - port: 443 - protocol: TCP - - port: 53 - protocol: TCP - - port: 53 - protocol: UDP - # On OpenShift and OKD, the Kubernetes API server listens on. - # port 6443. - - port: 6443 - protocol: TCP - to: - - ipBlock: - cidr: 0.0.0.0/0 - - # Additional volumes to add to the cert-manager controller pod. - volumes: [] - - # Additional volume mounts to add to the cert-manager controller container. - volumeMounts: [] - - # enableServiceLinks indicates whether information about services should be - # injected into the pod's environment variables, matching the syntax of Docker - # links. - enableServiceLinks: false - -# +docs:section=CA Injector - -cainjector: - # Create the CA Injector deployment - enabled: true - - # The number of replicas of the cert-manager cainjector to run. - # - # The default is 1, but in production set this to 2 or 3 to provide high - # availability. - # - # If `replicas > 1`, consider setting `cainjector.podDisruptionBudget.enabled=true`. - # - # Note that cert-manager uses leader election to ensure that there can - # only be a single instance active at a time. - replicaCount: 1 - - # This is used to configure options for the cainjector pod. - # It allows setting options that are usually provided via flags. - # An APIVersion and Kind must be specified in your values.yaml file. - # Flags override options that are set here. - # - # For example: - # apiVersion: cainjector.config.cert-manager.io/v1alpha1 - # kind: CAInjectorConfiguration - # logging: - # verbosity: 2 - # format: text - # leaderElectionConfig: - # namespace: kube-system - config: {} - - # Deployment update strategy for the cert-manager cainjector deployment. - # For more information, see the [Kubernetes documentation](https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy). - # - # For example: - # strategy: - # type: RollingUpdate - # rollingUpdate: - # maxSurge: 0 - # maxUnavailable: 1 - strategy: {} - - # Pod Security Context to be set on the cainjector component Pod - # For more information, see [Configure a Security Context for a Pod or Container](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/). - # +docs:property - securityContext: - runAsNonRoot: true - seccompProfile: - type: RuntimeDefault - - # Container Security Context to be set on the cainjector component container - # For more information, see [Configure a Security Context for a Pod or Container](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/). - # +docs:property - containerSecurityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - - podDisruptionBudget: - # Enable or disable the PodDisruptionBudget resource. - # - # This prevents downtime during voluntary disruptions such as during a Node upgrade. - # For example, the PodDisruptionBudget will block `kubectl drain` - # if it is used on the Node where the only remaining cert-manager - # Pod is currently running. - enabled: false - - # `minAvailable` configures the minimum available pods for disruptions. It can either be set to - # an integer (e.g. 1) or a percentage value (e.g. 25%). - # Cannot be used if `maxUnavailable` is set. - # +docs:property - # minAvailable: 1 - - # `maxUnavailable` configures the maximum unavailable pods for disruptions. It can either be set to - # an integer (e.g. 1) or a percentage value (e.g. 25%). - # Cannot be used if `minAvailable` is set. - # +docs:property - # maxUnavailable: 1 - - # Optional additional annotations to add to the cainjector Deployment. - # +docs:property - # deploymentAnnotations: {} - - # Optional additional annotations to add to the cainjector Pods. - # +docs:property - # podAnnotations: {} - - # Additional command line flags to pass to cert-manager cainjector binary. - # To see all available flags run `docker run quay.io/jetstack/cert-manager-cainjector: --help`. - extraArgs: [] - # Enable profiling for cainjector. - # - --enable-profiling=true - - # Comma separated list of feature gates that should be enabled on the - # cainjector pod. - featureGates: "" - - # Resources to provide to the cert-manager cainjector pod. - # - # For example: - # requests: - # cpu: 10m - # memory: 32Mi - # - # For more information, see [Resource Management for Pods and Containers](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/). - resources: {} - - - # The nodeSelector on Pods tells Kubernetes to schedule Pods on the nodes with - # matching labels. - # For more information, see [Assigning Pods to Nodes](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/). - # - # This default ensures that Pods are only scheduled to Linux nodes. - # It prevents Pods being scheduled to Windows nodes in a mixed OS cluster. - # +docs:property - nodeSelector: - kubernetes.io/os: linux - - # A Kubernetes Affinity, if required. For more information, see [Affinity v1 core](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#affinity-v1-core). - # - # For example: - # affinity: - # nodeAffinity: - # requiredDuringSchedulingIgnoredDuringExecution: - # nodeSelectorTerms: - # - matchExpressions: - # - key: foo.bar.com/role - # operator: In - # values: - # - master - affinity: {} - - # A list of Kubernetes Tolerations, if required. For more information, see [Toleration v1 core](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#toleration-v1-core). - # - # For example: - # tolerations: - # - key: foo.bar.com/role - # operator: Equal - # value: master - # effect: NoSchedule - tolerations: [] - - # A list of Kubernetes TopologySpreadConstraints, if required. For more information, see [Topology spread constraint v1 core](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#topologyspreadconstraint-v1-core). - # - # For example: - # topologySpreadConstraints: - # - maxSkew: 2 - # topologyKey: topology.kubernetes.io/zone - # whenUnsatisfiable: ScheduleAnyway - # labelSelector: - # matchLabels: - # app.kubernetes.io/instance: cert-manager - # app.kubernetes.io/component: controller - topologySpreadConstraints: [] - - # Optional additional labels to add to the CA Injector Pods. - podLabels: {} - - image: - # The container registry to pull the cainjector image from. - # +docs:property - # registry: quay.io - - # The container image for the cert-manager cainjector - # +docs:property - repository: quay.io/jetstack/cert-manager-cainjector - - # Override the image tag to deploy by setting this variable. - # If no value is set, the chart's appVersion will be used. - # +docs:property - # tag: vX.Y.Z - - # Setting a digest will override any tag. - # +docs:property - # digest: sha256:0e072dddd1f7f8fc8909a2ca6f65e76c5f0d2fcfb8be47935ae3457e8bbceb20 - - # Kubernetes imagePullPolicy on Deployment. - pullPolicy: IfNotPresent - - serviceAccount: - # Specifies whether a service account should be created. - create: true - - # The name of the service account to use. - # If not set and create is true, a name is generated using the fullname template - # +docs:property - # name: "" - - # Optional additional annotations to add to the controller's Service Account. - # +docs:property - # annotations: {} - - # Optional additional labels to add to the cainjector's Service Account. - # +docs:property - # labels: {} - - # Automount API credentials for a Service Account. - automountServiceAccountToken: true - - # Automounting API credentials for a particular pod. - # +docs:property - # automountServiceAccountToken: true - - # Additional volumes to add to the cert-manager controller pod. - volumes: [] - - # Additional volume mounts to add to the cert-manager controller container. - volumeMounts: [] - - # enableServiceLinks indicates whether information about services should be - # injected into the pod's environment variables, matching the syntax of Docker - # links. - enableServiceLinks: false - -# +docs:section=ACME Solver - -acmesolver: - image: - # The container registry to pull the acmesolver image from. - # +docs:property - # registry: quay.io - - # The container image for the cert-manager acmesolver. - # +docs:property - repository: quay.io/jetstack/cert-manager-acmesolver - - # Override the image tag to deploy by setting this variable. - # If no value is set, the chart's appVersion is used. - # +docs:property - # tag: vX.Y.Z - - # Setting a digest will override any tag. - # +docs:property - # digest: sha256:0e072dddd1f7f8fc8909a2ca6f65e76c5f0d2fcfb8be47935ae3457e8bbceb20 - - # Kubernetes imagePullPolicy on Deployment. - pullPolicy: IfNotPresent - -# +docs:section=Startup API Check -# This startupapicheck is a Helm post-install hook that waits for the webhook -# endpoints to become available. -# The check is implemented using a Kubernetes Job - if you are injecting mesh -# sidecar proxies into cert-manager pods, ensure that they -# are not injected into this Job's pod. Otherwise, the installation may time out -# owing to the Job never being completed because the sidecar proxy does not exit. -# For more information, see [this note](https://github.com/cert-manager/cert-manager/pull/4414). - -startupapicheck: - # Enables the startup api check. - enabled: true - - # Pod Security Context to be set on the startupapicheck component Pod. - # For more information, see [Configure a Security Context for a Pod or Container](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/). - # +docs:property - securityContext: - runAsNonRoot: true - seccompProfile: - type: RuntimeDefault - - # Container Security Context to be set on the controller component container. - # For more information, see [Configure a Security Context for a Pod or Container](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/). - # +docs:property - containerSecurityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - - # Timeout for 'kubectl check api' command. - timeout: 1m - - # Job backoffLimit - backoffLimit: 4 - - # Optional additional annotations to add to the startupapicheck Job. - # +docs:property - jobAnnotations: - helm.sh/hook: post-install - helm.sh/hook-weight: "1" - helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded - - # Optional additional annotations to add to the startupapicheck Pods. - # +docs:property - # podAnnotations: {} - - # Additional command line flags to pass to startupapicheck binary. - # To see all available flags run `docker run quay.io/jetstack/cert-manager-startupapicheck: --help`. - # - # Verbose logging is enabled by default so that if startupapicheck fails, you - # can know what exactly caused the failure. Verbose logs include details of - # the webhook URL, IP address and TCP connect errors for example. - # +docs:property - extraArgs: - - -v - - # Resources to provide to the cert-manager controller pod. - # - # For example: - # requests: - # cpu: 10m - # memory: 32Mi - # - # For more information, see [Resource Management for Pods and Containers](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/). - resources: {} - - - # The nodeSelector on Pods tells Kubernetes to schedule Pods on the nodes with - # matching labels. - # For more information, see [Assigning Pods to Nodes](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/). - # - # This default ensures that Pods are only scheduled to Linux nodes. - # It prevents Pods being scheduled to Windows nodes in a mixed OS cluster. - # +docs:property - nodeSelector: - kubernetes.io/os: linux - - # A Kubernetes Affinity, if required. For more information, see [Affinity v1 core](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#affinity-v1-core). - # For example: - # affinity: - # nodeAffinity: - # requiredDuringSchedulingIgnoredDuringExecution: - # nodeSelectorTerms: - # - matchExpressions: - # - key: foo.bar.com/role - # operator: In - # values: - # - master - affinity: {} - - # A list of Kubernetes Tolerations, if required. For more information, see [Toleration v1 core](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#toleration-v1-core). - # - # For example: - # tolerations: - # - key: foo.bar.com/role - # operator: Equal - # value: master - # effect: NoSchedule - tolerations: [] - - # Optional additional labels to add to the startupapicheck Pods. - podLabels: {} - - image: - # The container registry to pull the startupapicheck image from. - # +docs:property - # registry: quay.io - - # The container image for the cert-manager startupapicheck. - # +docs:property - repository: quay.io/jetstack/cert-manager-startupapicheck - - # Override the image tag to deploy by setting this variable. - # If no value is set, the chart's appVersion is used. - # +docs:property - # tag: vX.Y.Z - - # Setting a digest will override any tag. - # +docs:property - # digest: sha256:0e072dddd1f7f8fc8909a2ca6f65e76c5f0d2fcfb8be47935ae3457e8bbceb20 - - # Kubernetes imagePullPolicy on Deployment. - pullPolicy: IfNotPresent - - rbac: - # annotations for the startup API Check job RBAC and PSP resources. - # +docs:property - annotations: - helm.sh/hook: post-install - helm.sh/hook-weight: "-5" - helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded - - # Automounting API credentials for a particular pod. - # +docs:property - # automountServiceAccountToken: true - - serviceAccount: - # Specifies whether a service account should be created. - create: true - - # The name of the service account to use. - # If not set and create is true, a name is generated using the fullname template. - # +docs:property - # name: "" - - # Optional additional annotations to add to the Job's Service Account. - # +docs:property - annotations: - helm.sh/hook: post-install - helm.sh/hook-weight: "-5" - helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded - - # Automount API credentials for a Service Account. - # +docs:property - automountServiceAccountToken: true - - # Optional additional labels to add to the startupapicheck's Service Account. - # +docs:property - # labels: {} - - # Additional volumes to add to the cert-manager controller pod. - volumes: [] - - # Additional volume mounts to add to the cert-manager controller container. - volumeMounts: [] - - # enableServiceLinks indicates whether information about services should be - # injected into pod's environment variables, matching the syntax of Docker - # links. - enableServiceLinks: false - -# Create dynamic manifests via values. -# -# For example: -# extraObjects: -# - | -# apiVersion: v1 -# kind: ConfigMap -# metadata: -# name: '{{ template "cert-manager.name" . }}-extra-configmap' -extraObjects: [] diff --git a/charts/cert-manager/values-overrides.yaml b/charts/cert-manager/values-overrides.yaml deleted file mode 100644 index 6dc95ab..0000000 --- a/charts/cert-manager/values-overrides.yaml +++ /dev/null @@ -1,3 +0,0 @@ -fullnameOverride: cert-manager -crds: - enabled: true \ No newline at end of file diff --git a/charts/chisel-operator/chisel-operator/.helmignore b/charts/chisel-operator/chisel-operator/.helmignore deleted file mode 100644 index 0e8a0eb..0000000 --- a/charts/chisel-operator/chisel-operator/.helmignore +++ /dev/null @@ -1,23 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*.orig -*~ -# Various IDEs -.project -.idea/ -*.tmproj -.vscode/ diff --git a/charts/chisel-operator/chisel-operator/Chart.yaml b/charts/chisel-operator/chisel-operator/Chart.yaml deleted file mode 100644 index 5c12ad5..0000000 --- a/charts/chisel-operator/chisel-operator/Chart.yaml +++ /dev/null @@ -1,6 +0,0 @@ -apiVersion: v2 -appVersion: v0.4.1 -description: Kubernetes Operator for deploying Chisel reverse proxies -name: chisel-operator -type: application -version: 0.1.0 diff --git a/charts/chisel-operator/chisel-operator/templates/_helpers.tpl b/charts/chisel-operator/chisel-operator/templates/_helpers.tpl deleted file mode 100644 index a13353f..0000000 --- a/charts/chisel-operator/chisel-operator/templates/_helpers.tpl +++ /dev/null @@ -1,62 +0,0 @@ -{{/* -Expand the name of the chart. -*/}} -{{- define "chisel-operator.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} -{{- end }} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "chisel-operator.fullname" -}} -{{- if .Values.fullnameOverride }} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} -{{- else }} -{{- $name := default .Chart.Name .Values.nameOverride }} -{{- if contains $name .Release.Name }} -{{- .Release.Name | trunc 63 | trimSuffix "-" }} -{{- else }} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} -{{- end }} -{{- end }} -{{- end }} - -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "chisel-operator.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} -{{- end }} - -{{/* -Common labels -*/}} -{{- define "chisel-operator.labels" -}} -helm.sh/chart: {{ include "chisel-operator.chart" . }} -{{ include "chisel-operator.selectorLabels" . }} -{{- if .Chart.AppVersion }} -app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} -{{- end }} -app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- end }} - -{{/* -Selector labels -*/}} -{{- define "chisel-operator.selectorLabels" -}} -app.kubernetes.io/name: {{ include "chisel-operator.name" . }} -app.kubernetes.io/instance: {{ .Release.Name }} -{{- end }} - -{{/* -Create the name of the service account to use -*/}} -{{- define "chisel-operator.serviceAccountName" -}} -{{- if .Values.serviceAccount.create }} -{{- default (include "chisel-operator.fullname" .) .Values.serviceAccount.name }} -{{- else }} -{{- default "default" .Values.serviceAccount.name }} -{{- end }} -{{- end }} diff --git a/charts/chisel-operator/chisel-operator/templates/crds/exit-node-provisioner.yaml b/charts/chisel-operator/chisel-operator/templates/crds/exit-node-provisioner.yaml deleted file mode 100644 index 64ff698..0000000 --- a/charts/chisel-operator/chisel-operator/templates/crds/exit-node-provisioner.yaml +++ /dev/null @@ -1,101 +0,0 @@ - - -{{- if .Values.createCrds }} -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: exitnodeprovisioners.chisel-operator.io -spec: - group: chisel-operator.io - names: - categories: [] - kind: ExitNodeProvisioner - plural: exitnodeprovisioners - shortNames: [] - singular: exitnodeprovisioner - scope: Namespaced - versions: - - additionalPrinterColumns: [] - name: v1 - schema: - openAPIV3Schema: - description: Auto-generated derived type for ExitNodeProvisionerSpec via `CustomResource` - properties: - spec: - description: ExitNodeProvisioner is a custom resource that represents a Chisel exit node provisioner on a cloud provider. - oneOf: - - required: - - DigitalOcean - - required: - - Linode - - required: - - AWS - properties: - AWS: - properties: - auth: - description: Reference to a secret containing the AWS access key ID and secret access key, under the `access_key_id` and `secret_access_key` secret keys - type: string - region: - description: Region ID for the AWS region to provision the exit node in See https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html - type: string - security_group: - description: Security group name to use for the exit node, uses the default security group if not specified - nullable: true - type: string - size: - default: t2.micro - description: Size for the EC2 instance See https://aws.amazon.com/ec2/instance-types/ - type: string - required: - - auth - - region - type: object - DigitalOcean: - properties: - auth: - description: Reference to a secret containing the DigitalOcean API token, under the `DIGITALOCEAN_TOKEN` secret key - type: string - region: - default: '' - description: Region ID of the DigitalOcean datacenter to provision the exit node in If empty, DigitalOcean will randomly select a region for you, which might not be what you want See https://slugs.do-api.dev/ - type: string - size: - default: s-1vcpu-1gb - description: Size for the DigitalOcean droplet See https://slugs.do-api.dev/ - type: string - ssh_fingerprints: - default: [] - description: SSH key fingerprints to add to the exit node - items: - type: string - type: array - required: - - auth - type: object - Linode: - properties: - auth: - description: Name of the secret containing the Linode API token, under the `LINODE_TOKEN` secret key - type: string - region: - description: Region ID of the Linode datacenter to provision the exit node in See https://api.linode.com/v4/regions - type: string - size: - default: g6-nanode-1 - description: Size for the Linode instance See https://api.linode.com/v4/linode/ - type: string - required: - - auth - - region - type: object - type: object - required: - - spec - title: ExitNodeProvisioner - type: object - served: true - storage: true - subresources: {} - -{{- end }} \ No newline at end of file diff --git a/charts/chisel-operator/chisel-operator/templates/crds/exit-node.yaml b/charts/chisel-operator/chisel-operator/templates/crds/exit-node.yaml deleted file mode 100644 index 7d679f2..0000000 --- a/charts/chisel-operator/chisel-operator/templates/crds/exit-node.yaml +++ /dev/null @@ -1,84 +0,0 @@ -{{- if .Values.createCrds -}} - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: exitnodes.chisel-operator.io -spec: - group: chisel-operator.io - names: - categories: [] - kind: ExitNode - plural: exitnodes - shortNames: [] - singular: exitnode - scope: Namespaced - versions: - - additionalPrinterColumns: [] - name: v1 - schema: - openAPIV3Schema: - description: Auto-generated derived type for ExitNodeSpec via `CustomResource` - properties: - spec: - description: ExitNode is a custom resource that represents a Chisel exit node. It will be used as the reverse proxy for all services in the cluster. - properties: - auth: - description: Optional authentication secret name to connect to the control plane - nullable: true - type: string - chisel_image: - description: Optional value for the chisel client image used to connect to the chisel server If not provided, jpillora/chisel:latest is used - nullable: true - type: string - default_route: - default: false - description: Optional boolean value for whether to make the exit node the default route for the cluster If true, the exit node will be the default route for the cluster default value is false - type: boolean - external_host: - description: Optional real external hostname/IP of exit node If not provided, the host field will be used - nullable: true - type: string - fingerprint: - description: Optional but highly recommended fingerprint to perform host-key validation against the server's public key - nullable: true - type: string - host: - description: Hostname or IP address of the chisel server - type: string - port: - description: Control plane port of the chisel server - format: uint16 - minimum: 0.0 - type: integer - required: - - host - - port - type: object - status: - nullable: true - properties: - id: - nullable: true - type: string - ip: - type: string - name: - type: string - provider: - type: string - required: - - ip - - name - - provider - type: object - required: - - spec - title: ExitNode - type: object - served: true - storage: true - subresources: - status: {} - -{{- end -}} \ No newline at end of file diff --git a/charts/chisel-operator/chisel-operator/templates/deployment.yaml b/charts/chisel-operator/chisel-operator/templates/deployment.yaml deleted file mode 100644 index af36049..0000000 --- a/charts/chisel-operator/chisel-operator/templates/deployment.yaml +++ /dev/null @@ -1,49 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "chisel-operator.fullname" . }} - labels: - name: {{- include "chisel-operator.labels" . | nindent 4 }} -spec: - replicas: {{ .Values.replicaCount}} - selector: - matchLabels: - {{- include "chisel-operator.selectorLabels" . | nindent 6 }} - template: - metadata: - {{- with .Values.podAnnotations }} - annotations: - {{- toYaml . | nindent 8 }} - {{- end }} - labels: - {{- include "chisel-operator.selectorLabels" . | nindent 8 }} - spec: - {{- if .Values.serviceAccount.create }} - serviceAccountName: {{ include "chisel-operator.serviceAccountName" . }} - automountServiceAccountToken: true # This is required - {{- end }} - {{- with .Values.imagePullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} - serviceAccountName: {{ include "chisel-operator.serviceAccountName" . }} - containers: - - name: {{ .Chart.Name }} - image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" - imagePullPolicy: {{ .Values.image.pullPolicy }} - resources: - {{- toYaml .Values.resources | nindent 12 }} - - {{- with .Values.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} - diff --git a/charts/chisel-operator/chisel-operator/templates/serviceaccount.yaml b/charts/chisel-operator/chisel-operator/templates/serviceaccount.yaml deleted file mode 100644 index beac4f6..0000000 --- a/charts/chisel-operator/chisel-operator/templates/serviceaccount.yaml +++ /dev/null @@ -1,58 +0,0 @@ -{{- if .Values.serviceAccount.create -}} -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ include "chisel-operator.serviceAccountName" . }} - labels: - {{- include "chisel-operator.labels" . | nindent 4 }} - {{- with .Values.serviceAccount.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: {{ include "chisel-operator.serviceAccountName" . }} - labels: - {{- include "chisel-operator.labels" . | nindent 4 }} - {{- with .Values.serviceAccount.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -rules: - - apiGroups: ["apps"] - resources: ["deployments", "deployments/*"] - verbs: ["*"] - - apiGroups: [""] - resources: ["services", "services/status", "services/finalizers"] - verbs: ["get", "list", "watch", "update", "patch"] - - apiGroups: ["chisel-operator.io"] - resources: ["*"] - verbs: ["*"] - - apiGroups: [""] - resources: ["secrets"] - verbs: ["get", "list", "create", "update", "patch", "delete"] - ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: {{ include "chisel-operator.serviceAccountName" . }} - labels: - {{- include "chisel-operator.labels" . | nindent 4 }} - {{- with .Values.serviceAccount.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -subjects: - - kind: ServiceAccount - name: {{ include "chisel-operator.serviceAccountName" . }} - namespace: {{ .Release.Namespace }} -roleRef: - kind: ClusterRole - name: {{ include "chisel-operator.serviceAccountName" . }} - apiGroup: rbac.authorization.k8s.io - - -{{- end }} diff --git a/charts/chisel-operator/chisel-operator/values.yaml b/charts/chisel-operator/chisel-operator/values.yaml deleted file mode 100644 index 0bab700..0000000 --- a/charts/chisel-operator/chisel-operator/values.yaml +++ /dev/null @@ -1,51 +0,0 @@ -# Default values for chisel-operator. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. - -replicaCount: 1 # Right now only 1 replica is supported -# LeaderElection and multiple replicas may be supported in the future. -# For now, we recommend running only 1 replica else Chisel Operator may constantly -# recreate resources, wasting your API resources and costing you money. - -image: - repository: ghcr.io/fyralabs/chisel-operator - pullPolicy: IfNotPresent - # Overrides the image tag whose default is the chart appVersion. - # tag: - -imagePullSecrets: [] -nameOverride: "" -fullnameOverride: "" - -serviceAccount: - # Specifies whether a service account should be created - create: true - # Annotations to add to the service account - annotations: {} - # The name of the service account to use. - # If not set and create is true, a name is generated using the fullname template - name: "" - -podAnnotations: {} - - -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi - -nodeSelector: {} - -tolerations: [] - -affinity: {} - -# Create CRDs for Chisel Operator -createCrds: true diff --git a/charts/chisel-operator/values-overrides.yaml b/charts/chisel-operator/values-overrides.yaml deleted file mode 100644 index 1ef6ac0..0000000 --- a/charts/chisel-operator/values-overrides.yaml +++ /dev/null @@ -1 +0,0 @@ -fullnameOverride: "chisel-operator" \ No newline at end of file diff --git a/charts/drupal/README.md b/charts/drupal/README.md deleted file mode 100644 index b07acbd..0000000 --- a/charts/drupal/README.md +++ /dev/null @@ -1,3 +0,0 @@ -## drupal notes - -To initialize drupal with all the modules we need, use the "Initialize Drupal" button in Tilt's UI. Or see the script it executes in ../../scripts/drupal-init.sh \ No newline at end of file diff --git a/charts/drupal/drupal/.helmignore b/charts/drupal/drupal/.helmignore deleted file mode 100644 index 207983f..0000000 --- a/charts/drupal/drupal/.helmignore +++ /dev/null @@ -1,25 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj -# img folder -img/ -# Changelog -CHANGELOG.md diff --git a/charts/drupal/drupal/Chart.lock b/charts/drupal/drupal/Chart.lock deleted file mode 100644 index 9e7f677..0000000 --- a/charts/drupal/drupal/Chart.lock +++ /dev/null @@ -1,9 +0,0 @@ -dependencies: -- name: mariadb - repository: oci://registry-1.docker.io/bitnamicharts - version: 19.0.7 -- name: common - repository: oci://registry-1.docker.io/bitnamicharts - version: 2.24.0 -digest: sha256:1a41985df21415bc1a7fdd62b58daa1b60b31f2c2ebda4b9506e099a372b338c -generated: "2024-10-03T11:38:53.545931255Z" diff --git a/charts/drupal/drupal/Chart.yaml b/charts/drupal/drupal/Chart.yaml deleted file mode 100644 index 6826be6..0000000 --- a/charts/drupal/drupal/Chart.yaml +++ /dev/null @@ -1,42 +0,0 @@ -annotations: - category: CMS - images: | - - name: apache-exporter - image: docker.io/bitnami/apache-exporter:1.0.9-debian-12-r1 - - name: drupal - image: docker.io/bitnami/drupal:11.0.5-debian-12-r1 - - name: os-shell - image: docker.io/bitnami/os-shell:12-debian-12-r31 - licenses: Apache-2.0 -apiVersion: v2 -appVersion: 11.0.5 -dependencies: -- condition: mariadb.enabled - name: mariadb - repository: oci://registry-1.docker.io/bitnamicharts - version: 19.x.x -- name: common - repository: oci://registry-1.docker.io/bitnamicharts - tags: - - bitnami-common - version: 2.x.x -description: Drupal is one of the most versatile open source content management systems - in the world. It is pre-configured with the Ctools and Views modules, Drush and - Let's Encrypt auto-configuration support. -home: https://bitnami.com -icon: https://bitnami.com/assets/stacks/drupal/img/drupal-stack-220x234.png -keywords: -- drupal -- cms -- blog -- http -- web -- application -- php -maintainers: -- name: Broadcom, Inc. All Rights Reserved. - url: https://github.com/bitnami/charts -name: drupal -sources: -- https://github.com/bitnami/charts/tree/main/bitnami/drupal -version: 20.0.10 diff --git a/charts/drupal/drupal/README.md b/charts/drupal/drupal/README.md deleted file mode 100644 index 41108fc..0000000 --- a/charts/drupal/drupal/README.md +++ /dev/null @@ -1,586 +0,0 @@ - - -# Bitnami package for Drupal - -Drupal is one of the most versatile open source content management systems in the world. It is pre-configured with the Ctools and Views modules, Drush and Let's Encrypt auto-configuration support. - -[Overview of Drupal](http://drupal.org) - -Trademarks: This software listing is packaged by Bitnami. The respective trademarks mentioned in the offering are owned by the respective companies, and use of them does not imply any affiliation or endorsement. - -## TL;DR - -```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/drupal -``` - -Looking to use Drupal in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. - -## Introduction - -This chart bootstraps a [Drupal](https://github.com/bitnami/containers/tree/main/bitnami/drupal) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. - -It also packages the [Bitnami MariaDB chart](https://github.com/bitnami/charts/tree/main/bitnami/mariadb) which is required for bootstrapping a MariaDB deployment as a database for the Drupal application. - -Bitnami charts can be used with [Kubeapps](https://kubeapps.dev/) for deployment and management of Helm Charts in clusters. - -## Prerequisites - -- Kubernetes 1.23+ -- Helm 3.8.0+ -- PV provisioner support in the underlying infrastructure -- ReadWriteMany volumes for deployment scaling - -## Installing the Chart - -To install the chart with the release name `my-release`: - -```console -helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/drupal -``` - -> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. - -The command deploys Drupal on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. - -> **Tip**: List all releases using `helm list` - -## Configuration and installation details - -### Resource requests and limits - -Bitnami charts allow setting resource requests and limits for all containers inside the chart deployment. These are inside the `resources` value (check parameter table). Setting requests is essential for production workloads and these should be adapted to your specific use case. - -To make this process easier, the chart contains the `resourcesPreset` values, which automatically sets the `resources` section according to different presets. Check these presets in [the bitnami/common chart](https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15). However, in production workloads using `resourcePreset` is discouraged as it may not fully adapt to your specific needs. Find more information on container resource management in the [official Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/). - -### [Rolling VS Immutable tags](https://docs.vmware.com/en/VMware-Tanzu-Application-Catalog/services/tutorials/GUID-understand-rolling-tags-containers-index.html) - -It is strongly recommended to use immutable tags in a production environment. This ensures your deployment does not change automatically if the same tag is updated with a different image. - -Bitnami will release a new chart updating its containers if a new version of the main container, significant changes, or critical vulnerabilities exist. - -### Image - -The `image` parameter allows specifying which image will be pulled for the chart. - -#### Private registry - -If you configure the `image` value to one in a private registry, you will need to [specify an image pull secret](https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod). - -1. Manually create image pull secret(s) in the namespace. See [this YAML example reference](https://kubernetes.io/docs/concepts/containers/images/#creating-a-secret-with-a-docker-config). Consult your image registry's documentation about getting the appropriate secret. -2. Note that the `imagePullSecrets` configuration value cannot currently be passed to helm using the `--set` parameter, so you must supply these using a `values.yaml` file, such as: - - ```yaml - imagePullSecrets: - - name: SECRET_NAME - ``` - -3. Install the chart - -### Setting Pod's affinity - -This chart allows you to set your custom affinity using the `affinity` parameter. Find more information about Pod's affinity in the [kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity). - -As an alternative, you can use of the preset configurations for pod affinity, pod anti-affinity, and node affinity available at the [bitnami/common](https://github.com/bitnami/charts/tree/main/bitnami/common#affinities) chart. To do so, set the `podAffinityPreset`, `podAntiAffinityPreset`, or `nodeAffinityPreset` parameters. - -## Persistence - -The [Bitnami Drupal](https://github.com/bitnami/containers/tree/main/bitnami/drupal) image stores the Drupal data and configurations at the `/bitnami/drupal` path of the container. - -Persistent Volume Claims are used to keep the data across deployments. This is known to work in GCE, AWS, and minikube. -See the [Parameters](#parameters) section to configure the PVC or to disable persistence. - -### Existing PersistentVolumeClaim - -1. Create the PersistentVolume -2. Create the PersistentVolumeClaim -3. Install the chart - -```console -helm install my-release --set persistence.existingClaim=PVC_NAME oci://REGISTRY_NAME/REPOSITORY_NAME/drupal -``` - -> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. - -### Host path - -#### System compatibility - -- The local filesystem accessibility to a container in a pod with `hostPath` has been tested on OSX/MacOS with xhyve, and Linux with VirtualBox. -- Windows has not been tested with the supported VM drivers. Minikube does however officially support [Mounting Host Folders](https://minikube.sigs.k8s.io/docs/handbook/mount/) per pod. Or you may manually sync your container whenever host files are changed with tools like [docker-sync](https://github.com/EugenMayer/docker-sync) or [docker-bg-sync](https://github.com/cweagans/docker-bg-sync). - -#### Mounting steps - -1. The specified `hostPath` directory must already exist (create one if it does not). -2. Install the chart - - ```console - helm install my-release --set persistence.hostPath=/PATH/TO/HOST/MOUNT oci://REGISTRY_NAME/REPOSITORY_NAME/drupal - ``` - - > Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. - - This will mount the `drupal-data` volume into the `hostPath` directory. The site data will be persisted if the mount path contains valid data, else the site data will be initialized at first launch. -3. Because the container cannot control the host machine's directory permissions, you must set the Drupal file directory permissions yourself and disable or clear Drupal cache. See Drupal Core's [INSTALL.txt](https://cgit.drupalcode.org/drupal/tree/core/INSTALL.txt?h=8.3.x#n152) for setting file permissions, and see [Drupal handbook page](https://www.drupal.org/node/2598914) to disable the cache, or [Drush handbook](https://drushcommands.com/drush-8x/cache/cache-rebuild/) to clear cache. - -## Parameters - -### Global parameters - -| Name | Description | Value | -| ----------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------ | -| `global.imageRegistry` | Global Docker image registry | `""` | -| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` | -| `global.defaultStorageClass` | Global default StorageClass for Persistent Volume(s) | `""` | -| `global.storageClass` | DEPRECATED: use global.defaultStorageClass instead | `""` | -| `global.compatibility.openshift.adaptSecurityContext` | Adapt the securityContext sections of the deployment to make them compatible with Openshift restricted-v2 SCC: remove runAsUser, runAsGroup and fsGroup and let the platform use their allowed default IDs. Possible values: auto (apply if the detected running cluster is Openshift), force (perform the adaptation always), disabled (do not perform adaptation) | `auto` | - -### Common parameters - -| Name | Description | Value | -| ------------------- | ---------------------------------------------------------------------------------------------------------- | ----- | -| `kubeVersion` | Force target Kubernetes version (using Helm capabilities if not set) | `""` | -| `nameOverride` | String to partially override drupal.fullname template (will maintain the release name) | `""` | -| `fullnameOverride` | String to fully override drupal.fullname template | `""` | -| `namespaceOverride` | String to fully override common.names.namespace | `""` | -| `commonAnnotations` | Common annotations to add to all Drupal resources (sub-charts are not considered). Evaluated as a template | `{}` | -| `commonLabels` | Common labels to add to all Drupal resources (sub-charts are not considered). Evaluated as a template | `{}` | -| `extraDeploy` | Array of extra objects to deploy with the release (evaluated as a template). | `[]` | - -### Drupal parameters - -| Name | Description | Value | -| --------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------ | -| `image.registry` | Drupal image registry | `REGISTRY_NAME` | -| `image.repository` | Drupal Image name | `REPOSITORY_NAME/drupal` | -| `image.digest` | Drupal image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | Drupal image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `image.debug` | Specify if debug logs should be enabled | `false` | -| `replicaCount` | Number of Drupal Pods to run (requires ReadWriteMany PVC support) | `1` | -| `drupalProfile` | Drupal installation profile | `standard` | -| `drupalSkipInstall` | Skip Drupal installation wizard. Useful for migrations and restoring from SQL dump | `false` | -| `drupalUsername` | User of the application | `user` | -| `drupalPassword` | Application password | `""` | -| `drupalEmail` | Admin email | `user@example.com` | -| `allowEmptyPassword` | Allow DB blank passwords | `true` | -| `command` | Override default container command (useful when using custom images) | `[]` | -| `args` | Override default container args (useful when using custom images) | `[]` | -| `updateStrategy.type` | Update strategy - only really applicable for deployments with RWO PVs attached | `RollingUpdate` | -| `priorityClassName` | Drupal pods' priorityClassName | `""` | -| `schedulerName` | Name of the k8s scheduler (other than default) | `""` | -| `topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | -| `automountServiceAccountToken` | Mount Service Account token in pod | `false` | -| `hostAliases` | Add deployment host aliases | `[]` | -| `extraEnvVars` | Extra environment variables | `[]` | -| `extraEnvVarsCM` | ConfigMap containing extra env vars | `""` | -| `extraEnvVarsSecret` | Secret containing extra env vars (in case of sensitive data) | `""` | -| `extraVolumes` | Array of extra volumes to be added to the deployment (evaluated as template). Requires setting `extraVolumeMounts` | `[]` | -| `extraVolumeMounts` | Array of extra volume mounts to be added to the container (evaluated as template). Normally used with `extraVolumes`. | `[]` | -| `initContainers` | Add additional init containers to the pod (evaluated as a template) | `[]` | -| `pdb.create` | Enable/disable a Pod Disruption Budget creation | `true` | -| `pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `""` | -| `pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable. Defaults to `1` if both `pdb.minAvailable` and `pdb.maxUnavailable` are empty. | `""` | -| `sidecars` | Attach additional containers to the pod (evaluated as a template) | `[]` | -| `tolerations` | Tolerations for pod assignment | `[]` | -| `serviceAccount.create` | Specifies whether a service account should be created | `true` | -| `serviceAccount.name` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template | `""` | -| `serviceAccount.annotations` | Add annotations | `{}` | -| `serviceAccount.automountServiceAccountToken` | Automount API credentials for a service account. | `false` | -| `existingSecret` | Name of a secret with the application password | `""` | -| `smtpHost` | SMTP host | `""` | -| `smtpPort` | SMTP port | `""` | -| `smtpUser` | SMTP user | `""` | -| `smtpPassword` | SMTP password | `""` | -| `smtpProtocol` | SMTP Protocol (options: ssl,tls, nil) | `""` | -| `containerPorts` | Container ports | `{}` | -| `extraContainerPorts` | Optionally specify extra list of additional ports for Drupal container(s) | `[]` | -| `sessionAffinity` | Control where client requests go, to the same pod or round-robin. Values: ClientIP or None | `None` | -| `persistence.enabled` | Enable persistence using PVC | `true` | -| `persistence.storageClass` | PVC Storage Class for Drupal volume | `""` | -| `persistence.accessModes` | PVC Access Mode for Drupal volume | `["ReadWriteOnce"]` | -| `persistence.size` | PVC Storage Request for Drupal volume | `8Gi` | -| `persistence.existingClaim` | A manually managed Persistent Volume Claim | `""` | -| `persistence.hostPath` | If defined, the drupal-data volume will mount to the specified hostPath. | `""` | -| `persistence.annotations` | Persistent Volume Claim annotations | `{}` | -| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `nodeAffinityPreset.key` | Node label key to match Ignored if `affinity` is set. | `""` | -| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | -| `affinity` | Affinity for pod assignment | `{}` | -| `nodeSelector` | Node labels for pod assignment. Evaluated as a template. | `{}` | -| `resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if resources is set (resources is recommended for production). | `micro` | -| `resources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` | -| `podSecurityContext.enabled` | Enable Drupal pods' Security Context | `true` | -| `podSecurityContext.fsGroupChangePolicy` | Set filesystem group change policy | `Always` | -| `podSecurityContext.sysctls` | Set kernel settings using the sysctl interface | `[]` | -| `podSecurityContext.supplementalGroups` | Set filesystem extra groups | `[]` | -| `podSecurityContext.fsGroup` | Drupal pods' group ID | `1001` | -| `containerSecurityContext.enabled` | Enabled Drupal containers' Security Context | `true` | -| `containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `{}` | -| `containerSecurityContext.runAsUser` | Set Drupal containers' Security Context runAsUser | `1001` | -| `containerSecurityContext.runAsGroup` | Set Drupal containers' Security Context runAsGroup | `1001` | -| `containerSecurityContext.runAsNonRoot` | Set Controller container's Security Context runAsNonRoot | `true` | -| `containerSecurityContext.privileged` | Set Drupal container's Security Context privileged | `false` | -| `containerSecurityContext.allowPrivilegeEscalation` | Set Drupal container's Security Context allowPrivilegeEscalation | `false` | -| `containerSecurityContext.capabilities.drop` | List of capabilities to be dropped | `["ALL"]` | -| `containerSecurityContext.seccompProfile.type` | Set container's Security Context seccomp profile | `RuntimeDefault` | -| `containerSecurityContext.readOnlyRootFilesystem` | Set Drupal container's Security Context readOnlyRootFilesystem | `true` | -| `startupProbe.enabled` | Enable startupProbe | `false` | -| `startupProbe.path` | Request path for startupProbe | `/user/login` | -| `startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `600` | -| `startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | -| `startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` | -| `startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `livenessProbe.enabled` | Enable livenessProbe | `true` | -| `livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `600` | -| `livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | -| `livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `readinessProbe.enabled` | Enable readinessProbe | `true` | -| `readinessProbe.path` | Request path for readinessProbe | `/user/login` | -| `readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` | -| `readinessProbe.periodSeconds` | Period seconds for readinessProbe | `5` | -| `readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | -| `readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | -| `readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `customStartupProbe` | Override default startup probe | `{}` | -| `customLivenessProbe` | Override default liveness probe | `{}` | -| `customReadinessProbe` | Override default readiness probe | `{}` | -| `lifecycleHooks` | LifecycleHook to set additional configuration at startup Evaluated as a template | `{}` | -| `podAnnotations` | Pod annotations | `{}` | -| `podLabels` | Add additional labels to the pod (evaluated as a template) | `{}` | - -### Traffic Exposure Parameters - -| Name | Description | Value | -| ---------------------------------- | -------------------------------------------------------------------------------------------------------------------------------- | ------------------------ | -| `service.type` | Kubernetes Service type | `LoadBalancer` | -| `service.ports.http` | Service HTTP port | `80` | -| `service.ports.https` | Service HTTPS port | `443` | -| `service.loadBalancerSourceRanges` | Restricts access for LoadBalancer (only with `service.type: LoadBalancer`) | `[]` | -| `service.loadBalancerIP` | loadBalancerIP for the Drupal Service (optional, cloud specific) | `""` | -| `service.nodePorts` | Kubernetes node port | `{}` | -| `service.externalTrafficPolicy` | Enable client source IP preservation | `Cluster` | -| `service.clusterIP` | %%MAIN_CONTAINER_NAME%% service Cluster IP | `""` | -| `service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | -| `service.annotations` | Additional custom annotations for %%MAIN_CONTAINER_NAME%% service | `{}` | -| `service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | -| `service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | -| `ingress.enabled` | Enable ingress controller resource | `false` | -| `ingress.pathType` | Ingress Path type | `ImplementationSpecific` | -| `ingress.apiVersion` | Override API Version (automatically detected if not set) | `""` | -| `ingress.ingressClassName` | IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+) | `""` | -| `ingress.hostname` | Default host for the ingress resource | `drupal.local` | -| `ingress.path` | The Path to Drupal. You may need to set this to '/*' in order to use this | `/` | -| `ingress.annotations` | Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations. | `{}` | -| `ingress.tls` | Enable TLS configuration for the hostname defined at ingress.hostname parameter | `false` | -| `ingress.tlsWwwPrefix` | Adds www subdomain to default cert | `false` | -| `ingress.extraHosts` | The list of additional hostnames to be covered with this ingress record. | `[]` | -| `ingress.extraPaths` | Any additional arbitrary paths that may need to be added to the ingress under the main host. | `[]` | -| `ingress.extraTls` | The tls configuration for additional hostnames to be covered with this ingress record. | `[]` | -| `ingress.secrets` | If you're providing your own certificates, please use this to add the certificates as secrets | `[]` | -| `ingress.extraRules` | Additional rules to be covered with this ingress record | `[]` | - -### Database parameters - -| Name | Description | Value | -| ------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------- | -| `mariadb.enabled` | Whether to deploy a mariadb server to satisfy the applications database requirements | `true` | -| `mariadb.architecture` | MariaDB architecture (`standalone` or `replication`) | `standalone` | -| `mariadb.auth.rootPassword` | Password for the MariaDB `root` user | `""` | -| `mariadb.auth.database` | Database name to create | `bitnami_drupal` | -| `mariadb.auth.username` | Database user to create | `bn_drupal` | -| `mariadb.auth.password` | Password for the database | `""` | -| `mariadb.primary.persistence.enabled` | Enable database persistence using PVC | `true` | -| `mariadb.primary.persistence.storageClass` | MariaDB primary persistent volume storage Class | `""` | -| `mariadb.primary.persistence.accessModes` | Database Persistent Volume Access Modes | `["ReadWriteOnce"]` | -| `mariadb.primary.persistence.size` | Database Persistent Volume Size | `8Gi` | -| `mariadb.primary.persistence.hostPath` | Set path in case you want to use local host path volumes (not recommended in production) | `""` | -| `mariadb.primary.persistence.existingClaim` | Name of an existing `PersistentVolumeClaim` for MariaDB primary replicas | `""` | -| `externalDatabase.host` | Host of the existing database | `""` | -| `externalDatabase.port` | Port of the existing database | `3306` | -| `externalDatabase.user` | Existing username in the external db | `bn_drupal` | -| `externalDatabase.password` | Password for the above username. Ignored if existing secret is provided | `""` | -| `externalDatabase.database` | Name of the existing database | `bitnami_drupal` | -| `externalDatabase.existingSecret` | Name of a secret with the database password. (externalDatabase.password will be ignored and picked up from this secret). The secret has to contain the key db-password | `""` | - -### Volume Permissions parameters - -| Name | Description | Value | -| ------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------- | -| `volumePermissions.enabled` | Enable init container that changes volume permissions in the data directory (for cases where the default k8s `runAsUser` and `fsUser` values do not work) | `false` | -| `volumePermissions.image.registry` | Init container volume-permissions image registry | `REGISTRY_NAME` | -| `volumePermissions.image.repository` | Init container volume-permissions image name | `REPOSITORY_NAME/os-shell` | -| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `volumePermissions.resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if volumePermissions.resources is set (volumePermissions.resources is recommended for production). | `none` | -| `volumePermissions.resources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` | - -### Metrics parameters - -| Name | Description | Value | -| ------------------------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------- | -| `metrics.enabled` | Start a exporter side-car | `false` | -| `metrics.image.registry` | Apache exporter image registry | `REGISTRY_NAME` | -| `metrics.image.repository` | Apache exporter image repository | `REPOSITORY_NAME/apache-exporter` | -| `metrics.image.digest` | Apache exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `metrics.image.pullPolicy` | Image pull policy | `IfNotPresent` | -| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `metrics.resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if metrics.resources is set (metrics.resources is recommended for production). | `none` | -| `metrics.resources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` | -| `metrics.podAnnotations` | Additional annotations for Metrics exporter pod | `{}` | -| `metrics.service.type` | Drupal exporter service type | `ClusterIP` | -| `metrics.service.ports.metrics` | Drupal exporter service port | `9117` | -| `metrics.service.externalTrafficPolicy` | Drupal exporter service external traffic policy | `Cluster` | -| `metrics.service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | -| `metrics.service.loadBalancerIP` | Drupal exporter service Load Balancer IP | `""` | -| `metrics.service.loadBalancerSourceRanges` | Drupal exporter service Load Balancer sources | `[]` | -| `metrics.service.annotations` | Additional custom annotations for Drupal exporter service | `{}` | -| `metrics.serviceMonitor.enabled` | Create ServiceMonitor resource(s) for scraping metrics using PrometheusOperator | `false` | -| `metrics.serviceMonitor.namespace` | The namespace in which the ServiceMonitor will be created | `""` | -| `metrics.serviceMonitor.interval` | The interval at which metrics should be scraped | `30s` | -| `metrics.serviceMonitor.scrapeTimeout` | The timeout after which the scrape is ended | `""` | -| `metrics.serviceMonitor.relabellings` | Metrics RelabelConfigs to apply to samples before scraping. | `[]` | -| `metrics.serviceMonitor.metricRelabelings` | Metrics RelabelConfigs to apply to samples before ingestion. | `[]` | -| `metrics.serviceMonitor.honorLabels` | Specify honorLabels parameter to add the scrape endpoint | `false` | -| `metrics.serviceMonitor.additionalLabels` | Additional labels that can be used so ServiceMonitor resource(s) can be discovered by Prometheus | `{}` | -| `metrics.prometheusRule.enabled` | Create a custom prometheusRule Resource for scraping metrics using PrometheusOperator | `false` | -| `metrics.prometheusRule.namespace` | The namespace in which the prometheusRule will be created | `""` | -| `metrics.prometheusRule.additionalLabels` | Additional labels for the prometheusRule | `{}` | -| `metrics.prometheusRule.rules` | Custom Prometheus rules | `[]` | - -### Certificate injection parameters - -| Name | Description | Value | -| ---------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------- | ---------------------------------------- | -| `certificates.customCertificate.certificateSecret` | Secret containing the certificate and key to add | `""` | -| `certificates.customCertificate.chainSecret.name` | Name of the secret containing the certificate chain | `secret-name` | -| `certificates.customCertificate.chainSecret.key` | Key of the certificate chain file inside the secret | `secret-key` | -| `certificates.customCertificate.certificateLocation` | Location in the container to store the certificate | `/etc/ssl/certs/ssl-cert-snakeoil.pem` | -| `certificates.customCertificate.keyLocation` | Location in the container to store the private key | `/etc/ssl/private/ssl-cert-snakeoil.key` | -| `certificates.customCertificate.chainLocation` | Location in the container to store the certificate chain | `/etc/ssl/certs/mychain.pem` | -| `certificates.customCAs` | Defines a list of secrets to import into the container trust store | `[]` | -| `certificates.command` | Override default container command (useful when using custom images) | `[]` | -| `certificates.args` | Override default container args (useful when using custom images) | `[]` | -| `certificates.extraEnvVars` | Container sidecar extra environment variables (eg proxy) | `[]` | -| `certificates.extraEnvVarsCM` | ConfigMap containing extra env vars | `""` | -| `certificates.extraEnvVarsSecret` | Secret containing extra env vars (in case of sensitive data) | `""` | -| `certificates.image.registry` | Container sidecar registry | `REGISTRY_NAME` | -| `certificates.image.repository` | Container sidecar image | `REPOSITORY_NAME/os-shell` | -| `certificates.image.digest` | Container sidecar image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `certificates.image.pullPolicy` | Container sidecar image pull policy | `IfNotPresent` | -| `certificates.image.pullSecrets` | Container sidecar image pull secrets | `[]` | - -### NetworkPolicy parameters - -| Name | Description | Value | -| --------------------------------------- | --------------------------------------------------------------- | ------ | -| `networkPolicy.enabled` | Specifies whether a NetworkPolicy should be created | `true` | -| `networkPolicy.allowExternal` | Don't require server label for connections | `true` | -| `networkPolicy.allowExternalEgress` | Allow the pod to access any range of port and all destinations. | `true` | -| `networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolicy | `[]` | -| `networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy | `[]` | -| `networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces | `{}` | -| `networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces | `{}` | - -The above parameters map to the env variables defined in [bitnami/drupal](https://github.com/bitnami/containers/tree/main/bitnami/drupal). For more information please refer to the [bitnami/drupal](https://github.com/bitnami/containers/tree/main/bitnami/drupal) image documentation. - -Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, - -```console -helm install my-release \ - --set drupalUsername=admin,drupalPassword=password,mariadb.auth.rootPassword=secretpassword \ - oci://REGISTRY_NAME/REPOSITORY_NAME/drupal -``` - -> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. - -The above command sets the Drupal administrator account username and password to `admin` and `password` respectively. Additionally, it sets the MariaDB `root` user password to `secretpassword`. - -> NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available. - -Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example, - -```console -helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/drupal -``` - -> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. -> **Tip**: You can use the default [values.yaml](https://github.com/bitnami/charts/tree/main/bitnami/drupal/values.yaml) - -## Troubleshooting - -Find more information about how to deal with common errors related to Bitnami's Helm charts in [this troubleshooting guide](https://docs.bitnami.com/general/how-to/troubleshoot-helm-chart-issues). - -## Upgrading - -### To 19.0.0 - -This major release bumps the MariaDB version to 11.4. Follow the [upstream instructions](https://mariadb.com/kb/en/upgrading-from-mariadb-11-3-to-mariadb-11-4/) for upgrading from MariaDB 11.3 to 11.4. No major issues are expected during the upgrade. - -### To 18.0.0 - -This major bump changes the following security defaults: - -- `runAsGroup` is changed from `0` to `1001` -- `readOnlyRootFilesystem` is set to `true` -- `resourcesPreset` is changed from `none` to the minimum size working in our test suites (NOTE: `resourcesPreset` is not meant for production usage, but `resources` adapted to your use case). -- `global.compatibility.openshift.adaptSecurityContext` is changed from `disabled` to `auto`. -- The `networkPolicy` section has been normalized amongst all Bitnami charts. Compared to the previous approach, the values section has been simplified (check the Parameters section) and now it set to `enabled=true` by default. Egress traffic is allowed by default and ingress traffic is allowed by all pods but only to the ports set in `containerPorts` and `extraContainerPorts`. - -This could potentially break any customization or init scripts used in your deployment. If this is the case, change the default values to the previous ones. - -Also, this major release bumps the MariaDB chart version to [18.x.x](https://github.com/bitnami/charts/pull/24804); no major issues are expected during the upgrade. - -### To 17.0.0 - -This major release bumps the MariaDB version to 11.2. No major issues are expected during the upgrade. - -### To 16.0.0 - -This major release bumps the MariaDB version to 11.1. No major issues are expected during the upgrade. - -### To 15.0.0 - -This major release bumps the MariaDB version to 11.0. Follow the [upstream instructions](https://mariadb.com/kb/en/upgrading-from-mariadb-10-11-to-mariadb-11-0/) for upgrading from MariaDB 10.11 to 11.0. No major issues are expected during the upgrade. - -### To 14.0.0 - -This major release bumps the MariaDB version to 10.11. Follow the [upstream instructions](https://mariadb.com/kb/en/upgrading-from-mariadb-10-6-to-mariadb-10-11/) for upgrading from MariaDB 10.6 to 10.11. No major issues are expected during the upgrade. - -### To 12.0.0 - -This major release bumps the MariaDB version to 10.6. Follow the [upstream instructions](https://mariadb.com/kb/en/upgrading-from-mariadb-105-to-mariadb-106/) for upgrading from MariaDB 10.5 to 10.6. No major issues are expected during the upgrade. - -### To 11.0.0 - -This major release renames several values in this chart and adds missing features, in order to be inline with the rest of assets in the Bitnami charts repository. - -Affected values: - -- `service.port` was deprecated, we recommend using `service.ports.http` instead. -- `service.httpsPort` was deprecated, we recommend using `service.ports.https` instead. -- `persistence.accessMode` has been deprecated, we recommend using `persistence.accessModes` instead. - -Additionally also updates the MariaDB subchart to it newest major, 10.0.0, which contains similar changes. - -### To 10.0.0 - -[On November 13, 2020, Helm v2 support was formally finished](https://github.com/helm/charts#status-of-the-project), this major version is the result of the required changes applied to the Helm Chart to be able to incorporate the different features added in Helm v3 and to be consistent with the Helm project itself regarding the Helm v2 EOL. - -#### What changes were introduced in this major version? - -- Previous versions of this Helm Chart use `apiVersion: v1` (installable by both Helm 2 and 3), this Helm Chart was updated to `apiVersion: v2` (installable by Helm 3 only). [Here](https://helm.sh/docs/topics/charts/#the-apiversion-field) you can find more information about the `apiVersion` field. -- Move dependency information from the *requirements.yaml* to the *Chart.yaml* -- After running `helm dependency update`, a *Chart.lock* file is generated containing the same structure used in the previous *requirements.lock* -- The different fields present in the *Chart.yaml* file has been ordered alphabetically in a homogeneous way for all the Bitnami Helm Charts - -#### Considerations when upgrading to this version - -- If you want to upgrade to this version from a previous one installed with Helm v3, you shouldn't face any issues -- If you want to upgrade to this version using Helm v2, this scenario is not supported as this version doesn't support Helm v2 anymore -- If you installed the previous version with Helm v2 and wants to upgrade to this version with Helm v3, please refer to the [official Helm documentation](https://helm.sh/docs/topics/v2_v3_migration/#migration-use-cases) about migrating from Helm v2 to v3 - -#### Useful links - -- -- -- - -### To 9.0.0 - -MariaDB dependency version was bumped to a new major version that introduces several incompatilibites. Therefore, backwards compatibility is not guaranteed unless an external database is used. Check [MariaDB Upgrading Notes](https://github.com/bitnami/charts/tree/main/bitnami/mariadb#to-800) for more information. - -To upgrade to `9.0.0`, you have two alternatives: - -- Install a new Drupal chart, and migrate your Drupal site using backup/restore tools such as [Drupal Backup and Migrate](https://www.drupal.org/project/backup_migrate). -- Reuse the PVC used to hold the MariaDB data on your previous release. To do so, follow the instructions below (the following example assumes that the release name is `drupal`): - -> NOTE: Please, create a backup of your database before running any of those actions. The steps below would be only valid if your application (e.g. any plugins or custom code) is compatible with MariaDB 10.5.x - -Obtain the credentials and the name of the PVC used to hold the MariaDB data on your current release: - -```console -export DRUPAL_PASSWORD=$(kubectl get secret --namespace default drupal -o jsonpath="{.data.drupal-password}" | base64 -d) -export MARIADB_ROOT_PASSWORD=$(kubectl get secret --namespace default drupal-mariadb -o jsonpath="{.data.mariadb-root-password}" | base64 -d) -export MARIADB_PASSWORD=$(kubectl get secret --namespace default drupal-mariadb -o jsonpath="{.data.mariadb-password}" | base64 -d) -export MARIADB_PVC=$(kubectl get pvc -l app=mariadb,component=master,release=drupal -o jsonpath="{.items[0].metadata.name}") -``` - -Upgrade your release (maintaining the version) disabling MariaDB and scaling Drupal replicas to 0: - -```console -helm upgrade drupal oci://REGISTRY_NAME/REPOSITORY_NAME/drupal --set drupalPassword=$DRUPAL_PASSWORD --set replicaCount=0 --set mariadb.enabled=false --version 8.2.1 -``` - -> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. - -Finally, upgrade you release to 9.0.0 reusing the existing PVC, and enabling back MariaDB: - -```console -helm upgrade drupal oci://REGISTRY_NAME/REPOSITORY_NAME/drupal --set mariadb.primary.persistence.existingClaim=$MARIADB_PVC --set mariadb.auth.rootPassword=$MARIADB_ROOT_PASSWORD --set mariadb.auth.password=$MARIADB_PASSWORD --set drupalPassword=$DRUPAL_PASSWORD -``` - -> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. - -You should see the lines below in MariaDB container logs: - -```console -$ kubectl logs $(kubectl get pods -l app.kubernetes.io/instance=drupal,app.kubernetes.io/name=mariadb,app.kubernetes.io/component=primary -o jsonpath="{.items[0].metadata.name}") -... -mariadb 12:13:24.98 INFO ==> Using persisted data -mariadb 12:13:25.01 INFO ==> Running mysql_upgrade -... -``` - -### To 8.0.0 - -The [Bitnami Drupal](https://github.com/bitnami/containers/tree/main/bitnami/drupal) image was migrated to a "non-root" user approach. Previously the container ran as the `root` user and the Apache daemon was started as the `daemon` user. From now on, both the container and the Apache daemon run as user `1001`. You can revert this behavior by setting the parameters `containerSecurityContext.runAsUser` to `root`. - -Consequences: - -- The HTTP/HTTPS ports exposed by the container are now `8080/8443` instead of `80/443`. -- Backwards compatibility is not guaranteed. - -To upgrade to `8.0.0`, backup Drupal data and the previous MariaDB databases, install a new Drupal chart and import the backups and data, ensuring the `1001` user has the appropriate permissions on the migrated volume. - -This upgrade also adapts the chart to the latest Bitnami good practices. Check the Parameters section for more information. - -### To 6.0.0 - -Helm performs a lookup for the object based on its group (apps), version (v1), and kind (Deployment). Also known as its GroupVersionKind, or GVK. Changing the GVK is considered a compatibility breaker from Kubernetes' point of view, so you cannot "upgrade" those objects to the new GVK in-place. Earlier versions of Helm 3 did not perform the lookup correctly which has since been fixed to match the spec. - -In the `apiVersion` of the deployment resources was updated to `apps/v1` in tune with the api's deprecated, resulting in compatibility breakage. - -This major version signifies this change. - -### To 2.0.0 - -Backwards compatibility is not guaranteed unless you modify the labels used on the chart's deployments. -Use the workaround below to upgrade from versions previous to 2.0.0. The following example assumes that the release name is drupal: - -```console -kubectl patch deployment drupal-drupal --type=json -p='[{"op": "remove", "path": "/spec/selector/matchLabels/chart"}]' -kubectl delete statefulset drupal-mariadb --cascade=false -``` - -## License - -Copyright © 2024 Broadcom. The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. \ No newline at end of file diff --git a/charts/drupal/drupal/templates/NOTES.txt b/charts/drupal/drupal/templates/NOTES.txt deleted file mode 100644 index 95e2c92..0000000 --- a/charts/drupal/drupal/templates/NOTES.txt +++ /dev/null @@ -1,88 +0,0 @@ -CHART NAME: {{ .Chart.Name }} -CHART VERSION: {{ .Chart.Version }} -APP VERSION: {{ .Chart.AppVersion }} - -{{- if or .Values.mariadb.enabled .Values.externalDatabase.host -}} - -** Please be patient while the chart is being deployed ** - -1. Get the Drupal URL: - -{{- if .Values.ingress.enabled }} - - You should be able to access your new Drupal installation through - - http://{{- .Values.ingress.hostname }}/ - -{{- else if eq .Values.service.type "LoadBalancer" }} - - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - Watch the status with: 'kubectl get svc --namespace {{ include "common.names.namespace" . }} -w {{ include "common.names.fullname" . }}' - - export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.names.namespace" . }} {{ include "common.names.fullname" . }} --template "{{ "{{ range (index .status.loadBalancer.ingress 0) }}{{ . }}{{ end }}" }}") - -{{- $port:=(coalesce .Values.service.ports.http .Values.service.port) | toString }} - echo "Drupal URL: http://$SERVICE_IP{{- if ne $port "80" }}:{{ coalesce .Values.service.ports.http .Values.service.port }}{{ end }}/" - -{{- else if eq .Values.service.type "ClusterIP" }} - - echo "Drupal URL: http://127.0.0.1:8080/" - kubectl port-forward --namespace {{ include "common.names.namespace" . }} svc/{{ include "common.names.fullname" . }} 8080:{{ coalesce .Values.service.ports.http .Values.service.port }} - -{{- end }} - -{{- if eq .Values.service.type "NodePort" }} - - Or running: - - export NODE_PORT=$(kubectl get --namespace {{ include "common.names.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.names.fullname" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ include "common.names.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo "Drupal URL: http://$NODE_IP:$NODE_PORT/" - -{{- end }} - -2. Get your Drupal login credentials by running: - - echo Username: {{ .Values.drupalUsername }} - echo Password: $(kubectl get secret --namespace {{ include "common.names.namespace" . }} {{ template "drupal.secretName" . }} -o jsonpath="{.data.drupal-password}" | base64 -d) - -{{- else -}} - -######################################################################################## -### ERROR: You did not provide an external database host in your 'helm install' call ### -######################################################################################## - -This deployment will be incomplete until you configure Drupal with a resolvable database -host. To configure Drupal to use and external database host: - -1. Complete your Drupal deployment by running: - - export APP_PASSWORD=$(kubectl get secret --namespace {{ include "common.names.namespace" . }} {{ template "drupal.secretName" . }} -o jsonpath="{.data.drupal-password}" | base64 -d) - - ## PLEASE UPDATE THE EXTERNAL DATABASE CONNECTION PARAMETERS IN THE FOLLOWING COMMAND AS NEEDED ## - - helm upgrade --namespace {{ include "common.names.namespace" . }} {{ .Release.Name }} oci://registry-1.docker.io/bitnamicharts/{{ .Chart.Name }} \ - --set drupalPassword=$APP_PASSWORD,service.type={{ .Values.service.type }},mariadb.enabled=false{{- if not (empty .Values.externalDatabase.user) }},externalDatabase.user={{ .Values.externalDatabase.user }}{{- end }}{{- if not (empty .Values.externalDatabase.password) }},externalDatabase.password={{ .Values.externalDatabase.password }}{{- end }}{{- if not (empty .Values.externalDatabase.database) }},externalDatabase.database={{ .Values.externalDatabase.database }}{{- end }},externalDatabase.host=YOUR_EXTERNAL_DATABASE_HOST{{- if .Values.global }}{{- if .Values.global.imagePullSecrets }},global.imagePullSecrets={{ .Values.global.imagePullSecrets }}{{- end }}{{- end }} - -{{- end }} - -{{- include "common.warnings.rollingTag" .Values.image }} -{{- include "common.warnings.rollingTag" .Values.metrics.image }} -{{- include "common.warnings.rollingTag" .Values.volumePermissions.image }} -{{- include "common.warnings.rollingTag" .Values.certificates.image }} - -{{- $passwordValidationErrors := list -}} -{{- if not .Values.existingSecret -}} - {{- $secretName := include "drupal.secretName" . -}} - {{- $requiredDrupalPassword := dict "valueKey" "drupalPassword" "secret" $secretName "field" "drupal-password" "context" $ -}} - {{- $requiredDrupalPasswordError := include "common.validations.values.single.empty" $requiredDrupalPassword -}} - {{- $passwordValidationErrors = append $passwordValidationErrors $requiredDrupalPasswordError -}} -{{- end -}} - -{{- $mariadbSecretName := include "drupal.databaseSecretName" . -}} -{{- $mariadbPasswordValidationErrors := include "common.validations.values.mariadb.passwords" (dict "secret" $mariadbSecretName "subchart" true "context" $) -}} -{{- $passwordValidationErrors = append $passwordValidationErrors $mariadbPasswordValidationErrors -}} - -{{- include "common.errors.upgrade.passwords.empty" (dict "validationErrors" $passwordValidationErrors "context" $) -}} -{{- include "common.warnings.resources" (dict "sections" (list "metrics" "" "volumePermissions") "context" $) }} -{{- include "common.warnings.modifiedImages" (dict "images" (list .Values.image .Values.volumePermissions.image .Values.metrics.image .Values.certificates.image) "context" $) }} \ No newline at end of file diff --git a/charts/drupal/drupal/templates/_helpers.tpl b/charts/drupal/drupal/templates/_helpers.tpl deleted file mode 100644 index da01ed6..0000000 --- a/charts/drupal/drupal/templates/_helpers.tpl +++ /dev/null @@ -1,144 +0,0 @@ -{{/* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -*/}} -{{- define "drupal.mariadb.fullname" -}} -{{- printf "%s-%s" .Release.Name "mariadb" | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Return the proper certificate image name -*/}} -{{- define "certificates.image" -}} -{{- include "common.images.image" ( dict "imageRoot" .Values.certificates.image "global" .Values.global ) -}} -{{- end -}} - -{{/* -Return the proper Drupal image name -*/}} -{{- define "drupal.image" -}} -{{- include "common.images.image" (dict "imageRoot" .Values.image "global" .Values.global) -}} -{{- end -}} - -{{/* -Return the proper image name (for the metrics image) -*/}} -{{- define "drupal.metrics.image" -}} -{{- include "common.images.image" (dict "imageRoot" .Values.metrics.image "global" .Values.global) -}} -{{- end -}} - -{{/* -Return the proper image name (for the init container volume-permissions image) -*/}} -{{- define "drupal.volumePermissions.image" -}} -{{- include "common.images.image" ( dict "imageRoot" .Values.volumePermissions.image "global" .Values.global ) -}} -{{- end -}} - -{{/* -Return the proper Docker Image Registry Secret Names -*/}} -{{- define "drupal.imagePullSecrets" -}} -{{- include "common.images.pullSecrets" (dict "images" (list .Values.image .Values.metrics.image .Values.volumePermissions.image .Values.certificates.image) "global" .Values.global) -}} -{{- end -}} - -{{/* -Return the proper Storage Class -*/}} -{{- define "drupal.storageClass" -}} -{{- include "common.storage.class" (dict "persistence" .Values.persistence "global" .Values.global) -}} -{{- end -}} - -{{/* -Drupal credential secret name -*/}} -{{- define "drupal.secretName" -}} -{{- coalesce .Values.existingSecret (include "common.names.fullname" .) -}} -{{- end -}} - -{{/* -Return the MariaDB Hostname -*/}} -{{- define "drupal.databaseHost" -}} -{{- if .Values.mariadb.enabled }} - {{- if eq .Values.mariadb.architecture "replication" }} - {{- printf "%s-%s" (include "drupal.mariadb.fullname" .) "primary" | trunc 63 | trimSuffix "-" -}} - {{- else -}} - {{- printf "%s" (include "drupal.mariadb.fullname" .) -}} - {{- end -}} -{{- else -}} - {{- printf "%s" .Values.externalDatabase.host -}} -{{- end -}} -{{- end -}} - -{{/* -Return the MariaDB Port -*/}} -{{- define "drupal.databasePort" -}} -{{- if .Values.mariadb.enabled }} - {{- printf "3306" -}} -{{- else -}} - {{- printf "%d" (.Values.externalDatabase.port | int ) -}} -{{- end -}} -{{- end -}} - -{{/* -Return the MariaDB Database Name -*/}} -{{- define "drupal.databaseName" -}} -{{- if .Values.mariadb.enabled }} - {{- printf "%s" .Values.mariadb.auth.database -}} -{{- else -}} - {{- printf "%s" .Values.externalDatabase.database -}} -{{- end -}} -{{- end -}} - -{{/* -Return the MariaDB User -*/}} -{{- define "drupal.databaseUser" -}} -{{- if .Values.mariadb.enabled }} - {{- printf "%s" .Values.mariadb.auth.username -}} -{{- else -}} - {{- printf "%s" .Values.externalDatabase.user -}} -{{- end -}} -{{- end -}} - -{{/* -Return the MariaDB Secret Name -*/}} -{{- define "drupal.databaseSecretName" -}} -{{- if .Values.mariadb.enabled }} - {{- printf "%s" (include "drupal.mariadb.fullname" .) -}} -{{- else if .Values.externalDatabase.existingSecret -}} - {{- printf "%s" .Values.externalDatabase.existingSecret -}} -{{- else -}} - {{- printf "%s-%s" (include "common.names.fullname" .) "externaldb" -}} -{{- end -}} -{{- end -}} - -{{/* -Return the database password key -*/}} -{{- define "drupal.databasePasswordKey" -}} -{{- if .Values.mariadb.enabled -}} -mariadb-password -{{- else -}} -db-password -{{- end -}} -{{- end -}} - -{{/* -Create the name of the service account to use -*/}} -{{- define "drupal.serviceAccountName" -}} -{{- if .Values.serviceAccount.create -}} - {{ default (include "common.names.fullname" .) .Values.serviceAccount.name }} -{{- else -}} - {{ default "default" .Values.serviceAccount.name }} -{{- end -}} -{{- end -}} diff --git a/charts/drupal/drupal/templates/deployment.yaml b/charts/drupal/drupal/templates/deployment.yaml deleted file mode 100644 index bb36ad4..0000000 --- a/charts/drupal/drupal/templates/deployment.yaml +++ /dev/null @@ -1,384 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -apiVersion: {{ include "common.capabilities.deployment.apiVersion" . }} -kind: Deployment -metadata: - name: {{ include "common.names.fullname" . }} - namespace: {{ include "common.names.namespace" . | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -spec: - {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.podLabels .Values.commonLabels ) "context" . ) }} - selector: - matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }} - {{- if .Values.updateStrategy }} - strategy: {{- toYaml .Values.updateStrategy | nindent 4 }} - {{- end }} - replicas: {{ .Values.replicaCount }} - template: - metadata: - labels: {{- include "common.labels.standard" ( dict "customLabels" $podLabels "context" $ ) | nindent 8 }} - {{- if or .Values.podAnnotations (and .Values.metrics.enabled .Values.metrics.podAnnotations) }} - annotations: - {{- if .Values.podAnnotations }} - {{- include "common.tplvalues.render" (dict "value" .Values.podAnnotations "context" $) | nindent 8 }} - {{- end }} - {{- if and .Values.metrics.enabled .Values.metrics.podAnnotations }} - {{- include "common.tplvalues.render" (dict "value" .Values.metrics.podAnnotations "context" $) | nindent 8 }} - {{- end }} - {{- end }} - spec: - {{- include "drupal.imagePullSecrets" . | nindent 6 }} - {{- if .Values.podSecurityContext.enabled }} - securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.podSecurityContext "context" $) | nindent 8 }} - {{- end }} - {{- if .Values.affinity }} - affinity: {{- include "common.tplvalues.render" (dict "value" .Values.affinity "context" $) | nindent 8 }} - {{- else }} - affinity: - podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.podAffinityPreset "customLabels" $podLabels "context" $) | nindent 10 }} - podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.podAntiAffinityPreset "customLabels" $podLabels "context" $) | nindent 10 }} - nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.nodeAffinityPreset.type "key" .Values.nodeAffinityPreset.key "values" .Values.nodeAffinityPreset.values) | nindent 10 }} - {{- end }} - serviceAccountName: {{ include "drupal.serviceAccountName" . }} - {{- if .Values.schedulerName }} - schedulerName: {{ .Values.schedulerName }} - {{- end }} - {{- if .Values.topologySpreadConstraints }} - topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.topologySpreadConstraints "context" .) | nindent 8 }} - {{- end }} - priorityClassName: {{ .Values.priorityClassName | quote }} - {{- if .Values.nodeSelector }} - nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.nodeSelector "context" $) | nindent 8 }} - {{- end }} - {{- if .Values.tolerations }} - tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.tolerations "context" $) | nindent 8 }} - {{- end }} - automountServiceAccountToken: {{ .Values.automountServiceAccountToken }} - {{- if .Values.hostAliases }} - # yamllint disable rule:indentation - hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.hostAliases "context" $) | nindent 8 }} - # yamllint enable rule:indentation - {{- end }} - initContainers: - - name: prepare-base-dir - image: {{ include "drupal.image" . }} - imagePullPolicy: {{ .Values.image.pullPolicy | quote }} - {{- if .Values.resources }} - resources: {{- toYaml .Values.resources | nindent 12 }} - {{- else if ne .Values.resourcesPreset "none" }} - resources: {{- include "common.resources.preset" (dict "type" .Values.resourcesPreset) | nindent 12 }} - {{- end }} - {{- if .Values.containerSecurityContext.enabled }} - securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.containerSecurityContext "context" $) | nindent 12 }} - {{- end }} - command: - - /bin/bash - args: - - -ec - - | - #!/bin/bash - - . /opt/bitnami/scripts/liblog.sh - . /opt/bitnami/scripts/libfs.sh - - info "Copying base dir to empty dir" - # In order to not break the application functionality (such as upgrades or plugins) we need - # to make the base directory writable, so we need to copy it to an empty dir volume - cp -r --preserve=mode /opt/bitnami/drupal /emptydir/app-base-dir - - info "Copying symlinks to stdout/stderr" - # We copy the logs folder because it has symlinks to stdout and stderr - if ! is_dir_empty /opt/bitnami/apache/logs; then - cp -r /opt/bitnami/apache/logs /emptydir/apache-logs-dir - fi - info "Copy operation completed" - volumeMounts: - - name: empty-dir - mountPath: /emptydir - {{- if and .Values.volumePermissions.enabled .Values.persistence.enabled }} - - name: volume-permissions - image: {{ include "drupal.volumePermissions.image" . }} - imagePullPolicy: {{ .Values.volumePermissions.image.pullPolicy | quote }} - command: - - sh - - -c - - | - mkdir -p "/bitnami/drupal" - chown -R "{{ .Values.containerSecurityContext.runAsUser }}:{{ .Values.podSecurityContext.fsGroup }}" "/bitnami/drupal" - securityContext: - runAsUser: 0 - {{- if .Values.volumePermissions.resources }} - resources: {{- toYaml .Values.volumePermissions.resources | nindent 12 }} - {{- else if ne .Values.volumePermissions.resourcesPreset "none" }} - resources: {{- include "common.resources.preset" (dict "type" .Values.volumePermissions.resourcesPreset) | nindent 12 }} - {{- end }} - volumeMounts: - - name: drupal-data - mountPath: /bitnami/drupal - {{- end }} - {{- if .Values.certificates.customCAs }} - - name: certificates - image: {{ template "certificates.image" . }} - imagePullPolicy: {{ default .Values.image.pullPolicy .Values.certificates.image.pullPolicy }} - imagePullSecrets: - {{- range (default .Values.image.pullSecrets .Values.certificates.image.pullSecrets) }} - - name: {{ . }} - {{- end }} - command: - {{- if .Values.certificates.command }} - command: {{- include "common.tplvalues.render" (dict "value" .Values.certificates.command "context" $) | nindent 12 }} - {{- else if .Values.certificates.customCertificate.certificateSecret }} - - sh - - -c - - install_packages ca-certificates openssl - {{- else }} - - sh - - -c - - install_packages ca-certificates openssl - && openssl req -new -x509 -days 3650 -nodes -sha256 - -subj "/CN=$(hostname)" -addext "subjectAltName = DNS:$(hostname)" - -out /etc/ssl/certs/ssl-cert-snakeoil.pem - -keyout /etc/ssl/private/ssl-cert-snakeoil.key -extensions v3_req - {{- end }} - {{- if .Values.certificates.args }} - args: {{- include "common.tplvalues.render" (dict "value" .Values.certificates.args "context" $) | nindent 12 }} - {{- end }} - env: {{- include "common.tplvalues.render" (dict "value" .Values.certificates.extraEnvVars "context" $) | nindent 12 }} - envFrom: - {{- if .Values.certificates.extraEnvVarsCM }} - - configMapRef: - name: {{ include "common.tplvalues.render" (dict "value" .Values.certificates.extraEnvVarsCM "context" $) }} - {{- end }} - {{- if .Values.certificates.extraEnvVarsSecret }} - - secretRef: - name: {{ include "common.tplvalues.render" (dict "value" .Values.certificates.extraEnvVarsSecret "context" $) }} - {{- end }} - volumeMounts: - - name: etc-ssl-certs - mountPath: /etc/ssl/certs - readOnly: false - - name: etc-ssl-private - mountPath: /etc/ssl/private - readOnly: false - - name: custom-ca-certificates - mountPath: /usr/local/share/ca-certificates - readOnly: true - {{- end }} - {{- if .Values.initContainers }} - {{- include "common.tplvalues.render" (dict "value" .Values.initContainers "context" $) | nindent 8 }} - {{- end }} - containers: - - name: {{ include "common.names.fullname" . }} - image: {{ template "drupal.image" . }} - imagePullPolicy: {{ .Values.image.pullPolicy | quote }} - {{- if .Values.command }} - command: {{- include "common.tplvalues.render" (dict "value" .Values.command "context" $) | nindent 12 }} - {{- end }} - {{- if .Values.args }} - args: {{- include "common.tplvalues.render" (dict "value" .Values.args "context" $) | nindent 12 }} - {{- end }} - {{- if .Values.containerSecurityContext.enabled }} - securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.containerSecurityContext "context" $) | nindent 12 }} - {{- end }} - env: - - name: BITNAMI_DEBUG - value: {{ ternary "true" "false" .Values.image.debug | quote }} - - name: ALLOW_EMPTY_PASSWORD - value: {{ ternary "yes" "no" .Values.allowEmptyPassword | quote }} - - name: APACHE_HTTP_PORT_NUMBER - value: {{ .Values.containerPorts.http | quote }} - - name: APACHE_HTTPS_PORT_NUMBER - value: {{ .Values.containerPorts.https | quote }} - - name: DRUPAL_DATABASE_HOST - value: {{ include "drupal.databaseHost" . | quote }} - - name: DRUPAL_DATABASE_PORT_NUMBER - value: {{ include "drupal.databasePort" . | quote }} - - name: DRUPAL_DATABASE_NAME - value: {{ include "drupal.databaseName" . | quote }} - - name: DRUPAL_DATABASE_USER - value: {{ include "drupal.databaseUser" . | quote }} - - name: DRUPAL_DATABASE_PASSWORD - valueFrom: - secretKeyRef: - name: {{ include "drupal.databaseSecretName" . }} - key: {{ include "drupal.databasePasswordKey" . | quote }} - - name: DRUPAL_SKIP_BOOTSTRAP - value: {{ ternary "yes" "no" .Values.drupalSkipInstall | quote }} - - name: DRUPAL_PROFILE - value: {{ .Values.drupalProfile | quote }} - - name: DRUPAL_USERNAME - value: {{ .Values.drupalUsername | quote }} - - name: DRUPAL_PASSWORD - valueFrom: - secretKeyRef: - name: {{ include "drupal.secretName" . }} - key: drupal-password - - name: DRUPAL_EMAIL - value: {{ .Values.drupalEmail | quote }} - {{- if .Values.smtpHost }} - - name: SMTP_HOST - value: {{ .Values.smtpHost | quote }} - {{- end }} - {{- if .Values.smtpPort }} - - name: SMTP_PORT - value: {{ .Values.smtpPort | quote }} - {{- end }} - {{- if .Values.smtpUser }} - - name: SMTP_USER - value: {{ .Values.smtpUser | quote }} - {{- end }} - {{- if .Values.smtpPassword }} - - name: SMTP_PASSWORD - valueFrom: - secretKeyRef: - name: {{ include "drupal.secretName" . }} - key: smtp-password - {{- end }} - {{- if .Values.smtpProtocol }} - - name: SMTP_PROTOCOL - value: {{ .Values.smtpProtocol | quote }} - {{- end }} - {{- if .Values.extraEnvVars }} - {{- include "common.tplvalues.render" (dict "value" .Values.extraEnvVars "context" $) | nindent 12 }} - {{- end }} - envFrom: - {{- if .Values.extraEnvVarsCM }} - - configMapRef: - name: {{ include "common.tplvalues.render" (dict "value" .Values.extraEnvVarsCM "context" $) }} - {{- end }} - {{- if .Values.extraEnvVarsSecret }} - - secretRef: - name: {{ include "common.tplvalues.render" (dict "value" .Values.extraEnvVarsSecret "context" $) }} - {{- end }} - {{- if .Values.lifecycleHooks }} - lifecycle: {{- include "common.tplvalues.render" (dict "value" .Values.lifecycleHooks "context" $) | nindent 12 }} - {{- end }} - ports: - - name: http - containerPort: {{ .Values.containerPorts.http }} - - name: https - containerPort: {{ .Values.containerPorts.https }} - {{- if .Values.extraContainerPorts }} - {{- include "common.tplvalues.render" (dict "value" .Values.extraContainerPorts "context" $) | nindent 12 }} - {{- end }} - {{- if .Values.customStartupProbe }} - startupProbe: {{- include "common.tplvalues.render" (dict "value" .Values.customStartupProbe "context" $) | nindent 12 }} - {{- else if .Values.startupProbe.enabled }} - startupProbe: - httpGet: - path: {{ .Values.startupProbe.path }} - port: http - initialDelaySeconds: {{ .Values.startupProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.startupProbe.periodSeconds }} - timeoutSeconds: {{ .Values.startupProbe.timeoutSeconds }} - successThreshold: {{ .Values.startupProbe.successThreshold }} - failureThreshold: {{ .Values.startupProbe.failureThreshold }} - {{- end }} - {{- if .Values.customLivenessProbe }} - livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.customLivenessProbe "context" $) | nindent 12 }} - {{- else if .Values.livenessProbe.enabled }} - livenessProbe: - tcpSocket: - port: http - initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.livenessProbe.periodSeconds }} - timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }} - successThreshold: {{ .Values.livenessProbe.successThreshold }} - failureThreshold: {{ .Values.livenessProbe.failureThreshold }} - {{- end }} - {{- if .Values.customReadinessProbe }} - readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.customReadinessProbe "context" $) | nindent 12 }} - {{- else if .Values.readinessProbe.enabled }} - readinessProbe: - httpGet: - path: {{ .Values.readinessProbe.path }} - port: http - initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.readinessProbe.periodSeconds }} - timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }} - successThreshold: {{ .Values.readinessProbe.successThreshold }} - failureThreshold: {{ .Values.readinessProbe.failureThreshold }} - {{- end }} - {{- if .Values.resources }} - resources: {{- toYaml .Values.resources | nindent 12 }} - {{- else if ne .Values.resourcesPreset "none" }} - resources: {{- include "common.resources.preset" (dict "type" .Values.resourcesPreset) | nindent 12 }} - {{- end }} - volumeMounts: - - name: empty-dir - mountPath: /opt/bitnami/apache/conf - subPath: apache-conf-dir - - name: empty-dir - mountPath: /opt/bitnami/apache/logs - subPath: apache-logs-dir - - name: empty-dir - mountPath: /opt/bitnami/apache/var/run - subPath: apache-tmp-dir - - name: empty-dir - mountPath: /opt/bitnami/php/etc - subPath: php-conf-dir - - name: empty-dir - mountPath: /opt/bitnami/php/tmp - subPath: php-tmp-dir - - name: empty-dir - mountPath: /opt/bitnami/php/var - subPath: php-var-dir - - name: empty-dir - mountPath: /tmp - subPath: tmp-dir - - name: empty-dir - mountPath: /opt/bitnami/drupal - subPath: app-base-dir - - name: drupal-data - mountPath: /bitnami/drupal - {{- if .Values.extraVolumeMounts }} - {{- include "common.tplvalues.render" (dict "value" .Values.extraVolumeMounts "context" $) | nindent 12 }} - {{- end }} - {{- if .Values.metrics.enabled }} - - name: metrics - image: {{ template "drupal.metrics.image" . }} - imagePullPolicy: {{ .Values.metrics.image.pullPolicy | quote }} - command: [ '/bin/apache_exporter', '--scrape_uri', 'http://status.localhost:{{ .Values.containerPorts.http }}/server-status/?auto' ] - ports: - - name: metrics - containerPort: 9117 - livenessProbe: - httpGet: - path: /metrics - port: metrics - initialDelaySeconds: 15 - timeoutSeconds: 5 - readinessProbe: - httpGet: - path: /metrics - port: metrics - initialDelaySeconds: 5 - timeoutSeconds: 1 - {{- if .Values.metrics.resourcesPreset }} - resources: {{- toYaml .Values.metrics.resources | nindent 12 }} - {{- else if ne .Values.metrics.resourcesPreset "none" }} - resources: {{- include "common.resources.preset" (dict "type" .Values.metrics.resourcesPreset) | nindent 12 }} - {{- end }} - {{- end }} - {{- if .Values.sidecars }} - {{- include "common.tplvalues.render" (dict "value" .Values.sidecars "context" $) | nindent 8 }} - {{- end }} - volumes: - - name: empty-dir - emptyDir: {} - - name: drupal-data - {{- if .Values.persistence.enabled }} - persistentVolumeClaim: - claimName: {{ .Values.persistence.existingClaim | default (printf "%s-drupal" (include "common.names.fullname" .)) }} - {{- else }} - emptyDir: {} - {{- end }} - {{- if .Values.extraVolumes }} - {{- include "common.tplvalues.render" (dict "value" .Values.extraVolumes "context" $) | nindent 8 }} - {{- end }} diff --git a/charts/drupal/drupal/templates/externaldb-secrets.yaml b/charts/drupal/drupal/templates/externaldb-secrets.yaml deleted file mode 100644 index bfdd266..0000000 --- a/charts/drupal/drupal/templates/externaldb-secrets.yaml +++ /dev/null @@ -1,19 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if and (not .Values.mariadb.enabled) (not .Values.externalDatabase.existingSecret) }} -apiVersion: v1 -kind: Secret -metadata: - name: {{ printf "%s-externaldb" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-" }} - namespace: {{ include "common.names.namespace" . | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -type: Opaque -data: - db-password: {{ default "" .Values.externalDatabase.password | b64enc | quote }} -{{- end }} diff --git a/charts/drupal/drupal/templates/extra-list.yaml b/charts/drupal/drupal/templates/extra-list.yaml deleted file mode 100644 index 329f5c6..0000000 --- a/charts/drupal/drupal/templates/extra-list.yaml +++ /dev/null @@ -1,9 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- range .Values.extraDeploy }} ---- -{{ include "common.tplvalues.render" (dict "value" . "context" $) }} -{{- end }} diff --git a/charts/drupal/drupal/templates/ingress.yaml b/charts/drupal/drupal/templates/ingress.yaml deleted file mode 100644 index a0a3b8e..0000000 --- a/charts/drupal/drupal/templates/ingress.yaml +++ /dev/null @@ -1,66 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if .Values.ingress.enabled }} -apiVersion: {{ include "common.capabilities.ingress.apiVersion" . }} -kind: Ingress -metadata: - name: {{ include "common.names.fullname" . }} - namespace: {{ include "common.names.namespace" . | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - annotations: - {{- if .Values.ingress.certManager }} - kubernetes.io/tls-acme: "true" - {{- end }} - {{- if or .Values.ingress.annotations .Values.commonAnnotations }} - {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.ingress.annotations .Values.commonAnnotations ) "context" . ) }} - {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} - {{- end }} -spec: - {{- if and .Values.ingress.ingressClassName (eq "true" (include "common.ingress.supportsIngressClassname" .)) }} - ingressClassName: {{ .Values.ingress.ingressClassName | quote }} - {{- end }} - rules: - {{- if .Values.ingress.hostname }} - - host: {{ .Values.ingress.hostname }} - http: - paths: - - path: {{ .Values.ingress.path }} - {{- if eq "true" (include "common.ingress.supportsPathType" .) }} - pathType: {{ .Values.ingress.pathType }} - {{- end }} - backend: {{- include "common.ingress.backend" (dict "serviceName" (include "common.names.fullname" .) "servicePort" "http" "context" $) | nindent 14 }} - {{- if .Values.ingress.extraPaths }} - {{- toYaml .Values.ingress.extraPaths | nindent 10 }} - {{- end }} - {{- end }} - {{- range (coalesce .Values.ingress.extraHosts .Values.ingress.hosts) }} - - host: {{ .name | quote }} - http: - paths: - - path: {{ default "/" .path }} - {{- if eq "true" (include "common.ingress.supportsPathType" $) }} - pathType: {{ default "ImplementationSpecific" .pathType }} - {{- end }} - backend: {{- include "common.ingress.backend" (dict "serviceName" (include "common.names.fullname" $) "servicePort" "http" "context" $) | nindent 14 }} - {{- end }} - {{- if .Values.ingress.extraRules }} - {{- include "common.tplvalues.render" (dict "value" .Values.ingress.extraRules "context" $) | nindent 4 }} - {{- end }} - {{- if or .Values.ingress.tls .Values.ingress.extraTls }} - tls: - {{- if .Values.ingress.tls }} - - hosts: - - {{ .Values.ingress.hostname | quote }} - {{- if and (or (.Values.ingress.tlsWwwPrefix) (eq (index .Values.ingress.annotations "nginx.ingress.kubernetes.io/from-to-www-redirect") "true" )) (not (contains "www." .Values.ingress.hostname)) }} - - {{ printf "www.%s" (tpl .Values.ingress.hostname $) | quote }} - {{- end }} - secretName: {{ printf "%s-tls" .Values.ingress.hostname }} - {{- end }} - {{- if .Values.ingress.extraTls }} - {{- include "common.tplvalues.render" (dict "value" .Values.ingress.extraTls "context" $) | nindent 4 }} - {{- end }} - {{- end }} -{{- end }} diff --git a/charts/drupal/drupal/templates/metrics-svc.yaml b/charts/drupal/drupal/templates/metrics-svc.yaml deleted file mode 100644 index f95e56a..0000000 --- a/charts/drupal/drupal/templates/metrics-svc.yaml +++ /dev/null @@ -1,39 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if .Values.metrics.enabled }} -apiVersion: v1 -kind: Service -metadata: - name: {{ printf "%s-metrics" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-" }} - namespace: {{ .Release.Namespace | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - app.kubernetes.io/component: metrics - {{- if or .Values.metrics.service.annotations .Values.commonAnnotations }} - {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.metrics.service.annotations .Values.commonAnnotations ) "context" . ) }} - annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} - {{- end }} -spec: - type: {{ .Values.metrics.service.type }} - {{- if eq .Values.metrics.service.type "LoadBalancer" }} - externalTrafficPolicy: {{ .Values.metrics.service.externalTrafficPolicy }} - {{- end }} - {{- if and (eq .Values.metrics.service.type "LoadBalancer") .Values.metrics.service.loadBalancerIP }} - loadBalancerIP: {{ .Values.metrics.service.loadBalancerIP }} - {{- end }} - {{- if and (eq .Values.metrics.service.type "LoadBalancer") .Values.metrics.service.loadBalancerSourceRanges }} - loadBalancerSourceRanges: {{- toYaml .Values.metrics.service.loadBalancerSourceRanges | nindent 4 }} - {{- end }} - ports: - - name: metrics - port: {{ .Values.metrics.service.ports.metrics }} - protocol: TCP - targetPort: metrics - {{- if .Values.metrics.service.extraPorts }} - {{- include "common.tplvalues.render" (dict "value" .Values.metrics.service.extraPorts "context" $) | nindent 4 }} - {{- end }} - {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.podLabels .Values.commonLabels ) "context" . ) }} - selector: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 4 }} -{{- end }} diff --git a/charts/drupal/drupal/templates/networkpolicy.yaml b/charts/drupal/drupal/templates/networkpolicy.yaml deleted file mode 100644 index a0c01ac..0000000 --- a/charts/drupal/drupal/templates/networkpolicy.yaml +++ /dev/null @@ -1,80 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if .Values.networkPolicy.enabled }} -kind: NetworkPolicy -apiVersion: {{ include "common.capabilities.networkPolicy.apiVersion" . }} -metadata: - name: {{ template "common.names.fullname" . }} - namespace: {{ include "common.names.namespace" . | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -spec: - {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.podLabels .Values.commonLabels ) "context" . ) }} - podSelector: - matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }} - policyTypes: - - Ingress - - Egress - {{- if .Values.networkPolicy.allowExternalEgress }} - egress: - - {} - {{- else }} - egress: - # Allow dns resolution - - ports: - - port: 53 - protocol: UDP - - port: 53 - protocol: TCP - # Allow outbound connections to MariaDB - - ports: - - port: {{ include "drupal.databasePort" . }} - {{- if .Values.mariadb.enabled }} - to: - - podSelector: - matchLabels: - app.kubernetes.io/name: mariadb - app.kubernetes.io/instance: {{ .Release.Name }} - {{- end }} - {{- if .Values.networkPolicy.extraEgress }} - {{- include "common.tplvalues.render" ( dict "value" .Values.networkPolicy.extraEgress "context" $ ) | nindent 4 }} - {{- end }} - {{- end }} - ingress: - - ports: - - port: {{ .Values.containerPorts.http }} - - port: {{ .Values.containerPorts.https }} - {{- range .Values.extraContainerPorts }} - - port: {{ . }} - {{- end }} - {{- if not .Values.networkPolicy.allowExternal }} - from: - - podSelector: - matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 14 }} - - podSelector: - matchLabels: - {{ template "common.names.fullname" . }}-client: "true" - {{- if .Values.networkPolicy.ingressNSMatchLabels }} - - namespaceSelector: - matchLabels: - {{- range $key, $value := .Values.networkPolicy.ingressNSMatchLabels }} - {{ $key | quote }}: {{ $value | quote }} - {{- end }} - {{- if .Values.networkPolicy.ingressNSPodMatchLabels }} - podSelector: - matchLabels: - {{- range $key, $value := .Values.networkPolicy.ingressNSPodMatchLabels }} - {{ $key | quote }}: {{ $value | quote }} - {{- end }} - {{- end }} - {{- end }} - {{- end }} - {{- if .Values.networkPolicy.extraIngress }} - {{- include "common.tplvalues.render" ( dict "value" .Values.networkPolicy.extraIngress "context" $ ) | nindent 4 }} - {{- end }} -{{- end }} diff --git a/charts/drupal/drupal/templates/pdb.yaml b/charts/drupal/drupal/templates/pdb.yaml deleted file mode 100644 index d28b3ec..0000000 --- a/charts/drupal/drupal/templates/pdb.yaml +++ /dev/null @@ -1,26 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if and .Values.pdb.create }} -apiVersion: {{ include "common.capabilities.policy.apiVersion" . }} -kind: PodDisruptionBudget -metadata: - name: {{ include "common.names.fullname" . }} - namespace: {{ include "common.names.namespace" . | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -spec: - {{- if .Values.pdb.minAvailable }} - minAvailable: {{ .Values.pdb.minAvailable }} - {{- end }} - {{- if or .Values.pdb.maxUnavailable (not .Values.pdb.minAvailable) }} - maxUnavailable: {{ .Values.pdb.maxUnavailable | default 1 }} - {{- end }} - {{- $podLabels := include "common.tplvalues.merge" (dict "values" (list .Values.podLabels .Values.commonLabels) "context" .) }} - selector: - matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }} -{{- end }} diff --git a/charts/drupal/drupal/templates/prometheusrule.yaml b/charts/drupal/drupal/templates/prometheusrule.yaml deleted file mode 100644 index 7293adb..0000000 --- a/charts/drupal/drupal/templates/prometheusrule.yaml +++ /dev/null @@ -1,23 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if and .Values.metrics.enabled .Values.metrics.prometheusRule.enabled }} -apiVersion: monitoring.coreos.com/v1 -kind: PrometheusRule -metadata: - name: {{ template "common.names.fullname" . }} - namespace: {{ default .Release.Namespace .Values.metrics.prometheusRule.namespace | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- if .Values.metrics.prometheusRule.additionalLabels }} - {{- include "common.tplvalues.render" (dict "value" .Values.metrics.prometheusRule.additionalLabels "context" $) | nindent 4 }} - {{- end }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -spec: - groups: - - name: {{ include "common.names.fullname" . }} - rules: {{- include "common.tplvalues.render" ( dict "value" .Values.metrics.prometheusRule.rules "context" $ ) | nindent 8 }} -{{- end }} diff --git a/charts/drupal/drupal/templates/pv.yaml b/charts/drupal/drupal/templates/pv.yaml deleted file mode 100644 index 95ab4dd..0000000 --- a/charts/drupal/drupal/templates/pv.yaml +++ /dev/null @@ -1,23 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if and .Values.persistence.enabled .Values.persistence.hostPath (not .Values.persistence.existingClaim) -}} -apiVersion: v1 -kind: PersistentVolume -metadata: - name: {{ printf "%s-drupal" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-" }} - namespace: {{ include "common.names.namespace" . | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -spec: - accessModes: - - {{ .Values.persistence.accessMode | quote }} - capacity: - storage: {{ .Values.persistence.size | quote }} - hostPath: - path: {{ .Values.persistence.hostPath | quote }} -{{- end -}} diff --git a/charts/drupal/drupal/templates/pvc.yaml b/charts/drupal/drupal/templates/pvc.yaml deleted file mode 100644 index 923a535..0000000 --- a/charts/drupal/drupal/templates/pvc.yaml +++ /dev/null @@ -1,33 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: {{ printf "%s-drupal" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-" }} - namespace: {{ include "common.names.namespace" . | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- if or .Values.persistence.annotations .Values.commonAnnotations }} - {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.persistence.annotations .Values.commonAnnotations ) "context" . ) }} - annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} - {{- end }} -spec: - {{- if .Values.persistence.hostPath }} - storageClassName: "" - {{- end }} - accessModes: - {{- if not (empty .Values.persistence.accessModes) }} - {{- range .Values.persistence.accessModes }} - - {{ . | quote }} - {{- end }} - {{- else }} - - {{ .Values.persistence.accessMode | quote }} - {{- end }} - resources: - requests: - storage: {{ .Values.persistence.size | quote }} - {{- include "drupal.storageClass" . | nindent 2 }} -{{- end -}} diff --git a/charts/drupal/drupal/templates/secrets.yaml b/charts/drupal/drupal/templates/secrets.yaml deleted file mode 100644 index 3a3e3f0..0000000 --- a/charts/drupal/drupal/templates/secrets.yaml +++ /dev/null @@ -1,26 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if not .Values.existingSecret }} -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.names.fullname" . }} - namespace: {{ include "common.names.namespace" . | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -type: Opaque -data: - {{- if .Values.drupalPassword }} - drupal-password: {{ default "" .Values.drupalPassword | b64enc | quote }} - {{- else }} - drupal-password: {{ randAlphaNum 10 | b64enc | quote }} - {{- end }} - {{- if .Values.smtpPassword }} - smtp-password: {{ .Values.smtpPassword | b64enc | quote }} - {{- end }} -{{- end }} diff --git a/charts/drupal/drupal/templates/serviceaccount.yaml b/charts/drupal/drupal/templates/serviceaccount.yaml deleted file mode 100644 index ad0ad4a..0000000 --- a/charts/drupal/drupal/templates/serviceaccount.yaml +++ /dev/null @@ -1,18 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if .Values.serviceAccount.create }} -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ include "drupal.serviceAccountName" . }} - namespace: {{ .Release.Namespace | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- if or .Values.serviceAccount.annotations .Values.commonAnnotations }} - {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.serviceAccount.annotations .Values.commonAnnotations ) "context" . ) }} - annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} - {{- end }} -automountServiceAccountToken: {{ .Values.serviceAccount.automountServiceAccountToken }} -{{- end }} diff --git a/charts/drupal/drupal/templates/servicemonitor.yaml b/charts/drupal/drupal/templates/servicemonitor.yaml deleted file mode 100644 index 60dd04f..0000000 --- a/charts/drupal/drupal/templates/servicemonitor.yaml +++ /dev/null @@ -1,43 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if and .Values.metrics.enabled .Values.metrics.serviceMonitor.enabled }} -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: {{ template "common.names.fullname" . }} - namespace: {{ default .Release.Namespace .Values.metrics.serviceMonitor.namespace | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- if .Values.metrics.serviceMonitor.additionalLabels }} - {{- include "common.tplvalues.render" (dict "value" .Values.metrics.serviceMonitor.additionalLabels "context" $) | nindent 4 }} - {{- end }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -spec: - endpoints: - - port: metrics - {{- if .Values.metrics.serviceMonitor.interval }} - interval: {{ .Values.metrics.serviceMonitor.interval }} - {{- end }} - {{- if .Values.metrics.serviceMonitor.scrapeTimeout }} - scrapeTimeout: {{ .Values.metrics.serviceMonitor.scrapeTimeout }} - {{- end }} - {{- if .Values.metrics.serviceMonitor.honorLabels }} - honorLabels: {{ .Values.metrics.serviceMonitor.honorLabels }} - {{- end }} - {{- if .Values.metrics.serviceMonitor.relabellings }} - relabelings: {{- toYaml .Values.metrics.serviceMonitor.relabellings | nindent 6 }} - {{- end }} - {{- if .Values.metrics.serviceMonitor.metricRelabelings }} - metricRelabelings: {{- toYaml .Values.metrics.serviceMonitor.metricRelabelings | nindent 6 }} - {{- end }} - namespaceSelector: - matchNames: - - {{ .Release.Namespace }} - selector: - matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 6 }} - app.kubernetes.io/component: metrics -{{- end }} diff --git a/charts/drupal/drupal/templates/svc.yaml b/charts/drupal/drupal/templates/svc.yaml deleted file mode 100644 index 20b70ef..0000000 --- a/charts/drupal/drupal/templates/svc.yaml +++ /dev/null @@ -1,57 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.names.fullname" . }} - namespace: {{ include "common.names.namespace" . | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- if or .Values.service.annotations .Values.commonAnnotations }} - {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.service.annotations .Values.commonAnnotations ) "context" . ) }} - annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} - {{- end }} -spec: - type: {{ .Values.service.type }} - {{- if .Values.service.sessionAffinity }} - sessionAffinity: {{ .Values.service.sessionAffinity }} - {{- end }} - {{- if .Values.service.sessionAffinityConfig }} - sessionAffinityConfig: {{- include "common.tplvalues.render" (dict "value" .Values.service.sessionAffinityConfig "context" $) | nindent 4 }} - {{- end }} - {{- if and .Values.service.clusterIP (eq .Values.service.type "ClusterIP") }} - clusterIP: {{ .Values.service.clusterIP }} - {{- end }} - {{- if (and (eq .Values.service.type "LoadBalancer") (not (empty .Values.service.loadBalancerIP))) }} - loadBalancerIP: {{ .Values.service.loadBalancerIP }} - {{- end }} - {{- if and (eq .Values.service.type "LoadBalancer") .Values.service.loadBalancerSourceRanges }} - loadBalancerSourceRanges: {{- toYaml .Values.service.loadBalancerSourceRanges | nindent 4 }} - {{- end }} - {{- if or (eq .Values.service.type "LoadBalancer") (eq .Values.service.type "NodePort") }} - externalTrafficPolicy: {{ .Values.service.externalTrafficPolicy | quote }} - {{- end }} - ports: - - name: http - port: {{ coalesce .Values.service.ports.http .Values.service.port }} - targetPort: http - {{- if and (or (eq .Values.service.type "NodePort") (eq .Values.service.type "LoadBalancer")) (not (empty .Values.service.nodePorts.http)) }} - nodePort: {{ .Values.service.nodePorts.http }} - {{- else if eq .Values.service.type "ClusterIP" }} - nodePort: null - {{- end }} - - name: https - port: {{ coalesce .Values.service.ports.https .Values.service.httpsPort }} - targetPort: https - {{- if and (or (eq .Values.service.type "NodePort") (eq .Values.service.type "LoadBalancer")) (not (empty .Values.service.nodePorts.https)) }} - nodePort: {{ .Values.service.nodePorts.https }} - {{- else if eq .Values.service.type "ClusterIP" }} - nodePort: null - {{- end }} - {{- if .Values.service.extraPorts }} - {{- include "common.tplvalues.render" (dict "value" .Values.service.extraPorts "context" $) | nindent 4 }} - {{- end }} - {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.podLabels .Values.commonLabels ) "context" . ) }} - selector: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 4 }} diff --git a/charts/drupal/drupal/templates/tls-secrets.yaml b/charts/drupal/drupal/templates/tls-secrets.yaml deleted file mode 100644 index 2b2dfd8..0000000 --- a/charts/drupal/drupal/templates/tls-secrets.yaml +++ /dev/null @@ -1,22 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if .Values.ingress.enabled }} -{{- range .Values.ingress.secrets }} -apiVersion: v1 -kind: Secret -metadata: - name: {{ .name }} - namespace: {{ include "common.names.namespace" $ | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" $.Values.commonLabels "context" $ ) | nindent 4 }} - {{- if $.Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" $.Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -type: kubernetes.io/tls -data: - tls.crt: {{ .certificate | b64enc }} - tls.key: {{ .key | b64enc }} -{{- end }} -{{- end }} diff --git a/charts/drupal/drupal/values.schema.json b/charts/drupal/drupal/values.schema.json deleted file mode 100644 index 072fbcd..0000000 --- a/charts/drupal/drupal/values.schema.json +++ /dev/null @@ -1,233 +0,0 @@ -{ - "$schema": "http://json-schema.org/schema#", - "type": "object", - "properties": { - "drupalUsername": { - "type": "string", - "title": "Username", - "form": true - }, - "drupalPassword": { - "type": "string", - "title": "Password", - "form": true, - "description": "Defaults to a random 10-character alphanumeric string if not set" - }, - "drupalEmail": { - "type": "string", - "title": "Admin email", - "form": true - }, - "persistence": { - "type": "object", - "properties": { - "drupal": { - "type": "object", - "properties": { - "size": { - "type": "string", - "title": "Persistent Volume Size", - "form": true, - "render": "slider", - "sliderMin": 1, - "sliderMax": 100, - "sliderUnit": "Gi" - } - } - } - } - }, - "ingress": { - "type": "object", - "form": true, - "title": "Ingress Configuration", - "properties": { - "enabled": { - "type": "boolean", - "form": true, - "title": "Use a custom hostname", - "description": "Enable the ingress resource that allows you to access the Drupal installation." - }, - "hostname": { - "type": "string", - "form": true, - "title": "Hostname", - "hidden": { - "value": false, - "path": "ingress/enabled" - } - } - } - }, - "service": { - "type": "object", - "form": true, - "title": "Service Configuration", - "properties": { - "type": { - "type": "string", - "form": true, - "title": "Service Type", - "description": "Allowed values: \"ClusterIP\", \"NodePort\" and \"LoadBalancer\"" - } - } - }, - "mariadb": { - "type": "object", - "title": "MariaDB Details", - "form": true, - "properties": { - "enabled": { - "type": "boolean", - "title": "Use a new MariaDB database hosted in the cluster", - "form": true, - "description": "Whether to deploy a mariadb server to satisfy the applications database requirements. To use an external database switch this off and configure the external database details" - }, - "primary": { - "type": "object", - "properties": { - "persistence": { - "type": "object", - "properties": { - "size": { - "type": "string", - "title": "Volume Size", - "form": true, - "hidden": { - "value": false, - "path": "mariadb/enabled" - }, - "render": "slider", - "sliderMin": 1, - "sliderMax": 100, - "sliderUnit": "Gi" - } - } - } - } - } - } - }, - "externalDatabase": { - "type": "object", - "title": "External Database Details", - "description": "If MariaDB is disabled. Use this section to specify the external database details", - "form": true, - "hidden": "mariadb/enabled", - "properties": { - "host": { - "type": "string", - "form": true, - "title": "Database Host" - }, - "user": { - "type": "string", - "form": true, - "title": "Database Username" - }, - "password": { - "type": "string", - "form": true, - "title": "Database Password" - }, - "database": { - "type": "string", - "form": true, - "title": "Database Name" - }, - "port": { - "type": "integer", - "form": true, - "title": "Database Port" - } - } - }, - "resources": { - "type": "object", - "title": "Requested Resources", - "description": "Configure resource requests", - "form": true, - "properties": { - "requests": { - "type": "object", - "properties": { - "memory": { - "type": "string", - "form": true, - "render": "slider", - "title": "Memory Request", - "sliderMin": 10, - "sliderMax": 2048, - "sliderUnit": "Mi" - }, - "cpu": { - "type": "string", - "form": true, - "render": "slider", - "title": "CPU Request", - "sliderMin": 10, - "sliderMax": 2000, - "sliderUnit": "m" - } - } - } - } - }, - "metrics": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "title": "Enable Metrics", - "description": "Prometheus Exporter / Metrics", - "form": true - }, - "serviceMonitor": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "title": "Create Prometheus Operator ServiceMonitor", - "description": "Create a ServiceMonitor to track metrics using Prometheus Operator", - "form": true, - "hidden": { - "value": false, - "path": "metrics/enabled" - } - } - } - } - } - }, - "serviceAccount": { - "type": "object", - "properties": { - "drupal": { - "type": "object", - "properties": { - "create": { - "type": "string", - "title": "Specifies whether a service account should be created", - "form": true - }, - "name": { - "type": "string", - "title": "The name of the service account to use", - "form": true - }, - "annotations": { - "type": "string", - "title": "Add annotations", - "form": true - }, - "automountServiceAccountToken": { - "type": "string", - "title": "Automount API credentials for a service account", - "form": true - } - } - } - } - } - } -} diff --git a/charts/drupal/drupal/values.yaml b/charts/drupal/drupal/values.yaml deleted file mode 100644 index 554dbc3..0000000 --- a/charts/drupal/drupal/values.yaml +++ /dev/null @@ -1,982 +0,0 @@ -# Copyright Broadcom, Inc. All Rights Reserved. -# SPDX-License-Identifier: APACHE-2.0 - -## @section Global parameters -## Global Docker image parameters -## Please, note that this will override the image parameters, including dependencies, configured to use the global value -## Current available global Docker image parameters: imageRegistry, imagePullSecrets and storageClass - -## @param global.imageRegistry Global Docker image registry -## @param global.imagePullSecrets Global Docker registry secret names as an array -## @param global.defaultStorageClass Global default StorageClass for Persistent Volume(s) -## @param global.storageClass DEPRECATED: use global.defaultStorageClass instead -## -global: - imageRegistry: "" - ## E.g. - ## imagePullSecrets: - ## - myRegistryKeySecretName - ## - imagePullSecrets: [] - defaultStorageClass: "" - storageClass: "" - ## Compatibility adaptations for Kubernetes platforms - ## - compatibility: - ## Compatibility adaptations for Openshift - ## - openshift: - ## @param global.compatibility.openshift.adaptSecurityContext Adapt the securityContext sections of the deployment to make them compatible with Openshift restricted-v2 SCC: remove runAsUser, runAsGroup and fsGroup and let the platform use their allowed default IDs. Possible values: auto (apply if the detected running cluster is Openshift), force (perform the adaptation always), disabled (do not perform adaptation) - ## - adaptSecurityContext: auto -## @section Common parameters - -## @param kubeVersion Force target Kubernetes version (using Helm capabilities if not set) -## -kubeVersion: "" -## @param nameOverride String to partially override drupal.fullname template (will maintain the release name) -## -nameOverride: "" -## @param fullnameOverride String to fully override drupal.fullname template -## -fullnameOverride: "" -## @param namespaceOverride String to fully override common.names.namespace -## -namespaceOverride: "" -## @param commonAnnotations Common annotations to add to all Drupal resources (sub-charts are not considered). Evaluated as a template -## -commonAnnotations: {} -## @param commonLabels Common labels to add to all Drupal resources (sub-charts are not considered). Evaluated as a template -## -commonLabels: {} -## @param extraDeploy Array of extra objects to deploy with the release (evaluated as a template). -## -extraDeploy: [] -## @section Drupal parameters - -## Bitnami Drupal image version -## ref: https://hub.docker.com/r/bitnami/drupal/tags/ -## @param image.registry [default: REGISTRY_NAME] Drupal image registry -## @param image.repository [default: REPOSITORY_NAME/drupal] Drupal Image name -## @skip image.tag Drupal Image tag -## @param image.digest Drupal image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag -## @param image.pullPolicy Drupal image pull policy -## @param image.pullSecrets Specify docker-registry secret names as an array -## @param image.debug Specify if debug logs should be enabled -## -image: - registry: docker.io - repository: bitnami/drupal - tag: 11.0.5-debian-12-r1 - digest: "" - ## Specify a imagePullPolicy - ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' - ## ref: https://kubernetes.io/docs/concepts/containers/images/#pre-pulled-images - ## - pullPolicy: IfNotPresent - ## Optionally specify an array of imagePullSecrets. - ## Secrets must be manually created in the namespace. - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ - ## e.g: - ## pullSecrets: - ## - myRegistryKeySecretName - ## - pullSecrets: [] - ## Set to true if you would like to see extra information on logs - ## - debug: false -## @param replicaCount Number of Drupal Pods to run (requires ReadWriteMany PVC support) -## -replicaCount: 1 -## @param drupalProfile Drupal installation profile -## ref: https://github.com/bitnami/containers/tree/main/bitnami/drupal#configuration -## -drupalProfile: standard -## @param drupalSkipInstall Skip Drupal installation wizard. Useful for migrations and restoring from SQL dump -## ref: https://github.com/bitnami/containers/tree/main/bitnami/drupal#configuration -## -drupalSkipInstall: false -## @param drupalUsername User of the application -## ref: https://github.com/bitnami/containers/tree/main/bitnami/drupal#configuration -## -drupalUsername: user -## @param drupalPassword Application password -## Defaults to a random 10-character alphanumeric string if not set -## ref: https://github.com/bitnami/containers/tree/main/bitnami/drupal#configuration -## -drupalPassword: "" -## @param drupalEmail Admin email -## ref: https://github.com/bitnami/containers/tree/main/bitnami/drupal#configuration -## -drupalEmail: user@example.com -## @param allowEmptyPassword Allow DB blank passwords -## ref: https://github.com/bitnami/containers/tree/main/bitnami/drupal#environment-variables -## -allowEmptyPassword: true -## @param command Override default container command (useful when using custom images) -## -command: [] -## @param args Override default container args (useful when using custom images) -## -args: [] -## @param updateStrategy.type Update strategy - only really applicable for deployments with RWO PVs attached -## If replicas = 1, an update can get "stuck", as the previous pod remains attached to the -## PV, and the "incoming" pod can never start. Changing the strategy to "Recreate" will -## terminate the single previous pod, so that the new, incoming pod can attach to the PV -## -updateStrategy: - type: RollingUpdate -## @param priorityClassName Drupal pods' priorityClassName -## -priorityClassName: "" -## @param schedulerName Name of the k8s scheduler (other than default) -## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/ -## -schedulerName: "" -## @param topologySpreadConstraints Topology Spread Constraints for pod assignment -## https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ -## The value is evaluated as a template -## -topologySpreadConstraints: [] -## @param automountServiceAccountToken Mount Service Account token in pod -## -automountServiceAccountToken: false -## @param hostAliases [array] Add deployment host aliases -## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/ -## -hostAliases: - ## Necessary for apache-exporter to work - ## - - ip: "127.0.0.1" - hostnames: - - "status.localhost" -## @param extraEnvVars Extra environment variables -## For example: -## -extraEnvVars: [] -# - name: BEARER_AUTH -# value: true -## @param extraEnvVarsCM ConfigMap containing extra env vars -## -extraEnvVarsCM: "" -## @param extraEnvVarsSecret Secret containing extra env vars (in case of sensitive data) -## -extraEnvVarsSecret: "" -## @param extraVolumes Array of extra volumes to be added to the deployment (evaluated as template). Requires setting `extraVolumeMounts` -## -extraVolumes: [] -## @param extraVolumeMounts Array of extra volume mounts to be added to the container (evaluated as template). Normally used with `extraVolumes`. -## -extraVolumeMounts: [] -## @param initContainers Add additional init containers to the pod (evaluated as a template) -## -initContainers: [] -## Pod Disruption Budget configuration -## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb -## @param pdb.create Enable/disable a Pod Disruption Budget creation -## @param pdb.minAvailable Minimum number/percentage of pods that should remain scheduled -## @param pdb.maxUnavailable Maximum number/percentage of pods that may be made unavailable. Defaults to `1` if both `pdb.minAvailable` and `pdb.maxUnavailable` are empty. -## -pdb: - create: true - minAvailable: "" - maxUnavailable: "" -## @param sidecars Attach additional containers to the pod (evaluated as a template) -## -sidecars: [] -## @param tolerations Tolerations for pod assignment -## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ -## -tolerations: [] -serviceAccount: - ## @param serviceAccount.create Specifies whether a service account should be created - ## - create: true - ## @param serviceAccount.name The name of the service account to use. If not set and create is true, a name is generated using the fullname template - ## - name: "" - ## @param serviceAccount.annotations Add annotations - ## - annotations: {} - ## @param serviceAccount.automountServiceAccountToken Automount API credentials for a service account. - ## - automountServiceAccountToken: false -## @param existingSecret Name of a secret with the application password -## -existingSecret: "" -## SMTP mail delivery configuration -## ref: https://github.com/bitnami/containers/tree/main/bitnami/drupal/#smtp-configuration -## @param smtpHost SMTP host -## @param smtpPort SMTP port -## @param smtpUser SMTP user -## @param smtpPassword SMTP password -## @param smtpProtocol SMTP Protocol (options: ssl,tls, nil) -## -smtpHost: "" -smtpPort: "" -smtpUser: "" -smtpPassword: "" -smtpProtocol: "" -## @param containerPorts [object] Container ports -## -containerPorts: - http: 8080 - https: 8443 -## @param extraContainerPorts Optionally specify extra list of additional ports for Drupal container(s) -## e.g: -## extraContainerPorts: -## - name: myservice -## containerPort: 9090 -## -extraContainerPorts: [] -## @param sessionAffinity Control where client requests go, to the same pod or round-robin. Values: ClientIP or None -## ref: https://kubernetes.io/docs/concepts/services-networking/service/ -## -sessionAffinity: "None" -## Enable persistence using Persistent Volume Claims -## ref: https://kubernetes.io/docs/concepts/storage/persistent-volumes/ -## -persistence: - ## @param persistence.enabled Enable persistence using PVC - ## - enabled: true - ## @param persistence.storageClass PVC Storage Class for Drupal volume - ## If defined, storageClassName: - ## If set to "-", storageClassName: "", which disables dynamic provisioning - ## If undefined (the default) or set to null, no storageClassName spec is - ## set, choosing the default provisioner. (gp2 on AWS, standard on - ## GKE, AWS & OpenStack) - ## - storageClass: "" - ## @param persistence.accessModes PVC Access Mode for Drupal volume - ## Requires persistence.enabled: true - ## If defined, PVC must be created manually before volume will be bound - ## - accessModes: - - ReadWriteOnce - ## @param persistence.size PVC Storage Request for Drupal volume - ## - size: 8Gi - ## @param persistence.existingClaim A manually managed Persistent Volume Claim - ## Requires persistence.enabled: true - ## If defined, PVC must be created manually before volume will be bound - ## - existingClaim: "" - ## @param persistence.hostPath If defined, the drupal-data volume will mount to the specified hostPath. - ## Requires persistence.enabled: true - ## Requires persistence.existingClaim: nil|false - ## Default: nil. - ## - hostPath: "" - ## @param persistence.annotations Persistent Volume Claim annotations - ## - annotations: {} -## @param podAffinityPreset Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` -## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity -## -podAffinityPreset: "" -## @param podAntiAffinityPreset Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` -## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity -## -podAntiAffinityPreset: soft -## Node affinity preset -## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity -## @param nodeAffinityPreset.type Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` -## @param nodeAffinityPreset.key Node label key to match Ignored if `affinity` is set. -## @param nodeAffinityPreset.values Node label values to match. Ignored if `affinity` is set. -## -nodeAffinityPreset: - type: "" - ## E.g. - ## key: "kubernetes.io/e2e-az-name" - ## - key: "" - ## E.g. - ## values: - ## - e2e-az1 - ## - e2e-az2 - ## - values: [] -## @param affinity Affinity for pod assignment -## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity -## Note: podAffinityPreset, podAntiAffinityPreset, and nodeAffinityPreset will be ignored when it's set -## -affinity: {} -## @param nodeSelector Node labels for pod assignment. Evaluated as a template. -## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/ -## -nodeSelector: {} -## Drupal container's resource requests and limits -## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ -## We usually recommend not to specify default resources and to leave this as a conscious -## choice for the user. This also increases chances charts run on environments with little -## resources, such as Minikube. If you do want to specify resources, uncomment the following -## lines, adjust them as necessary, and remove the curly braces after 'resources:'. -## @param resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if resources is set (resources is recommended for production). -## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15 -## -resourcesPreset: "micro" -## @param resources Set container requests and limits for different resources like CPU or memory (essential for production workloads) -## Example: -## resources: -## requests: -## cpu: 2 -## memory: 512Mi -## limits: -## cpu: 3 -## memory: 1024Mi -## -resources: {} -## Configure Pods Security Context -## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod -## @param podSecurityContext.enabled Enable Drupal pods' Security Context -## @param podSecurityContext.fsGroupChangePolicy Set filesystem group change policy -## @param podSecurityContext.sysctls Set kernel settings using the sysctl interface -## @param podSecurityContext.supplementalGroups Set filesystem extra groups -## @param podSecurityContext.fsGroup Drupal pods' group ID -## -podSecurityContext: - enabled: true - fsGroupChangePolicy: Always - sysctls: [] - supplementalGroups: [] - fsGroup: 1001 -## Configure Container Security Context (only main container) -## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container -## @param containerSecurityContext.enabled Enabled Drupal containers' Security Context -## @param containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container -## @param containerSecurityContext.runAsUser Set Drupal containers' Security Context runAsUser -## @param containerSecurityContext.runAsGroup Set Drupal containers' Security Context runAsGroup -## @param containerSecurityContext.runAsNonRoot Set Controller container's Security Context runAsNonRoot -## @param containerSecurityContext.privileged Set Drupal container's Security Context privileged -## @param containerSecurityContext.allowPrivilegeEscalation Set Drupal container's Security Context allowPrivilegeEscalation -## @param containerSecurityContext.capabilities.drop List of capabilities to be dropped -## @param containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile -## @param containerSecurityContext.readOnlyRootFilesystem Set Drupal container's Security Context readOnlyRootFilesystem -## -containerSecurityContext: - enabled: true - seLinuxOptions: {} - runAsUser: 1001 - runAsGroup: 1001 - runAsNonRoot: true - privileged: false - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - capabilities: - drop: ["ALL"] - seccompProfile: - type: "RuntimeDefault" -## Configure extra options for startup probe -## Drupal core exposes /user/login to unauthenticated requests, making it a good -## default startup and readiness path. However, that may not always be the -## case. For example, if the image value is overridden to an image containing a -## module that alters that route, or an image that does not auto-install Drupal. -## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes -## @param startupProbe.enabled Enable startupProbe -## @param startupProbe.path Request path for startupProbe -## @param startupProbe.initialDelaySeconds Initial delay seconds for startupProbe -## @param startupProbe.periodSeconds Period seconds for startupProbe -## @param startupProbe.timeoutSeconds Timeout seconds for startupProbe -## @param startupProbe.failureThreshold Failure threshold for startupProbe -## @param startupProbe.successThreshold Success threshold for startupProbe -## -startupProbe: - enabled: false - path: /user/login - initialDelaySeconds: 600 - periodSeconds: 10 - timeoutSeconds: 5 - failureThreshold: 5 - successThreshold: 1 -## Configure extra options for liveness probe -## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes -## @param livenessProbe.enabled Enable livenessProbe -## @param livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe -## @param livenessProbe.periodSeconds Period seconds for livenessProbe -## @param livenessProbe.timeoutSeconds Timeout seconds for livenessProbe -## @param livenessProbe.failureThreshold Failure threshold for livenessProbe -## @param livenessProbe.successThreshold Success threshold for livenessProbe -## -livenessProbe: - enabled: true - initialDelaySeconds: 600 - periodSeconds: 10 - timeoutSeconds: 5 - failureThreshold: 5 - successThreshold: 1 -## Configure extra options for readiness probe -## Drupal core exposes /user/login to unauthenticated requests, making it a good -## default startup and readiness path. However, that may not always be the -## case. For example, if the image value is overridden to an image containing a -## module that alters that route, or an image that does not auto-install Drupal. -## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes -## @param readinessProbe.enabled Enable readinessProbe -## @param readinessProbe.path Request path for readinessProbe -## @param readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe -## @param readinessProbe.periodSeconds Period seconds for readinessProbe -## @param readinessProbe.timeoutSeconds Timeout seconds for readinessProbe -## @param readinessProbe.failureThreshold Failure threshold for readinessProbe -## @param readinessProbe.successThreshold Success threshold for readinessProbe -## -readinessProbe: - enabled: true - path: /user/login - initialDelaySeconds: 30 - periodSeconds: 5 - timeoutSeconds: 1 - failureThreshold: 5 - successThreshold: 1 -## @param customStartupProbe Override default startup probe -## -customStartupProbe: {} -## @param customLivenessProbe Override default liveness probe -## -customLivenessProbe: {} -## @param customReadinessProbe Override default readiness probe -## -customReadinessProbe: {} -## @param lifecycleHooks LifecycleHook to set additional configuration at startup Evaluated as a template -## -lifecycleHooks: {} -## @param podAnnotations Pod annotations -## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ -## -podAnnotations: {} -## @param podLabels Add additional labels to the pod (evaluated as a template) -## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ -## -podLabels: {} -## @section Traffic Exposure Parameters - -## Kubernetes configuration. For minikube, set this to NodePort, elsewhere use LoadBalancer -## -service: - ## @param service.type Kubernetes Service type - ## - type: LoadBalancer - ## @param service.ports.http Service HTTP port - ## @param service.ports.https Service HTTPS port - ## - ports: - http: 80 - https: 443 - ## @param service.loadBalancerSourceRanges Restricts access for LoadBalancer (only with `service.type: LoadBalancer`) - ## e.g: - ## loadBalancerSourceRanges: - ## - 0.0.0.0/0 - ## - loadBalancerSourceRanges: [] - ## @param service.loadBalancerIP loadBalancerIP for the Drupal Service (optional, cloud specific) - ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-loadbalancer - loadBalancerIP: "" - ## @param service.nodePorts [object] Kubernetes node port - ## nodePorts: - ## http: - ## https: - ## - nodePorts: - http: "" - https: "" - ## @param service.externalTrafficPolicy Enable client source IP preservation - ## ref https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip - ## - externalTrafficPolicy: Cluster - ## @param service.clusterIP %%MAIN_CONTAINER_NAME%% service Cluster IP - ## e.g.: - ## clusterIP: None - ## - clusterIP: "" - ## @param service.extraPorts Extra ports to expose (normally used with the `sidecar` value) - ## - extraPorts: [] - ## @param service.annotations Additional custom annotations for %%MAIN_CONTAINER_NAME%% service - ## - annotations: {} - ## @param service.sessionAffinity Session Affinity for Kubernetes service, can be "None" or "ClientIP" - ## If "ClientIP", consecutive client requests will be directed to the same Pod - ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies - ## - sessionAffinity: None - ## @param service.sessionAffinityConfig Additional settings for the sessionAffinity - ## sessionAffinityConfig: - ## clientIP: - ## timeoutSeconds: 300 - ## - sessionAffinityConfig: {} -## Configure the ingress resource that allows you to access the -## Drupal installation. Set up the URL -## ref: https://kubernetes.io/docs/concepts/services-networking/ingress/ -## -ingress: - ## @param ingress.enabled Enable ingress controller resource - ## - enabled: false - ## DEPRECATED: Use ingress.annotations instead of ingress.certManager - ## certManager: false - ## - - ## @param ingress.pathType Ingress Path type - ## - pathType: ImplementationSpecific - ## @param ingress.apiVersion Override API Version (automatically detected if not set) - ## - apiVersion: "" - ## @param ingress.ingressClassName IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+) - ## This is supported in Kubernetes 1.18+ and required if you have more than one IngressClass marked as the default for your cluster . - ## ref: https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/ - ## - ingressClassName: "" - ## @param ingress.hostname Default host for the ingress resource - ## - hostname: drupal.local - ## @param ingress.path The Path to Drupal. You may need to set this to '/*' in order to use this - ## with ALB ingress controllers. - ## - path: / - ## @param ingress.annotations Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations. - ## For a full list of possible ingress annotations, please see - ## ref: https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md - ## Use this parameter to set the required annotations for cert-manager, see - ## ref: https://cert-manager.io/docs/usage/ingress/#supported-annotations - ## - ## e.g: - ## annotations: - ## kubernetes.io/ingress.class: nginx - ## cert-manager.io/cluster-issuer: cluster-issuer-name - ## - annotations: {} - ## @param ingress.tls Enable TLS configuration for the hostname defined at ingress.hostname parameter - ## TLS certificates will be retrieved from a TLS secret with name: {{- printf "%s-tls" .Values.ingress.hostname }} - ## You can use the ingress.secrets parameter to create this TLS secret or relay on cert-manager to create it - ## - tls: false - ## @param ingress.tlsWwwPrefix Adds www subdomain to default cert - ## Creates tls host with ingress.hostname: {{ print "www.%s" .Values.ingress.hostname }} - ## Is enabled if "nginx.ingress.kubernetes.io/from-to-www-redirect" is "true" - tlsWwwPrefix: false - ## @param ingress.extraHosts The list of additional hostnames to be covered with this ingress record. - ## Most likely the hostname above will be enough, but in the event more hosts are needed, this is an array - ## extraHosts: - ## - name: drupal.local - ## path: / - extraHosts: [] - ## @param ingress.extraPaths Any additional arbitrary paths that may need to be added to the ingress under the main host. - ## For example: The ALB ingress controller requires a special rule for handling SSL redirection. - ## extraPaths: - ## - path: /* - ## backend: - ## serviceName: ssl-redirect - ## servicePort: use-annotation - extraPaths: [] - ## @param ingress.extraTls The tls configuration for additional hostnames to be covered with this ingress record. - ## see: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls - ## extraTls: - ## - hosts: - ## - drupal.local - ## secretName: drupal.local-tls - extraTls: [] - ## @param ingress.secrets If you're providing your own certificates, please use this to add the certificates as secrets - ## key and certificate should start with -----BEGIN CERTIFICATE----- or - ## -----BEGIN RSA PRIVATE KEY----- - ## - ## name should line up with a tlsSecret set further up - ## If you're using cert-manager, this is unneeded, as it will create the secret for you if it is not set - ## - ## It is also possible to create and manage the certificates outside of this helm chart - ## Please see README.md for more information - ## Example: - ## - name: drupal.local-tls - ## key: - ## certificate: - ## - secrets: [] - ## @param ingress.extraRules Additional rules to be covered with this ingress record - ## ref: https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-rules - ## e.g: - ## extraRules: - ## - host: example.local - ## http: - ## path: / - ## backend: - ## service: - ## name: example-svc - ## port: - ## name: http - ## - extraRules: [] -## @section Database parameters - -## MariaDB chart configuration -## https://github.com/bitnami/charts/blob/main/bitnami/mariadb/values.yaml -## -mariadb: - ## @param mariadb.enabled Whether to deploy a mariadb server to satisfy the applications database requirements - ## To use an external database set this to false and configure the externalDatabase parameters - ## - enabled: true - ## @param mariadb.architecture MariaDB architecture (`standalone` or `replication`) - ## - architecture: standalone - ## MariaDB Authentication parameters - ## @param mariadb.auth.rootPassword Password for the MariaDB `root` user - ## @param mariadb.auth.database Database name to create - ## @param mariadb.auth.username Database user to create - ## @param mariadb.auth.password Password for the database - ## - auth: - ## ref: https://github.com/bitnami/containers/tree/main/bitnami/mariadb#setting-the-root-password-on-first-run - ## - rootPassword: "" - ## ref: https://github.com/bitnami/containers/blob/main/bitnami/mariadb/README.md#creating-a-database-on-first-run - ## - database: bitnami_drupal - ## ref: https://github.com/bitnami/containers/blob/main/bitnami/mariadb/README.md#creating-a-database-user-on-first-run - ## - username: bn_drupal - password: "" - primary: - ## Enable persistence using Persistent Volume Claims - ## ref: https://kubernetes.io/docs/concepts/storage/persistent-volumes/ - ## @param mariadb.primary.persistence.enabled Enable database persistence using PVC - ## @param mariadb.primary.persistence.storageClass MariaDB primary persistent volume storage Class - ## @param mariadb.primary.persistence.accessModes Database Persistent Volume Access Modes - ## @param mariadb.primary.persistence.size Database Persistent Volume Size - ## @param mariadb.primary.persistence.hostPath Set path in case you want to use local host path volumes (not recommended in production) - ## @param mariadb.primary.persistence.existingClaim Name of an existing `PersistentVolumeClaim` for MariaDB primary replicas - ## - persistence: - enabled: true - ## mariadb data Persistent Volume Storage Class - ## If defined, storageClassName: - ## If set to "-", storageClassName: "", which disables dynamic provisioning - ## If undefined (the default) or set to null, no storageClassName spec is - ## set, choosing the default provisioner. (gp2 on AWS, standard on - ## GKE, AWS & OpenStack) - ## - storageClass: "" - accessModes: - - ReadWriteOnce - size: 8Gi - hostPath: "" - existingClaim: "" -## External database configuration -## @param externalDatabase.host Host of the existing database -## @param externalDatabase.port Port of the existing database -## @param externalDatabase.user Existing username in the external db -## @param externalDatabase.password Password for the above username. Ignored if existing secret is provided -## @param externalDatabase.database Name of the existing database -## @param externalDatabase.existingSecret Name of a secret with the database password. (externalDatabase.password will be ignored and picked up from this secret). The secret has to contain the key db-password -## -externalDatabase: - host: "" - port: 3306 - user: bn_drupal - password: "" - database: bitnami_drupal - existingSecret: "" -## @section Volume Permissions parameters - -## Init containers parameters: -## volumePermissions: Change the owner and group of the persistent volume mountpoint to runAsUser:fsGroup values from the securityContext section. -## -volumePermissions: - ## @param volumePermissions.enabled Enable init container that changes volume permissions in the data directory (for cases where the default k8s `runAsUser` and `fsUser` values do not work) - ## - enabled: false - ## @param volumePermissions.image.registry [default: REGISTRY_NAME] Init container volume-permissions image registry - ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] Init container volume-permissions image name - ## @skip volumePermissions.image.tag Init container volume-permissions image tag - ## @param volumePermissions.image.digest Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag - ## @param volumePermissions.image.pullPolicy Init container volume-permissions image pull policy - ## @param volumePermissions.image.pullSecrets Specify docker-registry secret names as an array - ## - image: - registry: docker.io - repository: bitnami/os-shell - tag: 12-debian-12-r31 - digest: "" - pullPolicy: IfNotPresent - ## Optionally specify an array of imagePullSecrets. - ## Secrets must be manually created in the namespace. - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ - ## e.g: - ## pullSecrets: - ## - myRegistryKeySecretName - ## - pullSecrets: [] - ## Init containers' resource requests and limits - ## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ - ## We usually recommend not to specify default resources and to leave this as a conscious - ## choice for the user. This also increases chances charts run on environments with little - ## resources, such as Minikube. If you do want to specify resources, uncomment the following - ## lines, adjust them as necessary, and remove the curly braces after 'resources:'. - ## @param volumePermissions.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if volumePermissions.resources is set (volumePermissions.resources is recommended for production). - ## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15 - ## - resourcesPreset: "none" - ## @param volumePermissions.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads) - ## Example: - ## resources: - ## requests: - ## cpu: 2 - ## memory: 512Mi - ## limits: - ## cpu: 3 - ## memory: 1024Mi - ## - resources: {} -## @section Metrics parameters - -## Prometheus Exporter / Metrics -## -metrics: - ## @param metrics.enabled Start a exporter side-car - ## - enabled: false - ## @param metrics.image.registry [default: REGISTRY_NAME] Apache exporter image registry - ## @param metrics.image.repository [default: REPOSITORY_NAME/apache-exporter] Apache exporter image repository - ## @skip metrics.image.tag Apache exporter image tag - ## @param metrics.image.digest Apache exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag - ## @param metrics.image.pullPolicy Image pull policy - ## @param metrics.image.pullSecrets Specify docker-registry secret names as an array - ## - image: - registry: docker.io - repository: bitnami/apache-exporter - tag: 1.0.9-debian-12-r1 - digest: "" - pullPolicy: IfNotPresent - ## Optionally specify an array of imagePullSecrets. - ## Secrets must be manually created in the namespace. - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ - ## e.g: - ## pullSecrets: - ## - myRegistryKeySecretName - ## - pullSecrets: [] - ## @param metrics.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if metrics.resources is set (metrics.resources is recommended for production). - ## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15 - ## - resourcesPreset: "none" - ## @param metrics.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads) - ## Example: - ## resources: - ## requests: - ## cpu: 2 - ## memory: 512Mi - ## limits: - ## cpu: 3 - ## memory: 1024Mi - ## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ - ## - resources: {} - ## - ## @param metrics.podAnnotations [object] Additional annotations for Metrics exporter pod - ## - podAnnotations: - prometheus.io/scrape: "true" - prometheus.io/port: "9117" - ## Drupal exporter service parameters - ## - service: - ## @param metrics.service.type Drupal exporter service type - ## - type: ClusterIP - ## @param metrics.service.ports.metrics Drupal exporter service port - ## - ports: - metrics: 9117 - ## @param metrics.service.externalTrafficPolicy Drupal exporter service external traffic policy - ## ref: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip - ## - externalTrafficPolicy: Cluster - ## @param metrics.service.extraPorts Extra ports to expose (normally used with the `sidecar` value) - ## - extraPorts: [] - ## @param metrics.service.loadBalancerIP Drupal exporter service Load Balancer IP - ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer - ## - loadBalancerIP: "" - ## @param metrics.service.loadBalancerSourceRanges Drupal exporter service Load Balancer sources - ## https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service - ## e.g. - ## loadBalancerSourceRanges: - ## - 10.10.10.0/24 - ## - loadBalancerSourceRanges: [] - ## @param metrics.service.annotations Additional custom annotations for Drupal exporter service - ## - annotations: {} - ## Prometheus Service Monitor - ## ref: https://github.com/coreos/prometheus-operator - ## https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint - ## - serviceMonitor: - ## @param metrics.serviceMonitor.enabled Create ServiceMonitor resource(s) for scraping metrics using PrometheusOperator - ## - enabled: false - ## @param metrics.serviceMonitor.namespace The namespace in which the ServiceMonitor will be created - ## - namespace: "" - ## @param metrics.serviceMonitor.interval The interval at which metrics should be scraped - ## - interval: 30s - ## @param metrics.serviceMonitor.scrapeTimeout The timeout after which the scrape is ended - ## - scrapeTimeout: "" - ## @param metrics.serviceMonitor.relabellings Metrics RelabelConfigs to apply to samples before scraping. - ## - relabellings: [] - ## @param metrics.serviceMonitor.metricRelabelings Metrics RelabelConfigs to apply to samples before ingestion. - ## - metricRelabelings: [] - ## @param metrics.serviceMonitor.honorLabels Specify honorLabels parameter to add the scrape endpoint - ## - honorLabels: false - ## @param metrics.serviceMonitor.additionalLabels Additional labels that can be used so ServiceMonitor resource(s) can be discovered by Prometheus - ## - additionalLabels: {} - ## Custom PrometheusRule to be defined - ## ref: https://github.com/coreos/prometheus-operator#customresourcedefinitions - ## - prometheusRule: - ## @param metrics.prometheusRule.enabled Create a custom prometheusRule Resource for scraping metrics using PrometheusOperator - ## - enabled: false - ## @param metrics.prometheusRule.namespace The namespace in which the prometheusRule will be created - ## - namespace: "" - ## @param metrics.prometheusRule.additionalLabels Additional labels for the prometheusRule - ## - additionalLabels: {} - ## @param metrics.prometheusRule.rules Custom Prometheus rules - ## e.g: - ## rules: - ## - alert: ApacheDown - ## expr: apache_up{service="{{ template "common.names.fullname" . }}-metrics"} == 0 - ## for: 2m - ## labels: - ## severity: error - ## annotations: - ## summary: Drupal instance {{ "{{ $labels.instance }}" }} down - ## description: Drupal instance {{ "{{ $labels.instance }}" }} is down - ## - rules: [] -## @section Certificate injection parameters - -## Add custom certificates and certificate authorities to drupal container -## -certificates: - ## @param certificates.customCertificate.certificateSecret Secret containing the certificate and key to add - ## @param certificates.customCertificate.chainSecret.name Name of the secret containing the certificate chain - ## @param certificates.customCertificate.chainSecret.key Key of the certificate chain file inside the secret - ## @param certificates.customCertificate.certificateLocation Location in the container to store the certificate - ## @param certificates.customCertificate.keyLocation Location in the container to store the private key - ## @param certificates.customCertificate.chainLocation Location in the container to store the certificate chain - ## - customCertificate: - certificateSecret: "" - chainSecret: - name: secret-name - key: secret-key - certificateLocation: /etc/ssl/certs/ssl-cert-snakeoil.pem - keyLocation: /etc/ssl/private/ssl-cert-snakeoil.key - chainLocation: /etc/ssl/certs/mychain.pem - ## @param certificates.customCAs Defines a list of secrets to import into the container trust store - ## - customCAs: [] - ## @param certificates.command Override default container command (useful when using custom images) - ## - command: [] - ## @param certificates.args Override default container args (useful when using custom images) - ## - args: [] - ## @param certificates.extraEnvVars Container sidecar extra environment variables (eg proxy) - ## - extraEnvVars: [] - ## @param certificates.extraEnvVarsCM ConfigMap containing extra env vars - ## - extraEnvVarsCM: "" - ## @param certificates.extraEnvVarsSecret Secret containing extra env vars (in case of sensitive data) - ## - extraEnvVarsSecret: "" - ## @param certificates.image.registry [default: REGISTRY_NAME] Container sidecar registry - ## @param certificates.image.repository [default: REPOSITORY_NAME/os-shell] Container sidecar image - ## @skip certificates.image.tag Container sidecar image tag - ## @param certificates.image.digest Container sidecar image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag - ## @param certificates.image.pullPolicy Container sidecar image pull policy - ## @param certificates.image.pullSecrets Container sidecar image pull secrets - ## - image: - registry: docker.io - repository: bitnami/os-shell - tag: 12-debian-12-r31 - digest: "" - ## Specify a imagePullPolicy - ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' - ## ref: https://kubernetes.io/docs/concepts/containers/images/#pre-pulled-images - ## - pullPolicy: IfNotPresent - ## e.g: - ## pullSecrets: - ## - myRegistryKeySecretName - ## - pullSecrets: [] -## @section NetworkPolicy parameters - -## Network Policy configuration -## ref: https://kubernetes.io/docs/concepts/services-networking/network-policies/ -## -networkPolicy: - ## @param networkPolicy.enabled Specifies whether a NetworkPolicy should be created - ## - enabled: true - ## @param networkPolicy.allowExternal Don't require server label for connections - ## The Policy model to apply. When set to false, only pods with the correct - ## server label will have network access to the ports server is listening - ## on. When true, server will accept connections from any source - ## (with the correct destination port). - ## - allowExternal: true - ## @param networkPolicy.allowExternalEgress Allow the pod to access any range of port and all destinations. - ## - allowExternalEgress: true - ## @param networkPolicy.extraIngress [array] Add extra ingress rules to the NetworkPolicy - ## e.g: - ## extraIngress: - ## - ports: - ## - port: 1234 - ## from: - ## - podSelector: - ## - matchLabels: - ## - role: frontend - ## - podSelector: - ## - matchExpressions: - ## - key: role - ## operator: In - ## values: - ## - frontend - extraIngress: [] - ## @param networkPolicy.extraEgress [array] Add extra ingress rules to the NetworkPolicy - ## e.g: - ## extraEgress: - ## - ports: - ## - port: 1234 - ## to: - ## - podSelector: - ## - matchLabels: - ## - role: frontend - ## - podSelector: - ## - matchExpressions: - ## - key: role - ## operator: In - ## values: - ## - frontend - ## - extraEgress: [] - ## @param networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces - ## @param networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces - ## - ingressNSMatchLabels: {} - ingressNSPodMatchLabels: {} diff --git a/charts/drupal/values-overrides.yaml b/charts/drupal/values-overrides.yaml deleted file mode 100644 index 6cc8fd7..0000000 --- a/charts/drupal/values-overrides.yaml +++ /dev/null @@ -1,15 +0,0 @@ -# @see https://artifacthub.io/packages/helm/bitnami/drupal?modal=values - -fullnameOverride: drupal -mariadb: - enabled: false -allowEmptyPassword: true -externalDatabase: - host: "mariadb.futureporn.svc.cluster.local" - port: 3306 - user: drupal - database: drupal - existingSecret: externaldb -image: - debug: true - tag: 10.3.6-debian-12-r1 \ No newline at end of file diff --git a/charts/external-secrets/external-secrets/Chart.lock b/charts/external-secrets/external-secrets/Chart.lock deleted file mode 100644 index 1d198fe..0000000 --- a/charts/external-secrets/external-secrets/Chart.lock +++ /dev/null @@ -1,6 +0,0 @@ -dependencies: -- name: bitwarden-sdk-server - repository: oci://ghcr.io/external-secrets/charts - version: v0.1.4 -digest: sha256:f60d5e4c6ad432fc7efdb0dad33774afaa88e02bd82eb9d5224372828f7d52be -generated: "2024-06-20T10:01:52.49841+02:00" diff --git a/charts/external-secrets/external-secrets/Chart.yaml b/charts/external-secrets/external-secrets/Chart.yaml deleted file mode 100644 index 09f630d..0000000 --- a/charts/external-secrets/external-secrets/Chart.yaml +++ /dev/null @@ -1,20 +0,0 @@ -apiVersion: v2 -appVersion: v0.10.2 -dependencies: -- condition: bitwarden-sdk-server.enabled - name: bitwarden-sdk-server - repository: oci://ghcr.io/external-secrets/charts - version: v0.1.4 -description: External secret management for Kubernetes -home: https://github.com/external-secrets/external-secrets -icon: https://raw.githubusercontent.com/external-secrets/external-secrets/main/assets/eso-logo-large.png -keywords: -- kubernetes-external-secrets -- secrets -kubeVersion: '>= 1.19.0-0' -maintainers: -- email: kellinmcavoy@gmail.com - name: mcavoyk -name: external-secrets -type: application -version: 0.10.2 diff --git a/charts/external-secrets/external-secrets/README.md b/charts/external-secrets/external-secrets/README.md deleted file mode 100644 index a1cd2a8..0000000 --- a/charts/external-secrets/external-secrets/README.md +++ /dev/null @@ -1,225 +0,0 @@ -# External Secrets - -

external-secrets

- -[//]: # (README.md generated by gotmpl. DO NOT EDIT.) - -![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![Version: 0.10.2](https://img.shields.io/badge/Version-0.10.2-informational?style=flat-square) - -External secret management for Kubernetes - -## TL;DR -```bash -helm repo add external-secrets https://charts.external-secrets.io -helm install external-secrets external-secrets/external-secrets -``` - -## Installing the Chart -To install the chart with the release name `external-secrets`: -```bash -helm install external-secrets external-secrets/external-secrets -``` - -### Custom Resources -By default, the chart will install external-secrets CRDs, this can be controlled with `installCRDs` value. - -## Uninstalling the Chart -To uninstall the `external-secrets` deployment: -```bash -helm uninstall external-secrets -``` -The command removes all the Kubernetes components associated with the chart and deletes the release. - -## Values - -| Key | Type | Default | Description | -|-----|------|---------|-------------| -| affinity | object | `{}` | | -| bitwarden-sdk-server.enabled | bool | `false` | | -| certController.affinity | object | `{}` | | -| certController.create | bool | `true` | Specifies whether a certificate controller deployment be created. | -| certController.deploymentAnnotations | object | `{}` | Annotations to add to Deployment | -| certController.extraArgs | object | `{}` | | -| certController.extraEnv | list | `[]` | | -| certController.extraVolumeMounts | list | `[]` | | -| certController.extraVolumes | list | `[]` | | -| certController.fullnameOverride | string | `""` | | -| certController.hostNetwork | bool | `false` | Run the certController on the host network | -| certController.image.flavour | string | `""` | | -| certController.image.pullPolicy | string | `"IfNotPresent"` | | -| certController.image.repository | string | `"ghcr.io/external-secrets/external-secrets"` | | -| certController.image.tag | string | `""` | | -| certController.imagePullSecrets | list | `[]` | | -| certController.log | object | `{"level":"info","timeEncoding":"epoch"}` | Specifices Log Params to the Webhook | -| certController.metrics.listen.port | int | `8080` | | -| certController.metrics.service.annotations | object | `{}` | Additional service annotations | -| certController.metrics.service.enabled | bool | `false` | Enable if you use another monitoring tool than Prometheus to scrape the metrics | -| certController.metrics.service.port | int | `8080` | Metrics service port to scrape | -| certController.nameOverride | string | `""` | | -| certController.nodeSelector | object | `{}` | | -| certController.podAnnotations | object | `{}` | Annotations to add to Pod | -| certController.podDisruptionBudget | object | `{"enabled":false,"minAvailable":1}` | Pod disruption budget - for more details see https://kubernetes.io/docs/concepts/workloads/pods/disruptions/ | -| certController.podLabels | object | `{}` | | -| certController.podSecurityContext.enabled | bool | `true` | | -| certController.priorityClassName | string | `""` | Pod priority class name. | -| certController.rbac.create | bool | `true` | Specifies whether role and rolebinding resources should be created. | -| certController.readinessProbe.address | string | `""` | Address for readiness probe | -| certController.readinessProbe.port | int | `8081` | ReadinessProbe port for kubelet | -| certController.replicaCount | int | `1` | | -| certController.requeueInterval | string | `"5m"` | | -| certController.resources | object | `{}` | | -| certController.revisionHistoryLimit | int | `10` | Specifies the amount of historic ReplicaSets k8s should keep (see https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#clean-up-policy) | -| certController.securityContext.allowPrivilegeEscalation | bool | `false` | | -| certController.securityContext.capabilities.drop[0] | string | `"ALL"` | | -| certController.securityContext.enabled | bool | `true` | | -| certController.securityContext.readOnlyRootFilesystem | bool | `true` | | -| certController.securityContext.runAsNonRoot | bool | `true` | | -| certController.securityContext.runAsUser | int | `1000` | | -| certController.securityContext.seccompProfile.type | string | `"RuntimeDefault"` | | -| certController.serviceAccount.annotations | object | `{}` | Annotations to add to the service account. | -| certController.serviceAccount.automount | bool | `true` | Automounts the service account token in all containers of the pod | -| certController.serviceAccount.create | bool | `true` | Specifies whether a service account should be created. | -| certController.serviceAccount.extraLabels | object | `{}` | Extra Labels to add to the service account. | -| certController.serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template. | -| certController.tolerations | list | `[]` | | -| certController.topologySpreadConstraints | list | `[]` | | -| commonLabels | object | `{}` | Additional labels added to all helm chart resources. | -| concurrent | int | `1` | Specifies the number of concurrent ExternalSecret Reconciles external-secret executes at a time. | -| controllerClass | string | `""` | If set external secrets will filter matching Secret Stores with the appropriate controller values. | -| crds.annotations | object | `{}` | | -| crds.conversion.enabled | bool | `true` | | -| crds.createClusterExternalSecret | bool | `true` | If true, create CRDs for Cluster External Secret. | -| crds.createClusterSecretStore | bool | `true` | If true, create CRDs for Cluster Secret Store. | -| crds.createPushSecret | bool | `true` | If true, create CRDs for Push Secret. | -| createOperator | bool | `true` | Specifies whether an external secret operator deployment be created. | -| deploymentAnnotations | object | `{}` | Annotations to add to Deployment | -| dnsConfig | object | `{}` | Specifies `dnsOptions` to deployment | -| dnsPolicy | string | `"ClusterFirst"` | Specifies `dnsPolicy` to deployment | -| extendedMetricLabels | bool | `false` | If true external secrets will use recommended kubernetes annotations as prometheus metric labels. | -| extraArgs | object | `{}` | | -| extraContainers | list | `[]` | | -| extraEnv | list | `[]` | | -| extraObjects | list | `[]` | | -| extraVolumeMounts | list | `[]` | | -| extraVolumes | list | `[]` | | -| fullnameOverride | string | `""` | | -| global.affinity | object | `{}` | | -| global.compatibility.openshift.adaptSecurityContext | string | `"auto"` | Manages the securityContext properties to make them compatible with OpenShift. Possible values: auto - Apply configurations if it is detected that OpenShift is the target platform. force - Always apply configurations. disabled - No modification applied. | -| global.nodeSelector | object | `{}` | | -| global.tolerations | list | `[]` | | -| global.topologySpreadConstraints | list | `[]` | | -| hostNetwork | bool | `false` | Run the controller on the host network | -| image.flavour | string | `""` | The flavour of tag you want to use There are different image flavours available, like distroless and ubi. Please see GitHub release notes for image tags for these flavors. By default, the distroless image is used. | -| image.pullPolicy | string | `"IfNotPresent"` | | -| image.repository | string | `"ghcr.io/external-secrets/external-secrets"` | | -| image.tag | string | `""` | The image tag to use. The default is the chart appVersion. | -| imagePullSecrets | list | `[]` | | -| installCRDs | bool | `true` | If set, install and upgrade CRDs through helm chart. | -| leaderElect | bool | `false` | If true, external-secrets will perform leader election between instances to ensure no more than one instance of external-secrets operates at a time. | -| log | object | `{"level":"info","timeEncoding":"epoch"}` | Specifices Log Params to the Webhook | -| metrics.listen.port | int | `8080` | | -| metrics.service.annotations | object | `{}` | Additional service annotations | -| metrics.service.enabled | bool | `false` | Enable if you use another monitoring tool than Prometheus to scrape the metrics | -| metrics.service.port | int | `8080` | Metrics service port to scrape | -| nameOverride | string | `""` | | -| namespaceOverride | string | `""` | | -| nodeSelector | object | `{}` | | -| podAnnotations | object | `{}` | Annotations to add to Pod | -| podDisruptionBudget | object | `{"enabled":false,"minAvailable":1}` | Pod disruption budget - for more details see https://kubernetes.io/docs/concepts/workloads/pods/disruptions/ | -| podLabels | object | `{}` | | -| podSecurityContext.enabled | bool | `true` | | -| podSpecExtra | object | `{}` | Any extra pod spec on the deployment | -| priorityClassName | string | `""` | Pod priority class name. | -| processClusterExternalSecret | bool | `true` | if true, the operator will process cluster external secret. Else, it will ignore them. | -| processClusterStore | bool | `true` | if true, the operator will process cluster store. Else, it will ignore them. | -| processPushSecret | bool | `true` | if true, the operator will process push secret. Else, it will ignore them. | -| rbac.create | bool | `true` | Specifies whether role and rolebinding resources should be created. | -| rbac.servicebindings.create | bool | `true` | Specifies whether a clusterrole to give servicebindings read access should be created. | -| replicaCount | int | `1` | | -| resources | object | `{}` | | -| revisionHistoryLimit | int | `10` | Specifies the amount of historic ReplicaSets k8s should keep (see https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#clean-up-policy) | -| scopedNamespace | string | `""` | If set external secrets are only reconciled in the provided namespace | -| scopedRBAC | bool | `false` | Must be used with scopedNamespace. If true, create scoped RBAC roles under the scoped namespace and implicitly disable cluster stores and cluster external secrets | -| securityContext.allowPrivilegeEscalation | bool | `false` | | -| securityContext.capabilities.drop[0] | string | `"ALL"` | | -| securityContext.enabled | bool | `true` | | -| securityContext.readOnlyRootFilesystem | bool | `true` | | -| securityContext.runAsNonRoot | bool | `true` | | -| securityContext.runAsUser | int | `1000` | | -| securityContext.seccompProfile.type | string | `"RuntimeDefault"` | | -| service.ipFamilies | list | `[]` | Sets the families that should be supported and the order in which they should be applied to ClusterIP as well. Can be IPv4 and/or IPv6. | -| service.ipFamilyPolicy | string | `""` | Set the ip family policy to configure dual-stack see [Configure dual-stack](https://kubernetes.io/docs/concepts/services-networking/dual-stack/#services) | -| serviceAccount.annotations | object | `{}` | Annotations to add to the service account. | -| serviceAccount.automount | bool | `true` | Automounts the service account token in all containers of the pod | -| serviceAccount.create | bool | `true` | Specifies whether a service account should be created. | -| serviceAccount.extraLabels | object | `{}` | Extra Labels to add to the service account. | -| serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template. | -| serviceMonitor.additionalLabels | object | `{}` | Additional labels | -| serviceMonitor.enabled | bool | `false` | Specifies whether to create a ServiceMonitor resource for collecting Prometheus metrics | -| serviceMonitor.honorLabels | bool | `false` | Let prometheus add an exported_ prefix to conflicting labels | -| serviceMonitor.interval | string | `"30s"` | Interval to scrape metrics | -| serviceMonitor.metricRelabelings | list | `[]` | Metric relabel configs to apply to samples before ingestion. [Metric Relabeling](https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs) | -| serviceMonitor.namespace | string | `""` | namespace where you want to install ServiceMonitors | -| serviceMonitor.relabelings | list | `[]` | Relabel configs to apply to samples before ingestion. [Relabeling](https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config) | -| serviceMonitor.scrapeTimeout | string | `"25s"` | Timeout if metrics can't be retrieved in given time interval | -| tolerations | list | `[]` | | -| topologySpreadConstraints | list | `[]` | | -| webhook.affinity | object | `{}` | | -| webhook.certCheckInterval | string | `"5m"` | Specifices the time to check if the cert is valid | -| webhook.certDir | string | `"/tmp/certs"` | | -| webhook.certManager.addInjectorAnnotations | bool | `true` | Automatically add the cert-manager.io/inject-ca-from annotation to the webhooks and CRDs. As long as you have the cert-manager CA Injector enabled, this will automatically setup your webhook's CA to the one used by cert-manager. See https://cert-manager.io/docs/concepts/ca-injector | -| webhook.certManager.cert.annotations | object | `{}` | Add extra annotations to the Certificate resource. | -| webhook.certManager.cert.create | bool | `true` | Create a certificate resource within this chart. See https://cert-manager.io/docs/usage/certificate/ | -| webhook.certManager.cert.duration | string | `"8760h"` | Set the requested duration (i.e. lifetime) of the Certificate. See https://cert-manager.io/docs/reference/api-docs/#cert-manager.io/v1.CertificateSpec One year by default. | -| webhook.certManager.cert.issuerRef | object | `{"group":"cert-manager.io","kind":"Issuer","name":"my-issuer"}` | For the Certificate created by this chart, setup the issuer. See https://cert-manager.io/docs/reference/api-docs/#cert-manager.io/v1.IssuerSpec | -| webhook.certManager.cert.renewBefore | string | `""` | How long before the currently issued certificate’s expiry cert-manager should renew the certificate. See https://cert-manager.io/docs/reference/api-docs/#cert-manager.io/v1.CertificateSpec Note that renewBefore should be greater than .webhook.lookaheadInterval since the webhook will check this far in advance that the certificate is valid. | -| webhook.certManager.enabled | bool | `false` | Enabling cert-manager support will disable the built in secret and switch to using cert-manager (installed separately) to automatically issue and renew the webhook certificate. This chart does not install cert-manager for you, See https://cert-manager.io/docs/ | -| webhook.create | bool | `true` | Specifies whether a webhook deployment be created. | -| webhook.deploymentAnnotations | object | `{}` | Annotations to add to Deployment | -| webhook.extraArgs | object | `{}` | | -| webhook.extraEnv | list | `[]` | | -| webhook.extraVolumeMounts | list | `[]` | | -| webhook.extraVolumes | list | `[]` | | -| webhook.failurePolicy | string | `"Fail"` | Specifies whether validating webhooks should be created with failurePolicy: Fail or Ignore | -| webhook.fullnameOverride | string | `""` | | -| webhook.hostNetwork | bool | `false` | Specifies if webhook pod should use hostNetwork or not. | -| webhook.image.flavour | string | `""` | The flavour of tag you want to use | -| webhook.image.pullPolicy | string | `"IfNotPresent"` | | -| webhook.image.repository | string | `"ghcr.io/external-secrets/external-secrets"` | | -| webhook.image.tag | string | `""` | The image tag to use. The default is the chart appVersion. | -| webhook.imagePullSecrets | list | `[]` | | -| webhook.log | object | `{"level":"info","timeEncoding":"epoch"}` | Specifices Log Params to the Webhook | -| webhook.lookaheadInterval | string | `""` | Specifices the lookaheadInterval for certificate validity | -| webhook.metrics.listen.port | int | `8080` | | -| webhook.metrics.service.annotations | object | `{}` | Additional service annotations | -| webhook.metrics.service.enabled | bool | `false` | Enable if you use another monitoring tool than Prometheus to scrape the metrics | -| webhook.metrics.service.port | int | `8080` | Metrics service port to scrape | -| webhook.nameOverride | string | `""` | | -| webhook.nodeSelector | object | `{}` | | -| webhook.podAnnotations | object | `{}` | Annotations to add to Pod | -| webhook.podDisruptionBudget | object | `{"enabled":false,"minAvailable":1}` | Pod disruption budget - for more details see https://kubernetes.io/docs/concepts/workloads/pods/disruptions/ | -| webhook.podLabels | object | `{}` | | -| webhook.podSecurityContext.enabled | bool | `true` | | -| webhook.port | int | `10250` | The port the webhook will listen to | -| webhook.priorityClassName | string | `""` | Pod priority class name. | -| webhook.rbac.create | bool | `true` | Specifies whether role and rolebinding resources should be created. | -| webhook.readinessProbe.address | string | `""` | Address for readiness probe | -| webhook.readinessProbe.port | int | `8081` | ReadinessProbe port for kubelet | -| webhook.replicaCount | int | `1` | | -| webhook.resources | object | `{}` | | -| webhook.revisionHistoryLimit | int | `10` | Specifies the amount of historic ReplicaSets k8s should keep (see https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#clean-up-policy) | -| webhook.secretAnnotations | object | `{}` | Annotations to add to Secret | -| webhook.securityContext.allowPrivilegeEscalation | bool | `false` | | -| webhook.securityContext.capabilities.drop[0] | string | `"ALL"` | | -| webhook.securityContext.enabled | bool | `true` | | -| webhook.securityContext.readOnlyRootFilesystem | bool | `true` | | -| webhook.securityContext.runAsNonRoot | bool | `true` | | -| webhook.securityContext.runAsUser | int | `1000` | | -| webhook.securityContext.seccompProfile.type | string | `"RuntimeDefault"` | | -| webhook.serviceAccount.annotations | object | `{}` | Annotations to add to the service account. | -| webhook.serviceAccount.automount | bool | `true` | Automounts the service account token in all containers of the pod | -| webhook.serviceAccount.create | bool | `true` | Specifies whether a service account should be created. | -| webhook.serviceAccount.extraLabels | object | `{}` | Extra Labels to add to the service account. | -| webhook.serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template. | -| webhook.tolerations | list | `[]` | | -| webhook.topologySpreadConstraints | list | `[]` | | diff --git a/charts/external-secrets/external-secrets/templates/NOTES.txt b/charts/external-secrets/external-secrets/templates/NOTES.txt deleted file mode 100644 index ffa0fc7..0000000 --- a/charts/external-secrets/external-secrets/templates/NOTES.txt +++ /dev/null @@ -1,7 +0,0 @@ -external-secrets has been deployed successfully in namespace {{ template "external-secrets.namespace" . }}! - -In order to begin using ExternalSecrets, you will need to set up a SecretStore -or ClusterSecretStore resource (for example, by creating a 'vault' SecretStore). - -More information on the different types of SecretStores and how to configure them -can be found in our Github: {{ .Chart.Home }} diff --git a/charts/external-secrets/external-secrets/templates/_helpers.tpl b/charts/external-secrets/external-secrets/templates/_helpers.tpl deleted file mode 100644 index d5eea07..0000000 --- a/charts/external-secrets/external-secrets/templates/_helpers.tpl +++ /dev/null @@ -1,198 +0,0 @@ -{{/* -Expand the name of the chart. -*/}} -{{- define "external-secrets.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} -{{- end }} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "external-secrets.fullname" -}} -{{- if .Values.fullnameOverride }} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} -{{- else }} -{{- $name := default .Chart.Name .Values.nameOverride }} -{{- if contains $name .Release.Name }} -{{- .Release.Name | trunc 63 | trimSuffix "-" }} -{{- else }} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} -{{- end }} -{{- end }} -{{- end }} - -{{/* -Define namespace of chart, useful for multi-namespace deployments -*/}} -{{- define "external-secrets.namespace" -}} -{{- if .Values.namespaceOverride }} -{{- .Values.namespaceOverride }} -{{- else }} -{{- .Release.Namespace }} -{{- end }} -{{- end }} - -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "external-secrets.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} -{{- end }} - -{{/* -Common labels -*/}} -{{- define "external-secrets.labels" -}} -helm.sh/chart: {{ include "external-secrets.chart" . }} -{{ include "external-secrets.selectorLabels" . }} -{{- if .Chart.AppVersion }} -app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} -{{- end }} -app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- with .Values.commonLabels }} -{{ toYaml . }} -{{- end }} -{{- end }} - -{{- define "external-secrets-webhook.labels" -}} -helm.sh/chart: {{ include "external-secrets.chart" . }} -{{ include "external-secrets-webhook.selectorLabels" . }} -{{- if .Chart.AppVersion }} -app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} -{{- end }} -app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- with .Values.commonLabels }} -{{ toYaml . }} -{{- end }} -{{- end }} - -{{- define "external-secrets-webhook-metrics.labels" -}} -{{ include "external-secrets-webhook.selectorLabels" . }} -app.kubernetes.io/metrics: "webhook" -{{- with .Values.commonLabels }} -{{ toYaml . }} -{{- end }} -{{- end }} - -{{- define "external-secrets-cert-controller.labels" -}} -helm.sh/chart: {{ include "external-secrets.chart" . }} -{{ include "external-secrets-cert-controller.selectorLabels" . }} -{{- if .Chart.AppVersion }} -app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} -{{- end }} -app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- with .Values.commonLabels }} -{{ toYaml . }} -{{- end }} -{{- end }} - -{{- define "external-secrets-cert-controller-metrics.labels" -}} -{{ include "external-secrets-cert-controller.selectorLabels" . }} -app.kubernetes.io/metrics: "cert-controller" -{{- with .Values.commonLabels }} -{{ toYaml . }} -{{- end }} -{{- end }} - -{{/* -Selector labels -*/}} -{{- define "external-secrets.selectorLabels" -}} -app.kubernetes.io/name: {{ include "external-secrets.name" . }} -app.kubernetes.io/instance: {{ .Release.Name }} -{{- end }} -{{- define "external-secrets-webhook.selectorLabels" -}} -app.kubernetes.io/name: {{ include "external-secrets.name" . }}-webhook -app.kubernetes.io/instance: {{ .Release.Name }} -{{- end }} -{{- define "external-secrets-cert-controller.selectorLabels" -}} -app.kubernetes.io/name: {{ include "external-secrets.name" . }}-cert-controller -app.kubernetes.io/instance: {{ .Release.Name }} -{{- end }} -{{/* -Create the name of the service account to use -*/}} -{{- define "external-secrets.serviceAccountName" -}} -{{- if .Values.serviceAccount.create }} -{{- default (include "external-secrets.fullname" .) .Values.serviceAccount.name }} -{{- else }} -{{- default "default" .Values.serviceAccount.name }} -{{- end }} -{{- end }} - -{{/* -Create the name of the service account to use -*/}} -{{- define "external-secrets-webhook.serviceAccountName" -}} -{{- if .Values.webhook.serviceAccount.create }} -{{- default "external-secrets-webhook" .Values.webhook.serviceAccount.name }} -{{- else }} -{{- default "default" .Values.webhook.serviceAccount.name }} -{{- end }} -{{- end }} - -{{/* -Create the name of the service account to use -*/}} -{{- define "external-secrets-cert-controller.serviceAccountName" -}} -{{- if .Values.certController.serviceAccount.create }} -{{- default "external-secrets-cert-controller" .Values.certController.serviceAccount.name }} -{{- else }} -{{- default "default" .Values.certController.serviceAccount.name }} -{{- end }} -{{- end }} - -{{/* -Determine the image to use, including if using a flavour. -*/}} -{{- define "external-secrets.image" -}} -{{- if .image.flavour -}} -{{ printf "%s:%s-%s" .image.repository (.image.tag | default .chartAppVersion) .image.flavour }} -{{- else }} -{{ printf "%s:%s" .image.repository (.image.tag | default .chartAppVersion) }} -{{- end }} -{{- end }} - -{{/* -Renders a complete tree, even values that contains template. -*/}} -{{- define "external-secrets.render" -}} - {{- if typeIs "string" .value }} - {{- tpl .value .context }} - {{ else }} - {{- tpl (.value | toYaml) .context }} - {{- end }} -{{- end -}} - -{{/* -Return true if the OpenShift is the detected platform -Usage: -{{- include "external-secrets.isOpenShift" . -}} -*/}} -{{- define "external-secrets.isOpenShift" -}} -{{- if .Capabilities.APIVersions.Has "security.openshift.io/v1" -}} -{{- true -}} -{{- end -}} -{{- end -}} - -{{/* -Render the securityContext based on the provided securityContext - {{- include "external-secrets.renderSecurityContext" (dict "securityContext" .Values.securityContext "context" $) -}} -*/}} -{{- define "external-secrets.renderSecurityContext" -}} -{{- $adaptedContext := .securityContext -}} -{{- if .context.Values.global.compatibility -}} - {{- if .context.Values.global.compatibility.openshift -}} - {{- if or (eq .context.Values.global.compatibility.openshift.adaptSecurityContext "force") (and (eq .context.Values.global.compatibility.openshift.adaptSecurityContext "auto") (include "external-secrets.isOpenShift" .context)) -}} - {{/* Remove OpenShift managed fields */}} - {{- $adaptedContext = omit $adaptedContext "fsGroup" "runAsUser" "runAsGroup" -}} - {{- if not .securityContext.seLinuxOptions -}} - {{- $adaptedContext = omit $adaptedContext "seLinuxOptions" -}} - {{- end -}} - {{- end -}} - {{- end -}} -{{- end -}} -{{- omit $adaptedContext "enabled" | toYaml -}} -{{- end -}} diff --git a/charts/external-secrets/external-secrets/templates/cert-controller-deployment.yaml b/charts/external-secrets/external-secrets/templates/cert-controller-deployment.yaml deleted file mode 100644 index a843f04..0000000 --- a/charts/external-secrets/external-secrets/templates/cert-controller-deployment.yaml +++ /dev/null @@ -1,124 +0,0 @@ -{{- if and .Values.certController.create (not .Values.webhook.certManager.enabled) }} -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "external-secrets.fullname" . }}-cert-controller - namespace: {{ template "external-secrets.namespace" . }} - labels: - {{- include "external-secrets-cert-controller.labels" . | nindent 4 }} - {{- with .Values.certController.deploymentAnnotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - replicas: {{ .Values.certController.replicaCount }} - revisionHistoryLimit: {{ .Values.certController.revisionHistoryLimit }} - selector: - matchLabels: - {{- include "external-secrets-cert-controller.selectorLabels" . | nindent 6 }} - template: - metadata: - {{- with .Values.certController.podAnnotations }} - annotations: - {{- toYaml . | nindent 8 }} - {{- end }} - labels: - {{- include "external-secrets-cert-controller.labels" . | nindent 8 }} - {{- with .Values.certController.podLabels }} - {{- toYaml . | nindent 8 }} - {{- end }} - spec: - {{- with .Values.certController.imagePullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} - serviceAccountName: {{ include "external-secrets-cert-controller.serviceAccountName" . }} - automountServiceAccountToken: {{ .Values.certController.serviceAccount.automount }} - {{- with .Values.certController.podSecurityContext }} - {{- if and (.enabled) (gt (keys . | len) 1) }} - securityContext: - {{- include "external-secrets.renderSecurityContext" (dict "securityContext" . "context" $) | nindent 8 }} - {{- end }} - {{- end }} - hostNetwork: {{ .Values.certController.hostNetwork }} - containers: - - name: cert-controller - {{- with .Values.certController.securityContext }} - {{- if and (.enabled) (gt (keys . | len) 1) }} - securityContext: - {{- include "external-secrets.renderSecurityContext" (dict "securityContext" . "context" $) | nindent 12 }} - {{- end }} - {{- end }} - image: {{ include "external-secrets.image" (dict "chartAppVersion" .Chart.AppVersion "image" .Values.certController.image) | trim }} - imagePullPolicy: {{ .Values.certController.image.pullPolicy }} - args: - - certcontroller - - --crd-requeue-interval={{ .Values.certController.requeueInterval }} - - --service-name={{ include "external-secrets.fullname" . }}-webhook - - --service-namespace={{ template "external-secrets.namespace" . }} - - --secret-name={{ include "external-secrets.fullname" . }}-webhook - - --secret-namespace={{ template "external-secrets.namespace" . }} - - --metrics-addr=:{{ .Values.certController.metrics.listen.port }} - - --healthz-addr={{ .Values.certController.readinessProbe.address }}:{{ .Values.certController.readinessProbe.port }} - - --loglevel={{ .Values.certController.log.level }} - - --zap-time-encoding={{ .Values.certController.log.timeEncoding }} - {{- if not .Values.crds.createClusterSecretStore }} - - --crd-names=externalsecrets.external-secrets.io - - --crd-names=secretstores.external-secrets.io - {{- end }} - {{- if .Values.installCRDs }} - - --enable-partial-cache=true - {{- end }} - {{- range $key, $value := .Values.certController.extraArgs }} - {{- if $value }} - - --{{ $key }}={{ $value }} - {{- else }} - - --{{ $key }} - {{- end }} - {{- end }} - ports: - - containerPort: {{ .Values.certController.metrics.listen.port }} - protocol: TCP - name: metrics - readinessProbe: - httpGet: - port: {{ .Values.certController.readinessProbe.port }} - path: /readyz - initialDelaySeconds: 20 - periodSeconds: 5 - {{- with .Values.certController.extraEnv }} - env: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- with .Values.certController.resources }} - resources: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- if .Values.certController.extraVolumeMounts }} - volumeMounts: - {{- toYaml .Values.certController.extraVolumeMounts | nindent 12 }} - {{- end }} - {{- if .Values.certController.extraVolumes }} - volumes: - {{- toYaml .Values.certController.extraVolumes | nindent 8 }} - {{- end }} - {{- with .Values.certController.nodeSelector | default .Values.global.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.certController.affinity | default .Values.global.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.certController.tolerations | default .Values.global.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.certController.topologySpreadConstraints | default .Values.global.topologySpreadConstraints }} - topologySpreadConstraints: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- if .Values.certController.priorityClassName }} - priorityClassName: {{ .Values.certController.priorityClassName }} - {{- end }} -{{- end }} diff --git a/charts/external-secrets/external-secrets/templates/cert-controller-poddisruptionbudget.yaml b/charts/external-secrets/external-secrets/templates/cert-controller-poddisruptionbudget.yaml deleted file mode 100644 index e61cb8e..0000000 --- a/charts/external-secrets/external-secrets/templates/cert-controller-poddisruptionbudget.yaml +++ /dev/null @@ -1,19 +0,0 @@ -{{- if and .Values.certController.create .Values.certController.podDisruptionBudget.enabled (not .Values.webhook.certManager.enabled) }} -apiVersion: policy/v1 -kind: PodDisruptionBudget -metadata: - name: {{ include "external-secrets.fullname" . }}-cert-controller-pdb - namespace: {{ template "external-secrets.namespace" . }} - labels: - {{- include "external-secrets-cert-controller.labels" . | nindent 4 }} -spec: - {{- if .Values.certController.podDisruptionBudget.minAvailable }} - minAvailable: {{ .Values.certController.podDisruptionBudget.minAvailable }} - {{- end }} - {{- if .Values.certController.podDisruptionBudget.maxUnavailable }} - maxUnavailable: {{ .Values.certController.podDisruptionBudget.maxUnavailable }} - {{- end }} - selector: - matchLabels: - {{- include "external-secrets-cert-controller.selectorLabels" . | nindent 6 }} -{{- end }} diff --git a/charts/external-secrets/external-secrets/templates/cert-controller-rbac.yaml b/charts/external-secrets/external-secrets/templates/cert-controller-rbac.yaml deleted file mode 100644 index 84a0c11..0000000 --- a/charts/external-secrets/external-secrets/templates/cert-controller-rbac.yaml +++ /dev/null @@ -1,86 +0,0 @@ -{{- if and .Values.certController.create .Values.certController.rbac.create (not .Values.webhook.certManager.enabled) -}} -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: {{ include "external-secrets.fullname" . }}-cert-controller - labels: - {{- include "external-secrets-cert-controller.labels" . | nindent 4 }} -rules: - - apiGroups: - - "apiextensions.k8s.io" - resources: - - "customresourcedefinitions" - verbs: - - "get" - - "list" - - "watch" - - "update" - - "patch" - - apiGroups: - - "admissionregistration.k8s.io" - resources: - - "validatingwebhookconfigurations" - verbs: - - "list" - - "watch" - - "get" - - apiGroups: - - "admissionregistration.k8s.io" - resources: - - "validatingwebhookconfigurations" - resourceNames: - - "secretstore-validate" - - "externalsecret-validate" - verbs: - - "update" - - "patch" - - apiGroups: - - "" - resources: - - "endpoints" - verbs: - - "list" - - "get" - - "watch" - - apiGroups: - - "" - resources: - - "events" - verbs: - - "create" - - "patch" - - apiGroups: - - "" - resources: - - "secrets" - verbs: - - "get" - - "list" - - "watch" - - "update" - - "patch" - - apiGroups: - - "coordination.k8s.io" - resources: - - "leases" - verbs: - - "get" - - "create" - - "update" - - "patch" ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: {{ include "external-secrets.fullname" . }}-cert-controller - labels: - {{- include "external-secrets-cert-controller.labels" . | nindent 4 }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: {{ include "external-secrets.fullname" . }}-cert-controller -subjects: - - name: {{ include "external-secrets-cert-controller.serviceAccountName" . }} - namespace: {{ template "external-secrets.namespace" . }} - kind: ServiceAccount -{{- end }} diff --git a/charts/external-secrets/external-secrets/templates/cert-controller-service.yaml b/charts/external-secrets/external-secrets/templates/cert-controller-service.yaml deleted file mode 100644 index 12cb4f4..0000000 --- a/charts/external-secrets/external-secrets/templates/cert-controller-service.yaml +++ /dev/null @@ -1,28 +0,0 @@ -{{- if and .Values.certController.create .Values.certController.metrics.service.enabled (not .Values.webhook.certManager.enabled) }} -apiVersion: v1 -kind: Service -metadata: - name: {{ include "external-secrets.fullname" . }}-cert-controller-metrics - namespace: {{ template "external-secrets.namespace" . }} - labels: - {{- include "external-secrets.labels" . | nindent 4 }} - {{- with .Values.metrics.service.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - type: ClusterIP - {{- if .Values.service.ipFamilyPolicy }} - ipFamilyPolicy: {{ .Values.service.ipFamilyPolicy }} - {{- end }} - {{- if .Values.service.ipFamilies }} - ipFamilies: {{ .Values.service.ipFamilies | toYaml | nindent 2 }} - {{- end }} - ports: - - port: {{ .Values.certController.metrics.service.port }} - protocol: TCP - targetPort: metrics - name: metrics - selector: - {{- include "external-secrets-cert-controller.selectorLabels" . | nindent 4 }} -{{- end }} diff --git a/charts/external-secrets/external-secrets/templates/cert-controller-serviceaccount.yaml b/charts/external-secrets/external-secrets/templates/cert-controller-serviceaccount.yaml deleted file mode 100644 index 6a36f9d..0000000 --- a/charts/external-secrets/external-secrets/templates/cert-controller-serviceaccount.yaml +++ /dev/null @@ -1,16 +0,0 @@ -{{- if and .Values.certController.create .Values.certController.serviceAccount.create (not .Values.webhook.certManager.enabled) -}} -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ include "external-secrets-cert-controller.serviceAccountName" . }} - namespace: {{ template "external-secrets.namespace" . }} - labels: - {{- include "external-secrets-cert-controller.labels" . | nindent 4 }} - {{- with .Values.certController.serviceAccount.extraLabels }} - {{- toYaml . | nindent 4 }} - {{- end }} - {{- with .Values.certController.serviceAccount.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -{{- end }} diff --git a/charts/external-secrets/external-secrets/templates/crds/acraccesstoken.yaml b/charts/external-secrets/external-secrets/templates/crds/acraccesstoken.yaml deleted file mode 100644 index 7dc3c8e..0000000 --- a/charts/external-secrets/external-secrets/templates/crds/acraccesstoken.yaml +++ /dev/null @@ -1,203 +0,0 @@ -{{- if .Values.installCRDs }} -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - {{- with .Values.crds.annotations }} - {{- toYaml . | nindent 4}} - {{- end }} - {{- if and .Values.crds.conversion.enabled .Values.webhook.certManager.enabled .Values.webhook.certManager.addInjectorAnnotations }} - cert-manager.io/inject-ca-from: {{ .Release.Namespace }}/{{ include "external-secrets.fullname" . }}-webhook - {{- end }} - controller-gen.kubebuilder.io/version: v0.16.1 - labels: - external-secrets.io/component: controller - name: acraccesstokens.generators.external-secrets.io -spec: - group: generators.external-secrets.io - names: - categories: - - acraccesstoken - kind: ACRAccessToken - listKind: ACRAccessTokenList - plural: acraccesstokens - shortNames: - - acraccesstoken - singular: acraccesstoken - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: |- - ACRAccessToken returns a Azure Container Registry token - that can be used for pushing/pulling images. - Note: by default it will return an ACR Refresh Token with full access - (depending on the identity). - This can be scoped down to the repository level using .spec.scope. - In case scope is defined it will return an ACR Access Token. - - See docs: https://github.com/Azure/acr/blob/main/docs/AAD-OAuth.md - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: |- - ACRAccessTokenSpec defines how to generate the access token - e.g. how to authenticate and which registry to use. - see: https://github.com/Azure/acr/blob/main/docs/AAD-OAuth.md#overview - properties: - auth: - properties: - managedIdentity: - description: ManagedIdentity uses Azure Managed Identity to authenticate with Azure. - properties: - identityId: - description: If multiple Managed Identity is assigned to the pod, you can select the one to be used - type: string - type: object - servicePrincipal: - description: ServicePrincipal uses Azure Service Principal credentials to authenticate with Azure. - properties: - secretRef: - description: |- - Configuration used to authenticate with Azure using static - credentials stored in a Kind=Secret. - properties: - clientId: - description: The Azure clientId of the service principle used for authentication. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - clientSecret: - description: The Azure ClientSecret of the service principle used for authentication. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - required: - - secretRef - type: object - workloadIdentity: - description: WorkloadIdentity uses Azure Workload Identity to authenticate with Azure. - properties: - serviceAccountRef: - description: |- - ServiceAccountRef specified the service account - that should be used when authenticating with WorkloadIdentity. - properties: - audiences: - description: |- - Audience specifies the `aud` claim for the service account token - If the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity - then this audiences will be appended to the list - items: - type: string - type: array - name: - description: The name of the ServiceAccount resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - required: - - name - type: object - type: object - type: object - environmentType: - default: PublicCloud - description: |- - EnvironmentType specifies the Azure cloud environment endpoints to use for - connecting and authenticating with Azure. By default it points to the public cloud AAD endpoint. - The following endpoints are available, also see here: https://github.com/Azure/go-autorest/blob/main/autorest/azure/environments.go#L152 - PublicCloud, USGovernmentCloud, ChinaCloud, GermanCloud - enum: - - PublicCloud - - USGovernmentCloud - - ChinaCloud - - GermanCloud - type: string - registry: - description: |- - the domain name of the ACR registry - e.g. foobarexample.azurecr.io - type: string - scope: - description: |- - Define the scope for the access token, e.g. pull/push access for a repository. - if not provided it will return a refresh token that has full scope. - Note: you need to pin it down to the repository level, there is no wildcard available. - - examples: - repository:my-repository:pull,push - repository:my-repository:pull - - see docs for details: https://docs.docker.com/registry/spec/auth/scope/ - type: string - tenantId: - description: TenantID configures the Azure Tenant to send requests to. Required for ServicePrincipal auth type. - type: string - required: - - auth - - registry - type: object - type: object - served: true - storage: true - subresources: - status: {} -{{- if .Values.crds.conversion.enabled }} - conversion: - strategy: Webhook - webhook: - conversionReviewVersions: - - v1 - clientConfig: - service: - name: {{ include "external-secrets.fullname" . }}-webhook - namespace: {{ .Release.Namespace | quote }} - path: /convert -{{- end }} -{{- end }} diff --git a/charts/external-secrets/external-secrets/templates/crds/clusterexternalsecret.yaml b/charts/external-secrets/external-secrets/templates/crds/clusterexternalsecret.yaml deleted file mode 100644 index 6fdd831..0000000 --- a/charts/external-secrets/external-secrets/templates/crds/clusterexternalsecret.yaml +++ /dev/null @@ -1,666 +0,0 @@ -{{- if and (.Values.installCRDs) (.Values.crds.createClusterExternalSecret) }} -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - {{- with .Values.crds.annotations }} - {{- toYaml . | nindent 4}} - {{- end }} - {{- if and .Values.crds.conversion.enabled .Values.webhook.certManager.enabled .Values.webhook.certManager.addInjectorAnnotations }} - cert-manager.io/inject-ca-from: {{ .Release.Namespace }}/{{ include "external-secrets.fullname" . }}-webhook - {{- end }} - controller-gen.kubebuilder.io/version: v0.16.1 - labels: - external-secrets.io/component: controller - name: clusterexternalsecrets.external-secrets.io -spec: - group: external-secrets.io - names: - categories: - - externalsecrets - kind: ClusterExternalSecret - listKind: ClusterExternalSecretList - plural: clusterexternalsecrets - shortNames: - - ces - singular: clusterexternalsecret - scope: Cluster - versions: - - additionalPrinterColumns: - - jsonPath: .spec.externalSecretSpec.secretStoreRef.name - name: Store - type: string - - jsonPath: .spec.refreshTime - name: Refresh Interval - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - name: v1beta1 - schema: - openAPIV3Schema: - description: ClusterExternalSecret is the Schema for the clusterexternalsecrets API. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: ClusterExternalSecretSpec defines the desired state of ClusterExternalSecret. - properties: - externalSecretMetadata: - description: The metadata of the external secrets to be created - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - externalSecretName: - description: The name of the external secrets to be created defaults to the name of the ClusterExternalSecret - type: string - externalSecretSpec: - description: The spec for the ExternalSecrets to be created - properties: - data: - description: Data defines the connection between the Kubernetes Secret keys and the Provider data - items: - description: ExternalSecretData defines the connection between the Kubernetes Secret key (spec.data.) and the Provider data. - properties: - remoteRef: - description: |- - RemoteRef points to the remote secret and defines - which secret (version/property/..) to fetch. - properties: - conversionStrategy: - default: Default - description: Used to define a conversion Strategy - enum: - - Default - - Unicode - type: string - decodingStrategy: - default: None - description: Used to define a decoding Strategy - enum: - - Auto - - Base64 - - Base64URL - - None - type: string - key: - description: Key is the key used in the Provider, mandatory - type: string - metadataPolicy: - default: None - description: Policy for fetching tags/labels from provider secrets, possible options are Fetch, None. Defaults to None - enum: - - None - - Fetch - type: string - property: - description: Used to select a specific property of the Provider value (if a map), if supported - type: string - version: - description: Used to select a specific version of the Provider value, if supported - type: string - required: - - key - type: object - secretKey: - description: |- - SecretKey defines the key in which the controller stores - the value. This is the key in the Kind=Secret - type: string - sourceRef: - description: |- - SourceRef allows you to override the source - from which the value will pulled from. - maxProperties: 1 - properties: - generatorRef: - description: |- - GeneratorRef points to a generator custom resource. - - Deprecated: The generatorRef is not implemented in .data[]. - this will be removed with v1. - properties: - apiVersion: - default: generators.external-secrets.io/v1alpha1 - description: Specify the apiVersion of the generator resource - type: string - kind: - description: Specify the Kind of the resource, e.g. Password, ACRAccessToken etc. - type: string - name: - description: Specify the name of the generator resource - type: string - required: - - kind - - name - type: object - storeRef: - description: SecretStoreRef defines which SecretStore to fetch the ExternalSecret data. - properties: - kind: - description: |- - Kind of the SecretStore resource (SecretStore or ClusterSecretStore) - Defaults to `SecretStore` - type: string - name: - description: Name of the SecretStore resource - type: string - required: - - name - type: object - type: object - required: - - remoteRef - - secretKey - type: object - type: array - dataFrom: - description: |- - DataFrom is used to fetch all properties from a specific Provider data - If multiple entries are specified, the Secret keys are merged in the specified order - items: - properties: - extract: - description: |- - Used to extract multiple key/value pairs from one secret - Note: Extract does not support sourceRef.Generator or sourceRef.GeneratorRef. - properties: - conversionStrategy: - default: Default - description: Used to define a conversion Strategy - enum: - - Default - - Unicode - type: string - decodingStrategy: - default: None - description: Used to define a decoding Strategy - enum: - - Auto - - Base64 - - Base64URL - - None - type: string - key: - description: Key is the key used in the Provider, mandatory - type: string - metadataPolicy: - default: None - description: Policy for fetching tags/labels from provider secrets, possible options are Fetch, None. Defaults to None - enum: - - None - - Fetch - type: string - property: - description: Used to select a specific property of the Provider value (if a map), if supported - type: string - version: - description: Used to select a specific version of the Provider value, if supported - type: string - required: - - key - type: object - find: - description: |- - Used to find secrets based on tags or regular expressions - Note: Find does not support sourceRef.Generator or sourceRef.GeneratorRef. - properties: - conversionStrategy: - default: Default - description: Used to define a conversion Strategy - enum: - - Default - - Unicode - type: string - decodingStrategy: - default: None - description: Used to define a decoding Strategy - enum: - - Auto - - Base64 - - Base64URL - - None - type: string - name: - description: Finds secrets based on the name. - properties: - regexp: - description: Finds secrets base - type: string - type: object - path: - description: A root path to start the find operations. - type: string - tags: - additionalProperties: - type: string - description: Find secrets based on tags. - type: object - type: object - rewrite: - description: |- - Used to rewrite secret Keys after getting them from the secret Provider - Multiple Rewrite operations can be provided. They are applied in a layered order (first to last) - items: - properties: - regexp: - description: |- - Used to rewrite with regular expressions. - The resulting key will be the output of a regexp.ReplaceAll operation. - properties: - source: - description: Used to define the regular expression of a re.Compiler. - type: string - target: - description: Used to define the target pattern of a ReplaceAll operation. - type: string - required: - - source - - target - type: object - transform: - description: |- - Used to apply string transformation on the secrets. - The resulting key will be the output of the template applied by the operation. - properties: - template: - description: |- - Used to define the template to apply on the secret name. - `.value ` will specify the secret name in the template. - type: string - required: - - template - type: object - type: object - type: array - sourceRef: - description: |- - SourceRef points to a store or generator - which contains secret values ready to use. - Use this in combination with Extract or Find pull values out of - a specific SecretStore. - When sourceRef points to a generator Extract or Find is not supported. - The generator returns a static map of values - maxProperties: 1 - properties: - generatorRef: - description: GeneratorRef points to a generator custom resource. - properties: - apiVersion: - default: generators.external-secrets.io/v1alpha1 - description: Specify the apiVersion of the generator resource - type: string - kind: - description: Specify the Kind of the resource, e.g. Password, ACRAccessToken etc. - type: string - name: - description: Specify the name of the generator resource - type: string - required: - - kind - - name - type: object - storeRef: - description: SecretStoreRef defines which SecretStore to fetch the ExternalSecret data. - properties: - kind: - description: |- - Kind of the SecretStore resource (SecretStore or ClusterSecretStore) - Defaults to `SecretStore` - type: string - name: - description: Name of the SecretStore resource - type: string - required: - - name - type: object - type: object - type: object - type: array - refreshInterval: - default: 1h - description: |- - RefreshInterval is the amount of time before the values are read again from the SecretStore provider - Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h" - May be set to zero to fetch and create it once. Defaults to 1h. - type: string - secretStoreRef: - description: SecretStoreRef defines which SecretStore to fetch the ExternalSecret data. - properties: - kind: - description: |- - Kind of the SecretStore resource (SecretStore or ClusterSecretStore) - Defaults to `SecretStore` - type: string - name: - description: Name of the SecretStore resource - type: string - required: - - name - type: object - target: - default: - creationPolicy: Owner - deletionPolicy: Retain - description: |- - ExternalSecretTarget defines the Kubernetes Secret to be created - There can be only one target per ExternalSecret. - properties: - creationPolicy: - default: Owner - description: |- - CreationPolicy defines rules on how to create the resulting Secret - Defaults to 'Owner' - enum: - - Owner - - Orphan - - Merge - - None - type: string - deletionPolicy: - default: Retain - description: |- - DeletionPolicy defines rules on how to delete the resulting Secret - Defaults to 'Retain' - enum: - - Delete - - Merge - - Retain - type: string - immutable: - description: Immutable defines if the final secret will be immutable - type: boolean - name: - description: |- - Name defines the name of the Secret resource to be managed - This field is immutable - Defaults to the .metadata.name of the ExternalSecret resource - type: string - template: - description: Template defines a blueprint for the created Secret resource. - properties: - data: - additionalProperties: - type: string - type: object - engineVersion: - default: v2 - description: |- - EngineVersion specifies the template engine version - that should be used to compile/execute the - template specified in .data and .templateFrom[]. - enum: - - v1 - - v2 - type: string - mergePolicy: - default: Replace - enum: - - Replace - - Merge - type: string - metadata: - description: ExternalSecretTemplateMetadata defines metadata fields for the Secret blueprint. - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - templateFrom: - items: - properties: - configMap: - properties: - items: - items: - properties: - key: - type: string - templateAs: - default: Values - enum: - - Values - - KeysAndValues - type: string - required: - - key - type: object - type: array - name: - type: string - required: - - items - - name - type: object - literal: - type: string - secret: - properties: - items: - items: - properties: - key: - type: string - templateAs: - default: Values - enum: - - Values - - KeysAndValues - type: string - required: - - key - type: object - type: array - name: - type: string - required: - - items - - name - type: object - target: - default: Data - enum: - - Data - - Annotations - - Labels - type: string - type: object - type: array - type: - type: string - type: object - type: object - type: object - namespaceSelector: - description: |- - The labels to select by to find the Namespaces to create the ExternalSecrets in. - Deprecated: Use NamespaceSelectors instead. - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - namespaceSelectors: - description: A list of labels to select by to find the Namespaces to create the ExternalSecrets in. The selectors are ORed. - items: - description: |- - A label selector is a label query over a set of resources. The result of matchLabels and - matchExpressions are ANDed. An empty label selector matches all objects. A null - label selector matches no objects. - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - type: array - namespaces: - description: Choose namespaces by name. This field is ORed with anything that NamespaceSelectors ends up choosing. - items: - type: string - type: array - refreshTime: - description: The time in which the controller should reconcile its objects and recheck namespaces for labels. - type: string - required: - - externalSecretSpec - type: object - status: - description: ClusterExternalSecretStatus defines the observed state of ClusterExternalSecret. - properties: - conditions: - items: - properties: - message: - type: string - status: - type: string - type: - type: string - required: - - status - - type - type: object - type: array - externalSecretName: - description: ExternalSecretName is the name of the ExternalSecrets created by the ClusterExternalSecret - type: string - failedNamespaces: - description: Failed namespaces are the namespaces that failed to apply an ExternalSecret - items: - description: ClusterExternalSecretNamespaceFailure represents a failed namespace deployment and it's reason. - properties: - namespace: - description: Namespace is the namespace that failed when trying to apply an ExternalSecret - type: string - reason: - description: Reason is why the ExternalSecret failed to apply to the namespace - type: string - required: - - namespace - type: object - type: array - provisionedNamespaces: - description: ProvisionedNamespaces are the namespaces where the ClusterExternalSecret has secrets - items: - type: string - type: array - type: object - type: object - served: true - storage: true - subresources: - status: {} -{{- if .Values.crds.conversion.enabled }} - conversion: - strategy: Webhook - webhook: - conversionReviewVersions: - - v1 - clientConfig: - service: - name: {{ include "external-secrets.fullname" . }}-webhook - namespace: {{ .Release.Namespace | quote }} - path: /convert -{{- end }} -{{- end }} diff --git a/charts/external-secrets/external-secrets/templates/crds/clustersecretstore.yaml b/charts/external-secrets/external-secrets/templates/crds/clustersecretstore.yaml deleted file mode 100644 index 0c946b5..0000000 --- a/charts/external-secrets/external-secrets/templates/crds/clustersecretstore.yaml +++ /dev/null @@ -1,4601 +0,0 @@ -{{- if and (.Values.installCRDs) (.Values.crds.createClusterSecretStore) }} -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - {{- with .Values.crds.annotations }} - {{- toYaml . | nindent 4}} - {{- end }} - {{- if and .Values.crds.conversion.enabled .Values.webhook.certManager.enabled .Values.webhook.certManager.addInjectorAnnotations }} - cert-manager.io/inject-ca-from: {{ .Release.Namespace }}/{{ include "external-secrets.fullname" . }}-webhook - {{- end }} - controller-gen.kubebuilder.io/version: v0.16.1 - labels: - external-secrets.io/component: controller - name: clustersecretstores.external-secrets.io -spec: - group: external-secrets.io - names: - categories: - - externalsecrets - kind: ClusterSecretStore - listKind: ClusterSecretStoreList - plural: clustersecretstores - shortNames: - - css - singular: clustersecretstore - scope: Cluster - versions: - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: AGE - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].reason - name: Status - type: string - deprecated: true - name: v1alpha1 - schema: - openAPIV3Schema: - description: ClusterSecretStore represents a secure external location for storing secrets, which can be referenced as part of `storeRef` fields. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: SecretStoreSpec defines the desired state of SecretStore. - properties: - controller: - description: |- - Used to select the correct ESO controller (think: ingress.ingressClassName) - The ESO controller is instantiated with a specific controller name and filters ES based on this property - type: string - provider: - description: Used to configure the provider. Only one provider may be set - maxProperties: 1 - minProperties: 1 - properties: - akeyless: - description: Akeyless configures this store to sync secrets using Akeyless Vault provider - properties: - akeylessGWApiURL: - description: Akeyless GW API Url from which the secrets to be fetched from. - type: string - authSecretRef: - description: Auth configures how the operator authenticates with Akeyless. - properties: - kubernetesAuth: - description: |- - Kubernetes authenticates with Akeyless by passing the ServiceAccount - token stored in the named Secret resource. - properties: - accessID: - description: the Akeyless Kubernetes auth-method access-id - type: string - k8sConfName: - description: Kubernetes-auth configuration name in Akeyless-Gateway - type: string - secretRef: - description: |- - Optional secret field containing a Kubernetes ServiceAccount JWT used - for authenticating with Akeyless. If a name is specified without a key, - `token` is the default. If one is not specified, the one bound to - the controller will be used. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - serviceAccountRef: - description: |- - Optional service account field containing the name of a kubernetes ServiceAccount. - If the service account is specified, the service account secret token JWT will be used - for authenticating with Akeyless. If the service account selector is not supplied, - the secretRef will be used instead. - properties: - audiences: - description: |- - Audience specifies the `aud` claim for the service account token - If the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity - then this audiences will be appended to the list - items: - type: string - type: array - name: - description: The name of the ServiceAccount resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - required: - - name - type: object - required: - - accessID - - k8sConfName - type: object - secretRef: - description: |- - Reference to a Secret that contains the details - to authenticate with Akeyless. - properties: - accessID: - description: The SecretAccessID is used for authentication - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - accessType: - description: |- - A reference to a specific 'key' within a Secret resource, - In some instances, `key` is a required field. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - accessTypeParam: - description: |- - A reference to a specific 'key' within a Secret resource, - In some instances, `key` is a required field. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - type: object - caBundle: - description: |- - PEM/base64 encoded CA bundle used to validate Akeyless Gateway certificate. Only used - if the AkeylessGWApiURL URL is using HTTPS protocol. If not set the system root certificates - are used to validate the TLS connection. - format: byte - type: string - caProvider: - description: The provider for the CA bundle to use to validate Akeyless Gateway certificate. - properties: - key: - description: The key the value inside of the provider type to use, only used with "Secret" type - type: string - name: - description: The name of the object located at the provider type. - type: string - namespace: - description: The namespace the Provider type is in. - type: string - type: - description: The type of provider to use such as "Secret", or "ConfigMap". - enum: - - Secret - - ConfigMap - type: string - required: - - name - - type - type: object - required: - - akeylessGWApiURL - - authSecretRef - type: object - alibaba: - description: Alibaba configures this store to sync secrets using Alibaba Cloud provider - properties: - auth: - description: AlibabaAuth contains a secretRef for credentials. - properties: - rrsa: - description: Authenticate against Alibaba using RRSA. - properties: - oidcProviderArn: - type: string - oidcTokenFilePath: - type: string - roleArn: - type: string - sessionName: - type: string - required: - - oidcProviderArn - - oidcTokenFilePath - - roleArn - - sessionName - type: object - secretRef: - description: AlibabaAuthSecretRef holds secret references for Alibaba credentials. - properties: - accessKeyIDSecretRef: - description: The AccessKeyID is used for authentication - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - accessKeySecretSecretRef: - description: The AccessKeySecret is used for authentication - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - required: - - accessKeyIDSecretRef - - accessKeySecretSecretRef - type: object - type: object - regionID: - description: Alibaba Region to be used for the provider - type: string - required: - - auth - - regionID - type: object - aws: - description: AWS configures this store to sync secrets using AWS Secret Manager provider - properties: - auth: - description: |- - Auth defines the information necessary to authenticate against AWS - if not set aws sdk will infer credentials from your environment - see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials - properties: - jwt: - description: Authenticate against AWS using service account tokens. - properties: - serviceAccountRef: - description: A reference to a ServiceAccount resource. - properties: - audiences: - description: |- - Audience specifies the `aud` claim for the service account token - If the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity - then this audiences will be appended to the list - items: - type: string - type: array - name: - description: The name of the ServiceAccount resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - required: - - name - type: object - type: object - secretRef: - description: |- - AWSAuthSecretRef holds secret references for AWS credentials - both AccessKeyID and SecretAccessKey must be defined in order to properly authenticate. - properties: - accessKeyIDSecretRef: - description: The AccessKeyID is used for authentication - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - secretAccessKeySecretRef: - description: The SecretAccessKey is used for authentication - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - type: object - region: - description: AWS Region to be used for the provider - type: string - role: - description: Role is a Role ARN which the SecretManager provider will assume - type: string - service: - description: Service defines which service should be used to fetch the secrets - enum: - - SecretsManager - - ParameterStore - type: string - required: - - region - - service - type: object - azurekv: - description: AzureKV configures this store to sync secrets using Azure Key Vault provider - properties: - authSecretRef: - description: Auth configures how the operator authenticates with Azure. Required for ServicePrincipal auth type. - properties: - clientId: - description: The Azure clientId of the service principle used for authentication. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - clientSecret: - description: The Azure ClientSecret of the service principle used for authentication. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - authType: - default: ServicePrincipal - description: |- - Auth type defines how to authenticate to the keyvault service. - Valid values are: - - "ServicePrincipal" (default): Using a service principal (tenantId, clientId, clientSecret) - - "ManagedIdentity": Using Managed Identity assigned to the pod (see aad-pod-identity) - enum: - - ServicePrincipal - - ManagedIdentity - - WorkloadIdentity - type: string - identityId: - description: If multiple Managed Identity is assigned to the pod, you can select the one to be used - type: string - serviceAccountRef: - description: |- - ServiceAccountRef specified the service account - that should be used when authenticating with WorkloadIdentity. - properties: - audiences: - description: |- - Audience specifies the `aud` claim for the service account token - If the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity - then this audiences will be appended to the list - items: - type: string - type: array - name: - description: The name of the ServiceAccount resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - required: - - name - type: object - tenantId: - description: TenantID configures the Azure Tenant to send requests to. Required for ServicePrincipal auth type. - type: string - vaultUrl: - description: Vault Url from which the secrets to be fetched from. - type: string - required: - - vaultUrl - type: object - fake: - description: Fake configures a store with static key/value pairs - properties: - data: - items: - properties: - key: - type: string - value: - type: string - valueMap: - additionalProperties: - type: string - type: object - version: - type: string - required: - - key - type: object - type: array - required: - - data - type: object - gcpsm: - description: GCPSM configures this store to sync secrets using Google Cloud Platform Secret Manager provider - properties: - auth: - description: Auth defines the information necessary to authenticate against GCP - properties: - secretRef: - properties: - secretAccessKeySecretRef: - description: The SecretAccessKey is used for authentication - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - workloadIdentity: - properties: - clusterLocation: - type: string - clusterName: - type: string - clusterProjectID: - type: string - serviceAccountRef: - description: A reference to a ServiceAccount resource. - properties: - audiences: - description: |- - Audience specifies the `aud` claim for the service account token - If the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity - then this audiences will be appended to the list - items: - type: string - type: array - name: - description: The name of the ServiceAccount resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - required: - - name - type: object - required: - - clusterLocation - - clusterName - - serviceAccountRef - type: object - type: object - projectID: - description: ProjectID project where secret is located - type: string - type: object - gitlab: - description: GitLab configures this store to sync secrets using GitLab Variables provider - properties: - auth: - description: Auth configures how secret-manager authenticates with a GitLab instance. - properties: - SecretRef: - properties: - accessToken: - description: AccessToken is used for authentication. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - required: - - SecretRef - type: object - projectID: - description: ProjectID specifies a project where secrets are located. - type: string - url: - description: URL configures the GitLab instance URL. Defaults to https://gitlab.com/. - type: string - required: - - auth - type: object - ibm: - description: IBM configures this store to sync secrets using IBM Cloud provider - properties: - auth: - description: Auth configures how secret-manager authenticates with the IBM secrets manager. - properties: - secretRef: - properties: - secretApiKeySecretRef: - description: The SecretAccessKey is used for authentication - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - required: - - secretRef - type: object - serviceUrl: - description: ServiceURL is the Endpoint URL that is specific to the Secrets Manager service instance - type: string - required: - - auth - type: object - kubernetes: - description: Kubernetes configures this store to sync secrets using a Kubernetes cluster provider - properties: - auth: - description: Auth configures how secret-manager authenticates with a Kubernetes instance. - maxProperties: 1 - minProperties: 1 - properties: - cert: - description: has both clientCert and clientKey as secretKeySelector - properties: - clientCert: - description: |- - A reference to a specific 'key' within a Secret resource, - In some instances, `key` is a required field. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - clientKey: - description: |- - A reference to a specific 'key' within a Secret resource, - In some instances, `key` is a required field. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - serviceAccount: - description: points to a service account that should be used for authentication - properties: - serviceAccount: - description: A reference to a ServiceAccount resource. - properties: - audiences: - description: |- - Audience specifies the `aud` claim for the service account token - If the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity - then this audiences will be appended to the list - items: - type: string - type: array - name: - description: The name of the ServiceAccount resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - required: - - name - type: object - type: object - token: - description: use static token to authenticate with - properties: - bearerToken: - description: |- - A reference to a specific 'key' within a Secret resource, - In some instances, `key` is a required field. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - type: object - remoteNamespace: - default: default - description: Remote namespace to fetch the secrets from - type: string - server: - description: configures the Kubernetes server Address. - properties: - caBundle: - description: CABundle is a base64-encoded CA certificate - format: byte - type: string - caProvider: - description: 'see: https://external-secrets.io/v0.4.1/spec/#external-secrets.io/v1alpha1.CAProvider' - properties: - key: - description: The key the value inside of the provider type to use, only used with "Secret" type - type: string - name: - description: The name of the object located at the provider type. - type: string - namespace: - description: The namespace the Provider type is in. - type: string - type: - description: The type of provider to use such as "Secret", or "ConfigMap". - enum: - - Secret - - ConfigMap - type: string - required: - - name - - type - type: object - url: - default: kubernetes.default - description: configures the Kubernetes server Address. - type: string - type: object - required: - - auth - type: object - oracle: - description: Oracle configures this store to sync secrets using Oracle Vault provider - properties: - auth: - description: |- - Auth configures how secret-manager authenticates with the Oracle Vault. - If empty, instance principal is used. Optionally, the authenticating principal type - and/or user data may be supplied for the use of workload identity and user principal. - properties: - secretRef: - description: SecretRef to pass through sensitive information. - properties: - fingerprint: - description: Fingerprint is the fingerprint of the API private key. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - privatekey: - description: PrivateKey is the user's API Signing Key in PEM format, used for authentication. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - required: - - fingerprint - - privatekey - type: object - tenancy: - description: Tenancy is the tenancy OCID where user is located. - type: string - user: - description: User is an access OCID specific to the account. - type: string - required: - - secretRef - - tenancy - - user - type: object - compartment: - description: |- - Compartment is the vault compartment OCID. - Required for PushSecret - type: string - encryptionKey: - description: |- - EncryptionKey is the OCID of the encryption key within the vault. - Required for PushSecret - type: string - principalType: - description: |- - The type of principal to use for authentication. If left blank, the Auth struct will - determine the principal type. This optional field must be specified if using - workload identity. - enum: - - "" - - UserPrincipal - - InstancePrincipal - - Workload - type: string - region: - description: Region is the region where vault is located. - type: string - serviceAccountRef: - description: |- - ServiceAccountRef specified the service account - that should be used when authenticating with WorkloadIdentity. - properties: - audiences: - description: |- - Audience specifies the `aud` claim for the service account token - If the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity - then this audiences will be appended to the list - items: - type: string - type: array - name: - description: The name of the ServiceAccount resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - required: - - name - type: object - vault: - description: Vault is the vault's OCID of the specific vault where secret is located. - type: string - required: - - region - - vault - type: object - passworddepot: - description: Configures a store to sync secrets with a Password Depot instance. - properties: - auth: - description: Auth configures how secret-manager authenticates with a Password Depot instance. - properties: - secretRef: - properties: - credentials: - description: Username / Password is used for authentication. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - required: - - secretRef - type: object - database: - description: Database to use as source - type: string - host: - description: URL configures the Password Depot instance URL. - type: string - required: - - auth - - database - - host - type: object - vault: - description: Vault configures this store to sync secrets using Hashi provider - properties: - auth: - description: Auth configures how secret-manager authenticates with the Vault server. - properties: - appRole: - description: |- - AppRole authenticates with Vault using the App Role auth mechanism, - with the role and secret stored in a Kubernetes Secret resource. - properties: - path: - default: approle - description: |- - Path where the App Role authentication backend is mounted - in Vault, e.g: "approle" - type: string - roleId: - description: |- - RoleID configured in the App Role authentication backend when setting - up the authentication backend in Vault. - type: string - secretRef: - description: |- - Reference to a key in a Secret that contains the App Role secret used - to authenticate with Vault. - The `key` field must be specified and denotes which entry within the Secret - resource is used as the app role secret. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - required: - - path - - roleId - - secretRef - type: object - cert: - description: |- - Cert authenticates with TLS Certificates by passing client certificate, private key and ca certificate - Cert authentication method - properties: - clientCert: - description: |- - ClientCert is a certificate to authenticate using the Cert Vault - authentication method - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - secretRef: - description: |- - SecretRef to a key in a Secret resource containing client private key to - authenticate with Vault using the Cert authentication method - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - jwt: - description: |- - Jwt authenticates with Vault by passing role and JWT token using the - JWT/OIDC authentication method - properties: - kubernetesServiceAccountToken: - description: |- - Optional ServiceAccountToken specifies the Kubernetes service account for which to request - a token for with the `TokenRequest` API. - properties: - audiences: - description: |- - Optional audiences field that will be used to request a temporary Kubernetes service - account token for the service account referenced by `serviceAccountRef`. - Defaults to a single audience `vault` it not specified. - items: - type: string - type: array - expirationSeconds: - description: |- - Optional expiration time in seconds that will be used to request a temporary - Kubernetes service account token for the service account referenced by - `serviceAccountRef`. - Defaults to 10 minutes. - format: int64 - type: integer - serviceAccountRef: - description: Service account field containing the name of a kubernetes ServiceAccount. - properties: - audiences: - description: |- - Audience specifies the `aud` claim for the service account token - If the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity - then this audiences will be appended to the list - items: - type: string - type: array - name: - description: The name of the ServiceAccount resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - required: - - name - type: object - required: - - serviceAccountRef - type: object - path: - default: jwt - description: |- - Path where the JWT authentication backend is mounted - in Vault, e.g: "jwt" - type: string - role: - description: |- - Role is a JWT role to authenticate using the JWT/OIDC Vault - authentication method - type: string - secretRef: - description: |- - Optional SecretRef that refers to a key in a Secret resource containing JWT token to - authenticate with Vault using the JWT/OIDC authentication method. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - required: - - path - type: object - kubernetes: - description: |- - Kubernetes authenticates with Vault by passing the ServiceAccount - token stored in the named Secret resource to the Vault server. - properties: - mountPath: - default: kubernetes - description: |- - Path where the Kubernetes authentication backend is mounted in Vault, e.g: - "kubernetes" - type: string - role: - description: |- - A required field containing the Vault Role to assume. A Role binds a - Kubernetes ServiceAccount with a set of Vault policies. - type: string - secretRef: - description: |- - Optional secret field containing a Kubernetes ServiceAccount JWT used - for authenticating with Vault. If a name is specified without a key, - `token` is the default. If one is not specified, the one bound to - the controller will be used. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - serviceAccountRef: - description: |- - Optional service account field containing the name of a kubernetes ServiceAccount. - If the service account is specified, the service account secret token JWT will be used - for authenticating with Vault. If the service account selector is not supplied, - the secretRef will be used instead. - properties: - audiences: - description: |- - Audience specifies the `aud` claim for the service account token - If the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity - then this audiences will be appended to the list - items: - type: string - type: array - name: - description: The name of the ServiceAccount resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - required: - - name - type: object - required: - - mountPath - - role - type: object - ldap: - description: |- - Ldap authenticates with Vault by passing username/password pair using - the LDAP authentication method - properties: - path: - default: ldap - description: |- - Path where the LDAP authentication backend is mounted - in Vault, e.g: "ldap" - type: string - secretRef: - description: |- - SecretRef to a key in a Secret resource containing password for the LDAP - user used to authenticate with Vault using the LDAP authentication - method - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - username: - description: |- - Username is a LDAP user name used to authenticate using the LDAP Vault - authentication method - type: string - required: - - path - - username - type: object - tokenSecretRef: - description: TokenSecretRef authenticates with Vault by presenting a token. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - caBundle: - description: |- - PEM encoded CA bundle used to validate Vault server certificate. Only used - if the Server URL is using HTTPS protocol. This parameter is ignored for - plain HTTP protocol connection. If not set the system root certificates - are used to validate the TLS connection. - format: byte - type: string - caProvider: - description: The provider for the CA bundle to use to validate Vault server certificate. - properties: - key: - description: The key the value inside of the provider type to use, only used with "Secret" type - type: string - name: - description: The name of the object located at the provider type. - type: string - namespace: - description: The namespace the Provider type is in. - type: string - type: - description: The type of provider to use such as "Secret", or "ConfigMap". - enum: - - Secret - - ConfigMap - type: string - required: - - name - - type - type: object - forwardInconsistent: - description: |- - ForwardInconsistent tells Vault to forward read-after-write requests to the Vault - leader instead of simply retrying within a loop. This can increase performance if - the option is enabled serverside. - https://www.vaultproject.io/docs/configuration/replication#allow_forwarding_via_header - type: boolean - namespace: - description: |- - Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows - Vault environments to support Secure Multi-tenancy. e.g: "ns1". - More about namespaces can be found here https://www.vaultproject.io/docs/enterprise/namespaces - type: string - path: - description: |- - Path is the mount path of the Vault KV backend endpoint, e.g: - "secret". The v2 KV secret engine version specific "/data" path suffix - for fetching secrets from Vault is optional and will be appended - if not present in specified path. - type: string - readYourWrites: - description: |- - ReadYourWrites ensures isolated read-after-write semantics by - providing discovered cluster replication states in each request. - More information about eventual consistency in Vault can be found here - https://www.vaultproject.io/docs/enterprise/consistency - type: boolean - server: - description: 'Server is the connection address for the Vault server, e.g: "https://vault.example.com:8200".' - type: string - version: - default: v2 - description: |- - Version is the Vault KV secret engine version. This can be either "v1" or - "v2". Version defaults to "v2". - enum: - - v1 - - v2 - type: string - required: - - auth - - server - type: object - webhook: - description: Webhook configures this store to sync secrets using a generic templated webhook - properties: - body: - description: Body - type: string - caBundle: - description: |- - PEM encoded CA bundle used to validate webhook server certificate. Only used - if the Server URL is using HTTPS protocol. This parameter is ignored for - plain HTTP protocol connection. If not set the system root certificates - are used to validate the TLS connection. - format: byte - type: string - caProvider: - description: The provider for the CA bundle to use to validate webhook server certificate. - properties: - key: - description: The key the value inside of the provider type to use, only used with "Secret" type - type: string - name: - description: The name of the object located at the provider type. - type: string - namespace: - description: The namespace the Provider type is in. - type: string - type: - description: The type of provider to use such as "Secret", or "ConfigMap". - enum: - - Secret - - ConfigMap - type: string - required: - - name - - type - type: object - headers: - additionalProperties: - type: string - description: Headers - type: object - method: - description: Webhook Method - type: string - result: - description: Result formatting - properties: - jsonPath: - description: Json path of return value - type: string - type: object - secrets: - description: |- - Secrets to fill in templates - These secrets will be passed to the templating function as key value pairs under the given name - items: - properties: - name: - description: Name of this secret in templates - type: string - secretRef: - description: Secret ref to fill in credentials - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - required: - - name - - secretRef - type: object - type: array - timeout: - description: Timeout - type: string - url: - description: Webhook url to call - type: string - required: - - result - - url - type: object - yandexlockbox: - description: YandexLockbox configures this store to sync secrets using Yandex Lockbox provider - properties: - apiEndpoint: - description: Yandex.Cloud API endpoint (e.g. 'api.cloud.yandex.net:443') - type: string - auth: - description: Auth defines the information necessary to authenticate against Yandex Lockbox - properties: - authorizedKeySecretRef: - description: The authorized key used for authentication - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - caProvider: - description: The provider for the CA bundle to use to validate Yandex.Cloud server certificate. - properties: - certSecretRef: - description: |- - A reference to a specific 'key' within a Secret resource, - In some instances, `key` is a required field. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - required: - - auth - type: object - type: object - retrySettings: - description: Used to configure http retries if failed - properties: - maxRetries: - format: int32 - type: integer - retryInterval: - type: string - type: object - required: - - provider - type: object - status: - description: SecretStoreStatus defines the observed state of the SecretStore. - properties: - conditions: - items: - properties: - lastTransitionTime: - format: date-time - type: string - message: - type: string - reason: - type: string - status: - type: string - type: - type: string - required: - - status - - type - type: object - type: array - type: object - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: AGE - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].reason - name: Status - type: string - - jsonPath: .status.capabilities - name: Capabilities - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - name: v1beta1 - schema: - openAPIV3Schema: - description: ClusterSecretStore represents a secure external location for storing secrets, which can be referenced as part of `storeRef` fields. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: SecretStoreSpec defines the desired state of SecretStore. - properties: - conditions: - description: Used to constraint a ClusterSecretStore to specific namespaces. Relevant only to ClusterSecretStore - items: - description: |- - ClusterSecretStoreCondition describes a condition by which to choose namespaces to process ExternalSecrets in - for a ClusterSecretStore instance. - properties: - namespaceRegexes: - description: Choose namespaces by using regex matching - items: - type: string - type: array - namespaceSelector: - description: Choose namespace using a labelSelector - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - namespaces: - description: Choose namespaces by name - items: - type: string - type: array - type: object - type: array - controller: - description: |- - Used to select the correct ESO controller (think: ingress.ingressClassName) - The ESO controller is instantiated with a specific controller name and filters ES based on this property - type: string - provider: - description: Used to configure the provider. Only one provider may be set - maxProperties: 1 - minProperties: 1 - properties: - akeyless: - description: Akeyless configures this store to sync secrets using Akeyless Vault provider - properties: - akeylessGWApiURL: - description: Akeyless GW API Url from which the secrets to be fetched from. - type: string - authSecretRef: - description: Auth configures how the operator authenticates with Akeyless. - properties: - kubernetesAuth: - description: |- - Kubernetes authenticates with Akeyless by passing the ServiceAccount - token stored in the named Secret resource. - properties: - accessID: - description: the Akeyless Kubernetes auth-method access-id - type: string - k8sConfName: - description: Kubernetes-auth configuration name in Akeyless-Gateway - type: string - secretRef: - description: |- - Optional secret field containing a Kubernetes ServiceAccount JWT used - for authenticating with Akeyless. If a name is specified without a key, - `token` is the default. If one is not specified, the one bound to - the controller will be used. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - serviceAccountRef: - description: |- - Optional service account field containing the name of a kubernetes ServiceAccount. - If the service account is specified, the service account secret token JWT will be used - for authenticating with Akeyless. If the service account selector is not supplied, - the secretRef will be used instead. - properties: - audiences: - description: |- - Audience specifies the `aud` claim for the service account token - If the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity - then this audiences will be appended to the list - items: - type: string - type: array - name: - description: The name of the ServiceAccount resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - required: - - name - type: object - required: - - accessID - - k8sConfName - type: object - secretRef: - description: |- - Reference to a Secret that contains the details - to authenticate with Akeyless. - properties: - accessID: - description: The SecretAccessID is used for authentication - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - accessType: - description: |- - A reference to a specific 'key' within a Secret resource, - In some instances, `key` is a required field. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - accessTypeParam: - description: |- - A reference to a specific 'key' within a Secret resource, - In some instances, `key` is a required field. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - type: object - caBundle: - description: |- - PEM/base64 encoded CA bundle used to validate Akeyless Gateway certificate. Only used - if the AkeylessGWApiURL URL is using HTTPS protocol. If not set the system root certificates - are used to validate the TLS connection. - format: byte - type: string - caProvider: - description: The provider for the CA bundle to use to validate Akeyless Gateway certificate. - properties: - key: - description: The key where the CA certificate can be found in the Secret or ConfigMap. - type: string - name: - description: The name of the object located at the provider type. - type: string - namespace: - description: |- - The namespace the Provider type is in. - Can only be defined when used in a ClusterSecretStore. - type: string - type: - description: The type of provider to use such as "Secret", or "ConfigMap". - enum: - - Secret - - ConfigMap - type: string - required: - - name - - type - type: object - required: - - akeylessGWApiURL - - authSecretRef - type: object - alibaba: - description: Alibaba configures this store to sync secrets using Alibaba Cloud provider - properties: - auth: - description: AlibabaAuth contains a secretRef for credentials. - properties: - rrsa: - description: Authenticate against Alibaba using RRSA. - properties: - oidcProviderArn: - type: string - oidcTokenFilePath: - type: string - roleArn: - type: string - sessionName: - type: string - required: - - oidcProviderArn - - oidcTokenFilePath - - roleArn - - sessionName - type: object - secretRef: - description: AlibabaAuthSecretRef holds secret references for Alibaba credentials. - properties: - accessKeyIDSecretRef: - description: The AccessKeyID is used for authentication - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - accessKeySecretSecretRef: - description: The AccessKeySecret is used for authentication - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - required: - - accessKeyIDSecretRef - - accessKeySecretSecretRef - type: object - type: object - regionID: - description: Alibaba Region to be used for the provider - type: string - required: - - auth - - regionID - type: object - aws: - description: AWS configures this store to sync secrets using AWS Secret Manager provider - properties: - additionalRoles: - description: AdditionalRoles is a chained list of Role ARNs which the provider will sequentially assume before assuming the Role - items: - type: string - type: array - auth: - description: |- - Auth defines the information necessary to authenticate against AWS - if not set aws sdk will infer credentials from your environment - see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials - properties: - jwt: - description: Authenticate against AWS using service account tokens. - properties: - serviceAccountRef: - description: A reference to a ServiceAccount resource. - properties: - audiences: - description: |- - Audience specifies the `aud` claim for the service account token - If the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity - then this audiences will be appended to the list - items: - type: string - type: array - name: - description: The name of the ServiceAccount resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - required: - - name - type: object - type: object - secretRef: - description: |- - AWSAuthSecretRef holds secret references for AWS credentials - both AccessKeyID and SecretAccessKey must be defined in order to properly authenticate. - properties: - accessKeyIDSecretRef: - description: The AccessKeyID is used for authentication - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - secretAccessKeySecretRef: - description: The SecretAccessKey is used for authentication - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - sessionTokenSecretRef: - description: |- - The SessionToken used for authentication - This must be defined if AccessKeyID and SecretAccessKey are temporary credentials - see: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_use-resources.html - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - type: object - externalID: - description: AWS External ID set on assumed IAM roles - type: string - prefix: - description: Prefix adds a prefix to all retrieved values. - type: string - region: - description: AWS Region to be used for the provider - type: string - role: - description: Role is a Role ARN which the provider will assume - type: string - secretsManager: - description: SecretsManager defines how the provider behaves when interacting with AWS SecretsManager - properties: - forceDeleteWithoutRecovery: - description: |- - Specifies whether to delete the secret without any recovery window. You - can't use both this parameter and RecoveryWindowInDays in the same call. - If you don't use either, then by default Secrets Manager uses a 30 day - recovery window. - see: https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_DeleteSecret.html#SecretsManager-DeleteSecret-request-ForceDeleteWithoutRecovery - type: boolean - recoveryWindowInDays: - description: |- - The number of days from 7 to 30 that Secrets Manager waits before - permanently deleting the secret. You can't use both this parameter and - ForceDeleteWithoutRecovery in the same call. If you don't use either, - then by default Secrets Manager uses a 30 day recovery window. - see: https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_DeleteSecret.html#SecretsManager-DeleteSecret-request-RecoveryWindowInDays - format: int64 - type: integer - type: object - service: - description: Service defines which service should be used to fetch the secrets - enum: - - SecretsManager - - ParameterStore - type: string - sessionTags: - description: AWS STS assume role session tags - items: - properties: - key: - type: string - value: - type: string - required: - - key - - value - type: object - type: array - transitiveTagKeys: - description: AWS STS assume role transitive session tags. Required when multiple rules are used with the provider - items: - type: string - type: array - required: - - region - - service - type: object - azurekv: - description: AzureKV configures this store to sync secrets using Azure Key Vault provider - properties: - authSecretRef: - description: Auth configures how the operator authenticates with Azure. Required for ServicePrincipal auth type. Optional for WorkloadIdentity. - properties: - clientCertificate: - description: The Azure ClientCertificate of the service principle used for authentication. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - clientId: - description: The Azure clientId of the service principle or managed identity used for authentication. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - clientSecret: - description: The Azure ClientSecret of the service principle used for authentication. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - tenantId: - description: The Azure tenantId of the managed identity used for authentication. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - authType: - default: ServicePrincipal - description: |- - Auth type defines how to authenticate to the keyvault service. - Valid values are: - - "ServicePrincipal" (default): Using a service principal (tenantId, clientId, clientSecret) - - "ManagedIdentity": Using Managed Identity assigned to the pod (see aad-pod-identity) - enum: - - ServicePrincipal - - ManagedIdentity - - WorkloadIdentity - type: string - environmentType: - default: PublicCloud - description: |- - EnvironmentType specifies the Azure cloud environment endpoints to use for - connecting and authenticating with Azure. By default it points to the public cloud AAD endpoint. - The following endpoints are available, also see here: https://github.com/Azure/go-autorest/blob/main/autorest/azure/environments.go#L152 - PublicCloud, USGovernmentCloud, ChinaCloud, GermanCloud - enum: - - PublicCloud - - USGovernmentCloud - - ChinaCloud - - GermanCloud - type: string - identityId: - description: If multiple Managed Identity is assigned to the pod, you can select the one to be used - type: string - serviceAccountRef: - description: |- - ServiceAccountRef specified the service account - that should be used when authenticating with WorkloadIdentity. - properties: - audiences: - description: |- - Audience specifies the `aud` claim for the service account token - If the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity - then this audiences will be appended to the list - items: - type: string - type: array - name: - description: The name of the ServiceAccount resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - required: - - name - type: object - tenantId: - description: TenantID configures the Azure Tenant to send requests to. Required for ServicePrincipal auth type. Optional for WorkloadIdentity. - type: string - vaultUrl: - description: Vault Url from which the secrets to be fetched from. - type: string - required: - - vaultUrl - type: object - beyondtrust: - description: Beyondtrust configures this store to sync secrets using Password Safe provider. - properties: - auth: - description: Auth configures how the operator authenticates with Beyondtrust. - properties: - certificate: - description: Content of the certificate (cert.pem) for use when authenticating with an OAuth client Id using a Client Certificate. - properties: - secretRef: - description: SecretRef references a key in a secret that will be used as value. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - value: - description: Value can be specified directly to set a value without using a secret. - type: string - type: object - certificateKey: - description: Certificate private key (key.pem). For use when authenticating with an OAuth client Id - properties: - secretRef: - description: SecretRef references a key in a secret that will be used as value. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - value: - description: Value can be specified directly to set a value without using a secret. - type: string - type: object - clientId: - properties: - secretRef: - description: SecretRef references a key in a secret that will be used as value. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - value: - description: Value can be specified directly to set a value without using a secret. - type: string - type: object - clientSecret: - properties: - secretRef: - description: SecretRef references a key in a secret that will be used as value. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - value: - description: Value can be specified directly to set a value without using a secret. - type: string - type: object - required: - - clientId - - clientSecret - type: object - server: - description: Auth configures how API server works. - properties: - apiUrl: - type: string - clientTimeOutSeconds: - description: Timeout specifies a time limit for requests made by this Client. The timeout includes connection time, any redirects, and reading the response body. Defaults to 45 seconds. - type: integer - retrievalType: - description: The secret retrieval type. SECRET = Secrets Safe (credential, text, file). MANAGED_ACCOUNT = Password Safe account associated with a system. - type: string - separator: - description: A character that separates the folder names. - type: string - verifyCA: - type: boolean - required: - - apiUrl - - verifyCA - type: object - required: - - auth - - server - type: object - bitwardensecretsmanager: - description: BitwardenSecretsManager configures this store to sync secrets using BitwardenSecretsManager provider - properties: - apiURL: - type: string - auth: - description: |- - Auth configures how secret-manager authenticates with a bitwarden machine account instance. - Make sure that the token being used has permissions on the given secret. - properties: - secretRef: - description: BitwardenSecretsManagerSecretRef contains the credential ref to the bitwarden instance. - properties: - credentials: - description: AccessToken used for the bitwarden instance. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - required: - - credentials - type: object - required: - - secretRef - type: object - bitwardenServerSDKURL: - type: string - caBundle: - description: |- - Base64 encoded certificate for the bitwarden server sdk. The sdk MUST run with HTTPS to make sure no MITM attack - can be performed. - type: string - caProvider: - description: 'see: https://external-secrets.io/latest/spec/#external-secrets.io/v1alpha1.CAProvider' - properties: - key: - description: The key where the CA certificate can be found in the Secret or ConfigMap. - type: string - name: - description: The name of the object located at the provider type. - type: string - namespace: - description: |- - The namespace the Provider type is in. - Can only be defined when used in a ClusterSecretStore. - type: string - type: - description: The type of provider to use such as "Secret", or "ConfigMap". - enum: - - Secret - - ConfigMap - type: string - required: - - name - - type - type: object - identityURL: - type: string - organizationID: - description: OrganizationID determines which organization this secret store manages. - type: string - projectID: - description: ProjectID determines which project this secret store manages. - type: string - required: - - auth - - organizationID - - projectID - type: object - chef: - description: Chef configures this store to sync secrets with chef server - properties: - auth: - description: Auth defines the information necessary to authenticate against chef Server - properties: - secretRef: - description: ChefAuthSecretRef holds secret references for chef server login credentials. - properties: - privateKeySecretRef: - description: SecretKey is the Signing Key in PEM format, used for authentication. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - required: - - privateKeySecretRef - type: object - required: - - secretRef - type: object - serverUrl: - description: ServerURL is the chef server URL used to connect to. If using orgs you should include your org in the url and terminate the url with a "/" - type: string - username: - description: UserName should be the user ID on the chef server - type: string - required: - - auth - - serverUrl - - username - type: object - conjur: - description: Conjur configures this store to sync secrets using conjur provider - properties: - auth: - properties: - apikey: - properties: - account: - type: string - apiKeyRef: - description: |- - A reference to a specific 'key' within a Secret resource, - In some instances, `key` is a required field. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - userRef: - description: |- - A reference to a specific 'key' within a Secret resource, - In some instances, `key` is a required field. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - required: - - account - - apiKeyRef - - userRef - type: object - jwt: - properties: - account: - type: string - hostId: - description: |- - Optional HostID for JWT authentication. This may be used depending - on how the Conjur JWT authenticator policy is configured. - type: string - secretRef: - description: |- - Optional SecretRef that refers to a key in a Secret resource containing JWT token to - authenticate with Conjur using the JWT authentication method. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - serviceAccountRef: - description: |- - Optional ServiceAccountRef specifies the Kubernetes service account for which to request - a token for with the `TokenRequest` API. - properties: - audiences: - description: |- - Audience specifies the `aud` claim for the service account token - If the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity - then this audiences will be appended to the list - items: - type: string - type: array - name: - description: The name of the ServiceAccount resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - required: - - name - type: object - serviceID: - description: The conjur authn jwt webservice id - type: string - required: - - account - - serviceID - type: object - type: object - caBundle: - type: string - caProvider: - description: |- - Used to provide custom certificate authority (CA) certificates - for a secret store. The CAProvider points to a Secret or ConfigMap resource - that contains a PEM-encoded certificate. - properties: - key: - description: The key where the CA certificate can be found in the Secret or ConfigMap. - type: string - name: - description: The name of the object located at the provider type. - type: string - namespace: - description: |- - The namespace the Provider type is in. - Can only be defined when used in a ClusterSecretStore. - type: string - type: - description: The type of provider to use such as "Secret", or "ConfigMap". - enum: - - Secret - - ConfigMap - type: string - required: - - name - - type - type: object - url: - type: string - required: - - auth - - url - type: object - delinea: - description: |- - Delinea DevOps Secrets Vault - https://docs.delinea.com/online-help/products/devops-secrets-vault/current - properties: - clientId: - description: ClientID is the non-secret part of the credential. - properties: - secretRef: - description: SecretRef references a key in a secret that will be used as value. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - value: - description: Value can be specified directly to set a value without using a secret. - type: string - type: object - clientSecret: - description: ClientSecret is the secret part of the credential. - properties: - secretRef: - description: SecretRef references a key in a secret that will be used as value. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - value: - description: Value can be specified directly to set a value without using a secret. - type: string - type: object - tenant: - description: Tenant is the chosen hostname / site name. - type: string - tld: - description: |- - TLD is based on the server location that was chosen during provisioning. - If unset, defaults to "com". - type: string - urlTemplate: - description: |- - URLTemplate - If unset, defaults to "https://%s.secretsvaultcloud.%s/v1/%s%s". - type: string - required: - - clientId - - clientSecret - - tenant - type: object - device42: - description: Device42 configures this store to sync secrets using the Device42 provider - properties: - auth: - description: Auth configures how secret-manager authenticates with a Device42 instance. - properties: - secretRef: - properties: - credentials: - description: Username / Password is used for authentication. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - required: - - secretRef - type: object - host: - description: URL configures the Device42 instance URL. - type: string - required: - - auth - - host - type: object - doppler: - description: Doppler configures this store to sync secrets using the Doppler provider - properties: - auth: - description: Auth configures how the Operator authenticates with the Doppler API - properties: - secretRef: - properties: - dopplerToken: - description: |- - The DopplerToken is used for authentication. - See https://docs.doppler.com/reference/api#authentication for auth token types. - The Key attribute defaults to dopplerToken if not specified. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - required: - - dopplerToken - type: object - required: - - secretRef - type: object - config: - description: Doppler config (required if not using a Service Token) - type: string - format: - description: Format enables the downloading of secrets as a file (string) - enum: - - json - - dotnet-json - - env - - yaml - - docker - type: string - nameTransformer: - description: Environment variable compatible name transforms that change secret names to a different format - enum: - - upper-camel - - camel - - lower-snake - - tf-var - - dotnet-env - - lower-kebab - type: string - project: - description: Doppler project (required if not using a Service Token) - type: string - required: - - auth - type: object - fake: - description: Fake configures a store with static key/value pairs - properties: - data: - items: - properties: - key: - type: string - value: - type: string - valueMap: - additionalProperties: - type: string - description: 'Deprecated: ValueMap is deprecated and is intended to be removed in the future, use the `value` field instead.' - type: object - version: - type: string - required: - - key - type: object - type: array - required: - - data - type: object - fortanix: - description: Fortanix configures this store to sync secrets using the Fortanix provider - properties: - apiKey: - description: APIKey is the API token to access SDKMS Applications. - properties: - secretRef: - description: SecretRef is a reference to a secret containing the SDKMS API Key. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - apiUrl: - description: APIURL is the URL of SDKMS API. Defaults to `sdkms.fortanix.com`. - type: string - type: object - gcpsm: - description: GCPSM configures this store to sync secrets using Google Cloud Platform Secret Manager provider - properties: - auth: - description: Auth defines the information necessary to authenticate against GCP - properties: - secretRef: - properties: - secretAccessKeySecretRef: - description: The SecretAccessKey is used for authentication - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - workloadIdentity: - properties: - clusterLocation: - type: string - clusterName: - type: string - clusterProjectID: - type: string - serviceAccountRef: - description: A reference to a ServiceAccount resource. - properties: - audiences: - description: |- - Audience specifies the `aud` claim for the service account token - If the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity - then this audiences will be appended to the list - items: - type: string - type: array - name: - description: The name of the ServiceAccount resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - required: - - name - type: object - required: - - clusterLocation - - clusterName - - serviceAccountRef - type: object - type: object - location: - description: Location optionally defines a location for a secret - type: string - projectID: - description: ProjectID project where secret is located - type: string - type: object - gitlab: - description: GitLab configures this store to sync secrets using GitLab Variables provider - properties: - auth: - description: Auth configures how secret-manager authenticates with a GitLab instance. - properties: - SecretRef: - properties: - accessToken: - description: AccessToken is used for authentication. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - required: - - SecretRef - type: object - environment: - description: Environment environment_scope of gitlab CI/CD variables (Please see https://docs.gitlab.com/ee/ci/environments/#create-a-static-environment on how to create environments) - type: string - groupIDs: - description: GroupIDs specify, which gitlab groups to pull secrets from. Group secrets are read from left to right followed by the project variables. - items: - type: string - type: array - inheritFromGroups: - description: InheritFromGroups specifies whether parent groups should be discovered and checked for secrets. - type: boolean - projectID: - description: ProjectID specifies a project where secrets are located. - type: string - url: - description: URL configures the GitLab instance URL. Defaults to https://gitlab.com/. - type: string - required: - - auth - type: object - ibm: - description: IBM configures this store to sync secrets using IBM Cloud provider - properties: - auth: - description: Auth configures how secret-manager authenticates with the IBM secrets manager. - maxProperties: 1 - minProperties: 1 - properties: - containerAuth: - description: IBM Container-based auth with IAM Trusted Profile. - properties: - iamEndpoint: - type: string - profile: - description: the IBM Trusted Profile - type: string - tokenLocation: - description: Location the token is mounted on the pod - type: string - required: - - profile - type: object - secretRef: - properties: - secretApiKeySecretRef: - description: The SecretAccessKey is used for authentication - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - type: object - serviceUrl: - description: ServiceURL is the Endpoint URL that is specific to the Secrets Manager service instance - type: string - required: - - auth - type: object - infisical: - description: Infisical configures this store to sync secrets using the Infisical provider - properties: - auth: - description: Auth configures how the Operator authenticates with the Infisical API - properties: - universalAuthCredentials: - properties: - clientId: - description: |- - A reference to a specific 'key' within a Secret resource, - In some instances, `key` is a required field. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - clientSecret: - description: |- - A reference to a specific 'key' within a Secret resource, - In some instances, `key` is a required field. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - required: - - clientId - - clientSecret - type: object - type: object - hostAPI: - default: https://app.infisical.com/api - type: string - secretsScope: - properties: - environmentSlug: - type: string - projectSlug: - type: string - secretsPath: - default: / - type: string - required: - - environmentSlug - - projectSlug - type: object - required: - - auth - - secretsScope - type: object - keepersecurity: - description: KeeperSecurity configures this store to sync secrets using the KeeperSecurity provider - properties: - authRef: - description: |- - A reference to a specific 'key' within a Secret resource, - In some instances, `key` is a required field. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - folderID: - type: string - required: - - authRef - - folderID - type: object - kubernetes: - description: Kubernetes configures this store to sync secrets using a Kubernetes cluster provider - properties: - auth: - description: Auth configures how secret-manager authenticates with a Kubernetes instance. - maxProperties: 1 - minProperties: 1 - properties: - cert: - description: has both clientCert and clientKey as secretKeySelector - properties: - clientCert: - description: |- - A reference to a specific 'key' within a Secret resource, - In some instances, `key` is a required field. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - clientKey: - description: |- - A reference to a specific 'key' within a Secret resource, - In some instances, `key` is a required field. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - serviceAccount: - description: points to a service account that should be used for authentication - properties: - audiences: - description: |- - Audience specifies the `aud` claim for the service account token - If the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity - then this audiences will be appended to the list - items: - type: string - type: array - name: - description: The name of the ServiceAccount resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - required: - - name - type: object - token: - description: use static token to authenticate with - properties: - bearerToken: - description: |- - A reference to a specific 'key' within a Secret resource, - In some instances, `key` is a required field. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - type: object - authRef: - description: A reference to a secret that contains the auth information. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - remoteNamespace: - default: default - description: Remote namespace to fetch the secrets from - type: string - server: - description: configures the Kubernetes server Address. - properties: - caBundle: - description: CABundle is a base64-encoded CA certificate - format: byte - type: string - caProvider: - description: 'see: https://external-secrets.io/v0.4.1/spec/#external-secrets.io/v1alpha1.CAProvider' - properties: - key: - description: The key where the CA certificate can be found in the Secret or ConfigMap. - type: string - name: - description: The name of the object located at the provider type. - type: string - namespace: - description: |- - The namespace the Provider type is in. - Can only be defined when used in a ClusterSecretStore. - type: string - type: - description: The type of provider to use such as "Secret", or "ConfigMap". - enum: - - Secret - - ConfigMap - type: string - required: - - name - - type - type: object - url: - default: kubernetes.default - description: configures the Kubernetes server Address. - type: string - type: object - type: object - onboardbase: - description: Onboardbase configures this store to sync secrets using the Onboardbase provider - properties: - apiHost: - default: https://public.onboardbase.com/api/v1/ - description: APIHost use this to configure the host url for the API for selfhosted installation, default is https://public.onboardbase.com/api/v1/ - type: string - auth: - description: Auth configures how the Operator authenticates with the Onboardbase API - properties: - apiKeyRef: - description: |- - OnboardbaseAPIKey is the APIKey generated by an admin account. - It is used to recognize and authorize access to a project and environment within onboardbase - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - passcodeRef: - description: OnboardbasePasscode is the passcode attached to the API Key - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - required: - - apiKeyRef - - passcodeRef - type: object - environment: - default: development - description: Environment is the name of an environmnent within a project to pull the secrets from - type: string - project: - default: development - description: Project is an onboardbase project that the secrets should be pulled from - type: string - required: - - apiHost - - auth - - environment - - project - type: object - onepassword: - description: OnePassword configures this store to sync secrets using the 1Password Cloud provider - properties: - auth: - description: Auth defines the information necessary to authenticate against OnePassword Connect Server - properties: - secretRef: - description: OnePasswordAuthSecretRef holds secret references for 1Password credentials. - properties: - connectTokenSecretRef: - description: The ConnectToken is used for authentication to a 1Password Connect Server. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - required: - - connectTokenSecretRef - type: object - required: - - secretRef - type: object - connectHost: - description: ConnectHost defines the OnePassword Connect Server to connect to - type: string - vaults: - additionalProperties: - type: integer - description: Vaults defines which OnePassword vaults to search in which order - type: object - required: - - auth - - connectHost - - vaults - type: object - oracle: - description: Oracle configures this store to sync secrets using Oracle Vault provider - properties: - auth: - description: |- - Auth configures how secret-manager authenticates with the Oracle Vault. - If empty, use the instance principal, otherwise the user credentials specified in Auth. - properties: - secretRef: - description: SecretRef to pass through sensitive information. - properties: - fingerprint: - description: Fingerprint is the fingerprint of the API private key. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - privatekey: - description: PrivateKey is the user's API Signing Key in PEM format, used for authentication. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - required: - - fingerprint - - privatekey - type: object - tenancy: - description: Tenancy is the tenancy OCID where user is located. - type: string - user: - description: User is an access OCID specific to the account. - type: string - required: - - secretRef - - tenancy - - user - type: object - compartment: - description: |- - Compartment is the vault compartment OCID. - Required for PushSecret - type: string - encryptionKey: - description: |- - EncryptionKey is the OCID of the encryption key within the vault. - Required for PushSecret - type: string - principalType: - description: |- - The type of principal to use for authentication. If left blank, the Auth struct will - determine the principal type. This optional field must be specified if using - workload identity. - enum: - - "" - - UserPrincipal - - InstancePrincipal - - Workload - type: string - region: - description: Region is the region where vault is located. - type: string - serviceAccountRef: - description: |- - ServiceAccountRef specified the service account - that should be used when authenticating with WorkloadIdentity. - properties: - audiences: - description: |- - Audience specifies the `aud` claim for the service account token - If the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity - then this audiences will be appended to the list - items: - type: string - type: array - name: - description: The name of the ServiceAccount resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - required: - - name - type: object - vault: - description: Vault is the vault's OCID of the specific vault where secret is located. - type: string - required: - - region - - vault - type: object - passbolt: - properties: - auth: - description: Auth defines the information necessary to authenticate against Passbolt Server - properties: - passwordSecretRef: - description: |- - A reference to a specific 'key' within a Secret resource, - In some instances, `key` is a required field. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - privateKeySecretRef: - description: |- - A reference to a specific 'key' within a Secret resource, - In some instances, `key` is a required field. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - required: - - passwordSecretRef - - privateKeySecretRef - type: object - host: - description: Host defines the Passbolt Server to connect to - type: string - required: - - auth - - host - type: object - passworddepot: - description: Configures a store to sync secrets with a Password Depot instance. - properties: - auth: - description: Auth configures how secret-manager authenticates with a Password Depot instance. - properties: - secretRef: - properties: - credentials: - description: Username / Password is used for authentication. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - required: - - secretRef - type: object - database: - description: Database to use as source - type: string - host: - description: URL configures the Password Depot instance URL. - type: string - required: - - auth - - database - - host - type: object - pulumi: - description: Pulumi configures this store to sync secrets using the Pulumi provider - properties: - accessToken: - description: AccessToken is the access tokens to sign in to the Pulumi Cloud Console. - properties: - secretRef: - description: SecretRef is a reference to a secret containing the Pulumi API token. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - apiUrl: - default: https://api.pulumi.com/api/preview - description: APIURL is the URL of the Pulumi API. - type: string - environment: - description: |- - Environment are YAML documents composed of static key-value pairs, programmatic expressions, - dynamically retrieved values from supported providers including all major clouds, - and other Pulumi ESC environments. - To create a new environment, visit https://www.pulumi.com/docs/esc/environments/ for more information. - type: string - organization: - description: |- - Organization are a space to collaborate on shared projects and stacks. - To create a new organization, visit https://app.pulumi.com/ and click "New Organization". - type: string - required: - - accessToken - - environment - - organization - type: object - scaleway: - description: Scaleway - properties: - accessKey: - description: AccessKey is the non-secret part of the api key. - properties: - secretRef: - description: SecretRef references a key in a secret that will be used as value. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - value: - description: Value can be specified directly to set a value without using a secret. - type: string - type: object - apiUrl: - description: APIURL is the url of the api to use. Defaults to https://api.scaleway.com - type: string - projectId: - description: 'ProjectID is the id of your project, which you can find in the console: https://console.scaleway.com/project/settings' - type: string - region: - description: 'Region where your secrets are located: https://developers.scaleway.com/en/quickstart/#region-and-zone' - type: string - secretKey: - description: SecretKey is the non-secret part of the api key. - properties: - secretRef: - description: SecretRef references a key in a secret that will be used as value. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - value: - description: Value can be specified directly to set a value without using a secret. - type: string - type: object - required: - - accessKey - - projectId - - region - - secretKey - type: object - secretserver: - description: |- - SecretServer configures this store to sync secrets using SecretServer provider - https://docs.delinea.com/online-help/secret-server/start.htm - properties: - password: - description: Password is the secret server account password. - properties: - secretRef: - description: SecretRef references a key in a secret that will be used as value. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - value: - description: Value can be specified directly to set a value without using a secret. - type: string - type: object - serverURL: - description: |- - ServerURL - URL to your secret server installation - type: string - username: - description: Username is the secret server account username. - properties: - secretRef: - description: SecretRef references a key in a secret that will be used as value. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - value: - description: Value can be specified directly to set a value without using a secret. - type: string - type: object - required: - - password - - serverURL - - username - type: object - senhasegura: - description: Senhasegura configures this store to sync secrets using senhasegura provider - properties: - auth: - description: Auth defines parameters to authenticate in senhasegura - properties: - clientId: - type: string - clientSecretSecretRef: - description: |- - A reference to a specific 'key' within a Secret resource, - In some instances, `key` is a required field. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - required: - - clientId - - clientSecretSecretRef - type: object - ignoreSslCertificate: - default: false - description: IgnoreSslCertificate defines if SSL certificate must be ignored - type: boolean - module: - description: Module defines which senhasegura module should be used to get secrets - type: string - url: - description: URL of senhasegura - type: string - required: - - auth - - module - - url - type: object - vault: - description: Vault configures this store to sync secrets using Hashi provider - properties: - auth: - description: Auth configures how secret-manager authenticates with the Vault server. - properties: - appRole: - description: |- - AppRole authenticates with Vault using the App Role auth mechanism, - with the role and secret stored in a Kubernetes Secret resource. - properties: - path: - default: approle - description: |- - Path where the App Role authentication backend is mounted - in Vault, e.g: "approle" - type: string - roleId: - description: |- - RoleID configured in the App Role authentication backend when setting - up the authentication backend in Vault. - type: string - roleRef: - description: |- - Reference to a key in a Secret that contains the App Role ID used - to authenticate with Vault. - The `key` field must be specified and denotes which entry within the Secret - resource is used as the app role id. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - secretRef: - description: |- - Reference to a key in a Secret that contains the App Role secret used - to authenticate with Vault. - The `key` field must be specified and denotes which entry within the Secret - resource is used as the app role secret. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - required: - - path - - secretRef - type: object - cert: - description: |- - Cert authenticates with TLS Certificates by passing client certificate, private key and ca certificate - Cert authentication method - properties: - clientCert: - description: |- - ClientCert is a certificate to authenticate using the Cert Vault - authentication method - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - secretRef: - description: |- - SecretRef to a key in a Secret resource containing client private key to - authenticate with Vault using the Cert authentication method - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - iam: - description: |- - Iam authenticates with vault by passing a special AWS request signed with AWS IAM credentials - AWS IAM authentication method - properties: - externalID: - description: AWS External ID set on assumed IAM roles - type: string - jwt: - description: Specify a service account with IRSA enabled - properties: - serviceAccountRef: - description: A reference to a ServiceAccount resource. - properties: - audiences: - description: |- - Audience specifies the `aud` claim for the service account token - If the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity - then this audiences will be appended to the list - items: - type: string - type: array - name: - description: The name of the ServiceAccount resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - required: - - name - type: object - type: object - path: - description: 'Path where the AWS auth method is enabled in Vault, e.g: "aws"' - type: string - region: - description: AWS region - type: string - role: - description: This is the AWS role to be assumed before talking to vault - type: string - secretRef: - description: Specify credentials in a Secret object - properties: - accessKeyIDSecretRef: - description: The AccessKeyID is used for authentication - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - secretAccessKeySecretRef: - description: The SecretAccessKey is used for authentication - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - sessionTokenSecretRef: - description: |- - The SessionToken used for authentication - This must be defined if AccessKeyID and SecretAccessKey are temporary credentials - see: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_use-resources.html - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - vaultAwsIamServerID: - description: 'X-Vault-AWS-IAM-Server-ID is an additional header used by Vault IAM auth method to mitigate against different types of replay attacks. More details here: https://developer.hashicorp.com/vault/docs/auth/aws' - type: string - vaultRole: - description: Vault Role. In vault, a role describes an identity with a set of permissions, groups, or policies you want to attach a user of the secrets engine - type: string - required: - - vaultRole - type: object - jwt: - description: |- - Jwt authenticates with Vault by passing role and JWT token using the - JWT/OIDC authentication method - properties: - kubernetesServiceAccountToken: - description: |- - Optional ServiceAccountToken specifies the Kubernetes service account for which to request - a token for with the `TokenRequest` API. - properties: - audiences: - description: |- - Optional audiences field that will be used to request a temporary Kubernetes service - account token for the service account referenced by `serviceAccountRef`. - Defaults to a single audience `vault` it not specified. - Deprecated: use serviceAccountRef.Audiences instead - items: - type: string - type: array - expirationSeconds: - description: |- - Optional expiration time in seconds that will be used to request a temporary - Kubernetes service account token for the service account referenced by - `serviceAccountRef`. - Deprecated: this will be removed in the future. - Defaults to 10 minutes. - format: int64 - type: integer - serviceAccountRef: - description: Service account field containing the name of a kubernetes ServiceAccount. - properties: - audiences: - description: |- - Audience specifies the `aud` claim for the service account token - If the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity - then this audiences will be appended to the list - items: - type: string - type: array - name: - description: The name of the ServiceAccount resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - required: - - name - type: object - required: - - serviceAccountRef - type: object - path: - default: jwt - description: |- - Path where the JWT authentication backend is mounted - in Vault, e.g: "jwt" - type: string - role: - description: |- - Role is a JWT role to authenticate using the JWT/OIDC Vault - authentication method - type: string - secretRef: - description: |- - Optional SecretRef that refers to a key in a Secret resource containing JWT token to - authenticate with Vault using the JWT/OIDC authentication method. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - required: - - path - type: object - kubernetes: - description: |- - Kubernetes authenticates with Vault by passing the ServiceAccount - token stored in the named Secret resource to the Vault server. - properties: - mountPath: - default: kubernetes - description: |- - Path where the Kubernetes authentication backend is mounted in Vault, e.g: - "kubernetes" - type: string - role: - description: |- - A required field containing the Vault Role to assume. A Role binds a - Kubernetes ServiceAccount with a set of Vault policies. - type: string - secretRef: - description: |- - Optional secret field containing a Kubernetes ServiceAccount JWT used - for authenticating with Vault. If a name is specified without a key, - `token` is the default. If one is not specified, the one bound to - the controller will be used. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - serviceAccountRef: - description: |- - Optional service account field containing the name of a kubernetes ServiceAccount. - If the service account is specified, the service account secret token JWT will be used - for authenticating with Vault. If the service account selector is not supplied, - the secretRef will be used instead. - properties: - audiences: - description: |- - Audience specifies the `aud` claim for the service account token - If the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity - then this audiences will be appended to the list - items: - type: string - type: array - name: - description: The name of the ServiceAccount resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - required: - - name - type: object - required: - - mountPath - - role - type: object - ldap: - description: |- - Ldap authenticates with Vault by passing username/password pair using - the LDAP authentication method - properties: - path: - default: ldap - description: |- - Path where the LDAP authentication backend is mounted - in Vault, e.g: "ldap" - type: string - secretRef: - description: |- - SecretRef to a key in a Secret resource containing password for the LDAP - user used to authenticate with Vault using the LDAP authentication - method - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - username: - description: |- - Username is a LDAP user name used to authenticate using the LDAP Vault - authentication method - type: string - required: - - path - - username - type: object - namespace: - description: |- - Name of the vault namespace to authenticate to. This can be different than the namespace your secret is in. - Namespaces is a set of features within Vault Enterprise that allows - Vault environments to support Secure Multi-tenancy. e.g: "ns1". - More about namespaces can be found here https://www.vaultproject.io/docs/enterprise/namespaces - This will default to Vault.Namespace field if set, or empty otherwise - type: string - tokenSecretRef: - description: TokenSecretRef authenticates with Vault by presenting a token. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - userPass: - description: UserPass authenticates with Vault by passing username/password pair - properties: - path: - default: user - description: |- - Path where the UserPassword authentication backend is mounted - in Vault, e.g: "user" - type: string - secretRef: - description: |- - SecretRef to a key in a Secret resource containing password for the - user used to authenticate with Vault using the UserPass authentication - method - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - username: - description: |- - Username is a user name used to authenticate using the UserPass Vault - authentication method - type: string - required: - - path - - username - type: object - type: object - caBundle: - description: |- - PEM encoded CA bundle used to validate Vault server certificate. Only used - if the Server URL is using HTTPS protocol. This parameter is ignored for - plain HTTP protocol connection. If not set the system root certificates - are used to validate the TLS connection. - format: byte - type: string - caProvider: - description: The provider for the CA bundle to use to validate Vault server certificate. - properties: - key: - description: The key where the CA certificate can be found in the Secret or ConfigMap. - type: string - name: - description: The name of the object located at the provider type. - type: string - namespace: - description: |- - The namespace the Provider type is in. - Can only be defined when used in a ClusterSecretStore. - type: string - type: - description: The type of provider to use such as "Secret", or "ConfigMap". - enum: - - Secret - - ConfigMap - type: string - required: - - name - - type - type: object - forwardInconsistent: - description: |- - ForwardInconsistent tells Vault to forward read-after-write requests to the Vault - leader instead of simply retrying within a loop. This can increase performance if - the option is enabled serverside. - https://www.vaultproject.io/docs/configuration/replication#allow_forwarding_via_header - type: boolean - headers: - additionalProperties: - type: string - description: Headers to be added in Vault request - type: object - namespace: - description: |- - Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows - Vault environments to support Secure Multi-tenancy. e.g: "ns1". - More about namespaces can be found here https://www.vaultproject.io/docs/enterprise/namespaces - type: string - path: - description: |- - Path is the mount path of the Vault KV backend endpoint, e.g: - "secret". The v2 KV secret engine version specific "/data" path suffix - for fetching secrets from Vault is optional and will be appended - if not present in specified path. - type: string - readYourWrites: - description: |- - ReadYourWrites ensures isolated read-after-write semantics by - providing discovered cluster replication states in each request. - More information about eventual consistency in Vault can be found here - https://www.vaultproject.io/docs/enterprise/consistency - type: boolean - server: - description: 'Server is the connection address for the Vault server, e.g: "https://vault.example.com:8200".' - type: string - tls: - description: |- - The configuration used for client side related TLS communication, when the Vault server - requires mutual authentication. Only used if the Server URL is using HTTPS protocol. - This parameter is ignored for plain HTTP protocol connection. - It's worth noting this configuration is different from the "TLS certificates auth method", - which is available under the `auth.cert` section. - properties: - certSecretRef: - description: |- - CertSecretRef is a certificate added to the transport layer - when communicating with the Vault server. - If no key for the Secret is specified, external-secret will default to 'tls.crt'. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - keySecretRef: - description: |- - KeySecretRef to a key in a Secret resource containing client private key - added to the transport layer when communicating with the Vault server. - If no key for the Secret is specified, external-secret will default to 'tls.key'. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - version: - default: v2 - description: |- - Version is the Vault KV secret engine version. This can be either "v1" or - "v2". Version defaults to "v2". - enum: - - v1 - - v2 - type: string - required: - - auth - - server - type: object - webhook: - description: Webhook configures this store to sync secrets using a generic templated webhook - properties: - body: - description: Body - type: string - caBundle: - description: |- - PEM encoded CA bundle used to validate webhook server certificate. Only used - if the Server URL is using HTTPS protocol. This parameter is ignored for - plain HTTP protocol connection. If not set the system root certificates - are used to validate the TLS connection. - format: byte - type: string - caProvider: - description: The provider for the CA bundle to use to validate webhook server certificate. - properties: - key: - description: The key the value inside of the provider type to use, only used with "Secret" type - type: string - name: - description: The name of the object located at the provider type. - type: string - namespace: - description: The namespace the Provider type is in. - type: string - type: - description: The type of provider to use such as "Secret", or "ConfigMap". - enum: - - Secret - - ConfigMap - type: string - required: - - name - - type - type: object - headers: - additionalProperties: - type: string - description: Headers - type: object - method: - description: Webhook Method - type: string - result: - description: Result formatting - properties: - jsonPath: - description: Json path of return value - type: string - type: object - secrets: - description: |- - Secrets to fill in templates - These secrets will be passed to the templating function as key value pairs under the given name - items: - properties: - name: - description: Name of this secret in templates - type: string - secretRef: - description: Secret ref to fill in credentials - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - required: - - name - - secretRef - type: object - type: array - timeout: - description: Timeout - type: string - url: - description: Webhook url to call - type: string - required: - - result - - url - type: object - yandexcertificatemanager: - description: YandexCertificateManager configures this store to sync secrets using Yandex Certificate Manager provider - properties: - apiEndpoint: - description: Yandex.Cloud API endpoint (e.g. 'api.cloud.yandex.net:443') - type: string - auth: - description: Auth defines the information necessary to authenticate against Yandex Certificate Manager - properties: - authorizedKeySecretRef: - description: The authorized key used for authentication - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - caProvider: - description: The provider for the CA bundle to use to validate Yandex.Cloud server certificate. - properties: - certSecretRef: - description: |- - A reference to a specific 'key' within a Secret resource, - In some instances, `key` is a required field. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - required: - - auth - type: object - yandexlockbox: - description: YandexLockbox configures this store to sync secrets using Yandex Lockbox provider - properties: - apiEndpoint: - description: Yandex.Cloud API endpoint (e.g. 'api.cloud.yandex.net:443') - type: string - auth: - description: Auth defines the information necessary to authenticate against Yandex Lockbox - properties: - authorizedKeySecretRef: - description: The authorized key used for authentication - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - caProvider: - description: The provider for the CA bundle to use to validate Yandex.Cloud server certificate. - properties: - certSecretRef: - description: |- - A reference to a specific 'key' within a Secret resource, - In some instances, `key` is a required field. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - required: - - auth - type: object - type: object - refreshInterval: - description: Used to configure store refresh interval in seconds. Empty or 0 will default to the controller config. - type: integer - retrySettings: - description: Used to configure http retries if failed - properties: - maxRetries: - format: int32 - type: integer - retryInterval: - type: string - type: object - required: - - provider - type: object - status: - description: SecretStoreStatus defines the observed state of the SecretStore. - properties: - capabilities: - description: SecretStoreCapabilities defines the possible operations a SecretStore can do. - type: string - conditions: - items: - properties: - lastTransitionTime: - format: date-time - type: string - message: - type: string - reason: - type: string - status: - type: string - type: - type: string - required: - - status - - type - type: object - type: array - type: object - type: object - served: true - storage: true - subresources: - status: {} -{{- if .Values.crds.conversion.enabled }} - conversion: - strategy: Webhook - webhook: - conversionReviewVersions: - - v1 - clientConfig: - service: - name: {{ include "external-secrets.fullname" . }}-webhook - namespace: {{ .Release.Namespace | quote }} - path: /convert -{{- end }} -{{- end }} diff --git a/charts/external-secrets/external-secrets/templates/crds/ecrauthorizationtoken.yaml b/charts/external-secrets/external-secrets/templates/crds/ecrauthorizationtoken.yaml deleted file mode 100644 index f015e11..0000000 --- a/charts/external-secrets/external-secrets/templates/crds/ecrauthorizationtoken.yaml +++ /dev/null @@ -1,177 +0,0 @@ -{{- if .Values.installCRDs }} -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - {{- with .Values.crds.annotations }} - {{- toYaml . | nindent 4}} - {{- end }} - {{- if and .Values.crds.conversion.enabled .Values.webhook.certManager.enabled .Values.webhook.certManager.addInjectorAnnotations }} - cert-manager.io/inject-ca-from: {{ .Release.Namespace }}/{{ include "external-secrets.fullname" . }}-webhook - {{- end }} - controller-gen.kubebuilder.io/version: v0.16.1 - labels: - external-secrets.io/component: controller - name: ecrauthorizationtokens.generators.external-secrets.io -spec: - group: generators.external-secrets.io - names: - categories: - - ecrauthorizationtoken - kind: ECRAuthorizationToken - listKind: ECRAuthorizationTokenList - plural: ecrauthorizationtokens - shortNames: - - ecrauthorizationtoken - singular: ecrauthorizationtoken - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: |- - ECRAuthorizationTokenSpec uses the GetAuthorizationToken API to retrieve an - authorization token. - The authorization token is valid for 12 hours. - The authorizationToken returned is a base64 encoded string that can be decoded - and used in a docker login command to authenticate to a registry. - For more information, see Registry authentication (https://docs.aws.amazon.com/AmazonECR/latest/userguide/Registries.html#registry_auth) in the Amazon Elastic Container Registry User Guide. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - properties: - auth: - description: Auth defines how to authenticate with AWS - properties: - jwt: - description: Authenticate against AWS using service account tokens. - properties: - serviceAccountRef: - description: A reference to a ServiceAccount resource. - properties: - audiences: - description: |- - Audience specifies the `aud` claim for the service account token - If the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity - then this audiences will be appended to the list - items: - type: string - type: array - name: - description: The name of the ServiceAccount resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - required: - - name - type: object - type: object - secretRef: - description: |- - AWSAuthSecretRef holds secret references for AWS credentials - both AccessKeyID and SecretAccessKey must be defined in order to properly authenticate. - properties: - accessKeyIDSecretRef: - description: The AccessKeyID is used for authentication - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - secretAccessKeySecretRef: - description: The SecretAccessKey is used for authentication - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - sessionTokenSecretRef: - description: |- - The SessionToken used for authentication - This must be defined if AccessKeyID and SecretAccessKey are temporary credentials - see: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_use-resources.html - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - type: object - region: - description: Region specifies the region to operate in. - type: string - role: - description: |- - You can assume a role before making calls to the - desired AWS service. - type: string - required: - - region - type: object - type: object - served: true - storage: true - subresources: - status: {} -{{- if .Values.crds.conversion.enabled }} - conversion: - strategy: Webhook - webhook: - conversionReviewVersions: - - v1 - clientConfig: - service: - name: {{ include "external-secrets.fullname" . }}-webhook - namespace: {{ .Release.Namespace | quote }} - path: /convert -{{- end }} -{{- end }} diff --git a/charts/external-secrets/external-secrets/templates/crds/externalsecret.yaml b/charts/external-secrets/external-secrets/templates/crds/externalsecret.yaml deleted file mode 100644 index 817690b..0000000 --- a/charts/external-secrets/external-secrets/templates/crds/externalsecret.yaml +++ /dev/null @@ -1,820 +0,0 @@ -{{- if .Values.installCRDs }} -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - {{- with .Values.crds.annotations }} - {{- toYaml . | nindent 4}} - {{- end }} - {{- if and .Values.crds.conversion.enabled .Values.webhook.certManager.enabled .Values.webhook.certManager.addInjectorAnnotations }} - cert-manager.io/inject-ca-from: {{ .Release.Namespace }}/{{ include "external-secrets.fullname" . }}-webhook - {{- end }} - controller-gen.kubebuilder.io/version: v0.16.1 - labels: - external-secrets.io/component: controller - name: externalsecrets.external-secrets.io -spec: - group: external-secrets.io - names: - categories: - - externalsecrets - kind: ExternalSecret - listKind: ExternalSecretList - plural: externalsecrets - shortNames: - - es - singular: externalsecret - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .spec.secretStoreRef.name - name: Store - type: string - - jsonPath: .spec.refreshInterval - name: Refresh Interval - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].reason - name: Status - type: string - deprecated: true - name: v1alpha1 - schema: - openAPIV3Schema: - description: ExternalSecret is the Schema for the external-secrets API. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: ExternalSecretSpec defines the desired state of ExternalSecret. - properties: - data: - description: Data defines the connection between the Kubernetes Secret keys and the Provider data - items: - description: ExternalSecretData defines the connection between the Kubernetes Secret key (spec.data.) and the Provider data. - properties: - remoteRef: - description: ExternalSecretDataRemoteRef defines Provider data location. - properties: - conversionStrategy: - default: Default - description: Used to define a conversion Strategy - enum: - - Default - - Unicode - type: string - key: - description: Key is the key used in the Provider, mandatory - type: string - property: - description: Used to select a specific property of the Provider value (if a map), if supported - type: string - version: - description: Used to select a specific version of the Provider value, if supported - type: string - required: - - key - type: object - secretKey: - type: string - required: - - remoteRef - - secretKey - type: object - type: array - dataFrom: - description: |- - DataFrom is used to fetch all properties from a specific Provider data - If multiple entries are specified, the Secret keys are merged in the specified order - items: - description: ExternalSecretDataRemoteRef defines Provider data location. - properties: - conversionStrategy: - default: Default - description: Used to define a conversion Strategy - enum: - - Default - - Unicode - type: string - key: - description: Key is the key used in the Provider, mandatory - type: string - property: - description: Used to select a specific property of the Provider value (if a map), if supported - type: string - version: - description: Used to select a specific version of the Provider value, if supported - type: string - required: - - key - type: object - type: array - refreshInterval: - default: 1h - description: |- - RefreshInterval is the amount of time before the values are read again from the SecretStore provider - Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h" - May be set to zero to fetch and create it once. Defaults to 1h. - type: string - secretStoreRef: - description: SecretStoreRef defines which SecretStore to fetch the ExternalSecret data. - properties: - kind: - description: |- - Kind of the SecretStore resource (SecretStore or ClusterSecretStore) - Defaults to `SecretStore` - type: string - name: - description: Name of the SecretStore resource - type: string - required: - - name - type: object - target: - description: |- - ExternalSecretTarget defines the Kubernetes Secret to be created - There can be only one target per ExternalSecret. - properties: - creationPolicy: - default: Owner - description: |- - CreationPolicy defines rules on how to create the resulting Secret - Defaults to 'Owner' - enum: - - Owner - - Merge - - None - type: string - immutable: - description: Immutable defines if the final secret will be immutable - type: boolean - name: - description: |- - Name defines the name of the Secret resource to be managed - This field is immutable - Defaults to the .metadata.name of the ExternalSecret resource - type: string - template: - description: Template defines a blueprint for the created Secret resource. - properties: - data: - additionalProperties: - type: string - type: object - engineVersion: - default: v1 - description: |- - EngineVersion specifies the template engine version - that should be used to compile/execute the - template specified in .data and .templateFrom[]. - enum: - - v1 - - v2 - type: string - metadata: - description: ExternalSecretTemplateMetadata defines metadata fields for the Secret blueprint. - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - templateFrom: - items: - maxProperties: 1 - minProperties: 1 - properties: - configMap: - properties: - items: - items: - properties: - key: - type: string - required: - - key - type: object - type: array - name: - type: string - required: - - items - - name - type: object - secret: - properties: - items: - items: - properties: - key: - type: string - required: - - key - type: object - type: array - name: - type: string - required: - - items - - name - type: object - type: object - type: array - type: - type: string - type: object - type: object - required: - - secretStoreRef - - target - type: object - status: - properties: - binding: - description: Binding represents a servicebinding.io Provisioned Service reference to the secret - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - type: object - x-kubernetes-map-type: atomic - conditions: - items: - properties: - lastTransitionTime: - format: date-time - type: string - message: - type: string - reason: - type: string - status: - type: string - type: - type: string - required: - - status - - type - type: object - type: array - refreshTime: - description: |- - refreshTime is the time and date the external secret was fetched and - the target secret updated - format: date-time - nullable: true - type: string - syncedResourceVersion: - description: SyncedResourceVersion keeps track of the last synced version - type: string - type: object - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .spec.secretStoreRef.name - name: Store - type: string - - jsonPath: .spec.refreshInterval - name: Refresh Interval - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].reason - name: Status - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - name: v1beta1 - schema: - openAPIV3Schema: - description: ExternalSecret is the Schema for the external-secrets API. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: ExternalSecretSpec defines the desired state of ExternalSecret. - properties: - data: - description: Data defines the connection between the Kubernetes Secret keys and the Provider data - items: - description: ExternalSecretData defines the connection between the Kubernetes Secret key (spec.data.) and the Provider data. - properties: - remoteRef: - description: |- - RemoteRef points to the remote secret and defines - which secret (version/property/..) to fetch. - properties: - conversionStrategy: - default: Default - description: Used to define a conversion Strategy - enum: - - Default - - Unicode - type: string - decodingStrategy: - default: None - description: Used to define a decoding Strategy - enum: - - Auto - - Base64 - - Base64URL - - None - type: string - key: - description: Key is the key used in the Provider, mandatory - type: string - metadataPolicy: - default: None - description: Policy for fetching tags/labels from provider secrets, possible options are Fetch, None. Defaults to None - enum: - - None - - Fetch - type: string - property: - description: Used to select a specific property of the Provider value (if a map), if supported - type: string - version: - description: Used to select a specific version of the Provider value, if supported - type: string - required: - - key - type: object - secretKey: - description: |- - SecretKey defines the key in which the controller stores - the value. This is the key in the Kind=Secret - type: string - sourceRef: - description: |- - SourceRef allows you to override the source - from which the value will pulled from. - maxProperties: 1 - properties: - generatorRef: - description: |- - GeneratorRef points to a generator custom resource. - - Deprecated: The generatorRef is not implemented in .data[]. - this will be removed with v1. - properties: - apiVersion: - default: generators.external-secrets.io/v1alpha1 - description: Specify the apiVersion of the generator resource - type: string - kind: - description: Specify the Kind of the resource, e.g. Password, ACRAccessToken etc. - type: string - name: - description: Specify the name of the generator resource - type: string - required: - - kind - - name - type: object - storeRef: - description: SecretStoreRef defines which SecretStore to fetch the ExternalSecret data. - properties: - kind: - description: |- - Kind of the SecretStore resource (SecretStore or ClusterSecretStore) - Defaults to `SecretStore` - type: string - name: - description: Name of the SecretStore resource - type: string - required: - - name - type: object - type: object - required: - - remoteRef - - secretKey - type: object - type: array - dataFrom: - description: |- - DataFrom is used to fetch all properties from a specific Provider data - If multiple entries are specified, the Secret keys are merged in the specified order - items: - properties: - extract: - description: |- - Used to extract multiple key/value pairs from one secret - Note: Extract does not support sourceRef.Generator or sourceRef.GeneratorRef. - properties: - conversionStrategy: - default: Default - description: Used to define a conversion Strategy - enum: - - Default - - Unicode - type: string - decodingStrategy: - default: None - description: Used to define a decoding Strategy - enum: - - Auto - - Base64 - - Base64URL - - None - type: string - key: - description: Key is the key used in the Provider, mandatory - type: string - metadataPolicy: - default: None - description: Policy for fetching tags/labels from provider secrets, possible options are Fetch, None. Defaults to None - enum: - - None - - Fetch - type: string - property: - description: Used to select a specific property of the Provider value (if a map), if supported - type: string - version: - description: Used to select a specific version of the Provider value, if supported - type: string - required: - - key - type: object - find: - description: |- - Used to find secrets based on tags or regular expressions - Note: Find does not support sourceRef.Generator or sourceRef.GeneratorRef. - properties: - conversionStrategy: - default: Default - description: Used to define a conversion Strategy - enum: - - Default - - Unicode - type: string - decodingStrategy: - default: None - description: Used to define a decoding Strategy - enum: - - Auto - - Base64 - - Base64URL - - None - type: string - name: - description: Finds secrets based on the name. - properties: - regexp: - description: Finds secrets base - type: string - type: object - path: - description: A root path to start the find operations. - type: string - tags: - additionalProperties: - type: string - description: Find secrets based on tags. - type: object - type: object - rewrite: - description: |- - Used to rewrite secret Keys after getting them from the secret Provider - Multiple Rewrite operations can be provided. They are applied in a layered order (first to last) - items: - properties: - regexp: - description: |- - Used to rewrite with regular expressions. - The resulting key will be the output of a regexp.ReplaceAll operation. - properties: - source: - description: Used to define the regular expression of a re.Compiler. - type: string - target: - description: Used to define the target pattern of a ReplaceAll operation. - type: string - required: - - source - - target - type: object - transform: - description: |- - Used to apply string transformation on the secrets. - The resulting key will be the output of the template applied by the operation. - properties: - template: - description: |- - Used to define the template to apply on the secret name. - `.value ` will specify the secret name in the template. - type: string - required: - - template - type: object - type: object - type: array - sourceRef: - description: |- - SourceRef points to a store or generator - which contains secret values ready to use. - Use this in combination with Extract or Find pull values out of - a specific SecretStore. - When sourceRef points to a generator Extract or Find is not supported. - The generator returns a static map of values - maxProperties: 1 - properties: - generatorRef: - description: GeneratorRef points to a generator custom resource. - properties: - apiVersion: - default: generators.external-secrets.io/v1alpha1 - description: Specify the apiVersion of the generator resource - type: string - kind: - description: Specify the Kind of the resource, e.g. Password, ACRAccessToken etc. - type: string - name: - description: Specify the name of the generator resource - type: string - required: - - kind - - name - type: object - storeRef: - description: SecretStoreRef defines which SecretStore to fetch the ExternalSecret data. - properties: - kind: - description: |- - Kind of the SecretStore resource (SecretStore or ClusterSecretStore) - Defaults to `SecretStore` - type: string - name: - description: Name of the SecretStore resource - type: string - required: - - name - type: object - type: object - type: object - type: array - refreshInterval: - default: 1h - description: |- - RefreshInterval is the amount of time before the values are read again from the SecretStore provider - Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h" - May be set to zero to fetch and create it once. Defaults to 1h. - type: string - secretStoreRef: - description: SecretStoreRef defines which SecretStore to fetch the ExternalSecret data. - properties: - kind: - description: |- - Kind of the SecretStore resource (SecretStore or ClusterSecretStore) - Defaults to `SecretStore` - type: string - name: - description: Name of the SecretStore resource - type: string - required: - - name - type: object - target: - default: - creationPolicy: Owner - deletionPolicy: Retain - description: |- - ExternalSecretTarget defines the Kubernetes Secret to be created - There can be only one target per ExternalSecret. - properties: - creationPolicy: - default: Owner - description: |- - CreationPolicy defines rules on how to create the resulting Secret - Defaults to 'Owner' - enum: - - Owner - - Orphan - - Merge - - None - type: string - deletionPolicy: - default: Retain - description: |- - DeletionPolicy defines rules on how to delete the resulting Secret - Defaults to 'Retain' - enum: - - Delete - - Merge - - Retain - type: string - immutable: - description: Immutable defines if the final secret will be immutable - type: boolean - name: - description: |- - Name defines the name of the Secret resource to be managed - This field is immutable - Defaults to the .metadata.name of the ExternalSecret resource - type: string - template: - description: Template defines a blueprint for the created Secret resource. - properties: - data: - additionalProperties: - type: string - type: object - engineVersion: - default: v2 - description: |- - EngineVersion specifies the template engine version - that should be used to compile/execute the - template specified in .data and .templateFrom[]. - enum: - - v1 - - v2 - type: string - mergePolicy: - default: Replace - enum: - - Replace - - Merge - type: string - metadata: - description: ExternalSecretTemplateMetadata defines metadata fields for the Secret blueprint. - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - templateFrom: - items: - properties: - configMap: - properties: - items: - items: - properties: - key: - type: string - templateAs: - default: Values - enum: - - Values - - KeysAndValues - type: string - required: - - key - type: object - type: array - name: - type: string - required: - - items - - name - type: object - literal: - type: string - secret: - properties: - items: - items: - properties: - key: - type: string - templateAs: - default: Values - enum: - - Values - - KeysAndValues - type: string - required: - - key - type: object - type: array - name: - type: string - required: - - items - - name - type: object - target: - default: Data - enum: - - Data - - Annotations - - Labels - type: string - type: object - type: array - type: - type: string - type: object - type: object - type: object - status: - properties: - binding: - description: Binding represents a servicebinding.io Provisioned Service reference to the secret - properties: - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - type: object - x-kubernetes-map-type: atomic - conditions: - items: - properties: - lastTransitionTime: - format: date-time - type: string - message: - type: string - reason: - type: string - status: - type: string - type: - type: string - required: - - status - - type - type: object - type: array - refreshTime: - description: |- - refreshTime is the time and date the external secret was fetched and - the target secret updated - format: date-time - nullable: true - type: string - syncedResourceVersion: - description: SyncedResourceVersion keeps track of the last synced version - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} -{{- if .Values.crds.conversion.enabled }} - conversion: - strategy: Webhook - webhook: - conversionReviewVersions: - - v1 - clientConfig: - service: - name: {{ include "external-secrets.fullname" . }}-webhook - namespace: {{ .Release.Namespace | quote }} - path: /convert -{{- end }} -{{- end }} diff --git a/charts/external-secrets/external-secrets/templates/crds/fake.yaml b/charts/external-secrets/external-secrets/templates/crds/fake.yaml deleted file mode 100644 index df66947..0000000 --- a/charts/external-secrets/external-secrets/templates/crds/fake.yaml +++ /dev/null @@ -1,86 +0,0 @@ -{{- if .Values.installCRDs }} -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - {{- with .Values.crds.annotations }} - {{- toYaml . | nindent 4}} - {{- end }} - {{- if and .Values.crds.conversion.enabled .Values.webhook.certManager.enabled .Values.webhook.certManager.addInjectorAnnotations }} - cert-manager.io/inject-ca-from: {{ .Release.Namespace }}/{{ include "external-secrets.fullname" . }}-webhook - {{- end }} - controller-gen.kubebuilder.io/version: v0.16.1 - labels: - external-secrets.io/component: controller - name: fakes.generators.external-secrets.io -spec: - group: generators.external-secrets.io - names: - categories: - - fake - kind: Fake - listKind: FakeList - plural: fakes - shortNames: - - fake - singular: fake - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: |- - Fake generator is used for testing. It lets you define - a static set of credentials that is always returned. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: FakeSpec contains the static data. - properties: - controller: - description: |- - Used to select the correct ESO controller (think: ingress.ingressClassName) - The ESO controller is instantiated with a specific controller name and filters VDS based on this property - type: string - data: - additionalProperties: - type: string - description: |- - Data defines the static data returned - by this generator. - type: object - type: object - type: object - served: true - storage: true - subresources: - status: {} -{{- if .Values.crds.conversion.enabled }} - conversion: - strategy: Webhook - webhook: - conversionReviewVersions: - - v1 - clientConfig: - service: - name: {{ include "external-secrets.fullname" . }}-webhook - namespace: {{ .Release.Namespace | quote }} - path: /convert -{{- end }} -{{- end }} diff --git a/charts/external-secrets/external-secrets/templates/crds/gcraccesstoken.yaml b/charts/external-secrets/external-secrets/templates/crds/gcraccesstoken.yaml deleted file mode 100644 index 5be5f4e..0000000 --- a/charts/external-secrets/external-secrets/templates/crds/gcraccesstoken.yaml +++ /dev/null @@ -1,138 +0,0 @@ -{{- if .Values.installCRDs }} -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - {{- with .Values.crds.annotations }} - {{- toYaml . | nindent 4}} - {{- end }} - {{- if and .Values.crds.conversion.enabled .Values.webhook.certManager.enabled .Values.webhook.certManager.addInjectorAnnotations }} - cert-manager.io/inject-ca-from: {{ .Release.Namespace }}/{{ include "external-secrets.fullname" . }}-webhook - {{- end }} - controller-gen.kubebuilder.io/version: v0.16.1 - labels: - external-secrets.io/component: controller - name: gcraccesstokens.generators.external-secrets.io -spec: - group: generators.external-secrets.io - names: - categories: - - gcraccesstoken - kind: GCRAccessToken - listKind: GCRAccessTokenList - plural: gcraccesstokens - shortNames: - - gcraccesstoken - singular: gcraccesstoken - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: |- - GCRAccessToken generates an GCP access token - that can be used to authenticate with GCR. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - properties: - auth: - description: Auth defines the means for authenticating with GCP - properties: - secretRef: - properties: - secretAccessKeySecretRef: - description: The SecretAccessKey is used for authentication - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - workloadIdentity: - properties: - clusterLocation: - type: string - clusterName: - type: string - clusterProjectID: - type: string - serviceAccountRef: - description: A reference to a ServiceAccount resource. - properties: - audiences: - description: |- - Audience specifies the `aud` claim for the service account token - If the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity - then this audiences will be appended to the list - items: - type: string - type: array - name: - description: The name of the ServiceAccount resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - required: - - name - type: object - required: - - clusterLocation - - clusterName - - serviceAccountRef - type: object - type: object - projectID: - description: ProjectID defines which project to use to authenticate with - type: string - required: - - auth - - projectID - type: object - type: object - served: true - storage: true - subresources: - status: {} -{{- if .Values.crds.conversion.enabled }} - conversion: - strategy: Webhook - webhook: - conversionReviewVersions: - - v1 - clientConfig: - service: - name: {{ include "external-secrets.fullname" . }}-webhook - namespace: {{ .Release.Namespace | quote }} - path: /convert -{{- end }} -{{- end }} diff --git a/charts/external-secrets/external-secrets/templates/crds/githubaccesstoken.yaml b/charts/external-secrets/external-secrets/templates/crds/githubaccesstoken.yaml deleted file mode 100644 index 87fde68..0000000 --- a/charts/external-secrets/external-secrets/templates/crds/githubaccesstoken.yaml +++ /dev/null @@ -1,112 +0,0 @@ -{{- if .Values.installCRDs }} -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - {{- with .Values.crds.annotations }} - {{- toYaml . | nindent 4}} - {{- end }} - {{- if and .Values.crds.conversion.enabled .Values.webhook.certManager.enabled .Values.webhook.certManager.addInjectorAnnotations }} - cert-manager.io/inject-ca-from: {{ .Release.Namespace }}/{{ include "external-secrets.fullname" . }}-webhook - {{- end }} - controller-gen.kubebuilder.io/version: v0.16.1 - labels: - external-secrets.io/component: controller - name: githubaccesstokens.generators.external-secrets.io -spec: - group: generators.external-secrets.io - names: - categories: - - githubaccesstoken - kind: GithubAccessToken - listKind: GithubAccessTokenList - plural: githubaccesstokens - shortNames: - - githubaccesstoken - singular: githubaccesstoken - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: GithubAccessToken generates ghs_ accessToken - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - properties: - appID: - type: string - auth: - description: Auth configures how ESO authenticates with a Github instance. - properties: - privateKey: - properties: - secretRef: - description: |- - A reference to a specific 'key' within a Secret resource, - In some instances, `key` is a required field. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - required: - - secretRef - type: object - required: - - privateKey - type: object - installID: - type: string - url: - description: URL configures the Github instance URL. Defaults to https://github.com/. - type: string - required: - - appID - - auth - - installID - type: object - type: object - served: true - storage: true - subresources: - status: {} -{{- if .Values.crds.conversion.enabled }} - conversion: - strategy: Webhook - webhook: - conversionReviewVersions: - - v1 - clientConfig: - service: - name: {{ include "external-secrets.fullname" . }}-webhook - namespace: {{ .Release.Namespace | quote }} - path: /convert -{{- end }} -{{- end }} diff --git a/charts/external-secrets/external-secrets/templates/crds/password.yaml b/charts/external-secrets/external-secrets/templates/crds/password.yaml deleted file mode 100644 index 4042bcc..0000000 --- a/charts/external-secrets/external-secrets/templates/crds/password.yaml +++ /dev/null @@ -1,108 +0,0 @@ -{{- if .Values.installCRDs }} -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - {{- with .Values.crds.annotations }} - {{- toYaml . | nindent 4}} - {{- end }} - {{- if and .Values.crds.conversion.enabled .Values.webhook.certManager.enabled .Values.webhook.certManager.addInjectorAnnotations }} - cert-manager.io/inject-ca-from: {{ .Release.Namespace }}/{{ include "external-secrets.fullname" . }}-webhook - {{- end }} - controller-gen.kubebuilder.io/version: v0.16.1 - labels: - external-secrets.io/component: controller - name: passwords.generators.external-secrets.io -spec: - group: generators.external-secrets.io - names: - categories: - - password - kind: Password - listKind: PasswordList - plural: passwords - shortNames: - - password - singular: password - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: |- - Password generates a random password based on the - configuration parameters in spec. - You can specify the length, characterset and other attributes. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: PasswordSpec controls the behavior of the password generator. - properties: - allowRepeat: - default: false - description: set AllowRepeat to true to allow repeating characters. - type: boolean - digits: - description: |- - Digits specifies the number of digits in the generated - password. If omitted it defaults to 25% of the length of the password - type: integer - length: - default: 24 - description: |- - Length of the password to be generated. - Defaults to 24 - type: integer - noUpper: - default: false - description: Set NoUpper to disable uppercase characters - type: boolean - symbolCharacters: - description: |- - SymbolCharacters specifies the special characters that should be used - in the generated password. - type: string - symbols: - description: |- - Symbols specifies the number of symbol characters in the generated - password. If omitted it defaults to 25% of the length of the password - type: integer - required: - - allowRepeat - - length - - noUpper - type: object - type: object - served: true - storage: true - subresources: - status: {} -{{- if .Values.crds.conversion.enabled }} - conversion: - strategy: Webhook - webhook: - conversionReviewVersions: - - v1 - clientConfig: - service: - name: {{ include "external-secrets.fullname" . }}-webhook - namespace: {{ .Release.Namespace | quote }} - path: /convert -{{- end }} -{{- end }} diff --git a/charts/external-secrets/external-secrets/templates/crds/pushsecret.yaml b/charts/external-secrets/external-secrets/templates/crds/pushsecret.yaml deleted file mode 100644 index 7de0c01..0000000 --- a/charts/external-secrets/external-secrets/templates/crds/pushsecret.yaml +++ /dev/null @@ -1,386 +0,0 @@ -{{- if and (.Values.installCRDs) (.Values.crds.createPushSecret) }} -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - {{- with .Values.crds.annotations }} - {{- toYaml . | nindent 4}} - {{- end }} - {{- if and .Values.crds.conversion.enabled .Values.webhook.certManager.enabled .Values.webhook.certManager.addInjectorAnnotations }} - cert-manager.io/inject-ca-from: {{ .Release.Namespace }}/{{ include "external-secrets.fullname" . }}-webhook - {{- end }} - controller-gen.kubebuilder.io/version: v0.16.1 - name: pushsecrets.external-secrets.io -spec: - group: external-secrets.io - names: - categories: - - pushsecrets - kind: PushSecret - listKind: PushSecretList - plural: pushsecrets - singular: pushsecret - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: AGE - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].reason - name: Status - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: PushSecretSpec configures the behavior of the PushSecret. - properties: - data: - description: Secret Data that should be pushed to providers - items: - properties: - conversionStrategy: - default: None - description: Used to define a conversion Strategy for the secret keys - enum: - - None - - ReverseUnicode - type: string - match: - description: Match a given Secret Key to be pushed to the provider. - properties: - remoteRef: - description: Remote Refs to push to providers. - properties: - property: - description: Name of the property in the resulting secret - type: string - remoteKey: - description: Name of the resulting provider secret. - type: string - required: - - remoteKey - type: object - secretKey: - description: Secret Key to be pushed - type: string - required: - - remoteRef - type: object - metadata: - description: |- - Metadata is metadata attached to the secret. - The structure of metadata is provider specific, please look it up in the provider documentation. - x-kubernetes-preserve-unknown-fields: true - required: - - match - type: object - type: array - deletionPolicy: - default: None - description: 'Deletion Policy to handle Secrets in the provider. Possible Values: "Delete/None". Defaults to "None".' - enum: - - Delete - - None - type: string - refreshInterval: - description: The Interval to which External Secrets will try to push a secret definition - type: string - secretStoreRefs: - items: - properties: - kind: - default: SecretStore - description: |- - Kind of the SecretStore resource (SecretStore or ClusterSecretStore) - Defaults to `SecretStore` - type: string - labelSelector: - description: Optionally, sync to secret stores with label selector - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - name: - description: Optionally, sync to the SecretStore of the given name - type: string - type: object - type: array - selector: - description: The Secret Selector (k8s source) for the Push Secret - properties: - secret: - description: Select a Secret to Push. - properties: - name: - description: Name of the Secret. The Secret must exist in the same namespace as the PushSecret manifest. - type: string - required: - - name - type: object - required: - - secret - type: object - template: - description: Template defines a blueprint for the created Secret resource. - properties: - data: - additionalProperties: - type: string - type: object - engineVersion: - default: v2 - description: |- - EngineVersion specifies the template engine version - that should be used to compile/execute the - template specified in .data and .templateFrom[]. - enum: - - v1 - - v2 - type: string - mergePolicy: - default: Replace - enum: - - Replace - - Merge - type: string - metadata: - description: ExternalSecretTemplateMetadata defines metadata fields for the Secret blueprint. - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - templateFrom: - items: - properties: - configMap: - properties: - items: - items: - properties: - key: - type: string - templateAs: - default: Values - enum: - - Values - - KeysAndValues - type: string - required: - - key - type: object - type: array - name: - type: string - required: - - items - - name - type: object - literal: - type: string - secret: - properties: - items: - items: - properties: - key: - type: string - templateAs: - default: Values - enum: - - Values - - KeysAndValues - type: string - required: - - key - type: object - type: array - name: - type: string - required: - - items - - name - type: object - target: - default: Data - enum: - - Data - - Annotations - - Labels - type: string - type: object - type: array - type: - type: string - type: object - updatePolicy: - default: Replace - description: 'UpdatePolicy to handle Secrets in the provider. Possible Values: "Replace/IfNotExists". Defaults to "Replace".' - enum: - - Replace - - IfNotExists - type: string - required: - - secretStoreRefs - - selector - type: object - status: - description: PushSecretStatus indicates the history of the status of PushSecret. - properties: - conditions: - items: - description: PushSecretStatusCondition indicates the status of the PushSecret. - properties: - lastTransitionTime: - format: date-time - type: string - message: - type: string - reason: - type: string - status: - type: string - type: - description: PushSecretConditionType indicates the condition of the PushSecret. - type: string - required: - - status - - type - type: object - type: array - refreshTime: - description: |- - refreshTime is the time and date the external secret was fetched and - the target secret updated - format: date-time - nullable: true - type: string - syncedPushSecrets: - additionalProperties: - additionalProperties: - properties: - conversionStrategy: - default: None - description: Used to define a conversion Strategy for the secret keys - enum: - - None - - ReverseUnicode - type: string - match: - description: Match a given Secret Key to be pushed to the provider. - properties: - remoteRef: - description: Remote Refs to push to providers. - properties: - property: - description: Name of the property in the resulting secret - type: string - remoteKey: - description: Name of the resulting provider secret. - type: string - required: - - remoteKey - type: object - secretKey: - description: Secret Key to be pushed - type: string - required: - - remoteRef - type: object - metadata: - description: |- - Metadata is metadata attached to the secret. - The structure of metadata is provider specific, please look it up in the provider documentation. - x-kubernetes-preserve-unknown-fields: true - required: - - match - type: object - type: object - description: |- - Synced PushSecrets, including secrets that already exist in provider. - Matches secret stores to PushSecretData that was stored to that secret store. - type: object - syncedResourceVersion: - description: SyncedResourceVersion keeps track of the last synced version. - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} -{{- if .Values.crds.conversion.enabled }} - conversion: - strategy: Webhook - webhook: - conversionReviewVersions: - - v1 - clientConfig: - service: - name: {{ include "external-secrets.fullname" . }}-webhook - namespace: {{ .Release.Namespace | quote }} - path: /convert -{{- end }} -{{- end }} diff --git a/charts/external-secrets/external-secrets/templates/crds/secretstore.yaml b/charts/external-secrets/external-secrets/templates/crds/secretstore.yaml deleted file mode 100644 index 6b2fe85..0000000 --- a/charts/external-secrets/external-secrets/templates/crds/secretstore.yaml +++ /dev/null @@ -1,4601 +0,0 @@ -{{- if .Values.installCRDs }} -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - {{- with .Values.crds.annotations }} - {{- toYaml . | nindent 4}} - {{- end }} - {{- if and .Values.crds.conversion.enabled .Values.webhook.certManager.enabled .Values.webhook.certManager.addInjectorAnnotations }} - cert-manager.io/inject-ca-from: {{ .Release.Namespace }}/{{ include "external-secrets.fullname" . }}-webhook - {{- end }} - controller-gen.kubebuilder.io/version: v0.16.1 - labels: - external-secrets.io/component: controller - name: secretstores.external-secrets.io -spec: - group: external-secrets.io - names: - categories: - - externalsecrets - kind: SecretStore - listKind: SecretStoreList - plural: secretstores - shortNames: - - ss - singular: secretstore - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: AGE - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].reason - name: Status - type: string - deprecated: true - name: v1alpha1 - schema: - openAPIV3Schema: - description: SecretStore represents a secure external location for storing secrets, which can be referenced as part of `storeRef` fields. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: SecretStoreSpec defines the desired state of SecretStore. - properties: - controller: - description: |- - Used to select the correct ESO controller (think: ingress.ingressClassName) - The ESO controller is instantiated with a specific controller name and filters ES based on this property - type: string - provider: - description: Used to configure the provider. Only one provider may be set - maxProperties: 1 - minProperties: 1 - properties: - akeyless: - description: Akeyless configures this store to sync secrets using Akeyless Vault provider - properties: - akeylessGWApiURL: - description: Akeyless GW API Url from which the secrets to be fetched from. - type: string - authSecretRef: - description: Auth configures how the operator authenticates with Akeyless. - properties: - kubernetesAuth: - description: |- - Kubernetes authenticates with Akeyless by passing the ServiceAccount - token stored in the named Secret resource. - properties: - accessID: - description: the Akeyless Kubernetes auth-method access-id - type: string - k8sConfName: - description: Kubernetes-auth configuration name in Akeyless-Gateway - type: string - secretRef: - description: |- - Optional secret field containing a Kubernetes ServiceAccount JWT used - for authenticating with Akeyless. If a name is specified without a key, - `token` is the default. If one is not specified, the one bound to - the controller will be used. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - serviceAccountRef: - description: |- - Optional service account field containing the name of a kubernetes ServiceAccount. - If the service account is specified, the service account secret token JWT will be used - for authenticating with Akeyless. If the service account selector is not supplied, - the secretRef will be used instead. - properties: - audiences: - description: |- - Audience specifies the `aud` claim for the service account token - If the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity - then this audiences will be appended to the list - items: - type: string - type: array - name: - description: The name of the ServiceAccount resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - required: - - name - type: object - required: - - accessID - - k8sConfName - type: object - secretRef: - description: |- - Reference to a Secret that contains the details - to authenticate with Akeyless. - properties: - accessID: - description: The SecretAccessID is used for authentication - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - accessType: - description: |- - A reference to a specific 'key' within a Secret resource, - In some instances, `key` is a required field. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - accessTypeParam: - description: |- - A reference to a specific 'key' within a Secret resource, - In some instances, `key` is a required field. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - type: object - caBundle: - description: |- - PEM/base64 encoded CA bundle used to validate Akeyless Gateway certificate. Only used - if the AkeylessGWApiURL URL is using HTTPS protocol. If not set the system root certificates - are used to validate the TLS connection. - format: byte - type: string - caProvider: - description: The provider for the CA bundle to use to validate Akeyless Gateway certificate. - properties: - key: - description: The key the value inside of the provider type to use, only used with "Secret" type - type: string - name: - description: The name of the object located at the provider type. - type: string - namespace: - description: The namespace the Provider type is in. - type: string - type: - description: The type of provider to use such as "Secret", or "ConfigMap". - enum: - - Secret - - ConfigMap - type: string - required: - - name - - type - type: object - required: - - akeylessGWApiURL - - authSecretRef - type: object - alibaba: - description: Alibaba configures this store to sync secrets using Alibaba Cloud provider - properties: - auth: - description: AlibabaAuth contains a secretRef for credentials. - properties: - rrsa: - description: Authenticate against Alibaba using RRSA. - properties: - oidcProviderArn: - type: string - oidcTokenFilePath: - type: string - roleArn: - type: string - sessionName: - type: string - required: - - oidcProviderArn - - oidcTokenFilePath - - roleArn - - sessionName - type: object - secretRef: - description: AlibabaAuthSecretRef holds secret references for Alibaba credentials. - properties: - accessKeyIDSecretRef: - description: The AccessKeyID is used for authentication - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - accessKeySecretSecretRef: - description: The AccessKeySecret is used for authentication - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - required: - - accessKeyIDSecretRef - - accessKeySecretSecretRef - type: object - type: object - regionID: - description: Alibaba Region to be used for the provider - type: string - required: - - auth - - regionID - type: object - aws: - description: AWS configures this store to sync secrets using AWS Secret Manager provider - properties: - auth: - description: |- - Auth defines the information necessary to authenticate against AWS - if not set aws sdk will infer credentials from your environment - see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials - properties: - jwt: - description: Authenticate against AWS using service account tokens. - properties: - serviceAccountRef: - description: A reference to a ServiceAccount resource. - properties: - audiences: - description: |- - Audience specifies the `aud` claim for the service account token - If the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity - then this audiences will be appended to the list - items: - type: string - type: array - name: - description: The name of the ServiceAccount resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - required: - - name - type: object - type: object - secretRef: - description: |- - AWSAuthSecretRef holds secret references for AWS credentials - both AccessKeyID and SecretAccessKey must be defined in order to properly authenticate. - properties: - accessKeyIDSecretRef: - description: The AccessKeyID is used for authentication - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - secretAccessKeySecretRef: - description: The SecretAccessKey is used for authentication - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - type: object - region: - description: AWS Region to be used for the provider - type: string - role: - description: Role is a Role ARN which the SecretManager provider will assume - type: string - service: - description: Service defines which service should be used to fetch the secrets - enum: - - SecretsManager - - ParameterStore - type: string - required: - - region - - service - type: object - azurekv: - description: AzureKV configures this store to sync secrets using Azure Key Vault provider - properties: - authSecretRef: - description: Auth configures how the operator authenticates with Azure. Required for ServicePrincipal auth type. - properties: - clientId: - description: The Azure clientId of the service principle used for authentication. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - clientSecret: - description: The Azure ClientSecret of the service principle used for authentication. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - authType: - default: ServicePrincipal - description: |- - Auth type defines how to authenticate to the keyvault service. - Valid values are: - - "ServicePrincipal" (default): Using a service principal (tenantId, clientId, clientSecret) - - "ManagedIdentity": Using Managed Identity assigned to the pod (see aad-pod-identity) - enum: - - ServicePrincipal - - ManagedIdentity - - WorkloadIdentity - type: string - identityId: - description: If multiple Managed Identity is assigned to the pod, you can select the one to be used - type: string - serviceAccountRef: - description: |- - ServiceAccountRef specified the service account - that should be used when authenticating with WorkloadIdentity. - properties: - audiences: - description: |- - Audience specifies the `aud` claim for the service account token - If the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity - then this audiences will be appended to the list - items: - type: string - type: array - name: - description: The name of the ServiceAccount resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - required: - - name - type: object - tenantId: - description: TenantID configures the Azure Tenant to send requests to. Required for ServicePrincipal auth type. - type: string - vaultUrl: - description: Vault Url from which the secrets to be fetched from. - type: string - required: - - vaultUrl - type: object - fake: - description: Fake configures a store with static key/value pairs - properties: - data: - items: - properties: - key: - type: string - value: - type: string - valueMap: - additionalProperties: - type: string - type: object - version: - type: string - required: - - key - type: object - type: array - required: - - data - type: object - gcpsm: - description: GCPSM configures this store to sync secrets using Google Cloud Platform Secret Manager provider - properties: - auth: - description: Auth defines the information necessary to authenticate against GCP - properties: - secretRef: - properties: - secretAccessKeySecretRef: - description: The SecretAccessKey is used for authentication - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - workloadIdentity: - properties: - clusterLocation: - type: string - clusterName: - type: string - clusterProjectID: - type: string - serviceAccountRef: - description: A reference to a ServiceAccount resource. - properties: - audiences: - description: |- - Audience specifies the `aud` claim for the service account token - If the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity - then this audiences will be appended to the list - items: - type: string - type: array - name: - description: The name of the ServiceAccount resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - required: - - name - type: object - required: - - clusterLocation - - clusterName - - serviceAccountRef - type: object - type: object - projectID: - description: ProjectID project where secret is located - type: string - type: object - gitlab: - description: GitLab configures this store to sync secrets using GitLab Variables provider - properties: - auth: - description: Auth configures how secret-manager authenticates with a GitLab instance. - properties: - SecretRef: - properties: - accessToken: - description: AccessToken is used for authentication. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - required: - - SecretRef - type: object - projectID: - description: ProjectID specifies a project where secrets are located. - type: string - url: - description: URL configures the GitLab instance URL. Defaults to https://gitlab.com/. - type: string - required: - - auth - type: object - ibm: - description: IBM configures this store to sync secrets using IBM Cloud provider - properties: - auth: - description: Auth configures how secret-manager authenticates with the IBM secrets manager. - properties: - secretRef: - properties: - secretApiKeySecretRef: - description: The SecretAccessKey is used for authentication - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - required: - - secretRef - type: object - serviceUrl: - description: ServiceURL is the Endpoint URL that is specific to the Secrets Manager service instance - type: string - required: - - auth - type: object - kubernetes: - description: Kubernetes configures this store to sync secrets using a Kubernetes cluster provider - properties: - auth: - description: Auth configures how secret-manager authenticates with a Kubernetes instance. - maxProperties: 1 - minProperties: 1 - properties: - cert: - description: has both clientCert and clientKey as secretKeySelector - properties: - clientCert: - description: |- - A reference to a specific 'key' within a Secret resource, - In some instances, `key` is a required field. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - clientKey: - description: |- - A reference to a specific 'key' within a Secret resource, - In some instances, `key` is a required field. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - serviceAccount: - description: points to a service account that should be used for authentication - properties: - serviceAccount: - description: A reference to a ServiceAccount resource. - properties: - audiences: - description: |- - Audience specifies the `aud` claim for the service account token - If the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity - then this audiences will be appended to the list - items: - type: string - type: array - name: - description: The name of the ServiceAccount resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - required: - - name - type: object - type: object - token: - description: use static token to authenticate with - properties: - bearerToken: - description: |- - A reference to a specific 'key' within a Secret resource, - In some instances, `key` is a required field. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - type: object - remoteNamespace: - default: default - description: Remote namespace to fetch the secrets from - type: string - server: - description: configures the Kubernetes server Address. - properties: - caBundle: - description: CABundle is a base64-encoded CA certificate - format: byte - type: string - caProvider: - description: 'see: https://external-secrets.io/v0.4.1/spec/#external-secrets.io/v1alpha1.CAProvider' - properties: - key: - description: The key the value inside of the provider type to use, only used with "Secret" type - type: string - name: - description: The name of the object located at the provider type. - type: string - namespace: - description: The namespace the Provider type is in. - type: string - type: - description: The type of provider to use such as "Secret", or "ConfigMap". - enum: - - Secret - - ConfigMap - type: string - required: - - name - - type - type: object - url: - default: kubernetes.default - description: configures the Kubernetes server Address. - type: string - type: object - required: - - auth - type: object - oracle: - description: Oracle configures this store to sync secrets using Oracle Vault provider - properties: - auth: - description: |- - Auth configures how secret-manager authenticates with the Oracle Vault. - If empty, instance principal is used. Optionally, the authenticating principal type - and/or user data may be supplied for the use of workload identity and user principal. - properties: - secretRef: - description: SecretRef to pass through sensitive information. - properties: - fingerprint: - description: Fingerprint is the fingerprint of the API private key. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - privatekey: - description: PrivateKey is the user's API Signing Key in PEM format, used for authentication. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - required: - - fingerprint - - privatekey - type: object - tenancy: - description: Tenancy is the tenancy OCID where user is located. - type: string - user: - description: User is an access OCID specific to the account. - type: string - required: - - secretRef - - tenancy - - user - type: object - compartment: - description: |- - Compartment is the vault compartment OCID. - Required for PushSecret - type: string - encryptionKey: - description: |- - EncryptionKey is the OCID of the encryption key within the vault. - Required for PushSecret - type: string - principalType: - description: |- - The type of principal to use for authentication. If left blank, the Auth struct will - determine the principal type. This optional field must be specified if using - workload identity. - enum: - - "" - - UserPrincipal - - InstancePrincipal - - Workload - type: string - region: - description: Region is the region where vault is located. - type: string - serviceAccountRef: - description: |- - ServiceAccountRef specified the service account - that should be used when authenticating with WorkloadIdentity. - properties: - audiences: - description: |- - Audience specifies the `aud` claim for the service account token - If the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity - then this audiences will be appended to the list - items: - type: string - type: array - name: - description: The name of the ServiceAccount resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - required: - - name - type: object - vault: - description: Vault is the vault's OCID of the specific vault where secret is located. - type: string - required: - - region - - vault - type: object - passworddepot: - description: Configures a store to sync secrets with a Password Depot instance. - properties: - auth: - description: Auth configures how secret-manager authenticates with a Password Depot instance. - properties: - secretRef: - properties: - credentials: - description: Username / Password is used for authentication. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - required: - - secretRef - type: object - database: - description: Database to use as source - type: string - host: - description: URL configures the Password Depot instance URL. - type: string - required: - - auth - - database - - host - type: object - vault: - description: Vault configures this store to sync secrets using Hashi provider - properties: - auth: - description: Auth configures how secret-manager authenticates with the Vault server. - properties: - appRole: - description: |- - AppRole authenticates with Vault using the App Role auth mechanism, - with the role and secret stored in a Kubernetes Secret resource. - properties: - path: - default: approle - description: |- - Path where the App Role authentication backend is mounted - in Vault, e.g: "approle" - type: string - roleId: - description: |- - RoleID configured in the App Role authentication backend when setting - up the authentication backend in Vault. - type: string - secretRef: - description: |- - Reference to a key in a Secret that contains the App Role secret used - to authenticate with Vault. - The `key` field must be specified and denotes which entry within the Secret - resource is used as the app role secret. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - required: - - path - - roleId - - secretRef - type: object - cert: - description: |- - Cert authenticates with TLS Certificates by passing client certificate, private key and ca certificate - Cert authentication method - properties: - clientCert: - description: |- - ClientCert is a certificate to authenticate using the Cert Vault - authentication method - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - secretRef: - description: |- - SecretRef to a key in a Secret resource containing client private key to - authenticate with Vault using the Cert authentication method - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - jwt: - description: |- - Jwt authenticates with Vault by passing role and JWT token using the - JWT/OIDC authentication method - properties: - kubernetesServiceAccountToken: - description: |- - Optional ServiceAccountToken specifies the Kubernetes service account for which to request - a token for with the `TokenRequest` API. - properties: - audiences: - description: |- - Optional audiences field that will be used to request a temporary Kubernetes service - account token for the service account referenced by `serviceAccountRef`. - Defaults to a single audience `vault` it not specified. - items: - type: string - type: array - expirationSeconds: - description: |- - Optional expiration time in seconds that will be used to request a temporary - Kubernetes service account token for the service account referenced by - `serviceAccountRef`. - Defaults to 10 minutes. - format: int64 - type: integer - serviceAccountRef: - description: Service account field containing the name of a kubernetes ServiceAccount. - properties: - audiences: - description: |- - Audience specifies the `aud` claim for the service account token - If the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity - then this audiences will be appended to the list - items: - type: string - type: array - name: - description: The name of the ServiceAccount resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - required: - - name - type: object - required: - - serviceAccountRef - type: object - path: - default: jwt - description: |- - Path where the JWT authentication backend is mounted - in Vault, e.g: "jwt" - type: string - role: - description: |- - Role is a JWT role to authenticate using the JWT/OIDC Vault - authentication method - type: string - secretRef: - description: |- - Optional SecretRef that refers to a key in a Secret resource containing JWT token to - authenticate with Vault using the JWT/OIDC authentication method. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - required: - - path - type: object - kubernetes: - description: |- - Kubernetes authenticates with Vault by passing the ServiceAccount - token stored in the named Secret resource to the Vault server. - properties: - mountPath: - default: kubernetes - description: |- - Path where the Kubernetes authentication backend is mounted in Vault, e.g: - "kubernetes" - type: string - role: - description: |- - A required field containing the Vault Role to assume. A Role binds a - Kubernetes ServiceAccount with a set of Vault policies. - type: string - secretRef: - description: |- - Optional secret field containing a Kubernetes ServiceAccount JWT used - for authenticating with Vault. If a name is specified without a key, - `token` is the default. If one is not specified, the one bound to - the controller will be used. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - serviceAccountRef: - description: |- - Optional service account field containing the name of a kubernetes ServiceAccount. - If the service account is specified, the service account secret token JWT will be used - for authenticating with Vault. If the service account selector is not supplied, - the secretRef will be used instead. - properties: - audiences: - description: |- - Audience specifies the `aud` claim for the service account token - If the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity - then this audiences will be appended to the list - items: - type: string - type: array - name: - description: The name of the ServiceAccount resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - required: - - name - type: object - required: - - mountPath - - role - type: object - ldap: - description: |- - Ldap authenticates with Vault by passing username/password pair using - the LDAP authentication method - properties: - path: - default: ldap - description: |- - Path where the LDAP authentication backend is mounted - in Vault, e.g: "ldap" - type: string - secretRef: - description: |- - SecretRef to a key in a Secret resource containing password for the LDAP - user used to authenticate with Vault using the LDAP authentication - method - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - username: - description: |- - Username is a LDAP user name used to authenticate using the LDAP Vault - authentication method - type: string - required: - - path - - username - type: object - tokenSecretRef: - description: TokenSecretRef authenticates with Vault by presenting a token. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - caBundle: - description: |- - PEM encoded CA bundle used to validate Vault server certificate. Only used - if the Server URL is using HTTPS protocol. This parameter is ignored for - plain HTTP protocol connection. If not set the system root certificates - are used to validate the TLS connection. - format: byte - type: string - caProvider: - description: The provider for the CA bundle to use to validate Vault server certificate. - properties: - key: - description: The key the value inside of the provider type to use, only used with "Secret" type - type: string - name: - description: The name of the object located at the provider type. - type: string - namespace: - description: The namespace the Provider type is in. - type: string - type: - description: The type of provider to use such as "Secret", or "ConfigMap". - enum: - - Secret - - ConfigMap - type: string - required: - - name - - type - type: object - forwardInconsistent: - description: |- - ForwardInconsistent tells Vault to forward read-after-write requests to the Vault - leader instead of simply retrying within a loop. This can increase performance if - the option is enabled serverside. - https://www.vaultproject.io/docs/configuration/replication#allow_forwarding_via_header - type: boolean - namespace: - description: |- - Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows - Vault environments to support Secure Multi-tenancy. e.g: "ns1". - More about namespaces can be found here https://www.vaultproject.io/docs/enterprise/namespaces - type: string - path: - description: |- - Path is the mount path of the Vault KV backend endpoint, e.g: - "secret". The v2 KV secret engine version specific "/data" path suffix - for fetching secrets from Vault is optional and will be appended - if not present in specified path. - type: string - readYourWrites: - description: |- - ReadYourWrites ensures isolated read-after-write semantics by - providing discovered cluster replication states in each request. - More information about eventual consistency in Vault can be found here - https://www.vaultproject.io/docs/enterprise/consistency - type: boolean - server: - description: 'Server is the connection address for the Vault server, e.g: "https://vault.example.com:8200".' - type: string - version: - default: v2 - description: |- - Version is the Vault KV secret engine version. This can be either "v1" or - "v2". Version defaults to "v2". - enum: - - v1 - - v2 - type: string - required: - - auth - - server - type: object - webhook: - description: Webhook configures this store to sync secrets using a generic templated webhook - properties: - body: - description: Body - type: string - caBundle: - description: |- - PEM encoded CA bundle used to validate webhook server certificate. Only used - if the Server URL is using HTTPS protocol. This parameter is ignored for - plain HTTP protocol connection. If not set the system root certificates - are used to validate the TLS connection. - format: byte - type: string - caProvider: - description: The provider for the CA bundle to use to validate webhook server certificate. - properties: - key: - description: The key the value inside of the provider type to use, only used with "Secret" type - type: string - name: - description: The name of the object located at the provider type. - type: string - namespace: - description: The namespace the Provider type is in. - type: string - type: - description: The type of provider to use such as "Secret", or "ConfigMap". - enum: - - Secret - - ConfigMap - type: string - required: - - name - - type - type: object - headers: - additionalProperties: - type: string - description: Headers - type: object - method: - description: Webhook Method - type: string - result: - description: Result formatting - properties: - jsonPath: - description: Json path of return value - type: string - type: object - secrets: - description: |- - Secrets to fill in templates - These secrets will be passed to the templating function as key value pairs under the given name - items: - properties: - name: - description: Name of this secret in templates - type: string - secretRef: - description: Secret ref to fill in credentials - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - required: - - name - - secretRef - type: object - type: array - timeout: - description: Timeout - type: string - url: - description: Webhook url to call - type: string - required: - - result - - url - type: object - yandexlockbox: - description: YandexLockbox configures this store to sync secrets using Yandex Lockbox provider - properties: - apiEndpoint: - description: Yandex.Cloud API endpoint (e.g. 'api.cloud.yandex.net:443') - type: string - auth: - description: Auth defines the information necessary to authenticate against Yandex Lockbox - properties: - authorizedKeySecretRef: - description: The authorized key used for authentication - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - caProvider: - description: The provider for the CA bundle to use to validate Yandex.Cloud server certificate. - properties: - certSecretRef: - description: |- - A reference to a specific 'key' within a Secret resource, - In some instances, `key` is a required field. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - required: - - auth - type: object - type: object - retrySettings: - description: Used to configure http retries if failed - properties: - maxRetries: - format: int32 - type: integer - retryInterval: - type: string - type: object - required: - - provider - type: object - status: - description: SecretStoreStatus defines the observed state of the SecretStore. - properties: - conditions: - items: - properties: - lastTransitionTime: - format: date-time - type: string - message: - type: string - reason: - type: string - status: - type: string - type: - type: string - required: - - status - - type - type: object - type: array - type: object - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: AGE - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].reason - name: Status - type: string - - jsonPath: .status.capabilities - name: Capabilities - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - name: v1beta1 - schema: - openAPIV3Schema: - description: SecretStore represents a secure external location for storing secrets, which can be referenced as part of `storeRef` fields. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: SecretStoreSpec defines the desired state of SecretStore. - properties: - conditions: - description: Used to constraint a ClusterSecretStore to specific namespaces. Relevant only to ClusterSecretStore - items: - description: |- - ClusterSecretStoreCondition describes a condition by which to choose namespaces to process ExternalSecrets in - for a ClusterSecretStore instance. - properties: - namespaceRegexes: - description: Choose namespaces by using regex matching - items: - type: string - type: array - namespaceSelector: - description: Choose namespace using a labelSelector - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - namespaces: - description: Choose namespaces by name - items: - type: string - type: array - type: object - type: array - controller: - description: |- - Used to select the correct ESO controller (think: ingress.ingressClassName) - The ESO controller is instantiated with a specific controller name and filters ES based on this property - type: string - provider: - description: Used to configure the provider. Only one provider may be set - maxProperties: 1 - minProperties: 1 - properties: - akeyless: - description: Akeyless configures this store to sync secrets using Akeyless Vault provider - properties: - akeylessGWApiURL: - description: Akeyless GW API Url from which the secrets to be fetched from. - type: string - authSecretRef: - description: Auth configures how the operator authenticates with Akeyless. - properties: - kubernetesAuth: - description: |- - Kubernetes authenticates with Akeyless by passing the ServiceAccount - token stored in the named Secret resource. - properties: - accessID: - description: the Akeyless Kubernetes auth-method access-id - type: string - k8sConfName: - description: Kubernetes-auth configuration name in Akeyless-Gateway - type: string - secretRef: - description: |- - Optional secret field containing a Kubernetes ServiceAccount JWT used - for authenticating with Akeyless. If a name is specified without a key, - `token` is the default. If one is not specified, the one bound to - the controller will be used. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - serviceAccountRef: - description: |- - Optional service account field containing the name of a kubernetes ServiceAccount. - If the service account is specified, the service account secret token JWT will be used - for authenticating with Akeyless. If the service account selector is not supplied, - the secretRef will be used instead. - properties: - audiences: - description: |- - Audience specifies the `aud` claim for the service account token - If the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity - then this audiences will be appended to the list - items: - type: string - type: array - name: - description: The name of the ServiceAccount resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - required: - - name - type: object - required: - - accessID - - k8sConfName - type: object - secretRef: - description: |- - Reference to a Secret that contains the details - to authenticate with Akeyless. - properties: - accessID: - description: The SecretAccessID is used for authentication - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - accessType: - description: |- - A reference to a specific 'key' within a Secret resource, - In some instances, `key` is a required field. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - accessTypeParam: - description: |- - A reference to a specific 'key' within a Secret resource, - In some instances, `key` is a required field. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - type: object - caBundle: - description: |- - PEM/base64 encoded CA bundle used to validate Akeyless Gateway certificate. Only used - if the AkeylessGWApiURL URL is using HTTPS protocol. If not set the system root certificates - are used to validate the TLS connection. - format: byte - type: string - caProvider: - description: The provider for the CA bundle to use to validate Akeyless Gateway certificate. - properties: - key: - description: The key where the CA certificate can be found in the Secret or ConfigMap. - type: string - name: - description: The name of the object located at the provider type. - type: string - namespace: - description: |- - The namespace the Provider type is in. - Can only be defined when used in a ClusterSecretStore. - type: string - type: - description: The type of provider to use such as "Secret", or "ConfigMap". - enum: - - Secret - - ConfigMap - type: string - required: - - name - - type - type: object - required: - - akeylessGWApiURL - - authSecretRef - type: object - alibaba: - description: Alibaba configures this store to sync secrets using Alibaba Cloud provider - properties: - auth: - description: AlibabaAuth contains a secretRef for credentials. - properties: - rrsa: - description: Authenticate against Alibaba using RRSA. - properties: - oidcProviderArn: - type: string - oidcTokenFilePath: - type: string - roleArn: - type: string - sessionName: - type: string - required: - - oidcProviderArn - - oidcTokenFilePath - - roleArn - - sessionName - type: object - secretRef: - description: AlibabaAuthSecretRef holds secret references for Alibaba credentials. - properties: - accessKeyIDSecretRef: - description: The AccessKeyID is used for authentication - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - accessKeySecretSecretRef: - description: The AccessKeySecret is used for authentication - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - required: - - accessKeyIDSecretRef - - accessKeySecretSecretRef - type: object - type: object - regionID: - description: Alibaba Region to be used for the provider - type: string - required: - - auth - - regionID - type: object - aws: - description: AWS configures this store to sync secrets using AWS Secret Manager provider - properties: - additionalRoles: - description: AdditionalRoles is a chained list of Role ARNs which the provider will sequentially assume before assuming the Role - items: - type: string - type: array - auth: - description: |- - Auth defines the information necessary to authenticate against AWS - if not set aws sdk will infer credentials from your environment - see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials - properties: - jwt: - description: Authenticate against AWS using service account tokens. - properties: - serviceAccountRef: - description: A reference to a ServiceAccount resource. - properties: - audiences: - description: |- - Audience specifies the `aud` claim for the service account token - If the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity - then this audiences will be appended to the list - items: - type: string - type: array - name: - description: The name of the ServiceAccount resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - required: - - name - type: object - type: object - secretRef: - description: |- - AWSAuthSecretRef holds secret references for AWS credentials - both AccessKeyID and SecretAccessKey must be defined in order to properly authenticate. - properties: - accessKeyIDSecretRef: - description: The AccessKeyID is used for authentication - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - secretAccessKeySecretRef: - description: The SecretAccessKey is used for authentication - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - sessionTokenSecretRef: - description: |- - The SessionToken used for authentication - This must be defined if AccessKeyID and SecretAccessKey are temporary credentials - see: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_use-resources.html - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - type: object - externalID: - description: AWS External ID set on assumed IAM roles - type: string - prefix: - description: Prefix adds a prefix to all retrieved values. - type: string - region: - description: AWS Region to be used for the provider - type: string - role: - description: Role is a Role ARN which the provider will assume - type: string - secretsManager: - description: SecretsManager defines how the provider behaves when interacting with AWS SecretsManager - properties: - forceDeleteWithoutRecovery: - description: |- - Specifies whether to delete the secret without any recovery window. You - can't use both this parameter and RecoveryWindowInDays in the same call. - If you don't use either, then by default Secrets Manager uses a 30 day - recovery window. - see: https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_DeleteSecret.html#SecretsManager-DeleteSecret-request-ForceDeleteWithoutRecovery - type: boolean - recoveryWindowInDays: - description: |- - The number of days from 7 to 30 that Secrets Manager waits before - permanently deleting the secret. You can't use both this parameter and - ForceDeleteWithoutRecovery in the same call. If you don't use either, - then by default Secrets Manager uses a 30 day recovery window. - see: https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_DeleteSecret.html#SecretsManager-DeleteSecret-request-RecoveryWindowInDays - format: int64 - type: integer - type: object - service: - description: Service defines which service should be used to fetch the secrets - enum: - - SecretsManager - - ParameterStore - type: string - sessionTags: - description: AWS STS assume role session tags - items: - properties: - key: - type: string - value: - type: string - required: - - key - - value - type: object - type: array - transitiveTagKeys: - description: AWS STS assume role transitive session tags. Required when multiple rules are used with the provider - items: - type: string - type: array - required: - - region - - service - type: object - azurekv: - description: AzureKV configures this store to sync secrets using Azure Key Vault provider - properties: - authSecretRef: - description: Auth configures how the operator authenticates with Azure. Required for ServicePrincipal auth type. Optional for WorkloadIdentity. - properties: - clientCertificate: - description: The Azure ClientCertificate of the service principle used for authentication. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - clientId: - description: The Azure clientId of the service principle or managed identity used for authentication. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - clientSecret: - description: The Azure ClientSecret of the service principle used for authentication. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - tenantId: - description: The Azure tenantId of the managed identity used for authentication. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - authType: - default: ServicePrincipal - description: |- - Auth type defines how to authenticate to the keyvault service. - Valid values are: - - "ServicePrincipal" (default): Using a service principal (tenantId, clientId, clientSecret) - - "ManagedIdentity": Using Managed Identity assigned to the pod (see aad-pod-identity) - enum: - - ServicePrincipal - - ManagedIdentity - - WorkloadIdentity - type: string - environmentType: - default: PublicCloud - description: |- - EnvironmentType specifies the Azure cloud environment endpoints to use for - connecting and authenticating with Azure. By default it points to the public cloud AAD endpoint. - The following endpoints are available, also see here: https://github.com/Azure/go-autorest/blob/main/autorest/azure/environments.go#L152 - PublicCloud, USGovernmentCloud, ChinaCloud, GermanCloud - enum: - - PublicCloud - - USGovernmentCloud - - ChinaCloud - - GermanCloud - type: string - identityId: - description: If multiple Managed Identity is assigned to the pod, you can select the one to be used - type: string - serviceAccountRef: - description: |- - ServiceAccountRef specified the service account - that should be used when authenticating with WorkloadIdentity. - properties: - audiences: - description: |- - Audience specifies the `aud` claim for the service account token - If the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity - then this audiences will be appended to the list - items: - type: string - type: array - name: - description: The name of the ServiceAccount resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - required: - - name - type: object - tenantId: - description: TenantID configures the Azure Tenant to send requests to. Required for ServicePrincipal auth type. Optional for WorkloadIdentity. - type: string - vaultUrl: - description: Vault Url from which the secrets to be fetched from. - type: string - required: - - vaultUrl - type: object - beyondtrust: - description: Beyondtrust configures this store to sync secrets using Password Safe provider. - properties: - auth: - description: Auth configures how the operator authenticates with Beyondtrust. - properties: - certificate: - description: Content of the certificate (cert.pem) for use when authenticating with an OAuth client Id using a Client Certificate. - properties: - secretRef: - description: SecretRef references a key in a secret that will be used as value. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - value: - description: Value can be specified directly to set a value without using a secret. - type: string - type: object - certificateKey: - description: Certificate private key (key.pem). For use when authenticating with an OAuth client Id - properties: - secretRef: - description: SecretRef references a key in a secret that will be used as value. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - value: - description: Value can be specified directly to set a value without using a secret. - type: string - type: object - clientId: - properties: - secretRef: - description: SecretRef references a key in a secret that will be used as value. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - value: - description: Value can be specified directly to set a value without using a secret. - type: string - type: object - clientSecret: - properties: - secretRef: - description: SecretRef references a key in a secret that will be used as value. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - value: - description: Value can be specified directly to set a value without using a secret. - type: string - type: object - required: - - clientId - - clientSecret - type: object - server: - description: Auth configures how API server works. - properties: - apiUrl: - type: string - clientTimeOutSeconds: - description: Timeout specifies a time limit for requests made by this Client. The timeout includes connection time, any redirects, and reading the response body. Defaults to 45 seconds. - type: integer - retrievalType: - description: The secret retrieval type. SECRET = Secrets Safe (credential, text, file). MANAGED_ACCOUNT = Password Safe account associated with a system. - type: string - separator: - description: A character that separates the folder names. - type: string - verifyCA: - type: boolean - required: - - apiUrl - - verifyCA - type: object - required: - - auth - - server - type: object - bitwardensecretsmanager: - description: BitwardenSecretsManager configures this store to sync secrets using BitwardenSecretsManager provider - properties: - apiURL: - type: string - auth: - description: |- - Auth configures how secret-manager authenticates with a bitwarden machine account instance. - Make sure that the token being used has permissions on the given secret. - properties: - secretRef: - description: BitwardenSecretsManagerSecretRef contains the credential ref to the bitwarden instance. - properties: - credentials: - description: AccessToken used for the bitwarden instance. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - required: - - credentials - type: object - required: - - secretRef - type: object - bitwardenServerSDKURL: - type: string - caBundle: - description: |- - Base64 encoded certificate for the bitwarden server sdk. The sdk MUST run with HTTPS to make sure no MITM attack - can be performed. - type: string - caProvider: - description: 'see: https://external-secrets.io/latest/spec/#external-secrets.io/v1alpha1.CAProvider' - properties: - key: - description: The key where the CA certificate can be found in the Secret or ConfigMap. - type: string - name: - description: The name of the object located at the provider type. - type: string - namespace: - description: |- - The namespace the Provider type is in. - Can only be defined when used in a ClusterSecretStore. - type: string - type: - description: The type of provider to use such as "Secret", or "ConfigMap". - enum: - - Secret - - ConfigMap - type: string - required: - - name - - type - type: object - identityURL: - type: string - organizationID: - description: OrganizationID determines which organization this secret store manages. - type: string - projectID: - description: ProjectID determines which project this secret store manages. - type: string - required: - - auth - - organizationID - - projectID - type: object - chef: - description: Chef configures this store to sync secrets with chef server - properties: - auth: - description: Auth defines the information necessary to authenticate against chef Server - properties: - secretRef: - description: ChefAuthSecretRef holds secret references for chef server login credentials. - properties: - privateKeySecretRef: - description: SecretKey is the Signing Key in PEM format, used for authentication. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - required: - - privateKeySecretRef - type: object - required: - - secretRef - type: object - serverUrl: - description: ServerURL is the chef server URL used to connect to. If using orgs you should include your org in the url and terminate the url with a "/" - type: string - username: - description: UserName should be the user ID on the chef server - type: string - required: - - auth - - serverUrl - - username - type: object - conjur: - description: Conjur configures this store to sync secrets using conjur provider - properties: - auth: - properties: - apikey: - properties: - account: - type: string - apiKeyRef: - description: |- - A reference to a specific 'key' within a Secret resource, - In some instances, `key` is a required field. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - userRef: - description: |- - A reference to a specific 'key' within a Secret resource, - In some instances, `key` is a required field. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - required: - - account - - apiKeyRef - - userRef - type: object - jwt: - properties: - account: - type: string - hostId: - description: |- - Optional HostID for JWT authentication. This may be used depending - on how the Conjur JWT authenticator policy is configured. - type: string - secretRef: - description: |- - Optional SecretRef that refers to a key in a Secret resource containing JWT token to - authenticate with Conjur using the JWT authentication method. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - serviceAccountRef: - description: |- - Optional ServiceAccountRef specifies the Kubernetes service account for which to request - a token for with the `TokenRequest` API. - properties: - audiences: - description: |- - Audience specifies the `aud` claim for the service account token - If the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity - then this audiences will be appended to the list - items: - type: string - type: array - name: - description: The name of the ServiceAccount resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - required: - - name - type: object - serviceID: - description: The conjur authn jwt webservice id - type: string - required: - - account - - serviceID - type: object - type: object - caBundle: - type: string - caProvider: - description: |- - Used to provide custom certificate authority (CA) certificates - for a secret store. The CAProvider points to a Secret or ConfigMap resource - that contains a PEM-encoded certificate. - properties: - key: - description: The key where the CA certificate can be found in the Secret or ConfigMap. - type: string - name: - description: The name of the object located at the provider type. - type: string - namespace: - description: |- - The namespace the Provider type is in. - Can only be defined when used in a ClusterSecretStore. - type: string - type: - description: The type of provider to use such as "Secret", or "ConfigMap". - enum: - - Secret - - ConfigMap - type: string - required: - - name - - type - type: object - url: - type: string - required: - - auth - - url - type: object - delinea: - description: |- - Delinea DevOps Secrets Vault - https://docs.delinea.com/online-help/products/devops-secrets-vault/current - properties: - clientId: - description: ClientID is the non-secret part of the credential. - properties: - secretRef: - description: SecretRef references a key in a secret that will be used as value. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - value: - description: Value can be specified directly to set a value without using a secret. - type: string - type: object - clientSecret: - description: ClientSecret is the secret part of the credential. - properties: - secretRef: - description: SecretRef references a key in a secret that will be used as value. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - value: - description: Value can be specified directly to set a value without using a secret. - type: string - type: object - tenant: - description: Tenant is the chosen hostname / site name. - type: string - tld: - description: |- - TLD is based on the server location that was chosen during provisioning. - If unset, defaults to "com". - type: string - urlTemplate: - description: |- - URLTemplate - If unset, defaults to "https://%s.secretsvaultcloud.%s/v1/%s%s". - type: string - required: - - clientId - - clientSecret - - tenant - type: object - device42: - description: Device42 configures this store to sync secrets using the Device42 provider - properties: - auth: - description: Auth configures how secret-manager authenticates with a Device42 instance. - properties: - secretRef: - properties: - credentials: - description: Username / Password is used for authentication. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - required: - - secretRef - type: object - host: - description: URL configures the Device42 instance URL. - type: string - required: - - auth - - host - type: object - doppler: - description: Doppler configures this store to sync secrets using the Doppler provider - properties: - auth: - description: Auth configures how the Operator authenticates with the Doppler API - properties: - secretRef: - properties: - dopplerToken: - description: |- - The DopplerToken is used for authentication. - See https://docs.doppler.com/reference/api#authentication for auth token types. - The Key attribute defaults to dopplerToken if not specified. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - required: - - dopplerToken - type: object - required: - - secretRef - type: object - config: - description: Doppler config (required if not using a Service Token) - type: string - format: - description: Format enables the downloading of secrets as a file (string) - enum: - - json - - dotnet-json - - env - - yaml - - docker - type: string - nameTransformer: - description: Environment variable compatible name transforms that change secret names to a different format - enum: - - upper-camel - - camel - - lower-snake - - tf-var - - dotnet-env - - lower-kebab - type: string - project: - description: Doppler project (required if not using a Service Token) - type: string - required: - - auth - type: object - fake: - description: Fake configures a store with static key/value pairs - properties: - data: - items: - properties: - key: - type: string - value: - type: string - valueMap: - additionalProperties: - type: string - description: 'Deprecated: ValueMap is deprecated and is intended to be removed in the future, use the `value` field instead.' - type: object - version: - type: string - required: - - key - type: object - type: array - required: - - data - type: object - fortanix: - description: Fortanix configures this store to sync secrets using the Fortanix provider - properties: - apiKey: - description: APIKey is the API token to access SDKMS Applications. - properties: - secretRef: - description: SecretRef is a reference to a secret containing the SDKMS API Key. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - apiUrl: - description: APIURL is the URL of SDKMS API. Defaults to `sdkms.fortanix.com`. - type: string - type: object - gcpsm: - description: GCPSM configures this store to sync secrets using Google Cloud Platform Secret Manager provider - properties: - auth: - description: Auth defines the information necessary to authenticate against GCP - properties: - secretRef: - properties: - secretAccessKeySecretRef: - description: The SecretAccessKey is used for authentication - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - workloadIdentity: - properties: - clusterLocation: - type: string - clusterName: - type: string - clusterProjectID: - type: string - serviceAccountRef: - description: A reference to a ServiceAccount resource. - properties: - audiences: - description: |- - Audience specifies the `aud` claim for the service account token - If the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity - then this audiences will be appended to the list - items: - type: string - type: array - name: - description: The name of the ServiceAccount resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - required: - - name - type: object - required: - - clusterLocation - - clusterName - - serviceAccountRef - type: object - type: object - location: - description: Location optionally defines a location for a secret - type: string - projectID: - description: ProjectID project where secret is located - type: string - type: object - gitlab: - description: GitLab configures this store to sync secrets using GitLab Variables provider - properties: - auth: - description: Auth configures how secret-manager authenticates with a GitLab instance. - properties: - SecretRef: - properties: - accessToken: - description: AccessToken is used for authentication. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - required: - - SecretRef - type: object - environment: - description: Environment environment_scope of gitlab CI/CD variables (Please see https://docs.gitlab.com/ee/ci/environments/#create-a-static-environment on how to create environments) - type: string - groupIDs: - description: GroupIDs specify, which gitlab groups to pull secrets from. Group secrets are read from left to right followed by the project variables. - items: - type: string - type: array - inheritFromGroups: - description: InheritFromGroups specifies whether parent groups should be discovered and checked for secrets. - type: boolean - projectID: - description: ProjectID specifies a project where secrets are located. - type: string - url: - description: URL configures the GitLab instance URL. Defaults to https://gitlab.com/. - type: string - required: - - auth - type: object - ibm: - description: IBM configures this store to sync secrets using IBM Cloud provider - properties: - auth: - description: Auth configures how secret-manager authenticates with the IBM secrets manager. - maxProperties: 1 - minProperties: 1 - properties: - containerAuth: - description: IBM Container-based auth with IAM Trusted Profile. - properties: - iamEndpoint: - type: string - profile: - description: the IBM Trusted Profile - type: string - tokenLocation: - description: Location the token is mounted on the pod - type: string - required: - - profile - type: object - secretRef: - properties: - secretApiKeySecretRef: - description: The SecretAccessKey is used for authentication - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - type: object - serviceUrl: - description: ServiceURL is the Endpoint URL that is specific to the Secrets Manager service instance - type: string - required: - - auth - type: object - infisical: - description: Infisical configures this store to sync secrets using the Infisical provider - properties: - auth: - description: Auth configures how the Operator authenticates with the Infisical API - properties: - universalAuthCredentials: - properties: - clientId: - description: |- - A reference to a specific 'key' within a Secret resource, - In some instances, `key` is a required field. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - clientSecret: - description: |- - A reference to a specific 'key' within a Secret resource, - In some instances, `key` is a required field. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - required: - - clientId - - clientSecret - type: object - type: object - hostAPI: - default: https://app.infisical.com/api - type: string - secretsScope: - properties: - environmentSlug: - type: string - projectSlug: - type: string - secretsPath: - default: / - type: string - required: - - environmentSlug - - projectSlug - type: object - required: - - auth - - secretsScope - type: object - keepersecurity: - description: KeeperSecurity configures this store to sync secrets using the KeeperSecurity provider - properties: - authRef: - description: |- - A reference to a specific 'key' within a Secret resource, - In some instances, `key` is a required field. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - folderID: - type: string - required: - - authRef - - folderID - type: object - kubernetes: - description: Kubernetes configures this store to sync secrets using a Kubernetes cluster provider - properties: - auth: - description: Auth configures how secret-manager authenticates with a Kubernetes instance. - maxProperties: 1 - minProperties: 1 - properties: - cert: - description: has both clientCert and clientKey as secretKeySelector - properties: - clientCert: - description: |- - A reference to a specific 'key' within a Secret resource, - In some instances, `key` is a required field. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - clientKey: - description: |- - A reference to a specific 'key' within a Secret resource, - In some instances, `key` is a required field. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - serviceAccount: - description: points to a service account that should be used for authentication - properties: - audiences: - description: |- - Audience specifies the `aud` claim for the service account token - If the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity - then this audiences will be appended to the list - items: - type: string - type: array - name: - description: The name of the ServiceAccount resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - required: - - name - type: object - token: - description: use static token to authenticate with - properties: - bearerToken: - description: |- - A reference to a specific 'key' within a Secret resource, - In some instances, `key` is a required field. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - type: object - authRef: - description: A reference to a secret that contains the auth information. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - remoteNamespace: - default: default - description: Remote namespace to fetch the secrets from - type: string - server: - description: configures the Kubernetes server Address. - properties: - caBundle: - description: CABundle is a base64-encoded CA certificate - format: byte - type: string - caProvider: - description: 'see: https://external-secrets.io/v0.4.1/spec/#external-secrets.io/v1alpha1.CAProvider' - properties: - key: - description: The key where the CA certificate can be found in the Secret or ConfigMap. - type: string - name: - description: The name of the object located at the provider type. - type: string - namespace: - description: |- - The namespace the Provider type is in. - Can only be defined when used in a ClusterSecretStore. - type: string - type: - description: The type of provider to use such as "Secret", or "ConfigMap". - enum: - - Secret - - ConfigMap - type: string - required: - - name - - type - type: object - url: - default: kubernetes.default - description: configures the Kubernetes server Address. - type: string - type: object - type: object - onboardbase: - description: Onboardbase configures this store to sync secrets using the Onboardbase provider - properties: - apiHost: - default: https://public.onboardbase.com/api/v1/ - description: APIHost use this to configure the host url for the API for selfhosted installation, default is https://public.onboardbase.com/api/v1/ - type: string - auth: - description: Auth configures how the Operator authenticates with the Onboardbase API - properties: - apiKeyRef: - description: |- - OnboardbaseAPIKey is the APIKey generated by an admin account. - It is used to recognize and authorize access to a project and environment within onboardbase - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - passcodeRef: - description: OnboardbasePasscode is the passcode attached to the API Key - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - required: - - apiKeyRef - - passcodeRef - type: object - environment: - default: development - description: Environment is the name of an environmnent within a project to pull the secrets from - type: string - project: - default: development - description: Project is an onboardbase project that the secrets should be pulled from - type: string - required: - - apiHost - - auth - - environment - - project - type: object - onepassword: - description: OnePassword configures this store to sync secrets using the 1Password Cloud provider - properties: - auth: - description: Auth defines the information necessary to authenticate against OnePassword Connect Server - properties: - secretRef: - description: OnePasswordAuthSecretRef holds secret references for 1Password credentials. - properties: - connectTokenSecretRef: - description: The ConnectToken is used for authentication to a 1Password Connect Server. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - required: - - connectTokenSecretRef - type: object - required: - - secretRef - type: object - connectHost: - description: ConnectHost defines the OnePassword Connect Server to connect to - type: string - vaults: - additionalProperties: - type: integer - description: Vaults defines which OnePassword vaults to search in which order - type: object - required: - - auth - - connectHost - - vaults - type: object - oracle: - description: Oracle configures this store to sync secrets using Oracle Vault provider - properties: - auth: - description: |- - Auth configures how secret-manager authenticates with the Oracle Vault. - If empty, use the instance principal, otherwise the user credentials specified in Auth. - properties: - secretRef: - description: SecretRef to pass through sensitive information. - properties: - fingerprint: - description: Fingerprint is the fingerprint of the API private key. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - privatekey: - description: PrivateKey is the user's API Signing Key in PEM format, used for authentication. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - required: - - fingerprint - - privatekey - type: object - tenancy: - description: Tenancy is the tenancy OCID where user is located. - type: string - user: - description: User is an access OCID specific to the account. - type: string - required: - - secretRef - - tenancy - - user - type: object - compartment: - description: |- - Compartment is the vault compartment OCID. - Required for PushSecret - type: string - encryptionKey: - description: |- - EncryptionKey is the OCID of the encryption key within the vault. - Required for PushSecret - type: string - principalType: - description: |- - The type of principal to use for authentication. If left blank, the Auth struct will - determine the principal type. This optional field must be specified if using - workload identity. - enum: - - "" - - UserPrincipal - - InstancePrincipal - - Workload - type: string - region: - description: Region is the region where vault is located. - type: string - serviceAccountRef: - description: |- - ServiceAccountRef specified the service account - that should be used when authenticating with WorkloadIdentity. - properties: - audiences: - description: |- - Audience specifies the `aud` claim for the service account token - If the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity - then this audiences will be appended to the list - items: - type: string - type: array - name: - description: The name of the ServiceAccount resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - required: - - name - type: object - vault: - description: Vault is the vault's OCID of the specific vault where secret is located. - type: string - required: - - region - - vault - type: object - passbolt: - properties: - auth: - description: Auth defines the information necessary to authenticate against Passbolt Server - properties: - passwordSecretRef: - description: |- - A reference to a specific 'key' within a Secret resource, - In some instances, `key` is a required field. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - privateKeySecretRef: - description: |- - A reference to a specific 'key' within a Secret resource, - In some instances, `key` is a required field. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - required: - - passwordSecretRef - - privateKeySecretRef - type: object - host: - description: Host defines the Passbolt Server to connect to - type: string - required: - - auth - - host - type: object - passworddepot: - description: Configures a store to sync secrets with a Password Depot instance. - properties: - auth: - description: Auth configures how secret-manager authenticates with a Password Depot instance. - properties: - secretRef: - properties: - credentials: - description: Username / Password is used for authentication. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - required: - - secretRef - type: object - database: - description: Database to use as source - type: string - host: - description: URL configures the Password Depot instance URL. - type: string - required: - - auth - - database - - host - type: object - pulumi: - description: Pulumi configures this store to sync secrets using the Pulumi provider - properties: - accessToken: - description: AccessToken is the access tokens to sign in to the Pulumi Cloud Console. - properties: - secretRef: - description: SecretRef is a reference to a secret containing the Pulumi API token. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - apiUrl: - default: https://api.pulumi.com/api/preview - description: APIURL is the URL of the Pulumi API. - type: string - environment: - description: |- - Environment are YAML documents composed of static key-value pairs, programmatic expressions, - dynamically retrieved values from supported providers including all major clouds, - and other Pulumi ESC environments. - To create a new environment, visit https://www.pulumi.com/docs/esc/environments/ for more information. - type: string - organization: - description: |- - Organization are a space to collaborate on shared projects and stacks. - To create a new organization, visit https://app.pulumi.com/ and click "New Organization". - type: string - required: - - accessToken - - environment - - organization - type: object - scaleway: - description: Scaleway - properties: - accessKey: - description: AccessKey is the non-secret part of the api key. - properties: - secretRef: - description: SecretRef references a key in a secret that will be used as value. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - value: - description: Value can be specified directly to set a value without using a secret. - type: string - type: object - apiUrl: - description: APIURL is the url of the api to use. Defaults to https://api.scaleway.com - type: string - projectId: - description: 'ProjectID is the id of your project, which you can find in the console: https://console.scaleway.com/project/settings' - type: string - region: - description: 'Region where your secrets are located: https://developers.scaleway.com/en/quickstart/#region-and-zone' - type: string - secretKey: - description: SecretKey is the non-secret part of the api key. - properties: - secretRef: - description: SecretRef references a key in a secret that will be used as value. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - value: - description: Value can be specified directly to set a value without using a secret. - type: string - type: object - required: - - accessKey - - projectId - - region - - secretKey - type: object - secretserver: - description: |- - SecretServer configures this store to sync secrets using SecretServer provider - https://docs.delinea.com/online-help/secret-server/start.htm - properties: - password: - description: Password is the secret server account password. - properties: - secretRef: - description: SecretRef references a key in a secret that will be used as value. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - value: - description: Value can be specified directly to set a value without using a secret. - type: string - type: object - serverURL: - description: |- - ServerURL - URL to your secret server installation - type: string - username: - description: Username is the secret server account username. - properties: - secretRef: - description: SecretRef references a key in a secret that will be used as value. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - value: - description: Value can be specified directly to set a value without using a secret. - type: string - type: object - required: - - password - - serverURL - - username - type: object - senhasegura: - description: Senhasegura configures this store to sync secrets using senhasegura provider - properties: - auth: - description: Auth defines parameters to authenticate in senhasegura - properties: - clientId: - type: string - clientSecretSecretRef: - description: |- - A reference to a specific 'key' within a Secret resource, - In some instances, `key` is a required field. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - required: - - clientId - - clientSecretSecretRef - type: object - ignoreSslCertificate: - default: false - description: IgnoreSslCertificate defines if SSL certificate must be ignored - type: boolean - module: - description: Module defines which senhasegura module should be used to get secrets - type: string - url: - description: URL of senhasegura - type: string - required: - - auth - - module - - url - type: object - vault: - description: Vault configures this store to sync secrets using Hashi provider - properties: - auth: - description: Auth configures how secret-manager authenticates with the Vault server. - properties: - appRole: - description: |- - AppRole authenticates with Vault using the App Role auth mechanism, - with the role and secret stored in a Kubernetes Secret resource. - properties: - path: - default: approle - description: |- - Path where the App Role authentication backend is mounted - in Vault, e.g: "approle" - type: string - roleId: - description: |- - RoleID configured in the App Role authentication backend when setting - up the authentication backend in Vault. - type: string - roleRef: - description: |- - Reference to a key in a Secret that contains the App Role ID used - to authenticate with Vault. - The `key` field must be specified and denotes which entry within the Secret - resource is used as the app role id. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - secretRef: - description: |- - Reference to a key in a Secret that contains the App Role secret used - to authenticate with Vault. - The `key` field must be specified and denotes which entry within the Secret - resource is used as the app role secret. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - required: - - path - - secretRef - type: object - cert: - description: |- - Cert authenticates with TLS Certificates by passing client certificate, private key and ca certificate - Cert authentication method - properties: - clientCert: - description: |- - ClientCert is a certificate to authenticate using the Cert Vault - authentication method - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - secretRef: - description: |- - SecretRef to a key in a Secret resource containing client private key to - authenticate with Vault using the Cert authentication method - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - iam: - description: |- - Iam authenticates with vault by passing a special AWS request signed with AWS IAM credentials - AWS IAM authentication method - properties: - externalID: - description: AWS External ID set on assumed IAM roles - type: string - jwt: - description: Specify a service account with IRSA enabled - properties: - serviceAccountRef: - description: A reference to a ServiceAccount resource. - properties: - audiences: - description: |- - Audience specifies the `aud` claim for the service account token - If the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity - then this audiences will be appended to the list - items: - type: string - type: array - name: - description: The name of the ServiceAccount resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - required: - - name - type: object - type: object - path: - description: 'Path where the AWS auth method is enabled in Vault, e.g: "aws"' - type: string - region: - description: AWS region - type: string - role: - description: This is the AWS role to be assumed before talking to vault - type: string - secretRef: - description: Specify credentials in a Secret object - properties: - accessKeyIDSecretRef: - description: The AccessKeyID is used for authentication - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - secretAccessKeySecretRef: - description: The SecretAccessKey is used for authentication - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - sessionTokenSecretRef: - description: |- - The SessionToken used for authentication - This must be defined if AccessKeyID and SecretAccessKey are temporary credentials - see: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_use-resources.html - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - vaultAwsIamServerID: - description: 'X-Vault-AWS-IAM-Server-ID is an additional header used by Vault IAM auth method to mitigate against different types of replay attacks. More details here: https://developer.hashicorp.com/vault/docs/auth/aws' - type: string - vaultRole: - description: Vault Role. In vault, a role describes an identity with a set of permissions, groups, or policies you want to attach a user of the secrets engine - type: string - required: - - vaultRole - type: object - jwt: - description: |- - Jwt authenticates with Vault by passing role and JWT token using the - JWT/OIDC authentication method - properties: - kubernetesServiceAccountToken: - description: |- - Optional ServiceAccountToken specifies the Kubernetes service account for which to request - a token for with the `TokenRequest` API. - properties: - audiences: - description: |- - Optional audiences field that will be used to request a temporary Kubernetes service - account token for the service account referenced by `serviceAccountRef`. - Defaults to a single audience `vault` it not specified. - Deprecated: use serviceAccountRef.Audiences instead - items: - type: string - type: array - expirationSeconds: - description: |- - Optional expiration time in seconds that will be used to request a temporary - Kubernetes service account token for the service account referenced by - `serviceAccountRef`. - Deprecated: this will be removed in the future. - Defaults to 10 minutes. - format: int64 - type: integer - serviceAccountRef: - description: Service account field containing the name of a kubernetes ServiceAccount. - properties: - audiences: - description: |- - Audience specifies the `aud` claim for the service account token - If the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity - then this audiences will be appended to the list - items: - type: string - type: array - name: - description: The name of the ServiceAccount resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - required: - - name - type: object - required: - - serviceAccountRef - type: object - path: - default: jwt - description: |- - Path where the JWT authentication backend is mounted - in Vault, e.g: "jwt" - type: string - role: - description: |- - Role is a JWT role to authenticate using the JWT/OIDC Vault - authentication method - type: string - secretRef: - description: |- - Optional SecretRef that refers to a key in a Secret resource containing JWT token to - authenticate with Vault using the JWT/OIDC authentication method. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - required: - - path - type: object - kubernetes: - description: |- - Kubernetes authenticates with Vault by passing the ServiceAccount - token stored in the named Secret resource to the Vault server. - properties: - mountPath: - default: kubernetes - description: |- - Path where the Kubernetes authentication backend is mounted in Vault, e.g: - "kubernetes" - type: string - role: - description: |- - A required field containing the Vault Role to assume. A Role binds a - Kubernetes ServiceAccount with a set of Vault policies. - type: string - secretRef: - description: |- - Optional secret field containing a Kubernetes ServiceAccount JWT used - for authenticating with Vault. If a name is specified without a key, - `token` is the default. If one is not specified, the one bound to - the controller will be used. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - serviceAccountRef: - description: |- - Optional service account field containing the name of a kubernetes ServiceAccount. - If the service account is specified, the service account secret token JWT will be used - for authenticating with Vault. If the service account selector is not supplied, - the secretRef will be used instead. - properties: - audiences: - description: |- - Audience specifies the `aud` claim for the service account token - If the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity - then this audiences will be appended to the list - items: - type: string - type: array - name: - description: The name of the ServiceAccount resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - required: - - name - type: object - required: - - mountPath - - role - type: object - ldap: - description: |- - Ldap authenticates with Vault by passing username/password pair using - the LDAP authentication method - properties: - path: - default: ldap - description: |- - Path where the LDAP authentication backend is mounted - in Vault, e.g: "ldap" - type: string - secretRef: - description: |- - SecretRef to a key in a Secret resource containing password for the LDAP - user used to authenticate with Vault using the LDAP authentication - method - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - username: - description: |- - Username is a LDAP user name used to authenticate using the LDAP Vault - authentication method - type: string - required: - - path - - username - type: object - namespace: - description: |- - Name of the vault namespace to authenticate to. This can be different than the namespace your secret is in. - Namespaces is a set of features within Vault Enterprise that allows - Vault environments to support Secure Multi-tenancy. e.g: "ns1". - More about namespaces can be found here https://www.vaultproject.io/docs/enterprise/namespaces - This will default to Vault.Namespace field if set, or empty otherwise - type: string - tokenSecretRef: - description: TokenSecretRef authenticates with Vault by presenting a token. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - userPass: - description: UserPass authenticates with Vault by passing username/password pair - properties: - path: - default: user - description: |- - Path where the UserPassword authentication backend is mounted - in Vault, e.g: "user" - type: string - secretRef: - description: |- - SecretRef to a key in a Secret resource containing password for the - user used to authenticate with Vault using the UserPass authentication - method - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - username: - description: |- - Username is a user name used to authenticate using the UserPass Vault - authentication method - type: string - required: - - path - - username - type: object - type: object - caBundle: - description: |- - PEM encoded CA bundle used to validate Vault server certificate. Only used - if the Server URL is using HTTPS protocol. This parameter is ignored for - plain HTTP protocol connection. If not set the system root certificates - are used to validate the TLS connection. - format: byte - type: string - caProvider: - description: The provider for the CA bundle to use to validate Vault server certificate. - properties: - key: - description: The key where the CA certificate can be found in the Secret or ConfigMap. - type: string - name: - description: The name of the object located at the provider type. - type: string - namespace: - description: |- - The namespace the Provider type is in. - Can only be defined when used in a ClusterSecretStore. - type: string - type: - description: The type of provider to use such as "Secret", or "ConfigMap". - enum: - - Secret - - ConfigMap - type: string - required: - - name - - type - type: object - forwardInconsistent: - description: |- - ForwardInconsistent tells Vault to forward read-after-write requests to the Vault - leader instead of simply retrying within a loop. This can increase performance if - the option is enabled serverside. - https://www.vaultproject.io/docs/configuration/replication#allow_forwarding_via_header - type: boolean - headers: - additionalProperties: - type: string - description: Headers to be added in Vault request - type: object - namespace: - description: |- - Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows - Vault environments to support Secure Multi-tenancy. e.g: "ns1". - More about namespaces can be found here https://www.vaultproject.io/docs/enterprise/namespaces - type: string - path: - description: |- - Path is the mount path of the Vault KV backend endpoint, e.g: - "secret". The v2 KV secret engine version specific "/data" path suffix - for fetching secrets from Vault is optional and will be appended - if not present in specified path. - type: string - readYourWrites: - description: |- - ReadYourWrites ensures isolated read-after-write semantics by - providing discovered cluster replication states in each request. - More information about eventual consistency in Vault can be found here - https://www.vaultproject.io/docs/enterprise/consistency - type: boolean - server: - description: 'Server is the connection address for the Vault server, e.g: "https://vault.example.com:8200".' - type: string - tls: - description: |- - The configuration used for client side related TLS communication, when the Vault server - requires mutual authentication. Only used if the Server URL is using HTTPS protocol. - This parameter is ignored for plain HTTP protocol connection. - It's worth noting this configuration is different from the "TLS certificates auth method", - which is available under the `auth.cert` section. - properties: - certSecretRef: - description: |- - CertSecretRef is a certificate added to the transport layer - when communicating with the Vault server. - If no key for the Secret is specified, external-secret will default to 'tls.crt'. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - keySecretRef: - description: |- - KeySecretRef to a key in a Secret resource containing client private key - added to the transport layer when communicating with the Vault server. - If no key for the Secret is specified, external-secret will default to 'tls.key'. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - version: - default: v2 - description: |- - Version is the Vault KV secret engine version. This can be either "v1" or - "v2". Version defaults to "v2". - enum: - - v1 - - v2 - type: string - required: - - auth - - server - type: object - webhook: - description: Webhook configures this store to sync secrets using a generic templated webhook - properties: - body: - description: Body - type: string - caBundle: - description: |- - PEM encoded CA bundle used to validate webhook server certificate. Only used - if the Server URL is using HTTPS protocol. This parameter is ignored for - plain HTTP protocol connection. If not set the system root certificates - are used to validate the TLS connection. - format: byte - type: string - caProvider: - description: The provider for the CA bundle to use to validate webhook server certificate. - properties: - key: - description: The key the value inside of the provider type to use, only used with "Secret" type - type: string - name: - description: The name of the object located at the provider type. - type: string - namespace: - description: The namespace the Provider type is in. - type: string - type: - description: The type of provider to use such as "Secret", or "ConfigMap". - enum: - - Secret - - ConfigMap - type: string - required: - - name - - type - type: object - headers: - additionalProperties: - type: string - description: Headers - type: object - method: - description: Webhook Method - type: string - result: - description: Result formatting - properties: - jsonPath: - description: Json path of return value - type: string - type: object - secrets: - description: |- - Secrets to fill in templates - These secrets will be passed to the templating function as key value pairs under the given name - items: - properties: - name: - description: Name of this secret in templates - type: string - secretRef: - description: Secret ref to fill in credentials - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - required: - - name - - secretRef - type: object - type: array - timeout: - description: Timeout - type: string - url: - description: Webhook url to call - type: string - required: - - result - - url - type: object - yandexcertificatemanager: - description: YandexCertificateManager configures this store to sync secrets using Yandex Certificate Manager provider - properties: - apiEndpoint: - description: Yandex.Cloud API endpoint (e.g. 'api.cloud.yandex.net:443') - type: string - auth: - description: Auth defines the information necessary to authenticate against Yandex Certificate Manager - properties: - authorizedKeySecretRef: - description: The authorized key used for authentication - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - caProvider: - description: The provider for the CA bundle to use to validate Yandex.Cloud server certificate. - properties: - certSecretRef: - description: |- - A reference to a specific 'key' within a Secret resource, - In some instances, `key` is a required field. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - required: - - auth - type: object - yandexlockbox: - description: YandexLockbox configures this store to sync secrets using Yandex Lockbox provider - properties: - apiEndpoint: - description: Yandex.Cloud API endpoint (e.g. 'api.cloud.yandex.net:443') - type: string - auth: - description: Auth defines the information necessary to authenticate against Yandex Lockbox - properties: - authorizedKeySecretRef: - description: The authorized key used for authentication - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - caProvider: - description: The provider for the CA bundle to use to validate Yandex.Cloud server certificate. - properties: - certSecretRef: - description: |- - A reference to a specific 'key' within a Secret resource, - In some instances, `key` is a required field. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - required: - - auth - type: object - type: object - refreshInterval: - description: Used to configure store refresh interval in seconds. Empty or 0 will default to the controller config. - type: integer - retrySettings: - description: Used to configure http retries if failed - properties: - maxRetries: - format: int32 - type: integer - retryInterval: - type: string - type: object - required: - - provider - type: object - status: - description: SecretStoreStatus defines the observed state of the SecretStore. - properties: - capabilities: - description: SecretStoreCapabilities defines the possible operations a SecretStore can do. - type: string - conditions: - items: - properties: - lastTransitionTime: - format: date-time - type: string - message: - type: string - reason: - type: string - status: - type: string - type: - type: string - required: - - status - - type - type: object - type: array - type: object - type: object - served: true - storage: true - subresources: - status: {} -{{- if .Values.crds.conversion.enabled }} - conversion: - strategy: Webhook - webhook: - conversionReviewVersions: - - v1 - clientConfig: - service: - name: {{ include "external-secrets.fullname" . }}-webhook - namespace: {{ .Release.Namespace | quote }} - path: /convert -{{- end }} -{{- end }} diff --git a/charts/external-secrets/external-secrets/templates/crds/vaultdynamicsecret.yaml b/charts/external-secrets/external-secrets/templates/crds/vaultdynamicsecret.yaml deleted file mode 100644 index 816c3a5..0000000 --- a/charts/external-secrets/external-secrets/templates/crds/vaultdynamicsecret.yaml +++ /dev/null @@ -1,707 +0,0 @@ -{{- if .Values.installCRDs }} -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - {{- with .Values.crds.annotations }} - {{- toYaml . | nindent 4}} - {{- end }} - {{- if and .Values.crds.conversion.enabled .Values.webhook.certManager.enabled .Values.webhook.certManager.addInjectorAnnotations }} - cert-manager.io/inject-ca-from: {{ .Release.Namespace }}/{{ include "external-secrets.fullname" . }}-webhook - {{- end }} - controller-gen.kubebuilder.io/version: v0.16.1 - labels: - external-secrets.io/component: controller - name: vaultdynamicsecrets.generators.external-secrets.io -spec: - group: generators.external-secrets.io - names: - categories: - - vaultdynamicsecret - kind: VaultDynamicSecret - listKind: VaultDynamicSecretList - plural: vaultdynamicsecrets - shortNames: - - vaultdynamicsecret - singular: vaultdynamicsecret - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - properties: - controller: - description: |- - Used to select the correct ESO controller (think: ingress.ingressClassName) - The ESO controller is instantiated with a specific controller name and filters VDS based on this property - type: string - method: - description: Vault API method to use (GET/POST/other) - type: string - parameters: - description: Parameters to pass to Vault write (for non-GET methods) - x-kubernetes-preserve-unknown-fields: true - path: - description: Vault path to obtain the dynamic secret from - type: string - provider: - description: Vault provider common spec - properties: - auth: - description: Auth configures how secret-manager authenticates with the Vault server. - properties: - appRole: - description: |- - AppRole authenticates with Vault using the App Role auth mechanism, - with the role and secret stored in a Kubernetes Secret resource. - properties: - path: - default: approle - description: |- - Path where the App Role authentication backend is mounted - in Vault, e.g: "approle" - type: string - roleId: - description: |- - RoleID configured in the App Role authentication backend when setting - up the authentication backend in Vault. - type: string - roleRef: - description: |- - Reference to a key in a Secret that contains the App Role ID used - to authenticate with Vault. - The `key` field must be specified and denotes which entry within the Secret - resource is used as the app role id. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - secretRef: - description: |- - Reference to a key in a Secret that contains the App Role secret used - to authenticate with Vault. - The `key` field must be specified and denotes which entry within the Secret - resource is used as the app role secret. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - required: - - path - - secretRef - type: object - cert: - description: |- - Cert authenticates with TLS Certificates by passing client certificate, private key and ca certificate - Cert authentication method - properties: - clientCert: - description: |- - ClientCert is a certificate to authenticate using the Cert Vault - authentication method - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - secretRef: - description: |- - SecretRef to a key in a Secret resource containing client private key to - authenticate with Vault using the Cert authentication method - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - iam: - description: |- - Iam authenticates with vault by passing a special AWS request signed with AWS IAM credentials - AWS IAM authentication method - properties: - externalID: - description: AWS External ID set on assumed IAM roles - type: string - jwt: - description: Specify a service account with IRSA enabled - properties: - serviceAccountRef: - description: A reference to a ServiceAccount resource. - properties: - audiences: - description: |- - Audience specifies the `aud` claim for the service account token - If the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity - then this audiences will be appended to the list - items: - type: string - type: array - name: - description: The name of the ServiceAccount resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - required: - - name - type: object - type: object - path: - description: 'Path where the AWS auth method is enabled in Vault, e.g: "aws"' - type: string - region: - description: AWS region - type: string - role: - description: This is the AWS role to be assumed before talking to vault - type: string - secretRef: - description: Specify credentials in a Secret object - properties: - accessKeyIDSecretRef: - description: The AccessKeyID is used for authentication - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - secretAccessKeySecretRef: - description: The SecretAccessKey is used for authentication - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - sessionTokenSecretRef: - description: |- - The SessionToken used for authentication - This must be defined if AccessKeyID and SecretAccessKey are temporary credentials - see: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_use-resources.html - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - vaultAwsIamServerID: - description: 'X-Vault-AWS-IAM-Server-ID is an additional header used by Vault IAM auth method to mitigate against different types of replay attacks. More details here: https://developer.hashicorp.com/vault/docs/auth/aws' - type: string - vaultRole: - description: Vault Role. In vault, a role describes an identity with a set of permissions, groups, or policies you want to attach a user of the secrets engine - type: string - required: - - vaultRole - type: object - jwt: - description: |- - Jwt authenticates with Vault by passing role and JWT token using the - JWT/OIDC authentication method - properties: - kubernetesServiceAccountToken: - description: |- - Optional ServiceAccountToken specifies the Kubernetes service account for which to request - a token for with the `TokenRequest` API. - properties: - audiences: - description: |- - Optional audiences field that will be used to request a temporary Kubernetes service - account token for the service account referenced by `serviceAccountRef`. - Defaults to a single audience `vault` it not specified. - Deprecated: use serviceAccountRef.Audiences instead - items: - type: string - type: array - expirationSeconds: - description: |- - Optional expiration time in seconds that will be used to request a temporary - Kubernetes service account token for the service account referenced by - `serviceAccountRef`. - Deprecated: this will be removed in the future. - Defaults to 10 minutes. - format: int64 - type: integer - serviceAccountRef: - description: Service account field containing the name of a kubernetes ServiceAccount. - properties: - audiences: - description: |- - Audience specifies the `aud` claim for the service account token - If the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity - then this audiences will be appended to the list - items: - type: string - type: array - name: - description: The name of the ServiceAccount resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - required: - - name - type: object - required: - - serviceAccountRef - type: object - path: - default: jwt - description: |- - Path where the JWT authentication backend is mounted - in Vault, e.g: "jwt" - type: string - role: - description: |- - Role is a JWT role to authenticate using the JWT/OIDC Vault - authentication method - type: string - secretRef: - description: |- - Optional SecretRef that refers to a key in a Secret resource containing JWT token to - authenticate with Vault using the JWT/OIDC authentication method. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - required: - - path - type: object - kubernetes: - description: |- - Kubernetes authenticates with Vault by passing the ServiceAccount - token stored in the named Secret resource to the Vault server. - properties: - mountPath: - default: kubernetes - description: |- - Path where the Kubernetes authentication backend is mounted in Vault, e.g: - "kubernetes" - type: string - role: - description: |- - A required field containing the Vault Role to assume. A Role binds a - Kubernetes ServiceAccount with a set of Vault policies. - type: string - secretRef: - description: |- - Optional secret field containing a Kubernetes ServiceAccount JWT used - for authenticating with Vault. If a name is specified without a key, - `token` is the default. If one is not specified, the one bound to - the controller will be used. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - serviceAccountRef: - description: |- - Optional service account field containing the name of a kubernetes ServiceAccount. - If the service account is specified, the service account secret token JWT will be used - for authenticating with Vault. If the service account selector is not supplied, - the secretRef will be used instead. - properties: - audiences: - description: |- - Audience specifies the `aud` claim for the service account token - If the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity - then this audiences will be appended to the list - items: - type: string - type: array - name: - description: The name of the ServiceAccount resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - required: - - name - type: object - required: - - mountPath - - role - type: object - ldap: - description: |- - Ldap authenticates with Vault by passing username/password pair using - the LDAP authentication method - properties: - path: - default: ldap - description: |- - Path where the LDAP authentication backend is mounted - in Vault, e.g: "ldap" - type: string - secretRef: - description: |- - SecretRef to a key in a Secret resource containing password for the LDAP - user used to authenticate with Vault using the LDAP authentication - method - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - username: - description: |- - Username is a LDAP user name used to authenticate using the LDAP Vault - authentication method - type: string - required: - - path - - username - type: object - namespace: - description: |- - Name of the vault namespace to authenticate to. This can be different than the namespace your secret is in. - Namespaces is a set of features within Vault Enterprise that allows - Vault environments to support Secure Multi-tenancy. e.g: "ns1". - More about namespaces can be found here https://www.vaultproject.io/docs/enterprise/namespaces - This will default to Vault.Namespace field if set, or empty otherwise - type: string - tokenSecretRef: - description: TokenSecretRef authenticates with Vault by presenting a token. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - userPass: - description: UserPass authenticates with Vault by passing username/password pair - properties: - path: - default: user - description: |- - Path where the UserPassword authentication backend is mounted - in Vault, e.g: "user" - type: string - secretRef: - description: |- - SecretRef to a key in a Secret resource containing password for the - user used to authenticate with Vault using the UserPass authentication - method - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - username: - description: |- - Username is a user name used to authenticate using the UserPass Vault - authentication method - type: string - required: - - path - - username - type: object - type: object - caBundle: - description: |- - PEM encoded CA bundle used to validate Vault server certificate. Only used - if the Server URL is using HTTPS protocol. This parameter is ignored for - plain HTTP protocol connection. If not set the system root certificates - are used to validate the TLS connection. - format: byte - type: string - caProvider: - description: The provider for the CA bundle to use to validate Vault server certificate. - properties: - key: - description: The key where the CA certificate can be found in the Secret or ConfigMap. - type: string - name: - description: The name of the object located at the provider type. - type: string - namespace: - description: |- - The namespace the Provider type is in. - Can only be defined when used in a ClusterSecretStore. - type: string - type: - description: The type of provider to use such as "Secret", or "ConfigMap". - enum: - - Secret - - ConfigMap - type: string - required: - - name - - type - type: object - forwardInconsistent: - description: |- - ForwardInconsistent tells Vault to forward read-after-write requests to the Vault - leader instead of simply retrying within a loop. This can increase performance if - the option is enabled serverside. - https://www.vaultproject.io/docs/configuration/replication#allow_forwarding_via_header - type: boolean - headers: - additionalProperties: - type: string - description: Headers to be added in Vault request - type: object - namespace: - description: |- - Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows - Vault environments to support Secure Multi-tenancy. e.g: "ns1". - More about namespaces can be found here https://www.vaultproject.io/docs/enterprise/namespaces - type: string - path: - description: |- - Path is the mount path of the Vault KV backend endpoint, e.g: - "secret". The v2 KV secret engine version specific "/data" path suffix - for fetching secrets from Vault is optional and will be appended - if not present in specified path. - type: string - readYourWrites: - description: |- - ReadYourWrites ensures isolated read-after-write semantics by - providing discovered cluster replication states in each request. - More information about eventual consistency in Vault can be found here - https://www.vaultproject.io/docs/enterprise/consistency - type: boolean - server: - description: 'Server is the connection address for the Vault server, e.g: "https://vault.example.com:8200".' - type: string - tls: - description: |- - The configuration used for client side related TLS communication, when the Vault server - requires mutual authentication. Only used if the Server URL is using HTTPS protocol. - This parameter is ignored for plain HTTP protocol connection. - It's worth noting this configuration is different from the "TLS certificates auth method", - which is available under the `auth.cert` section. - properties: - certSecretRef: - description: |- - CertSecretRef is a certificate added to the transport layer - when communicating with the Vault server. - If no key for the Secret is specified, external-secret will default to 'tls.crt'. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - keySecretRef: - description: |- - KeySecretRef to a key in a Secret resource containing client private key - added to the transport layer when communicating with the Vault server. - If no key for the Secret is specified, external-secret will default to 'tls.key'. - properties: - key: - description: |- - The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be - defaulted, in others it may be required. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - namespace: - description: |- - Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults - to the namespace of the referent. - type: string - type: object - type: object - version: - default: v2 - description: |- - Version is the Vault KV secret engine version. This can be either "v1" or - "v2". Version defaults to "v2". - enum: - - v1 - - v2 - type: string - required: - - auth - - server - type: object - resultType: - default: Data - description: |- - Result type defines which data is returned from the generator. - By default it is the "data" section of the Vault API response. - When using e.g. /auth/token/create the "data" section is empty but - the "auth" section contains the generated token. - Please refer to the vault docs regarding the result data structure. - enum: - - Data - - Auth - type: string - required: - - path - - provider - type: object - type: object - served: true - storage: true - subresources: - status: {} -{{- if .Values.crds.conversion.enabled }} - conversion: - strategy: Webhook - webhook: - conversionReviewVersions: - - v1 - clientConfig: - service: - name: {{ include "external-secrets.fullname" . }}-webhook - namespace: {{ .Release.Namespace | quote }} - path: /convert -{{- end }} -{{- end }} diff --git a/charts/external-secrets/external-secrets/templates/crds/webhook.yaml b/charts/external-secrets/external-secrets/templates/crds/webhook.yaml deleted file mode 100644 index ac6a859..0000000 --- a/charts/external-secrets/external-secrets/templates/crds/webhook.yaml +++ /dev/null @@ -1,157 +0,0 @@ -{{- if .Values.installCRDs }} -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - {{- with .Values.crds.annotations }} - {{- toYaml . | nindent 4}} - {{- end }} - {{- if and .Values.crds.conversion.enabled .Values.webhook.certManager.enabled .Values.webhook.certManager.addInjectorAnnotations }} - cert-manager.io/inject-ca-from: {{ .Release.Namespace }}/{{ include "external-secrets.fullname" . }}-webhook - {{- end }} - controller-gen.kubebuilder.io/version: v0.16.1 - labels: - external-secrets.io/component: controller - name: webhooks.generators.external-secrets.io -spec: - group: generators.external-secrets.io - names: - categories: - - webhook - kind: Webhook - listKind: WebhookList - plural: webhooks - shortNames: - - webhookl - singular: webhook - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: |- - Webhook connects to a third party API server to handle the secrets generation - configuration parameters in spec. - You can specify the server, the token, and additional body parameters. - See documentation for the full API specification for requests and responses. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: WebhookSpec controls the behavior of the external generator. Any body parameters should be passed to the server through the parameters field. - properties: - body: - description: Body - type: string - caBundle: - description: |- - PEM encoded CA bundle used to validate webhook server certificate. Only used - if the Server URL is using HTTPS protocol. This parameter is ignored for - plain HTTP protocol connection. If not set the system root certificates - are used to validate the TLS connection. - format: byte - type: string - caProvider: - description: The provider for the CA bundle to use to validate webhook server certificate. - properties: - key: - description: The key the value inside of the provider type to use, only used with "Secret" type - type: string - name: - description: The name of the object located at the provider type. - type: string - namespace: - description: The namespace the Provider type is in. - type: string - type: - description: The type of provider to use such as "Secret", or "ConfigMap". - enum: - - Secret - - ConfigMap - type: string - required: - - name - - type - type: object - headers: - additionalProperties: - type: string - description: Headers - type: object - method: - description: Webhook Method - type: string - result: - description: Result formatting - properties: - jsonPath: - description: Json path of return value - type: string - type: object - secrets: - description: |- - Secrets to fill in templates - These secrets will be passed to the templating function as key value pairs under the given name - items: - properties: - name: - description: Name of this secret in templates - type: string - secretRef: - description: Secret ref to fill in credentials - properties: - key: - description: The key where the token is found. - type: string - name: - description: The name of the Secret resource being referred to. - type: string - type: object - required: - - name - - secretRef - type: object - type: array - timeout: - description: Timeout - type: string - url: - description: Webhook url to call - type: string - required: - - result - - url - type: object - type: object - served: true - storage: true - subresources: - status: {} -{{- if .Values.crds.conversion.enabled }} - conversion: - strategy: Webhook - webhook: - conversionReviewVersions: - - v1 - clientConfig: - service: - name: {{ include "external-secrets.fullname" . }}-webhook - namespace: {{ .Release.Namespace | quote }} - path: /convert -{{- end }} -{{- end }} diff --git a/charts/external-secrets/external-secrets/templates/deployment.yaml b/charts/external-secrets/external-secrets/templates/deployment.yaml deleted file mode 100644 index 75a908e..0000000 --- a/charts/external-secrets/external-secrets/templates/deployment.yaml +++ /dev/null @@ -1,146 +0,0 @@ -{{- if .Values.createOperator }} -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "external-secrets.fullname" . }} - namespace: {{ template "external-secrets.namespace" . }} - labels: - {{- include "external-secrets.labels" . | nindent 4 }} - {{- with .Values.deploymentAnnotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - replicas: {{ .Values.replicaCount }} - revisionHistoryLimit: {{ .Values.revisionHistoryLimit }} - selector: - matchLabels: - {{- include "external-secrets.selectorLabels" . | nindent 6 }} - template: - metadata: - {{- with .Values.podAnnotations }} - annotations: - {{- toYaml . | nindent 8 }} - {{- end }} - labels: - {{- include "external-secrets.labels" . | nindent 8 }} - {{- with .Values.podLabels }} - {{- toYaml . | nindent 8 }} - {{- end }} - spec: - {{- with .Values.imagePullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} - serviceAccountName: {{ include "external-secrets.serviceAccountName" . }} - automountServiceAccountToken: {{ .Values.serviceAccount.automount }} - {{- with .Values.podSecurityContext }} - {{- if and (.enabled) (gt (keys . | len) 1) }} - securityContext: - {{- include "external-secrets.renderSecurityContext" (dict "securityContext" . "context" $) | nindent 8 }} - {{- end }} - {{- end }} - hostNetwork: {{ .Values.hostNetwork }} - containers: - - name: {{ .Chart.Name }} - {{- with .Values.securityContext }} - {{- if and (.enabled) (gt (keys . | len) 1) }} - securityContext: - {{- include "external-secrets.renderSecurityContext" (dict "securityContext" . "context" $) | nindent 12 }} - {{- end }} - {{- end }} - image: {{ include "external-secrets.image" (dict "chartAppVersion" .Chart.AppVersion "image" .Values.image) | trim }} - imagePullPolicy: {{ .Values.image.pullPolicy }} - {{- if or (.Values.leaderElect) (.Values.scopedNamespace) (.Values.processClusterStore) (.Values.processClusterExternalSecret) (.Values.concurrent) (.Values.extraArgs) }} - args: - {{- if .Values.leaderElect }} - - --enable-leader-election=true - {{- end }} - {{- if .Values.scopedNamespace }} - - --namespace={{ .Values.scopedNamespace }} - {{- end }} - {{- if and .Values.scopedNamespace .Values.scopedRBAC }} - - --enable-cluster-store-reconciler=false - - --enable-cluster-external-secret-reconciler=false - {{- else }} - {{- if not .Values.processClusterStore }} - - --enable-cluster-store-reconciler=false - {{- end }} - {{- if not .Values.processClusterExternalSecret }} - - --enable-cluster-external-secret-reconciler=false - {{- end }} - {{- end }} - {{- if not .Values.processPushSecret }} - - --enable-push-secret-reconciler=false - {{- end }} - {{- if .Values.controllerClass }} - - --controller-class={{ .Values.controllerClass }} - {{- end }} - {{- if .Values.extendedMetricLabels }} - - --enable-extended-metric-labels={{ .Values.extendedMetricLabels }} - {{- end }} - {{- if .Values.concurrent }} - - --concurrent={{ .Values.concurrent }} - {{- end }} - {{- range $key, $value := .Values.extraArgs }} - {{- if $value }} - - --{{ $key }}={{ $value }} - {{- else }} - - --{{ $key }} - {{- end }} - {{- end }} - {{- end }} - - --metrics-addr=:{{ .Values.metrics.listen.port }} - - --loglevel={{ .Values.log.level }} - - --zap-time-encoding={{ .Values.log.timeEncoding }} - ports: - - containerPort: {{ .Values.metrics.listen.port }} - protocol: TCP - name: metrics - {{- with .Values.extraEnv }} - env: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- with .Values.resources }} - resources: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- if .Values.extraVolumeMounts }} - volumeMounts: - {{- toYaml .Values.extraVolumeMounts | nindent 12 }} - {{- end }} - {{- if .Values.extraContainers }} - {{ toYaml .Values.extraContainers | nindent 8}} - {{- end }} - dnsPolicy: {{ .Values.dnsPolicy }} - {{- if .Values.dnsConfig }} - dnsConfig: - {{- toYaml .Values.dnsConfig | nindent 8 }} - {{- end }} - {{- if .Values.extraVolumes }} - volumes: - {{- toYaml .Values.extraVolumes | nindent 8 }} - {{- end }} - {{- with .Values.nodeSelector | default .Values.global.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.affinity | default .Values.global.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.tolerations | default .Values.global.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.topologySpreadConstraints | default .Values.global.topologySpreadConstraints }} - topologySpreadConstraints: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- if .Values.priorityClassName }} - priorityClassName: {{ .Values.priorityClassName }} - {{- end }} - {{- if .Values.podSpecExtra }} - {{- toYaml .Values.podSpecExtra | nindent 6 }} - {{- end }} -{{- end }} diff --git a/charts/external-secrets/external-secrets/templates/extra-manifests.yaml b/charts/external-secrets/external-secrets/templates/extra-manifests.yaml deleted file mode 100644 index 1dfe8f4..0000000 --- a/charts/external-secrets/external-secrets/templates/extra-manifests.yaml +++ /dev/null @@ -1,4 +0,0 @@ -{{- range .Values.extraObjects }} ---- -{{ include "external-secrets.render" (dict "value" . "context" $) }} -{{- end }} diff --git a/charts/external-secrets/external-secrets/templates/poddisruptionbudget.yaml b/charts/external-secrets/external-secrets/templates/poddisruptionbudget.yaml deleted file mode 100644 index 7b75ca3..0000000 --- a/charts/external-secrets/external-secrets/templates/poddisruptionbudget.yaml +++ /dev/null @@ -1,19 +0,0 @@ -{{- if .Values.podDisruptionBudget.enabled }} -apiVersion: policy/v1 -kind: PodDisruptionBudget -metadata: - name: {{ include "external-secrets.fullname" . }}-pdb - namespace: {{ template "external-secrets.namespace" . }} - labels: - {{- include "external-secrets.labels" . | nindent 4 }} -spec: - {{- if .Values.podDisruptionBudget.minAvailable }} - minAvailable: {{ .Values.podDisruptionBudget.minAvailable }} - {{- end }} - {{- if .Values.podDisruptionBudget.maxUnavailable }} - maxUnavailable: {{ .Values.podDisruptionBudget.maxUnavailable }} - {{- end }} - selector: - matchLabels: - {{- include "external-secrets.selectorLabels" . | nindent 6 }} -{{- end }} diff --git a/charts/external-secrets/external-secrets/templates/rbac.yaml b/charts/external-secrets/external-secrets/templates/rbac.yaml deleted file mode 100644 index 4f4ab48..0000000 --- a/charts/external-secrets/external-secrets/templates/rbac.yaml +++ /dev/null @@ -1,301 +0,0 @@ -{{- if .Values.rbac.create -}} -apiVersion: rbac.authorization.k8s.io/v1 -{{- if and .Values.scopedNamespace .Values.scopedRBAC }} -kind: Role -{{- else }} -kind: ClusterRole -{{- end }} -metadata: - name: {{ include "external-secrets.fullname" . }}-controller - {{- if and .Values.scopedNamespace .Values.scopedRBAC }} - namespace: {{ .Values.scopedNamespace | quote }} - {{- end }} - labels: - {{- include "external-secrets.labels" . | nindent 4 }} -rules: - - apiGroups: - - "external-secrets.io" - resources: - - "secretstores" - - "clustersecretstores" - - "externalsecrets" - - "clusterexternalsecrets" - - "pushsecrets" - verbs: - - "get" - - "list" - - "watch" - - apiGroups: - - "external-secrets.io" - resources: - - "externalsecrets" - - "externalsecrets/status" - - "externalsecrets/finalizers" - - "secretstores" - - "secretstores/status" - - "secretstores/finalizers" - - "clustersecretstores" - - "clustersecretstores/status" - - "clustersecretstores/finalizers" - - "clusterexternalsecrets" - - "clusterexternalsecrets/status" - - "clusterexternalsecrets/finalizers" - - "pushsecrets" - - "pushsecrets/status" - - "pushsecrets/finalizers" - verbs: - - "get" - - "update" - - "patch" - - apiGroups: - - "generators.external-secrets.io" - resources: - - "acraccesstokens" - - "ecrauthorizationtokens" - - "fakes" - - "gcraccesstokens" - - "githubaccesstokens" - - "passwords" - - "vaultdynamicsecrets" - - "webhooks" - verbs: - - "get" - - "list" - - "watch" - - apiGroups: - - "" - resources: - - "serviceaccounts" - - "namespaces" - verbs: - - "get" - - "list" - - "watch" - - apiGroups: - - "" - resources: - - "configmaps" - verbs: - - "get" - - "list" - - "watch" - - apiGroups: - - "" - resources: - - "secrets" - verbs: - - "get" - - "list" - - "watch" - - "create" - - "update" - - "delete" - - "patch" - - apiGroups: - - "" - resources: - - "serviceaccounts/token" - verbs: - - "create" - - apiGroups: - - "" - resources: - - "events" - verbs: - - "create" - - "patch" - - apiGroups: - - "external-secrets.io" - resources: - - "externalsecrets" - verbs: - - "create" - - "update" - - "delete" ---- -apiVersion: rbac.authorization.k8s.io/v1 -{{- if and .Values.scopedNamespace .Values.scopedRBAC }} -kind: Role -{{- else }} -kind: ClusterRole -{{- end }} -metadata: - name: {{ include "external-secrets.fullname" . }}-view - {{- if and .Values.scopedNamespace .Values.scopedRBAC }} - namespace: {{ .Values.scopedNamespace | quote }} - {{- end }} - labels: - {{- include "external-secrets.labels" . | nindent 4 }} - rbac.authorization.k8s.io/aggregate-to-view: "true" - rbac.authorization.k8s.io/aggregate-to-edit: "true" - rbac.authorization.k8s.io/aggregate-to-admin: "true" -rules: - - apiGroups: - - "external-secrets.io" - resources: - - "externalsecrets" - - "secretstores" - - "clustersecretstores" - - "pushsecrets" - verbs: - - "get" - - "watch" - - "list" - - apiGroups: - - "generators.external-secrets.io" - resources: - - "acraccesstokens" - - "ecrauthorizationtokens" - - "fakes" - - "gcraccesstokens" - - "githubaccesstokens" - - "passwords" - - "vaultdynamicsecrets" - - "webhooks" - verbs: - - "get" - - "watch" - - "list" ---- -apiVersion: rbac.authorization.k8s.io/v1 -{{- if and .Values.scopedNamespace .Values.scopedRBAC }} -kind: Role -{{- else }} -kind: ClusterRole -{{- end }} -metadata: - name: {{ include "external-secrets.fullname" . }}-edit - {{- if and .Values.scopedNamespace .Values.scopedRBAC }} - namespace: {{ .Values.scopedNamespace | quote }} - {{- end }} - labels: - {{- include "external-secrets.labels" . | nindent 4 }} - rbac.authorization.k8s.io/aggregate-to-edit: "true" - rbac.authorization.k8s.io/aggregate-to-admin: "true" -rules: - - apiGroups: - - "external-secrets.io" - resources: - - "externalsecrets" - - "secretstores" - - "clustersecretstores" - - "pushsecrets" - verbs: - - "create" - - "delete" - - "deletecollection" - - "patch" - - "update" - - apiGroups: - - "generators.external-secrets.io" - resources: - - "acraccesstokens" - - "ecrauthorizationtokens" - - "fakes" - - "gcraccesstokens" - - "githubaccesstokens" - - "passwords" - - "vaultdynamicsecrets" - - "webhooks" - verbs: - - "create" - - "delete" - - "deletecollection" - - "patch" - - "update" ---- -apiVersion: rbac.authorization.k8s.io/v1 -{{- if and .Values.scopedNamespace .Values.scopedRBAC }} -kind: RoleBinding -{{- else }} -kind: ClusterRoleBinding -{{- end }} -metadata: - name: {{ include "external-secrets.fullname" . }}-controller - {{- if and .Values.scopedNamespace .Values.scopedRBAC }} - namespace: {{ .Values.scopedNamespace | quote }} - {{- end }} - labels: - {{- include "external-secrets.labels" . | nindent 4 }} -roleRef: - apiGroup: rbac.authorization.k8s.io - {{- if and .Values.scopedNamespace .Values.scopedRBAC }} - kind: Role - {{- else }} - kind: ClusterRole - {{- end }} - name: {{ include "external-secrets.fullname" . }}-controller -subjects: - - name: {{ include "external-secrets.serviceAccountName" . }} - namespace: {{ template "external-secrets.namespace" . }} - kind: ServiceAccount ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: {{ include "external-secrets.fullname" . }}-leaderelection - namespace: {{ template "external-secrets.namespace" . }} - labels: - {{- include "external-secrets.labels" . | nindent 4 }} -rules: - - apiGroups: - - "" - resources: - - "configmaps" - resourceNames: - - "external-secrets-controller" - verbs: - - "get" - - "update" - - "patch" - - apiGroups: - - "" - resources: - - "configmaps" - verbs: - - "create" - - apiGroups: - - "coordination.k8s.io" - resources: - - "leases" - verbs: - - "get" - - "create" - - "update" - - "patch" ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: {{ include "external-secrets.fullname" . }}-leaderelection - namespace: {{ template "external-secrets.namespace" . }} - labels: - {{- include "external-secrets.labels" . | nindent 4 }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: {{ include "external-secrets.fullname" . }}-leaderelection -subjects: - - kind: ServiceAccount - name: {{ include "external-secrets.serviceAccountName" . }} - namespace: {{ template "external-secrets.namespace" . }} -{{- if .Values.rbac.servicebindings.create }} ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: {{ include "external-secrets.fullname" . }}-servicebindings - labels: - servicebinding.io/controller: "true" - {{- include "external-secrets.labels" . | nindent 4 }} -rules: - - apiGroups: - - "external-secrets.io" - resources: - - "externalsecrets" - verbs: - - "get" - - "list" - - "watch" -{{- end }} -{{- end }} diff --git a/charts/external-secrets/external-secrets/templates/service.yaml b/charts/external-secrets/external-secrets/templates/service.yaml deleted file mode 100644 index 94859a3..0000000 --- a/charts/external-secrets/external-secrets/templates/service.yaml +++ /dev/null @@ -1,28 +0,0 @@ -{{- if .Values.metrics.service.enabled }} -apiVersion: v1 -kind: Service -metadata: - name: {{ include "external-secrets.fullname" . }}-metrics - namespace: {{ template "external-secrets.namespace" . }} - labels: - {{- include "external-secrets.labels" . | nindent 4 }} - {{- with .Values.metrics.service.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - type: ClusterIP - {{- if .Values.service.ipFamilyPolicy }} - ipFamilyPolicy: {{ .Values.service.ipFamilyPolicy }} - {{- end }} - {{- if .Values.service.ipFamilies }} - ipFamilies: {{ .Values.service.ipFamilies | toYaml | nindent 2 }} - {{- end }} - ports: - - port: {{ .Values.metrics.service.port }} - protocol: TCP - targetPort: metrics - name: metrics - selector: - {{- include "external-secrets.selectorLabels" . | nindent 4 }} -{{- end }} diff --git a/charts/external-secrets/external-secrets/templates/serviceaccount.yaml b/charts/external-secrets/external-secrets/templates/serviceaccount.yaml deleted file mode 100644 index ceaa98e..0000000 --- a/charts/external-secrets/external-secrets/templates/serviceaccount.yaml +++ /dev/null @@ -1,16 +0,0 @@ -{{- if .Values.serviceAccount.create -}} -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ include "external-secrets.serviceAccountName" . }} - namespace: {{ template "external-secrets.namespace" . }} - labels: - {{- include "external-secrets.labels" . | nindent 4 }} - {{- with .Values.serviceAccount.extraLabels }} - {{- toYaml . | nindent 4 }} - {{- end }} - {{- with .Values.serviceAccount.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -{{- end }} diff --git a/charts/external-secrets/external-secrets/templates/servicemonitor.yaml b/charts/external-secrets/external-secrets/templates/servicemonitor.yaml deleted file mode 100644 index 3145179..0000000 --- a/charts/external-secrets/external-secrets/templates/servicemonitor.yaml +++ /dev/null @@ -1,164 +0,0 @@ -{{- if and ( .Capabilities.APIVersions.Has "monitoring.coreos.com/v1" ) .Values.serviceMonitor.enabled -}} -apiVersion: v1 -kind: Service -metadata: - name: {{ include "external-secrets.fullname" . }}-metrics - namespace: {{ template "external-secrets.namespace" . }} - labels: - {{- include "external-secrets.labels" . | nindent 4 }} -spec: - type: ClusterIP - {{- if .Values.service.ipFamilyPolicy }} - ipFamilyPolicy: {{ .Values.service.ipFamilyPolicy }} - {{- end }} - {{- if .Values.service.ipFamilies }} - ipFamilies: {{ .Values.service.ipFamilies | toYaml | nindent 2 }} - {{- end }} - ports: - - port: {{ .Values.metrics.service.port }} - protocol: TCP - name: metrics - selector: - {{- include "external-secrets.selectorLabels" . | nindent 4 }} ---- -apiVersion: "monitoring.coreos.com/v1" -kind: ServiceMonitor -metadata: - labels: - {{- include "external-secrets.labels" . | nindent 4 }} -{{- if .Values.serviceMonitor.additionalLabels }} -{{ toYaml .Values.serviceMonitor.additionalLabels | indent 4 }} -{{- end }} - name: {{ include "external-secrets.fullname" . }}-metrics - namespace: {{ .Values.serviceMonitor.namespace | default (include "external-secrets.namespace" .) | quote }} -spec: - selector: - matchLabels: - {{- include "external-secrets.selectorLabels" . | nindent 6 }} - namespaceSelector: - matchNames: - - {{ template "external-secrets.namespace" . }} - endpoints: - - port: metrics - interval: {{ .Values.serviceMonitor.interval }} - scrapeTimeout: {{ .Values.serviceMonitor.scrapeTimeout }} - honorLabels: {{ .Values.serviceMonitor.honorLabels }} - {{- with .Values.serviceMonitor.metricRelabelings }} - metricRelabelings: - {{- toYaml . | nindent 6 }} - {{- end }} - {{- with .Values.serviceMonitor.relabelings }} - relabelings: - {{- toYaml . | nindent 6 }} - {{- end }} ---- -{{- if .Values.webhook.create }} -apiVersion: v1 -kind: Service -metadata: - name: {{ include "external-secrets.fullname" . }}-webhook-metrics - namespace: {{ template "external-secrets.namespace" . }} - labels: - {{- include "external-secrets-webhook-metrics.labels" . | nindent 4 }} -spec: - type: ClusterIP - {{- if .Values.service.ipFamilyPolicy }} - ipFamilyPolicy: {{ .Values.service.ipFamilyPolicy }} - {{- end }} - {{- if .Values.service.ipFamilies }} - ipFamilies: {{ .Values.service.ipFamilies | toYaml | nindent 2 }} - {{- end }} - ports: - - port: {{ .Values.webhook.metrics.service.port }} - protocol: TCP - name: metrics - selector: - {{- include "external-secrets-webhook.selectorLabels" . | nindent 4 }} ---- -apiVersion: "monitoring.coreos.com/v1" -kind: ServiceMonitor -metadata: - labels: - {{- include "external-secrets-webhook.labels" . | nindent 4 }} -{{- if .Values.serviceMonitor.additionalLabels }} -{{ toYaml .Values.serviceMonitor.additionalLabels | indent 4 }} -{{- end }} - name: {{ include "external-secrets.fullname" . }}-webhook-metrics - namespace: {{ .Values.serviceMonitor.namespace | default (include "external-secrets.namespace" .) | quote }} -spec: - selector: - matchLabels: - {{- include "external-secrets-webhook-metrics.labels" . | nindent 6 }} - namespaceSelector: - matchNames: - - {{ template "external-secrets.namespace" . }} - endpoints: - - port: metrics - interval: {{ .Values.serviceMonitor.interval }} - scrapeTimeout: {{ .Values.serviceMonitor.scrapeTimeout }} - honorLabels: {{ .Values.serviceMonitor.honorLabels }} - {{- with .Values.serviceMonitor.metricRelabelings }} - metricRelabelings: - {{- toYaml . | nindent 6 }} - {{- end }} - {{- with .Values.serviceMonitor.relabelings }} - relabelings: - {{- toYaml . | nindent 6 }} - {{- end }} -{{- end }} ---- -{{- if .Values.certController.create }} -apiVersion: v1 -kind: Service -metadata: - name: {{ include "external-secrets.fullname" . }}-cert-controller-metrics - namespace: {{ template "external-secrets.namespace" . }} - labels: - {{- include "external-secrets-cert-controller-metrics.labels" . | nindent 4 }} -spec: - type: ClusterIP - {{- if .Values.service.ipFamilyPolicy }} - ipFamilyPolicy: {{ .Values.service.ipFamilyPolicy }} - {{- end }} - {{- if .Values.service.ipFamilies }} - ipFamilies: {{ .Values.service.ipFamilies | toYaml | nindent 2 }} - {{- end }} - ports: - - port: {{ .Values.certController.metrics.listen.port }} - protocol: TCP - name: metrics - selector: - {{- include "external-secrets-cert-controller.selectorLabels" . | nindent 4 }} ---- -apiVersion: "monitoring.coreos.com/v1" -kind: ServiceMonitor -metadata: - labels: - {{- include "external-secrets-cert-controller.labels" . | nindent 4 }} -{{- if .Values.serviceMonitor.additionalLabels }} -{{ toYaml .Values.serviceMonitor.additionalLabels | indent 4 }} -{{- end }} - name: {{ include "external-secrets.fullname" . }}-cert-controller-metrics - namespace: {{ .Values.serviceMonitor.namespace | default (include "external-secrets.namespace" .) | quote }} -spec: - selector: - matchLabels: - {{- include "external-secrets-cert-controller-metrics.labels" . | nindent 6 }} - namespaceSelector: - matchNames: - - {{ template "external-secrets.namespace" . }} - endpoints: - - port: metrics - interval: {{ .Values.serviceMonitor.interval }} - scrapeTimeout: {{ .Values.serviceMonitor.scrapeTimeout }} - honorLabels: {{ .Values.serviceMonitor.honorLabels }} - {{- with .Values.serviceMonitor.metricRelabelings }} - metricRelabelings: - {{- toYaml . | nindent 6 }} - {{- end }} - {{- with .Values.serviceMonitor.relabelings }} - relabelings: - {{- toYaml . | nindent 6 }} - {{- end }} -{{- end }} -{{- end }} diff --git a/charts/external-secrets/external-secrets/templates/validatingwebhook.yaml b/charts/external-secrets/external-secrets/templates/validatingwebhook.yaml deleted file mode 100644 index 63b3976..0000000 --- a/charts/external-secrets/external-secrets/templates/validatingwebhook.yaml +++ /dev/null @@ -1,78 +0,0 @@ -{{- if .Values.webhook.create }} -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - name: secretstore-validate - labels: - external-secrets.io/component: webhook - {{- with .Values.commonLabels }} - {{ toYaml . | nindent 4 }} - {{- end }} - {{- if and .Values.webhook.certManager.enabled .Values.webhook.certManager.addInjectorAnnotations }} - annotations: - cert-manager.io/inject-ca-from: {{ template "external-secrets.namespace" . }}/{{ include "external-secrets.fullname" . }}-webhook - {{- end }} -webhooks: -- name: "validate.secretstore.external-secrets.io" - rules: - - apiGroups: ["external-secrets.io"] - apiVersions: ["v1beta1"] - operations: ["CREATE", "UPDATE", "DELETE"] - resources: ["secretstores"] - scope: "Namespaced" - clientConfig: - service: - namespace: {{ template "external-secrets.namespace" . }} - name: {{ include "external-secrets.fullname" . }}-webhook - path: /validate-external-secrets-io-v1beta1-secretstore - admissionReviewVersions: ["v1", "v1beta1"] - sideEffects: None - timeoutSeconds: 5 - -- name: "validate.clustersecretstore.external-secrets.io" - rules: - - apiGroups: ["external-secrets.io"] - apiVersions: ["v1beta1"] - operations: ["CREATE", "UPDATE", "DELETE"] - resources: ["clustersecretstores"] - scope: "Cluster" - clientConfig: - service: - namespace: {{ template "external-secrets.namespace" . }} - name: {{ include "external-secrets.fullname" . }}-webhook - path: /validate-external-secrets-io-v1beta1-clustersecretstore - admissionReviewVersions: ["v1", "v1beta1"] - sideEffects: None - timeoutSeconds: 5 ---- -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - name: externalsecret-validate - labels: - external-secrets.io/component: webhook - {{- with .Values.commonLabels }} - {{ toYaml . | nindent 4 }} - {{- end }} - {{- if and .Values.webhook.certManager.enabled .Values.webhook.certManager.addInjectorAnnotations }} - annotations: - cert-manager.io/inject-ca-from: {{ template "external-secrets.namespace" . }}/{{ include "external-secrets.fullname" . }}-webhook - {{- end }} -webhooks: -- name: "validate.externalsecret.external-secrets.io" - rules: - - apiGroups: ["external-secrets.io"] - apiVersions: ["v1beta1"] - operations: ["CREATE", "UPDATE", "DELETE"] - resources: ["externalsecrets"] - scope: "Namespaced" - clientConfig: - service: - namespace: {{ template "external-secrets.namespace" . }} - name: {{ include "external-secrets.fullname" . }}-webhook - path: /validate-external-secrets-io-v1beta1-externalsecret - admissionReviewVersions: ["v1", "v1beta1"] - sideEffects: None - timeoutSeconds: 5 - failurePolicy: {{ .Values.webhook.failurePolicy}} -{{- end }} diff --git a/charts/external-secrets/external-secrets/templates/webhook-certificate.yaml b/charts/external-secrets/external-secrets/templates/webhook-certificate.yaml deleted file mode 100644 index adb19fd..0000000 --- a/charts/external-secrets/external-secrets/templates/webhook-certificate.yaml +++ /dev/null @@ -1,30 +0,0 @@ -{{- if and .Values.webhook.create .Values.webhook.certManager.enabled .Values.webhook.certManager.cert.create }} ---- -apiVersion: cert-manager.io/v1 -kind: Certificate -metadata: - name: {{ include "external-secrets.fullname" . }}-webhook - namespace: {{ template "external-secrets.namespace" . }} - labels: - {{- include "external-secrets-webhook.labels" . | nindent 4 }} - external-secrets.io/component: webhook - {{- with .Values.webhook.certManager.cert.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - commonName: {{ include "external-secrets.fullname" . }}-webhook - dnsNames: - - {{ include "external-secrets.fullname" . }}-webhook - - {{ include "external-secrets.fullname" . }}-webhook.{{ template "external-secrets.namespace" . }} - - {{ include "external-secrets.fullname" . }}-webhook.{{ template "external-secrets.namespace" . }}.svc - issuerRef: - {{- toYaml .Values.webhook.certManager.cert.issuerRef | nindent 4 }} - {{- with .Values.webhook.certManager.cert.duration }} - duration: {{ . | quote }} - {{- end }} - {{- with .Values.webhook.certManager.cert.renewBefore }} - renewBefore: {{ . | quote }} - {{- end }} - secretName: {{ include "external-secrets.fullname" . }}-webhook -{{- end }} diff --git a/charts/external-secrets/external-secrets/templates/webhook-deployment.yaml b/charts/external-secrets/external-secrets/templates/webhook-deployment.yaml deleted file mode 100644 index 7419a42..0000000 --- a/charts/external-secrets/external-secrets/templates/webhook-deployment.yaml +++ /dev/null @@ -1,128 +0,0 @@ -{{- if .Values.webhook.create }} -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "external-secrets.fullname" . }}-webhook - namespace: {{ template "external-secrets.namespace" . }} - labels: - {{- include "external-secrets-webhook.labels" . | nindent 4 }} - {{- with .Values.webhook.deploymentAnnotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - replicas: {{ .Values.webhook.replicaCount }} - revisionHistoryLimit: {{ .Values.webhook.revisionHistoryLimit }} - selector: - matchLabels: - {{- include "external-secrets-webhook.selectorLabels" . | nindent 6 }} - template: - metadata: - {{- with .Values.webhook.podAnnotations }} - annotations: - {{- toYaml . | nindent 8 }} - {{- end }} - labels: - {{- include "external-secrets-webhook.labels" . | nindent 8 }} - {{- with .Values.webhook.podLabels }} - {{- toYaml . | nindent 8 }} - {{- end }} - spec: - {{- with .Values.webhook.imagePullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} - hostNetwork: {{ .Values.webhook.hostNetwork}} - serviceAccountName: {{ include "external-secrets-webhook.serviceAccountName" . }} - automountServiceAccountToken: {{ .Values.webhook.serviceAccount.automount }} - {{- with .Values.webhook.podSecurityContext }} - {{- if and (.enabled) (gt (keys . | len) 1) }} - securityContext: - {{- include "external-secrets.renderSecurityContext" (dict "securityContext" . "context" $) | nindent 8 }} - {{- end }} - {{- end }} - containers: - - name: webhook - {{- with .Values.webhook.securityContext }} - {{- if and (.enabled) (gt (keys . | len) 1) }} - securityContext: - {{- include "external-secrets.renderSecurityContext" (dict "securityContext" . "context" $) | nindent 12 }} - {{- end }} - {{- end }} - image: {{ include "external-secrets.image" (dict "chartAppVersion" .Chart.AppVersion "image" .Values.webhook.image) | trim }} - imagePullPolicy: {{ .Values.webhook.image.pullPolicy }} - args: - - webhook - - --port={{ .Values.webhook.port }} - - --dns-name={{ include "external-secrets.fullname" . }}-webhook.{{ template "external-secrets.namespace" . }}.svc - - --cert-dir={{ .Values.webhook.certDir }} - - --check-interval={{ .Values.webhook.certCheckInterval }} - - --metrics-addr=:{{ .Values.webhook.metrics.listen.port }} - - --healthz-addr={{ .Values.webhook.readinessProbe.address }}:{{ .Values.webhook.readinessProbe.port }} - - --loglevel={{ .Values.webhook.log.level }} - - --zap-time-encoding={{ .Values.webhook.log.timeEncoding }} - {{- if .Values.webhook.lookaheadInterval }} - - --lookahead-interval={{ .Values.webhook.lookaheadInterval }} - {{- end }} - {{- range $key, $value := .Values.webhook.extraArgs }} - {{- if $value }} - - --{{ $key }}={{ $value }} - {{- else }} - - --{{ $key }} - {{- end }} - {{- end }} - ports: - - containerPort: {{ .Values.webhook.metrics.listen.port }} - protocol: TCP - name: metrics - - containerPort: {{ .Values.webhook.port }} - protocol: TCP - name: webhook - readinessProbe: - httpGet: - port: {{ .Values.webhook.readinessProbe.port }} - path: /readyz - initialDelaySeconds: 20 - periodSeconds: 5 - {{- with .Values.webhook.extraEnv }} - env: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- with .Values.webhook.resources }} - resources: - {{- toYaml . | nindent 12 }} - {{- end }} - volumeMounts: - - name: certs - mountPath: {{ .Values.webhook.certDir }} - readOnly: true - {{- if .Values.webhook.extraVolumeMounts }} - {{- toYaml .Values.webhook.extraVolumeMounts | nindent 12 }} - {{- end }} - volumes: - - name: certs - secret: - secretName: {{ include "external-secrets.fullname" . }}-webhook - {{- if .Values.webhook.extraVolumes }} - {{- toYaml .Values.webhook.extraVolumes | nindent 8 }} - {{- end }} - {{- with .Values.webhook.nodeSelector | default .Values.global.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.webhook.affinity | default .Values.global.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.webhook.tolerations | default .Values.global.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.webhook.topologySpreadConstraints | default .Values.global.topologySpreadConstraints }} - topologySpreadConstraints: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- if .Values.webhook.priorityClassName }} - priorityClassName: {{ .Values.webhook.priorityClassName }} - {{- end }} -{{- end }} diff --git a/charts/external-secrets/external-secrets/templates/webhook-poddisruptionbudget.yaml b/charts/external-secrets/external-secrets/templates/webhook-poddisruptionbudget.yaml deleted file mode 100644 index 58345ba..0000000 --- a/charts/external-secrets/external-secrets/templates/webhook-poddisruptionbudget.yaml +++ /dev/null @@ -1,20 +0,0 @@ -{{- if and .Values.webhook.create .Values.webhook.podDisruptionBudget.enabled }} -apiVersion: policy/v1 -kind: PodDisruptionBudget -metadata: - name: {{ include "external-secrets.fullname" . }}-webhook-pdb - namespace: {{ template "external-secrets.namespace" . }} - labels: - {{- include "external-secrets-webhook.labels" . | nindent 4 }} - external-secrets.io/component: webhook -spec: - {{- if .Values.webhook.podDisruptionBudget.minAvailable }} - minAvailable: {{ .Values.webhook.podDisruptionBudget.minAvailable }} - {{- end }} - {{- if .Values.webhook.podDisruptionBudget.maxUnavailable }} - maxUnavailable: {{ .Values.webhook.podDisruptionBudget.maxUnavailable }} - {{- end }} - selector: - matchLabels: - {{- include "external-secrets-webhook.selectorLabels" . | nindent 6 }} -{{- end }} diff --git a/charts/external-secrets/external-secrets/templates/webhook-secret.yaml b/charts/external-secrets/external-secrets/templates/webhook-secret.yaml deleted file mode 100644 index fa7760e..0000000 --- a/charts/external-secrets/external-secrets/templates/webhook-secret.yaml +++ /dev/null @@ -1,14 +0,0 @@ -{{- if and .Values.webhook.create (not .Values.webhook.certManager.enabled) }} -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "external-secrets.fullname" . }}-webhook - namespace: {{ template "external-secrets.namespace" . }} - labels: - {{- include "external-secrets-webhook.labels" . | nindent 4 }} - external-secrets.io/component: webhook - {{- with .Values.webhook.secretAnnotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -{{- end }} diff --git a/charts/external-secrets/external-secrets/templates/webhook-service.yaml b/charts/external-secrets/external-secrets/templates/webhook-service.yaml deleted file mode 100644 index 59dbddc..0000000 --- a/charts/external-secrets/external-secrets/templates/webhook-service.yaml +++ /dev/null @@ -1,37 +0,0 @@ -{{- if .Values.webhook.create }} -apiVersion: v1 -kind: Service -metadata: - name: {{ include "external-secrets.fullname" . }}-webhook - namespace: {{ template "external-secrets.namespace" . }} - labels: - {{- include "external-secrets-webhook.labels" . | nindent 4 }} - external-secrets.io/component: webhook - {{- if .Values.webhook.metrics.service.enabled }} - {{- with .Values.webhook.metrics.service.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} - {{- end }} -spec: - type: ClusterIP - {{- if .Values.service.ipFamilyPolicy }} - ipFamilyPolicy: {{ .Values.service.ipFamilyPolicy }} - {{- end }} - {{- if .Values.service.ipFamilies }} - ipFamilies: {{ .Values.service.ipFamilies | toYaml | nindent 2 }} - {{- end }} - ports: - - port: 443 - targetPort: {{ .Values.webhook.port }} - protocol: TCP - name: webhook - {{- if .Values.webhook.metrics.service.enabled }} - - port: {{ .Values.webhook.metrics.service.port }} - protocol: TCP - targetPort: metrics - name: metrics - {{- end }} - selector: - {{- include "external-secrets-webhook.selectorLabels" . | nindent 4 }} -{{- end }} diff --git a/charts/external-secrets/external-secrets/templates/webhook-serviceaccount.yaml b/charts/external-secrets/external-secrets/templates/webhook-serviceaccount.yaml deleted file mode 100644 index 1936218..0000000 --- a/charts/external-secrets/external-secrets/templates/webhook-serviceaccount.yaml +++ /dev/null @@ -1,16 +0,0 @@ -{{- if and .Values.webhook.create .Values.webhook.serviceAccount.create -}} -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ include "external-secrets-webhook.serviceAccountName" . }} - namespace: {{ template "external-secrets.namespace" . }} - labels: - {{- include "external-secrets-webhook.labels" . | nindent 4 }} - {{- with .Values.webhook.serviceAccount.extraLabels }} - {{- toYaml . | nindent 4 }} - {{- end }} - {{- with .Values.webhook.serviceAccount.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -{{- end }} diff --git a/charts/external-secrets/external-secrets/values.yaml b/charts/external-secrets/external-secrets/values.yaml deleted file mode 100644 index 19525ad..0000000 --- a/charts/external-secrets/external-secrets/values.yaml +++ /dev/null @@ -1,532 +0,0 @@ -global: - nodeSelector: {} - tolerations: [] - topologySpreadConstraints: [] - affinity: {} - compatibility: - openshift: - # -- Manages the securityContext properties to make them compatible with OpenShift. - # Possible values: - # auto - Apply configurations if it is detected that OpenShift is the target platform. - # force - Always apply configurations. - # disabled - No modification applied. - adaptSecurityContext: auto - -replicaCount: 1 - -bitwarden-sdk-server: - enabled: false - -# -- Specifies the amount of historic ReplicaSets k8s should keep (see https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#clean-up-policy) -revisionHistoryLimit: 10 - -image: - repository: ghcr.io/external-secrets/external-secrets - pullPolicy: IfNotPresent - # -- The image tag to use. The default is the chart appVersion. - tag: "" - # -- The flavour of tag you want to use - # There are different image flavours available, like distroless and ubi. - # Please see GitHub release notes for image tags for these flavors. - # By default, the distroless image is used. - flavour: "" - -# -- If set, install and upgrade CRDs through helm chart. -installCRDs: true - -crds: - # -- If true, create CRDs for Cluster External Secret. - createClusterExternalSecret: true - # -- If true, create CRDs for Cluster Secret Store. - createClusterSecretStore: true - # -- If true, create CRDs for Push Secret. - createPushSecret: true - annotations: {} - conversion: - enabled: true - -imagePullSecrets: [] -nameOverride: "" -fullnameOverride: "" -namespaceOverride: "" - -# -- Additional labels added to all helm chart resources. -commonLabels: {} - -# -- If true, external-secrets will perform leader election between instances to ensure no more -# than one instance of external-secrets operates at a time. -leaderElect: false - -# -- If set external secrets will filter matching -# Secret Stores with the appropriate controller values. -controllerClass: "" - -# -- If true external secrets will use recommended kubernetes -# annotations as prometheus metric labels. -extendedMetricLabels: false - -# -- If set external secrets are only reconciled in the -# provided namespace -scopedNamespace: "" - -# -- Must be used with scopedNamespace. If true, create scoped RBAC roles under the scoped namespace -# and implicitly disable cluster stores and cluster external secrets -scopedRBAC: false - -# -- if true, the operator will process cluster external secret. Else, it will ignore them. -processClusterExternalSecret: true - -# -- if true, the operator will process cluster store. Else, it will ignore them. -processClusterStore: true - -# -- if true, the operator will process push secret. Else, it will ignore them. -processPushSecret: true - -# -- Specifies whether an external secret operator deployment be created. -createOperator: true - -# -- Specifies the number of concurrent ExternalSecret Reconciles external-secret executes at -# a time. -concurrent: 1 -# -- Specifices Log Params to the Webhook -log: - level: info - timeEncoding: epoch -service: - # -- Set the ip family policy to configure dual-stack see [Configure dual-stack](https://kubernetes.io/docs/concepts/services-networking/dual-stack/#services) - ipFamilyPolicy: "" - # -- Sets the families that should be supported and the order in which they should be applied to ClusterIP as well. Can be IPv4 and/or IPv6. - ipFamilies: [] - -serviceAccount: - # -- Specifies whether a service account should be created. - create: true - # -- Automounts the service account token in all containers of the pod - automount: true - # -- Annotations to add to the service account. - annotations: {} - # -- Extra Labels to add to the service account. - extraLabels: {} - # -- The name of the service account to use. - # If not set and create is true, a name is generated using the fullname template. - name: "" - -rbac: - # -- Specifies whether role and rolebinding resources should be created. - create: true - - servicebindings: - # -- Specifies whether a clusterrole to give servicebindings read access should be created. - create: true - -## -- Extra environment variables to add to container. -extraEnv: [] - -## -- Map of extra arguments to pass to container. -extraArgs: {} - -## -- Extra volumes to pass to pod. -extraVolumes: [] - -## -- Extra Kubernetes objects to deploy with the helm chart -extraObjects: [] - -## -- Extra volumes to mount to the container. -extraVolumeMounts: [] - -## -- Extra containers to add to the pod. -extraContainers: [] - -# -- Annotations to add to Deployment -deploymentAnnotations: {} - -# -- Annotations to add to Pod -podAnnotations: {} - -podLabels: {} - -podSecurityContext: - enabled: true - # fsGroup: 2000 - -securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - enabled: true - readOnlyRootFilesystem: true - runAsNonRoot: true - runAsUser: 1000 - seccompProfile: - type: RuntimeDefault - -resources: {} - # requests: - # cpu: 10m - # memory: 32Mi - -serviceMonitor: - # -- Specifies whether to create a ServiceMonitor resource for collecting Prometheus metrics - enabled: false - - # -- namespace where you want to install ServiceMonitors - namespace: "" - - # -- Additional labels - additionalLabels: {} - - # -- Interval to scrape metrics - interval: 30s - - # -- Timeout if metrics can't be retrieved in given time interval - scrapeTimeout: 25s - - # -- Let prometheus add an exported_ prefix to conflicting labels - honorLabels: false - - # -- Metric relabel configs to apply to samples before ingestion. [Metric Relabeling](https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs) - metricRelabelings: [] - # - action: replace - # regex: (.*) - # replacement: $1 - # sourceLabels: - # - exported_namespace - # targetLabel: namespace - - # -- Relabel configs to apply to samples before ingestion. [Relabeling](https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config) - relabelings: [] - # - sourceLabels: [__meta_kubernetes_pod_node_name] - # separator: ; - # regex: ^(.*)$ - # targetLabel: nodename - # replacement: $1 - # action: replace - -metrics: - - listen: - port: 8080 - - service: - # -- Enable if you use another monitoring tool than Prometheus to scrape the metrics - enabled: false - - # -- Metrics service port to scrape - port: 8080 - - # -- Additional service annotations - annotations: {} - -nodeSelector: {} - -tolerations: [] - -topologySpreadConstraints: [] - -affinity: {} - -# -- Pod priority class name. -priorityClassName: "" - -# -- Pod disruption budget - for more details see https://kubernetes.io/docs/concepts/workloads/pods/disruptions/ -podDisruptionBudget: - enabled: false - minAvailable: 1 - # maxUnavailable: 1 - -# -- Run the controller on the host network -hostNetwork: false - -webhook: - # -- Specifies whether a webhook deployment be created. - create: true - # -- Specifices the time to check if the cert is valid - certCheckInterval: "5m" - # -- Specifices the lookaheadInterval for certificate validity - lookaheadInterval: "" - replicaCount: 1 - # -- Specifices Log Params to the Webhook - log: - level: info - timeEncoding: epoch - # -- Specifies the amount of historic ReplicaSets k8s should keep (see https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#clean-up-policy) - revisionHistoryLimit: 10 - - certDir: /tmp/certs - # -- Specifies whether validating webhooks should be created with failurePolicy: Fail or Ignore - failurePolicy: Fail - # -- Specifies if webhook pod should use hostNetwork or not. - hostNetwork: false - image: - repository: ghcr.io/external-secrets/external-secrets - pullPolicy: IfNotPresent - # -- The image tag to use. The default is the chart appVersion. - tag: "" - # -- The flavour of tag you want to use - flavour: "" - imagePullSecrets: [] - nameOverride: "" - fullnameOverride: "" - # -- The port the webhook will listen to - port: 10250 - rbac: - # -- Specifies whether role and rolebinding resources should be created. - create: true - serviceAccount: - # -- Specifies whether a service account should be created. - create: true - # -- Automounts the service account token in all containers of the pod - automount: true - # -- Annotations to add to the service account. - annotations: {} - # -- Extra Labels to add to the service account. - extraLabels: {} - # -- The name of the service account to use. - # If not set and create is true, a name is generated using the fullname template. - name: "" - nodeSelector: {} - - certManager: - # -- Enabling cert-manager support will disable the built in secret and - # switch to using cert-manager (installed separately) to automatically issue - # and renew the webhook certificate. This chart does not install - # cert-manager for you, See https://cert-manager.io/docs/ - enabled: false - # -- Automatically add the cert-manager.io/inject-ca-from annotation to the - # webhooks and CRDs. As long as you have the cert-manager CA Injector - # enabled, this will automatically setup your webhook's CA to the one used - # by cert-manager. See https://cert-manager.io/docs/concepts/ca-injector - addInjectorAnnotations: true - cert: - # -- Create a certificate resource within this chart. See - # https://cert-manager.io/docs/usage/certificate/ - create: true - # -- For the Certificate created by this chart, setup the issuer. See - # https://cert-manager.io/docs/reference/api-docs/#cert-manager.io/v1.IssuerSpec - issuerRef: - group: cert-manager.io - kind: "Issuer" - name: "my-issuer" - # -- Set the requested duration (i.e. lifetime) of the Certificate. See - # https://cert-manager.io/docs/reference/api-docs/#cert-manager.io/v1.CertificateSpec - # One year by default. - duration: "8760h" - # -- How long before the currently issued certificate’s expiry - # cert-manager should renew the certificate. See - # https://cert-manager.io/docs/reference/api-docs/#cert-manager.io/v1.CertificateSpec - # Note that renewBefore should be greater than .webhook.lookaheadInterval - # since the webhook will check this far in advance that the certificate is - # valid. - renewBefore: "" - # -- Add extra annotations to the Certificate resource. - annotations: {} - - tolerations: [] - - topologySpreadConstraints: [] - - affinity: {} - - # -- Pod priority class name. - priorityClassName: "" - - # -- Pod disruption budget - for more details see https://kubernetes.io/docs/concepts/workloads/pods/disruptions/ - podDisruptionBudget: - enabled: false - minAvailable: 1 - # maxUnavailable: 1 - - metrics: - - listen: - port: 8080 - - service: - # -- Enable if you use another monitoring tool than Prometheus to scrape the metrics - enabled: false - - # -- Metrics service port to scrape - port: 8080 - - # -- Additional service annotations - annotations: {} - - - readinessProbe: - # -- Address for readiness probe - address: "" - # -- ReadinessProbe port for kubelet - port: 8081 - - - ## -- Extra environment variables to add to container. - extraEnv: [] - - ## -- Map of extra arguments to pass to container. - extraArgs: {} - - ## -- Extra volumes to pass to pod. - extraVolumes: [] - - ## -- Extra volumes to mount to the container. - extraVolumeMounts: [] - - # -- Annotations to add to Secret - secretAnnotations: {} - - # -- Annotations to add to Deployment - deploymentAnnotations: {} - - # -- Annotations to add to Pod - podAnnotations: {} - - podLabels: {} - - podSecurityContext: - enabled: true - # fsGroup: 2000 - - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - enabled: true - readOnlyRootFilesystem: true - runAsNonRoot: true - runAsUser: 1000 - seccompProfile: - type: RuntimeDefault - - resources: {} - # requests: - # cpu: 10m - # memory: 32Mi - -certController: - # -- Specifies whether a certificate controller deployment be created. - create: true - requeueInterval: "5m" - replicaCount: 1 - # -- Specifices Log Params to the Webhook - log: - level: info - timeEncoding: epoch - # -- Specifies the amount of historic ReplicaSets k8s should keep (see https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#clean-up-policy) - revisionHistoryLimit: 10 - - image: - repository: ghcr.io/external-secrets/external-secrets - pullPolicy: IfNotPresent - tag: "" - flavour: "" - imagePullSecrets: [] - nameOverride: "" - fullnameOverride: "" - rbac: - # -- Specifies whether role and rolebinding resources should be created. - create: true - serviceAccount: - # -- Specifies whether a service account should be created. - create: true - # -- Automounts the service account token in all containers of the pod - automount: true - # -- Annotations to add to the service account. - annotations: {} - # -- Extra Labels to add to the service account. - extraLabels: {} - # -- The name of the service account to use. - # If not set and create is true, a name is generated using the fullname template. - name: "" - nodeSelector: {} - - tolerations: [] - - topologySpreadConstraints: [] - - affinity: {} - - # -- Run the certController on the host network - hostNetwork: false - - # -- Pod priority class name. - priorityClassName: "" - - # -- Pod disruption budget - for more details see https://kubernetes.io/docs/concepts/workloads/pods/disruptions/ - podDisruptionBudget: - enabled: false - minAvailable: 1 - # maxUnavailable: 1 - - metrics: - - listen: - port: 8080 - - service: - # -- Enable if you use another monitoring tool than Prometheus to scrape the metrics - enabled: false - - # -- Metrics service port to scrape - port: 8080 - - # -- Additional service annotations - annotations: {} - - readinessProbe: - # -- Address for readiness probe - address: "" - # -- ReadinessProbe port for kubelet - port: 8081 - - ## -- Extra environment variables to add to container. - extraEnv: [] - - ## -- Map of extra arguments to pass to container. - extraArgs: {} - - - ## -- Extra volumes to pass to pod. - extraVolumes: [] - - ## -- Extra volumes to mount to the container. - extraVolumeMounts: [] - - # -- Annotations to add to Deployment - deploymentAnnotations: {} - - # -- Annotations to add to Pod - podAnnotations: {} - - podLabels: {} - - podSecurityContext: - enabled: true - # fsGroup: 2000 - - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - enabled: true - readOnlyRootFilesystem: true - runAsNonRoot: true - runAsUser: 1000 - seccompProfile: - type: RuntimeDefault - - resources: {} - # requests: - # cpu: 10m - # memory: 32Mi - -# -- Specifies `dnsPolicy` to deployment -dnsPolicy: ClusterFirst - -# -- Specifies `dnsOptions` to deployment -dnsConfig: {} - -# -- Any extra pod spec on the deployment -podSpecExtra: {} diff --git a/charts/external-secrets/values.yaml b/charts/external-secrets/values.yaml deleted file mode 100644 index 5b0b68c..0000000 --- a/charts/external-secrets/values.yaml +++ /dev/null @@ -1,5 +0,0 @@ -fullnameOverride: external-secrets -certController: - fullnameOverride: external-secrets -serviceAccount: - create: true \ No newline at end of file diff --git a/charts/fp/Chart.yaml b/charts/fp/Chart.yaml deleted file mode 100644 index 68991b3..0000000 --- a/charts/fp/Chart.yaml +++ /dev/null @@ -1,18 +0,0 @@ -apiVersion: v1 -name: fp -description: The Galaxy's Best VTuber Hentai Site -version: 0.0.54 -keywords: - - fp - - futureporn - - hentai - - porn - - r18 - - projektmelody - - archive - - chaturbate - - fansly - - vod - - nsfw -sources: [] -home: 'https://gitea.futureporn.net/futureporn' diff --git a/charts/fp/README.md b/charts/fp/README.md deleted file mode 100644 index cdbf4eb..0000000 --- a/charts/fp/README.md +++ /dev/null @@ -1,5 +0,0 @@ -# Futureporn helm chart - -This is the chart with templates that define Futureporn kubernetes cluster - -https://helm.sh/docs/topics/charts/ \ No newline at end of file diff --git a/charts/fp/templates-staging/README.md b/charts/fp/templates-staging/README.md deleted file mode 100644 index 77c4fb8..0000000 --- a/charts/fp/templates-staging/README.md +++ /dev/null @@ -1,3 +0,0 @@ -templates that I may or may not use soon. - -(@todo probably delete this entire dir) \ No newline at end of file diff --git a/charts/fp/templates-staging/bot.yaml b/charts/fp/templates-staging/bot.yaml deleted file mode 100644 index b74e2ef..0000000 --- a/charts/fp/templates-staging/bot.yaml +++ /dev/null @@ -1,69 +0,0 @@ ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: bot - namespace: futureporn - labels: - app.kubernetes.io/name: bot -spec: - replicas: {{ .Values.bot.replicas }} - selector: - matchLabels: - app: bot - template: - metadata: - labels: - app: bot - spec: - containers: - - name: bot - image: "{{ .Values.bot.imageName }}" - env: - - name: SCOUT_URL - value: "{{ .Values.scout.url }}" - - name: POSTGREST_URL - value: "{{ .Values.postgrest.url }}" - - name: NODE_ENV - value: production - - name: AUTOMATION_USER_JWT - valueFrom: - secretKeyRef: - name: bot - key: automationUserJwt - - name: DISCORD_TOKEN - valueFrom: - secretKeyRef: - name: bot - key: discordToken - - name: DISCORD_APPLICATION_ID - valueFrom: - secretKeyRef: - name: bot - key: discordApplicationId - - name: DISCORD_CHANNEL_ID - valueFrom: - secretKeyRef: - name: bot - key: discordChannelId - - name: DISCORD_GUILD_ID - valueFrom: - secretKeyRef: - name: bot - key: discordGuildId - - name: WORKER_CONNECTION_STRING - valueFrom: - secretKeyRef: - name: bot - key: workerConnectionString - - name: HTTP_PROXY - valueFrom: - secretKeyRef: - name: capture - key: httpProxy - resources: - limits: - cpu: 150m - memory: 512Mi - restartPolicy: Always - diff --git a/charts/fp/templates-staging/capture.yaml b/charts/fp/templates-staging/capture.yaml deleted file mode 100644 index d8daee3..0000000 --- a/charts/fp/templates-staging/capture.yaml +++ /dev/null @@ -1,108 +0,0 @@ - - ---- -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: capture-worker-cache-pvc - namespace: futureporn -spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: {{ .Values.capture.cache.size }} - storageClassName: {{ .Values.storageClassName }} - - ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: capture-worker - namespace: futureporn - labels: - app.kubernetes.io/name: capture-worker -spec: - replicas: {{ .Values.capture.worker.replicas }} - selector: - matchLabels: - app: capture-worker - template: - metadata: - labels: - app: capture-worker - spec: - # IDK if I need this initContainer. - # initContainers: - # - name: capture-worker-init - # image: busybox:latest - # command: - # - "/bin/mkdir" - # args: - # - "-p" - # - "/var/cache/taco-test" - # - "/tmp/test1" - # - "/test123" - # volumeMounts: - # - name: capture-worker-cache - # mountPath: "{{ .Values.capture.cache.dir }}" - containers: - - name: capture-worker - image: "{{ .Values.capture.imageName }}" - volumeMounts: - - name: capture-worker-cache - mountPath: "{{ .Values.capture.cache.dir }}" - env: - # - name: NODE_DEBUG - # value: "stream.onWriteComplete" - - name: SCOUT_URL - value: "{{ .Values.scout.url }}" - - name: FUNCTION - value: worker - - name: WORKER_CONCURRENCY - value: "1" - - name: WORKER_CONNECTION_STRING - valueFrom: - secretKeyRef: - name: capture - key: workerConnectionString - - name: AUTOMATION_USER_JWT - valueFrom: - secretKeyRef: - name: postgrest - key: automationUserJwt - - name: HTTP_PROXY - valueFrom: - secretKeyRef: - name: capture - key: httpProxy - - name: POSTGREST_URL - value: "{{ .Values.postgrest.url }}" - - name: CACHE_DIR - value: "{{ .Values.capture.cache.dir }}" - - name: S3_ENDPOINT - value: "{{ .Values.s3.endpoint }}" - - name: S3_REGION - value: "{{ .Values.s3.region }}" - - name: S3_USC_BUCKET - value: "{{ .Values.s3.buckets.usc }}" - - name: S3_ACCESS_KEY_ID - valueFrom: - secretKeyRef: - name: capture - key: s3AccessKeyId - - name: S3_SECRET_ACCESS_KEY - valueFrom: - secretKeyRef: - name: capture - key: s3SecretAccessKey - resources: - limits: - cpu: 250m - memory: 1024Mi - restartPolicy: Always - volumes: - - name: capture-worker-cache - persistentVolumeClaim: - claimName: capture-worker-cache-pvc \ No newline at end of file diff --git a/charts/fp/templates-staging/chihaya.yaml b/charts/fp/templates-staging/chihaya.yaml deleted file mode 100644 index 0d8ab54..0000000 --- a/charts/fp/templates-staging/chihaya.yaml +++ /dev/null @@ -1,39 +0,0 @@ - -# --- -# apiVersion: v1 -# kind: Service -# metadata: -# name: chihaya -# namespace: futureporn -# annotations: -# external-dns.alpha.kubernetes.io/hostname: "{{ .Values.chihaya.hostname }}" -# spec: -# type: LoadBalancer -# selector: -# app: chihaya -# ports: -# - name: http -# port: 80 -# targetPort: 80 - -# --- -# apiVersion: apps/v1 -# kind: Deployment -# metadata: -# name: chihaya -# spec: -# replicas: 1 -# selector: -# matchLabels: -# app: chihaya -# template: -# metadata: -# labels: -# app: chihaya -# spec: -# containers: -# - name: chihaya -# image: "quay.io/jzelinskie/chihaya-git:latest" -# ports: -# - containerPort: 80 - diff --git a/charts/fp/templates-staging/factory.yaml b/charts/fp/templates-staging/factory.yaml deleted file mode 100644 index 5b8d6f2..0000000 --- a/charts/fp/templates-staging/factory.yaml +++ /dev/null @@ -1,87 +0,0 @@ - ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: factory - namespace: futureporn - labels: - app.kubernetes.io/name: factory -spec: - replicas: {{ .Values.factory.replicas }} - selector: - matchLabels: - app: factory - template: - metadata: - labels: - app: factory - spec: - containers: - - name: factory - image: "{{ .Values.factory.imageName }}" - volumeMounts: - - name: capture-worker-cache - mountPath: "{{ .Values.capture.cache.dir }}" - env: - - name: WORKER_CONNECTION_STRING - valueFrom: - secretKeyRef: - name: postgrest - key: dbUri - - name: AUTOMATION_USER_JWT - valueFrom: - secretKeyRef: - name: postgrest - key: automationUserJwt - - name: PATREON_CREATOR_ACCESS_TOKEN - valueFrom: - secretKeyRef: - name: patreon - key: creatorAccessToken - - name: PATREON_CREATOR_REFRESH_TOKEN - valueFrom: - secretKeyRef: - name: patreon - key: creatorRefreshToken - - name: SUPERTOKENS_URL - value: {{ printf "https://%s" .Values.supertokens.hostname | quote }} - - name: POSTGREST_URL - value: {{ printf "https://%s" .Values.postgrest.hostname | quote }} - - name: SCOUT_URL - value: "{{ .Values.scout.url }}" - - name: CACHE_DIR - value: "{{ .Values.capture.cache.dir }}" - - name: S3_ENDPOINT - value: "{{ .Values.s3.endpoint }}" - - name: S3_REGION - value: "{{ .Values.s3.region }}" - - name: S3_MAIN_BUCKET - value: "{{ .Values.s3.buckets.main }}" - - name: S3_USC_BUCKET - value: "{{ .Values.s3.buckets.usc }}" - - name: S3_ACCESS_KEY_ID - valueFrom: - secretKeyRef: - name: capture - key: s3AccessKeyId - - name: S3_SECRET_ACCESS_KEY - valueFrom: - secretKeyRef: - name: capture - key: s3SecretAccessKey - - name: SUPERTOKENS_API_KEY - valueFrom: - secretKeyRef: - name: supertokens - key: apiKey - resources: - limits: - cpu: 250m - memory: 1Gi - restartPolicy: Always - - volumes: - - name: capture-worker-cache - persistentVolumeClaim: - claimName: capture-worker-cache-pvc \ No newline at end of file diff --git a/charts/fp/templates-staging/mailbox.yaml b/charts/fp/templates-staging/mailbox.yaml deleted file mode 100644 index 58f5841..0000000 --- a/charts/fp/templates-staging/mailbox.yaml +++ /dev/null @@ -1,59 +0,0 @@ -apiVersion: apps/v1 -kind: ReplicaSet -metadata: - name: mailbox - namespace: futureporn - labels: - app: mailbox -spec: - replicas: {{ .Values.mailbox.replicas }} - selector: - matchLabels: - app: mailbox - template: - metadata: - labels: - app: mailbox - spec: - containers: - - name: mailbox - image: "{{ .Values.mailbox.imageName }}" - imagePullPolicy: Always - ports: - - containerPort: 5000 - env: - - name: DATABASE_URL - valueFrom: - secretKeyRef: - name: mailbox - key: databaseUrl - - name: PORT - value: "{{ .Values.mailbox.port }}" - - name: IMAP_SERVER - valueFrom: - secretKeyRef: - name: mailbox - key: imapServer - - name: IMAP_PORT - valueFrom: - secretKeyRef: - name: mailbox - key: imapPort - - name: IMAP_USERNAME - valueFrom: - secretKeyRef: - name: mailbox - key: imapUsername - - name: IMAP_PASSWORD - valueFrom: - secretKeyRef: - name: mailbox - key: imapPassword - resources: - limits: - cpu: "500m" - memory: "512Mi" - requests: - cpu: "250m" - memory: "256Mi" - diff --git a/charts/fp/templates-staging/migrations-data.yaml b/charts/fp/templates-staging/migrations-data.yaml deleted file mode 100644 index 9cd4a9e..0000000 --- a/charts/fp/templates-staging/migrations-data.yaml +++ /dev/null @@ -1,21 +0,0 @@ - ---- -apiVersion: v1 -kind: Pod -metadata: - name: migrations-data - namespace: futureporn - labels: - app.kubernetes.io/name: migrations-data -spec: - containers: - - name: migrations-data - image: "{{ .Values.migrations.data.imageName }}" - resources: {} - env: - - name: DATABASE_PASSWORD - valueFrom: - secretKeyRef: - name: postgresql - key: password - restartPolicy: Never diff --git a/charts/fp/templates-staging/migrations-schema.yaml b/charts/fp/templates-staging/migrations-schema.yaml deleted file mode 100644 index 99f78e4..0000000 --- a/charts/fp/templates-staging/migrations-schema.yaml +++ /dev/null @@ -1,21 +0,0 @@ - ---- -apiVersion: v1 -kind: Pod -metadata: - name: migrations-schema - namespace: futureporn - labels: - app.kubernetes.io/name: migrations-schema -spec: - containers: - - name: migrations-schema - image: "{{ .Values.migrations.schema.imageName }}" - resources: {} - env: - - name: DATABASE_PASSWORD - valueFrom: - secretKeyRef: - name: postgresql - key: password - restartPolicy: Never diff --git a/charts/fp/templates-staging/next.yaml b/charts/fp/templates-staging/next.yaml deleted file mode 100644 index 78df14b..0000000 --- a/charts/fp/templates-staging/next.yaml +++ /dev/null @@ -1,84 +0,0 @@ - - ---- -apiVersion: v1 -kind: Pod -metadata: - name: next - namespace: futureporn - labels: - app.kubernetes.io/name: next -spec: - containers: - - name: next - image: "{{ .Values.next.imageName }}" - env: - - name: HOSTNAME - value: 0.0.0.0 - - name: NEXT_PUBLIC_UPPY_COMPANION_URL - value: "{{ .Values.uppy.url }}" - - name: NEXT_PUBLIC_POSTGREST_URL - value: {{ printf "https://%s" .Values.postgrest.hostname | quote }} - - name: NEXT_PUBLIC_URL - value: {{ printf "https://%s" .Values.next.hostname | quote }} - - name: NEXT_PUBLIC_API_DOMAIN - value: {{ .Values.next.hostname | quote }} - - name: NEXTAUTH_URL - value: {{ printf "https://%s" .Values.next.hostname | quote }} - - name: NEXTAUTH_URL_INTERNAL - value: http://next.futureporn.svc.cluster.local - - name: NEXTAUTH_SECRET - valueFrom: - secretKeyRef: - name: next - key: nextAuthSecret - - name: PATREON_CLIENT_ID - valueFrom: - secretKeyRef: - name: patreon - key: clientId - - name: PATREON_CLIENT_SECRET - valueFrom: - secretKeyRef: - name: patreon - key: clientSecret - ports: - - name: web - containerPort: 3000 - resources: {} - restartPolicy: OnFailure - - ---- -apiVersion: v1 -kind: Service -metadata: - name: next - namespace: futureporn - annotations: - external-dns.alpha.kubernetes.io/hostname: "{{ .Values.next.hostname }}" -spec: - type: LoadBalancer - selector: - app.kubernetes.io/name: next - ports: - - name: web - port: 3000 - targetPort: web - protocol: TCP - - ---- -apiVersion: cert-manager.io/v1 -kind: Certificate -metadata: - name: next - namespace: futureporn -spec: - secretName: next-tls - issuerRef: - name: "{{ .Values.certManager.issuer }}" - kind: ClusterIssuer - dnsNames: - - "{{ .Values.next.hostname }}" - diff --git a/charts/fp/templates-staging/postgres.yaml b/charts/fp/templates-staging/postgres.yaml deleted file mode 100644 index 1cd2082..0000000 --- a/charts/fp/templates-staging/postgres.yaml +++ /dev/null @@ -1,71 +0,0 @@ -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - namespace: futureporn - name: postgres -annotations: - tilt.dev/down-policy: keep -spec: - accessModes: - - ReadWriteOnce - persistentVolumeReclaimPolicy: Retain - resources: - requests: - storage: 40Gi - # we leave storageClassName blank so the default provisioner gets used - storageClassName: - - ---- -apiVersion: v1 -kind: Service -metadata: - namespace: futureporn - name: postgres -annotations: - tilt.dev/down-policy: keep -spec: - selector: - app.kubernetes.io/name: postgres - ports: - - name: db - protocol: TCP - port: 5432 - targetPort: 5432 -status: - loadBalancer: {} - ---- -apiVersion: v1 -kind: Pod -metadata: - namespace: futureporn - name: postgres - labels: - app.kubernetes.io/name: postgres -annotations: - tilt.dev/down-policy: keep -spec: - containers: - - name: postgres - image: postgres:16.0 - env: - - name: POSTGRES_PASSWORD - valueFrom: - secretKeyRef: - name: postgres - key: password - ports: - - containerPort: 5432 - resources: - limits: - cpu: 500m - memory: 1Gi - volumeMounts: - - name: postgres - mountPath: /data/postgres - restartPolicy: OnFailure - volumes: - - name: postgres - persistentVolumeClaim: - claimName: postgres \ No newline at end of file diff --git a/charts/fp/templates-staging/postgresql.yaml b/charts/fp/templates-staging/postgresql.yaml deleted file mode 100644 index 55e185a..0000000 --- a/charts/fp/templates-staging/postgresql.yaml +++ /dev/null @@ -1,53 +0,0 @@ - - - ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: postgresql - namespace: futureporn - labels: - app: postgresql -spec: - replicas: {{ .Values.postgresql.replicas }} - selector: - matchLabels: - app: postgresql - template: - metadata: - labels: - app: postgresql - spec: - containers: - - name: postgresql - image: "{{ .Values.postgresql.image }}" - ports: - - name: http - containerPort: {{ .Values.postgresql.port }} - env: - - name: POSTGRES_PASSWORD - valueFrom: - secretKeyRef: - name: postgresql - key: password - - name: POSTGRES_USER - value: futureporn - ---- -apiVersion: v1 -kind: Service -metadata: - name: postgresql - namespace: futureporn - annotations: - external-dns.alpha.kubernetes.io/hostname: "{{ .Values.postgresql.hostname }}" -spec: - type: LoadBalancer - selector: - app.kubernetes.io/name: postgresql - ports: - - name: http - port: {{ .Values.postgresql.port }} - targetPort: http - protocol: TCP diff --git a/charts/fp/templates-staging/postgrest.yaml b/charts/fp/templates-staging/postgrest.yaml deleted file mode 100644 index 60c71f4..0000000 --- a/charts/fp/templates-staging/postgrest.yaml +++ /dev/null @@ -1,81 +0,0 @@ - ---- -apiVersion: gateway.networking.k8s.io/v1 -kind: HTTPRoute -metadata: - name: postgrest-httproute - namespace: futureporn -spec: - parentRefs: - - name: example-gateway - hostnames: - - "{{ .Values.postgrest.hostname }}" - rules: - - matches: - - path: - type: PathPrefix - value: / - backendRefs: - - name: postgrest - port: {{ .Values.postgrest.port }} - - ---- -apiVersion: v1 -kind: Service -metadata: - name: postgrest - namespace: futureporn - annotations: - external-dns.alpha.kubernetes.io/hostname: "{{ .Values.postgrest.hostname }}" -spec: - type: LoadBalancer - selector: - app: postgrest - ports: - - name: http - port: {{ .Values.postgrest.port }} - targetPort: {{ .Values.postgrest.port }} - - ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: postgrest - namespace: futureporn - labels: - app: postgrest -spec: - replicas: {{ .Values.postgrest.replicas }} - selector: - matchLabels: - app: postgrest - template: - metadata: - labels: - app: postgrest - spec: - containers: - - name: postgrest - image: "{{ .Values.postgrest.image }}" - ports: - - name: http - containerPort: {{ .Values.postgrest.port }} - env: - - name: PGRST_DB_ANON_ROLE - value: web_anon - - name: PGRST_SERVER_PORT - value: "{{ .Values.postgrest.port }}" - - name: PGRST_DB_SCHEMAS - value: "{{ .Values.postgrest.schemas }}" - - name: PGRST_DB_URI - valueFrom: - secretKeyRef: - name: postgrest - key: dbUri - - name: PGRST_JWT_SECRET - valueFrom: - secretKeyRef: - name: postgrest - key: jwtSecret \ No newline at end of file diff --git a/charts/fp/templates-staging/redis.yaml b/charts/fp/templates-staging/redis.yaml deleted file mode 100644 index 7436057..0000000 --- a/charts/fp/templates-staging/redis.yaml +++ /dev/null @@ -1,48 +0,0 @@ ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: redis - namespace: futureporn - labels: - app.kubernetes.io/name: redis - app: redis -spec: - replicas: {{ .Values.redis.replicas }} - selector: - matchLabels: - app: redis - template: - metadata: - labels: - app: redis - spec: - containers: - - name: redis - image: "{{ .Values.redis.image }}" - ports: - - name: web - containerPort: 6379 - resources: - limits: - cpu: 150m - memory: 128Mi - restartPolicy: Always - - ---- -apiVersion: v1 -kind: Service -metadata: - name: redis - namespace: futureporn -spec: - type: ClusterIP - selector: - app.kubernetes.io/name: redis - ports: - - name: web - port: 6379 - targetPort: web - protocol: TCP - diff --git a/charts/fp/templates-staging/scout.yaml b/charts/fp/templates-staging/scout.yaml deleted file mode 100644 index 33dd94f..0000000 --- a/charts/fp/templates-staging/scout.yaml +++ /dev/null @@ -1,67 +0,0 @@ ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: scout - namespace: futureporn - labels: - app.kubernetes.io/name: scout -spec: - replicas: {{ .Values.scout.replicas }} - selector: - matchLabels: - app: scout - template: - metadata: - labels: - app: scout - spec: - containers: - - name: scout - image: "{{ .Values.scout.imageName }}" - ports: - - name: http - containerPort: {{ .Values.scout.port }} - env: - - name: POSTGREST_URL - value: "{{ .Values.postgrest.url }}" - - name: NODE_ENV - value: production - - name: AUTOMATION_USER_JWT - valueFrom: - secretKeyRef: - name: bot - key: automationUserJwt - - name: WORKER_CONNECTION_STRING - valueFrom: - secretKeyRef: - name: bot - key: workerConnectionString - - name: HTTP_PROXY - valueFrom: - secretKeyRef: - name: capture - key: httpProxy - - name: PORT - value: "{{ .Values.scout.port }}" - resources: - limits: - cpu: 150m - memory: 1024Mi - restartPolicy: Always - - ---- -apiVersion: v1 -kind: Service -metadata: - name: scout - namespace: futureporn -spec: - type: ClusterIP - selector: - app: scout - ports: - - name: http - port: {{ .Values.scout.port }} - targetPort: http diff --git a/charts/fp/templates-staging/supertokens.yaml b/charts/fp/templates-staging/supertokens.yaml deleted file mode 100644 index 1d44a12..0000000 --- a/charts/fp/templates-staging/supertokens.yaml +++ /dev/null @@ -1,141 +0,0 @@ - -# --- -# apiVersion: traefik.io/v1alpha1 -# kind: IngressRoute -# metadata: -# name: supertokens-http -# namespace: futureporn -# spec: -# entryPoints: -# - web -# routes: -# - match: Host(`auth.fp.sbtp.xyz`) -# kind: Rule -# middlewares: -# - name: redirect -# namespace: futureporn -# services: -# - name: supertokens -# port: 3567 - -# --- -# apiVersion: traefik.io/v1alpha1 -# kind: IngressRoute -# metadata: -# name: supertokens-https -# namespace: futureporn -# annotations: -# cert-manager.io/cluster-issuer: "{{ .Values.certManager.issuer }}" -# spec: -# entryPoints: -# - websecure -# routes: -# - match: Host(`auth.fp.sbtp.xyz`) -# kind: Rule -# services: -# - name: supertokens -# namespace: futureporn -# port: 3567 -# tls: -# secretName: supertokens-tls - -# --- -# apiVersion: batch/v1 -# kind: Job -# metadata: -# name: supertokens-database-seed -# namespace: futureporn -# spec: -# template: -# spec: -# containers: -# - name: supertokens-database-seed -# image: postgres:latest -# imagePullPolicy: IfNotPresent -# env: -# - name: DB_DATABASE -# value: postgres - -# # valueFrom: -# # secretKeyRef: -# # name: supertokens -# # key: postgresqlUri -# command: -# - /bin/sh -# - -c -# - psql -a -f CREATE DATABASE supertokens; -# restartPolicy: OnFailure - ---- -apiVersion: v1 -kind: Service -metadata: - name: supertokens - namespace: futureporn - annotations: - external-dns.alpha.kubernetes.io/hostname: "{{ .Values.supertokens.hostname }}" -spec: - type: LoadBalancer - selector: - app: supertokens - ports: - - name: http - port: {{ .Values.supertokens.port }} - targetPort: {{ .Values.supertokens.port }} - ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: supertokens - namespace: futureporn -spec: - replicas: {{ .Values.supertokens.replicas }} - selector: - matchLabels: - app: supertokens - template: - metadata: - labels: - app: supertokens - spec: - containers: - - name: supertokens - image: registry.supertokens.io/supertokens/supertokens-postgresql - ports: - - name: http - containerPort: {{ .Values.supertokens.port }} - # livenessProbe: - # httpGet: - # path: /hello - # port: http - # failureThreshold: 3 - # initialDelaySeconds: 10 - # periodSeconds: 10 - # readinessProbe: - # httpGet: - # path: /hello - # port: http - # failureThreshold: 3 - # initialDelaySeconds: 10 - # periodSeconds: 10 - # timeoutSeconds: 30 - env: - ## @see https://github.com/supertokens/supertokens-docker-postgresql/blob/master/README.md - - name: DISABLE_TELEMETRY - value: "true" - - name: SUPERTOKENS_PORT - value: "{{ .Values.supertokens.port }}" - - name: SUPERTOKENS_URL - value: {{ printf "https://%s" .Values.supertokens.hostname | quote }} - - name: POSTGRESQL_CONNECTION_URI - valueFrom: - secretKeyRef: - name: supertokens - key: postgresqlUri - - name: API_KEYS - valueFrom: - secretKeyRef: - name: supertokens - key: apiKeys - diff --git a/charts/fp/templates-staging/trigger.yaml b/charts/fp/templates-staging/trigger.yaml deleted file mode 100644 index fada408..0000000 --- a/charts/fp/templates-staging/trigger.yaml +++ /dev/null @@ -1,110 +0,0 @@ - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: trigger - namespace: futureporn -spec: - replicas: {{ .Values.trigger.worker.replicas }} - minReadySeconds: 5 - strategy: - type: RollingUpdate - rollingUpdate: - maxSurge: {{ .Values.trigger.worker.replicas }} - maxUnavailable: 1 - selector: - matchLabels: - app: trigger - template: - metadata: - labels: - app: trigger - spec: - containers: - - name: trigger - image: {{ .Values.trigger.imageName }} - ## We override the entrypoint in order to apply a database schema workaround. - ## The problem is that trigger.dev uses the public postgres schema, which is a postgres default. - ## We don't want trigger.dev to use this default because there might be multiple system components using that default. - ## In order to avoid accidental data loss when two components are writing data there, we want trigger to use a non-public schema. - ## @see https://github.com/triggerdotdev/trigger.dev/issues/1026 - command: - - sh - - -c - # - echo fuck @ fuck @ fuck @ fuck @ fuck @ fuck @ fuck @ fuck @ fuck @ fuck @ fuck @ fuck @ fuck @ fuck @ fuck @ fuck @ fuck @ fuck @ fuck @ fuck @ fuck @ fuck @ fuck @ - - sed -i s/public/triggerdotdev/ ./packages/database/prisma/migrations/20240130165343_add_composite_index_to_job_run_for_job_id_and_created_at/migration.sql && ./scripts/entrypoint.sh - imagePullPolicy: IfNotPresent - resources: - limits: - memory: 150Mi - requests: - memory: 100Mi - env: - - name: TRIGGER_TELEMETRY_DISABLED - value: "1" - - name: REDIS_PORT - value: "6379" - - name: REDIS_HOST - value: redis-master.futureporn.svc.cluster.local - - name: DATABASE_URL - valueFrom: - secretKeyRef: - name: trigger - key: databaseUrl - - name: DIRECT_URL - valueFrom: - secretKeyRef: - name: trigger - key: databaseUrl - - name: MAGIC_LINK_SECRET - valueFrom: - secretKeyRef: - name: trigger - key: magicLinkSecret - - name: SESSION_SECRET - valueFrom: - secretKeyRef: - name: trigger - key: sessionSecret - - name: ENCRYPTION_KEY - valueFrom: - secretKeyRef: - name: trigger - key: encryptionKey - - name: PROVIDER_SECRET - valueFrom: - secretKeyRef: - name: trigger - key: providerSecret - - name: COORDINATOR_SECRET - valueFrom: - secretKeyRef: - name: trigger - key: coordinatorSecret - ports: - - containerPort: 3030 - volumeMounts: - - name: trigger-data - mountPath: /mnt/trigger-data - volumes: - - name: trigger-data - emptyDir: {} - - ---- -apiVersion: v1 -kind: Service -metadata: - name: trigger - namespace: futureporn - annotations: - external-dns.alpha.kubernetes.io/hostname: "{{ .Values.trigger.hostname }}" -spec: - type: LoadBalancer - ports: - - port: 3030 - targetPort: 3030 - protocol: TCP - selector: - app: trigger - diff --git a/charts/fp/templates/.gitignore b/charts/fp/templates/.gitignore deleted file mode 100644 index df2b9aa..0000000 --- a/charts/fp/templates/.gitignore +++ /dev/null @@ -1 +0,0 @@ -strapi-app.yaml \ No newline at end of file diff --git a/charts/fp/templates/bright.yaml b/charts/fp/templates/bright.yaml deleted file mode 100644 index a90fde7..0000000 --- a/charts/fp/templates/bright.yaml +++ /dev/null @@ -1,87 +0,0 @@ - - ---- -apiVersion: v1 -kind: Pod -metadata: - name: bright - namespace: futureporn - labels: - app.kubernetes.io/name: bright -spec: - containers: - - name: bright - image: {{ .Values.bright.imageName | quote }} - env: - - name: DATABASE_URL - valueFrom: - secretKeyRef: - name: bright - key: databaseUrl - - name: SECRET_KEY_BASE - valueFrom: - secretKeyRef: - name: bright - key: secretKeyBase - - name: DATABASE_HOST - value: postgresql-primary.futureporn.svc.cluster.local - - name: PORT - value: {{ .Values.bright.port | quote }} - - name: SUPERSTREAMER_URL - value: {{ .Values.superstreamer.api.localUrl | quote }} - - name: PUBLIC_S3_ENDPOINT - value: {{ .Values.bright.s3.endpoint | quote }} - - name: SUPERSTREAMER_AUTH_TOKEN - valueFrom: - secretKeyRef: - name: superstreamer - key: authToken - - name: DATABASE_PASSWORD - valueFrom: - secretKeyRef: - name: postgresql - key: password - - name: DATABASE - value: bright - - name: MIX_ENV - value: dev - ports: - - name: web - containerPort: {{ .Values.bright.port }} - resources: {} - restartPolicy: OnFailure - - ---- -apiVersion: v1 -kind: Service -metadata: - name: bright - namespace: futureporn - annotations: - external-dns.alpha.kubernetes.io/hostname: "{{ .Values.bright.hostname }}" -spec: - type: LoadBalancer - selector: - app.kubernetes.io/name: bright - ports: - - name: web - port: {{ .Values.bright.port }} - targetPort: web - protocol: TCP - - ---- -apiVersion: cert-manager.io/v1 -kind: Certificate -metadata: - name: bright - namespace: futureporn -spec: - secretName: bright-tls - issuerRef: - name: "{{ .Values.certManager.issuer }}" - kind: ClusterIssuer - dnsNames: - - "{{ .Values.bright.hostname }}" - diff --git a/charts/fp/templates/cert-manager.yaml b/charts/fp/templates/cert-manager.yaml deleted file mode 100644 index c3bc9b4..0000000 --- a/charts/fp/templates/cert-manager.yaml +++ /dev/null @@ -1,101 +0,0 @@ -## roles to deal with the following error -## exoscale.acme.exoscale.com is forbidden: User "system:serviceaccount:cert-manager:cert-manager" cannot create resource "exoscale" -## cannot create resource "exoscale" in API group "acme.exoscale.com" at the cluster scope - -# I don't think I need the following commented yaml. I think the problem I was seeing was actually caused by the lack of cert-manager-webhook-exoscale - -# --- -# apiVersion: rbac.authorization.k8s.io/v1 -# kind: ClusterRole -# metadata: -# name: cert-manager-webhook-exoscale -# namespace: cert-manager -# labels: -# app: webhook -# rules: -# - apiGroups: -# - acme.exoscale.com -# resources: -# - '*' -# verbs: -# - 'create' - -# --- -# apiVersion: rbac.authorization.k8s.io/v1 -# kind: ClusterRoleBinding -# metadata: -# name: cert-manager-webhook-exoscale -# namespace: cert-manager -# labels: -# app: webhook -# roleRef: -# apiGroup: rbac.authorization.k8s.io -# kind: ClusterRole -# name: cert-manager-webhook-exoscale -# subjects: -# - apiGroup: "" -# kind: ServiceAccount -# name: cert-manager -# namespace: cert-manager - - -## Role & RoleBinding to give cert-manager access to the exoscale secret - ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: cert-manager-webhook-exoscale:secret-reader - namespace: cert-manager -rules: -- apiGroups: [""] - resources: ["secrets"] - resourceNames: ["exoscale"] - verbs: ["get", "watch"] - ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: cert-manager-webhook-exoscale:secret-reader - namespace: cert-manager -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: cert-manager-webhook-exoscale:secret-reader -subjects: - - apiGroup: "" - kind: ServiceAccount - name: cert-manager-webhook-exoscale - ---- -{{ if eq .Values.environment "development" }} -apiVersion: cert-manager.io/v1 -kind: ClusterIssuer -metadata: - name: letsencrypt-staging -spec: - acme: - # You must replace this email address with your own. - # Let's Encrypt will use this to contact you about expiring - # certificates, and issues related to your account. - email: {{ .Values.adminEmail }} - server: https://acme-staging-v02.api.letsencrypt.org/directory - privateKeySecretRef: - # Secret resource that will be used to store the account's private key. - name: letsencrypt-staging - solvers: - - dns01: - webhook: - groupName: acme.exoscale.com - solverName: exoscale - config: - apiKeyRef: - name: exoscale - key: apiKey - apiSecretRef: - name: exoscale - key: apiSecret -{{ end }} - -## in staging and production, ClusterIssuer is created by Flux2/Kustomize. (not Helm) \ No newline at end of file diff --git a/charts/fp/templates/chisel.yaml b/charts/fp/templates/chisel.yaml deleted file mode 100644 index e6b3a13..0000000 --- a/charts/fp/templates/chisel.yaml +++ /dev/null @@ -1,14 +0,0 @@ -{{ if ne .Values.environment "production" }} - ---- -apiVersion: chisel-operator.io/v1 -kind: ExitNode -metadata: - name: vault-exit-node - namespace: futureporn -spec: - host: {{ quote .Values.chisel.exitNode.host }} - port: 9090 - auth: chisel - -{{ end }} \ No newline at end of file diff --git a/charts/fp/templates/exoscale-webhook.yaml b/charts/fp/templates/exoscale-webhook.yaml deleted file mode 100644 index a02807f..0000000 --- a/charts/fp/templates/exoscale-webhook.yaml +++ /dev/null @@ -1,321 +0,0 @@ -## copied from https://github.com/exoscale/cert-manager-webhook-exoscale - ---- -# Source: exoscale-webhook/templates/rbac.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: cert-manager-webhook-exoscale - namespace: "cert-manager" - labels: - app: exoscale-webhook - chart: exoscale-webhook-0.3.0 - release: exoscale-webhook - heritage: Helm ---- -# Source: exoscale-webhook/templates/rbac.yaml -# Grant cert-manager permission to validate using our apiserver -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: cert-manager-webhook-exoscale:domain-solver - labels: - app: exoscale-webhook - chart: exoscale-webhook-0.3.0 - release: exoscale-webhook - heritage: Helm -rules: - - apiGroups: - - acme.exoscale.com - resources: - - '*' - verbs: - - 'create' ---- -# Source: exoscale-webhook/templates/rbac.yaml -# apiserver gets the auth-delegator role to delegate auth decisions to -# the core apiserver -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: cert-manager-webhook-exoscale:auth-delegator - labels: - app: exoscale-webhook - chart: exoscale-webhook-0.3.0 - release: exoscale-webhook - heritage: Helm -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: system:auth-delegator -subjects: - - apiGroup: "" - kind: ServiceAccount - name: cert-manager-webhook-exoscale - namespace: cert-manager ---- -# Source: exoscale-webhook/templates/rbac.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: cert-manager-webhook-exoscale:domain-solver - labels: - app: exoscale-webhook - chart: exoscale-webhook-0.3.0 - release: exoscale-webhook - heritage: Helm -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: cert-manager-webhook-exoscale:domain-solver -subjects: - - apiGroup: "" - kind: ServiceAccount - name: cert-manager - namespace: cert-manager ---- -# Source: exoscale-webhook/templates/rbac.yaml -# Grant the webhook permission to read the secrets containing the credentials -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: cert-manager-webhook-exoscale:secrets-reader - namespace: cert-manager - labels: - app: exoscale-webhook - chart: exoscale-webhook-0.3.0 - release: exoscale-webhook - heritage: Helm -rules: - - apiGroups: - - '' - resources: - - 'secrets' - verbs: - - 'get' ---- -# Source: exoscale-webhook/templates/rbac.yaml -# Grant the webhook permission to read the ConfigMap containing the Kubernetes -# apiserver's requestheader-ca-certificate. -# This ConfigMap is automatically created by the Kubernetes apiserver. -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: cert-manager-webhook-exoscale:webhook-authentication-reader - namespace: kube-system - labels: - app: exoscale-webhook - chart: exoscale-webhook-0.3.0 - release: exoscale-webhook - heritage: Helm -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: extension-apiserver-authentication-reader -subjects: - - apiGroup: "" - kind: ServiceAccount - name: cert-manager-webhook-exoscale - namespace: cert-manager ---- -# Source: exoscale-webhook/templates/rbac.yaml -# Grant the webhook permission to read the secrets containing the credentials -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: cert-manager-webhook-exoscale:secrets-reader - namespace: cert-manager - labels: - app: exoscale-webhook - chart: exoscale-webhook-0.3.0 - release: exoscale-webhook - heritage: Helm -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: cert-manager-webhook-exoscale:secrets-reader -subjects: - - apiGroup: "" - kind: ServiceAccount - name: cert-manager-webhook-exoscale - namespace: cert-manager ---- -# Source: exoscale-webhook/templates/service.yaml -apiVersion: v1 -kind: Service -metadata: - name: cert-manager-webhook-exoscale - namespace: "cert-manager" - labels: - app: exoscale-webhook - chart: exoscale-webhook-0.3.0 - release: exoscale-webhook - heritage: Helm -spec: - type: ClusterIP - ports: - - port: 443 - targetPort: https - protocol: TCP - name: https - selector: - app: exoscale-webhook - release: exoscale-webhook ---- -# Source: exoscale-webhook/templates/deployment.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - name: cert-manager-webhook-exoscale - namespace: "cert-manager" - labels: - app: exoscale-webhook - chart: exoscale-webhook-0.3.0 - release: exoscale-webhook - heritage: Helm -spec: - replicas: - selector: - matchLabels: - app: exoscale-webhook - release: exoscale-webhook - template: - metadata: - labels: - app: exoscale-webhook - release: exoscale-webhook - spec: - serviceAccountName: cert-manager-webhook-exoscale - containers: - - name: exoscale-webhook - image: "exoscale/cert-manager-webhook-exoscale:latest" - imagePullPolicy: IfNotPresent - args: - - --tls-cert-file=/tls/tls.crt - - --tls-private-key-file=/tls/tls.key - env: - - name: GROUP_NAME - value: "acme.exoscale.com" - - name: EXOSCALE_DEBUG - value: "" - - name: EXOSCALE_API_TRACE - value: "" - ports: - - name: https - containerPort: 443 - protocol: TCP - livenessProbe: - httpGet: - scheme: HTTPS - path: /healthz - port: https - readinessProbe: - httpGet: - scheme: HTTPS - path: /healthz - port: https - volumeMounts: - - name: certs - mountPath: /tls - readOnly: true - resources: - {} - volumes: - - name: certs - secret: - secretName: cert-manager-webhook-exoscale-webhook-tls ---- -# Source: exoscale-webhook/templates/apiservice.yaml -apiVersion: apiregistration.k8s.io/v1 -kind: APIService -metadata: - name: v1alpha1.acme.exoscale.com - labels: - app: exoscale-webhook - chart: exoscale-webhook-0.3.0 - release: exoscale-webhook - heritage: Helm - annotations: - cert-manager.io/inject-ca-from: "cert-manager/cert-manager-webhook-exoscale-webhook-tls" -spec: - group: acme.exoscale.com - groupPriorityMinimum: 1000 - versionPriority: 15 - service: - name: cert-manager-webhook-exoscale - namespace: cert-manager - version: v1alpha1 ---- -# Source: exoscale-webhook/templates/pki.yaml -# Generate a CA Certificate used to sign certificates for the webhook -apiVersion: cert-manager.io/v1 -kind: Certificate -metadata: - name: cert-manager-webhook-exoscale-ca - namespace: "cert-manager" - labels: - app: exoscale-webhook - chart: exoscale-webhook-0.3.0 - release: exoscale-webhook - heritage: Helm -spec: - secretName: cert-manager-webhook-exoscale-ca - duration: 43800h # 5y - issuerRef: - name: cert-manager-webhook-exoscale-selfsign - commonName: "ca.exoscale-webhook.cert-manager" - isCA: true ---- -# Source: exoscale-webhook/templates/pki.yaml -# Finally, generate a serving certificate for the webhook to use -apiVersion: cert-manager.io/v1 -kind: Certificate -metadata: - name: cert-manager-webhook-exoscale-webhook-tls - namespace: "cert-manager" - labels: - app: exoscale-webhook - chart: exoscale-webhook-0.3.0 - release: exoscale-webhook - heritage: Helm -spec: - secretName: cert-manager-webhook-exoscale-webhook-tls - duration: 8760h # 1y - issuerRef: - name: cert-manager-webhook-exoscale-ca - dnsNames: - - cert-manager-webhook-exoscale - - cert-manager-webhook-exoscale.cert-manager - - cert-manager-webhook-exoscale.cert-manager.svc ---- -# Source: exoscale-webhook/templates/pki.yaml -# Create a selfsigned Issuer, in order to create a root CA certificate for -# signing webhook serving certificates -apiVersion: cert-manager.io/v1 -kind: Issuer -metadata: - name: cert-manager-webhook-exoscale-selfsign - namespace: "cert-manager" - labels: - app: exoscale-webhook - chart: exoscale-webhook-0.3.0 - release: exoscale-webhook - heritage: Helm -spec: - selfSigned: {} ---- -# Source: exoscale-webhook/templates/pki.yaml -# Create an Issuer that uses the above generated CA certificate to issue certs -apiVersion: cert-manager.io/v1 -kind: Issuer -metadata: - name: cert-manager-webhook-exoscale-ca - namespace: "cert-manager" - labels: - app: exoscale-webhook - chart: exoscale-webhook-0.3.0 - release: exoscale-webhook - heritage: Helm -spec: - ca: - secretName: cert-manager-webhook-exoscale-ca \ No newline at end of file diff --git a/charts/fp/templates/external-dns.yaml b/charts/fp/templates/external-dns.yaml deleted file mode 100644 index 2823acb..0000000 --- a/charts/fp/templates/external-dns.yaml +++ /dev/null @@ -1,87 +0,0 @@ ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: external-dns - namespace: futureporn - annotations: - meta.helm.sh/release-name: fp - meta.helm.sh/release-namespace: futureporn - labels: - app.kubernetes.io/managed-by: Helm - ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: external-dns -rules: -- apiGroups: [""] - resources: ["services","endpoints","pods"] - verbs: ["get","watch","list"] -- apiGroups: ["extensions","networking.k8s.io"] - resources: ["ingresses"] - verbs: ["get","watch","list"] -- apiGroups: [""] - resources: ["nodes"] - verbs: ["list"] - ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: external-dns-viewer -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: external-dns -subjects: -- kind: ServiceAccount - name: external-dns - namespace: futureporn - ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: external-dns - namespace: futureporn -spec: - strategy: - type: Recreate - selector: - matchLabels: - app: external-dns - template: - metadata: - labels: - app: external-dns - spec: - serviceAccountName: external-dns - containers: - - name: external-dns - resources: - limits: - memory: "1024Mi" - cpu: "100m" - image: registry.k8s.io/external-dns/external-dns:v0.14.1 - args: - - --source=service - - --source=ingress - - --provider=exoscale - - --domain-filter=.sbtp.xyz - - --policy=sync # if you want DNS entries to get deleted as well - - --txt-owner-id=futureporn - - --exoscale-apizone=de-fra-1 - - --exoscale-apienv=api - env: - - name: EXTERNAL_DNS_EXOSCALE_APIKEY - valueFrom: - secretKeyRef: - name: exoscale - key: apiKey - - name: EXTERNAL_DNS_EXOSCALE_APISECRET - valueFrom: - secretKeyRef: - name: exoscale - key: apiSecret diff --git a/charts/fp/templates/gateway.yaml b/charts/fp/templates/gateway.yaml deleted file mode 100644 index 3e0b13b..0000000 --- a/charts/fp/templates/gateway.yaml +++ /dev/null @@ -1,12 +0,0 @@ ---- -apiVersion: gateway.networking.k8s.io/v1 -kind: Gateway -metadata: - name: example-gateway - namespace: futureporn -spec: - gatewayClassName: example-class - listeners: - - name: http - protocol: HTTP - port: 80 diff --git a/charts/fp/templates/pgadmin4.yaml b/charts/fp/templates/pgadmin4.yaml deleted file mode 100644 index 4d38fe4..0000000 --- a/charts/fp/templates/pgadmin4.yaml +++ /dev/null @@ -1,55 +0,0 @@ -## Resist the urge to delete this container! We use it again and again! - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: pgadmin4 - namespace: futureporn -spec: - selector: - matchLabels: - app: pgadmin4 - template: - metadata: - labels: - app: pgadmin4 - spec: - containers: - - name: pgadmin4 - image: docker.io/dpage/pgadmin4:latest - imagePullPolicy: IfNotPresent - resources: - limits: - memory: 256Mi - requests: - memory: 100Mi - env: - - name: PGADMIN_DEFAULT_EMAIL - valueFrom: - secretKeyRef: - name: pgadmin4 - key: email - - name: PGADMIN_DEFAULT_PASSWORD - valueFrom: - secretKeyRef: - name: pgadmin4 - key: password - - ---- -apiVersion: v1 -kind: Service -metadata: - name: pgadmin4 - namespace: futureporn -spec: - type: ClusterIP - ports: - - port: 5050 - targetPort: 80 - protocol: TCP - selector: - app: pgadmin4 - - - diff --git a/charts/fp/templates/roles.yaml b/charts/fp/templates/roles.yaml deleted file mode 100644 index 183ef63..0000000 --- a/charts/fp/templates/roles.yaml +++ /dev/null @@ -1,28 +0,0 @@ -{{ if eq .Values.environment "development" }} - -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: cert-manager-webhook-vultr-secret-reader - namespace: cert-manager -rules: -- apiGroups: [""] - resources: ["secrets"] - verbs: ["get", "watch", "list"] - ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: cert-manager-webhook-vultr-secret-reader-binding - namespace: cert-manager -subjects: -- kind: ServiceAccount - name: cert-manager-webhook-vultr - namespace: cert-manager -roleRef: - kind: Role - name: cert-manager-webhook-vultr-secret-reader - apiGroup: rbac.authorization.k8s.io - -{{ end }} \ No newline at end of file diff --git a/charts/fp/templates/superstreamer.yaml b/charts/fp/templates/superstreamer.yaml deleted file mode 100644 index d02533a..0000000 --- a/charts/fp/templates/superstreamer.yaml +++ /dev/null @@ -1,339 +0,0 @@ - -## we don't use this because I don't know of a good way to sync the image tag with that of the postgres pod. -## It's more foolproof to use a script activated by a button in Tilt UI -# --- -# apiVersion: batch/v1 -# kind: Job -# metadata: -# name: superstreamer-database-seed -# namespace: futureporn -# spec: -# template: -# spec: -# restartPolicy: Never -# containers: -# - name: postgres-client -# image: postgres:latest -# command: ["sh", "-c"] -# args: -# - | -# psql -h postgresql-primary.futureporn.svc.cluster.local \ -# -U postgres \ -# -c "CREATE DATABASE sprs"; -# env: -# - name: PGPASSWORD -# valueFrom: -# secretKeyRef: -# name: postgresql -# key: password - - ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: superstreamer-app - namespace: futureporn -spec: - replicas: 1 - selector: - matchLabels: - app: superstreamer-app - template: - metadata: - labels: - app: superstreamer-app - spec: - containers: - - name: superstreamer-app - image: {{ .Values.superstreamer.app.image | quote }} - ports: - - containerPort: 52000 - env: - - name: PUBLIC_API_ENDPOINT - value: http://localhost:52001 - - name: PUBLIC_STITCHER_ENDPOINT - value: http://localhost:52002 - - name: DATABASE_URI - valueFrom: - secretKeyRef: - name: superstreamer - key: databaseUri - - name: S3_ENDPOINT - valueFrom: - secretKeyRef: - name: superstreamer - key: s3Endpoint - - name: S3_REGION - valueFrom: - secretKeyRef: - name: superstreamer - key: s3Region - - name: S3_ACCESS_KEY - valueFrom: - secretKeyRef: - name: superstreamer - key: s3AccessKey - - name: S3_SECRET_KEY - valueFrom: - secretKeyRef: - name: superstreamer - key: s3SecretKey - - name: S3_BUCKET - valueFrom: - secretKeyRef: - name: superstreamer - key: s3SecretKey - - name: PUBLIC_S3_ENDPOINT - valueFrom: - secretKeyRef: - name: superstreamer - key: publicS3Endpoint - - name: SUPER_SECRET - valueFrom: - secretKeyRef: - name: superstreamer - key: superSecret ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: superstreamer-api - namespace: futureporn -spec: - replicas: 1 - selector: - matchLabels: - app: superstreamer-api - template: - metadata: - labels: - app: superstreamer-api - spec: - containers: - - name: superstreamer-api - image: {{ .Values.superstreamer.api.image | quote }} - ports: - - containerPort: 52001 - env: - - name: REDIS_HOST - value: {{ .Values.superstreamer.redisUrl | quote }} - - name: REDIS_PORT - value: {{ .Values.superstreamer.redisPort | quote }} - - name: DATABASE_URI - valueFrom: - secretKeyRef: - name: superstreamer - key: databaseUri - - name: S3_ENDPOINT - valueFrom: - secretKeyRef: - name: superstreamer - key: s3Endpoint - - name: S3_REGION - valueFrom: - secretKeyRef: - name: superstreamer - key: s3Region - - name: S3_ACCESS_KEY - valueFrom: - secretKeyRef: - name: superstreamer - key: s3AccessKey - - name: S3_SECRET_KEY - valueFrom: - secretKeyRef: - name: superstreamer - key: s3SecretKey - - name: S3_BUCKET - valueFrom: - secretKeyRef: - name: superstreamer - key: s3Bucket - - name: PUBLIC_S3_ENDPOINT - valueFrom: - secretKeyRef: - name: superstreamer - key: publicS3Endpoint - - name: SUPER_SECRET - valueFrom: - secretKeyRef: - name: superstreamer - key: superSecret - - ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: superstreamer-stitcher - namespace: futureporn -spec: - replicas: 1 - selector: - matchLabels: - app: superstreamer-stitcher - template: - metadata: - labels: - app: superstreamer-stitcher - spec: - containers: - - name: superstreamer-stitcher - image: {{ .Values.superstreamer.stitcher.image | quote }} - ports: - - containerPort: 52002 - env: - - name: REDIS_HOST - value: {{ .Values.superstreamer.redisUrl | quote }} - - name: REDIS_PORT - value: {{ .Values.superstreamer.redisPort | quote }} - - name: PUBLIC_API_ENDPOINT - value: "http://localhost:52001" - - name: PUBLIC_STITCHER_ENDPOINT - value: "http://localhost:52002" - - name: DATABASE_URI - valueFrom: - secretKeyRef: - name: superstreamer - key: databaseUri - - name: S3_ENDPOINT - valueFrom: - secretKeyRef: - name: superstreamer - key: s3Endpoint - - name: S3_REGION - valueFrom: - secretKeyRef: - name: superstreamer - key: s3Region - - name: S3_ACCESS_KEY - valueFrom: - secretKeyRef: - name: superstreamer - key: s3AccessKey - - name: S3_SECRET_KEY - valueFrom: - secretKeyRef: - name: superstreamer - key: s3SecretKey - - name: S3_BUCKET - valueFrom: - secretKeyRef: - name: superstreamer - key: s3Bucket - - name: PUBLIC_S3_ENDPOINT - valueFrom: - secretKeyRef: - name: superstreamer - key: publicS3Endpoint - - name: SUPER_SECRET - valueFrom: - secretKeyRef: - name: superstreamer - key: superSecret ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: superstreamer-artisan - namespace: futureporn -spec: - replicas: 1 - selector: - matchLabels: - app: superstreamer-artisan - template: - metadata: - labels: - app: superstreamer-artisan - spec: - containers: - - name: superstreamer-artisan - image: {{ .Values.superstreamer.artisan.image | quote }} - env: - - name: REDIS_HOST - value: {{ .Values.superstreamer.redisUrl | quote }} - - name: REDIS_PORT - value: {{ .Values.superstreamer.redisPort | quote }} - - name: DATABASE_URI - valueFrom: - secretKeyRef: - name: superstreamer - key: databaseUri - - name: S3_ENDPOINT - valueFrom: - secretKeyRef: - name: superstreamer - key: s3Endpoint - - name: S3_REGION - valueFrom: - secretKeyRef: - name: superstreamer - key: s3Region - - name: S3_ACCESS_KEY - valueFrom: - secretKeyRef: - name: superstreamer - key: s3AccessKey - - name: S3_SECRET_KEY - valueFrom: - secretKeyRef: - name: superstreamer - key: s3SecretKey - - name: S3_BUCKET - valueFrom: - secretKeyRef: - name: superstreamer - key: s3Bucket - - name: PUBLIC_S3_ENDPOINT - valueFrom: - secretKeyRef: - name: superstreamer - key: publicS3Endpoint - - name: SUPER_SECRET - valueFrom: - secretKeyRef: - name: superstreamer - key: superSecret ---- -apiVersion: v1 -kind: Service -metadata: - name: superstreamer-app - namespace: futureporn -spec: - selector: - app: superstreamer-app - ports: - - protocol: TCP - port: 52000 - targetPort: 52000 - ---- -apiVersion: v1 -kind: Service -metadata: - name: superstreamer-api - namespace: futureporn -spec: - selector: - app: superstreamer-api - ports: - - protocol: TCP - port: 52001 - targetPort: 52001 - ---- -apiVersion: v1 -kind: Service -metadata: - name: superstreamer-stitcher - namespace: futureporn -spec: - selector: - app: superstreamer-stitcher - ports: - - protocol: TCP - port: 52002 - targetPort: 52002 diff --git a/charts/fp/templates/traefik.yaml b/charts/fp/templates/traefik.yaml deleted file mode 100644 index f87411a..0000000 --- a/charts/fp/templates/traefik.yaml +++ /dev/null @@ -1,115 +0,0 @@ -# --- -# apiVersion: traefik.io/v1alpha1 -# kind: Middleware -# metadata: -# name: redirect -# namespace: futureporn - -# spec: -# redirectScheme: -# scheme: https -# permanent: true - - -# --- -# apiVersion: traefik.io/v1alpha1 -# kind: Middleware -# metadata: -# name: traefik-dashboard-basicauth -# namespace: futureporn - -# spec: -# basicAuth: -# secret: traefik-dashboard-auth - -# --- -# apiVersion: traefik.io/v1alpha1 -# kind: IngressRoute -# metadata: -# name: traefik-dashboard-custom -# namespace: futureporn - -# spec: -# entryPoints: -# - websecure -# - web -# routes: -# - match: PathPrefix(`/board`) -# kind: Rule -# # priority: 2147483647 -# # middlewares: -# # - name: traefik-dashboard-basicauth -# # namespace: traefik -# services: -# - name: dashboard@internal -# kind: TraefikService - -# --- -# apiVersion: traefik.io/v1alpha1 -# kind: IngressRoute -# metadata: -# name: traefik-api-custom -# namespace: futureporn - -# spec: -# entryPoints: -# - websecure -# - web -# routes: -# - match: PathPrefix(`/api`) -# kind: Rule -# # priority: 2147483647 -# # middlewares: -# # - name: traefik-dashboard-basicauth -# # namespace: traefik -# services: -# - name: api@internal -# kind: TraefikService - - ---- -apiVersion: gateway.networking.k8s.io/v1 -kind: HTTPRoute -metadata: - name: whoami-httproute - namespace: futureporn -spec: - parentRefs: - - name: traefik-gateway - hostnames: - - traefik.futureporn.svc.cluster.local - rules: - - matches: - - path: - type: PathPrefix - value: /whoami - filters: - - type: ResponseHeaderModifier - responseHeaderModifier: - add: - - name: x-cj-was-here - value: "true" - backendRefs: - - name: whoami - port: 8888 - - matches: - - path: - type: PathPrefix - value: /postgrest - backendRefs: - - name: postgrest - port: 9000 - -# --- -# apiVersion: gateway.networking.k8s.io/v1 -# kind: HTTPRoute -# metadata: -# name: whoami-httproute -# namespace: futureporn -# spec: -# parentRefs: -# - name: traefik-gateway -# hostnames: -# - traefik.futureporn.svc.cluster.local -# rules: -# - matches: diff --git a/charts/fp/templates/whoami.yaml b/charts/fp/templates/whoami.yaml deleted file mode 100644 index 31a3d7d..0000000 --- a/charts/fp/templates/whoami.yaml +++ /dev/null @@ -1,70 +0,0 @@ -# an http service for testing purposes - - -{{ if ne .Values.environment "production" }} - - -# --- -# apiVersion: gateway.networking.k8s.io/v1 -# kind: HTTPRoute -# metadata: -# name: whoami-httproute -# namespace: futureporn -# spec: -# parentRefs: -# - name: traefik-gateway -# hostnames: -# - traefik.futureporn -# rules: -# - matches: -# - path: -# type: PathPrefix -# value: /whoami -# backendRefs: -# - name: whoami -# port: {{ .Values.whoami.port }} - - ---- -apiVersion: v1 -kind: Service -metadata: - name: whoami - namespace: futureporn - annotations: - external-dns.alpha.kubernetes.io/hostname: "{{ .Values.whoami.hostname }}" -spec: - type: LoadBalancer - selector: - app: whoami - ports: - - port: {{ .Values.whoami.port }} - targetPort: {{ .Values.whoami.port }} - - ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: whoami - namespace: futureporn -spec: - replicas: 1 - selector: - matchLabels: - app: whoami - template: - metadata: - labels: - app: whoami - spec: - containers: - - name: whoami - image: containous/whoami - args: - - --port={{ .Values.whoami.port }} - ports: - - containerPort: {{ .Values.whoami.port }} - - -{{ end }} \ No newline at end of file diff --git a/charts/fp/values.yaml b/charts/fp/values.yaml deleted file mode 100644 index da4a2cc..0000000 --- a/charts/fp/values.yaml +++ /dev/null @@ -1,138 +0,0 @@ -## values.yaml -## this file is for development values only. -## these values are loaded by Tilt. -## For production values, see /flux/clusters/production - -environment: development -# storageClassName: csi-hostpath-sc # used by minikube -storageClassName: standard # used by Kind -s3: - endpoint: https://futureporn.hel1.your-objectstorage.com - region: hel1 - buckets: - main: futureporn - usc: fp-usc-dev - backup: futureporn-db-backup-dev -link2cid: - imageName: fp/link2cid -next: - imageName: fp/next - hostname: next.fp.sbtp.xyz - ingressClassName: nginx - nodeExtraCaCerts: /app/certs/letsencrypt-stg-root-x1.pem -capture: - imageName: fp/capture - worker: - replicas: 1 - cache: - size: 20Gi - dir: /var/cache/capture-worker -mailbox: - imageName: fp/mailbox - replicas: 1 - cdnBucketUrl: https://futureporn.hel1.your-objectstorage.com - s3BucketName: futureporn - port: 5000 -factory: - replicas: 1 - imageName: fp/factory -strapi: - replicas: 1 - imageName: fp/strapi - port: 1339 - url: https://strapi.fp.sbtp.xyz - hostname: strapi.fp.sbtp.xyz - # hostname: strapi.futureporn.svc.cluster.local ## https://gitea.futureporn.net/futureporn/pm/issues/126 - ingressClassName: nginx - nodeExtraCaCerts: /usr/src/app/certs/letsencrypt-stg-root-x1.pem -ngrok: - hostname: mint-star-crappie.ngrok-free.app -realtime: - imageName: fp/realtime -adminEmail: cj@futureporn.net -echo: - hostname: echo.fp.sbtp.xyz -superstreamer: - redisUrl: redis-master.futureporn.svc.cluster.local - redisPort: 6379 - app: - #image: fp/superstreamer-app - image: "superstreamerapp/app:alpha" - api: - #image: fp/superstreamer-api - localUrl: http://superstreamer-api.futureporn.svc.cluster.local:52001 - image: "superstreamerapp/api:alpha" - artisan: - #image: fp/superstreamer-artisan - image: "superstreamerapp/artisan:alpha" - stitcher: - #image: fp/superstreamer-stitcher - image: "superstreamerapp/stitcher:alpha" -uppy: - replicas: 3 - hostname: uppy.fp.sbtp.xyz - imageName: fp/uppy - redisUrl: redis-master.futureporn.svc.cluster.local - s3: - endpoint: your-objectstorage.com - bucket: futureporn - region: hel1 - clientOrigins: next.fp.sbtp.xyz - domain: uppy.fp.sbtp.xyz - uploadUrls: https://uppy.fp.sbtp.xyz/files - url: https://uppy.fp.sbtp.xyz -certManager: - issuer: letsencrypt-staging -bot: - discordChannelId: "1185024773231759481" - discordGuildId: "1084674137391374338" - imageName: fp/bot - replicas: 1 -chihaya: - hostname: tracker.fp.sbtp.xyz -scout: - imageName: fp/scout - replicas: 1 - port: 8134 - url: http://scout.fp.sbtp.xyz -postgrest: - hostname: postgrest.fp.sbtp.xyz - image: postgrest/postgrest - replicas: 1 - port: 9000 - schemas: api -chisel: - exitNode: - host: "155.138.254.201" - port: 9090 -game2048: - hostname: game-2048.fp.sbtp.xyz -supertokens: - port: 3348 - hostname: supertokens.fp.sbtp.xyz - replicas: 1 - -logto: - admin: - port: 3002 - hostname: logto-admin.fp.sbtp.xyz - main: - port: 3001 - hostname: logto.fp.sbtp.xyz -whoami: - hostname: whoami.fp.sbtp.xyz - port: 8888 -migrations: - schema: - imageName: fp/migrations-schema - data: - imageName: fp/migrations-data -authentik: - replias: 1 - hostname: auth.fp.sbtp.xyz -bright: - imageName: fp/bright - hostname: bright.fp.sbtp.xyz - port: 4000 - s3: - endpoint: https://fp-dev.b-cdn.net \ No newline at end of file diff --git a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/.helmignore b/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/.helmignore deleted file mode 100644 index faa1198..0000000 --- a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/.helmignore +++ /dev/null @@ -1,25 +0,0 @@ -# Source: https://github.com/helm/helm/blob/main/pkg/repo/repotest/testdata/examplechart/.helmignore -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj - -# helmtest plugin tests -tests diff --git a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/CHANGELOG.md b/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/CHANGELOG.md deleted file mode 100644 index 1d3da7a..0000000 --- a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/CHANGELOG.md +++ /dev/null @@ -1,156 +0,0 @@ -# Changelog - -All notable changes to this project will be documented in this file. - -The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), -and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). - -## 0.14.0 -**Full Changelog**: https://github.com/ngrok/kubernetes-ingress-controller/compare/helm-chart-0.13.0...helm-chart-0.14.0 - -### Added - -- feat: Auto-provision domain for TLS Edges [#386]( https://github.com/ngrok/kubernetes-ingress-controller/pull/386) -- feat: Support for Load Balancer services [#387](https://github.com/ngrok/kubernetes-ingress-controller/pull/387) -- feat: Support TLS termination in modulesets for Load Balancer Services [388](https://github.com/ngrok/kubernetes-ingress-controller/pull/388) - -## 0.13.0 - -**Full Changelog**: https://github.com/ngrok/kubernetes-ingress-controller/compare/helm-chart-0.12.4...helm-chart-0.13.0 - -**Important**: If you are upgrading from a previous version and are using `helm install` or `helm upgrade`, you will need to manually apply the changes to the CRDs. This is because the CRDs are not [updated automatically when the chart is updated](https://helm.sh/docs/chart_best_practices/custom_resource_definitions/#some-caveats-and-explanations). To do this, apply the contents of the `crds` directory in the chart to your cluster. - -Ex (from the root of the repository): -```shell -kubectl apply -f ./helm/ingress-controller/templates/crds/ -``` - -### Added - -- root-cas setting [#371](https://github.com/ngrok/kubernetes-ingress-controller/pull/371) - Takes an install option for `--set rootCAs=host` and plumb the isHostCA check into the caCerts for it to just get the host certs. -- feat: Add support for mutualTLS [#373](https://github.com/ngrok/kubernetes-ingress-controller/pull/373) - -### Changed - -- Update nix flake, go version, and Makefile dep versions [#379](https://github.com/ngrok/kubernetes-ingress-controller/pull/379) - -## 0.12.4 - -- Add the `apiURL` value. - This sets the ngrok API endpoint used by the controller. - It corresponds to the `--api-url` argument to the manager binary. - -- Update to version 0.10.4 of the ingress controller. - See its changes [here](../../CHANGELOG.md#0104). - -## 0.12.1 - -- Update to version 0.10.1 of the ingress controller, which includes: - - IPPolicy controller wasn't applying the attached rules, leaving the IP policy in its current state [#315](https://github.com/ngrok/kubernetes-ingress-controller/pull/315) - -## 0.12.0 - -- Update to version 0.10.0 of the ingress controller, this includes: - - TLSEdge support - see the [TCP and TLS Edges Guide](https://github.com/ngrok/kubernetes-ingress-controller/blob/main/docs/user-guide/tcp-tls-edges.md) for more details. - - A fix for renegotiating TLS backends - -## 0.11.0 - -** Important ** This version of the controller changes the ownership model for https edge and tunnel CRs. To ease out the transition to the new ownership, make sure to run `migrate-edges.sh` and `migrate-tunnels.sh` scripts before installing the new version. - -### Changed -- Specify IPPolicyRule action as an enum of (allow,deny) as part of [#260](https://github.com/ngrok/kubernetes-ingress-controller/pull/260) -- Handle special case for changing auth types that causes an error during state transition [#259](https://github.com/ngrok/kubernetes-ingress-controller/pull/259) -- Better handling when changing pathType between 'Exact' and 'Prefix' [#262](https://github.com/ngrok/kubernetes-ingress-controller/pull/262) -- Update ngrok-go to 1.4.0 [#298](https://github.com/ngrok/kubernetes-ingress-controller/pull/298) -- Tunnels are now unique in their respective namespace, not across the cluster [#281](https://github.com/ngrok/kubernetes-ingress-controller/pull/281) -- The CRs that ingress controller creates are uniquely marked and managed by it. Other CRs created manually are no longer deleted when the ingress controller is not using them [#267](https://github.com/ngrok/kubernetes-ingress-controller/issues/267); fixed for tunnel in [#285](https://github.com/ngrok/kubernetes-ingress-controller/pull/285) and for https edges in [#286](https://github.com/ngrok/kubernetes-ingress-controller/pull/286) -- Better error handling and retry, specifically for the case where we try to create an https edge for a domain which is not created yet [#283](https://github.com/ngrok/kubernetes-ingress-controller/issues/283); fixed in [#288](https://github.com/ngrok/kubernetes-ingress-controller/pull/288) -- Watch and apply ngrok module set CR changes [#287](https://github.com/ngrok/kubernetes-ingress-controller/issues/287); fixed in [#290](https://github.com/ngrok/kubernetes-ingress-controller/pull/290) -- Label https edges and tunnels with service UID to make them more unique within ngrok [#291](https://github.com/ngrok/kubernetes-ingress-controller/issues/291); fixed in [#293](https://github.com/ngrok/kubernetes-ingress-controller/pull/293) and [#302](https://github.com/ngrok/kubernetes-ingress-controller/pull/302) - -### Added -- Add support for configuring pod affinities, pod disruption budget, and priorityClassName [#258](https://github.com/ngrok/kubernetes-ingress-controller/pull/258) -- The controller stopping at the first resource create [#270](https://github.com/ngrok/kubernetes-ingress-controller/pull/270) -- Using `make deploy` now requires `NGROK_AUTHTOKEN` and `NGROK_API_KEY` to be set [#292](https://github.com/ngrok/kubernetes-ingress-controller/pull/292) - -## 0.10.0 - -### Added -- Support HTTPS backends via service annotation [#238](https://github.com/ngrok/kubernetes-ingress-controller/pull/238) - -### Changed -- Normalize all ngrok `.io` TLD to `.app` TLD [#240](https://github.com/ngrok/kubernetes-ingress-controller/pull/240) -- Chart Icon - -### Fixed -- Add namespace to secret [#244](https://github.com/ngrok/kubernetes-ingress-controller/pull/244). Thank you for the contribution, @vincetse! - -## 0.9.0 -### Added -- Add a 'podLabels' option to the helm chart [#212](https://github.com/ngrok/kubernetes-ingress-controller/pull/212). -- Permission to `get`,`list`, and `watch` `services` [#222](https://github.com/ngrok-kubernetes-ingress-controller/pull/222). - -## 0.8.0 -### Changed -- Log Level configuration to helm chart [#199](https://github.com/ngrok/kubernetes-ingress-controller/pull/199). -- Bump default controller image to use `0.6.0` release [#204](https://github.com/ngrok/kubernetes-ingress-controller/pull/204). - -### Fixed -- update default-container annotation so logs work correctly [#197](https://github.com/ngrok/kubernetes-ingress-controller/pull/197) - -## 0.7.0 - -### Added -- Update `NgrokModuleSet` and `HTTPSEdge` CRD to support SAML and OAuth - -### Changed -- Update appVersion to `0.5.0` to match the latest release of the controller. - -## 0.6.1 -### Fixed -- Default the image tag to the chart's `appVersion` for predictable installs. Previously, the helm chart would default to the `latest` image tag which can have breaking changes, notably with CRDs. - -## 0.6.0 -### Changed -- Ingress Class has Default set to false [#109](https://github.com/ngrok/kubernetes-ingress-controller/pull/109) - -### Added -- Allow controller name to be configured to support multiple ngrok ingress classes [#159](https://github.com/ngrok/kubernetes-ingress-controller/pull/159) -- Allow the controller to be configured to only watch a single namespace [#157](https://github.com/ngrok/kubernetes-ingress-controller/pull/157) -- Pass key/value pairs to helm that get added as json string metadata in ngrok api resources [#156](https://github.com/ngrok/kubernetes-ingress-controller/pull/156) -- Add IP Policy CRD and IP Policy Route Module [#120](https://github.com/ngrok/kubernetes-ingress-controller/pull/120) -- Load certs from the directory `"/etc/ssl/certs/ngrok/"` for ngrok-go if present [#111](https://github.com/ngrok/kubernetes-ingress-controller/pull/111) - -## 0.5.0 -### Changed -- Renamed chart from `ngrok-ingress-controller` to `kubernetes-ingress-controller`. -- Added CRDs for `domains`, `tcpedges`, and `httpsedges`. - -## 0.4.0 -### Added -- `serverAddr` flag to override the ngrok tunnel server address -- `extraVolumes` to add an arbitrary set of volumes to the controller pod -- `extraVolumeMounts` to add an arbitrary set of volume mounts to the controller container - -## 0.3.1 -### Fixed -- Fixes rendering of `NOTES.txt` when installing via helm - -## 0.3.0 -### Changed - -- Moved from calling ngrok-agent sidecar to using the ngrok-go library in the controller process. -- Moved `apiKey` and `authtoken` to `credentials.apiKey` and `credentials.authtoken` respectively. -- `credentialSecrets.name` is now `credentials.secret.name` -- Changed replicas to 1 by default to work better for default/demo setup. - -## 0.2.0 -### Added - -- Support for different values commonly found in helm charts - -# 0.1.0 - -TODO diff --git a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/Chart.lock b/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/Chart.lock deleted file mode 100644 index f02dfe1..0000000 --- a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/Chart.lock +++ /dev/null @@ -1,6 +0,0 @@ -dependencies: -- name: common - repository: https://charts.bitnami.com/bitnami - version: 2.19.3 -digest: sha256:b0c5b947a6622accb48678c6034a1180e1fb58d0d8c8d2fa44cb7e9c3b1a4255 -generated: "2024-05-21T13:06:30.412702362-05:00" diff --git a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/Chart.yaml b/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/Chart.yaml deleted file mode 100644 index e0d3398..0000000 --- a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/Chart.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: v2 -appVersion: 0.12.0 -dependencies: -- name: common - repository: https://charts.bitnami.com/bitnami - tags: - - bitnami-common - version: 2.x.x -description: A Kubernetes ingress controller built using ngrok. -home: https://ngrok.com -icon: https://ngrok.github.io/kubernetes-ingress-controller/ngrok-favicon.svg -keywords: -- ngrok -- networking -- ingress -- edge -- api gateway -name: kubernetes-ingress-controller -sources: -- https://github.com/ngrok/kubernetes-ingress-controller -version: 0.14.0 diff --git a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/README.md b/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/README.md deleted file mode 100644 index c4d0c06..0000000 --- a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/README.md +++ /dev/null @@ -1,93 +0,0 @@ -# ngrok Ingress Controller - -This is the helm chart to install the ngrok ingress controller - -# Usage - -## Prerequisites - -The cluster Must be setup with a secret named `ngrok-ingress-controller-credentials` with the following keys: -* AUTHTOKEN -* API\_KEY - -## Install the controller with helm - -[Helm](https://helm.sh) must be installed to use the charts. Please refer to -Helm's [documentation](https://helm.sh/docs) to get started. - -Once Helm has been set up correctly, add the repo as follows: - -`helm repo add ngrok https://ngrok.github.io/kubernetes-ingress-controller` - -If you had already added this repo earlier, run `helm repo update` to retrieve -the latest versions of the packages. You can then run `helm search repo ngrok` to see the charts. - -To install the ngrok-ingress-controller chart: - -`helm install my-ngrok-ingress-controller ngrok/kubernetes-ingress-controller` - -To uninstall the chart: - -`helm delete my-ngrok-ingress-controller` - - -## Parameters - -### Common parameters - -| Name | Description | Value | -| ------------------- | ----------------------------------------------------- | ----- | -| `nameOverride` | String to partially override generated resource names | `""` | -| `fullnameOverride` | String to fully override generated resource names | `""` | -| `commonLabels` | Labels to add to all deployed objects | `{}` | -| `commonAnnotations` | Annotations to add to all deployed objects | `{}` | - - -### Controller parameters - -| Name | Description | Value | -| ------------------------------------ | --------------------------------------------------------------------------------------------------------------------- | ------------------------------------- | -| `podAnnotations` | Used to apply custom annotations to the ingress pods. | `{}` | -| `podLabels` | Used to apply custom labels to the ingress pods. | `{}` | -| `replicaCount` | The number of controllers to run. | `1` | -| `image.registry` | The ngrok ingress controller image registry. | `docker.io` | -| `image.repository` | The ngrok ingress controller image repository. | `ngrok/kubernetes-ingress-controller` | -| `image.tag` | The ngrok ingress controller image tag. Defaults to the chart's appVersion if not specified | `""` | -| `image.pullPolicy` | The ngrok ingress controller image pull policy. | `IfNotPresent` | -| `image.pullSecrets` | An array of imagePullSecrets to be used when pulling the image. | `[]` | -| `ingressClass.name` | The name of the ingress class to use. | `ngrok` | -| `ingressClass.create` | Whether to create the ingress class. | `true` | -| `ingressClass.default` | Whether to set the ingress class as default. | `false` | -| `controllerName` | The name of the controller to look for matching ingress classes | `k8s.ngrok.com/ingress-controller` | -| `watchNamespace` | The namespace to watch for ingress resources. Defaults to all | `""` | -| `credentials.secret.name` | The name of the secret the credentials are in. If not provided, one will be generated using the helm release name. | `""` | -| `credentials.apiKey` | Your ngrok API key. If provided, it will be will be written to the secret and the authtoken must be provided as well. | `""` | -| `credentials.authtoken` | Your ngrok authtoken. If provided, it will be will be written to the secret and the apiKey must be provided as well. | `""` | -| `region` | ngrok region to create tunnels in. Defaults to connect to the closest geographical region. | `""` | -| `rootCAs` | Set to "trusted" for the ngrok agent CA or "host" to trust the host's CA. Defaults to "trusted". | `""` | -| `serverAddr` | This is the address of the ngrok server to connect to. You should set this if you are using a custom ingress address. | `""` | -| `apiURL` | This is the URL of the ngrok API. You should set this if you are using a custom API URL. | `""` | -| `metaData` | This is a map of key/value pairs that will be added as meta data to all ngrok api resources created | `{}` | -| `affinity` | Affinity for the controller pod assignment | `{}` | -| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `nodeAffinityPreset.key` | Node label key to match. Ignored if `affinity` is set. | `""` | -| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | -| `priorityClassName` | Priority class for pod scheduling | `""` | -| `podDisruptionBudget.create` | Enable a Pod Disruption Budget creation | `false` | -| `podDisruptionBudget.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `""` | -| `podDisruptionBudget.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `1` | -| `resources.limits` | The resources limits for the container | `{}` | -| `resources.requests` | The requested resources for the container | `{}` | -| `extraVolumes` | An array of extra volumes to add to the controller. | `[]` | -| `extraVolumeMounts` | An array of extra volume mounts to add to the controller. | `[]` | -| `extraEnv` | an object of extra environment variables to add to the controller. | `{}` | -| `serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | -| `serviceAccount.name` | The name of the ServiceAccount to use. | `""` | -| `serviceAccount.annotations` | Additional annotations to add to the ServiceAccount | `{}` | -| `log.level` | The level to log at. One of 'debug', 'info', or 'error'. | `info` | -| `log.stacktraceLevel` | The level to report stacktrace logs one of 'info' or 'error'. | `error` | -| `log.format` | The log format to use. One of console, json. | `json` | -| `lifecycle` | an object containing lifecycle configuration | `{}` | - diff --git a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/NOTES.txt b/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/NOTES.txt deleted file mode 100644 index 3b5bf28..0000000 --- a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/NOTES.txt +++ /dev/null @@ -1,53 +0,0 @@ -================================================================================ -The ngrok Ingress controller has been deployed as a Deployment type to your -cluster. - -If you haven't yet, create some Ingress resources in your cluster and they will -be automatically configured on the internet using ngrok. - - -{{- $found := false }} -{{- range $svcIndex, $service := (lookup "v1" "Service" "" "").items }} - {{- if not $found }} - {{- range $portMapIdx, $portMap := $service.spec.ports }} - {{- if eq $portMap.port 80 443 }} - {{- if ne $service.metadata.name "kubernetes" }} - {{- $found = true -}} - {{- $randomStr := randAlphaNum 8 | lower }} - -One example, taken from your cluster, is the Service: - {{ $service.metadata.name | quote }} - -You can make this accessible via ngrok with the following manifest: --------------------------------------------------------------------------------- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: {{ $service.metadata.name }} - namespace: {{ $service.metadata.namespace }} -spec: - ingressClassName: ngrok - rules: - - host: {{ $service.metadata.name -}}-{{- $randomStr -}}.ngrok.app - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: {{ $service.metadata.name }} - port: - number: {{ $portMap.port }} --------------------------------------------------------------------------------- -Applying this manifest will make the service {{ $service.metadata.name | quote }} -available on the public internet at "https://{{ $service.metadata.name -}}-{{- $randomStr -}}.ngrok.app/". - {{- end }} - {{- end }} - {{- end }} - {{- end}} -{{- end }} - -Once done, view your edges in the Dashboard https://dashboard.ngrok.com/cloud-edge/edges -Find the tunnels running in your cluster here https://dashboard.ngrok.com/tunnels/agents - -If you have any questions or feedback, please join us in https://ngrok.com/slack and let us know! diff --git a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/_helpers.tpl b/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/_helpers.tpl deleted file mode 100644 index c5be41c..0000000 --- a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/_helpers.tpl +++ /dev/null @@ -1,87 +0,0 @@ -{{/* vim: set filetype=mustache: */}} -{{/* -Expand the name of the chart. -*/}} -{{- define "kubernetes-ingress-controller.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "kubernetes-ingress-controller.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -*/}} -{{- define "kubernetes-ingress-controller.fullname" -}} -{{- if .Values.fullnameOverride -}} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- $name := default .Chart.Name .Values.nameOverride -}} -{{- if contains $name .Release.Name -}} -{{- .Release.Name | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} -{{- end -}} -{{- end -}} -{{- end -}} - -{{/* -Create a default name for the credentials secret name using the helm release -*/}} -{{- define "kubernetes-ingress-controller.credentialsSecretName" -}} -{{- if .Values.credentials.secret.name -}} -{{- .Values.credentials.secret.name -}} -{{- else -}} -{{- printf "%s-credentials" (include "kubernetes-ingress-controller.fullname" .) -}} -{{- end -}} -{{- end -}} - -{{/* -Common labels -*/}} -{{- define "kubernetes-ingress-controller.labels" -}} -helm.sh/chart: {{ include "kubernetes-ingress-controller.chart" . }} -{{ include "kubernetes-ingress-controller.selectorLabels" . }} -{{- if .Chart.AppVersion }} -app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} -{{- end }} -app.kubernetes.io/part-of: {{ template "kubernetes-ingress-controller.name" . }} -app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- if .Values.commonLabels}} -{{ toYaml .Values.commonLabels }} -{{- end }} -{{- end -}} - -{{/* -Selector labels -*/}} -{{- define "kubernetes-ingress-controller.selectorLabels" -}} -app.kubernetes.io/name: {{ include "kubernetes-ingress-controller.name" . }} -app.kubernetes.io/instance: {{ .Release.Name }} -{{- end -}} - -{{/* -Create the name of the controller service account to use -*/}} -{{- define "kubernetes-ingress-controller.serviceAccountName" -}} -{{- if .Values.serviceAccount.create -}} - {{ default (include "kubernetes-ingress-controller.fullname" .) .Values.serviceAccount.name }} -{{- else -}} - {{ default "default" .Values.serviceAccount.name }} -{{- end -}} -{{- end -}} - -{{/* -Return the ngrok/ingress-controller image name -*/}} -{{- define "kubernetes-ingress-controller.image" -}} -{{- $registryName := .Values.image.registry -}} -{{- $repositoryName := .Values.image.repository -}} -{{- $tag := .Values.image.tag | default .Chart.AppVersion | toString -}} -{{- printf "%s/%s:%s" $registryName $repositoryName $tag -}} -{{- end -}} diff --git a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/controller-cm.yaml b/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/controller-cm.yaml deleted file mode 100644 index 8872834..0000000 --- a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/controller-cm.yaml +++ /dev/null @@ -1,16 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "kubernetes-ingress-controller.fullname" . }}-manager-config - namespace: {{ .Release.Namespace }} -data: - controller_manager_config.yaml: | - apiVersion: controller-runtime.sigs.k8s.io/v1alpha1 - kind: ControllerManagerConfig - health: - healthProbeBindAddress: :8081 - metrics: - bindAddress: 127.0.0.1:8080 - leaderElection: - leaderElect: true - resourceName: {{ include "kubernetes-ingress-controller.fullname" . }}-leader diff --git a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/controller-deployment.yaml b/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/controller-deployment.yaml deleted file mode 100644 index 0bb1b98..0000000 --- a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/controller-deployment.yaml +++ /dev/null @@ -1,143 +0,0 @@ -{{- $component := "controller" }} -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - {{- include "kubernetes-ingress-controller.labels" . | nindent 4 }} - app.kubernetes.io/component: {{ $component }} - name: {{ include "kubernetes-ingress-controller.fullname" . }}-manager - namespace: {{ .Release.Namespace }} - annotations: - checksum/controller-role: {{ include (print $.Template.BasePath "/rbac/role.yaml") . | sha256sum }} - checksum/rbac: {{ include (print $.Template.BasePath "/controller-rbac.yaml") . | sha256sum }} -spec: - replicas: {{.Values.replicaCount}} - selector: - matchLabels: - {{- include "kubernetes-ingress-controller.selectorLabels" . | nindent 6 }} - {{- if .Values.podLabels }} - {{- toYaml .Values.podLabels | nindent 6 }} - {{- end }} - app.kubernetes.io/component: {{ $component }} - template: - metadata: - annotations: - {{- if .Values.podAnnotations }} - {{- toYaml .Values.podAnnotations | nindent 8 }} - {{- end }} - prometheus.io/path: /metrics - prometheus.io/port: '8080' - prometheus.io/scrape: 'true' - checksum/controller-role: {{ include (print $.Template.BasePath "/rbac/role.yaml") . | sha256sum }} - checksum/rbac: {{ include (print $.Template.BasePath "/controller-rbac.yaml") . | sha256sum }} - checksum/secret: {{ include (print $.Template.BasePath "/credentials-secret.yaml") . | sha256sum }} - labels: - {{- include "kubernetes-ingress-controller.selectorLabels" . | nindent 8 }} - {{- if .Values.podLabels }} - {{- toYaml .Values.podLabels | nindent 8 }} - {{- end }} - app.kubernetes.io/component: {{ $component }} - spec: - {{- if .Values.priorityClassName }} - priorityClassName: {{ .Values.priorityClassName | quote }} - {{- end }} - {{- if .Values.affinity }} - affinity: {{- include "common.tplvalues.render" (dict "value" .Values.affinity "context" $) | nindent 8 }} - {{- else }} - affinity: - podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.podAffinityPreset "component" $component "context" $) | nindent 10 }} - podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.podAntiAffinityPreset "component" $component "context" $) | nindent 10 }} - nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.nodeAffinityPreset.type "key" .Values.nodeAffinityPreset.key "values" .Values.nodeAffinityPreset.values) | nindent 10 }} - {{- end }} - serviceAccountName: {{ template "kubernetes-ingress-controller.serviceAccountName" . }} - {{- if .Values.image.pullSecrets }} - imagePullSecrets: - {{- toYaml .Values.image.pullSecrets | nindent 8 }} - {{- end }} - containers: - - name: ngrok-ingress-controller - image: {{ include "kubernetes-ingress-controller.image" . }} - imagePullPolicy: {{ .Values.image.pullPolicy }} - command: - - /manager - args: - {{- if .Values.region }} - - --region={{ .Values.region}} - {{- end }} - {{- if .Values.apiURL }} - - --api-url={{ .Values.apiURL}} - {{- end }} - {{- if .Values.rootCAs }} - - --root-cas={{ .Values.rootCAs}} - {{- end }} - {{- if .Values.serverAddr }} - - --server-addr={{ .Values.serverAddr}} - {{- end }} - {{- if .Values.metaData }} - - --metadata={{- $metadataArgs := list -}} - {{- range $key, $value := .Values.metaData }} - {{- $metadataArgs = append $metadataArgs (printf "%s=%s" $key $value) -}} - {{- end }} - {{- $metadataArgs | join "," }} - {{- end }} - - --controller-name={{ .Values.controllerName }} - {{- if .Values.watchNamespace }} - - --watch-namespace={{ .Values.watchNamespace}} - {{- end }} - {{- if .Values.useExperimentalGatewayApi }} - - --use-experimental-gateway-api={{ .Values.useExperimentalGatewayApi }} - {{- end }} - - --zap-log-level={{ .Values.log.level }} - - --zap-stacktrace-level={{ .Values.log.stacktraceLevel }} - - --zap-encoder={{ .Values.log.format }} - - --health-probe-bind-address=:8081 - - --metrics-bind-address=:8080 - - --election-id={{ include "kubernetes-ingress-controller.fullname" . }}-leader - - --manager-name={{ include "kubernetes-ingress-controller.fullname" . }}-manager - securityContext: - allowPrivilegeEscalation: false - env: - - name: NGROK_API_KEY - valueFrom: - secretKeyRef: - key: API_KEY - name: {{ include "kubernetes-ingress-controller.credentialsSecretName" . }} - - name: NGROK_AUTHTOKEN - valueFrom: - secretKeyRef: - key: AUTHTOKEN - name: {{ include "kubernetes-ingress-controller.credentialsSecretName" . }} - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - {{- range $key, $value := .Values.extraEnv }} - - name: {{ $key }} - value: {{- toYaml $value | nindent 12 }} - {{- end }} - {{- if .Values.extraVolumeMounts }} - volumeMounts: - {{ toYaml .Values.extraVolumeMounts | nindent 10 }} - {{- end }} - {{- if .Values.lifecycle }} - lifecycle: - {{ toYaml .Values.lifecycle | nindent 10 }} - {{- end }} - livenessProbe: - httpGet: - path: /healthz - port: 8081 - initialDelaySeconds: 15 - periodSeconds: 20 - readinessProbe: - httpGet: - path: /readyz - port: 8081 - initialDelaySeconds: 5 - periodSeconds: 10 - resources: - {{- toYaml .Values.resources | nindent 10 }} - {{- if .Values.extraVolumes }} - volumes: - {{ toYaml .Values.extraVolumes | nindent 6 }} - {{- end }} diff --git a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/controller-pdb.yaml b/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/controller-pdb.yaml deleted file mode 100644 index 7046631..0000000 --- a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/controller-pdb.yaml +++ /dev/null @@ -1,26 +0,0 @@ -{{- if .Values.podDisruptionBudget.create }} -{{ $component := "controller"}} ---- -apiVersion: policy/v1 -kind: PodDisruptionBudget -metadata: - name: {{ include "kubernetes-ingress-controller.fullname" . }}-controller-pdb - namespace: {{ .Release.Namespace | quote }} - labels: - {{- include "kubernetes-ingress-controller.labels" . | nindent 4 }} - app.kubernetes.io/component: {{ $component }} -spec: - {{- if .Values.podDisruptionBudget.minAvailable }} - minAvailable: {{ .Values.podDisruptionBudget.minAvailable }} - {{- end }} - {{- if .Values.podDisruptionBudget.maxUnavailable }} - maxUnavailable: {{ .Values.podDisruptionBudget.maxUnavailable }} - {{- end }} - selector: - matchLabels: - {{- include "kubernetes-ingress-controller.selectorLabels" . | nindent 6 }} - {{- if .Values.podLabels }} - {{- toYaml .Values.podLabels | nindent 6 }} - {{- end }} - app.kubernetes.io/component: {{ $component }} -{{- end }} diff --git a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/controller-rbac.yaml b/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/controller-rbac.yaml deleted file mode 100644 index 82fade5..0000000 --- a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/controller-rbac.yaml +++ /dev/null @@ -1,96 +0,0 @@ ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: ngrok-ingress-controller-leader-election-role - namespace: {{ .Release.Namespace }} -rules: -- apiGroups: - - "" - resources: - - configmaps - verbs: - - get - - list - - watch - - create - - update - - patch - - delete -- apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - get - - list - - watch - - create - - update - - patch - - delete -- apiGroups: - - "" - resources: - - events - verbs: - - create - - patch ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: ngrok-ingress-controller-proxy-role -rules: -- apiGroups: - - authentication.k8s.io - resources: - - tokenreviews - verbs: - - create -- apiGroups: - - authorization.k8s.io - resources: - - subjectaccessreviews - verbs: - - create ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: ngrok-ingress-controller-leader-election-rolebinding - namespace: {{ .Release.Namespace }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: ngrok-ingress-controller-leader-election-role -subjects: -- kind: ServiceAccount - name: {{ template "kubernetes-ingress-controller.serviceAccountName" . }} - namespace: {{ .Release.Namespace }} ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: ngrok-ingress-controller-manager-rolebinding -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: ngrok-ingress-controller-manager-role -subjects: -- kind: ServiceAccount - name: {{ template "kubernetes-ingress-controller.serviceAccountName" . }} - namespace: {{ .Release.Namespace }} ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: ngrok-ingress-controller-proxy-rolebinding -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: ngrok-ingress-controller-proxy-role -subjects: -- kind: ServiceAccount - name: {{ template "kubernetes-ingress-controller.serviceAccountName" . }} - namespace: {{ .Release.Namespace }} diff --git a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/controller-serviceaccount.yaml b/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/controller-serviceaccount.yaml deleted file mode 100644 index d80a5d8..0000000 --- a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/controller-serviceaccount.yaml +++ /dev/null @@ -1,15 +0,0 @@ -{{- if .Values.serviceAccount.create -}} ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ template "kubernetes-ingress-controller.serviceAccountName" . }} - namespace: {{ .Release.Namespace }} - labels: - {{- include "kubernetes-ingress-controller.labels" . | nindent 4 }} - app.kubernetes.io/component: controller - {{- if .Values.serviceAccount.annotations }} - annotations: - {{- toYaml .Values.serviceAccount.annotations | nindent 4 }} - {{- end }} -{{- end }} diff --git a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/crds/ingress.k8s.ngrok.com_domains.yaml b/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/crds/ingress.k8s.ngrok.com_domains.yaml deleted file mode 100644 index ab02a95..0000000 --- a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/crds/ingress.k8s.ngrok.com_domains.yaml +++ /dev/null @@ -1,105 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.14.0 - name: domains.ingress.k8s.ngrok.com -spec: - group: ingress.k8s.ngrok.com - names: - kind: Domain - listKind: DomainList - plural: domains - singular: domain - scope: Namespaced - versions: - - additionalPrinterColumns: - - description: Domain ID - jsonPath: .status.id - name: ID - type: string - - description: Region - jsonPath: .status.region - name: Region - type: string - - description: Domain - jsonPath: .status.domain - name: Domain - type: string - - description: CNAME Target - jsonPath: .status.cnameTarget - name: CNAME Target - type: string - - description: Age - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - description: Domain is the Schema for the domains API - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: DomainSpec defines the desired state of Domain - properties: - description: - default: Created by kubernetes-ingress-controller - description: Description is a human-readable description of the object - in the ngrok API/Dashboard - type: string - domain: - description: Domain is the domain name to reserve - type: string - metadata: - default: '{"owned-by":"kubernetes-ingress-controller"}' - description: Metadata is a string of arbitrary data associated with - the object in the ngrok API/Dashboard - type: string - region: - description: Region is the region in which to reserve the domain - type: string - required: - - domain - type: object - status: - description: DomainStatus defines the observed state of Domain - properties: - cnameTarget: - description: CNAMETarget is the CNAME target for the domain - type: string - domain: - description: Domain is the domain that was reserved - type: string - id: - description: ID is the unique identifier of the domain - type: string - region: - description: Region is the region in which the domain was created - type: string - uri: - description: URI of the reserved domain API resource - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} diff --git a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/crds/ingress.k8s.ngrok.com_httpsedges.yaml b/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/crds/ingress.k8s.ngrok.com_httpsedges.yaml deleted file mode 100644 index ffafa42..0000000 --- a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/crds/ingress.k8s.ngrok.com_httpsedges.yaml +++ /dev/null @@ -1,1062 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.14.0 - name: httpsedges.ingress.k8s.ngrok.com -spec: - group: ingress.k8s.ngrok.com - names: - kind: HTTPSEdge - listKind: HTTPSEdgeList - plural: httpsedges - singular: httpsedge - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: HTTPSEdge is the Schema for the httpsedges API - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: HTTPSEdgeSpec defines the desired state of HTTPSEdge - properties: - description: - default: Created by kubernetes-ingress-controller - description: Description is a human-readable description of the object - in the ngrok API/Dashboard - type: string - hostports: - description: Hostports is a list of hostports served by this edge - items: - type: string - type: array - metadata: - default: '{"owned-by":"kubernetes-ingress-controller"}' - description: Metadata is a string of arbitrary data associated with - the object in the ngrok API/Dashboard - type: string - mutualTLS: - properties: - certificateAuthorities: - description: |- - List of CA IDs that will be used to validate incoming connections to the - edge. - items: - type: string - type: array - type: object - routes: - description: Routes is a list of routes served by this edge - items: - properties: - backend: - description: |- - Backend is the definition for the tunnel group backend - that serves traffic for this edge - properties: - description: - default: Created by kubernetes-ingress-controller - description: Description is a human-readable description - of the object in the ngrok API/Dashboard - type: string - labels: - additionalProperties: - type: string - description: Labels to watch for tunnels on this backend - type: object - metadata: - default: '{"owned-by":"kubernetes-ingress-controller"}' - description: Metadata is a string of arbitrary data associated - with the object in the ngrok API/Dashboard - type: string - type: object - circuitBreaker: - description: CircuitBreaker is a circuit breaker configuration - to apply to this route - properties: - errorThresholdPercentage: - anyOf: - - type: integer - - type: string - description: Error threshold percentage should be between - 0 - 1.0, not 0-100.0 - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - numBuckets: - description: Integer number of buckets into which metrics - are retained. Max 128. - format: int32 - maximum: 128 - minimum: 1 - type: integer - rollingWindow: - description: Statistical rolling window duration that metrics - are retained for. - format: duration - type: string - trippedDuration: - description: Duration after which the circuit is tripped - to wait before re-evaluating upstream health - format: duration - type: string - volumeThreshold: - description: |- - Integer number of requests in a rolling window that will trip the circuit. - Helpful if traffic volume is low. - format: int32 - type: integer - type: object - compression: - description: Compression is whether or not to enable compression - for this route - properties: - enabled: - description: Enabled is whether or not to enable compression - for this endpoint - type: boolean - type: object - description: - default: Created by kubernetes-ingress-controller - description: Description is a human-readable description of - the object in the ngrok API/Dashboard - type: string - headers: - description: Headers are request/response headers to apply to - this route - properties: - request: - description: Request headers are the request headers module - configuration or null - properties: - add: - additionalProperties: - type: string - description: |- - a map of header key to header value that will be injected into the HTTP Request - before being sent to the upstream application server - type: object - remove: - description: |- - a list of header names that will be removed from the HTTP Request before being - sent to the upstream application server - items: - type: string - type: array - type: object - response: - description: Response headers are the response headers module - configuration or null - properties: - add: - additionalProperties: - type: string - description: |- - a map of header key to header value that will be injected into the HTTP Response - returned to the HTTP client - type: object - remove: - description: |- - a list of header names that will be removed from the HTTP Response returned to - the HTTP client - items: - type: string - type: array - type: object - type: object - ipRestriction: - description: IPRestriction is an IPRestriction to apply to this - route - properties: - policies: - items: - type: string - type: array - type: object - match: - description: Match is the value to match against the request - path - type: string - matchType: - description: 'MatchType is the type of match to use for this - route. Valid values are:' - enum: - - exact_path - - path_prefix - type: string - metadata: - default: '{"owned-by":"kubernetes-ingress-controller"}' - description: Metadata is a string of arbitrary data associated - with the object in the ngrok API/Dashboard - type: string - oauth: - description: OAuth configuration to apply to this route - properties: - amazon: - description: configuration for using amazon as the identity - provider - properties: - authCheckInterval: - description: |- - Duration after which ngrok guarantees it will refresh user - state from the identity provider and recheck whether the user is still - authorized to access the endpoint. This is the preferred tunable to use to - enforce a minimum amount of time after which a revoked user will no longer be - able to access the resource. - format: duration - type: string - clientId: - description: |- - the OAuth app client ID. retrieve it from the identity provider's dashboard - where you created your own OAuth app. optional. if unspecified, ngrok will use - its own managed oauth application which has additional restrictions. see the - OAuth module docs for more details. if present, clientSecret must be present as - well. - type: string - clientSecret: - description: |- - the OAuth app client secret. retrieve if from the identity provider's dashboard - where you created your own OAuth app. optional, see all of the caveats in the - docs for clientId. - properties: - key: - description: Key in the secret to use - type: string - name: - description: Name of the Kubernetes secret - type: string - type: object - cookiePrefix: - description: |- - the prefix of the session cookie that ngrok sets on the http client to cache - authentication. default is 'ngrok.' - type: string - emailAddresses: - description: |- - a list of email addresses of users authenticated by identity provider who are - allowed access to the endpoint - items: - type: string - type: array - emailDomains: - description: |- - a list of email domains of users authenticated by identity provider who are - allowed access to the endpoint - items: - type: string - type: array - inactivityTimeout: - description: |- - Duration of inactivity after which if the user has not accessed - the endpoint, their session will time out and they will be forced to - reauthenticate. - format: duration - type: string - maximumDuration: - description: |- - Integer number of seconds of the maximum duration of an authenticated session. - After this period is exceeded, a user must reauthenticate. - format: duration - type: string - optionsPassthrough: - description: |- - Do not enforce authentication on HTTP OPTIONS requests. necessary if you are - supporting CORS. - type: boolean - scopes: - description: |- - a list of provider-specific OAuth scopes with the permissions your OAuth app - would like to ask for. these may not be set if you are using the ngrok-managed - oauth app (i.e. you must pass both client_id and client_secret to set scopes) - items: - type: string - type: array - type: object - facebook: - description: configuration for using facebook as the identity - provider - properties: - authCheckInterval: - description: |- - Duration after which ngrok guarantees it will refresh user - state from the identity provider and recheck whether the user is still - authorized to access the endpoint. This is the preferred tunable to use to - enforce a minimum amount of time after which a revoked user will no longer be - able to access the resource. - format: duration - type: string - clientId: - description: |- - the OAuth app client ID. retrieve it from the identity provider's dashboard - where you created your own OAuth app. optional. if unspecified, ngrok will use - its own managed oauth application which has additional restrictions. see the - OAuth module docs for more details. if present, clientSecret must be present as - well. - type: string - clientSecret: - description: |- - the OAuth app client secret. retrieve if from the identity provider's dashboard - where you created your own OAuth app. optional, see all of the caveats in the - docs for clientId. - properties: - key: - description: Key in the secret to use - type: string - name: - description: Name of the Kubernetes secret - type: string - type: object - cookiePrefix: - description: |- - the prefix of the session cookie that ngrok sets on the http client to cache - authentication. default is 'ngrok.' - type: string - emailAddresses: - description: |- - a list of email addresses of users authenticated by identity provider who are - allowed access to the endpoint - items: - type: string - type: array - emailDomains: - description: |- - a list of email domains of users authenticated by identity provider who are - allowed access to the endpoint - items: - type: string - type: array - inactivityTimeout: - description: |- - Duration of inactivity after which if the user has not accessed - the endpoint, their session will time out and they will be forced to - reauthenticate. - format: duration - type: string - maximumDuration: - description: |- - Integer number of seconds of the maximum duration of an authenticated session. - After this period is exceeded, a user must reauthenticate. - format: duration - type: string - optionsPassthrough: - description: |- - Do not enforce authentication on HTTP OPTIONS requests. necessary if you are - supporting CORS. - type: boolean - scopes: - description: |- - a list of provider-specific OAuth scopes with the permissions your OAuth app - would like to ask for. these may not be set if you are using the ngrok-managed - oauth app (i.e. you must pass both client_id and client_secret to set scopes) - items: - type: string - type: array - type: object - github: - description: configuration for using github as the identity - provider - properties: - authCheckInterval: - description: |- - Duration after which ngrok guarantees it will refresh user - state from the identity provider and recheck whether the user is still - authorized to access the endpoint. This is the preferred tunable to use to - enforce a minimum amount of time after which a revoked user will no longer be - able to access the resource. - format: duration - type: string - clientId: - description: |- - the OAuth app client ID. retrieve it from the identity provider's dashboard - where you created your own OAuth app. optional. if unspecified, ngrok will use - its own managed oauth application which has additional restrictions. see the - OAuth module docs for more details. if present, clientSecret must be present as - well. - type: string - clientSecret: - description: |- - the OAuth app client secret. retrieve if from the identity provider's dashboard - where you created your own OAuth app. optional, see all of the caveats in the - docs for clientId. - properties: - key: - description: Key in the secret to use - type: string - name: - description: Name of the Kubernetes secret - type: string - type: object - cookiePrefix: - description: |- - the prefix of the session cookie that ngrok sets on the http client to cache - authentication. default is 'ngrok.' - type: string - emailAddresses: - description: |- - a list of email addresses of users authenticated by identity provider who are - allowed access to the endpoint - items: - type: string - type: array - emailDomains: - description: |- - a list of email domains of users authenticated by identity provider who are - allowed access to the endpoint - items: - type: string - type: array - inactivityTimeout: - description: |- - Duration of inactivity after which if the user has not accessed - the endpoint, their session will time out and they will be forced to - reauthenticate. - format: duration - type: string - maximumDuration: - description: |- - Integer number of seconds of the maximum duration of an authenticated session. - After this period is exceeded, a user must reauthenticate. - format: duration - type: string - optionsPassthrough: - description: |- - Do not enforce authentication on HTTP OPTIONS requests. necessary if you are - supporting CORS. - type: boolean - organizations: - description: |- - a list of github org identifiers. users who are members of any of the listed - organizations will be allowed access. identifiers should be the organization's - 'slug' - items: - type: string - type: array - scopes: - description: |- - a list of provider-specific OAuth scopes with the permissions your OAuth app - would like to ask for. these may not be set if you are using the ngrok-managed - oauth app (i.e. you must pass both client_id and client_secret to set scopes) - items: - type: string - type: array - teams: - description: |- - a list of github teams identifiers. users will be allowed access to the endpoint - if they are a member of any of these teams. identifiers should be in the 'slug' - format qualified with the org name, e.g. org-name/team-name - items: - type: string - type: array - type: object - gitlab: - description: configuration for using gitlab as the identity - provider - properties: - authCheckInterval: - description: |- - Duration after which ngrok guarantees it will refresh user - state from the identity provider and recheck whether the user is still - authorized to access the endpoint. This is the preferred tunable to use to - enforce a minimum amount of time after which a revoked user will no longer be - able to access the resource. - format: duration - type: string - clientId: - description: |- - the OAuth app client ID. retrieve it from the identity provider's dashboard - where you created your own OAuth app. optional. if unspecified, ngrok will use - its own managed oauth application which has additional restrictions. see the - OAuth module docs for more details. if present, clientSecret must be present as - well. - type: string - clientSecret: - description: |- - the OAuth app client secret. retrieve if from the identity provider's dashboard - where you created your own OAuth app. optional, see all of the caveats in the - docs for clientId. - properties: - key: - description: Key in the secret to use - type: string - name: - description: Name of the Kubernetes secret - type: string - type: object - cookiePrefix: - description: |- - the prefix of the session cookie that ngrok sets on the http client to cache - authentication. default is 'ngrok.' - type: string - emailAddresses: - description: |- - a list of email addresses of users authenticated by identity provider who are - allowed access to the endpoint - items: - type: string - type: array - emailDomains: - description: |- - a list of email domains of users authenticated by identity provider who are - allowed access to the endpoint - items: - type: string - type: array - inactivityTimeout: - description: |- - Duration of inactivity after which if the user has not accessed - the endpoint, their session will time out and they will be forced to - reauthenticate. - format: duration - type: string - maximumDuration: - description: |- - Integer number of seconds of the maximum duration of an authenticated session. - After this period is exceeded, a user must reauthenticate. - format: duration - type: string - optionsPassthrough: - description: |- - Do not enforce authentication on HTTP OPTIONS requests. necessary if you are - supporting CORS. - type: boolean - scopes: - description: |- - a list of provider-specific OAuth scopes with the permissions your OAuth app - would like to ask for. these may not be set if you are using the ngrok-managed - oauth app (i.e. you must pass both client_id and client_secret to set scopes) - items: - type: string - type: array - type: object - google: - description: configuration for using google as the identity - provider - properties: - authCheckInterval: - description: |- - Duration after which ngrok guarantees it will refresh user - state from the identity provider and recheck whether the user is still - authorized to access the endpoint. This is the preferred tunable to use to - enforce a minimum amount of time after which a revoked user will no longer be - able to access the resource. - format: duration - type: string - clientId: - description: |- - the OAuth app client ID. retrieve it from the identity provider's dashboard - where you created your own OAuth app. optional. if unspecified, ngrok will use - its own managed oauth application which has additional restrictions. see the - OAuth module docs for more details. if present, clientSecret must be present as - well. - type: string - clientSecret: - description: |- - the OAuth app client secret. retrieve if from the identity provider's dashboard - where you created your own OAuth app. optional, see all of the caveats in the - docs for clientId. - properties: - key: - description: Key in the secret to use - type: string - name: - description: Name of the Kubernetes secret - type: string - type: object - cookiePrefix: - description: |- - the prefix of the session cookie that ngrok sets on the http client to cache - authentication. default is 'ngrok.' - type: string - emailAddresses: - description: |- - a list of email addresses of users authenticated by identity provider who are - allowed access to the endpoint - items: - type: string - type: array - emailDomains: - description: |- - a list of email domains of users authenticated by identity provider who are - allowed access to the endpoint - items: - type: string - type: array - inactivityTimeout: - description: |- - Duration of inactivity after which if the user has not accessed - the endpoint, their session will time out and they will be forced to - reauthenticate. - format: duration - type: string - maximumDuration: - description: |- - Integer number of seconds of the maximum duration of an authenticated session. - After this period is exceeded, a user must reauthenticate. - format: duration - type: string - optionsPassthrough: - description: |- - Do not enforce authentication on HTTP OPTIONS requests. necessary if you are - supporting CORS. - type: boolean - scopes: - description: |- - a list of provider-specific OAuth scopes with the permissions your OAuth app - would like to ask for. these may not be set if you are using the ngrok-managed - oauth app (i.e. you must pass both client_id and client_secret to set scopes) - items: - type: string - type: array - type: object - linkedin: - description: configuration for using linkedin as the identity - provider - properties: - authCheckInterval: - description: |- - Duration after which ngrok guarantees it will refresh user - state from the identity provider and recheck whether the user is still - authorized to access the endpoint. This is the preferred tunable to use to - enforce a minimum amount of time after which a revoked user will no longer be - able to access the resource. - format: duration - type: string - clientId: - description: |- - the OAuth app client ID. retrieve it from the identity provider's dashboard - where you created your own OAuth app. optional. if unspecified, ngrok will use - its own managed oauth application which has additional restrictions. see the - OAuth module docs for more details. if present, clientSecret must be present as - well. - type: string - clientSecret: - description: |- - the OAuth app client secret. retrieve if from the identity provider's dashboard - where you created your own OAuth app. optional, see all of the caveats in the - docs for clientId. - properties: - key: - description: Key in the secret to use - type: string - name: - description: Name of the Kubernetes secret - type: string - type: object - cookiePrefix: - description: |- - the prefix of the session cookie that ngrok sets on the http client to cache - authentication. default is 'ngrok.' - type: string - emailAddresses: - description: |- - a list of email addresses of users authenticated by identity provider who are - allowed access to the endpoint - items: - type: string - type: array - emailDomains: - description: |- - a list of email domains of users authenticated by identity provider who are - allowed access to the endpoint - items: - type: string - type: array - inactivityTimeout: - description: |- - Duration of inactivity after which if the user has not accessed - the endpoint, their session will time out and they will be forced to - reauthenticate. - format: duration - type: string - maximumDuration: - description: |- - Integer number of seconds of the maximum duration of an authenticated session. - After this period is exceeded, a user must reauthenticate. - format: duration - type: string - optionsPassthrough: - description: |- - Do not enforce authentication on HTTP OPTIONS requests. necessary if you are - supporting CORS. - type: boolean - scopes: - description: |- - a list of provider-specific OAuth scopes with the permissions your OAuth app - would like to ask for. these may not be set if you are using the ngrok-managed - oauth app (i.e. you must pass both client_id and client_secret to set scopes) - items: - type: string - type: array - type: object - microsoft: - description: configuration for using microsoft as the identity - provider - properties: - authCheckInterval: - description: |- - Duration after which ngrok guarantees it will refresh user - state from the identity provider and recheck whether the user is still - authorized to access the endpoint. This is the preferred tunable to use to - enforce a minimum amount of time after which a revoked user will no longer be - able to access the resource. - format: duration - type: string - clientId: - description: |- - the OAuth app client ID. retrieve it from the identity provider's dashboard - where you created your own OAuth app. optional. if unspecified, ngrok will use - its own managed oauth application which has additional restrictions. see the - OAuth module docs for more details. if present, clientSecret must be present as - well. - type: string - clientSecret: - description: |- - the OAuth app client secret. retrieve if from the identity provider's dashboard - where you created your own OAuth app. optional, see all of the caveats in the - docs for clientId. - properties: - key: - description: Key in the secret to use - type: string - name: - description: Name of the Kubernetes secret - type: string - type: object - cookiePrefix: - description: |- - the prefix of the session cookie that ngrok sets on the http client to cache - authentication. default is 'ngrok.' - type: string - emailAddresses: - description: |- - a list of email addresses of users authenticated by identity provider who are - allowed access to the endpoint - items: - type: string - type: array - emailDomains: - description: |- - a list of email domains of users authenticated by identity provider who are - allowed access to the endpoint - items: - type: string - type: array - inactivityTimeout: - description: |- - Duration of inactivity after which if the user has not accessed - the endpoint, their session will time out and they will be forced to - reauthenticate. - format: duration - type: string - maximumDuration: - description: |- - Integer number of seconds of the maximum duration of an authenticated session. - After this period is exceeded, a user must reauthenticate. - format: duration - type: string - optionsPassthrough: - description: |- - Do not enforce authentication on HTTP OPTIONS requests. necessary if you are - supporting CORS. - type: boolean - scopes: - description: |- - a list of provider-specific OAuth scopes with the permissions your OAuth app - would like to ask for. these may not be set if you are using the ngrok-managed - oauth app (i.e. you must pass both client_id and client_secret to set scopes) - items: - type: string - type: array - type: object - twitch: - description: configuration for using twitch as the identity - provider - properties: - authCheckInterval: - description: |- - Duration after which ngrok guarantees it will refresh user - state from the identity provider and recheck whether the user is still - authorized to access the endpoint. This is the preferred tunable to use to - enforce a minimum amount of time after which a revoked user will no longer be - able to access the resource. - format: duration - type: string - clientId: - description: |- - the OAuth app client ID. retrieve it from the identity provider's dashboard - where you created your own OAuth app. optional. if unspecified, ngrok will use - its own managed oauth application which has additional restrictions. see the - OAuth module docs for more details. if present, clientSecret must be present as - well. - type: string - clientSecret: - description: |- - the OAuth app client secret. retrieve if from the identity provider's dashboard - where you created your own OAuth app. optional, see all of the caveats in the - docs for clientId. - properties: - key: - description: Key in the secret to use - type: string - name: - description: Name of the Kubernetes secret - type: string - type: object - cookiePrefix: - description: |- - the prefix of the session cookie that ngrok sets on the http client to cache - authentication. default is 'ngrok.' - type: string - emailAddresses: - description: |- - a list of email addresses of users authenticated by identity provider who are - allowed access to the endpoint - items: - type: string - type: array - emailDomains: - description: |- - a list of email domains of users authenticated by identity provider who are - allowed access to the endpoint - items: - type: string - type: array - inactivityTimeout: - description: |- - Duration of inactivity after which if the user has not accessed - the endpoint, their session will time out and they will be forced to - reauthenticate. - format: duration - type: string - maximumDuration: - description: |- - Integer number of seconds of the maximum duration of an authenticated session. - After this period is exceeded, a user must reauthenticate. - format: duration - type: string - optionsPassthrough: - description: |- - Do not enforce authentication on HTTP OPTIONS requests. necessary if you are - supporting CORS. - type: boolean - scopes: - description: |- - a list of provider-specific OAuth scopes with the permissions your OAuth app - would like to ask for. these may not be set if you are using the ngrok-managed - oauth app (i.e. you must pass both client_id and client_secret to set scopes) - items: - type: string - type: array - type: object - type: object - oidc: - description: OIDC is the OpenID Connect configuration to apply - to this route - properties: - clientId: - description: The OIDC app's client ID and OIDC audience. - type: string - clientSecret: - description: The OIDC app's client secret. - properties: - key: - description: Key in the secret to use - type: string - name: - description: Name of the Kubernetes secret - type: string - type: object - cookiePrefix: - description: |- - the prefix of the session cookie that ngrok sets on the http client to cache - authentication. default is 'ngrok.' - type: string - inactivityTimeout: - description: |- - Duration of inactivity after which if the user has not accessed - the endpoint, their session will time out and they will be forced to - reauthenticate. - format: duration - type: string - issuer: - description: URL of the OIDC "OpenID provider". This is - the base URL used for discovery. - type: string - maximumDuration: - description: |- - The maximum duration of an authenticated session. - After this period is exceeded, a user must reauthenticate. - format: duration - type: string - optionsPassthrough: - description: |- - Do not enforce authentication on HTTP OPTIONS requests. necessary if you are - supporting CORS. - type: boolean - scopes: - description: The set of scopes to request from the OIDC - identity provider. - items: - type: string - type: array - type: object - policy: - description: raw json policy string that was applied to the - ngrok API - type: object - x-kubernetes-preserve-unknown-fields: true - saml: - description: SAML is the SAML configuration to apply to this - route - properties: - allowIdpInitiated: - description: |- - If true, the IdP may initiate a login directly (e.g. the user does not need to - visit the endpoint first and then be redirected). The IdP should set the - RelayState parameter to the target URL of the resource they want the user to be - redirected to after the SAML login assertion has been processed. - type: boolean - authorizedGroups: - description: |- - If present, only users who are a member of one of the listed groups may access - the target endpoint. - items: - type: string - type: array - cookiePrefix: - description: |- - the prefix of the session cookie that ngrok sets on the http client to cache - authentication. default is 'ngrok.' - type: string - forceAuthn: - description: |- - If true, indicates that whenever we redirect a user to the IdP for - authentication that the IdP must prompt the user for authentication credentials - even if the user already has a valid session with the IdP. - type: boolean - idpMetadata: - description: |- - The full XML IdP EntityDescriptor. Your IdP may provide this to you as a a file - to download or as a URL. - type: string - inactivityTimeout: - description: |- - Duration of inactivity after which if the user has not accessed - the endpoint, their session will time out and they will be forced to - reauthenticate. - format: duration - type: string - maximumDuration: - description: |- - The maximum duration of an authenticated session. - After this period is exceeded, a user must reauthenticate. - format: duration - type: string - nameidFormat: - description: |- - Defines the name identifier format the SP expects the IdP to use in its - assertions to identify subjects. If unspecified, a default value of - urn:oasis:names:tc:SAML:2.0:nameid-format:persistent will be used. A subset of - the allowed values enumerated by the SAML specification are supported. - type: string - optionsPassthrough: - description: |- - Do not enforce authentication on HTTP OPTIONS requests. necessary if you are - supporting CORS. - type: boolean - type: object - webhookVerification: - description: WebhookVerification is webhook verification configuration - to apply to this route - properties: - provider: - description: |- - a string indicating which webhook provider will be sending webhooks to this - endpoint. Value must be one of the supported providers defined at - https://ngrok.com/docs/http/webhook-verification/#supported-providers - type: string - secret: - description: |- - SecretRef is a reference to a secret containing the secret used to validate - requests from the given provider. All providers except AWS SNS require a secret - properties: - key: - description: Key in the secret to use - type: string - name: - description: Name of the Kubernetes secret - type: string - type: object - type: object - required: - - match - - matchType - type: object - type: array - tlsTermination: - description: TLSTermination is the TLS termination configuration for - this edge - properties: - minVersion: - description: MinVersion is the minimum TLS version to allow for - connections to the edge - type: string - type: object - type: object - status: - description: HTTPSEdgeStatus defines the observed state of HTTPSEdge - properties: - id: - description: ID is the unique identifier for this edge - type: string - routes: - items: - properties: - backend: - description: |- - Backend stores the status of the tunnel group backend, - mainly the ID of the backend - properties: - id: - description: ID is the unique identifier for this backend - type: string - type: object - id: - description: ID is the unique identifier for this route - type: string - match: - type: string - matchType: - type: string - uri: - description: URI is the URI for this route - type: string - type: object - type: array - uri: - description: URI is the URI for this edge - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} diff --git a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/crds/ingress.k8s.ngrok.com_ippolicies.yaml b/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/crds/ingress.k8s.ngrok.com_ippolicies.yaml deleted file mode 100644 index 1508f76..0000000 --- a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/crds/ingress.k8s.ngrok.com_ippolicies.yaml +++ /dev/null @@ -1,109 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.14.0 - name: ippolicies.ingress.k8s.ngrok.com -spec: - group: ingress.k8s.ngrok.com - names: - kind: IPPolicy - listKind: IPPolicyList - plural: ippolicies - singular: ippolicy - scope: Namespaced - versions: - - additionalPrinterColumns: - - description: IPPolicy ID - jsonPath: .status.id - name: ID - type: string - - description: Age - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - description: IPPolicy is the Schema for the ippolicies API - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: IPPolicySpec defines the desired state of IPPolicy - properties: - description: - default: Created by kubernetes-ingress-controller - description: Description is a human-readable description of the object - in the ngrok API/Dashboard - type: string - metadata: - default: '{"owned-by":"kubernetes-ingress-controller"}' - description: Metadata is a string of arbitrary data associated with - the object in the ngrok API/Dashboard - type: string - rules: - description: Rules is a list of rules that belong to the policy - items: - properties: - action: - enum: - - allow - - deny - type: string - cidr: - type: string - description: - default: Created by kubernetes-ingress-controller - description: Description is a human-readable description of - the object in the ngrok API/Dashboard - type: string - metadata: - default: '{"owned-by":"kubernetes-ingress-controller"}' - description: Metadata is a string of arbitrary data associated - with the object in the ngrok API/Dashboard - type: string - type: object - type: array - type: object - status: - description: IPPolicyStatus defines the observed state of IPPolicy - properties: - id: - description: |- - INSERT ADDITIONAL STATUS FIELD - define observed state of cluster - Important: Run "make" to regenerate code after modifying this file - type: string - rules: - items: - properties: - action: - type: string - cidr: - type: string - id: - type: string - type: object - type: array - type: object - type: object - served: true - storage: true - subresources: - status: {} diff --git a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/crds/ingress.k8s.ngrok.com_ngrokmodulesets.yaml b/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/crds/ingress.k8s.ngrok.com_ngrokmodulesets.yaml deleted file mode 100644 index ef4a5a8..0000000 --- a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/crds/ingress.k8s.ngrok.com_ngrokmodulesets.yaml +++ /dev/null @@ -1,1008 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.14.0 - name: ngrokmodulesets.ingress.k8s.ngrok.com -spec: - group: ingress.k8s.ngrok.com - names: - kind: NgrokModuleSet - listKind: NgrokModuleSetList - plural: ngrokmodulesets - singular: ngrokmoduleset - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: NgrokModuleSet is the Schema for the ngrokmodules API - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - modules: - properties: - circuitBreaker: - description: CircuitBreaker configuration for this module set - properties: - errorThresholdPercentage: - anyOf: - - type: integer - - type: string - description: Error threshold percentage should be between 0 - - 1.0, not 0-100.0 - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - numBuckets: - description: Integer number of buckets into which metrics are - retained. Max 128. - format: int32 - maximum: 128 - minimum: 1 - type: integer - rollingWindow: - description: Statistical rolling window duration that metrics - are retained for. - format: duration - type: string - trippedDuration: - description: Duration after which the circuit is tripped to wait - before re-evaluating upstream health - format: duration - type: string - volumeThreshold: - description: |- - Integer number of requests in a rolling window that will trip the circuit. - Helpful if traffic volume is low. - format: int32 - type: integer - type: object - compression: - description: Compression configuration for this module set - properties: - enabled: - description: Enabled is whether or not to enable compression for - this endpoint - type: boolean - type: object - headers: - description: Header configuration for this module set - properties: - request: - description: Request headers are the request headers module configuration - or null - properties: - add: - additionalProperties: - type: string - description: |- - a map of header key to header value that will be injected into the HTTP Request - before being sent to the upstream application server - type: object - remove: - description: |- - a list of header names that will be removed from the HTTP Request before being - sent to the upstream application server - items: - type: string - type: array - type: object - response: - description: Response headers are the response headers module - configuration or null - properties: - add: - additionalProperties: - type: string - description: |- - a map of header key to header value that will be injected into the HTTP Response - returned to the HTTP client - type: object - remove: - description: |- - a list of header names that will be removed from the HTTP Response returned to - the HTTP client - items: - type: string - type: array - type: object - type: object - ipRestriction: - description: IPRestriction configuration for this module set - properties: - policies: - items: - type: string - type: array - type: object - mutualTLS: - description: MutualTLS configuration for this module set - properties: - certificateAuthorities: - description: |- - List of CA IDs that will be used to validate incoming connections to the - edge. - items: - type: string - type: array - type: object - oauth: - description: OAuth configuration for this module set - properties: - amazon: - description: configuration for using amazon as the identity provider - properties: - authCheckInterval: - description: |- - Duration after which ngrok guarantees it will refresh user - state from the identity provider and recheck whether the user is still - authorized to access the endpoint. This is the preferred tunable to use to - enforce a minimum amount of time after which a revoked user will no longer be - able to access the resource. - format: duration - type: string - clientId: - description: |- - the OAuth app client ID. retrieve it from the identity provider's dashboard - where you created your own OAuth app. optional. if unspecified, ngrok will use - its own managed oauth application which has additional restrictions. see the - OAuth module docs for more details. if present, clientSecret must be present as - well. - type: string - clientSecret: - description: |- - the OAuth app client secret. retrieve if from the identity provider's dashboard - where you created your own OAuth app. optional, see all of the caveats in the - docs for clientId. - properties: - key: - description: Key in the secret to use - type: string - name: - description: Name of the Kubernetes secret - type: string - type: object - cookiePrefix: - description: |- - the prefix of the session cookie that ngrok sets on the http client to cache - authentication. default is 'ngrok.' - type: string - emailAddresses: - description: |- - a list of email addresses of users authenticated by identity provider who are - allowed access to the endpoint - items: - type: string - type: array - emailDomains: - description: |- - a list of email domains of users authenticated by identity provider who are - allowed access to the endpoint - items: - type: string - type: array - inactivityTimeout: - description: |- - Duration of inactivity after which if the user has not accessed - the endpoint, their session will time out and they will be forced to - reauthenticate. - format: duration - type: string - maximumDuration: - description: |- - Integer number of seconds of the maximum duration of an authenticated session. - After this period is exceeded, a user must reauthenticate. - format: duration - type: string - optionsPassthrough: - description: |- - Do not enforce authentication on HTTP OPTIONS requests. necessary if you are - supporting CORS. - type: boolean - scopes: - description: |- - a list of provider-specific OAuth scopes with the permissions your OAuth app - would like to ask for. these may not be set if you are using the ngrok-managed - oauth app (i.e. you must pass both client_id and client_secret to set scopes) - items: - type: string - type: array - type: object - facebook: - description: configuration for using facebook as the identity - provider - properties: - authCheckInterval: - description: |- - Duration after which ngrok guarantees it will refresh user - state from the identity provider and recheck whether the user is still - authorized to access the endpoint. This is the preferred tunable to use to - enforce a minimum amount of time after which a revoked user will no longer be - able to access the resource. - format: duration - type: string - clientId: - description: |- - the OAuth app client ID. retrieve it from the identity provider's dashboard - where you created your own OAuth app. optional. if unspecified, ngrok will use - its own managed oauth application which has additional restrictions. see the - OAuth module docs for more details. if present, clientSecret must be present as - well. - type: string - clientSecret: - description: |- - the OAuth app client secret. retrieve if from the identity provider's dashboard - where you created your own OAuth app. optional, see all of the caveats in the - docs for clientId. - properties: - key: - description: Key in the secret to use - type: string - name: - description: Name of the Kubernetes secret - type: string - type: object - cookiePrefix: - description: |- - the prefix of the session cookie that ngrok sets on the http client to cache - authentication. default is 'ngrok.' - type: string - emailAddresses: - description: |- - a list of email addresses of users authenticated by identity provider who are - allowed access to the endpoint - items: - type: string - type: array - emailDomains: - description: |- - a list of email domains of users authenticated by identity provider who are - allowed access to the endpoint - items: - type: string - type: array - inactivityTimeout: - description: |- - Duration of inactivity after which if the user has not accessed - the endpoint, their session will time out and they will be forced to - reauthenticate. - format: duration - type: string - maximumDuration: - description: |- - Integer number of seconds of the maximum duration of an authenticated session. - After this period is exceeded, a user must reauthenticate. - format: duration - type: string - optionsPassthrough: - description: |- - Do not enforce authentication on HTTP OPTIONS requests. necessary if you are - supporting CORS. - type: boolean - scopes: - description: |- - a list of provider-specific OAuth scopes with the permissions your OAuth app - would like to ask for. these may not be set if you are using the ngrok-managed - oauth app (i.e. you must pass both client_id and client_secret to set scopes) - items: - type: string - type: array - type: object - github: - description: configuration for using github as the identity provider - properties: - authCheckInterval: - description: |- - Duration after which ngrok guarantees it will refresh user - state from the identity provider and recheck whether the user is still - authorized to access the endpoint. This is the preferred tunable to use to - enforce a minimum amount of time after which a revoked user will no longer be - able to access the resource. - format: duration - type: string - clientId: - description: |- - the OAuth app client ID. retrieve it from the identity provider's dashboard - where you created your own OAuth app. optional. if unspecified, ngrok will use - its own managed oauth application which has additional restrictions. see the - OAuth module docs for more details. if present, clientSecret must be present as - well. - type: string - clientSecret: - description: |- - the OAuth app client secret. retrieve if from the identity provider's dashboard - where you created your own OAuth app. optional, see all of the caveats in the - docs for clientId. - properties: - key: - description: Key in the secret to use - type: string - name: - description: Name of the Kubernetes secret - type: string - type: object - cookiePrefix: - description: |- - the prefix of the session cookie that ngrok sets on the http client to cache - authentication. default is 'ngrok.' - type: string - emailAddresses: - description: |- - a list of email addresses of users authenticated by identity provider who are - allowed access to the endpoint - items: - type: string - type: array - emailDomains: - description: |- - a list of email domains of users authenticated by identity provider who are - allowed access to the endpoint - items: - type: string - type: array - inactivityTimeout: - description: |- - Duration of inactivity after which if the user has not accessed - the endpoint, their session will time out and they will be forced to - reauthenticate. - format: duration - type: string - maximumDuration: - description: |- - Integer number of seconds of the maximum duration of an authenticated session. - After this period is exceeded, a user must reauthenticate. - format: duration - type: string - optionsPassthrough: - description: |- - Do not enforce authentication on HTTP OPTIONS requests. necessary if you are - supporting CORS. - type: boolean - organizations: - description: |- - a list of github org identifiers. users who are members of any of the listed - organizations will be allowed access. identifiers should be the organization's - 'slug' - items: - type: string - type: array - scopes: - description: |- - a list of provider-specific OAuth scopes with the permissions your OAuth app - would like to ask for. these may not be set if you are using the ngrok-managed - oauth app (i.e. you must pass both client_id and client_secret to set scopes) - items: - type: string - type: array - teams: - description: |- - a list of github teams identifiers. users will be allowed access to the endpoint - if they are a member of any of these teams. identifiers should be in the 'slug' - format qualified with the org name, e.g. org-name/team-name - items: - type: string - type: array - type: object - gitlab: - description: configuration for using gitlab as the identity provider - properties: - authCheckInterval: - description: |- - Duration after which ngrok guarantees it will refresh user - state from the identity provider and recheck whether the user is still - authorized to access the endpoint. This is the preferred tunable to use to - enforce a minimum amount of time after which a revoked user will no longer be - able to access the resource. - format: duration - type: string - clientId: - description: |- - the OAuth app client ID. retrieve it from the identity provider's dashboard - where you created your own OAuth app. optional. if unspecified, ngrok will use - its own managed oauth application which has additional restrictions. see the - OAuth module docs for more details. if present, clientSecret must be present as - well. - type: string - clientSecret: - description: |- - the OAuth app client secret. retrieve if from the identity provider's dashboard - where you created your own OAuth app. optional, see all of the caveats in the - docs for clientId. - properties: - key: - description: Key in the secret to use - type: string - name: - description: Name of the Kubernetes secret - type: string - type: object - cookiePrefix: - description: |- - the prefix of the session cookie that ngrok sets on the http client to cache - authentication. default is 'ngrok.' - type: string - emailAddresses: - description: |- - a list of email addresses of users authenticated by identity provider who are - allowed access to the endpoint - items: - type: string - type: array - emailDomains: - description: |- - a list of email domains of users authenticated by identity provider who are - allowed access to the endpoint - items: - type: string - type: array - inactivityTimeout: - description: |- - Duration of inactivity after which if the user has not accessed - the endpoint, their session will time out and they will be forced to - reauthenticate. - format: duration - type: string - maximumDuration: - description: |- - Integer number of seconds of the maximum duration of an authenticated session. - After this period is exceeded, a user must reauthenticate. - format: duration - type: string - optionsPassthrough: - description: |- - Do not enforce authentication on HTTP OPTIONS requests. necessary if you are - supporting CORS. - type: boolean - scopes: - description: |- - a list of provider-specific OAuth scopes with the permissions your OAuth app - would like to ask for. these may not be set if you are using the ngrok-managed - oauth app (i.e. you must pass both client_id and client_secret to set scopes) - items: - type: string - type: array - type: object - google: - description: configuration for using google as the identity provider - properties: - authCheckInterval: - description: |- - Duration after which ngrok guarantees it will refresh user - state from the identity provider and recheck whether the user is still - authorized to access the endpoint. This is the preferred tunable to use to - enforce a minimum amount of time after which a revoked user will no longer be - able to access the resource. - format: duration - type: string - clientId: - description: |- - the OAuth app client ID. retrieve it from the identity provider's dashboard - where you created your own OAuth app. optional. if unspecified, ngrok will use - its own managed oauth application which has additional restrictions. see the - OAuth module docs for more details. if present, clientSecret must be present as - well. - type: string - clientSecret: - description: |- - the OAuth app client secret. retrieve if from the identity provider's dashboard - where you created your own OAuth app. optional, see all of the caveats in the - docs for clientId. - properties: - key: - description: Key in the secret to use - type: string - name: - description: Name of the Kubernetes secret - type: string - type: object - cookiePrefix: - description: |- - the prefix of the session cookie that ngrok sets on the http client to cache - authentication. default is 'ngrok.' - type: string - emailAddresses: - description: |- - a list of email addresses of users authenticated by identity provider who are - allowed access to the endpoint - items: - type: string - type: array - emailDomains: - description: |- - a list of email domains of users authenticated by identity provider who are - allowed access to the endpoint - items: - type: string - type: array - inactivityTimeout: - description: |- - Duration of inactivity after which if the user has not accessed - the endpoint, their session will time out and they will be forced to - reauthenticate. - format: duration - type: string - maximumDuration: - description: |- - Integer number of seconds of the maximum duration of an authenticated session. - After this period is exceeded, a user must reauthenticate. - format: duration - type: string - optionsPassthrough: - description: |- - Do not enforce authentication on HTTP OPTIONS requests. necessary if you are - supporting CORS. - type: boolean - scopes: - description: |- - a list of provider-specific OAuth scopes with the permissions your OAuth app - would like to ask for. these may not be set if you are using the ngrok-managed - oauth app (i.e. you must pass both client_id and client_secret to set scopes) - items: - type: string - type: array - type: object - linkedin: - description: configuration for using linkedin as the identity - provider - properties: - authCheckInterval: - description: |- - Duration after which ngrok guarantees it will refresh user - state from the identity provider and recheck whether the user is still - authorized to access the endpoint. This is the preferred tunable to use to - enforce a minimum amount of time after which a revoked user will no longer be - able to access the resource. - format: duration - type: string - clientId: - description: |- - the OAuth app client ID. retrieve it from the identity provider's dashboard - where you created your own OAuth app. optional. if unspecified, ngrok will use - its own managed oauth application which has additional restrictions. see the - OAuth module docs for more details. if present, clientSecret must be present as - well. - type: string - clientSecret: - description: |- - the OAuth app client secret. retrieve if from the identity provider's dashboard - where you created your own OAuth app. optional, see all of the caveats in the - docs for clientId. - properties: - key: - description: Key in the secret to use - type: string - name: - description: Name of the Kubernetes secret - type: string - type: object - cookiePrefix: - description: |- - the prefix of the session cookie that ngrok sets on the http client to cache - authentication. default is 'ngrok.' - type: string - emailAddresses: - description: |- - a list of email addresses of users authenticated by identity provider who are - allowed access to the endpoint - items: - type: string - type: array - emailDomains: - description: |- - a list of email domains of users authenticated by identity provider who are - allowed access to the endpoint - items: - type: string - type: array - inactivityTimeout: - description: |- - Duration of inactivity after which if the user has not accessed - the endpoint, their session will time out and they will be forced to - reauthenticate. - format: duration - type: string - maximumDuration: - description: |- - Integer number of seconds of the maximum duration of an authenticated session. - After this period is exceeded, a user must reauthenticate. - format: duration - type: string - optionsPassthrough: - description: |- - Do not enforce authentication on HTTP OPTIONS requests. necessary if you are - supporting CORS. - type: boolean - scopes: - description: |- - a list of provider-specific OAuth scopes with the permissions your OAuth app - would like to ask for. these may not be set if you are using the ngrok-managed - oauth app (i.e. you must pass both client_id and client_secret to set scopes) - items: - type: string - type: array - type: object - microsoft: - description: configuration for using microsoft as the identity - provider - properties: - authCheckInterval: - description: |- - Duration after which ngrok guarantees it will refresh user - state from the identity provider and recheck whether the user is still - authorized to access the endpoint. This is the preferred tunable to use to - enforce a minimum amount of time after which a revoked user will no longer be - able to access the resource. - format: duration - type: string - clientId: - description: |- - the OAuth app client ID. retrieve it from the identity provider's dashboard - where you created your own OAuth app. optional. if unspecified, ngrok will use - its own managed oauth application which has additional restrictions. see the - OAuth module docs for more details. if present, clientSecret must be present as - well. - type: string - clientSecret: - description: |- - the OAuth app client secret. retrieve if from the identity provider's dashboard - where you created your own OAuth app. optional, see all of the caveats in the - docs for clientId. - properties: - key: - description: Key in the secret to use - type: string - name: - description: Name of the Kubernetes secret - type: string - type: object - cookiePrefix: - description: |- - the prefix of the session cookie that ngrok sets on the http client to cache - authentication. default is 'ngrok.' - type: string - emailAddresses: - description: |- - a list of email addresses of users authenticated by identity provider who are - allowed access to the endpoint - items: - type: string - type: array - emailDomains: - description: |- - a list of email domains of users authenticated by identity provider who are - allowed access to the endpoint - items: - type: string - type: array - inactivityTimeout: - description: |- - Duration of inactivity after which if the user has not accessed - the endpoint, their session will time out and they will be forced to - reauthenticate. - format: duration - type: string - maximumDuration: - description: |- - Integer number of seconds of the maximum duration of an authenticated session. - After this period is exceeded, a user must reauthenticate. - format: duration - type: string - optionsPassthrough: - description: |- - Do not enforce authentication on HTTP OPTIONS requests. necessary if you are - supporting CORS. - type: boolean - scopes: - description: |- - a list of provider-specific OAuth scopes with the permissions your OAuth app - would like to ask for. these may not be set if you are using the ngrok-managed - oauth app (i.e. you must pass both client_id and client_secret to set scopes) - items: - type: string - type: array - type: object - twitch: - description: configuration for using twitch as the identity provider - properties: - authCheckInterval: - description: |- - Duration after which ngrok guarantees it will refresh user - state from the identity provider and recheck whether the user is still - authorized to access the endpoint. This is the preferred tunable to use to - enforce a minimum amount of time after which a revoked user will no longer be - able to access the resource. - format: duration - type: string - clientId: - description: |- - the OAuth app client ID. retrieve it from the identity provider's dashboard - where you created your own OAuth app. optional. if unspecified, ngrok will use - its own managed oauth application which has additional restrictions. see the - OAuth module docs for more details. if present, clientSecret must be present as - well. - type: string - clientSecret: - description: |- - the OAuth app client secret. retrieve if from the identity provider's dashboard - where you created your own OAuth app. optional, see all of the caveats in the - docs for clientId. - properties: - key: - description: Key in the secret to use - type: string - name: - description: Name of the Kubernetes secret - type: string - type: object - cookiePrefix: - description: |- - the prefix of the session cookie that ngrok sets on the http client to cache - authentication. default is 'ngrok.' - type: string - emailAddresses: - description: |- - a list of email addresses of users authenticated by identity provider who are - allowed access to the endpoint - items: - type: string - type: array - emailDomains: - description: |- - a list of email domains of users authenticated by identity provider who are - allowed access to the endpoint - items: - type: string - type: array - inactivityTimeout: - description: |- - Duration of inactivity after which if the user has not accessed - the endpoint, their session will time out and they will be forced to - reauthenticate. - format: duration - type: string - maximumDuration: - description: |- - Integer number of seconds of the maximum duration of an authenticated session. - After this period is exceeded, a user must reauthenticate. - format: duration - type: string - optionsPassthrough: - description: |- - Do not enforce authentication on HTTP OPTIONS requests. necessary if you are - supporting CORS. - type: boolean - scopes: - description: |- - a list of provider-specific OAuth scopes with the permissions your OAuth app - would like to ask for. these may not be set if you are using the ngrok-managed - oauth app (i.e. you must pass both client_id and client_secret to set scopes) - items: - type: string - type: array - type: object - type: object - oidc: - description: OIDC configuration for this module set - properties: - clientId: - description: The OIDC app's client ID and OIDC audience. - type: string - clientSecret: - description: The OIDC app's client secret. - properties: - key: - description: Key in the secret to use - type: string - name: - description: Name of the Kubernetes secret - type: string - type: object - cookiePrefix: - description: |- - the prefix of the session cookie that ngrok sets on the http client to cache - authentication. default is 'ngrok.' - type: string - inactivityTimeout: - description: |- - Duration of inactivity after which if the user has not accessed - the endpoint, their session will time out and they will be forced to - reauthenticate. - format: duration - type: string - issuer: - description: URL of the OIDC "OpenID provider". This is the base - URL used for discovery. - type: string - maximumDuration: - description: |- - The maximum duration of an authenticated session. - After this period is exceeded, a user must reauthenticate. - format: duration - type: string - optionsPassthrough: - description: |- - Do not enforce authentication on HTTP OPTIONS requests. necessary if you are - supporting CORS. - type: boolean - scopes: - description: The set of scopes to request from the OIDC identity - provider. - items: - type: string - type: array - type: object - policy: - description: Policy configuration for this module set - properties: - enabled: - description: Determines if the rule will be applied to traffic - type: boolean - inbound: - description: Inbound traffic rule - items: - properties: - actions: - description: Actions - items: - properties: - config: - type: object - x-kubernetes-preserve-unknown-fields: true - type: - type: string - type: object - type: array - expressions: - description: Expressions - items: - type: string - type: array - name: - description: Name - type: string - type: object - type: array - outbound: - description: Outbound traffic rule - items: - properties: - actions: - description: Actions - items: - properties: - config: - type: object - x-kubernetes-preserve-unknown-fields: true - type: - type: string - type: object - type: array - expressions: - description: Expressions - items: - type: string - type: array - name: - description: Name - type: string - type: object - type: array - type: object - saml: - description: SAML configuration for this module set - properties: - allowIdpInitiated: - description: |- - If true, the IdP may initiate a login directly (e.g. the user does not need to - visit the endpoint first and then be redirected). The IdP should set the - RelayState parameter to the target URL of the resource they want the user to be - redirected to after the SAML login assertion has been processed. - type: boolean - authorizedGroups: - description: |- - If present, only users who are a member of one of the listed groups may access - the target endpoint. - items: - type: string - type: array - cookiePrefix: - description: |- - the prefix of the session cookie that ngrok sets on the http client to cache - authentication. default is 'ngrok.' - type: string - forceAuthn: - description: |- - If true, indicates that whenever we redirect a user to the IdP for - authentication that the IdP must prompt the user for authentication credentials - even if the user already has a valid session with the IdP. - type: boolean - idpMetadata: - description: |- - The full XML IdP EntityDescriptor. Your IdP may provide this to you as a a file - to download or as a URL. - type: string - inactivityTimeout: - description: |- - Duration of inactivity after which if the user has not accessed - the endpoint, their session will time out and they will be forced to - reauthenticate. - format: duration - type: string - maximumDuration: - description: |- - The maximum duration of an authenticated session. - After this period is exceeded, a user must reauthenticate. - format: duration - type: string - nameidFormat: - description: |- - Defines the name identifier format the SP expects the IdP to use in its - assertions to identify subjects. If unspecified, a default value of - urn:oasis:names:tc:SAML:2.0:nameid-format:persistent will be used. A subset of - the allowed values enumerated by the SAML specification are supported. - type: string - optionsPassthrough: - description: |- - Do not enforce authentication on HTTP OPTIONS requests. necessary if you are - supporting CORS. - type: boolean - type: object - tlsTermination: - description: TLSTermination configuration for this module set - properties: - minVersion: - description: MinVersion is the minimum TLS version to allow for - connections to the edge - type: string - terminateAt: - description: |- - TerminateAt determines where the TLS connection should be terminated. - "edge" if the ngrok edge should terminate TLS traffic, "upstream" if TLS - traffic should be passed through to the upstream ngrok agent / - application server for termination. - type: string - type: object - webhookVerification: - description: WebhookVerification configuration for this module set - properties: - provider: - description: |- - a string indicating which webhook provider will be sending webhooks to this - endpoint. Value must be one of the supported providers defined at - https://ngrok.com/docs/http/webhook-verification/#supported-providers - type: string - secret: - description: |- - SecretRef is a reference to a secret containing the secret used to validate - requests from the given provider. All providers except AWS SNS require a secret - properties: - key: - description: Key in the secret to use - type: string - name: - description: Name of the Kubernetes secret - type: string - type: object - type: object - type: object - type: object - served: true - storage: true - subresources: - status: {} diff --git a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/crds/ingress.k8s.ngrok.com_tcpedges.yaml b/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/crds/ingress.k8s.ngrok.com_tcpedges.yaml deleted file mode 100644 index 0201620..0000000 --- a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/crds/ingress.k8s.ngrok.com_tcpedges.yaml +++ /dev/null @@ -1,132 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.14.0 - name: tcpedges.ingress.k8s.ngrok.com -spec: - group: ingress.k8s.ngrok.com - names: - kind: TCPEdge - listKind: TCPEdgeList - plural: tcpedges - singular: tcpedge - scope: Namespaced - versions: - - additionalPrinterColumns: - - description: Domain ID - jsonPath: .status.id - name: ID - type: string - - description: Hostports - jsonPath: .status.hostports - name: Hostports - type: string - - description: Tunnel Group Backend ID - jsonPath: .status.backend.id - name: Backend ID - type: string - - description: Age - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - description: TCPEdge is the Schema for the tcpedges API - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: TCPEdgeSpec defines the desired state of TCPEdge - properties: - backend: - description: |- - Backend is the definition for the tunnel group backend - that serves traffic for this edge - properties: - description: - default: Created by kubernetes-ingress-controller - description: Description is a human-readable description of the - object in the ngrok API/Dashboard - type: string - labels: - additionalProperties: - type: string - description: Labels to watch for tunnels on this backend - type: object - metadata: - default: '{"owned-by":"kubernetes-ingress-controller"}' - description: Metadata is a string of arbitrary data associated - with the object in the ngrok API/Dashboard - type: string - type: object - description: - default: Created by kubernetes-ingress-controller - description: Description is a human-readable description of the object - in the ngrok API/Dashboard - type: string - ipRestriction: - description: IPRestriction is an IPRestriction to apply to this edge - properties: - policies: - items: - type: string - type: array - type: object - metadata: - default: '{"owned-by":"kubernetes-ingress-controller"}' - description: Metadata is a string of arbitrary data associated with - the object in the ngrok API/Dashboard - type: string - policy: - description: raw json policy string that was applied to the ngrok - API - type: object - x-kubernetes-preserve-unknown-fields: true - type: object - status: - description: TCPEdgeStatus defines the observed state of TCPEdge - properties: - backend: - description: |- - Backend stores the status of the tunnel group backend, - mainly the ID of the backend - properties: - id: - description: ID is the unique identifier for this backend - type: string - type: object - hostports: - description: Hostports served by this edge - items: - type: string - type: array - id: - description: ID is the unique identifier for this edge - type: string - uri: - description: URI is the URI of the edge - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} diff --git a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/crds/ingress.k8s.ngrok.com_tlsedges.yaml b/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/crds/ingress.k8s.ngrok.com_tlsedges.yaml deleted file mode 100644 index 4aa99d3..0000000 --- a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/crds/ingress.k8s.ngrok.com_tlsedges.yaml +++ /dev/null @@ -1,166 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.14.0 - name: tlsedges.ingress.k8s.ngrok.com -spec: - group: ingress.k8s.ngrok.com - names: - kind: TLSEdge - listKind: TLSEdgeList - plural: tlsedges - singular: tlsedge - scope: Namespaced - versions: - - additionalPrinterColumns: - - description: Domain ID - jsonPath: .status.id - name: ID - type: string - - description: Hostports - jsonPath: .status.hostports - name: Hostports - type: string - - description: Tunnel Group Backend ID - jsonPath: .status.backend.id - name: Backend ID - type: string - - description: Age - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - description: TLSEdge is the Schema for the tlsedges API - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: TLSEdgeSpec defines the desired state of TLSEdge - properties: - backend: - description: |- - Backend is the definition for the tunnel group backend - that serves traffic for this edge - properties: - description: - default: Created by kubernetes-ingress-controller - description: Description is a human-readable description of the - object in the ngrok API/Dashboard - type: string - labels: - additionalProperties: - type: string - description: Labels to watch for tunnels on this backend - type: object - metadata: - default: '{"owned-by":"kubernetes-ingress-controller"}' - description: Metadata is a string of arbitrary data associated - with the object in the ngrok API/Dashboard - type: string - type: object - description: - default: Created by kubernetes-ingress-controller - description: Description is a human-readable description of the object - in the ngrok API/Dashboard - type: string - hostports: - description: Hostports is a list of hostports served by this edge - items: - type: string - type: array - ipRestriction: - description: IPRestriction is an IPRestriction to apply to this edge - properties: - policies: - items: - type: string - type: array - type: object - metadata: - default: '{"owned-by":"kubernetes-ingress-controller"}' - description: Metadata is a string of arbitrary data associated with - the object in the ngrok API/Dashboard - type: string - mutualTls: - properties: - certificateAuthorities: - description: |- - List of CA IDs that will be used to validate incoming connections to the - edge. - items: - type: string - type: array - type: object - policy: - description: raw json policy string that was applied to the ngrok - API - type: object - x-kubernetes-preserve-unknown-fields: true - tlsTermination: - properties: - minVersion: - description: MinVersion is the minimum TLS version to allow for - connections to the edge - type: string - terminateAt: - description: |- - TerminateAt determines where the TLS connection should be terminated. - "edge" if the ngrok edge should terminate TLS traffic, "upstream" if TLS - traffic should be passed through to the upstream ngrok agent / - application server for termination. - type: string - type: object - type: object - status: - description: TLSEdgeStatus defines the observed state of TLSEdge - properties: - backend: - description: |- - Backend stores the status of the tunnel group backend, - mainly the ID of the backend - properties: - id: - description: ID is the unique identifier for this backend - type: string - type: object - cnameTargets: - additionalProperties: - type: string - description: Map of hostports to the ngrok assigned CNAME targets - type: object - hostports: - description: Hostports served by this edge - items: - type: string - type: array - id: - description: ID is the unique identifier for this edge - type: string - uri: - description: URI is the URI of the edge - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} diff --git a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/crds/ingress.k8s.ngrok.com_tunnels.yaml b/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/crds/ingress.k8s.ngrok.com_tunnels.yaml deleted file mode 100644 index e440dbd..0000000 --- a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/crds/ingress.k8s.ngrok.com_tunnels.yaml +++ /dev/null @@ -1,78 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.14.0 - name: tunnels.ingress.k8s.ngrok.com -spec: - group: ingress.k8s.ngrok.com - names: - kind: Tunnel - listKind: TunnelList - plural: tunnels - singular: tunnel - scope: Namespaced - versions: - - additionalPrinterColumns: - - description: Service/port to forward to - jsonPath: .spec.forwardsTo - name: ForwardsTo - type: string - - description: Age - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - description: Tunnel is the Schema for the tunnels API - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: TunnelSpec defines the desired state of Tunnel - properties: - appProtocol: - description: The appProtocol for the backend. Currently only supports - `http2` - type: string - backend: - description: The configuration for backend connections to services - properties: - protocol: - type: string - type: object - forwardsTo: - description: ForwardsTo is the name and port of the service to forward - traffic to - type: string - labels: - additionalProperties: - type: string - description: Labels are key/value pairs that are attached to the tunnel - type: object - type: object - status: - description: TunnelStatus defines the observed state of Tunnel - type: object - type: object - served: true - storage: true - subresources: - status: {} diff --git a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/crds/ngrok.k8s.ngrok.com_ngroktrafficpolicies.yaml b/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/crds/ngrok.k8s.ngrok.com_ngroktrafficpolicies.yaml deleted file mode 100644 index 463f927..0000000 --- a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/crds/ngrok.k8s.ngrok.com_ngroktrafficpolicies.yaml +++ /dev/null @@ -1,62 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.14.0 - name: ngroktrafficpolicies.ngrok.k8s.ngrok.com -spec: - group: ngrok.k8s.ngrok.com - names: - kind: NgrokTrafficPolicy - listKind: NgrokTrafficPolicyList - plural: ngroktrafficpolicies - singular: ngroktrafficpolicy - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: NgrokTrafficPolicy is the Schema for the ngroktrafficpolicies - API - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: NgrokTrafficPolicySpec defines the desired state of NgrokTrafficPolicy - properties: - policy: - description: The raw json encoded policy that was applied to the ngrok - API - type: object - x-kubernetes-preserve-unknown-fields: true - type: object - status: - description: NgrokTrafficPolicyStatus defines the observed state of NgrokTrafficPolicy - properties: - policy: - description: The raw json encoded policy that was applied to the ngrok - API - type: object - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - served: true - storage: true - subresources: - status: {} diff --git a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/credentials-secret.yaml b/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/credentials-secret.yaml deleted file mode 100644 index c6c7286..0000000 --- a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/credentials-secret.yaml +++ /dev/null @@ -1,11 +0,0 @@ -{{- if or (not (empty .Values.credentials.apiKey)) (not (empty .Values.credentials.authtoken)) }} -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "kubernetes-ingress-controller.credentialsSecretName" .}} - namespace: {{ .Release.Namespace }} -type: Opaque -data: - API_KEY: {{ required "An ngrok API key is required" .Values.credentials.apiKey | b64enc }} - AUTHTOKEN: {{ required "An ngrok Authtoken is required" .Values.credentials.authtoken | b64enc }} -{{ end }} diff --git a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/ingress-class.yaml b/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/ingress-class.yaml deleted file mode 100644 index 0932b47..0000000 --- a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/ingress-class.yaml +++ /dev/null @@ -1,15 +0,0 @@ -{{- if .Values.ingressClass.create -}} -apiVersion: networking.k8s.io/v1 -kind: IngressClass -metadata: - labels: - {{- include "kubernetes-ingress-controller.labels" . | nindent 4 }} - app.kubernetes.io/component: controller - name: {{ .Values.ingressClass.name }} - {{- if .Values.ingressClass.default }} - annotations: - ingressclass.kubernetes.io/is-default-class: "true" - {{- end }} -spec: - controller: {{ .Values.controllerName }} -{{- end}} diff --git a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/rbac/domain_editor_role.yaml b/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/rbac/domain_editor_role.yaml deleted file mode 100644 index 88e527a..0000000 --- a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/rbac/domain_editor_role.yaml +++ /dev/null @@ -1,27 +0,0 @@ -# permissions for end users to edit domains. -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - {{- include "kubernetes-ingress-controller.labels" . | nindent 4 }} - app.kubernetes.io/component: rbac - name: {{ include "kubernetes-ingress-controller.fullname" . }}-domain-editor-role -rules: -- apiGroups: - - ingress.k8s.ngrok.com - resources: - - domains - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - ingress.k8s.ngrok.com - resources: - - domains/status - verbs: - - get diff --git a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/rbac/domain_viewer_role.yaml b/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/rbac/domain_viewer_role.yaml deleted file mode 100644 index bf5f519..0000000 --- a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/rbac/domain_viewer_role.yaml +++ /dev/null @@ -1,23 +0,0 @@ -# permissions for end users to view domains. -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - {{- include "kubernetes-ingress-controller.labels" . | nindent 4 }} - app.kubernetes.io/component: rbac - name: {{ include "kubernetes-ingress-controller.fullname" . }}-domain-viewer-role -rules: -- apiGroups: - - ingress.k8s.ngrok.com - resources: - - domains - verbs: - - get - - list - - watch -- apiGroups: - - ingress.k8s.ngrok.com - resources: - - domains/status - verbs: - - get diff --git a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/rbac/httpsedge_editor_role.yaml b/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/rbac/httpsedge_editor_role.yaml deleted file mode 100644 index d4d3831..0000000 --- a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/rbac/httpsedge_editor_role.yaml +++ /dev/null @@ -1,31 +0,0 @@ -# permissions for end users to edit httpsedges. -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - app.kubernetes.io/name: clusterrole - app.kubernetes.io/instance: httpsedge-editor-role - app.kubernetes.io/component: rbac - app.kubernetes.io/created-by: ngrok-ingress-controller - app.kubernetes.io/part-of: ngrok-ingress-controller - app.kubernetes.io/managed-by: kustomize - name: httpsedge-editor-role -rules: -- apiGroups: - - ingress.k8s.ngrok.com - resources: - - httpsedges - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - ingress.k8s.ngrok.com - resources: - - httpsedges/status - verbs: - - get diff --git a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/rbac/httpsedge_viewer_role.yaml b/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/rbac/httpsedge_viewer_role.yaml deleted file mode 100644 index 8d01cd7..0000000 --- a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/rbac/httpsedge_viewer_role.yaml +++ /dev/null @@ -1,27 +0,0 @@ -# permissions for end users to view httpsedges. -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - app.kubernetes.io/name: clusterrole - app.kubernetes.io/instance: httpsedge-viewer-role - app.kubernetes.io/component: rbac - app.kubernetes.io/created-by: ngrok-ingress-controller - app.kubernetes.io/part-of: ngrok-ingress-controller - app.kubernetes.io/managed-by: kustomize - name: httpsedge-viewer-role -rules: -- apiGroups: - - ingress.k8s.ngrok.com - resources: - - httpsedges - verbs: - - get - - list - - watch -- apiGroups: - - ingress.k8s.ngrok.com - resources: - - httpsedges/status - verbs: - - get diff --git a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/rbac/ippolicy_editor_role.yaml b/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/rbac/ippolicy_editor_role.yaml deleted file mode 100644 index a8aa5eb..0000000 --- a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/rbac/ippolicy_editor_role.yaml +++ /dev/null @@ -1,31 +0,0 @@ -# permissions for end users to edit ippolicies. -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - app.kubernetes.io/name: clusterrole - app.kubernetes.io/instance: ippolicy-editor-role - app.kubernetes.io/component: rbac - app.kubernetes.io/created-by: ngrok-ingress-controller - app.kubernetes.io/part-of: ngrok-ingress-controller - app.kubernetes.io/managed-by: kustomize - name: ippolicy-editor-role -rules: -- apiGroups: - - ingress.k8s.ngrok.com - resources: - - ippolicies - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - ingress.k8s.ngrok.com - resources: - - ippolicies/status - verbs: - - get diff --git a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/rbac/ippolicy_viewer_role.yaml b/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/rbac/ippolicy_viewer_role.yaml deleted file mode 100644 index a83a34a..0000000 --- a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/rbac/ippolicy_viewer_role.yaml +++ /dev/null @@ -1,27 +0,0 @@ -# permissions for end users to view ippolicies. -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - app.kubernetes.io/name: clusterrole - app.kubernetes.io/instance: ippolicy-viewer-role - app.kubernetes.io/component: rbac - app.kubernetes.io/created-by: ngrok-ingress-controller - app.kubernetes.io/part-of: ngrok-ingress-controller - app.kubernetes.io/managed-by: kustomize - name: ippolicy-viewer-role -rules: -- apiGroups: - - ingress.k8s.ngrok.com - resources: - - ippolicies - verbs: - - get - - list - - watch -- apiGroups: - - ingress.k8s.ngrok.com - resources: - - ippolicies/status - verbs: - - get diff --git a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/rbac/ngrokmoduleset_editor_role.yaml b/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/rbac/ngrokmoduleset_editor_role.yaml deleted file mode 100644 index c8d5f16..0000000 --- a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/rbac/ngrokmoduleset_editor_role.yaml +++ /dev/null @@ -1,31 +0,0 @@ -# permissions for end users to edit ngrokmodulesets. -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - app.kubernetes.io/name: clusterrole - app.kubernetes.io/instance: ngrokmoduleset-editor-role - app.kubernetes.io/component: rbac - app.kubernetes.io/created-by: kubernetes-ingress-controller - app.kubernetes.io/part-of: kubernetes-ingress-controller - app.kubernetes.io/managed-by: kustomize - name: ngrokmoduleset-editor-role -rules: -- apiGroups: - - ingress.k8s.ngrok.com - resources: - - ngrokmodulesets - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - ingress.k8s.ngrok.com - resources: - - ngrokmodulesets/status - verbs: - - get diff --git a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/rbac/ngrokmoduleset_viewer_role.yaml b/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/rbac/ngrokmoduleset_viewer_role.yaml deleted file mode 100644 index a9948ad..0000000 --- a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/rbac/ngrokmoduleset_viewer_role.yaml +++ /dev/null @@ -1,27 +0,0 @@ -# permissions for end users to view ngrokmodulesets. -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - app.kubernetes.io/name: clusterrole - app.kubernetes.io/instance: ngrokmoduleset-viewer-role - app.kubernetes.io/component: rbac - app.kubernetes.io/created-by: kubernetes-ingress-controller - app.kubernetes.io/part-of: kubernetes-ingress-controller - app.kubernetes.io/managed-by: kustomize - name: ngrokmoduleset-viewer-role -rules: -- apiGroups: - - ingress.k8s.ngrok.com - resources: - - ngrokmodulesets - verbs: - - get - - list - - watch -- apiGroups: - - ingress.k8s.ngrok.com - resources: - - ngrokmodulesets/status - verbs: - - get diff --git a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/rbac/role.yaml b/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/rbac/role.yaml deleted file mode 100644 index 4b05ac6..0000000 --- a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/rbac/role.yaml +++ /dev/null @@ -1,330 +0,0 @@ ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: ngrok-ingress-controller-manager-role -rules: -- apiGroups: - - "" - resources: - - configmaps - verbs: - - create - - delete - - get - - list - - update - - watch -- apiGroups: - - "" - resources: - - events - verbs: - - create - - patch -- apiGroups: - - "" - resources: - - namespaces - verbs: - - get - - list - - update - - watch -- apiGroups: - - "" - resources: - - secrets - verbs: - - get - - list - - watch -- apiGroups: - - "" - resources: - - services - verbs: - - get - - list - - update - - watch -- apiGroups: - - "" - resources: - - services/status - verbs: - - get - - list - - patch - - update - - watch -- apiGroups: - - gateway.networking.k8s.io - resources: - - gatewayclasses - verbs: - - get - - list - - update - - watch -- apiGroups: - - gateway.networking.k8s.io - resources: - - gatewayclasses/status - verbs: - - get - - list - - update - - watch -- apiGroups: - - gateway.networking.k8s.io - resources: - - gateways - verbs: - - get - - list - - update - - watch -- apiGroups: - - gateway.networking.k8s.io - resources: - - gateways/status - verbs: - - get - - list - - update - - watch -- apiGroups: - - gateway.networking.k8s.io - resources: - - httproutes - verbs: - - get - - list - - update - - watch -- apiGroups: - - gateway.networking.k8s.io - resources: - - httproutes/status - verbs: - - get - - list - - update - - watch -- apiGroups: - - ingress.k8s.ngrok.com - resources: - - domains - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - ingress.k8s.ngrok.com - resources: - - domains/finalizers - verbs: - - update -- apiGroups: - - ingress.k8s.ngrok.com - resources: - - domains/status - verbs: - - get - - patch - - update -- apiGroups: - - ingress.k8s.ngrok.com - resources: - - httpsedges - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - ingress.k8s.ngrok.com - resources: - - httpsedges/finalizers - verbs: - - update -- apiGroups: - - ingress.k8s.ngrok.com - resources: - - httpsedges/status - verbs: - - get - - patch - - update -- apiGroups: - - ingress.k8s.ngrok.com - resources: - - ippolicies - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - ingress.k8s.ngrok.com - resources: - - ippolicies/finalizers - verbs: - - update -- apiGroups: - - ingress.k8s.ngrok.com - resources: - - ippolicies/status - verbs: - - get - - patch - - update -- apiGroups: - - ingress.k8s.ngrok.com - resources: - - ngrokmodulesets - verbs: - - get - - list - - watch -- apiGroups: - - ingress.k8s.ngrok.com - resources: - - tcpedges - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - ingress.k8s.ngrok.com - resources: - - tcpedges/finalizers - verbs: - - update -- apiGroups: - - ingress.k8s.ngrok.com - resources: - - tcpedges/status - verbs: - - get - - patch - - update -- apiGroups: - - ingress.k8s.ngrok.com - resources: - - tlsedges - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - ingress.k8s.ngrok.com - resources: - - tlsedges/finalizers - verbs: - - update -- apiGroups: - - ingress.k8s.ngrok.com - resources: - - tlsedges/status - verbs: - - get - - patch - - update -- apiGroups: - - ingress.k8s.ngrok.com - resources: - - tunnels - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - ingress.k8s.ngrok.com - resources: - - tunnels/finalizers - verbs: - - update -- apiGroups: - - ingress.k8s.ngrok.com - resources: - - tunnels/status - verbs: - - get - - patch - - update -- apiGroups: - - networking.k8s.io - resources: - - ingressclasses - verbs: - - get - - list - - watch -- apiGroups: - - networking.k8s.io - resources: - - ingresses - verbs: - - get - - list - - update - - watch -- apiGroups: - - networking.k8s.io - resources: - - ingresses/status - verbs: - - get - - list - - update - - watch -- apiGroups: - - ngrok.k8s.ngrok.com - resources: - - ngroktrafficpolicies - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - ngrok.k8s.ngrok.com - resources: - - ngroktrafficpolicies/finalizers - verbs: - - update -- apiGroups: - - ngrok.k8s.ngrok.com - resources: - - ngroktrafficpolicies/status - verbs: - - get - - patch - - update diff --git a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/rbac/tcpedge_editor_role.yaml b/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/rbac/tcpedge_editor_role.yaml deleted file mode 100644 index 2e49847..0000000 --- a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/rbac/tcpedge_editor_role.yaml +++ /dev/null @@ -1,31 +0,0 @@ -# permissions for end users to edit tcpedges. -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - app.kubernetes.io/name: clusterrole - app.kubernetes.io/instance: tcpedge-editor-role - app.kubernetes.io/component: rbac - app.kubernetes.io/created-by: ngrok-ingress-controller - app.kubernetes.io/part-of: ngrok-ingress-controller - app.kubernetes.io/managed-by: kustomize - name: tcpedge-editor-role -rules: -- apiGroups: - - ingress.k8s.ngrok.com - resources: - - tcpedges - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - ingress.k8s.ngrok.com - resources: - - tcpedges/status - verbs: - - get diff --git a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/rbac/tcpedge_viewer_role.yaml b/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/rbac/tcpedge_viewer_role.yaml deleted file mode 100644 index b8eb5ef..0000000 --- a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/rbac/tcpedge_viewer_role.yaml +++ /dev/null @@ -1,27 +0,0 @@ -# permissions for end users to view tcpedges. -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - app.kubernetes.io/name: clusterrole - app.kubernetes.io/instance: tcpedge-viewer-role - app.kubernetes.io/component: rbac - app.kubernetes.io/created-by: ngrok-ingress-controller - app.kubernetes.io/part-of: ngrok-ingress-controller - app.kubernetes.io/managed-by: kustomize - name: tcpedge-viewer-role -rules: -- apiGroups: - - ingress.k8s.ngrok.com - resources: - - tcpedges - verbs: - - get - - list - - watch -- apiGroups: - - ingress.k8s.ngrok.com - resources: - - tcpedges/status - verbs: - - get diff --git a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/rbac/tlsedge_editor_role.yaml b/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/rbac/tlsedge_editor_role.yaml deleted file mode 100644 index 9d05231..0000000 --- a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/rbac/tlsedge_editor_role.yaml +++ /dev/null @@ -1,31 +0,0 @@ -# permissions for end users to edit tlsedges. -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - app.kubernetes.io/name: clusterrole - app.kubernetes.io/instance: tlsedge-editor-role - app.kubernetes.io/component: rbac - app.kubernetes.io/created-by: ngrok-ingress-controller - app.kubernetes.io/part-of: ngrok-ingress-controller - app.kubernetes.io/managed-by: kustomize - name: tlsedge-editor-role -rules: -- apiGroups: - - ingress.k8s.ngrok.com - resources: - - tlsedges - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - ingress.k8s.ngrok.com - resources: - - tlsedges/status - verbs: - - get diff --git a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/rbac/tlsedge_viewer_role.yaml b/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/rbac/tlsedge_viewer_role.yaml deleted file mode 100644 index a9eb99d..0000000 --- a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/rbac/tlsedge_viewer_role.yaml +++ /dev/null @@ -1,27 +0,0 @@ -# permissions for end users to view tlsedges. -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - app.kubernetes.io/name: clusterrole - app.kubernetes.io/instance: tlsedge-viewer-role - app.kubernetes.io/component: rbac - app.kubernetes.io/created-by: ngrok-ingress-controller - app.kubernetes.io/part-of: ngrok-ingress-controller - app.kubernetes.io/managed-by: kustomize - name: tlsedge-viewer-role -rules: -- apiGroups: - - ingress.k8s.ngrok.com - resources: - - tlsedges - verbs: - - get - - list - - watch -- apiGroups: - - ingress.k8s.ngrok.com - resources: - - tlsedges/status - verbs: - - get diff --git a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/rbac/tunnel_editor_role.yaml b/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/rbac/tunnel_editor_role.yaml deleted file mode 100644 index ab72751..0000000 --- a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/rbac/tunnel_editor_role.yaml +++ /dev/null @@ -1,27 +0,0 @@ -# permissions for end users to edit tunnels. -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - {{- include "kubernetes-ingress-controller.labels" . | nindent 4 }} - app.kubernetes.io/component: rbac - name: {{ include "kubernetes-ingress-controller.fullname" . }}-tunnel-editor-role -rules: -- apiGroups: - - ingress.k8s.ngrok.com - resources: - - tunnels - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - ingress.k8s.ngrok.com - resources: - - tunnels/status - verbs: - - get diff --git a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/rbac/tunnel_viewer_role.yaml b/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/rbac/tunnel_viewer_role.yaml deleted file mode 100644 index dfdb4b6..0000000 --- a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/templates/rbac/tunnel_viewer_role.yaml +++ /dev/null @@ -1,23 +0,0 @@ -# permissions for end users to view tunnels. -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - {{- include "kubernetes-ingress-controller.labels" . | nindent 4 }} - app.kubernetes.io/component: rbac - name: {{ include "kubernetes-ingress-controller.fullname" . }}-tunnel-viewer-role -rules: -- apiGroups: - - ingress.k8s.ngrok.com - resources: - - tunnels - verbs: - - get - - list - - watch -- apiGroups: - - ingress.k8s.ngrok.com - resources: - - tunnels/status - verbs: - - get diff --git a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/values.yaml b/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/values.yaml deleted file mode 100644 index 88c0b7c..0000000 --- a/charts/kubernetes-ingress-controller/kubernetes-ingress-controller/values.yaml +++ /dev/null @@ -1,202 +0,0 @@ -## @section Common parameters -## - -## @param nameOverride String to partially override generated resource names -## @param fullnameOverride String to fully override generated resource names -## @param commonLabels Labels to add to all deployed objects -## @param commonAnnotations Annotations to add to all deployed objects -## -nameOverride: "" -fullnameOverride: "" -commonLabels: {} -commonAnnotations: {} - -## @section Controller parameters -## - -## @param podAnnotations Used to apply custom annotations to the ingress pods. -## @param podLabels Used to apply custom labels to the ingress pods. -## -podAnnotations: {} -podLabels: {} - -## @param replicaCount The number of controllers to run. -## A minimum of 2 is recommended in production for HA. -## -replicaCount: 1 - -## @param image.registry The ngrok ingress controller image registry. -## @param image.repository The ngrok ingress controller image repository. -## @param image.tag The ngrok ingress controller image tag. Defaults to the chart's appVersion if not specified -## @param image.pullPolicy The ngrok ingress controller image pull policy. -## @param image.pullSecrets An array of imagePullSecrets to be used when pulling the image. -image: - registry: docker.io - repository: ngrok/kubernetes-ingress-controller - tag: "" - pullPolicy: IfNotPresent - ## Example - ## pullSecrets: - ## - name: my-imagepull-secret - ## - pullSecrets: [] - -## @param ingressClass.name The name of the ingress class to use. -## @param ingressClass.create Whether to create the ingress class. -## @param ingressClass.default Whether to set the ingress class as default. -ingressClass: - name: ngrok - create: true - default: false - -## @param controllerName The name of the controller to look for matching ingress classes -controllerName: "k8s.ngrok.com/ingress-controller" - -## @param watchNamespace The namespace to watch for ingress resources. Defaults to all -watchNamespace: "" - -## @param credentials.secret.name The name of the secret the credentials are in. If not provided, one will be generated using the helm release name. -## @param credentials.apiKey Your ngrok API key. If provided, it will be will be written to the secret and the authtoken must be provided as well. -## @param credentials.authtoken Your ngrok authtoken. If provided, it will be will be written to the secret and the apiKey must be provided as well. -credentials: - secret: - name: "" - apiKey: "" - authtoken: "" - -## @param region ngrok region to create tunnels in. Defaults to connect to the closest geographical region. -region: "" - -## @param rootCAs Set to "trusted" for the ngrok agent CA or "host" to trust the host's CA. Defaults to "trusted". -rootCAs: "" - -## @param serverAddr This is the address of the ngrok server to connect to. You should set this if you are using a custom ingress address. -serverAddr: "" - -## @param apiURL This is the URL of the ngrok API. You should set this if you are using a custom API URL. -apiURL: "" - -## @param metaData This is a map of key/value pairs that will be added as meta data to all ngrok api resources created -metaData: {} - -## @param affinity Affinity for the controller pod assignment -## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity -## Note: podAffinityPreset, podAntiAffinityPreset, and nodeAffinityPreset will be ignored when it's set -## -affinity: {} -## @param podAffinityPreset Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` -## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity -## -podAffinityPreset: "" -## @param podAntiAffinityPreset Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` -## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity -## -podAntiAffinityPreset: soft -## Node affinity preset -## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity -## -nodeAffinityPreset: - ## @param nodeAffinityPreset.type Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` - ## - type: "" - ## @param nodeAffinityPreset.key Node label key to match. Ignored if `affinity` is set. - ## E.g. - ## key: "kubernetes.io/e2e-az-name" - ## - key: "" - ## @param nodeAffinityPreset.values Node label values to match. Ignored if `affinity` is set. - ## E.g. - ## values: - ## - e2e-az1 - ## - e2e-az2 - ## - values: [] - -## @param priorityClassName Priority class for pod scheduling -## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass -priorityClassName: "" - -## Pod Disruption Budget configuration -## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ -## @param podDisruptionBudget.create Enable a Pod Disruption Budget creation -## @param podDisruptionBudget.minAvailable Minimum number/percentage of pods that should remain scheduled -## @param podDisruptionBudget.maxUnavailable Maximum number/percentage of pods that may be made unavailable -## -podDisruptionBudget: - create: false - minAvailable: "" - maxUnavailable: 1 - -## Controller container resource requests and limits -## ref: https://kubernetes.io/docs/user-guide/compute-resources/ -## We usually recommend not to specify default resources and to leave this as a conscious -## choice for the user. This also increases chances charts run on environments with little -## resources, such as Minikube. If you do want to specify resources, uncomment the following -## lines, adjust them as necessary, and remove the curly braces after 'resources:'. -## @param resources.limits The resources limits for the container -## @param resources.requests The requested resources for the container -## -resources: - ## Example: - ## limits: - ## cpu: 100m - ## memory: 128Mi - ## - limits: {} - ## Examples: - ## requests: - ## cpu: 100m - ## memory: 128Mi - ## - requests: {} - - -## @param extraVolumes An array of extra volumes to add to the controller. -extraVolumes: [] -## @param extraVolumeMounts An array of extra volume mounts to add to the controller. -extraVolumeMounts: [] -## -## Example: -## -## extraVolumes: -## - name: test-volume -## emptyDir: {} -## extraVolumeMounts: -## - name: test-volume -## mountPath: /test-volume - - -## @param extraEnv an object of extra environment variables to add to the controller. -extraEnv: {} -## Example: -## MY_VAR: test -## MY_SECRET_VAR: -## secretKeyRef: -## key: test-key -## value: test-value - -## Controller Service Account Settings -## @param serviceAccount.create Specifies whether a ServiceAccount should be created -## @param serviceAccount.name The name of the ServiceAccount to use. -## If not set and create is true, a name is generated using the fullname template -## @param serviceAccount.annotations Additional annotations to add to the ServiceAccount -## -serviceAccount: - create: true - name: "" - annotations: {} - - -## Logging configuration -## @param log.level The level to log at. One of 'debug', 'info', or 'error'. -## @param log.stacktraceLevel The level to report stacktrace logs one of 'info' or 'error'. -## @param log.format The log format to use. One of console, json. -log: - format: json - level: info - stacktraceLevel: error - -## @param lifecycle an object containing lifecycle configuration -## ref: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/ -## -lifecycle: {} diff --git a/charts/kubernetes-ingress-controller/values-overrides.yaml b/charts/kubernetes-ingress-controller/values-overrides.yaml deleted file mode 100644 index b9bbae4..0000000 --- a/charts/kubernetes-ingress-controller/values-overrides.yaml +++ /dev/null @@ -1,7 +0,0 @@ -fullnameOverride: ngrok -credentials: - secret: - name: ngrok -serviceAccount: - create: true - name: ngrok \ No newline at end of file diff --git a/charts/mariadb/mariadb/.helmignore b/charts/mariadb/mariadb/.helmignore deleted file mode 100644 index 207983f..0000000 --- a/charts/mariadb/mariadb/.helmignore +++ /dev/null @@ -1,25 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj -# img folder -img/ -# Changelog -CHANGELOG.md diff --git a/charts/mariadb/mariadb/Chart.lock b/charts/mariadb/mariadb/Chart.lock deleted file mode 100644 index 029083d..0000000 --- a/charts/mariadb/mariadb/Chart.lock +++ /dev/null @@ -1,6 +0,0 @@ -dependencies: -- name: common - repository: oci://registry-1.docker.io/bitnamicharts - version: 2.23.0 -digest: sha256:fbd6439f12ded949c04553b9c52a4c8153a8f2790147d972b314ddcd46921a14 -generated: "2024-09-23T12:24:39.221888112Z" diff --git a/charts/mariadb/mariadb/Chart.yaml b/charts/mariadb/mariadb/Chart.yaml deleted file mode 100644 index 4a84e3f..0000000 --- a/charts/mariadb/mariadb/Chart.yaml +++ /dev/null @@ -1,36 +0,0 @@ -annotations: - category: Database - images: | - - name: mariadb - image: docker.io/bitnami/mariadb:11.4.3-debian-12-r1 - - name: mysqld-exporter - image: docker.io/bitnami/mysqld-exporter:0.15.1-debian-12-r34 - - name: os-shell - image: docker.io/bitnami/os-shell:12-debian-12-r30 - licenses: Apache-2.0 -apiVersion: v2 -appVersion: 11.4.3 -dependencies: -- name: common - repository: oci://registry-1.docker.io/bitnamicharts - tags: - - bitnami-common - version: 2.x.x -description: MariaDB is an open source, community-developed SQL database server that - is widely in use around the world due to its enterprise features, flexibility, and - collaboration with leading tech firms. -home: https://bitnami.com -icon: https://bitnami.com/assets/stacks/mariadb/img/mariadb-stack-220x234.png -keywords: -- mariadb -- mysql -- database -- sql -- prometheus -maintainers: -- name: Broadcom, Inc. All Rights Reserved. - url: https://github.com/bitnami/charts -name: mariadb -sources: -- https://github.com/bitnami/charts/tree/main/bitnami/mariadb -version: 19.1.0 diff --git a/charts/mariadb/mariadb/README.md b/charts/mariadb/mariadb/README.md deleted file mode 100644 index 5eace34..0000000 --- a/charts/mariadb/mariadb/README.md +++ /dev/null @@ -1,650 +0,0 @@ - - -# Bitnami package for MariaDB - -MariaDB is an open source, community-developed SQL database server that is widely in use around the world due to its enterprise features, flexibility, and collaboration with leading tech firms. - -[Overview of MariaDB](https://mariadb.org/) - -Trademarks: This software listing is packaged by Bitnami. The respective trademarks mentioned in the offering are owned by the respective companies, and use of them does not imply any affiliation or endorsement. - -## TL;DR - -```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/mariadb -``` - -Looking to use MariaDB in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. - -## Introduction - -This chart bootstraps a [MariaDB](https://github.com/bitnami/containers/tree/main/bitnami/mariadb) replication cluster deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. - -MariaDB is developed as open source software and as a relational database it provides an SQL interface for accessing data. The latest versions of MariaDB also include GIS and JSON features. - -Bitnami charts can be used with [Kubeapps](https://kubeapps.dev/) for deployment and management of Helm Charts in clusters. - -## Prerequisites - -- Kubernetes 1.23+ -- Helm 3.8.0+ -- PV provisioner support in the underlying infrastructure - -## Installing the Chart - -To install the chart with the release name `my-release`: - -```console -helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/mariadb -``` - -> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. - -The command deploys MariaDB on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. - -> **Tip**: List all releases using `helm list` - -## Configuration and installation details - -### Resource requests and limits - -Bitnami charts allow setting resource requests and limits for all containers inside the chart deployment. These are inside the `resources` value (check parameter table). Setting requests is essential for production workloads and these should be adapted to your specific use case. - -To make this process easier, the chart contains the `resourcesPreset` values, which automatically sets the `resources` section according to different presets. Check these presets in [the bitnami/common chart](https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15). However, in production workloads using `resourcesPreset` is discouraged as it may not fully adapt to your specific needs. Find more information on container resource management in the [official Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/). - -### [Rolling VS Immutable tags](https://docs.vmware.com/en/VMware-Tanzu-Application-Catalog/services/tutorials/GUID-understand-rolling-tags-containers-index.html) - -It is strongly recommended to use immutable tags in a production environment. This ensures your deployment does not change automatically if the same tag is updated with a different image. - -Bitnami will release a new chart updating its containers if a new version of the main container, significant changes, or critical vulnerabilities exist. - -### Change MariaDB version - -To modify the MariaDB version used in this chart you can specify a [valid image tag](https://hub.docker.com/r/bitnami/mariadb/tags/) using the `image.tag` parameter. For example, `image.tag=X.Y.Z`. This approach is also applicable to other images like exporters. - -### Initialize a fresh instance - -The [Bitnami MariaDB](https://github.com/bitnami/containers/tree/main/bitnami/mariadb) image allows you to use your custom scripts to initialize a fresh instance. Custom scripts may be specified using the `initdbScripts` parameter. Alternatively, an external ConfigMap may be created with all the initialization scripts and the ConfigMap passed to the chart via the `initdbScriptsConfigMap` parameter. Note that this will override the `initdbScripts` parameter. - -The allowed extensions are `.sh`, `.sql` and `.sql.gz`. - -These scripts are treated differently depending on their extension. While `.sh` scripts are executed on all the nodes, `.sql` and `.sql.gz` scripts are only executed on the primary nodes. This is because `.sh` scripts support conditional tests to identify the type of node they are running on, while such tests are not supported in `.sql` or `.sql.gz` files. - -When using a `.sh` script, you may wish to perform a "one-time" action like creating a database. This can be achieved by adding a condition in the script to ensure that it is executed only on one node, as shown in the example below: - -```yaml -initdbScripts: - my_init_script.sh: | - #!/bin/sh - if [[ $(hostname) == *primary* ]]; then - echo "Primary node" - mysql -P 3306 -uroot -prandompassword -e "create database new_database"; - else - echo "No primary node" - fi -``` - -### Sidecars and Init Containers - -If additional containers are needed in the same pod as MariaDB (such as additional metrics or logging exporters), they can be defined using the `sidecars` parameter. - -```yaml -sidecars: -- name: your-image-name - image: your-image - imagePullPolicy: Always - ports: - - name: portname - containerPort: 1234 -``` - -If these sidecars export extra ports, extra port definitions can be added using the `service.extraPorts` parameter (where available), as shown in the example below: - -```yaml -service: - extraPorts: - - name: extraPort - port: 11311 - targetPort: 11311 -``` - -> NOTE: This Helm chart already includes sidecar containers for the Prometheus exporters (where applicable). These can be activated by adding the `--enable-metrics=true` parameter at deployment time. The `sidecars` parameter should therefore only be used for any extra sidecar containers. - -If additional init containers are needed in the same pod, they can be defined using the `initContainers` parameter. Here is an example: - -```yaml -initContainers: - - name: your-image-name - image: your-image - imagePullPolicy: Always - ports: - - name: portname - containerPort: 1234 -``` - -Learn more about [sidecar containers](https://kubernetes.io/docs/concepts/workloads/pods/) and [init containers](https://kubernetes.io/docs/concepts/workloads/pods/init-containers/). - -## Persistence - -The [Bitnami MariaDB](https://github.com/bitnami/containers/tree/main/bitnami/mariadb) image stores the MariaDB data and configurations at the `/bitnami/mariadb` path of the container. - -The chart mounts a [Persistent Volume](https://kubernetes.io/docs/concepts/storage/persistent-volumes/) volume at this location. The volume is created using dynamic volume provisioning, by default. An existing PersistentVolumeClaim can also be defined. - -If you encounter errors when working with persistent volumes, refer to our [troubleshooting guide for persistent volumes](https://docs.bitnami.com/kubernetes/faq/troubleshooting/troubleshooting-persistence-volumes/). - -### Adjust permissions of persistent volume mountpoint - -As the image run as non-root by default, it is necessary to adjust the ownership of the persistent volume so that the container can write data into it. - -By default, the chart is configured to use Kubernetes Security Context to automatically change the ownership of the volume. However, this feature does not work in all Kubernetes distributions. - -As an alternative, this chart supports using an initContainer to change the ownership of the volume before mounting it in the final destination. You can enable this initContainer by setting `volumePermissions.enabled` to `true`. - -## Parameters - -### Global parameters - -| Name | Description | Value | -| ----------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------ | -| `global.imageRegistry` | Global Docker Image registry | `""` | -| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` | -| `global.defaultStorageClass` | Global default StorageClass for Persistent Volume(s) | `""` | -| `global.storageClass` | DEPRECATED: use global.defaultStorageClass instead | `""` | -| `global.compatibility.openshift.adaptSecurityContext` | Adapt the securityContext sections of the deployment to make them compatible with Openshift restricted-v2 SCC: remove runAsUser, runAsGroup and fsGroup and let the platform use their allowed default IDs. Possible values: auto (apply if the detected running cluster is Openshift), force (perform the adaptation always), disabled (do not perform adaptation) | `auto` | - -### Common parameters - -| Name | Description | Value | -| ------------------------- | --------------------------------------------------------------------------------------- | --------------- | -| `kubeVersion` | Force target Kubernetes version (using Helm capabilities if not set) | `""` | -| `nameOverride` | String to partially override mariadb.fullname | `""` | -| `fullnameOverride` | String to fully override mariadb.fullname | `""` | -| `clusterDomain` | Default Kubernetes cluster domain | `cluster.local` | -| `commonAnnotations` | Common annotations to add to all MariaDB resources (sub-charts are not considered) | `{}` | -| `commonLabels` | Common labels to add to all MariaDB resources (sub-charts are not considered) | `{}` | -| `schedulerName` | Name of the scheduler (other than default) to dispatch pods | `""` | -| `runtimeClassName` | Name of the Runtime Class for all MariaDB pods | `""` | -| `extraDeploy` | Array of extra objects to deploy with the release (evaluated as a template) | `[]` | -| `diagnosticMode.enabled` | Enable diagnostic mode (all probes will be disabled and the command will be overridden) | `false` | -| `diagnosticMode.command` | Command to override all containers in the deployment | `["sleep"]` | -| `diagnosticMode.args` | Args to override all containers in the deployment | `["infinity"]` | -| `serviceBindings.enabled` | Create secret for service binding (Experimental) | `false` | - -### MariaDB common parameters - -| Name | Description | Value | -| -------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------- | -| `image.registry` | MariaDB image registry | `REGISTRY_NAME` | -| `image.repository` | MariaDB image repository | `REPOSITORY_NAME/mariadb` | -| `image.digest` | MariaDB image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | MariaDB image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `image.debug` | Specify if debug logs should be enabled | `false` | -| `architecture` | MariaDB architecture (`standalone` or `replication`) | `standalone` | -| `auth.rootPassword` | Password for the `root` user. Ignored if existing secret is provided. | `""` | -| `auth.database` | Name for a custom database to create | `my_database` | -| `auth.username` | Name for a custom user to create | `""` | -| `auth.password` | Password for the new user. Ignored if existing secret is provided | `""` | -| `auth.replicationUser` | MariaDB replication user | `replicator` | -| `auth.replicationPassword` | MariaDB replication user password. Ignored if existing secret is provided | `""` | -| `auth.existingSecret` | Use existing secret for password details (`auth.rootPassword`, `auth.password`, `auth.replicationPassword` will be ignored and picked up from this secret). The secret has to contain the keys `mariadb-root-password`, `mariadb-replication-password` and `mariadb-password` | `""` | -| `auth.forcePassword` | Force users to specify required passwords | `false` | -| `auth.usePasswordFiles` | Mount credentials as files instead of using environment variables | `false` | -| `auth.customPasswordFiles` | Use custom password files when `auth.usePasswordFiles` is set to `true`. Define path for keys `root` and `user`, also define `replicator` if `architecture` is set to `replication` | `{}` | -| `initdbScripts` | Dictionary of initdb scripts | `{}` | -| `initdbScriptsConfigMap` | ConfigMap with the initdb scripts (Note: Overrides `initdbScripts`) | `""` | - -### MariaDB Primary parameters - -| Name | Description | Value | -| ----------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------- | -| `primary.name` | Name of the primary database (eg primary, master, leader, ...) | `primary` | -| `primary.command` | Override default container command on MariaDB Primary container(s) (useful when using custom images) | `[]` | -| `primary.args` | Override default container args on MariaDB Primary container(s) (useful when using custom images) | `[]` | -| `primary.lifecycleHooks` | for the MariaDB Primary container(s) to automate configuration before or after startup | `{}` | -| `primary.automountServiceAccountToken` | Mount Service Account token in pod | `false` | -| `primary.hostAliases` | Add deployment host aliases | `[]` | -| `primary.containerPorts.mysql` | Container port for mysql | `3306` | -| `primary.configuration` | MariaDB Primary configuration to be injected as ConfigMap | `""` | -| `primary.existingConfigmap` | Name of existing ConfigMap with MariaDB Primary configuration. | `""` | -| `primary.updateStrategy.type` | MariaDB primary statefulset strategy type | `RollingUpdate` | -| `primary.rollingUpdatePartition` | Partition update strategy for Mariadb Primary statefulset | `""` | -| `primary.podAnnotations` | Additional pod annotations for MariaDB primary pods | `{}` | -| `primary.podLabels` | Extra labels for MariaDB primary pods | `{}` | -| `primary.podAffinityPreset` | MariaDB primary pod affinity preset. Ignored if `primary.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `primary.podAntiAffinityPreset` | MariaDB primary pod anti-affinity preset. Ignored if `primary.affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `primary.nodeAffinityPreset.type` | MariaDB primary node affinity preset type. Ignored if `primary.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `primary.nodeAffinityPreset.key` | MariaDB primary node label key to match Ignored if `primary.affinity` is set. | `""` | -| `primary.nodeAffinityPreset.values` | MariaDB primary node label values to match. Ignored if `primary.affinity` is set. | `[]` | -| `primary.affinity` | Affinity for MariaDB primary pods assignment | `{}` | -| `primary.nodeSelector` | Node labels for MariaDB primary pods assignment | `{}` | -| `primary.tolerations` | Tolerations for MariaDB primary pods assignment | `[]` | -| `primary.schedulerName` | Name of the k8s scheduler (other than default) | `""` | -| `primary.podManagementPolicy` | podManagementPolicy to manage scaling operation of MariaDB primary pods | `""` | -| `primary.topologySpreadConstraints` | Topology Spread Constraints for MariaDB primary pods assignment | `[]` | -| `primary.priorityClassName` | Priority class for MariaDB primary pods assignment | `""` | -| `primary.runtimeClassName` | Runtime Class for MariaDB primary pods | `""` | -| `primary.podSecurityContext.enabled` | Enable security context for MariaDB primary pods | `true` | -| `primary.podSecurityContext.fsGroupChangePolicy` | Set filesystem group change policy | `Always` | -| `primary.podSecurityContext.sysctls` | Set kernel settings using the sysctl interface | `[]` | -| `primary.podSecurityContext.supplementalGroups` | Set filesystem extra groups | `[]` | -| `primary.podSecurityContext.fsGroup` | Group ID for the mounted volumes' filesystem | `1001` | -| `primary.containerSecurityContext.enabled` | MariaDB primary container securityContext | `true` | -| `primary.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `{}` | -| `primary.containerSecurityContext.runAsUser` | User ID for the MariaDB primary container | `1001` | -| `primary.containerSecurityContext.runAsGroup` | Group ID for the MariaDB primary container | `1001` | -| `primary.containerSecurityContext.runAsNonRoot` | Set primary container's Security Context runAsNonRoot | `true` | -| `primary.containerSecurityContext.privileged` | Set primary container's Security Context privileged | `false` | -| `primary.containerSecurityContext.allowPrivilegeEscalation` | Set primary container's Security Context allowPrivilegeEscalation | `false` | -| `primary.containerSecurityContext.readOnlyRootFilesystem` | Set container's Security Context readOnlyRootFilesystem | `true` | -| `primary.containerSecurityContext.capabilities.drop` | List of capabilities to be dropped | `["ALL"]` | -| `primary.containerSecurityContext.seccompProfile.type` | Set container's Security Context seccomp profile | `RuntimeDefault` | -| `primary.resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if primary.resources is set (primary.resources is recommended for production). | `micro` | -| `primary.resources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` | -| `primary.startupProbe.enabled` | Enable startupProbe | `false` | -| `primary.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `120` | -| `primary.startupProbe.periodSeconds` | Period seconds for startupProbe | `15` | -| `primary.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | -| `primary.startupProbe.failureThreshold` | Failure threshold for startupProbe | `10` | -| `primary.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `primary.livenessProbe.enabled` | Enable livenessProbe | `true` | -| `primary.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `120` | -| `primary.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `primary.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `1` | -| `primary.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` | -| `primary.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `primary.readinessProbe.enabled` | Enable readinessProbe | `true` | -| `primary.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` | -| `primary.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `primary.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | -| `primary.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` | -| `primary.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `primary.customStartupProbe` | Override default startup probe for MariaDB primary containers | `{}` | -| `primary.customLivenessProbe` | Override default liveness probe for MariaDB primary containers | `{}` | -| `primary.customReadinessProbe` | Override default readiness probe for MariaDB primary containers | `{}` | -| `primary.startupWaitOptions` | Override default builtin startup wait check options for MariaDB primary containers | `{}` | -| `primary.extraFlags` | MariaDB primary additional command line flags | `""` | -| `primary.extraEnvVars` | Extra environment variables to be set on MariaDB primary containers | `[]` | -| `primary.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for MariaDB primary containers | `""` | -| `primary.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for MariaDB primary containers | `""` | -| `primary.persistence.enabled` | Enable persistence on MariaDB primary replicas using a `PersistentVolumeClaim`. If false, use emptyDir | `true` | -| `primary.persistence.existingClaim` | Name of an existing `PersistentVolumeClaim` for MariaDB primary replicas | `""` | -| `primary.persistence.subPath` | Subdirectory of the volume to mount at | `""` | -| `primary.persistence.storageClass` | MariaDB primary persistent volume storage Class | `""` | -| `primary.persistence.labels` | Labels for the PVC | `{}` | -| `primary.persistence.annotations` | MariaDB primary persistent volume claim annotations | `{}` | -| `primary.persistence.accessModes` | MariaDB primary persistent volume access Modes | `["ReadWriteOnce"]` | -| `primary.persistence.size` | MariaDB primary persistent volume size | `8Gi` | -| `primary.persistence.selector` | Selector to match an existing Persistent Volume | `{}` | -| `primary.extraVolumes` | Optionally specify extra list of additional volumes to the MariaDB Primary pod(s) | `[]` | -| `primary.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the MariaDB Primary container(s) | `[]` | -| `primary.initContainers` | Add additional init containers for the MariaDB Primary pod(s) | `[]` | -| `primary.sidecars` | Add additional sidecar containers for the MariaDB Primary pod(s) | `[]` | -| `primary.service.type` | MariaDB Primary Kubernetes service type | `ClusterIP` | -| `primary.service.ports.mysql` | MariaDB Primary Kubernetes service port for MariaDB | `3306` | -| `primary.service.ports.metrics` | MariaDB Primary Kubernetes service port for metrics | `9104` | -| `primary.service.nodePorts.mysql` | MariaDB Primary Kubernetes service node port | `""` | -| `primary.service.clusterIP` | MariaDB Primary Kubernetes service clusterIP IP | `""` | -| `primary.service.loadBalancerIP` | MariaDB Primary loadBalancerIP if service type is `LoadBalancer` | `""` | -| `primary.service.externalTrafficPolicy` | Enable client source IP preservation | `Cluster` | -| `primary.service.loadBalancerSourceRanges` | Address that are allowed when MariaDB Primary service is LoadBalancer | `[]` | -| `primary.service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | -| `primary.service.annotations` | Provide any additional annotations which may be required | `{}` | -| `primary.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | -| `primary.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | -| `primary.pdb.create` | Enable/disable a Pod Disruption Budget creation for MariaDB primary pods | `true` | -| `primary.pdb.minAvailable` | Minimum number/percentage of MariaDB primary pods that must still be available after the eviction | `""` | -| `primary.pdb.maxUnavailable` | Maximum number/percentage of MariaDB primary pods that can be unavailable after the eviction. Defaults to `1` if both `primary.pdb.minAvailable` and `primary.pdb.maxUnavailable` are empty. | `""` | -| `primary.revisionHistoryLimit` | Maximum number of revisions that will be maintained in the StatefulSet | `10` | - -### MariaDB Secondary parameters - -| Name | Description | Value | -| ------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------- | -| `secondary.name` | Name of the secondary database (eg secondary, slave, ...) | `secondary` | -| `secondary.replicaCount` | Number of MariaDB secondary replicas | `1` | -| `secondary.command` | Override default container command on MariaDB Secondary container(s) (useful when using custom images) | `[]` | -| `secondary.args` | Override default container args on MariaDB Secondary container(s) (useful when using custom images) | `[]` | -| `secondary.lifecycleHooks` | for the MariaDB Secondary container(s) to automate configuration before or after startup | `{}` | -| `secondary.automountServiceAccountToken` | Mount Service Account token in pod | `false` | -| `secondary.hostAliases` | Add deployment host aliases | `[]` | -| `secondary.containerPorts.mysql` | Container port for mysql | `3306` | -| `secondary.configuration` | MariaDB Secondary configuration to be injected as ConfigMap | `""` | -| `secondary.existingConfigmap` | Name of existing ConfigMap with MariaDB Secondary configuration. | `""` | -| `secondary.updateStrategy.type` | MariaDB secondary statefulset strategy type | `RollingUpdate` | -| `secondary.rollingUpdatePartition` | Partition update strategy for Mariadb Secondary statefulset | `""` | -| `secondary.podAnnotations` | Additional pod annotations for MariaDB secondary pods | `{}` | -| `secondary.podLabels` | Extra labels for MariaDB secondary pods | `{}` | -| `secondary.podAffinityPreset` | MariaDB secondary pod affinity preset. Ignored if `secondary.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `secondary.podAntiAffinityPreset` | MariaDB secondary pod anti-affinity preset. Ignored if `secondary.affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `secondary.nodeAffinityPreset.type` | MariaDB secondary node affinity preset type. Ignored if `secondary.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `secondary.nodeAffinityPreset.key` | MariaDB secondary node label key to match Ignored if `secondary.affinity` is set. | `""` | -| `secondary.nodeAffinityPreset.values` | MariaDB secondary node label values to match. Ignored if `secondary.affinity` is set. | `[]` | -| `secondary.affinity` | Affinity for MariaDB secondary pods assignment | `{}` | -| `secondary.nodeSelector` | Node labels for MariaDB secondary pods assignment | `{}` | -| `secondary.tolerations` | Tolerations for MariaDB secondary pods assignment | `[]` | -| `secondary.topologySpreadConstraints` | Topology Spread Constraints for MariaDB secondary pods assignment | `[]` | -| `secondary.priorityClassName` | Priority class for MariaDB secondary pods assignment | `""` | -| `secondary.runtimeClassName` | Runtime Class for MariaDB secondary pods | `""` | -| `secondary.schedulerName` | Name of the k8s scheduler (other than default) | `""` | -| `secondary.podManagementPolicy` | podManagementPolicy to manage scaling operation of MariaDB secondary pods | `""` | -| `secondary.podSecurityContext.enabled` | Enable security context for MariaDB secondary pods | `true` | -| `secondary.podSecurityContext.fsGroupChangePolicy` | Set filesystem group change policy | `Always` | -| `secondary.podSecurityContext.sysctls` | Set kernel settings using the sysctl interface | `[]` | -| `secondary.podSecurityContext.supplementalGroups` | Set filesystem extra groups | `[]` | -| `secondary.podSecurityContext.fsGroup` | Group ID for the mounted volumes' filesystem | `1001` | -| `secondary.containerSecurityContext.enabled` | MariaDB secondary container securityContext | `true` | -| `secondary.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `{}` | -| `secondary.containerSecurityContext.runAsUser` | User ID for the MariaDB secondary container | `1001` | -| `secondary.containerSecurityContext.runAsGroup` | Group ID for the MariaDB secondary container | `1001` | -| `secondary.containerSecurityContext.runAsNonRoot` | Set secondary container's Security Context runAsNonRoot | `true` | -| `secondary.containerSecurityContext.privileged` | Set secondary container's Security Context privileged | `false` | -| `secondary.containerSecurityContext.allowPrivilegeEscalation` | Set secondary container's Security Context allowPrivilegeEscalation | `false` | -| `secondary.containerSecurityContext.readOnlyRootFilesystem` | Set container's Security Context readOnlyRootFilesystem | `true` | -| `secondary.containerSecurityContext.capabilities.drop` | List of capabilities to be dropped | `["ALL"]` | -| `secondary.containerSecurityContext.seccompProfile.type` | Set container's Security Context seccomp profile | `RuntimeDefault` | -| `secondary.resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if secondary.resources is set (secondary.resources is recommended for production). | `micro` | -| `secondary.resources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` | -| `secondary.startupProbe.enabled` | Enable startupProbe | `false` | -| `secondary.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `120` | -| `secondary.startupProbe.periodSeconds` | Period seconds for startupProbe | `15` | -| `secondary.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | -| `secondary.startupProbe.failureThreshold` | Failure threshold for startupProbe | `10` | -| `secondary.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `secondary.livenessProbe.enabled` | Enable livenessProbe | `true` | -| `secondary.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `120` | -| `secondary.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `secondary.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `1` | -| `secondary.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` | -| `secondary.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `secondary.readinessProbe.enabled` | Enable readinessProbe | `true` | -| `secondary.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` | -| `secondary.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `secondary.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | -| `secondary.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` | -| `secondary.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `secondary.customStartupProbe` | Override default startup probe for MariaDB secondary containers | `{}` | -| `secondary.customLivenessProbe` | Override default liveness probe for MariaDB secondary containers | `{}` | -| `secondary.customReadinessProbe` | Override default readiness probe for MariaDB secondary containers | `{}` | -| `secondary.startupWaitOptions` | Override default builtin startup wait check options for MariaDB secondary containers | `{}` | -| `secondary.extraFlags` | MariaDB secondary additional command line flags | `""` | -| `secondary.extraEnvVars` | Extra environment variables to be set on MariaDB secondary containers | `[]` | -| `secondary.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for MariaDB secondary containers | `""` | -| `secondary.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for MariaDB secondary containers | `""` | -| `secondary.persistence.enabled` | Enable persistence on MariaDB secondary replicas using a `PersistentVolumeClaim` | `true` | -| `secondary.persistence.subPath` | Subdirectory of the volume to mount at | `""` | -| `secondary.persistence.storageClass` | MariaDB secondary persistent volume storage Class | `""` | -| `secondary.persistence.labels` | Labels for the PVC | `{}` | -| `secondary.persistence.annotations` | MariaDB secondary persistent volume claim annotations | `{}` | -| `secondary.persistence.accessModes` | MariaDB secondary persistent volume access Modes | `["ReadWriteOnce"]` | -| `secondary.persistence.size` | MariaDB secondary persistent volume size | `8Gi` | -| `secondary.persistence.selector` | Selector to match an existing Persistent Volume | `{}` | -| `secondary.extraVolumes` | Optionally specify extra list of additional volumes to the MariaDB secondary pod(s) | `[]` | -| `secondary.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the MariaDB secondary container(s) | `[]` | -| `secondary.initContainers` | Add additional init containers for the MariaDB secondary pod(s) | `[]` | -| `secondary.sidecars` | Add additional sidecar containers for the MariaDB secondary pod(s) | `[]` | -| `secondary.service.type` | MariaDB secondary Kubernetes service type | `ClusterIP` | -| `secondary.service.ports.mysql` | MariaDB secondary Kubernetes service port for MariaDB | `3306` | -| `secondary.service.ports.metrics` | MariaDB secondary Kubernetes service port for metrics | `9104` | -| `secondary.service.nodePorts.mysql` | MariaDB secondary Kubernetes service node port | `""` | -| `secondary.service.clusterIP` | MariaDB secondary Kubernetes service clusterIP IP | `""` | -| `secondary.service.loadBalancerIP` | MariaDB secondary loadBalancerIP if service type is `LoadBalancer` | `""` | -| `secondary.service.externalTrafficPolicy` | Enable client source IP preservation | `Cluster` | -| `secondary.service.loadBalancerSourceRanges` | Address that are allowed when MariaDB secondary service is LoadBalancer | `[]` | -| `secondary.service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | -| `secondary.service.annotations` | Provide any additional annotations which may be required | `{}` | -| `secondary.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | -| `secondary.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | -| `secondary.pdb.create` | Enable/disable a Pod Disruption Budget creation for MariaDB secondary pods | `true` | -| `secondary.pdb.minAvailable` | Minimum number/percentage of MariaDB secondary pods that should remain scheduled | `""` | -| `secondary.pdb.maxUnavailable` | Maximum number/percentage of MariaDB secondary pods that may be made unavailable. Defaults to `1` if both `secondary.pdb.minAvailable` and `secondary.pdb.maxUnavailable` are empty. | `""` | -| `secondary.revisionHistoryLimit` | Maximum number of revisions that will be maintained in the StatefulSet | `10` | - -### RBAC parameters - -| Name | Description | Value | -| --------------------------------------------- | -------------------------------------------------------------- | ------- | -| `serviceAccount.create` | Enable the creation of a ServiceAccount for MariaDB pods | `true` | -| `serviceAccount.name` | Name of the created ServiceAccount | `""` | -| `serviceAccount.annotations` | Annotations for MariaDB Service Account | `{}` | -| `serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `false` | -| `rbac.create` | Whether to create and use RBAC resources or not | `false` | - -### Volume Permissions parameters - -| Name | Description | Value | -| ------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------- | -| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume(s) mountpoint to `runAsUser:fsGroup` | `false` | -| `volumePermissions.image.registry` | Init container volume-permissions image registry | `REGISTRY_NAME` | -| `volumePermissions.image.repository` | Init container volume-permissions image repository | `REPOSITORY_NAME/os-shell` | -| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `volumePermissions.resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if volumePermissions.resources is set (volumePermissions.resources is recommended for production). | `nano` | -| `volumePermissions.resources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` | - -### Metrics parameters - -| Name | Description | Value | -| ----------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------- | -| `metrics.enabled` | Start a side-car prometheus exporter | `false` | -| `metrics.image.registry` | Exporter image registry | `REGISTRY_NAME` | -| `metrics.image.repository` | Exporter image repository | `REPOSITORY_NAME/mysqld-exporter` | -| `metrics.image.digest` | Exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `metrics.image.pullPolicy` | Exporter image pull policy | `IfNotPresent` | -| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `metrics.annotations` | Annotations for the Exporter pod | `{}` | -| `metrics.extraArgs` | Extra args to be passed to mysqld_exporter | `{}` | -| `metrics.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the MariaDB metrics container(s) | `{}` | -| `metrics.containerPorts.http` | Container port for http | `9104` | -| `metrics.containerSecurityContext.enabled` | Enable security context for MariaDB metrics container | `false` | -| `metrics.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `{}` | -| `metrics.containerSecurityContext.runAsUser` | User ID for the MariaDB metrics container | `1001` | -| `metrics.containerSecurityContext.runAsGroup` | Group ID for the MariaDB metrics container | `1001` | -| `metrics.containerSecurityContext.runAsNonRoot` | Set metrics container's Security Context runAsNonRoot | `true` | -| `metrics.containerSecurityContext.privileged` | Set metrics container's Security Context privileged | `false` | -| `metrics.containerSecurityContext.allowPrivilegeEscalation` | Set metrics container's Security Context allowPrivilegeEscalation | `false` | -| `metrics.containerSecurityContext.readOnlyRootFilesystem` | Set container's Security Context readOnlyRootFilesystem | `true` | -| `metrics.containerSecurityContext.capabilities.drop` | List of capabilities to be dropped | `["ALL"]` | -| `metrics.containerSecurityContext.seccompProfile.type` | Set container's Security Context seccomp profile | `RuntimeDefault` | -| `metrics.resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if metrics.resources is set (metrics.resources is recommended for production). | `nano` | -| `metrics.resources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` | -| `metrics.livenessProbe.enabled` | Enable livenessProbe | `true` | -| `metrics.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `120` | -| `metrics.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `metrics.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `1` | -| `metrics.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` | -| `metrics.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `metrics.readinessProbe.enabled` | Enable readinessProbe | `true` | -| `metrics.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` | -| `metrics.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `metrics.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | -| `metrics.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` | -| `metrics.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `metrics.serviceMonitor.enabled` | Create ServiceMonitor Resource for scraping metrics using PrometheusOperator | `false` | -| `metrics.serviceMonitor.namespace` | Namespace which Prometheus is running in | `""` | -| `metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` | -| `metrics.serviceMonitor.interval` | Interval at which metrics should be scraped | `30s` | -| `metrics.serviceMonitor.scrapeTimeout` | Specify the timeout after which the scrape is ended | `""` | -| `metrics.serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping | `[]` | -| `metrics.serviceMonitor.metricRelabelings` | MetricRelabelConfigs to apply to samples before ingestion | `[]` | -| `metrics.serviceMonitor.honorLabels` | honorLabels chooses the metric's labels on collisions with target labels | `false` | -| `metrics.serviceMonitor.selector` | ServiceMonitor selector labels | `{}` | -| `metrics.serviceMonitor.labels` | Extra labels for the ServiceMonitor | `{}` | -| `metrics.prometheusRule.enabled` | if `true`, creates a Prometheus Operator PrometheusRule (also requires `metrics.enabled` to be `true` and `metrics.prometheusRule.rules`) | `false` | -| `metrics.prometheusRule.namespace` | Namespace for the PrometheusRule Resource (defaults to the Release Namespace) | `""` | -| `metrics.prometheusRule.additionalLabels` | Additional labels that can be used so PrometheusRule will be discovered by Prometheus | `{}` | -| `metrics.prometheusRule.rules` | Prometheus Rule definitions | `[]` | - -### NetworkPolicy parameters - -| Name | Description | Value | -| --------------------------------------- | --------------------------------------------------------------- | ------ | -| `networkPolicy.enabled` | Enable creation of NetworkPolicy resources | `true` | -| `networkPolicy.allowExternal` | The Policy model to apply | `true` | -| `networkPolicy.allowExternalEgress` | Allow the pod to access any range of port and all destinations. | `true` | -| `networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolicy | `[]` | -| `networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy | `[]` | -| `networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces | `{}` | -| `networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces | `{}` | - -The above parameters map to the env variables defined in [bitnami/mariadb](https://github.com/bitnami/containers/tree/main/bitnami/mariadb). For more information please refer to the [bitnami/mariadb](https://github.com/bitnami/containers/tree/main/bitnami/mariadb) image documentation. - -Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, - -```console -helm install my-release \ - --set auth.rootPassword=secretpassword,auth.database=app_database \ - oci://REGISTRY_NAME/REPOSITORY_NAME/mariadb -``` - -> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. - -The above command sets the MariaDB `root` account password to `secretpassword`. Additionally it creates a database named `my_database`. - -> NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available. - -Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, - -```console -helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/mariadb -``` - -> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. -> **Tip**: You can use the default [values.yaml](https://github.com/bitnami/charts/tree/main/bitnami/mariadb/values.yaml) - -## Troubleshooting - -Find more information about how to deal with common errors related to Bitnami's Helm charts in [this troubleshooting guide](https://docs.bitnami.com/general/how-to/troubleshoot-helm-chart-issues). - -## Upgrading - -It's necessary to set the `auth.rootPassword` parameter when upgrading for readiness/liveness probes to work properly. When you install this chart for the first time, some notes will be displayed providing the credentials you must use under the 'Administrator credentials' section. Please note down the password and run the command below to upgrade your chart: - -```console -helm upgrade my-release oci://REGISTRY_NAME/REPOSITORY_NAME/mariadb --set auth.rootPassword=[ROOT_PASSWORD] -``` - -> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. - -| Note: you need to substitute the placeholder _[ROOT_PASSWORD]_ with the value obtained in the installation notes. - -### To 17.0.0 - -This major bump changes the following security defaults: - -- `runAsGroup` is changed from `0` to `1001` -- `readOnlyRootFilesystem` is set to `true` -- `resourcesPreset` is changed from `none` to the minimum size working in our test suites (NOTE: `resourcesPreset` is not meant for production usage, but `resources` adapted to your use case). -- `global.compatibility.openshift.adaptSecurityContext` is changed from `disabled` to `auto`. - -This could potentially break any customization or init scripts used in your deployment. If this is the case, change the default values to the previous ones. - -### To 16.0.0 - -This section enables NetworkPolicies by default to increase security of the application. It also adapts the values in the `networkPolicy` section to the current Bitnami standards. The removed sections are `networkPolicy.metrics.*`, `networkPolicy.ingressRules.*` and `networkPolicy.egressRules.*`. Check the Parameters table for the new structure. - -### To 14.0.0 - -This major release bumps the MariaDB version to 11.1. Follow the [upstream instructions](https://mariadb.com/kb/en/upgrading-between-minor-versions-on-linux/) for upgrading from MariaDB 11.0 to 11.1. No major issues are expected during the upgrade. - -### To 13.0.0 - -This major release bumps the MariaDB version to 11.0. Follow the [upstream instructions](https://mariadb.com/kb/en/upgrading-from-mariadb-10-11-to-mariadb-11-0/) for upgrading from MariaDB 10.11 to 11.0. No major issues are expected during the upgrade. - -### To 11.0.0 - -This major release bumps default MariaDB branch to 10.6. Follow the [official instructions](https://mariadb.com/kb/en/upgrading-from-mariadb-105-to-mariadb-106/) from upgrading between 10.5 and 10.6. - -No major issues are expected during the upgrade. - -### To 10.0.0 - -This major release renames several values in this chart and adds missing features, in order to be inline with the rest of assets in the Bitnami charts repository. - -Affected values: - -- `primary.service.port` was deprecated, we recommend using `primary.service.ports.mysql` instead. -- `primary.service.nodePort` was deprecated, we recommend using `primary.service.nodePorts.mysql` instead. -- `secondary.service.port` was deprecated, we recommend using `secondary.service.ports.mysql` instead. -- `secondary.service.nodePort` was deprecated, we recommend using `secondary.service.nodePorts.mysql` instead. -- `metrics.serviceMonitor.additionalLabels` was deprecated, we recommend using `metrics.serviceMonitor.selector` instead. -- `primary.pdb.enabled` renamed as `primary.pdb.create`. -- `secondary.pdb.enabled` renamed as `secondary.pdb.create`. -- `primary.updateStrategy` changed from String type (previously default to 'rollingUpdate') to Object type, allowing users to configure other updateStrategy parameters, similar to other charts. -- Removed value `primary.rollingUpdatePartition`, now configured using `primary.updateStrategy` setting `primary.updateStrategy.rollingUpdate.partition`. -- `secondary.updateStrategy` changed from String type (previously default to 'rollingUpdate') to Object type, allowing users to configure other updateStrategy parameters, similar to other charts. -- Removed value `secondary.rollingUpdatePartition`, now configured using `secondary.updateStrategy` setting `secondary.updateStrategy.rollingUpdate.partition`. -- `metrics.serviceMonitor.relabellings`, previously used to configure ServiceMonitor metricRelabelings, has been replaced with the value `metrics.serviceMonitor.metricRelabelings`, and new value `metrics.serviceMonitor.relabelings` can be used to set ServiceMonitor relabelings parameter - -### To 9.0.0 - -[On November 13, 2020, Helm v2 support was formally finished](https://github.com/helm/charts#status-of-the-project), this major version is the result of the required changes applied to the Helm Chart to be able to incorporate the different features added in Helm v3 and to be consistent with the Helm project itself regarding the Helm v2 EOL. - -### To 8.0.0 - -- Several parameters were renamed or disappeared in favor of new ones on this major version: - - The terms _master_ and _slave_ have been replaced by the terms _primary_ and _secondary_. Therefore, parameters prefixed with `master` or `slave` are now prefixed with `primary` or `secondary`, respectively. - - `securityContext.*` is deprecated in favor of `primary.podSecurityContext`, `primary.containerSecurityContext`, `secondary.podSecurityContext`, and `secondary.containerSecurityContext`. - - Credentials parameter are reorganized under the `auth` parameter. - - `replication.enabled` parameter is deprecated in favor of `architecture` parameter that accepts two values: `standalone` and `replication`. -- The default MariaDB version was updated from 10.3 to 10.5. According to the official documentation, upgrading from 10.3 should be painless. However, there are some things that have changed which could affect an upgrade: - - [Incompatible changes upgrading from MariaDB 10.3 to MariaDB 10.4](https://mariadb.com/kb/en/upgrading-from-mariadb-103-to-mariadb-104/#incompatible-changes-between-103-and-104). - - [Incompatible changes upgrading from MariaDB 10.4 to MariaDB 10.5](https://mariadb.com/kb/en/upgrading-from-mariadb-104-to-mariadb-105/#incompatible-changes-between-104-and-105). -- Chart labels were adapted to follow the [Helm charts standard labels](https://helm.sh/docs/chart_best_practices/labels/#standard-labels). -- This version also introduces `bitnami/common`, a [library chart](https://helm.sh/docs/topics/library_charts/#helm) as a dependency. More documentation about this new utility could be found [here](https://github.com/bitnami/charts/tree/main/bitnami/common#bitnami-common-library-chart). Please, make sure that you have updated the chart dependencies before executing any upgrade. - -Consequences: - -Backwards compatibility is not guaranteed. To upgrade to `8.0.0`, install a new release of the MariaDB chart, and migrate the data from your previous release. You have 2 alternatives to do so: - -- Create a backup of the database, and restore it on the new release using tools such as [mysqldump](https://mariadb.com/kb/en/mysqldump/). -- Reuse the PVC used to hold the master data on your previous release. To do so, use the `primary.persistence.existingClaim` parameter. The following example assumes that the release name is `mariadb`: - -```console -helm install mariadb oci://REGISTRY_NAME/REPOSITORY_NAME/mariadb --set auth.rootPassword=[ROOT_PASSWORD] --set primary.persistence.existingClaim=[EXISTING_PVC] -``` - -> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. - -| Note: you need to substitute the placeholder _[EXISTING_PVC]_ with the name of the PVC used on your previous release, and _[ROOT_PASSWORD]_ with the root password used in your previous release. - -### To 7.0.0 - -Helm performs a lookup for the object based on its group (apps), version (v1), and kind (Deployment). Also known as its GroupVersionKind, or GVK. Changing the GVK is considered a compatibility breaker from Kubernetes' point of view, so you cannot "upgrade" those objects to the new GVK in-place. Earlier versions of Helm 3 did not perform the lookup correctly which has since been fixed to match the spec. - -In the `apiVersion` of the statefulset resources was updated to `apps/v1` in tune with the api's deprecated, resulting in compatibility breakage. - -This major version bump signifies this change. - -### To 6.0.0 - -MariaDB version was updated from 10.1 to 10.3, there are no changes in the chart itself. According to the official documentation, upgrading from 10.1 should be painless. However, there are some things that have changed which could affect an upgrade: - -- [Incompatible changes upgrading from MariaDB 10.1 to MariaDB 10.2](https://mariadb.com/kb/en/library/upgrading-from-mariadb-101-to-mariadb-102//#incompatible-changes-between-101-and-102) -- [Incompatible changes upgrading from MariaDB 10.2 to MariaDB 10.3](https://mariadb.com/kb/en/library/upgrading-from-mariadb-102-to-mariadb-103/#incompatible-changes-between-102-and-103) - -### To 5.0.0 - -Backwards compatibility is not guaranteed unless you modify the labels used on the chart's deployments. -Use the workaround below to upgrade from versions previous to 5.0.0. The following example assumes that the release name is mariadb: - -```console -kubectl delete statefulset opencart-mariadb --cascade=false -``` - -## License - -Copyright © 2024 Broadcom. The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. \ No newline at end of file diff --git a/charts/mariadb/mariadb/templates/NOTES.txt b/charts/mariadb/mariadb/templates/NOTES.txt deleted file mode 100644 index c5e1110..0000000 --- a/charts/mariadb/mariadb/templates/NOTES.txt +++ /dev/null @@ -1,77 +0,0 @@ -CHART NAME: {{ .Chart.Name }} -CHART VERSION: {{ .Chart.Version }} -APP VERSION: {{ .Chart.AppVersion }} - -** Please be patient while the chart is being deployed ** - -{{- if .Values.diagnosticMode.enabled }} -The chart has been deployed in diagnostic mode. All probes have been disabled and the command has been overwritten with: - - command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 4 }} - args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 4 }} - -Get the list of pods by executing: - - kubectl get pods --namespace {{ .Release.Namespace }} -l app.kubernetes.io/instance={{ .Release.Name }} - -Access the pod you want to debug by executing - - kubectl exec --namespace {{ .Release.Namespace }} -ti -- bash - -In order to replicate the container startup scripts execute this command: - - /opt/bitnami/scripts/mariadb/entrypoint.sh /opt/bitnami/scripts/mariadb/run.sh - -{{- else }} - -Tip: - - Watch the deployment status using the command: kubectl get pods -w --namespace {{ .Release.Namespace }} -l app.kubernetes.io/instance={{ .Release.Name }} - -Services: - - echo Primary: {{ include "mariadb.primary.fullname" . }}.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }}:{{ coalesce .Values.primary.service.ports.mysql .Values.primary.service.port }} -{{- if eq .Values.architecture "replication" }} - echo Secondary: {{ include "mariadb.secondary.fullname" . }}.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }}:{{ coalesce .Values.secondary.service.ports.mysql .Values.secondary.service.port }} -{{- end }} - -Administrator credentials: - - Username: root - Password : $(kubectl get secret --namespace {{ .Release.Namespace }} {{ template "mariadb.secretName" . }} -o jsonpath="{.data.mariadb-root-password}" | base64 -d) - -To connect to your database: - - 1. Run a pod that you can use as a client: - - kubectl run {{ include "common.names.fullname" . }}-client --rm --tty -i --restart='Never' --image {{ template "mariadb.image" . }} --namespace {{ .Release.Namespace }} --command -- bash - - 2. To connect to primary service (read/write): - - mysql -h {{ include "mariadb.primary.fullname" . }}.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }} -uroot -p {{ .Values.auth.database }} - -{{- if eq .Values.architecture "replication" }} - - 3. To connect to secondary service (read-only): - - mysql -h {{ include "mariadb.secondary.fullname" . }}.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }} -uroot -p {{ .Values.auth.database }} -{{- end }} - -To upgrade this helm chart: - - 1. Obtain the password as described on the 'Administrator credentials' section and set the 'auth.rootPassword' parameter as shown below: - - ROOT_PASSWORD=$(kubectl get secret --namespace {{ .Release.Namespace }} {{ template "mariadb.secretName" . }} -o jsonpath="{.data.mariadb-root-password}" | base64 -d) - helm upgrade --namespace {{ .Release.Namespace }} {{ .Release.Name }} oci://registry-1.docker.io/bitnamicharts/mariadb --set auth.rootPassword=$ROOT_PASSWORD - -{{- include "common.warnings.rollingTag" .Values.image }} -{{- include "common.warnings.rollingTag" .Values.metrics.image }} -{{- include "common.warnings.rollingTag" .Values.volumePermissions.image }} -{{- include "mariadb.validateValues" . }} -{{- if not .Values.auth.customPasswordFiles -}} - {{- $passwordValidationErrors := include "common.validations.values.mariadb.passwords" (dict "secret" (include "common.names.fullname" .) "context" $) -}} - {{- include "common.errors.upgrade.passwords.empty" (dict "validationErrors" (list $passwordValidationErrors) "context" $) -}} -{{- end }} -{{- end }} -{{- include "common.warnings.resources" (dict "sections" (list "metrics" "primary" "secondary" "volumePermissions") "context" $) }} -{{- include "common.warnings.modifiedImages" (dict "images" (list .Values.image .Values.volumePermissions.image .Values.metrics.image) "context" $) }} \ No newline at end of file diff --git a/charts/mariadb/mariadb/templates/_helpers.tpl b/charts/mariadb/mariadb/templates/_helpers.tpl deleted file mode 100644 index e871624..0000000 --- a/charts/mariadb/mariadb/templates/_helpers.tpl +++ /dev/null @@ -1,164 +0,0 @@ -{{/* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{/* vim: set filetype=mustache: */}} - -{{- define "mariadb.primary.fullname" -}} -{{- if eq .Values.architecture "replication" }} -{{- printf "%s-%s" (include "common.names.fullname" .) .Values.primary.name | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- include "common.names.fullname" . -}} -{{- end -}} -{{- end -}} - -{{- define "mariadb.secondary.fullname" -}} -{{- printf "%s-%s" (include "common.names.fullname" .) .Values.secondary.name | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Return the proper MariaDB image name -*/}} -{{- define "mariadb.image" -}} -{{ include "common.images.image" (dict "imageRoot" .Values.image "global" .Values.global) }} -{{- end -}} - -{{/* -Return the proper metrics image name -*/}} -{{- define "mariadb.metrics.image" -}} -{{ include "common.images.image" (dict "imageRoot" .Values.metrics.image "global" .Values.global) }} -{{- end -}} - -{{/* -Return the proper image name (for the init container volume-permissions image) -*/}} -{{- define "mariadb.volumePermissions.image" -}} -{{ include "common.images.image" (dict "imageRoot" .Values.volumePermissions.image "global" .Values.global) }} -{{- end -}} - -{{/* -Return the proper Docker Image Registry Secret Names -*/}} -{{- define "mariadb.imagePullSecrets" -}} -{{ include "common.images.pullSecrets" (dict "images" (list .Values.image .Values.metrics.image .Values.volumePermissions.image) "global" .Values.global) }} -{{- end -}} - -{{ template "mariadb.initdbScriptsCM" . }} -{{/* -Get the initialization scripts ConfigMap name. -*/}} -{{- define "mariadb.initdbScriptsCM" -}} -{{- if .Values.initdbScriptsConfigMap -}} -{{- printf "%s" (tpl .Values.initdbScriptsConfigMap $) -}} -{{- else -}} -{{- printf "%s-init-scripts" (include "mariadb.primary.fullname" .) -}} -{{- end -}} -{{- end -}} - -{{/* -Create the name of the service account to use -*/}} -{{- define "mariadb.serviceAccountName" -}} -{{- if .Values.serviceAccount.create -}} - {{ default (include "common.names.fullname" .) .Values.serviceAccount.name }} -{{- else -}} - {{ default "default" .Values.serviceAccount.name }} -{{- end -}} -{{- end -}} - -{{/* -Return the configmap with the MariaDB Primary configuration -*/}} -{{- define "mariadb.primary.configmapName" -}} -{{- if .Values.primary.existingConfigmap -}} - {{- printf "%s" (tpl .Values.primary.existingConfigmap $) -}} -{{- else -}} - {{- printf "%s" (include "mariadb.primary.fullname" .) -}} -{{- end -}} -{{- end -}} - -{{/* -Return true if a configmap object should be created for MariaDB Secondary -*/}} -{{- define "mariadb.primary.createConfigmap" -}} -{{- if and .Values.primary.configuration (not .Values.primary.existingConfigmap) }} - {{- true -}} -{{- else -}} -{{- end -}} -{{- end -}} - -{{/* -Return the configmap with the MariaDB Primary configuration -*/}} -{{- define "mariadb.secondary.configmapName" -}} -{{- if .Values.secondary.existingConfigmap -}} - {{- printf "%s" (tpl .Values.secondary.existingConfigmap $) -}} -{{- else -}} - {{- printf "%s" (include "mariadb.secondary.fullname" .) -}} -{{- end -}} -{{- end -}} - -{{/* -Return true if a configmap object should be created for MariaDB Secondary -*/}} -{{- define "mariadb.secondary.createConfigmap" -}} -{{- if and (eq .Values.architecture "replication") .Values.secondary.configuration (not .Values.secondary.existingConfigmap) }} - {{- true -}} -{{- else -}} -{{- end -}} -{{- end -}} - -{{/* -Return the secret with MariaDB credentials -*/}} -{{- define "mariadb.secretName" -}} - {{- if .Values.auth.existingSecret -}} - {{- printf "%s" (tpl .Values.auth.existingSecret $) -}} - {{- else -}} - {{- printf "%s" (include "common.names.fullname" .) -}} - {{- end -}} -{{- end -}} - -{{/* -Return true if a secret object should be created for MariaDB -*/}} -{{- define "mariadb.createSecret" -}} -{{- if not (or .Values.auth.existingSecret .Values.auth.customPasswordFiles) }} - {{- true -}} -{{- end -}} -{{- end -}} - -{{/* -Compile all warnings into a single message, and call fail. -*/}} -{{- define "mariadb.validateValues" -}} -{{- $messages := list -}} -{{- $messages := append $messages (include "mariadb.validateValues.architecture" .) -}} -{{- $messages := without $messages "" -}} -{{- $message := join "\n" $messages -}} - -{{- if $message -}} -{{- printf "\nVALUES VALIDATION:\n%s" $message | fail -}} -{{- end -}} -{{- end -}} - -{{/* Validate values of MariaDB - must provide a valid architecture */}} -{{- define "mariadb.validateValues.architecture" -}} -{{- if and (ne .Values.architecture "standalone") (ne .Values.architecture "replication") -}} -mariadb: architecture - Invalid architecture selected. Valid values are "standalone" and - "replication". Please set a valid architecture (--set architecture="xxxx") -{{- end -}} -{{- end -}} - -{{/* -Get existing password to access MariaDB -*/}} -{{- define "mariadb.secret.existPassword" -}} -{{- $secret := (lookup "v1" "Secret" .Release.Namespace (include "mariadb.secretName" .)).data -}} -{{- if hasKey $secret "mariadb-password" }} - {{- true -}} -{{- end -}} -{{- end -}} diff --git a/charts/mariadb/mariadb/templates/extra-list.yaml b/charts/mariadb/mariadb/templates/extra-list.yaml deleted file mode 100644 index 329f5c6..0000000 --- a/charts/mariadb/mariadb/templates/extra-list.yaml +++ /dev/null @@ -1,9 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- range .Values.extraDeploy }} ---- -{{ include "common.tplvalues.render" (dict "value" . "context" $) }} -{{- end }} diff --git a/charts/mariadb/mariadb/templates/networkpolicy.yaml b/charts/mariadb/mariadb/templates/networkpolicy.yaml deleted file mode 100644 index c7f6053..0000000 --- a/charts/mariadb/mariadb/templates/networkpolicy.yaml +++ /dev/null @@ -1,76 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if .Values.networkPolicy.enabled }} -kind: NetworkPolicy -apiVersion: {{ template "common.capabilities.networkPolicy.apiVersion" . }} -metadata: - name: {{ template "common.names.fullname" . }} - namespace: {{ include "common.names.namespace" . | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -spec: - podSelector: - matchLabels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 6 }} - policyTypes: - - Ingress - - Egress - {{- if .Values.networkPolicy.allowExternalEgress }} - egress: - - {} - {{- else }} - egress: - # Allow dns resolution - - ports: - - port: 53 - protocol: UDP - - port: 53 - protocol: TCP - # Allow connection to other cluster pods - - ports: - - port: {{ .Values.primary.containerPorts.mysql }} - - port: {{ .Values.secondary.containerPorts.mysql }} - to: - - podSelector: - matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 14 }} - {{- if .Values.networkPolicy.extraEgress }} - {{- include "common.tplvalues.render" ( dict "value" .Values.rts.networkPolicy.extraEgress "context" $ ) | nindent 4 }} - {{- end }} - {{- end }} - ingress: - - ports: - - port: {{ .Values.primary.containerPorts.mysql }} - - port: {{ .Values.secondary.containerPorts.mysql }} - {{- if .Values.metrics.enabled }} - - port: {{ .Values.metrics.containerPorts.http }} - {{- end }} - {{- if not .Values.networkPolicy.allowExternal }} - from: - - podSelector: - matchLabels: - {{ template "common.names.fullname" . }}-client: "true" - - podSelector: - matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 14 }} - {{- if .Values.networkPolicy.ingressNSMatchLabels }} - - namespaceSelector: - matchLabels: - {{- range $key, $value := .Values.networkPolicy.ingressNSMatchLabels }} - {{ $key | quote }}: {{ $value | quote }} - {{- end }} - {{- if .Values.networkPolicy.ingressNSPodMatchLabels }} - podSelector: - matchLabels: - {{- range $key, $value := .Values.networkPolicy.ingressNSPodMatchLabels }} - {{ $key | quote }}: {{ $value | quote }} - {{- end }} - {{- end }} - {{- end }} - {{- end }} - {{- if .Values.networkPolicy.extraIngress }} - {{- include "common.tplvalues.render" ( dict "value" .Values.networkPolicy.extraIngress "context" $ ) | nindent 4 }} - {{- end }} -{{- end }} diff --git a/charts/mariadb/mariadb/templates/primary/configmap.yaml b/charts/mariadb/mariadb/templates/primary/configmap.yaml deleted file mode 100644 index 37136a9..0000000 --- a/charts/mariadb/mariadb/templates/primary/configmap.yaml +++ /dev/null @@ -1,20 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if (include "mariadb.primary.createConfigmap" .) }} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "mariadb.primary.fullname" . }} - namespace: {{ .Release.Namespace | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - app.kubernetes.io/component: primary - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -data: - my.cnf: |- - {{- include "common.tplvalues.render" ( dict "value" .Values.primary.configuration "context" $ ) | nindent 4 }} -{{- end -}} diff --git a/charts/mariadb/mariadb/templates/primary/initialization-configmap.yaml b/charts/mariadb/mariadb/templates/primary/initialization-configmap.yaml deleted file mode 100644 index eab9863..0000000 --- a/charts/mariadb/mariadb/templates/primary/initialization-configmap.yaml +++ /dev/null @@ -1,19 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if and .Values.initdbScripts (not .Values.initdbScriptsConfigMap) }} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ printf "%s-init-scripts" (include "mariadb.primary.fullname" .) }} - namespace: {{ .Release.Namespace | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - app.kubernetes.io/component: primary - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -data: -{{- include "common.tplvalues.render" (dict "value" .Values.initdbScripts "context" .) | nindent 2 }} -{{ end }} diff --git a/charts/mariadb/mariadb/templates/primary/pdb.yaml b/charts/mariadb/mariadb/templates/primary/pdb.yaml deleted file mode 100644 index 5f4f652..0000000 --- a/charts/mariadb/mariadb/templates/primary/pdb.yaml +++ /dev/null @@ -1,28 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if .Values.primary.pdb.create }} -apiVersion: {{ include "common.capabilities.policy.apiVersion" . }} -kind: PodDisruptionBudget -metadata: - name: {{ include "mariadb.primary.fullname" . }} - namespace: {{ .Release.Namespace | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - app.kubernetes.io/component: primary - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -spec: - {{- if .Values.primary.pdb.minAvailable }} - minAvailable: {{ .Values.primary.pdb.minAvailable }} - {{- end }} - {{- if or .Values.primary.pdb.maxUnavailable (not .Values.primary.pdb.minAvailable) }} - maxUnavailable: {{ .Values.primary.pdb.maxUnavailable | default 1 }} - {{- end }} - {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.primary.podLabels .Values.commonLabels ) "context" . ) }} - selector: - matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }} - app.kubernetes.io/component: primary -{{- end }} diff --git a/charts/mariadb/mariadb/templates/primary/statefulset.yaml b/charts/mariadb/mariadb/templates/primary/statefulset.yaml deleted file mode 100644 index 9b66234..0000000 --- a/charts/mariadb/mariadb/templates/primary/statefulset.yaml +++ /dev/null @@ -1,443 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -apiVersion: {{ include "common.capabilities.statefulset.apiVersion" . }} -kind: StatefulSet -metadata: - name: {{ include "mariadb.primary.fullname" . }} - namespace: {{ .Release.Namespace | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - app.kubernetes.io/component: primary - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -spec: - replicas: 1 - revisionHistoryLimit: {{ .Values.primary.revisionHistoryLimit }} - {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.primary.podLabels .Values.commonLabels ) "context" . ) }} - selector: - matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }} - app.kubernetes.io/component: primary - serviceName: {{ include "mariadb.primary.fullname" . }} - {{- if .Values.primary.updateStrategy }} - updateStrategy: {{- toYaml .Values.primary.updateStrategy | nindent 4 }} - {{- end }} - template: - metadata: - annotations: - {{- if (include "mariadb.primary.createConfigmap" .) }} - checksum/configuration: {{ include (print $.Template.BasePath "/primary/configmap.yaml") . | sha256sum }} - {{- end }} - {{- if .Values.primary.podAnnotations }} - {{- include "common.tplvalues.render" (dict "value" .Values.primary.podAnnotations "context" $) | nindent 8 }} - {{- end }} - labels: {{- include "common.labels.standard" ( dict "customLabels" $podLabels "context" $ ) | nindent 8 }} - app.kubernetes.io/component: primary - spec: - {{- include "mariadb.imagePullSecrets" . | nindent 6 }} - automountServiceAccountToken: {{ .Values.primary.automountServiceAccountToken }} - {{- if .Values.primary.hostAliases }} - hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.primary.hostAliases "context" $) | nindent 8 }} - {{- end }} - {{- if or .Values.primary.schedulerName .Values.schedulerName }} - schedulerName: {{ (coalesce .Values.primary.schedulerName .Values.schedulerName) | quote }} - {{- end }} - serviceAccountName: {{ template "mariadb.serviceAccountName" . }} - {{- if .Values.primary.affinity }} - affinity: {{- include "common.tplvalues.render" (dict "value" .Values.primary.affinity "context" $) | nindent 8 }} - {{- else }} - affinity: - podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.primary.podAffinityPreset "component" "primary" "customLabels" $podLabels "context" $) | nindent 10 }} - podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.primary.podAntiAffinityPreset "component" "primary" "customLabels" $podLabels "context" $) | nindent 10 }} - nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.primary.nodeAffinityPreset.type "key" .Values.primary.nodeAffinityPreset.key "values" .Values.primary.nodeAffinityPreset.values) | nindent 10 }} - {{- end }} - {{- if .Values.primary.nodeSelector }} - nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.primary.nodeSelector "context" $) | nindent 8 }} - {{- end }} - {{- if .Values.primary.tolerations }} - tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.primary.tolerations "context" $) | nindent 8 }} - {{- end }} - {{- if .Values.primary.schedulerName }} - schedulerName: {{ .Values.primary.schedulerName }} - {{- end }} - {{- if .Values.primary.topologySpreadConstraints }} - topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.primary.topologySpreadConstraints "context" $) | nindent 8 }} - {{- end }} - {{- if .Values.primary.priorityClassName }} - priorityClassName: {{ .Values.primary.priorityClassName | quote }} - {{- else if .Values.priorityClassName }} - priorityClassName: {{ .Values.priorityClassName | quote }} - {{- end }} - {{- if .Values.primary.runtimeClassName }} - runtimeClassName: {{ .Values.primary.runtimeClassName | quote }} - {{- else if .Values.runtimeClassName }} - runtimeClassName: {{ .Values.runtimeClassName | quote }} - {{- end }} - {{- if .Values.primary.podSecurityContext.enabled }} - securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.primary.podSecurityContext "context" $) | nindent 8 }} - {{- end }} - initContainers: - - name: preserve-logs-symlinks - image: {{ include "mariadb.image" . }} - imagePullPolicy: {{ .Values.image.pullPolicy | quote }} - {{- if .Values.primary.containerSecurityContext.enabled }} - securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.primary.containerSecurityContext "context" $) | nindent 12 }} - {{- end }} - {{- if .Values.primary.resources }} - resources: {{ toYaml .Values.primary.resources | nindent 12 }} - {{- else if ne .Values.primary.resourcesPreset "none" }} - resources: {{- include "common.resources.preset" (dict "type" .Values.primary.resourcesPreset) | nindent 12 }} - {{- end }} - command: - - /bin/bash - args: - - -ec - - | - #!/bin/bash - - . /opt/bitnami/scripts/libfs.sh - # We copy the logs folder because it has symlinks to stdout and stderr - if ! is_dir_empty /opt/bitnami/mariadb/logs; then - cp -r /opt/bitnami/mariadb/logs /emptydir/app-logs-dir - fi - volumeMounts: - - name: empty-dir - mountPath: /emptydir - {{- if and .Values.primary.podSecurityContext.enabled .Values.volumePermissions.enabled .Values.primary.persistence.enabled }} - - name: volume-permissions - image: {{ include "mariadb.volumePermissions.image" . }} - imagePullPolicy: {{ .Values.volumePermissions.image.pullPolicy | quote }} - command: - - /bin/bash - - -ec - - | - chown -R {{ .Values.primary.containerSecurityContext.runAsUser }}:{{ .Values.primary.podSecurityContext.fsGroup }} /bitnami/mariadb - securityContext: - runAsUser: 0 - {{- if .Values.volumePermissions.resources }} - resources: {{- toYaml .Values.volumePermissions.resources | nindent 12 }} - {{- else if ne .Values.volumePermissions.resourcesPreset "none" }} - resources: {{- include "common.resources.preset" (dict "type" .Values.volumePermissions.resourcesPreset) | nindent 12 }} - {{- end }} - volumeMounts: - - name: data - mountPath: /bitnami/mariadb - {{- if .Values.primary.persistence.subPath }} - subPath: {{ .Values.primary.persistence.subPath }} - {{- end }} - - name: empty-dir - mountPath: /tmp - subPath: tmp-dir - {{- end }} - {{- if .Values.primary.initContainers }} - {{- include "common.tplvalues.render" (dict "value" .Values.primary.initContainers "context" $) | nindent 8 }} - {{- end }} - containers: - - name: mariadb - image: {{ include "mariadb.image" . }} - imagePullPolicy: {{ .Values.image.pullPolicy | quote }} - {{- if .Values.primary.containerSecurityContext.enabled }} - securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.primary.containerSecurityContext "context" $) | nindent 12 }} - {{- end }} - {{- if .Values.diagnosticMode.enabled }} - command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }} - {{- else if .Values.primary.command }} - command: {{- include "common.tplvalues.render" (dict "value" .Values.primary.command "context" $) | nindent 12 }} - {{- end }} - {{- if .Values.diagnosticMode.enabled }} - args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 12 }} - {{- else if .Values.primary.args }} - args: {{- include "common.tplvalues.render" (dict "value" .Values.primary.args "context" $) | nindent 12 }} - {{- end }} - {{- if .Values.primary.lifecycleHooks }} - lifecycle: {{- include "common.tplvalues.render" (dict "value" .Values.primary.lifecycleHooks "context" $) | nindent 12 }} - {{- end }} - env: - - name: BITNAMI_DEBUG - value: {{ ternary "true" "false" (or .Values.image.debug .Values.diagnosticMode.enabled) | quote }} - {{- if .Values.auth.usePasswordFiles }} - - name: MARIADB_ROOT_PASSWORD_FILE - value: {{ default "/opt/bitnami/mariadb/secrets/mariadb-root-password" .Values.auth.customPasswordFiles.root }} - {{- else }} - - name: MARIADB_ROOT_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "mariadb.secretName" . }} - key: mariadb-root-password - {{- end }} - {{- if not (empty .Values.auth.username) }} - - name: MARIADB_USER - value: {{ .Values.auth.username | quote }} - {{- if .Values.auth.usePasswordFiles }} - - name: MARIADB_PASSWORD_FILE - value: {{ default "/opt/bitnami/mariadb/secrets/mariadb-password" .Values.auth.customPasswordFiles.user }} - {{- else }} - - name: MARIADB_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "mariadb.secretName" . }} - key: mariadb-password - {{- end }} - {{- end }} - - name: MARIADB_DATABASE - value: {{ .Values.auth.database | quote }} - {{- if eq .Values.architecture "replication" }} - - name: MARIADB_REPLICATION_MODE - value: "master" - - name: MARIADB_REPLICATION_USER - value: {{ .Values.auth.replicationUser | quote }} - {{- if .Values.auth.usePasswordFiles }} - - name: MARIADB_REPLICATION_PASSWORD_FILE - value: {{ default "/opt/bitnami/mariadb/secrets/mariadb-replication-password" .Values.auth.customPasswordFiles.replicator }} - {{- else }} - - name: MARIADB_REPLICATION_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "mariadb.secretName" . }} - key: mariadb-replication-password - {{- end }} - {{- end }} - {{- if .Values.primary.extraFlags }} - - name: MARIADB_EXTRA_FLAGS - value: "{{ .Values.primary.extraFlags }}" - {{- end }} - {{- if .Values.primary.startupWaitOptions }} - - name: MARIADB_STARTUP_WAIT_RETRIES - value: "{{ .Values.primary.startupWaitOptions.retries | default 300 }}" - - name: MARIADB_STARTUP_WAIT_SLEEP_TIME - value: "{{ .Values.primary.startupWaitOptions.sleepTime | default 2 }}" - {{- end }} - {{- if .Values.primary.extraEnvVars }} - {{- include "common.tplvalues.render" (dict "value" .Values.primary.extraEnvVars "context" $) | nindent 12 }} - {{- end }} - {{- if or .Values.primary.extraEnvVarsCM .Values.primary.extraEnvVarsSecret }} - envFrom: - {{- if .Values.primary.extraEnvVarsCM }} - - configMapRef: - name: {{ .Values.primary.extraEnvVarsCM }} - {{- end }} - {{- if .Values.primary.extraEnvVarsSecret }} - - secretRef: - name: {{ .Values.primary.extraEnvVarsSecret }} - {{- end }} - {{- end }} - ports: - - name: mysql - containerPort: {{ .Values.primary.containerPorts.mysql }} - {{- if not .Values.diagnosticMode.enabled }} - {{- if .Values.primary.customStartupProbe }} - startupProbe: {{- include "common.tplvalues.render" (dict "value" .Values.primary.customStartupProbe "context" $) | nindent 12 }} - {{- else if .Values.primary.startupProbe.enabled }} - startupProbe: {{- omit .Values.primary.startupProbe "enabled" | toYaml | nindent 12 }} - exec: - command: - - /bin/bash - - -ec - - | - password_aux="${MARIADB_ROOT_PASSWORD:-}" - if [[ -f "${MARIADB_ROOT_PASSWORD_FILE:-}" ]]; then - password_aux=$(cat "$MARIADB_ROOT_PASSWORD_FILE") - fi - mariadb-admin ping -uroot -p"${password_aux}" - {{- end }} - {{- if .Values.primary.customLivenessProbe }} - livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.primary.customLivenessProbe "context" $) | nindent 12 }} - {{- else if .Values.primary.livenessProbe.enabled }} - livenessProbe: {{- omit .Values.primary.livenessProbe "enabled" | toYaml | nindent 12 }} - exec: - command: - - /bin/bash - - -ec - - | - password_aux="${MARIADB_ROOT_PASSWORD:-}" - if [[ -f "${MARIADB_ROOT_PASSWORD_FILE:-}" ]]; then - password_aux=$(cat "$MARIADB_ROOT_PASSWORD_FILE") - fi - mariadb-admin status -uroot -p"${password_aux}" - {{- end }} - {{- if .Values.primary.customReadinessProbe }} - readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.primary.customReadinessProbe "context" $) | nindent 12 }} - {{- else if .Values.primary.readinessProbe.enabled }} - readinessProbe: {{- omit .Values.primary.readinessProbe "enabled" | toYaml | nindent 12 }} - exec: - command: - - /bin/bash - - -ec - - | - password_aux="${MARIADB_ROOT_PASSWORD:-}" - if [[ -f "${MARIADB_ROOT_PASSWORD_FILE:-}" ]]; then - password_aux=$(cat "$MARIADB_ROOT_PASSWORD_FILE") - fi - mariadb-admin ping -uroot -p"${password_aux}" - {{- end }} - {{- end }} - {{- if .Values.primary.resources }} - resources: {{ toYaml .Values.primary.resources | nindent 12 }} - {{- else if ne .Values.primary.resourcesPreset "none" }} - resources: {{- include "common.resources.preset" (dict "type" .Values.primary.resourcesPreset) | nindent 12 }} - {{- end }} - volumeMounts: - - name: data - mountPath: /bitnami/mariadb - {{- if .Values.primary.persistence.subPath }} - subPath: {{ .Values.primary.persistence.subPath }} - {{- end }} - {{- if or .Values.initdbScriptsConfigMap .Values.initdbScripts }} - - name: custom-init-scripts - mountPath: /docker-entrypoint-initdb.d - {{- end }} - {{- if or .Values.primary.configuration .Values.primary.existingConfigmap }} - - name: config - mountPath: /opt/bitnami/mariadb/conf/my.cnf - subPath: my.cnf - {{- end }} - {{- if and .Values.auth.usePasswordFiles (not .Values.auth.customPasswordFiles) }} - - name: mariadb-credentials - mountPath: /opt/bitnami/mariadb/secrets/ - {{- end }} - - name: empty-dir - mountPath: /tmp - subPath: tmp-dir - - name: empty-dir - mountPath: /opt/bitnami/mariadb/conf - subPath: app-conf-dir - - name: empty-dir - mountPath: /opt/bitnami/mariadb/tmp - subPath: app-tmp-dir - - name: empty-dir - mountPath: /opt/bitnami/mariadb/logs - subPath: app-logs-dir - {{- if .Values.primary.extraVolumeMounts }} - {{- include "common.tplvalues.render" (dict "value" .Values.primary.extraVolumeMounts "context" $) | nindent 12 }} - {{- end }} - {{- if .Values.metrics.enabled }} - - name: metrics - image: {{ include "mariadb.metrics.image" . }} - imagePullPolicy: {{ .Values.metrics.image.pullPolicy | quote }} - {{- if .Values.metrics.containerSecurityContext.enabled }} - securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.metrics.containerSecurityContext "context" $) | nindent 12 }} - {{- end }} - env: - {{- if .Values.auth.usePasswordFiles }} - - name: MARIADB_ROOT_PASSWORD_FILE - value: {{ default "/opt/bitnami/mysqld-exporter/secrets/mariadb-root-password" .Values.auth.customPasswordFiles.root }} - {{- else }} - - name: MARIADB_ROOT_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "mariadb.secretName" . }} - key: mariadb-root-password - {{- end }} - {{- if .Values.diagnosticMode.enabled }} - command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }} - args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 12 }} - {{- else }} - command: - - /bin/bash - - -ec - - | - password_aux="${MARIADB_ROOT_PASSWORD:-}" - if [[ -f "${MARIADB_ROOT_PASSWORD_FILE:-}" ]]; then - password_aux=$(cat "$MARIADB_ROOT_PASSWORD_FILE") - fi - MYSQLD_EXPORTER_PASSWORD=${password_aux} /bin/mysqld_exporter --mysqld.address=localhost:{{ .Values.primary.containerPorts.mysql }} --mysqld.username=root --web.listen-address=:{{ .Values.metrics.containerPorts.http }} {{- range .Values.metrics.extraArgs.primary }} {{ . }} {{- end }} - {{- end }} - ports: - - name: metrics - containerPort: {{ .Values.metrics.containerPorts.http }} - {{- if not .Values.diagnosticMode.enabled }} - {{- if .Values.metrics.livenessProbe.enabled }} - livenessProbe: {{- omit .Values.metrics.livenessProbe "enabled" | toYaml | nindent 12 }} - httpGet: - path: /metrics - port: metrics - {{- end }} - {{- if .Values.metrics.readinessProbe.enabled }} - readinessProbe: {{- omit .Values.metrics.readinessProbe "enabled" | toYaml | nindent 12 }} - httpGet: - path: /metrics - port: metrics - {{- end }} - {{- end }} - {{- if .Values.metrics.resources }} - resources: {{- toYaml .Values.metrics.resources | nindent 12 }} - {{- else if ne .Values.metrics.resourcesPreset "none" }} - resources: {{- include "common.resources.preset" (dict "type" .Values.metrics.resourcesPreset) | nindent 12 }} - {{- end }} - volumeMounts: - - name: empty-dir - mountPath: /tmp - subPath: tmp-dir - {{- if and .Values.auth.usePasswordFiles (not .Values.auth.customPasswordFiles) }} - - name: mariadb-credentials - mountPath: /opt/bitnami/mysqld-exporter/secrets/ - {{- end }} - {{- if .Values.metrics.extraVolumeMounts.primary }} - {{- include "common.tplvalues.render" (dict "value" .Values.metrics.extraVolumeMounts.primary "context" $) | nindent 12 }} - {{- end }} - {{- end }} - {{- if .Values.primary.sidecars }} - {{- include "common.tplvalues.render" (dict "value" .Values.primary.sidecars "context" $) | nindent 8 }} - {{- end }} - volumes: - - name: empty-dir - emptyDir: {} - {{- if or .Values.primary.configuration .Values.primary.existingConfigmap }} - - name: config - configMap: - name: {{ include "mariadb.primary.configmapName" . }} - {{- end }} - {{- if or .Values.initdbScriptsConfigMap .Values.initdbScripts }} - - name: custom-init-scripts - configMap: - name: {{ template "mariadb.initdbScriptsCM" . }} - {{- end }} - {{- if and .Values.auth.usePasswordFiles (not .Values.auth.customPasswordFiles) }} - - name: mariadb-credentials - secret: - secretName: {{ template "mariadb.secretName" . }} - items: - - key: mariadb-root-password - path: mariadb-root-password - - key: mariadb-password - path: mariadb-password - {{- if eq .Values.architecture "replication" }} - - key: mariadb-replication-password - path: mariadb-replication-password - {{- end }} - {{- end }} - {{- if .Values.primary.extraVolumes }} - {{- include "common.tplvalues.render" (dict "value" .Values.primary.extraVolumes "context" $) | nindent 8 }} - {{- end }} - {{- if and .Values.primary.persistence.enabled .Values.primary.persistence.existingClaim }} - - name: data - persistentVolumeClaim: - claimName: {{ tpl .Values.primary.persistence.existingClaim . }} - {{- else if not .Values.primary.persistence.enabled }} - - name: data - emptyDir: {} - {{- else if and .Values.primary.persistence.enabled (not .Values.primary.persistence.existingClaim) }} - volumeClaimTemplates: - - metadata: - name: data - {{- $claimLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.primary.persistence.labels .Values.commonLabels ) "context" . ) }} - labels: {{- include "common.labels.matchLabels" ( dict "customLabels" $claimLabels "context" $ ) | nindent 10 }} - app.kubernetes.io/component: primary - {{- if .Values.primary.persistence.annotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.primary.persistence.annotations "context" $ ) | nindent 10 }} - {{- end }} - spec: - accessModes: - {{- range .Values.primary.persistence.accessModes }} - - {{ . | quote }} - {{- end }} - resources: - requests: - storage: {{ .Values.primary.persistence.size | quote }} - {{ include "common.storage.class" (dict "persistence" .Values.primary.persistence "global" .Values.global) }} - {{- if .Values.primary.persistence.selector }} - selector: {{- include "common.tplvalues.render" (dict "value" .Values.primary.persistence.selector "context" $) | nindent 10 }} - {{- end -}} - {{- end }} diff --git a/charts/mariadb/mariadb/templates/primary/svc.yaml b/charts/mariadb/mariadb/templates/primary/svc.yaml deleted file mode 100644 index b0fc974..0000000 --- a/charts/mariadb/mariadb/templates/primary/svc.yaml +++ /dev/null @@ -1,62 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "mariadb.primary.fullname" . }} - namespace: {{ .Release.Namespace | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - app.kubernetes.io/component: primary - annotations: - {{- if or .Values.primary.service.annotations .Values.commonAnnotations }} - {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.primary.service.annotations .Values.commonAnnotations ) "context" . ) }} - {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} - {{- end }} - {{- if and .Values.metrics.enabled .Values.metrics.annotations }} - {{- include "common.tplvalues.render" ( dict "value" .Values.metrics.annotations "context" $ ) | nindent 4 }} - {{- end }} -spec: - type: {{ .Values.primary.service.type }} - {{- if and .Values.primary.service.clusterIP (eq .Values.primary.service.type "ClusterIP") }} - clusterIP: {{ .Values.primary.service.clusterIP }} - {{- end }} - {{- if and .Values.primary.service.externalTrafficPolicy (or (eq .Values.primary.service.type "LoadBalancer") (eq .Values.primary.service.type "NodePort")) }} - externalTrafficPolicy: {{ .Values.primary.service.externalTrafficPolicy | quote }} - {{- end }} - {{- if and (eq .Values.primary.service.type "LoadBalancer") .Values.primary.service.loadBalancerSourceRanges }} - loadBalancerSourceRanges: {{- toYaml .Values.primary.service.loadBalancerSourceRanges | nindent 4 }} - {{ end }} - {{- if (and (eq .Values.primary.service.type "LoadBalancer") (not (empty .Values.primary.service.loadBalancerIP))) }} - loadBalancerIP: {{ .Values.primary.service.loadBalancerIP }} - {{- end }} - {{- if .Values.primary.service.sessionAffinity }} - sessionAffinity: {{ .Values.primary.service.sessionAffinity }} - {{- end }} - {{- if .Values.primary.service.sessionAffinityConfig }} - sessionAffinityConfig: {{- include "common.tplvalues.render" (dict "value" .Values.primary.service.sessionAffinityConfig "context" $) | nindent 4 }} - {{- end }} - ports: - - name: mysql - port: {{ coalesce .Values.primary.service.ports.mysql .Values.primary.service.port }} - protocol: TCP - targetPort: mysql - {{- if (and (or (eq .Values.primary.service.type "NodePort") (eq .Values.primary.service.type "LoadBalancer")) (coalesce .Values.primary.service.nodePorts.mysql .Values.primary.service.nodePort)) }} - nodePort: {{ coalesce .Values.primary.service.nodePorts.mysql .Values.primary.service.nodePort }} - {{- else if eq .Values.primary.service.type "ClusterIP" }} - nodePort: null - {{- end }} - {{- if and .Values.metrics.enabled (gt (.Values.primary.service.ports.metrics | int) 0) }} - - name: metrics - port: {{ .Values.primary.service.ports.metrics }} - protocol: TCP - targetPort: metrics - {{- end }} - {{- if .Values.primary.service.extraPorts }} - {{- include "common.tplvalues.render" (dict "value" .Values.primary.service.extraPorts "context" $) | nindent 4 }} - {{- end }} - {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.primary.podLabels .Values.commonLabels ) "context" . ) }} - selector: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 4 }} - app.kubernetes.io/component: primary diff --git a/charts/mariadb/mariadb/templates/prometheusrules.yaml b/charts/mariadb/mariadb/templates/prometheusrules.yaml deleted file mode 100644 index d24f0e2..0000000 --- a/charts/mariadb/mariadb/templates/prometheusrules.yaml +++ /dev/null @@ -1,24 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if and .Values.metrics.enabled .Values.metrics.prometheusRule.enabled }} -apiVersion: monitoring.coreos.com/v1 -kind: PrometheusRule -metadata: - name: {{ include "common.names.fullname" . }} - namespace: {{ default .Release.Namespace .Values.metrics.prometheusRule.namespace | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - app.kubernetes.io/component: metrics - {{- if .Values.metrics.prometheusRule.additionalLabels }} - {{- include "common.tplvalues.render" ( dict "value" .Values.metrics.prometheusRule.additionalLabels "context" $ ) | nindent 4 }} - {{- end }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -spec: - groups: - - name: {{ include "common.names.fullname" . }} - rules: {{- include "common.tplvalues.render" ( dict "value" .Values.metrics.prometheusRule.rules "context" $ ) | nindent 6 }} -{{- end }} diff --git a/charts/mariadb/mariadb/templates/role.yaml b/charts/mariadb/mariadb/templates/role.yaml deleted file mode 100644 index 4102e66..0000000 --- a/charts/mariadb/mariadb/templates/role.yaml +++ /dev/null @@ -1,23 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if and .Values.serviceAccount.create .Values.rbac.create }} -apiVersion: {{ include "common.capabilities.rbac.apiVersion" . }} -kind: Role -metadata: - name: {{ include "common.names.fullname" . }} - namespace: {{ .Release.Namespace | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -rules: - - apiGroups: - - "" - resources: - - endpoints - verbs: - - get -{{- end }} diff --git a/charts/mariadb/mariadb/templates/rolebinding.yaml b/charts/mariadb/mariadb/templates/rolebinding.yaml deleted file mode 100644 index 08d8b3d..0000000 --- a/charts/mariadb/mariadb/templates/rolebinding.yaml +++ /dev/null @@ -1,23 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if and .Values.serviceAccount.create .Values.rbac.create }} -kind: RoleBinding -apiVersion: {{ include "common.capabilities.rbac.apiVersion" . }} -metadata: - name: {{ include "common.names.fullname" . }} - namespace: {{ .Release.Namespace | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -subjects: - - kind: ServiceAccount - name: {{ include "mariadb.serviceAccountName" . }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: {{ include "common.names.fullname" . -}} -{{- end }} diff --git a/charts/mariadb/mariadb/templates/secondary/configmap.yaml b/charts/mariadb/mariadb/templates/secondary/configmap.yaml deleted file mode 100644 index 770173f..0000000 --- a/charts/mariadb/mariadb/templates/secondary/configmap.yaml +++ /dev/null @@ -1,20 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if (include "mariadb.secondary.createConfigmap" .) }} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "mariadb.secondary.fullname" . }} - namespace: {{ .Release.Namespace | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - app.kubernetes.io/component: secondary - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -data: - my.cnf: |- - {{- include "common.tplvalues.render" ( dict "value" .Values.secondary.configuration "context" $ ) | nindent 4 }} -{{- end -}} diff --git a/charts/mariadb/mariadb/templates/secondary/pdb.yaml b/charts/mariadb/mariadb/templates/secondary/pdb.yaml deleted file mode 100644 index 1e6b2c6..0000000 --- a/charts/mariadb/mariadb/templates/secondary/pdb.yaml +++ /dev/null @@ -1,28 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if and (eq .Values.architecture "replication") .Values.secondary.pdb.create }} -apiVersion: {{ include "common.capabilities.policy.apiVersion" . }} -kind: PodDisruptionBudget -metadata: - name: {{ include "mariadb.secondary.fullname" . }} - namespace: {{ .Release.Namespace | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - app.kubernetes.io/component: secondary - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -spec: - {{- if .Values.secondary.pdb.minAvailable }} - minAvailable: {{ .Values.secondary.pdb.minAvailable }} - {{- end }} - {{- if or .Values.secondary.pdb.maxUnavailable (not .Values.secondary.pdb.minAvailable) }} - maxUnavailable: {{ .Values.secondary.pdb.maxUnavailable | default 1 }} - {{- end }} - {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.secondary.podLabels .Values.commonLabels ) "context" . ) }} - selector: - matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }} - app.kubernetes.io/component: secondary -{{- end }} diff --git a/charts/mariadb/mariadb/templates/secondary/statefulset.yaml b/charts/mariadb/mariadb/templates/secondary/statefulset.yaml deleted file mode 100644 index b8560c4..0000000 --- a/charts/mariadb/mariadb/templates/secondary/statefulset.yaml +++ /dev/null @@ -1,414 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if eq .Values.architecture "replication" }} -apiVersion: {{ include "common.capabilities.statefulset.apiVersion" . }} -kind: StatefulSet -metadata: - name: {{ include "mariadb.secondary.fullname" . }} - namespace: {{ .Release.Namespace | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - app.kubernetes.io/component: secondary - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -spec: - replicas: {{ .Values.secondary.replicaCount }} - revisionHistoryLimit: {{ .Values.secondary.revisionHistoryLimit }} - {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.secondary.podLabels .Values.commonLabels ) "context" . ) }} - selector: - matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }} - app.kubernetes.io/component: secondary - serviceName: {{ include "mariadb.secondary.fullname" . }} - podManagementPolicy: {{ .Values.secondary.podManagementPolicy }} - {{- if .Values.secondary.updateStrategy }} - updateStrategy: {{- toYaml .Values.secondary.updateStrategy | nindent 4 }} - {{- end }} - template: - metadata: - annotations: - {{- if (include "mariadb.secondary.createConfigmap" .) }} - checksum/configuration: {{ include (print $.Template.BasePath "/secondary/configmap.yaml") . | sha256sum }} - {{- end }} - {{- if .Values.secondary.podAnnotations }} - {{- include "common.tplvalues.render" (dict "value" .Values.secondary.podAnnotations "context" $) | nindent 8 }} - {{- end }} - labels: {{- include "common.labels.standard" ( dict "customLabels" $podLabels "context" $ ) | nindent 8 }} - app.kubernetes.io/component: secondary - spec: - {{- include "mariadb.imagePullSecrets" . | nindent 6 }} - {{- if or .Values.secondary.schedulerName .Values.schedulerName }} - schedulerName: {{ (coalesce .Values.secondary.schedulerName .Values.schedulerName) | quote }} - {{- end }} - serviceAccountName: {{ template "mariadb.serviceAccountName" . }} - automountServiceAccountToken: {{ .Values.secondary.automountServiceAccountToken }} - {{- if .Values.secondary.hostAliases }} - hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.secondary.hostAliases "context" $) | nindent 8 }} - {{- end }} - {{- if .Values.secondary.affinity }} - affinity: {{- include "common.tplvalues.render" (dict "value" .Values.secondary.affinity "context" $) | nindent 8 }} - {{- else }} - affinity: - podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.secondary.podAffinityPreset "component" "secondary" "customLabels" $podLabels "context" $) | nindent 10 }} - podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.secondary.podAntiAffinityPreset "component" "secondary" "customLabels" $podLabels "context" $) | nindent 10 }} - nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.secondary.nodeAffinityPreset.type "key" .Values.secondary.nodeAffinityPreset.key "values" .Values.secondary.nodeAffinityPreset.values) | nindent 10 }} - {{- end }} - {{- if .Values.secondary.nodeSelector }} - nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.secondary.nodeSelector "context" $) | nindent 8 }} - {{- end }} - {{- if .Values.secondary.tolerations }} - tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.secondary.tolerations "context" $) | nindent 8 }} - {{- end }} - {{- if .Values.secondary.topologySpreadConstraints }} - topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.secondary.topologySpreadConstraints "context" $) | nindent 8 }} - {{- end }} - {{- if .Values.secondary.priorityClassName }} - priorityClassName: {{ .Values.secondary.priorityClassName | quote }} - {{- else if .Values.priorityClassName }} - priorityClassName: {{ .Values.priorityClassName | quote }} - {{- end }} - {{- if .Values.secondary.runtimeClassName }} - runtimeClassName: {{ .Values.secondary.runtimeClassName | quote }} - {{- else if .Values.runtimeClassName }} - runtimeClassName: {{ .Values.runtimeClassName | quote }} - {{- end }} - {{- if .Values.secondary.podSecurityContext.enabled }} - securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.secondary.podSecurityContext "context" $) | nindent 8 }} - {{- end }} - initContainers: - - name: preserve-logs-symlinks - image: {{ include "mariadb.image" . }} - imagePullPolicy: {{ .Values.image.pullPolicy | quote }} - {{- if .Values.secondary.containerSecurityContext.enabled }} - securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.primary.containerSecurityContext "context" $) | nindent 12 }} - {{- end }} - {{- if .Values.secondary.resources }} - resources: {{ toYaml .Values.secondary.resources | nindent 12 }} - {{- else if ne .Values.secondary.resourcesPreset "none" }} - resources: {{- include "common.resources.preset" (dict "type" .Values.secondary.resourcesPreset) | nindent 12 }} - {{- end }} - command: - - /bin/bash - args: - - -ec - - | - #!/bin/bash - - . /opt/bitnami/scripts/libfs.sh - # We copy the logs folder because it has symlinks to stdout and stderr - if ! is_dir_empty /opt/bitnami/mariadb/logs; then - cp -r /opt/bitnami/mariadb/logs /emptydir/app-logs-dir - fi - volumeMounts: - - name: empty-dir - mountPath: /emptydir - {{- if and .Values.secondary.podSecurityContext.enabled .Values.volumePermissions.enabled .Values.secondary.persistence.enabled }} - - name: volume-permissions - image: {{ include "mariadb.volumePermissions.image" . }} - imagePullPolicy: {{ .Values.volumePermissions.image.pullPolicy | quote }} - command: - - /bin/bash - - -ec - - | - chown -R {{ .Values.secondary.containerSecurityContext.runAsUser }}:{{ .Values.secondary.podSecurityContext.fsGroup }} /bitnami/mariadb - securityContext: - runAsUser: 0 - {{- if .Values.volumePermissions.resources }} - resources: {{- toYaml .Values.volumePermissions.resources | nindent 12 }} - {{- else if ne .Values.volumePermissions.resourcesPreset "none" }} - resources: {{- include "common.resources.preset" (dict "type" .Values.volumePermissions.resourcesPreset) | nindent 12 }} - {{- end }} - volumeMounts: - - name: data - mountPath: /bitnami/mariadb - {{- if .Values.secondary.persistence.subPath }} - subPath: {{ .Values.secondary.persistence.subPath }} - {{- end }} - - name: empty-dir - mountPath: /tmp - subPath: tmp-dir - {{- end }} - {{- if .Values.secondary.initContainers }} - {{- include "common.tplvalues.render" (dict "value" .Values.secondary.initContainers "context" $) | nindent 8 }} - {{- end }} - containers: - - name: mariadb - image: {{ include "mariadb.image" . }} - imagePullPolicy: {{ .Values.image.pullPolicy | quote }} - {{- if .Values.secondary.containerSecurityContext.enabled }} - securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.secondary.containerSecurityContext "context" $) | nindent 12 }} - {{- end }} - {{- if .Values.diagnosticMode.enabled }} - command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }} - {{- else if .Values.secondary.command }} - command: {{- include "common.tplvalues.render" (dict "value" .Values.secondary.command "context" $) | nindent 12 }} - {{- end }} - {{- if .Values.diagnosticMode.enabled }} - args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 12 }} - {{- else if .Values.secondary.args }} - args: {{- include "common.tplvalues.render" (dict "value" .Values.secondary.args "context" $) | nindent 12 }} - {{- end }} - {{- if .Values.secondary.lifecycleHooks }} - lifecycle: {{- include "common.tplvalues.render" (dict "value" .Values.secondary.lifecycleHooks "context" $) | nindent 12 }} - {{- end }} - env: - - name: BITNAMI_DEBUG - value: {{ ternary "true" "false" (or .Values.image.debug .Values.diagnosticMode.enabled) | quote }} - - name: MARIADB_REPLICATION_MODE - value: "slave" - - name: MARIADB_MASTER_HOST - value: {{ include "mariadb.primary.fullname" . }} - - name: MARIADB_MASTER_PORT_NUMBER - value: {{ coalesce .Values.primary.service.ports.mysql .Values.primary.service.port | quote }} - - name: MARIADB_MASTER_ROOT_USER - value: "root" - {{- if .Values.auth.usePasswordFiles }} - - name: MARIADB_MASTER_ROOT_PASSWORD_FILE - value: {{ default "/opt/bitnami/mariadb/secrets/mariadb-root-password" .Values.auth.customPasswordFiles.root }} - {{- else }} - - name: MARIADB_MASTER_ROOT_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "mariadb.secretName" . }} - key: mariadb-root-password - {{- end }} - - name: MARIADB_REPLICATION_USER - value: {{ .Values.auth.replicationUser | quote }} - {{- if .Values.auth.usePasswordFiles }} - - name: MARIADB_REPLICATION_PASSWORD_FILE - value: {{ default "/opt/bitnami/mariadb/secrets/mariadb-replication-password" .Values.auth.customPasswordFiles.replicator }} - {{- else }} - - name: MARIADB_REPLICATION_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "mariadb.secretName" . }} - key: mariadb-replication-password - {{- end }} - {{- if .Values.secondary.extraFlags }} - - name: MARIADB_EXTRA_FLAGS - value: "{{ .Values.secondary.extraFlags }}" - {{- end }} - {{- if .Values.secondary.startupWaitOptions }} - - name: MARIADB_STARTUP_WAIT_RETRIES - value: "{{ .Values.secondary.startupWaitOptions.retries | default 300 }}" - - name: MARIADB_STARTUP_WAIT_SLEEP_TIME - value: "{{ .Values.secondary.startupWaitOptions.sleepTime | default 2 }}" - {{- end }} - {{- if .Values.secondary.extraEnvVars }} - {{- include "common.tplvalues.render" (dict "value" .Values.secondary.extraEnvVars "context" $) | nindent 12 }} - {{- end }} - {{- if or .Values.secondary.extraEnvVarsCM .Values.secondary.extraEnvVarsSecret }} - envFrom: - {{- if .Values.secondary.extraEnvVarsCM }} - - configMapRef: - name: {{ .Values.secondary.extraEnvVarsCM }} - {{- end }} - {{- if .Values.secondary.extraEnvVarsSecret }} - - secretRef: - name: {{ .Values.secondary.extraEnvVarsSecret }} - {{- end }} - {{- end }} - ports: - - name: mysql - containerPort: {{ .Values.secondary.containerPorts.mysql }} - {{- if not .Values.diagnosticMode.enabled }} - {{- if .Values.secondary.customStartupProbe }} - startupProbe: {{- include "common.tplvalues.render" (dict "value" .Values.secondary.customStartupProbe "context" $) | nindent 12 }} - {{- else if .Values.secondary.startupProbe.enabled }} - startupProbe: {{- omit .Values.secondary.startupProbe "enabled" | toYaml | nindent 12 }} - exec: - command: - - /bin/bash - - -ec - - | - password_aux="${MARIADB_MASTER_ROOT_PASSWORD:-}" - if [[ -f "${MARIADB_MASTER_ROOT_PASSWORD_FILE:-}" ]]; then - password_aux=$(cat "$MARIADB_MASTER_ROOT_PASSWORD_FILE") - fi - mariadb-admin ping -uroot -p"${password_aux}" - {{- end }} - {{- if .Values.secondary.customLivenessProbe }} - livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.secondary.customLivenessProbe "context" $) | nindent 12 }} - {{- else if .Values.secondary.livenessProbe.enabled }} - livenessProbe: {{- omit .Values.secondary.livenessProbe "enabled" | toYaml | nindent 12 }} - exec: - command: - - /bin/bash - - -ec - - | - password_aux="${MARIADB_MASTER_ROOT_PASSWORD:-}" - if [[ -f "${MARIADB_MASTER_ROOT_PASSWORD_FILE:-}" ]]; then - password_aux=$(cat "$MARIADB_MASTER_ROOT_PASSWORD_FILE") - fi - mariadb-admin status -uroot -p"${password_aux}" - {{- end }} - {{- if .Values.secondary.customReadinessProbe }} - readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.secondary.customReadinessProbe "context" $) | nindent 12 }} - {{- else if .Values.secondary.readinessProbe.enabled }} - readinessProbe: {{- omit .Values.secondary.readinessProbe "enabled" | toYaml | nindent 12 }} - exec: - command: - - /bin/bash - - -ec - - | - password_aux="${MARIADB_MASTER_ROOT_PASSWORD:-}" - if [[ -f "${MARIADB_MASTER_ROOT_PASSWORD_FILE:-}" ]]; then - password_aux=$(cat "$MARIADB_MASTER_ROOT_PASSWORD_FILE") - fi - mariadb-admin ping -uroot -p"${password_aux}" - {{- end }} - {{- end }} - {{- if .Values.secondary.resources }} - resources: {{ toYaml .Values.secondary.resources | nindent 12 }} - {{- else if ne .Values.secondary.resourcesPreset "none" }} - resources: {{- include "common.resources.preset" (dict "type" .Values.secondary.resourcesPreset) | nindent 12 }} - {{- end }} - volumeMounts: - - name: data - mountPath: /bitnami/mariadb - {{- if .Values.secondary.persistence.subPath }} - subPath: {{ .Values.secondary.persistence.subPath }} - {{- end }} - {{- if or .Values.secondary.configuration .Values.secondary.existingConfigmap }} - - name: config - mountPath: /opt/bitnami/mariadb/conf/my.cnf - subPath: my.cnf - {{- end }} - {{- if and .Values.auth.usePasswordFiles (not .Values.auth.customPasswordFiles) }} - - name: mariadb-credentials - mountPath: /opt/bitnami/mariadb/secrets/ - {{- end }} - {{- if .Values.secondary.extraVolumeMounts }} - {{- include "common.tplvalues.render" (dict "value" .Values.secondary.extraVolumeMounts "context" $) | nindent 12 }} - {{- end }} - - name: empty-dir - mountPath: /tmp - subPath: tmp-dir - - name: empty-dir - mountPath: /opt/bitnami/mariadb/conf - subPath: app-conf-dir - - name: empty-dir - mountPath: /opt/bitnami/mariadb/tmp - subPath: app-tmp-dir - - name: empty-dir - mountPath: /opt/bitnami/mariadb/logs - subPath: app-logs-dir - {{- if .Values.metrics.enabled }} - - name: metrics - image: {{ include "mariadb.metrics.image" . }} - imagePullPolicy: {{ .Values.metrics.image.pullPolicy | quote }} - {{- if .Values.metrics.containerSecurityContext.enabled }} - securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.metrics.containerSecurityContext "context" $) | nindent 12 }} - {{- end }} - env: - {{- if .Values.auth.usePasswordFiles }} - - name: MARIADB_ROOT_PASSWORD_FILE - value: {{ default "/opt/bitnami/mysqld-exporter/secrets/mariadb-root-password" .Values.auth.customPasswordFiles.root }} - {{- else }} - - name: MARIADB_ROOT_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "mariadb.secretName" . }} - key: mariadb-root-password - {{- end }} - {{- if .Values.diagnosticMode.enabled }} - command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }} - args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 12 }} - {{- else }} - command: - - /bin/bash - - -ec - - | - password_aux="${MARIADB_ROOT_PASSWORD:-}" - if [[ -f "${MARIADB_ROOT_PASSWORD_FILE:-}" ]]; then - password_aux=$(cat "$MARIADB_ROOT_PASSWORD_FILE") - fi - MYSQLD_EXPORTER_PASSWORD=${password_aux} /bin/mysqld_exporter --mysqld.address=localhost:{{ .Values.secondary.containerPorts.mysql }} --mysqld.username=root --web.listen-address=:{{ .Values.metrics.containerPorts.http }} {{- range .Values.metrics.extraArgs.primary }} {{ . }} {{- end }} - {{- end }} - ports: - - name: metrics - containerPort: {{ .Values.metrics.containerPorts.http }} - {{- if not .Values.diagnosticMode.enabled }} - {{- if .Values.metrics.livenessProbe.enabled }} - livenessProbe: {{- omit .Values.metrics.livenessProbe "enabled" | toYaml | nindent 12 }} - httpGet: - path: /metrics - port: metrics - {{- end }} - {{- if .Values.metrics.readinessProbe.enabled }} - readinessProbe: {{- omit .Values.metrics.readinessProbe "enabled" | toYaml | nindent 12 }} - httpGet: - path: /metrics - port: metrics - {{- end }} - {{- end }} - {{- if .Values.metrics.resources }} - resources: {{- toYaml .Values.metrics.resources | nindent 12 }} - {{- else if ne .Values.metrics.resourcesPreset "none" }} - resources: {{- include "common.resources.preset" (dict "type" .Values.metrics.resourcesPreset) | nindent 12 }} - {{- end }} - volumeMounts: - {{- if and .Values.auth.usePasswordFiles (not .Values.auth.customPasswordFiles) }} - - name: mariadb-credentials - mountPath: /opt/bitnami/mysqld-exporter/secrets/ - {{- end }} - - name: empty-dir - mountPath: /tmp - subPath: app-tmp-dir - {{- if .Values.metrics.extraVolumeMounts.secondary }} - {{- include "common.tplvalues.render" (dict "value" .Values.metrics.extraVolumeMounts.secondary "context" $) | nindent 12 }} - {{- end }} - {{- end }} - {{- if .Values.secondary.sidecars }} - {{- include "common.tplvalues.render" (dict "value" .Values.secondary.sidecars "context" $) | nindent 8 }} - {{- end }} - volumes: - {{- if or .Values.secondary.configuration .Values.secondary.existingConfigmap }} - - name: config - configMap: - name: {{ include "mariadb.secondary.configmapName" . }} - {{- end }} - {{- if and .Values.auth.usePasswordFiles (not .Values.auth.customPasswordFiles) }} - - name: mariadb-credentials - secret: - secretName: {{ template "mariadb.secretName" . }} - items: - - key: mariadb-root-password - path: mariadb-root-password - - key: mariadb-replication-password - path: mariadb-replication-password - {{- end }} - - name: empty-dir - emptyDir: {} - {{- if .Values.secondary.extraVolumes }} - {{- include "common.tplvalues.render" (dict "value" .Values.secondary.extraVolumes "context" $) | nindent 8 }} - {{- end }} - {{- if not .Values.secondary.persistence.enabled }} - - name: data - emptyDir: {} - {{- else }} - volumeClaimTemplates: - - metadata: - name: data - {{- $claimLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.secondary.persistence.labels .Values.commonLabels ) "context" . ) }} - labels: {{- include "common.labels.matchLabels" ( dict "customLabels" $claimLabels "context" $ ) | nindent 10 }} - app.kubernetes.io/component: secondary - {{- if .Values.secondary.persistence.annotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.secondary.persistence.annotations "context" $ ) | nindent 10 }} - {{- end }} - spec: - accessModes: - {{- range .Values.secondary.persistence.accessModes }} - - {{ . | quote }} - {{- end }} - resources: - requests: - storage: {{ .Values.secondary.persistence.size | quote }} - {{ include "common.storage.class" (dict "persistence" .Values.secondary.persistence "global" .Values.global) }} - {{- if .Values.secondary.persistence.selector }} - selector: {{- include "common.tplvalues.render" (dict "value" .Values.secondary.persistence.selector "context" $) | nindent 10 }} - {{- end -}} - {{- end }} -{{- end }} diff --git a/charts/mariadb/mariadb/templates/secondary/svc.yaml b/charts/mariadb/mariadb/templates/secondary/svc.yaml deleted file mode 100644 index cd6f1d1..0000000 --- a/charts/mariadb/mariadb/templates/secondary/svc.yaml +++ /dev/null @@ -1,64 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if eq .Values.architecture "replication" }} -apiVersion: v1 -kind: Service -metadata: - name: {{ include "mariadb.secondary.fullname" . }} - namespace: {{ .Release.Namespace | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - app.kubernetes.io/component: secondary - annotations: - {{- if or .Values.secondary.service.annotations .Values.commonAnnotations }} - {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.secondary.service.annotations .Values.commonAnnotations ) "context" . ) }} - {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} - {{- end }} - {{- if and .Values.metrics.enabled .Values.metrics.annotations }} - {{- include "common.tplvalues.render" ( dict "value" .Values.metrics.annotations "context" $ ) | nindent 4 }} - {{- end }} -spec: - type: {{ .Values.secondary.service.type }} - {{- if and .Values.secondary.service.clusterIP (eq .Values.secondary.service.type "ClusterIP") }} - clusterIP: {{ .Values.secondary.service.clusterIP }} - {{- end }} - {{- if and .Values.secondary.service.externalTrafficPolicy (or (eq .Values.secondary.service.type "LoadBalancer") (eq .Values.secondary.service.type "NodePort")) }} - externalTrafficPolicy: {{ .Values.secondary.service.externalTrafficPolicy | quote }} - {{- end }} - {{- if and (eq .Values.secondary.service.type "LoadBalancer") .Values.secondary.service.loadBalancerSourceRanges }} - loadBalancerSourceRanges: {{- toYaml .Values.secondary.service.loadBalancerSourceRanges | nindent 4 }} - {{ end }} - {{- if and (eq .Values.secondary.service.type "LoadBalancer") (not (empty .Values.secondary.service.loadBalancerIP)) }} - loadBalancerIP: {{ .Values.secondary.service.loadBalancerIP }} - {{- end }} - {{- if .Values.secondary.service.sessionAffinity }} - sessionAffinity: {{ .Values.secondary.service.sessionAffinity }} - {{- end }} - {{- if .Values.secondary.service.sessionAffinityConfig }} - sessionAffinityConfig: {{- include "common.tplvalues.render" (dict "value" .Values.secondary.service.sessionAffinityConfig "context" $) | nindent 4 }} - {{- end }} - ports: - - name: mysql - port: {{ coalesce .Values.secondary.service.ports.mysql .Values.secondary.service.port }} - protocol: TCP - targetPort: mysql - {{- if (and (or (eq .Values.secondary.service.type "NodePort") (eq .Values.secondary.service.type "LoadBalancer")) (coalesce .Values.secondary.service.nodePorts.mysql .Values.secondary.service.nodePort)) }} - nodePort: {{ coalesce .Values.secondary.service.nodePorts.mysql .Values.secondary.service.nodePort }} - {{- else if eq .Values.secondary.service.type "ClusterIP" }} - nodePort: null - {{- end }} - {{- if and .Values.metrics.enabled (gt (.Values.secondary.service.ports.metrics | int) 0) }} - - name: metrics - port: {{ .Values.secondary.service.ports.metrics }} - protocol: TCP - targetPort: metrics - {{- end }} - {{- if .Values.secondary.service.extraPorts }} - {{- include "common.tplvalues.render" (dict "value" .Values.secondary.service.extraPorts "context" $) | nindent 4 }} - {{- end }} - {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.secondary.podLabels .Values.commonLabels ) "context" . ) }} - selector: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 4 }} - app.kubernetes.io/component: secondary -{{- end }} diff --git a/charts/mariadb/mariadb/templates/secrets.yaml b/charts/mariadb/mariadb/templates/secrets.yaml deleted file mode 100644 index 9551ee2..0000000 --- a/charts/mariadb/mariadb/templates/secrets.yaml +++ /dev/null @@ -1,98 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- $host := include "mariadb.primary.fullname" . }} -{{- $port := print .Values.primary.service.ports.mysql }} -{{- $rootPassword := include "common.secrets.passwords.manage" ( dict "secret" ( include "mariadb.secretName" . ) "key" "mariadb-root-password" "providedValues" ( list "auth.rootPassword" ) "context" $ ) | trimAll "\"" | b64dec }} -{{- $password := .Values.auth.password }} -{{- if and .Values.auth.username ( include "mariadb.secret.existPassword" . ) }} -{{- $password = include "common.secrets.passwords.manage" ( dict "secret" ( include "mariadb.secretName" . ) "key" "mariadb-password" "providedValues" ( list "auth.password" ) "context" $ ) | trimAll "\"" | b64dec }} -{{- else if ( and .Values.auth.username ( not .Values.auth.forcePassword ) ( empty .Values.auth.password ) ) }} -{{- $password = randAlphaNum 10 }} -{{- end }} -{{- if eq ( include "mariadb.createSecret" . ) "true" }} -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.names.fullname" . }} - namespace: {{ .Release.Namespace | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -type: Opaque -data: - {{- if ( not .Values.auth.forcePassword ) }} - mariadb-root-password: {{ print $rootPassword | b64enc | quote }} - {{- else }} - mariadb-root-password: {{ required "A MariaDB Root Password is required!" .Values.auth.rootPassword | b64enc | quote }} - {{- end }} - {{- if .Values.auth.username }} - {{- if ( not .Values.auth.forcePassword ) }} - mariadb-password: {{ print $password | b64enc | quote }} - {{- else }} - mariadb-password: {{ required "A MariaDB Database Password is required!" $password | b64enc | quote }} - {{- end }} - {{- end }} - {{- if eq .Values.architecture "replication" }} - {{- if ( not .Values.auth.forcePassword ) }} - mariadb-replication-password: {{ include "common.secrets.passwords.manage" ( dict "secret" ( include "common.names.fullname" . ) "key" "mariadb-replication-password" "providedValues" ( list "auth.replicationPassword" ) "context" $ ) }} - {{- else }} - mariadb-replication-password: {{ required "A MariaDB Replication Password is required!" .Values.auth.replicationPassword | b64enc | quote }} - {{- end }} - {{- end }} -{{- end }} - -{{- if .Values.serviceBindings.enabled }} ---- -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.names.fullname" . }}-svcbind-root - namespace: {{ .Release.Namespace | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -type: servicebinding.io/mysql -data: - provider: {{ print "bitnami" | b64enc | quote }} - type: {{ print "mysql" | b64enc | quote }} - host: {{ print $host | b64enc | quote }} - port: {{ print $port | b64enc | quote }} - username: {{ print "root" | b64enc | quote }} - password: {{ print $rootPassword | b64enc | quote }} - uri: {{ printf "mysql://root:%s@%s:%s" $rootPassword $host $port | b64enc | quote }} - -{{- if .Values.auth.username }} -{{- $database := .Values.auth.database }} ---- -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.names.fullname" . }}-svcbind-custom-user - namespace: {{ .Release.Namespace | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -type: servicebinding.io/mysql -data: - provider: {{ print "bitnami" | b64enc | quote }} - type: {{ print "mysql" | b64enc | quote }} - host: {{ print $host | b64enc | quote }} - port: {{ print $port | b64enc | quote }} - username: {{ print .Values.auth.username | b64enc | quote }} - {{- if $database }} - database: {{ print $database | b64enc | quote }} - {{- end }} - {{- if and .Values.auth.forcePassword ( empty $password ) }} - password: {{ required "A MariaDB Database Password is required!" $password | b64enc | quote }} - {{- else }} - password: {{ print $password | b64enc | quote }} - {{- end }} - uri: {{ printf "mysql://%s:%s@%s:%s/%s" .Values.auth.username $password $host $port $database | b64enc | quote }} -{{- end }} -{{- end }} diff --git a/charts/mariadb/mariadb/templates/serviceaccount.yaml b/charts/mariadb/mariadb/templates/serviceaccount.yaml deleted file mode 100644 index 411decf..0000000 --- a/charts/mariadb/mariadb/templates/serviceaccount.yaml +++ /dev/null @@ -1,18 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if .Values.serviceAccount.create }} -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ include "mariadb.serviceAccountName" . }} - namespace: {{ .Release.Namespace | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- if or .Values.serviceAccount.annotations .Values.commonAnnotations }} - {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.serviceAccount.annotations .Values.commonAnnotations ) "context" . ) }} - annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} - {{- end }} -automountServiceAccountToken: {{ .Values.serviceAccount.automountServiceAccountToken }} -{{- end }} diff --git a/charts/mariadb/mariadb/templates/servicemonitor.yaml b/charts/mariadb/mariadb/templates/servicemonitor.yaml deleted file mode 100644 index 046189d..0000000 --- a/charts/mariadb/mariadb/templates/servicemonitor.yaml +++ /dev/null @@ -1,44 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if and .Values.metrics.enabled .Values.metrics.serviceMonitor.enabled }} -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: {{ include "common.names.fullname" . }} - namespace: {{ default .Release.Namespace .Values.metrics.serviceMonitor.namespace | quote }} - {{- $labels := include "common.tplvalues.merge" ( dict "values" ( list .Values.metrics.serviceMonitor.labels .Values.commonLabels ) "context" . ) }} - labels: {{- include "common.labels.standard" ( dict "customLabels" $labels "context" $ ) | nindent 4 }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -spec: - jobLabel: {{ .Values.metrics.serviceMonitor.jobLabel | quote }} - endpoints: - - port: metrics - {{- if .Values.metrics.serviceMonitor.interval }} - interval: {{ .Values.metrics.serviceMonitor.interval }} - {{- end }} - {{- if .Values.metrics.serviceMonitor.scrapeTimeout }} - scrapeTimeout: {{ .Values.metrics.serviceMonitor.scrapeTimeout }} - {{- end }} - {{- if .Values.metrics.serviceMonitor.honorLabels }} - honorLabels: {{ .Values.metrics.serviceMonitor.honorLabels }} - {{- end }} - {{- if .Values.metrics.serviceMonitor.metricRelabelings }} - metricRelabelings: {{- include "common.tplvalues.render" ( dict "value" .Values.metrics.serviceMonitor.metricRelabelings "context" $) | nindent 8 }} - {{- end }} - {{- if .Values.metrics.serviceMonitor.relabelings }} - relabelings: {{- include "common.tplvalues.render" ( dict "value" .Values.metrics.serviceMonitor.relabelings "context" $) | nindent 8 }} - {{- end }} - namespaceSelector: - matchNames: - - {{ .Release.Namespace | quote }} - selector: - matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 6 }} - {{- if .Values.metrics.serviceMonitor.selector }} - {{- include "common.tplvalues.render" (dict "value" .Values.metrics.serviceMonitor.selector "context" $) | nindent 6 }} - {{- end }} -{{- end }} diff --git a/charts/mariadb/mariadb/values.schema.json b/charts/mariadb/mariadb/values.schema.json deleted file mode 100644 index 500c4eb..0000000 --- a/charts/mariadb/mariadb/values.schema.json +++ /dev/null @@ -1,176 +0,0 @@ -{ - "$schema": "http://json-schema.org/schema#", - "type": "object", - "properties": { - "architecture": { - "type": "string", - "title": "MariaDB architecture", - "form": true, - "description": "Allowed values: `standalone` or `replication`" - }, - "auth": { - "type": "object", - "title": "Authentication configuration", - "form": true, - "properties": { - "rootPassword": { - "type": "string", - "title": "MariaDB root password", - "form": true, - "description": "Defaults to a random 10-character alphanumeric string if not set" - }, - "database": { - "type": "string", - "title": "MariaDB custom database", - "description": "Name of the custom database to be created during the 1st initialization of MariaDB", - "form": true - }, - "username": { - "type": "string", - "title": "MariaDB custom user", - "description": "Name of the custom user to be created during the 1st initialization of MariaDB. This user only has permissions on the MariaDB custom database", - "form": true - }, - "password": { - "type": "string", - "title": "Password for MariaDB custom user", - "description": "Defaults to a random 10-character alphanumeric string if not set", - "form": true, - "hidden": { - "value": false, - "path": "usePassword" - } - }, - "replicationUser": { - "type": "string", - "title": "MariaDB replication user", - "description": "Name of user used to manage replication.", - "form": true, - "hidden": { - "value": "standalone", - "path": "architecture" - } - }, - "replicationPassword": { - "type": "string", - "title": "Password for MariaDB replication user", - "description": "Defaults to a random 10-character alphanumeric string if not set", - "form": true, - "hidden": { - "value": "standalone", - "path": "architecture" - } - } - } - }, - "primary": { - "type": "object", - "title": "Primary replicas settings", - "form": true, - "properties": { - "persistence": { - "type": "object", - "title": "Persistence for primary replicas", - "form": true, - "properties": { - "enabled": { - "type": "boolean", - "form": true, - "title": "Enable persistence", - "description": "Enable persistence using Persistent Volume Claims" - }, - "size": { - "type": "string", - "title": "Persistent Volume Size", - "form": true, - "render": "slider", - "sliderMin": 1, - "sliderMax": 100, - "sliderUnit": "Gi", - "hidden": { - "value": false, - "path": "persistence/enabled" - } - } - } - } - } - }, - "secondary": { - "type": "object", - "title": "Secondary replicas settings", - "form": true, - "hidden": { - "value": false, - "path": "replication/enabled" - }, - "properties": { - "persistence": { - "type": "object", - "title": "Persistence for secondary replicas", - "form": true, - "properties": { - "enabled": { - "type": "boolean", - "form": true, - "title": "Enable persistence", - "description": "Enable persistence using Persistent Volume Claims" - }, - "size": { - "type": "string", - "title": "Persistent Volume Size", - "form": true, - "render": "slider", - "sliderMin": 1, - "sliderMax": 100, - "sliderUnit": "Gi", - "hidden": { - "value": false, - "path": "persistence/enabled" - } - } - } - } - } - }, - "volumePermissions": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "form": true, - "title": "Enable Init Containers", - "description": "Use an init container to set required folder permissions on the data volume before mounting it in the final destination" - } - } - }, - "metrics": { - "type": "object", - "form": true, - "title": "Prometheus metrics details", - "properties": { - "enabled": { - "type": "boolean", - "title": "Create Prometheus metrics exporter", - "description": "Create a side-car container to expose Prometheus metrics", - "form": true - }, - "serviceMonitor": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "title": "Create Prometheus Operator ServiceMonitor", - "description": "Create a ServiceMonitor to track metrics using Prometheus Operator", - "form": true, - "hidden": { - "value": false, - "path": "metrics/enabled" - } - } - } - } - } - } - } -} diff --git a/charts/mariadb/mariadb/values.yaml b/charts/mariadb/mariadb/values.yaml deleted file mode 100644 index c6c7e31..0000000 --- a/charts/mariadb/mariadb/values.yaml +++ /dev/null @@ -1,1373 +0,0 @@ -# Copyright Broadcom, Inc. All Rights Reserved. -# SPDX-License-Identifier: APACHE-2.0 - -## @section Global parameters -## Global Docker image parameters -## Please, note that this will override the image parameters, including dependencies, configured to use the global value -## Current available global Docker image parameters: imageRegistry, imagePullSecrets and storageClass -## - -## @param global.imageRegistry Global Docker Image registry -## @param global.imagePullSecrets Global Docker registry secret names as an array -## @param global.defaultStorageClass Global default StorageClass for Persistent Volume(s) -## @param global.storageClass DEPRECATED: use global.defaultStorageClass instead -## -global: - imageRegistry: "" - ## E.g. - ## imagePullSecrets: - ## - myRegistryKeySecretName - ## - imagePullSecrets: [] - defaultStorageClass: "" - storageClass: "" - ## Compatibility adaptations for Kubernetes platforms - ## - compatibility: - ## Compatibility adaptations for Openshift - ## - openshift: - ## @param global.compatibility.openshift.adaptSecurityContext Adapt the securityContext sections of the deployment to make them compatible with Openshift restricted-v2 SCC: remove runAsUser, runAsGroup and fsGroup and let the platform use their allowed default IDs. Possible values: auto (apply if the detected running cluster is Openshift), force (perform the adaptation always), disabled (do not perform adaptation) - ## - adaptSecurityContext: auto -## @section Common parameters -## - -## @param kubeVersion Force target Kubernetes version (using Helm capabilities if not set) -## -kubeVersion: "" -## @param nameOverride String to partially override mariadb.fullname -## -nameOverride: "" -## @param fullnameOverride String to fully override mariadb.fullname -## -fullnameOverride: "" -## @param clusterDomain Default Kubernetes cluster domain -## -clusterDomain: cluster.local -## @param commonAnnotations Common annotations to add to all MariaDB resources (sub-charts are not considered) -## -commonAnnotations: {} -## @param commonLabels Common labels to add to all MariaDB resources (sub-charts are not considered) -## -commonLabels: {} -## @param schedulerName Name of the scheduler (other than default) to dispatch pods -## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/ -## -schedulerName: "" -## @param runtimeClassName Name of the Runtime Class for all MariaDB pods -## ref: https://kubernetes.io/docs/concepts/containers/runtime-class/ -## -runtimeClassName: "" -## @param extraDeploy Array of extra objects to deploy with the release (evaluated as a template) -## -extraDeploy: [] -## Enable diagnostic mode in the deployment -## -diagnosticMode: - ## @param diagnosticMode.enabled Enable diagnostic mode (all probes will be disabled and the command will be overridden) - ## - enabled: false - ## @param diagnosticMode.command Command to override all containers in the deployment - ## - command: - - sleep - ## @param diagnosticMode.args Args to override all containers in the deployment - ## - args: - - infinity -## @param serviceBindings.enabled Create secret for service binding (Experimental) -## Ref: https://servicebinding.io/service-provider/ -## -serviceBindings: - enabled: false -## @section MariaDB common parameters -## - -## Bitnami MariaDB image -## ref: https://hub.docker.com/r/bitnami/mariadb/tags/ -## @param image.registry [default: REGISTRY_NAME] MariaDB image registry -## @param image.repository [default: REPOSITORY_NAME/mariadb] MariaDB image repository -## @skip image.tag MariaDB image tag (immutable tags are recommended) -## @param image.digest MariaDB image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag -## @param image.pullPolicy MariaDB image pull policy -## @param image.pullSecrets Specify docker-registry secret names as an array -## @param image.debug Specify if debug logs should be enabled -## -image: - registry: docker.io - repository: bitnami/mariadb - tag: 11.4.3-debian-12-r1 - digest: "" - ## Specify a imagePullPolicy - ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' - ## ref: https://kubernetes.io/docs/concepts/containers/images/#pre-pulled-images - ## - pullPolicy: IfNotPresent - ## Optionally specify an array of imagePullSecrets (secrets must be manually created in the namespace) - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ - ## Example: - ## pullSecrets: - ## - myRegistryKeySecretName - ## - pullSecrets: [] - ## Set to true if you would like to see extra information on logs - ## It turns BASH and/or NAMI debugging in the image - ## - debug: false -## @param architecture MariaDB architecture (`standalone` or `replication`) -## -architecture: standalone -## MariaDB Authentication parameters -## -auth: - ## @param auth.rootPassword Password for the `root` user. Ignored if existing secret is provided. - ## ref: https://github.com/bitnami/containers/tree/main/bitnami/mariadb#setting-the-root-password-on-first-run - ## - rootPassword: "" - ## @param auth.database Name for a custom database to create - ## ref: https://github.com/bitnami/containers/blob/main/bitnami/mariadb/README.md#creating-a-database-on-first-run - ## - database: my_database - ## @param auth.username Name for a custom user to create - ## ref: https://github.com/bitnami/containers/blob/main/bitnami/mariadb/README.md#creating-a-database-user-on-first-run - ## - username: "" - ## @param auth.password Password for the new user. Ignored if existing secret is provided - ## - password: "" - ## @param auth.replicationUser MariaDB replication user - ## ref: https://github.com/bitnami/containers/tree/main/bitnami/mariadb#setting-up-a-replication-cluster - ## - replicationUser: replicator - ## @param auth.replicationPassword MariaDB replication user password. Ignored if existing secret is provided - ## ref: https://github.com/bitnami/containers/tree/main/bitnami/mariadb#setting-up-a-replication-cluster - ## - replicationPassword: "" - ## @param auth.existingSecret Use existing secret for password details (`auth.rootPassword`, `auth.password`, `auth.replicationPassword` will be ignored and picked up from this secret). The secret has to contain the keys `mariadb-root-password`, `mariadb-replication-password` and `mariadb-password` - ## - existingSecret: "" - ## @param auth.forcePassword Force users to specify required passwords - ## - forcePassword: false - ## @param auth.usePasswordFiles Mount credentials as files instead of using environment variables - ## - usePasswordFiles: false - ## @param auth.customPasswordFiles Use custom password files when `auth.usePasswordFiles` is set to `true`. Define path for keys `root` and `user`, also define `replicator` if `architecture` is set to `replication` - ## Example: - ## customPasswordFiles: - ## root: /vault/secrets/mariadb-root - ## user: /vault/secrets/mariadb-user - ## replicator: /vault/secrets/mariadb-replicator - ## - customPasswordFiles: {} -## @param initdbScripts Dictionary of initdb scripts -## Specify dictionary of scripts to be run at first boot -## Example: -## initdbScripts: -## my_init_script.sh: | -## #!/bin/bash -## echo "Do something." -## -initdbScripts: {} -## @param initdbScriptsConfigMap ConfigMap with the initdb scripts (Note: Overrides `initdbScripts`) -## -initdbScriptsConfigMap: "" -## @section MariaDB Primary parameters -## - -## Mariadb Primary parameters -## -primary: - ## @param primary.name Name of the primary database (eg primary, master, leader, ...) - ## - name: primary - ## @param primary.command Override default container command on MariaDB Primary container(s) (useful when using custom images) - ## - command: [] - ## @param primary.args Override default container args on MariaDB Primary container(s) (useful when using custom images) - ## - args: [] - ## @param primary.lifecycleHooks for the MariaDB Primary container(s) to automate configuration before or after startup - ## - lifecycleHooks: {} - ## @param primary.automountServiceAccountToken Mount Service Account token in pod - ## - automountServiceAccountToken: false - ## @param primary.hostAliases Add deployment host aliases - ## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/ - ## - hostAliases: [] - ## @param primary.containerPorts.mysql Container port for mysql - ## - containerPorts: - mysql: 3306 - ## @param primary.configuration [string] MariaDB Primary configuration to be injected as ConfigMap - ## ref: https://mysql.com/kb/en/mysql/configuring-mysql-with-mycnf/#example-of-configuration-file - ## - configuration: |- - [mysqld] - skip-name-resolve - explicit_defaults_for_timestamp - basedir=/opt/bitnami/mariadb - datadir=/bitnami/mariadb/data - plugin_dir=/opt/bitnami/mariadb/plugin - port={{ .Values.primary.containerPorts.mysql }} - socket=/opt/bitnami/mariadb/tmp/mysql.sock - tmpdir=/opt/bitnami/mariadb/tmp - max_allowed_packet=16M - bind-address=* - pid-file=/opt/bitnami/mariadb/tmp/mysqld.pid - log-error=/opt/bitnami/mariadb/logs/mysqld.log - character-set-server=UTF8 - collation-server=utf8_general_ci - slow_query_log=0 - long_query_time=10.0 - binlog_expire_logs_seconds=2592000 - - [client] - port=3306 - socket=/opt/bitnami/mariadb/tmp/mysql.sock - default-character-set=UTF8 - plugin_dir=/opt/bitnami/mariadb/plugin - - [manager] - port=3306 - socket=/opt/bitnami/mariadb/tmp/mysql.sock - pid-file=/opt/bitnami/mariadb/tmp/mysqld.pid - ## @param primary.existingConfigmap Name of existing ConfigMap with MariaDB Primary configuration. - ## NOTE: When it's set the 'configuration' parameter is ignored - ## - existingConfigmap: "" - ## @param primary.updateStrategy.type MariaDB primary statefulset strategy type - ## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies - ## - updateStrategy: - ## StrategyType - ## Can be set to RollingUpdate or OnDelete - ## - type: RollingUpdate - ## @param primary.rollingUpdatePartition Partition update strategy for Mariadb Primary statefulset - ## https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#partitions - ## - rollingUpdatePartition: "" - ## @param primary.podAnnotations Additional pod annotations for MariaDB primary pods - ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ - ## - podAnnotations: {} - ## @param primary.podLabels Extra labels for MariaDB primary pods - ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ - ## - podLabels: {} - ## @param primary.podAffinityPreset MariaDB primary pod affinity preset. Ignored if `primary.affinity` is set. Allowed values: `soft` or `hard` - ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity - ## - podAffinityPreset: "" - ## @param primary.podAntiAffinityPreset MariaDB primary pod anti-affinity preset. Ignored if `primary.affinity` is set. Allowed values: `soft` or `hard` - ## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity - ## - podAntiAffinityPreset: soft - ## Mariadb Primary node affinity preset - ## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity - ## - nodeAffinityPreset: - ## @param primary.nodeAffinityPreset.type MariaDB primary node affinity preset type. Ignored if `primary.affinity` is set. Allowed values: `soft` or `hard` - ## - type: "" - ## @param primary.nodeAffinityPreset.key MariaDB primary node label key to match Ignored if `primary.affinity` is set. - ## E.g. - ## key: "kubernetes.io/e2e-az-name" - ## - key: "" - ## @param primary.nodeAffinityPreset.values MariaDB primary node label values to match. Ignored if `primary.affinity` is set. - ## E.g. - ## values: - ## - e2e-az1 - ## - e2e-az2 - ## - values: [] - ## @param primary.affinity Affinity for MariaDB primary pods assignment - ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity - ## Note: podAffinityPreset, podAntiAffinityPreset, and nodeAffinityPreset will be ignored when it's set - ## - affinity: {} - ## @param primary.nodeSelector Node labels for MariaDB primary pods assignment - ## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/ - ## - nodeSelector: {} - ## @param primary.tolerations Tolerations for MariaDB primary pods assignment - ## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ - ## - tolerations: [] - ## @param primary.schedulerName Name of the k8s scheduler (other than default) - ## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/ - ## - schedulerName: "" - ## @param primary.podManagementPolicy podManagementPolicy to manage scaling operation of MariaDB primary pods - ## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#pod-management-policies - ## - podManagementPolicy: "" - ## @param primary.topologySpreadConstraints Topology Spread Constraints for MariaDB primary pods assignment - ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ - ## E.g. - ## topologySpreadConstraints: - ## - maxSkew: 1 - ## topologyKey: topology.kubernetes.io/zone - ## whenUnsatisfiable: DoNotSchedule - ## - topologySpreadConstraints: [] - ## @param primary.priorityClassName Priority class for MariaDB primary pods assignment - ## Ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ - ## - priorityClassName: "" - ## @param primary.runtimeClassName Runtime Class for MariaDB primary pods - ## Ref: https://kubernetes.io/docs/concepts/containers/runtime-class/ - ## - runtimeClassName: "" - ## MariaDB primary Pod security context - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod - ## @param primary.podSecurityContext.enabled Enable security context for MariaDB primary pods - ## @param primary.podSecurityContext.fsGroupChangePolicy Set filesystem group change policy - ## @param primary.podSecurityContext.sysctls Set kernel settings using the sysctl interface - ## @param primary.podSecurityContext.supplementalGroups Set filesystem extra groups - ## @param primary.podSecurityContext.fsGroup Group ID for the mounted volumes' filesystem - ## - podSecurityContext: - enabled: true - fsGroupChangePolicy: Always - sysctls: [] - supplementalGroups: [] - fsGroup: 1001 - ## MariaDB primary container security context - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container - ## @param primary.containerSecurityContext.enabled MariaDB primary container securityContext - ## @param primary.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container - ## @param primary.containerSecurityContext.runAsUser User ID for the MariaDB primary container - ## @param primary.containerSecurityContext.runAsGroup Group ID for the MariaDB primary container - ## @param primary.containerSecurityContext.runAsNonRoot Set primary container's Security Context runAsNonRoot - ## @param primary.containerSecurityContext.privileged Set primary container's Security Context privileged - ## @param primary.containerSecurityContext.allowPrivilegeEscalation Set primary container's Security Context allowPrivilegeEscalation - ## @param primary.containerSecurityContext.readOnlyRootFilesystem Set container's Security Context readOnlyRootFilesystem - ## @param primary.containerSecurityContext.capabilities.drop List of capabilities to be dropped - ## @param primary.containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile - ## - containerSecurityContext: - enabled: true - seLinuxOptions: {} - runAsUser: 1001 - runAsGroup: 1001 - runAsNonRoot: true - privileged: false - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - capabilities: - drop: ["ALL"] - seccompProfile: - type: "RuntimeDefault" - ## MariaDB primary container's resource requests and limits - ## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ - ## We usually recommend not to specify default resources and to leave this as a conscious - ## choice for the user. This also increases chances charts run on environments with little - ## resources, such as Minikube. If you do want to specify resources, uncomment the following - ## lines, adjust them as necessary, and remove the curly braces after 'resources:'. - ## @param primary.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if primary.resources is set (primary.resources is recommended for production). - ## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15 - ## - resourcesPreset: "micro" - ## @param primary.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads) - ## Example: - ## resources: - ## requests: - ## cpu: 2 - ## memory: 512Mi - ## limits: - ## cpu: 3 - ## memory: 1024Mi - ## - resources: {} - ## Configure extra options for MariaDB primary containers' liveness, readiness and startup probes - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes) - ## @param primary.startupProbe.enabled Enable startupProbe - ## @param primary.startupProbe.initialDelaySeconds Initial delay seconds for startupProbe - ## @param primary.startupProbe.periodSeconds Period seconds for startupProbe - ## @param primary.startupProbe.timeoutSeconds Timeout seconds for startupProbe - ## @param primary.startupProbe.failureThreshold Failure threshold for startupProbe - ## @param primary.startupProbe.successThreshold Success threshold for startupProbe - ## - startupProbe: - enabled: false - initialDelaySeconds: 120 - periodSeconds: 15 - timeoutSeconds: 5 - failureThreshold: 10 - successThreshold: 1 - ## Configure extra options for liveness probe - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes - ## @param primary.livenessProbe.enabled Enable livenessProbe - ## @param primary.livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe - ## @param primary.livenessProbe.periodSeconds Period seconds for livenessProbe - ## @param primary.livenessProbe.timeoutSeconds Timeout seconds for livenessProbe - ## @param primary.livenessProbe.failureThreshold Failure threshold for livenessProbe - ## @param primary.livenessProbe.successThreshold Success threshold for livenessProbe - ## - livenessProbe: - enabled: true - initialDelaySeconds: 120 - periodSeconds: 10 - timeoutSeconds: 1 - failureThreshold: 3 - successThreshold: 1 - ## @param primary.readinessProbe.enabled Enable readinessProbe - ## @param primary.readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe - ## @param primary.readinessProbe.periodSeconds Period seconds for readinessProbe - ## @param primary.readinessProbe.timeoutSeconds Timeout seconds for readinessProbe - ## @param primary.readinessProbe.failureThreshold Failure threshold for readinessProbe - ## @param primary.readinessProbe.successThreshold Success threshold for readinessProbe - ## - readinessProbe: - enabled: true - initialDelaySeconds: 30 - periodSeconds: 10 - timeoutSeconds: 1 - failureThreshold: 3 - successThreshold: 1 - ## @param primary.customStartupProbe Override default startup probe for MariaDB primary containers - ## - customStartupProbe: {} - ## @param primary.customLivenessProbe Override default liveness probe for MariaDB primary containers - ## - customLivenessProbe: {} - ## @param primary.customReadinessProbe Override default readiness probe for MariaDB primary containers - ## - customReadinessProbe: {} - ## @param primary.startupWaitOptions Override default builtin startup wait check options for MariaDB primary containers - ## `bitnami/mariadb` Docker image has built-in startup check mechanism, - ## which periodically checks if MariaDB service has started up and stops it - ## if all checks have failed after X tries. Use these to control these checks. - ## ref: https://github.com/bitnami/containers/tree/main/bitnami/mariadb/pull/240 - ## Example (with default options): - ## startupWaitOptions: - ## retries: 300 - ## waitTime: 2 - ## - startupWaitOptions: {} - ## @param primary.extraFlags MariaDB primary additional command line flags - ## Can be used to specify command line flags, for example: - ## E.g. - ## extraFlags: "--max-connect-errors=1000 --max_connections=155" - ## - extraFlags: "" - ## @param primary.extraEnvVars Extra environment variables to be set on MariaDB primary containers - ## E.g. - ## extraEnvVars: - ## - name: TZ - ## value: "Europe/Paris" - ## - extraEnvVars: [] - ## @param primary.extraEnvVarsCM Name of existing ConfigMap containing extra env vars for MariaDB primary containers - ## - extraEnvVarsCM: "" - ## @param primary.extraEnvVarsSecret Name of existing Secret containing extra env vars for MariaDB primary containers - ## - extraEnvVarsSecret: "" - ## Enable persistence using Persistent Volume Claims - ## ref: https://kubernetes.io/docs/concepts/storage/persistent-volumes/ - ## - persistence: - ## @param primary.persistence.enabled Enable persistence on MariaDB primary replicas using a `PersistentVolumeClaim`. If false, use emptyDir - ## - enabled: true - ## @param primary.persistence.existingClaim Name of an existing `PersistentVolumeClaim` for MariaDB primary replicas - ## NOTE: When it's set the rest of persistence parameters are ignored - ## - existingClaim: "" - ## @param primary.persistence.subPath Subdirectory of the volume to mount at - ## - subPath: "" - ## @param primary.persistence.storageClass MariaDB primary persistent volume storage Class - ## If defined, storageClassName: - ## If set to "-", storageClassName: "", which disables dynamic provisioning - ## If undefined (the default) or set to null, no storageClassName spec is - ## set, choosing the default provisioner. (gp2 on AWS, standard on - ## GKE, AWS & OpenStack) - ## - storageClass: "" - ## @param primary.persistence.labels Labels for the PVC - ## - labels: {} - ## @param primary.persistence.annotations MariaDB primary persistent volume claim annotations - ## - annotations: {} - ## @param primary.persistence.accessModes MariaDB primary persistent volume access Modes - ## - accessModes: - - ReadWriteOnce - ## @param primary.persistence.size MariaDB primary persistent volume size - ## - size: 8Gi - ## @param primary.persistence.selector Selector to match an existing Persistent Volume - ## selector: - ## matchLabels: - ## app: my-app - ## - selector: {} - ## @param primary.extraVolumes Optionally specify extra list of additional volumes to the MariaDB Primary pod(s) - ## - extraVolumes: [] - ## @param primary.extraVolumeMounts Optionally specify extra list of additional volumeMounts for the MariaDB Primary container(s) - ## - extraVolumeMounts: [] - ## @param primary.initContainers Add additional init containers for the MariaDB Primary pod(s) - ## - initContainers: [] - ## @param primary.sidecars Add additional sidecar containers for the MariaDB Primary pod(s) - ## - sidecars: [] - ## MariaDB Primary Service parameters - ## - service: - ## @param primary.service.type MariaDB Primary Kubernetes service type - ## - type: ClusterIP - ports: - ## @param primary.service.ports.mysql MariaDB Primary Kubernetes service port for MariaDB - ## - mysql: 3306 - ## @param primary.service.ports.metrics MariaDB Primary Kubernetes service port for metrics - ## - metrics: 9104 - ## @param primary.service.nodePorts.mysql MariaDB Primary Kubernetes service node port - ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport - ## - nodePorts: - mysql: "" - ## @param primary.service.clusterIP MariaDB Primary Kubernetes service clusterIP IP - ## - clusterIP: "" - ## @param primary.service.loadBalancerIP MariaDB Primary loadBalancerIP if service type is `LoadBalancer` - ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer - ## - loadBalancerIP: "" - ## @param primary.service.externalTrafficPolicy Enable client source IP preservation - ## ref https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip - ## - externalTrafficPolicy: Cluster - ## @param primary.service.loadBalancerSourceRanges Address that are allowed when MariaDB Primary service is LoadBalancer - ## https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service - ## E.g. - ## loadBalancerSourceRanges: - ## - 10.10.10.0/24 - ## - loadBalancerSourceRanges: [] - ## @param primary.service.extraPorts Extra ports to expose (normally used with the `sidecar` value) - ## - extraPorts: [] - ## @param primary.service.annotations Provide any additional annotations which may be required - ## - annotations: {} - ## @param primary.service.sessionAffinity Session Affinity for Kubernetes service, can be "None" or "ClientIP" - ## If "ClientIP", consecutive client requests will be directed to the same Pod - ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies - ## - sessionAffinity: None - ## @param primary.service.sessionAffinityConfig Additional settings for the sessionAffinity - ## sessionAffinityConfig: - ## clientIP: - ## timeoutSeconds: 300 - ## - sessionAffinityConfig: {} - ## MariaDB primary Pod Disruption Budget configuration - ## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ - ## - pdb: - ## @param primary.pdb.create Enable/disable a Pod Disruption Budget creation for MariaDB primary pods - ## - create: true - ## @param primary.pdb.minAvailable Minimum number/percentage of MariaDB primary pods that must still be available after the eviction - ## - minAvailable: "" - ## @param primary.pdb.maxUnavailable Maximum number/percentage of MariaDB primary pods that can be unavailable after the eviction. Defaults to `1` if both `primary.pdb.minAvailable` and `primary.pdb.maxUnavailable` are empty. - ## - maxUnavailable: "" - ## @param primary.revisionHistoryLimit Maximum number of revisions that will be maintained in the StatefulSet - ## - revisionHistoryLimit: 10 -## @section MariaDB Secondary parameters -## - -## Mariadb Secondary parameters -## -secondary: - ## @param secondary.name Name of the secondary database (eg secondary, slave, ...) - ## - name: secondary - ## @param secondary.replicaCount Number of MariaDB secondary replicas - ## - replicaCount: 1 - ## @param secondary.command Override default container command on MariaDB Secondary container(s) (useful when using custom images) - ## - command: [] - ## @param secondary.args Override default container args on MariaDB Secondary container(s) (useful when using custom images) - ## - args: [] - ## @param secondary.lifecycleHooks for the MariaDB Secondary container(s) to automate configuration before or after startup - ## - lifecycleHooks: {} - ## @param secondary.automountServiceAccountToken Mount Service Account token in pod - ## - automountServiceAccountToken: false - ## @param secondary.hostAliases Add deployment host aliases - ## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/ - ## - hostAliases: [] - ## @param secondary.containerPorts.mysql Container port for mysql - ## - containerPorts: - mysql: 3306 - ## @param secondary.configuration [string] MariaDB Secondary configuration to be injected as ConfigMap - ## ref: https://mysql.com/kb/en/mysql/configuring-mysql-with-mycnf/#example-of-configuration-file - ## - configuration: |- - [mysqld] - skip-name-resolve - explicit_defaults_for_timestamp - basedir=/opt/bitnami/mariadb - datadir=/bitnami/mariadb/data - port={{ .Values.secondary.containerPorts.mysql }} - socket=/opt/bitnami/mariadb/tmp/mysql.sock - tmpdir=/opt/bitnami/mariadb/tmp - max_allowed_packet=16M - bind-address=0.0.0.0 - pid-file=/opt/bitnami/mariadb/tmp/mysqld.pid - log-error=/opt/bitnami/mariadb/logs/mysqld.log - character-set-server=UTF8 - collation-server=utf8_general_ci - slow_query_log=0 - long_query_time=10.0 - binlog_expire_logs_seconds=2592000 - - [client] - port=3306 - socket=/opt/bitnami/mariadb/tmp/mysql.sock - default-character-set=UTF8 - - [manager] - port=3306 - socket=/opt/bitnami/mariadb/tmp/mysql.sock - pid-file=/opt/bitnami/mariadb/tmp/mysqld.pid - ## @param secondary.existingConfigmap Name of existing ConfigMap with MariaDB Secondary configuration. - ## NOTE: When it's set the 'configuration' parameter is ignored - ## - existingConfigmap: "" - ## @param secondary.updateStrategy.type MariaDB secondary statefulset strategy type - ## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies - ## - updateStrategy: - ## StrategyType - ## Can be set to RollingUpdate or OnDelete - ## - type: RollingUpdate - ## @param secondary.rollingUpdatePartition Partition update strategy for Mariadb Secondary statefulset - ## https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#partitions - ## - rollingUpdatePartition: "" - ## @param secondary.podAnnotations Additional pod annotations for MariaDB secondary pods - ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ - ## - podAnnotations: {} - ## @param secondary.podLabels Extra labels for MariaDB secondary pods - ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ - ## - podLabels: {} - ## @param secondary.podAffinityPreset MariaDB secondary pod affinity preset. Ignored if `secondary.affinity` is set. Allowed values: `soft` or `hard` - ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity - ## - podAffinityPreset: "" - ## @param secondary.podAntiAffinityPreset MariaDB secondary pod anti-affinity preset. Ignored if `secondary.affinity` is set. Allowed values: `soft` or `hard` - ## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity - ## - podAntiAffinityPreset: soft - ## Mariadb Secondary node affinity preset - ## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity - ## - nodeAffinityPreset: - ## @param secondary.nodeAffinityPreset.type MariaDB secondary node affinity preset type. Ignored if `secondary.affinity` is set. Allowed values: `soft` or `hard` - ## - type: "" - ## @param secondary.nodeAffinityPreset.key MariaDB secondary node label key to match Ignored if `secondary.affinity` is set. - ## E.g. - ## key: "kubernetes.io/e2e-az-name" - ## - key: "" - ## @param secondary.nodeAffinityPreset.values MariaDB secondary node label values to match. Ignored if `secondary.affinity` is set. - ## E.g. - ## values: - ## - e2e-az1 - ## - e2e-az2 - ## - values: [] - ## @param secondary.affinity Affinity for MariaDB secondary pods assignment - ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity - ## Note: podAffinityPreset, podAntiAffinityPreset, and nodeAffinityPreset will be ignored when it's set - ## - affinity: {} - ## @param secondary.nodeSelector Node labels for MariaDB secondary pods assignment - ## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/ - ## - nodeSelector: {} - ## @param secondary.tolerations Tolerations for MariaDB secondary pods assignment - ## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ - ## - tolerations: [] - ## @param secondary.topologySpreadConstraints Topology Spread Constraints for MariaDB secondary pods assignment - ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ - ## E.g. - ## topologySpreadConstraints: - ## - maxSkew: 1 - ## topologyKey: topology.kubernetes.io/zone - ## whenUnsatisfiable: DoNotSchedule - ## - topologySpreadConstraints: [] - ## @param secondary.priorityClassName Priority class for MariaDB secondary pods assignment - ## Ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ - ## - priorityClassName: "" - ## @param secondary.runtimeClassName Runtime Class for MariaDB secondary pods - ## Ref: https://kubernetes.io/docs/concepts/containers/runtime-class/ - ## - runtimeClassName: "" - ## @param secondary.schedulerName Name of the k8s scheduler (other than default) - ## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/ - ## - schedulerName: "" - ## @param secondary.podManagementPolicy podManagementPolicy to manage scaling operation of MariaDB secondary pods - ## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#pod-management-policies - ## - podManagementPolicy: "" - ## MariaDB secondary Pod security context - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod - ## @param secondary.podSecurityContext.enabled Enable security context for MariaDB secondary pods - ## @param secondary.podSecurityContext.fsGroupChangePolicy Set filesystem group change policy - ## @param secondary.podSecurityContext.sysctls Set kernel settings using the sysctl interface - ## @param secondary.podSecurityContext.supplementalGroups Set filesystem extra groups - ## @param secondary.podSecurityContext.fsGroup Group ID for the mounted volumes' filesystem - ## - podSecurityContext: - enabled: true - fsGroupChangePolicy: Always - sysctls: [] - supplementalGroups: [] - fsGroup: 1001 - ## MariaDB secondary container security context - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container - ## @param secondary.containerSecurityContext.enabled MariaDB secondary container securityContext - ## @param secondary.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container - ## @param secondary.containerSecurityContext.runAsUser User ID for the MariaDB secondary container - ## @param secondary.containerSecurityContext.runAsGroup Group ID for the MariaDB secondary container - ## @param secondary.containerSecurityContext.runAsNonRoot Set secondary container's Security Context runAsNonRoot - ## @param secondary.containerSecurityContext.privileged Set secondary container's Security Context privileged - ## @param secondary.containerSecurityContext.allowPrivilegeEscalation Set secondary container's Security Context allowPrivilegeEscalation - ## @param secondary.containerSecurityContext.readOnlyRootFilesystem Set container's Security Context readOnlyRootFilesystem - ## @param secondary.containerSecurityContext.capabilities.drop List of capabilities to be dropped - ## @param secondary.containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile - ## - containerSecurityContext: - enabled: true - seLinuxOptions: {} - runAsUser: 1001 - runAsGroup: 1001 - runAsNonRoot: true - privileged: false - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - capabilities: - drop: ["ALL"] - seccompProfile: - type: "RuntimeDefault" - ## MariaDB secondary container's resource requests and limits - ## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ - ## We usually recommend not to specify default resources and to leave this as a conscious - ## choice for the user. This also increases chances charts run on environments with little - ## resources, such as Minikube. If you do want to specify resources, uncomment the following - ## lines, adjust them as necessary, and remove the curly braces after 'resources:'. - ## @param secondary.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if secondary.resources is set (secondary.resources is recommended for production). - ## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15 - ## - resourcesPreset: "micro" - ## @param secondary.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads) - ## Example: - ## resources: - ## requests: - ## cpu: 2 - ## memory: 512Mi - ## limits: - ## cpu: 3 - ## memory: 1024Mi - ## - resources: {} - ## Configure extra options for MariaDB Secondary containers' liveness, readiness and startup probes - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes) - ## @param secondary.startupProbe.enabled Enable startupProbe - ## @param secondary.startupProbe.initialDelaySeconds Initial delay seconds for startupProbe - ## @param secondary.startupProbe.periodSeconds Period seconds for startupProbe - ## @param secondary.startupProbe.timeoutSeconds Timeout seconds for startupProbe - ## @param secondary.startupProbe.failureThreshold Failure threshold for startupProbe - ## @param secondary.startupProbe.successThreshold Success threshold for startupProbe - ## - startupProbe: - enabled: false - initialDelaySeconds: 120 - periodSeconds: 15 - timeoutSeconds: 5 - failureThreshold: 10 - successThreshold: 1 - ## Configure extra options for liveness probe - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes - ## @param secondary.livenessProbe.enabled Enable livenessProbe - ## @param secondary.livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe - ## @param secondary.livenessProbe.periodSeconds Period seconds for livenessProbe - ## @param secondary.livenessProbe.timeoutSeconds Timeout seconds for livenessProbe - ## @param secondary.livenessProbe.failureThreshold Failure threshold for livenessProbe - ## @param secondary.livenessProbe.successThreshold Success threshold for livenessProbe - ## - livenessProbe: - enabled: true - initialDelaySeconds: 120 - periodSeconds: 10 - timeoutSeconds: 1 - failureThreshold: 3 - successThreshold: 1 - ## @param secondary.readinessProbe.enabled Enable readinessProbe - ## @param secondary.readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe - ## @param secondary.readinessProbe.periodSeconds Period seconds for readinessProbe - ## @param secondary.readinessProbe.timeoutSeconds Timeout seconds for readinessProbe - ## @param secondary.readinessProbe.failureThreshold Failure threshold for readinessProbe - ## @param secondary.readinessProbe.successThreshold Success threshold for readinessProbe - ## - readinessProbe: - enabled: true - initialDelaySeconds: 30 - periodSeconds: 10 - timeoutSeconds: 1 - failureThreshold: 3 - successThreshold: 1 - ## @param secondary.customStartupProbe Override default startup probe for MariaDB secondary containers - ## - customStartupProbe: {} - ## @param secondary.customLivenessProbe Override default liveness probe for MariaDB secondary containers - ## - customLivenessProbe: {} - ## @param secondary.customReadinessProbe Override default readiness probe for MariaDB secondary containers - ## - customReadinessProbe: {} - ## @param secondary.startupWaitOptions Override default builtin startup wait check options for MariaDB secondary containers - ## `bitnami/mariadb` Docker image has built-in startup check mechanism, - ## which periodically checks if MariaDB service has started up and stops it - ## if all checks have failed after X tries. Use these to control these checks. - ## ref: https://github.com/bitnami/containers/tree/main/bitnami/mariadb/pull/240 - ## Example (with default options): - ## startupWaitOptions: - ## retries: 300 - ## waitTime: 2 - ## - startupWaitOptions: {} - ## @param secondary.extraFlags MariaDB secondary additional command line flags - ## Can be used to specify command line flags, for example: - ## E.g. - ## extraFlags: "--max-connect-errors=1000 --max_connections=155" - ## - extraFlags: "" - ## @param secondary.extraEnvVars Extra environment variables to be set on MariaDB secondary containers - ## E.g. - ## extraEnvVars: - ## - name: TZ - ## value: "Europe/Paris" - ## - extraEnvVars: [] - ## @param secondary.extraEnvVarsCM Name of existing ConfigMap containing extra env vars for MariaDB secondary containers - ## - extraEnvVarsCM: "" - ## @param secondary.extraEnvVarsSecret Name of existing Secret containing extra env vars for MariaDB secondary containers - ## - extraEnvVarsSecret: "" - ## Enable persistence using Persistent Volume Claims - ## ref: https://kubernetes.io/docs/concepts/storage/persistent-volumes/ - ## - persistence: - ## @param secondary.persistence.enabled Enable persistence on MariaDB secondary replicas using a `PersistentVolumeClaim` - ## - enabled: true - ## @param secondary.persistence.subPath Subdirectory of the volume to mount at - ## - subPath: "" - ## @param secondary.persistence.storageClass MariaDB secondary persistent volume storage Class - ## If defined, storageClassName: - ## If set to "-", storageClassName: "", which disables dynamic provisioning - ## If undefined (the default) or set to null, no storageClassName spec is - ## set, choosing the default provisioner. (gp2 on AWS, standard on - ## GKE, AWS & OpenStack) - ## - storageClass: "" - ## @param secondary.persistence.labels Labels for the PVC - ## - labels: {} - ## @param secondary.persistence.annotations MariaDB secondary persistent volume claim annotations - ## - annotations: {} - ## @param secondary.persistence.accessModes MariaDB secondary persistent volume access Modes - ## - accessModes: - - ReadWriteOnce - ## @param secondary.persistence.size MariaDB secondary persistent volume size - ## - size: 8Gi - ## @param secondary.persistence.selector Selector to match an existing Persistent Volume - ## selector: - ## matchLabels: - ## app: my-app - ## - selector: {} - ## @param secondary.extraVolumes Optionally specify extra list of additional volumes to the MariaDB secondary pod(s) - ## - extraVolumes: [] - ## @param secondary.extraVolumeMounts Optionally specify extra list of additional volumeMounts for the MariaDB secondary container(s) - ## - extraVolumeMounts: [] - ## @param secondary.initContainers Add additional init containers for the MariaDB secondary pod(s) - ## - initContainers: [] - ## @param secondary.sidecars Add additional sidecar containers for the MariaDB secondary pod(s) - ## - sidecars: [] - ## MariaDB Secondary Service parameters - ## - service: - ## @param secondary.service.type MariaDB secondary Kubernetes service type - ## - type: ClusterIP - ports: - ## @param secondary.service.ports.mysql MariaDB secondary Kubernetes service port for MariaDB - ## - mysql: 3306 - ## @param secondary.service.ports.metrics MariaDB secondary Kubernetes service port for metrics - ## - metrics: 9104 - ## @param secondary.service.nodePorts.mysql MariaDB secondary Kubernetes service node port - ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport - ## - nodePorts: - mysql: "" - ## @param secondary.service.clusterIP MariaDB secondary Kubernetes service clusterIP IP - ## e.g: - ## clusterIP: None - ## - clusterIP: "" - ## @param secondary.service.loadBalancerIP MariaDB secondary loadBalancerIP if service type is `LoadBalancer` - ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer - ## - loadBalancerIP: "" - ## @param secondary.service.externalTrafficPolicy Enable client source IP preservation - ## ref https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip - ## - externalTrafficPolicy: Cluster - ## @param secondary.service.loadBalancerSourceRanges Address that are allowed when MariaDB secondary service is LoadBalancer - ## https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service - ## E.g. - ## loadBalancerSourceRanges: - ## - 10.10.10.0/24 - ## - loadBalancerSourceRanges: [] - ## @param secondary.service.extraPorts Extra ports to expose (normally used with the `sidecar` value) - ## - extraPorts: [] - ## @param secondary.service.annotations Provide any additional annotations which may be required - ## - annotations: {} - ## @param secondary.service.sessionAffinity Session Affinity for Kubernetes service, can be "None" or "ClientIP" - ## If "ClientIP", consecutive client requests will be directed to the same Pod - ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies - ## - sessionAffinity: None - ## @param secondary.service.sessionAffinityConfig Additional settings for the sessionAffinity - ## sessionAffinityConfig: - ## clientIP: - ## timeoutSeconds: 300 - ## - sessionAffinityConfig: {} - ## MariaDB secondary Pod Disruption Budget configuration - ## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ - ## - pdb: - ## @param secondary.pdb.create Enable/disable a Pod Disruption Budget creation for MariaDB secondary pods - ## - create: true - ## @param secondary.pdb.minAvailable Minimum number/percentage of MariaDB secondary pods that should remain scheduled - ## - minAvailable: "" - ## @param secondary.pdb.maxUnavailable Maximum number/percentage of MariaDB secondary pods that may be made unavailable. Defaults to `1` if both `secondary.pdb.minAvailable` and `secondary.pdb.maxUnavailable` are empty. - ## - maxUnavailable: "" - ## @param secondary.revisionHistoryLimit Maximum number of revisions that will be maintained in the StatefulSet - ## - revisionHistoryLimit: 10 -## @section RBAC parameters -## - -## MariaDB pods ServiceAccount -## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ -## -serviceAccount: - ## @param serviceAccount.create Enable the creation of a ServiceAccount for MariaDB pods - ## - create: true - ## @param serviceAccount.name Name of the created ServiceAccount - ## If not set and create is true, a name is generated using the mariadb.fullname template - ## - name: "" - ## @param serviceAccount.annotations Annotations for MariaDB Service Account - ## - annotations: {} - ## @param serviceAccount.automountServiceAccountToken Automount service account token for the server service account - ## - automountServiceAccountToken: false -## Role Based Access -## ref: https://kubernetes.io/docs/admin/authorization/rbac/ -## -rbac: - ## @param rbac.create Whether to create and use RBAC resources or not - ## - create: false -## @section Volume Permissions parameters -## - -## Init containers parameters: -## volumePermissions: Change the owner and group of the persistent volume mountpoint to runAsUser:fsGroup values from the securityContext section. -## -volumePermissions: - ## @param volumePermissions.enabled Enable init container that changes the owner and group of the persistent volume(s) mountpoint to `runAsUser:fsGroup` - ## - enabled: false - ## @param volumePermissions.image.registry [default: REGISTRY_NAME] Init container volume-permissions image registry - ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] Init container volume-permissions image repository - ## @skip volumePermissions.image.tag Init container volume-permissions image tag (immutable tags are recommended) - ## @param volumePermissions.image.digest Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag - ## @param volumePermissions.image.pullPolicy Init container volume-permissions image pull policy - ## @param volumePermissions.image.pullSecrets Specify docker-registry secret names as an array - ## - image: - registry: docker.io - repository: bitnami/os-shell - tag: 12-debian-12-r30 - digest: "" - pullPolicy: IfNotPresent - ## Optionally specify an array of imagePullSecrets (secrets must be manually created in the namespace) - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ - ## Example: - ## pullSecrets: - ## - myRegistryKeySecretName - ## - pullSecrets: [] - ## @param volumePermissions.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if volumePermissions.resources is set (volumePermissions.resources is recommended for production). - ## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15 - ## - resourcesPreset: "nano" - ## @param volumePermissions.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads) - ## Example: - ## resources: - ## requests: - ## cpu: 2 - ## memory: 512Mi - ## limits: - ## cpu: 3 - ## memory: 1024Mi - ## - resources: {} -## @section Metrics parameters -## - -## Mysqld Prometheus exporter parameters -## -metrics: - ## @param metrics.enabled Start a side-car prometheus exporter - ## - enabled: false - ## @param metrics.image.registry [default: REGISTRY_NAME] Exporter image registry - ## @param metrics.image.repository [default: REPOSITORY_NAME/mysqld-exporter] Exporter image repository - ## @skip metrics.image.tag Exporter image tag (immutable tags are recommended) - ## @param metrics.image.digest Exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag - ## @param metrics.image.pullPolicy Exporter image pull policy - ## @param metrics.image.pullSecrets Specify docker-registry secret names as an array - ## - image: - registry: docker.io - repository: bitnami/mysqld-exporter - tag: 0.15.1-debian-12-r34 - digest: "" - pullPolicy: IfNotPresent - ## Optionally specify an array of imagePullSecrets (secrets must be manually created in the namespace) - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ - ## Example: - ## pullSecrets: - ## - myRegistryKeySecretName - ## - pullSecrets: [] - ## @param metrics.annotations [object] Annotations for the Exporter pod - ## - annotations: - prometheus.io/scrape: "true" - prometheus.io/port: "9104" - ## @param metrics.extraArgs [object] Extra args to be passed to mysqld_exporter - ## ref: https://github.com/prometheus/mysqld_exporter/ - ## E.g. - ## - --collect.auto_increment.columns - ## - --collect.binlog_size - ## - --collect.engine_innodb_status - ## - --collect.engine_tokudb_status - ## - --collect.global_status - ## - --collect.global_variables - ## - --collect.info_schema.clientstats - ## - --collect.info_schema.innodb_metrics - ## - --collect.info_schema.innodb_tablespaces - ## - --collect.info_schema.innodb_cmp - ## - --collect.info_schema.innodb_cmpmem - ## - --collect.info_schema.processlist - ## - --collect.info_schema.processlist.min_time - ## - --collect.info_schema.query_response_time - ## - --collect.info_schema.tables - ## - --collect.info_schema.tables.databases - ## - --collect.info_schema.tablestats - ## - --collect.info_schema.userstats - ## - --collect.perf_schema.eventsstatements - ## - --collect.perf_schema.eventsstatements.digest_text_limit - ## - --collect.perf_schema.eventsstatements.limit - ## - --collect.perf_schema.eventsstatements.timelimit - ## - --collect.perf_schema.eventswaits - ## - --collect.perf_schema.file_events - ## - --collect.perf_schema.file_instances - ## - --collect.perf_schema.indexiowaits - ## - --collect.perf_schema.tableiowaits - ## - --collect.perf_schema.tablelocks - ## - --collect.perf_schema.replication_group_member_stats - ## - --collect.slave_status - ## - --collect.slave_hosts - ## - --collect.heartbeat - ## - --collect.heartbeat.database - ## - --collect.heartbeat.table - ## - extraArgs: - primary: [] - secondary: [] - ## @param metrics.extraVolumeMounts [object] Optionally specify extra list of additional volumeMounts for the MariaDB metrics container(s) - ## - extraVolumeMounts: - primary: [] - secondary: [] - ## @param metrics.containerPorts.http Container port for http - ## - containerPorts: - http: 9104 - ## MariaDB metrics container Security Context - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container - ## @param metrics.containerSecurityContext.enabled Enable security context for MariaDB metrics container - ## @param metrics.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container - ## @param metrics.containerSecurityContext.runAsUser User ID for the MariaDB metrics container - ## @param metrics.containerSecurityContext.runAsGroup Group ID for the MariaDB metrics container - ## @param metrics.containerSecurityContext.runAsNonRoot Set metrics container's Security Context runAsNonRoot - ## @param metrics.containerSecurityContext.privileged Set metrics container's Security Context privileged - ## @param metrics.containerSecurityContext.allowPrivilegeEscalation Set metrics container's Security Context allowPrivilegeEscalation - ## @param metrics.containerSecurityContext.readOnlyRootFilesystem Set container's Security Context readOnlyRootFilesystem - ## @param metrics.containerSecurityContext.capabilities.drop List of capabilities to be dropped - ## @param metrics.containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile - ## Example: - ## containerSecurityContext: - ## enabled: true - ## capabilities: - ## drop: ["NET_RAW"] - ## readOnlyRootFilesystem: true - ## - containerSecurityContext: - enabled: false - privileged: false - runAsNonRoot: true - seLinuxOptions: {} - runAsUser: 1001 - runAsGroup: 1001 - readOnlyRootFilesystem: true - allowPrivilegeEscalation: false - capabilities: - drop: ["ALL"] - seccompProfile: - type: "RuntimeDefault" - ## Mysqld Prometheus exporter resource requests and limits - ## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ - ## We usually recommend not to specify default resources and to leave this as a conscious - ## choice for the user. This also increases chances charts run on environments with little - ## resources, such as Minikube. If you do want to specify resources, uncomment the following - ## lines, adjust them as necessary, and remove the curly braces after 'resources:'. - ## @param metrics.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if metrics.resources is set (metrics.resources is recommended for production). - ## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15 - ## - resourcesPreset: "nano" - ## @param metrics.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads) - ## Example: - ## resources: - ## requests: - ## cpu: 2 - ## memory: 512Mi - ## limits: - ## cpu: 3 - ## memory: 1024Mi - ## - resources: {} - ## Configure extra options for liveness probe - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes - ## @param metrics.livenessProbe.enabled Enable livenessProbe - ## @param metrics.livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe - ## @param metrics.livenessProbe.periodSeconds Period seconds for livenessProbe - ## @param metrics.livenessProbe.timeoutSeconds Timeout seconds for livenessProbe - ## @param metrics.livenessProbe.failureThreshold Failure threshold for livenessProbe - ## @param metrics.livenessProbe.successThreshold Success threshold for livenessProbe - ## - livenessProbe: - enabled: true - initialDelaySeconds: 120 - periodSeconds: 10 - timeoutSeconds: 1 - successThreshold: 1 - failureThreshold: 3 - ## Configure extra options for readiness probe - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes - ## @param metrics.readinessProbe.enabled Enable readinessProbe - ## @param metrics.readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe - ## @param metrics.readinessProbe.periodSeconds Period seconds for readinessProbe - ## @param metrics.readinessProbe.timeoutSeconds Timeout seconds for readinessProbe - ## @param metrics.readinessProbe.failureThreshold Failure threshold for readinessProbe - ## @param metrics.readinessProbe.successThreshold Success threshold for readinessProbe - ## - readinessProbe: - enabled: true - initialDelaySeconds: 30 - periodSeconds: 10 - timeoutSeconds: 1 - successThreshold: 1 - failureThreshold: 3 - ## Prometheus Service Monitor - ## ref: https://github.com/coreos/prometheus-operator - ## - serviceMonitor: - ## @param metrics.serviceMonitor.enabled Create ServiceMonitor Resource for scraping metrics using PrometheusOperator - ## - enabled: false - ## @param metrics.serviceMonitor.namespace Namespace which Prometheus is running in - ## - namespace: "" - ## @param metrics.serviceMonitor.jobLabel The name of the label on the target service to use as the job name in prometheus. - ## - jobLabel: "" - ## @param metrics.serviceMonitor.interval Interval at which metrics should be scraped - ## - interval: 30s - ## @param metrics.serviceMonitor.scrapeTimeout Specify the timeout after which the scrape is ended - ## e.g: - ## scrapeTimeout: 30s - ## - scrapeTimeout: "" - ## @param metrics.serviceMonitor.relabelings RelabelConfigs to apply to samples before scraping - ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#relabelconfig - ## - relabelings: [] - ## @param metrics.serviceMonitor.metricRelabelings MetricRelabelConfigs to apply to samples before ingestion - ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#relabelconfig - ## - metricRelabelings: [] - ## @param metrics.serviceMonitor.honorLabels honorLabels chooses the metric's labels on collisions with target labels - ## - honorLabels: false - ## @param metrics.serviceMonitor.selector ServiceMonitor selector labels - ## ref: https://github.com/bitnami/charts/tree/main/bitnami/prometheus-operator#prometheus-configuration - ## - ## selector: - ## prometheus: my-prometheus - ## - selector: {} - ## @param metrics.serviceMonitor.labels Extra labels for the ServiceMonitor - ## - labels: {} - ## Prometheus Operator PrometheusRule configuration - ## - prometheusRule: - ## @param metrics.prometheusRule.enabled if `true`, creates a Prometheus Operator PrometheusRule (also requires `metrics.enabled` to be `true` and `metrics.prometheusRule.rules`) - ## - enabled: false - ## @param metrics.prometheusRule.namespace Namespace for the PrometheusRule Resource (defaults to the Release Namespace) - ## - namespace: "" - ## @param metrics.prometheusRule.additionalLabels Additional labels that can be used so PrometheusRule will be discovered by Prometheus - ## - additionalLabels: {} - ## @param metrics.prometheusRule.rules Prometheus Rule definitions - ## - alert: MariaDB-Down - ## expr: absent(up{job="mariadb"} == 1) - ## for: 5m - ## labels: - ## severity: warning - ## service: mariadb - ## annotations: - ## message: 'MariaDB instance {{ `{{` }} $labels.instance {{ `}}` }} is down' - ## summary: MariaDB instance is down - ## - rules: [] -## @section NetworkPolicy parameters -## ref: https://kubernetes.io/docs/concepts/services-networking/network-policies/ -## -networkPolicy: - ## @param networkPolicy.enabled Enable creation of NetworkPolicy resources - ## - enabled: true - ## @param networkPolicy.allowExternal The Policy model to apply - ## When set to false, only pods with the correct client label will have network access to the ports MariaDB is - ## listening on. When true, MariaDB will accept connections from any source (with the correct destination port). - ## - allowExternal: true - ## @param networkPolicy.allowExternalEgress Allow the pod to access any range of port and all destinations. - ## - allowExternalEgress: true - ## @param networkPolicy.extraIngress [array] Add extra ingress rules to the NetworkPolicy - ## e.g: - ## extraIngress: - ## - ports: - ## - port: 1234 - ## from: - ## - podSelector: - ## - matchLabels: - ## - role: frontend - ## - podSelector: - ## - matchExpressions: - ## - key: role - ## operator: In - ## values: - ## - frontend - ## - extraIngress: [] - ## @param networkPolicy.extraEgress [array] Add extra ingress rules to the NetworkPolicy - ## e.g: - ## extraEgress: - ## - ports: - ## - port: 1234 - ## to: - ## - podSelector: - ## - matchLabels: - ## - role: frontend - ## - podSelector: - ## - matchExpressions: - ## - key: role - ## operator: In - ## values: - ## - frontend - ## - extraEgress: [] - ## @param networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces - ## @param networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces - ## - ingressNSMatchLabels: {} - ingressNSPodMatchLabels: {} diff --git a/charts/mariadb/values-overrides.yaml b/charts/mariadb/values-overrides.yaml deleted file mode 100644 index 8bc0914..0000000 --- a/charts/mariadb/values-overrides.yaml +++ /dev/null @@ -1,8 +0,0 @@ -# @see https://artifacthub.io/packages/helm/bitnami/mariadb?modal=values -fullnameOverride: mariadb -# architecture: replication -architecture: standalone -auth: - username: drupal - database: drupal - existingSecret: mariadb \ No newline at end of file diff --git a/charts/phpmyadmin/phpmyadmin/.helmignore b/charts/phpmyadmin/phpmyadmin/.helmignore deleted file mode 100644 index 207983f..0000000 --- a/charts/phpmyadmin/phpmyadmin/.helmignore +++ /dev/null @@ -1,25 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj -# img folder -img/ -# Changelog -CHANGELOG.md diff --git a/charts/phpmyadmin/phpmyadmin/Chart.lock b/charts/phpmyadmin/phpmyadmin/Chart.lock deleted file mode 100644 index 109d91c..0000000 --- a/charts/phpmyadmin/phpmyadmin/Chart.lock +++ /dev/null @@ -1,9 +0,0 @@ -dependencies: -- name: mariadb - repository: oci://registry-1.docker.io/bitnamicharts - version: 19.0.6 -- name: common - repository: oci://registry-1.docker.io/bitnamicharts - version: 2.23.0 -digest: sha256:8626b452b34cfdd615a5e97ad13de70344e5fd14ee39db107795e20d5006b3c8 -generated: "2024-09-19T09:40:39.92295583Z" diff --git a/charts/phpmyadmin/phpmyadmin/Chart.yaml b/charts/phpmyadmin/phpmyadmin/Chart.yaml deleted file mode 100644 index e5933f4..0000000 --- a/charts/phpmyadmin/phpmyadmin/Chart.yaml +++ /dev/null @@ -1,38 +0,0 @@ -annotations: - category: Infrastructure - images: | - - name: apache-exporter - image: docker.io/bitnami/apache-exporter:1.0.8-debian-12-r9 - - name: phpmyadmin - image: docker.io/bitnami/phpmyadmin:5.2.1-debian-12-r42 - licenses: Apache-2.0 -apiVersion: v2 -appVersion: 5.2.1 -dependencies: -- condition: db.bundleTestDB - name: mariadb - repository: oci://registry-1.docker.io/bitnamicharts - tags: - - phpmyadmin-database - version: 19.x.x -- name: common - repository: oci://registry-1.docker.io/bitnamicharts - tags: - - bitnami-common - version: 2.x.x -description: phpMyAdmin is a free software tool written in PHP, intended to handle - the administration of MySQL over the Web. phpMyAdmin supports a wide range of operations - on MySQL and MariaDB. -home: https://bitnami.com -icon: https://bitnami.com/assets/stacks/phpmyadmin/img/phpmyadmin-stack-220x234.png -keywords: -- mariadb -- mysql -- phpmyadmin -maintainers: -- name: Broadcom, Inc. All Rights Reserved. - url: https://github.com/bitnami/charts -name: phpmyadmin -sources: -- https://github.com/bitnami/charts/tree/main/bitnami/phpmyadmin -version: 17.0.7 diff --git a/charts/phpmyadmin/phpmyadmin/README.md b/charts/phpmyadmin/phpmyadmin/README.md deleted file mode 100644 index 97bc819..0000000 --- a/charts/phpmyadmin/phpmyadmin/README.md +++ /dev/null @@ -1,588 +0,0 @@ - - -# Bitnami package for phpMyAdmin - -phpMyAdmin is a free software tool written in PHP, intended to handle the administration of MySQL over the Web. phpMyAdmin supports a wide range of operations on MySQL and MariaDB. - -[Overview of phpMyAdmin](https://www.phpmyadmin.net/) - -Trademarks: This software listing is packaged by Bitnami. The respective trademarks mentioned in the offering are owned by the respective companies, and use of them does not imply any affiliation or endorsement. - -## TL;DR - -```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/phpmyadmin -``` - -Looking to use phpMyAdmin in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. - -## Introduction - -This chart bootstraps a [phpMyAdmin](https://github.com/bitnami/containers/tree/main/bitnami/phpmyadmin) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. - -As a portable web application written primarily in PHP, phpMyAdmin has become one of the most popular MySQL administration tools, especially for web hosting services. - -Bitnami charts can be used with [Kubeapps](https://kubeapps.dev/) for deployment and management of Helm Charts in clusters. - -## Prerequisites - -- Kubernetes 1.23+ -- Helm 3.8.0+ - -## Installing the Chart - -To install the chart with the release name `my-release`: - -```console -helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/phpmyadmin -``` - -> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. - -The command deploys phpMyAdmin on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. - -> **Tip**: List all releases using `helm list` - -## Configuration and installation details - -### Resource requests and limits - -Bitnami charts allow setting resource requests and limits for all containers inside the chart deployment. These are inside the `resources` value (check parameter table). Setting requests is essential for production workloads and these should be adapted to your specific use case. - -To make this process easier, the chart contains the `resourcesPreset` values, which automatically sets the `resources` section according to different presets. Check these presets in [the bitnami/common chart](https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15). However, in production workloads using `resourcePreset` is discouraged as it may not fully adapt to your specific needs. Find more information on container resource management in the [official Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/). - -### [Rolling VS Immutable tags](https://docs.vmware.com/en/VMware-Tanzu-Application-Catalog/services/tutorials/GUID-understand-rolling-tags-containers-index.html) - -It is strongly recommended to use immutable tags in a production environment. This ensures your deployment does not change automatically if the same tag is updated with a different image. - -Bitnami will release a new chart updating its containers if a new version of the main container, significant changes, or critical vulnerabilities exist. - -### Ingress - -This chart provides support for Ingress resources. If you have an ingress controller installed on your cluster, such as [nginx-ingress-controller](https://github.com/bitnami/charts/tree/main/bitnami/nginx-ingress-controller) or [contour](https://github.com/bitnami/charts/tree/main/bitnami/contour) you can utilize the ingress controller to serve your application. - -To enable ingress integration, please set `ingress.enabled` to `true`. - -#### Hosts - -Most likely you will only want to have one hostname that maps to this phpMyAdmin installation. If that's your case, the property `ingress.hostname` will set it. However, it is possible to have more than one host. To facilitate this, the `ingress.extraHosts` object can be specified as an array. You can also use `ingress.extraTLS` to add the TLS configuration for extra hosts. - -For each host indicated at `ingress.extraHosts`, please indicate a `name`, `path`, and any `annotations` that you may want the ingress controller to know about. - -For annotations, please see [this document](https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md). Not all annotations are supported by all ingress controllers, but this document does a good job of indicating which annotation is supported by many popular ingress controllers. - -### TLS Secrets - -This chart will facilitate the creation of TLS secrets for use with the ingress controller, however, this is not required. There are some common use cases: - -- Helm generates and manages certificate secrets (default). -- User generates certificates and helm manages secrets. -- User generates and manages certificates separately. -- An additional tool (like [cert-manager](https://github.com/jetstack/cert-manager/)) manages the secrets for the application. - -In the second case, a certificate and a key are needed. We would expect them to look like this: - -- certificate files should look like (and there can be more than one certificate if there is a certificate chain) - - ```console - -----BEGIN CERTIFICATE----- - MIID6TCCAtGgAwIBAgIJAIaCwivkeB5EMA0GCSqGSIb3DQEBCwUAMFYxCzAJBgNV - ... - jScrvkiBO65F46KioCL9h5tDvomdU1aqpI/CBzhvZn1c0ZTf87tGQR8NK7v7 - -----END CERTIFICATE----- - ``` - -- keys should look like: - - ```console - -----BEGIN RSA PRIVATE KEY----- - MIIEogIBAAKCAQEAvLYcyu8f3skuRyUgeeNpeDvYBCDcgq+LsWap6zbX5f8oLqp4 - ... - wrj2wDbCDCFmfqnSJ+dKI3vFLlEz44sAV8jX/kd4Y6ZTQhlLbYc= - -----END RSA PRIVATE KEY----- - ``` - -If you are going to generate certificates yourself and want helm to manage the secret, please copy these values into the `certificate` and `key` values for a given `ingress.secrets` entry. - -If you want to manage TLS secrets outside of Helm, please know that you can create a TLS secret and pass its name via the parameter `ingress.existingSecretName`. - -To make use of cert-manager, you need to add the the `cert-manager.io/cluster-issuer:` annotation to the ingress object via `ingress.annotations`. - -### Adding extra environment variables - -In case you want to add extra environment variables (useful for advanced operations like custom init scripts), you can use the `extraEnvVars` property. - -```yaml -extraEnvVars: - - name: LOG_LEVEL - value: DEBUG -``` - -Alternatively, you can use a ConfigMap or a Secret with the environment variables. To do so, use the `extraEnvVarsCM` or the `extraEnvVarsSecret` values. - -### Sidecars and Init Containers - -If you have a need for additional containers to run within the same pod as the PhpMyAdmin app (e.g. an additional metrics or logging exporter), you can do so via the `sidecars` config parameter. Simply define your container according to the Kubernetes container spec. - -```yaml -sidecars: - - name: your-image-name - image: your-image - imagePullPolicy: Always - ports: - - name: portname - containerPort: 1234 -``` - -Similarly, you can add extra init containers using the `initContainers` parameter. - -```yaml -initContainers: - - name: your-image-name - image: your-image - imagePullPolicy: Always - ports: - - name: portname - containerPort: 1234 -``` - -### Deploying extra resources - -There are cases where you may want to deploy extra objects, such a ConfigMap containing your app's configuration or some extra deployment with a micro service used by your app. For covering this case, the chart allows adding the full specification of other objects using the `extraDeploy` parameter. - -### Setting Pod's affinity - -This chart allows you to set your custom affinity using the `XXX.affinity` parameter(s). Find more information about Pod's affinity in the [kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity). - -As an alternative, you can use of the preset configurations for pod affinity, pod anti-affinity, and node affinity available at the [bitnami/common](https://github.com/bitnami/charts/tree/main/bitnami/common#affinities) chart. To do so, set the `podAffinityPreset`, `XpodAntiAffinityPreset`, or `nodeAffinityPreset` parameters. - -## Parameters - -### Global parameters - -| Name | Description | Value | -| ----------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------- | -| `global.imageRegistry` | Global Docker image registry | `""` | -| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` | -| `global.defaultStorageClass` | Global default StorageClass for Persistent Volume(s) | `""` | -| `global.compatibility.openshift.adaptSecurityContext` | Adapt the securityContext sections of the deployment to make them compatible with Openshift restricted-v2 SCC: remove runAsUser, runAsGroup and fsGroup and let the platform use their allowed default IDs. Possible values: auto (apply if the detected running cluster is Openshift), force (perform the adaptation always), disabled (do not perform adaptation) | `disabled` | - -### Common parameters - -| Name | Description | Value | -| ------------------- | -------------------------------------------------------------------------------------------- | --------------- | -| `kubeVersion` | Force target Kubernetes version (using Helm capabilities if not set) | `""` | -| `nameOverride` | String to partially override common.names.fullname template (will maintain the release name) | `""` | -| `fullnameOverride` | String to fully override common.names.fullname template | `""` | -| `commonLabels` | Add labels to all the deployed resources | `{}` | -| `commonAnnotations` | Add annotations to all the deployed resources | `{}` | -| `clusterDomain` | Kubernetes Cluster Domain | `cluster.local` | -| `extraDeploy` | Array of extra objects to deploy with the release | `[]` | - -### phpMyAdmin parameters - -| Name | Description | Value | -| -------------------- | ---------------------------------------------------------------------------------------------------------- | ---------------------------- | -| `image.registry` | phpMyAdmin image registry | `REGISTRY_NAME` | -| `image.repository` | phpMyAdmin image repository | `REPOSITORY_NAME/phpmyadmin` | -| `image.digest` | phpMyAdmin image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | Image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `image.debug` | Enable phpmyadmin image debug mode | `false` | -| `command` | Override default container command (useful when using custom images) | `[]` | -| `args` | Override default container args (useful when using custom images) | `[]` | -| `lifecycleHooks` | for the phpmyadmin container(s) to automate configuration before or after startup | `{}` | -| `extraEnvVars` | Extra environment variables to be set on PhpMyAdmin container | `[]` | -| `extraEnvVarsCM` | Name of a existing ConfigMap containing extra env vars | `""` | -| `extraEnvVarsSecret` | Name of a existing Secret containing extra env vars | `""` | - -### phpMyAdmin deployment parameters - -| Name | Description | Value | -| --------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------- | -| `automountServiceAccountToken` | Mount Service Account token in pod | `false` | -| `hostAliases` | Deployment pod host aliases | `[]` | -| `containerPorts.http` | HTTP port to expose at container level | `8080` | -| `containerPorts.https` | HTTPS port to expose at container level | `8443` | -| `extraContainerPorts` | Optionally specify extra list of additional ports for phpMyAdmin container(s) | `[]` | -| `updateStrategy.type` | Strategy to use to update Pods | `RollingUpdate` | -| `podSecurityContext.enabled` | Enable phpMyAdmin pods' Security Context | `true` | -| `podSecurityContext.fsGroupChangePolicy` | Set filesystem group change policy | `Always` | -| `podSecurityContext.sysctls` | Set kernel settings using the sysctl interface | `[]` | -| `podSecurityContext.supplementalGroups` | Set filesystem extra groups | `[]` | -| `podSecurityContext.fsGroup` | User ID for the container | `1001` | -| `containerSecurityContext.enabled` | Enabled containers' Security Context | `true` | -| `containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` | -| `containerSecurityContext.runAsUser` | Set containers' Security Context runAsUser | `1001` | -| `containerSecurityContext.runAsGroup` | Set containers' Security Context runAsGroup | `1001` | -| `containerSecurityContext.runAsNonRoot` | Set container's Security Context runAsNonRoot | `true` | -| `containerSecurityContext.privileged` | Set container's Security Context privileged | `false` | -| `containerSecurityContext.readOnlyRootFilesystem` | Set container's Security Context readOnlyRootFilesystem | `true` | -| `containerSecurityContext.allowPrivilegeEscalation` | Set container's Security Context allowPrivilegeEscalation | `false` | -| `containerSecurityContext.capabilities.drop` | List of capabilities to be dropped | `["ALL"]` | -| `containerSecurityContext.seccompProfile.type` | Set container's Security Context seccomp profile | `RuntimeDefault` | -| `replicas` | Number of replicas | `1` | -| `resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if resources is set (resources is recommended for production). | `micro` | -| `resources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` | -| `startupProbe.enabled` | Enable startupProbe | `false` | -| `startupProbe.httpGet.path` | Request path for startupProbe | `/` | -| `startupProbe.httpGet.port` | Port for startupProbe | `http` | -| `startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `30` | -| `startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `30` | -| `startupProbe.failureThreshold` | Failure threshold for startupProbe | `6` | -| `startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `livenessProbe.enabled` | Enable livenessProbe | `true` | -| `livenessProbe.tcpSocket.port` | Port for livenessProbe | `http` | -| `livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `30` | -| `livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `30` | -| `livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | -| `livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `readinessProbe.enabled` | Enable readinessProbe | `true` | -| `readinessProbe.httpGet.path` | Request path for readinessProbe | `/` | -| `readinessProbe.httpGet.port` | Port for readinessProbe | `http` | -| `readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` | -| `readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `30` | -| `readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | -| `readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `customStartupProbe` | Override default startup probe | `{}` | -| `customLivenessProbe` | Override default liveness probe | `{}` | -| `customReadinessProbe` | Override default readiness probe | `{}` | -| `podLabels` | Extra labels for PhpMyAdmin pods | `{}` | -| `podAnnotations` | Annotations for PhpMyAdmin pods | `{}` | -| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `nodeAffinityPreset.key` | Node label key to match. Ignored if `affinity` is set. | `""` | -| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | -| `affinity` | Affinity for pod assignment. Evaluated as a template. | `{}` | -| `nodeSelector` | Node labels for pod assignment. Evaluated as a template. | `{}` | -| `tolerations` | Tolerations for pod assignment. Evaluated as a template. | `[]` | -| `priorityClassName` | phpmyadmin pods' priorityClassName | `""` | -| `schedulerName` | Name of the k8s scheduler (other than default) | `""` | -| `topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | -| `extraVolumes` | Optionally specify extra list of additional volumes for PhpMyAdmin pods | `[]` | -| `extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for PhpMyAdmin container(s) | `[]` | -| `initContainers` | Add init containers to the PhpMyAdmin pods | `[]` | -| `pdb.create` | Enable/disable a Pod Disruption Budget creation | `true` | -| `pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `""` | -| `pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable. Defaults to `1` if both `pdb.minAvailable` and `pdb.maxUnavailable` are empty. | `""` | -| `sidecars` | Add sidecar containers to the PhpMyAdmin pods | `[]` | - -### Traffic Exposure parameters - -| Name | Description | Value | -| ---------------------------------- | -------------------------------------------------------------------------------------------------------------------------------- | ------------------------ | -| `service.type` | Kubernetes Service type | `ClusterIP` | -| `service.ports.http` | Service HTTP port | `80` | -| `service.ports.https` | Service HTTPS port | `443` | -| `service.nodePorts.http` | Kubernetes http node port | `""` | -| `service.nodePorts.https` | Kubernetes https node port | `""` | -| `service.clusterIP` | PhpMyAdmin service clusterIP IP | `""` | -| `service.loadBalancerIP` | Load balancer IP for the phpMyAdmin Service (optional, cloud specific) | `""` | -| `service.loadBalancerSourceRanges` | Addresses that are allowed when service is LoadBalancer | `[]` | -| `service.externalTrafficPolicy` | Enable client source IP preservation | `Cluster` | -| `service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | -| `service.annotations` | Provide any additional annotations that may be required for the PhpMyAdmin service | `{}` | -| `service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | -| `service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | -| `ingress.enabled` | Set to true to enable ingress record generation | `false` | -| `ingress.apiVersion` | Force Ingress API version (automatically detected if not set) | `""` | -| `ingress.hostname` | When the ingress is enabled, a host pointing to this will be created | `phpmyadmin.local` | -| `ingress.pathType` | Ingress path type | `ImplementationSpecific` | -| `ingress.path` | Default path for the ingress record | `/` | -| `ingress.extraPaths` | An array with additional arbitrary paths that may need to be added to the ingress under the main host | `[]` | -| `ingress.annotations` | Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations. | `{}` | -| `ingress.tls` | Enable TLS configuration for the hostname defined at `ingress.hostname` parameter | `false` | -| `ingress.extraHosts` | The list of additional hostnames to be covered with this ingress record. | `[]` | -| `ingress.extraTls` | The tls configuration for additional hostnames to be covered with this ingress record. | `[]` | -| `ingress.secrets` | If you're providing your own certificates and want to manage the secret via helm, | `[]` | -| `ingress.existingSecretName` | If you're providing your own certificate and want to manage the secret yourself, | `""` | -| `ingress.ingressClassName` | IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+) | `""` | -| `ingress.extraRules` | Additional rules to be covered with this ingress record | `[]` | - -### Database parameters - -| Name | Description | Value | -| -------------------------- | ----------------------------------------------------------------- | ------- | -| `db.allowArbitraryServer` | Enable connection to arbitrary MySQL server | `true` | -| `db.port` | Database port to use to connect | `3306` | -| `db.chartName` | Database suffix if included in the same release | `""` | -| `db.host` | Database Hostname. Ignored when `db.chartName` is set. | `""` | -| `db.bundleTestDB` | Deploy a MariaDB instance for testing purposes | `false` | -| `db.enableSsl` | Enable SSL for the connection between phpMyAdmin and the database | `false` | -| `db.ssl.clientKey` | Client key file when using SSL | `""` | -| `db.ssl.clientCertificate` | Client certificate file when using SSL | `""` | -| `db.ssl.caCertificate` | CA file when using SSL | `""` | -| `db.ssl.ciphers` | List of allowable ciphers for connections when using SSL | `[]` | -| `db.ssl.verify` | Enable SSL certificate validation | `true` | -| `mariadb` | MariaDB chart configuration | `{}` | - -### Other Parameters - -| Name | Description | Value | -| --------------------------------------------- | ---------------------------------------------------------------------- | ------- | -| `serviceAccount.create` | Enable creation of ServiceAccount for PhpMyAdmin pod | `true` | -| `serviceAccount.name` | The name of the ServiceAccount to use. | `""` | -| `serviceAccount.automountServiceAccountToken` | Allows auto mount of ServiceAccountToken on the serviceAccount created | `false` | -| `serviceAccount.annotations` | Additional custom annotations for the ServiceAccount | `{}` | - -### Metrics parameters - -| Name | Description | Value | -| ------------------------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------- | -| `metrics.enabled` | Start a side-car prometheus exporter | `false` | -| `metrics.image.registry` | Apache exporter image registry | `REGISTRY_NAME` | -| `metrics.image.repository` | Apache exporter image repository | `REPOSITORY_NAME/apache-exporter` | -| `metrics.image.digest` | Apache exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `metrics.image.pullPolicy` | Image pull policy | `IfNotPresent` | -| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `metrics.resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if metrics.resources is set (metrics.resources is recommended for production). | `nano` | -| `metrics.resources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` | -| `metrics.service.type` | Prometheus metrics service type | `ClusterIP` | -| `metrics.service.port` | Prometheus metrics service port | `9117` | -| `metrics.service.annotations` | Annotations for Prometheus metrics service | `{}` | -| `metrics.service.clusterIP` | phpmyadmin service Cluster IP | `""` | -| `metrics.service.loadBalancerIP` | Load Balancer IP if the Prometheus metrics server type is `LoadBalancer` | `""` | -| `metrics.service.loadBalancerSourceRanges` | phpmyadmin service Load Balancer sources | `[]` | -| `metrics.service.externalTrafficPolicy` | phpmyadmin service external traffic policy | `Cluster` | -| `metrics.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | -| `metrics.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | -| `metrics.serviceMonitor.enabled` | Create ServiceMonitor Resource for scraping metrics using PrometheusOperator | `false` | -| `metrics.serviceMonitor.namespace` | Specify the namespace in which the serviceMonitor resource will be created | `""` | -| `metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` | -| `metrics.serviceMonitor.interval` | Specify the interval at which metrics should be scraped | `30s` | -| `metrics.serviceMonitor.scrapeTimeout` | Specify the timeout after which the scrape is ended | `""` | -| `metrics.serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping | `[]` | -| `metrics.serviceMonitor.metricRelabelings` | Specify Metric Relabelings to add to the scrape endpoint | `[]` | -| `metrics.serviceMonitor.labels` | Extra labels for the ServiceMonitor | `{}` | -| `metrics.serviceMonitor.honorLabels` | Specify honorLabels parameter to add the scrape endpoint | `false` | -| `metrics.serviceMonitor.selector` | ServiceMonitor selector labels | `{}` | - -### NetworkPolicy parameters - -| Name | Description | Value | -| --------------------------------------- | --------------------------------------------------------------- | ------ | -| `networkPolicy.enabled` | Specifies whether a NetworkPolicy should be created | `true` | -| `networkPolicy.allowExternal` | Don't require server label for connections | `true` | -| `networkPolicy.allowExternalEgress` | Allow the pod to access any range of port and all destinations. | `true` | -| `networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolicy | `[]` | -| `networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy | `[]` | -| `networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces | `{}` | -| `networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces | `{}` | - -For more information please refer to the [bitnami/phpmyadmin](https://github.com/bitnami/containers/tree/main/bitnami/phpmyadmin) image documentation. - -Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, - -```console -helm install my-release \ - --set db.host=mymariadb,db.port=3306 oci://REGISTRY_NAME/REPOSITORY_NAME/phpmyadmin -``` - -> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. - -The above command sets the phpMyAdmin to connect to a database in `mymariadb` host and `3306` port respectively. - -Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example, - -```console -helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/phpmyadmin -``` - -> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. -> **Tip**: You can use the default [values.yaml](https://github.com/bitnami/charts/tree/main/bitnami/phpmyadmin/values.yaml) - -## Troubleshooting - -Find more information about how to deal with common errors related to Bitnami's Helm charts in [this troubleshooting guide](https://docs.bitnami.com/general/how-to/troubleshoot-helm-chart-issues). - -## Upgrading - -### To 17.0.0 - -This major release bumps the MariaDB version to 11.4. Follow the [upstream instructions](https://mariadb.com/kb/en/upgrading-from-mariadb-11-3-to-mariadb-11-4/) for upgrading from MariaDB 11.3 to 11.4. No major issues are expected during the upgrade. - -### To 16.0.0 - -This major bump changes the following security defaults: - -- `runAsGroup` is changed from `0` to `1001` -- `readOnlyRootFilesystem` is set to `true` -- `resourcesPreset` is changed from `none` to the minimum size working in our test suites (NOTE: `resourcesPreset` is not meant for production usage, but `resources` adapted to your use case). -- `global.compatibility.openshift.adaptSecurityContext` is changed from `disabled` to `auto`. -- The `networkPolicy` section has been normalized amongst all Bitnami charts. Compared to the previous approach, the values section has been simplified (check the Parameters section) and now it set to `enabled=true` by default. Egress traffic is allowed by default and ingress traffic is allowed by all pods but only to the ports set in `containerPorts` and `extraContainerPorts`. - -This could potentially break any customization or init scripts used in your deployment. If this is the case, change the default values to the previous ones. - -### To 15.0.0 - -This major release bumps the MariaDB chart version to [18.x.x](https://github.com/bitnami/charts/pull/24804); no major issues are expected during the upgrade. - -### To 14.0.0 - -This major release bumps the MariaDB version to 11.2. No major issues are expected during the upgrade. - -### To 13.0.0 - -This major release bumps the MariaDB version to 11.1. No major issues are expected during the upgrade. - -### To 12.0.0 - -This major release bumps the MariaDB version to 11.0. Follow the [upstream instructions](https://mariadb.com/kb/en/upgrading-from-mariadb-10-11-to-mariadb-11-0/) for upgrading from MariaDB 10.11 to 11.0. No major issues are expected during the upgrade. - -### To 11.0.0 - -This major release bumps the MariaDB version to 10.11. Follow the [upstream instructions](https://mariadb.com/kb/en/upgrading-from-mariadb-10-6-to-mariadb-10-11/) for upgrading from MariaDB 10.6 to 10.11. No major issues are expected during the upgrade. - -### To 10.0.0 - -This major release bumps the MariaDB version to 10.6. Follow the [upstream instructions](https://mariadb.com/kb/en/upgrading-from-mariadb-105-to-mariadb-106/) for upgrading from MariaDB 10.5 to 10.6. No major issues are expected during the upgrade. - -### To 9.0.0 - -This major release renames several values in this chart and adds missing features, in order to be inline with the rest of assets in the Bitnami charts repository. - -Affected values: - -- `service.port` was deprecated. We recommend using `service.ports.http` instead. -- `service.httpsPort` was deprecated. We recommend using `service.ports.https` instead. -- `metrics.serviceMonitor.additionalLabels` renamed as `metrics.serviceMonitor.labels` - -Additionally updates the MariaDB subchart to it newest major, 10.0.0, which contains similar changes. Check [MariaDB Upgrading Notes](https://github.com/bitnami/charts/tree/main/bitnami/mariadb#to-1000) for more information. - -### To 8.0.0 - -- Chart labels were adapted to follow the [Helm charts standard labels](https://helm.sh/docs/chart_best_practices/labels/#standard-labels). - -Consequences: - -- Backwards compatibility is not guaranteed. However, you can easily workaround this issue by removing PhpMyAdmin deployment before upgrading (the following example assumes that the release name is `phpmyadmin`): - -```console -export MARIADB_ROOT_PASSWORD=$(kubectl get secret --namespace default phpmyadmin-mariadb -o jsonpath="{.data.mariadb-root-password}" | base64 -d) -export MARIADB_PASSWORD=$(kubectl get secret --namespace default phpmyadmin-mariadb -o jsonpath="{.data.mariadb-password}" | base64 -d) -kubectl delete deployments.apps phpmyadmin -helm upgrade phpmyadmin oci://REGISTRY_NAME/REPOSITORY_NAME/phpmyadmin --set mariadb.auth.rootPassword=$MARIADB_ROOT_PASSWORD,mariadb.auth.password=$MARIADB_PASSWORD -``` - -> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. - -### To 7.0.0 - -In this major there were two main changes introduced: - -1. Adaptation to Helm v2 EOL -2. Updated MariaDB dependency version - -Please read the update notes carefully. - -#### 1. Adaptation to Helm v2 EOL - -[On November 13, 2020, Helm v2 support was formally finished](https://github.com/helm/charts#status-of-the-project), this major version is the result of the required changes applied to the Helm Chart to be able to incorporate the different features added in Helm v3 and to be consistent with the Helm project itself regarding the Helm v2 EOL. - -##### What changes were introduced in this major version? - -- Previous versions of this Helm Chart use `apiVersion: v1` (installable by both Helm 2 and 3), this Helm Chart was updated to `apiVersion: v2` (installable by Helm 3 only). [Here](https://helm.sh/docs/topics/charts/#the-apiversion-field) you can find more information about the `apiVersion` field. -- Move dependency information from the *requirements.yaml* to the *Chart.yaml* -- After running `helm dependency update`, a *Chart.lock* file is generated containing the same structure used in the previous *requirements.lock* -- The different fields present in the *Chart.yaml* file has been ordered alphabetically in a homogeneous way for all the Bitnami Helm Charts - -##### Considerations when upgrading to this version - -- If you want to upgrade to this version from a previous one installed with Helm v3, you shouldn't face any issues -- If you want to upgrade to this version using Helm v2, this scenario is not supported as this version doesn't support Helm v2 anymore -- If you installed the previous version with Helm v2 and wants to upgrade to this version with Helm v3, please refer to the [official Helm documentation](https://helm.sh/docs/topics/v2_v3_migration/#migration-use-cases) about migrating from Helm v2 to v3 - -##### Useful links - -- -- -- - -#### 2. Updated MariaDB dependency version - -In this major the MariaDB dependency version was also bumped to a new major version that introduces several incompatilibites. Therefore, backwards compatibility is not guaranteed unless an external database is used. Check [MariaDB Upgrading Notes](https://github.com/bitnami/charts/tree/main/bitnami/mariadb#to-800) for more information. - -To upgrade to `7.0.0`, it should be done reusing the PVCs used to hold both the MariaDB and phpMyAdmin data on your previous release. To do so, follow the instructions below (the following example assumes that the release name is `phpmyadmin` and that `db.bundleTestDB=true` when the chart was first installed): - -> NOTE: Please, create a backup of your database before running any of those actions. The steps below would be only valid if your application (e.g. any plugins or custom code) is compatible with MariaDB 10.5.x - -Obtain the credentials and the names of the PVCs used to hold both the MariaDB and phpMyAdmin data on your current release: - -```console -export MARIADB_ROOT_PASSWORD=$(kubectl get secret --namespace default phpmyadmin-mariadb -o jsonpath="{.data.mariadb-root-password}" | base64 -d) -export MARIADB_PASSWORD=$(kubectl get secret --namespace default phpmyadmin-mariadb -o jsonpath="{.data.mariadb-password}" | base64 -d) -export MARIADB_PVC=$(kubectl get pvc -l app=mariadb,component=master,release=phpmyadmin -o jsonpath="{.items[0].metadata.name}") -``` - -Delete the phpMyAdmin deployment and delete the MariaDB statefulsets: - -```console - kubectl delete deployments.apps phpmyadmin - - kubectl delete statefulsets.apps phpmyadmin-mariadb-master - - kubectl delete statefulsets.apps phpmyadmin-mariadb-slave - -``` - -Now the upgrade works: - -```console -helm upgrade phpmyadmin oci://REGISTRY_NAME/REPOSITORY_NAME/phpmyadmin --set mariadb.primary.persistence.existingClaim=$MARIADB_PVC --set mariadb.auth.rootPassword=$MARIADB_ROOT_PASSWORD --set mariadb.auth.password=$MARIADB_PASSWORD --set db.bundleTestDB=true -``` - -> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. - -Finally, you should see the lines below in MariaDB container logs: - -```console -$ kubectl logs $(kubectl get pods -l app.kubernetes.io/instance=phpmyadmin,app.kubernetes.io/name=mariadb,app.kubernetes.io/component=primary -o jsonpath="{.items[0].metadata.name}") -... -mariadb 12:13:24.98 INFO ==> Using persisted data -mariadb 12:13:25.01 INFO ==> Running mysql_upgrade -... -``` - -### To 6.0.0 - -The [Bitnami phpMyAdmin](https://github.com/bitnami/containers/tree/main/bitnami/phpmyadmin) image was migrated to a "non-root" user approach. Previously the container ran as the `root` user and the Apache daemon was started as the `daemon` user. From now on, both the container and the Apache daemon run as user `1001`. You can revert this behavior by setting the parameters `containerSecurityContext.runAsUser` to `root`. -Chart labels and Ingress configuration were also adapted to follow the Helm charts best practices. - -Consequences: - -- The HTTP/HTTPS ports exposed by the container are now `8080/8443` instead of `80/443`. -- No writing permissions will be granted on `config.inc.php` by default. -- Backwards compatibility is not guaranteed. - -To upgrade to `6.0.0`, backup your previous MariaDB databases, install a new phpMyAdmin chart and import the MariaDB backups. - -This version also introduces `bitnami/common`, a [library chart](https://helm.sh/docs/topics/library_charts/#helm) as a dependency. More documentation about this new utility could be found [here](https://github.com/bitnami/charts/tree/main/bitnami/common#bitnami-common-library-chart). Please, make sure that you have updated the chart dependencies before executing any upgrade. - -### To 1.0.0 - -Backwards compatibility is not guaranteed unless you modify the labels used on the chart's deployments. -Use the workaround below to upgrade from versions previous to `1.0.0`. The following example assumes that the release name is `phpmyadmin`: - -```console -kubectl patch deployment phpmyadmin-phpmyadmin --type=json -p='[{"op": "remove", "path": "/spec/selector/matchLabels/chart"}]' -``` - -## License - -Copyright © 2024 Broadcom. The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. \ No newline at end of file diff --git a/charts/phpmyadmin/phpmyadmin/templates/NOTES.txt b/charts/phpmyadmin/phpmyadmin/templates/NOTES.txt deleted file mode 100644 index 5a42dd9..0000000 --- a/charts/phpmyadmin/phpmyadmin/templates/NOTES.txt +++ /dev/null @@ -1,69 +0,0 @@ -CHART NAME: {{ .Chart.Name }} -CHART VERSION: {{ .Chart.Version }} -APP VERSION: {{ .Chart.AppVersion }} - -** Please be patient while the chart is being deployed ** - -1. Get the application URL by running these commands: - -{{- if .Values.ingress.enabled }} - - You should be able to access your new phpMyAdmin installation through - - http{{ if $.Values.ingress.tls }}s{{ end }}://{{ .Values.ingress.hostname }}/ - -{{- else if eq .Values.service.type "LoadBalancer" }} - - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - Watch the status with: 'kubectl get svc --namespace {{ .Release.Namespace }} -w {{ include "common.names.fullname" . }}' - - export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "common.names.fullname" . }} --template "{{ "{{ range (index .status.loadBalancer.ingress 0) }}{{ . }}{{ end }}" }}") - {{- $port:=( coalesce .Values.service.ports.http .Values.service.port) | toString }} - echo "phpMyAdmin URL: http://$SERVICE_IP{{- if ne $port "80" }}:{{coalesce .Values.service.ports.http .Values.service.port }}{{ end }}/" - -{{- else if contains "NodePort" .Values.service.type }} - - export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.names.fullname" . }}' - export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo "phpMyAdmin URL: http://$NODE_IP:$NODE_PORT" - -{{- else if contains "ClusterIP" .Values.service.type }} - - echo "phpMyAdmin URL: http://127.0.0.1:{{coalesce .Values.service.ports.http .Values.service.port }}" - kubectl port-forward --namespace {{ .Release.Namespace }} svc/{{ template "common.names.fullname" . }} {{coalesce .Values.service.ports.http .Values.service.port }}:{{coalesce .Values.service.ports.http .Values.service.port }} - -{{- end }} - -2. How to log in -{{- if or (.Values.db.chartName) (.Values.db.host) }} - -phpMyAdmin has been configured to connect to a database in {{ if .Values.db.chartName }}{{ template "phpmyadmin.dbfullname" . }}{{ else }}{{ .Values.db.host }}{{ end }} -{{- if .Values.db.port }}with port {{ .Values.db.port }} {{ end }} -Please login using a database username and password. -{{- else if .Values.db.bundleTestDB }} -For testing purposes, phpMyAdmin has been configured to point to a test MariaDB -instance. Please login using the following credentials: - - Username: root - Password : $(kubectl get secret --namespace {{ .Release.Namespace }} {{ template "phpmyadmin.mariadb.fullname" . }} -o jsonpath="{.data.mariadb-root-password}" | base64 -d) - -{{- else }} -phpMyAdmin has not been configure to point to a specific database. Please provide the db host, -username and password at log in or upgrade the release with a specific database: - -$ helm upgrade {{ .Release.Name }} oci://registry-1.docker.io/bitnamicharts/phpmyadmin --set db.host=mydb - -{{- end }} - -{{- include "phpmyadmin.validateValues" . -}} -{{- include "phpmyadmin.checkRollingTags" . -}} - -{{- $passwordValidationErrors := list -}} -{{- if .Values.mariadb.enabled }} - {{- $mariadbSecretName := include "magento.databaseSecretName" . -}} - {{- $mariadbPasswordValidationErrors := include "common.validations.values.mariadb.passwords" (dict "secret" $mariadbSecretName "subchart" true "context" $) -}} - {{- $passwordValidationErrors = append $passwordValidationErrors $mariadbPasswordValidationErrors -}} -{{- end }} -{{- include "common.errors.upgrade.passwords.empty" (dict "validationErrors" $passwordValidationErrors "context" $) -}} -{{- include "common.warnings.resources" (dict "sections" (list "metrics" "") "context" $) }} -{{- include "common.warnings.modifiedImages" (dict "images" (list .Values.image .Values.metrics.image) "context" $) }} \ No newline at end of file diff --git a/charts/phpmyadmin/phpmyadmin/templates/_helpers.tpl b/charts/phpmyadmin/phpmyadmin/templates/_helpers.tpl deleted file mode 100644 index 064a7bc..0000000 --- a/charts/phpmyadmin/phpmyadmin/templates/_helpers.tpl +++ /dev/null @@ -1,86 +0,0 @@ -{{/* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{/* vim: set filetype=mustache: */}} - -{{/* -Return the proper PHPMyAdmin image name -*/}} -{{- define "phpmyadmin.image" -}} -{{ include "common.images.image" (dict "imageRoot" .Values.image "global" .Values.global) }} -{{- end -}} - -{{/* -Return the proper image name (for the metrics image) -*/}} -{{- define "phpmyadmin.metrics.image" -}} -{{ include "common.images.image" (dict "imageRoot" .Values.metrics.image "global" .Values.global) }} -{{- end -}} - -{{/* -Return the proper Docker Image Registry Secret Names -*/}} -{{- define "phpmyadmin.imagePullSecrets" -}} -{{- include "common.images.pullSecrets" (dict "images" (list .Values.image .Values.metrics.image) "global" .Values.global) -}} -{{- end -}} - -{{/* - Create the name of the service account to use - */}} -{{- define "phpmyadmin.serviceAccountName" -}} -{{- if .Values.serviceAccount.create -}} - {{ default (include "common.names.fullname" .) .Values.serviceAccount.name }} -{{- else -}} - {{ default "default" .Values.serviceAccount.name }} -{{- end -}} -{{- end -}} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -*/}} -{{- define "phpmyadmin.mariadb.fullname" -}} -{{- printf "%s-%s" .Release.Name "mariadb" | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create a fully qualified database name if the database is part of the same release than phpmyadmin. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -*/}} -{{- define "phpmyadmin.dbfullname" -}} -{{- printf "%s-%s" .Release.Name .Values.db.chartName | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Compile all warnings into a single message, and call fail. -*/}} -{{- define "phpmyadmin.validateValues" -}} -{{- $messages := list -}} -{{- $messages := append $messages (include "phpmyadmin.validateValues.db.ssl" .) -}} -{{- $messages := without $messages "" -}} -{{- $message := join "\n" $messages -}} - -{{- if $message -}} -{{- printf "\nVALUES VALIDATION:\n%s" $message | fail -}} -{{- end -}} -{{- end -}} - -{{/* Validate values of phpMyAdmin - must provide a valid database ssl configuration */}} -{{- define "phpmyadmin.validateValues.db.ssl" -}} -{{- if and .Values.db.enableSsl (empty .Values.db.ssl.clientKey) (empty .Values.db.ssl.clientCertificate) (empty .Values.db.ssl.caCertificate) -}} -phpMyAdmin: db.ssl - Invalid database ssl configuration. You enabled SSL for the connection - between phpMyAdmin and the database but no key/certificates were provided - (--set db.ssl.clientKey="xxxx", --set db.ssl.clientCertificate="yyyy") -{{- end -}} -{{- end -}} - -{{/* -Check if there are rolling tags in the images -*/}} -{{- define "phpmyadmin.checkRollingTags" -}} -{{- include "common.warnings.rollingTag" .Values.image }} -{{- include "common.warnings.rollingTag" .Values.metrics.image }} -{{- end -}} diff --git a/charts/phpmyadmin/phpmyadmin/templates/certs.yaml b/charts/phpmyadmin/phpmyadmin/templates/certs.yaml deleted file mode 100644 index 6fb29a5..0000000 --- a/charts/phpmyadmin/phpmyadmin/templates/certs.yaml +++ /dev/null @@ -1,27 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if .Values.db.enableSsl }} -apiVersion: v1 -kind: Secret -metadata: - name: {{ printf "%s-certs" (include "common.names.fullname" .) }} - namespace: {{ .Release.Namespace | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -type: Opaque -data: - {{- if not (empty .Values.db.ssl.clientKey) }} - server_key.pem: {{ .Values.db.ssl.clientKey | b64enc | quote }} - {{- end }} - {{- if not (empty .Values.db.ssl.clientCertificate) }} - server_certificate.pem: {{ .Values.db.ssl.clientCertificate | b64enc | quote }} - {{- end }} - {{- if not (empty .Values.db.ssl.caCertificate) }} - ca_certificate.pem: {{ .Values.db.ssl.caCertificate | b64enc | quote }} - {{- end }} -{{- end }} diff --git a/charts/phpmyadmin/phpmyadmin/templates/deployment.yaml b/charts/phpmyadmin/phpmyadmin/templates/deployment.yaml deleted file mode 100644 index ba88865..0000000 --- a/charts/phpmyadmin/phpmyadmin/templates/deployment.yaml +++ /dev/null @@ -1,306 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -apiVersion: {{ include "common.capabilities.deployment.apiVersion" . }} -kind: Deployment -metadata: - name: {{ template "common.names.fullname" . }} - namespace: {{ .Release.Namespace | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -spec: - {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.podLabels .Values.commonLabels ) "context" . ) }} - selector: - matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }} - replicas: {{ .Values.replicas }} - strategy: {{- include "common.tplvalues.render" (dict "value" .Values.updateStrategy "context" $ ) | nindent 4 }} - template: - metadata: - labels: {{- include "common.labels.standard" ( dict "customLabels" $podLabels "context" $ ) | nindent 8 }} - {{- if or .Values.podAnnotations (and .Values.metrics.enabled .Values.metrics.podAnnotations) }} - annotations: - {{- if .Values.podAnnotations }} - {{- include "common.tplvalues.render" ( dict "value" .Values.podAnnotations "context" $) | nindent 8 }} - {{- end }} - {{- if and .Values.metrics.enabled .Values.metrics.podAnnotations }} - {{- include "common.tplvalues.render" ( dict "value" .Values.metrics.podAnnotations "context" $) | nindent 8 }} - {{- end }} - {{- end }} - spec: - {{- include "phpmyadmin.imagePullSecrets" . | nindent 6 }} - automountServiceAccountToken: {{ .Values.automountServiceAccountToken }} - {{- if .Values.hostAliases }} - # yamllint disable rule:indentation - hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.hostAliases "context" $) | nindent 8 }} - # yamllint enable rule:indentation - {{- end }} - {{- if .Values.affinity }} - affinity: {{- include "common.tplvalues.render" ( dict "value" .Values.affinity "context" $) | nindent 8 }} - {{- else }} - affinity: - podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.podAffinityPreset "customLabels" $podLabels "context" $) | nindent 10 }} - podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.podAntiAffinityPreset "customLabels" $podLabels "context" $) | nindent 10 }} - nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.nodeAffinityPreset.type "key" .Values.nodeAffinityPreset.key "values" .Values.nodeAffinityPreset.values) | nindent 10 }} - {{- end }} - {{- if .Values.schedulerName }} - schedulerName: {{ .Values.schedulerName }} - {{- end }} - {{- if .Values.topologySpreadConstraints }} - topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.topologySpreadConstraints "context" .) | nindent 8 }} - {{- end }} - priorityClassName: {{ .Values.priorityClassName | quote }} - {{- if .Values.nodeSelector }} - nodeSelector: {{- include "common.tplvalues.render" ( dict "value" .Values.nodeSelector "context" $) | nindent 8 }} - {{- end }} - {{- if .Values.tolerations }} - tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.tolerations "context" .) | nindent 8 }} - {{- end }} - {{- if .Values.podSecurityContext.enabled }} - securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.podSecurityContext "context" $) | nindent 8 }} - {{- end }} - {{- if .Values.serviceAccount.create }} - serviceAccountName: {{ template "phpmyadmin.serviceAccountName" . }} - {{- end }} - initContainers: - - name: prepare-base-dir - image: {{ include "phpmyadmin.image" . }} - imagePullPolicy: {{ .Values.image.pullPolicy | quote }} - {{- if .Values.resources }} - resources: {{- toYaml .Values.resources | nindent 12 }} - {{- else if ne .Values.resourcesPreset "none" }} - resources: {{- include "common.resources.preset" (dict "type" .Values.resourcesPreset) | nindent 12 }} - {{- end }} - {{- if .Values.containerSecurityContext.enabled }} - securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.containerSecurityContext "context" $) | nindent 12 }} - {{- end }} - command: - - /bin/bash - args: - - -ec - - | - #!/bin/bash - - . /opt/bitnami/scripts/liblog.sh - . /opt/bitnami/scripts/libfs.sh - - info "Copying base dir to empty dir" - # In order to not break the application functionality (such as upgrades or plugins) we need - # to make the base directory writable, so we need to copy it to an empty dir volume - cp -r --preserve=mode /opt/bitnami/phpmyadmin /emptydir/app-base-dir - - info "Copying symlinks to stdout/stderr" - # We copy the logs folder because it has symlinks to stdout and stderr - if ! is_dir_empty /opt/bitnami/apache/logs; then - cp -r /opt/bitnami/apache/logs /emptydir/apache-logs-dir - fi - info "Copying php var directory" - # PhpMyAdmin will fail to start if the php var folder is not populated - if ! is_dir_empty /opt/bitnami/php/var; then - cp -r /opt/bitnami/php/var /emptydir/php-var-dir - fi - info "Copy operation completed" - volumeMounts: - - name: empty-dir - mountPath: /emptydir - {{- if .Values.initContainers }} - {{- include "common.tplvalues.render" (dict "value" .Values.initContainers "context" $) | nindent 8 }} - {{- end }} - containers: - - name: {{ .Chart.Name }} - image: {{ template "phpmyadmin.image" . }} - imagePullPolicy: {{ .Values.image.pullPolicy }} - {{- if .Values.containerSecurityContext.enabled }} - securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.containerSecurityContext "context" $) | nindent 12 }} - {{- end }} - {{- if .Values.command }} - command: {{- include "common.tplvalues.render" (dict "value" .Values.command "context" $) | nindent 12 }} - {{- end }} - {{- if .Values.args }} - args: {{- include "common.tplvalues.render" (dict "value" .Values.args "context" $) | nindent 12 }} - {{- end }} - {{- if .Values.lifecycleHooks }} - lifecycle: {{- include "common.tplvalues.render" (dict "value" .Values.lifecycleHooks "context" $) | nindent 12 }} - {{- end }} - env: - - name: BITNAMI_DEBUG - value: {{ ternary "true" "false" .Values.image.debug | quote }} - - name: DATABASE_PORT_NUMBER - value: {{ .Values.db.port | quote }} - {{- if .Values.db.chartName }} - - name: DATABASE_HOST - value: {{ (include "phpmyadmin.dbfullname" .) | quote }} - {{- else if .Values.db.bundleTestDB }} - - name: DATABASE_HOST - value: {{ (include "phpmyadmin.mariadb.fullname" .) | quote }} - {{- else }} - - name: DATABASE_HOST - value: {{ .Values.db.host | quote }} - {{- end }} - {{- if and (not .Values.db.chartName) (not .Values.db.host) }} - - name: PHPMYADMIN_ALLOW_NO_PASSWORD - value: "true" - - name: PHPMYADMIN_ALLOW_ARBITRARY_SERVER - value: {{ .Values.db.allowArbitraryServer | quote }} - {{- else }} - - name: PHPMYADMIN_ALLOW_NO_PASSWORD - value: "false" - {{- end }} - - name: DATABASE_ENABLE_SSL - value: {{ ternary "yes" "no" .Values.db.enableSsl | quote }} - {{- if .Values.db.enableSsl }} - {{- if not (empty .Values.db.ssl.clientKey) }} - - name: DATABASE_SSL_KEY - value: "/db_certs/server_key.pem" - {{- end }} - {{- if not (empty .Values.db.ssl.clientCertificate) }} - - name: DATABASE_SSL_CERT - value: "/db_certs/server_certificate.pem" - {{- end }} - {{- if not (empty .Values.db.ssl.caCertificate) }} - - name: DATABASE_SSL_CA - value: "/db_certs/ca_certificate.pem" - {{- end }} - {{- if .Values.db.ssl.ciphers }} - - name: DATABASE_SSL_CIPHERS - values: {{ .Values.db.ssl.ciphers | quote }} - {{- end }} - - name: DATABASE_SSL_VERIFY - value: {{ ternary "yes" "no" .Values.db.ssl.verify | quote }} - {{- end }} - {{- if .Values.extraEnvVars }} - {{- include "common.tplvalues.render" (dict "value" .Values.extraEnvVars "context" $) | nindent 12 }} - {{- end }} - {{- if or .Values.extraEnvVarsCM .Values.extraEnvVarsSecret }} - envFrom: - {{- if .Values.extraEnvVarsCM }} - - configMapRef: - name: {{ include "common.tplvalues.render" (dict "value" .Values.extraEnvVarsCM "context" $) }} - {{- end }} - {{- if .Values.extraEnvVarsSecret }} - - secretRef: - name: {{ include "common.tplvalues.render" (dict "value" .Values.extraEnvVarsSecret "context" $) }} - {{- end }} - {{- end }} - ports: - - name: http - containerPort: {{ .Values.containerPorts.http }} - protocol: TCP - - name: https - containerPort: {{ .Values.containerPorts.https }} - protocol: TCP - {{- if .Values.extraContainerPorts }} - {{- include "common.tplvalues.render" (dict "value" .Values.extraContainerPorts "context" $) | nindent 12 }} - {{- end }} - {{- if .Values.customStartupProbe }} - startupProbe: {{- include "common.tplvalues.render" (dict "value" .Values.customStartupProbe "context" $) | nindent 12 }} - {{- else if .Values.startupProbe.enabled }} - startupProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.startupProbe "enabled") "context" $) | nindent 12 }} - {{- end }} - {{- if .Values.customLivenessProbe }} - livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.customLivenessProbe "context" $) | nindent 12 }} - {{- else if .Values.livenessProbe.enabled }} - livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.livenessProbe "enabled") "context" $) | nindent 12 }} - {{- end }} - {{- if .Values.customReadinessProbe }} - readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.customReadinessProbe "context" $) | nindent 12 }} - {{- else if .Values.readinessProbe.enabled }} - readinessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.readinessProbe "enabled") "context" $) | nindent 12 }} - {{- end }} - {{- if .Values.resources }} - resources: {{- toYaml .Values.resources | nindent 12 }} - {{- else if ne .Values.resourcesPreset "none" }} - resources: {{- include "common.resources.preset" (dict "type" .Values.resourcesPreset) | nindent 12 }} - {{- end }} - volumeMounts: - - name: empty-dir - mountPath: /opt/bitnami/apache/conf - subPath: apache-conf-dir - - name: empty-dir - mountPath: /opt/bitnami/apache/logs - subPath: apache-logs-dir - - name: empty-dir - mountPath: /opt/bitnami/apache/var/run - subPath: apache-tmp-dir - - name: empty-dir - mountPath: /opt/bitnami/php/etc - subPath: php-conf-dir - - name: empty-dir - mountPath: /opt/bitnami/php/tmp - subPath: php-tmp-dir - - name: empty-dir - mountPath: /opt/bitnami/php/var - subPath: php-var-dir - - name: empty-dir - mountPath: /tmp - subPath: tmp-dir - - name: empty-dir - mountPath: /opt/bitnami/phpmyadmin - subPath: app-base-dir - {{- if .Values.db.enableSsl }} - - name: ssl-certs - mountPath: /db_certs - {{- end }} - {{- if .Values.extraVolumeMounts }} - {{- include "common.tplvalues.render" (dict "value" .Values.extraVolumeMounts "context" $) | nindent 12 }} - {{- end }} - {{- if .Values.metrics.enabled }} - - name: metrics - image: {{ template "phpmyadmin.metrics.image" . }} - imagePullPolicy: {{ .Values.metrics.image.pullPolicy | quote }} - command: ['/bin/apache_exporter', '--scrape_uri', 'http://status.localhost:8080/server-status/?auto'] - ports: - - name: metrics - containerPort: 9117 - livenessProbe: - httpGet: - path: /metrics - port: metrics - initialDelaySeconds: 15 - timeoutSeconds: 5 - readinessProbe: - httpGet: - path: /metrics - port: metrics - initialDelaySeconds: 5 - timeoutSeconds: 1 - {{- if .Values.metrics.resources }} - resources: {{- toYaml .Values.metrics.resources | nindent 12 }} - {{- else if ne .Values.metrics.resourcesPreset "none" }} - resources: {{- include "common.resources.preset" (dict "type" .Values.metrics.resourcesPreset) | nindent 12 }} - {{- end }} - volumeMounts: - - name: empty-dir - mountPath: /tmp - subPath: tmp-dir - {{- end }} - {{- if .Values.sidecars }} - {{- include "common.tplvalues.render" ( dict "value" .Values.sidecars "context" $) | nindent 8 }} - {{- end }} - volumes: - - name: empty-dir - emptyDir: {} - {{- if .Values.db.enableSsl }} - - name: ssl-certs - secret: - secretName: {{ printf "%s-certs" (include "common.names.fullname" .) }} - items: - {{- if not (empty .Values.db.ssl.clientKey) }} - - key: server_key.pem - path: server_key.pem - {{- end }} - {{- if not (empty .Values.db.ssl.clientCertificate) }} - - key: server_certificate.pem - path: server_certificate.pem - {{- end }} - {{- if not (empty .Values.db.ssl.caCertificate) }} - - key: ca_certificate.pem - path: ca_certificate.pem - {{- end }} - {{- end }} - {{- if .Values.extraVolumes }} - {{- include "common.tplvalues.render" (dict "value" .Values.extraVolumes "context" $) | nindent 8 }} - {{- end }} diff --git a/charts/phpmyadmin/phpmyadmin/templates/extra-list.yaml b/charts/phpmyadmin/phpmyadmin/templates/extra-list.yaml deleted file mode 100644 index 329f5c6..0000000 --- a/charts/phpmyadmin/phpmyadmin/templates/extra-list.yaml +++ /dev/null @@ -1,9 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- range .Values.extraDeploy }} ---- -{{ include "common.tplvalues.render" (dict "value" . "context" $) }} -{{- end }} diff --git a/charts/phpmyadmin/phpmyadmin/templates/ingress.yaml b/charts/phpmyadmin/phpmyadmin/templates/ingress.yaml deleted file mode 100644 index 278b7e9..0000000 --- a/charts/phpmyadmin/phpmyadmin/templates/ingress.yaml +++ /dev/null @@ -1,65 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if .Values.ingress.enabled }} -apiVersion: {{ include "common.capabilities.ingress.apiVersion" . }} -kind: Ingress -metadata: - name: {{ template "common.names.fullname" . }} - namespace: {{ .Release.Namespace | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- if or .Values.ingress.annotations .Values.commonAnnotations .Values.ingress.certManager }} - annotations: - {{- if .Values.ingress.certManager }} - kubernetes.io/tls-acme: "true" - {{- end }} - {{- if or .Values.ingress.annotations .Values.commonAnnotations }} - {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.ingress.annotations .Values.commonAnnotations ) "context" . ) }} - {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} - {{- end }} - {{- end }} -spec: - {{- if and .Values.ingress.ingressClassName (eq "true" (include "common.ingress.supportsIngressClassname" .)) }} - ingressClassName: {{ .Values.ingress.ingressClassName | quote }} - {{- end }} - rules: - {{- if .Values.ingress.hostname }} - - host: {{ .Values.ingress.hostname }} - http: - paths: - {{- if .Values.ingress.extraPaths }} - {{- toYaml .Values.ingress.extraPaths | nindent 10 }} - {{- end }} - - path: {{ .Values.ingress.path }} - {{- if eq "true" (include "common.ingress.supportsPathType" .) }} - pathType: {{ .Values.ingress.pathType }} - {{- end }} - backend: {{- include "common.ingress.backend" (dict "serviceName" (include "common.names.fullname" .) "servicePort" "http" "context" $) | nindent 14 }} - {{- end }} - {{- range .Values.ingress.extraHosts }} - - host: {{ .name | quote }} - http: - paths: - - path: {{ default "/" .path }} - {{- if eq "true" (include "common.ingress.supportsPathType" $) }} - pathType: {{ default "ImplementationSpecific" .pathType }} - {{- end }} - backend: {{- include "common.ingress.backend" (dict "serviceName" (include "common.names.fullname" $) "servicePort" "http" "context" $) | nindent 14 }} - {{- end }} - {{- if .Values.ingress.extraRules }} - {{- include "common.tplvalues.render" (dict "value" .Values.ingress.extraRules "context" $) | nindent 4 }} - {{- end }} - {{- if or .Values.ingress.tls .Values.ingress.extraTls }} - tls: - {{- if .Values.ingress.tls }} - - hosts: - - {{ .Values.ingress.hostname }} - secretName: {{ .Values.ingress.existingSecretName | default (printf "%s-tls" .Values.ingress.hostname) }} - {{- end }} - {{- if .Values.ingress.extraTls }} - {{- include "common.tplvalues.render" ( dict "value" .Values.ingress.extraTls "context" $ ) | nindent 4 }} - {{- end }} - {{- end }} -{{- end }} diff --git a/charts/phpmyadmin/phpmyadmin/templates/metrics-svc.yaml b/charts/phpmyadmin/phpmyadmin/templates/metrics-svc.yaml deleted file mode 100644 index dbd012c..0000000 --- a/charts/phpmyadmin/phpmyadmin/templates/metrics-svc.yaml +++ /dev/null @@ -1,45 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if .Values.metrics.enabled }} -apiVersion: v1 -kind: Service -metadata: - name: {{ printf "%s-metrics" (include "common.names.fullname" .) }} - namespace: {{ .Release.Namespace | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - app.kubernetes.io/component: metrics - {{- if or .Values.metrics.service.annotations .Values.commonAnnotations }} - {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.metrics.service.annotations .Values.commonAnnotations ) "context" . ) }} - annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} - {{- end }} -spec: - type: {{ .Values.metrics.service.type }} - {{- if and .Values.metrics.service.clusterIP (eq .Values.metrics.service.type "ClusterIP") }} - clusterIP: {{ .Values.metrics.service.clusterIP }} - {{- end }} - {{- if (or (eq .Values.metrics.service.type "LoadBalancer") (eq .Values.metrics.service.type "NodePort")) }} - externalTrafficPolicy: {{ .Values.metrics.service.externalTrafficPolicy | quote }} - {{- end }} - {{- if eq .Values.metrics.service.type "LoadBalancer" }} - loadBalancerSourceRanges: {{ .Values.metrics.service.loadBalancerSourceRanges }} - {{- end }} - {{- if (and (eq .Values.metrics.service.type "LoadBalancer") (not (empty .Values.metrics.service.loadBalancerIP))) }} - loadBalancerIP: {{ .Values.metrics.service.loadBalancerIP }} - {{- end }} - {{- if .Values.metrics.service.sessionAffinity }} - sessionAffinity: {{ .Values.metrics.service.sessionAffinity }} - {{- end }} - {{- if .Values.metrics.service.sessionAffinityConfig }} - sessionAffinityConfig: {{- include "common.tplvalues.render" (dict "value" .Values.metrics.service.sessionAffinityConfig "context" $) | nindent 4 }} - {{- end }} - ports: - - port: {{ .Values.metrics.service.port }} - targetPort: metrics - protocol: TCP - name: metrics - {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.podLabels .Values.commonLabels ) "context" . ) }} - selector: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 4 }} -{{- end }} diff --git a/charts/phpmyadmin/phpmyadmin/templates/networkpolicy.yaml b/charts/phpmyadmin/phpmyadmin/templates/networkpolicy.yaml deleted file mode 100644 index cc38767..0000000 --- a/charts/phpmyadmin/phpmyadmin/templates/networkpolicy.yaml +++ /dev/null @@ -1,80 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if .Values.networkPolicy.enabled }} -kind: NetworkPolicy -apiVersion: {{ include "common.capabilities.networkPolicy.apiVersion" . }} -metadata: - name: {{ template "common.names.fullname" . }} - namespace: {{ include "common.names.namespace" . | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -spec: - {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.podLabels .Values.commonLabels ) "context" . ) }} - podSelector: - matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }} - policyTypes: - - Ingress - - Egress - {{- if .Values.networkPolicy.allowExternalEgress }} - egress: - - {} - {{- else }} - egress: - # Allow dns resolution - - ports: - - port: 53 - protocol: UDP - - port: 53 - protocol: TCP - # Allow outbound connections to MariaDB - - ports: - - port: {{ .Values.db.port }} - {{- if .Values.db.bundleTestDB }} - to: - - podSelector: - matchLabels: - app.kubernetes.io/name: mariadb - app.kubernetes.io/instance: {{ .Release.Name }} - {{- end }} - {{- if .Values.networkPolicy.extraEgress }} - {{- include "common.tplvalues.render" ( dict "value" .Values.networkPolicy.extraEgress "context" $ ) | nindent 4 }} - {{- end }} - {{- end }} - ingress: - - ports: - - port: {{ .Values.containerPorts.http }} - - port: {{ .Values.containerPorts.https }} - {{- range .Values.extraContainerPorts }} - - port: {{ . }} - {{- end }} - {{- if not .Values.networkPolicy.allowExternal }} - from: - - podSelector: - matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 14 }} - - podSelector: - matchLabels: - {{ template "common.names.fullname" . }}-client: "true" - {{- if .Values.networkPolicy.ingressNSMatchLabels }} - - namespaceSelector: - matchLabels: - {{- range $key, $value := .Values.networkPolicy.ingressNSMatchLabels }} - {{ $key | quote }}: {{ $value | quote }} - {{- end }} - {{- if .Values.networkPolicy.ingressNSPodMatchLabels }} - podSelector: - matchLabels: - {{- range $key, $value := .Values.networkPolicy.ingressNSPodMatchLabels }} - {{ $key | quote }}: {{ $value | quote }} - {{- end }} - {{- end }} - {{- end }} - {{- end }} - {{- if .Values.networkPolicy.extraIngress }} - {{- include "common.tplvalues.render" ( dict "value" .Values.networkPolicy.extraIngress "context" $ ) | nindent 4 }} - {{- end }} -{{- end }} diff --git a/charts/phpmyadmin/phpmyadmin/templates/pdb.yaml b/charts/phpmyadmin/phpmyadmin/templates/pdb.yaml deleted file mode 100644 index b17ff44..0000000 --- a/charts/phpmyadmin/phpmyadmin/templates/pdb.yaml +++ /dev/null @@ -1,26 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if .Values.pdb.create }} -apiVersion: {{ include "common.capabilities.policy.apiVersion" . }} -kind: PodDisruptionBudget -metadata: - name: {{ include "common.names.fullname" . }} - namespace: {{ include "common.names.namespace" . | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -spec: - {{- if .Values.pdb.minAvailable }} - minAvailable: {{ .Values.pdb.minAvailable }} - {{- end }} - {{- if or .Values.pdb.maxUnavailable ( not .Values.pdb.minAvailable ) }} - maxUnavailable: {{ .Values.pdb.maxUnavailable | default 1 }} - {{- end }} - {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.podLabels .Values.commonLabels ) "context" . ) }} - selector: - matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }} -{{- end }} diff --git a/charts/phpmyadmin/phpmyadmin/templates/service.yaml b/charts/phpmyadmin/phpmyadmin/templates/service.yaml deleted file mode 100644 index a447a80..0000000 --- a/charts/phpmyadmin/phpmyadmin/templates/service.yaml +++ /dev/null @@ -1,59 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -apiVersion: v1 -kind: Service -metadata: - name: {{ template "common.names.fullname" . }} - namespace: {{ .Release.Namespace | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- if or .Values.service.annotations .Values.commonAnnotations }} - {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.service.annotations .Values.commonAnnotations ) "context" . ) }} - annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} - {{- end }} -spec: - type: {{ .Values.service.type }} - {{- if and .Values.service.clusterIP (eq .Values.service.type "ClusterIP") }} - clusterIP: {{ .Values.service.clusterIP }} - {{- end }} - {{- if or (eq .Values.service.type "LoadBalancer") (eq .Values.service.type "NodePort") }} - externalTrafficPolicy: {{ .Values.service.externalTrafficPolicy | quote }} - {{- end }} - {{- if and (eq .Values.service.type "LoadBalancer") .Values.service.loadBalancerSourceRanges }} - loadBalancerSourceRanges: {{- toYaml .Values.service.loadBalancerSourceRanges | nindent 4 }} - {{- end }} - {{- if (and (eq .Values.service.type "LoadBalancer") (not (empty .Values.service.loadBalancerIP))) }} - loadBalancerIP: {{ .Values.service.loadBalancerIP }} - {{- end }} - {{- if .Values.service.sessionAffinity }} - sessionAffinity: {{ .Values.service.sessionAffinity }} - {{- end }} - {{- if .Values.service.sessionAffinityConfig }} - sessionAffinityConfig: {{- include "common.tplvalues.render" (dict "value" .Values.service.sessionAffinityConfig "context" $) | nindent 4 }} - {{- end }} - ports: - - name: http - port: {{ coalesce .Values.service.ports.http .Values.service.port }} - protocol: TCP - targetPort: http - {{- if (and (or (eq .Values.service.type "NodePort") (eq .Values.service.type "LoadBalancer")) (not (empty .Values.service.nodePorts.http))) }} - nodePort: {{ .Values.service.nodePorts.http }} - {{- else if eq .Values.service.type "ClusterIP" }} - nodePort: null - {{- end }} - - name: https - port: {{ coalesce .Values.service.ports.https .Values.service.httpsPort }} - protocol: TCP - targetPort: https - {{- if (and (or (eq .Values.service.type "NodePort") (eq .Values.service.type "LoadBalancer")) (not (empty .Values.service.nodePorts.https))) }} - nodePort: {{ .Values.service.nodePorts.https }} - {{- else if eq .Values.service.type "ClusterIP" }} - nodePort: null - {{- end }} - {{- if .Values.service.extraPorts }} - {{- include "common.tplvalues.render" (dict "value" .Values.service.extraPorts "context" $) | nindent 4 }} - {{- end }} - {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.podLabels .Values.commonLabels ) "context" . ) }} - selector: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 4 }} diff --git a/charts/phpmyadmin/phpmyadmin/templates/serviceaccount.yaml b/charts/phpmyadmin/phpmyadmin/templates/serviceaccount.yaml deleted file mode 100644 index 65ee3fc..0000000 --- a/charts/phpmyadmin/phpmyadmin/templates/serviceaccount.yaml +++ /dev/null @@ -1,18 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if .Values.serviceAccount.create }} -apiVersion: v1 -kind: ServiceAccount -automountServiceAccountToken: {{ .Values.serviceAccount.automountServiceAccountToken }} -metadata: - name: {{ template "phpmyadmin.serviceAccountName" . }} - namespace: {{ .Release.Namespace | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- if or .Values.serviceAccount.annotations .Values.commonAnnotations }} - {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.serviceAccount.annotations .Values.commonAnnotations ) "context" . ) }} - annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} - {{- end }} -{{- end }} diff --git a/charts/phpmyadmin/phpmyadmin/templates/servicemonitor.yaml b/charts/phpmyadmin/phpmyadmin/templates/servicemonitor.yaml deleted file mode 100644 index f287d34..0000000 --- a/charts/phpmyadmin/phpmyadmin/templates/servicemonitor.yaml +++ /dev/null @@ -1,46 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if and .Values.metrics.enabled .Values.metrics.serviceMonitor.enabled }} -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: {{ include "common.names.fullname" . }} - namespace: {{ default .Release.Namespace .Values.metrics.serviceMonitor.namespace }} - {{- $labels := include "common.tplvalues.merge" ( dict "values" ( list .Values.metrics.serviceMonitor.labels .Values.commonLabels ) "context" . ) }} - labels: {{- include "common.labels.standard" ( dict "customLabels" $labels "context" $ ) | nindent 4 }} - app.kubernetes.io/component: metrics - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -spec: - jobLabel: {{ .Values.metrics.serviceMonitor.jobLabel | quote }} - endpoints: - - port: metrics - {{- if .Values.metrics.serviceMonitor.interval }} - interval: {{ .Values.metrics.serviceMonitor.interval }} - {{- end }} - {{- if .Values.metrics.serviceMonitor.scrapeTimeout }} - scrapeTimeout: {{ .Values.metrics.serviceMonitor.scrapeTimeout }} - {{- end }} - {{- if .Values.metrics.serviceMonitor.honorLabels }} - honorLabels: {{ .Values.metrics.serviceMonitor.honorLabels }} - {{- end }} - {{- if .Values.metrics.serviceMonitor.metricRelabelings }} - metricRelabelings: {{- include "common.tplvalues.render" ( dict "value" .Values.metrics.serviceMonitor.metricRelabelings "context" $) | nindent 8 }} - {{- end }} - {{- if .Values.metrics.serviceMonitor.relabelings }} - relabelings: {{- include "common.tplvalues.render" ( dict "value" .Values.metrics.serviceMonitor.relabelings "context" $) | nindent 8 }} - {{- end }} - namespaceSelector: - matchNames: - - {{ .Release.Namespace | quote }} - selector: - matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 6 }} - app.kubernetes.io/component: metrics - {{- if .Values.metrics.serviceMonitor.selector }} - {{- include "common.tplvalues.render" (dict "value" .Values.metrics.serviceMonitor.selector "context" $) | nindent 6 }} - {{- end }} -{{- end }} diff --git a/charts/phpmyadmin/phpmyadmin/templates/tls-secrets.yaml b/charts/phpmyadmin/phpmyadmin/templates/tls-secrets.yaml deleted file mode 100644 index bb0a81e..0000000 --- a/charts/phpmyadmin/phpmyadmin/templates/tls-secrets.yaml +++ /dev/null @@ -1,43 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if and .Values.ingress.enabled (not .Values.ingress.existingSecretName) }} -{{- if .Values.ingress.secrets }} -{{- range .Values.ingress.secrets }} -apiVersion: v1 -kind: Secret -metadata: - name: {{ .name }} - namespace: {{ $.Release.Namespace | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" $.Values.commonLabels "context" $ ) | nindent 4 }} - {{- if $.Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" $.Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -type: kubernetes.io/tls -data: - tls.crt: {{ .certificate | b64enc }} - tls.key: {{ .key | b64enc }} ---- -{{- end }} -{{- else if and .Values.ingress.tls (and (not (hasKey .Values.ingress.annotations "cert-manager.io/cluster-issuer")) (not .Values.ingress.certManager)) }} -{{- $secretName := printf "%s-tls" .Values.ingress.hostname }} -{{- $ca := genCA "phpmyadmin-ca" 365 }} -{{- $cert := genSignedCert .Values.ingress.hostname nil (list .Values.ingress.hostname) 365 $ca }} -apiVersion: v1 -kind: Secret -metadata: - name: {{ $secretName }} - namespace: {{ .Release.Namespace | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -type: kubernetes.io/tls -data: - tls.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.crt" "defaultValue" $cert.Cert "context" $) }} - tls.key: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.key" "defaultValue" $cert.Key "context" $) }} - ca.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "ca.crt" "defaultValue" $ca.Cert "context" $) }} -{{- end }} -{{- end }} diff --git a/charts/phpmyadmin/phpmyadmin/values.yaml b/charts/phpmyadmin/phpmyadmin/values.yaml deleted file mode 100644 index 883192e..0000000 --- a/charts/phpmyadmin/phpmyadmin/values.yaml +++ /dev/null @@ -1,803 +0,0 @@ -# Copyright Broadcom, Inc. All Rights Reserved. -# SPDX-License-Identifier: APACHE-2.0 - -## @section Global parameters -## Global Docker image parameters -## Please, note that this will override the image parameters, including dependencies, configured to use the global value -## Current available global Docker image parameters: imageRegistry, imagePullSecrets and storageClass - -## @param global.imageRegistry Global Docker image registry -## @param global.imagePullSecrets Global Docker registry secret names as an array -## @param global.defaultStorageClass Global default StorageClass for Persistent Volume(s) -## -global: - imageRegistry: "" - ## E.g. - ## imagePullSecrets: - ## - myRegistryKeySecretName - ## - imagePullSecrets: [] - defaultStorageClass: "" - ## Compatibility adaptations for Kubernetes platforms - ## - compatibility: - ## Compatibility adaptations for Openshift - ## - openshift: - ## @param global.compatibility.openshift.adaptSecurityContext Adapt the securityContext sections of the deployment to make them compatible with Openshift restricted-v2 SCC: remove runAsUser, runAsGroup and fsGroup and let the platform use their allowed default IDs. Possible values: auto (apply if the detected running cluster is Openshift), force (perform the adaptation always), disabled (do not perform adaptation) - ## - adaptSecurityContext: disabled -## @section Common parameters - -## @param kubeVersion Force target Kubernetes version (using Helm capabilities if not set) -## -kubeVersion: "" -## @param nameOverride String to partially override common.names.fullname template (will maintain the release name) -## -nameOverride: "" -## @param fullnameOverride String to fully override common.names.fullname template -## -fullnameOverride: "" -## @param commonLabels Add labels to all the deployed resources -## -commonLabels: {} -## @param commonAnnotations Add annotations to all the deployed resources -## -commonAnnotations: {} -## @param clusterDomain Kubernetes Cluster Domain -## -clusterDomain: cluster.local -## @param extraDeploy Array of extra objects to deploy with the release -## -extraDeploy: [] -## @section phpMyAdmin parameters - -## Bitnami PhpMyAdmin image version -## ref: https://hub.docker.com/r/bitnami/phpmyadmin/tags/ -## @param image.registry [default: REGISTRY_NAME] phpMyAdmin image registry -## @param image.repository [default: REPOSITORY_NAME/phpmyadmin] phpMyAdmin image repository -## @skip image.tag phpMyAdmin image tag (immutable tags are recommended) -## @param image.digest phpMyAdmin image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag -## @param image.pullPolicy Image pull policy -## @param image.pullSecrets Specify docker-registry secret names as an array -## @param image.debug Enable phpmyadmin image debug mode -## -image: - registry: docker.io - repository: bitnami/phpmyadmin - tag: 5.2.1-debian-12-r42 - digest: "" - ## Specify a imagePullPolicy - ## - pullPolicy: IfNotPresent - ## Optionally specify an array of imagePullSecrets. - ## Secrets must be manually created in the namespace. - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ - ## Example: - ## pullSecrets: - ## - myRegistryKeySecretName - ## - pullSecrets: [] - ## Enable debug mode - ## - debug: false -## @param command Override default container command (useful when using custom images) -## -command: [] -## @param args Override default container args (useful when using custom images) -## -args: [] -## @param lifecycleHooks for the phpmyadmin container(s) to automate configuration before or after startup -## -lifecycleHooks: {} -## @param extraEnvVars Extra environment variables to be set on PhpMyAdmin container -## For example: -## extraEnvVars: -## - name: PHP_UPLOAD_MAX_FILESIZE -## value: "80M" -## -extraEnvVars: [] -## @param extraEnvVarsCM Name of a existing ConfigMap containing extra env vars -## -extraEnvVarsCM: "" -## @param extraEnvVarsSecret Name of a existing Secret containing extra env vars -## -extraEnvVarsSecret: "" -## @section phpMyAdmin deployment parameters - -## @param automountServiceAccountToken Mount Service Account token in pod -## -automountServiceAccountToken: false -## @param hostAliases [array] Deployment pod host aliases -## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/ -## -hostAliases: - ## Necessary for apache-exporter to work - ## - - ip: "127.0.0.1" - hostnames: - - "status.localhost" -## phpMyAdmin container ports to open -## @param containerPorts.http HTTP port to expose at container level -## @param containerPorts.https HTTPS port to expose at container level -## -containerPorts: - http: 8080 - https: 8443 -## @param extraContainerPorts Optionally specify extra list of additional ports for phpMyAdmin container(s) -## e.g: -## extraContainerPorts: -## - name: myservice -## containerPort: 9090 -## -extraContainerPorts: [] -## @param updateStrategy.type Strategy to use to update Pods -## -updateStrategy: - ## StrategyType - ## Can be set to RollingUpdate or OnDelete - ## - type: RollingUpdate -## phpMyAdmin pods' Security Context -## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod -## @param podSecurityContext.enabled Enable phpMyAdmin pods' Security Context -## @param podSecurityContext.fsGroupChangePolicy Set filesystem group change policy -## @param podSecurityContext.sysctls Set kernel settings using the sysctl interface -## @param podSecurityContext.supplementalGroups Set filesystem extra groups -## @param podSecurityContext.fsGroup User ID for the container -## -podSecurityContext: - enabled: true - fsGroupChangePolicy: Always - sysctls: [] - supplementalGroups: [] - fsGroup: 1001 -## phpMyAdmin containers' Security Context (only main container) -## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container -## @param containerSecurityContext.enabled Enabled containers' Security Context -## @param containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container -## @param containerSecurityContext.runAsUser Set containers' Security Context runAsUser -## @param containerSecurityContext.runAsGroup Set containers' Security Context runAsGroup -## @param containerSecurityContext.runAsNonRoot Set container's Security Context runAsNonRoot -## @param containerSecurityContext.privileged Set container's Security Context privileged -## @param containerSecurityContext.readOnlyRootFilesystem Set container's Security Context readOnlyRootFilesystem -## @param containerSecurityContext.allowPrivilegeEscalation Set container's Security Context allowPrivilegeEscalation -## @param containerSecurityContext.capabilities.drop List of capabilities to be dropped -## @param containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile -## -containerSecurityContext: - enabled: true - seLinuxOptions: null - runAsUser: 1001 - runAsGroup: 1001 - runAsNonRoot: true - privileged: false - readOnlyRootFilesystem: true - allowPrivilegeEscalation: false - capabilities: - drop: ["ALL"] - seccompProfile: - type: "RuntimeDefault" -## phpMyAdmin number of pod replicas -## @param replicas Number of replicas -replicas: 1 -## phpMyAdmin containers' resource requests and limits -## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ -## We usually recommend not to specify default resources and to leave this as a conscious -## choice for the user. This also increases chances charts run on environments with little -## resources, such as Minikube. If you do want to specify resources, uncomment the following -## lines, adjust them as necessary, and remove the curly braces after 'resources:'. -## @param resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if resources is set (resources is recommended for production). -## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15 -## -resourcesPreset: "micro" -## @param resources Set container requests and limits for different resources like CPU or memory (essential for production workloads) -## Example: -## resources: -## requests: -## cpu: 2 -## memory: 512Mi -## limits: -## cpu: 3 -## memory: 1024Mi -## -resources: {} -## phpMyAdmin containers' startup probe. Evaluated as a template. -## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes -## @param startupProbe.enabled Enable startupProbe -## @param startupProbe.httpGet.path Request path for startupProbe -## @param startupProbe.httpGet.port Port for startupProbe -## @param startupProbe.initialDelaySeconds Initial delay seconds for startupProbe -## @param startupProbe.periodSeconds Period seconds for startupProbe -## @param startupProbe.timeoutSeconds Timeout seconds for startupProbe -## @param startupProbe.failureThreshold Failure threshold for startupProbe -## @param startupProbe.successThreshold Success threshold for startupProbe -## -startupProbe: - enabled: false - initialDelaySeconds: 30 - timeoutSeconds: 30 - periodSeconds: 10 - successThreshold: 1 - failureThreshold: 6 - httpGet: - path: / - port: http -## phpMyAdmin containers' liveness probe. Evaluated as a template. -## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes -## @param livenessProbe.enabled Enable livenessProbe -## @param livenessProbe.tcpSocket.port Port for livenessProbe -## @param livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe -## @param livenessProbe.periodSeconds Period seconds for livenessProbe -## @param livenessProbe.timeoutSeconds Timeout seconds for livenessProbe -## @param livenessProbe.failureThreshold Failure threshold for livenessProbe -## @param livenessProbe.successThreshold Success threshold for livenessProbe -## -livenessProbe: - enabled: true - initialDelaySeconds: 30 - timeoutSeconds: 30 - periodSeconds: 10 - successThreshold: 1 - failureThreshold: 6 - tcpSocket: - port: http -## phpMyAdmin containers' readiness probes. Evaluated as a template. -## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes -## @param readinessProbe.enabled Enable readinessProbe -## @param readinessProbe.httpGet.path Request path for readinessProbe -## @param readinessProbe.httpGet.port Port for readinessProbe -## @param readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe -## @param readinessProbe.periodSeconds Period seconds for readinessProbe -## @param readinessProbe.timeoutSeconds Timeout seconds for readinessProbe -## @param readinessProbe.failureThreshold Failure threshold for readinessProbe -## @param readinessProbe.successThreshold Success threshold for readinessProbe -## -readinessProbe: - enabled: true - initialDelaySeconds: 30 - timeoutSeconds: 30 - periodSeconds: 10 - successThreshold: 1 - failureThreshold: 6 - httpGet: - path: / - port: http -## @param customStartupProbe Override default startup probe -## -customStartupProbe: {} -## @param customLivenessProbe Override default liveness probe -## -customLivenessProbe: {} -## @param customReadinessProbe Override default readiness probe -## -customReadinessProbe: {} -## @param podLabels Extra labels for PhpMyAdmin pods -## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ -## -podLabels: {} -## @param podAnnotations Annotations for PhpMyAdmin pods -## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ -## -podAnnotations: {} -## @param podAffinityPreset Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` -## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity -## -podAffinityPreset: "" -## @param podAntiAffinityPreset Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` -## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity -## -podAntiAffinityPreset: soft -## Node affinity preset -## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity -## -nodeAffinityPreset: - ## @param nodeAffinityPreset.type Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` - ## - type: "" - ## @param nodeAffinityPreset.key Node label key to match. Ignored if `affinity` is set. - ## E.g. - ## key: "kubernetes.io/e2e-az-name" - ## - key: "" - ## @param nodeAffinityPreset.values Node label values to match. Ignored if `affinity` is set. - ## E.g. - ## values: - ## - e2e-az1 - ## - e2e-az2 - ## - values: [] -## @param affinity Affinity for pod assignment. Evaluated as a template. -## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity -## Note: podAffinityPreset, podAntiAffinityPreset, and nodeAffinityPreset will be ignored when it's set -## -affinity: {} -## @param nodeSelector Node labels for pod assignment. Evaluated as a template. -## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/ -## -nodeSelector: {} -## @param tolerations Tolerations for pod assignment. Evaluated as a template. -## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ -## -tolerations: [] -## @param priorityClassName phpmyadmin pods' priorityClassName -## -priorityClassName: "" -## @param schedulerName Name of the k8s scheduler (other than default) -## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/ -## -schedulerName: "" -## @param topologySpreadConstraints Topology Spread Constraints for pod assignment -## https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ -## The value is evaluated as a template -## -topologySpreadConstraints: [] -## @param extraVolumes Optionally specify extra list of additional volumes for PhpMyAdmin pods -## -extraVolumes: [] -## @param extraVolumeMounts Optionally specify extra list of additional volumeMounts for PhpMyAdmin container(s) -## -extraVolumeMounts: [] -## @param initContainers Add init containers to the PhpMyAdmin pods -## Example: -## initContainers: -## - name: your-image-name -## image: your-image -## imagePullPolicy: Always -## ports: -## - name: portname -## containerPort: 1234 -## -initContainers: [] -## Pod Disruption Budget configuration -## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb -## @param pdb.create Enable/disable a Pod Disruption Budget creation -## @param pdb.minAvailable Minimum number/percentage of pods that should remain scheduled -## @param pdb.maxUnavailable Maximum number/percentage of pods that may be made unavailable. Defaults to `1` if both `pdb.minAvailable` and `pdb.maxUnavailable` are empty. -## -pdb: - create: true - minAvailable: "" - maxUnavailable: "" -## @param sidecars Add sidecar containers to the PhpMyAdmin pods -## Example: -## sidecars: -## - name: your-image-name -## image: your-image -## imagePullPolicy: Always -## ports: -## - name: portname -## containerPort: 1234 -## -sidecars: [] -## @section Traffic Exposure parameters - -## Service configuration -## -service: - ## @param service.type Kubernetes Service type - ## - type: ClusterIP - ## @param service.ports.http Service HTTP port - ## @param service.ports.https Service HTTPS port - ## - ports: - http: 80 - https: 443 - ## Specify the nodePort values for the LoadBalancer and NodePort service types - ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport - ## @param service.nodePorts.http Kubernetes http node port - ## @param service.nodePorts.https Kubernetes https node port - ## - nodePorts: - http: "" - https: "" - ## @param service.clusterIP PhpMyAdmin service clusterIP IP - ## e.g: - ## clusterIP: None - ## - clusterIP: "" - ## @param service.loadBalancerIP Load balancer IP for the phpMyAdmin Service (optional, cloud specific) - ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-loadbalancer - ## - loadBalancerIP: "" - ## @param service.loadBalancerSourceRanges Addresses that are allowed when service is LoadBalancer - ## https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service - ## Example: - ## loadBalancerSourceRanges: - ## - 10.10.10.0/24 - ## - loadBalancerSourceRanges: [] - ## @param service.externalTrafficPolicy Enable client source IP preservation - ## ref https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip - ## - externalTrafficPolicy: Cluster - ## @param service.extraPorts Extra ports to expose (normally used with the `sidecar` value) - ## - extraPorts: [] - ## @param service.annotations Provide any additional annotations that may be required for the PhpMyAdmin service - ## - annotations: {} - ## @param service.sessionAffinity Session Affinity for Kubernetes service, can be "None" or "ClientIP" - ## If "ClientIP", consecutive client requests will be directed to the same Pod - ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies - ## - sessionAffinity: None - ## @param service.sessionAffinityConfig Additional settings for the sessionAffinity - ## sessionAffinityConfig: - ## clientIP: - ## timeoutSeconds: 300 - ## - sessionAffinityConfig: {} -## Ingress configuration -## -ingress: - ## @param ingress.enabled Set to true to enable ingress record generation - ## - enabled: false - ## @param ingress.apiVersion Force Ingress API version (automatically detected if not set) - ## - apiVersion: "" - ## DEPRECATED: Use ingress.annotations instead of ingress.certManager - ## certManager: false - ## - - ## @param ingress.hostname When the ingress is enabled, a host pointing to this will be created - ## - hostname: phpmyadmin.local - ## @param ingress.pathType Ingress path type - ## - pathType: ImplementationSpecific - ## @param ingress.path Default path for the ingress record - ## NOTE: You may need to set this to '/*' in order to use this with ALB ingress controllers - ## - path: / - ## @param ingress.extraPaths An array with additional arbitrary paths that may need to be added to the ingress under the main host - ## e.g: - ## extraPaths: - ## - path: /* - ## backend: - ## serviceName: ssl-redirect - ## servicePort: use-annotation - ## - extraPaths: [] - ## @param ingress.annotations Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations. - ## For a full list of possible ingress annotations, please see - ## ref: https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md - ## Use this parameter to set the required annotations for cert-manager, see - ## ref: https://cert-manager.io/docs/usage/ingress/#supported-annotations - ## - ## e.g: - ## annotations: - ## kubernetes.io/ingress.class: nginx - ## cert-manager.io/cluster-issuer: cluster-issuer-name - ## - annotations: {} - ## @param ingress.tls Enable TLS configuration for the hostname defined at `ingress.hostname` parameter - ## TLS certificates will be retrieved from a TLS secret with name: {{- printf "%s-tls" .Values.ingress.hostname }} - ## You can use the ingress.secrets parameter to create this TLS secret, relay on cert-manager to create it, or - ## let the chart create self-signed certificates for you - ## - tls: false - ## @param ingress.extraHosts The list of additional hostnames to be covered with this ingress record. - ## Most likely the hostname above will be enough, but in the event more hosts are needed, this is an array - ## Example: - ## extraHosts: - ## - name: phpmyadmin.local - ## path: / - ## - extraHosts: [] - ## @param ingress.extraTls The tls configuration for additional hostnames to be covered with this ingress record. - ## see: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls - ## Example: - ## extraTls: - ## - hosts: - ## - phpmyadmin.local - ## secretName: phpmyadmin.local-tls - ## - extraTls: [] - ## @param ingress.secrets If you're providing your own certificates and want to manage the secret via helm, - ## please use this to add the certificates as secrets key and certificate should start with - ## -----BEGIN CERTIFICATE----- or -----BEGIN RSA PRIVATE KEY----- - ## name should line up with a secretName set further up - ## - ## If it is not set and you're using cert-manager, this is unneeded, as it will create the secret for you - ## If it is not set and you're NOT using cert-manager either, self-signed certificates will be created - ## It is also possible to create and manage the certificates outside of this helm chart - ## Please see README.md for more information - ## - ## Example - ## secrets: - ## - name: phpmyadmin.local-tls - ## key: "" - ## certificate: "" - ## - secrets: [] - ## @param ingress.existingSecretName If you're providing your own certificate and want to manage the secret yourself, - ## please provide the name of the secret with this parameter. This secret will then be used for tls termination. - ## It has higher priority than the cert-manager or the generation of the certificate from the chart. - ## - ## Example: - ## existingSecretName: "byo-phpmyadmin-tls" - ## - existingSecretName: "" - ## @param ingress.ingressClassName IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+) - ## This is supported in Kubernetes 1.18+ and required if you have more than one IngressClass marked as the default for your cluster . - ## ref: https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/ - ## - ingressClassName: "" - ## @param ingress.extraRules Additional rules to be covered with this ingress record - ## ref: https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-rules - ## e.g: - ## extraRules: - ## - host: phpmyadmin.local - ## http: - ## path: / - ## backend: - ## service: - ## name: phpmyadmin-svc - ## port: - ## name: http - ## - extraRules: [] -## @section Database parameters - -## Database configuration -## -db: - ## @param db.allowArbitraryServer Enable connection to arbitrary MySQL server - ## If you do not want the user to be able to specify an arbitrary MySQL server at login time, set this to false - ## - allowArbitraryServer: true - ## @param db.port Database port to use to connect - ## - port: 3306 - ## @param db.chartName Database suffix if included in the same release - ## If you are deploying phpMyAdmin as part of a release and the database is part - ## of the release, you can pass a suffix that will be used to find the database - ## in releasename-dbSuffix. Please note that this setting precedes db.host - ## e.g: - ## chartName: mariadb - ## - chartName: "" - ## @param db.host Database Hostname. Ignored when `db.chartName` is set. - ## e.g: - ## host: foo - ## - host: "" - ## @param db.bundleTestDB Deploy a MariaDB instance for testing purposes - ## - bundleTestDB: false - ## @param db.enableSsl Enable SSL for the connection between phpMyAdmin and the database - ## - enableSsl: false - ssl: - ## @param db.ssl.clientKey Client key file when using SSL - ## - clientKey: "" - ## @param db.ssl.clientCertificate Client certificate file when using SSL - ## - clientCertificate: "" - ## @param db.ssl.caCertificate CA file when using SSL - ## - caCertificate: "" - ## @param db.ssl.ciphers List of allowable ciphers for connections when using SSL - ## - ciphers: [] - ## @param db.ssl.verify Enable SSL certificate validation - ## - verify: true -## @param mariadb MariaDB chart configuration -## https://github.com/bitnami/charts/blob/main/bitnami/mariadb/values.yaml -## -mariadb: {} -## @section Other Parameters - -## Service account for PhpMyAdmin to use. -## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ -## -serviceAccount: - ## @param serviceAccount.create Enable creation of ServiceAccount for PhpMyAdmin pod - ## - create: true - ## @param serviceAccount.name The name of the ServiceAccount to use. - ## If not set and create is true, a name is generated using the common.names.fullname template - ## - name: "" - ## @param serviceAccount.automountServiceAccountToken Allows auto mount of ServiceAccountToken on the serviceAccount created - ## Can be set to false if pods using this serviceAccount do not need to use K8s API - ## - automountServiceAccountToken: false - ## @param serviceAccount.annotations Additional custom annotations for the ServiceAccount - ## - annotations: {} -## @section Metrics parameters - -## Prometheus Exporter / Metrics -## -metrics: - ## @param metrics.enabled Start a side-car prometheus exporter - ## - enabled: false - ## @param metrics.image.registry [default: REGISTRY_NAME] Apache exporter image registry - ## @param metrics.image.repository [default: REPOSITORY_NAME/apache-exporter] Apache exporter image repository - ## @skip metrics.image.tag Apache exporter image tag (immutable tags are recommended) - ## @param metrics.image.digest Apache exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag - ## @param metrics.image.pullPolicy Image pull policy - ## @param metrics.image.pullSecrets Specify docker-registry secret names as an array - ## - image: - registry: docker.io - repository: bitnami/apache-exporter - tag: 1.0.8-debian-12-r9 - digest: "" - pullPolicy: IfNotPresent - ## Optionally specify an array of imagePullSecrets. - ## Secrets must be manually created in the namespace. - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ - ## Example: - ## pullSecrets: - ## - myRegistryKeySecretName - ## - pullSecrets: [] - ## @param metrics.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if metrics.resources is set (metrics.resources is recommended for production). - ## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15 - ## - resourcesPreset: "nano" - ## @param metrics.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads) - ## Example: - ## resources: - ## requests: - ## cpu: 2 - ## memory: 512Mi - ## limits: - ## cpu: 3 - ## memory: 1024Mi - ## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ - ## - resources: {} - ## Prometheus Exporter service configuration - ## - service: - ## @param metrics.service.type Prometheus metrics service type - ## - type: ClusterIP - ## @param metrics.service.port Prometheus metrics service port - ## - port: 9117 - ## @param metrics.service.annotations [object] Annotations for Prometheus metrics service - ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ - annotations: - prometheus.io/scrape: "true" - prometheus.io/port: "{{ .Values.metrics.service.port }}" - ## @param metrics.service.clusterIP phpmyadmin service Cluster IP - ## e.g.: - ## clusterIP: None - ## - clusterIP: "" - ## @param metrics.service.loadBalancerIP Load Balancer IP if the Prometheus metrics server type is `LoadBalancer` - ## Use serviceLoadBalancerIP to request a specific static IP, otherwise leave blank - ## - loadBalancerIP: "" - ## @param metrics.service.loadBalancerSourceRanges phpmyadmin service Load Balancer sources - ## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service - ## e.g: - ## loadBalancerSourceRanges: - ## - 10.10.10.0/24 - ## - loadBalancerSourceRanges: [] - ## @param metrics.service.externalTrafficPolicy phpmyadmin service external traffic policy - ## ref http://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip - ## - externalTrafficPolicy: Cluster - ## @param metrics.service.sessionAffinity Session Affinity for Kubernetes service, can be "None" or "ClientIP" - ## If "ClientIP", consecutive client requests will be directed to the same Pod - ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies - ## - sessionAffinity: None - ## @param metrics.service.sessionAffinityConfig Additional settings for the sessionAffinity - ## sessionAffinityConfig: - ## clientIP: - ## timeoutSeconds: 300 - ## - sessionAffinityConfig: {} - ## Prometheus Service Monitor - ## ref: https://github.com/coreos/prometheus-operator - ## https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint - ## - serviceMonitor: - ## @param metrics.serviceMonitor.enabled Create ServiceMonitor Resource for scraping metrics using PrometheusOperator - ## - enabled: false - ## @param metrics.serviceMonitor.namespace Specify the namespace in which the serviceMonitor resource will be created - ## - namespace: "" - ## @param metrics.serviceMonitor.jobLabel The name of the label on the target service to use as the job name in prometheus. - ## - jobLabel: "" - ## @param metrics.serviceMonitor.interval Specify the interval at which metrics should be scraped - ## - interval: 30s - ## @param metrics.serviceMonitor.scrapeTimeout Specify the timeout after which the scrape is ended - ## e.g: - ## scrapeTimeout: 30s - ## - scrapeTimeout: "" - ## @param metrics.serviceMonitor.relabelings RelabelConfigs to apply to samples before scraping - ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#relabelconfig - ## - relabelings: [] - ## @param metrics.serviceMonitor.metricRelabelings Specify Metric Relabelings to add to the scrape endpoint - ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#relabelconfig - ## - metricRelabelings: [] - ## @param metrics.serviceMonitor.labels Extra labels for the ServiceMonitor - ## - labels: {} - ## @param metrics.serviceMonitor.honorLabels Specify honorLabels parameter to add the scrape endpoint - ## - honorLabels: false - ## @param metrics.serviceMonitor.selector ServiceMonitor selector labels - ## ref: https://github.com/bitnami/charts/tree/main/bitnami/prometheus-operator#prometheus-configuration - ## - ## selector: - ## prometheus: my-prometheus - ## - selector: {} -## @section NetworkPolicy parameters - -## Network Policy configuration -## ref: https://kubernetes.io/docs/concepts/services-networking/network-policies/ -## -networkPolicy: - ## @param networkPolicy.enabled Specifies whether a NetworkPolicy should be created - ## - enabled: true - ## @param networkPolicy.allowExternal Don't require server label for connections - ## The Policy model to apply. When set to false, only pods with the correct - ## server label will have network access to the ports server is listening - ## on. When true, server will accept connections from any source - ## (with the correct destination port). - ## - allowExternal: true - ## @param networkPolicy.allowExternalEgress Allow the pod to access any range of port and all destinations. - ## - allowExternalEgress: true - ## @param networkPolicy.extraIngress [array] Add extra ingress rules to the NetworkPolicy - ## e.g: - ## extraIngress: - ## - ports: - ## - port: 1234 - ## from: - ## - podSelector: - ## - matchLabels: - ## - role: frontend - ## - podSelector: - ## - matchExpressions: - ## - key: role - ## operator: In - ## values: - ## - frontend - extraIngress: [] - ## @param networkPolicy.extraEgress [array] Add extra ingress rules to the NetworkPolicy - ## e.g: - ## extraEgress: - ## - ports: - ## - port: 1234 - ## to: - ## - podSelector: - ## - matchLabels: - ## - role: frontend - ## - podSelector: - ## - matchExpressions: - ## - key: role - ## operator: In - ## values: - ## - frontend - ## - extraEgress: [] - ## @param networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces - ## @param networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces - ## - ingressNSMatchLabels: {} - ingressNSPodMatchLabels: {} diff --git a/charts/phpmyadmin/values-overrides.yaml b/charts/phpmyadmin/values-overrides.yaml deleted file mode 100644 index f6f6b59..0000000 --- a/charts/phpmyadmin/values-overrides.yaml +++ /dev/null @@ -1,6 +0,0 @@ -fullnameOverride: phpmyadmin -db: - allowArbitraryServer: false - port: 3306 - host: "mariadb.futureporn.svc.cluster.local" - bundleTestDB: false \ No newline at end of file diff --git a/charts/postgresql/postgresql/.helmignore b/charts/postgresql/postgresql/.helmignore deleted file mode 100644 index 207983f..0000000 --- a/charts/postgresql/postgresql/.helmignore +++ /dev/null @@ -1,25 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj -# img folder -img/ -# Changelog -CHANGELOG.md diff --git a/charts/postgresql/postgresql/Chart.lock b/charts/postgresql/postgresql/Chart.lock deleted file mode 100644 index ab93b70..0000000 --- a/charts/postgresql/postgresql/Chart.lock +++ /dev/null @@ -1,6 +0,0 @@ -dependencies: -- name: common - repository: oci://registry-1.docker.io/bitnamicharts - version: 2.20.5 -digest: sha256:5b98791747a148b9d4956b81bb8635f49a0ae831869d700d52e514b8fd1a2445 -generated: "2024-07-16T12:16:35.737563+02:00" diff --git a/charts/postgresql/postgresql/Chart.yaml b/charts/postgresql/postgresql/Chart.yaml deleted file mode 100644 index f0686fd..0000000 --- a/charts/postgresql/postgresql/Chart.yaml +++ /dev/null @@ -1,37 +0,0 @@ -annotations: - category: Database - images: | - - name: os-shell - image: docker.io/bitnami/os-shell:12-debian-12-r24 - - name: postgres-exporter - image: docker.io/bitnami/postgres-exporter:0.15.0-debian-12-r36 - - name: postgresql - image: docker.io/bitnami/postgresql:16.3.0-debian-12-r19 - licenses: Apache-2.0 -apiVersion: v2 -appVersion: 16.3.0 -dependencies: -- name: common - repository: oci://registry-1.docker.io/bitnamicharts - tags: - - bitnami-common - version: 2.x.x -description: PostgreSQL (Postgres) is an open source object-relational database known - for reliability and data integrity. ACID-compliant, it supports foreign keys, joins, - views, triggers and stored procedures. -home: https://bitnami.com -icon: https://bitnami.com/assets/stacks/postgresql/img/postgresql-stack-220x234.png -keywords: -- postgresql -- postgres -- database -- sql -- replication -- cluster -maintainers: -- name: Broadcom, Inc. All Rights Reserved. - url: https://github.com/bitnami/charts -name: postgresql -sources: -- https://github.com/bitnami/charts/tree/main/bitnami/postgresql -version: 15.5.17 diff --git a/charts/postgresql/postgresql/README.md b/charts/postgresql/postgresql/README.md deleted file mode 100644 index 56352af..0000000 --- a/charts/postgresql/postgresql/README.md +++ /dev/null @@ -1,1021 +0,0 @@ - - -# Bitnami package for PostgreSQL - -PostgreSQL (Postgres) is an open source object-relational database known for reliability and data integrity. ACID-compliant, it supports foreign keys, joins, views, triggers and stored procedures. - -[Overview of PostgreSQL](http://www.postgresql.org) - -Trademarks: This software listing is packaged by Bitnami. The respective trademarks mentioned in the offering are owned by the respective companies, and use of them does not imply any affiliation or endorsement. - -## TL;DR - -```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/postgresql -``` - -Looking to use PostgreSQL in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. - -## Introduction - -This chart bootstraps a [PostgreSQL](https://github.com/bitnami/containers/tree/main/bitnami/postgresql) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. - -For HA, please see [this repo](https://github.com/bitnami/charts/tree/main/bitnami/postgresql-ha) - -Bitnami charts can be used with [Kubeapps](https://kubeapps.dev/) for deployment and management of Helm Charts in clusters. - -## Prerequisites - -- Kubernetes 1.23+ -- Helm 3.8.0+ -- PV provisioner support in the underlying infrastructure - -## Installing the Chart - -To install the chart with the release name `my-release`: - -```console -helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/postgresql -``` - -> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. - -The command deploys PostgreSQL on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. - -> **Tip**: List all releases using `helm list` - -## Configuration and installation details - -### Resource requests and limits - -Bitnami charts allow setting resource requests and limits for all containers inside the chart deployment. These are inside the `resources` value (check parameter table). Setting requests is essential for production workloads and these should be adapted to your specific use case. - -To make this process easier, the chart contains the `resourcesPreset` values, which automatically sets the `resources` section according to different presets. Check these presets in [the bitnami/common chart](https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15). However, in production workloads using `resourcePreset` is discouraged as it may not fully adapt to your specific needs. Find more information on container resource management in the [official Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/). - -### [Rolling VS Immutable tags](https://docs.vmware.com/en/VMware-Tanzu-Application-Catalog/services/tutorials/GUID-understand-rolling-tags-containers-index.html) - -It is strongly recommended to use immutable tags in a production environment. This ensures your deployment does not change automatically if the same tag is updated with a different image. - -Bitnami will release a new chart updating its containers if a new version of the main container, significant changes, or critical vulnerabilities exist. - -### Customizing primary and read replica services in a replicated configuration - -At the top level, there is a service object which defines the services for both primary and readReplicas. For deeper customization, there are service objects for both the primary and read types individually. This allows you to override the values in the top level service object so that the primary and read can be of different service types and with different clusterIPs / nodePorts. Also in the case you want the primary and read to be of type nodePort, you will need to set the nodePorts to different values to prevent a collision. The values that are deeper in the primary.service or readReplicas.service objects will take precedence over the top level service object. - -### Use a different PostgreSQL version - -To modify the application version used in this chart, specify a different version of the image using the `image.tag` parameter and/or a different repository using the `image.repository` parameter. - -### LDAP - -LDAP support can be enabled in the chart by specifying the `ldap.` parameters while creating a release. The following parameters should be configured to properly enable the LDAP support in the chart. - -- **ldap.enabled**: Enable LDAP support. Defaults to `false`. -- **ldap.uri**: LDAP URL beginning in the form `ldap[s]://:`. No defaults. -- **ldap.base**: LDAP base DN. No defaults. -- **ldap.binddn**: LDAP bind DN. No defaults. -- **ldap.bindpw**: LDAP bind password. No defaults. -- **ldap.bslookup**: LDAP base lookup. No defaults. -- **ldap.nss_initgroups_ignoreusers**: LDAP ignored users. `root,nslcd`. -- **ldap.scope**: LDAP search scope. No defaults. -- **ldap.tls_reqcert**: LDAP TLS check on server certificates. No defaults. - -For example: - -```text -ldap.enabled="true" -ldap.uri="ldap://my_ldap_server" -ldap.base="dc=example\,dc=org" -ldap.binddn="cn=admin\,dc=example\,dc=org" -ldap.bindpw="admin" -ldap.bslookup="ou=group-ok\,dc=example\,dc=org" -ldap.nss_initgroups_ignoreusers="root\,nslcd" -ldap.scope="sub" -ldap.tls_reqcert="demand" -``` - -Next, login to the PostgreSQL server using the `psql` client and add the PAM authenticated LDAP users. - -> Note: Parameters including commas must be escaped as shown in the above example. - -### postgresql.conf / pg_hba.conf files as configMap - -This helm chart also supports to customize the PostgreSQL configuration file. You can add additional PostgreSQL configuration parameters using the `primary.extendedConfiguration`/`readReplicas.extendedConfiguration` parameters as a string. Alternatively, to replace the entire default configuration use `primary.configuration`. - -You can also add a custom pg_hba.conf using the `primary.pgHbaConfiguration` parameter. - -In addition to these options, you can also set an external ConfigMap with all the configuration files. This is done by setting the `primary.existingConfigmap` parameter. Note that this will override the two previous options. - -### Initialize a fresh instance - -The [Bitnami PostgreSQL](https://github.com/bitnami/containers/tree/main/bitnami/postgresql) image allows you to use your custom scripts to initialize a fresh instance. In order to execute the scripts, you can specify custom scripts using the `primary.initdb.scripts` parameter as a string. - -In addition, you can also set an external ConfigMap with all the initialization scripts. This is done by setting the `primary.initdb.scriptsConfigMap` parameter. Note that this will override the two previous options. If your initialization scripts contain sensitive information such as credentials or passwords, you can use the `primary.initdb.scriptsSecret` parameter. - -The allowed extensions are `.sh`, `.sql` and `.sql.gz`. - -### Securing traffic using TLS - -TLS support can be enabled in the chart by specifying the `tls.` parameters while creating a release. The following parameters should be configured to properly enable the TLS support in the chart: - -- `tls.enabled`: Enable TLS support. Defaults to `false` -- `tls.certificatesSecret`: Name of an existing secret that contains the certificates. No defaults. -- `tls.certFilename`: Certificate filename. No defaults. -- `tls.certKeyFilename`: Certificate key filename. No defaults. - -For example: - -- First, create the secret with the cetificates files: - - ```console - kubectl create secret generic certificates-tls-secret --from-file=./cert.crt --from-file=./cert.key --from-file=./ca.crt - ``` - -- Then, use the following parameters: - - ```console - volumePermissions.enabled=true - tls.enabled=true - tls.certificatesSecret="certificates-tls-secret" - tls.certFilename="cert.crt" - tls.certKeyFilename="cert.key" - ``` - - > Note TLS and VolumePermissions: PostgreSQL requires certain permissions on sensitive files (such as certificate keys) to start up. Due to an on-going [issue](https://github.com/kubernetes/kubernetes/issues/57923) regarding kubernetes permissions and the use of `containerSecurityContext.runAsUser`, you must enable `volumePermissions` to ensure everything works as expected. - -### Sidecars - -If you need additional containers to run within the same pod as PostgreSQL (e.g. an additional metrics or logging exporter), you can do so via the `sidecars` config parameter. Simply define your container according to the Kubernetes container spec. - -```yaml -# For the PostgreSQL primary -primary: - sidecars: - - name: your-image-name - image: your-image - imagePullPolicy: Always - ports: - - name: portname - containerPort: 1234 -# For the PostgreSQL replicas -readReplicas: - sidecars: - - name: your-image-name - image: your-image - imagePullPolicy: Always - ports: - - name: portname - containerPort: 1234 -``` - -### Metrics - -The chart optionally can start a metrics exporter for [prometheus](https://prometheus.io). The metrics endpoint (port 9187) is not exposed and it is expected that the metrics are collected from inside the k8s cluster using something similar as the described in the [example Prometheus scrape configuration](https://github.com/prometheus/prometheus/blob/master/documentation/examples/prometheus-kubernetes.yml). - -The exporter allows to create custom metrics from additional SQL queries. See the Chart's `values.yaml` for an example and consult the [exporters documentation](https://github.com/wrouesnel/postgres_exporter#adding-new-metrics-via-a-config-file) for more details. - -### Use of global variables - -In more complex scenarios, we may have the following tree of dependencies - -```text - +--------------+ - | | - +------------+ Chart 1 +-----------+ - | | | | - | --------+------+ | - | | | - | | | - | | | - | | | - v v v -+-------+------+ +--------+------+ +--------+------+ -| | | | | | -| PostgreSQL | | Sub-chart 1 | | Sub-chart 2 | -| | | | | | -+--------------+ +---------------+ +---------------+ -``` - -The three charts below depend on the parent chart Chart 1. However, subcharts 1 and 2 may need to connect to PostgreSQL as well. In order to do so, subcharts 1 and 2 need to know the PostgreSQL credentials, so one option for deploying could be deploy Chart 1 with the following parameters: - -```text -postgresql.auth.username=testuser -subchart1.postgresql.auth.username=testuser -subchart2.postgresql.auth.username=testuser -postgresql.auth.password=testpass -subchart1.postgresql.auth.password=testpass -subchart2.postgresql.auth.password=testpass -postgresql.auth.database=testdb -subchart1.postgresql.auth.database=testdb -subchart2.postgresql.auth.database=testdb -``` - -If the number of dependent sub-charts increases, installing the chart with parameters can become increasingly difficult. An alternative would be to set the credentials using global variables as follows: - -```text -global.postgresql.auth.username=testuser -global.postgresql.auth.password=testpass -global.postgresql.auth.database=testdb -``` - -This way, the credentials will be available in all of the subcharts. - -### Backup and restore PostgreSQL deployments - -To back up and restore Bitnami PostgreSQL Helm chart deployments on Kubernetes, you need to back up the persistent volumes from the source deployment and attach them to a new deployment using [Velero](https://velero.io/), a Kubernetes backup/restore tool. - -These are the steps you will usually follow to back up and restore your PostgreSQL cluster data: - -- Install Velero on the source and destination clusters. -- Use Velero to back up the PersistentVolumes (PVs) used by the deployment on the source cluster. -- Use Velero to restore the backed-up PVs on the destination cluster. -- Create a new deployment on the destination cluster with the same chart, deployment name, credentials and other parameters as the original. This new deployment will use the restored PVs and hence the original data. - -Refer to our detailed [tutorial on backing up and restoring PostgreSQL deployments on Kubernetes](https://docs.vmware.com/en/VMware-Tanzu-Application-Catalog/services/tutorials/GUID-migrate-data-tac-velero-index.html) for more information. - -### NetworkPolicy - -To enable network policy for PostgreSQL, install [a networking plugin that implements the Kubernetes NetworkPolicy spec](https://kubernetes.io/docs/tasks/administer-cluster/declare-network-policy#before-you-begin), and set `networkPolicy.enabled` to `true`. - -For Kubernetes v1.5 & v1.6, you must also turn on NetworkPolicy by setting the DefaultDeny namespace annotation. Note: this will enforce policy for _all_ pods in the namespace: - -```console -kubectl annotate namespace default "net.beta.kubernetes.io/network-policy={\"ingress\":{\"isolation\":\"DefaultDeny\"}}" -``` - -With NetworkPolicy enabled, traffic will be limited to just port 5432. - -For more precise policy, set `networkPolicy.allowExternal=false`. This will only allow pods with the generated client label to connect to PostgreSQL. -This label will be displayed in the output of a successful install. - -### Differences between Bitnami PostgreSQL image and [Docker Official](https://hub.docker.com/_/postgres) image - -- The Docker Official PostgreSQL image does not support replication. If you pass any replication environment variable, this would be ignored. The only environment variables supported by the Docker Official image are POSTGRES_USER, POSTGRES_DB, POSTGRES_PASSWORD, POSTGRES_INITDB_ARGS, POSTGRES_INITDB_WALDIR and PGDATA. All the remaining environment variables are specific to the Bitnami PostgreSQL image. -- The Bitnami PostgreSQL image is non-root by default. This requires that you run the pod with `securityContext` and updates the permissions of the volume with an `initContainer`. A key benefit of this configuration is that the pod follows security best practices and is prepared to run on Kubernetes distributions with hard security constraints like OpenShift. -- For OpenShift up to 4.10, let set the volume permissions, security context, runAsUser and fsGroup automatically by OpenShift and disable the predefined settings of the helm chart: primary.securityContext.enabled=false,primary.containerSecurityContext.enabled=false,volumePermissions.enabled=false,shmVolume.enabled=false -- For OpenShift 4.11 and higher, let set OpenShift the runAsUser and fsGroup automatically. Configure the pod and container security context to restrictive defaults and disable the volume permissions setup: primary. - podSecurityContext.fsGroup=null,primary.podSecurityContext.seccompProfile.type=RuntimeDefault,primary.containerSecurityContext.runAsUser=null,primary.containerSecurityContext.allowPrivilegeEscalation=false,primary.containerSecurityContext.runAsNonRoot=true,primary.containerSecurityContext.seccompProfile.type=RuntimeDefault,primary.containerSecurityContext.capabilities.drop=['ALL'],volumePermissions.enabled=false,shmVolume.enabled=false - -### Setting Pod's affinity - -This chart allows you to set your custom affinity using the `XXX.affinity` parameter(s). Find more information about Pod's affinity in the [kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity). - -As an alternative, you can use of the preset configurations for pod affinity, pod anti-affinity, and node affinity available at the [bitnami/common](https://github.com/bitnami/charts/tree/main/bitnami/common#affinities) chart. To do so, set the `XXX.podAffinityPreset`, `XXX.podAntiAffinityPreset`, or `XXX.nodeAffinityPreset` parameters. - -## Persistence - -The [Bitnami PostgreSQL](https://github.com/bitnami/containers/tree/main/bitnami/postgresql) image stores the PostgreSQL data and configurations at the `/bitnami/postgresql` path of the container. - -Persistent Volume Claims are used to keep the data across deployments. This is known to work in GCE, AWS, and minikube. -See the [Parameters](#parameters) section to configure the PVC or to disable persistence. - -If you already have data in it, you will fail to sync to standby nodes for all commits, details can refer to the [code present in the container repository](https://github.com/bitnami/containers/tree/main/bitnami/postgresql). If you need to use those data, please covert them to sql and import after `helm install` finished. - -## Parameters - -### Global parameters - -| Name | Description | Value | -| ---------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------ | -| `global.imageRegistry` | Global Docker image registry | `""` | -| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` | -| `global.defaultStorageClass` | Global default StorageClass for Persistent Volume(s) | `""` | -| `global.storageClass` | DEPRECATED: use global.defaultStorageClass instead | `""` | -| `global.postgresql.auth.postgresPassword` | Password for the "postgres" admin user (overrides `auth.postgresPassword`) | `""` | -| `global.postgresql.auth.username` | Name for a custom user to create (overrides `auth.username`) | `""` | -| `global.postgresql.auth.password` | Password for the custom user to create (overrides `auth.password`) | `""` | -| `global.postgresql.auth.database` | Name for a custom database to create (overrides `auth.database`) | `""` | -| `global.postgresql.auth.existingSecret` | Name of existing secret to use for PostgreSQL credentials (overrides `auth.existingSecret`). | `""` | -| `global.postgresql.auth.secretKeys.adminPasswordKey` | Name of key in existing secret to use for PostgreSQL credentials (overrides `auth.secretKeys.adminPasswordKey`). Only used when `global.postgresql.auth.existingSecret` is set. | `""` | -| `global.postgresql.auth.secretKeys.userPasswordKey` | Name of key in existing secret to use for PostgreSQL credentials (overrides `auth.secretKeys.userPasswordKey`). Only used when `global.postgresql.auth.existingSecret` is set. | `""` | -| `global.postgresql.auth.secretKeys.replicationPasswordKey` | Name of key in existing secret to use for PostgreSQL credentials (overrides `auth.secretKeys.replicationPasswordKey`). Only used when `global.postgresql.auth.existingSecret` is set. | `""` | -| `global.postgresql.service.ports.postgresql` | PostgreSQL service port (overrides `service.ports.postgresql`) | `""` | -| `global.compatibility.openshift.adaptSecurityContext` | Adapt the securityContext sections of the deployment to make them compatible with Openshift restricted-v2 SCC: remove runAsUser, runAsGroup and fsGroup and let the platform use their allowed default IDs. Possible values: auto (apply if the detected running cluster is Openshift), force (perform the adaptation always), disabled (do not perform adaptation) | `auto` | - -### Common parameters - -| Name | Description | Value | -| ------------------------ | -------------------------------------------------------------------------------------------- | --------------- | -| `kubeVersion` | Override Kubernetes version | `""` | -| `nameOverride` | String to partially override common.names.fullname template (will maintain the release name) | `""` | -| `fullnameOverride` | String to fully override common.names.fullname template | `""` | -| `clusterDomain` | Kubernetes Cluster Domain | `cluster.local` | -| `extraDeploy` | Array of extra objects to deploy with the release (evaluated as a template) | `[]` | -| `commonLabels` | Add labels to all the deployed resources | `{}` | -| `commonAnnotations` | Add annotations to all the deployed resources | `{}` | -| `diagnosticMode.enabled` | Enable diagnostic mode (all probes will be disabled and the command will be overridden) | `false` | -| `diagnosticMode.command` | Command to override all containers in the statefulset | `["sleep"]` | -| `diagnosticMode.args` | Args to override all containers in the statefulset | `["infinity"]` | - -### PostgreSQL common parameters - -| Name | Description | Value | -| ---------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------- | -| `image.registry` | PostgreSQL image registry | `REGISTRY_NAME` | -| `image.repository` | PostgreSQL image repository | `REPOSITORY_NAME/postgresql` | -| `image.digest` | PostgreSQL image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | PostgreSQL image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Specify image pull secrets | `[]` | -| `image.debug` | Specify if debug values should be set | `false` | -| `auth.enablePostgresUser` | Assign a password to the "postgres" admin user. Otherwise, remote access will be blocked for this user | `true` | -| `auth.postgresPassword` | Password for the "postgres" admin user. Ignored if `auth.existingSecret` is provided | `""` | -| `auth.username` | Name for a custom user to create | `""` | -| `auth.password` | Password for the custom user to create. Ignored if `auth.existingSecret` is provided | `""` | -| `auth.database` | Name for a custom database to create | `""` | -| `auth.replicationUsername` | Name of the replication user | `repl_user` | -| `auth.replicationPassword` | Password for the replication user. Ignored if `auth.existingSecret` is provided | `""` | -| `auth.existingSecret` | Name of existing secret to use for PostgreSQL credentials. `auth.postgresPassword`, `auth.password`, and `auth.replicationPassword` will be ignored and picked up from this secret. The secret might also contains the key `ldap-password` if LDAP is enabled. `ldap.bind_password` will be ignored and picked from this secret in this case. | `""` | -| `auth.secretKeys.adminPasswordKey` | Name of key in existing secret to use for PostgreSQL credentials. Only used when `auth.existingSecret` is set. | `postgres-password` | -| `auth.secretKeys.userPasswordKey` | Name of key in existing secret to use for PostgreSQL credentials. Only used when `auth.existingSecret` is set. | `password` | -| `auth.secretKeys.replicationPasswordKey` | Name of key in existing secret to use for PostgreSQL credentials. Only used when `auth.existingSecret` is set. | `replication-password` | -| `auth.usePasswordFiles` | Mount credentials as a files instead of using an environment variable | `false` | -| `architecture` | PostgreSQL architecture (`standalone` or `replication`) | `standalone` | -| `replication.synchronousCommit` | Set synchronous commit mode. Allowed values: `on`, `remote_apply`, `remote_write`, `local` and `off` | `off` | -| `replication.numSynchronousReplicas` | Number of replicas that will have synchronous replication. Note: Cannot be greater than `readReplicas.replicaCount`. | `0` | -| `replication.applicationName` | Cluster application name. Useful for advanced replication settings | `my_application` | -| `containerPorts.postgresql` | PostgreSQL container port | `5432` | -| `audit.logHostname` | Log client hostnames | `false` | -| `audit.logConnections` | Add client log-in operations to the log file | `false` | -| `audit.logDisconnections` | Add client log-outs operations to the log file | `false` | -| `audit.pgAuditLog` | Add operations to log using the pgAudit extension | `""` | -| `audit.pgAuditLogCatalog` | Log catalog using pgAudit | `off` | -| `audit.clientMinMessages` | Message log level to share with the user | `error` | -| `audit.logLinePrefix` | Template for log line prefix (default if not set) | `""` | -| `audit.logTimezone` | Timezone for the log timestamps | `""` | -| `ldap.enabled` | Enable LDAP support | `false` | -| `ldap.server` | IP address or name of the LDAP server. | `""` | -| `ldap.port` | Port number on the LDAP server to connect to | `""` | -| `ldap.prefix` | String to prepend to the user name when forming the DN to bind | `""` | -| `ldap.suffix` | String to append to the user name when forming the DN to bind | `""` | -| `ldap.basedn` | Root DN to begin the search for the user in | `""` | -| `ldap.binddn` | DN of user to bind to LDAP | `""` | -| `ldap.bindpw` | Password for the user to bind to LDAP | `""` | -| `ldap.searchAttribute` | Attribute to match against the user name in the search | `""` | -| `ldap.searchFilter` | The search filter to use when doing search+bind authentication | `""` | -| `ldap.scheme` | Set to `ldaps` to use LDAPS | `""` | -| `ldap.tls.enabled` | Se to true to enable TLS encryption | `false` | -| `ldap.uri` | LDAP URL beginning in the form `ldap[s]://host[:port]/basedn`. If provided, all the other LDAP parameters will be ignored. | `""` | -| `postgresqlDataDir` | PostgreSQL data dir folder | `/bitnami/postgresql/data` | -| `postgresqlSharedPreloadLibraries` | Shared preload libraries (comma-separated list) | `pgaudit` | -| `shmVolume.enabled` | Enable emptyDir volume for /dev/shm for PostgreSQL pod(s) | `true` | -| `shmVolume.sizeLimit` | Set this to enable a size limit on the shm tmpfs | `""` | -| `tls.enabled` | Enable TLS traffic support | `false` | -| `tls.autoGenerated` | Generate automatically self-signed TLS certificates | `false` | -| `tls.preferServerCiphers` | Whether to use the server's TLS cipher preferences rather than the client's | `true` | -| `tls.certificatesSecret` | Name of an existing secret that contains the certificates | `""` | -| `tls.certFilename` | Certificate filename | `""` | -| `tls.certKeyFilename` | Certificate key filename | `""` | -| `tls.certCAFilename` | CA Certificate filename | `""` | -| `tls.crlFilename` | File containing a Certificate Revocation List | `""` | - -### PostgreSQL Primary parameters - -| Name | Description | Value | -| ----------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------- | -| `primary.name` | Name of the primary database (eg primary, master, leader, ...) | `primary` | -| `primary.configuration` | PostgreSQL Primary main configuration to be injected as ConfigMap | `""` | -| `primary.pgHbaConfiguration` | PostgreSQL Primary client authentication configuration | `""` | -| `primary.existingConfigmap` | Name of an existing ConfigMap with PostgreSQL Primary configuration | `""` | -| `primary.extendedConfiguration` | Extended PostgreSQL Primary configuration (appended to main or default configuration) | `""` | -| `primary.existingExtendedConfigmap` | Name of an existing ConfigMap with PostgreSQL Primary extended configuration | `""` | -| `primary.initdb.args` | PostgreSQL initdb extra arguments | `""` | -| `primary.initdb.postgresqlWalDir` | Specify a custom location for the PostgreSQL transaction log | `""` | -| `primary.initdb.scripts` | Dictionary of initdb scripts | `{}` | -| `primary.initdb.scriptsConfigMap` | ConfigMap with scripts to be run at first boot | `""` | -| `primary.initdb.scriptsSecret` | Secret with scripts to be run at first boot (in case it contains sensitive information) | `""` | -| `primary.initdb.user` | Specify the PostgreSQL username to execute the initdb scripts | `""` | -| `primary.initdb.password` | Specify the PostgreSQL password to execute the initdb scripts | `""` | -| `primary.preInitDb.scripts` | Dictionary of pre-init scripts | `{}` | -| `primary.preInitDb.scriptsConfigMap` | ConfigMap with pre-init scripts to be run | `""` | -| `primary.preInitDb.scriptsSecret` | Secret with pre-init scripts to be run | `""` | -| `primary.standby.enabled` | Whether to enable current cluster's primary as standby server of another cluster or not | `false` | -| `primary.standby.primaryHost` | The Host of replication primary in the other cluster | `""` | -| `primary.standby.primaryPort` | The Port of replication primary in the other cluster | `""` | -| `primary.extraEnvVars` | Array with extra environment variables to add to PostgreSQL Primary nodes | `[]` | -| `primary.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for PostgreSQL Primary nodes | `""` | -| `primary.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for PostgreSQL Primary nodes | `""` | -| `primary.command` | Override default container command (useful when using custom images) | `[]` | -| `primary.args` | Override default container args (useful when using custom images) | `[]` | -| `primary.livenessProbe.enabled` | Enable livenessProbe on PostgreSQL Primary containers | `true` | -| `primary.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `30` | -| `primary.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `primary.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `primary.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | -| `primary.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `primary.readinessProbe.enabled` | Enable readinessProbe on PostgreSQL Primary containers | `true` | -| `primary.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | -| `primary.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `primary.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | -| `primary.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | -| `primary.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `primary.startupProbe.enabled` | Enable startupProbe on PostgreSQL Primary containers | `false` | -| `primary.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `30` | -| `primary.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `primary.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | -| `primary.startupProbe.failureThreshold` | Failure threshold for startupProbe | `15` | -| `primary.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `primary.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `primary.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `primary.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `primary.lifecycleHooks` | for the PostgreSQL Primary container to automate configuration before or after startup | `{}` | -| `primary.resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if primary.resources is set (primary.resources is recommended for production). | `nano` | -| `primary.resources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` | -| `primary.podSecurityContext.enabled` | Enable security context | `true` | -| `primary.podSecurityContext.fsGroupChangePolicy` | Set filesystem group change policy | `Always` | -| `primary.podSecurityContext.sysctls` | Set kernel settings using the sysctl interface | `[]` | -| `primary.podSecurityContext.supplementalGroups` | Set filesystem extra groups | `[]` | -| `primary.podSecurityContext.fsGroup` | Group ID for the pod | `1001` | -| `primary.containerSecurityContext.enabled` | Enabled containers' Security Context | `true` | -| `primary.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `{}` | -| `primary.containerSecurityContext.runAsUser` | Set containers' Security Context runAsUser | `1001` | -| `primary.containerSecurityContext.runAsGroup` | Set containers' Security Context runAsGroup | `1001` | -| `primary.containerSecurityContext.runAsNonRoot` | Set container's Security Context runAsNonRoot | `true` | -| `primary.containerSecurityContext.privileged` | Set container's Security Context privileged | `false` | -| `primary.containerSecurityContext.readOnlyRootFilesystem` | Set container's Security Context readOnlyRootFilesystem | `true` | -| `primary.containerSecurityContext.allowPrivilegeEscalation` | Set container's Security Context allowPrivilegeEscalation | `false` | -| `primary.containerSecurityContext.capabilities.drop` | List of capabilities to be dropped | `["ALL"]` | -| `primary.containerSecurityContext.seccompProfile.type` | Set container's Security Context seccomp profile | `RuntimeDefault` | -| `primary.automountServiceAccountToken` | Mount Service Account token in pod | `false` | -| `primary.hostAliases` | PostgreSQL primary pods host aliases | `[]` | -| `primary.hostNetwork` | Specify if host network should be enabled for PostgreSQL pod (postgresql primary) | `false` | -| `primary.hostIPC` | Specify if host IPC should be enabled for PostgreSQL pod (postgresql primary) | `false` | -| `primary.labels` | Map of labels to add to the statefulset (postgresql primary) | `{}` | -| `primary.annotations` | Annotations for PostgreSQL primary pods | `{}` | -| `primary.podLabels` | Map of labels to add to the pods (postgresql primary) | `{}` | -| `primary.podAnnotations` | Map of annotations to add to the pods (postgresql primary) | `{}` | -| `primary.podAffinityPreset` | PostgreSQL primary pod affinity preset. Ignored if `primary.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `primary.podAntiAffinityPreset` | PostgreSQL primary pod anti-affinity preset. Ignored if `primary.affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `primary.nodeAffinityPreset.type` | PostgreSQL primary node affinity preset type. Ignored if `primary.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `primary.nodeAffinityPreset.key` | PostgreSQL primary node label key to match Ignored if `primary.affinity` is set. | `""` | -| `primary.nodeAffinityPreset.values` | PostgreSQL primary node label values to match. Ignored if `primary.affinity` is set. | `[]` | -| `primary.affinity` | Affinity for PostgreSQL primary pods assignment | `{}` | -| `primary.nodeSelector` | Node labels for PostgreSQL primary pods assignment | `{}` | -| `primary.tolerations` | Tolerations for PostgreSQL primary pods assignment | `[]` | -| `primary.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | -| `primary.priorityClassName` | Priority Class to use for each pod (postgresql primary) | `""` | -| `primary.schedulerName` | Use an alternate scheduler, e.g. "stork". | `""` | -| `primary.terminationGracePeriodSeconds` | Seconds PostgreSQL primary pod needs to terminate gracefully | `""` | -| `primary.updateStrategy.type` | PostgreSQL Primary statefulset strategy type | `RollingUpdate` | -| `primary.updateStrategy.rollingUpdate` | PostgreSQL Primary statefulset rolling update configuration parameters | `{}` | -| `primary.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the PostgreSQL Primary container(s) | `[]` | -| `primary.extraVolumes` | Optionally specify extra list of additional volumes for the PostgreSQL Primary pod(s) | `[]` | -| `primary.sidecars` | Add additional sidecar containers to the PostgreSQL Primary pod(s) | `[]` | -| `primary.initContainers` | Add additional init containers to the PostgreSQL Primary pod(s) | `[]` | -| `primary.pdb.create` | Enable/disable a Pod Disruption Budget creation | `true` | -| `primary.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `""` | -| `primary.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable. Defaults to `1` if both `primary.pdb.minAvailable` and `primary.pdb.maxUnavailable` are empty. | `""` | -| `primary.extraPodSpec` | Optionally specify extra PodSpec for the PostgreSQL Primary pod(s) | `{}` | -| `primary.networkPolicy.enabled` | Specifies whether a NetworkPolicy should be created | `true` | -| `primary.networkPolicy.allowExternal` | Don't require server label for connections | `true` | -| `primary.networkPolicy.allowExternalEgress` | Allow the pod to access any range of port and all destinations. | `true` | -| `primary.networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolicy | `[]` | -| `primary.networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy | `[]` | -| `primary.networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces | `{}` | -| `primary.networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces | `{}` | -| `primary.service.type` | Kubernetes Service type | `ClusterIP` | -| `primary.service.ports.postgresql` | PostgreSQL service port | `5432` | -| `primary.service.nodePorts.postgresql` | Node port for PostgreSQL | `""` | -| `primary.service.clusterIP` | Static clusterIP or None for headless services | `""` | -| `primary.service.annotations` | Annotations for PostgreSQL primary service | `{}` | -| `primary.service.loadBalancerClass` | Load balancer class if service type is `LoadBalancer` | `""` | -| `primary.service.loadBalancerIP` | Load balancer IP if service type is `LoadBalancer` | `""` | -| `primary.service.externalTrafficPolicy` | Enable client source IP preservation | `Cluster` | -| `primary.service.loadBalancerSourceRanges` | Addresses that are allowed when service is LoadBalancer | `[]` | -| `primary.service.extraPorts` | Extra ports to expose in the PostgreSQL primary service | `[]` | -| `primary.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | -| `primary.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | -| `primary.service.headless.annotations` | Additional custom annotations for headless PostgreSQL primary service | `{}` | -| `primary.persistence.enabled` | Enable PostgreSQL Primary data persistence using PVC | `true` | -| `primary.persistence.volumeName` | Name to assign the volume | `data` | -| `primary.persistence.existingClaim` | Name of an existing PVC to use | `""` | -| `primary.persistence.mountPath` | The path the volume will be mounted at | `/bitnami/postgresql` | -| `primary.persistence.subPath` | The subdirectory of the volume to mount to | `""` | -| `primary.persistence.storageClass` | PVC Storage Class for PostgreSQL Primary data volume | `""` | -| `primary.persistence.accessModes` | PVC Access Mode for PostgreSQL volume | `["ReadWriteOnce"]` | -| `primary.persistence.size` | PVC Storage Request for PostgreSQL volume | `8Gi` | -| `primary.persistence.annotations` | Annotations for the PVC | `{}` | -| `primary.persistence.labels` | Labels for the PVC | `{}` | -| `primary.persistence.selector` | Selector to match an existing Persistent Volume (this value is evaluated as a template) | `{}` | -| `primary.persistence.dataSource` | Custom PVC data source | `{}` | -| `primary.persistentVolumeClaimRetentionPolicy.enabled` | Enable Persistent volume retention policy for Primary Statefulset | `false` | -| `primary.persistentVolumeClaimRetentionPolicy.whenScaled` | Volume retention behavior when the replica count of the StatefulSet is reduced | `Retain` | -| `primary.persistentVolumeClaimRetentionPolicy.whenDeleted` | Volume retention behavior that applies when the StatefulSet is deleted | `Retain` | - -### PostgreSQL read only replica parameters (only used when `architecture` is set to `replication`) - -| Name | Description | Value | -| ---------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------- | -| `readReplicas.name` | Name of the read replicas database (eg secondary, slave, ...) | `read` | -| `readReplicas.replicaCount` | Number of PostgreSQL read only replicas | `1` | -| `readReplicas.extendedConfiguration` | Extended PostgreSQL read only replicas configuration (appended to main or default configuration) | `""` | -| `readReplicas.extraEnvVars` | Array with extra environment variables to add to PostgreSQL read only nodes | `[]` | -| `readReplicas.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for PostgreSQL read only nodes | `""` | -| `readReplicas.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for PostgreSQL read only nodes | `""` | -| `readReplicas.command` | Override default container command (useful when using custom images) | `[]` | -| `readReplicas.args` | Override default container args (useful when using custom images) | `[]` | -| `readReplicas.livenessProbe.enabled` | Enable livenessProbe on PostgreSQL read only containers | `true` | -| `readReplicas.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `30` | -| `readReplicas.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `readReplicas.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `readReplicas.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | -| `readReplicas.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `readReplicas.readinessProbe.enabled` | Enable readinessProbe on PostgreSQL read only containers | `true` | -| `readReplicas.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | -| `readReplicas.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `readReplicas.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | -| `readReplicas.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | -| `readReplicas.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `readReplicas.startupProbe.enabled` | Enable startupProbe on PostgreSQL read only containers | `false` | -| `readReplicas.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `30` | -| `readReplicas.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `readReplicas.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | -| `readReplicas.startupProbe.failureThreshold` | Failure threshold for startupProbe | `15` | -| `readReplicas.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `readReplicas.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `readReplicas.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `readReplicas.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `readReplicas.lifecycleHooks` | for the PostgreSQL read only container to automate configuration before or after startup | `{}` | -| `readReplicas.resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if readReplicas.resources is set (readReplicas.resources is recommended for production). | `nano` | -| `readReplicas.resources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` | -| `readReplicas.podSecurityContext.enabled` | Enable security context | `true` | -| `readReplicas.podSecurityContext.fsGroupChangePolicy` | Set filesystem group change policy | `Always` | -| `readReplicas.podSecurityContext.sysctls` | Set kernel settings using the sysctl interface | `[]` | -| `readReplicas.podSecurityContext.supplementalGroups` | Set filesystem extra groups | `[]` | -| `readReplicas.podSecurityContext.fsGroup` | Group ID for the pod | `1001` | -| `readReplicas.containerSecurityContext.enabled` | Enabled containers' Security Context | `true` | -| `readReplicas.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `{}` | -| `readReplicas.containerSecurityContext.runAsUser` | Set containers' Security Context runAsUser | `1001` | -| `readReplicas.containerSecurityContext.runAsGroup` | Set containers' Security Context runAsGroup | `1001` | -| `readReplicas.containerSecurityContext.runAsNonRoot` | Set container's Security Context runAsNonRoot | `true` | -| `readReplicas.containerSecurityContext.privileged` | Set container's Security Context privileged | `false` | -| `readReplicas.containerSecurityContext.readOnlyRootFilesystem` | Set container's Security Context readOnlyRootFilesystem | `true` | -| `readReplicas.containerSecurityContext.allowPrivilegeEscalation` | Set container's Security Context allowPrivilegeEscalation | `false` | -| `readReplicas.containerSecurityContext.capabilities.drop` | List of capabilities to be dropped | `["ALL"]` | -| `readReplicas.containerSecurityContext.seccompProfile.type` | Set container's Security Context seccomp profile | `RuntimeDefault` | -| `readReplicas.automountServiceAccountToken` | Mount Service Account token in pod | `false` | -| `readReplicas.hostAliases` | PostgreSQL read only pods host aliases | `[]` | -| `readReplicas.hostNetwork` | Specify if host network should be enabled for PostgreSQL pod (PostgreSQL read only) | `false` | -| `readReplicas.hostIPC` | Specify if host IPC should be enabled for PostgreSQL pod (postgresql primary) | `false` | -| `readReplicas.labels` | Map of labels to add to the statefulset (PostgreSQL read only) | `{}` | -| `readReplicas.annotations` | Annotations for PostgreSQL read only pods | `{}` | -| `readReplicas.podLabels` | Map of labels to add to the pods (PostgreSQL read only) | `{}` | -| `readReplicas.podAnnotations` | Map of annotations to add to the pods (PostgreSQL read only) | `{}` | -| `readReplicas.podAffinityPreset` | PostgreSQL read only pod affinity preset. Ignored if `primary.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `readReplicas.podAntiAffinityPreset` | PostgreSQL read only pod anti-affinity preset. Ignored if `primary.affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `readReplicas.nodeAffinityPreset.type` | PostgreSQL read only node affinity preset type. Ignored if `primary.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `readReplicas.nodeAffinityPreset.key` | PostgreSQL read only node label key to match Ignored if `primary.affinity` is set. | `""` | -| `readReplicas.nodeAffinityPreset.values` | PostgreSQL read only node label values to match. Ignored if `primary.affinity` is set. | `[]` | -| `readReplicas.affinity` | Affinity for PostgreSQL read only pods assignment | `{}` | -| `readReplicas.nodeSelector` | Node labels for PostgreSQL read only pods assignment | `{}` | -| `readReplicas.tolerations` | Tolerations for PostgreSQL read only pods assignment | `[]` | -| `readReplicas.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | -| `readReplicas.priorityClassName` | Priority Class to use for each pod (PostgreSQL read only) | `""` | -| `readReplicas.schedulerName` | Use an alternate scheduler, e.g. "stork". | `""` | -| `readReplicas.terminationGracePeriodSeconds` | Seconds PostgreSQL read only pod needs to terminate gracefully | `""` | -| `readReplicas.updateStrategy.type` | PostgreSQL read only statefulset strategy type | `RollingUpdate` | -| `readReplicas.updateStrategy.rollingUpdate` | PostgreSQL read only statefulset rolling update configuration parameters | `{}` | -| `readReplicas.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the PostgreSQL read only container(s) | `[]` | -| `readReplicas.extraVolumes` | Optionally specify extra list of additional volumes for the PostgreSQL read only pod(s) | `[]` | -| `readReplicas.sidecars` | Add additional sidecar containers to the PostgreSQL read only pod(s) | `[]` | -| `readReplicas.initContainers` | Add additional init containers to the PostgreSQL read only pod(s) | `[]` | -| `readReplicas.pdb.create` | Enable/disable a Pod Disruption Budget creation | `true` | -| `readReplicas.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `""` | -| `readReplicas.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable. Defaults to `1` if both `readReplicas.pdb.minAvailable` and `readReplicas.pdb.maxUnavailable` are empty. | `""` | -| `readReplicas.extraPodSpec` | Optionally specify extra PodSpec for the PostgreSQL read only pod(s) | `{}` | -| `readReplicas.networkPolicy.enabled` | Specifies whether a NetworkPolicy should be created | `true` | -| `readReplicas.networkPolicy.allowExternal` | Don't require server label for connections | `true` | -| `readReplicas.networkPolicy.allowExternalEgress` | Allow the pod to access any range of port and all destinations. | `true` | -| `readReplicas.networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolicy | `[]` | -| `readReplicas.networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy | `[]` | -| `readReplicas.networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces | `{}` | -| `readReplicas.networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces | `{}` | -| `readReplicas.service.type` | Kubernetes Service type | `ClusterIP` | -| `readReplicas.service.ports.postgresql` | PostgreSQL service port | `5432` | -| `readReplicas.service.nodePorts.postgresql` | Node port for PostgreSQL | `""` | -| `readReplicas.service.clusterIP` | Static clusterIP or None for headless services | `""` | -| `readReplicas.service.annotations` | Annotations for PostgreSQL read only service | `{}` | -| `readReplicas.service.loadBalancerClass` | Load balancer class if service type is `LoadBalancer` | `""` | -| `readReplicas.service.loadBalancerIP` | Load balancer IP if service type is `LoadBalancer` | `""` | -| `readReplicas.service.externalTrafficPolicy` | Enable client source IP preservation | `Cluster` | -| `readReplicas.service.loadBalancerSourceRanges` | Addresses that are allowed when service is LoadBalancer | `[]` | -| `readReplicas.service.extraPorts` | Extra ports to expose in the PostgreSQL read only service | `[]` | -| `readReplicas.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | -| `readReplicas.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | -| `readReplicas.service.headless.annotations` | Additional custom annotations for headless PostgreSQL read only service | `{}` | -| `readReplicas.persistence.enabled` | Enable PostgreSQL read only data persistence using PVC | `true` | -| `readReplicas.persistence.existingClaim` | Name of an existing PVC to use | `""` | -| `readReplicas.persistence.mountPath` | The path the volume will be mounted at | `/bitnami/postgresql` | -| `readReplicas.persistence.subPath` | The subdirectory of the volume to mount to | `""` | -| `readReplicas.persistence.storageClass` | PVC Storage Class for PostgreSQL read only data volume | `""` | -| `readReplicas.persistence.accessModes` | PVC Access Mode for PostgreSQL volume | `["ReadWriteOnce"]` | -| `readReplicas.persistence.size` | PVC Storage Request for PostgreSQL volume | `8Gi` | -| `readReplicas.persistence.annotations` | Annotations for the PVC | `{}` | -| `readReplicas.persistence.labels` | Labels for the PVC | `{}` | -| `readReplicas.persistence.selector` | Selector to match an existing Persistent Volume (this value is evaluated as a template) | `{}` | -| `readReplicas.persistence.dataSource` | Custom PVC data source | `{}` | -| `readReplicas.persistentVolumeClaimRetentionPolicy.enabled` | Enable Persistent volume retention policy for read only Statefulset | `false` | -| `readReplicas.persistentVolumeClaimRetentionPolicy.whenScaled` | Volume retention behavior when the replica count of the StatefulSet is reduced | `Retain` | -| `readReplicas.persistentVolumeClaimRetentionPolicy.whenDeleted` | Volume retention behavior that applies when the StatefulSet is deleted | `Retain` | - -### Backup parameters - -| Name | Description | Value | -| ------------------------------------------------------------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| `backup.enabled` | Enable the logical dump of the database "regularly" | `false` | -| `backup.cronjob.schedule` | Set the cronjob parameter schedule | `@daily` | -| `backup.cronjob.timeZone` | Set the cronjob parameter timeZone | `""` | -| `backup.cronjob.concurrencyPolicy` | Set the cronjob parameter concurrencyPolicy | `Allow` | -| `backup.cronjob.failedJobsHistoryLimit` | Set the cronjob parameter failedJobsHistoryLimit | `1` | -| `backup.cronjob.successfulJobsHistoryLimit` | Set the cronjob parameter successfulJobsHistoryLimit | `3` | -| `backup.cronjob.startingDeadlineSeconds` | Set the cronjob parameter startingDeadlineSeconds | `""` | -| `backup.cronjob.ttlSecondsAfterFinished` | Set the cronjob parameter ttlSecondsAfterFinished | `""` | -| `backup.cronjob.restartPolicy` | Set the cronjob parameter restartPolicy | `OnFailure` | -| `backup.cronjob.podSecurityContext.enabled` | Enable PodSecurityContext for CronJob/Backup | `true` | -| `backup.cronjob.podSecurityContext.fsGroupChangePolicy` | Set filesystem group change policy | `Always` | -| `backup.cronjob.podSecurityContext.sysctls` | Set kernel settings using the sysctl interface | `[]` | -| `backup.cronjob.podSecurityContext.supplementalGroups` | Set filesystem extra groups | `[]` | -| `backup.cronjob.podSecurityContext.fsGroup` | Group ID for the CronJob | `1001` | -| `backup.cronjob.containerSecurityContext.enabled` | Enabled containers' Security Context | `true` | -| `backup.cronjob.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `{}` | -| `backup.cronjob.containerSecurityContext.runAsUser` | Set containers' Security Context runAsUser | `1001` | -| `backup.cronjob.containerSecurityContext.runAsGroup` | Set containers' Security Context runAsGroup | `1001` | -| `backup.cronjob.containerSecurityContext.runAsNonRoot` | Set container's Security Context runAsNonRoot | `true` | -| `backup.cronjob.containerSecurityContext.privileged` | Set container's Security Context privileged | `false` | -| `backup.cronjob.containerSecurityContext.readOnlyRootFilesystem` | Set container's Security Context readOnlyRootFilesystem | `true` | -| `backup.cronjob.containerSecurityContext.allowPrivilegeEscalation` | Set container's Security Context allowPrivilegeEscalation | `false` | -| `backup.cronjob.containerSecurityContext.capabilities.drop` | List of capabilities to be dropped | `["ALL"]` | -| `backup.cronjob.containerSecurityContext.seccompProfile.type` | Set container's Security Context seccomp profile | `RuntimeDefault` | -| `backup.cronjob.command` | Set backup container's command to run | `["/bin/sh","-c","pg_dumpall --clean --if-exists --load-via-partition-root --quote-all-identifiers --no-password --file=${PGDUMP_DIR}/pg_dumpall-$(date '+%Y-%m-%d-%H-%M').pgdump"]` | -| `backup.cronjob.labels` | Set the cronjob labels | `{}` | -| `backup.cronjob.annotations` | Set the cronjob annotations | `{}` | -| `backup.cronjob.nodeSelector` | Node labels for PostgreSQL backup CronJob pod assignment | `{}` | -| `backup.cronjob.tolerations` | Tolerations for PostgreSQL backup CronJob pods assignment | `[]` | -| `backup.cronjob.resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if backup.cronjob.resources is set (backup.cronjob.resources is recommended for production). | `nano` | -| `backup.cronjob.resources` | Set container requests and limits for different resources like CPU or memory | `{}` | -| `backup.cronjob.networkPolicy.enabled` | Specifies whether a NetworkPolicy should be created | `true` | -| `backup.cronjob.storage.enabled` | Enable using a `PersistentVolumeClaim` as backup data volume | `true` | -| `backup.cronjob.storage.existingClaim` | Provide an existing `PersistentVolumeClaim` (only when `architecture=standalone`) | `""` | -| `backup.cronjob.storage.resourcePolicy` | Setting it to "keep" to avoid removing PVCs during a helm delete operation. Leaving it empty will delete PVCs after the chart deleted | `""` | -| `backup.cronjob.storage.storageClass` | PVC Storage Class for the backup data volume | `""` | -| `backup.cronjob.storage.accessModes` | PV Access Mode | `["ReadWriteOnce"]` | -| `backup.cronjob.storage.size` | PVC Storage Request for the backup data volume | `8Gi` | -| `backup.cronjob.storage.annotations` | PVC annotations | `{}` | -| `backup.cronjob.storage.mountPath` | Path to mount the volume at | `/backup/pgdump` | -| `backup.cronjob.storage.subPath` | Subdirectory of the volume to mount at | `""` | -| `backup.cronjob.storage.volumeClaimTemplates.selector` | A label query over volumes to consider for binding (e.g. when using local volumes) | `{}` | -| `backup.cronjob.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the backup container | `[]` | -| `backup.cronjob.extraVolumes` | Optionally specify extra list of additional volumes for the backup container | `[]` | - -### Volume Permissions parameters - -| Name | Description | Value | -| ---------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------- | -| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume | `false` | -| `volumePermissions.image.registry` | Init container volume-permissions image registry | `REGISTRY_NAME` | -| `volumePermissions.image.repository` | Init container volume-permissions image repository | `REPOSITORY_NAME/os-shell` | -| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | Init container volume-permissions image pull secrets | `[]` | -| `volumePermissions.resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if volumePermissions.resources is set (volumePermissions.resources is recommended for production). | `nano` | -| `volumePermissions.resources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` | -| `volumePermissions.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `{}` | -| `volumePermissions.containerSecurityContext.runAsUser` | User ID for the init container | `0` | -| `volumePermissions.containerSecurityContext.runAsGroup` | Group ID for the init container | `0` | -| `volumePermissions.containerSecurityContext.runAsNonRoot` | runAsNonRoot for the init container | `false` | -| `volumePermissions.containerSecurityContext.seccompProfile.type` | seccompProfile.type for the init container | `RuntimeDefault` | - -### Other Parameters - -| Name | Description | Value | -| --------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------- | ------- | -| `serviceBindings.enabled` | Create secret for service binding (Experimental) | `false` | -| `serviceAccount.create` | Enable creation of ServiceAccount for PostgreSQL pod | `true` | -| `serviceAccount.name` | The name of the ServiceAccount to use. | `""` | -| `serviceAccount.automountServiceAccountToken` | Allows auto mount of ServiceAccountToken on the serviceAccount created | `false` | -| `serviceAccount.annotations` | Additional custom annotations for the ServiceAccount | `{}` | -| `rbac.create` | Create Role and RoleBinding (required for PSP to work) | `false` | -| `rbac.rules` | Custom RBAC rules to set | `[]` | -| `psp.create` | Whether to create a PodSecurityPolicy. WARNING: PodSecurityPolicy is deprecated in Kubernetes v1.21 or later, unavailable in v1.25 or later | `false` | - -### Metrics Parameters - -| Name | Description | Value | -| ----------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------- | -| `metrics.enabled` | Start a prometheus exporter | `false` | -| `metrics.image.registry` | PostgreSQL Prometheus Exporter image registry | `REGISTRY_NAME` | -| `metrics.image.repository` | PostgreSQL Prometheus Exporter image repository | `REPOSITORY_NAME/postgres-exporter` | -| `metrics.image.digest` | PostgreSQL image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `metrics.image.pullPolicy` | PostgreSQL Prometheus Exporter image pull policy | `IfNotPresent` | -| `metrics.image.pullSecrets` | Specify image pull secrets | `[]` | -| `metrics.collectors` | Control enabled collectors | `{}` | -| `metrics.customMetrics` | Define additional custom metrics | `{}` | -| `metrics.extraEnvVars` | Extra environment variables to add to PostgreSQL Prometheus exporter | `[]` | -| `metrics.containerSecurityContext.enabled` | Enabled containers' Security Context | `true` | -| `metrics.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `{}` | -| `metrics.containerSecurityContext.runAsUser` | Set containers' Security Context runAsUser | `1001` | -| `metrics.containerSecurityContext.runAsGroup` | Set containers' Security Context runAsGroup | `1001` | -| `metrics.containerSecurityContext.runAsNonRoot` | Set container's Security Context runAsNonRoot | `true` | -| `metrics.containerSecurityContext.privileged` | Set container's Security Context privileged | `false` | -| `metrics.containerSecurityContext.readOnlyRootFilesystem` | Set container's Security Context readOnlyRootFilesystem | `true` | -| `metrics.containerSecurityContext.allowPrivilegeEscalation` | Set container's Security Context allowPrivilegeEscalation | `false` | -| `metrics.containerSecurityContext.capabilities.drop` | List of capabilities to be dropped | `["ALL"]` | -| `metrics.containerSecurityContext.seccompProfile.type` | Set container's Security Context seccomp profile | `RuntimeDefault` | -| `metrics.livenessProbe.enabled` | Enable livenessProbe on PostgreSQL Prometheus exporter containers | `true` | -| `metrics.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` | -| `metrics.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `metrics.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `metrics.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | -| `metrics.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `metrics.readinessProbe.enabled` | Enable readinessProbe on PostgreSQL Prometheus exporter containers | `true` | -| `metrics.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | -| `metrics.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `metrics.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | -| `metrics.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | -| `metrics.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `metrics.startupProbe.enabled` | Enable startupProbe on PostgreSQL Prometheus exporter containers | `false` | -| `metrics.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `10` | -| `metrics.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `metrics.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | -| `metrics.startupProbe.failureThreshold` | Failure threshold for startupProbe | `15` | -| `metrics.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `metrics.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `metrics.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `metrics.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `metrics.containerPorts.metrics` | PostgreSQL Prometheus exporter metrics container port | `9187` | -| `metrics.resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if metrics.resources is set (metrics.resources is recommended for production). | `nano` | -| `metrics.resources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` | -| `metrics.service.ports.metrics` | PostgreSQL Prometheus Exporter service port | `9187` | -| `metrics.service.clusterIP` | Static clusterIP or None for headless services | `""` | -| `metrics.service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | -| `metrics.service.annotations` | Annotations for Prometheus to auto-discover the metrics endpoint | `{}` | -| `metrics.serviceMonitor.enabled` | Create ServiceMonitor Resource for scraping metrics using Prometheus Operator | `false` | -| `metrics.serviceMonitor.namespace` | Namespace for the ServiceMonitor Resource (defaults to the Release Namespace) | `""` | -| `metrics.serviceMonitor.interval` | Interval at which metrics should be scraped. | `""` | -| `metrics.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `""` | -| `metrics.serviceMonitor.labels` | Additional labels that can be used so ServiceMonitor will be discovered by Prometheus | `{}` | -| `metrics.serviceMonitor.selector` | Prometheus instance selector labels | `{}` | -| `metrics.serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping | `[]` | -| `metrics.serviceMonitor.metricRelabelings` | MetricRelabelConfigs to apply to samples before ingestion | `[]` | -| `metrics.serviceMonitor.honorLabels` | Specify honorLabels parameter to add the scrape endpoint | `false` | -| `metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` | -| `metrics.prometheusRule.enabled` | Create a PrometheusRule for Prometheus Operator | `false` | -| `metrics.prometheusRule.namespace` | Namespace for the PrometheusRule Resource (defaults to the Release Namespace) | `""` | -| `metrics.prometheusRule.labels` | Additional labels that can be used so PrometheusRule will be discovered by Prometheus | `{}` | -| `metrics.prometheusRule.rules` | PrometheusRule definitions | `[]` | - -Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, - -```console -helm install my-release \ - --set auth.postgresPassword=secretpassword - oci://REGISTRY_NAME/REPOSITORY_NAME/postgresql -``` - -> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. - -The above command sets the PostgreSQL `postgres` account password to `secretpassword`. - -> NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available. -> **Warning** Setting a password will be ignored on new installation in case when previous PostgreSQL release was deleted through the helm command. In that case, old PVC will have an old password, and setting it through helm won't take effect. Deleting persistent volumes (PVs) will solve the issue. Refer to [issue 2061](https://github.com/bitnami/charts/issues/2061) for more details - -Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, - -```console -helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/postgresql -``` - -> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. -> **Tip**: You can use the default [values.yaml](https://github.com/bitnami/charts/tree/main/bitnami/postgresql/values.yaml) - -## Troubleshooting - -Find more information about how to deal with common errors related to Bitnami's Helm charts in [this troubleshooting guide](https://docs.bitnami.com/general/how-to/troubleshoot-helm-chart-issues). - -## Upgrading - -### To 15.0.0 - -This major bump changes the following security defaults: - -- `runAsGroup` is changed from `0` to `1001` -- `readOnlyRootFilesystem` is set to `true` -- `resourcesPreset` is changed from `none` to the minimum size working in our test suites (NOTE: `resourcesPreset` is not meant for production usage, but `resources` adapted to your use case). -- `global.compatibility.openshift.adaptSecurityContext` is changed from `disabled` to `auto`. - -This could potentially break any customization or init scripts used in your deployment. If this is the case, change the default values to the previous ones. - -### To 14.0.0 - -This major version adapts the NetworkPolicy objects to the most recent Bitnami standards. Now there is a separate object for `primary` and for `readReplicas`, being located in their corresponding sections. It is also enabled by default in other to comply with the best security standards. - -Check the parameter section for the new value structure. - -### To 13.0.0 - -This major version changes the default PostgreSQL image from 15.x to 16.x. Follow the [official instructions](https://www.postgresql.org/docs/16/upgrading.html) to upgrade to 16.x. - -### To 12.0.0 - -This major version changes the default PostgreSQL image from 14.x to 15.x. Follow the [official instructions](https://www.postgresql.org/docs/15/upgrading.html) to upgrade to 15.x. - -### To 11.0.0 - -In this version the application version was bumped to _14.x_ series. Also, this major release renames several values in this chart and adds missing features, in order to be inline with the rest of assets in the Bitnami charts repository. - -- _replication.enabled_ parameter is deprecated in favor of _architecture_ parameter that accepts two values: _standalone_ and _replication_. -- _replication.singleService_ and _replication.uniqueServices_ parameters are deprecated. When using replication, each statefulset (primary and read-only) has its own headless service & service allowing to connect to read-only replicas through the service (round-robin) or individually. -- _postgresqlPostgresPassword_, _postgresqlUsername_, _postgresqlPassword_, _postgresqlDatabase_, _replication.user_, _replication.password_, and _existingSecret_ parameters have been regrouped under the _auth_ map. The _auth_ map uses a new perspective to configure authentication, so please read carefully each sub-parameter description. -- _extraEnv_ has been deprecated in favor of _primary.extraEnvVars_ and _readReplicas.extraEnvVars_. -- _postgresqlConfiguration_, _pgHbaConfiguration_, _configurationConfigMap_, _postgresqlExtendedConf_, and _extendedConfConfigMap_ have been deprecated in favor of _primary.configuration_, _primary.pgHbaConfiguration_, _primary.existingConfigmap_, _primary.extendedConfiguration_, and _primary.existingExtendedConfigmap_. -- _postgresqlInitdbArgs_, _postgresqlInitdbWalDir_, _initdbScripts_, _initdbScriptsConfigMap_, _initdbScriptsSecret_, _initdbUser_ and _initdbPassword_ have been regrouped under the _primary.initdb_ map. -- _postgresqlMaxConnections_, _postgresqlPostgresConnectionLimit_, _postgresqlDbUserConnectionLimit_, _postgresqlTcpKeepalivesInterval_, _postgresqlTcpKeepalivesIdle_, _postgresqlTcpKeepalivesCount_, _postgresqlStatementTimeout_ and _postgresqlPghbaRemoveFilters_ parameters are deprecated. Use _XXX.extraEnvVars_ instead. -- _primaryAsStandBy_ has been deprecated in favor of _primary.standby_. -- _securityContext_ and _containerSecurityContext_ have been deprecated in favor of _primary.podSecurityContext_, _primary.containerSecurityContext_, _readReplicas.podSecurityContext_, and _readReplicas.containerSecurityContext_. -- _livenessProbe_ and _readinessProbe_ maps have been deprecated in favor of _primary.livenessProbe_, _primary.readinessProbe_, _readReplicas.livenessProbe_ and _readReplicas.readinessProbe_ maps. -- _persistence_ map has been deprecated in favor of _primary.persistence_ and _readReplicas.persistence_ maps. -- _networkPolicy_ map has been completely refactored. -- _service_ map has been deprecated in favor of _primary.service_ and _readReplicas.service_ maps. -- _metrics.service.port_ has been regrouped under the _metrics.service.ports_ map. -- _serviceAccount.enabled_ and _serviceAccount.autoMount_ have been deprecated in favor of _serviceAccount.create_ and _serviceAccount.automountServiceAccountToken_. - -#### How to upgrade to version 11.0.0 - -To upgrade to _11.0.0_ from _10.x_, it should be done reusing the PVC(s) used to hold the PostgreSQL data on your previous release. To do so, follow the instructions below (the following example assumes that the release name is _postgresql_): - -> NOTE: Please, create a backup of your database before running any of these actions. - -1. Obtain the credentials and the names of the PVCs used to hold the PostgreSQL data on your current release: - -```console -export POSTGRESQL_PASSWORD=$(kubectl get secret --namespace default postgresql -o jsonpath="{.data.postgresql-password}" | base64 --decode) -export POSTGRESQL_PVC=$(kubectl get pvc -l app.kubernetes.io/instance=postgresql,role=primary -o jsonpath="{.items[0].metadata.name}") -``` - -1. Delete the PostgreSQL statefulset (notice the option _--cascade=false_) and secret: - -```console -kubectl delete statefulsets.apps postgresql-postgresql --namespace default --cascade=false -kubectl delete secret postgresql --namespace default -``` - -1. Upgrade your release using the same PostgreSQL version: - -```console -CURRENT_VERSION=$(kubectl exec postgresql-postgresql-0 -- bash -c 'echo $BITNAMI_IMAGE_VERSION') -helm upgrade postgresql bitnami/postgresql \ - --set auth.postgresPassword=$POSTGRESQL_PASSWORD \ - --set primary.persistence.existingClaim=$POSTGRESQL_PVC \ - --set image.tag=$CURRENT_VERSION -``` - -1. You will have to delete the existing PostgreSQL pod and the new statefulset is going to create a new one - -```console -kubectl delete pod postgresql-postgresql-0 -``` - -1. Finally, you should see the lines below in PostgreSQL container logs: - -```text -$ kubectl logs $(kubectl get pods -l app.kubernetes.io/instance=postgresql,app.kubernetes.io/name=postgresql,app.kubernetes.io/component=primary -o jsonpath="{.items[0].metadata.name}") -... -postgresql 08:05:12.59 INFO ==> Deploying PostgreSQL with persisted data... -... -``` - -> NOTE: the instructions above reuse the same PostgreSQL version you were using in your chart release. Otherwise, you will find an error such as the one below when upgrading since the new chart major version also bumps the application version. To workaround this issue you need to upgrade database, please refer to the [official PostgreSQL documentation](https://www.postgresql.org/docs/current/upgrading.html) for more information about this. - -```console -$ kubectl logs $(kubectl get pods -l app.kubernetes.io/instance=postgresql,app.kubernetes.io/name=postgresql,app.kubernetes.io/component=primary -o jsonpath="{.items[0].metadata.name}") - ... -postgresql 08:10:14.72 INFO ==> ** Starting PostgreSQL ** -2022-02-01 08:10:14.734 GMT [1] FATAL: database files are incompatible with server -2022-02-01 08:10:14.734 GMT [1] DETAIL: The data directory was initialized by PostgreSQL version 11, which is not compatible with this version 14.1. -``` - -### To 10.0.0 - -[On November 13, 2020, Helm v2 support was formally finished](https://github.com/helm/charts#status-of-the-project), this major version is the result of the required changes applied to the Helm Chart to be able to incorporate the different features added in Helm v3 and to be consistent with the Helm project itself regarding the Helm v2 EOL. - -- Previous versions of this Helm Chart use `apiVersion: v1` (installable by both Helm 2 and 3), this Helm Chart was updated to `apiVersion: v2` (installable by Helm 3 only). [Here](https://helm.sh/docs/topics/charts/#the-apiversion-field) you can find more information about the `apiVersion` field. -- Move dependency information from the _requirements.yaml_ to the _Chart.yaml_ -- After running _helm dependency update_, a _Chart.lock_ file is generated containing the same structure used in the previous _requirements.lock_ -- The different fields present in the _Chart.yaml_ file has been ordered alphabetically in a homogeneous way for all the Bitnami Helm Chart. -- The term _master_ has been replaced with _primary_ and _slave_ with _readReplicas_ throughout the chart. Role names have changed from _master_ and _slave_ to _primary_ and _read_. - -#### Considerations when upgrading to this version - -- If you want to upgrade to this version using Helm v2, this scenario is not supported as this version does not support Helm v2 anymore. -- If you installed the previous version with Helm v2 and wants to upgrade to this version with Helm v3, please refer to the [official Helm documentation](https://helm.sh/docs/topics/v2_v3_migration/#migration-use-cases) about migrating from Helm v2 to v3. - -#### Useful links - -- [Bitnami Tutorial](https://docs.vmware.com/en/VMware-Tanzu-Application-Catalog/services/tutorials/GUID-resolve-helm2-helm3-post-migration-issues-index.html) -- [Helm docs](https://helm.sh/docs/topics/v2_v3_migration) -- [Helm Blog](https://helm.sh/blog/migrate-from-helm-v2-to-helm-v3) - -#### How to upgrade to version 10.0.0 - -To upgrade to _10.0.0_ from _9.x_, it should be done reusing the PVC(s) used to hold the PostgreSQL data on your previous release. To do so, follow the instructions below (the following example assumes that the release name is _postgresql_): - -> NOTE: Please, create a backup of your database before running any of those actions. - -1. Obtain the credentials and the names of the PVCs used to hold the PostgreSQL data on your current release: - -```console -export POSTGRESQL_PASSWORD=$(kubectl get secret --namespace default postgresql -o jsonpath="{.data.postgresql-password}" | base64 --decode) -export POSTGRESQL_PVC=$(kubectl get pvc -l app.kubernetes.io/instance=postgresql,role=primary -o jsonpath="{.items[0].metadata.name}") -``` - -1. Delete the PostgreSQL statefulset (notice the option _--cascade=false_): - -```console -kubectl delete statefulsets.apps postgresql-postgresql --namespace default --cascade=false -``` - -1. Upgrade your release using the same PostgreSQL version: - -```console -helm upgrade postgresql bitnami/postgresql \ - --set postgresqlPassword=$POSTGRESQL_PASSWORD \ - --set persistence.existingClaim=$POSTGRESQL_PVC -``` - -1. Delete the existing PostgreSQL pod and the new statefulset will create a new one: - -```console -kubectl delete pod postgresql-postgresql-0 -``` - -1. Finally, you should see the lines below in PostgreSQL container logs: - -```text -$ kubectl logs $(kubectl get pods -l app.kubernetes.io/instance=postgresql,app.kubernetes.io/name=postgresql,role=primary -o jsonpath="{.items[0].metadata.name}") -... -postgresql 08:05:12.59 INFO ==> Deploying PostgreSQL with persisted data... -... -``` - -### To 9.0.0 - -In this version the chart was adapted to follow the [Helm standard labels](https://helm.sh/docs/chart_best_practices/labels/#standard-labels). - -- Some inmutable objects were modified to adopt Helm standard labels introducing backward incompatibilities. - -#### How to upgrade to version 9.0.0 - -To upgrade to _9.0.0_ from _8.x_, it should be done reusing the PVC(s) used to hold the PostgreSQL data on your previous release. To do so, follow the instructions below (the following example assumes that the release name is _postgresql_): - -> NOTE: Please, create a backup of your database before running any of those actions. - -1. Obtain the credentials and the names of the PVCs used to hold the PostgreSQL data on your current release: - -```console -export POSTGRESQL_PASSWORD=$(kubectl get secret --namespace default postgresql -o jsonpath="{.data.postgresql-password}" | base64 --decode) -export POSTGRESQL_PVC=$(kubectl get pvc -l app=postgresql,role=master -o jsonpath="{.items[0].metadata.name}") -``` - -1. Delete the PostgreSQL statefulset (notice the option _--cascade=false_): - -```console -kubectl delete statefulsets.apps postgresql-postgresql --namespace default --cascade=false -``` - -1. Upgrade your release using the same PostgreSQL version: - -```console -helm upgrade postgresql bitnami/postgresql \ - --set postgresqlPassword=$POSTGRESQL_PASSWORD \ - --set persistence.existingClaim=$POSTGRESQL_PVC -``` - -1. Delete the existing PostgreSQL pod and the new statefulset will create a new one: - -```console -kubectl delete pod postgresql-postgresql-0 -``` - -1. Finally, you should see the lines below in PostgreSQL container logs: - -```text -$ kubectl logs $(kubectl get pods -l app.kubernetes.io/instance=postgresql,app.kubernetes.io/name=postgresql,role=master -o jsonpath="{.items[0].metadata.name}") -... -postgresql 08:05:12.59 INFO ==> Deploying PostgreSQL with persisted data... -... -``` - -## License - -Copyright © 2024 Broadcom. The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. \ No newline at end of file diff --git a/charts/postgresql/postgresql/templates/NOTES.txt b/charts/postgresql/postgresql/templates/NOTES.txt deleted file mode 100644 index fd7a751..0000000 --- a/charts/postgresql/postgresql/templates/NOTES.txt +++ /dev/null @@ -1,117 +0,0 @@ -CHART NAME: {{ .Chart.Name }} -CHART VERSION: {{ .Chart.Version }} -APP VERSION: {{ .Chart.AppVersion }} - -** Please be patient while the chart is being deployed ** - -{{- if .Values.diagnosticMode.enabled }} -The chart has been deployed in diagnostic mode. All probes have been disabled and the command has been overwritten with: - - command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 4 }} - args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 4 }} - -Get the list of pods by executing: - - kubectl get pods --namespace {{ .Release.Namespace }} -l app.kubernetes.io/instance={{ .Release.Name }} - -Access the pod you want to debug by executing - - kubectl exec --namespace {{ .Release.Namespace }} -ti -- /opt/bitnami/scripts/postgresql/entrypoint.sh /bin/bash - -In order to replicate the container startup scripts execute this command: - - /opt/bitnami/scripts/postgresql/entrypoint.sh /opt/bitnami/scripts/postgresql/run.sh - -{{- else }} - -{{- $customUser := include "postgresql.v1.username" . }} -{{- $postgresPassword := include "common.secrets.lookup" (dict "secret" (include "common.names.fullname" .) "key" .Values.auth.secretKeys.adminPasswordKey "defaultValue" (ternary .Values.auth.postgresPassword .Values.auth.password (eq $customUser "postgres")) "context" $) -}} -{{- $authEnabled := and (not (or .Values.global.postgresql.auth.existingSecret .Values.auth.existingSecret)) (or $postgresPassword .Values.auth.enablePostgresUser (and (not (empty $customUser)) (ne $customUser "postgres"))) }} -{{- if not $authEnabled }} - -WARNING: PostgreSQL has been configured without authentication, this is not recommended for production environments. -{{- end }} - -PostgreSQL can be accessed via port {{ include "postgresql.v1.service.port" . }} on the following DNS names from within your cluster: - - {{ include "postgresql.v1.primary.fullname" . }}.{{ .Release.Namespace }}.svc.cluster.local - Read/Write connection - -{{- if eq .Values.architecture "replication" }} - - {{ include "postgresql.v1.readReplica.fullname" . }}.{{ .Release.Namespace }}.svc.cluster.local - Read only connection - -{{- end }} - -{{- if and (not (empty $customUser)) (ne $customUser "postgres") }} -{{- if .Values.auth.enablePostgresUser }} - -To get the password for "postgres" run: - - export POSTGRES_ADMIN_PASSWORD=$(kubectl get secret --namespace {{ .Release.Namespace }} {{ include "postgresql.v1.secretName" . }} -o jsonpath="{.data.{{include "postgresql.v1.adminPasswordKey" .}}}" | base64 -d) -{{- end }} - -To get the password for "{{ $customUser }}" run: - - export POSTGRES_PASSWORD=$(kubectl get secret --namespace {{ .Release.Namespace }} {{ include "postgresql.v1.secretName" . }} -o jsonpath="{.data.{{include "postgresql.v1.userPasswordKey" .}}}" | base64 -d) -{{- else }} -{{- if .Values.auth.enablePostgresUser }} - -To get the password for "{{ default "postgres" $customUser }}" run: - - export POSTGRES_PASSWORD=$(kubectl get secret --namespace {{ .Release.Namespace }} {{ include "postgresql.v1.secretName" . }} -o jsonpath="{.data.{{ ternary "password" (include "postgresql.v1.adminPasswordKey" .) (and (not (empty $customUser)) (ne $customUser "postgres")) }}}" | base64 -d) -{{- end }} -{{- end }} - -To connect to your database run the following command: - {{- if $authEnabled }} - - kubectl run {{ include "common.names.fullname" . }}-client --rm --tty -i --restart='Never' --namespace {{ .Release.Namespace }} --image {{ include "postgresql.v1.image" . }} --env="PGPASSWORD=$POSTGRES_PASSWORD" \ - --command -- psql --host {{ include "postgresql.v1.primary.fullname" . }} -U {{ default "postgres" $customUser }} -d {{- if include "postgresql.v1.database" . }} {{ include "postgresql.v1.database" . }}{{- else }} postgres{{- end }} -p {{ include "postgresql.v1.service.port" . }} - {{- else }} - - kubectl run {{ include "common.names.fullname" . }}-client --rm --tty -i --restart='Never' --namespace {{ .Release.Namespace }} --image {{ include "postgresql.v1.image" . }} \ - --command -- psql --host {{ include "postgresql.v1.primary.fullname" . }} -d {{- if include "postgresql.v1.database" . }} {{ include "postgresql.v1.database" . }}{{- else }} postgres{{- end }} -p {{ include "postgresql.v1.service.port" . }} - {{- end }} - - > NOTE: If you access the container using bash, make sure that you execute "/opt/bitnami/scripts/postgresql/entrypoint.sh /bin/bash" in order to avoid the error "psql: local user with ID {{ .Values.primary.containerSecurityContext.runAsUser }}} does not exist" - -To connect to your database from outside the cluster execute the following commands: - -{{- if contains "NodePort" .Values.primary.service.type }} - - export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") - export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "postgresql.v1.primary.fullname" . }}) - {{- if $authEnabled }} - PGPASSWORD="$POSTGRES_PASSWORD" psql --host $NODE_IP --port $NODE_PORT -U {{ default "postgres" $customUser }} -d {{- if include "postgresql.v1.database" . }} {{ include "postgresql.v1.database" . }}{{- else }} postgres{{- end }} - {{- else }} - psql --host $NODE_IP --port $NODE_PORT -d {{- if include "postgresql.v1.database" . }} {{ include "postgresql.v1.database" . }}{{- else }} postgres{{- end }} - {{- end }} -{{- else if contains "LoadBalancer" .Values.primary.service.type }} - - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - Watch the status with: 'kubectl get svc --namespace {{ .Release.Namespace }} -w {{ include "postgresql.v1.primary.fullname" . }}' - - export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "postgresql.v1.primary.fullname" . }} --template "{{ "{{ range (index .status.loadBalancer.ingress 0) }}{{ . }}{{ end }}" }}") - {{- if $authEnabled }} - PGPASSWORD="$POSTGRES_PASSWORD" psql --host $SERVICE_IP --port {{ include "postgresql.v1.service.port" . }} -U {{ default "postgres" $customUser }} -d {{- if include "postgresql.v1.database" . }} {{ include "postgresql.v1.database" . }}{{- else }} postgres{{- end }} - {{- else }} - psql --host $SERVICE_IP --port {{ include "postgresql.v1.service.port" . }} -d {{- if include "postgresql.v1.database" . }} {{ include "postgresql.v1.database" . }}{{- else }} postgres{{- end }} - {{- end }} -{{- else if contains "ClusterIP" .Values.primary.service.type }} - - kubectl port-forward --namespace {{ .Release.Namespace }} svc/{{ include "postgresql.v1.primary.fullname" . }} {{ include "postgresql.v1.service.port" . }}:{{ include "postgresql.v1.service.port" . }} & - {{- if $authEnabled }} - PGPASSWORD="$POSTGRES_PASSWORD" psql --host 127.0.0.1 -U {{ default "postgres" $customUser }} -d {{- if include "postgresql.v1.database" . }} {{ include "postgresql.v1.database" . }}{{- else }} postgres{{- end }} -p {{ include "postgresql.v1.service.port" . }} - {{- else }} - psql --host 127.0.0.1 -d {{- if include "postgresql.v1.database" . }} {{ include "postgresql.v1.database" . }}{{- else }} postgres{{- end }} -p {{ include "postgresql.v1.service.port" . }} - {{- end }} -{{- end }} -{{- end }} - -WARNING: The configured password will be ignored on new installation in case when previous PostgreSQL release was deleted through the helm command. In that case, old PVC will have an old password, and setting it through helm won't take effect. Deleting persistent volumes (PVs) will solve the issue. - -{{- include "postgresql.v1.validateValues" . -}} -{{- include "common.warnings.rollingTag" .Values.image -}} -{{- include "common.warnings.rollingTag" .Values.volumePermissions.image }} -{{- include "common.warnings.resources" (dict "sections" (list "metrics" "primary" "readReplicas" "volumePermissions") "context" $) }} -{{- include "common.warnings.modifiedImages" (dict "images" (list .Values.image .Values.volumePermissions.image .Values.metrics.image) "context" $) }} \ No newline at end of file diff --git a/charts/postgresql/postgresql/templates/_helpers.tpl b/charts/postgresql/postgresql/templates/_helpers.tpl deleted file mode 100644 index d78e869..0000000 --- a/charts/postgresql/postgresql/templates/_helpers.tpl +++ /dev/null @@ -1,417 +0,0 @@ -{{/* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{/* vim: set filetype=mustache: */}} - -{{/* -Create a default fully qualified app name for PostgreSQL Primary objects -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -*/}} -{{- define "postgresql.v1.primary.fullname" -}} -{{- if eq .Values.architecture "replication" -}} - {{- printf "%s-%s" (include "common.names.fullname" .) .Values.primary.name | trunc 63 | trimSuffix "-" -}} -{{- else -}} - {{- include "common.names.fullname" . -}} -{{- end -}} -{{- end -}} - -{{/* -Create a default fully qualified app name for PostgreSQL read-only replicas objects -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -*/}} -{{- define "postgresql.v1.readReplica.fullname" -}} -{{- printf "%s-%s" (include "common.names.fullname" .) .Values.readReplicas.name | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create the default FQDN for PostgreSQL primary headless service -We truncate at 63 chars because of the DNS naming spec. -*/}} -{{- define "postgresql.v1.primary.svc.headless" -}} -{{- printf "%s-hl" (include "postgresql.v1.primary.fullname" .) | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create the default FQDN for PostgreSQL read-only replicas headless service -We truncate at 63 chars because of the DNS naming spec. -*/}} -{{- define "postgresql.v1.readReplica.svc.headless" -}} -{{- printf "%s-hl" (include "postgresql.v1.readReplica.fullname" .) | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Return the proper PostgreSQL image name -*/}} -{{- define "postgresql.v1.image" -}} -{{ include "common.images.image" (dict "imageRoot" .Values.image "global" .Values.global) }} -{{- end -}} - -{{/* -Return the proper PostgreSQL metrics image name -*/}} -{{- define "postgresql.v1.metrics.image" -}} -{{ include "common.images.image" (dict "imageRoot" .Values.metrics.image "global" .Values.global) }} -{{- end -}} - -{{/* -Return the proper image name (for the init container volume-permissions image) -*/}} -{{- define "postgresql.v1.volumePermissions.image" -}} -{{ include "common.images.image" (dict "imageRoot" .Values.volumePermissions.image "global" .Values.global) }} -{{- end -}} - -{{/* -Return the proper Docker Image Registry Secret Names -*/}} -{{- define "postgresql.v1.imagePullSecrets" -}} -{{ include "common.images.renderPullSecrets" (dict "images" (list .Values.image .Values.metrics.image .Values.volumePermissions.image) "context" $) }} -{{- end -}} - -{{/* -Return the name for a custom user to create -*/}} -{{- define "postgresql.v1.username" -}} -{{- if .Values.global.postgresql.auth.username -}} - {{- .Values.global.postgresql.auth.username -}} -{{- else -}} - {{- .Values.auth.username -}} -{{- end -}} -{{- end -}} - -{{/* -Return the name for a custom database to create -*/}} -{{- define "postgresql.v1.database" -}} -{{- if .Values.global.postgresql.auth.database -}} - {{- printf "%s" (tpl .Values.global.postgresql.auth.database $) -}} -{{- else if .Values.auth.database -}} - {{- printf "%s" (tpl .Values.auth.database $) -}} -{{- end -}} -{{- end -}} - -{{/* -Get the password secret. -*/}} -{{- define "postgresql.v1.secretName" -}} -{{- if .Values.global.postgresql.auth.existingSecret -}} - {{- printf "%s" (tpl .Values.global.postgresql.auth.existingSecret $) -}} -{{- else if .Values.auth.existingSecret -}} - {{- printf "%s" (tpl .Values.auth.existingSecret $) -}} -{{- else -}} - {{- printf "%s" (include "common.names.fullname" .) -}} -{{- end -}} -{{- end -}} - -{{/* -Get the replication-password key. -*/}} -{{- define "postgresql.v1.replicationPasswordKey" -}} -{{- if or .Values.global.postgresql.auth.existingSecret .Values.auth.existingSecret -}} - {{- if .Values.global.postgresql.auth.secretKeys.replicationPasswordKey -}} - {{- printf "%s" (tpl .Values.global.postgresql.auth.secretKeys.replicationPasswordKey $) -}} - {{- else if .Values.auth.secretKeys.replicationPasswordKey -}} - {{- printf "%s" (tpl .Values.auth.secretKeys.replicationPasswordKey $) -}} - {{- else -}} - {{- "replication-password" -}} - {{- end -}} -{{- else -}} - {{- "replication-password" -}} -{{- end -}} -{{- end -}} - -{{/* -Get the admin-password key. -*/}} -{{- define "postgresql.v1.adminPasswordKey" -}} -{{- if or .Values.global.postgresql.auth.existingSecret .Values.auth.existingSecret -}} - {{- if .Values.global.postgresql.auth.secretKeys.adminPasswordKey -}} - {{- printf "%s" (tpl .Values.global.postgresql.auth.secretKeys.adminPasswordKey $) -}} - {{- else if .Values.auth.secretKeys.adminPasswordKey -}} - {{- printf "%s" (tpl .Values.auth.secretKeys.adminPasswordKey $) -}} - {{- end -}} -{{- else -}} - {{- "postgres-password" -}} -{{- end -}} -{{- end -}} - -{{/* -Get the user-password key. -*/}} -{{- define "postgresql.v1.userPasswordKey" -}} -{{- if or .Values.global.postgresql.auth.existingSecret .Values.auth.existingSecret -}} - {{- if or (empty (include "postgresql.v1.username" .)) (eq (include "postgresql.v1.username" .) "postgres") -}} - {{- printf "%s" (include "postgresql.v1.adminPasswordKey" .) -}} - {{- else -}} - {{- if .Values.global.postgresql.auth.secretKeys.userPasswordKey -}} - {{- printf "%s" (tpl .Values.global.postgresql.auth.secretKeys.userPasswordKey $) -}} - {{- else if .Values.auth.secretKeys.userPasswordKey -}} - {{- printf "%s" (tpl .Values.auth.secretKeys.userPasswordKey $) -}} - {{- end -}} - {{- end -}} -{{- else -}} - {{- "password" -}} -{{- end -}} -{{- end -}} - -{{/* -Return true if a secret object should be created -*/}} -{{- define "postgresql.v1.createSecret" -}} -{{- $customUser := include "postgresql.v1.username" . -}} -{{- $postgresPassword := include "common.secrets.lookup" (dict "secret" (include "common.names.fullname" .) "key" .Values.auth.secretKeys.adminPasswordKey "defaultValue" (ternary (coalesce .Values.global.postgresql.auth.postgresPassword .Values.auth.postgresPassword .Values.global.postgresql.auth.password .Values.auth.password) (coalesce .Values.global.postgresql.auth.postgresPassword .Values.auth.postgresPassword) (or (empty $customUser) (eq $customUser "postgres"))) "context" $) -}} -{{- if and (not (or .Values.global.postgresql.auth.existingSecret .Values.auth.existingSecret)) (or $postgresPassword .Values.auth.enablePostgresUser (and (not (empty $customUser)) (ne $customUser "postgres")) (eq .Values.architecture "replication") (and .Values.ldap.enabled (or .Values.ldap.bind_password .Values.ldap.bindpw))) -}} - {{- true -}} -{{- end -}} -{{- end -}} - -{{/* -Return PostgreSQL service port -*/}} -{{- define "postgresql.v1.service.port" -}} -{{- if .Values.global.postgresql.service.ports.postgresql -}} - {{- .Values.global.postgresql.service.ports.postgresql -}} -{{- else -}} - {{- .Values.primary.service.ports.postgresql -}} -{{- end -}} -{{- end -}} - -{{/* -Return PostgreSQL service port -*/}} -{{- define "postgresql.v1.readReplica.service.port" -}} -{{- if .Values.global.postgresql.service.ports.postgresql -}} - {{- .Values.global.postgresql.service.ports.postgresql -}} -{{- else -}} - {{- .Values.readReplicas.service.ports.postgresql -}} -{{- end -}} -{{- end -}} - -{{/* -Get the PostgreSQL primary configuration ConfigMap name. -*/}} -{{- define "postgresql.v1.primary.configmapName" -}} -{{- if .Values.primary.existingConfigmap -}} - {{- printf "%s" (tpl .Values.primary.existingConfigmap $) -}} -{{- else -}} - {{- printf "%s-configuration" (include "postgresql.v1.primary.fullname" .) -}} -{{- end -}} -{{- end -}} - -{{/* -Return true if a configmap object should be created for PostgreSQL primary with the configuration -*/}} -{{- define "postgresql.v1.primary.createConfigmap" -}} -{{- if and (or .Values.primary.configuration .Values.primary.pgHbaConfiguration) (not .Values.primary.existingConfigmap) -}} - {{- true -}} -{{- else -}} -{{- end -}} -{{- end -}} - -{{/* -Get the PostgreSQL primary extended configuration ConfigMap name. -*/}} -{{- define "postgresql.v1.primary.extendedConfigmapName" -}} -{{- if .Values.primary.existingExtendedConfigmap -}} - {{- printf "%s" (tpl .Values.primary.existingExtendedConfigmap $) -}} -{{- else -}} - {{- printf "%s-extended-configuration" (include "postgresql.v1.primary.fullname" .) -}} -{{- end -}} -{{- end -}} - -{{/* -Get the PostgreSQL read replica extended configuration ConfigMap name. -*/}} -{{- define "postgresql.v1.readReplicas.extendedConfigmapName" -}} - {{- printf "%s-extended-configuration" (include "postgresql.v1.readReplica.fullname" .) -}} -{{- end -}} - -{{/* -Return true if a configmap object should be created for PostgreSQL primary with the extended configuration -*/}} -{{- define "postgresql.v1.primary.createExtendedConfigmap" -}} -{{- if and .Values.primary.extendedConfiguration (not .Values.primary.existingExtendedConfigmap) -}} - {{- true -}} -{{- else -}} -{{- end -}} -{{- end -}} - -{{/* -Return true if a configmap object should be created for PostgreSQL read replica with the extended configuration -*/}} -{{- define "postgresql.v1.readReplicas.createExtendedConfigmap" -}} -{{- if .Values.readReplicas.extendedConfiguration -}} - {{- true -}} -{{- else -}} -{{- end -}} -{{- end -}} - -{{/* - Create the name of the service account to use - */}} -{{- define "postgresql.v1.serviceAccountName" -}} -{{- if .Values.serviceAccount.create -}} - {{ default (include "common.names.fullname" .) .Values.serviceAccount.name }} -{{- else -}} - {{ default "default" .Values.serviceAccount.name }} -{{- end -}} -{{- end -}} - -{{/* -Return true if a configmap should be mounted with PostgreSQL configuration -*/}} -{{- define "postgresql.v1.mountConfigurationCM" -}} -{{- if or .Values.primary.configuration .Values.primary.pgHbaConfiguration .Values.primary.existingConfigmap -}} - {{- true -}} -{{- end -}} -{{- end -}} - -{{/* -Get the pre-initialization scripts ConfigMap name. -*/}} -{{- define "postgresql.v1.preInitDb.scriptsCM" -}} -{{- if .Values.primary.preInitDb.scriptsConfigMap -}} - {{- printf "%s" (tpl .Values.primary.preInitDb.scriptsConfigMap $) -}} -{{- else -}} - {{- printf "%s-preinit-scripts" (include "postgresql.v1.primary.fullname" .) -}} -{{- end -}} -{{- end -}} - -{{/* -Get the initialization scripts ConfigMap name. -*/}} -{{- define "postgresql.v1.initdb.scriptsCM" -}} -{{- if .Values.primary.initdb.scriptsConfigMap -}} - {{- printf "%s" (tpl .Values.primary.initdb.scriptsConfigMap $) -}} -{{- else -}} - {{- printf "%s-init-scripts" (include "postgresql.v1.primary.fullname" .) -}} -{{- end -}} -{{- end -}} - -{{/* -Return true if TLS is enabled for LDAP connection -*/}} -{{- define "postgresql.v1.ldap.tls.enabled" -}} -{{- if and (kindIs "string" .Values.ldap.tls) (not (empty .Values.ldap.tls)) -}} - {{- true -}} -{{- else if and (kindIs "map" .Values.ldap.tls) .Values.ldap.tls.enabled -}} - {{- true -}} -{{- end -}} -{{- end -}} - -{{/* -Get the readiness probe command -*/}} -{{- define "postgresql.v1.readinessProbeCommand" -}} -{{- $customUser := include "postgresql.v1.username" . -}} -- | -{{- if (include "postgresql.v1.database" .) }} - exec pg_isready -U {{ default "postgres" $customUser | quote }} -d "dbname={{ include "postgresql.v1.database" . }} {{- if .Values.tls.enabled }} sslcert={{ include "postgresql.v1.tlsCert" . }} sslkey={{ include "postgresql.v1.tlsCertKey" . }}{{- end }}" -h 127.0.0.1 -p {{ .Values.containerPorts.postgresql }} -{{- else }} - exec pg_isready -U {{ default "postgres" $customUser | quote }} {{- if .Values.tls.enabled }} -d "sslcert={{ include "postgresql.v1.tlsCert" . }} sslkey={{ include "postgresql.v1.tlsCertKey" . }}"{{- end }} -h 127.0.0.1 -p {{ .Values.containerPorts.postgresql }} -{{- end }} -{{- if contains "bitnami/" .Values.image.repository }} - [ -f /opt/bitnami/postgresql/tmp/.initialized ] || [ -f /bitnami/postgresql/.initialized ] -{{- end }} -{{- end -}} - -{{/* -Compile all warnings into a single message, and call fail. -*/}} -{{- define "postgresql.v1.validateValues" -}} -{{- $messages := list -}} -{{- $messages := append $messages (include "postgresql.v1.validateValues.ldapConfigurationMethod" .) -}} -{{- $messages := append $messages (include "postgresql.v1.validateValues.psp" .) -}} -{{- $messages := without $messages "" -}} -{{- $message := join "\n" $messages -}} - -{{- if $message -}} -{{- printf "\nVALUES VALIDATION:\n%s" $message | fail -}} -{{- end -}} -{{- end -}} - -{{/* -Validate values of Postgresql - If ldap.url is used then you don't need the other settings for ldap -*/}} -{{- define "postgresql.v1.validateValues.ldapConfigurationMethod" -}} -{{- if and .Values.ldap.enabled (and (not (empty .Values.ldap.url)) (not (empty .Values.ldap.server))) -}} -postgresql: ldap.url, ldap.server - You cannot set both `ldap.url` and `ldap.server` at the same time. - Please provide a unique way to configure LDAP. - More info at https://www.postgresql.org/docs/current/auth-ldap.html -{{- end -}} -{{- end -}} - -{{/* -Validate values of Postgresql - If PSP is enabled RBAC should be enabled too -*/}} -{{- define "postgresql.v1.validateValues.psp" -}} -{{- if and .Values.psp.create (not .Values.rbac.create) -}} -postgresql: psp.create, rbac.create - RBAC should be enabled if PSP is enabled in order for PSP to work. - More info at https://kubernetes.io/docs/concepts/policy/pod-security-policy/#authorizing-policies -{{- end -}} -{{- end -}} - -{{/* -Return the path to the cert file. -*/}} -{{- define "postgresql.v1.tlsCert" -}} -{{- if .Values.tls.autoGenerated -}} - {{- printf "/opt/bitnami/postgresql/certs/tls.crt" -}} -{{- else -}} - {{- required "Certificate filename is required when TLS in enabled" .Values.tls.certFilename | printf "/opt/bitnami/postgresql/certs/%s" -}} -{{- end -}} -{{- end -}} - -{{/* -Return the path to the cert key file. -*/}} -{{- define "postgresql.v1.tlsCertKey" -}} -{{- if .Values.tls.autoGenerated -}} - {{- printf "/opt/bitnami/postgresql/certs/tls.key" -}} -{{- else -}} -{{- required "Certificate Key filename is required when TLS in enabled" .Values.tls.certKeyFilename | printf "/opt/bitnami/postgresql/certs/%s" -}} -{{- end -}} -{{- end -}} - -{{/* -Return the path to the CA cert file. -*/}} -{{- define "postgresql.v1.tlsCACert" -}} -{{- if .Values.tls.autoGenerated -}} - {{- printf "/opt/bitnami/postgresql/certs/ca.crt" -}} -{{- else -}} - {{- printf "/opt/bitnami/postgresql/certs/%s" .Values.tls.certCAFilename -}} -{{- end -}} -{{- end -}} - -{{/* -Return the path to the CRL file. -*/}} -{{- define "postgresql.v1.tlsCRL" -}} -{{- if .Values.tls.crlFilename -}} -{{- printf "/opt/bitnami/postgresql/certs/%s" .Values.tls.crlFilename -}} -{{- end -}} -{{- end -}} - -{{/* -Return true if a TLS credentials secret object should be created -*/}} -{{- define "postgresql.v1.createTlsSecret" -}} -{{- if and .Values.tls.autoGenerated (not .Values.tls.certificatesSecret) -}} - {{- true -}} -{{- end -}} -{{- end -}} - -{{/* -Return the path to the CA cert file. -*/}} -{{- define "postgresql.v1.tlsSecretName" -}} -{{- if .Values.tls.autoGenerated -}} - {{- printf "%s-crt" (include "common.names.fullname" .) -}} -{{- else -}} - {{ required "A secret containing TLS certificates is required when TLS is enabled" .Values.tls.certificatesSecret }} -{{- end -}} -{{- end -}} diff --git a/charts/postgresql/postgresql/templates/backup/cronjob.yaml b/charts/postgresql/postgresql/templates/backup/cronjob.yaml deleted file mode 100644 index 9689ac0..0000000 --- a/charts/postgresql/postgresql/templates/backup/cronjob.yaml +++ /dev/null @@ -1,138 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if .Values.backup.enabled }} -{{- $customUser := include "postgresql.v1.username" . }} -apiVersion: batch/v1 -kind: CronJob -metadata: - name: {{ include "postgresql.v1.primary.fullname" . }}-pgdumpall - namespace: {{ .Release.Namespace | quote }} - {{- $labels := include "common.tplvalues.merge" ( dict "values" ( list .Values.backup.cronjob.labels .Values.commonLabels ) "context" . ) }} - labels: {{- include "common.labels.standard" ( dict "customLabels" $labels "context" $ ) | nindent 4 }} - app.kubernetes.io/component: pg_dumpall - {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.backup.cronjob.annotations .Values.commonAnnotations ) "context" . ) }} - {{- if $annotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} - {{- end }} -spec: - schedule: {{ quote .Values.backup.cronjob.schedule }} - {{- if .Values.backup.cronjob.timezone }} - timeZone: {{ .Values.backup.cronjob.timezone | quote }} - {{- end }} - concurrencyPolicy: {{ .Values.backup.cronjob.concurrencyPolicy }} - failedJobsHistoryLimit: {{ .Values.backup.cronjob.failedJobsHistoryLimit }} - successfulJobsHistoryLimit: {{ .Values.backup.cronjob.successfulJobsHistoryLimit }} - {{- if .Values.backup.cronjob.startingDeadlineSeconds }} - startingDeadlineSeconds: {{ .Values.backup.cronjob.startingDeadlineSeconds }} - {{- end }} - jobTemplate: - spec: - {{- if .Values.backup.cronjob.ttlSecondsAfterFinished }} - ttlSecondsAfterFinished: {{ .Values.backup.cronjob.ttlSecondsAfterFinished }} - {{- end }} - template: - metadata: - labels: {{- include "common.labels.standard" ( dict "customLabels" $labels "context" $ ) | nindent 12 }} - app.kubernetes.io/component: pg_dumpall - {{- if $annotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 12 }} - {{- end }} - spec: - {{- include "postgresql.v1.imagePullSecrets" . | nindent 10 }} - {{- if .Values.backup.cronjob.nodeSelector }} - nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.backup.cronjob.nodeSelector "context" $) | nindent 12 }} - {{- end }} - {{- if .Values.backup.cronjob.tolerations }} - tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.backup.cronjob.tolerations "context" $) | nindent 12 }} - {{- end }} - containers: - - name: {{ include "postgresql.v1.primary.fullname" . }}-pgdumpall - image: {{ include "postgresql.v1.image" . }} - imagePullPolicy: {{ .Values.image.pullPolicy | quote }} - env: - - name: PGUSER - {{- if .Values.auth.enablePostgresUser }} - value: postgres - {{- else }} - value: {{ $customUser | quote }} - {{- end }} - {{- if .Values.auth.usePasswordFiles }} - - name: PGPASSFILE - value: {{ printf "/opt/bitnami/postgresql/secrets/%s" (include "postgresql.v1.adminPasswordKey" .) }} - {{- else }} - - name: PGPASSWORD - valueFrom: - secretKeyRef: - name: {{ include "postgresql.v1.secretName" . }} - key: {{ include "postgresql.v1.adminPasswordKey" . }} - {{- end }} - - name: PGHOST - value: {{ include "postgresql.v1.primary.fullname" . }} - - name: PGPORT - value: {{ include "postgresql.v1.service.port" . | quote }} - - name: PGDUMP_DIR - value: {{ .Values.backup.cronjob.storage.mountPath }} - {{- if .Values.tls.enabled }} - - name: PGSSLROOTCERT - {{- if .Values.tls.autoGenerated }} - value: /tmp/certs/ca.crt - {{- else }} - value: {{ printf "/tmp/certs/%s" .Values.tls.certCAFilename }} - {{- end }} - {{- end }} - command: {{- include "common.tplvalues.render" (dict "value" .Values.backup.cronjob.command "context" $) | nindent 14 }} - volumeMounts: - {{- if .Values.tls.enabled }} - - name: raw-certificates - mountPath: /tmp/certs - {{- end }} - {{- if .Values.backup.cronjob.storage.enabled }} - - name: datadir - mountPath: {{ .Values.backup.cronjob.storage.mountPath }} - subPath: {{ .Values.backup.cronjob.storage.subPath }} - {{- end }} - - name: empty-dir - mountPath: /tmp - subPath: tmp-dir - {{- if .Values.backup.cronjob.extraVolumeMounts }} - {{- include "common.tplvalues.render" (dict "value" .Values.backup.cronjob.extraVolumeMounts "context" $) | nindent 14 }} - {{- end }} - {{- if .Values.backup.cronjob.containerSecurityContext.enabled }} - securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.backup.cronjob.containerSecurityContext "context" $) | nindent 14 }} - {{- end }} - {{- if .Values.backup.cronjob.resources }} - resources: {{- toYaml .Values.backup.cronjob.resources | nindent 14 }} - {{- else if ne .Values.backup.cronjob.resourcesPreset "none" }} - resources: {{- include "common.resources.preset" (dict "type" .Values.backup.cronjob.resourcesPreset) | nindent 14 }} - {{- end }} - restartPolicy: {{ .Values.backup.cronjob.restartPolicy }} - {{- if .Values.backup.cronjob.podSecurityContext.enabled }} - securityContext: - fsGroup: {{ .Values.backup.cronjob.podSecurityContext.fsGroup }} - {{- end }} - volumes: - {{- if .Values.tls.enabled }} - - name: raw-certificates - secret: - secretName: {{ include "postgresql.v1.tlsSecretName" . }} - {{- end }} - {{- if .Values.backup.cronjob.storage.enabled }} - {{- if .Values.backup.cronjob.storage.existingClaim }} - - name: datadir - persistentVolumeClaim: - claimName: {{ printf "%s" (tpl .Values.backup.cronjob.storage.existingClaim .) }} - {{- else }} - - name: datadir - persistentVolumeClaim: - claimName: {{ include "postgresql.v1.primary.fullname" . }}-pgdumpall - {{- end }} - {{- end }} - - name: empty-dir - emptyDir: {} - {{- if .Values.backup.cronjob.extraVolumes }} - {{- include "common.tplvalues.render" ( dict "value" .Values.backup.cronjob.extraVolumes "context" $ ) | nindent 12 }} - {{- end }} -{{- end }} diff --git a/charts/postgresql/postgresql/templates/backup/networkpolicy.yaml b/charts/postgresql/postgresql/templates/backup/networkpolicy.yaml deleted file mode 100644 index 21e1add..0000000 --- a/charts/postgresql/postgresql/templates/backup/networkpolicy.yaml +++ /dev/null @@ -1,32 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if and .Values.backup.enabled .Values.backup.cronjob.networkPolicy.enabled }} -kind: NetworkPolicy -apiVersion: {{ include "common.capabilities.networkPolicy.apiVersion" . }} -metadata: - name: {{ include "postgresql.v1.primary.fullname" . }}-pgdumpall - namespace: {{ include "common.names.namespace" . | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - app.kubernetes.io/component: pg_dumpall - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -spec: - {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.backup.cronjob.podLabels .Values.commonLabels ) "context" . ) }} - podSelector: - matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }} - app.kubernetes.io/component: pg_dumpall - policyTypes: - - Egress - egress: - - ports: - - port: 5432 - protocol: TCP - - port: 53 - protocol: TCP - - port: 53 - protocol: UDP -{{- end }} diff --git a/charts/postgresql/postgresql/templates/backup/pvc.yaml b/charts/postgresql/postgresql/templates/backup/pvc.yaml deleted file mode 100644 index 84a7c60..0000000 --- a/charts/postgresql/postgresql/templates/backup/pvc.yaml +++ /dev/null @@ -1,34 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if and .Values.backup.enabled .Values.backup.cronjob.storage.enabled (not .Values.backup.cronjob.storage.existingClaim) -}} -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: {{ include "postgresql.v1.primary.fullname" . }}-pgdumpall - namespace: {{ .Release.Namespace | quote }} - {{- $labels := include "common.tplvalues.merge" ( dict "values" ( list .Values.backup.cronjob.labels .Values.commonLabels ) "context" . ) }} - labels: {{- include "common.labels.standard" ( dict "customLabels" $labels "context" $ ) | nindent 4 }} - app.kubernetes.io/component: pg_dumpall - {{- if or .Values.backup.cronjob.annotations .Values.commonAnnotations .Values.backup.cronjob.storage.resourcePolicy }} - annotations: - {{- if or .Values.backup.cronjob.annotations .Values.commonAnnotations }} - {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.backup.cronjob.annotations .Values.commonAnnotations ) "context" . ) }} - {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} - {{- end }} - {{- if .Values.backup.cronjob.storage.resourcePolicy }} - helm.sh/resource-policy: {{ .Values.backup.cronjob.storage.resourcePolicy | quote }} - {{- end }} - {{- end }} -spec: - accessModes: - {{- range .Values.backup.cronjob.storage.accessModes }} - - {{ . | quote }} - {{- end }} - resources: - requests: - storage: {{ .Values.backup.cronjob.storage.size | quote }} - {{ include "common.storage.class" (dict "persistence" .Values.backup.cronjob.storage "global" .Values.global) }} -{{- end }} diff --git a/charts/postgresql/postgresql/templates/extra-list.yaml b/charts/postgresql/postgresql/templates/extra-list.yaml deleted file mode 100644 index 329f5c6..0000000 --- a/charts/postgresql/postgresql/templates/extra-list.yaml +++ /dev/null @@ -1,9 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- range .Values.extraDeploy }} ---- -{{ include "common.tplvalues.render" (dict "value" . "context" $) }} -{{- end }} diff --git a/charts/postgresql/postgresql/templates/primary/configmap.yaml b/charts/postgresql/postgresql/templates/primary/configmap.yaml deleted file mode 100644 index 48376a1..0000000 --- a/charts/postgresql/postgresql/templates/primary/configmap.yaml +++ /dev/null @@ -1,26 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if (include "postgresql.v1.primary.createConfigmap" .) }} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ printf "%s-configuration" (include "postgresql.v1.primary.fullname" .) }} - namespace: {{ .Release.Namespace | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - app.kubernetes.io/component: primary - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -data: - {{- if .Values.primary.configuration }} - postgresql.conf: | - {{- include "common.tplvalues.render" ( dict "value" .Values.primary.configuration "context" $ ) | nindent 4 }} - {{- end }} - {{- if .Values.primary.pgHbaConfiguration }} - pg_hba.conf: | - {{- include "common.tplvalues.render" ( dict "value" .Values.primary.pgHbaConfiguration "context" $ ) | nindent 4 }} - {{- end }} -{{- end }} diff --git a/charts/postgresql/postgresql/templates/primary/extended-configmap.yaml b/charts/postgresql/postgresql/templates/primary/extended-configmap.yaml deleted file mode 100644 index d9644fc..0000000 --- a/charts/postgresql/postgresql/templates/primary/extended-configmap.yaml +++ /dev/null @@ -1,20 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if (include "postgresql.v1.primary.createExtendedConfigmap" .) }} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ printf "%s-extended-configuration" (include "postgresql.v1.primary.fullname" .) }} - namespace: {{ .Release.Namespace | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - app.kubernetes.io/component: primary - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -data: - override.conf: |- - {{- include "common.tplvalues.render" ( dict "value" .Values.primary.extendedConfiguration "context" $ ) | nindent 4 }} -{{- end }} diff --git a/charts/postgresql/postgresql/templates/primary/initialization-configmap.yaml b/charts/postgresql/postgresql/templates/primary/initialization-configmap.yaml deleted file mode 100644 index 739fe47..0000000 --- a/charts/postgresql/postgresql/templates/primary/initialization-configmap.yaml +++ /dev/null @@ -1,17 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if and .Values.primary.initdb.scripts (not .Values.primary.initdb.scriptsConfigMap) }} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ printf "%s-init-scripts" (include "postgresql.v1.primary.fullname" .) }} - namespace: {{ .Release.Namespace | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -data: {{- include "common.tplvalues.render" (dict "value" .Values.primary.initdb.scripts "context" .) | nindent 2 }} -{{- end }} diff --git a/charts/postgresql/postgresql/templates/primary/metrics-configmap.yaml b/charts/postgresql/postgresql/templates/primary/metrics-configmap.yaml deleted file mode 100644 index 9e9e644..0000000 --- a/charts/postgresql/postgresql/templates/primary/metrics-configmap.yaml +++ /dev/null @@ -1,18 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if and .Values.metrics.enabled .Values.metrics.customMetrics }} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ printf "%s-metrics" (include "postgresql.v1.primary.fullname" .) }} - namespace: {{ .Release.Namespace | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -data: - custom-metrics.yaml: {{ toYaml .Values.metrics.customMetrics | quote }} -{{- end }} diff --git a/charts/postgresql/postgresql/templates/primary/metrics-svc.yaml b/charts/postgresql/postgresql/templates/primary/metrics-svc.yaml deleted file mode 100644 index 581d5fe..0000000 --- a/charts/postgresql/postgresql/templates/primary/metrics-svc.yaml +++ /dev/null @@ -1,31 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if .Values.metrics.enabled }} -apiVersion: v1 -kind: Service -metadata: - name: {{ printf "%s-metrics" (include "postgresql.v1.primary.fullname" .) }} - namespace: {{ .Release.Namespace | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - app.kubernetes.io/component: metrics - {{- if or .Values.commonAnnotations .Values.metrics.service.annotations }} - {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.metrics.service.annotations .Values.commonAnnotations ) "context" . ) }} - annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} - {{- end }} -spec: - type: ClusterIP - sessionAffinity: {{ .Values.metrics.service.sessionAffinity }} - {{- if .Values.metrics.service.clusterIP }} - clusterIP: {{ .Values.metrics.service.clusterIP }} - {{- end }} - ports: - - name: http-metrics - port: {{ .Values.metrics.service.ports.metrics }} - targetPort: http-metrics - {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.primary.podLabels .Values.commonLabels ) "context" . ) }} - selector: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 4 }} - app.kubernetes.io/component: primary -{{- end }} diff --git a/charts/postgresql/postgresql/templates/primary/networkpolicy.yaml b/charts/postgresql/postgresql/templates/primary/networkpolicy.yaml deleted file mode 100644 index 6e5e28f..0000000 --- a/charts/postgresql/postgresql/templates/primary/networkpolicy.yaml +++ /dev/null @@ -1,78 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if .Values.primary.networkPolicy.enabled }} -kind: NetworkPolicy -apiVersion: {{ include "common.capabilities.networkPolicy.apiVersion" . }} -metadata: - name: {{ include "postgresql.v1.primary.fullname" . }} - namespace: {{ include "common.names.namespace" . | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - app.kubernetes.io/component: primary - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -spec: - {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.primary.podLabels .Values.commonLabels ) "context" . ) }} - podSelector: - matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }} - app.kubernetes.io/component: primary - policyTypes: - - Ingress - - Egress - {{- if .Values.primary.networkPolicy.allowExternalEgress }} - egress: - - {} - {{- else }} - egress: - # Allow dns resolution - - ports: - - port: 53 - protocol: UDP - - port: 53 - protocol: TCP - # Allow outbound connections to read-replicas - - ports: - - port: {{ .Values.containerPorts.postgresql }} - to: - - podSelector: - matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 14 }} - app.kubernetes.io/component: read - {{- if .Values.primary.networkPolicy.extraEgress }} - {{- include "common.tplvalues.render" ( dict "value" .Values.primary.networkPolicy.extraEgress "context" $ ) | nindent 4 }} - {{- end }} - {{- end }} - ingress: - - ports: - - port: {{ .Values.containerPorts.postgresql }} - {{- if .Values.metrics.enabled }} - - port: {{ .Values.metrics.containerPorts.metrics }} - {{- end }} - {{- if not .Values.primary.networkPolicy.allowExternal }} - from: - - podSelector: - matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 14 }} - - podSelector: - matchLabels: - {{ template "postgresql.v1.primary.fullname" . }}-client: "true" - {{- if .Values.primary.networkPolicy.ingressNSMatchLabels }} - - namespaceSelector: - matchLabels: - {{- range $key, $value := .Values.primary.networkPolicy.ingressNSMatchLabels }} - {{ $key | quote }}: {{ $value | quote }} - {{- end }} - {{- if .Values.primary.networkPolicy.ingressNSPodMatchLabels }} - podSelector: - matchLabels: - {{- range $key, $value := .Values.primary.networkPolicy.ingressNSPodMatchLabels }} - {{ $key | quote }}: {{ $value | quote }} - {{- end }} - {{- end }} - {{- end }} - {{- end }} - {{- if .Values.primary.networkPolicy.extraIngress }} - {{- include "common.tplvalues.render" ( dict "value" .Values.primary.networkPolicy.extraIngress "context" $ ) | nindent 4 }} - {{- end }} -{{- end }} diff --git a/charts/postgresql/postgresql/templates/primary/pdb.yaml b/charts/postgresql/postgresql/templates/primary/pdb.yaml deleted file mode 100644 index ca6caca..0000000 --- a/charts/postgresql/postgresql/templates/primary/pdb.yaml +++ /dev/null @@ -1,29 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if .Values.primary.pdb.create }} -apiVersion: {{ include "common.capabilities.policy.apiVersion" . }} -kind: PodDisruptionBudget -metadata: - name: {{ include "postgresql.v1.primary.fullname" . }} - namespace: {{ .Release.Namespace | quote }} - {{- $labels := include "common.tplvalues.merge" ( dict "values" ( list .Values.primary.labels .Values.commonLabels ) "context" . ) }} - labels: {{- include "common.labels.standard" ( dict "customLabels" $labels "context" $ ) | nindent 4 }} - app.kubernetes.io/component: primary - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -spec: - {{- if .Values.primary.pdb.minAvailable }} - minAvailable: {{ .Values.primary.pdb.minAvailable }} - {{- end }} - {{- if or .Values.primary.pdb.maxUnavailable ( not .Values.primary.pdb.minAvailable ) }} - maxUnavailable: {{ .Values.primary.pdb.maxUnavailable | default 1 }} - {{- end }} - {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.primary.podLabels .Values.commonLabels ) "context" . ) }} - selector: - matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }} - app.kubernetes.io/component: primary -{{- end }} diff --git a/charts/postgresql/postgresql/templates/primary/preinitialization-configmap.yaml b/charts/postgresql/postgresql/templates/primary/preinitialization-configmap.yaml deleted file mode 100644 index 65606a4..0000000 --- a/charts/postgresql/postgresql/templates/primary/preinitialization-configmap.yaml +++ /dev/null @@ -1,17 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if and .Values.primary.preInitDb.scripts (not .Values.primary.preInitDb.scriptsConfigMap) }} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ printf "%s-preinit-scripts" (include "postgresql.v1.primary.fullname" .) }} - namespace: {{ .Release.Namespace | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -data: {{- include "common.tplvalues.render" (dict "value" .Values.primary.preInitDb.scripts "context" .) | nindent 2 }} -{{- end }} diff --git a/charts/postgresql/postgresql/templates/primary/servicemonitor.yaml b/charts/postgresql/postgresql/templates/primary/servicemonitor.yaml deleted file mode 100644 index 22a0ce7..0000000 --- a/charts/postgresql/postgresql/templates/primary/servicemonitor.yaml +++ /dev/null @@ -1,46 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if and .Values.metrics.enabled .Values.metrics.serviceMonitor.enabled }} -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: {{ include "postgresql.v1.primary.fullname" . }} - namespace: {{ default .Release.Namespace .Values.metrics.serviceMonitor.namespace | quote }} - {{- $labels := include "common.tplvalues.merge" ( dict "values" ( list .Values.metrics.serviceMonitor.labels .Values.commonLabels ) "context" . ) }} - labels: {{- include "common.labels.standard" ( dict "customLabels" $labels "context" $ ) | nindent 4 }} - app.kubernetes.io/component: metrics - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -spec: - {{- if .Values.metrics.serviceMonitor.jobLabel }} - jobLabel: {{ .Values.metrics.serviceMonitor.jobLabel }} - {{- end }} - selector: - {{- $svcLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.metrics.serviceMonitor.selector .Values.commonLabels ) "context" . ) }} - matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $svcLabels "context" $ ) | nindent 6 }} - app.kubernetes.io/component: metrics - endpoints: - - port: http-metrics - {{- if .Values.metrics.serviceMonitor.interval }} - interval: {{ .Values.metrics.serviceMonitor.interval }} - {{- end }} - {{- if .Values.metrics.serviceMonitor.scrapeTimeout }} - scrapeTimeout: {{ .Values.metrics.serviceMonitor.scrapeTimeout }} - {{- end }} - {{- if .Values.metrics.serviceMonitor.relabelings }} - relabelings: {{- include "common.tplvalues.render" ( dict "value" .Values.metrics.serviceMonitor.relabelings "context" $) | nindent 6 }} - {{- end }} - {{- if .Values.metrics.serviceMonitor.metricRelabelings }} - metricRelabelings: {{- include "common.tplvalues.render" ( dict "value" .Values.metrics.serviceMonitor.metricRelabelings "context" $) | nindent 6 }} - {{- end }} - {{- if .Values.metrics.serviceMonitor.honorLabels }} - honorLabels: {{ .Values.metrics.serviceMonitor.honorLabels }} - {{- end }} - namespaceSelector: - matchNames: - - {{ .Release.Namespace | quote }} -{{- end }} diff --git a/charts/postgresql/postgresql/templates/primary/statefulset.yaml b/charts/postgresql/postgresql/templates/primary/statefulset.yaml deleted file mode 100644 index c110f91..0000000 --- a/charts/postgresql/postgresql/templates/primary/statefulset.yaml +++ /dev/null @@ -1,703 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- $customUser := include "postgresql.v1.username" . }} -apiVersion: {{ include "common.capabilities.statefulset.apiVersion" . }} -kind: StatefulSet -metadata: - name: {{ include "postgresql.v1.primary.fullname" . }} - namespace: {{ .Release.Namespace | quote }} - {{- $labels := include "common.tplvalues.merge" ( dict "values" ( list .Values.primary.labels .Values.commonLabels ) "context" . ) }} - labels: {{- include "common.labels.standard" ( dict "customLabels" $labels "context" $ ) | nindent 4 }} - app.kubernetes.io/component: primary - {{- if or .Values.commonAnnotations .Values.primary.annotations }} - {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.primary.annotations .Values.commonAnnotations ) "context" . ) }} - annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} - {{- end }} -spec: - replicas: 1 - serviceName: {{ include "postgresql.v1.primary.svc.headless" . }} - {{- if .Values.primary.updateStrategy }} - updateStrategy: {{- toYaml .Values.primary.updateStrategy | nindent 4 }} - {{- end }} - {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.primary.podLabels .Values.commonLabels ) "context" . ) }} - selector: - matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }} - app.kubernetes.io/component: primary - template: - metadata: - name: {{ include "postgresql.v1.primary.fullname" . }} - labels: {{- include "common.labels.standard" ( dict "customLabels" $podLabels "context" $ ) | nindent 8 }} - app.kubernetes.io/component: primary - {{- if or (include "postgresql.v1.primary.createConfigmap" .) (include "postgresql.v1.primary.createExtendedConfigmap" .) .Values.primary.podAnnotations }} - annotations: - {{- if (include "postgresql.v1.primary.createConfigmap" .) }} - checksum/configuration: {{ pick (include (print $.Template.BasePath "/primary/configmap.yaml") . | fromYaml) "data" | toYaml | sha256sum }} - {{- end }} - {{- if (include "postgresql.v1.primary.createExtendedConfigmap" .) }} - checksum/extended-configuration: {{ pick (include (print $.Template.BasePath "/primary/extended-configmap.yaml") . | fromYaml) "data" | toYaml | sha256sum }} - {{- end }} - {{- if .Values.primary.podAnnotations }} - {{- include "common.tplvalues.render" ( dict "value" .Values.primary.podAnnotations "context" $ ) | nindent 8 }} - {{- end }} - {{- end }} - spec: - {{- if .Values.primary.extraPodSpec }} - {{- include "common.tplvalues.render" (dict "value" .Values.primary.extraPodSpec "context" $) | nindent 6 }} - {{- end }} - serviceAccountName: {{ include "postgresql.v1.serviceAccountName" . }} - {{- include "postgresql.v1.imagePullSecrets" . | nindent 6 }} - automountServiceAccountToken: {{ .Values.primary.automountServiceAccountToken }} - {{- if .Values.primary.hostAliases }} - hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.primary.hostAliases "context" $) | nindent 8 }} - {{- end }} - {{- if .Values.primary.affinity }} - affinity: {{- include "common.tplvalues.render" (dict "value" .Values.primary.affinity "context" $) | nindent 8 }} - {{- else }} - affinity: - podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.primary.podAffinityPreset "component" "primary" "customLabels" $podLabels "context" $) | nindent 10 }} - podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.primary.podAntiAffinityPreset "component" "primary" "customLabels" $podLabels "context" $) | nindent 10 }} - nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.primary.nodeAffinityPreset.type "key" .Values.primary.nodeAffinityPreset.key "values" .Values.primary.nodeAffinityPreset.values) | nindent 10 }} - {{- end }} - {{- if .Values.primary.nodeSelector }} - nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.primary.nodeSelector "context" $) | nindent 8 }} - {{- end }} - {{- if .Values.primary.tolerations }} - tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.primary.tolerations "context" $) | nindent 8 }} - {{- end }} - {{- if .Values.primary.topologySpreadConstraints }} - topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.primary.topologySpreadConstraints "context" .) | nindent 8 }} - {{- end }} - {{- if .Values.primary.priorityClassName }} - priorityClassName: {{ .Values.primary.priorityClassName }} - {{- end }} - {{- if .Values.primary.schedulerName }} - schedulerName: {{ .Values.primary.schedulerName | quote }} - {{- end }} - {{- if .Values.primary.terminationGracePeriodSeconds }} - terminationGracePeriodSeconds: {{ .Values.primary.terminationGracePeriodSeconds }} - {{- end }} - {{- if .Values.primary.podSecurityContext.enabled }} - securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.primary.podSecurityContext "context" $) | nindent 8 }} - {{- end }} - hostNetwork: {{ .Values.primary.hostNetwork }} - hostIPC: {{ .Values.primary.hostIPC }} - {{- if or (and .Values.tls.enabled (not .Values.volumePermissions.enabled)) (and .Values.volumePermissions.enabled (or .Values.primary.persistence.enabled .Values.shmVolume.enabled)) .Values.primary.initContainers }} - initContainers: - {{- if and .Values.tls.enabled (not .Values.volumePermissions.enabled) }} - - name: copy-certs - image: {{ include "postgresql.v1.volumePermissions.image" . }} - imagePullPolicy: {{ .Values.volumePermissions.image.pullPolicy | quote }} - {{- if .Values.primary.resources }} - resources: {{- toYaml .Values.primary.resources | nindent 12 }} - {{- else if ne .Values.primary.resourcesPreset "none" }} - resources: {{- include "common.resources.preset" (dict "type" .Values.primary.resourcesPreset) | nindent 12 }} - {{- end }} - # We don't require a privileged container in this case - {{- if .Values.primary.containerSecurityContext.enabled }} - securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.primary.containerSecurityContext "context" $) | nindent 12 }} - {{- end }} - command: - - /bin/sh - - -ec - - | - cp /tmp/certs/* /opt/bitnami/postgresql/certs/ - chmod 600 {{ include "postgresql.v1.tlsCertKey" . }} - volumeMounts: - - name: empty-dir - mountPath: /tmp - subPath: tmp-dir - - name: raw-certificates - mountPath: /tmp/certs - - name: postgresql-certificates - mountPath: /opt/bitnami/postgresql/certs - {{- else if and .Values.volumePermissions.enabled (or .Values.primary.persistence.enabled .Values.shmVolume.enabled) }} - - name: init-chmod-data - image: {{ include "postgresql.v1.volumePermissions.image" . }} - imagePullPolicy: {{ .Values.volumePermissions.image.pullPolicy | quote }} - {{- if .Values.volumePermissions.resources }} - resources: {{- toYaml .Values.volumePermissions.resources | nindent 12 }} - {{- else if ne .Values.volumePermissions.resourcesPreset "none" }} - resources: {{- include "common.resources.preset" (dict "type" .Values.volumePermissions.resourcesPreset) | nindent 12 }} - {{- end }} - command: - - /bin/sh - - -ec - - | - {{- if .Values.primary.persistence.enabled }} - {{- if eq ( toString ( .Values.volumePermissions.containerSecurityContext.runAsUser )) "auto" }} - chown `id -u`:`id -G | cut -d " " -f2` {{ .Values.primary.persistence.mountPath }} - {{- else }} - chown {{ .Values.primary.containerSecurityContext.runAsUser }}:{{ .Values.primary.podSecurityContext.fsGroup }} {{ .Values.primary.persistence.mountPath }} - {{- end }} - mkdir -p {{ .Values.primary.persistence.mountPath }}/data {{- if (include "postgresql.v1.mountConfigurationCM" .) }} {{ .Values.primary.persistence.mountPath }}/conf {{- end }} - chmod 700 {{ .Values.primary.persistence.mountPath }}/data {{- if (include "postgresql.v1.mountConfigurationCM" .) }} {{ .Values.primary.persistence.mountPath }}/conf {{- end }} - find {{ .Values.primary.persistence.mountPath }} -mindepth 1 -maxdepth 1 {{- if not (include "postgresql.v1.mountConfigurationCM" .) }} -not -name "conf" {{- end }} -not -name ".snapshot" -not -name "lost+found" | \ - {{- if eq ( toString ( .Values.volumePermissions.containerSecurityContext.runAsUser )) "auto" }} - xargs -r chown -R `id -u`:`id -G | cut -d " " -f2` - {{- else }} - xargs -r chown -R {{ .Values.primary.containerSecurityContext.runAsUser }}:{{ .Values.primary.podSecurityContext.fsGroup }} - {{- end }} - {{- end }} - {{- if .Values.shmVolume.enabled }} - chmod -R 777 /dev/shm - {{- end }} - {{- if .Values.tls.enabled }} - cp /tmp/certs/* /opt/bitnami/postgresql/certs/ - {{- if eq ( toString ( .Values.volumePermissions.containerSecurityContext.runAsUser )) "auto" }} - chown -R `id -u`:`id -G | cut -d " " -f2` /opt/bitnami/postgresql/certs/ - {{- else }} - chown -R {{ .Values.primary.containerSecurityContext.runAsUser }}:{{ .Values.primary.podSecurityContext.fsGroup }} /opt/bitnami/postgresql/certs/ - {{- end }} - chmod 600 {{ include "postgresql.v1.tlsCertKey" . }} - {{- end }} - {{- if eq ( toString ( .Values.volumePermissions.containerSecurityContext.runAsUser )) "auto" }} - securityContext: {{- omit .Values.volumePermissions.containerSecurityContext "runAsUser" | toYaml | nindent 12 }} - {{- else }} - securityContext: {{- .Values.volumePermissions.containerSecurityContext | toYaml | nindent 12 }} - {{- end }} - volumeMounts: - - name: empty-dir - mountPath: /tmp - subPath: tmp-dir - - name: {{ .Values.primary.persistence.volumeName }} - mountPath: {{ .Values.primary.persistence.mountPath }} - {{- if .Values.primary.persistence.subPath }} - subPath: {{ .Values.primary.persistence.subPath }} - {{- end }} - {{- if .Values.shmVolume.enabled }} - - name: dshm - mountPath: /dev/shm - {{- end }} - {{- if .Values.tls.enabled }} - - name: raw-certificates - mountPath: /tmp/certs - - name: postgresql-certificates - mountPath: /opt/bitnami/postgresql/certs - {{- end }} - {{- end }} - {{- if .Values.primary.initContainers }} - {{- include "common.tplvalues.render" ( dict "value" .Values.primary.initContainers "context" $ ) | nindent 8 }} - {{- end }} - {{- end }} - containers: - - name: postgresql - image: {{ include "postgresql.v1.image" . }} - imagePullPolicy: {{ .Values.image.pullPolicy | quote }} - {{- if .Values.primary.containerSecurityContext.enabled }} - securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.primary.containerSecurityContext "context" $) | nindent 12 }} - {{- end }} - {{- if .Values.diagnosticMode.enabled }} - command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }} - {{- else if .Values.primary.command }} - command: {{- include "common.tplvalues.render" (dict "value" .Values.primary.command "context" $) | nindent 12 }} - {{- end }} - {{- if .Values.diagnosticMode.enabled }} - args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 12 }} - {{- else if .Values.primary.args }} - args: {{- include "common.tplvalues.render" (dict "value" .Values.primary.args "context" $) | nindent 12 }} - {{- end }} - env: - - name: BITNAMI_DEBUG - value: {{ ternary "true" "false" (or .Values.image.debug .Values.diagnosticMode.enabled) | quote }} - - name: POSTGRESQL_PORT_NUMBER - value: {{ .Values.containerPorts.postgresql | quote }} - - name: POSTGRESQL_VOLUME_DIR - value: {{ .Values.primary.persistence.mountPath | quote }} - {{- if .Values.primary.persistence.mountPath }} - - name: PGDATA - value: {{ .Values.postgresqlDataDir | quote }} - {{- end }} - # Authentication - {{- if or (eq $customUser "postgres") (empty $customUser) }} - {{- if .Values.auth.enablePostgresUser }} - {{- if .Values.auth.usePasswordFiles }} - - name: POSTGRES_PASSWORD_FILE - value: {{ printf "/opt/bitnami/postgresql/secrets/%s" (include "postgresql.v1.adminPasswordKey" .) }} - {{- else }} - - name: POSTGRES_PASSWORD - valueFrom: - secretKeyRef: - name: {{ include "postgresql.v1.secretName" . }} - key: {{ include "postgresql.v1.adminPasswordKey" . }} - {{- end }} - {{- else }} - - name: ALLOW_EMPTY_PASSWORD - value: "true" - {{- end }} - {{- else }} - - name: POSTGRES_USER - value: {{ $customUser | quote }} - {{- if .Values.auth.usePasswordFiles }} - - name: POSTGRES_PASSWORD_FILE - value: {{ printf "/opt/bitnami/postgresql/secrets/%s" (include "postgresql.v1.userPasswordKey" .) }} - {{- else }} - - name: POSTGRES_PASSWORD - valueFrom: - secretKeyRef: - name: {{ include "postgresql.v1.secretName" . }} - key: {{ include "postgresql.v1.userPasswordKey" . }} - {{- end }} - {{- if .Values.auth.enablePostgresUser }} - {{- if .Values.auth.usePasswordFiles }} - - name: POSTGRES_POSTGRES_PASSWORD_FILE - value: {{ printf "/opt/bitnami/postgresql/secrets/%s" (include "postgresql.v1.adminPasswordKey" .) }} - {{- else }} - - name: POSTGRES_POSTGRES_PASSWORD - valueFrom: - secretKeyRef: - name: {{ include "postgresql.v1.secretName" . }} - key: {{ include "postgresql.v1.adminPasswordKey" . }} - {{- end }} - {{- end }} - {{- end }} - {{- if (include "postgresql.v1.database" .) }} - - name: POSTGRES_DATABASE - value: {{ (include "postgresql.v1.database" .) | quote }} - {{- end }} - {{- if or (eq .Values.architecture "replication") .Values.primary.standby.enabled }} - # Replication - - name: POSTGRES_REPLICATION_MODE - value: {{ ternary "slave" "master" .Values.primary.standby.enabled | quote }} - - name: POSTGRES_REPLICATION_USER - value: {{ .Values.auth.replicationUsername | quote }} - {{- if .Values.auth.usePasswordFiles }} - - name: POSTGRES_REPLICATION_PASSWORD_FILE - value: {{ printf "/opt/bitnami/postgresql/secrets/%s" (include "postgresql.v1.replicationPasswordKey" .) }} - {{- else }} - - name: POSTGRES_REPLICATION_PASSWORD - valueFrom: - secretKeyRef: - name: {{ include "postgresql.v1.secretName" . }} - key: {{ include "postgresql.v1.replicationPasswordKey" . }} - {{- end }} - {{- if ne .Values.replication.synchronousCommit "off" }} - - name: POSTGRES_SYNCHRONOUS_COMMIT_MODE - value: {{ .Values.replication.synchronousCommit | quote }} - - name: POSTGRES_NUM_SYNCHRONOUS_REPLICAS - value: {{ .Values.replication.numSynchronousReplicas | quote }} - {{- end }} - - name: POSTGRES_CLUSTER_APP_NAME - value: {{ .Values.replication.applicationName }} - {{- end }} - {{- if .Values.primary.initdb.args }} - # Initdb - - name: POSTGRES_INITDB_ARGS - value: {{ .Values.primary.initdb.args | quote }} - {{- end }} - {{- if .Values.primary.initdb.postgresqlWalDir }} - - name: POSTGRES_INITDB_WALDIR - value: {{ .Values.primary.initdb.postgresqlWalDir | quote }} - {{- end }} - {{- if .Values.primary.initdb.user }} - - name: POSTGRES_INITSCRIPTS_USERNAME - value: {{ .Values.primary.initdb.user }} - {{- end }} - {{- if .Values.primary.initdb.password }} - - name: POSTGRES_INITSCRIPTS_PASSWORD - value: {{ .Values.primary.initdb.password | quote }} - {{- end }} - {{- if .Values.primary.standby.enabled }} - # Standby - - name: POSTGRES_MASTER_HOST - value: {{ .Values.primary.standby.primaryHost }} - - name: POSTGRES_MASTER_PORT_NUMBER - value: {{ .Values.primary.standby.primaryPort | quote }} - {{- end }} - # LDAP - - name: POSTGRESQL_ENABLE_LDAP - value: {{ ternary "yes" "no" .Values.ldap.enabled | quote }} - {{- if .Values.ldap.enabled }} - {{- if or .Values.ldap.url .Values.ldap.uri }} - - name: POSTGRESQL_LDAP_URL - value: {{ coalesce .Values.ldap.url .Values.ldap.uri }} - {{- else }} - - name: POSTGRESQL_LDAP_SERVER - value: {{ .Values.ldap.server }} - - name: POSTGRESQL_LDAP_PORT - value: {{ .Values.ldap.port | quote }} - - name: POSTGRESQL_LDAP_SCHEME - value: {{ .Values.ldap.scheme }} - {{- if (include "postgresql.v1.ldap.tls.enabled" .) }} - - name: POSTGRESQL_LDAP_TLS - value: "1" - {{- end }} - - name: POSTGRESQL_LDAP_PREFIX - value: {{ .Values.ldap.prefix | quote }} - - name: POSTGRESQL_LDAP_SUFFIX - value: {{ .Values.ldap.suffix | quote }} - - name: POSTGRESQL_LDAP_BASE_DN - value: {{ coalesce .Values.ldap.baseDN .Values.ldap.basedn }} - - name: POSTGRESQL_LDAP_BIND_DN - value: {{ coalesce .Values.ldap.bindDN .Values.ldap.binddn}} - {{- if or (not (empty .Values.ldap.bind_password)) (not (empty .Values.ldap.bindpw)) }} - - name: POSTGRESQL_LDAP_BIND_PASSWORD - valueFrom: - secretKeyRef: - name: {{ include "postgresql.v1.secretName" . }} - key: ldap-password - {{- end }} - - name: POSTGRESQL_LDAP_SEARCH_ATTR - value: {{ coalesce .Values.ldap.search_attr .Values.ldap.searchAttribute }} - - name: POSTGRESQL_LDAP_SEARCH_FILTER - value: {{ coalesce .Values.ldap.search_filter .Values.ldap.searchFilter }} - {{- end }} - {{- end }} - # TLS - - name: POSTGRESQL_ENABLE_TLS - value: {{ ternary "yes" "no" .Values.tls.enabled | quote }} - {{- if .Values.tls.enabled }} - - name: POSTGRESQL_TLS_PREFER_SERVER_CIPHERS - value: {{ ternary "yes" "no" .Values.tls.preferServerCiphers | quote }} - - name: POSTGRESQL_TLS_CERT_FILE - value: {{ include "postgresql.v1.tlsCert" . }} - - name: POSTGRESQL_TLS_KEY_FILE - value: {{ include "postgresql.v1.tlsCertKey" . }} - {{- if .Values.tls.certCAFilename }} - - name: POSTGRESQL_TLS_CA_FILE - value: {{ include "postgresql.v1.tlsCACert" . }} - {{- end }} - {{- if .Values.tls.crlFilename }} - - name: POSTGRESQL_TLS_CRL_FILE - value: {{ include "postgresql.v1.tlsCRL" . }} - {{- end }} - {{- end }} - # Audit - - name: POSTGRESQL_LOG_HOSTNAME - value: {{ .Values.audit.logHostname | quote }} - - name: POSTGRESQL_LOG_CONNECTIONS - value: {{ .Values.audit.logConnections | quote }} - - name: POSTGRESQL_LOG_DISCONNECTIONS - value: {{ .Values.audit.logDisconnections | quote }} - {{- if .Values.audit.logLinePrefix }} - - name: POSTGRESQL_LOG_LINE_PREFIX - value: {{ .Values.audit.logLinePrefix | quote }} - {{- end }} - {{- if .Values.audit.logTimezone }} - - name: POSTGRESQL_LOG_TIMEZONE - value: {{ .Values.audit.logTimezone | quote }} - {{- end }} - {{- if .Values.audit.pgAuditLog }} - - name: POSTGRESQL_PGAUDIT_LOG - value: {{ .Values.audit.pgAuditLog | quote }} - {{- end }} - - name: POSTGRESQL_PGAUDIT_LOG_CATALOG - value: {{ .Values.audit.pgAuditLogCatalog | quote }} - # Others - - name: POSTGRESQL_CLIENT_MIN_MESSAGES - value: {{ .Values.audit.clientMinMessages | quote }} - - name: POSTGRESQL_SHARED_PRELOAD_LIBRARIES - value: {{ .Values.postgresqlSharedPreloadLibraries | quote }} - {{- if .Values.primary.extraEnvVars }} - {{- include "common.tplvalues.render" (dict "value" .Values.primary.extraEnvVars "context" $) | nindent 12 }} - {{- end }} - {{- if or .Values.primary.extraEnvVarsCM .Values.primary.extraEnvVarsSecret }} - envFrom: - {{- if .Values.primary.extraEnvVarsCM }} - - configMapRef: - name: {{ .Values.primary.extraEnvVarsCM }} - {{- end }} - {{- if .Values.primary.extraEnvVarsSecret }} - - secretRef: - name: {{ .Values.primary.extraEnvVarsSecret }} - {{- end }} - {{- end }} - ports: - - name: tcp-postgresql - containerPort: {{ .Values.containerPorts.postgresql }} - {{- if not .Values.diagnosticMode.enabled }} - {{- if .Values.primary.customStartupProbe }} - startupProbe: {{- include "common.tplvalues.render" (dict "value" .Values.primary.customStartupProbe "context" $) | nindent 12 }} - {{- else if .Values.primary.startupProbe.enabled }} - startupProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.primary.startupProbe "enabled") "context" $) | nindent 12 }} - exec: - command: - - /bin/sh - - -c - {{- if (include "postgresql.v1.database" .) }} - - exec pg_isready -U {{ default "postgres" $customUser | quote }} -d "dbname={{ include "postgresql.v1.database" . }} {{- if and .Values.tls.enabled .Values.tls.certCAFilename }} sslcert={{ include "postgresql.v1.tlsCert" . }} sslkey={{ include "postgresql.v1.tlsCertKey" . }}{{- end }}" -h 127.0.0.1 -p {{ .Values.containerPorts.postgresql }} - {{- else }} - - exec pg_isready -U {{ default "postgres" $customUser | quote }} {{- if and .Values.tls.enabled .Values.tls.certCAFilename }} -d "sslcert={{ include "postgresql.v1.tlsCert" . }} sslkey={{ include "postgresql.v1.tlsCertKey" . }}"{{- end }} -h 127.0.0.1 -p {{ .Values.containerPorts.postgresql }} - {{- end }} - {{- end }} - {{- if .Values.primary.customLivenessProbe }} - livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.primary.customLivenessProbe "context" $) | nindent 12 }} - {{- else if .Values.primary.livenessProbe.enabled }} - livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.primary.livenessProbe "enabled") "context" $) | nindent 12 }} - exec: - command: - - /bin/sh - - -c - {{- if (include "postgresql.v1.database" .) }} - - exec pg_isready -U {{ default "postgres" $customUser | quote }} -d "dbname={{ include "postgresql.v1.database" . }} {{- if and .Values.tls.enabled .Values.tls.certCAFilename }} sslcert={{ include "postgresql.v1.tlsCert" . }} sslkey={{ include "postgresql.v1.tlsCertKey" . }}{{- end }}" -h 127.0.0.1 -p {{ .Values.containerPorts.postgresql }} - {{- else }} - - exec pg_isready -U {{ default "postgres" $customUser | quote }} {{- if and .Values.tls.enabled .Values.tls.certCAFilename }} -d "sslcert={{ include "postgresql.v1.tlsCert" . }} sslkey={{ include "postgresql.v1.tlsCertKey" . }}"{{- end }} -h 127.0.0.1 -p {{ .Values.containerPorts.postgresql }} - {{- end }} - {{- end }} - {{- if .Values.primary.customReadinessProbe }} - readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.primary.customReadinessProbe "context" $) | nindent 12 }} - {{- else if .Values.primary.readinessProbe.enabled }} - readinessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.primary.readinessProbe "enabled") "context" $) | nindent 12 }} - exec: - command: - - /bin/sh - - -c - - -e - {{- include "postgresql.v1.readinessProbeCommand" . | nindent 16 }} - {{- end }} - {{- end }} - {{- if .Values.primary.resources }} - resources: {{- toYaml .Values.primary.resources | nindent 12 }} - {{- else if ne .Values.primary.resourcesPreset "none" }} - resources: {{- include "common.resources.preset" (dict "type" .Values.primary.resourcesPreset) | nindent 12 }} - {{- end }} - {{- if .Values.primary.lifecycleHooks }} - lifecycle: {{- include "common.tplvalues.render" (dict "value" .Values.primary.lifecycleHooks "context" $) | nindent 12 }} - {{- end }} - volumeMounts: - - name: empty-dir - mountPath: /tmp - subPath: tmp-dir - - name: empty-dir - mountPath: /opt/bitnami/postgresql/conf - subPath: app-conf-dir - - name: empty-dir - mountPath: /opt/bitnami/postgresql/tmp - subPath: app-tmp-dir - {{- if or .Values.primary.preInitDb.scriptsConfigMap .Values.primary.preInitDb.scripts }} - - name: custom-preinit-scripts - mountPath: /docker-entrypoint-preinitdb.d/ - {{- end }} - {{- if .Values.primary.preInitDb.scriptsSecret }} - - name: custom-preinit-scripts-secret - mountPath: /docker-entrypoint-preinitdb.d/secret - {{- end }} - {{- if or .Values.primary.initdb.scriptsConfigMap .Values.primary.initdb.scripts }} - - name: custom-init-scripts - mountPath: /docker-entrypoint-initdb.d/ - {{- end }} - {{- if .Values.primary.initdb.scriptsSecret }} - - name: custom-init-scripts-secret - mountPath: /docker-entrypoint-initdb.d/secret - {{- end }} - {{- if or .Values.primary.extendedConfiguration .Values.primary.existingExtendedConfigmap }} - - name: postgresql-extended-config - mountPath: {{ .Values.primary.persistence.mountPath }}/conf/conf.d/ - {{- end }} - {{- if .Values.auth.usePasswordFiles }} - - name: postgresql-password - mountPath: /opt/bitnami/postgresql/secrets/ - {{- end }} - {{- if .Values.tls.enabled }} - - name: postgresql-certificates - mountPath: /opt/bitnami/postgresql/certs - readOnly: true - {{- end }} - {{- if .Values.shmVolume.enabled }} - - name: dshm - mountPath: /dev/shm - {{- end }} - - name: {{ .Values.primary.persistence.volumeName }} - mountPath: {{ .Values.primary.persistence.mountPath }} - {{- if .Values.primary.persistence.subPath }} - subPath: {{ .Values.primary.persistence.subPath }} - {{- end }} - {{- if or .Values.primary.configuration .Values.primary.pgHbaConfiguration .Values.primary.existingConfigmap }} - - name: postgresql-config - mountPath: {{ .Values.primary.persistence.mountPath }}/conf - {{- end }} - {{- if .Values.primary.extraVolumeMounts }} - {{- include "common.tplvalues.render" (dict "value" .Values.primary.extraVolumeMounts "context" $) | nindent 12 }} - {{- end }} - {{- if .Values.metrics.enabled }} - - name: metrics - image: {{ include "postgresql.v1.metrics.image" . }} - imagePullPolicy: {{ .Values.metrics.image.pullPolicy | quote }} - {{- if .Values.metrics.containerSecurityContext.enabled }} - securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.metrics.containerSecurityContext "context" $) | nindent 12 }} - {{- end }} - {{- if .Values.diagnosticMode.enabled }} - command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }} - args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 12 }} - {{- else if or .Values.metrics.customMetrics .Values.metrics.collectors }} - args: - {{- if .Values.metrics.customMetrics }} - - --extend.query-path - - /conf/custom-metrics.yaml - {{- end }} - {{- range $name, $enabled := .Values.metrics.collectors }} - - --{{ if not $enabled }}no-{{ end }}collector.{{ $name }} - {{- end }} - {{- end }} - env: - - name: DATA_SOURCE_URI - value: {{ printf "127.0.0.1:%d/postgres?sslmode=disable" (int (include "postgresql.v1.service.port" .)) }} - {{- $pwdKey := ternary (include "postgresql.v1.adminPasswordKey" .) (include "postgresql.v1.userPasswordKey" .) (or (eq $customUser "postgres") (empty $customUser)) }} - {{- if .Values.auth.usePasswordFiles }} - - name: DATA_SOURCE_PASS_FILE - value: {{ printf "/opt/bitnami/postgresql/secrets/%s" $pwdKey }} - {{- else }} - - name: DATA_SOURCE_PASS - valueFrom: - secretKeyRef: - name: {{ include "postgresql.v1.secretName" . }} - key: {{ $pwdKey }} - {{- end }} - - name: DATA_SOURCE_USER - value: {{ default "postgres" $customUser | quote }} - {{- if .Values.metrics.extraEnvVars }} - {{- include "common.tplvalues.render" (dict "value" .Values.metrics.extraEnvVars "context" $) | nindent 12 }} - {{- end }} - ports: - - name: http-metrics - containerPort: {{ .Values.metrics.containerPorts.metrics }} - {{- if not .Values.diagnosticMode.enabled }} - {{- if .Values.metrics.customStartupProbe }} - startupProbe: {{- include "common.tplvalues.render" (dict "value" .Values.metrics.customStartupProbe "context" $) | nindent 12 }} - {{- else if .Values.metrics.startupProbe.enabled }} - startupProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.metrics.startupProbe "enabled") "context" $) | nindent 12 }} - tcpSocket: - port: http-metrics - {{- end }} - {{- if .Values.metrics.customLivenessProbe }} - livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.metrics.customLivenessProbe "context" $) | nindent 12 }} - {{- else if .Values.metrics.livenessProbe.enabled }} - livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.metrics.livenessProbe "enabled") "context" $) | nindent 12 }} - httpGet: - path: / - port: http-metrics - {{- end }} - {{- if .Values.metrics.customReadinessProbe }} - readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.metrics.customReadinessProbe "context" $) | nindent 12 }} - {{- else if .Values.metrics.readinessProbe.enabled }} - readinessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.metrics.readinessProbe "enabled") "context" $) | nindent 12 }} - httpGet: - path: / - port: http-metrics - {{- end }} - {{- end }} - volumeMounts: - - name: empty-dir - mountPath: /tmp - subPath: tmp-dir - {{- if .Values.auth.usePasswordFiles }} - - name: postgresql-password - mountPath: /opt/bitnami/postgresql/secrets/ - {{- end }} - {{- if .Values.metrics.customMetrics }} - - name: custom-metrics - mountPath: /conf - readOnly: true - {{- end }} - {{- if .Values.metrics.resources }} - resources: {{- toYaml .Values.metrics.resources | nindent 12 }} - {{- else if ne .Values.metrics.resourcesPreset "none" }} - resources: {{- include "common.resources.preset" (dict "type" .Values.metrics.resourcesPreset) | nindent 12 }} - {{- end }} - {{- end }} - {{- if .Values.primary.sidecars }} - {{- include "common.tplvalues.render" ( dict "value" .Values.primary.sidecars "context" $ ) | nindent 8 }} - {{- end }} - volumes: - - name: empty-dir - emptyDir: {} - {{- if or .Values.primary.configuration .Values.primary.pgHbaConfiguration .Values.primary.existingConfigmap }} - - name: postgresql-config - configMap: - name: {{ include "postgresql.v1.primary.configmapName" . }} - {{- end }} - {{- if or .Values.primary.extendedConfiguration .Values.primary.existingExtendedConfigmap }} - - name: postgresql-extended-config - configMap: - name: {{ include "postgresql.v1.primary.extendedConfigmapName" . }} - {{- end }} - {{- if .Values.auth.usePasswordFiles }} - - name: postgresql-password - secret: - secretName: {{ include "postgresql.v1.secretName" . }} - {{- end }} - {{- if or .Values.primary.preInitDb.scriptsConfigMap .Values.primary.preInitDb.scripts }} - - name: custom-preinit-scripts - configMap: - name: {{ include "postgresql.v1.preInitDb.scriptsCM" . }} - {{- end }} - {{- if .Values.primary.preInitDb.scriptsSecret }} - - name: custom-preinit-scripts-secret - secret: - secretName: {{ tpl .Values.primary.preInitDb.scriptsSecret $ }} - {{- end }} - {{- if or .Values.primary.initdb.scriptsConfigMap .Values.primary.initdb.scripts }} - - name: custom-init-scripts - configMap: - name: {{ include "postgresql.v1.initdb.scriptsCM" . }} - {{- end }} - {{- if .Values.primary.initdb.scriptsSecret }} - - name: custom-init-scripts-secret - secret: - secretName: {{ tpl .Values.primary.initdb.scriptsSecret $ }} - {{- end }} - {{- if .Values.tls.enabled }} - - name: raw-certificates - secret: - secretName: {{ include "postgresql.v1.tlsSecretName" . }} - - name: postgresql-certificates - emptyDir: {} - {{- end }} - {{- if .Values.primary.extraVolumes }} - {{- include "common.tplvalues.render" ( dict "value" .Values.primary.extraVolumes "context" $ ) | nindent 8 }} - {{- end }} - {{- if and .Values.metrics.enabled .Values.metrics.customMetrics }} - - name: custom-metrics - configMap: - name: {{ printf "%s-metrics" (include "postgresql.v1.primary.fullname" .) }} - {{- end }} - {{- if .Values.shmVolume.enabled }} - - name: dshm - emptyDir: - medium: Memory - {{- if .Values.shmVolume.sizeLimit }} - sizeLimit: {{ .Values.shmVolume.sizeLimit }} - {{- end }} - {{- end }} - {{- if and .Values.primary.persistence.enabled .Values.primary.persistence.existingClaim }} - - name: {{ .Values.primary.persistence.volumeName }} - persistentVolumeClaim: - claimName: {{ tpl .Values.primary.persistence.existingClaim $ }} - {{- else if not .Values.primary.persistence.enabled }} - - name: {{ .Values.primary.persistence.volumeName }} - emptyDir: {} - {{- else }} - {{- if .Values.primary.persistentVolumeClaimRetentionPolicy.enabled }} - persistentVolumeClaimRetentionPolicy: - whenDeleted: {{ .Values.primary.persistentVolumeClaimRetentionPolicy.whenDeleted }} - whenScaled: {{ .Values.primary.persistentVolumeClaimRetentionPolicy.whenScaled }} - {{- end }} - volumeClaimTemplates: - - apiVersion: v1 - kind: PersistentVolumeClaim - metadata: - name: {{ .Values.primary.persistence.volumeName }} - {{- if .Values.primary.persistence.annotations }} - annotations: {{- include "common.tplvalues.render" (dict "value" .Values.primary.persistence.annotations "context" $) | nindent 10 }} - {{- end }} - {{- if .Values.primary.persistence.labels }} - labels: {{- include "common.tplvalues.render" (dict "value" .Values.primary.persistence.labels "context" $) | nindent 10 }} - {{- end }} - spec: - accessModes: - {{- range .Values.primary.persistence.accessModes }} - - {{ . | quote }} - {{- end }} - {{- if .Values.primary.persistence.dataSource }} - dataSource: {{- include "common.tplvalues.render" (dict "value" .Values.primary.persistence.dataSource "context" $) | nindent 10 }} - {{- end }} - resources: - requests: - storage: {{ .Values.primary.persistence.size | quote }} - {{- if .Values.primary.persistence.selector }} - selector: {{- include "common.tplvalues.render" (dict "value" .Values.primary.persistence.selector "context" $) | nindent 10 }} - {{- end }} - {{- include "common.storage.class" (dict "persistence" .Values.primary.persistence "global" .Values.global) | nindent 8 }} - {{- end }} diff --git a/charts/postgresql/postgresql/templates/primary/svc-headless.yaml b/charts/postgresql/postgresql/templates/primary/svc-headless.yaml deleted file mode 100644 index ba918f4..0000000 --- a/charts/postgresql/postgresql/templates/primary/svc-headless.yaml +++ /dev/null @@ -1,31 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "postgresql.v1.primary.svc.headless" . }} - namespace: {{ .Release.Namespace | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - app.kubernetes.io/component: primary - annotations: - {{- if or .Values.primary.service.headless.annotations .Values.commonAnnotations }} - {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.primary.service.headless.annotations .Values.commonAnnotations ) "context" . ) }} - {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} - {{- end }} -spec: - type: ClusterIP - clusterIP: None - # We want all pods in the StatefulSet to have their addresses published for - # the sake of the other Postgresql pods even before they're ready, since they - # have to be able to talk to each other in order to become ready. - publishNotReadyAddresses: true - ports: - - name: tcp-postgresql - port: {{ template "postgresql.v1.service.port" . }} - targetPort: tcp-postgresql - {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.primary.podLabels .Values.commonLabels ) "context" . ) }} - selector: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 4 }} - app.kubernetes.io/component: primary diff --git a/charts/postgresql/postgresql/templates/primary/svc.yaml b/charts/postgresql/postgresql/templates/primary/svc.yaml deleted file mode 100644 index 62fe7d4..0000000 --- a/charts/postgresql/postgresql/templates/primary/svc.yaml +++ /dev/null @@ -1,54 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "postgresql.v1.primary.fullname" . }} - namespace: {{ .Release.Namespace | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - app.kubernetes.io/component: primary - {{- if or .Values.commonAnnotations .Values.primary.service.annotations }} - {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.primary.service.annotations .Values.commonAnnotations ) "context" . ) }} - annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} - {{- end }} -spec: - type: {{ .Values.primary.service.type }} - {{- if or (eq .Values.primary.service.type "LoadBalancer") (eq .Values.primary.service.type "NodePort") }} - externalTrafficPolicy: {{ .Values.primary.service.externalTrafficPolicy | quote }} - {{- end }} - {{- if and (eq .Values.primary.service.type "LoadBalancer") (not (empty .Values.primary.service.loadBalancerSourceRanges)) }} - loadBalancerSourceRanges: {{ .Values.primary.service.loadBalancerSourceRanges | toJson}} - {{- end }} - {{- if and (eq .Values.primary.service.type "LoadBalancer") (not (empty .Values.primary.service.loadBalancerClass)) }} - loadBalancerClass: {{ .Values.primary.service.loadBalancerClass }} - {{- end }} - {{- if and (eq .Values.primary.service.type "LoadBalancer") (not (empty .Values.primary.service.loadBalancerIP)) }} - loadBalancerIP: {{ .Values.primary.service.loadBalancerIP }} - {{- end }} - {{- if and .Values.primary.service.clusterIP (eq .Values.primary.service.type "ClusterIP") }} - clusterIP: {{ .Values.primary.service.clusterIP }} - {{- end }} - {{- if .Values.primary.service.sessionAffinity }} - sessionAffinity: {{ .Values.primary.service.sessionAffinity }} - {{- end }} - {{- if .Values.primary.service.sessionAffinityConfig }} - sessionAffinityConfig: {{- include "common.tplvalues.render" (dict "value" .Values.primary.service.sessionAffinityConfig "context" $) | nindent 4 }} - {{- end }} - ports: - - name: tcp-postgresql - port: {{ template "postgresql.v1.service.port" . }} - targetPort: tcp-postgresql - {{- if and (or (eq .Values.primary.service.type "NodePort") (eq .Values.primary.service.type "LoadBalancer")) (not (empty .Values.primary.service.nodePorts.postgresql)) }} - nodePort: {{ .Values.primary.service.nodePorts.postgresql }} - {{- else if eq .Values.primary.service.type "ClusterIP" }} - nodePort: null - {{- end }} - {{- if .Values.primary.service.extraPorts }} - {{- include "common.tplvalues.render" (dict "value" .Values.primary.service.extraPorts "context" $) | nindent 4 }} - {{- end }} - {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.primary.podLabels .Values.commonLabels ) "context" . ) }} - selector: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 4 }} - app.kubernetes.io/component: primary diff --git a/charts/postgresql/postgresql/templates/prometheusrule.yaml b/charts/postgresql/postgresql/templates/prometheusrule.yaml deleted file mode 100644 index b6d17ba..0000000 --- a/charts/postgresql/postgresql/templates/prometheusrule.yaml +++ /dev/null @@ -1,22 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if and .Values.metrics.enabled .Values.metrics.prometheusRule.enabled }} -apiVersion: monitoring.coreos.com/v1 -kind: PrometheusRule -metadata: - name: {{ include "common.names.fullname" . }} - namespace: {{ default .Release.Namespace .Values.metrics.prometheusRule.namespace | quote }} - {{- $labels := include "common.tplvalues.merge" ( dict "values" ( list .Values.metrics.prometheusRule.labels .Values.commonLabels ) "context" . ) }} - labels: {{- include "common.labels.standard" ( dict "customLabels" $labels "context" $ ) | nindent 4 }} - app.kubernetes.io/component: metrics - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -spec: - groups: - - name: {{ include "common.names.fullname" . }} - rules: {{- include "common.tplvalues.render" ( dict "value" .Values.metrics.prometheusRule.rules "context" $ ) | nindent 8 }} -{{- end }} diff --git a/charts/postgresql/postgresql/templates/psp.yaml b/charts/postgresql/postgresql/templates/psp.yaml deleted file mode 100644 index b522002..0000000 --- a/charts/postgresql/postgresql/templates/psp.yaml +++ /dev/null @@ -1,42 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if and (include "common.capabilities.psp.supported" .) .Values.psp.create }} -apiVersion: policy/v1beta1 -kind: PodSecurityPolicy -metadata: - name: {{ include "common.names.fullname" . }} - namespace: {{ .Release.Namespace | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -spec: - privileged: false - volumes: - - 'configMap' - - 'secret' - - 'persistentVolumeClaim' - - 'emptyDir' - - 'projected' - hostNetwork: false - hostIPC: false - hostPID: false - runAsUser: - rule: 'RunAsAny' - seLinux: - rule: 'RunAsAny' - supplementalGroups: - rule: 'MustRunAs' - ranges: - - min: 1 - max: 65535 - fsGroup: - rule: 'MustRunAs' - ranges: - - min: 1 - max: 65535 - readOnlyRootFilesystem: false -{{- end }} diff --git a/charts/postgresql/postgresql/templates/read/extended-configmap.yaml b/charts/postgresql/postgresql/templates/read/extended-configmap.yaml deleted file mode 100644 index d4db2ae..0000000 --- a/charts/postgresql/postgresql/templates/read/extended-configmap.yaml +++ /dev/null @@ -1,20 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if (include "postgresql.v1.readReplicas.createExtendedConfigmap" .) }} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ printf "%s-extended-configuration" (include "postgresql.v1.readReplica.fullname" .) }} - namespace: {{ .Release.Namespace | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - app.kubernetes.io/component: read - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -data: - override.conf: |- - {{- include "common.tplvalues.render" ( dict "value" .Values.readReplicas.extendedConfiguration "context" $ ) | nindent 4 }} -{{- end }} diff --git a/charts/postgresql/postgresql/templates/read/metrics-configmap.yaml b/charts/postgresql/postgresql/templates/read/metrics-configmap.yaml deleted file mode 100644 index ca019c9..0000000 --- a/charts/postgresql/postgresql/templates/read/metrics-configmap.yaml +++ /dev/null @@ -1,18 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if and .Values.metrics.enabled .Values.metrics.customMetrics (eq .Values.architecture "replication") }} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ printf "%s-metrics" (include "postgresql.v1.readReplica.fullname" .) }} - namespace: {{ .Release.Namespace | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -data: - custom-metrics.yaml: {{ toYaml .Values.metrics.customMetrics | quote }} -{{- end }} diff --git a/charts/postgresql/postgresql/templates/read/metrics-svc.yaml b/charts/postgresql/postgresql/templates/read/metrics-svc.yaml deleted file mode 100644 index cdb2647..0000000 --- a/charts/postgresql/postgresql/templates/read/metrics-svc.yaml +++ /dev/null @@ -1,31 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if and .Values.metrics.enabled (eq .Values.architecture "replication") }} -apiVersion: v1 -kind: Service -metadata: - name: {{ printf "%s-metrics" (include "postgresql.v1.readReplica.fullname" .) }} - namespace: {{ .Release.Namespace | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - app.kubernetes.io/component: metrics-read - {{- if or .Values.commonAnnotations .Values.metrics.service.annotations }} - {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.metrics.service.annotations .Values.commonAnnotations ) "context" . ) }} - annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} - {{- end }} -spec: - type: ClusterIP - sessionAffinity: {{ .Values.metrics.service.sessionAffinity }} - {{- if .Values.metrics.service.clusterIP }} - clusterIP: {{ .Values.metrics.service.clusterIP }} - {{- end }} - ports: - - name: http-metrics - port: {{ .Values.metrics.service.ports.metrics }} - targetPort: http-metrics - {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.readReplicas.podLabels .Values.commonLabels ) "context" . ) }} - selector: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 4 }} - app.kubernetes.io/component: read -{{- end }} diff --git a/charts/postgresql/postgresql/templates/read/networkpolicy.yaml b/charts/postgresql/postgresql/templates/read/networkpolicy.yaml deleted file mode 100644 index 9c730d8..0000000 --- a/charts/postgresql/postgresql/templates/read/networkpolicy.yaml +++ /dev/null @@ -1,80 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if eq .Values.architecture "replication" }} -{{- if .Values.readReplicas.networkPolicy.enabled }} -kind: NetworkPolicy -apiVersion: {{ include "common.capabilities.networkPolicy.apiVersion" . }} -metadata: - name: {{ include "postgresql.v1.readReplica.fullname" . }} - namespace: {{ include "common.names.namespace" . | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - app.kubernetes.io/component: read - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -spec: - {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.readReplicas.podLabels .Values.commonLabels ) "context" . ) }} - podSelector: - matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }} - app.kubernetes.io/component: read - policyTypes: - - Ingress - - Egress - {{- if .Values.readReplicas.networkPolicy.allowExternalEgress }} - egress: - - {} - {{- else }} - egress: - # Allow dns resolution - - ports: - - port: 53 - protocol: UDP - - port: 53 - protocol: TCP - # Allow outbound connections to primary - - ports: - - port: {{ .Values.containerPorts.postgresql }} - to: - - podSelector: - matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 14 }} - app.kubernetes.io/component: primary - {{- if .Values.readReplicas.networkPolicy.extraEgress }} - {{- include "common.tplvalues.render" ( dict "value" .Values.readReplicas.networkPolicy.extraEgress "context" $ ) | nindent 4 }} - {{- end }} - {{- end }} - ingress: - - ports: - - port: {{ .Values.containerPorts.postgresql }} - {{- if .Values.metrics.enabled }} - - port: {{ .Values.metrics.containerPorts.metrics }} - {{- end }} - {{- if not .Values.readReplicas.networkPolicy.allowExternal }} - from: - - podSelector: - matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 14 }} - - podSelector: - matchLabels: - {{ template "postgresql.v1.readReplica.fullname" . }}-client: "true" - {{- if .Values.readReplicas.networkPolicy.ingressNSMatchLabels }} - - namespaceSelector: - matchLabels: - {{- range $key, $value := .Values.readReplicas.networkPolicy.ingressNSMatchLabels }} - {{ $key | quote }}: {{ $value | quote }} - {{- end }} - {{- if .Values.readReplicas.networkPolicy.ingressNSPodMatchLabels }} - podSelector: - matchLabels: - {{- range $key, $value := .Values.readReplicas.networkPolicy.ingressNSPodMatchLabels }} - {{ $key | quote }}: {{ $value | quote }} - {{- end }} - {{- end }} - {{- end }} - {{- end }} - {{- if .Values.readReplicas.networkPolicy.extraIngress }} - {{- include "common.tplvalues.render" ( dict "value" .Values.readReplicas.networkPolicy.extraIngress "context" $ ) | nindent 4 }} - {{- end }} -{{- end }} -{{- end }} diff --git a/charts/postgresql/postgresql/templates/read/pdb.yaml b/charts/postgresql/postgresql/templates/read/pdb.yaml deleted file mode 100644 index 1d25b68..0000000 --- a/charts/postgresql/postgresql/templates/read/pdb.yaml +++ /dev/null @@ -1,29 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if and ( eq .Values.architecture "replication" ) .Values.readReplicas.pdb.create }} -apiVersion: {{ include "common.capabilities.policy.apiVersion" . }} -kind: PodDisruptionBudget -metadata: - name: {{ include "postgresql.v1.readReplica.fullname" . }} - namespace: {{ .Release.Namespace | quote }} - {{- $labels := include "common.tplvalues.merge" ( dict "values" ( list .Values.readReplicas.labels .Values.commonLabels ) "context" . ) }} - labels: {{- include "common.labels.standard" ( dict "customLabels" $labels "context" $ ) | nindent 4 }} - app.kubernetes.io/component: read - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -spec: - {{- if .Values.readReplicas.pdb.minAvailable }} - minAvailable: {{ .Values.readReplicas.pdb.minAvailable }} - {{- end }} - {{- if or .Values.readReplicas.pdb.maxUnavailable ( not .Values.readReplicas.pdb.minAvailable ) }} - maxUnavailable: {{ .Values.readReplicas.pdb.maxUnavailable | default 1 }} - {{- end }} - {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.readReplicas.podLabels .Values.commonLabels ) "context" . ) }} - selector: - matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }} - app.kubernetes.io/component: read -{{- end }} diff --git a/charts/postgresql/postgresql/templates/read/servicemonitor.yaml b/charts/postgresql/postgresql/templates/read/servicemonitor.yaml deleted file mode 100644 index 2b63559..0000000 --- a/charts/postgresql/postgresql/templates/read/servicemonitor.yaml +++ /dev/null @@ -1,46 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if and .Values.metrics.enabled .Values.metrics.serviceMonitor.enabled (eq .Values.architecture "replication") }} -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: {{ include "postgresql.v1.readReplica.fullname" . }} - namespace: {{ default .Release.Namespace .Values.metrics.serviceMonitor.namespace | quote }} - {{- $labels := include "common.tplvalues.merge" ( dict "values" ( list .Values.metrics.serviceMonitor.labels .Values.commonLabels ) "context" . ) }} - labels: {{- include "common.labels.standard" ( dict "customLabels" $labels "context" $ ) | nindent 4 }} - app.kubernetes.io/component: metrics-read - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -spec: - {{- if .Values.metrics.serviceMonitor.jobLabel }} - jobLabel: {{ .Values.metrics.serviceMonitor.jobLabel }} - {{- end }} - selector: - {{- $svcLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.metrics.serviceMonitor.selector .Values.commonLabels ) "context" . ) }} - matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $svcLabels "context" $ ) | nindent 6 }} - app.kubernetes.io/component: metrics-read - endpoints: - - port: http-metrics - {{- if .Values.metrics.serviceMonitor.interval }} - interval: {{ .Values.metrics.serviceMonitor.interval }} - {{- end }} - {{- if .Values.metrics.serviceMonitor.scrapeTimeout }} - scrapeTimeout: {{ .Values.metrics.serviceMonitor.scrapeTimeout }} - {{- end }} - {{- if .Values.metrics.serviceMonitor.relabelings }} - relabelings: {{- include "common.tplvalues.render" ( dict "value" .Values.metrics.serviceMonitor.relabelings "context" $) | nindent 6 }} - {{- end }} - {{- if .Values.metrics.serviceMonitor.metricRelabelings }} - metricRelabelings: {{- include "common.tplvalues.render" ( dict "value" .Values.metrics.serviceMonitor.metricRelabelings "context" $) | nindent 6 }} - {{- end }} - {{- if .Values.metrics.serviceMonitor.honorLabels }} - honorLabels: {{ .Values.metrics.serviceMonitor.honorLabels }} - {{- end }} - namespaceSelector: - matchNames: - - {{ .Release.Namespace | quote }} -{{- end }} diff --git a/charts/postgresql/postgresql/templates/read/statefulset.yaml b/charts/postgresql/postgresql/templates/read/statefulset.yaml deleted file mode 100644 index 4f537e6..0000000 --- a/charts/postgresql/postgresql/templates/read/statefulset.yaml +++ /dev/null @@ -1,578 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if eq .Values.architecture "replication" }} -{{- $customUser := include "postgresql.v1.username" . }} -apiVersion: {{ include "common.capabilities.statefulset.apiVersion" . }} -kind: StatefulSet -metadata: - name: {{ include "postgresql.v1.readReplica.fullname" . }} - namespace: {{ .Release.Namespace | quote }} - {{- $labels := include "common.tplvalues.merge" ( dict "values" ( list .Values.readReplicas.labels .Values.commonLabels ) "context" . ) }} - labels: {{- include "common.labels.standard" ( dict "customLabels" $labels "context" $ ) | nindent 4 }} - app.kubernetes.io/component: read - {{- if or .Values.commonAnnotations .Values.readReplicas.annotations }} - {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.readReplicas.annotations .Values.commonAnnotations ) "context" . ) }} - annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} - {{- end }} -spec: - replicas: {{ .Values.readReplicas.replicaCount }} - serviceName: {{ include "postgresql.v1.readReplica.svc.headless" . }} - {{- if .Values.readReplicas.updateStrategy }} - updateStrategy: {{- toYaml .Values.readReplicas.updateStrategy | nindent 4 }} - {{- end }} - {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.readReplicas.podLabels .Values.commonLabels ) "context" . ) }} - selector: - matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }} - app.kubernetes.io/component: read - template: - metadata: - name: {{ include "postgresql.v1.readReplica.fullname" . }} - labels: {{- include "common.labels.standard" ( dict "customLabels" $podLabels "context" $ ) | nindent 8 }} - app.kubernetes.io/component: read - {{- if or (include "postgresql.v1.readReplicas.createExtendedConfigmap" .) .Values.readReplicas.podAnnotations }} - annotations: - {{- if (include "postgresql.v1.readReplicas.createExtendedConfigmap" .) }} - checksum/extended-configuration: {{ pick (include (print $.Template.BasePath "/primary/extended-configmap.yaml") . | fromYaml) "data" | toYaml | sha256sum }} - {{- end }} - {{- if .Values.readReplicas.podAnnotations }} - {{- include "common.tplvalues.render" ( dict "value" .Values.readReplicas.podAnnotations "context" $ ) | nindent 8 }} - {{- end }} - {{- end }} - spec: - {{- if .Values.readReplicas.extraPodSpec }} - {{- include "common.tplvalues.render" (dict "value" .Values.readReplicas.extraPodSpec "context" $) | nindent 6 }} - {{- end }} - serviceAccountName: {{ include "postgresql.v1.serviceAccountName" . }} - {{- include "postgresql.v1.imagePullSecrets" . | nindent 6 }} - automountServiceAccountToken: {{ .Values.readReplicas.automountServiceAccountToken }} - {{- if .Values.readReplicas.hostAliases }} - hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.readReplicas.hostAliases "context" $) | nindent 8 }} - {{- end }} - {{- if .Values.readReplicas.affinity }} - affinity: {{- include "common.tplvalues.render" (dict "value" .Values.readReplicas.affinity "context" $) | nindent 8 }} - {{- else }} - affinity: - podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.readReplicas.podAffinityPreset "component" "read" "customLabels" $podLabels "context" $) | nindent 10 }} - podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.readReplicas.podAntiAffinityPreset "component" "read" "customLabels" $podLabels "context" $) | nindent 10 }} - nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.readReplicas.nodeAffinityPreset.type "key" .Values.readReplicas.nodeAffinityPreset.key "values" .Values.readReplicas.nodeAffinityPreset.values) | nindent 10 }} - {{- end }} - {{- if .Values.readReplicas.nodeSelector }} - nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.readReplicas.nodeSelector "context" $) | nindent 8 }} - {{- end }} - {{- if .Values.readReplicas.tolerations }} - tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.readReplicas.tolerations "context" $) | nindent 8 }} - {{- end }} - {{- if .Values.readReplicas.topologySpreadConstraints }} - topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.readReplicas.topologySpreadConstraints "context" $) | nindent 8 }} - {{- end }} - {{- if .Values.readReplicas.priorityClassName }} - priorityClassName: {{ .Values.readReplicas.priorityClassName }} - {{- end }} - {{- if .Values.readReplicas.schedulerName }} - schedulerName: {{ .Values.readReplicas.schedulerName | quote }} - {{- end }} - {{- if .Values.readReplicas.terminationGracePeriodSeconds }} - terminationGracePeriodSeconds: {{ .Values.readReplicas.terminationGracePeriodSeconds }} - {{- end }} - {{- if .Values.readReplicas.podSecurityContext.enabled }} - securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.readReplicas.podSecurityContext "context" $) | nindent 8 }} - {{- end }} - hostNetwork: {{ .Values.readReplicas.hostNetwork }} - hostIPC: {{ .Values.readReplicas.hostIPC }} - {{- if or (and .Values.tls.enabled (not .Values.volumePermissions.enabled)) (and .Values.volumePermissions.enabled (or .Values.readReplicas.persistence.enabled .Values.shmVolume.enabled)) .Values.readReplicas.initContainers }} - initContainers: - {{- if and .Values.tls.enabled (not .Values.volumePermissions.enabled) }} - - name: copy-certs - image: {{ include "postgresql.v1.volumePermissions.image" . }} - imagePullPolicy: {{ .Values.volumePermissions.image.pullPolicy | quote }} - {{- if .Values.readReplicas.resources }} - resources: {{- toYaml .Values.readReplicas.resources | nindent 12 }} - {{- else if ne .Values.readReplicas.resourcesPreset "none" }} - resources: {{- include "common.resources.preset" (dict "type" .Values.readReplicas.resourcesPreset) | nindent 12 }} - {{- end }} - # We don't require a privileged container in this case - {{- if .Values.readReplicas.containerSecurityContext.enabled }} - securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.readReplicas.containerSecurityContext "context" $) | nindent 12 }} - {{- end }} - command: - - /bin/sh - - -ec - - | - cp /tmp/certs/* /opt/bitnami/postgresql/certs/ - chmod 600 {{ include "postgresql.v1.tlsCertKey" . }} - volumeMounts: - - name: empty-dir - mountPath: /tmp - subPath: tmp-dir - - name: raw-certificates - mountPath: /tmp/certs - - name: postgresql-certificates - mountPath: /opt/bitnami/postgresql/certs - {{- else if and .Values.volumePermissions.enabled (or .Values.readReplicas.persistence.enabled .Values.shmVolume.enabled) }} - - name: init-chmod-data - image: {{ include "postgresql.v1.volumePermissions.image" . }} - imagePullPolicy: {{ .Values.volumePermissions.image.pullPolicy | quote }} - {{- if .Values.readReplicas.resources }} - resources: {{- toYaml .Values.readReplicas.resources | nindent 12 }} - {{- else if ne .Values.readReplicas.resourcesPreset "none" }} - resources: {{- include "common.resources.preset" (dict "type" .Values.readReplicas.resourcesPreset) | nindent 12 }} - {{- end }} - command: - - /bin/sh - - -ec - - | - {{- if .Values.readReplicas.persistence.enabled }} - {{- if eq ( toString ( .Values.volumePermissions.containerSecurityContext.runAsUser )) "auto" }} - chown `id -u`:`id -G | cut -d " " -f2` {{ .Values.readReplicas.persistence.mountPath }} - {{- else }} - chown {{ .Values.readReplicas.containerSecurityContext.runAsUser }}:{{ .Values.readReplicas.podSecurityContext.fsGroup }} {{ .Values.readReplicas.persistence.mountPath }} - {{- end }} - mkdir -p {{ .Values.readReplicas.persistence.mountPath }}/data {{- if (include "postgresql.v1.mountConfigurationCM" .) }} {{ .Values.readReplicas.persistence.mountPath }}/conf {{- end }} - chmod 700 {{ .Values.readReplicas.persistence.mountPath }}/data {{- if (include "postgresql.v1.mountConfigurationCM" .) }} {{ .Values.readReplicas.persistence.mountPath }}/conf {{- end }} - find {{ .Values.readReplicas.persistence.mountPath }} -mindepth 1 -maxdepth 1 {{- if not (include "postgresql.v1.mountConfigurationCM" .) }} -not -name "conf" {{- end }} -not -name ".snapshot" -not -name "lost+found" | \ - {{- if eq ( toString ( .Values.volumePermissions.containerSecurityContext.runAsUser )) "auto" }} - xargs -r chown -R `id -u`:`id -G | cut -d " " -f2` - {{- else }} - xargs -r chown -R {{ .Values.readReplicas.containerSecurityContext.runAsUser }}:{{ .Values.readReplicas.podSecurityContext.fsGroup }} - {{- end }} - {{- end }} - {{- if .Values.shmVolume.enabled }} - chmod -R 777 /dev/shm - {{- end }} - {{- if .Values.tls.enabled }} - cp /tmp/certs/* /opt/bitnami/postgresql/certs/ - {{- if eq ( toString ( .Values.volumePermissions.containerSecurityContext.runAsUser )) "auto" }} - chown -R `id -u`:`id -G | cut -d " " -f2` /opt/bitnami/postgresql/certs/ - {{- else }} - chown -R {{ .Values.readReplicas.containerSecurityContext.runAsUser }}:{{ .Values.readReplicas.podSecurityContext.fsGroup }} /opt/bitnami/postgresql/certs/ - {{- end }} - chmod 600 {{ include "postgresql.v1.tlsCertKey" . }} - {{- end }} - {{- if eq ( toString ( .Values.volumePermissions.containerSecurityContext.runAsUser )) "auto" }} - securityContext: {{- omit .Values.volumePermissions.containerSecurityContext "runAsUser" | toYaml | nindent 12 }} - {{- else }} - securityContext: {{- .Values.volumePermissions.containerSecurityContext | toYaml | nindent 12 }} - {{- end }} - volumeMounts: - - name: empty-dir - mountPath: /tmp - subPath: tmp-dir - - name: data - mountPath: {{ .Values.readReplicas.persistence.mountPath }} - {{- if .Values.readReplicas.persistence.subPath }} - subPath: {{ .Values.readReplicas.persistence.subPath }} - {{- end }} - {{- if .Values.shmVolume.enabled }} - - name: dshm - mountPath: /dev/shm - {{- end }} - {{- if .Values.tls.enabled }} - - name: raw-certificates - mountPath: /tmp/certs - - name: postgresql-certificates - mountPath: /opt/bitnami/postgresql/certs - {{- end }} - {{- end }} - {{- if .Values.readReplicas.initContainers }} - {{- include "common.tplvalues.render" ( dict "value" .Values.readReplicas.initContainers "context" $ ) | nindent 8 }} - {{- end }} - {{- end }} - containers: - - name: postgresql - image: {{ include "postgresql.v1.image" . }} - imagePullPolicy: {{ .Values.image.pullPolicy | quote }} - {{- if .Values.readReplicas.containerSecurityContext.enabled }} - securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.readReplicas.containerSecurityContext "context" $) | nindent 12 }} - {{- end }} - {{- if .Values.diagnosticMode.enabled }} - command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }} - {{- else if .Values.readReplicas.command }} - command: {{- include "common.tplvalues.render" (dict "value" .Values.readReplicas.command "context" $) | nindent 12 }} - {{- end }} - {{- if .Values.diagnosticMode.enabled }} - args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 12 }} - {{- else if .Values.readReplicas.args }} - args: {{- include "common.tplvalues.render" (dict "value" .Values.readReplicas.args "context" $) | nindent 12 }} - {{- end }} - env: - - name: BITNAMI_DEBUG - value: {{ ternary "true" "false" (or .Values.image.debug .Values.diagnosticMode.enabled) | quote }} - - name: POSTGRESQL_PORT_NUMBER - value: {{ .Values.containerPorts.postgresql | quote }} - - name: POSTGRESQL_VOLUME_DIR - value: {{ .Values.readReplicas.persistence.mountPath | quote }} - {{- if .Values.readReplicas.persistence.mountPath }} - - name: PGDATA - value: {{ .Values.postgresqlDataDir | quote }} - {{- end }} - # Authentication - {{- if or (eq $customUser "postgres") (empty $customUser) }} - {{- if .Values.auth.enablePostgresUser }} - {{- if .Values.auth.usePasswordFiles }} - - name: POSTGRES_PASSWORD_FILE - value: {{ printf "/opt/bitnami/postgresql/secrets/%s" (include "postgresql.v1.adminPasswordKey" .) }} - {{- else }} - - name: POSTGRES_PASSWORD - valueFrom: - secretKeyRef: - name: {{ include "postgresql.v1.secretName" . }} - key: {{ include "postgresql.v1.adminPasswordKey" . }} - {{- end }} - {{- else }} - - name: ALLOW_EMPTY_PASSWORD - value: "true" - {{- end }} - {{- else }} - - name: POSTGRES_USER - value: {{ $customUser | quote }} - {{- if .Values.auth.usePasswordFiles }} - - name: POSTGRES_PASSWORD_FILE - value: {{ printf "/opt/bitnami/postgresql/secrets/%s" (include "postgresql.v1.userPasswordKey" .) }} - {{- else }} - - name: POSTGRES_PASSWORD - valueFrom: - secretKeyRef: - name: {{ include "postgresql.v1.secretName" . }} - key: {{ include "postgresql.v1.userPasswordKey" . }} - {{- end }} - {{- if .Values.auth.enablePostgresUser }} - {{- if .Values.auth.usePasswordFiles }} - - name: POSTGRES_POSTGRES_PASSWORD_FILE - value: {{ printf "/opt/bitnami/postgresql/secrets/%s" (include "postgresql.v1.adminPasswordKey" .) }} - {{- else }} - - name: POSTGRES_POSTGRES_PASSWORD - valueFrom: - secretKeyRef: - name: {{ include "postgresql.v1.secretName" . }} - key: {{ include "postgresql.v1.adminPasswordKey" . }} - {{- end }} - {{- end }} - {{- end }} - # Replication - - name: POSTGRES_REPLICATION_MODE - value: "slave" - - name: POSTGRES_REPLICATION_USER - value: {{ .Values.auth.replicationUsername | quote }} - {{- if .Values.auth.usePasswordFiles }} - - name: POSTGRES_REPLICATION_PASSWORD_FILE - value: {{ printf "/opt/bitnami/postgresql/secrets/%s" (include "postgresql.v1.replicationPasswordKey" .) }} - {{- else }} - - name: POSTGRES_REPLICATION_PASSWORD - valueFrom: - secretKeyRef: - name: {{ include "postgresql.v1.secretName" . }} - key: {{ include "postgresql.v1.replicationPasswordKey" . }} - {{- end }} - - name: POSTGRES_CLUSTER_APP_NAME - value: {{ .Values.replication.applicationName }} - - name: POSTGRES_MASTER_HOST - value: {{ include "postgresql.v1.primary.fullname" . }} - - name: POSTGRES_MASTER_PORT_NUMBER - value: {{ include "postgresql.v1.service.port" . | quote }} - # TLS - - name: POSTGRESQL_ENABLE_TLS - value: {{ ternary "yes" "no" .Values.tls.enabled | quote }} - {{- if .Values.tls.enabled }} - - name: POSTGRESQL_TLS_PREFER_SERVER_CIPHERS - value: {{ ternary "yes" "no" .Values.tls.preferServerCiphers | quote }} - - name: POSTGRESQL_TLS_CERT_FILE - value: {{ include "postgresql.v1.tlsCert" . }} - - name: POSTGRESQL_TLS_KEY_FILE - value: {{ include "postgresql.v1.tlsCertKey" . }} - {{- if .Values.tls.certCAFilename }} - - name: POSTGRESQL_TLS_CA_FILE - value: {{ include "postgresql.v1.tlsCACert" . }} - {{- end }} - {{- if .Values.tls.crlFilename }} - - name: POSTGRESQL_TLS_CRL_FILE - value: {{ include "postgresql.v1.tlsCRL" . }} - {{- end }} - {{- end }} - # Audit - - name: POSTGRESQL_LOG_HOSTNAME - value: {{ .Values.audit.logHostname | quote }} - - name: POSTGRESQL_LOG_CONNECTIONS - value: {{ .Values.audit.logConnections | quote }} - - name: POSTGRESQL_LOG_DISCONNECTIONS - value: {{ .Values.audit.logDisconnections | quote }} - {{- if .Values.audit.logLinePrefix }} - - name: POSTGRESQL_LOG_LINE_PREFIX - value: {{ .Values.audit.logLinePrefix | quote }} - {{- end }} - {{- if .Values.audit.logTimezone }} - - name: POSTGRESQL_LOG_TIMEZONE - value: {{ .Values.audit.logTimezone | quote }} - {{- end }} - {{- if .Values.audit.pgAuditLog }} - - name: POSTGRESQL_PGAUDIT_LOG - value: {{ .Values.audit.pgAuditLog | quote }} - {{- end }} - - name: POSTGRESQL_PGAUDIT_LOG_CATALOG - value: {{ .Values.audit.pgAuditLogCatalog | quote }} - # Others - - name: POSTGRESQL_CLIENT_MIN_MESSAGES - value: {{ .Values.audit.clientMinMessages | quote }} - - name: POSTGRESQL_SHARED_PRELOAD_LIBRARIES - value: {{ .Values.postgresqlSharedPreloadLibraries | quote }} - {{- if .Values.readReplicas.extraEnvVars }} - {{- include "common.tplvalues.render" (dict "value" .Values.readReplicas.extraEnvVars "context" $) | nindent 12 }} - {{- end }} - {{- if or .Values.readReplicas.extraEnvVarsCM .Values.readReplicas.extraEnvVarsSecret }} - envFrom: - {{- if .Values.readReplicas.extraEnvVarsCM }} - - configMapRef: - name: {{ .Values.readReplicas.extraEnvVarsCM }} - {{- end }} - {{- if .Values.readReplicas.extraEnvVarsSecret }} - - secretRef: - name: {{ .Values.readReplicas.extraEnvVarsSecret }} - {{- end }} - {{- end }} - ports: - - name: tcp-postgresql - containerPort: {{ .Values.containerPorts.postgresql }} - {{- if not .Values.diagnosticMode.enabled }} - {{- if .Values.readReplicas.customStartupProbe }} - startupProbe: {{- include "common.tplvalues.render" (dict "value" .Values.readReplicas.customStartupProbe "context" $) | nindent 12 }} - {{- else if .Values.readReplicas.startupProbe.enabled }} - startupProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.readReplicas.startupProbe "enabled") "context" $) | nindent 12 }} - exec: - command: - - /bin/sh - - -c - {{- if (include "postgresql.v1.database" .) }} - - exec pg_isready -U {{ default "postgres" $customUser| quote }} -d "dbname={{ include "postgresql.v1.database" . }} {{- if and .Values.tls.enabled .Values.tls.certCAFilename }} sslcert={{ include "postgresql.v1.tlsCert" . }} sslkey={{ include "postgresql.v1.tlsCertKey" . }}{{- end }}" -h 127.0.0.1 -p {{ .Values.containerPorts.postgresql }} - {{- else }} - - exec pg_isready -U {{ default "postgres" $customUser | quote }} {{- if and .Values.tls.enabled .Values.tls.certCAFilename }} -d "sslcert={{ include "postgresql.v1.tlsCert" . }} sslkey={{ include "postgresql.v1.tlsCertKey" . }}"{{- end }} -h 127.0.0.1 -p {{ .Values.containerPorts.postgresql }} - {{- end }} - {{- end }} - {{- if .Values.readReplicas.customLivenessProbe }} - livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.readReplicas.customLivenessProbe "context" $) | nindent 12 }} - {{- else if .Values.readReplicas.livenessProbe.enabled }} - livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.readReplicas.livenessProbe "enabled") "context" $) | nindent 12 }} - exec: - command: - - /bin/sh - - -c - {{- if (include "postgresql.v1.database" .) }} - - exec pg_isready -U {{ default "postgres" $customUser | quote }} -d "dbname={{ include "postgresql.v1.database" . }} {{- if and .Values.tls.enabled .Values.tls.certCAFilename }} sslcert={{ include "postgresql.v1.tlsCert" . }} sslkey={{ include "postgresql.v1.tlsCertKey" . }}{{- end }}" -h 127.0.0.1 -p {{ .Values.containerPorts.postgresql }} - {{- else }} - - exec pg_isready -U {{default "postgres" $customUser | quote }} {{- if and .Values.tls.enabled .Values.tls.certCAFilename }} -d "sslcert={{ include "postgresql.v1.tlsCert" . }} sslkey={{ include "postgresql.v1.tlsCertKey" . }}"{{- end }} -h 127.0.0.1 -p {{ .Values.containerPorts.postgresql }} - {{- end }} - {{- end }} - {{- if .Values.readReplicas.customReadinessProbe }} - readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.readReplicas.customReadinessProbe "context" $) | nindent 12 }} - {{- else if .Values.readReplicas.readinessProbe.enabled }} - readinessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.readReplicas.readinessProbe "enabled") "context" $) | nindent 12 }} - exec: - command: - - /bin/sh - - -c - - -e - {{- include "postgresql.v1.readinessProbeCommand" . | nindent 16 }} - {{- end }} - {{- end }} - {{- if .Values.readReplicas.resources }} - resources: {{- toYaml .Values.readReplicas.resources | nindent 12 }} - {{- else if ne .Values.readReplicas.resourcesPreset "none" }} - resources: {{- include "common.resources.preset" (dict "type" .Values.readReplicas.resourcesPreset) | nindent 12 }} - {{- end }} - {{- if .Values.readReplicas.lifecycleHooks }} - lifecycle: {{- include "common.tplvalues.render" (dict "value" .Values.readReplicas.lifecycleHooks "context" $) | nindent 12 }} - {{- end }} - volumeMounts: - - name: empty-dir - mountPath: /tmp - subPath: tmp-dir - - name: empty-dir - mountPath: /opt/bitnami/postgresql/conf - subPath: app-conf-dir - - name: empty-dir - mountPath: /opt/bitnami/postgresql/tmp - subPath: app-tmp-dir - {{- if .Values.auth.usePasswordFiles }} - - name: postgresql-password - mountPath: /opt/bitnami/postgresql/secrets/ - {{- end }} - {{- if .Values.readReplicas.extendedConfiguration }} - - name: postgresql-extended-config - mountPath: {{ .Values.readReplicas.persistence.mountPath }}/conf/conf.d/ - {{- end }} - {{- if .Values.tls.enabled }} - - name: postgresql-certificates - mountPath: /opt/bitnami/postgresql/certs - readOnly: true - {{- end }} - {{- if .Values.shmVolume.enabled }} - - name: dshm - mountPath: /dev/shm - {{- end }} - - name: data - mountPath: {{ .Values.readReplicas.persistence.mountPath }} - {{- if .Values.readReplicas.persistence.subPath }} - subPath: {{ .Values.readReplicas.persistence.subPath }} - {{- end }} - {{- if .Values.readReplicas.extraVolumeMounts }} - {{- include "common.tplvalues.render" (dict "value" .Values.readReplicas.extraVolumeMounts "context" $) | nindent 12 }} - {{- end }} - {{- if .Values.metrics.enabled }} - - name: metrics - image: {{ include "postgresql.v1.metrics.image" . }} - imagePullPolicy: {{ .Values.metrics.image.pullPolicy | quote }} - {{- if .Values.metrics.containerSecurityContext.enabled }} - securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.metrics.containerSecurityContext "context" $) | nindent 12 }} - {{- end }} - {{- if .Values.diagnosticMode.enabled }} - command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }} - args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 12 }} - {{- else if .Values.metrics.customMetrics }} - args: [ "--extend.query-path", "/conf/custom-metrics.yaml" ] - {{- end }} - env: - - name: DATA_SOURCE_URI - value: {{ printf "127.0.0.1:%d/postgres?sslmode=disable" (int (include "postgresql.v1.service.port" .)) }} - {{- if .Values.auth.usePasswordFiles }} - - name: DATA_SOURCE_PASS_FILE - value: {{ printf "/opt/bitnami/postgresql/secrets/%s" (include "postgresql.v1.userPasswordKey" .) }} - {{- else }} - - name: DATA_SOURCE_PASS - valueFrom: - secretKeyRef: - name: {{ include "postgresql.v1.secretName" . }} - key: {{ include "postgresql.v1.userPasswordKey" . }} - {{- end }} - - name: DATA_SOURCE_USER - value: {{ default "postgres" $customUser | quote }} - {{- if .Values.metrics.extraEnvVars }} - {{- include "common.tplvalues.render" (dict "value" .Values.metrics.extraEnvVars "context" $) | nindent 12 }} - {{- end }} - ports: - - name: http-metrics - containerPort: {{ .Values.metrics.containerPorts.metrics }} - {{- if not .Values.diagnosticMode.enabled }} - {{- if .Values.metrics.customStartupProbe }} - startupProbe: {{- include "common.tplvalues.render" (dict "value" .Values.metrics.customStartupProbe "context" $) | nindent 12 }} - {{- else if .Values.metrics.startupProbe.enabled }} - startupProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.metrics.startupProbe "enabled") "context" $) | nindent 12 }} - tcpSocket: - port: http-metrics - {{- end }} - {{- if .Values.metrics.customLivenessProbe }} - livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.metrics.customLivenessProbe "context" $) | nindent 12 }} - {{- else if .Values.metrics.livenessProbe.enabled }} - livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.metrics.livenessProbe "enabled") "context" $) | nindent 12 }} - httpGet: - path: / - port: http-metrics - {{- end }} - {{- if .Values.metrics.customReadinessProbe }} - readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.metrics.customReadinessProbe "context" $) | nindent 12 }} - {{- else if .Values.metrics.readinessProbe.enabled }} - readinessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.metrics.readinessProbe "enabled") "context" $) | nindent 12 }} - httpGet: - path: / - port: http-metrics - {{- end }} - {{- end }} - volumeMounts: - - name: empty-dir - mountPath: /tmp - subPath: tmp-dir - {{- if .Values.auth.usePasswordFiles }} - - name: postgresql-password - mountPath: /opt/bitnami/postgresql/secrets/ - {{- end }} - {{- if .Values.metrics.customMetrics }} - - name: custom-metrics - mountPath: /conf - readOnly: true - {{- end }} - {{- if .Values.metrics.resources }} - resources: {{- toYaml .Values.metrics.resources | nindent 12 }} - {{- else if ne .Values.metrics.resourcesPreset "none" }} - resources: {{- include "common.resources.preset" (dict "type" .Values.metrics.resourcesPreset) | nindent 12 }} - {{- end }} - {{- end }} - {{- if .Values.readReplicas.sidecars }} - {{- include "common.tplvalues.render" ( dict "value" .Values.readReplicas.sidecars "context" $ ) | nindent 8 }} - {{- end }} - volumes: - {{- if .Values.readReplicas.extendedConfiguration }} - - name: postgresql-extended-config - configMap: - name: {{ include "postgresql.v1.readReplicas.extendedConfigmapName" . }} - {{- end }} - {{- if .Values.auth.usePasswordFiles }} - - name: postgresql-password - secret: - secretName: {{ include "postgresql.v1.secretName" . }} - {{- end }} - {{- if .Values.tls.enabled }} - - name: raw-certificates - secret: - secretName: {{ include "postgresql.v1.tlsSecretName" . }} - - name: postgresql-certificates - emptyDir: {} - {{- end }} - {{- if and .Values.metrics.enabled .Values.metrics.customMetrics }} - - name: custom-metrics - configMap: - name: {{ printf "%s-metrics" (include "postgresql.v1.readReplica.fullname" .) }} - {{- end }} - {{- if .Values.shmVolume.enabled }} - - name: dshm - emptyDir: - medium: Memory - {{- if .Values.shmVolume.sizeLimit }} - sizeLimit: {{ .Values.shmVolume.sizeLimit }} - {{- end }} - {{- end }} - - name: empty-dir - emptyDir: {} - {{- if .Values.readReplicas.extraVolumes }} - {{- include "common.tplvalues.render" ( dict "value" .Values.readReplicas.extraVolumes "context" $ ) | nindent 8 }} - {{- end }} - {{- if and .Values.readReplicas.persistence.enabled .Values.readReplicas.persistence.existingClaim }} - - name: data - persistentVolumeClaim: - claimName: {{ tpl .Values.readReplicas.persistence.existingClaim $ }} - {{- else if not .Values.readReplicas.persistence.enabled }} - - name: data - emptyDir: {} - {{- else }} - {{- if .Values.readReplicas.persistentVolumeClaimRetentionPolicy.enabled }} - persistentVolumeClaimRetentionPolicy: - whenDeleted: {{ .Values.readReplicas.persistentVolumeClaimRetentionPolicy.whenDeleted }} - whenScaled: {{ .Values.readReplicas.persistentVolumeClaimRetentionPolicy.whenScaled }} - {{- end }} - volumeClaimTemplates: - - apiVersion: v1 - kind: PersistentVolumeClaim - metadata: - name: data - {{- if .Values.readReplicas.persistence.annotations }} - annotations: {{- include "common.tplvalues.render" (dict "value" .Values.readReplicas.persistence.annotations "context" $) | nindent 10 }} - {{- end }} - {{- if .Values.readReplicas.persistence.labels }} - labels: {{- include "common.tplvalues.render" (dict "value" .Values.readReplicas.persistence.labels "context" $) | nindent 10 }} - {{- end }} - spec: - accessModes: - {{- range .Values.readReplicas.persistence.accessModes }} - - {{ . | quote }} - {{- end }} - {{- if .Values.readReplicas.persistence.dataSource }} - dataSource: {{- include "common.tplvalues.render" (dict "value" .Values.readReplicas.persistence.dataSource "context" $) | nindent 10 }} - {{- end }} - resources: - requests: - storage: {{ .Values.readReplicas.persistence.size | quote }} - {{- if .Values.readReplicas.persistence.selector }} - selector: {{- include "common.tplvalues.render" (dict "value" .Values.readReplicas.persistence.selector "context" $) | nindent 10 }} - {{- end -}} - {{- include "common.storage.class" (dict "persistence" .Values.readReplicas.persistence "global" .Values.global) | nindent 8 }} - {{- end }} -{{- end }} diff --git a/charts/postgresql/postgresql/templates/read/svc-headless.yaml b/charts/postgresql/postgresql/templates/read/svc-headless.yaml deleted file mode 100644 index ef44601..0000000 --- a/charts/postgresql/postgresql/templates/read/svc-headless.yaml +++ /dev/null @@ -1,33 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if eq .Values.architecture "replication" }} -apiVersion: v1 -kind: Service -metadata: - name: {{ include "postgresql.v1.readReplica.svc.headless" . }} - namespace: {{ .Release.Namespace | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - app.kubernetes.io/component: read - annotations: - {{- if or .Values.readReplicas.service.headless.annotations .Values.commonAnnotations }} - {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.readReplicas.service.headless.annotations .Values.commonAnnotations ) "context" . ) }} - {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} - {{- end }} -spec: - type: ClusterIP - clusterIP: None - # We want all pods in the StatefulSet to have their addresses published for - # the sake of the other Postgresql pods even before they're ready, since they - # have to be able to talk to each other in order to become ready. - publishNotReadyAddresses: true - ports: - - name: tcp-postgresql - port: {{ include "postgresql.v1.readReplica.service.port" . }} - targetPort: tcp-postgresql - {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.readReplicas.podLabels .Values.commonLabels ) "context" . ) }} - selector: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 4 }} - app.kubernetes.io/component: read -{{- end }} diff --git a/charts/postgresql/postgresql/templates/read/svc.yaml b/charts/postgresql/postgresql/templates/read/svc.yaml deleted file mode 100644 index d230acb..0000000 --- a/charts/postgresql/postgresql/templates/read/svc.yaml +++ /dev/null @@ -1,56 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if eq .Values.architecture "replication" }} -apiVersion: v1 -kind: Service -metadata: - name: {{ include "postgresql.v1.readReplica.fullname" . }} - namespace: {{ .Release.Namespace | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - app.kubernetes.io/component: read - {{- if or .Values.commonAnnotations .Values.readReplicas.service.annotations }} - {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.readReplicas.service.annotations .Values.commonAnnotations ) "context" . ) }} - annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} - {{- end }} -spec: - type: {{ .Values.readReplicas.service.type }} - {{- if or (eq .Values.readReplicas.service.type "LoadBalancer") (eq .Values.readReplicas.service.type "NodePort") }} - externalTrafficPolicy: {{ .Values.readReplicas.service.externalTrafficPolicy | quote }} - {{- end }} - {{- if and (eq .Values.readReplicas.service.type "LoadBalancer") (not (empty .Values.readReplicas.service.loadBalancerSourceRanges)) }} - loadBalancerSourceRanges: {{ .Values.readReplicas.service.loadBalancerSourceRanges }} - {{- end }} - {{- if and (eq .Values.readReplicas.service.type "LoadBalancer") (not (empty .Values.readReplicas.service.loadBalancerClass)) }} - loadBalancerClass: {{ .Values.readReplicas.service.loadBalancerClass }} - {{- end }} - {{- if and (eq .Values.readReplicas.service.type "LoadBalancer") (not (empty .Values.readReplicas.service.loadBalancerIP)) }} - loadBalancerIP: {{ .Values.readReplicas.service.loadBalancerIP }} - {{- end }} - {{- if and .Values.readReplicas.service.clusterIP (eq .Values.readReplicas.service.type "ClusterIP") }} - clusterIP: {{ .Values.readReplicas.service.clusterIP }} - {{- end }} - {{- if .Values.readReplicas.service.sessionAffinity }} - sessionAffinity: {{ .Values.readReplicas.service.sessionAffinity }} - {{- end }} - {{- if .Values.readReplicas.service.sessionAffinityConfig }} - sessionAffinityConfig: {{- include "common.tplvalues.render" (dict "value" .Values.readReplicas.service.sessionAffinityConfig "context" $) | nindent 4 }} - {{- end }} - ports: - - name: tcp-postgresql - port: {{ include "postgresql.v1.readReplica.service.port" . }} - targetPort: tcp-postgresql - {{- if and (or (eq .Values.readReplicas.service.type "NodePort") (eq .Values.readReplicas.service.type "LoadBalancer")) (not (empty .Values.readReplicas.service.nodePorts.postgresql)) }} - nodePort: {{ .Values.readReplicas.service.nodePorts.postgresql }} - {{- else if eq .Values.readReplicas.service.type "ClusterIP" }} - nodePort: null - {{- end }} - {{- if .Values.readReplicas.service.extraPorts }} - {{- include "common.tplvalues.render" (dict "value" .Values.readReplicas.service.extraPorts "context" $) | nindent 4 }} - {{- end }} - {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.readReplicas.podLabels .Values.commonLabels ) "context" . ) }} - selector: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 4 }} - app.kubernetes.io/component: read -{{- end }} diff --git a/charts/postgresql/postgresql/templates/role.yaml b/charts/postgresql/postgresql/templates/role.yaml deleted file mode 100644 index 12cd212..0000000 --- a/charts/postgresql/postgresql/templates/role.yaml +++ /dev/null @@ -1,32 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if .Values.rbac.create }} -kind: Role -apiVersion: {{ include "common.capabilities.rbac.apiVersion" . }} -metadata: - name: {{ include "common.names.fullname" . }} - namespace: {{ .Release.Namespace | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -# yamllint disable rule:indentation -rules: - {{- if and (include "common.capabilities.psp.supported" .) .Values.psp.create }} - - apiGroups: - - 'policy' - resources: - - 'podsecuritypolicies' - verbs: - - 'use' - resourceNames: - - {{ include "common.names.fullname" . }} - {{- end }} - {{- if .Values.rbac.rules }} - {{- include "common.tplvalues.render" ( dict "value" .Values.rbac.rules "context" $ ) | nindent 2 }} - {{- end }} -# yamllint enable rule:indentation -{{- end }} diff --git a/charts/postgresql/postgresql/templates/rolebinding.yaml b/charts/postgresql/postgresql/templates/rolebinding.yaml deleted file mode 100644 index 2ee30a4..0000000 --- a/charts/postgresql/postgresql/templates/rolebinding.yaml +++ /dev/null @@ -1,24 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if .Values.rbac.create }} -kind: RoleBinding -apiVersion: {{ include "common.capabilities.rbac.apiVersion" . }} -metadata: - name: {{ include "common.names.fullname" . }} - namespace: {{ .Release.Namespace | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -roleRef: - kind: Role - name: {{ include "common.names.fullname" . }} - apiGroup: rbac.authorization.k8s.io -subjects: - - kind: ServiceAccount - name: {{ include "postgresql.v1.serviceAccountName" . }} - namespace: {{ .Release.Namespace | quote }} -{{- end }} diff --git a/charts/postgresql/postgresql/templates/secrets.yaml b/charts/postgresql/postgresql/templates/secrets.yaml deleted file mode 100644 index 2fcf64c..0000000 --- a/charts/postgresql/postgresql/templates/secrets.yaml +++ /dev/null @@ -1,99 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- $host := include "postgresql.v1.primary.fullname" . }} -{{- $port := include "postgresql.v1.service.port" . }} -{{- $customUser := include "postgresql.v1.username" . }} -{{- $postgresPassword := include "common.secrets.lookup" (dict "secret" (include "postgresql.v1.secretName" .) "key" (coalesce .Values.global.postgresql.auth.secretKeys.adminPasswordKey .Values.auth.secretKeys.adminPasswordKey) "defaultValue" (ternary (coalesce .Values.global.postgresql.auth.password .Values.auth.password .Values.global.postgresql.auth.postgresPassword .Values.auth.postgresPassword) (coalesce .Values.global.postgresql.auth.postgresPassword .Values.auth.postgresPassword) (or (empty $customUser) (eq $customUser "postgres"))) "context" $) | trimAll "\"" | b64dec }} -{{- if and (not $postgresPassword) .Values.auth.enablePostgresUser }} -{{- $postgresPassword = randAlphaNum 10 }} -{{- end }} -{{- $replicationPassword := "" }} -{{- if eq .Values.architecture "replication" }} -{{- $replicationPassword = include "common.secrets.passwords.manage" (dict "secret" (include "postgresql.v1.secretName" .) "key" (coalesce .Values.global.postgresql.auth.secretKeys.replicationPasswordKey .Values.auth.secretKeys.replicationPasswordKey) "providedValues" (list "auth.replicationPassword") "context" $) | trimAll "\"" | b64dec }} -{{- end }} -{{- $ldapPassword := "" }} -{{- if and .Values.ldap.enabled (or .Values.ldap.bind_password .Values.ldap.bindpw) }} -{{- $ldapPassword = coalesce .Values.ldap.bind_password .Values.ldap.bindpw }} -{{- end }} -{{- $password := "" }} -{{- if and (not (empty $customUser)) (ne $customUser "postgres") }} -{{- $password = include "common.secrets.passwords.manage" (dict "secret" (include "postgresql.v1.secretName" .) "key" (coalesce .Values.global.postgresql.auth.secretKeys.userPasswordKey .Values.auth.secretKeys.userPasswordKey) "providedValues" (list "global.postgresql.auth.password" "auth.password") "context" $) | trimAll "\"" | b64dec }} -{{- end }} -{{- $database := include "postgresql.v1.database" . }} -{{- if (include "postgresql.v1.createSecret" .) }} -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.names.fullname" . }} - namespace: {{ .Release.Namespace | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -type: Opaque -data: - {{- if $postgresPassword }} - postgres-password: {{ $postgresPassword | b64enc | quote }} - {{- end }} - {{- if $password }} - password: {{ $password | b64enc | quote }} - {{- end }} - {{- if $replicationPassword }} - replication-password: {{ $replicationPassword | b64enc | quote }} - {{- end }} - # We don't auto-generate LDAP password when it's not provided as we do for other passwords - {{- if and .Values.ldap.enabled (or .Values.ldap.bind_password .Values.ldap.bindpw) }} - ldap-password: {{ $ldapPassword | b64enc | quote }} - {{- end }} -{{- end }} -{{- if .Values.serviceBindings.enabled }} -{{- if $postgresPassword }} ---- -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.names.fullname" . }}-svcbind-postgres - namespace: {{ .Release.Namespace | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -type: servicebinding.io/postgresql -data: - provider: {{ print "bitnami" | b64enc | quote }} - type: {{ print "postgresql" | b64enc | quote }} - host: {{ $host | b64enc | quote }} - port: {{ $port | b64enc | quote }} - username: {{ print "postgres" | b64enc | quote }} - database: {{ print "postgres" | b64enc | quote }} - password: {{ $postgresPassword | b64enc | quote }} - uri: {{ printf "postgresql://postgres:%s@%s:%s/postgres" $postgresPassword $host $port | b64enc | quote }} -{{- end }} -{{- if $password }} ---- -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.names.fullname" . }}-svcbind-custom-user - namespace: {{ .Release.Namespace | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -type: servicebinding.io/postgresql -data: - provider: {{ print "bitnami" | b64enc | quote }} - type: {{ print "postgresql" | b64enc | quote }} - host: {{ $host | b64enc | quote }} - port: {{ $port | b64enc | quote }} - username: {{ $customUser | b64enc | quote }} - password: {{ $password | b64enc | quote }} - {{- if $database }} - database: {{ $database | b64enc | quote }} - {{- end }} - uri: {{ printf "postgresql://%s:%s@%s:%s/%s" $customUser $password $host $port $database | b64enc | quote }} -{{- end }} -{{- end }} diff --git a/charts/postgresql/postgresql/templates/serviceaccount.yaml b/charts/postgresql/postgresql/templates/serviceaccount.yaml deleted file mode 100644 index 93efa64..0000000 --- a/charts/postgresql/postgresql/templates/serviceaccount.yaml +++ /dev/null @@ -1,18 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if .Values.serviceAccount.create }} -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ include "postgresql.v1.serviceAccountName" . }} - namespace: {{ .Release.Namespace | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- if or .Values.serviceAccount.annotations .Values.commonAnnotations }} - {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.serviceAccount.annotations .Values.commonAnnotations ) "context" . ) }} - annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} - {{- end }} -automountServiceAccountToken: {{ .Values.serviceAccount.automountServiceAccountToken }} -{{- end }} diff --git a/charts/postgresql/postgresql/templates/tls-secrets.yaml b/charts/postgresql/postgresql/templates/tls-secrets.yaml deleted file mode 100644 index 2e992d6..0000000 --- a/charts/postgresql/postgresql/templates/tls-secrets.yaml +++ /dev/null @@ -1,30 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if (include "postgresql.v1.createTlsSecret" . ) }} -{{- $secretName := printf "%s-crt" (include "common.names.fullname" .) }} -{{- $ca := genCA "postgresql-ca" 365 }} -{{- $fullname := include "common.names.fullname" . }} -{{- $releaseNamespace := .Release.Namespace }} -{{- $clusterDomain := .Values.clusterDomain }} -{{- $primaryHeadlessServiceName := include "postgresql.v1.primary.svc.headless" . }} -{{- $readHeadlessServiceName := include "postgresql.v1.readReplica.svc.headless" . }} -{{- $altNames := list (printf "*.%s.%s.svc.%s" $fullname $releaseNamespace $clusterDomain) (printf "%s.%s.svc.%s" $fullname $releaseNamespace $clusterDomain) (printf "*.%s.%s.svc.%s" $primaryHeadlessServiceName $releaseNamespace $clusterDomain) (printf "%s.%s.svc.%s" $primaryHeadlessServiceName $releaseNamespace $clusterDomain) (printf "*.%s.%s.svc.%s" $readHeadlessServiceName $releaseNamespace $clusterDomain) (printf "%s.%s.svc.%s" $readHeadlessServiceName $releaseNamespace $clusterDomain) $fullname }} -{{- $cert := genSignedCert $fullname nil $altNames 365 $ca }} -apiVersion: v1 -kind: Secret -metadata: - name: {{ $secretName }} - namespace: {{ .Release.Namespace | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -type: kubernetes.io/tls -data: - tls.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.crt" "defaultValue" $cert.Cert "context" $) }} - tls.key: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.key" "defaultValue" $cert.Key "context" $) }} - ca.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "ca.crt" "defaultValue" $ca.Cert "context" $) }} -{{- end }} diff --git a/charts/postgresql/postgresql/values.schema.json b/charts/postgresql/postgresql/values.schema.json deleted file mode 100644 index fc41483..0000000 --- a/charts/postgresql/postgresql/values.schema.json +++ /dev/null @@ -1,156 +0,0 @@ -{ - "$schema": "http://json-schema.org/schema#", - "type": "object", - "properties": { - "architecture": { - "type": "string", - "title": "PostgreSQL architecture", - "form": true, - "description": "Allowed values: `standalone` or `replication`" - }, - "auth": { - "type": "object", - "title": "Authentication configuration", - "form": true, - "properties": { - "enablePostgresUser": { - "type": "boolean", - "title": "Enable \"postgres\" admin user", - "description": "Assign a password to the \"postgres\" admin user. Otherwise, remote access will be blocked for this user", - "form": true - }, - "postgresPassword": { - "type": "string", - "title": "Password for the \"postgres\" admin user", - "description": "Defaults to a random 10-character alphanumeric string if not set", - "form": true - }, - "database": { - "type": "string", - "title": "PostgreSQL custom database", - "description": "Name of the custom database to be created during the 1st initialization of PostgreSQL", - "form": true - }, - "username": { - "type": "string", - "title": "PostgreSQL custom user", - "description": "Name of the custom user to be created during the 1st initialization of PostgreSQL. This user only has permissions on the PostgreSQL custom database", - "form": true - }, - "password": { - "type": "string", - "title": "Password for the custom user to create", - "description": "Defaults to a random 10-character alphanumeric string if not set", - "form": true - }, - "replicationUsername": { - "type": "string", - "title": "PostgreSQL replication user", - "description": "Name of user used to manage replication.", - "form": true, - "hidden": { - "value": "standalone", - "path": "architecture" - } - }, - "replicationPassword": { - "type": "string", - "title": "Password for PostgreSQL replication user", - "description": "Defaults to a random 10-character alphanumeric string if not set", - "form": true, - "hidden": { - "value": "standalone", - "path": "architecture" - } - } - } - }, - "persistence": { - "type": "object", - "properties": { - "size": { - "type": "string", - "title": "Persistent Volume Size", - "form": true, - "render": "slider", - "sliderMin": 1, - "sliderMax": 100, - "sliderUnit": "Gi" - } - } - }, - "resources": { - "type": "object", - "title": "Required Resources", - "description": "Configure resource requests", - "form": true, - "properties": { - "requests": { - "type": "object", - "properties": { - "memory": { - "type": "string", - "form": true, - "render": "slider", - "title": "Memory Request", - "sliderMin": 10, - "sliderMax": 2048, - "sliderUnit": "Mi" - }, - "cpu": { - "type": "string", - "form": true, - "render": "slider", - "title": "CPU Request", - "sliderMin": 10, - "sliderMax": 2000, - "sliderUnit": "m" - } - } - } - } - }, - "replication": { - "type": "object", - "form": true, - "title": "Replication Details", - "properties": { - "enabled": { - "type": "boolean", - "title": "Enable Replication", - "form": true - }, - "readReplicas": { - "type": "integer", - "title": "read Replicas", - "form": true, - "hidden": { - "value": "standalone", - "path": "architecture" - } - } - } - }, - "volumePermissions": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "form": true, - "title": "Enable Init Containers", - "description": "Change the owner of the persist volume mountpoint to RunAsUser:fsGroup" - } - } - }, - "metrics": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "title": "Configure metrics exporter", - "form": true - } - } - } - } -} diff --git a/charts/postgresql/postgresql/values.yaml b/charts/postgresql/postgresql/values.yaml deleted file mode 100644 index fba84bc..0000000 --- a/charts/postgresql/postgresql/values.yaml +++ /dev/null @@ -1,1780 +0,0 @@ -# Copyright Broadcom, Inc. All Rights Reserved. -# SPDX-License-Identifier: APACHE-2.0 - -## @section Global parameters -## Please, note that this will override the parameters, including dependencies, configured to use the global value -## -global: - ## @param global.imageRegistry Global Docker image registry - ## - imageRegistry: "" - ## @param global.imagePullSecrets Global Docker registry secret names as an array - ## e.g. - ## imagePullSecrets: - ## - myRegistryKeySecretName - ## - imagePullSecrets: [] - ## @param global.defaultStorageClass Global default StorageClass for Persistent Volume(s) -## @param global.storageClass DEPRECATED: use global.defaultStorageClass instead - ## - defaultStorageClass: "" - storageClass: "" - postgresql: - ## @param global.postgresql.auth.postgresPassword Password for the "postgres" admin user (overrides `auth.postgresPassword`) - ## @param global.postgresql.auth.username Name for a custom user to create (overrides `auth.username`) - ## @param global.postgresql.auth.password Password for the custom user to create (overrides `auth.password`) - ## @param global.postgresql.auth.database Name for a custom database to create (overrides `auth.database`) - ## @param global.postgresql.auth.existingSecret Name of existing secret to use for PostgreSQL credentials (overrides `auth.existingSecret`). - ## @param global.postgresql.auth.secretKeys.adminPasswordKey Name of key in existing secret to use for PostgreSQL credentials (overrides `auth.secretKeys.adminPasswordKey`). Only used when `global.postgresql.auth.existingSecret` is set. - ## @param global.postgresql.auth.secretKeys.userPasswordKey Name of key in existing secret to use for PostgreSQL credentials (overrides `auth.secretKeys.userPasswordKey`). Only used when `global.postgresql.auth.existingSecret` is set. - ## @param global.postgresql.auth.secretKeys.replicationPasswordKey Name of key in existing secret to use for PostgreSQL credentials (overrides `auth.secretKeys.replicationPasswordKey`). Only used when `global.postgresql.auth.existingSecret` is set. - ## - auth: - postgresPassword: "" - username: "" - password: "" - database: "" - existingSecret: "" - secretKeys: - adminPasswordKey: "" - userPasswordKey: "" - replicationPasswordKey: "" - ## @param global.postgresql.service.ports.postgresql PostgreSQL service port (overrides `service.ports.postgresql`) - ## - service: - ports: - postgresql: "" - ## Compatibility adaptations for Kubernetes platforms - ## - compatibility: - ## Compatibility adaptations for Openshift - ## - openshift: - ## @param global.compatibility.openshift.adaptSecurityContext Adapt the securityContext sections of the deployment to make them compatible with Openshift restricted-v2 SCC: remove runAsUser, runAsGroup and fsGroup and let the platform use their allowed default IDs. Possible values: auto (apply if the detected running cluster is Openshift), force (perform the adaptation always), disabled (do not perform adaptation) - ## - adaptSecurityContext: auto -## @section Common parameters -## - -## @param kubeVersion Override Kubernetes version -## -kubeVersion: "" -## @param nameOverride String to partially override common.names.fullname template (will maintain the release name) -## -nameOverride: "" -## @param fullnameOverride String to fully override common.names.fullname template -## -fullnameOverride: "" -## @param clusterDomain Kubernetes Cluster Domain -## -clusterDomain: cluster.local -## @param extraDeploy Array of extra objects to deploy with the release (evaluated as a template) -## -extraDeploy: [] -## @param commonLabels Add labels to all the deployed resources -## -commonLabels: {} -## @param commonAnnotations Add annotations to all the deployed resources -## -commonAnnotations: {} -## Enable diagnostic mode in the statefulset -## -diagnosticMode: - ## @param diagnosticMode.enabled Enable diagnostic mode (all probes will be disabled and the command will be overridden) - ## - enabled: false - ## @param diagnosticMode.command Command to override all containers in the statefulset - ## - command: - - sleep - ## @param diagnosticMode.args Args to override all containers in the statefulset - ## - args: - - infinity -## @section PostgreSQL common parameters -## - -## Bitnami PostgreSQL image version -## ref: https://hub.docker.com/r/bitnami/postgresql/tags/ -## @param image.registry [default: REGISTRY_NAME] PostgreSQL image registry -## @param image.repository [default: REPOSITORY_NAME/postgresql] PostgreSQL image repository -## @skip image.tag PostgreSQL image tag (immutable tags are recommended) -## @param image.digest PostgreSQL image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag -## @param image.pullPolicy PostgreSQL image pull policy -## @param image.pullSecrets Specify image pull secrets -## @param image.debug Specify if debug values should be set -## -image: - registry: docker.io - repository: bitnami/postgresql - tag: 16.3.0-debian-12-r19 - digest: "" - ## Specify a imagePullPolicy - ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' - ## ref: https://kubernetes.io/docs/concepts/containers/images/#pre-pulled-images - ## - pullPolicy: IfNotPresent - ## Optionally specify an array of imagePullSecrets. - ## Secrets must be manually created in the namespace. - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ - ## Example: - ## pullSecrets: - ## - myRegistryKeySecretName - ## - pullSecrets: [] - ## Set to true if you would like to see extra information on logs - ## - debug: false -## Authentication parameters -## ref: https://github.com/bitnami/containers/tree/main/bitnami/postgresql#setting-the-root-password-on-first-run -## ref: https://github.com/bitnami/containers/tree/main/bitnami/postgresql#creating-a-database-on-first-run -## ref: https://github.com/bitnami/containers/tree/main/bitnami/postgresql#creating-a-database-user-on-first-run -## -auth: - ## @param auth.enablePostgresUser Assign a password to the "postgres" admin user. Otherwise, remote access will be blocked for this user - ## - enablePostgresUser: true - ## @param auth.postgresPassword Password for the "postgres" admin user. Ignored if `auth.existingSecret` is provided - ## - postgresPassword: "" - ## @param auth.username Name for a custom user to create - ## - username: "" - ## @param auth.password Password for the custom user to create. Ignored if `auth.existingSecret` is provided - ## - password: "" - ## @param auth.database Name for a custom database to create - ## - database: "" - ## @param auth.replicationUsername Name of the replication user - ## - replicationUsername: repl_user - ## @param auth.replicationPassword Password for the replication user. Ignored if `auth.existingSecret` is provided - ## - replicationPassword: "" - ## @param auth.existingSecret Name of existing secret to use for PostgreSQL credentials. `auth.postgresPassword`, `auth.password`, and `auth.replicationPassword` will be ignored and picked up from this secret. The secret might also contains the key `ldap-password` if LDAP is enabled. `ldap.bind_password` will be ignored and picked from this secret in this case. - ## - existingSecret: "" - ## @param auth.secretKeys.adminPasswordKey Name of key in existing secret to use for PostgreSQL credentials. Only used when `auth.existingSecret` is set. - ## @param auth.secretKeys.userPasswordKey Name of key in existing secret to use for PostgreSQL credentials. Only used when `auth.existingSecret` is set. - ## @param auth.secretKeys.replicationPasswordKey Name of key in existing secret to use for PostgreSQL credentials. Only used when `auth.existingSecret` is set. - ## - secretKeys: - adminPasswordKey: postgres-password - userPasswordKey: password - replicationPasswordKey: replication-password - ## @param auth.usePasswordFiles Mount credentials as a files instead of using an environment variable - ## - usePasswordFiles: false -## @param architecture PostgreSQL architecture (`standalone` or `replication`) -## -architecture: standalone -## Replication configuration -## Ignored if `architecture` is `standalone` -## -replication: - ## @param replication.synchronousCommit Set synchronous commit mode. Allowed values: `on`, `remote_apply`, `remote_write`, `local` and `off` - ## @param replication.numSynchronousReplicas Number of replicas that will have synchronous replication. Note: Cannot be greater than `readReplicas.replicaCount`. - ## ref: https://www.postgresql.org/docs/current/runtime-config-wal.html#GUC-SYNCHRONOUS-COMMIT - ## - synchronousCommit: "off" - numSynchronousReplicas: 0 - ## @param replication.applicationName Cluster application name. Useful for advanced replication settings - ## - applicationName: my_application -## @param containerPorts.postgresql PostgreSQL container port -## -containerPorts: - postgresql: 5432 -## Audit settings -## https://github.com/bitnami/containers/tree/main/bitnami/postgresql#auditing -## @param audit.logHostname Log client hostnames -## @param audit.logConnections Add client log-in operations to the log file -## @param audit.logDisconnections Add client log-outs operations to the log file -## @param audit.pgAuditLog Add operations to log using the pgAudit extension -## @param audit.pgAuditLogCatalog Log catalog using pgAudit -## @param audit.clientMinMessages Message log level to share with the user -## @param audit.logLinePrefix Template for log line prefix (default if not set) -## @param audit.logTimezone Timezone for the log timestamps -## -audit: - logHostname: false - logConnections: false - logDisconnections: false - pgAuditLog: "" - pgAuditLogCatalog: "off" - clientMinMessages: error - logLinePrefix: "" - logTimezone: "" -## LDAP configuration -## @param ldap.enabled Enable LDAP support -## DEPRECATED ldap.url It will removed in a future, please use 'ldap.uri' instead -## @param ldap.server IP address or name of the LDAP server. -## @param ldap.port Port number on the LDAP server to connect to -## @param ldap.prefix String to prepend to the user name when forming the DN to bind -## @param ldap.suffix String to append to the user name when forming the DN to bind -## DEPRECATED ldap.baseDN It will removed in a future, please use 'ldap.basedn' instead -## DEPRECATED ldap.bindDN It will removed in a future, please use 'ldap.binddn' instead -## DEPRECATED ldap.bind_password It will removed in a future, please use 'ldap.bindpw' instead -## @param ldap.basedn Root DN to begin the search for the user in -## @param ldap.binddn DN of user to bind to LDAP -## @param ldap.bindpw Password for the user to bind to LDAP -## DEPRECATED ldap.search_attr It will removed in a future, please use 'ldap.searchAttribute' instead -## DEPRECATED ldap.search_filter It will removed in a future, please use 'ldap.searchFilter' instead -## @param ldap.searchAttribute Attribute to match against the user name in the search -## @param ldap.searchFilter The search filter to use when doing search+bind authentication -## @param ldap.scheme Set to `ldaps` to use LDAPS -## DEPRECATED ldap.tls as string is deprecated, please use 'ldap.tls.enabled' instead -## @param ldap.tls.enabled Se to true to enable TLS encryption -## -ldap: - enabled: false - server: "" - port: "" - prefix: "" - suffix: "" - basedn: "" - binddn: "" - bindpw: "" - searchAttribute: "" - searchFilter: "" - scheme: "" - tls: - enabled: false - ## @param ldap.uri LDAP URL beginning in the form `ldap[s]://host[:port]/basedn`. If provided, all the other LDAP parameters will be ignored. - ## Ref: https://www.postgresql.org/docs/current/auth-ldap.html - ## - uri: "" -## @param postgresqlDataDir PostgreSQL data dir folder -## -postgresqlDataDir: /bitnami/postgresql/data -## @param postgresqlSharedPreloadLibraries Shared preload libraries (comma-separated list) -## -postgresqlSharedPreloadLibraries: "pgaudit" -## Start PostgreSQL pod(s) without limitations on shm memory. -## By default docker and containerd (and possibly other container runtimes) limit `/dev/shm` to `64M` -## ref: https://github.com/docker-library/postgres/issues/416 -## ref: https://github.com/containerd/containerd/issues/3654 -## -shmVolume: - ## @param shmVolume.enabled Enable emptyDir volume for /dev/shm for PostgreSQL pod(s) - ## - enabled: true - ## @param shmVolume.sizeLimit Set this to enable a size limit on the shm tmpfs - ## Note: the size of the tmpfs counts against container's memory limit - ## e.g: - ## sizeLimit: 1Gi - ## - sizeLimit: "" -## TLS configuration -## -tls: - ## @param tls.enabled Enable TLS traffic support - ## - enabled: false - ## @param tls.autoGenerated Generate automatically self-signed TLS certificates - ## - autoGenerated: false - ## @param tls.preferServerCiphers Whether to use the server's TLS cipher preferences rather than the client's - ## - preferServerCiphers: true - ## @param tls.certificatesSecret Name of an existing secret that contains the certificates - ## - certificatesSecret: "" - ## @param tls.certFilename Certificate filename - ## - certFilename: "" - ## @param tls.certKeyFilename Certificate key filename - ## - certKeyFilename: "" - ## @param tls.certCAFilename CA Certificate filename - ## If provided, PostgreSQL will authenticate TLS/SSL clients by requesting them a certificate - ## ref: https://www.postgresql.org/docs/9.6/auth-methods.html - ## - certCAFilename: "" - ## @param tls.crlFilename File containing a Certificate Revocation List - ## - crlFilename: "" -## @section PostgreSQL Primary parameters -## -primary: - ## @param primary.name Name of the primary database (eg primary, master, leader, ...) - ## - name: primary - ## @param primary.configuration PostgreSQL Primary main configuration to be injected as ConfigMap - ## ref: https://www.postgresql.org/docs/current/static/runtime-config.html - ## - configuration: "" - ## @param primary.pgHbaConfiguration PostgreSQL Primary client authentication configuration - ## ref: https://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html - ## e.g:# - ## pgHbaConfiguration: |- - ## local all all trust - ## host all all localhost trust - ## host mydatabase mysuser 192.168.0.0/24 md5 - ## - pgHbaConfiguration: "" - ## @param primary.existingConfigmap Name of an existing ConfigMap with PostgreSQL Primary configuration - ## NOTE: `primary.configuration` and `primary.pgHbaConfiguration` will be ignored - ## - existingConfigmap: "" - ## @param primary.extendedConfiguration Extended PostgreSQL Primary configuration (appended to main or default configuration) - ## ref: https://github.com/bitnami/containers/tree/main/bitnami/postgresql#allow-settings-to-be-loaded-from-files-other-than-the-default-postgresqlconf - ## - extendedConfiguration: "" - ## @param primary.existingExtendedConfigmap Name of an existing ConfigMap with PostgreSQL Primary extended configuration - ## NOTE: `primary.extendedConfiguration` will be ignored - ## - existingExtendedConfigmap: "" - ## Initdb configuration - ## ref: https://github.com/bitnami/containers/tree/main/bitnami/postgresql#specifying-initdb-arguments - ## - initdb: - ## @param primary.initdb.args PostgreSQL initdb extra arguments - ## - args: "" - ## @param primary.initdb.postgresqlWalDir Specify a custom location for the PostgreSQL transaction log - ## - postgresqlWalDir: "" - ## @param primary.initdb.scripts Dictionary of initdb scripts - ## Specify dictionary of scripts to be run at first boot - ## e.g: - ## scripts: - ## my_init_script.sh: | - ## #!/bin/sh - ## echo "Do something." - ## - scripts: {} - ## @param primary.initdb.scriptsConfigMap ConfigMap with scripts to be run at first boot - ## NOTE: This will override `primary.initdb.scripts` - ## - scriptsConfigMap: "" - ## @param primary.initdb.scriptsSecret Secret with scripts to be run at first boot (in case it contains sensitive information) - ## NOTE: This can work along `primary.initdb.scripts` or `primary.initdb.scriptsConfigMap` - ## - scriptsSecret: "" - ## @param primary.initdb.user Specify the PostgreSQL username to execute the initdb scripts - ## - user: "" - ## @param primary.initdb.password Specify the PostgreSQL password to execute the initdb scripts - ## - password: "" - ## Pre-init configuration - ## ref: https://github.com/bitnami/containers/tree/main/bitnami/postgresql/#on-container-start - preInitDb: - ## @param primary.preInitDb.scripts Dictionary of pre-init scripts - ## Specify dictionary of shell scripts to be run before db boot - ## e.g: - ## scripts: - ## my_pre_init_script.sh: | - ## #!/bin/sh - ## echo "Do something." - scripts: {} - ## @param primary.preInitDb.scriptsConfigMap ConfigMap with pre-init scripts to be run - ## NOTE: This will override `primary.preInitDb.scripts` - scriptsConfigMap: "" - ## @param primary.preInitDb.scriptsSecret Secret with pre-init scripts to be run - ## NOTE: This can work along `primary.preInitDb.scripts` or `primary.preInitDb.scriptsConfigMap` - scriptsSecret: "" - ## Configure current cluster's primary server to be the standby server in other cluster. - ## This will allow cross cluster replication and provide cross cluster high availability. - ## You will need to configure pgHbaConfiguration if you want to enable this feature with local cluster replication enabled. - ## @param primary.standby.enabled Whether to enable current cluster's primary as standby server of another cluster or not - ## @param primary.standby.primaryHost The Host of replication primary in the other cluster - ## @param primary.standby.primaryPort The Port of replication primary in the other cluster - ## - standby: - enabled: false - primaryHost: "" - primaryPort: "" - ## @param primary.extraEnvVars Array with extra environment variables to add to PostgreSQL Primary nodes - ## e.g: - ## extraEnvVars: - ## - name: FOO - ## value: "bar" - ## - extraEnvVars: [] - ## @param primary.extraEnvVarsCM Name of existing ConfigMap containing extra env vars for PostgreSQL Primary nodes - ## - extraEnvVarsCM: "" - ## @param primary.extraEnvVarsSecret Name of existing Secret containing extra env vars for PostgreSQL Primary nodes - ## - extraEnvVarsSecret: "" - ## @param primary.command Override default container command (useful when using custom images) - ## - command: [] - ## @param primary.args Override default container args (useful when using custom images) - ## - args: [] - ## Configure extra options for PostgreSQL Primary containers' liveness, readiness and startup probes - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#configure-probes - ## @param primary.livenessProbe.enabled Enable livenessProbe on PostgreSQL Primary containers - ## @param primary.livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe - ## @param primary.livenessProbe.periodSeconds Period seconds for livenessProbe - ## @param primary.livenessProbe.timeoutSeconds Timeout seconds for livenessProbe - ## @param primary.livenessProbe.failureThreshold Failure threshold for livenessProbe - ## @param primary.livenessProbe.successThreshold Success threshold for livenessProbe - ## - livenessProbe: - enabled: true - initialDelaySeconds: 30 - periodSeconds: 10 - timeoutSeconds: 5 - failureThreshold: 6 - successThreshold: 1 - ## @param primary.readinessProbe.enabled Enable readinessProbe on PostgreSQL Primary containers - ## @param primary.readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe - ## @param primary.readinessProbe.periodSeconds Period seconds for readinessProbe - ## @param primary.readinessProbe.timeoutSeconds Timeout seconds for readinessProbe - ## @param primary.readinessProbe.failureThreshold Failure threshold for readinessProbe - ## @param primary.readinessProbe.successThreshold Success threshold for readinessProbe - ## - readinessProbe: - enabled: true - initialDelaySeconds: 5 - periodSeconds: 10 - timeoutSeconds: 5 - failureThreshold: 6 - successThreshold: 1 - ## @param primary.startupProbe.enabled Enable startupProbe on PostgreSQL Primary containers - ## @param primary.startupProbe.initialDelaySeconds Initial delay seconds for startupProbe - ## @param primary.startupProbe.periodSeconds Period seconds for startupProbe - ## @param primary.startupProbe.timeoutSeconds Timeout seconds for startupProbe - ## @param primary.startupProbe.failureThreshold Failure threshold for startupProbe - ## @param primary.startupProbe.successThreshold Success threshold for startupProbe - ## - startupProbe: - enabled: false - initialDelaySeconds: 30 - periodSeconds: 10 - timeoutSeconds: 1 - failureThreshold: 15 - successThreshold: 1 - ## @param primary.customLivenessProbe Custom livenessProbe that overrides the default one - ## - customLivenessProbe: {} - ## @param primary.customReadinessProbe Custom readinessProbe that overrides the default one - ## - customReadinessProbe: {} - ## @param primary.customStartupProbe Custom startupProbe that overrides the default one - ## - customStartupProbe: {} - ## @param primary.lifecycleHooks for the PostgreSQL Primary container to automate configuration before or after startup - ## - lifecycleHooks: {} - ## PostgreSQL Primary resource requests and limits - ## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ - ## @param primary.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if primary.resources is set (primary.resources is recommended for production). - ## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15 - ## - resourcesPreset: "nano" - ## @param primary.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads) - ## Example: - ## resources: - ## requests: - ## cpu: 2 - ## memory: 512Mi - ## limits: - ## cpu: 3 - ## memory: 1024Mi - ## - resources: {} - ## Pod Security Context - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ - ## @param primary.podSecurityContext.enabled Enable security context - ## @param primary.podSecurityContext.fsGroupChangePolicy Set filesystem group change policy - ## @param primary.podSecurityContext.sysctls Set kernel settings using the sysctl interface - ## @param primary.podSecurityContext.supplementalGroups Set filesystem extra groups - ## @param primary.podSecurityContext.fsGroup Group ID for the pod - ## - podSecurityContext: - enabled: true - fsGroupChangePolicy: Always - sysctls: [] - supplementalGroups: [] - fsGroup: 1001 - ## Container Security Context - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ - ## @param primary.containerSecurityContext.enabled Enabled containers' Security Context - ## @param primary.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container - ## @param primary.containerSecurityContext.runAsUser Set containers' Security Context runAsUser - ## @param primary.containerSecurityContext.runAsGroup Set containers' Security Context runAsGroup - ## @param primary.containerSecurityContext.runAsNonRoot Set container's Security Context runAsNonRoot - ## @param primary.containerSecurityContext.privileged Set container's Security Context privileged - ## @param primary.containerSecurityContext.readOnlyRootFilesystem Set container's Security Context readOnlyRootFilesystem - ## @param primary.containerSecurityContext.allowPrivilegeEscalation Set container's Security Context allowPrivilegeEscalation - ## @param primary.containerSecurityContext.capabilities.drop List of capabilities to be dropped - ## @param primary.containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile - ## - containerSecurityContext: - enabled: true - seLinuxOptions: {} - runAsUser: 1001 - runAsGroup: 1001 - runAsNonRoot: true - privileged: false - readOnlyRootFilesystem: true - allowPrivilegeEscalation: false - capabilities: - drop: ["ALL"] - seccompProfile: - type: "RuntimeDefault" - ## @param primary.automountServiceAccountToken Mount Service Account token in pod - ## - automountServiceAccountToken: false - ## @param primary.hostAliases PostgreSQL primary pods host aliases - ## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/ - ## - hostAliases: [] - ## @param primary.hostNetwork Specify if host network should be enabled for PostgreSQL pod (postgresql primary) - ## - hostNetwork: false - ## @param primary.hostIPC Specify if host IPC should be enabled for PostgreSQL pod (postgresql primary) - ## - hostIPC: false - ## @param primary.labels Map of labels to add to the statefulset (postgresql primary) - ## - labels: {} - ## @param primary.annotations Annotations for PostgreSQL primary pods - ## - annotations: {} - ## @param primary.podLabels Map of labels to add to the pods (postgresql primary) - ## - podLabels: {} - ## @param primary.podAnnotations Map of annotations to add to the pods (postgresql primary) - ## - podAnnotations: {} - ## @param primary.podAffinityPreset PostgreSQL primary pod affinity preset. Ignored if `primary.affinity` is set. Allowed values: `soft` or `hard` - ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity - ## - podAffinityPreset: "" - ## @param primary.podAntiAffinityPreset PostgreSQL primary pod anti-affinity preset. Ignored if `primary.affinity` is set. Allowed values: `soft` or `hard` - ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity - ## - podAntiAffinityPreset: soft - ## PostgreSQL Primary node affinity preset - ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity - ## - nodeAffinityPreset: - ## @param primary.nodeAffinityPreset.type PostgreSQL primary node affinity preset type. Ignored if `primary.affinity` is set. Allowed values: `soft` or `hard` - ## - type: "" - ## @param primary.nodeAffinityPreset.key PostgreSQL primary node label key to match Ignored if `primary.affinity` is set. - ## E.g. - ## key: "kubernetes.io/e2e-az-name" - ## - key: "" - ## @param primary.nodeAffinityPreset.values PostgreSQL primary node label values to match. Ignored if `primary.affinity` is set. - ## E.g. - ## values: - ## - e2e-az1 - ## - e2e-az2 - ## - values: [] - ## @param primary.affinity Affinity for PostgreSQL primary pods assignment - ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity - ## Note: primary.podAffinityPreset, primary.podAntiAffinityPreset, and primary.nodeAffinityPreset will be ignored when it's set - ## - affinity: {} - ## @param primary.nodeSelector Node labels for PostgreSQL primary pods assignment - ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/ - ## - nodeSelector: {} - ## @param primary.tolerations Tolerations for PostgreSQL primary pods assignment - ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ - ## - tolerations: [] - ## @param primary.topologySpreadConstraints Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template - ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/#spread-constraints-for-pods - ## - topologySpreadConstraints: [] - ## @param primary.priorityClassName Priority Class to use for each pod (postgresql primary) - ## - priorityClassName: "" - ## @param primary.schedulerName Use an alternate scheduler, e.g. "stork". - ## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/ - ## - schedulerName: "" - ## @param primary.terminationGracePeriodSeconds Seconds PostgreSQL primary pod needs to terminate gracefully - ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod/#termination-of-pods - ## - terminationGracePeriodSeconds: "" - ## @param primary.updateStrategy.type PostgreSQL Primary statefulset strategy type - ## @param primary.updateStrategy.rollingUpdate PostgreSQL Primary statefulset rolling update configuration parameters - ## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies - ## - updateStrategy: - type: RollingUpdate - rollingUpdate: {} - ## @param primary.extraVolumeMounts Optionally specify extra list of additional volumeMounts for the PostgreSQL Primary container(s) - ## - extraVolumeMounts: [] - ## @param primary.extraVolumes Optionally specify extra list of additional volumes for the PostgreSQL Primary pod(s) - ## - extraVolumes: [] - ## @param primary.sidecars Add additional sidecar containers to the PostgreSQL Primary pod(s) - ## For example: - ## sidecars: - ## - name: your-image-name - ## image: your-image - ## imagePullPolicy: Always - ## ports: - ## - name: portname - ## containerPort: 1234 - ## - sidecars: [] - ## @param primary.initContainers Add additional init containers to the PostgreSQL Primary pod(s) - ## Example - ## - ## initContainers: - ## - name: do-something - ## image: busybox - ## command: ['do', 'something'] - ## - initContainers: [] - ## Pod Disruption Budget configuration - ## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb - ## @param primary.pdb.create Enable/disable a Pod Disruption Budget creation - ## @param primary.pdb.minAvailable Minimum number/percentage of pods that should remain scheduled - ## @param primary.pdb.maxUnavailable Maximum number/percentage of pods that may be made unavailable. Defaults to `1` if both `primary.pdb.minAvailable` and `primary.pdb.maxUnavailable` are empty. - ## - pdb: - create: true - minAvailable: "" - maxUnavailable: "" - ## @param primary.extraPodSpec Optionally specify extra PodSpec for the PostgreSQL Primary pod(s) - ## - extraPodSpec: {} - ## Network Policies - ## Ref: https://kubernetes.io/docs/concepts/services-networking/network-policies/ - ## - networkPolicy: - ## @param primary.networkPolicy.enabled Specifies whether a NetworkPolicy should be created - ## - enabled: true - ## @param primary.networkPolicy.allowExternal Don't require server label for connections - ## The Policy model to apply. When set to false, only pods with the correct - ## server label will have network access to the ports server is listening - ## on. When true, server will accept connections from any source - ## (with the correct destination port). - ## - allowExternal: true - ## @param primary.networkPolicy.allowExternalEgress Allow the pod to access any range of port and all destinations. - ## - allowExternalEgress: true - ## @param primary.networkPolicy.extraIngress [array] Add extra ingress rules to the NetworkPolicy - ## e.g: - ## extraIngress: - ## - ports: - ## - port: 1234 - ## from: - ## - podSelector: - ## - matchLabels: - ## - role: frontend - ## - podSelector: - ## - matchExpressions: - ## - key: role - ## operator: In - ## values: - ## - frontend - extraIngress: [] - ## @param primary.networkPolicy.extraEgress [array] Add extra ingress rules to the NetworkPolicy - ## e.g: - ## extraEgress: - ## - ports: - ## - port: 1234 - ## to: - ## - podSelector: - ## - matchLabels: - ## - role: frontend - ## - podSelector: - ## - matchExpressions: - ## - key: role - ## operator: In - ## values: - ## - frontend - ## - extraEgress: [] - ## @param primary.networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces - ## @param primary.networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces - ## - ingressNSMatchLabels: {} - ingressNSPodMatchLabels: {} - ## PostgreSQL Primary service configuration - ## - service: - ## @param primary.service.type Kubernetes Service type - ## - type: ClusterIP - ## @param primary.service.ports.postgresql PostgreSQL service port - ## - ports: - postgresql: 5432 - ## Node ports to expose - ## NOTE: choose port between <30000-32767> - ## @param primary.service.nodePorts.postgresql Node port for PostgreSQL - ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport - ## - nodePorts: - postgresql: "" - ## @param primary.service.clusterIP Static clusterIP or None for headless services - ## e.g: - ## clusterIP: None - ## - clusterIP: "" - ## @param primary.service.annotations Annotations for PostgreSQL primary service - ## - annotations: {} - ## @param primary.service.loadBalancerClass Load balancer class if service type is `LoadBalancer` - ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#load-balancer-class - ## - loadBalancerClass: "" - ## @param primary.service.loadBalancerIP Load balancer IP if service type is `LoadBalancer` - ## Set the LoadBalancer service type to internal only - ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer - ## - loadBalancerIP: "" - ## @param primary.service.externalTrafficPolicy Enable client source IP preservation - ## ref https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip - ## - externalTrafficPolicy: Cluster - ## @param primary.service.loadBalancerSourceRanges Addresses that are allowed when service is LoadBalancer - ## https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service - ## - ## loadBalancerSourceRanges: - ## - 10.10.10.0/24 - ## - loadBalancerSourceRanges: [] - ## @param primary.service.extraPorts Extra ports to expose in the PostgreSQL primary service - ## - extraPorts: [] - ## @param primary.service.sessionAffinity Session Affinity for Kubernetes service, can be "None" or "ClientIP" - ## If "ClientIP", consecutive client requests will be directed to the same Pod - ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies - ## - sessionAffinity: None - ## @param primary.service.sessionAffinityConfig Additional settings for the sessionAffinity - ## sessionAffinityConfig: - ## clientIP: - ## timeoutSeconds: 300 - ## - sessionAffinityConfig: {} - ## Headless service properties - ## - headless: - ## @param primary.service.headless.annotations Additional custom annotations for headless PostgreSQL primary service - ## - annotations: {} - ## PostgreSQL Primary persistence configuration - ## - persistence: - ## @param primary.persistence.enabled Enable PostgreSQL Primary data persistence using PVC - ## - enabled: true - ## @param primary.persistence.volumeName Name to assign the volume - ## - volumeName: "data" - ## @param primary.persistence.existingClaim Name of an existing PVC to use - ## - existingClaim: "" - ## @param primary.persistence.mountPath The path the volume will be mounted at - ## Note: useful when using custom PostgreSQL images - ## - mountPath: /bitnami/postgresql - ## @param primary.persistence.subPath The subdirectory of the volume to mount to - ## Useful in dev environments and one PV for multiple services - ## - subPath: "" - ## @param primary.persistence.storageClass PVC Storage Class for PostgreSQL Primary data volume - ## If defined, storageClassName: - ## If set to "-", storageClassName: "", which disables dynamic provisioning - ## If undefined (the default) or set to null, no storageClassName spec is - ## set, choosing the default provisioner. (gp2 on AWS, standard on - ## GKE, AWS & OpenStack) - ## - storageClass: "" - ## @param primary.persistence.accessModes PVC Access Mode for PostgreSQL volume - ## - accessModes: - - ReadWriteOnce - ## @param primary.persistence.size PVC Storage Request for PostgreSQL volume - ## - size: 8Gi - ## @param primary.persistence.annotations Annotations for the PVC - ## - annotations: {} - ## @param primary.persistence.labels Labels for the PVC - ## - labels: {} - ## @param primary.persistence.selector Selector to match an existing Persistent Volume (this value is evaluated as a template) - ## selector: - ## matchLabels: - ## app: my-app - ## - selector: {} - ## @param primary.persistence.dataSource Custom PVC data source - ## - dataSource: {} - ## PostgreSQL Primary Persistent Volume Claim Retention Policy - ## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#persistentvolumeclaim-retention - ## - persistentVolumeClaimRetentionPolicy: - ## @param primary.persistentVolumeClaimRetentionPolicy.enabled Enable Persistent volume retention policy for Primary Statefulset - ## - enabled: false - ## @param primary.persistentVolumeClaimRetentionPolicy.whenScaled Volume retention behavior when the replica count of the StatefulSet is reduced - ## - whenScaled: Retain - ## @param primary.persistentVolumeClaimRetentionPolicy.whenDeleted Volume retention behavior that applies when the StatefulSet is deleted - ## - whenDeleted: Retain -## @section PostgreSQL read only replica parameters (only used when `architecture` is set to `replication`) -## -readReplicas: - ## @param readReplicas.name Name of the read replicas database (eg secondary, slave, ...) - ## - name: read - ## @param readReplicas.replicaCount Number of PostgreSQL read only replicas - ## - replicaCount: 1 - ## @param readReplicas.extendedConfiguration Extended PostgreSQL read only replicas configuration (appended to main or default configuration) - ## ref: https://github.com/bitnami/containers/tree/main/bitnami/postgresql#allow-settings-to-be-loaded-from-files-other-than-the-default-postgresqlconf - ## - extendedConfiguration: "" - ## @param readReplicas.extraEnvVars Array with extra environment variables to add to PostgreSQL read only nodes - ## e.g: - ## extraEnvVars: - ## - name: FOO - ## value: "bar" - ## - extraEnvVars: [] - ## @param readReplicas.extraEnvVarsCM Name of existing ConfigMap containing extra env vars for PostgreSQL read only nodes - ## - extraEnvVarsCM: "" - ## @param readReplicas.extraEnvVarsSecret Name of existing Secret containing extra env vars for PostgreSQL read only nodes - ## - extraEnvVarsSecret: "" - ## @param readReplicas.command Override default container command (useful when using custom images) - ## - command: [] - ## @param readReplicas.args Override default container args (useful when using custom images) - ## - args: [] - ## Configure extra options for PostgreSQL read only containers' liveness, readiness and startup probes - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#configure-probes - ## @param readReplicas.livenessProbe.enabled Enable livenessProbe on PostgreSQL read only containers - ## @param readReplicas.livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe - ## @param readReplicas.livenessProbe.periodSeconds Period seconds for livenessProbe - ## @param readReplicas.livenessProbe.timeoutSeconds Timeout seconds for livenessProbe - ## @param readReplicas.livenessProbe.failureThreshold Failure threshold for livenessProbe - ## @param readReplicas.livenessProbe.successThreshold Success threshold for livenessProbe - ## - livenessProbe: - enabled: true - initialDelaySeconds: 30 - periodSeconds: 10 - timeoutSeconds: 5 - failureThreshold: 6 - successThreshold: 1 - ## @param readReplicas.readinessProbe.enabled Enable readinessProbe on PostgreSQL read only containers - ## @param readReplicas.readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe - ## @param readReplicas.readinessProbe.periodSeconds Period seconds for readinessProbe - ## @param readReplicas.readinessProbe.timeoutSeconds Timeout seconds for readinessProbe - ## @param readReplicas.readinessProbe.failureThreshold Failure threshold for readinessProbe - ## @param readReplicas.readinessProbe.successThreshold Success threshold for readinessProbe - ## - readinessProbe: - enabled: true - initialDelaySeconds: 5 - periodSeconds: 10 - timeoutSeconds: 5 - failureThreshold: 6 - successThreshold: 1 - ## @param readReplicas.startupProbe.enabled Enable startupProbe on PostgreSQL read only containers - ## @param readReplicas.startupProbe.initialDelaySeconds Initial delay seconds for startupProbe - ## @param readReplicas.startupProbe.periodSeconds Period seconds for startupProbe - ## @param readReplicas.startupProbe.timeoutSeconds Timeout seconds for startupProbe - ## @param readReplicas.startupProbe.failureThreshold Failure threshold for startupProbe - ## @param readReplicas.startupProbe.successThreshold Success threshold for startupProbe - ## - startupProbe: - enabled: false - initialDelaySeconds: 30 - periodSeconds: 10 - timeoutSeconds: 1 - failureThreshold: 15 - successThreshold: 1 - ## @param readReplicas.customLivenessProbe Custom livenessProbe that overrides the default one - ## - customLivenessProbe: {} - ## @param readReplicas.customReadinessProbe Custom readinessProbe that overrides the default one - ## - customReadinessProbe: {} - ## @param readReplicas.customStartupProbe Custom startupProbe that overrides the default one - ## - customStartupProbe: {} - ## @param readReplicas.lifecycleHooks for the PostgreSQL read only container to automate configuration before or after startup - ## - lifecycleHooks: {} - ## PostgreSQL read only resource requests and limits - ## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ - ## @param readReplicas.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if readReplicas.resources is set (readReplicas.resources is recommended for production). - ## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15 - ## - resourcesPreset: "nano" - ## @param readReplicas.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads) - ## Example: - ## resources: - ## requests: - ## cpu: 2 - ## memory: 512Mi - ## limits: - ## cpu: 3 - ## memory: 1024Mi - ## - resources: {} - ## Pod Security Context - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ - ## @param readReplicas.podSecurityContext.enabled Enable security context - ## @param readReplicas.podSecurityContext.fsGroupChangePolicy Set filesystem group change policy - ## @param readReplicas.podSecurityContext.sysctls Set kernel settings using the sysctl interface - ## @param readReplicas.podSecurityContext.supplementalGroups Set filesystem extra groups - ## @param readReplicas.podSecurityContext.fsGroup Group ID for the pod - ## - podSecurityContext: - enabled: true - fsGroupChangePolicy: Always - sysctls: [] - supplementalGroups: [] - fsGroup: 1001 - ## Container Security Context - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ - ## @param readReplicas.containerSecurityContext.enabled Enabled containers' Security Context - ## @param readReplicas.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container - ## @param readReplicas.containerSecurityContext.runAsUser Set containers' Security Context runAsUser - ## @param readReplicas.containerSecurityContext.runAsGroup Set containers' Security Context runAsGroup - ## @param readReplicas.containerSecurityContext.runAsNonRoot Set container's Security Context runAsNonRoot - ## @param readReplicas.containerSecurityContext.privileged Set container's Security Context privileged - ## @param readReplicas.containerSecurityContext.readOnlyRootFilesystem Set container's Security Context readOnlyRootFilesystem - ## @param readReplicas.containerSecurityContext.allowPrivilegeEscalation Set container's Security Context allowPrivilegeEscalation - ## @param readReplicas.containerSecurityContext.capabilities.drop List of capabilities to be dropped - ## @param readReplicas.containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile - ## - containerSecurityContext: - enabled: true - seLinuxOptions: {} - runAsUser: 1001 - runAsGroup: 1001 - runAsNonRoot: true - privileged: false - readOnlyRootFilesystem: true - allowPrivilegeEscalation: false - capabilities: - drop: ["ALL"] - seccompProfile: - type: "RuntimeDefault" - ## @param readReplicas.automountServiceAccountToken Mount Service Account token in pod - ## - automountServiceAccountToken: false - ## @param readReplicas.hostAliases PostgreSQL read only pods host aliases - ## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/ - ## - hostAliases: [] - ## @param readReplicas.hostNetwork Specify if host network should be enabled for PostgreSQL pod (PostgreSQL read only) - ## - hostNetwork: false - ## @param readReplicas.hostIPC Specify if host IPC should be enabled for PostgreSQL pod (postgresql primary) - ## - hostIPC: false - ## @param readReplicas.labels Map of labels to add to the statefulset (PostgreSQL read only) - ## - labels: {} - ## @param readReplicas.annotations Annotations for PostgreSQL read only pods - ## - annotations: {} - ## @param readReplicas.podLabels Map of labels to add to the pods (PostgreSQL read only) - ## - podLabels: {} - ## @param readReplicas.podAnnotations Map of annotations to add to the pods (PostgreSQL read only) - ## - podAnnotations: {} - ## @param readReplicas.podAffinityPreset PostgreSQL read only pod affinity preset. Ignored if `primary.affinity` is set. Allowed values: `soft` or `hard` - ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity - ## - podAffinityPreset: "" - ## @param readReplicas.podAntiAffinityPreset PostgreSQL read only pod anti-affinity preset. Ignored if `primary.affinity` is set. Allowed values: `soft` or `hard` - ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity - ## - podAntiAffinityPreset: soft - ## PostgreSQL read only node affinity preset - ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity - ## - nodeAffinityPreset: - ## @param readReplicas.nodeAffinityPreset.type PostgreSQL read only node affinity preset type. Ignored if `primary.affinity` is set. Allowed values: `soft` or `hard` - ## - type: "" - ## @param readReplicas.nodeAffinityPreset.key PostgreSQL read only node label key to match Ignored if `primary.affinity` is set. - ## E.g. - ## key: "kubernetes.io/e2e-az-name" - ## - key: "" - ## @param readReplicas.nodeAffinityPreset.values PostgreSQL read only node label values to match. Ignored if `primary.affinity` is set. - ## E.g. - ## values: - ## - e2e-az1 - ## - e2e-az2 - ## - values: [] - ## @param readReplicas.affinity Affinity for PostgreSQL read only pods assignment - ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity - ## Note: primary.podAffinityPreset, primary.podAntiAffinityPreset, and primary.nodeAffinityPreset will be ignored when it's set - ## - affinity: {} - ## @param readReplicas.nodeSelector Node labels for PostgreSQL read only pods assignment - ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/ - ## - nodeSelector: {} - ## @param readReplicas.tolerations Tolerations for PostgreSQL read only pods assignment - ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ - ## - tolerations: [] - ## @param readReplicas.topologySpreadConstraints Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template - ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/#spread-constraints-for-pods - ## - topologySpreadConstraints: [] - ## @param readReplicas.priorityClassName Priority Class to use for each pod (PostgreSQL read only) - ## - priorityClassName: "" - ## @param readReplicas.schedulerName Use an alternate scheduler, e.g. "stork". - ## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/ - ## - schedulerName: "" - ## @param readReplicas.terminationGracePeriodSeconds Seconds PostgreSQL read only pod needs to terminate gracefully - ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod/#termination-of-pods - ## - terminationGracePeriodSeconds: "" - ## @param readReplicas.updateStrategy.type PostgreSQL read only statefulset strategy type - ## @param readReplicas.updateStrategy.rollingUpdate PostgreSQL read only statefulset rolling update configuration parameters - ## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies - ## - updateStrategy: - type: RollingUpdate - rollingUpdate: {} - ## @param readReplicas.extraVolumeMounts Optionally specify extra list of additional volumeMounts for the PostgreSQL read only container(s) - ## - extraVolumeMounts: [] - ## @param readReplicas.extraVolumes Optionally specify extra list of additional volumes for the PostgreSQL read only pod(s) - ## - extraVolumes: [] - ## @param readReplicas.sidecars Add additional sidecar containers to the PostgreSQL read only pod(s) - ## For example: - ## sidecars: - ## - name: your-image-name - ## image: your-image - ## imagePullPolicy: Always - ## ports: - ## - name: portname - ## containerPort: 1234 - ## - sidecars: [] - ## @param readReplicas.initContainers Add additional init containers to the PostgreSQL read only pod(s) - ## Example - ## - ## initContainers: - ## - name: do-something - ## image: busybox - ## command: ['do', 'something'] - ## - initContainers: [] - ## Pod Disruption Budget configuration - ## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb - ## @param readReplicas.pdb.create Enable/disable a Pod Disruption Budget creation - ## @param readReplicas.pdb.minAvailable Minimum number/percentage of pods that should remain scheduled - ## @param readReplicas.pdb.maxUnavailable Maximum number/percentage of pods that may be made unavailable. Defaults to `1` if both `readReplicas.pdb.minAvailable` and `readReplicas.pdb.maxUnavailable` are empty. - ## - pdb: - create: true - minAvailable: "" - maxUnavailable: "" - ## @param readReplicas.extraPodSpec Optionally specify extra PodSpec for the PostgreSQL read only pod(s) - ## - extraPodSpec: {} - ## Network Policies - ## Ref: https://kubernetes.io/docs/concepts/services-networking/network-policies/ - ## - networkPolicy: - ## @param readReplicas.networkPolicy.enabled Specifies whether a NetworkPolicy should be created - ## - enabled: true - ## @param readReplicas.networkPolicy.allowExternal Don't require server label for connections - ## The Policy model to apply. When set to false, only pods with the correct - ## server label will have network access to the ports server is listening - ## on. When true, server will accept connections from any source - ## (with the correct destination port). - ## - allowExternal: true - ## @param readReplicas.networkPolicy.allowExternalEgress Allow the pod to access any range of port and all destinations. - ## - allowExternalEgress: true - ## @param readReplicas.networkPolicy.extraIngress [array] Add extra ingress rules to the NetworkPolicy - ## e.g: - ## extraIngress: - ## - ports: - ## - port: 1234 - ## from: - ## - podSelector: - ## - matchLabels: - ## - role: frontend - ## - podSelector: - ## - matchExpressions: - ## - key: role - ## operator: In - ## values: - ## - frontend - extraIngress: [] - ## @param readReplicas.networkPolicy.extraEgress [array] Add extra ingress rules to the NetworkPolicy - ## e.g: - ## extraEgress: - ## - ports: - ## - port: 1234 - ## to: - ## - podSelector: - ## - matchLabels: - ## - role: frontend - ## - podSelector: - ## - matchExpressions: - ## - key: role - ## operator: In - ## values: - ## - frontend - ## - extraEgress: [] - ## @param readReplicas.networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces - ## @param readReplicas.networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces - ## - ingressNSMatchLabels: {} - ingressNSPodMatchLabels: {} - ## PostgreSQL read only service configuration - ## - service: - ## @param readReplicas.service.type Kubernetes Service type - ## - type: ClusterIP - ## @param readReplicas.service.ports.postgresql PostgreSQL service port - ## - ports: - postgresql: 5432 - ## Node ports to expose - ## NOTE: choose port between <30000-32767> - ## @param readReplicas.service.nodePorts.postgresql Node port for PostgreSQL - ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport - ## - nodePorts: - postgresql: "" - ## @param readReplicas.service.clusterIP Static clusterIP or None for headless services - ## e.g: - ## clusterIP: None - ## - clusterIP: "" - ## @param readReplicas.service.annotations Annotations for PostgreSQL read only service - ## - annotations: {} - ## @param readReplicas.service.loadBalancerClass Load balancer class if service type is `LoadBalancer` - ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#load-balancer-class - ## - loadBalancerClass: "" - ## @param readReplicas.service.loadBalancerIP Load balancer IP if service type is `LoadBalancer` - ## Set the LoadBalancer service type to internal only - ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer - ## - loadBalancerIP: "" - ## @param readReplicas.service.externalTrafficPolicy Enable client source IP preservation - ## ref https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip - ## - externalTrafficPolicy: Cluster - ## @param readReplicas.service.loadBalancerSourceRanges Addresses that are allowed when service is LoadBalancer - ## https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service - ## - ## loadBalancerSourceRanges: - ## - 10.10.10.0/24 - ## - loadBalancerSourceRanges: [] - ## @param readReplicas.service.extraPorts Extra ports to expose in the PostgreSQL read only service - ## - extraPorts: [] - ## @param readReplicas.service.sessionAffinity Session Affinity for Kubernetes service, can be "None" or "ClientIP" - ## If "ClientIP", consecutive client requests will be directed to the same Pod - ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies - ## - sessionAffinity: None - ## @param readReplicas.service.sessionAffinityConfig Additional settings for the sessionAffinity - ## sessionAffinityConfig: - ## clientIP: - ## timeoutSeconds: 300 - ## - sessionAffinityConfig: {} - ## Headless service properties - ## - headless: - ## @param readReplicas.service.headless.annotations Additional custom annotations for headless PostgreSQL read only service - ## - annotations: {} - ## PostgreSQL read only persistence configuration - ## - persistence: - ## @param readReplicas.persistence.enabled Enable PostgreSQL read only data persistence using PVC - ## - enabled: true - ## @param readReplicas.persistence.existingClaim Name of an existing PVC to use - ## - existingClaim: "" - ## @param readReplicas.persistence.mountPath The path the volume will be mounted at - ## Note: useful when using custom PostgreSQL images - ## - mountPath: /bitnami/postgresql - ## @param readReplicas.persistence.subPath The subdirectory of the volume to mount to - ## Useful in dev environments and one PV for multiple services - ## - subPath: "" - ## @param readReplicas.persistence.storageClass PVC Storage Class for PostgreSQL read only data volume - ## If defined, storageClassName: - ## If set to "-", storageClassName: "", which disables dynamic provisioning - ## If undefined (the default) or set to null, no storageClassName spec is - ## set, choosing the default provisioner. (gp2 on AWS, standard on - ## GKE, AWS & OpenStack) - ## - storageClass: "" - ## @param readReplicas.persistence.accessModes PVC Access Mode for PostgreSQL volume - ## - accessModes: - - ReadWriteOnce - ## @param readReplicas.persistence.size PVC Storage Request for PostgreSQL volume - ## - size: 8Gi - ## @param readReplicas.persistence.annotations Annotations for the PVC - ## - annotations: {} - ## @param readReplicas.persistence.labels Labels for the PVC - ## - labels: {} - ## @param readReplicas.persistence.selector Selector to match an existing Persistent Volume (this value is evaluated as a template) - ## selector: - ## matchLabels: - ## app: my-app - ## - selector: {} - ## @param readReplicas.persistence.dataSource Custom PVC data source - ## - dataSource: {} - ## PostgreSQL Read only Persistent Volume Claim Retention Policy - ## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#persistentvolumeclaim-retention - ## - persistentVolumeClaimRetentionPolicy: - ## @param readReplicas.persistentVolumeClaimRetentionPolicy.enabled Enable Persistent volume retention policy for read only Statefulset - ## - enabled: false - ## @param readReplicas.persistentVolumeClaimRetentionPolicy.whenScaled Volume retention behavior when the replica count of the StatefulSet is reduced - ## - whenScaled: Retain - ## @param readReplicas.persistentVolumeClaimRetentionPolicy.whenDeleted Volume retention behavior that applies when the StatefulSet is deleted - ## - whenDeleted: Retain -## @section Backup parameters -## This section implements a trivial logical dump cronjob of the database. -## This only comes with the consistency guarantees of the dump program. -## This is not a snapshot based roll forward/backward recovery backup. -## ref: https://kubernetes.io/docs/concepts/workloads/controllers/cron-jobs/ -backup: - ## @param backup.enabled Enable the logical dump of the database "regularly" - enabled: false - cronjob: - ## @param backup.cronjob.schedule Set the cronjob parameter schedule - schedule: "@daily" - ## @param backup.cronjob.timeZone Set the cronjob parameter timeZone - timeZone: "" - ## @param backup.cronjob.concurrencyPolicy Set the cronjob parameter concurrencyPolicy - concurrencyPolicy: Allow - ## @param backup.cronjob.failedJobsHistoryLimit Set the cronjob parameter failedJobsHistoryLimit - failedJobsHistoryLimit: 1 - ## @param backup.cronjob.successfulJobsHistoryLimit Set the cronjob parameter successfulJobsHistoryLimit - successfulJobsHistoryLimit: 3 - ## @param backup.cronjob.startingDeadlineSeconds Set the cronjob parameter startingDeadlineSeconds - startingDeadlineSeconds: "" - ## @param backup.cronjob.ttlSecondsAfterFinished Set the cronjob parameter ttlSecondsAfterFinished - ttlSecondsAfterFinished: "" - ## @param backup.cronjob.restartPolicy Set the cronjob parameter restartPolicy - restartPolicy: OnFailure - ## @param backup.cronjob.podSecurityContext.enabled Enable PodSecurityContext for CronJob/Backup - ## @param backup.cronjob.podSecurityContext.fsGroupChangePolicy Set filesystem group change policy - ## @param backup.cronjob.podSecurityContext.sysctls Set kernel settings using the sysctl interface - ## @param backup.cronjob.podSecurityContext.supplementalGroups Set filesystem extra groups - ## @param backup.cronjob.podSecurityContext.fsGroup Group ID for the CronJob - podSecurityContext: - enabled: true - fsGroupChangePolicy: Always - sysctls: [] - supplementalGroups: [] - fsGroup: 1001 - ## backup container's Security Context - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container - ## @param backup.cronjob.containerSecurityContext.enabled Enabled containers' Security Context - ## @param backup.cronjob.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container - ## @param backup.cronjob.containerSecurityContext.runAsUser Set containers' Security Context runAsUser - ## @param backup.cronjob.containerSecurityContext.runAsGroup Set containers' Security Context runAsGroup - ## @param backup.cronjob.containerSecurityContext.runAsNonRoot Set container's Security Context runAsNonRoot - ## @param backup.cronjob.containerSecurityContext.privileged Set container's Security Context privileged - ## @param backup.cronjob.containerSecurityContext.readOnlyRootFilesystem Set container's Security Context readOnlyRootFilesystem - ## @param backup.cronjob.containerSecurityContext.allowPrivilegeEscalation Set container's Security Context allowPrivilegeEscalation - ## @param backup.cronjob.containerSecurityContext.capabilities.drop List of capabilities to be dropped - ## @param backup.cronjob.containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile - containerSecurityContext: - enabled: true - seLinuxOptions: {} - runAsUser: 1001 - runAsGroup: 1001 - runAsNonRoot: true - privileged: false - readOnlyRootFilesystem: true - allowPrivilegeEscalation: false - capabilities: - drop: ["ALL"] - seccompProfile: - type: "RuntimeDefault" - ## @param backup.cronjob.command Set backup container's command to run - command: - - /bin/sh - - -c - - "pg_dumpall --clean --if-exists --load-via-partition-root --quote-all-identifiers --no-password --file=${PGDUMP_DIR}/pg_dumpall-$(date '+%Y-%m-%d-%H-%M').pgdump" - ## @param backup.cronjob.labels Set the cronjob labels - labels: {} - ## @param backup.cronjob.annotations Set the cronjob annotations - annotations: {} - ## @param backup.cronjob.nodeSelector Node labels for PostgreSQL backup CronJob pod assignment - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/assign-pods-nodes/ - ## - nodeSelector: {} - ## @param backup.cronjob.tolerations Tolerations for PostgreSQL backup CronJob pods assignment - ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ - ## - tolerations: [] - ## backup cronjob container resource requests and limits - ## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ - ## @param backup.cronjob.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if backup.cronjob.resources is set (backup.cronjob.resources is recommended for production). - ## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15 - ## - resourcesPreset: "nano" - ## @param backup.cronjob.resources Set container requests and limits for different resources like CPU or memory - ## Example: - resources: {} - ## resources: - ## requests: - ## cpu: 1 - ## memory: 512Mi - ## limits: - ## cpu: 2 - ## memory: 1024Mi - networkPolicy: - ## @param backup.cronjob.networkPolicy.enabled Specifies whether a NetworkPolicy should be created - ## - enabled: true - storage: - ## @param backup.cronjob.storage.enabled Enable using a `PersistentVolumeClaim` as backup data volume - ## - enabled: true - ## @param backup.cronjob.storage.existingClaim Provide an existing `PersistentVolumeClaim` (only when `architecture=standalone`) - ## If defined, PVC must be created manually before volume will be bound - ## - existingClaim: "" - ## @param backup.cronjob.storage.resourcePolicy Setting it to "keep" to avoid removing PVCs during a helm delete operation. Leaving it empty will delete PVCs after the chart deleted - ## - resourcePolicy: "" - ## @param backup.cronjob.storage.storageClass PVC Storage Class for the backup data volume - ## If defined, storageClassName: - ## If set to "-", storageClassName: "", which disables dynamic provisioning - ## If undefined (the default) or set to null, no storageClassName spec is - ## set, choosing the default provisioner. - ## - storageClass: "" - ## @param backup.cronjob.storage.accessModes PV Access Mode - ## - accessModes: - - ReadWriteOnce - ## @param backup.cronjob.storage.size PVC Storage Request for the backup data volume - ## - size: 8Gi - ## @param backup.cronjob.storage.annotations PVC annotations - ## - annotations: {} - ## @param backup.cronjob.storage.mountPath Path to mount the volume at - ## - mountPath: /backup/pgdump - ## @param backup.cronjob.storage.subPath Subdirectory of the volume to mount at - ## and one PV for multiple services. - ## - subPath: "" - ## Fine tuning for volumeClaimTemplates - ## - volumeClaimTemplates: - ## @param backup.cronjob.storage.volumeClaimTemplates.selector A label query over volumes to consider for binding (e.g. when using local volumes) - ## A label query over volumes to consider for binding (e.g. when using local volumes) - ## See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#labelselector-v1-meta for more details - ## - selector: {} - ## @param backup.cronjob.extraVolumeMounts Optionally specify extra list of additional volumeMounts for the backup container - ## - extraVolumeMounts: [] - ## @param backup.cronjob.extraVolumes Optionally specify extra list of additional volumes for the backup container - ## - extraVolumes: [] -## @section Volume Permissions parameters -## - -## Init containers parameters: -## volumePermissions: Change the owner and group of the persistent volume(s) mountpoint(s) to 'runAsUser:fsGroup' on each node -## -volumePermissions: - ## @param volumePermissions.enabled Enable init container that changes the owner and group of the persistent volume - ## - enabled: false - ## @param volumePermissions.image.registry [default: REGISTRY_NAME] Init container volume-permissions image registry - ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] Init container volume-permissions image repository - ## @skip volumePermissions.image.tag Init container volume-permissions image tag (immutable tags are recommended) - ## @param volumePermissions.image.digest Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag - ## @param volumePermissions.image.pullPolicy Init container volume-permissions image pull policy - ## @param volumePermissions.image.pullSecrets Init container volume-permissions image pull secrets - ## - image: - registry: docker.io - repository: bitnami/os-shell - tag: 12-debian-12-r24 - digest: "" - pullPolicy: IfNotPresent - ## Optionally specify an array of imagePullSecrets. - ## Secrets must be manually created in the namespace. - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ - ## Example: - ## pullSecrets: - ## - myRegistryKeySecretName - ## - pullSecrets: [] - ## Init container resource requests and limits - ## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ - ## @param volumePermissions.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if volumePermissions.resources is set (volumePermissions.resources is recommended for production). - ## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15 - ## - resourcesPreset: "nano" - ## @param volumePermissions.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads) - ## Example: - ## resources: - ## requests: - ## cpu: 2 - ## memory: 512Mi - ## limits: - ## cpu: 3 - ## memory: 1024Mi - ## - resources: {} - ## Init container' Security Context - ## Note: the chown of the data folder is done to containerSecurityContext.runAsUser - ## and not the below volumePermissions.containerSecurityContext.runAsUser - ## @param volumePermissions.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container - ## @param volumePermissions.containerSecurityContext.runAsUser User ID for the init container - ## @param volumePermissions.containerSecurityContext.runAsGroup Group ID for the init container - ## @param volumePermissions.containerSecurityContext.runAsNonRoot runAsNonRoot for the init container - ## @param volumePermissions.containerSecurityContext.seccompProfile.type seccompProfile.type for the init container - ## - containerSecurityContext: - seLinuxOptions: {} - runAsUser: 0 - runAsGroup: 0 - runAsNonRoot: false - seccompProfile: - type: RuntimeDefault -## @section Other Parameters -## - -## @param serviceBindings.enabled Create secret for service binding (Experimental) -## Ref: https://servicebinding.io/service-provider/ -## -serviceBindings: - enabled: false -## Service account for PostgreSQL to use. -## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ -## -serviceAccount: - ## @param serviceAccount.create Enable creation of ServiceAccount for PostgreSQL pod - ## - create: true - ## @param serviceAccount.name The name of the ServiceAccount to use. - ## If not set and create is true, a name is generated using the common.names.fullname template - ## - name: "" - ## @param serviceAccount.automountServiceAccountToken Allows auto mount of ServiceAccountToken on the serviceAccount created - ## Can be set to false if pods using this serviceAccount do not need to use K8s API - ## - automountServiceAccountToken: false - ## @param serviceAccount.annotations Additional custom annotations for the ServiceAccount - ## - annotations: {} -## Creates role for ServiceAccount -## @param rbac.create Create Role and RoleBinding (required for PSP to work) -## -rbac: - create: false - ## @param rbac.rules Custom RBAC rules to set - ## e.g: - ## rules: - ## - apiGroups: - ## - "" - ## resources: - ## - pods - ## verbs: - ## - get - ## - list - ## - rules: [] -## Pod Security Policy -## ref: https://kubernetes.io/docs/concepts/policy/pod-security-policy/ -## @param psp.create Whether to create a PodSecurityPolicy. WARNING: PodSecurityPolicy is deprecated in Kubernetes v1.21 or later, unavailable in v1.25 or later -## -psp: - create: false -## @section Metrics Parameters -## -metrics: - ## @param metrics.enabled Start a prometheus exporter - ## - enabled: false - ## @param metrics.image.registry [default: REGISTRY_NAME] PostgreSQL Prometheus Exporter image registry - ## @param metrics.image.repository [default: REPOSITORY_NAME/postgres-exporter] PostgreSQL Prometheus Exporter image repository - ## @skip metrics.image.tag PostgreSQL Prometheus Exporter image tag (immutable tags are recommended) - ## @param metrics.image.digest PostgreSQL image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag - ## @param metrics.image.pullPolicy PostgreSQL Prometheus Exporter image pull policy - ## @param metrics.image.pullSecrets Specify image pull secrets - ## - image: - registry: docker.io - repository: bitnami/postgres-exporter - tag: 0.15.0-debian-12-r36 - digest: "" - pullPolicy: IfNotPresent - ## Optionally specify an array of imagePullSecrets. - ## Secrets must be manually created in the namespace. - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ - ## Example: - ## pullSecrets: - ## - myRegistryKeySecretName - ## - pullSecrets: [] - ## @param metrics.collectors Control enabled collectors - ## ref: https://github.com/prometheus-community/postgres_exporter#flags - ## Example: - ## collectors: - ## wal: false - collectors: {} - ## @param metrics.customMetrics Define additional custom metrics - ## ref: https://github.com/prometheus-community/postgres_exporter#adding-new-metrics-via-a-config-file-deprecated - ## customMetrics: - ## pg_database: - ## query: "SELECT d.datname AS name, CASE WHEN pg_catalog.has_database_privilege(d.datname, 'CONNECT') THEN pg_catalog.pg_database_size(d.datname) ELSE 0 END AS size_bytes FROM pg_catalog.pg_database d where datname not in ('template0', 'template1', 'postgres')" - ## metrics: - ## - name: - ## usage: "LABEL" - ## description: "Name of the database" - ## - size_bytes: - ## usage: "GAUGE" - ## description: "Size of the database in bytes" - ## - customMetrics: {} - ## @param metrics.extraEnvVars Extra environment variables to add to PostgreSQL Prometheus exporter - ## see: https://github.com/prometheus-community/postgres_exporter#environment-variables - ## For example: - ## extraEnvVars: - ## - name: PG_EXPORTER_DISABLE_DEFAULT_METRICS - ## value: "true" - ## - extraEnvVars: [] - ## PostgreSQL Prometheus exporter containers' Security Context - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container - ## @param metrics.containerSecurityContext.enabled Enabled containers' Security Context - ## @param metrics.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container - ## @param metrics.containerSecurityContext.runAsUser Set containers' Security Context runAsUser - ## @param metrics.containerSecurityContext.runAsGroup Set containers' Security Context runAsGroup - ## @param metrics.containerSecurityContext.runAsNonRoot Set container's Security Context runAsNonRoot - ## @param metrics.containerSecurityContext.privileged Set container's Security Context privileged - ## @param metrics.containerSecurityContext.readOnlyRootFilesystem Set container's Security Context readOnlyRootFilesystem - ## @param metrics.containerSecurityContext.allowPrivilegeEscalation Set container's Security Context allowPrivilegeEscalation - ## @param metrics.containerSecurityContext.capabilities.drop List of capabilities to be dropped - ## @param metrics.containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile - ## - containerSecurityContext: - enabled: true - seLinuxOptions: {} - runAsUser: 1001 - runAsGroup: 1001 - runAsNonRoot: true - privileged: false - readOnlyRootFilesystem: true - allowPrivilegeEscalation: false - capabilities: - drop: ["ALL"] - seccompProfile: - type: "RuntimeDefault" - ## Configure extra options for PostgreSQL Prometheus exporter containers' liveness, readiness and startup probes - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#configure-probes - ## @param metrics.livenessProbe.enabled Enable livenessProbe on PostgreSQL Prometheus exporter containers - ## @param metrics.livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe - ## @param metrics.livenessProbe.periodSeconds Period seconds for livenessProbe - ## @param metrics.livenessProbe.timeoutSeconds Timeout seconds for livenessProbe - ## @param metrics.livenessProbe.failureThreshold Failure threshold for livenessProbe - ## @param metrics.livenessProbe.successThreshold Success threshold for livenessProbe - ## - livenessProbe: - enabled: true - initialDelaySeconds: 5 - periodSeconds: 10 - timeoutSeconds: 5 - failureThreshold: 6 - successThreshold: 1 - ## @param metrics.readinessProbe.enabled Enable readinessProbe on PostgreSQL Prometheus exporter containers - ## @param metrics.readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe - ## @param metrics.readinessProbe.periodSeconds Period seconds for readinessProbe - ## @param metrics.readinessProbe.timeoutSeconds Timeout seconds for readinessProbe - ## @param metrics.readinessProbe.failureThreshold Failure threshold for readinessProbe - ## @param metrics.readinessProbe.successThreshold Success threshold for readinessProbe - ## - readinessProbe: - enabled: true - initialDelaySeconds: 5 - periodSeconds: 10 - timeoutSeconds: 5 - failureThreshold: 6 - successThreshold: 1 - ## @param metrics.startupProbe.enabled Enable startupProbe on PostgreSQL Prometheus exporter containers - ## @param metrics.startupProbe.initialDelaySeconds Initial delay seconds for startupProbe - ## @param metrics.startupProbe.periodSeconds Period seconds for startupProbe - ## @param metrics.startupProbe.timeoutSeconds Timeout seconds for startupProbe - ## @param metrics.startupProbe.failureThreshold Failure threshold for startupProbe - ## @param metrics.startupProbe.successThreshold Success threshold for startupProbe - ## - startupProbe: - enabled: false - initialDelaySeconds: 10 - periodSeconds: 10 - timeoutSeconds: 1 - failureThreshold: 15 - successThreshold: 1 - ## @param metrics.customLivenessProbe Custom livenessProbe that overrides the default one - ## - customLivenessProbe: {} - ## @param metrics.customReadinessProbe Custom readinessProbe that overrides the default one - ## - customReadinessProbe: {} - ## @param metrics.customStartupProbe Custom startupProbe that overrides the default one - ## - customStartupProbe: {} - ## @param metrics.containerPorts.metrics PostgreSQL Prometheus exporter metrics container port - ## - containerPorts: - metrics: 9187 - ## PostgreSQL Prometheus exporter resource requests and limits - ## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ - ## @param metrics.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if metrics.resources is set (metrics.resources is recommended for production). - ## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15 - ## - resourcesPreset: "nano" - ## @param metrics.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads) - ## Example: - ## resources: - ## requests: - ## cpu: 2 - ## memory: 512Mi - ## limits: - ## cpu: 3 - ## memory: 1024Mi - ## - resources: {} - ## Service configuration - ## - service: - ## @param metrics.service.ports.metrics PostgreSQL Prometheus Exporter service port - ## - ports: - metrics: 9187 - ## @param metrics.service.clusterIP Static clusterIP or None for headless services - ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#choosing-your-own-ip-address - ## - clusterIP: "" - ## @param metrics.service.sessionAffinity Control where client requests go, to the same pod or round-robin - ## Values: ClientIP or None - ## ref: https://kubernetes.io/docs/concepts/services-networking/service/ - ## - sessionAffinity: None - ## @param metrics.service.annotations [object] Annotations for Prometheus to auto-discover the metrics endpoint - ## - annotations: - prometheus.io/scrape: "true" - prometheus.io/port: "{{ .Values.metrics.service.ports.metrics }}" - ## Prometheus Operator ServiceMonitor configuration - ## - serviceMonitor: - ## @param metrics.serviceMonitor.enabled Create ServiceMonitor Resource for scraping metrics using Prometheus Operator - ## - enabled: false - ## @param metrics.serviceMonitor.namespace Namespace for the ServiceMonitor Resource (defaults to the Release Namespace) - ## - namespace: "" - ## @param metrics.serviceMonitor.interval Interval at which metrics should be scraped. - ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint - ## - interval: "" - ## @param metrics.serviceMonitor.scrapeTimeout Timeout after which the scrape is ended - ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint - ## - scrapeTimeout: "" - ## @param metrics.serviceMonitor.labels Additional labels that can be used so ServiceMonitor will be discovered by Prometheus - ## - labels: {} - ## @param metrics.serviceMonitor.selector Prometheus instance selector labels - ## ref: https://github.com/bitnami/charts/tree/main/bitnami/prometheus-operator#prometheus-configuration - ## - selector: {} - ## @param metrics.serviceMonitor.relabelings RelabelConfigs to apply to samples before scraping - ## - relabelings: [] - ## @param metrics.serviceMonitor.metricRelabelings MetricRelabelConfigs to apply to samples before ingestion - ## - metricRelabelings: [] - ## @param metrics.serviceMonitor.honorLabels Specify honorLabels parameter to add the scrape endpoint - ## - honorLabels: false - ## @param metrics.serviceMonitor.jobLabel The name of the label on the target service to use as the job name in prometheus. - ## - jobLabel: "" - ## Custom PrometheusRule to be defined - ## The value is evaluated as a template, so, for example, the value can depend on .Release or .Chart - ## ref: https://github.com/coreos/prometheus-operator#customresourcedefinitions - ## - prometheusRule: - ## @param metrics.prometheusRule.enabled Create a PrometheusRule for Prometheus Operator - ## - enabled: false - ## @param metrics.prometheusRule.namespace Namespace for the PrometheusRule Resource (defaults to the Release Namespace) - ## - namespace: "" - ## @param metrics.prometheusRule.labels Additional labels that can be used so PrometheusRule will be discovered by Prometheus - ## - labels: {} - ## @param metrics.prometheusRule.rules PrometheusRule definitions - ## Make sure to constraint the rules to the current postgresql service. - ## rules: - ## - alert: HugeReplicationLag - ## expr: pg_replication_lag{service="{{ printf "%s-metrics" (include "common.names.fullname" .) }}"} / 3600 > 1 - ## for: 1m - ## labels: - ## severity: critical - ## annotations: - ## description: replication for {{ include "common.names.fullname" . }} PostgreSQL is lagging by {{ "{{ $value }}" }} hour(s). - ## summary: PostgreSQL replication is lagging by {{ "{{ $value }}" }} hour(s). - ## - rules: [] diff --git a/charts/postgresql/values-overrides.yaml b/charts/postgresql/values-overrides.yaml deleted file mode 100644 index 925c771..0000000 --- a/charts/postgresql/values-overrides.yaml +++ /dev/null @@ -1,14 +0,0 @@ -auth: - enablePostgresUser: true - existingSecret: postgresql - usePasswordFiles: false -architecture: replication -readReplicas: - replicaCount: 1 -replication: - syncronousCommit: on - numSyncronousReplicas: 1 - applicationName: futureporn -image: - debug: true -fullnameOverride: postgresql \ No newline at end of file diff --git a/charts/redis/redis/.helmignore b/charts/redis/redis/.helmignore deleted file mode 100644 index 207983f..0000000 --- a/charts/redis/redis/.helmignore +++ /dev/null @@ -1,25 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj -# img folder -img/ -# Changelog -CHANGELOG.md diff --git a/charts/redis/redis/Chart.lock b/charts/redis/redis/Chart.lock deleted file mode 100644 index 6a37b39..0000000 --- a/charts/redis/redis/Chart.lock +++ /dev/null @@ -1,6 +0,0 @@ -dependencies: -- name: common - repository: oci://registry-1.docker.io/bitnamicharts - version: 2.22.0 -digest: sha256:a8fb2fc887ead658a89598a48acde5324196fbc0509503a3eaed50a710fbfe74 -generated: "2024-08-09T13:57:12.563276536Z" diff --git a/charts/redis/redis/Chart.yaml b/charts/redis/redis/Chart.yaml deleted file mode 100644 index ce7a625..0000000 --- a/charts/redis/redis/Chart.yaml +++ /dev/null @@ -1,38 +0,0 @@ -annotations: - category: Database - images: | - - name: kubectl - image: docker.io/bitnami/kubectl:1.30.3-debian-12-r5 - - name: os-shell - image: docker.io/bitnami/os-shell:12-debian-12-r27 - - name: redis - image: docker.io/bitnami/redis:7.4.0-debian-12-r0 - - name: redis-exporter - image: docker.io/bitnami/redis-exporter:1.62.0-debian-12-r3 - - name: redis-sentinel - image: docker.io/bitnami/redis-sentinel:7.4.0-debian-12-r0 - licenses: Apache-2.0 -apiVersion: v2 -appVersion: 7.4.0 -dependencies: -- name: common - repository: oci://registry-1.docker.io/bitnamicharts - tags: - - bitnami-common - version: 2.x.x -description: Redis(R) is an open source, advanced key-value store. It is often referred - to as a data structure server since keys can contain strings, hashes, lists, sets - and sorted sets. -home: https://bitnami.com -icon: https://bitnami.com/assets/stacks/redis/img/redis-stack-220x234.png -keywords: -- redis -- keyvalue -- database -maintainers: -- name: Broadcom, Inc. All Rights Reserved. - url: https://github.com/bitnami/charts -name: redis -sources: -- https://github.com/bitnami/charts/tree/main/bitnami/redis -version: 20.0.1 diff --git a/charts/redis/redis/README.md b/charts/redis/redis/README.md deleted file mode 100644 index 250e24a..0000000 --- a/charts/redis/redis/README.md +++ /dev/null @@ -1,1280 +0,0 @@ - - -# Bitnami package for Redis(R) - -Redis(R) is an open source, advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. - -[Overview of Redis®](http://redis.io) - -Disclaimer: Redis is a registered trademark of Redis Ltd. Any rights therein are reserved to Redis Ltd. Any use by Bitnami is for referential purposes only and does not indicate any sponsorship, endorsement, or affiliation between Redis Ltd. - -## TL;DR - -```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/redis -``` - -Looking to use Redis® in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the commercial edition of the Bitnami catalog. - -## Introduction - -This chart bootstraps a [Redis®](https://github.com/bitnami/containers/tree/main/bitnami/redis) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. - -Bitnami charts can be used with [Kubeapps](https://kubeapps.dev/) for deployment and management of Helm Charts in clusters. - -### Choose between Redis® Helm Chart and Redis® Cluster Helm Chart - -You can choose any of the two Redis® Helm charts for deploying a Redis® cluster. - -1. [Redis® Helm Chart](https://github.com/bitnami/charts/tree/main/bitnami/redis) will deploy a master-replica cluster, with the [option](https://github.com/bitnami/charts/tree/main/bitnami/redis#redis-sentinel-configuration-parameters) of enabling using Redis® Sentinel. -2. [Redis® Cluster Helm Chart](https://github.com/bitnami/charts/tree/main/bitnami/redis-cluster) will deploy a Redis® Cluster topology with sharding. - -The main features of each chart are the following: - -| Redis® | Redis® Cluster | -|--------------------------------------------------------|------------------------------------------------------------------------| -| Supports multiple databases | Supports only one database. Better if you have a big dataset | -| Single write point (single master) | Multiple write points (multiple masters) | -| ![Redis® Topology](img/redis-topology.png) | ![Redis® Cluster Topology](img/redis-cluster-topology.png) | - -## Prerequisites - -- Kubernetes 1.23+ -- Helm 3.8.0+ -- PV provisioner support in the underlying infrastructure - -## Installing the Chart - -To install the chart with the release name `my-release`: - -```console -helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/redis -``` - -> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. - -The command deploys Redis® on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. - -> **Tip**: List all releases using `helm list` - -## Configuration and installation details - -### Resource requests and limits - -Bitnami charts allow setting resource requests and limits for all containers inside the chart deployment. These are inside the `resources` value (check parameter table). Setting requests is essential for production workloads and these should be adapted to your specific use case. - -To make this process easier, the chart contains the `resourcesPreset` values, which automatically sets the `resources` section according to different presets. Check these presets in [the bitnami/common chart](https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15). However, in production workloads using `resourcePreset` is discouraged as it may not fully adapt to your specific needs. Find more information on container resource management in the [official Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/). - -### [Rolling VS Immutable tags](https://docs.vmware.com/en/VMware-Tanzu-Application-Catalog/services/tutorials/GUID-understand-rolling-tags-containers-index.html) - -It is strongly recommended to use immutable tags in a production environment. This ensures your deployment does not change automatically if the same tag is updated with a different image. - -Bitnami will release a new chart updating its containers if a new version of the main container, significant changes, or critical vulnerabilities exist. - -### Use a different Redis® version - -To modify the application version used in this chart, specify a different version of the image using the `image.tag` parameter and/or a different repository using the `image.repository` parameter. - -### Bootstrapping with an External Cluster - -This chart is equipped with the ability to bring online a set of Pods that connect to an existing Redis deployment that lies outside of Kubernetes. This effectively creates a hybrid Redis Deployment where both Pods in Kubernetes and Instances such as Virtual Machines can partake in a single Redis Deployment. This is helpful in situations where one may be migrating Redis from Virtual Machines into Kubernetes, for example. To take advantage of this, use the following as an example configuration: - -```yaml -replica: - externalMaster: - enabled: true - host: external-redis-0.internal -sentinel: - externalMaster: - enabled: true - host: external-redis-0.internal -``` - -:warning: This is currently limited to clusters in which Sentinel and Redis run on the same node! :warning: - -Please also note that the external sentinel must be listening on port `26379`, and this is currently not configurable. - -Once the Kubernetes Redis Deployment is online and confirmed to be working with the existing cluster, the configuration can then be removed and the cluster will remain connected. - -### External DNS - -This chart is equipped to allow leveraging the ExternalDNS project. Doing so will enable ExternalDNS to publish the FQDN for each instance, in the format of `..`. -Example, when using the following configuration: - -```yaml -useExternalDNS: - enabled: true - suffix: prod.example.org - additionalAnnotations: - ttl: 10 -``` - -On a cluster where the name of the Helm release is `a`, the hostname of a Pod is generated as: `a-redis-node-0.a-redis.prod.example.org`. The IP of that FQDN will match that of the associated Pod. This modifies the following parameters of the Redis/Sentinel configuration using this new FQDN: - -- `replica-announce-ip` -- `known-sentinel` -- `known-replica` -- `announce-ip` - -:warning: This requires a working installation of `external-dns` to be fully functional. :warning: - -See the [official ExternalDNS documentation](https://github.com/kubernetes-sigs/external-dns) for additional configuration options. - -### Cluster topologies - -#### Default: Master-Replicas - -When installing the chart with `architecture=replication`, it will deploy a Redis® master StatefulSet and a Redis® replicas StatefulSet. The replicas will be read-replicas of the master. Two services will be exposed: - -- Redis® Master service: Points to the master, where read-write operations can be performed -- Redis® Replicas service: Points to the replicas, where only read operations are allowed by default. - -In case the master crashes, the replicas will wait until the master node is respawned again by the Kubernetes Controller Manager. - -#### Standalone - -When installing the chart with `architecture=standalone`, it will deploy a standalone Redis® StatefulSet. A single service will be exposed: - -- Redis® Master service: Points to the master, where read-write operations can be performed - -#### Master-Replicas with Sentinel - -When installing the chart with `architecture=replication` and `sentinel.enabled=true`, it will deploy a Redis® master StatefulSet (only one master allowed) and a Redis® replicas StatefulSet. In this case, the pods will contain an extra container with Redis® Sentinel. This container will form a cluster of Redis® Sentinel nodes, which will promote a new master in case the actual one fails. - -On graceful termination of the Redis® master pod, a failover of the master is initiated to promote a new master. The Redis® Sentinel container in this pod will wait for the failover to occur before terminating. If `sentinel.redisShutdownWaitFailover=true` is set (the default), the Redis® container will wait for the failover as well before terminating. This increases availability for reads during failover, but may cause stale reads until all clients have switched to the new master. - -In addition to this, only one service is exposed: - -- Redis® service: Exposes port 6379 for Redis® read-only operations and port 26379 for accessing Redis® Sentinel. - -For read-only operations, access the service using port 6379. For write operations, it's necessary to access the Redis® Sentinel cluster and query the current master using the command below (using redis-cli or similar): - -```console -SENTINEL get-master-addr-by-name -``` - -This command will return the address of the current master, which can be accessed from inside the cluster. - -In case the current master crashes, the Sentinel containers will elect a new master node. - -`master.count` greater than `1` is not designed for use when `sentinel.enabled=true`. - -### Multiple masters (experimental) - -When `master.count` is greater than `1`, special care must be taken to create a consistent setup. - -An example of use case is the creation of a redundant set of standalone masters or master-replicas per Kubernetes node where you must ensure: - -- No more than `1` master can be deployed per Kubernetes node -- Replicas and writers can only see the single master of their own Kubernetes node - -One way of achieving this is by setting `master.service.internalTrafficPolicy=Local` in combination with a `master.affinity.podAntiAffinity` spec to never schedule more than one master per Kubernetes node. - -It's recommended to only change `master.count` if you know what you are doing. -`master.count` greater than `1` is not designed for use when `sentinel.enabled=true`. - -### Using a password file - -To use a password file for Redis® you need to create a secret containing the password and then deploy the chart using that secret. Follow these instructions: - -- Create the secret with the password. It is important that the file with the password must be called `redis-password`. - -```console -kubectl create secret generic redis-password-secret --from-file=redis-password.yaml -``` - -- Deploy the Helm Chart using the secret name as parameter: - -```text -usePassword=true -usePasswordFile=true -existingSecret=redis-password-secret -sentinels.enabled=true -metrics.enabled=true -``` - -### Securing traffic using TLS - -TLS support can be enabled in the chart by specifying the `tls.` parameters while creating a release. The following parameters should be configured to properly enable the TLS support in the cluster: - -- `tls.enabled`: Enable TLS support. Defaults to `false` -- `tls.existingSecret`: Name of the secret that contains the certificates. No defaults. -- `tls.certFilename`: Certificate filename. No defaults. -- `tls.certKeyFilename`: Certificate key filename. No defaults. -- `tls.certCAFilename`: CA Certificate filename. No defaults. - -For example: - -First, create the secret with the certificates files: - -```console -kubectl create secret generic certificates-tls-secret --from-file=./cert.pem --from-file=./cert.key --from-file=./ca.pem -``` - -Then, use the following parameters: - -```console -tls.enabled="true" -tls.existingSecret="certificates-tls-secret" -tls.certFilename="cert.pem" -tls.certKeyFilename="cert.key" -tls.certCAFilename="ca.pem" -``` - -### Metrics - -The chart optionally can start a metrics exporter for [prometheus](https://prometheus.io). The metrics endpoint (port 9121) is exposed in the service. Metrics can be scraped from within the cluster using something similar as the described in the [example Prometheus scrape configuration](https://github.com/prometheus/prometheus/blob/master/documentation/examples/prometheus-kubernetes.yml). If metrics are to be scraped from outside the cluster, the Kubernetes API proxy can be utilized to access the endpoint. - -If you have enabled TLS by specifying `tls.enabled=true` you also need to specify TLS option to the metrics exporter. You can do that via `metrics.extraArgs`. You can find the metrics exporter CLI flags for TLS [here](https://github.com/oliver006/redis_exporter#command-line-flags). For example: - -You can either specify `metrics.extraArgs.skip-tls-verification=true` to skip TLS verification or providing the following values under `metrics.extraArgs` for TLS client authentication: - -```console -tls-client-key-file -tls-client-cert-file -tls-ca-cert-file -``` - -### Deploy a custom metrics script in the sidecar - -A custom Lua script can be added to the `redis-exporter` sidecar by way of the `metrics.extraArgs.script` parameter. The pathname of the script must exist on the container, or the `redis_exporter` process (and therefore the whole pod) will refuse to start. The script can be provided to the sidecar containers via the `metrics.extraVolumes` and `metrics.extraVolumeMounts` parameters: - -```yaml -metrics: - extraVolumeMounts: - - name: '{{ printf "%s-metrics-script-file" (include "common.names.fullname" .) }}' - mountPath: '{{ printf "/mnt/%s/" (include "common.names.name" .) }}' - readOnly: true - extraVolumes: - - name: '{{ printf "%s-metrics-script-file" (include "common.names.fullname" .) }}' - configMap: - name: '{{ printf "%s-metrics-script" (include "common.names.fullname" .) }}' - extraArgs: - script: '{{ printf "/mnt/%s/my_custom_metrics.lua" (include "common.names.name" .) }}' -``` - -Then deploy the script into the correct location via `extraDeploy`: - -```yaml -extraDeploy: - - apiVersion: v1 - kind: ConfigMap - metadata: - name: '{{ printf "%s-metrics-script" (include "common.names.fullname" .) }}' - data: - my_custom_metrics.lua: | - -- LUA SCRIPT CODE HERE, e.g., - return {'bitnami_makes_the_best_charts', '1'} -``` - -### Host Kernel Settings - -Redis® may require some changes in the kernel of the host machine to work as expected, in particular increasing the `somaxconn` value and disabling transparent huge pages. To do so, you can set up a privileged `initContainer` with the `sysctlImage` config values, for example: - -```yaml -sysctlImage: - enabled: true - mountHostSys: true - command: - - /bin/sh - - -c - - |- - install_packages procps - sysctl -w net.core.somaxconn=10000 - echo never > /host-sys/kernel/mm/transparent_hugepage/enabled -``` - -Alternatively, for Kubernetes 1.12+ you can set `securityContext.sysctls` which will configure `sysctls` for master and slave pods. Example: - -```yaml -securityContext: - sysctls: - - name: net.core.somaxconn - value: "10000" -``` - -Note that this will not disable transparent huge tables. - -### Backup and restore - -To backup and restore Redis deployments on Kubernetes, you will need to create a snapshot of the data in the source cluster, and later restore it in a new cluster with the new parameters. Follow the instructions below: - -#### Step 1: Backup the deployment - -- Connect to one of the nodes and start the Redis CLI tool. Then, run the commands below: - - ```text - $ kubectl exec -it my-release-master-0 bash - $ redis-cli - 127.0.0.1:6379> auth your_current_redis_password - OK - 127.0.0.1:6379> save - OK - ``` - -- Copy the dump file from the Redis node: - - ```console - kubectl cp my-release-master-0:/data/dump.rdb dump.rdb -c redis - ``` - -#### Step 2: Restore the data on the destination cluster - -To restore the data in a new cluster, you will need to create a PVC and then upload the *dump.rdb* file to the new volume. - -Follow the following steps: - -- In the [*values.yaml*](https://github.com/bitnami/charts/blob/main/bitnami/redis/values.yaml) file set the *appendonly* parameter to *no*. You can skip this step if it is already configured as *no* - - ```yaml - commonConfiguration: |- - # Enable AOF https://redis.io/topics/persistence#append-only-file - appendonly no - # Disable RDB persistence, AOF persistence already enabled. - save "" - ``` - - > *Note that the `Enable AOF` comment belongs to the original config file and what you're actually doing is disabling it. This change will only be neccessary for the temporal cluster you're creating to upload the dump.* - -- Start the new cluster to create the PVCs. Use the command below as an example: - - ```console - helm install new-redis -f values.yaml . --set cluster.enabled=true --set cluster.slaveCount=3 - ``` - -- Now that the PVC were created, stop it and copy the *dump.rdp* file on the persisted data by using a helping pod. - - ```text - $ helm delete new-redis - - $ kubectl run --generator=run-pod/v1 -i --rm --tty volpod --overrides=' - { - "apiVersion": "v1", - "kind": "Pod", - "metadata": { - "name": "redisvolpod" - }, - "spec": { - "containers": [{ - "command": [ - "tail", - "-f", - "/dev/null" - ], - "image": "bitnami/minideb", - "name": "mycontainer", - "volumeMounts": [{ - "mountPath": "/mnt", - "name": "redisdata" - }] - }], - "restartPolicy": "Never", - "volumes": [{ - "name": "redisdata", - "persistentVolumeClaim": { - "claimName": "redis-data-new-redis-master-0" - } - }] - } - }' --image="bitnami/minideb" - - $ kubectl cp dump.rdb redisvolpod:/mnt/dump.rdb - $ kubectl delete pod volpod - ``` - -- Restart the cluster: - - > **INFO:** The *appendonly* parameter can be safely restored to your desired value. - - ```console - helm install new-redis -f values.yaml . --set cluster.enabled=true --set cluster.slaveCount=3 - ``` - -### NetworkPolicy - -To enable network policy for Redis®, install [a networking plugin that implements the Kubernetes NetworkPolicy spec](https://kubernetes.io/docs/tasks/administer-cluster/declare-network-policy#before-you-begin), and set `networkPolicy.enabled` to `true`. - -With NetworkPolicy enabled, only pods with the generated client label will be able to connect to Redis. This label will be displayed in the output after a successful install. - -With `networkPolicy.ingressNSMatchLabels` pods from other namespaces can connect to Redis. Set `networkPolicy.ingressNSPodMatchLabels` to match pod labels in matched namespace. For example, for a namespace labeled `redis=external` and pods in that namespace labeled `redis-client=true` the fields should be set: - -```yaml -networkPolicy: - enabled: true - ingressNSMatchLabels: - redis: external - ingressNSPodMatchLabels: - redis-client: true -``` - -#### Setting Pod's affinity - -This chart allows you to set your custom affinity using the `XXX.affinity` parameter(s). Find more information about Pod's affinity in the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity). - -As an alternative, you can use of the preset configurations for pod affinity, pod anti-affinity, and node affinity available at the [bitnami/common](https://github.com/bitnami/charts/tree/main/bitnami/common#affinities) chart. To do so, set the `XXX.podAffinityPreset`, `XXX.podAntiAffinityPreset`, or `XXX.nodeAffinityPreset` parameters. - -## Persistence - -By default, the chart mounts a [Persistent Volume](https://kubernetes.io/docs/concepts/storage/persistent-volumes/) at the `/data` path. The volume is created using dynamic volume provisioning. If a Persistent Volume Claim already exists, specify it during installation. - -### Existing PersistentVolumeClaim - -1. Create the PersistentVolume -2. Create the PersistentVolumeClaim -3. Install the chart - -```console -helm install my-release --set master.persistence.existingClaim=PVC_NAME oci://REGISTRY_NAME/REPOSITORY_NAME/redis -``` - -> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. - -## Parameters - -### Global parameters - -| Name | Description | Value | -| ----------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------ | -| `global.imageRegistry` | Global Docker image registry | `""` | -| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` | -| `global.defaultStorageClass` | Global default StorageClass for Persistent Volume(s) | `""` | -| `global.storageClass` | DEPRECATED: use global.defaultStorageClass instead | `""` | -| `global.redis.password` | Global Redis® password (overrides `auth.password`) | `""` | -| `global.compatibility.openshift.adaptSecurityContext` | Adapt the securityContext sections of the deployment to make them compatible with Openshift restricted-v2 SCC: remove runAsUser, runAsGroup and fsGroup and let the platform use their allowed default IDs. Possible values: auto (apply if the detected running cluster is Openshift), force (perform the adaptation always), disabled (do not perform adaptation) | `auto` | - -### Common parameters - -| Name | Description | Value | -| ------------------------- | -------------------------------------------------------------------------------------------------------------- | --------------- | -| `kubeVersion` | Override Kubernetes version | `""` | -| `nameOverride` | String to partially override common.names.fullname | `""` | -| `fullnameOverride` | String to fully override common.names.fullname | `""` | -| `namespaceOverride` | String to fully override common.names.namespace | `""` | -| `commonLabels` | Labels to add to all deployed objects | `{}` | -| `commonAnnotations` | Annotations to add to all deployed objects | `{}` | -| `secretAnnotations` | Annotations to add to secret | `{}` | -| `clusterDomain` | Kubernetes cluster domain name | `cluster.local` | -| `extraDeploy` | Array of extra objects to deploy with the release | `[]` | -| `useHostnames` | Use hostnames internally when announcing replication. If false, the hostname will be resolved to an IP address | `true` | -| `nameResolutionThreshold` | Failure threshold for internal hostnames resolution | `5` | -| `nameResolutionTimeout` | Timeout seconds between probes for internal hostnames resolution | `5` | -| `diagnosticMode.enabled` | Enable diagnostic mode (all probes will be disabled and the command will be overridden) | `false` | -| `diagnosticMode.command` | Command to override all containers in the deployment | `["sleep"]` | -| `diagnosticMode.args` | Args to override all containers in the deployment | `["infinity"]` | - -### Redis® Image parameters - -| Name | Description | Value | -| ------------------- | ---------------------------------------------------------------------------------------------------------- | ----------------------- | -| `image.registry` | Redis® image registry | `REGISTRY_NAME` | -| `image.repository` | Redis® image repository | `REPOSITORY_NAME/redis` | -| `image.digest` | Redis® image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | Redis® image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Redis® image pull secrets | `[]` | -| `image.debug` | Enable image debug mode | `false` | - -### Redis® common configuration parameters - -| Name | Description | Value | -| -------------------------------- | ------------------------------------------------------------------------------------- | ------------- | -| `architecture` | Redis® architecture. Allowed values: `standalone` or `replication` | `replication` | -| `auth.enabled` | Enable password authentication | `true` | -| `auth.sentinel` | Enable password authentication on sentinels too | `true` | -| `auth.password` | Redis® password | `""` | -| `auth.existingSecret` | The name of an existing secret with Redis® credentials | `""` | -| `auth.existingSecretPasswordKey` | Password key to be retrieved from existing secret | `""` | -| `auth.usePasswordFiles` | Mount credentials as files instead of using an environment variable | `false` | -| `auth.usePasswordFileFromSecret` | Mount password file from secret | `true` | -| `commonConfiguration` | Common configuration to be added into the ConfigMap | `""` | -| `existingConfigmap` | The name of an existing ConfigMap with your custom configuration for Redis® nodes | `""` | - -### Redis® master configuration parameters - -| Name | Description | Value | -| ---------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------ | -| `master.count` | Number of Redis® master instances to deploy (experimental, requires additional configuration) | `1` | -| `master.revisionHistoryLimit` | The number of old history to retain to allow rollback | `10` | -| `master.configuration` | Configuration for Redis® master nodes | `""` | -| `master.disableCommands` | Array with Redis® commands to disable on master nodes | `["FLUSHDB","FLUSHALL"]` | -| `master.command` | Override default container command (useful when using custom images) | `[]` | -| `master.args` | Override default container args (useful when using custom images) | `[]` | -| `master.enableServiceLinks` | Whether information about services should be injected into pod's environment variable | `true` | -| `master.preExecCmds` | Additional commands to run prior to starting Redis® master | `[]` | -| `master.extraFlags` | Array with additional command line flags for Redis® master | `[]` | -| `master.extraEnvVars` | Array with extra environment variables to add to Redis® master nodes | `[]` | -| `master.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Redis® master nodes | `""` | -| `master.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Redis® master nodes | `""` | -| `master.containerPorts.redis` | Container port to open on Redis® master nodes | `6379` | -| `master.startupProbe.enabled` | Enable startupProbe on Redis® master nodes | `false` | -| `master.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `20` | -| `master.startupProbe.periodSeconds` | Period seconds for startupProbe | `5` | -| `master.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | -| `master.startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` | -| `master.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `master.livenessProbe.enabled` | Enable livenessProbe on Redis® master nodes | `true` | -| `master.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `20` | -| `master.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `5` | -| `master.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `master.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | -| `master.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `master.readinessProbe.enabled` | Enable readinessProbe on Redis® master nodes | `true` | -| `master.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `20` | -| `master.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `5` | -| `master.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | -| `master.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | -| `master.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `master.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `master.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `master.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `master.resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if master.resources is set (master.resources is recommended for production). | `nano` | -| `master.resources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` | -| `master.podSecurityContext.enabled` | Enabled Redis® master pods' Security Context | `true` | -| `master.podSecurityContext.fsGroupChangePolicy` | Set filesystem group change policy | `Always` | -| `master.podSecurityContext.sysctls` | Set kernel settings using the sysctl interface | `[]` | -| `master.podSecurityContext.supplementalGroups` | Set filesystem extra groups | `[]` | -| `master.podSecurityContext.fsGroup` | Set Redis® master pod's Security Context fsGroup | `1001` | -| `master.containerSecurityContext.enabled` | Enabled Redis® master containers' Security Context | `true` | -| `master.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `{}` | -| `master.containerSecurityContext.runAsUser` | Set Redis® master containers' Security Context runAsUser | `1001` | -| `master.containerSecurityContext.runAsGroup` | Set Redis® master containers' Security Context runAsGroup | `1001` | -| `master.containerSecurityContext.runAsNonRoot` | Set Redis® master containers' Security Context runAsNonRoot | `true` | -| `master.containerSecurityContext.allowPrivilegeEscalation` | Is it possible to escalate Redis® pod(s) privileges | `false` | -| `master.containerSecurityContext.readOnlyRootFilesystem` | Set container's Security Context read-only root filesystem | `true` | -| `master.containerSecurityContext.seccompProfile.type` | Set Redis® master containers' Security Context seccompProfile | `RuntimeDefault` | -| `master.containerSecurityContext.capabilities.drop` | Set Redis® master containers' Security Context capabilities to drop | `["ALL"]` | -| `master.kind` | Use either Deployment, StatefulSet (default) or DaemonSet | `StatefulSet` | -| `master.schedulerName` | Alternate scheduler for Redis® master pods | `""` | -| `master.updateStrategy.type` | Redis® master statefulset strategy type | `RollingUpdate` | -| `master.minReadySeconds` | How many seconds a pod needs to be ready before killing the next, during update | `0` | -| `master.priorityClassName` | Redis® master pods' priorityClassName | `""` | -| `master.automountServiceAccountToken` | Mount Service Account token in pod | `false` | -| `master.hostAliases` | Redis® master pods host aliases | `[]` | -| `master.podLabels` | Extra labels for Redis® master pods | `{}` | -| `master.podAnnotations` | Annotations for Redis® master pods | `{}` | -| `master.shareProcessNamespace` | Share a single process namespace between all of the containers in Redis® master pods | `false` | -| `master.podAffinityPreset` | Pod affinity preset. Ignored if `master.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `master.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `master.affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `master.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `master.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `master.nodeAffinityPreset.key` | Node label key to match. Ignored if `master.affinity` is set | `""` | -| `master.nodeAffinityPreset.values` | Node label values to match. Ignored if `master.affinity` is set | `[]` | -| `master.affinity` | Affinity for Redis® master pods assignment | `{}` | -| `master.nodeSelector` | Node labels for Redis® master pods assignment | `{}` | -| `master.tolerations` | Tolerations for Redis® master pods assignment | `[]` | -| `master.topologySpreadConstraints` | Spread Constraints for Redis® master pod assignment | `[]` | -| `master.dnsPolicy` | DNS Policy for Redis® master pod | `""` | -| `master.dnsConfig` | DNS Configuration for Redis® master pod | `{}` | -| `master.lifecycleHooks` | for the Redis® master container(s) to automate configuration before or after startup | `{}` | -| `master.extraVolumes` | Optionally specify extra list of additional volumes for the Redis® master pod(s) | `[]` | -| `master.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Redis® master container(s) | `[]` | -| `master.sidecars` | Add additional sidecar containers to the Redis® master pod(s) | `[]` | -| `master.initContainers` | Add additional init containers to the Redis® master pod(s) | `[]` | -| `master.persistence.enabled` | Enable persistence on Redis® master nodes using Persistent Volume Claims | `true` | -| `master.persistence.medium` | Provide a medium for `emptyDir` volumes. | `""` | -| `master.persistence.sizeLimit` | Set this to enable a size limit for `emptyDir` volumes. | `""` | -| `master.persistence.path` | The path the volume will be mounted at on Redis® master containers | `/data` | -| `master.persistence.subPath` | The subdirectory of the volume to mount on Redis® master containers | `""` | -| `master.persistence.subPathExpr` | Used to construct the subPath subdirectory of the volume to mount on Redis® master containers | `""` | -| `master.persistence.storageClass` | Persistent Volume storage class | `""` | -| `master.persistence.accessModes` | Persistent Volume access modes | `["ReadWriteOnce"]` | -| `master.persistence.size` | Persistent Volume size | `8Gi` | -| `master.persistence.annotations` | Additional custom annotations for the PVC | `{}` | -| `master.persistence.labels` | Additional custom labels for the PVC | `{}` | -| `master.persistence.selector` | Additional labels to match for the PVC | `{}` | -| `master.persistence.dataSource` | Custom PVC data source | `{}` | -| `master.persistence.existingClaim` | Use a existing PVC which must be created manually before bound | `""` | -| `master.persistentVolumeClaimRetentionPolicy.enabled` | Controls if and how PVCs are deleted during the lifecycle of a StatefulSet | `false` | -| `master.persistentVolumeClaimRetentionPolicy.whenScaled` | Volume retention behavior when the replica count of the StatefulSet is reduced | `Retain` | -| `master.persistentVolumeClaimRetentionPolicy.whenDeleted` | Volume retention behavior that applies when the StatefulSet is deleted | `Retain` | -| `master.service.type` | Redis® master service type | `ClusterIP` | -| `master.service.portNames.redis` | Redis® master service port name | `tcp-redis` | -| `master.service.ports.redis` | Redis® master service port | `6379` | -| `master.service.nodePorts.redis` | Node port for Redis® master | `""` | -| `master.service.externalTrafficPolicy` | Redis® master service external traffic policy | `Cluster` | -| `master.service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | -| `master.service.internalTrafficPolicy` | Redis® master service internal traffic policy (requires Kubernetes v1.22 or greater to be usable) | `Cluster` | -| `master.service.clusterIP` | Redis® master service Cluster IP | `""` | -| `master.service.loadBalancerIP` | Redis® master service Load Balancer IP | `""` | -| `master.service.loadBalancerClass` | master service Load Balancer class if service type is `LoadBalancer` (optional, cloud specific) | `""` | -| `master.service.loadBalancerSourceRanges` | Redis® master service Load Balancer sources | `[]` | -| `master.service.externalIPs` | Redis® master service External IPs | `[]` | -| `master.service.annotations` | Additional custom annotations for Redis® master service | `{}` | -| `master.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | -| `master.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | -| `master.terminationGracePeriodSeconds` | Integer setting the termination grace period for the redis-master pods | `30` | -| `master.serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | -| `master.serviceAccount.name` | The name of the ServiceAccount to use. | `""` | -| `master.serviceAccount.automountServiceAccountToken` | Whether to auto mount the service account token | `false` | -| `master.serviceAccount.annotations` | Additional custom annotations for the ServiceAccount | `{}` | -| `master.pdb.create` | Enable/disable a Pod Disruption Budget creation | `true` | -| `master.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `{}` | -| `master.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable. Defaults to `1` if both `master.pdb.minAvailable` and `master.pdb.maxUnavailable` are empty. | `{}` | - -### Redis® replicas configuration parameters - -| Name | Description | Value | -| ----------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------ | -| `replica.kind` | Use either DaemonSet or StatefulSet (default) | `StatefulSet` | -| `replica.replicaCount` | Number of Redis® replicas to deploy | `3` | -| `replica.revisionHistoryLimit` | The number of old history to retain to allow rollback | `10` | -| `replica.configuration` | Configuration for Redis® replicas nodes | `""` | -| `replica.disableCommands` | Array with Redis® commands to disable on replicas nodes | `["FLUSHDB","FLUSHALL"]` | -| `replica.command` | Override default container command (useful when using custom images) | `[]` | -| `replica.args` | Override default container args (useful when using custom images) | `[]` | -| `replica.enableServiceLinks` | Whether information about services should be injected into pod's environment variable | `true` | -| `replica.preExecCmds` | Additional commands to run prior to starting Redis® replicas | `[]` | -| `replica.extraFlags` | Array with additional command line flags for Redis® replicas | `[]` | -| `replica.extraEnvVars` | Array with extra environment variables to add to Redis® replicas nodes | `[]` | -| `replica.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Redis® replicas nodes | `""` | -| `replica.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Redis® replicas nodes | `""` | -| `replica.externalMaster.enabled` | Use external master for bootstrapping | `false` | -| `replica.externalMaster.host` | External master host to bootstrap from | `""` | -| `replica.externalMaster.port` | Port for Redis service external master host | `6379` | -| `replica.containerPorts.redis` | Container port to open on Redis® replicas nodes | `6379` | -| `replica.startupProbe.enabled` | Enable startupProbe on Redis® replicas nodes | `true` | -| `replica.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `10` | -| `replica.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `replica.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | -| `replica.startupProbe.failureThreshold` | Failure threshold for startupProbe | `22` | -| `replica.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `replica.livenessProbe.enabled` | Enable livenessProbe on Redis® replicas nodes | `true` | -| `replica.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `20` | -| `replica.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `5` | -| `replica.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `replica.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | -| `replica.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `replica.readinessProbe.enabled` | Enable readinessProbe on Redis® replicas nodes | `true` | -| `replica.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `20` | -| `replica.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `5` | -| `replica.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | -| `replica.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | -| `replica.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `replica.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `replica.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `replica.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `replica.resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if replica.resources is set (replica.resources is recommended for production). | `nano` | -| `replica.resources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` | -| `replica.podSecurityContext.enabled` | Enabled Redis® replicas pods' Security Context | `true` | -| `replica.podSecurityContext.fsGroupChangePolicy` | Set filesystem group change policy | `Always` | -| `replica.podSecurityContext.sysctls` | Set kernel settings using the sysctl interface | `[]` | -| `replica.podSecurityContext.supplementalGroups` | Set filesystem extra groups | `[]` | -| `replica.podSecurityContext.fsGroup` | Set Redis® replicas pod's Security Context fsGroup | `1001` | -| `replica.containerSecurityContext.enabled` | Enabled Redis® replicas containers' Security Context | `true` | -| `replica.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `{}` | -| `replica.containerSecurityContext.runAsUser` | Set Redis® replicas containers' Security Context runAsUser | `1001` | -| `replica.containerSecurityContext.runAsGroup` | Set Redis® replicas containers' Security Context runAsGroup | `1001` | -| `replica.containerSecurityContext.runAsNonRoot` | Set Redis® replicas containers' Security Context runAsNonRoot | `true` | -| `replica.containerSecurityContext.allowPrivilegeEscalation` | Set Redis® replicas pod's Security Context allowPrivilegeEscalation | `false` | -| `replica.containerSecurityContext.readOnlyRootFilesystem` | Set container's Security Context read-only root filesystem | `true` | -| `replica.containerSecurityContext.seccompProfile.type` | Set Redis® replicas containers' Security Context seccompProfile | `RuntimeDefault` | -| `replica.containerSecurityContext.capabilities.drop` | Set Redis® replicas containers' Security Context capabilities to drop | `["ALL"]` | -| `replica.schedulerName` | Alternate scheduler for Redis® replicas pods | `""` | -| `replica.updateStrategy.type` | Redis® replicas statefulset strategy type | `RollingUpdate` | -| `replica.minReadySeconds` | How many seconds a pod needs to be ready before killing the next, during update | `0` | -| `replica.priorityClassName` | Redis® replicas pods' priorityClassName | `""` | -| `replica.podManagementPolicy` | podManagementPolicy to manage scaling operation of %%MAIN_CONTAINER_NAME%% pods | `""` | -| `replica.automountServiceAccountToken` | Mount Service Account token in pod | `false` | -| `replica.hostAliases` | Redis® replicas pods host aliases | `[]` | -| `replica.podLabels` | Extra labels for Redis® replicas pods | `{}` | -| `replica.podAnnotations` | Annotations for Redis® replicas pods | `{}` | -| `replica.shareProcessNamespace` | Share a single process namespace between all of the containers in Redis® replicas pods | `false` | -| `replica.podAffinityPreset` | Pod affinity preset. Ignored if `replica.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `replica.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `replica.affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `replica.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `replica.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `replica.nodeAffinityPreset.key` | Node label key to match. Ignored if `replica.affinity` is set | `""` | -| `replica.nodeAffinityPreset.values` | Node label values to match. Ignored if `replica.affinity` is set | `[]` | -| `replica.affinity` | Affinity for Redis® replicas pods assignment | `{}` | -| `replica.nodeSelector` | Node labels for Redis® replicas pods assignment | `{}` | -| `replica.tolerations` | Tolerations for Redis® replicas pods assignment | `[]` | -| `replica.topologySpreadConstraints` | Spread Constraints for Redis® replicas pod assignment | `[]` | -| `replica.dnsPolicy` | DNS Policy for Redis® replica pods | `""` | -| `replica.dnsConfig` | DNS Configuration for Redis® replica pods | `{}` | -| `replica.lifecycleHooks` | for the Redis® replica container(s) to automate configuration before or after startup | `{}` | -| `replica.extraVolumes` | Optionally specify extra list of additional volumes for the Redis® replicas pod(s) | `[]` | -| `replica.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Redis® replicas container(s) | `[]` | -| `replica.sidecars` | Add additional sidecar containers to the Redis® replicas pod(s) | `[]` | -| `replica.initContainers` | Add additional init containers to the Redis® replicas pod(s) | `[]` | -| `replica.persistence.enabled` | Enable persistence on Redis® replicas nodes using Persistent Volume Claims | `true` | -| `replica.persistence.medium` | Provide a medium for `emptyDir` volumes. | `""` | -| `replica.persistence.sizeLimit` | Set this to enable a size limit for `emptyDir` volumes. | `""` | -| `replica.persistence.path` | The path the volume will be mounted at on Redis® replicas containers | `/data` | -| `replica.persistence.subPath` | The subdirectory of the volume to mount on Redis® replicas containers | `""` | -| `replica.persistence.subPathExpr` | Used to construct the subPath subdirectory of the volume to mount on Redis® replicas containers | `""` | -| `replica.persistence.storageClass` | Persistent Volume storage class | `""` | -| `replica.persistence.accessModes` | Persistent Volume access modes | `["ReadWriteOnce"]` | -| `replica.persistence.size` | Persistent Volume size | `8Gi` | -| `replica.persistence.annotations` | Additional custom annotations for the PVC | `{}` | -| `replica.persistence.labels` | Additional custom labels for the PVC | `{}` | -| `replica.persistence.selector` | Additional labels to match for the PVC | `{}` | -| `replica.persistence.dataSource` | Custom PVC data source | `{}` | -| `replica.persistence.existingClaim` | Use a existing PVC which must be created manually before bound | `""` | -| `replica.persistentVolumeClaimRetentionPolicy.enabled` | Controls if and how PVCs are deleted during the lifecycle of a StatefulSet | `false` | -| `replica.persistentVolumeClaimRetentionPolicy.whenScaled` | Volume retention behavior when the replica count of the StatefulSet is reduced | `Retain` | -| `replica.persistentVolumeClaimRetentionPolicy.whenDeleted` | Volume retention behavior that applies when the StatefulSet is deleted | `Retain` | -| `replica.service.type` | Redis® replicas service type | `ClusterIP` | -| `replica.service.ports.redis` | Redis® replicas service port | `6379` | -| `replica.service.nodePorts.redis` | Node port for Redis® replicas | `""` | -| `replica.service.externalTrafficPolicy` | Redis® replicas service external traffic policy | `Cluster` | -| `replica.service.internalTrafficPolicy` | Redis® replicas service internal traffic policy (requires Kubernetes v1.22 or greater to be usable) | `Cluster` | -| `replica.service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | -| `replica.service.clusterIP` | Redis® replicas service Cluster IP | `""` | -| `replica.service.loadBalancerIP` | Redis® replicas service Load Balancer IP | `""` | -| `replica.service.loadBalancerClass` | replicas service Load Balancer class if service type is `LoadBalancer` (optional, cloud specific) | `""` | -| `replica.service.loadBalancerSourceRanges` | Redis® replicas service Load Balancer sources | `[]` | -| `replica.service.annotations` | Additional custom annotations for Redis® replicas service | `{}` | -| `replica.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | -| `replica.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | -| `replica.terminationGracePeriodSeconds` | Integer setting the termination grace period for the redis-replicas pods | `30` | -| `replica.autoscaling.enabled` | Enable replica autoscaling settings | `false` | -| `replica.autoscaling.minReplicas` | Minimum replicas for the pod autoscaling | `1` | -| `replica.autoscaling.maxReplicas` | Maximum replicas for the pod autoscaling | `11` | -| `replica.autoscaling.targetCPU` | Percentage of CPU to consider when autoscaling | `""` | -| `replica.autoscaling.targetMemory` | Percentage of Memory to consider when autoscaling | `""` | -| `replica.serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | -| `replica.serviceAccount.name` | The name of the ServiceAccount to use. | `""` | -| `replica.serviceAccount.automountServiceAccountToken` | Whether to auto mount the service account token | `false` | -| `replica.serviceAccount.annotations` | Additional custom annotations for the ServiceAccount | `{}` | -| `replica.pdb.create` | Enable/disable a Pod Disruption Budget creation | `true` | -| `replica.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `{}` | -| `replica.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable. Defaults to `1` if both `replica.pdb.minAvailable` and `replica.pdb.maxUnavailable` are empty. | `{}` | - -### Redis® Sentinel configuration parameters - -| Name | Description | Value | -| ------------------------------------------------------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------- | -| `sentinel.enabled` | Use Redis® Sentinel on Redis® pods. | `false` | -| `sentinel.image.registry` | Redis® Sentinel image registry | `REGISTRY_NAME` | -| `sentinel.image.repository` | Redis® Sentinel image repository | `REPOSITORY_NAME/redis-sentinel` | -| `sentinel.image.digest` | Redis® Sentinel image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `sentinel.image.pullPolicy` | Redis® Sentinel image pull policy | `IfNotPresent` | -| `sentinel.image.pullSecrets` | Redis® Sentinel image pull secrets | `[]` | -| `sentinel.image.debug` | Enable image debug mode | `false` | -| `sentinel.annotations` | Additional custom annotations for Redis® Sentinel resource | `{}` | -| `sentinel.masterSet` | Master set name | `mymaster` | -| `sentinel.quorum` | Sentinel Quorum | `2` | -| `sentinel.getMasterTimeout` | Amount of time to allow before get_sentinel_master_info() times out. | `90` | -| `sentinel.automateClusterRecovery` | Automate cluster recovery in cases where the last replica is not considered a good replica and Sentinel won't automatically failover to it. | `false` | -| `sentinel.redisShutdownWaitFailover` | Whether the Redis® master container waits for the failover at shutdown (in addition to the Redis® Sentinel container). | `true` | -| `sentinel.downAfterMilliseconds` | Timeout for detecting a Redis® node is down | `60000` | -| `sentinel.failoverTimeout` | Timeout for performing a election failover | `180000` | -| `sentinel.parallelSyncs` | Number of replicas that can be reconfigured in parallel to use the new master after a failover | `1` | -| `sentinel.configuration` | Configuration for Redis® Sentinel nodes | `""` | -| `sentinel.command` | Override default container command (useful when using custom images) | `[]` | -| `sentinel.args` | Override default container args (useful when using custom images) | `[]` | -| `sentinel.enableServiceLinks` | Whether information about services should be injected into pod's environment variable | `true` | -| `sentinel.preExecCmds` | Additional commands to run prior to starting Redis® Sentinel | `[]` | -| `sentinel.extraEnvVars` | Array with extra environment variables to add to Redis® Sentinel nodes | `[]` | -| `sentinel.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Redis® Sentinel nodes | `""` | -| `sentinel.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Redis® Sentinel nodes | `""` | -| `sentinel.externalMaster.enabled` | Use external master for bootstrapping | `false` | -| `sentinel.externalMaster.host` | External master host to bootstrap from | `""` | -| `sentinel.externalMaster.port` | Port for Redis service external master host | `6379` | -| `sentinel.containerPorts.sentinel` | Container port to open on Redis® Sentinel nodes | `26379` | -| `sentinel.startupProbe.enabled` | Enable startupProbe on Redis® Sentinel nodes | `true` | -| `sentinel.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `10` | -| `sentinel.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `sentinel.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | -| `sentinel.startupProbe.failureThreshold` | Failure threshold for startupProbe | `22` | -| `sentinel.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `sentinel.livenessProbe.enabled` | Enable livenessProbe on Redis® Sentinel nodes | `true` | -| `sentinel.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `20` | -| `sentinel.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `sentinel.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `sentinel.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | -| `sentinel.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `sentinel.readinessProbe.enabled` | Enable readinessProbe on Redis® Sentinel nodes | `true` | -| `sentinel.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `20` | -| `sentinel.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `5` | -| `sentinel.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | -| `sentinel.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | -| `sentinel.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `sentinel.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `sentinel.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `sentinel.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `sentinel.persistence.enabled` | Enable persistence on Redis® sentinel nodes using Persistent Volume Claims (Experimental) | `false` | -| `sentinel.persistence.storageClass` | Persistent Volume storage class | `""` | -| `sentinel.persistence.accessModes` | Persistent Volume access modes | `["ReadWriteOnce"]` | -| `sentinel.persistence.size` | Persistent Volume size | `100Mi` | -| `sentinel.persistence.annotations` | Additional custom annotations for the PVC | `{}` | -| `sentinel.persistence.labels` | Additional custom labels for the PVC | `{}` | -| `sentinel.persistence.selector` | Additional labels to match for the PVC | `{}` | -| `sentinel.persistence.dataSource` | Custom PVC data source | `{}` | -| `sentinel.persistence.medium` | Provide a medium for `emptyDir` volumes. | `""` | -| `sentinel.persistence.sizeLimit` | Set this to enable a size limit for `emptyDir` volumes. | `""` | -| `sentinel.persistentVolumeClaimRetentionPolicy.enabled` | Controls if and how PVCs are deleted during the lifecycle of a StatefulSet | `false` | -| `sentinel.persistentVolumeClaimRetentionPolicy.whenScaled` | Volume retention behavior when the replica count of the StatefulSet is reduced | `Retain` | -| `sentinel.persistentVolumeClaimRetentionPolicy.whenDeleted` | Volume retention behavior that applies when the StatefulSet is deleted | `Retain` | -| `sentinel.resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if sentinel.resources is set (sentinel.resources is recommended for production). | `nano` | -| `sentinel.resources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` | -| `sentinel.containerSecurityContext.enabled` | Enabled Redis® Sentinel containers' Security Context | `true` | -| `sentinel.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `{}` | -| `sentinel.containerSecurityContext.runAsUser` | Set Redis® Sentinel containers' Security Context runAsUser | `1001` | -| `sentinel.containerSecurityContext.runAsGroup` | Set Redis® Sentinel containers' Security Context runAsGroup | `1001` | -| `sentinel.containerSecurityContext.runAsNonRoot` | Set Redis® Sentinel containers' Security Context runAsNonRoot | `true` | -| `sentinel.containerSecurityContext.readOnlyRootFilesystem` | Set container's Security Context read-only root filesystem | `true` | -| `sentinel.containerSecurityContext.allowPrivilegeEscalation` | Set Redis® Sentinel containers' Security Context allowPrivilegeEscalation | `false` | -| `sentinel.containerSecurityContext.seccompProfile.type` | Set Redis® Sentinel containers' Security Context seccompProfile | `RuntimeDefault` | -| `sentinel.containerSecurityContext.capabilities.drop` | Set Redis® Sentinel containers' Security Context capabilities to drop | `["ALL"]` | -| `sentinel.lifecycleHooks` | for the Redis® sentinel container(s) to automate configuration before or after startup | `{}` | -| `sentinel.extraVolumes` | Optionally specify extra list of additional volumes for the Redis® Sentinel | `[]` | -| `sentinel.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Redis® Sentinel container(s) | `[]` | -| `sentinel.service.type` | Redis® Sentinel service type | `ClusterIP` | -| `sentinel.service.ports.redis` | Redis® service port for Redis® | `6379` | -| `sentinel.service.ports.sentinel` | Redis® service port for Redis® Sentinel | `26379` | -| `sentinel.service.nodePorts.redis` | Node port for Redis® | `""` | -| `sentinel.service.nodePorts.sentinel` | Node port for Sentinel | `""` | -| `sentinel.service.externalTrafficPolicy` | Redis® Sentinel service external traffic policy | `Cluster` | -| `sentinel.service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | -| `sentinel.service.clusterIP` | Redis® Sentinel service Cluster IP | `""` | -| `sentinel.service.createMaster` | Enable master service pointing to the current master (experimental) | `false` | -| `sentinel.service.loadBalancerIP` | Redis® Sentinel service Load Balancer IP | `""` | -| `sentinel.service.loadBalancerClass` | sentinel service Load Balancer class if service type is `LoadBalancer` (optional, cloud specific) | `""` | -| `sentinel.service.loadBalancerSourceRanges` | Redis® Sentinel service Load Balancer sources | `[]` | -| `sentinel.service.annotations` | Additional custom annotations for Redis® Sentinel service | `{}` | -| `sentinel.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | -| `sentinel.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | -| `sentinel.service.headless.annotations` | Annotations for the headless service. | `{}` | -| `sentinel.masterService.enabled` | Enable master service pointing to the current master (experimental) | `false` | -| `sentinel.masterService.type` | Redis® Sentinel master service type | `ClusterIP` | -| `sentinel.masterService.ports.redis` | Redis® service port for Redis® | `6379` | -| `sentinel.masterService.nodePorts.redis` | Node port for Redis® | `""` | -| `sentinel.masterService.externalTrafficPolicy` | Redis® master service external traffic policy | `""` | -| `sentinel.masterService.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | -| `sentinel.masterService.clusterIP` | Redis® master service Cluster IP | `""` | -| `sentinel.masterService.loadBalancerIP` | Redis® master service Load Balancer IP | `""` | -| `sentinel.masterService.loadBalancerClass` | master service Load Balancer class if service type is `LoadBalancer` (optional, cloud specific) | `""` | -| `sentinel.masterService.loadBalancerSourceRanges` | Redis® master service Load Balancer sources | `[]` | -| `sentinel.masterService.annotations` | Additional custom annotations for Redis® master service | `{}` | -| `sentinel.masterService.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | -| `sentinel.masterService.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | -| `sentinel.terminationGracePeriodSeconds` | Integer setting the termination grace period for the redis-node pods | `30` | - -### Other Parameters - -| Name | Description | Value | -| ----------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------- | ------- | -| `serviceBindings.enabled` | Create secret for service binding (Experimental) | `false` | -| `networkPolicy.enabled` | Enable creation of NetworkPolicy resources | `true` | -| `networkPolicy.allowExternal` | Don't require client label for connections | `true` | -| `networkPolicy.allowExternalEgress` | Allow the pod to access any range of port and all destinations. | `true` | -| `networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolicy | `[]` | -| `networkPolicy.extraEgress` | Add extra egress rules to the NetworkPolicy | `[]` | -| `networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces | `{}` | -| `networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces | `{}` | -| `networkPolicy.metrics.allowExternal` | Don't require client label for connections for metrics endpoint | `true` | -| `networkPolicy.metrics.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces to metrics endpoint | `{}` | -| `networkPolicy.metrics.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces to metrics endpoint | `{}` | -| `podSecurityPolicy.create` | Whether to create a PodSecurityPolicy. WARNING: PodSecurityPolicy is deprecated in Kubernetes v1.21 or later, unavailable in v1.25 or later | `false` | -| `podSecurityPolicy.enabled` | Enable PodSecurityPolicy's RBAC rules | `false` | -| `rbac.create` | Specifies whether RBAC resources should be created | `false` | -| `rbac.rules` | Custom RBAC rules to set | `[]` | -| `serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | -| `serviceAccount.name` | The name of the ServiceAccount to use. | `""` | -| `serviceAccount.automountServiceAccountToken` | Whether to auto mount the service account token | `false` | -| `serviceAccount.annotations` | Additional custom annotations for the ServiceAccount | `{}` | -| `pdb` | DEPRECATED Please use `master.pdb` and `replica.pdb` values instead | `{}` | -| `tls.enabled` | Enable TLS traffic | `false` | -| `tls.authClients` | Require clients to authenticate | `true` | -| `tls.autoGenerated` | Enable autogenerated certificates | `false` | -| `tls.existingSecret` | The name of the existing secret that contains the TLS certificates | `""` | -| `tls.certificatesSecret` | DEPRECATED. Use existingSecret instead. | `""` | -| `tls.certFilename` | Certificate filename | `""` | -| `tls.certKeyFilename` | Certificate Key filename | `""` | -| `tls.certCAFilename` | CA Certificate filename | `""` | -| `tls.dhParamsFilename` | File containing DH params (in order to support DH based ciphers) | `""` | - -### Metrics Parameters - -| Name | Description | Value | -| ----------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------- | -| `metrics.enabled` | Start a sidecar prometheus exporter to expose Redis® metrics | `false` | -| `metrics.image.registry` | Redis® Exporter image registry | `REGISTRY_NAME` | -| `metrics.image.repository` | Redis® Exporter image repository | `REPOSITORY_NAME/redis-exporter` | -| `metrics.image.digest` | Redis® Exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `metrics.image.pullPolicy` | Redis® Exporter image pull policy | `IfNotPresent` | -| `metrics.image.pullSecrets` | Redis® Exporter image pull secrets | `[]` | -| `metrics.containerPorts.http` | Metrics HTTP container port | `9121` | -| `metrics.startupProbe.enabled` | Enable startupProbe on Redis® replicas nodes | `false` | -| `metrics.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `10` | -| `metrics.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `metrics.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | -| `metrics.startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` | -| `metrics.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `metrics.livenessProbe.enabled` | Enable livenessProbe on Redis® replicas nodes | `true` | -| `metrics.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `10` | -| `metrics.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `metrics.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `metrics.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | -| `metrics.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `metrics.readinessProbe.enabled` | Enable readinessProbe on Redis® replicas nodes | `true` | -| `metrics.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | -| `metrics.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `metrics.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | -| `metrics.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` | -| `metrics.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `metrics.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `metrics.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `metrics.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `metrics.command` | Override default metrics container init command (useful when using custom images) | `[]` | -| `metrics.redisTargetHost` | A way to specify an alternative Redis® hostname | `localhost` | -| `metrics.extraArgs` | Extra arguments for Redis® exporter, for example: | `{}` | -| `metrics.extraEnvVars` | Array with extra environment variables to add to Redis® exporter | `[]` | -| `metrics.containerSecurityContext.enabled` | Enabled Redis® exporter containers' Security Context | `true` | -| `metrics.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `{}` | -| `metrics.containerSecurityContext.runAsUser` | Set Redis® exporter containers' Security Context runAsUser | `1001` | -| `metrics.containerSecurityContext.runAsGroup` | Set Redis® exporter containers' Security Context runAsGroup | `1001` | -| `metrics.containerSecurityContext.runAsNonRoot` | Set Redis® exporter containers' Security Context runAsNonRoot | `true` | -| `metrics.containerSecurityContext.allowPrivilegeEscalation` | Set Redis® exporter containers' Security Context allowPrivilegeEscalation | `false` | -| `metrics.containerSecurityContext.readOnlyRootFilesystem` | Set container's Security Context read-only root filesystem | `true` | -| `metrics.containerSecurityContext.seccompProfile.type` | Set Redis® exporter containers' Security Context seccompProfile | `RuntimeDefault` | -| `metrics.containerSecurityContext.capabilities.drop` | Set Redis® exporter containers' Security Context capabilities to drop | `["ALL"]` | -| `metrics.extraVolumes` | Optionally specify extra list of additional volumes for the Redis® metrics sidecar | `[]` | -| `metrics.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Redis® metrics sidecar | `[]` | -| `metrics.resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if metrics.resources is set (metrics.resources is recommended for production). | `nano` | -| `metrics.resources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` | -| `metrics.podLabels` | Extra labels for Redis® exporter pods | `{}` | -| `metrics.podAnnotations` | Annotations for Redis® exporter pods | `{}` | -| `metrics.service.enabled` | Create Service resource(s) for scraping metrics using PrometheusOperator ServiceMonitor, can be disabled when using a PodMonitor | `true` | -| `metrics.service.type` | Redis® exporter service type | `ClusterIP` | -| `metrics.service.ports.http` | Redis® exporter service port | `9121` | -| `metrics.service.externalTrafficPolicy` | Redis® exporter service external traffic policy | `Cluster` | -| `metrics.service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | -| `metrics.service.loadBalancerIP` | Redis® exporter service Load Balancer IP | `""` | -| `metrics.service.loadBalancerClass` | exporter service Load Balancer class if service type is `LoadBalancer` (optional, cloud specific) | `""` | -| `metrics.service.loadBalancerSourceRanges` | Redis® exporter service Load Balancer sources | `[]` | -| `metrics.service.annotations` | Additional custom annotations for Redis® exporter service | `{}` | -| `metrics.service.clusterIP` | Redis® exporter service Cluster IP | `""` | -| `metrics.serviceMonitor.port` | the service port to scrape metrics from | `http-metrics` | -| `metrics.serviceMonitor.enabled` | Create ServiceMonitor resource(s) for scraping metrics using PrometheusOperator | `false` | -| `metrics.serviceMonitor.namespace` | The namespace in which the ServiceMonitor will be created | `""` | -| `metrics.serviceMonitor.interval` | The interval at which metrics should be scraped | `30s` | -| `metrics.serviceMonitor.scrapeTimeout` | The timeout after which the scrape is ended | `""` | -| `metrics.serviceMonitor.relabelings` | Metrics RelabelConfigs to apply to samples before scraping. | `[]` | -| `metrics.serviceMonitor.metricRelabelings` | Metrics RelabelConfigs to apply to samples before ingestion. | `[]` | -| `metrics.serviceMonitor.honorLabels` | Specify honorLabels parameter to add the scrape endpoint | `false` | -| `metrics.serviceMonitor.additionalLabels` | Additional labels that can be used so ServiceMonitor resource(s) can be discovered by Prometheus | `{}` | -| `metrics.serviceMonitor.podTargetLabels` | Labels from the Kubernetes pod to be transferred to the created metrics | `[]` | -| `metrics.serviceMonitor.sampleLimit` | Limit of how many samples should be scraped from every Pod | `false` | -| `metrics.serviceMonitor.targetLimit` | Limit of how many targets should be scraped | `false` | -| `metrics.serviceMonitor.additionalEndpoints` | Additional endpoints to scrape (e.g sentinel) | `[]` | -| `metrics.podMonitor.port` | the pod port to scrape metrics from | `metrics` | -| `metrics.podMonitor.enabled` | Create PodMonitor resource(s) for scraping metrics using PrometheusOperator | `false` | -| `metrics.podMonitor.namespace` | The namespace in which the PodMonitor will be created | `""` | -| `metrics.podMonitor.interval` | The interval at which metrics should be scraped | `30s` | -| `metrics.podMonitor.scrapeTimeout` | The timeout after which the scrape is ended | `""` | -| `metrics.podMonitor.relabelings` | Metrics RelabelConfigs to apply to samples before scraping. | `[]` | -| `metrics.podMonitor.metricRelabelings` | Metrics RelabelConfigs to apply to samples before ingestion. | `[]` | -| `metrics.podMonitor.honorLabels` | Specify honorLabels parameter to add the scrape endpoint | `false` | -| `metrics.podMonitor.additionalLabels` | Additional labels that can be used so PodMonitor resource(s) can be discovered by Prometheus | `{}` | -| `metrics.podMonitor.podTargetLabels` | Labels from the Kubernetes pod to be transferred to the created metrics | `[]` | -| `metrics.podMonitor.sampleLimit` | Limit of how many samples should be scraped from every Pod | `false` | -| `metrics.podMonitor.targetLimit` | Limit of how many targets should be scraped | `false` | -| `metrics.podMonitor.additionalEndpoints` | Additional endpoints to scrape (e.g sentinel) | `[]` | -| `metrics.prometheusRule.enabled` | Create a custom prometheusRule Resource for scraping metrics using PrometheusOperator | `false` | -| `metrics.prometheusRule.namespace` | The namespace in which the prometheusRule will be created | `""` | -| `metrics.prometheusRule.additionalLabels` | Additional labels for the prometheusRule | `{}` | -| `metrics.prometheusRule.rules` | Custom Prometheus rules | `[]` | - -### Init Container Parameters - -| Name | Description | Value | -| ----------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------- | -| `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` | -| `volumePermissions.image.registry` | OS Shell + Utility image registry | `REGISTRY_NAME` | -| `volumePermissions.image.repository` | OS Shell + Utility image repository | `REPOSITORY_NAME/os-shell` | -| `volumePermissions.image.digest` | OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `volumePermissions.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` | -| `volumePermissions.resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if volumePermissions.resources is set (volumePermissions.resources is recommended for production). | `nano` | -| `volumePermissions.resources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` | -| `volumePermissions.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `{}` | -| `volumePermissions.containerSecurityContext.runAsUser` | Set init container's Security Context runAsUser | `0` | -| `kubectl.image.registry` | Kubectl image registry | `REGISTRY_NAME` | -| `kubectl.image.repository` | Kubectl image repository | `REPOSITORY_NAME/kubectl` | -| `kubectl.image.digest` | Kubectl image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `kubectl.image.pullPolicy` | Kubectl image pull policy | `IfNotPresent` | -| `kubectl.image.pullSecrets` | Kubectl pull secrets | `[]` | -| `kubectl.command` | kubectl command to execute | `["/opt/bitnami/scripts/kubectl-scripts/update-master-label.sh"]` | -| `kubectl.containerSecurityContext.enabled` | Enabled kubectl containers' Security Context | `true` | -| `kubectl.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `{}` | -| `kubectl.containerSecurityContext.runAsUser` | Set kubectl containers' Security Context runAsUser | `1001` | -| `kubectl.containerSecurityContext.runAsGroup` | Set kubectl containers' Security Context runAsGroup | `1001` | -| `kubectl.containerSecurityContext.runAsNonRoot` | Set kubectl containers' Security Context runAsNonRoot | `true` | -| `kubectl.containerSecurityContext.allowPrivilegeEscalation` | Set kubectl containers' Security Context allowPrivilegeEscalation | `false` | -| `kubectl.containerSecurityContext.readOnlyRootFilesystem` | Set container's Security Context read-only root filesystem | `true` | -| `kubectl.containerSecurityContext.seccompProfile.type` | Set kubectl containers' Security Context seccompProfile | `RuntimeDefault` | -| `kubectl.containerSecurityContext.capabilities.drop` | Set kubectl containers' Security Context capabilities to drop | `["ALL"]` | -| `kubectl.resources.limits` | The resources limits for the kubectl containers | `{}` | -| `kubectl.resources.requests` | The requested resources for the kubectl containers | `{}` | -| `sysctl.enabled` | Enable init container to modify Kernel settings | `false` | -| `sysctl.image.registry` | OS Shell + Utility image registry | `REGISTRY_NAME` | -| `sysctl.image.repository` | OS Shell + Utility image repository | `REPOSITORY_NAME/os-shell` | -| `sysctl.image.digest` | OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `sysctl.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` | -| `sysctl.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` | -| `sysctl.command` | Override default init-sysctl container command (useful when using custom images) | `[]` | -| `sysctl.mountHostSys` | Mount the host `/sys` folder to `/host-sys` | `false` | -| `sysctl.resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if sysctl.resources is set (sysctl.resources is recommended for production). | `nano` | -| `sysctl.resources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` | - -### useExternalDNS Parameters - -| Name | Description | Value | -| -------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------- | -| `useExternalDNS.enabled` | Enable various syntax that would enable external-dns to work. Note this requires a working installation of `external-dns` to be usable. | `false` | -| `useExternalDNS.additionalAnnotations` | Extra annotations to be utilized when `external-dns` is enabled. | `{}` | -| `useExternalDNS.annotationKey` | The annotation key utilized when `external-dns` is enabled. Setting this to `false` will disable annotations. | `external-dns.alpha.kubernetes.io/` | -| `useExternalDNS.suffix` | The DNS suffix utilized when `external-dns` is enabled. Note that we prepend the suffix with the full name of the release. | `""` | - -Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, - -```console -helm install my-release \ - --set auth.password=secretpassword \ - oci://REGISTRY_NAME/REPOSITORY_NAME/redis -``` - -> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. - -The above command sets the Redis® server password to `secretpassword`. - -> NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available. - -Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, - -```console -helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/redis -``` - -> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. -> **Tip**: You can use the default [values.yaml](https://github.com/bitnami/charts/tree/main/bitnami/redis/values.yaml) - -## Troubleshooting - -Find more information about how to deal with common errors related to Bitnami's Helm charts in [this troubleshooting guide](https://docs.bitnami.com/general/how-to/troubleshoot-helm-chart-issues). - -## Upgrading - -A major chart version change (like v1.2.3 -> v2.0.0) indicates that there is an incompatible breaking change needing manual actions. - -### RDB compatibility - -It's common to have RDB format changes across Redis® releases where we see backward compatibility but no forward compatibility. For example, v7.0 can load an RDB created by v6.2 , but the opposite is not true. -When that's the case, the rolling update can cause replicas to temporarily stop synchronizing while they are running a lower version than master. -For example, on a rolling update `master-0` and `replica-2` are updated first from version v6.2 to v7.0; `replica-0` and `replica-1` won't be able to start a full sync with `master-0` because they are still running v6.2 and can't support the RDB format from version 7.0 that master is now using. -This issue can be mitigated by splitting the upgrade into two stages: one for all replicas and another for any master. - -- Stage 1 (replicas only, as there's no master with an ordinal higher than 99): -`helm upgrade oci://REGISTRY_NAME/REPOSITORY_NAME/redis --set master.updateStrategy.rollingUpdate.partition=99` -- Stage 2 (anything else that is not up to date, in this case only master): -`helm upgrade oci://REGISTRY_NAME/REPOSITORY_NAME/redis` - -### To 19.0.0 - -This major bump changes the following security defaults: - -- `runAsGroup` is changed from `0` to `1001` -- `readOnlyRootFilesystem` is set to `true` -- `resourcesPreset` is changed from `none` to the minimum size working in our test suites (NOTE: `resourcesPreset` is not meant for production usage, but `resources` adapted to your use case). -- `global.compatibility.openshift.adaptSecurityContext` is changed from `disabled` to `auto`. - -This could potentially break any customization or init scripts used in your deployment. If this is the case, change the default values to the previous ones. - -### To 18.0.0 - -This major version updates the Redis® docker image version used from `7.0` to `7.2`, the new stable version. There are no major changes in the chart, but we recommend checking the [Redis® 7.2 release notes](https://raw.githubusercontent.com/redis/redis/7.2/00-RELEASENOTES) before upgrading. - -NOTE: Due to an error in our release process, versions higher or equal than 17.15.4 already use 7.2 by default. - -### To 17.0.0 - -This major version updates the Redis® docker image version used from `6.2` to `7.0`, the new stable version. There are no major changes in the chart, but we recommend checking the [Redis® 7.0 release notes](https://raw.githubusercontent.com/redis/redis/7.0/00-RELEASENOTES) before upgrading. - -### To 16.0.0 - -This major release renames several values in this chart and adds missing features, in order to be inline with the rest of assets in the Bitnami charts repository. - -Affected values: - -- `master.service.port` renamed as `master.service.ports.redis`. -- `master.service.nodePort` renamed as `master.service.nodePorts.redis`. -- `replica.service.port` renamed as `replica.service.ports.redis`. -- `replica.service.nodePort` renamed as `replica.service.nodePorts.redis`. -- `sentinel.service.port` renamed as `sentinel.service.ports.redis`. -- `sentinel.service.sentinelPort` renamed as `sentinel.service.ports.sentinel`. -- `master.containerPort` renamed as `master.containerPorts.redis`. -- `replica.containerPort` renamed as `replica.containerPorts.redis`. -- `sentinel.containerPort` renamed as `sentinel.containerPorts.sentinel`. -- `master.spreadConstraints` renamed as `master.topologySpreadConstraints` -- `replica.spreadConstraints` renamed as `replica.topologySpreadConstraints` - -### To 15.0.0 - -The parameter to enable the usage of StaticIDs was removed. The behavior is to [always use StaticIDs](https://github.com/bitnami/charts/pull/7278). - -### To 14.8.0 - -The Redis® sentinel exporter was removed in this version because the upstream project was deprecated. The regular Redis® exporter is included in the sentinel scenario as usual. - -### To 14.0.0 - -- Several parameters were renamed or disappeared in favor of new ones on this major version: - - The term *slave* has been replaced by the term *replica*. Therefore, parameters prefixed with `slave` are now prefixed with `replicas`. - - Credentials parameter are reorganized under the `auth` parameter. - - `cluster.enabled` parameter is deprecated in favor of `architecture` parameter that accepts two values: `standalone` and `replication`. - - `securityContext.*` is deprecated in favor of `XXX.podSecurityContext` and `XXX.containerSecurityContext`. - - `sentinel.metrics.*` parameters are deprecated in favor of `metrics.sentinel.*` ones. -- New parameters to add custom command, environment variables, sidecars, init containers, etc. were added. -- Chart labels were adapted to follow the [Helm charts standard labels](https://helm.sh/docs/chart_best_practices/labels/#standard-labels). -- values.yaml metadata was adapted to follow the format supported by [Readme Generator for Helm](https://github.com/bitnami/readme-generator-for-helm). - -Consequences: - -Backwards compatibility is not guaranteed. To upgrade to `14.0.0`, install a new release of the Redis® chart, and migrate the data from your previous release. You have 2 alternatives to do so: - -- Create a backup of the database, and restore it on the new release as explained in the [Backup and restore](#backup-and-restore) section. -- Reuse the PVC used to hold the master data on your previous release. To do so, use the `master.persistence.existingClaim` parameter. The following example assumes that the release name is `redis`: - -```console -helm install redis oci://REGISTRY_NAME/REPOSITORY_NAME/redis --set auth.password=[PASSWORD] --set master.persistence.existingClaim=[EXISTING_PVC] -``` - -> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. - -| Note: you need to substitute the placeholder *[EXISTING_PVC]* with the name of the PVC used on your previous release, and *[PASSWORD]* with the password used in your previous release. - -### To 13.0.0 - -This major version updates the Redis® docker image version used from `6.0` to `6.2`, the new stable version. There are no major changes in the chart and there shouldn't be any breaking changes in it as `6.2` is basically a stricter superset of `6.0`. For more information, please refer to [Redis® 6.2 release notes](https://raw.githubusercontent.com/redis/redis/6.2/00-RELEASENOTES). - -### To 12.3.0 - -This version also introduces `bitnami/common`, a [library chart](https://helm.sh/docs/topics/library_charts/#helm) as a dependency. More documentation about this new utility could be found [here](https://github.com/bitnami/charts/tree/main/bitnami/common#bitnami-common-library-chart). Please, make sure that you have updated the chart dependencies before executing any upgrade. - -### To 12.0.0 - -[On November 13, 2020, Helm v2 support was formally finished](https://github.com/helm/charts#status-of-the-project), this major version is the result of the required changes applied to the Helm Chart to be able to incorporate the different features added in Helm v3 and to be consistent with the Helm project itself regarding the Helm v2 EOL. - -#### What changes were introduced in this major version? - -- Previous versions of this Helm Chart use `apiVersion: v1` (installable by both Helm 2 and 3), this Helm Chart was updated to `apiVersion: v2` (installable by Helm 3 only). [Here](https://helm.sh/docs/topics/charts/#the-apiversion-field) you can find more information about the `apiVersion` field. -- The different fields present in the *Chart.yaml* file has been ordered alphabetically in a homogeneous way for all the Bitnami Helm Charts - -#### Considerations when upgrading to this version - -- If you want to upgrade to this version from a previous one installed with Helm v3, you shouldn't face any issues -- If you want to upgrade to this version using Helm v2, this scenario is not supported as this version doesn't support Helm v2 anymore -- If you installed the previous version with Helm v2 and wants to upgrade to this version with Helm v3, please refer to the [official Helm documentation](https://helm.sh/docs/topics/v2_v3_migration/#migration-use-cases) about migrating from Helm v2 to v3 - -#### Useful links - -- -- -- - -### To 11.0.0 - -When using sentinel, a new statefulset called `-node` was introduced. This will break upgrading from a previous version where the statefulsets are called master and slave. Hence the PVC will not match the new naming and won't be reused. If you want to keep your data, you will need to perform a backup and then a restore the data in this new version. - -When deployed with sentinel enabled, only a group of nodes is deployed and the master/slave role is handled in the group. To avoid breaking the compatibility, the settings for this nodes are given through the `slave.xxxx` parameters in `values.yaml` - -### To 10.0.0 - -For releases with `usePassword: true`, the value `sentinel.usePassword` controls whether the password authentication also applies to the sentinel port. This defaults to `true` for a secure configuration, however it is possible to disable to account for the following cases: - -- Using a version of redis-sentinel prior to `5.0.1` where the authentication feature was introduced. -- Where redis clients need to be updated to support sentinel authentication. - -If using a master/slave topology, or with `usePassword: false`, no action is required. - -### To 9.0.0 - -The metrics exporter has been changed from a separate deployment to a sidecar container, due to the latest changes in the Redis® exporter code. Check the [official page](https://github.com/oliver006/redis_exporter/) for more information. The metrics container image was changed from oliver006/redis_exporter to bitnami/redis-exporter (Bitnami's maintained package of oliver006/redis_exporter). - -### To 8.0.18 - -For releases with `metrics.enabled: true` the default tag for the exporter image is now `v1.x.x`. This introduces many changes including metrics names. You'll want to use [this dashboard](https://github.com/oliver006/redis_exporter/blob/master/contrib/grafana_prometheus_redis_dashboard.json) now. Please see the [redis_exporter github page](https://github.com/oliver006/redis_exporter#upgrading-from-0x-to-1x) for more details. - -### To 7.0.0 - -This version causes a change in the Redis® Master StatefulSet definition, so the command helm upgrade would not work out of the box. As an alternative, one of the following could be done: - -- Recommended: Create a clone of the Redis® Master PVC (for example, using projects like [this one](https://github.com/edseymour/pvc-transfer)). Then launch a fresh release reusing this cloned PVC. - -```console -helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/redis --set persistence.existingClaim= -``` - -> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. - -- Alternative (not recommended, do at your own risk): `helm delete --purge` does not remove the PVC assigned to the Redis® Master StatefulSet. As a consequence, the following commands can be done to upgrade the release - -```console -helm delete --purge -helm install oci://REGISTRY_NAME/REPOSITORY_NAME/redis -``` - -> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. - -Previous versions of the chart were not using persistence in the slaves, so this upgrade would add it to them. Another important change is that no values are inherited from master to slaves. For example, in 6.0.0 `slaves.readinessProbe.periodSeconds`, if empty, would be set to `master.readinessProbe.periodSeconds`. This approach lacked transparency and was difficult to maintain. From now on, all the slave parameters must be configured just as it is done with the masters. - -Some values have changed as well: - -- `master.port` and `slave.port` have been changed to `redisPort` (same value for both master and slaves) -- `master.securityContext` and `slave.securityContext` have been changed to `securityContext`(same values for both master and slaves) - -By default, the upgrade will not change the cluster topology. In case you want to use Redis® Sentinel, you must explicitly set `sentinel.enabled` to `true`. - -### To 6.0.0 - -Previous versions of the chart were using an init-container to change the permissions of the volumes. This was done in case the `securityContext` directive in the template was not enough for that (for example, with cephFS). In this new version of the chart, this container is disabled by default (which should not affect most of the deployments). If your installation still requires that init container, execute `helm upgrade` with the `--set volumePermissions.enabled=true`. - -### To 5.0.0 - -The default image in this release may be switched out for any image containing the `redis-server` -and `redis-cli` binaries. If `redis-server` is not the default image ENTRYPOINT, `master.command` -must be specified. - -#### Breaking changes - -- `master.args` and `slave.args` are removed. Use `master.command` or `slave.command` instead in order to override the image entrypoint, or `master.extraFlags` to pass additional flags to `redis-server`. -- `disableCommands` is now interpreted as an array of strings instead of a string of comma separated values. -- `master.persistence.path` now defaults to `/data`. - -### To 4.0.0 - -This version removes the `chart` label from the `spec.selector.matchLabels` -which is immutable since `StatefulSet apps/v1beta2`. It has been inadvertently -added, causing any subsequent upgrade to fail. See . - -It also fixes where a deployment `extensions/v1beta1` can not be upgraded if `spec.selector` is not explicitly set. - -Finally, it fixes by removing mutable labels in `spec.VolumeClaimTemplate.metadata.labels` so that it is upgradable. - -In order to upgrade, delete the Redis® StatefulSet before upgrading: - -```console -kubectl delete statefulsets.apps --cascade=false my-release-redis-master -``` - -And edit the Redis® slave (and metrics if enabled) deployment: - -```console -kubectl patch deployments my-release-redis-slave --type=json -p='[{"op": "remove", "path": "/spec/selector/matchLabels/chart"}]' -kubectl patch deployments my-release-redis-metrics --type=json -p='[{"op": "remove", "path": "/spec/selector/matchLabels/chart"}]' -``` - -## License - -Copyright © 2024 Broadcom. The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. \ No newline at end of file diff --git a/charts/redis/redis/templates/NOTES.txt b/charts/redis/redis/templates/NOTES.txt deleted file mode 100644 index 69bdec3..0000000 --- a/charts/redis/redis/templates/NOTES.txt +++ /dev/null @@ -1,213 +0,0 @@ -CHART NAME: {{ .Chart.Name }} -CHART VERSION: {{ .Chart.Version }} -APP VERSION: {{ .Chart.AppVersion }} - -** Please be patient while the chart is being deployed ** - -{{- if .Values.diagnosticMode.enabled }} -The chart has been deployed in diagnostic mode. All probes have been disabled and the command has been overwritten with: - - command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 4 }} - args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 4 }} - -Get the list of pods by executing: - - kubectl get pods --namespace {{ include "common.names.namespace" . }} -l app.kubernetes.io/instance={{ .Release.Name }} - -Access the pod you want to debug by executing - - kubectl exec --namespace {{ include "common.names.namespace" . }} -ti -- bash - -In order to replicate the container startup scripts execute this command: - -For Redis: - - /opt/bitnami/scripts/redis/entrypoint.sh /opt/bitnami/scripts/redis/run.sh - -{{- if .Values.sentinel.enabled }} - -For Redis Sentinel: - - /opt/bitnami/scripts/redis-sentinel/entrypoint.sh /opt/bitnami/scripts/redis-sentinel/run.sh - -{{- end }} -{{- else }} - -{{- if contains .Values.master.service.type "LoadBalancer" }} -{{- if not .Values.auth.enabled }} -{{ if and (not .Values.networkPolicy.enabled) (.Values.networkPolicy.allowExternal) }} - -------------------------------------------------------------------------------- - WARNING - - By specifying "master.service.type=LoadBalancer" and "auth.enabled=false" you have - most likely exposed the Redis® service externally without any authentication - mechanism. - - For security reasons, we strongly suggest that you switch to "ClusterIP" or - "NodePort". As alternative, you can also switch to "auth.enabled=true" - providing a valid password on "password" parameter. - -------------------------------------------------------------------------------- -{{- end }} -{{- end }} -{{- end }} - -{{- if and .Values.auth.usePasswordFiles (not .Values.auth.usePasswordFileFromSecret) (or (empty .Values.master.initContainers) (empty .Values.replica.initContainers)) }} - -------------------------------------------------------------------------------- - WARNING - - By specifying ".Values.auth.usePasswordFiles=true" and ".Values.auth.usePasswordFileFromSecret=false" - Redis is expecting that the password is mounted as a file in each pod - (by default in /opt/bitnami/redis/secrets/redis-password) - - Ensure that you specify the respective initContainers in - both .Values.master.initContainers and .Values.replica.initContainers - in order to populate the contents of this file. - -------------------------------------------------------------------------------- -{{- end }} - -{{- if eq .Values.architecture "replication" }} -{{- if .Values.sentinel.enabled }} - -Redis® can be accessed via port {{ .Values.sentinel.service.ports.redis }} on the following DNS name from within your cluster: - - {{ template "common.names.fullname" . }}.{{ include "common.names.namespace" . }}.svc.{{ .Values.clusterDomain }} for read only operations - -For read/write operations, first access the Redis® Sentinel cluster, which is available in port {{ .Values.sentinel.service.ports.sentinel }} using the same domain name above. - -{{- else }} - -Redis® can be accessed on the following DNS names from within your cluster: - - {{ printf "%s-master.%s.svc.%s" (include "common.names.fullname" .) (include "common.names.namespace" . ) .Values.clusterDomain }} for read/write operations (port {{ .Values.master.service.ports.redis }}) - {{ printf "%s-replicas.%s.svc.%s" (include "common.names.fullname" .) (include "common.names.namespace" . ) .Values.clusterDomain }} for read-only operations (port {{ .Values.replica.service.ports.redis }}) - -{{- end }} -{{- else }} - -Redis® can be accessed via port {{ .Values.master.service.ports.redis }} on the following DNS name from within your cluster: - - {{ template "common.names.fullname" . }}-master.{{ include "common.names.namespace" . }}.svc.{{ .Values.clusterDomain }} - -{{- end }} - -{{ if .Values.auth.enabled }} - -To get your password run: - - export REDIS_PASSWORD=$(kubectl get secret --namespace {{ include "common.names.namespace" . }} {{ template "redis.secretName" . }} -o jsonpath="{.data.redis-password}" | base64 -d) - -{{- end }} - -To connect to your Redis® server: - -1. Run a Redis® pod that you can use as a client: - - kubectl run --namespace {{ include "common.names.namespace" . }} redis-client --restart='Never' {{ if .Values.auth.enabled }} --env REDIS_PASSWORD=$REDIS_PASSWORD {{ end }} --image {{ template "redis.image" . }} --command -- sleep infinity - -{{- if .Values.tls.enabled }} - - Copy your TLS certificates to the pod: - - kubectl cp --namespace {{ include "common.names.namespace" . }} /path/to/client.cert redis-client:/tmp/client.cert - kubectl cp --namespace {{ include "common.names.namespace" . }} /path/to/client.key redis-client:/tmp/client.key - kubectl cp --namespace {{ include "common.names.namespace" . }} /path/to/CA.cert redis-client:/tmp/CA.cert - -{{- end }} - - Use the following command to attach to the pod: - - kubectl exec --tty -i redis-client \ - {{- if and (.Values.networkPolicy.enabled) (not .Values.networkPolicy.allowExternal) }}--labels="{{ template "common.names.fullname" . }}-client=true" \{{- end }} - --namespace {{ include "common.names.namespace" . }} -- bash - -2. Connect using the Redis® CLI: - -{{- if eq .Values.architecture "replication" }} - {{- if .Values.sentinel.enabled }} - {{ if .Values.auth.enabled }}REDISCLI_AUTH="$REDIS_PASSWORD" {{ end }}redis-cli -h {{ template "common.names.fullname" . }} -p {{ .Values.sentinel.service.ports.redis }}{{ if .Values.tls.enabled }} --tls --cert /tmp/client.cert --key /tmp/client.key --cacert /tmp/CA.cert{{ end }} # Read only operations - {{ if .Values.auth.enabled }}REDISCLI_AUTH="$REDIS_PASSWORD" {{ end }}redis-cli -h {{ template "common.names.fullname" . }} -p {{ .Values.sentinel.service.ports.sentinel }}{{ if .Values.tls.enabled }} --tls --cert /tmp/client.cert --key /tmp/client.key --cacert /tmp/CA.cert{{ end }} # Sentinel access - {{- else }} - {{ if .Values.auth.enabled }}REDISCLI_AUTH="$REDIS_PASSWORD" {{ end }}redis-cli -h {{ printf "%s-master" (include "common.names.fullname" .) }}{{ if .Values.tls.enabled }} --tls --cert /tmp/client.cert --key /tmp/client.key --cacert /tmp/CA.cert{{ end }} - {{ if .Values.auth.enabled }}REDISCLI_AUTH="$REDIS_PASSWORD" {{ end }}redis-cli -h {{ printf "%s-replicas" (include "common.names.fullname" .) }}{{ if .Values.tls.enabled }} --tls --cert /tmp/client.cert --key /tmp/client.key --cacert /tmp/CA.cert{{ end }} - {{- end }} -{{- else }} - {{ if .Values.auth.enabled }}REDISCLI_AUTH="$REDIS_PASSWORD" {{ end }}redis-cli -h {{ template "common.names.fullname" . }}-master{{ if .Values.tls.enabled }} --tls --cert /tmp/client.cert --key /tmp/client.key --cacert /tmp/CA.cert{{ end }} -{{- end }} - -{{- if and (.Values.networkPolicy.enabled) (not .Values.networkPolicy.allowExternal) }} - -Note: Since NetworkPolicy is enabled, only pods with label {{ template "common.names.fullname" . }}-client=true" will be able to connect to redis. - -{{- else }} - -To connect to your database from outside the cluster execute the following commands: - -{{- if and (eq .Values.architecture "replication") .Values.sentinel.enabled }} -{{- if contains "NodePort" .Values.sentinel.service.type }} - - export NODE_IP=$(kubectl get nodes --namespace {{ include "common.names.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") - export NODE_PORT=$(kubectl get --namespace {{ include "common.names.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "common.names.fullname" . }}) - {{ if .Values.auth.enabled }}REDISCLI_AUTH="$REDIS_PASSWORD" {{ end }}redis-cli -h $NODE_IP -p $NODE_PORT {{- if .Values.tls.enabled }} --tls --cert /tmp/client.cert --key /tmp/client.key --cacert /tmp/CA.cert{{ end }} - -{{- else if contains "LoadBalancer" .Values.sentinel.service.type }} - - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - Watch the status with: 'kubectl get svc --namespace {{ include "common.names.namespace" . }} -w {{ template "common.names.fullname" . }}' - - export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.names.namespace" . }} {{ template "common.names.fullname" . }} --template "{{ "{{ range (index .status.loadBalancer.ingress 0) }}{{ . }}{{ end }}" }}") - {{ if .Values.auth.enabled }}REDISCLI_AUTH="$REDIS_PASSWORD" {{ end }}redis-cli -h $SERVICE_IP -p {{ .Values.sentinel.service.ports.redis }} {{- if .Values.tls.enabled }} --tls --cert /tmp/client.cert --key /tmp/client.key --cacert /tmp/CA.cert{{ end }} - -{{- else if contains "ClusterIP" .Values.sentinel.service.type }} - - kubectl port-forward --namespace {{ include "common.names.namespace" . }} svc/{{ template "common.names.fullname" . }} {{ .Values.sentinel.service.ports.redis }}:{{ .Values.sentinel.service.ports.redis }} & - {{ if .Values.auth.enabled }}REDISCLI_AUTH="$REDIS_PASSWORD" {{ end }}redis-cli -h 127.0.0.1 -p {{ .Values.sentinel.service.ports.redis }} {{- if .Values.tls.enabled }} --tls --cert /tmp/client.cert --key /tmp/client.key --cacert /tmp/CA.cert{{ end }} - -{{- end }} -{{- else }} -{{- if contains "NodePort" .Values.master.service.type }} - - export NODE_IP=$(kubectl get nodes --namespace {{ include "common.names.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") - export NODE_PORT=$(kubectl get --namespace {{ include "common.names.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ printf "%s-master" (include "common.names.fullname" .) }}) - {{ if .Values.auth.enabled }}REDISCLI_AUTH="$REDIS_PASSWORD" {{ end }}redis-cli -h $NODE_IP -p $NODE_PORT {{- if .Values.tls.enabled }} --tls --cert /tmp/client.cert --key /tmp/client.key --cacert /tmp/CA.cert{{ end }} - -{{- else if contains "LoadBalancer" .Values.master.service.type }} - - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - Watch the status with: 'kubectl get svc --namespace {{ include "common.names.namespace" . }} -w {{ template "common.names.fullname" . }}' - - export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.names.namespace" . }} {{ printf "%s-master" (include "common.names.fullname" .) }} --template "{{ "{{ range (index .status.loadBalancer.ingress 0) }}{{ . }}{{ end }}" }}") - {{ if .Values.auth.enabled }}REDISCLI_AUTH="$REDIS_PASSWORD" {{ end }}redis-cli -h $SERVICE_IP -p {{ .Values.master.service.ports.redis }} {{- if .Values.tls.enabled }} --tls --cert /tmp/client.cert --key /tmp/client.key --cacert /tmp/CA.cert{{ end }} - -{{- else if contains "ClusterIP" .Values.master.service.type }} - - kubectl port-forward --namespace {{ include "common.names.namespace" . }} svc/{{ printf "%s-master" (include "common.names.fullname" .) }} {{ .Values.master.service.ports.redis }}:{{ .Values.master.service.ports.redis }} & - {{ if .Values.auth.enabled }}REDISCLI_AUTH="$REDIS_PASSWORD" {{ end }}redis-cli -h 127.0.0.1 -p {{ .Values.master.service.ports.redis }} {{- if .Values.tls.enabled }} --tls --cert /tmp/client.cert --key /tmp/client.key --cacert /tmp/CA.cert{{ end }} - -{{- end }} -{{- end }} - -{{- end }} -{{- end }} -{{- include "redis.checkRollingTags" . }} -{{- include "common.warnings.rollingTag" .Values.volumePermissions.image }} -{{- include "common.warnings.rollingTag" .Values.sysctl.image }} -{{- include "redis.validateValues" . }} - -{{- if and (eq .Values.architecture "replication") .Values.sentinel.enabled (eq .Values.sentinel.service.type "NodePort") (not .Release.IsUpgrade ) }} -{{- if $.Values.sentinel.service.nodePorts.sentinel }} -No need to upgrade, ports and nodeports have been set from values -{{- else }} -#!#!#!#!#!#!#!# IMPORTANT #!#!#!#!#!#!#!# -YOU NEED TO PERFORM AN UPGRADE FOR THE SERVICES AND WORKLOAD TO BE CREATED -{{- end }} -{{- end }} -{{- $resourceSections := list "metrics" "replica" "sentinel" "sysctl" "volumePermissions" }} -{{- if not (and (eq .Values.architecture "replication") .Values.sentinel.enabled) }} - {{- $resourceSections = append $resourceSections "master" -}} -{{- end }} -{{- include "common.warnings.resources" (dict "sections" $resourceSections "context" $) }} -{{- include "common.warnings.modifiedImages" (dict "images" (list .Values.image .Values.sentinel.image .Values.metrics.image .Values.volumePermissions.image .Values.kubectl.image .Values.sysctl.image) "context" $) }} \ No newline at end of file diff --git a/charts/redis/redis/templates/_helpers.tpl b/charts/redis/redis/templates/_helpers.tpl deleted file mode 100644 index 0912b98..0000000 --- a/charts/redis/redis/templates/_helpers.tpl +++ /dev/null @@ -1,346 +0,0 @@ -{{/* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{/* vim: set filetype=mustache: */}} - -{{/* -Return the proper Redis image name -*/}} -{{- define "redis.image" -}} -{{ include "common.images.image" (dict "imageRoot" .Values.image "global" .Values.global) }} -{{- end -}} - -{{/* -Return the proper Redis Sentinel image name -*/}} -{{- define "redis.sentinel.image" -}} -{{ include "common.images.image" (dict "imageRoot" .Values.sentinel.image "global" .Values.global) }} -{{- end -}} - -{{/* -Return the proper image name (for the metrics image) -*/}} -{{- define "redis.metrics.image" -}} -{{ include "common.images.image" (dict "imageRoot" .Values.metrics.image "global" .Values.global) }} -{{- end -}} - -{{/* -Return the proper image name (for the init container volume-permissions image) -*/}} -{{- define "redis.volumePermissions.image" -}} -{{ include "common.images.image" (dict "imageRoot" .Values.volumePermissions.image "global" .Values.global) }} -{{- end -}} - -{{/* -Return kubectl image -*/}} -{{- define "redis.kubectl.image" -}} -{{ include "common.images.image" (dict "imageRoot" .Values.kubectl.image "global" .Values.global) }} -{{- end -}} - -{{/* -Return sysctl image -*/}} -{{- define "redis.sysctl.image" -}} -{{ include "common.images.image" (dict "imageRoot" .Values.sysctl.image "global" .Values.global) }} -{{- end -}} - -{{/* -Return the proper Docker Image Registry Secret Names -*/}} -{{- define "redis.imagePullSecrets" -}} -{{- include "common.images.renderPullSecrets" (dict "images" (list .Values.image .Values.sentinel.image .Values.metrics.image .Values.volumePermissions.image .Values.sysctl.image) "context" $) -}} -{{- end -}} - -{{/* -Return the appropriate apiVersion for networkpolicy. -*/}} -{{- define "networkPolicy.apiVersion" -}} -{{- if semverCompare ">=1.4-0, <1.7-0" .Capabilities.KubeVersion.GitVersion -}} -{{- print "extensions/v1beta1" -}} -{{- else -}} -{{- print "networking.k8s.io/v1" -}} -{{- end -}} -{{- end -}} - -{{/* -Return the appropriate apiGroup for PodSecurityPolicy. -*/}} -{{- define "podSecurityPolicy.apiGroup" -}} -{{- if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} -{{- print "policy" -}} -{{- else -}} -{{- print "extensions" -}} -{{- end -}} -{{- end -}} - -{{/* -Return true if a TLS secret object should be created -*/}} -{{- define "redis.createTlsSecret" -}} -{{- if and .Values.tls.enabled .Values.tls.autoGenerated (and (not .Values.tls.existingSecret) (not .Values.tls.certificatesSecret)) }} - {{- true -}} -{{- end -}} -{{- end -}} - -{{/* -Return the secret containing Redis TLS certificates -*/}} -{{- define "redis.tlsSecretName" -}} -{{- $secretName := coalesce .Values.tls.existingSecret .Values.tls.certificatesSecret -}} -{{- if $secretName -}} - {{- printf "%s" (tpl $secretName $) -}} -{{- else -}} - {{- printf "%s-crt" (include "common.names.fullname" .) -}} -{{- end -}} -{{- end -}} - -{{/* -Return the path to the cert file. -*/}} -{{- define "redis.tlsCert" -}} -{{- if (include "redis.createTlsSecret" . ) -}} - {{- printf "/opt/bitnami/redis/certs/%s" "tls.crt" -}} -{{- else -}} - {{- required "Certificate filename is required when TLS in enabled" .Values.tls.certFilename | printf "/opt/bitnami/redis/certs/%s" -}} -{{- end -}} -{{- end -}} - -{{/* -Return the path to the cert key file. -*/}} -{{- define "redis.tlsCertKey" -}} -{{- if (include "redis.createTlsSecret" . ) -}} - {{- printf "/opt/bitnami/redis/certs/%s" "tls.key" -}} -{{- else -}} - {{- required "Certificate Key filename is required when TLS in enabled" .Values.tls.certKeyFilename | printf "/opt/bitnami/redis/certs/%s" -}} -{{- end -}} -{{- end -}} - -{{/* -Return the path to the CA cert file. -*/}} -{{- define "redis.tlsCACert" -}} -{{- if (include "redis.createTlsSecret" . ) -}} - {{- printf "/opt/bitnami/redis/certs/%s" "ca.crt" -}} -{{- else -}} - {{- required "Certificate CA filename is required when TLS in enabled" .Values.tls.certCAFilename | printf "/opt/bitnami/redis/certs/%s" -}} -{{- end -}} -{{- end -}} - -{{/* -Return the path to the DH params file. -*/}} -{{- define "redis.tlsDHParams" -}} -{{- if .Values.tls.dhParamsFilename -}} -{{- printf "/opt/bitnami/redis/certs/%s" .Values.tls.dhParamsFilename -}} -{{- end -}} -{{- end -}} - -{{/* -Create the name of the shared service account to use -*/}} -{{- define "redis.serviceAccountName" -}} -{{- if .Values.serviceAccount.create -}} - {{ default (include "common.names.fullname" .) .Values.serviceAccount.name }} -{{- else -}} - {{ default "default" .Values.serviceAccount.name }} -{{- end -}} -{{- end -}} - -{{/* -Create the name of the master service account to use -*/}} -{{- define "redis.masterServiceAccountName" -}} -{{- if .Values.master.serviceAccount.create -}} - {{ default (printf "%s-master" (include "common.names.fullname" .)) .Values.master.serviceAccount.name }} -{{- else -}} - {{- if .Values.serviceAccount.create -}} - {{ template "redis.serviceAccountName" . }} - {{- else -}} - {{ default "default" .Values.master.serviceAccount.name }} - {{- end -}} -{{- end -}} -{{- end -}} - -{{/* -Create the name of the replicas service account to use -*/}} -{{- define "redis.replicaServiceAccountName" -}} -{{- if .Values.replica.serviceAccount.create -}} - {{ default (printf "%s-replica" (include "common.names.fullname" .)) .Values.replica.serviceAccount.name }} -{{- else -}} - {{- if .Values.serviceAccount.create -}} - {{ template "redis.serviceAccountName" . }} - {{- else -}} - {{ default "default" .Values.replica.serviceAccount.name }} - {{- end -}} -{{- end -}} -{{- end -}} - -{{/* -Return the configuration configmap name -*/}} -{{- define "redis.configmapName" -}} -{{- if .Values.existingConfigmap -}} - {{- printf "%s" (tpl .Values.existingConfigmap $) -}} -{{- else -}} - {{- printf "%s-configuration" (include "common.names.fullname" .) -}} -{{- end -}} -{{- end -}} - -{{/* -Return true if a configmap object should be created -*/}} -{{- define "redis.createConfigmap" -}} -{{- if empty .Values.existingConfigmap }} - {{- true -}} -{{- end -}} -{{- end -}} - -{{/* -Get the password secret. -*/}} -{{- define "redis.secretName" -}} -{{- if .Values.auth.existingSecret -}} -{{- printf "%s" (tpl .Values.auth.existingSecret $) -}} -{{- else -}} -{{- printf "%s" (include "common.names.fullname" .) -}} -{{- end -}} -{{- end -}} - -{{/* -Get the password key to be retrieved from Redis® secret. -*/}} -{{- define "redis.secretPasswordKey" -}} -{{- if and .Values.auth.existingSecret .Values.auth.existingSecretPasswordKey -}} -{{- printf "%s" (tpl .Values.auth.existingSecretPasswordKey $) -}} -{{- else -}} -{{- printf "redis-password" -}} -{{- end -}} -{{- end -}} - - -{{/* -Returns the available value for certain key in an existing secret (if it exists), -otherwise it generates a random value. -*/}} -{{- define "getValueFromSecret" }} - {{- $len := (default 16 .Length) | int -}} - {{- $obj := (lookup "v1" "Secret" .Namespace .Name).data -}} - {{- if $obj }} - {{- index $obj .Key | b64dec -}} - {{- else -}} - {{- randAlphaNum $len -}} - {{- end -}} -{{- end }} - -{{/* -Return Redis® password -*/}} -{{- define "redis.password" -}} -{{- if or .Values.auth.enabled .Values.global.redis.password }} - {{- if not (empty .Values.global.redis.password) }} - {{- .Values.global.redis.password -}} - {{- else if not (empty .Values.auth.password) -}} - {{- .Values.auth.password -}} - {{- else -}} - {{- include "getValueFromSecret" (dict "Namespace" (include "common.names.namespace" .) "Name" (include "redis.secretName" .) "Length" 10 "Key" (include "redis.secretPasswordKey" .)) -}} - {{- end -}} -{{- end -}} -{{- end }} - -{{/* Check if there are rolling tags in the images */}} -{{- define "redis.checkRollingTags" -}} -{{- include "common.warnings.rollingTag" .Values.image }} -{{- include "common.warnings.rollingTag" .Values.sentinel.image }} -{{- include "common.warnings.rollingTag" .Values.metrics.image }} -{{- end -}} - -{{/* -Compile all warnings into a single message, and call fail. -*/}} -{{- define "redis.validateValues" -}} -{{- $messages := list -}} -{{- $messages := append $messages (include "redis.validateValues.topologySpreadConstraints" .) -}} -{{- $messages := append $messages (include "redis.validateValues.architecture" .) -}} -{{- $messages := append $messages (include "redis.validateValues.podSecurityPolicy.create" .) -}} -{{- $messages := append $messages (include "redis.validateValues.tls" .) -}} -{{- $messages := append $messages (include "redis.validateValues.createMaster" .) -}} -{{- $messages := without $messages "" -}} -{{- $message := join "\n" $messages -}} - -{{- if $message -}} -{{- printf "\nVALUES VALIDATION:\n%s" $message | fail -}} -{{- end -}} -{{- end -}} - -{{/* Validate values of Redis® - spreadConstrainsts K8s version */}} -{{- define "redis.validateValues.topologySpreadConstraints" -}} -{{- if and (semverCompare "<1.16-0" .Capabilities.KubeVersion.GitVersion) .Values.replica.topologySpreadConstraints -}} -redis: topologySpreadConstraints - Pod Topology Spread Constraints are only available on K8s >= 1.16 - Find more information at https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ -{{- end -}} -{{- end -}} - -{{/* Validate values of Redis® - must provide a valid architecture */}} -{{- define "redis.validateValues.architecture" -}} -{{- if and (ne .Values.architecture "standalone") (ne .Values.architecture "replication") -}} -redis: architecture - Invalid architecture selected. Valid values are "standalone" and - "replication". Please set a valid architecture (--set architecture="xxxx") -{{- end -}} -{{- if and .Values.sentinel.enabled (not (eq .Values.architecture "replication")) }} -redis: architecture - Using redis sentinel on standalone mode is not supported. - To deploy redis sentinel, please select the "replication" mode - (--set "architecture=replication,sentinel.enabled=true") -{{- end -}} -{{- end -}} - -{{/* Validate values of Redis® - PodSecurityPolicy create */}} -{{- define "redis.validateValues.podSecurityPolicy.create" -}} -{{- if and .Values.podSecurityPolicy.create (not .Values.podSecurityPolicy.enabled) }} -redis: podSecurityPolicy.create - In order to create PodSecurityPolicy, you also need to enable - podSecurityPolicy.enabled field -{{- end -}} -{{- end -}} - -{{/* Validate values of Redis® - TLS enabled */}} -{{- define "redis.validateValues.tls" -}} -{{- if and .Values.tls.enabled (not .Values.tls.autoGenerated) (not .Values.tls.existingSecret) (not .Values.tls.certificatesSecret) }} -redis: tls.enabled - In order to enable TLS, you also need to provide - an existing secret containing the TLS certificates or - enable auto-generated certificates. -{{- end -}} -{{- end -}} - -{{/* Validate values of Redis® - master service enabled */}} -{{- define "redis.validateValues.createMaster" -}} -{{- if and (or .Values.sentinel.masterService.enabled .Values.sentinel.service.createMaster) (or (not .Values.rbac.create) (not .Values.replica.automountServiceAccountToken) (not .Values.serviceAccount.create)) }} -redis: sentinel.masterService.enabled - In order to redirect requests only to the master pod via the service, you also need to - create rbac and serviceAccount. In addition, you need to enable - replica.automountServiceAccountToken. -{{- end -}} -{{- end -}} - -{{/* Define the suffix utilized for external-dns */}} -{{- define "redis.externalDNS.suffix" -}} -{{ printf "%s.%s" (include "common.names.fullname" .) .Values.useExternalDNS.suffix }} -{{- end -}} - -{{/* Compile all annotations utilized for external-dns */}} -{{- define "redis.externalDNS.annotations" -}} -{{- if and .Values.useExternalDNS.enabled .Values.useExternalDNS.annotationKey }} -{{ .Values.useExternalDNS.annotationKey }}hostname: {{ include "redis.externalDNS.suffix" . }} -{{- range $key, $val := .Values.useExternalDNS.additionalAnnotations }} -{{ $.Values.useExternalDNS.annotationKey }}{{ $key }}: {{ $val | quote }} -{{- end }} -{{- end }} -{{- end }} diff --git a/charts/redis/redis/templates/configmap.yaml b/charts/redis/redis/templates/configmap.yaml deleted file mode 100644 index 22df358..0000000 --- a/charts/redis/redis/templates/configmap.yaml +++ /dev/null @@ -1,64 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if (include "redis.createConfigmap" .) }} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ printf "%s-configuration" (include "common.names.fullname" .) }} - namespace: {{ include "common.names.namespace" . | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -data: - redis.conf: |- - # User-supplied common configuration: - {{- if .Values.commonConfiguration }} - {{- include "common.tplvalues.render" ( dict "value" .Values.commonConfiguration "context" $ ) | nindent 4 }} - {{- end }} - # End of common configuration - master.conf: |- - dir {{ .Values.master.persistence.path }} - # User-supplied master configuration: - {{- if .Values.master.configuration }} - {{- include "common.tplvalues.render" ( dict "value" .Values.master.configuration "context" $ ) | nindent 4 }} - {{- end }} - {{- if .Values.master.disableCommands }} - {{- range .Values.master.disableCommands }} - rename-command {{ . }} "" - {{- end }} - {{- end }} - # End of master configuration - replica.conf: |- - dir {{ .Values.replica.persistence.path }} - # User-supplied replica configuration: - {{- if .Values.replica.configuration }} - {{- include "common.tplvalues.render" ( dict "value" .Values.replica.configuration "context" $ ) | nindent 4 }} - {{- end }} - {{- if .Values.replica.disableCommands }} - {{- range .Values.replica.disableCommands }} - rename-command {{ . }} "" - {{- end }} - {{- end }} - # End of replica configuration - {{- if .Values.sentinel.enabled }} - sentinel.conf: |- - dir "/tmp" - port {{ .Values.sentinel.containerPorts.sentinel }} - sentinel monitor {{ .Values.sentinel.masterSet }} {{ template "common.names.fullname" . }}-node-0.{{ template "common.names.fullname" . }}-headless.{{ include "common.names.namespace" . }}.svc.{{ .Values.clusterDomain }} {{ .Values.sentinel.service.ports.redis }} {{ .Values.sentinel.quorum }} - sentinel down-after-milliseconds {{ .Values.sentinel.masterSet }} {{ .Values.sentinel.downAfterMilliseconds }} - sentinel failover-timeout {{ .Values.sentinel.masterSet }} {{ .Values.sentinel.failoverTimeout }} - sentinel parallel-syncs {{ .Values.sentinel.masterSet }} {{ .Values.sentinel.parallelSyncs }} - {{- if or .Values.sentinel.masterService.enabled .Values.sentinel.service.createMaster }} - sentinel client-reconfig-script {{ .Values.sentinel.masterSet }} /opt/bitnami/scripts/start-scripts/push-master-label.sh - {{- end }} - # User-supplied sentinel configuration: - {{- if .Values.sentinel.configuration }} - {{- include "common.tplvalues.render" ( dict "value" .Values.sentinel.configuration "context" $ ) | nindent 4 }} - {{- end }} - # End of sentinel configuration - {{- end }} -{{- end }} diff --git a/charts/redis/redis/templates/extra-list.yaml b/charts/redis/redis/templates/extra-list.yaml deleted file mode 100644 index 329f5c6..0000000 --- a/charts/redis/redis/templates/extra-list.yaml +++ /dev/null @@ -1,9 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- range .Values.extraDeploy }} ---- -{{ include "common.tplvalues.render" (dict "value" . "context" $) }} -{{- end }} diff --git a/charts/redis/redis/templates/headless-svc.yaml b/charts/redis/redis/templates/headless-svc.yaml deleted file mode 100644 index 280d9de..0000000 --- a/charts/redis/redis/templates/headless-svc.yaml +++ /dev/null @@ -1,35 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -apiVersion: v1 -kind: Service -metadata: - name: {{ printf "%s-headless" (include "common.names.fullname" .) }} - namespace: {{ include "common.names.namespace" . | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- if or .Values.sentinel.service.headless.annotations .Values.commonAnnotations (include "redis.externalDNS.annotations" .) }} - annotations: - {{- if or .Values.sentinel.service.headless.annotations .Values.commonAnnotations }} - {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.sentinel.service.headless.annotations .Values.commonAnnotations ) "context" . ) }} - {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} - {{- end }} - {{- include "redis.externalDNS.annotations" . | nindent 4 }} - {{- end }} -spec: - type: ClusterIP - clusterIP: None - {{- if .Values.sentinel.enabled }} - publishNotReadyAddresses: true - {{- end }} - ports: - - name: tcp-redis - port: {{ if .Values.sentinel.enabled }}{{ .Values.sentinel.service.ports.redis }}{{ else }}{{ .Values.master.service.ports.redis }}{{ end }} - targetPort: redis - {{- if .Values.sentinel.enabled }} - - name: tcp-sentinel - port: {{ .Values.sentinel.service.ports.sentinel }} - targetPort: redis-sentinel - {{- end }} - selector: {{- include "common.labels.matchLabels" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} diff --git a/charts/redis/redis/templates/health-configmap.yaml b/charts/redis/redis/templates/health-configmap.yaml deleted file mode 100644 index bdd72a0..0000000 --- a/charts/redis/redis/templates/health-configmap.yaml +++ /dev/null @@ -1,194 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ printf "%s-health" (include "common.names.fullname" .) }} - namespace: {{ include "common.names.namespace" . | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -data: - ping_readiness_local.sh: |- - #!/bin/bash - - [[ -f $REDIS_PASSWORD_FILE ]] && export REDIS_PASSWORD="$(< "${REDIS_PASSWORD_FILE}")" - [[ -n "$REDIS_PASSWORD" ]] && export REDISCLI_AUTH="$REDIS_PASSWORD" - response=$( - timeout -s 15 $1 \ - redis-cli \ - -h localhost \ -{{- if .Values.tls.enabled }} - -p $REDIS_TLS_PORT \ - --tls \ - --cacert {{ template "redis.tlsCACert" . }} \ - {{- if .Values.tls.authClients }} - --cert {{ template "redis.tlsCert" . }} \ - --key {{ template "redis.tlsCertKey" . }} \ - {{- end }} -{{- else }} - -p $REDIS_PORT \ -{{- end }} - ping - ) - if [ "$?" -eq "124" ]; then - echo "Timed out" - exit 1 - fi - if [ "$response" != "PONG" ]; then - echo "$response" - exit 1 - fi - ping_liveness_local.sh: |- - #!/bin/bash - - [[ -f $REDIS_PASSWORD_FILE ]] && export REDIS_PASSWORD="$(< "${REDIS_PASSWORD_FILE}")" - [[ -n "$REDIS_PASSWORD" ]] && export REDISCLI_AUTH="$REDIS_PASSWORD" - response=$( - timeout -s 15 $1 \ - redis-cli \ - -h localhost \ -{{- if .Values.tls.enabled }} - -p $REDIS_TLS_PORT \ - --tls \ - --cacert {{ template "redis.tlsCACert" . }} \ - {{- if .Values.tls.authClients }} - --cert {{ template "redis.tlsCert" . }} \ - --key {{ template "redis.tlsCertKey" . }} \ - {{- end }} -{{- else }} - -p $REDIS_PORT \ -{{- end }} - ping - ) - if [ "$?" -eq "124" ]; then - echo "Timed out" - exit 1 - fi - responseFirstWord=$(echo $response | head -n1 | awk '{print $1;}') - if [ "$response" != "PONG" ] && [ "$responseFirstWord" != "LOADING" ] && [ "$responseFirstWord" != "MASTERDOWN" ]; then - echo "$response" - exit 1 - fi -{{- if .Values.sentinel.enabled }} - ping_sentinel.sh: |- - #!/bin/bash - -{{- if .Values.auth.sentinel }} - [[ -f $REDIS_PASSWORD_FILE ]] && export REDIS_PASSWORD="$(< "${REDIS_PASSWORD_FILE}")" - [[ -n "$REDIS_PASSWORD" ]] && export REDISCLI_AUTH="$REDIS_PASSWORD" -{{- end }} - response=$( - timeout -s 15 $1 \ - redis-cli \ - -h localhost \ -{{- if .Values.tls.enabled }} - -p $REDIS_SENTINEL_TLS_PORT_NUMBER \ - --tls \ - --cacert "$REDIS_SENTINEL_TLS_CA_FILE" \ - {{- if .Values.tls.authClients }} - --cert "$REDIS_SENTINEL_TLS_CERT_FILE" \ - --key "$REDIS_SENTINEL_TLS_KEY_FILE" \ - {{- end }} -{{- else }} - -p $REDIS_SENTINEL_PORT \ -{{- end }} - ping - ) - if [ "$?" -eq "124" ]; then - echo "Timed out" - exit 1 - fi - if [ "$response" != "PONG" ]; then - echo "$response" - exit 1 - fi - parse_sentinels.awk: |- - /ip/ {FOUND_IP=1} - /port/ {FOUND_PORT=1} - /runid/ {FOUND_RUNID=1} - !/ip|port|runid/ { - if (FOUND_IP==1) { - IP=$1; FOUND_IP=0; - } - else if (FOUND_PORT==1) { - PORT=$1; - FOUND_PORT=0; - } else if (FOUND_RUNID==1) { - printf "\nsentinel known-sentinel {{ .Values.sentinel.masterSet }} %s %s %s", IP, PORT, $0; FOUND_RUNID=0; - } - } -{{- end }} - ping_readiness_master.sh: |- - #!/bin/bash - - [[ -f $REDIS_MASTER_PASSWORD_FILE ]] && export REDIS_MASTER_PASSWORD="$(< "${REDIS_MASTER_PASSWORD_FILE}")" - [[ -n "$REDIS_MASTER_PASSWORD" ]] && export REDISCLI_AUTH="$REDIS_MASTER_PASSWORD" - response=$( - timeout -s 15 $1 \ - redis-cli \ - -h $REDIS_MASTER_HOST \ - -p $REDIS_MASTER_PORT_NUMBER \ -{{- if .Values.tls.enabled }} - --tls \ - --cacert {{ template "redis.tlsCACert" . }} \ - {{- if .Values.tls.authClients }} - --cert {{ template "redis.tlsCert" . }} \ - --key {{ template "redis.tlsCertKey" . }} \ - {{- end }} -{{- end }} - ping - ) - if [ "$?" -eq "124" ]; then - echo "Timed out" - exit 1 - fi - if [ "$response" != "PONG" ]; then - echo "$response" - exit 1 - fi - ping_liveness_master.sh: |- - #!/bin/bash - - [[ -f $REDIS_MASTER_PASSWORD_FILE ]] && export REDIS_MASTER_PASSWORD="$(< "${REDIS_MASTER_PASSWORD_FILE}")" - [[ -n "$REDIS_MASTER_PASSWORD" ]] && export REDISCLI_AUTH="$REDIS_MASTER_PASSWORD" - response=$( - timeout -s 15 $1 \ - redis-cli \ - -h $REDIS_MASTER_HOST \ - -p $REDIS_MASTER_PORT_NUMBER \ -{{- if .Values.tls.enabled }} - --tls \ - --cacert {{ template "redis.tlsCACert" . }} \ - {{- if .Values.tls.authClients }} - --cert {{ template "redis.tlsCert" . }} \ - --key {{ template "redis.tlsCertKey" . }} \ - {{- end }} -{{- end }} - ping - ) - if [ "$?" -eq "124" ]; then - echo "Timed out" - exit 1 - fi - responseFirstWord=$(echo $response | head -n1 | awk '{print $1;}') - if [ "$response" != "PONG" ] && [ "$responseFirstWord" != "LOADING" ]; then - echo "$response" - exit 1 - fi - ping_readiness_local_and_master.sh: |- - script_dir="$(dirname "$0")" - exit_status=0 - "$script_dir/ping_readiness_local.sh" $1 || exit_status=$? - "$script_dir/ping_readiness_master.sh" $1 || exit_status=$? - exit $exit_status - ping_liveness_local_and_master.sh: |- - script_dir="$(dirname "$0")" - exit_status=0 - "$script_dir/ping_liveness_local.sh" $1 || exit_status=$? - "$script_dir/ping_liveness_master.sh" $1 || exit_status=$? - exit $exit_status diff --git a/charts/redis/redis/templates/master/application.yaml b/charts/redis/redis/templates/master/application.yaml deleted file mode 100644 index b17a240..0000000 --- a/charts/redis/redis/templates/master/application.yaml +++ /dev/null @@ -1,546 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if gt (int64 .Values.master.count) 0 -}} -{{- if or (not (eq .Values.architecture "replication")) (not .Values.sentinel.enabled) }} -apiVersion: {{ include "common.capabilities.statefulset.apiVersion" . }} -kind: {{ .Values.master.kind }} -metadata: - name: {{ printf "%s-master" (include "common.names.fullname" .) }} - namespace: {{ include "common.names.namespace" . | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - app.kubernetes.io/component: master - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -spec: - {{- if not (eq .Values.master.kind "DaemonSet") }} - replicas: {{ .Values.master.count }} - {{- end }} - revisionHistoryLimit: {{ .Values.master.revisionHistoryLimit }} - {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.master.podLabels .Values.commonLabels ) "context" . ) }} - selector: - matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }} - app.kubernetes.io/component: master - {{- if (eq .Values.master.kind "StatefulSet") }} - serviceName: {{ printf "%s-headless" (include "common.names.fullname" .) }} - {{- end }} - {{- if .Values.master.updateStrategy }} - {{- if (eq .Values.master.kind "Deployment") }} - strategy: {{- toYaml .Values.master.updateStrategy | nindent 4 }} - {{- else }} - updateStrategy: {{- toYaml .Values.master.updateStrategy | nindent 4 }} - {{- end }} - {{- if and .Values.master.minReadySeconds (semverCompare ">= 1.23-0" (include "common.capabilities.kubeVersion" .)) }} - minReadySeconds: {{ .Values.master.minReadySeconds }} - {{- end }} - {{- end }} - template: - metadata: - labels: {{- include "common.labels.standard" ( dict "customLabels" $podLabels "context" $ ) | nindent 8 }} - app.kubernetes.io/component: master - {{- if and .Values.metrics.enabled .Values.metrics.podLabels }} - {{- include "common.tplvalues.render" ( dict "value" .Values.metrics.podLabels "context" $ ) | nindent 8 }} - {{- end }} - annotations: - {{- if (include "redis.createConfigmap" .) }} - checksum/configmap: {{ pick ( include (print $.Template.BasePath "/configmap.yaml") . | fromYaml ) "data" | toYaml | sha256sum }} - {{- end }} - checksum/health: {{ pick ( include (print $.Template.BasePath "/health-configmap.yaml") . | fromYaml ) "data" | toYaml | sha256sum }} - checksum/scripts: {{ pick ( include (print $.Template.BasePath "/scripts-configmap.yaml") . | fromYaml ) "data" | toYaml | sha256sum }} - checksum/secret: {{ pick ( include (print $.Template.BasePath "/secret.yaml") . | fromYaml ) "data" | toYaml | sha256sum }} - {{- if .Values.master.podAnnotations }} - {{- include "common.tplvalues.render" ( dict "value" .Values.master.podAnnotations "context" $ ) | nindent 8 }} - {{- end }} - {{- if and .Values.metrics.enabled .Values.metrics.podAnnotations }} - {{- include "common.tplvalues.render" ( dict "value" .Values.metrics.podAnnotations "context" $ ) | nindent 8 }} - {{- end }} - spec: - {{- include "redis.imagePullSecrets" . | nindent 6 }} - {{- if .Values.master.hostAliases }} - hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.master.hostAliases "context" $) | nindent 8 }} - {{- end }} - {{- if .Values.master.podSecurityContext.enabled }} - securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.master.podSecurityContext "context" $) | nindent 8 }} - {{- end }} - serviceAccountName: {{ template "redis.masterServiceAccountName" . }} - automountServiceAccountToken: {{ .Values.master.automountServiceAccountToken }} - {{- if .Values.master.priorityClassName }} - priorityClassName: {{ .Values.master.priorityClassName | quote }} - {{- end }} - {{- if .Values.master.affinity }} - affinity: {{- include "common.tplvalues.render" (dict "value" .Values.master.affinity "context" $) | nindent 8 }} - {{- else }} - affinity: - podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.master.podAffinityPreset "component" "master" "customLabels" $podLabels "context" $) | nindent 10 }} - podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.master.podAntiAffinityPreset "component" "master" "customLabels" $podLabels "context" $) | nindent 10 }} - nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.master.nodeAffinityPreset.type "key" .Values.master.nodeAffinityPreset.key "values" .Values.master.nodeAffinityPreset.values) | nindent 10 }} - {{- end }} - {{- if .Values.master.nodeSelector }} - nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.master.nodeSelector "context" $) | nindent 8 }} - {{- end }} - {{- if .Values.master.tolerations }} - tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.master.tolerations "context" $) | nindent 8 }} - {{- end }} - {{- if .Values.master.topologySpreadConstraints }} - topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.master.topologySpreadConstraints "context" $) | nindent 8 }} - {{- end }} - {{- if .Values.master.shareProcessNamespace }} - shareProcessNamespace: {{ .Values.master.shareProcessNamespace }} - {{- end }} - {{- if .Values.master.schedulerName }} - schedulerName: {{ .Values.master.schedulerName | quote }} - {{- end }} - {{- if .Values.master.dnsPolicy }} - dnsPolicy: {{ .Values.master.dnsPolicy }} - {{- end }} - {{- if .Values.master.dnsConfig }} - dnsConfig: {{- include "common.tplvalues.render" (dict "value" .Values.master.dnsConfig "context" $) | nindent 8 }} - {{- end }} - enableServiceLinks: {{ .Values.master.enableServiceLinks }} - terminationGracePeriodSeconds: {{ .Values.master.terminationGracePeriodSeconds }} - containers: - - name: redis - image: {{ template "redis.image" . }} - imagePullPolicy: {{ .Values.image.pullPolicy | quote }} - {{- if .Values.master.lifecycleHooks }} - lifecycle: {{- include "common.tplvalues.render" (dict "value" .Values.master.lifecycleHooks "context" $) | nindent 12 }} - {{- end }} - {{- if .Values.master.containerSecurityContext.enabled }} - securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.master.containerSecurityContext "context" $) | nindent 12 }} - {{- end }} - {{- if .Values.diagnosticMode.enabled }} - command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }} - {{- else if .Values.master.command }} - command: {{- include "common.tplvalues.render" (dict "value" .Values.master.command "context" $) | nindent 12 }} - {{- else }} - command: - - /bin/bash - {{- end }} - {{- if .Values.diagnosticMode.enabled }} - args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 12 }} - {{- else if .Values.master.args }} - args: {{- include "common.tplvalues.render" (dict "value" .Values.master.args "context" $) | nindent 12 }} - {{- else }} - args: - - -c - - /opt/bitnami/scripts/start-scripts/start-master.sh - {{- end }} - env: - - name: BITNAMI_DEBUG - value: {{ ternary "true" "false" (or .Values.image.debug .Values.diagnosticMode.enabled) | quote }} - - name: REDIS_REPLICATION_MODE - value: master - - name: ALLOW_EMPTY_PASSWORD - value: {{ ternary "no" "yes" .Values.auth.enabled | quote }} - {{- if .Values.auth.enabled }} - {{- if .Values.auth.usePasswordFiles }} - - name: REDIS_PASSWORD_FILE - value: "/opt/bitnami/redis/secrets/redis-password" - {{- else }} - - name: REDIS_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "redis.secretName" . }} - key: {{ template "redis.secretPasswordKey" . }} - {{- end }} - {{- end }} - - name: REDIS_TLS_ENABLED - value: {{ ternary "yes" "no" .Values.tls.enabled | quote }} - {{- if .Values.tls.enabled }} - - name: REDIS_TLS_PORT - value: {{ .Values.master.containerPorts.redis | quote }} - - name: REDIS_TLS_AUTH_CLIENTS - value: {{ ternary "yes" "no" .Values.tls.authClients | quote }} - - name: REDIS_TLS_CERT_FILE - value: {{ template "redis.tlsCert" . }} - - name: REDIS_TLS_KEY_FILE - value: {{ template "redis.tlsCertKey" . }} - - name: REDIS_TLS_CA_FILE - value: {{ template "redis.tlsCACert" . }} - {{- if .Values.tls.dhParamsFilename }} - - name: REDIS_TLS_DH_PARAMS_FILE - value: {{ template "redis.tlsDHParams" . }} - {{- end }} - {{- else }} - - name: REDIS_PORT - value: {{ .Values.master.containerPorts.redis | quote }} - {{- end }} - {{- if .Values.master.extraEnvVars }} - {{- include "common.tplvalues.render" (dict "value" .Values.master.extraEnvVars "context" $) | nindent 12 }} - {{- end }} - {{- if or .Values.master.extraEnvVarsCM .Values.master.extraEnvVarsSecret }} - envFrom: - {{- if .Values.master.extraEnvVarsCM }} - - configMapRef: - name: {{ .Values.master.extraEnvVarsCM }} - {{- end }} - {{- if .Values.master.extraEnvVarsSecret }} - - secretRef: - name: {{ .Values.master.extraEnvVarsSecret }} - {{- end }} - {{- end }} - ports: - - name: redis - containerPort: {{ .Values.master.containerPorts.redis }} - {{- if not .Values.diagnosticMode.enabled }} - {{- if .Values.master.customStartupProbe }} - startupProbe: {{- include "common.tplvalues.render" (dict "value" .Values.master.customStartupProbe "context" $) | nindent 12 }} - {{- else if .Values.master.startupProbe.enabled }} - startupProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.master.startupProbe "enabled") "context" $) | nindent 12 }} - tcpSocket: - port: redis - {{- end }} - {{- if .Values.master.customLivenessProbe }} - livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.master.customLivenessProbe "context" $) | nindent 12 }} - {{- else if .Values.master.livenessProbe.enabled }} - livenessProbe: - initialDelaySeconds: {{ .Values.master.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.master.livenessProbe.periodSeconds }} - # One second longer than command timeout should prevent generation of zombie processes. - timeoutSeconds: {{ add1 .Values.master.livenessProbe.timeoutSeconds }} - successThreshold: {{ .Values.master.livenessProbe.successThreshold }} - failureThreshold: {{ .Values.master.livenessProbe.failureThreshold }} - exec: - command: - - sh - - -c - - /health/ping_liveness_local.sh {{ .Values.master.livenessProbe.timeoutSeconds }} - {{- end }} - {{- if .Values.master.customReadinessProbe }} - readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.master.customReadinessProbe "context" $) | nindent 12 }} - {{- else if .Values.master.readinessProbe.enabled }} - readinessProbe: - initialDelaySeconds: {{ .Values.master.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.master.readinessProbe.periodSeconds }} - timeoutSeconds: {{ add1 .Values.master.readinessProbe.timeoutSeconds }} - successThreshold: {{ .Values.master.readinessProbe.successThreshold }} - failureThreshold: {{ .Values.master.readinessProbe.failureThreshold }} - exec: - command: - - sh - - -c - - /health/ping_readiness_local.sh {{ .Values.master.readinessProbe.timeoutSeconds }} - {{- end }} - {{- end }} - {{- if .Values.master.resources }} - resources: {{- toYaml .Values.master.resources | nindent 12 }} - {{- else if ne .Values.master.resourcesPreset "none" }} - resources: {{- include "common.resources.preset" (dict "type" .Values.master.resourcesPreset) | nindent 12 }} - {{- end }} - volumeMounts: - - name: start-scripts - mountPath: /opt/bitnami/scripts/start-scripts - - name: health - mountPath: /health - {{- if .Values.auth.usePasswordFiles }} - - name: redis-password - mountPath: /opt/bitnami/redis/secrets/ - {{- end }} - - name: redis-data - mountPath: {{ .Values.master.persistence.path }} - {{- if .Values.master.persistence.subPath }} - subPath: {{ .Values.master.persistence.subPath }} - {{- else if .Values.master.persistence.subPathExpr }} - subPathExpr: {{ .Values.master.persistence.subPathExpr }} - {{- end }} - - name: config - mountPath: /opt/bitnami/redis/mounted-etc - - name: empty-dir - mountPath: /opt/bitnami/redis/etc/ - subPath: app-conf-dir - - name: empty-dir - mountPath: /tmp - subPath: tmp-dir - {{- if .Values.tls.enabled }} - - name: redis-certificates - mountPath: /opt/bitnami/redis/certs - readOnly: true - {{- end }} - {{- if .Values.master.extraVolumeMounts }} - {{- include "common.tplvalues.render" ( dict "value" .Values.master.extraVolumeMounts "context" $ ) | nindent 12 }} - {{- end }} - {{- if .Values.metrics.enabled }} - - name: metrics - image: {{ include "redis.metrics.image" . }} - imagePullPolicy: {{ .Values.metrics.image.pullPolicy | quote }} - {{- if .Values.metrics.containerSecurityContext.enabled }} - securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.metrics.containerSecurityContext "context" $) | nindent 12 }} - {{- end }} - {{- if .Values.diagnosticMode.enabled }} - command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }} - {{- else if .Values.metrics.command }} - command: {{- include "common.tplvalues.render" (dict "value" .Values.metrics.command "context" $) | nindent 12 }} - {{- else }} - command: - - /bin/bash - - -c - - | - if [[ -f '/secrets/redis-password' ]]; then - export REDIS_PASSWORD=$(cat /secrets/redis-password) - fi - redis_exporter{{- range $key, $value := .Values.metrics.extraArgs }} --{{ $key }}={{ $value }}{{- end }} - {{- end }} - {{- if .Values.diagnosticMode.enabled }} - args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 12 }} - {{- end }} - env: - - name: REDIS_ALIAS - value: {{ template "common.names.fullname" . }} - - name: REDIS_EXPORTER_WEB_LISTEN_ADDRESS - value: {{ printf ":%v" .Values.metrics.containerPorts.http }} - {{- if .Values.auth.enabled }} - - name: REDIS_USER - value: default - {{- if (not .Values.auth.usePasswordFiles) }} - - name: REDIS_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "redis.secretName" . }} - key: {{ template "redis.secretPasswordKey" . }} - {{- end }} - {{- end }} - {{- if .Values.tls.enabled }} - - name: REDIS_ADDR - value: rediss://{{ .Values.metrics.redisTargetHost }}:{{ .Values.master.containerPorts.redis }} - {{- if .Values.tls.authClients }} - - name: REDIS_EXPORTER_TLS_CLIENT_KEY_FILE - value: {{ template "redis.tlsCertKey" . }} - - name: REDIS_EXPORTER_TLS_CLIENT_CERT_FILE - value: {{ template "redis.tlsCert" . }} - {{- end }} - - name: REDIS_EXPORTER_TLS_CA_CERT_FILE - value: {{ template "redis.tlsCACert" . }} - {{- end }} - {{- if .Values.metrics.extraEnvVars }} - {{- include "common.tplvalues.render" (dict "value" .Values.metrics.extraEnvVars "context" $) | nindent 12 }} - {{- end }} - ports: - - name: metrics - containerPort: {{ .Values.metrics.containerPorts.http }} - {{- if not .Values.diagnosticMode.enabled }} - {{- if .Values.metrics.customStartupProbe }} - startupProbe: {{- include "common.tplvalues.render" (dict "value" .Values.metrics.customStartupProbe "context" $) | nindent 12 }} - {{- else if .Values.metrics.startupProbe.enabled }} - startupProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.metrics.startupProbe "enabled") "context" $) | nindent 12 }} - tcpSocket: - port: metrics - {{- end }} - {{- if .Values.metrics.customLivenessProbe }} - livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.metrics.customLivenessProbe "context" $) | nindent 12 }} - {{- else if .Values.metrics.livenessProbe.enabled }} - livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.metrics.livenessProbe "enabled") "context" $) | nindent 12 }} - tcpSocket: - port: metrics - {{- end }} - {{- if .Values.metrics.customReadinessProbe }} - readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.metrics.customReadinessProbe "context" $) | nindent 12 }} - {{- else if .Values.metrics.readinessProbe.enabled }} - readinessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.metrics.readinessProbe "enabled") "context" $) | nindent 12 }} - httpGet: - path: / - port: metrics - {{- end }} - {{- end }} - {{- if .Values.metrics.resources }} - resources: {{- toYaml .Values.metrics.resources | nindent 12 }} - {{- else if ne .Values.metrics.resourcesPreset "none" }} - resources: {{- include "common.resources.preset" (dict "type" .Values.metrics.resourcesPreset) | nindent 12 }} - {{- end }} - volumeMounts: - - name: empty-dir - mountPath: /tmp - subPath: app-tmp-dir - {{- if .Values.auth.usePasswordFiles }} - - name: redis-password - mountPath: /secrets/ - {{- end }} - {{- if .Values.tls.enabled }} - - name: redis-certificates - mountPath: /opt/bitnami/redis/certs - readOnly: true - {{- end }} - {{- if .Values.metrics.extraVolumeMounts }} - {{- include "common.tplvalues.render" ( dict "value" .Values.metrics.extraVolumeMounts "context" $ ) | nindent 12 }} - {{- end }} - {{- end }} - {{- if .Values.master.sidecars }} - {{- include "common.tplvalues.render" (dict "value" .Values.master.sidecars "context" $) | nindent 8 }} - {{- end }} - {{- $needsVolumePermissions := and .Values.volumePermissions.enabled .Values.master.persistence.enabled .Values.master.podSecurityContext.enabled .Values.master.containerSecurityContext.enabled }} - {{- if or .Values.master.initContainers $needsVolumePermissions .Values.sysctl.enabled }} - initContainers: - {{- if .Values.master.initContainers }} - {{- include "common.tplvalues.render" (dict "value" .Values.master.initContainers "context" $) | nindent 8 }} - {{- end }} - {{- if $needsVolumePermissions }} - - name: volume-permissions - image: {{ include "redis.volumePermissions.image" . }} - imagePullPolicy: {{ .Values.volumePermissions.image.pullPolicy | quote }} - command: - - /bin/bash - - -ec - - | - {{- if eq ( toString ( .Values.volumePermissions.containerSecurityContext.runAsUser )) "auto" }} - chown -R `id -u`:`id -G | cut -d " " -f2` {{ .Values.master.persistence.path }} - {{- else }} - chown -R {{ .Values.master.containerSecurityContext.runAsUser }}:{{ .Values.master.podSecurityContext.fsGroup }} {{ .Values.master.persistence.path }} - {{- end }} - {{- if eq ( toString ( .Values.volumePermissions.containerSecurityContext.runAsUser )) "auto" }} - securityContext: {{- omit .Values.volumePermissions.containerSecurityContext "runAsUser" | toYaml | nindent 12 }} - {{- else }} - securityContext: {{- .Values.volumePermissions.containerSecurityContext | toYaml | nindent 12 }} - {{- end }} - {{- if .Values.volumePermissions.resources }} - resources: {{- toYaml .Values.volumePermissions.resources | nindent 12 }} - {{- else if ne .Values.volumePermissions.resourcesPreset "none" }} - resources: {{- include "common.resources.preset" (dict "type" .Values.volumePermissions.resourcesPreset) | nindent 12 }} - {{- end }} - volumeMounts: - - name: empty-dir - mountPath: /tmp - subPath: tmp-dir - - name: redis-data - mountPath: {{ .Values.master.persistence.path }} - {{- if .Values.master.persistence.subPath }} - subPath: {{ .Values.master.persistence.subPath }} - {{- else if .Values.master.persistence.subPathExpr }} - subPathExpr: {{ .Values.master.persistence.subPathExpr }} - {{- end }} - {{- end }} - {{- if .Values.sysctl.enabled }} - - name: init-sysctl - image: {{ include "redis.sysctl.image" . }} - imagePullPolicy: {{ default "" .Values.sysctl.image.pullPolicy | quote }} - securityContext: - privileged: true - runAsUser: 0 - {{- if .Values.sysctl.command }} - command: {{- include "common.tplvalues.render" (dict "value" .Values.sysctl.command "context" $) | nindent 12 }} - {{- end }} - {{- if .Values.sysctl.resources }} - resources: {{- toYaml .Values.sysctl.resources | nindent 12 }} - {{- else if ne .Values.sysctl.resourcesPreset "none" }} - resources: {{- include "common.resources.preset" (dict "type" .Values.sysctl.resourcesPreset) | nindent 12 }} - {{- end }} - {{- if .Values.sysctl.mountHostSys }} - volumeMounts: - - name: empty-dir - mountPath: /tmp - subPath: tmp-dir - - name: host-sys - mountPath: /host-sys - {{- end }} - {{- end }} - {{- end }} - volumes: - - name: start-scripts - configMap: - name: {{ printf "%s-scripts" (include "common.names.fullname" .) }} - defaultMode: 0755 - - name: health - configMap: - name: {{ printf "%s-health" (include "common.names.fullname" .) }} - defaultMode: 0755 - {{- if .Values.auth.usePasswordFiles }} - - name: redis-password - {{ if .Values.auth.usePasswordFileFromSecret }} - secret: - secretName: {{ template "redis.secretName" . }} - items: - - key: {{ template "redis.secretPasswordKey" . }} - path: redis-password - {{- else }} - emptyDir: {} - {{- end }} - {{- end }} - - name: config - configMap: - name: {{ include "redis.configmapName" . }} - {{- if .Values.sysctl.mountHostSys }} - - name: host-sys - hostPath: - path: /sys - {{- end }} - - name: empty-dir - {{- if or .Values.master.persistence.medium .Values.master.persistence.sizeLimit }} - emptyDir: - {{- if .Values.master.persistence.medium }} - medium: {{ .Values.master.persistence.medium | quote }} - {{- end }} - {{- if .Values.master.persistence.sizeLimit }} - sizeLimit: {{ .Values.master.persistence.sizeLimit | quote }} - {{- end }} - {{- else }} - emptyDir: {} - {{- end }} - {{- if .Values.tls.enabled }} - - name: redis-certificates - secret: - secretName: {{ include "redis.tlsSecretName" . }} - defaultMode: 256 - {{- end }} - {{- if .Values.master.extraVolumes }} - {{- include "common.tplvalues.render" ( dict "value" .Values.master.extraVolumes "context" $ ) | nindent 8 }} - {{- end }} - {{- if .Values.metrics.extraVolumes }} - {{- include "common.tplvalues.render" ( dict "value" .Values.metrics.extraVolumes "context" $ ) | nindent 8 }} - {{- end }} - {{- if or (not .Values.master.persistence.enabled) (eq .Values.master.kind "DaemonSet") }} - - name: redis-data - {{- if or .Values.master.persistence.medium .Values.master.persistence.sizeLimit }} - emptyDir: - {{- if .Values.master.persistence.medium }} - medium: {{ .Values.master.persistence.medium | quote }} - {{- end }} - {{- if .Values.master.persistence.sizeLimit }} - sizeLimit: {{ .Values.master.persistence.sizeLimit | quote }} - {{- end }} - {{- else }} - emptyDir: {} - {{- end }} - {{- else if .Values.master.persistence.existingClaim }} - - name: redis-data - persistentVolumeClaim: - claimName: {{ printf "%s" (tpl .Values.master.persistence.existingClaim .) }} - {{- else if (eq .Values.master.kind "Deployment") }} - - name: redis-data - persistentVolumeClaim: - claimName: {{ printf "redis-data-%s-master" (include "common.names.fullname" .) }} - {{- else }} - {{- if .Values.master.persistentVolumeClaimRetentionPolicy.enabled }} - persistentVolumeClaimRetentionPolicy: - whenDeleted: {{ .Values.master.persistentVolumeClaimRetentionPolicy.whenDeleted }} - whenScaled: {{ .Values.master.persistentVolumeClaimRetentionPolicy.whenScaled }} - {{- end }} - volumeClaimTemplates: - - apiVersion: v1 - kind: PersistentVolumeClaim - metadata: - name: redis-data - {{- $claimLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.master.persistence.labels .Values.commonLabels ) "context" . ) }} - labels: {{- include "common.labels.matchLabels" ( dict "customLabels" $claimLabels "context" $ ) | nindent 10 }} - app.kubernetes.io/component: master - {{- if .Values.master.persistence.annotations }} - annotations: {{- toYaml .Values.master.persistence.annotations | nindent 10 }} - {{- end }} - spec: - accessModes: - {{- range .Values.master.persistence.accessModes }} - - {{ . | quote }} - {{- end }} - resources: - requests: - storage: {{ .Values.master.persistence.size | quote }} - {{- if .Values.master.persistence.selector }} - selector: {{- include "common.tplvalues.render" (dict "value" .Values.master.persistence.selector "context" $) | nindent 10 }} - {{- end }} - {{- if .Values.master.persistence.dataSource }} - dataSource: {{- include "common.tplvalues.render" (dict "value" .Values.master.persistence.dataSource "context" $) | nindent 10 }} - {{- end }} - {{- include "common.storage.class" (dict "persistence" .Values.master.persistence "global" .Values.global) | nindent 8 }} - {{- end }} -{{- end }} -{{- end }} diff --git a/charts/redis/redis/templates/master/pdb.yaml b/charts/redis/redis/templates/master/pdb.yaml deleted file mode 100644 index dab636d..0000000 --- a/charts/redis/redis/templates/master/pdb.yaml +++ /dev/null @@ -1,27 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} -{{- $pdb := coalesce .Values.pdb .Values.master.pdb }} -{{- if and $pdb.create (gt (int64 .Values.master.count) 0) (or (not (eq .Values.architecture "replication")) (not .Values.sentinel.enabled)) }} -apiVersion: {{ include "common.capabilities.policy.apiVersion" . }} -kind: PodDisruptionBudget -metadata: - name: {{ printf "%s-master" (include "common.names.fullname" .) }} - namespace: {{ include "common.names.namespace" . | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - app.kubernetes.io/component: master - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -spec: - {{- if $pdb.minAvailable }} - minAvailable: {{ $pdb.minAvailable }} - {{- end }} - {{- if or $pdb.maxUnavailable (not $pdb.minAvailable)}} - maxUnavailable: {{ $pdb.maxUnavailable | default 1 }} - {{- end }} - selector: - matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 6 }} - app.kubernetes.io/component: master -{{- end }} diff --git a/charts/redis/redis/templates/master/psp.yaml b/charts/redis/redis/templates/master/psp.yaml deleted file mode 100644 index 2a685f8..0000000 --- a/charts/redis/redis/templates/master/psp.yaml +++ /dev/null @@ -1,47 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if and (include "common.capabilities.psp.supported" .) .Values.podSecurityPolicy.create }} -apiVersion: policy/v1beta1 -kind: PodSecurityPolicy -metadata: - name: {{ printf "%s-master" (include "common.names.fullname" .) }} - namespace: {{ include "common.names.namespace" . | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -spec: - allowPrivilegeEscalation: false - fsGroup: - rule: 'MustRunAs' - ranges: - - min: {{ .Values.master.podSecurityContext.fsGroup }} - max: {{ .Values.master.podSecurityContext.fsGroup }} - hostIPC: false - hostNetwork: false - hostPID: false - privileged: false - readOnlyRootFilesystem: false - requiredDropCapabilities: - - ALL - runAsUser: - rule: 'MustRunAs' - ranges: - - min: {{ .Values.master.containerSecurityContext.runAsUser }} - max: {{ .Values.master.containerSecurityContext.runAsUser }} - seLinux: - rule: 'RunAsAny' - supplementalGroups: - rule: 'MustRunAs' - ranges: - - min: {{ .Values.master.containerSecurityContext.runAsUser }} - max: {{ .Values.master.containerSecurityContext.runAsUser }} - volumes: - - 'configMap' - - 'secret' - - 'emptyDir' - - 'persistentVolumeClaim' -{{- end }} diff --git a/charts/redis/redis/templates/master/pvc.yaml b/charts/redis/redis/templates/master/pvc.yaml deleted file mode 100644 index 13aee50..0000000 --- a/charts/redis/redis/templates/master/pvc.yaml +++ /dev/null @@ -1,33 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if and (eq .Values.architecture "standalone") (eq .Values.master.kind "Deployment") (.Values.master.persistence.enabled) (not .Values.master.persistence.existingClaim) }} -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: {{ printf "redis-data-%s-master" (include "common.names.fullname" .) }} - namespace: {{ include "common.names.namespace" . | quote }} - {{- $labels := include "common.tplvalues.merge" ( dict "values" ( list .Values.master.persistence.labels .Values.commonLabels ) "context" . ) }} - labels: {{- include "common.labels.standard" ( dict "customLabels" $labels "context" $ ) | nindent 4 }} - app.kubernetes.io/component: master - {{- if .Values.master.persistence.annotations }} - annotations: {{- toYaml .Values.master.persistence.annotations | nindent 4 }} - {{- end }} -spec: - accessModes: - {{- range .Values.master.persistence.accessModes }} - - {{ . | quote }} - {{- end }} - resources: - requests: - storage: {{ .Values.master.persistence.size | quote }} - {{- if .Values.master.persistence.selector }} - selector: {{- include "common.tplvalues.render" (dict "value" .Values.master.persistence.selector "context" $) | nindent 4 }} - {{- end }} - {{- if .Values.master.persistence.dataSource }} - dataSource: {{- include "common.tplvalues.render" (dict "value" .Values.master.persistence.dataSource "context" $) | nindent 4 }} - {{- end }} - {{- include "common.storage.class" (dict "persistence" .Values.master.persistence "global" .Values.global) | nindent 2 }} -{{- end }} diff --git a/charts/redis/redis/templates/master/service.yaml b/charts/redis/redis/templates/master/service.yaml deleted file mode 100644 index b9bf47d..0000000 --- a/charts/redis/redis/templates/master/service.yaml +++ /dev/null @@ -1,62 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if and (not .Values.sentinel.enabled) (gt (int64 .Values.master.count) 0) }} -apiVersion: v1 -kind: Service -metadata: - name: {{ printf "%s-master" (include "common.names.fullname" .) }} - namespace: {{ include "common.names.namespace" . | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - app.kubernetes.io/component: master - {{- if or .Values.master.service.annotations .Values.commonAnnotations }} - {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.master.service.annotations .Values.commonAnnotations ) "context" . ) }} - annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} - {{- end }} -spec: - type: {{ .Values.master.service.type }} - {{- if or (eq .Values.master.service.type "LoadBalancer") (eq .Values.master.service.type "NodePort") }} - externalTrafficPolicy: {{ .Values.master.service.externalTrafficPolicy | quote }} - {{- end }} - {{- if (semverCompare ">=1.22-0" (include "common.capabilities.kubeVersion" .)) }} - internalTrafficPolicy: {{ .Values.master.service.internalTrafficPolicy }} - {{- end }} - {{- if and (eq .Values.master.service.type "LoadBalancer") (not (empty .Values.master.service.loadBalancerIP)) }} - loadBalancerIP: {{ .Values.master.service.loadBalancerIP }} - {{- end }} - {{- if and (eq .Values.master.service.type "LoadBalancer") .Values.master.service.loadBalancerClass }} - loadBalancerClass: {{ .Values.master.service.loadBalancerClass }} - {{- end }} - {{- if and (eq .Values.master.service.type "LoadBalancer") (not (empty .Values.master.service.loadBalancerSourceRanges)) }} - loadBalancerSourceRanges: {{ toYaml .Values.master.service.loadBalancerSourceRanges | nindent 4 }} - {{- end }} - {{- if and .Values.master.service.clusterIP (eq .Values.master.service.type "ClusterIP") }} - clusterIP: {{ .Values.master.service.clusterIP }} - {{- end }} - {{- if .Values.master.service.sessionAffinity }} - sessionAffinity: {{ .Values.master.service.sessionAffinity }} - {{- end }} - {{- if .Values.master.service.sessionAffinityConfig }} - sessionAffinityConfig: {{- include "common.tplvalues.render" (dict "value" .Values.master.service.sessionAffinityConfig "context" $) | nindent 4 }} - {{- end }} - {{- if .Values.master.service.externalIPs }} - externalIPs: {{- include "common.tplvalues.render" (dict "value" .Values.master.service.externalIPs "context" $) | nindent 4 }} - {{- end }} - ports: - - name: {{ .Values.master.service.portNames.redis }} - port: {{ .Values.master.service.ports.redis }} - targetPort: redis - {{- if and (or (eq .Values.master.service.type "NodePort") (eq .Values.master.service.type "LoadBalancer")) .Values.master.service.nodePorts.redis}} - nodePort: {{ .Values.master.service.nodePorts.redis}} - {{- else if eq .Values.master.service.type "ClusterIP" }} - nodePort: null - {{- end }} - {{- if .Values.master.service.extraPorts }} - {{- include "common.tplvalues.render" (dict "value" .Values.master.service.extraPorts "context" $) | nindent 4 }} - {{- end }} - {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.master.podLabels .Values.commonLabels ) "context" . ) }} - selector: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 4 }} - app.kubernetes.io/component: master -{{- end }} diff --git a/charts/redis/redis/templates/master/serviceaccount.yaml b/charts/redis/redis/templates/master/serviceaccount.yaml deleted file mode 100644 index bf58cc5..0000000 --- a/charts/redis/redis/templates/master/serviceaccount.yaml +++ /dev/null @@ -1,18 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if and .Values.master.serviceAccount.create (or (not (eq .Values.architecture "replication")) (not .Values.sentinel.enabled)) }} -apiVersion: v1 -kind: ServiceAccount -automountServiceAccountToken: {{ .Values.master.serviceAccount.automountServiceAccountToken }} -metadata: - name: {{ template "redis.masterServiceAccountName" . }} - namespace: {{ include "common.names.namespace" . | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- if or .Values.master.serviceAccount.annotations .Values.commonAnnotations }} - {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.master.serviceAccount.annotations .Values.commonAnnotations ) "context" . ) }} - annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} - {{- end }} -{{- end }} diff --git a/charts/redis/redis/templates/metrics-svc.yaml b/charts/redis/redis/templates/metrics-svc.yaml deleted file mode 100644 index 529122e..0000000 --- a/charts/redis/redis/templates/metrics-svc.yaml +++ /dev/null @@ -1,44 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if and .Values.metrics.enabled .Values.metrics.service.enabled }} -apiVersion: v1 -kind: Service -metadata: - name: {{ printf "%s-metrics" (include "common.names.fullname" .) }} - namespace: {{ include "common.names.namespace" . | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - app.kubernetes.io/component: metrics - {{- if or .Values.metrics.service.annotations .Values.commonAnnotations }} - {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.metrics.service.annotations .Values.commonAnnotations ) "context" . ) }} - annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} - {{- end }} -spec: - type: {{ .Values.metrics.service.type }} - {{- if and .Values.metrics.service.clusterIP (eq .Values.metrics.service.type "ClusterIP") }} - clusterIP: {{ .Values.metrics.service.clusterIP }} - {{- end }} - {{- if eq .Values.metrics.service.type "LoadBalancer" }} - externalTrafficPolicy: {{ .Values.metrics.service.externalTrafficPolicy }} - {{- end }} - {{- if and (eq .Values.metrics.service.type "LoadBalancer") .Values.metrics.service.loadBalancerIP }} - loadBalancerIP: {{ .Values.metrics.service.loadBalancerIP }} - {{- end }} - {{- if and (eq .Values.metrics.service.type "LoadBalancer") .Values.metrics.service.loadBalancerClass }} - loadBalancerClass: {{ .Values.metrics.service.loadBalancerClass }} - {{- end }} - {{- if and (eq .Values.metrics.service.type "LoadBalancer") .Values.metrics.service.loadBalancerSourceRanges }} - loadBalancerSourceRanges: {{- toYaml .Values.metrics.service.loadBalancerSourceRanges | nindent 4 }} - {{- end }} - ports: - - name: http-metrics - port: {{ coalesce .Values.metrics.service.ports.http .Values.metrics.service.port }} - protocol: TCP - targetPort: metrics - {{- if .Values.metrics.service.extraPorts }} - {{- include "common.tplvalues.render" (dict "value" .Values.metrics.service.extraPorts "context" $) | nindent 4 }} - {{- end }} - selector: {{- include "common.labels.matchLabels" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} -{{- end }} diff --git a/charts/redis/redis/templates/networkpolicy.yaml b/charts/redis/redis/templates/networkpolicy.yaml deleted file mode 100644 index 3d652c6..0000000 --- a/charts/redis/redis/templates/networkpolicy.yaml +++ /dev/null @@ -1,108 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if .Values.networkPolicy.enabled }} -kind: NetworkPolicy -apiVersion: {{ template "networkPolicy.apiVersion" . }} -metadata: - name: {{ template "common.names.fullname" . }} - namespace: {{ include "common.names.namespace" . | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -spec: - podSelector: - matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 6 }} - policyTypes: - - Ingress - - Egress - {{- if .Values.networkPolicy.allowExternalEgress }} - egress: - - {} - {{- else }} - egress: - {{- if eq .Values.architecture "replication" }} - # Allow dns resolution - - ports: - - port: 53 - protocol: UDP - # Allow outbound connections to other cluster pods - - ports: - - port: {{ .Values.master.containerPorts.redis }} - {{- if .Values.sentinel.enabled }} - - port: {{ .Values.sentinel.containerPorts.sentinel }} - {{- end }} - to: - - podSelector: - matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 14 }} - {{- end }} - {{- if .Values.networkPolicy.extraEgress }} - {{- include "common.tplvalues.render" ( dict "value" .Values.networkPolicy.extraEgress "context" $ ) | nindent 4 }} - {{- end }} - {{- end }} - ingress: - # Allow inbound connections - - ports: - - port: {{ .Values.master.containerPorts.redis }} - {{- if .Values.sentinel.enabled }} - - port: {{ .Values.sentinel.containerPorts.sentinel }} - {{- end }} - {{- if not .Values.networkPolicy.allowExternal }} - from: - - podSelector: - matchLabels: - {{ template "common.names.fullname" . }}-client: "true" - - podSelector: - matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 14 }} - {{- if or .Values.networkPolicy.ingressNSMatchLabels .Values.networkPolicy.ingressNSPodMatchLabels }} - - namespaceSelector: - matchLabels: - {{- if .Values.networkPolicy.ingressNSMatchLabels }} - {{- range $key, $value := .Values.networkPolicy.ingressNSMatchLabels }} - {{ $key | quote }}: {{ $value | quote }} - {{- end }} - {{ else }} - {} - {{- end }} - {{- if .Values.networkPolicy.ingressNSPodMatchLabels }} - podSelector: - matchLabels: - {{- range $key, $value := .Values.networkPolicy.ingressNSPodMatchLabels }} - {{ $key | quote }}: {{ $value | quote }} - {{- end }} - {{- end }} - {{- end }} - {{- end }} - {{- if .Values.metrics.enabled }} - # Allow prometheus scrapes for metrics - - ports: - - port: {{ .Values.metrics.containerPorts.http }} - {{- if not .Values.networkPolicy.metrics.allowExternal }} - from: - {{- if or .Values.networkPolicy.metrics.ingressNSMatchLabels .Values.networkPolicy.metrics.ingressNSPodMatchLabels }} - - namespaceSelector: - matchLabels: - {{- if .Values.networkPolicy.metrics.ingressNSMatchLabels }} - {{- range $key, $value := .Values.networkPolicy.metrics.ingressNSMatchLabels }} - {{ $key | quote }}: {{ $value | quote }} - {{- end }} - {{ else }} - {} - {{- end }} - {{- if .Values.networkPolicy.metrics.ingressNSPodMatchLabels }} - podSelector: - matchLabels: - {{- range $key, $value := .Values.networkPolicy.metrics.ingressNSPodMatchLabels }} - {{ $key | quote }}: {{ $value | quote }} - {{- end }} - {{- end }} - {{- end }} - {{- end }} - {{- end }} - {{- if .Values.networkPolicy.extraIngress }} - {{- include "common.tplvalues.render" ( dict "value" .Values.networkPolicy.extraIngress "context" $ ) | nindent 4 }} - {{- end }} -{{- end }} diff --git a/charts/redis/redis/templates/podmonitor.yaml b/charts/redis/redis/templates/podmonitor.yaml deleted file mode 100644 index 3297610..0000000 --- a/charts/redis/redis/templates/podmonitor.yaml +++ /dev/null @@ -1,81 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if and .Values.metrics.enabled .Values.metrics.podMonitor.enabled }} -apiVersion: monitoring.coreos.com/v1 -kind: PodMonitor -metadata: - name: {{ template "common.names.fullname" . }} - namespace: {{ default (include "common.names.namespace" .) .Values.metrics.podMonitor.namespace | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- if .Values.metrics.podMonitor.additionalLabels }} - {{- include "common.tplvalues.render" (dict "value" .Values.metrics.podMonitor.additionalLabels "context" $) | nindent 4 }} - {{- end }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -spec: - podMetricsEndpoints: - - port: {{ .Values.metrics.podMonitor.port }} - {{- if .Values.metrics.podMonitor.interval }} - interval: {{ .Values.metrics.podMonitor.interval }} - {{- end }} - {{- if .Values.metrics.podMonitor.scrapeTimeout }} - scrapeTimeout: {{ .Values.metrics.podMonitor.scrapeTimeout }} - {{- end }} - {{- if .Values.metrics.podMonitor.honorLabels }} - honorLabels: {{ .Values.metrics.podMonitor.honorLabels }} - {{- end }} - {{- with concat .Values.metrics.podMonitor.relabelings .Values.metrics.podMonitor.relabellings }} - relabelings: {{- toYaml . | nindent 6 }} - {{- end }} - {{- if .Values.metrics.podMonitor.metricRelabelings }} - metricRelabelings: {{- toYaml .Values.metrics.podMonitor.metricRelabelings | nindent 6 }} - {{- end }} - {{- range .Values.metrics.podMonitor.additionalEndpoints }} - - port: {{ .port }} - {{- if .interval }} - interval: {{ .interval }} - {{- end }} - {{- if .path }} - path: {{ .path }} - {{- end }} - {{- if .honorLabels }} - honorLabels: {{ .honorLabels }} - {{- end }} - {{- with concat .relabelings .relabellings }} - relabelings: {{- toYaml . | nindent 6 }} - {{- end }} - {{- if .metricRelabelings }} - metricRelabelings: {{- toYaml .metricRelabelings | nindent 6 }} - {{- end }} - {{- if .scrapeTimeout }} - scrapeTimeout: {{ .scrapeTimeout }} - {{- end }} - {{- if .params }} - params: - {{- range $key, $value := .params }} - {{ $key }}: - {{- range $value }} - - {{ . | quote }} - {{- end }} - {{- end }} - {{- end }} - {{- end }} - {{- if .Values.metrics.serviceMonitor.podTargetLabels }} - podTargetLabels: {{- toYaml .Values.metrics.podMonitor.podTargetLabels | nindent 4 }} - {{- end }} - {{- with .Values.metrics.podMonitor.sampleLimit -}} - sampleLimit: {{ . }} - {{- end }} - {{- with .Values.metrics.podMonitor.targetLimit -}} - targetLimit: {{ . }} - {{- end }} - namespaceSelector: - matchNames: - - {{ include "common.names.namespace" . | quote }} - selector: - matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 6 }} -{{- end }} diff --git a/charts/redis/redis/templates/prometheusrule.yaml b/charts/redis/redis/templates/prometheusrule.yaml deleted file mode 100644 index 56c013b..0000000 --- a/charts/redis/redis/templates/prometheusrule.yaml +++ /dev/null @@ -1,23 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if and .Values.metrics.enabled .Values.metrics.prometheusRule.enabled }} -apiVersion: monitoring.coreos.com/v1 -kind: PrometheusRule -metadata: - name: {{ template "common.names.fullname" . }} - namespace: {{ default (include "common.names.namespace" .) .Values.metrics.prometheusRule.namespace | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- if .Values.metrics.prometheusRule.additionalLabels }} - {{- include "common.tplvalues.render" (dict "value" .Values.metrics.prometheusRule.additionalLabels "context" $) | nindent 4 }} - {{- end }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -spec: - groups: - - name: {{ include "common.names.fullname" . }} - rules: {{- include "common.tplvalues.render" ( dict "value" .Values.metrics.prometheusRule.rules "context" $ ) | nindent 8 }} -{{- end }} diff --git a/charts/redis/redis/templates/replicas/application.yaml b/charts/redis/redis/templates/replicas/application.yaml deleted file mode 100644 index fe4f334..0000000 --- a/charts/redis/redis/templates/replicas/application.yaml +++ /dev/null @@ -1,561 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if and (eq .Values.architecture "replication") (not .Values.sentinel.enabled) }} -apiVersion: {{ include "common.capabilities.statefulset.apiVersion" . }} -kind: {{ .Values.replica.kind }} -metadata: - name: {{ printf "%s-replicas" (include "common.names.fullname" .) }} - namespace: {{ include "common.names.namespace" . | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - app.kubernetes.io/component: replica - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -spec: - {{- if and (not (eq .Values.replica.kind "DaemonSet")) (not .Values.replica.autoscaling.enabled) }} - replicas: {{ .Values.replica.replicaCount }} - {{- end }} - revisionHistoryLimit: {{ .Values.replica.revisionHistoryLimit }} - {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.replica.podLabels .Values.commonLabels ) "context" . ) }} - selector: - matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }} - app.kubernetes.io/component: replica - {{- if (eq .Values.replica.kind "StatefulSet") }} - serviceName: {{ printf "%s-headless" (include "common.names.fullname" .) }} - {{- end }} - {{- if .Values.replica.updateStrategy }} - updateStrategy: {{- toYaml .Values.replica.updateStrategy | nindent 4 }} - {{- end }} - {{- if and .Values.replica.minReadySeconds (semverCompare ">= 1.23-0" (include "common.capabilities.kubeVersion" .)) }} - minReadySeconds: {{ .Values.replica.minReadySeconds }} - {{- end }} - {{- if .Values.replica.podManagementPolicy }} - podManagementPolicy: {{ .Values.replica.podManagementPolicy | quote }} - {{- end }} - template: - metadata: - labels: {{- include "common.labels.standard" ( dict "customLabels" $podLabels "context" $ ) | nindent 8 }} - app.kubernetes.io/component: replica - {{- if and .Values.metrics.enabled .Values.metrics.podLabels }} - {{- include "common.tplvalues.render" ( dict "value" .Values.metrics.podLabels "context" $ ) | nindent 8 }} - {{- end }} - annotations: - {{- if (include "redis.createConfigmap" .) }} - checksum/configmap: {{ pick ( include (print $.Template.BasePath "/configmap.yaml") . | fromYaml ) "data" | toYaml | sha256sum }} - {{- end }} - checksum/health: {{ pick ( include (print $.Template.BasePath "/health-configmap.yaml") . | fromYaml ) "data" | toYaml | sha256sum }} - checksum/scripts: {{ pick ( include (print $.Template.BasePath "/scripts-configmap.yaml") . | fromYaml ) "data" | toYaml | sha256sum }} - checksum/secret: {{ pick ( include (print $.Template.BasePath "/secret.yaml") . | fromYaml ) "data" | toYaml | sha256sum }} - {{- if .Values.replica.podAnnotations }} - {{- include "common.tplvalues.render" ( dict "value" .Values.replica.podAnnotations "context" $ ) | nindent 8 }} - {{- end }} - {{- if and .Values.metrics.enabled .Values.metrics.podAnnotations }} - {{- include "common.tplvalues.render" ( dict "value" .Values.metrics.podAnnotations "context" $ ) | nindent 8 }} - {{- end }} - spec: - {{- include "redis.imagePullSecrets" . | nindent 6 }} - {{- if .Values.replica.hostAliases }} - hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.replica.hostAliases "context" $) | nindent 8 }} - {{- end }} - {{- if .Values.replica.podSecurityContext.enabled }} - securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.replica.podSecurityContext "context" $) | nindent 8 }} - {{- end }} - serviceAccountName: {{ template "redis.replicaServiceAccountName" . }} - automountServiceAccountToken: {{ .Values.replica.automountServiceAccountToken }} - {{- if .Values.replica.priorityClassName }} - priorityClassName: {{ .Values.replica.priorityClassName | quote }} - {{- end }} - {{- if .Values.replica.affinity }} - affinity: {{- include "common.tplvalues.render" (dict "value" .Values.replica.affinity "context" $) | nindent 8 }} - {{- else }} - affinity: - podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.replica.podAffinityPreset "component" "replica" "customLabels" $podLabels "context" $) | nindent 10 }} - podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.replica.podAntiAffinityPreset "component" "replica" "customLabels" $podLabels "context" $) | nindent 10 }} - nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.replica.nodeAffinityPreset.type "key" .Values.replica.nodeAffinityPreset.key "values" .Values.replica.nodeAffinityPreset.values) | nindent 10 }} - {{- end }} - {{- if .Values.replica.nodeSelector }} - nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.replica.nodeSelector "context" $) | nindent 8 }} - {{- end }} - {{- if .Values.replica.tolerations }} - tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.replica.tolerations "context" $) | nindent 8 }} - {{- end }} - {{- if .Values.replica.topologySpreadConstraints }} - topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.replica.topologySpreadConstraints "context" $) | nindent 8 }} - {{- end }} - {{- if .Values.replica.shareProcessNamespace }} - shareProcessNamespace: {{ .Values.replica.shareProcessNamespace }} - {{- end }} - {{- if .Values.replica.schedulerName }} - schedulerName: {{ .Values.replica.schedulerName | quote }} - {{- end }} - {{- if .Values.replica.dnsPolicy }} - dnsPolicy: {{ .Values.replica.dnsPolicy }} - {{- end }} - {{- if .Values.replica.dnsConfig }} - dnsConfig: {{- include "common.tplvalues.render" (dict "value" .Values.replica.dnsConfig "context" $) | nindent 8 }} - {{- end }} - enableServiceLinks: {{ .Values.replica.enableServiceLinks }} - terminationGracePeriodSeconds: {{ .Values.replica.terminationGracePeriodSeconds }} - containers: - - name: redis - image: {{ template "redis.image" . }} - imagePullPolicy: {{ .Values.image.pullPolicy | quote }} - {{- if not .Values.diagnosticMode.enabled }} - {{- if .Values.replica.lifecycleHooks }} - lifecycle: {{- include "common.tplvalues.render" (dict "value" .Values.replica.lifecycleHooks "context" $) | nindent 12 }} - {{- end }} - {{- end }} - {{- if .Values.replica.containerSecurityContext.enabled }} - securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.replica.containerSecurityContext "context" $) | nindent 12 }} - {{- end }} - {{- if .Values.diagnosticMode.enabled }} - command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }} - {{- else if .Values.replica.command }} - command: {{- include "common.tplvalues.render" (dict "value" .Values.replica.command "context" $) | nindent 12 }} - {{- else }} - command: - - /bin/bash - {{- end }} - {{- if .Values.diagnosticMode.enabled }} - args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 12 }} - {{- else if .Values.replica.args }} - args: {{- include "common.tplvalues.render" (dict "value" .Values.replica.args "context" $) | nindent 12 }} - {{- else }} - args: - - -c - - /opt/bitnami/scripts/start-scripts/start-replica.sh - {{- end }} - env: - - name: BITNAMI_DEBUG - value: {{ ternary "true" "false" (or .Values.image.debug .Values.diagnosticMode.enabled) | quote }} - - name: REDIS_REPLICATION_MODE - value: replica - - name: REDIS_MASTER_HOST - {{- if .Values.replica.externalMaster.enabled }} - value: {{ .Values.replica.externalMaster.host | quote }} - {{- else if and (eq (int64 .Values.master.count) 1) (eq .Values.master.kind "StatefulSet") }} - value: {{ template "common.names.fullname" . }}-master-0.{{ template "common.names.fullname" . }}-headless.{{ include "common.names.namespace" . }}.svc.{{ .Values.clusterDomain }} - {{- else }} - value: {{ template "common.names.fullname" . }}-master.{{ include "common.names.namespace" . }}.svc.{{ .Values.clusterDomain }} - {{- end }} - - name: REDIS_MASTER_PORT_NUMBER - {{- if .Values.replica.externalMaster.enabled }} - value: {{ .Values.replica.externalMaster.port | quote }} - {{- else }} - value: {{ .Values.master.containerPorts.redis | quote }} - {{- end }} - - name: ALLOW_EMPTY_PASSWORD - value: {{ ternary "no" "yes" .Values.auth.enabled | quote }} - {{- if .Values.auth.enabled }} - {{- if .Values.auth.usePasswordFiles }} - - name: REDIS_PASSWORD_FILE - value: "/opt/bitnami/redis/secrets/redis-password" - - name: REDIS_MASTER_PASSWORD_FILE - value: "/opt/bitnami/redis/secrets/redis-password" - {{- else }} - - name: REDIS_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "redis.secretName" . }} - key: {{ template "redis.secretPasswordKey" . }} - - name: REDIS_MASTER_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "redis.secretName" . }} - key: {{ template "redis.secretPasswordKey" . }} - {{- end }} - {{- end }} - - name: REDIS_TLS_ENABLED - value: {{ ternary "yes" "no" .Values.tls.enabled | quote }} - {{- if .Values.tls.enabled }} - - name: REDIS_TLS_PORT - value: {{ .Values.replica.containerPorts.redis | quote }} - - name: REDIS_TLS_AUTH_CLIENTS - value: {{ ternary "yes" "no" .Values.tls.authClients | quote }} - - name: REDIS_TLS_CERT_FILE - value: {{ template "redis.tlsCert" . }} - - name: REDIS_TLS_KEY_FILE - value: {{ template "redis.tlsCertKey" . }} - - name: REDIS_TLS_CA_FILE - value: {{ template "redis.tlsCACert" . }} - {{- if .Values.tls.dhParamsFilename }} - - name: REDIS_TLS_DH_PARAMS_FILE - value: {{ template "redis.tlsDHParams" . }} - {{- end }} - {{- else }} - - name: REDIS_PORT - value: {{ .Values.replica.containerPorts.redis | quote }} - {{- end }} - {{- if .Values.replica.extraEnvVars }} - {{- include "common.tplvalues.render" (dict "value" .Values.replica.extraEnvVars "context" $) | nindent 12 }} - {{- end }} - {{- if or .Values.replica.extraEnvVarsCM .Values.replica.extraEnvVarsSecret }} - envFrom: - {{- if .Values.replica.extraEnvVarsCM }} - - configMapRef: - name: {{ .Values.replica.extraEnvVarsCM }} - {{- end }} - {{- if .Values.replica.extraEnvVarsSecret }} - - secretRef: - name: {{ .Values.replica.extraEnvVarsSecret }} - {{- end }} - {{- end }} - ports: - - name: redis - containerPort: {{ .Values.replica.containerPorts.redis }} - {{- if not .Values.diagnosticMode.enabled }} - {{- if .Values.replica.customStartupProbe }} - startupProbe: {{- include "common.tplvalues.render" (dict "value" .Values.replica.customStartupProbe "context" $) | nindent 12 }} - {{- else if .Values.replica.startupProbe.enabled }} - startupProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.replica.startupProbe "enabled") "context" $) | nindent 12 }} - tcpSocket: - port: redis - {{- end }} - {{- if .Values.replica.customLivenessProbe }} - livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.replica.customLivenessProbe "context" $) | nindent 12 }} - {{- else if .Values.replica.livenessProbe.enabled }} - livenessProbe: - initialDelaySeconds: {{ .Values.replica.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.replica.livenessProbe.periodSeconds }} - timeoutSeconds: {{ add1 .Values.replica.livenessProbe.timeoutSeconds }} - successThreshold: {{ .Values.replica.livenessProbe.successThreshold }} - failureThreshold: {{ .Values.replica.livenessProbe.failureThreshold }} - exec: - command: - - sh - - -c - - /health/ping_liveness_local_and_master.sh {{ .Values.replica.livenessProbe.timeoutSeconds }} - {{- end }} - {{- if .Values.replica.customReadinessProbe }} - readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.replica.customReadinessProbe "context" $) | nindent 12 }} - {{- else if .Values.replica.readinessProbe.enabled }} - readinessProbe: - initialDelaySeconds: {{ .Values.replica.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.replica.readinessProbe.periodSeconds }} - timeoutSeconds: {{ add1 .Values.replica.readinessProbe.timeoutSeconds }} - successThreshold: {{ .Values.replica.readinessProbe.successThreshold }} - failureThreshold: {{ .Values.replica.readinessProbe.failureThreshold }} - exec: - command: - - sh - - -c - - /health/ping_readiness_local_and_master.sh {{ .Values.replica.readinessProbe.timeoutSeconds }} - {{- end }} - {{- end }} - {{- if .Values.replica.resources }} - resources: {{- toYaml .Values.replica.resources | nindent 12 }} - {{- else if ne .Values.replica.resourcesPreset "none" }} - resources: {{- include "common.resources.preset" (dict "type" .Values.replica.resourcesPreset) | nindent 12 }} - {{- end }} - volumeMounts: - - name: start-scripts - mountPath: /opt/bitnami/scripts/start-scripts - - name: health - mountPath: /health - {{- if .Values.auth.usePasswordFiles }} - - name: redis-password - mountPath: /opt/bitnami/redis/secrets/ - {{- end }} - - name: redis-data - mountPath: /data - {{- if .Values.replica.persistence.subPath }} - subPath: {{ .Values.replica.persistence.subPath }} - {{- else if .Values.replica.persistence.subPathExpr }} - subPathExpr: {{ .Values.replica.persistence.subPathExpr }} - {{- end }} - - name: config - mountPath: /opt/bitnami/redis/mounted-etc - - name: empty-dir - mountPath: /opt/bitnami/redis/etc - subPath: app-conf-dir - - name: empty-dir - mountPath: /tmp - subPath: tmp-dir - {{- if .Values.tls.enabled }} - - name: redis-certificates - mountPath: /opt/bitnami/redis/certs - readOnly: true - {{- end }} - {{- if .Values.replica.extraVolumeMounts }} - {{- include "common.tplvalues.render" ( dict "value" .Values.replica.extraVolumeMounts "context" $ ) | nindent 12 }} - {{- end }} - {{- if .Values.metrics.enabled }} - - name: metrics - image: {{ include "redis.metrics.image" . }} - imagePullPolicy: {{ .Values.metrics.image.pullPolicy | quote }} - {{- if .Values.metrics.containerSecurityContext.enabled }} - securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.metrics.containerSecurityContext "context" $) | nindent 12 }} - {{- end }} - {{- if .Values.diagnosticMode.enabled }} - command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }} - {{- else if .Values.metrics.command }} - command: {{- include "common.tplvalues.render" (dict "value" .Values.metrics.command "context" $) | nindent 12 }} - {{- else }} - command: - - /bin/bash - - -c - - | - if [[ -f '/secrets/redis-password' ]]; then - export REDIS_PASSWORD=$(cat /secrets/redis-password) - fi - redis_exporter{{- range $key, $value := .Values.metrics.extraArgs }} --{{ $key }}={{ $value }}{{- end }} - {{- end }} - {{- if .Values.diagnosticMode.enabled }} - args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 12 }} - {{- end }} - env: - - name: REDIS_ALIAS - value: {{ template "common.names.fullname" . }} - - name: REDIS_EXPORTER_WEB_LISTEN_ADDRESS - value: {{ printf ":%v" .Values.metrics.containerPorts.http }} - {{- if .Values.auth.enabled }} - - name: REDIS_USER - value: default - {{- if (not .Values.auth.usePasswordFiles) }} - - name: REDIS_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "redis.secretName" . }} - key: {{ template "redis.secretPasswordKey" . }} - {{- end }} - {{- end }} - {{- if .Values.tls.enabled }} - - name: REDIS_ADDR - value: rediss://{{ .Values.metrics.redisTargetHost }}:{{ .Values.replica.containerPorts.redis }} - {{- if .Values.tls.authClients }} - - name: REDIS_EXPORTER_TLS_CLIENT_KEY_FILE - value: {{ template "redis.tlsCertKey" . }} - - name: REDIS_EXPORTER_TLS_CLIENT_CERT_FILE - value: {{ template "redis.tlsCert" . }} - {{- end }} - - name: REDIS_EXPORTER_TLS_CA_CERT_FILE - value: {{ template "redis.tlsCACert" . }} - {{- end }} - {{- if .Values.metrics.extraEnvVars }} - {{- include "common.tplvalues.render" (dict "value" .Values.metrics.extraEnvVars "context" $) | nindent 12 }} - {{- end }} - ports: - - name: metrics - containerPort: {{ .Values.metrics.containerPorts.http }} - {{- if not .Values.diagnosticMode.enabled }} - {{- if .Values.metrics.customStartupProbe }} - startupProbe: {{- include "common.tplvalues.render" (dict "value" .Values.metrics.customStartupProbe "context" $) | nindent 12 }} - {{- else if .Values.metrics.startupProbe.enabled }} - startupProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.metrics.startupProbe "enabled") "context" $) | nindent 12 }} - tcpSocket: - port: metrics - {{- end }} - {{- if .Values.metrics.customLivenessProbe }} - livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.metrics.customLivenessProbe "context" $) | nindent 12 }} - {{- else if .Values.metrics.livenessProbe.enabled }} - livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.metrics.livenessProbe "enabled") "context" $) | nindent 12 }} - tcpSocket: - port: metrics - {{- end }} - {{- if .Values.metrics.customReadinessProbe }} - readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.metrics.customReadinessProbe "context" $) | nindent 12 }} - {{- else if .Values.metrics.readinessProbe.enabled }} - readinessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.metrics.readinessProbe "enabled") "context" $) | nindent 12 }} - httpGet: - path: / - port: metrics - {{- end }} - {{- end }} - {{- if .Values.metrics.resources }} - resources: {{- toYaml .Values.metrics.resources | nindent 12 }} - {{- else if ne .Values.metrics.resourcesPreset "none" }} - resources: {{- include "common.resources.preset" (dict "type" .Values.metrics.resourcesPreset) | nindent 12 }} - {{- end }} - volumeMounts: - - name: empty-dir - mountPath: /tmp - subPath: tmp-dir - {{- if .Values.auth.usePasswordFiles }} - - name: redis-password - mountPath: /secrets/ - {{- end }} - {{- if .Values.tls.enabled }} - - name: redis-certificates - mountPath: /opt/bitnami/redis/certs - readOnly: true - {{- end }} - {{- if .Values.metrics.extraVolumeMounts }} - {{- include "common.tplvalues.render" ( dict "value" .Values.metrics.extraVolumeMounts "context" $ ) | nindent 12 }} - {{- end }} - {{- end }} - {{- if .Values.replica.sidecars }} - {{- include "common.tplvalues.render" (dict "value" .Values.replica.sidecars "context" $) | nindent 8 }} - {{- end }} - {{- $needsVolumePermissions := and .Values.volumePermissions.enabled .Values.replica.persistence.enabled .Values.replica.podSecurityContext.enabled .Values.replica.containerSecurityContext.enabled }} - {{- if or .Values.replica.initContainers $needsVolumePermissions .Values.sysctl.enabled }} - initContainers: - {{- if .Values.replica.initContainers }} - {{- include "common.tplvalues.render" (dict "value" .Values.replica.initContainers "context" $) | nindent 8 }} - {{- end }} - {{- if $needsVolumePermissions }} - - name: volume-permissions - image: {{ include "redis.volumePermissions.image" . }} - imagePullPolicy: {{ .Values.volumePermissions.image.pullPolicy | quote }} - command: - - /bin/bash - - -ec - - | - {{- if eq ( toString ( .Values.volumePermissions.containerSecurityContext.runAsUser )) "auto" }} - chown -R `id -u`:`id -G | cut -d " " -f2` {{ .Values.replica.persistence.path }} - {{- else }} - chown -R {{ .Values.replica.containerSecurityContext.runAsUser }}:{{ .Values.replica.podSecurityContext.fsGroup }} {{ .Values.replica.persistence.path }} - {{- end }} - {{- if eq ( toString ( .Values.volumePermissions.containerSecurityContext.runAsUser )) "auto" }} - securityContext: {{- omit .Values.volumePermissions.containerSecurityContext "runAsUser" | toYaml | nindent 12 }} - {{- else }} - securityContext: {{- .Values.volumePermissions.containerSecurityContext | toYaml | nindent 12 }} - {{- end }} - {{- if .Values.volumePermissions.resources }} - resources: {{- toYaml .Values.volumePermissions.resources | nindent 12 }} - {{- else if ne .Values.volumePermissions.resourcesPreset "none" }} - resources: {{- include "common.resources.preset" (dict "type" .Values.volumePermissions.resourcesPreset) | nindent 12 }} - {{- end }} - volumeMounts: - - name: empty-dir - mountPath: /tmp - subPath: tmp-dir - - name: redis-data - mountPath: {{ .Values.replica.persistence.path }} - {{- if .Values.replica.persistence.subPath }} - subPath: {{ .Values.replica.persistence.subPath }} - {{- else if .Values.replica.persistence.subPathExpr }} - subPathExpr: {{ .Values.replica.persistence.subPathExpr }} - {{- end }} - {{- end }} - {{- if .Values.sysctl.enabled }} - - name: init-sysctl - image: {{ include "redis.sysctl.image" . }} - imagePullPolicy: {{ default "" .Values.sysctl.image.pullPolicy | quote }} - securityContext: - privileged: true - runAsUser: 0 - {{- if .Values.sysctl.command }} - command: {{- include "common.tplvalues.render" (dict "value" .Values.sysctl.command "context" $) | nindent 12 }} - {{- end }} - {{- if .Values.sysctl.resources }} - resources: {{- toYaml .Values.sysctl.resources | nindent 12 }} - {{- else if ne .Values.sysctl.resourcesPreset "none" }} - resources: {{- include "common.resources.preset" (dict "type" .Values.sysctl.resourcesPreset) | nindent 12 }} - {{- end }} - {{- if .Values.sysctl.mountHostSys }} - volumeMounts: - - name: empty-dir - mountPath: /tmp - subPath: tmp-dir - - name: host-sys - mountPath: /host-sys - {{- end }} - {{- end }} - {{- end }} - volumes: - - name: start-scripts - configMap: - name: {{ printf "%s-scripts" (include "common.names.fullname" .) }} - defaultMode: 0755 - - name: health - configMap: - name: {{ printf "%s-health" (include "common.names.fullname" .) }} - defaultMode: 0755 - {{- if .Values.auth.usePasswordFiles }} - - name: redis-password - {{ if .Values.auth.usePasswordFileFromSecret }} - secret: - secretName: {{ template "redis.secretName" . }} - items: - - key: {{ template "redis.secretPasswordKey" . }} - path: redis-password - {{- else }} - emptyDir: {} - {{- end }} - {{- end }} - - name: config - configMap: - name: {{ include "redis.configmapName" . }} - {{- if .Values.sysctl.mountHostSys }} - - name: host-sys - hostPath: - path: /sys - {{- end }} - - name: empty-dir - {{- if or .Values.replica.persistence.medium .Values.replica.persistence.sizeLimit }} - emptyDir: - {{- if .Values.replica.persistence.medium }} - medium: {{ .Values.replica.persistence.medium | quote }} - {{- end }} - {{- if .Values.replica.persistence.sizeLimit }} - sizeLimit: {{ .Values.replica.persistence.sizeLimit | quote }} - {{- end }} - {{- else }} - emptyDir: {} - {{- end }} - {{- if .Values.tls.enabled }} - - name: redis-certificates - secret: - secretName: {{ include "redis.tlsSecretName" . }} - defaultMode: 256 - {{- end }} - {{- if .Values.replica.extraVolumes }} - {{- include "common.tplvalues.render" ( dict "value" .Values.replica.extraVolumes "context" $ ) | nindent 8 }} - {{- end }} - {{- if .Values.metrics.extraVolumes }} - {{- include "common.tplvalues.render" ( dict "value" .Values.metrics.extraVolumes "context" $ ) | nindent 8 }} - {{- end }} - {{- if or (not .Values.replica.persistence.enabled) (not (eq .Values.replica.kind "StatefulSet")) }} - - name: redis-data - {{- if or .Values.replica.persistence.medium .Values.replica.persistence.sizeLimit }} - emptyDir: - {{- if .Values.replica.persistence.medium }} - medium: {{ .Values.replica.persistence.medium | quote }} - {{- end }} - {{- if .Values.replica.persistence.sizeLimit }} - sizeLimit: {{ .Values.replica.persistence.sizeLimit | quote }} - {{- end }} - {{- else }} - emptyDir: {} - {{- end }} - {{- else if .Values.replica.persistence.existingClaim }} - - name: redis-data - persistentVolumeClaim: - claimName: {{ printf "%s" (tpl .Values.replica.persistence.existingClaim .) }} - {{- else }} - {{- if .Values.replica.persistentVolumeClaimRetentionPolicy.enabled }} - persistentVolumeClaimRetentionPolicy: - whenDeleted: {{ .Values.replica.persistentVolumeClaimRetentionPolicy.whenDeleted }} - whenScaled: {{ .Values.replica.persistentVolumeClaimRetentionPolicy.whenScaled }} - {{- end }} - volumeClaimTemplates: - - apiVersion: v1 - kind: PersistentVolumeClaim - metadata: - name: redis-data - {{- $claimLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.master.persistence.labels .Values.commonLabels ) "context" . ) }} - labels: {{- include "common.labels.matchLabels" ( dict "customLabels" $claimLabels "context" $ ) | nindent 10 }} - app.kubernetes.io/component: replica - {{- if .Values.replica.persistence.annotations }} - annotations: {{- toYaml .Values.replica.persistence.annotations | nindent 10 }} - {{- end }} - spec: - accessModes: - {{- range .Values.replica.persistence.accessModes }} - - {{ . | quote }} - {{- end }} - resources: - requests: - storage: {{ .Values.replica.persistence.size | quote }} - {{- if .Values.replica.persistence.selector }} - selector: {{- include "common.tplvalues.render" (dict "value" .Values.replica.persistence.selector "context" $) | nindent 10 }} - {{- end }} - {{- if .Values.replica.persistence.dataSource }} - dataSource: {{- include "common.tplvalues.render" (dict "value" .Values.replica.persistence.dataSource "context" $) | nindent 10 }} - {{- end }} - {{- include "common.storage.class" (dict "persistence" .Values.replica.persistence "global" .Values.global) | nindent 8 }} - {{- end }} -{{- end }} diff --git a/charts/redis/redis/templates/replicas/hpa.yaml b/charts/redis/redis/templates/replicas/hpa.yaml deleted file mode 100644 index 85adf72..0000000 --- a/charts/redis/redis/templates/replicas/hpa.yaml +++ /dev/null @@ -1,49 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if and .Values.replica.autoscaling.enabled (not .Values.sentinel.enabled) }} -apiVersion: {{ include "common.capabilities.hpa.apiVersion" ( dict "context" $ ) }} -kind: HorizontalPodAutoscaler -metadata: - name: {{ printf "%s-replicas" (include "common.names.fullname" .) }} - namespace: {{ include "common.names.namespace" . | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - app.kubernetes.io/component: replica - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -spec: - scaleTargetRef: - apiVersion: {{ include "common.capabilities.deployment.apiVersion" . }} - kind: StatefulSet - name: {{ printf "%s-replicas" (include "common.names.fullname" .) }} - minReplicas: {{ .Values.replica.autoscaling.minReplicas }} - maxReplicas: {{ .Values.replica.autoscaling.maxReplicas }} - metrics: - {{- if .Values.replica.autoscaling.targetCPU }} - - type: Resource - resource: - name: cpu - {{- if semverCompare "<1.23-0" (include "common.capabilities.kubeVersion" .) }} - targetAverageUtilization: {{ .Values.replica.autoscaling.targetCPU }} - {{- else }} - target: - type: Utilization - averageUtilization: {{ .Values.replica.autoscaling.targetCPU }} - {{- end }} - {{- end }} - {{- if .Values.replica.autoscaling.targetMemory }} - - type: Resource - resource: - name: memory - {{- if semverCompare "<1.23-0" (include "common.capabilities.kubeVersion" .) }} - targetAverageUtilization: {{ .Values.replica.autoscaling.targetMemory }} - {{- else }} - target: - type: Utilization - averageUtilization: {{ .Values.replica.autoscaling.targetMemory }} - {{- end }} - {{- end }} -{{- end }} diff --git a/charts/redis/redis/templates/replicas/pdb.yaml b/charts/redis/redis/templates/replicas/pdb.yaml deleted file mode 100644 index d7b777b..0000000 --- a/charts/redis/redis/templates/replicas/pdb.yaml +++ /dev/null @@ -1,28 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- $pdb := coalesce .Values.pdb .Values.replica.pdb }} -{{- if and (eq .Values.architecture "replication") (not .Values.sentinel.enabled) $pdb.create }} -apiVersion: {{ include "common.capabilities.policy.apiVersion" . }} -kind: PodDisruptionBudget -metadata: - name: {{ printf "%s-replicas" (include "common.names.fullname" .) }} - namespace: {{ include "common.names.namespace" . | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - app.kubernetes.io/component: replica - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -spec: - {{- if $pdb.minAvailable }} - minAvailable: {{ $pdb.minAvailable }} - {{- end }} - {{- if or $pdb.maxUnavailable (not $pdb.minAvailable) }} - maxUnavailable: {{ $pdb.maxUnavailable | default 1 }} - {{- end }} - selector: - matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 6 }} - app.kubernetes.io/component: replica -{{- end }} diff --git a/charts/redis/redis/templates/replicas/service.yaml b/charts/redis/redis/templates/replicas/service.yaml deleted file mode 100644 index ebb2a4f..0000000 --- a/charts/redis/redis/templates/replicas/service.yaml +++ /dev/null @@ -1,59 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if and (eq .Values.architecture "replication") (not .Values.sentinel.enabled) }} -apiVersion: v1 -kind: Service -metadata: - name: {{ printf "%s-replicas" (include "common.names.fullname" .) }} - namespace: {{ include "common.names.namespace" . | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - app.kubernetes.io/component: replica - {{- if or .Values.replica.service.annotations .Values.commonAnnotations }} - {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.replica.service.annotations .Values.commonAnnotations ) "context" . ) }} - annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} - {{- end }} -spec: - type: {{ .Values.replica.service.type }} - {{- if or (eq .Values.replica.service.type "LoadBalancer") (eq .Values.replica.service.type "NodePort") }} - externalTrafficPolicy: {{ .Values.replica.service.externalTrafficPolicy | quote }} - {{- end }} - {{- if (semverCompare ">=1.22-0" (include "common.capabilities.kubeVersion" .)) }} - internalTrafficPolicy: {{ .Values.replica.service.internalTrafficPolicy }} - {{- end }} - {{- if and (eq .Values.replica.service.type "LoadBalancer") (not (empty .Values.replica.service.loadBalancerIP)) }} - loadBalancerIP: {{ .Values.replica.service.loadBalancerIP }} - {{- end }} - {{- if and (eq .Values.replica.service.type "LoadBalancer") .Values.replica.service.loadBalancerClass }} - loadBalancerClass: {{ .Values.replica.service.loadBalancerClass }} - {{- end }} - {{- if and (eq .Values.replica.service.type "LoadBalancer") (not (empty .Values.replica.service.loadBalancerSourceRanges)) }} - loadBalancerSourceRanges: {{ toYaml .Values.replica.service.loadBalancerSourceRanges | nindent 4 }} - {{- end }} - {{- if and .Values.replica.service.clusterIP (eq .Values.replica.service.type "ClusterIP") }} - clusterIP: {{ .Values.replica.service.clusterIP }} - {{- end }} - {{- if .Values.replica.service.sessionAffinity }} - sessionAffinity: {{ .Values.replica.service.sessionAffinity }} - {{- end }} - {{- if .Values.replica.service.sessionAffinityConfig }} - sessionAffinityConfig: {{- include "common.tplvalues.render" (dict "value" .Values.replica.service.sessionAffinityConfig "context" $) | nindent 4 }} - {{- end }} - ports: - - name: tcp-redis - port: {{ .Values.replica.service.ports.redis }} - targetPort: redis - {{- if and (or (eq .Values.replica.service.type "NodePort") (eq .Values.replica.service.type "LoadBalancer")) .Values.replica.service.nodePorts.redis}} - nodePort: {{ .Values.replica.service.nodePorts.redis}} - {{- else if eq .Values.replica.service.type "ClusterIP" }} - nodePort: null - {{- end }} - {{- if .Values.replica.service.extraPorts }} - {{- include "common.tplvalues.render" (dict "value" .Values.replica.service.extraPorts "context" $) | nindent 4 }} - {{- end }} - {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.replica.podLabels .Values.commonLabels ) "context" . ) }} - selector: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 4 }} - app.kubernetes.io/component: replica -{{- end }} diff --git a/charts/redis/redis/templates/replicas/serviceaccount.yaml b/charts/redis/redis/templates/replicas/serviceaccount.yaml deleted file mode 100644 index 6cf3411..0000000 --- a/charts/redis/redis/templates/replicas/serviceaccount.yaml +++ /dev/null @@ -1,18 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if and .Values.replica.serviceAccount.create (eq .Values.architecture "replication") (not .Values.sentinel.enabled) }} -apiVersion: v1 -kind: ServiceAccount -automountServiceAccountToken: {{ .Values.replica.serviceAccount.automountServiceAccountToken }} -metadata: - name: {{ template "redis.replicaServiceAccountName" . }} - namespace: {{ include "common.names.namespace" . | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- if or .Values.replica.serviceAccount.annotations .Values.commonAnnotations }} - {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.replica.serviceAccount.annotations .Values.commonAnnotations ) "context" . ) }} - annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} - {{- end }} -{{- end }} diff --git a/charts/redis/redis/templates/role.yaml b/charts/redis/redis/templates/role.yaml deleted file mode 100644 index 54a2b1b..0000000 --- a/charts/redis/redis/templates/role.yaml +++ /dev/null @@ -1,34 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if .Values.rbac.create }} -apiVersion: {{ include "common.capabilities.rbac.apiVersion" . }} -kind: Role -metadata: - name: {{ template "common.names.fullname" . }} - namespace: {{ include "common.names.namespace" . | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -rules: - {{- if and (include "common.capabilities.psp.supported" .) .Values.podSecurityPolicy.enabled }} - - apiGroups: - - '{{ template "podSecurityPolicy.apiGroup" . }}' - resources: - - 'podsecuritypolicies' - verbs: - - 'use' - resourceNames: [{{ printf "%s-master" (include "common.names.fullname" .) }}] - {{- end }} - {{- if and .Values.sentinel.enabled (or .Values.sentinel.masterService.enabled .Values.sentinel.service.createMaster) }} - - apiGroups: [""] - resources: ["pods"] - verbs: ["list", "patch"] - {{- end -}} - {{- if .Values.rbac.rules }} - {{- include "common.tplvalues.render" ( dict "value" .Values.rbac.rules "context" $ ) | nindent 2 }} - {{- end }} -{{- end }} diff --git a/charts/redis/redis/templates/rolebinding.yaml b/charts/redis/redis/templates/rolebinding.yaml deleted file mode 100644 index a164289..0000000 --- a/charts/redis/redis/templates/rolebinding.yaml +++ /dev/null @@ -1,23 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if .Values.rbac.create }} -apiVersion: {{ include "common.capabilities.rbac.apiVersion" . }} -kind: RoleBinding -metadata: - name: {{ template "common.names.fullname" . }} - namespace: {{ include "common.names.namespace" . | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: {{ template "common.names.fullname" . }} -subjects: - - kind: ServiceAccount - name: {{ template "redis.serviceAccountName" . }} -{{- end }} diff --git a/charts/redis/redis/templates/scripts-configmap.yaml b/charts/redis/redis/templates/scripts-configmap.yaml deleted file mode 100644 index cf85307..0000000 --- a/charts/redis/redis/templates/scripts-configmap.yaml +++ /dev/null @@ -1,791 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ printf "%s-scripts" (include "common.names.fullname" .) }} - namespace: {{ include "common.names.namespace" . | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -data: -{{- if and (eq .Values.architecture "replication") .Values.sentinel.enabled }} - start-node.sh: | - #!/bin/bash - - . /opt/bitnami/scripts/libos.sh - . /opt/bitnami/scripts/liblog.sh - . /opt/bitnami/scripts/libvalidations.sh - - get_port() { - hostname="$1" - type="$2" - - port_var=$(echo "${hostname^^}_SERVICE_PORT_$type" | sed "s/-/_/g") - port=${!port_var} - - if [ -z "$port" ]; then - case $type in - "SENTINEL") - echo {{ .Values.sentinel.containerPorts.sentinel }} - ;; - "REDIS") - echo {{ .Values.master.containerPorts.redis }} - ;; - esac - else - echo $port - fi - } - - get_full_hostname() { - hostname="$1" - - {{- if .Values.useExternalDNS.enabled }} - full_hostname="${hostname}.{{- include "redis.externalDNS.suffix" . }}" - {{- else if eq .Values.sentinel.service.type "NodePort" }} - full_hostname="${hostname}.{{- include "common.names.namespace" . }}" - {{- else }} - full_hostname="${hostname}.${HEADLESS_SERVICE}" - {{- end }} - - {{- if .Values.useHostnames }} - echo "${full_hostname}" - {{- else }} - retry_count=0 - until getent hosts "${full_hostname}" | awk '{ print $1; exit }' | grep .; do - if [[ $retry_count -lt {{ .Values.nameResolutionThreshold }} ]]; then - sleep {{ .Values.nameResolutionTimeout }} - else - error "IP address for ${full_hostname} not found" - exit 1 - fi - ((retry_count++)) - done - {{- end }} - } - - REDISPORT=$(get_port "$HOSTNAME" "REDIS") - - HEADLESS_SERVICE="{{ template "common.names.fullname" . }}-headless.{{ include "common.names.namespace" . }}.svc.{{ .Values.clusterDomain }}" - - if [ -n "$REDIS_EXTERNAL_MASTER_HOST" ]; then - REDIS_SERVICE="$REDIS_EXTERNAL_MASTER_HOST" - else - REDIS_SERVICE="{{ template "common.names.fullname" . }}.{{ include "common.names.namespace" . }}.svc.{{ .Values.clusterDomain }}" - fi - - SENTINEL_SERVICE_PORT=$(get_port "{{ include "common.names.fullname" . }}" "SENTINEL") - validate_quorum() { - if is_boolean_yes "$REDIS_TLS_ENABLED"; then - quorum_info_command="{{- if and .Values.auth.enabled .Values.auth.sentinel }}REDISCLI_AUTH="\$REDIS_PASSWORD" {{ end }}redis-cli -h $REDIS_SERVICE -p $SENTINEL_SERVICE_PORT --tls --cert ${REDIS_TLS_CERT_FILE} --key ${REDIS_TLS_KEY_FILE} --cacert ${REDIS_TLS_CA_FILE} sentinel master {{ .Values.sentinel.masterSet }}" - else - quorum_info_command="{{- if and .Values.auth.enabled .Values.auth.sentinel }}REDISCLI_AUTH="\$REDIS_PASSWORD" {{ end }}redis-cli -h $REDIS_SERVICE -p $SENTINEL_SERVICE_PORT sentinel master {{ .Values.sentinel.masterSet }}" - fi - info "about to run the command: $quorum_info_command" - eval $quorum_info_command | grep -Fq "s_down" - } - - trigger_manual_failover() { - if is_boolean_yes "$REDIS_TLS_ENABLED"; then - failover_command="{{- if and .Values.auth.enabled .Values.auth.sentinel }}REDISCLI_AUTH="\$REDIS_PASSWORD" {{ end }}redis-cli -h $REDIS_SERVICE -p $SENTINEL_SERVICE_PORT --tls --cert ${REDIS_TLS_CERT_FILE} --key ${REDIS_TLS_KEY_FILE} --cacert ${REDIS_TLS_CA_FILE} sentinel failover {{ .Values.sentinel.masterSet }}" - else - failover_command="{{- if and .Values.auth.enabled .Values.auth.sentinel }}REDISCLI_AUTH="\$REDIS_PASSWORD" {{ end }}redis-cli -h $REDIS_SERVICE -p $SENTINEL_SERVICE_PORT sentinel failover {{ .Values.sentinel.masterSet }}" - fi - - info "about to run the command: $failover_command" - eval $failover_command - } - - get_sentinel_master_info() { - if is_boolean_yes "$REDIS_TLS_ENABLED"; then - sentinel_info_command="{{- if and .Values.auth.enabled .Values.auth.sentinel }}REDISCLI_AUTH="\$REDIS_PASSWORD" {{ end }}timeout {{ .Values.sentinel.getMasterTimeout }} redis-cli -h $REDIS_SERVICE -p $SENTINEL_SERVICE_PORT --tls --cert ${REDIS_TLS_CERT_FILE} --key ${REDIS_TLS_KEY_FILE} --cacert ${REDIS_TLS_CA_FILE} sentinel get-master-addr-by-name {{ .Values.sentinel.masterSet }}" - else - sentinel_info_command="{{- if and .Values.auth.enabled .Values.auth.sentinel }}REDISCLI_AUTH="\$REDIS_PASSWORD" {{ end }}timeout {{ .Values.sentinel.getMasterTimeout }} redis-cli -h $REDIS_SERVICE -p $SENTINEL_SERVICE_PORT sentinel get-master-addr-by-name {{ .Values.sentinel.masterSet }}" - fi - - info "about to run the command: $sentinel_info_command" - retry_while "eval $sentinel_info_command" 2 5 - } - - {{- if and .Values.replica.containerSecurityContext.runAsUser (eq (.Values.replica.containerSecurityContext.runAsUser | int) 0) }} - useradd redis - chown -R redis {{ .Values.replica.persistence.path }} - {{- end }} - - [[ -f $REDIS_PASSWORD_FILE ]] && export REDIS_PASSWORD="$(< "${REDIS_PASSWORD_FILE}")" - [[ -f $REDIS_MASTER_PASSWORD_FILE ]] && export REDIS_MASTER_PASSWORD="$(< "${REDIS_MASTER_PASSWORD_FILE}")" - - # check if there is a master - master_in_persisted_conf="$(get_full_hostname "$HOSTNAME")" - master_port_in_persisted_conf="$REDIS_MASTER_PORT_NUMBER" - master_in_sentinel="$(get_sentinel_master_info)" - redisRetVal=$? - - if [[ -f /opt/bitnami/redis-sentinel/etc/sentinel.conf ]]; then - master_in_persisted_conf="$(awk '/monitor/ {print $4}' /opt/bitnami/redis-sentinel/etc/sentinel.conf)" - master_port_in_persisted_conf="$(awk '/monitor/ {print $5}' /opt/bitnami/redis-sentinel/etc/sentinel.conf)" - info "Found previous master ${master_in_persisted_conf}:${master_port_in_persisted_conf} in /opt/bitnami/redis-sentinel/etc/sentinel.conf" - debug "$(cat /opt/bitnami/redis-sentinel/etc/sentinel.conf | grep monitor)" - fi - - if [[ $redisRetVal -ne 0 ]]; then - if [[ "$master_in_persisted_conf" == "$(get_full_hostname "$HOSTNAME")" ]]; then - # Case 1: No active sentinel and in previous sentinel.conf we were the master --> MASTER - info "Configuring the node as master" - export REDIS_REPLICATION_MODE="master" - else - # Case 2: No active sentinel and in previous sentinel.conf we were not master --> REPLICA - info "Configuring the node as replica" - export REDIS_REPLICATION_MODE="replica" - REDIS_MASTER_HOST=${master_in_persisted_conf} - REDIS_MASTER_PORT_NUMBER=${master_port_in_persisted_conf} - fi - else - # Fetches current master's host and port - REDIS_SENTINEL_INFO=($(get_sentinel_master_info)) - info "Current master: REDIS_SENTINEL_INFO=(${REDIS_SENTINEL_INFO[0]},${REDIS_SENTINEL_INFO[1]})" - REDIS_MASTER_HOST=${REDIS_SENTINEL_INFO[0]} - REDIS_MASTER_PORT_NUMBER=${REDIS_SENTINEL_INFO[1]} - - if [[ "$REDIS_MASTER_HOST" == "$(get_full_hostname "$HOSTNAME")" ]]; then - # Case 3: Active sentinel and master it is this node --> MASTER - info "Configuring the node as master" - export REDIS_REPLICATION_MODE="master" - else - # Case 4: Active sentinel and master is not this node --> REPLICA - info "Configuring the node as replica" - export REDIS_REPLICATION_MODE="replica" - - {{- if and .Values.sentinel.automateClusterRecovery (le (int .Values.sentinel.downAfterMilliseconds) 2000) }} - retry_count=1 - while validate_quorum - do - info "sleeping, waiting for Redis master to come up" - sleep 1s - if ! ((retry_count % 11)); then - info "Trying to manually failover" - failover_result=$(trigger_manual_failover) - - debug "Failover result: $failover_result" - fi - - ((retry_count+=1)) - done - info "Redis master is up now" - {{- end }} - fi - fi - - if [[ -n "$REDIS_EXTERNAL_MASTER_HOST" ]]; then - REDIS_MASTER_HOST="$REDIS_EXTERNAL_MASTER_HOST" - REDIS_MASTER_PORT_NUMBER="${REDIS_EXTERNAL_MASTER_PORT}" - fi - - if [[ -f /opt/bitnami/redis/mounted-etc/replica.conf ]];then - cp /opt/bitnami/redis/mounted-etc/replica.conf /opt/bitnami/redis/etc/replica.conf - fi - - if [[ -f /opt/bitnami/redis/mounted-etc/redis.conf ]];then - cp /opt/bitnami/redis/mounted-etc/redis.conf /opt/bitnami/redis/etc/redis.conf - fi - - echo "" >> /opt/bitnami/redis/etc/replica.conf - echo "replica-announce-port $REDISPORT" >> /opt/bitnami/redis/etc/replica.conf - echo "replica-announce-ip $(get_full_hostname "$HOSTNAME")" >> /opt/bitnami/redis/etc/replica.conf - - {{- if .Values.tls.enabled }} - ARGS=("--port" "0") - ARGS+=("--tls-port" "${REDIS_TLS_PORT}") - ARGS+=("--tls-cert-file" "${REDIS_TLS_CERT_FILE}") - ARGS+=("--tls-key-file" "${REDIS_TLS_KEY_FILE}") - ARGS+=("--tls-ca-cert-file" "${REDIS_TLS_CA_FILE}") - ARGS+=("--tls-auth-clients" "${REDIS_TLS_AUTH_CLIENTS}") - ARGS+=("--tls-replication" "yes") - {{- if .Values.tls.dhParamsFilename }} - ARGS+=("--tls-dh-params-file" "${REDIS_TLS_DH_PARAMS_FILE}") - {{- end }} - {{- else }} - ARGS=("--port" "${REDIS_PORT}") - {{- end }} - - if [[ "$REDIS_REPLICATION_MODE" = "slave" ]] || [[ "$REDIS_REPLICATION_MODE" = "replica" ]]; then - ARGS+=("--replicaof" "${REDIS_MASTER_HOST}" "${REDIS_MASTER_PORT_NUMBER}") - fi - - {{- if .Values.auth.enabled }} - ARGS+=("--requirepass" "${REDIS_PASSWORD}") - ARGS+=("--masterauth" "${REDIS_MASTER_PASSWORD}") - {{- else }} - ARGS+=("--protected-mode" "no") - {{- end }} - ARGS+=("--include" "/opt/bitnami/redis/etc/replica.conf") - ARGS+=("--include" "/opt/bitnami/redis/etc/redis.conf") - {{- if .Values.replica.extraFlags }} - {{- range .Values.replica.extraFlags }} - ARGS+=({{ . | quote }}) - {{- end }} - {{- end }} - - {{- if .Values.replica.preExecCmds }} - {{- .Values.replica.preExecCmds | nindent 4 }} - {{- end }} - - {{- if .Values.replica.command }} - exec {{ .Values.replica.command }} "${ARGS[@]}" - {{- else }} - exec redis-server "${ARGS[@]}" - {{- end }} - - start-sentinel.sh: | - #!/bin/bash - - . /opt/bitnami/scripts/libos.sh - . /opt/bitnami/scripts/libvalidations.sh - . /opt/bitnami/scripts/libfile.sh - - HEADLESS_SERVICE="{{ template "common.names.fullname" . }}-headless.{{ include "common.names.namespace" . }}.svc.{{ .Values.clusterDomain }}" - REDIS_SERVICE="{{ template "common.names.fullname" . }}.{{ include "common.names.namespace" . }}.svc.{{ .Values.clusterDomain }}" - - get_port() { - hostname="$1" - type="$2" - - port_var=$(echo "${hostname^^}_SERVICE_PORT_$type" | sed "s/-/_/g") - port=${!port_var} - - if [ -z "$port" ]; then - case $type in - "SENTINEL") - echo {{ .Values.sentinel.containerPorts.sentinel }} - ;; - "REDIS") - echo {{ .Values.master.containerPorts.redis }} - ;; - esac - else - echo $port - fi - } - - get_full_hostname() { - hostname="$1" - - {{- if .Values.useExternalDNS.enabled }} - full_hostname="${hostname}.{{- include "redis.externalDNS.suffix" . }}" - {{- else if eq .Values.sentinel.service.type "NodePort" }} - full_hostname="${hostname}.{{- include "common.names.namespace" . }}" - {{- else }} - full_hostname="${hostname}.${HEADLESS_SERVICE}" - {{- end }} - - {{- if .Values.useHostnames }} - echo "${full_hostname}" - {{- else }} - retry_count=0 - until getent hosts "${full_hostname}" | awk '{ print $1; exit }' | grep .; do - if [[ $retry_count -lt {{ .Values.nameResolutionThreshold }} ]]; then - sleep {{ .Values.nameResolutionTimeout }} - else - error "IP address for ${full_hostname} not found" - exit 1 - fi - ((retry_count++)) - done - {{- end }} - } - - SERVPORT=$(get_port "$HOSTNAME" "SENTINEL") - REDISPORT=$(get_port "$HOSTNAME" "REDIS") - SENTINEL_SERVICE_PORT=$(get_port "{{ include "common.names.fullname" . }}" "SENTINEL") - - sentinel_conf_set() { - local -r key="${1:?missing key}" - local value="${2:-}" - - # Sanitize inputs - value="${value//\\/\\\\}" - value="${value//&/\\&}" - value="${value//\?/\\?}" - [[ "$value" = "" ]] && value="\"$value\"" - - replace_in_file "/opt/bitnami/redis-sentinel/etc/prepare-sentinel.conf" "^#*\s*${key} .*" "${key} ${value}" false - } - sentinel_conf_add() { - echo $'\n'"$@" >> "/opt/bitnami/redis-sentinel/etc/prepare-sentinel.conf" - } - host_id() { - echo "$1" | openssl sha1 | awk '{print $2}' - } - get_sentinel_master_info() { - if is_boolean_yes "$REDIS_SENTINEL_TLS_ENABLED"; then - sentinel_info_command="{{- if and .Values.auth.enabled .Values.auth.sentinel }}REDISCLI_AUTH="\$REDIS_PASSWORD" {{ end }}timeout {{ .Values.sentinel.getMasterTimeout }} redis-cli -h $REDIS_SERVICE -p $SENTINEL_SERVICE_PORT --tls --cert ${REDIS_SENTINEL_TLS_CERT_FILE} --key ${REDIS_SENTINEL_TLS_KEY_FILE} --cacert ${REDIS_SENTINEL_TLS_CA_FILE} sentinel get-master-addr-by-name {{ .Values.sentinel.masterSet }}" - else - sentinel_info_command="{{- if and .Values.auth.enabled .Values.auth.sentinel }}REDISCLI_AUTH="\$REDIS_PASSWORD" {{ end }}timeout {{ .Values.sentinel.getMasterTimeout }} redis-cli -h $REDIS_SERVICE -p $SENTINEL_SERVICE_PORT sentinel get-master-addr-by-name {{ .Values.sentinel.masterSet }}" - fi - info "about to run the command: $sentinel_info_command" - retry_while "eval $sentinel_info_command" 2 5 - } - - [[ -f $REDIS_PASSWORD_FILE ]] && export REDIS_PASSWORD="$(< "${REDIS_PASSWORD_FILE}")" - - master_in_persisted_conf="$(get_full_hostname "$HOSTNAME")" - - if [[ -f /opt/bitnami/redis-sentinel/etc/sentinel.conf ]]; then - master_in_persisted_conf="$(awk '/monitor/ {print $4}' /opt/bitnami/redis-sentinel/etc/sentinel.conf)" - info "Found previous master $master_in_persisted_conf in /opt/bitnami/redis-sentinel/etc/sentinel.conf" - debug "$(cat /opt/bitnami/redis-sentinel/etc/sentinel.conf | grep monitor)" - fi - REDIS_SENTINEL_INFO=($(get_sentinel_master_info)) - if [ "$?" -eq "0" ]; then - # current master's host and port obtained from other Sentinel - info "printing REDIS_SENTINEL_INFO=(${REDIS_SENTINEL_INFO[0]},${REDIS_SENTINEL_INFO[1]})" - REDIS_MASTER_HOST=${REDIS_SENTINEL_INFO[0]} - REDIS_MASTER_PORT_NUMBER=${REDIS_SENTINEL_INFO[1]} - else - REDIS_MASTER_HOST="$master_in_persisted_conf" - REDIS_MASTER_PORT_NUMBER="$REDISPORT" - fi - if [[ "$REDIS_MASTER_HOST" == "$(get_full_hostname "$HOSTNAME")" ]]; then - export REDIS_REPLICATION_MODE="master" - else - export REDIS_REPLICATION_MODE="replica" - fi - - {{- if or .Values.sentinel.masterService.enabled .Values.sentinel.service.createMaster }} - if [[ "${REDIS_REPLICATION_MODE}" == "master" ]]; then - # Add isMaster label to master node for master service - echo "${REDIS_MASTER_HOST/.*}" > /etc/shared/current - fi - {{- end }} - - if [[ -n "$REDIS_EXTERNAL_MASTER_HOST" ]]; then - REDIS_MASTER_HOST="$REDIS_EXTERNAL_MASTER_HOST" - REDIS_MASTER_PORT_NUMBER="${REDIS_EXTERNAL_MASTER_PORT}" - fi - - # To prevent incomplete configuration and as the redis container accesses /opt/bitnami/redis-sentinel/etc/sentinel.conf - # as well, prepare the new config in `prepare-sentinel.conf` and move it atomically to the ultimate destination when it is complete. - cp /opt/bitnami/redis-sentinel/mounted-etc/sentinel.conf /opt/bitnami/redis-sentinel/etc/prepare-sentinel.conf - {{- if .Values.auth.enabled }} - printf "\nsentinel auth-pass %s %s" "{{ .Values.sentinel.masterSet }}" "$REDIS_PASSWORD" >> /opt/bitnami/redis-sentinel/etc/prepare-sentinel.conf - {{- if and .Values.auth.enabled .Values.auth.sentinel }} - printf "\nrequirepass %s" "$REDIS_PASSWORD" >> /opt/bitnami/redis-sentinel/etc/prepare-sentinel.conf - {{- end }} - {{- end }} - printf "\nsentinel myid %s" "$(host_id "$HOSTNAME")" >> /opt/bitnami/redis-sentinel/etc/prepare-sentinel.conf - - if [[ -z "$REDIS_MASTER_HOST" ]] || [[ -z "$REDIS_MASTER_PORT_NUMBER" ]] - then - # Prevent incorrect configuration to be written to sentinel.conf - error "Redis master host is configured incorrectly (host: $REDIS_MASTER_HOST, port: $REDIS_MASTER_PORT_NUMBER)" - exit 1 - fi - - sentinel_conf_set "sentinel monitor" "{{ .Values.sentinel.masterSet }} "$REDIS_MASTER_HOST" "$REDIS_MASTER_PORT_NUMBER" {{ .Values.sentinel.quorum }}" - - add_known_sentinel() { - hostname="$1" - ip="$2" - - if [[ -n "$hostname" && -n "$ip" && "$hostname" != "$HOSTNAME" ]]; then - sentinel_conf_add "sentinel known-sentinel {{ .Values.sentinel.masterSet }} $(get_full_hostname "$hostname") $(get_port "$hostname" "SENTINEL") $(host_id "$hostname")" - fi - } - add_known_replica() { - hostname="$1" - ip="$2" - - if [[ -n "$ip" && "$(get_full_hostname "$hostname")" != "$REDIS_MASTER_HOST" ]]; then - sentinel_conf_add "sentinel known-replica {{ .Values.sentinel.masterSet }} $(get_full_hostname "$hostname") $(get_port "$hostname" "REDIS")" - fi - } - - # Add available hosts on the network as known replicas & sentinels - for node in $(seq 0 $(({{ .Values.replica.replicaCount }}-1))); do - hostname="{{ template "common.names.fullname" . }}-node-$node" - ip="$(getent hosts "$hostname.$HEADLESS_SERVICE" | awk '{ print $1 }')" - add_known_sentinel "$hostname" "$ip" - add_known_replica "$hostname" "$ip" - done - - echo "" >> /opt/bitnami/redis-sentinel/etc/prepare-sentinel.conf - {{- if not (contains "sentinel announce-hostnames" .Values.sentinel.configuration) }} - echo "sentinel announce-hostnames yes" >> /opt/bitnami/redis-sentinel/etc/prepare-sentinel.conf - {{- end }} - {{- if not (contains "sentinel resolve-hostnames" .Values.sentinel.configuration) }} - echo "sentinel resolve-hostnames yes" >> /opt/bitnami/redis-sentinel/etc/prepare-sentinel.conf - {{- end }} - {{- if not (contains "sentinel announce-port" .Values.sentinel.configuration) }} - echo "sentinel announce-port $SERVPORT" >> /opt/bitnami/redis-sentinel/etc/prepare-sentinel.conf - {{- end }} - {{- if not (contains "sentinel announce-ip" .Values.sentinel.configuration) }} - echo "sentinel announce-ip $(get_full_hostname "$HOSTNAME")" >> /opt/bitnami/redis-sentinel/etc/prepare-sentinel.conf - {{- end }} - - {{- if .Values.tls.enabled }} - ARGS=("--port" "0") - ARGS+=("--tls-port" "${REDIS_SENTINEL_TLS_PORT_NUMBER}") - ARGS+=("--tls-cert-file" "${REDIS_SENTINEL_TLS_CERT_FILE}") - ARGS+=("--tls-key-file" "${REDIS_SENTINEL_TLS_KEY_FILE}") - ARGS+=("--tls-ca-cert-file" "${REDIS_SENTINEL_TLS_CA_FILE}") - ARGS+=("--tls-replication" "yes") - ARGS+=("--tls-auth-clients" "${REDIS_SENTINEL_TLS_AUTH_CLIENTS}") - {{- if .Values.tls.dhParamsFilename }} - ARGS+=("--tls-dh-params-file" "${REDIS_SENTINEL_TLS_DH_PARAMS_FILE}") - {{- end }} - {{- end }} - {{- if .Values.sentinel.preExecCmds }} - {{ .Values.sentinel.preExecCmds | nindent 4 }} - {{- end }} - mv /opt/bitnami/redis-sentinel/etc/prepare-sentinel.conf /opt/bitnami/redis-sentinel/etc/sentinel.conf - exec redis-server /opt/bitnami/redis-sentinel/etc/sentinel.conf {{- if .Values.tls.enabled }} "${ARGS[@]}" {{- end }} --sentinel - prestop-sentinel.sh: | - #!/bin/bash - - . /opt/bitnami/scripts/libvalidations.sh - . /opt/bitnami/scripts/libos.sh - - HEADLESS_SERVICE="{{ template "common.names.fullname" . }}-headless.{{ include "common.names.namespace" . }}.svc.{{ .Values.clusterDomain }}" - - get_full_hostname() { - hostname="$1" - - {{- if .Values.useExternalDNS.enabled }} - full_hostname="${hostname}.{{- include "redis.externalDNS.suffix" . }}" - {{- else if eq .Values.sentinel.service.type "NodePort" }} - full_hostname="${hostname}.{{- include "common.names.namespace" . }}" - {{- else }} - full_hostname="${hostname}.${HEADLESS_SERVICE}" - {{- end }} - - {{- if .Values.useHostnames }} - echo "${full_hostname}" - {{- else }} - retry_count=0 - until getent hosts "${full_hostname}" | awk '{ print $1; exit }' | grep .; do - if [[ $retry_count -lt {{ .Values.nameResolutionThreshold }} ]]; then - sleep {{ .Values.nameResolutionTimeout }} - else - error "IP address for ${full_hostname} not found" - exit 1 - fi - ((retry_count++)) - done - {{- end }} - } - - run_sentinel_command() { - if is_boolean_yes "$REDIS_SENTINEL_TLS_ENABLED"; then - redis-cli -h "$REDIS_SERVICE" -p "$REDIS_SENTINEL_TLS_PORT_NUMBER" --tls --cert "$REDIS_SENTINEL_TLS_CERT_FILE" --key "$REDIS_SENTINEL_TLS_KEY_FILE" --cacert "$REDIS_SENTINEL_TLS_CA_FILE" sentinel "$@" - else - redis-cli -h "$REDIS_SERVICE" -p "$REDIS_SENTINEL_PORT" sentinel "$@" - fi - } - sentinel_failover_finished() { - REDIS_SENTINEL_INFO=($(run_sentinel_command get-master-addr-by-name "{{ .Values.sentinel.masterSet }}")) - REDIS_MASTER_HOST="${REDIS_SENTINEL_INFO[0]}" - [[ "$REDIS_MASTER_HOST" != "$(get_full_hostname $HOSTNAME)" ]] - } - - REDIS_SERVICE="{{ include "common.names.fullname" . }}.{{ include "common.names.namespace" . }}.svc.{{ .Values.clusterDomain }}" - - {{ if .Values.auth.sentinel -}} - # redis-cli automatically consumes credentials from the REDISCLI_AUTH variable - [[ -n "$REDIS_PASSWORD" ]] && export REDISCLI_AUTH="$REDIS_PASSWORD" - [[ -f "$REDIS_PASSWORD_FILE" ]] && export REDISCLI_AUTH="$(< "${REDIS_PASSWORD_FILE}")" - {{- end }} - - if ! sentinel_failover_finished; then - echo "I am the master pod and you are stopping me. Starting sentinel failover" - if retry_while "sentinel_failover_finished" "{{ sub .Values.sentinel.terminationGracePeriodSeconds 10 }}" 1; then - echo "Master has been successfuly failed over to a different pod." - exit 0 - else - echo "Master failover failed" - exit 1 - fi - else - exit 0 - fi - prestop-redis.sh: | - #!/bin/bash - - . /opt/bitnami/scripts/libvalidations.sh - . /opt/bitnami/scripts/libos.sh - - run_redis_command() { - if is_boolean_yes "$REDIS_TLS_ENABLED"; then - redis-cli -h 127.0.0.1 -p "$REDIS_TLS_PORT" --tls --cert "$REDIS_TLS_CERT_FILE" --key "$REDIS_TLS_KEY_FILE" --cacert "$REDIS_TLS_CA_FILE" "$@" - else - redis-cli -h 127.0.0.1 -p "$REDIS_PORT" "$@" - fi - } - is_master() { - REDIS_ROLE=$(run_redis_command role | head -1) - [[ "$REDIS_ROLE" == "master" ]] - } - - HEADLESS_SERVICE="{{ template "common.names.fullname" . }}-headless.{{- include "common.names.namespace" . }}.svc.{{ .Values.clusterDomain }}" - - get_full_hostname() { - hostname="$1" - - {{- if .Values.useExternalDNS.enabled }} - full_hostname="${hostname}.{{- include "redis.externalDNS.suffix" . }}" - {{- else if eq .Values.sentinel.service.type "NodePort" }} - full_hostname="${hostname}.{{- include "common.names.namespace" . }}" - {{- else }} - full_hostname="${hostname}.${HEADLESS_SERVICE}" - {{- end }} - - {{- if .Values.useHostnames }} - echo "${full_hostname}" - {{- else }} - retry_count=0 - until getent hosts "${full_hostname}" | awk '{ print $1; exit }' | grep .; do - if [[ $retry_count -lt {{ .Values.nameResolutionThreshold }} ]]; then - sleep {{ .Values.nameResolutionTimeout }} - else - error "IP address for ${full_hostname} not found" - exit 1 - fi - ((retry_count++)) - done - {{- end }} - } - - run_sentinel_command() { - if is_boolean_yes "$REDIS_SENTINEL_TLS_ENABLED"; then - {{ .Values.auth.sentinel | ternary "" "env -u REDISCLI_AUTH " -}} redis-cli -h "$REDIS_SERVICE" -p "$REDIS_SENTINEL_TLS_PORT_NUMBER" --tls --cert "$REDIS_SENTINEL_TLS_CERT_FILE" --key "$REDIS_SENTINEL_TLS_KEY_FILE" --cacert "$REDIS_SENTINEL_TLS_CA_FILE" sentinel "$@" - else - {{ .Values.auth.sentinel | ternary "" "env -u REDISCLI_AUTH " -}} redis-cli -h "$REDIS_SERVICE" -p "$REDIS_SENTINEL_PORT" sentinel "$@" - fi - } - sentinel_failover_finished() { - REDIS_SENTINEL_INFO=($(run_sentinel_command get-master-addr-by-name "{{ .Values.sentinel.masterSet }}")) - REDIS_MASTER_HOST="${REDIS_SENTINEL_INFO[0]}" - [[ "$REDIS_MASTER_HOST" != "$(get_full_hostname $HOSTNAME)" ]] - } - - REDIS_SERVICE="{{ include "common.names.fullname" . }}.{{ include "common.names.namespace" . }}.svc.{{ .Values.clusterDomain }}" - - # redis-cli automatically consumes credentials from the REDISCLI_AUTH variable - [[ -n "$REDIS_PASSWORD" ]] && export REDISCLI_AUTH="$REDIS_PASSWORD" - [[ -f "$REDIS_PASSWORD_FILE" ]] && export REDISCLI_AUTH="$(< "${REDIS_PASSWORD_FILE}")" - - - if is_master && ! sentinel_failover_finished; then - echo "I am the master pod and you are stopping me. Pausing client connections." - # Pausing client write connections to avoid data loss - run_redis_command CLIENT PAUSE "{{ mul (add 2 (sub .Values.sentinel.terminationGracePeriodSeconds 10)) 1000 }}" WRITE - - echo "Issuing failover" - # if I am the master, issue a command to failover once - run_sentinel_command failover "{{ .Values.sentinel.masterSet }}" - - {{- if .Values.sentinel.redisShutdownWaitFailover }} - echo "Waiting for sentinel to complete failover for up to {{ sub .Values.sentinel.terminationGracePeriodSeconds 10 }}s" - retry_while "sentinel_failover_finished" "{{ sub .Values.sentinel.terminationGracePeriodSeconds 10 }}" 1 - {{- end }} - else - exit 0 - fi - - {{- if or .Values.sentinel.masterService.enabled .Values.sentinel.service.createMaster }} - push-master-label.sh: | - #!/bin/bash - # https://download.redis.io/redis-stable/sentinel.conf - - echo "${6/.*}" > /etc/shared/current - echo "${4/.*}" > /etc/shared/previous - {{- end }} -{{- else }} - start-master.sh: | - #!/bin/bash - - [[ -f $REDIS_PASSWORD_FILE ]] && export REDIS_PASSWORD="$(< "${REDIS_PASSWORD_FILE}")" - {{- if and .Values.master.containerSecurityContext.runAsUser (eq (.Values.master.containerSecurityContext.runAsUser | int) 0) }} - useradd redis - chown -R redis {{ .Values.master.persistence.path }} - {{- end }} - if [[ -f /opt/bitnami/redis/mounted-etc/master.conf ]];then - cp /opt/bitnami/redis/mounted-etc/master.conf /opt/bitnami/redis/etc/master.conf - fi - if [[ -f /opt/bitnami/redis/mounted-etc/redis.conf ]];then - cp /opt/bitnami/redis/mounted-etc/redis.conf /opt/bitnami/redis/etc/redis.conf - fi - {{- if .Values.tls.enabled }} - ARGS=("--port" "0") - ARGS+=("--tls-port" "${REDIS_TLS_PORT}") - ARGS+=("--tls-cert-file" "${REDIS_TLS_CERT_FILE}") - ARGS+=("--tls-key-file" "${REDIS_TLS_KEY_FILE}") - ARGS+=("--tls-ca-cert-file" "${REDIS_TLS_CA_FILE}") - ARGS+=("--tls-auth-clients" "${REDIS_TLS_AUTH_CLIENTS}") - {{- if .Values.tls.dhParamsFilename }} - ARGS+=("--tls-dh-params-file" "${REDIS_TLS_DH_PARAMS_FILE}") - {{- end }} - {{- else }} - ARGS=("--port" "${REDIS_PORT}") - {{- end }} - {{- if .Values.auth.enabled }} - ARGS+=("--requirepass" "${REDIS_PASSWORD}") - ARGS+=("--masterauth" "${REDIS_PASSWORD}") - {{- else }} - ARGS+=("--protected-mode" "no") - {{- end }} - ARGS+=("--include" "/opt/bitnami/redis/etc/redis.conf") - ARGS+=("--include" "/opt/bitnami/redis/etc/master.conf") - {{- if .Values.master.extraFlags }} - {{- range .Values.master.extraFlags }} - ARGS+=({{ . | quote }}) - {{- end }} - {{- end }} - {{- if .Values.master.preExecCmds }} - {{ .Values.master.preExecCmds | nindent 4 }} - {{- end }} - {{- if .Values.master.command }} - exec {{ .Values.master.command }} "${ARGS[@]}" - {{- else }} - exec redis-server "${ARGS[@]}" - {{- end }} - {{- if eq .Values.architecture "replication" }} - start-replica.sh: | - #!/bin/bash - - get_port() { - hostname="$1" - type="$2" - - port_var=$(echo "${hostname^^}_SERVICE_PORT_$type" | sed "s/-/_/g") - port=${!port_var} - - if [ -z "$port" ]; then - case $type in - "SENTINEL") - echo {{ .Values.sentinel.containerPorts.sentinel }} - ;; - "REDIS") - echo {{ .Values.master.containerPorts.redis }} - ;; - esac - else - echo $port - fi - } - - get_full_hostname() { - hostname="$1" - - {{- if .Values.useExternalDNS.enabled }} - full_hostname="${hostname}.{{- include "redis.externalDNS.suffix" . }}" - {{- else if eq .Values.sentinel.service.type "NodePort" }} - full_hostname="${hostname}.{{- include "common.names.namespace" . }}" - {{- else }} - full_hostname="${hostname}.${HEADLESS_SERVICE}" - {{- end }} - - {{- if .Values.useHostnames }} - echo "${full_hostname}" - {{- else }} - retry_count=0 - until getent hosts "${full_hostname}" | awk '{ print $1; exit }' | grep .; do - if [[ $retry_count -lt {{ .Values.nameResolutionThreshold }} ]]; then - sleep {{ .Values.nameResolutionTimeout }} - else - error "IP address for ${full_hostname} not found" - exit 1 - fi - ((retry_count++)) - done - {{- end }} - } - - REDISPORT=$(get_port "$HOSTNAME" "REDIS") - HEADLESS_SERVICE="{{ template "common.names.fullname" . }}-headless.{{ include "common.names.namespace" . }}.svc.{{ .Values.clusterDomain }}" - - [[ -f $REDIS_PASSWORD_FILE ]] && export REDIS_PASSWORD="$(< "${REDIS_PASSWORD_FILE}")" - [[ -f $REDIS_MASTER_PASSWORD_FILE ]] && export REDIS_MASTER_PASSWORD="$(< "${REDIS_MASTER_PASSWORD_FILE}")" - {{- if and .Values.replica.containerSecurityContext.runAsUser (eq (.Values.replica.containerSecurityContext.runAsUser | int) 0) }} - useradd redis - chown -R redis {{ .Values.replica.persistence.path }} - {{- end }} - if [[ -f /opt/bitnami/redis/mounted-etc/replica.conf ]];then - cp /opt/bitnami/redis/mounted-etc/replica.conf /opt/bitnami/redis/etc/replica.conf - fi - if [[ -f /opt/bitnami/redis/mounted-etc/redis.conf ]];then - cp /opt/bitnami/redis/mounted-etc/redis.conf /opt/bitnami/redis/etc/redis.conf - fi - - echo "" >> /opt/bitnami/redis/etc/replica.conf - echo "replica-announce-port $REDISPORT" >> /opt/bitnami/redis/etc/replica.conf - echo "replica-announce-ip $(get_full_hostname "$HOSTNAME")" >> /opt/bitnami/redis/etc/replica.conf - - {{- if .Values.tls.enabled }} - ARGS=("--port" "0") - ARGS+=("--tls-port" "${REDIS_TLS_PORT}") - ARGS+=("--tls-cert-file" "${REDIS_TLS_CERT_FILE}") - ARGS+=("--tls-key-file" "${REDIS_TLS_KEY_FILE}") - ARGS+=("--tls-ca-cert-file" "${REDIS_TLS_CA_FILE}") - ARGS+=("--tls-auth-clients" "${REDIS_TLS_AUTH_CLIENTS}") - ARGS+=("--tls-replication" "yes") - {{- if .Values.tls.dhParamsFilename }} - ARGS+=("--tls-dh-params-file" "${REDIS_TLS_DH_PARAMS_FILE}") - {{- end }} - {{- else }} - ARGS=("--port" "${REDIS_PORT}") - {{- end }} - ARGS+=("--replicaof" "${REDIS_MASTER_HOST}" "${REDIS_MASTER_PORT_NUMBER}") - {{- if .Values.auth.enabled }} - ARGS+=("--requirepass" "${REDIS_PASSWORD}") - ARGS+=("--masterauth" "${REDIS_MASTER_PASSWORD}") - {{- else }} - ARGS+=("--protected-mode" "no") - {{- end }} - ARGS+=("--include" "/opt/bitnami/redis/etc/redis.conf") - ARGS+=("--include" "/opt/bitnami/redis/etc/replica.conf") - {{- if .Values.replica.extraFlags }} - {{- range .Values.replica.extraFlags }} - ARGS+=({{ . | quote }}) - {{- end }} - {{- end }} - {{- if .Values.replica.preExecCmds }} - {{ .Values.replica.preExecCmds | nindent 4 }} - {{- end }} - {{- if .Values.replica.command }} - exec {{ .Values.replica.command }} "${ARGS[@]}" - {{- else }} - exec redis-server "${ARGS[@]}" - {{- end }} - {{- end }} -{{- end }} ---- -{{- if or .Values.sentinel.masterService.enabled .Values.sentinel.service.createMaster }} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ printf "%s-kubectl-scripts" (include "common.names.fullname" .) }} - namespace: {{ include "common.names.namespace" . | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -data: - update-master-label.sh: | - #!/bin/bash - while true; do - while [ ! -f "/etc/shared/current" ]; do - sleep 1 - done - echo "new master elected, updating label(s)..." - kubectl label pod --field-selector metadata.name="$(< "/etc/shared/current")" isMaster="true" --overwrite - if [ -f /etc/shared/previous ]; then - kubectl label pod --field-selector metadata.name="$(< "/etc/shared/previous")" isMaster="false" --overwrite - fi - rm "/etc/shared/current" "/etc/shared/previous" - done -{{- end }} diff --git a/charts/redis/redis/templates/secret-svcbind.yaml b/charts/redis/redis/templates/secret-svcbind.yaml deleted file mode 100644 index d3c74ff..0000000 --- a/charts/redis/redis/templates/secret-svcbind.yaml +++ /dev/null @@ -1,37 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if .Values.serviceBindings.enabled }} -{{- $host := include "common.names.fullname" . }} -{{- if not .Values.sentinel.enabled }} -{{- $host = printf "%s-master" (include "common.names.fullname" .) }} -{{- end }} -{{- $port := print .Values.master.service.ports.redis }} -{{- if .Values.sentinel.enabled }} -{{- $port = print .Values.sentinel.service.ports.redis }} -{{- end }} -{{- $password := include "redis.password" . }} -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.names.fullname" . }}-svcbind - namespace: {{ include "common.names.namespace" . | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -type: servicebinding.io/redis -data: - provider: {{ print "bitnami" | b64enc | quote }} - type: {{ print "redis" | b64enc | quote }} - host: {{ print $host | b64enc | quote }} - port: {{ print $port | b64enc | quote }} - password: {{ print $password | b64enc | quote }} - {{- if $password }} - uri: {{ printf "redis://:%s@%s:%s" $password $host $port | b64enc | quote }} - {{- else }} - uri: {{ printf "redis://%s:%s" $host $port | b64enc | quote }} - {{- end }} -{{- end }} diff --git a/charts/redis/redis/templates/secret.yaml b/charts/redis/redis/templates/secret.yaml deleted file mode 100644 index ec69fe2..0000000 --- a/charts/redis/redis/templates/secret.yaml +++ /dev/null @@ -1,25 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if and .Values.auth.enabled (not .Values.auth.existingSecret) (or .Values.auth.usePasswordFileFromSecret (not .Values.auth.usePasswordFiles)) -}} -apiVersion: v1 -kind: Secret -metadata: - name: {{ template "common.names.fullname" . }} - namespace: {{ include "common.names.namespace" . | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- if or .Values.secretAnnotations .Values.commonAnnotations }} - annotations: - {{- if .Values.secretAnnotations }} - {{- include "common.tplvalues.render" ( dict "value" .Values.secretAnnotations "context" $ ) | nindent 4 }} - {{- end }} - {{- if .Values.commonAnnotations }} - {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} - {{- end }} -type: Opaque -data: - redis-password: {{ include "redis.password" . | b64enc | quote }} -{{- end -}} diff --git a/charts/redis/redis/templates/sentinel/hpa.yaml b/charts/redis/redis/templates/sentinel/hpa.yaml deleted file mode 100644 index 54ec485..0000000 --- a/charts/redis/redis/templates/sentinel/hpa.yaml +++ /dev/null @@ -1,49 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if and .Values.replica.autoscaling.enabled .Values.sentinel.enabled }} -apiVersion: {{ include "common.capabilities.hpa.apiVersion" ( dict "context" $ ) }} -kind: HorizontalPodAutoscaler -metadata: - name: {{ printf "%s-node" (include "common.names.fullname" .) }} - namespace: {{ include "common.names.namespace" . | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - app.kubernetes.io/component: replica - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -spec: - scaleTargetRef: - apiVersion: {{ include "common.capabilities.deployment.apiVersion" . }} - kind: StatefulSet - name: {{ printf "%s-node" (include "common.names.fullname" .) }} - minReplicas: {{ .Values.replica.autoscaling.minReplicas }} - maxReplicas: {{ .Values.replica.autoscaling.maxReplicas }} - metrics: - {{- if .Values.replica.autoscaling.targetMemory }} - - type: Resource - resource: - name: memory - {{- if semverCompare "<1.23-0" (include "common.capabilities.kubeVersion" .) }} - targetAverageUtilization: {{ .Values.replica.autoscaling.targetMemory }} - {{- else }} - target: - type: Utilization - averageUtilization: {{ .Values.replica.autoscaling.targetMemory }} - {{- end }} - {{- end }} - {{- if .Values.replica.autoscaling.targetCPU }} - - type: Resource - resource: - name: cpu - {{- if semverCompare "<1.23-0" (include "common.capabilities.kubeVersion" .) }} - targetAverageUtilization: {{ .Values.replica.autoscaling.targetCPU }} - {{- else }} - target: - type: Utilization - averageUtilization: {{ .Values.replica.autoscaling.targetCPU }} - {{- end }} - {{- end }} -{{- end }} diff --git a/charts/redis/redis/templates/sentinel/node-services.yaml b/charts/redis/redis/templates/sentinel/node-services.yaml deleted file mode 100644 index 30ccad5..0000000 --- a/charts/redis/redis/templates/sentinel/node-services.yaml +++ /dev/null @@ -1,67 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if and (eq .Values.architecture "replication") .Values.sentinel.enabled (eq .Values.sentinel.service.type "NodePort") (or .Release.IsUpgrade .Values.sentinel.service.nodePorts.redis ) }} - -{{- range $i := until (int .Values.replica.replicaCount) }} - -{{ $portsmap := (lookup "v1" "ConfigMap" (include "common.names.namespace" $) (printf "%s-%s" ( include "common.names.fullname" $ ) "ports-configmap")).data }} - -{{ $sentinelport := 0}} -{{ $redisport := 0}} -{{- if $portsmap }} -{{ $sentinelport = index $portsmap (printf "%s-node-%s-%s" (include "common.names.fullname" $) (toString $i) "sentinel") }} -{{ $redisport = index $portsmap (printf "%s-node-%s-%s" (include "common.names.fullname" $) (toString $i) "redis") }} -{{- else }} -{{- end }} -apiVersion: v1 -kind: Service -metadata: - name: {{ template "common.names.fullname" $ }}-node-{{ $i }} - namespace: {{ include "common.names.namespace" $ | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" $.Values.commonLabels "context" $ ) | nindent 4 }} - app.kubernetes.io/component: node - {{- if or $.Values.commonAnnotations $.Values.sentinel.service.annotations }} - {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list $.Values.sentinel.service.annotations $.Values.commonAnnotations ) "context" $ ) }} - annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} - {{- end }} -spec: - type: NodePort - ports: - - name: sentinel - {{- if $.Values.sentinel.service.nodePorts.sentinel }} - nodePort: {{ (add $.Values.sentinel.service.nodePorts.sentinel $i 1) }} - port: {{ (add $.Values.sentinel.service.nodePorts.sentinel $i 1) }} - {{- else }} - nodePort: {{ $sentinelport }} - port: {{ $sentinelport }} - {{- end }} - protocol: TCP - targetPort: {{ $.Values.sentinel.containerPorts.sentinel }} - - name: redis - {{- if $.Values.sentinel.service.nodePorts.redis }} - nodePort: {{ (add $.Values.sentinel.service.nodePorts.redis $i 1) }} - port: {{ (add $.Values.sentinel.service.nodePorts.redis $i 1) }} - {{- else }} - nodePort: {{ $redisport }} - port: {{ $redisport }} - {{- end }} - protocol: TCP - targetPort: {{ $.Values.replica.containerPorts.redis }} - - name: sentinel-internal - nodePort: null - port: {{ $.Values.sentinel.containerPorts.sentinel }} - protocol: TCP - targetPort: {{ $.Values.sentinel.containerPorts.sentinel }} - - name: redis-internal - nodePort: null - port: {{ $.Values.replica.containerPorts.redis }} - protocol: TCP - targetPort: {{ $.Values.replica.containerPorts.redis }} - selector: - statefulset.kubernetes.io/pod-name: {{ template "common.names.fullname" $ }}-node-{{ $i }} ---- -{{- end }} -{{- end }} diff --git a/charts/redis/redis/templates/sentinel/pdb.yaml b/charts/redis/redis/templates/sentinel/pdb.yaml deleted file mode 100644 index 32ddad6..0000000 --- a/charts/redis/redis/templates/sentinel/pdb.yaml +++ /dev/null @@ -1,27 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} -{{- $pdb := coalesce .Values.pdb .Values.replica.pdb }} -{{- if and (eq .Values.architecture "replication") .Values.sentinel.enabled $pdb.create }} -apiVersion: {{ include "common.capabilities.policy.apiVersion" . }} -kind: PodDisruptionBudget -metadata: - name: {{ printf "%s-node" (include "common.names.fullname" .) }} - namespace: {{ include "common.names.namespace" . | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - app.kubernetes.io/component: node - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -spec: - {{- if $pdb.minAvailable }} - minAvailable: {{ $pdb.minAvailable }} - {{- end }} - {{- if or $pdb.maxUnavailable (not $pdb.minAvailable) }} - maxUnavailable: {{ $pdb.maxUnavailable | default 1 }} - {{- end }} - selector: - matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 6 }} - app.kubernetes.io/component: node -{{- end }} diff --git a/charts/redis/redis/templates/sentinel/ports-configmap.yaml b/charts/redis/redis/templates/sentinel/ports-configmap.yaml deleted file mode 100644 index d55f01a..0000000 --- a/charts/redis/redis/templates/sentinel/ports-configmap.yaml +++ /dev/null @@ -1,102 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if and (eq .Values.architecture "replication") .Values.sentinel.enabled (eq .Values.sentinel.service.type "NodePort") (not .Values.sentinel.service.nodePorts.redis ) }} -{{- /* create a list to keep track of ports we choose to use */}} -{{ $chosenports := (list ) }} - -{{- /* Get list of all used nodeports */}} -{{ $usedports := (list ) }} -{{- range $index, $service := (lookup "v1" "Service" "" "").items }} - {{- range.spec.ports }} - {{- if .nodePort }} - {{- $usedports = (append $usedports .nodePort) }} - {{- end }} - {{- end }} -{{- end }} - -{{- /* -comments that start with # are rendered in the output when you debug, so you can less and search for them -Vars in the comment will be rendered out, so you can check their value this way. -https://helm.sh/docs/chart_best_practices/templates/#comments-yaml-comments-vs-template-comments - -remove the template comments and leave the yaml comments to help debug -*/}} - -{{- /* Sort the list */}} -{{ $usedports = $usedports | sortAlpha }} -#usedports {{ $usedports }} - -{{- /* How many nodeports per service do we want to create, except for the main service which is always two */}} -{{ $numberofPortsPerNodeService := 2 }} - -{{- /* for every nodeport we want, loop though the used ports to get an unused port */}} -{{- range $j := until (int (add (mul (int .Values.replica.replicaCount) $numberofPortsPerNodeService) 2)) }} - {{- /* #j={{ $j }} */}} - {{- $nodeport := (add $j 30000) }} - {{- $nodeportfound := false }} - {{- range $i := $usedports }} - {{- /* #i={{ $i }} - #nodeport={{ $nodeport }} - #usedports={{ $usedports }} */}} - {{- if and (has (toString $nodeport) $usedports) (eq $nodeportfound false) }} - {{- /* nodeport conflicts with in use */}} - {{- $nodeport = (add $nodeport 1) }} - {{- else if and ( has $nodeport $chosenports) (eq $nodeportfound false) }} - {{- /* nodeport already chosen, try another */}} - {{- $nodeport = (add $nodeport 1) }} - {{- else if (eq $nodeportfound false) }} - {{- /* nodeport free to use: not already claimed and not in use */}} - {{- /* select nodeport, and place into usedports */}} - {{- $chosenports = (append $chosenports $nodeport) }} - {{- $nodeportfound = true }} - {{- else }} - {{- /* nodeport has already been chosen and locked in, just work through the rest of the list to get to the next nodeport selection */}} - {{- end }} - {{- end }} - {{- if (eq $nodeportfound false) }} - {{- $chosenports = (append $chosenports $nodeport) }} - {{- end }} - -{{- end }} - -{{- /* print the usedports and chosenports for debugging */}} -#usedports {{ $usedports }} -#chosenports {{ $chosenports }}}} - ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "common.names.fullname" . }}-ports-configmap - namespace: {{ include "common.names.namespace" . | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- if .Values.commonAnnotations }} - annotations: - {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -data: -{{ $portsmap := (lookup "v1" "ConfigMap" (include "common.names.namespace" .) (printf "%s-%s" ( include "common.names.fullname" . ) "ports-configmap")).data }} -{{- if $portsmap }} -{{- /* configmap already exists, do not install again */ -}} - {{- range $name, $value := $portsmap }} - "{{ $name }}": "{{ $value }}" - {{- end }} -{{- else }} -{{- /* configmap being set for first time */ -}} - {{- range $index, $port := $chosenports }} - {{- $nodenumber := (floor (div $index 2)) }} - {{- if (eq $index 0) }} - "{{ template "common.names.fullname" $ }}-sentinel": "{{ $port }}" - {{- else if (eq $index 1) }} - "{{ template "common.names.fullname" $ }}-redis": "{{ $port }}" - {{- else if (eq (mod $index 2) 0) }} - "{{ template "common.names.fullname" $ }}-node-{{ (sub $nodenumber 1) }}-sentinel": "{{ $port }}" - {{- else if (eq (mod $index 2) 1) }} - "{{ template "common.names.fullname" $ }}-node-{{ (sub $nodenumber 1) }}-redis": "{{ $port }}" - {{- end }} - {{- end }} -{{- end }} -{{- end }} diff --git a/charts/redis/redis/templates/sentinel/service.yaml b/charts/redis/redis/templates/sentinel/service.yaml deleted file mode 100644 index 9530bde..0000000 --- a/charts/redis/redis/templates/sentinel/service.yaml +++ /dev/null @@ -1,160 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if or .Release.IsUpgrade (ne .Values.sentinel.service.type "NodePort") .Values.sentinel.service.nodePorts.redis -}} -{{- if and (eq .Values.architecture "replication") .Values.sentinel.enabled }} -{{ $portsmap := (lookup "v1" "ConfigMap" (include "common.names.namespace" .) (printf "%s-%s" ( include "common.names.fullname" . ) "ports-configmap")).data }} - -{{ $sentinelport := 0}} -{{ $redisport := 0}} -{{- if $portsmap }} -{{ $sentinelport = index $portsmap (printf "%s-%s" (include "common.names.fullname" $) "sentinel") }} -{{ $redisport = index $portsmap (printf "%s-%s" (include "common.names.fullname" $) "redis") }} -{{- else }} -{{- end }} - -apiVersion: v1 -kind: Service -metadata: - name: {{ template "common.names.fullname" . }} - namespace: {{ include "common.names.namespace" . | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - app.kubernetes.io/component: node - {{- if or .Values.sentinel.service.annotations .Values.commonAnnotations }} - {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.sentinel.service.annotations .Values.commonAnnotations ) "context" . ) }} - annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} - {{- end }} -spec: - type: {{ .Values.sentinel.service.type }} - {{- if or (eq .Values.sentinel.service.type "LoadBalancer") (eq .Values.sentinel.service.type "NodePort") }} - externalTrafficPolicy: {{ .Values.sentinel.service.externalTrafficPolicy | quote }} - {{- end }} - {{- if and (eq .Values.sentinel.service.type "LoadBalancer") (not (empty .Values.sentinel.service.loadBalancerIP)) }} - loadBalancerIP: {{ .Values.sentinel.service.loadBalancerIP }} - {{- end }} - {{- if and (eq .Values.sentinel.service.type "LoadBalancer") .Values.sentinel.service.loadBalancerClass }} - loadBalancerClass: {{ .Values.sentinel.service.loadBalancerClass }} - {{- end }} - {{- if and (eq .Values.sentinel.service.type "LoadBalancer") (not (empty .Values.sentinel.service.loadBalancerSourceRanges)) }} - loadBalancerSourceRanges: {{ toYaml .Values.sentinel.service.loadBalancerSourceRanges | nindent 4 }} - {{- end }} - {{- if and .Values.sentinel.service.clusterIP (eq .Values.sentinel.service.type "ClusterIP") }} - clusterIP: {{ .Values.sentinel.service.clusterIP }} - {{- end }} - {{- if .Values.sentinel.service.sessionAffinity }} - sessionAffinity: {{ .Values.sentinel.service.sessionAffinity }} - {{- end }} - {{- if .Values.sentinel.service.sessionAffinityConfig }} - sessionAffinityConfig: {{- include "common.tplvalues.render" (dict "value" .Values.sentinel.service.sessionAffinityConfig "context" $) | nindent 4 }} - {{- end }} - ports: - - name: tcp-redis - {{- if and (or (eq .Values.sentinel.service.type "NodePort") (eq .Values.sentinel.service.type "LoadBalancer")) .Values.sentinel.service.nodePorts.redis }} - port: {{ .Values.sentinel.service.nodePorts.redis }} - {{- else if eq .Values.sentinel.service.type "NodePort" }} - port: {{ $redisport }} - {{- else}} - port: {{ .Values.sentinel.service.ports.redis }} - {{- end }} - targetPort: {{ .Values.replica.containerPorts.redis }} - {{- if and (or (eq .Values.sentinel.service.type "NodePort") (eq .Values.sentinel.service.type "LoadBalancer")) .Values.sentinel.service.nodePorts.redis }} - nodePort: {{ .Values.sentinel.service.nodePorts.redis }} - {{- else if eq .Values.sentinel.service.type "ClusterIP" }} - nodePort: null - {{- else if eq .Values.sentinel.service.type "NodePort" }} - nodePort: {{ $redisport }} - {{- end }} - - name: tcp-sentinel - {{- if and (or (eq .Values.sentinel.service.type "NodePort") (eq .Values.sentinel.service.type "LoadBalancer")) .Values.sentinel.service.nodePorts.sentinel }} - port: {{ .Values.sentinel.service.nodePorts.sentinel }} - {{- else if eq .Values.sentinel.service.type "NodePort" }} - port: {{ $sentinelport }} - {{- else }} - port: {{ .Values.sentinel.service.ports.sentinel }} - {{- end }} - targetPort: {{ .Values.sentinel.containerPorts.sentinel }} - {{- if and (or (eq .Values.sentinel.service.type "NodePort") (eq .Values.sentinel.service.type "LoadBalancer")) .Values.sentinel.service.nodePorts.sentinel }} - nodePort: {{ .Values.sentinel.service.nodePorts.sentinel }} - {{- else if eq .Values.sentinel.service.type "ClusterIP" }} - nodePort: null - {{- else if eq .Values.sentinel.service.type "NodePort" }} - nodePort: {{ $sentinelport }} - {{- end }} - {{- if eq .Values.sentinel.service.type "NodePort" }} - - name: sentinel-internal - nodePort: null - port: {{ .Values.sentinel.containerPorts.sentinel }} - protocol: TCP - targetPort: {{ .Values.sentinel.containerPorts.sentinel }} - - name: redis-internal - nodePort: null - port: {{ .Values.replica.containerPorts.redis }} - protocol: TCP - targetPort: {{ .Values.replica.containerPorts.redis }} - {{- end }} - {{- if .Values.sentinel.service.extraPorts }} - {{- include "common.tplvalues.render" (dict "value" .Values.sentinel.service.extraPorts "context" $) | nindent 4 }} - {{- end }} - {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.replica.podLabels .Values.commonLabels ) "context" . ) }} - selector: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 4 }} - app.kubernetes.io/component: node - -{{- $masterServiceConfig := ternary .Values.sentinel.masterService .Values.sentinel.service .Values.sentinel.masterService.enabled -}} -{{- if and .Values.sentinel.enabled (or .Values.sentinel.masterService.enabled .Values.sentinel.service.createMaster) }} ---- -apiVersion: v1 -kind: Service -metadata: - name: "{{ template "common.names.fullname" . }}-master" - namespace: {{ include "common.names.namespace" . | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - app.kubernetes.io/component: node - {{- if or $masterServiceConfig.annotations .Values.commonAnnotations }} - {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list ($masterServiceConfig.annotations) .Values.commonAnnotations ) "context" . ) }} - annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} - {{- end }} -spec: - type: {{ $masterServiceConfig.type }} - {{- if or (eq $masterServiceConfig.type "LoadBalancer") (eq $masterServiceConfig.type "NodePort") }} - externalTrafficPolicy: {{ $masterServiceConfig.externalTrafficPolicy | quote }} - {{- end }} - {{- if and (eq $masterServiceConfig.type "LoadBalancer") (not (empty ($masterServiceConfig.loadBalancerIP))) }} - loadBalancerIP: {{ $masterServiceConfig.loadBalancerIP }} - {{- end }} - {{- if and (eq $masterServiceConfig.type "LoadBalancer") (not (empty ($masterServiceConfig.loadBalancerClass))) }} - loadBalancerClass: {{ $masterServiceConfig.loadBalancerClass }} - {{- end }} - {{- if and (eq $masterServiceConfig.type "LoadBalancer") (not (empty ($masterServiceConfig.loadBalancerSourceRanges))) }} - loadBalancerSourceRanges: {{ toYaml ($masterServiceConfig.loadBalancerSourceRanges) | nindent 4 }} - {{- end }} - {{- if and (eq $masterServiceConfig.type "ClusterIP") (not (empty ($masterServiceConfig.clusterIP))) }} - clusterIP: {{ $masterServiceConfig.clusterIP }} - {{- end }} - sessionAffinity: {{ $masterServiceConfig.sessionAffinity }} - {{- if $masterServiceConfig.sessionAffinityConfig }} - sessionAffinityConfig: {{- include "common.tplvalues.render" (dict "value" ($masterServiceConfig.sessionAffinityConfig) "context" $) | nindent 4 }} - {{- end }} - ports: - - name: tcp-redis - {{- if and (or (eq $masterServiceConfig.type "NodePort") (eq $masterServiceConfig.type "LoadBalancer")) ($masterServiceConfig.nodePorts.redis) }} - port: {{ $masterServiceConfig.nodePorts.redis }} - {{- else if eq $masterServiceConfig.type "NodePort" }} - port: {{ $redisport }} - {{- else }} - port: {{ $masterServiceConfig.ports.redis }} - {{- end }} - targetPort: {{ .Values.replica.containerPorts.redis }} - {{- if and (or (eq $masterServiceConfig.type "NodePort") (eq $masterServiceConfig.type "LoadBalancer")) ($masterServiceConfig.nodePorts.redis) }} - nodePort: {{ $masterServiceConfig.nodePorts.redis }} - {{- else if eq $masterServiceConfig.type "ClusterIP" }} - nodePort: null - {{- else if eq $masterServiceConfig.type "NodePort" }} - nodePort: {{ $redisport }} - {{- end }} - selector: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 4 }} - isMaster: "true" -{{- end }} -{{- end }} -{{- end }} diff --git a/charts/redis/redis/templates/sentinel/statefulset.yaml b/charts/redis/redis/templates/sentinel/statefulset.yaml deleted file mode 100644 index 59cc292..0000000 --- a/charts/redis/redis/templates/sentinel/statefulset.yaml +++ /dev/null @@ -1,831 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if or .Release.IsUpgrade (ne .Values.sentinel.service.type "NodePort") .Values.sentinel.service.nodePorts.redis -}} -{{- if and (eq .Values.architecture "replication") .Values.sentinel.enabled }} -apiVersion: {{ include "common.capabilities.statefulset.apiVersion" . }} -kind: StatefulSet -metadata: - name: {{ printf "%s-node" (include "common.names.fullname" .) }} - namespace: {{ include "common.names.namespace" . | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - app.kubernetes.io/component: node - {{- if or .Values.commonAnnotations .Values.sentinel.annotations }} - {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.sentinel.annotations .Values.commonAnnotations ) "context" . ) }} - annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} - {{- end }} -spec: - replicas: {{ .Values.replica.replicaCount }} - revisionHistoryLimit: {{ .Values.replica.revisionHistoryLimit }} - {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.replica.podLabels .Values.commonLabels ) "context" . ) }} - selector: - matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }} - app.kubernetes.io/component: node - serviceName: {{ printf "%s-headless" (include "common.names.fullname" .) }} - {{- if .Values.replica.updateStrategy }} - updateStrategy: {{- toYaml .Values.replica.updateStrategy | nindent 4 }} - {{- end }} - {{- if and .Values.replica.minReadySeconds (semverCompare ">= 1.23-0" (include "common.capabilities.kubeVersion" .)) }} - minReadySeconds: {{ .Values.replica.minReadySeconds }} - {{- end }} - {{- if .Values.replica.podManagementPolicy }} - podManagementPolicy: {{ .Values.replica.podManagementPolicy | quote }} - {{- end }} - template: - metadata: - labels: {{- include "common.labels.standard" ( dict "customLabels" $podLabels "context" $ ) | nindent 8 }} - app.kubernetes.io/component: node - {{- if and .Values.metrics.enabled .Values.metrics.podLabels }} - {{- include "common.tplvalues.render" ( dict "value" .Values.metrics.podLabels "context" $ ) | nindent 8 }} - {{- end }} - annotations: - {{- if (include "redis.createConfigmap" .) }} - checksum/configmap: {{ pick ( include (print $.Template.BasePath "/configmap.yaml") . | fromYaml ) "data" | toYaml | sha256sum }} - {{- end }} - checksum/health: {{ pick ( include (print $.Template.BasePath "/health-configmap.yaml") . | fromYaml ) "data" | toYaml | sha256sum }} - checksum/scripts: {{ pick ( include (print $.Template.BasePath "/scripts-configmap.yaml") . | fromYaml ) "data" | toYaml | sha256sum }} - checksum/secret: {{ pick ( include (print $.Template.BasePath "/secret.yaml") . | fromYaml ) "data" | toYaml | sha256sum }} - {{- if .Values.replica.podAnnotations }} - {{- include "common.tplvalues.render" ( dict "value" .Values.replica.podAnnotations "context" $ ) | nindent 8 }} - {{- end }} - {{- if and .Values.metrics.enabled .Values.metrics.podAnnotations }} - {{- include "common.tplvalues.render" ( dict "value" .Values.metrics.podAnnotations "context" $ ) | nindent 8 }} - {{- end }} - spec: - {{- include "redis.imagePullSecrets" . | nindent 6 }} - automountServiceAccountToken: {{ .Values.replica.automountServiceAccountToken }} - {{- if .Values.replica.hostAliases }} - hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.replica.hostAliases "context" $) | nindent 8 }} - {{- end }} - {{- if .Values.replica.podSecurityContext.enabled }} - securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.replica.podSecurityContext "context" $) | nindent 8 }} - {{- end }} - serviceAccountName: {{ template "redis.serviceAccountName" . }} - {{- if .Values.replica.priorityClassName }} - priorityClassName: {{ .Values.replica.priorityClassName | quote }} - {{- end }} - {{- if .Values.replica.affinity }} - affinity: {{- include "common.tplvalues.render" (dict "value" .Values.replica.affinity "context" $) | nindent 8 }} - {{- else }} - affinity: - podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.replica.podAffinityPreset "component" "node" "customLabels" $podLabels "context" $) | nindent 10 }} - podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.replica.podAntiAffinityPreset "component" "node" "customLabels" $podLabels "context" $) | nindent 10 }} - nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.replica.nodeAffinityPreset.type "key" .Values.replica.nodeAffinityPreset.key "values" .Values.replica.nodeAffinityPreset.values) | nindent 10 }} - {{- end }} - {{- if .Values.replica.nodeSelector }} - nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.replica.nodeSelector "context" $) | nindent 8 }} - {{- end }} - {{- if .Values.replica.tolerations }} - tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.replica.tolerations "context" $) | nindent 8 }} - {{- end }} - {{- if .Values.replica.topologySpreadConstraints }} - topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.replica.topologySpreadConstraints "context" $) | nindent 8 }} - {{- end }} - {{- if .Values.replica.shareProcessNamespace }} - shareProcessNamespace: {{ .Values.replica.shareProcessNamespace }} - {{- end }} - {{- if .Values.replica.schedulerName }} - schedulerName: {{ .Values.replica.schedulerName | quote }} - {{- end }} - {{- if .Values.replica.dnsPolicy }} - dnsPolicy: {{ .Values.replica.dnsPolicy }} - {{- end }} - {{- if .Values.replica.dnsConfig }} - dnsConfig: {{- include "common.tplvalues.render" (dict "value" .Values.replica.dnsConfig "context" $) | nindent 8 }} - {{- end }} - enableServiceLinks: {{ .Values.sentinel.enableServiceLinks }} - terminationGracePeriodSeconds: {{ .Values.sentinel.terminationGracePeriodSeconds }} - containers: - - name: redis - image: {{ template "redis.image" . }} - imagePullPolicy: {{ .Values.image.pullPolicy | quote }} - {{- if not .Values.diagnosticMode.enabled }} - {{- if .Values.replica.lifecycleHooks }} - lifecycle: {{- include "common.tplvalues.render" (dict "value" .Values.replica.lifecycleHooks "context" $) | nindent 12 }} - {{- else }} - lifecycle: - preStop: - exec: - command: - - /bin/bash - - -c - - /opt/bitnami/scripts/start-scripts/prestop-redis.sh - {{- end }} - {{- end }} - {{- if .Values.replica.containerSecurityContext.enabled }} - securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.replica.containerSecurityContext "context" $) | nindent 12 }} - {{- end }} - {{- if .Values.diagnosticMode.enabled }} - command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }} - {{- else if .Values.replica.command }} - command: {{- include "common.tplvalues.render" (dict "value" .Values.replica.command "context" $) | nindent 12 }} - {{- else }} - command: - - /bin/bash - {{- end }} - {{- if .Values.diagnosticMode.enabled }} - args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 12 }} - {{- else if .Values.replica.args }} - args: {{- include "common.tplvalues.render" (dict "value" .Values.replica.args "context" $) | nindent 12 }} - {{- else }} - args: - - -c - - /opt/bitnami/scripts/start-scripts/start-node.sh - {{- end }} - env: - - name: BITNAMI_DEBUG - value: {{ ternary "true" "false" (or .Values.image.debug .Values.diagnosticMode.enabled) | quote }} - - name: REDIS_MASTER_PORT_NUMBER - value: {{ .Values.replica.containerPorts.redis | quote }} - - name: ALLOW_EMPTY_PASSWORD - value: {{ ternary "no" "yes" .Values.auth.enabled | quote }} - {{- if .Values.auth.enabled }} - {{- if .Values.auth.usePasswordFiles }} - - name: REDIS_PASSWORD_FILE - value: "/opt/bitnami/redis/secrets/redis-password" - - name: REDIS_MASTER_PASSWORD_FILE - value: "/opt/bitnami/redis/secrets/redis-password" - {{- else }} - - name: REDIS_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "redis.secretName" . }} - key: {{ template "redis.secretPasswordKey" . }} - - name: REDIS_MASTER_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "redis.secretName" . }} - key: {{ template "redis.secretPasswordKey" . }} - {{- end }} - {{- end }} - - name: REDIS_TLS_ENABLED - value: {{ ternary "yes" "no" .Values.tls.enabled | quote }} - {{- if .Values.tls.enabled }} - - name: REDIS_TLS_PORT - value: {{ .Values.replica.containerPorts.redis | quote }} - - name: REDIS_TLS_AUTH_CLIENTS - value: {{ ternary "yes" "no" .Values.tls.authClients | quote }} - - name: REDIS_TLS_CERT_FILE - value: {{ template "redis.tlsCert" . }} - - name: REDIS_TLS_KEY_FILE - value: {{ template "redis.tlsCertKey" . }} - - name: REDIS_TLS_CA_FILE - value: {{ template "redis.tlsCACert" . }} - {{- if .Values.tls.dhParamsFilename }} - - name: REDIS_TLS_DH_PARAMS_FILE - value: {{ template "redis.tlsDHParams" . }} - {{- end }} - {{- else }} - - name: REDIS_PORT - value: {{ .Values.replica.containerPorts.redis | quote }} - {{- end }} - - name: REDIS_SENTINEL_TLS_ENABLED - value: {{ ternary "yes" "no" .Values.tls.enabled | quote }} - {{- if .Values.tls.enabled }} - - name: REDIS_SENTINEL_TLS_PORT_NUMBER - value: {{ .Values.sentinel.containerPorts.sentinel | quote }} - - name: REDIS_SENTINEL_TLS_AUTH_CLIENTS - value: {{ ternary "yes" "no" .Values.tls.authClients | quote }} - - name: REDIS_SENTINEL_TLS_CERT_FILE - value: {{ template "redis.tlsCert" . }} - - name: REDIS_SENTINEL_TLS_KEY_FILE - value: {{ template "redis.tlsCertKey" . }} - - name: REDIS_SENTINEL_TLS_CA_FILE - value: {{ template "redis.tlsCACert" . }} - {{- if .Values.tls.dhParamsFilename }} - - name: REDIS_SENTINEL_TLS_DH_PARAMS_FILE - value: {{ template "redis.tlsDHParams" . }} - {{- end }} - {{- else }} - - name: REDIS_SENTINEL_PORT - value: {{ .Values.sentinel.containerPorts.sentinel | quote }} - {{- end }} - - name: REDIS_DATA_DIR - value: {{ .Values.replica.persistence.path }} - {{- if .Values.replica.externalMaster.enabled }} - - name: REDIS_EXTERNAL_MASTER_HOST - value: {{ .Values.replica.externalMaster.host | quote }} - - name: REDIS_EXTERNAL_MASTER_PORT - value: {{ .Values.replica.externalMaster.port | quote }} - {{- end }} - {{- if .Values.replica.extraEnvVars }} - {{- include "common.tplvalues.render" ( dict "value" .Values.replica.extraEnvVars "context" $ ) | nindent 12 }} - {{- end }} - {{- if or .Values.replica.extraEnvVarsCM .Values.replica.extraEnvVarsSecret }} - envFrom: - {{- if .Values.replica.extraEnvVarsCM }} - - configMapRef: - name: {{ .Values.replica.extraEnvVarsCM }} - {{- end }} - {{- if .Values.replica.extraEnvVarsSecret }} - - secretRef: - name: {{ .Values.replica.extraEnvVarsSecret }} - {{- end }} - {{- end }} - ports: - - name: redis - containerPort: {{ .Values.replica.containerPorts.redis }} - {{- if not .Values.diagnosticMode.enabled }} - {{- if .Values.replica.customStartupProbe }} - startupProbe: {{- include "common.tplvalues.render" (dict "value" .Values.replica.customStartupProbe "context" $) | nindent 12 }} - {{- else if .Values.replica.startupProbe.enabled }} - startupProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.replica.startupProbe "enabled") "context" $) | nindent 12 }} - exec: - command: - - sh - - -c - - /health/ping_liveness_local.sh {{ .Values.replica.livenessProbe.timeoutSeconds }} - {{- end }} - {{- if .Values.replica.customLivenessProbe }} - livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.replica.customLivenessProbe "context" $) | nindent 12 }} - {{- else if .Values.replica.livenessProbe.enabled }} - livenessProbe: - initialDelaySeconds: {{ .Values.replica.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.replica.livenessProbe.periodSeconds }} - timeoutSeconds: {{ .Values.replica.livenessProbe.timeoutSeconds }} - successThreshold: {{ .Values.replica.livenessProbe.successThreshold }} - failureThreshold: {{ .Values.replica.livenessProbe.failureThreshold }} - exec: - command: - - sh - - -c - - /health/ping_liveness_local.sh {{ .Values.replica.livenessProbe.timeoutSeconds }} - {{- end }} - {{- if .Values.replica.customReadinessProbe }} - readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.replica.customReadinessProbe "context" $) | nindent 12 }} - {{- else if .Values.replica.readinessProbe.enabled }} - readinessProbe: - initialDelaySeconds: {{ .Values.replica.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.replica.readinessProbe.periodSeconds }} - timeoutSeconds: {{ .Values.replica.readinessProbe.timeoutSeconds }} - successThreshold: {{ .Values.replica.readinessProbe.successThreshold }} - failureThreshold: {{ .Values.replica.readinessProbe.failureThreshold }} - exec: - command: - - sh - - -c - - /health/ping_readiness_local.sh {{ .Values.replica.readinessProbe.timeoutSeconds }} - {{- end }} - {{- end }} - {{- if .Values.replica.resources }} - resources: {{- toYaml .Values.replica.resources | nindent 12 }} - {{- else if ne .Values.replica.resourcesPreset "none" }} - resources: {{- include "common.resources.preset" (dict "type" .Values.replica.resourcesPreset) | nindent 12 }} - {{- end }} - volumeMounts: - - name: start-scripts - mountPath: /opt/bitnami/scripts/start-scripts - - name: health - mountPath: /health - - name: sentinel-data - mountPath: /opt/bitnami/redis-sentinel/etc - {{- if .Values.auth.usePasswordFiles }} - - name: redis-password - mountPath: /opt/bitnami/redis/secrets/ - {{- end }} - - name: redis-data - mountPath: {{ .Values.replica.persistence.path }} - {{- if .Values.replica.persistence.subPath }} - subPath: {{ .Values.replica.persistence.subPath }} - {{- else if .Values.replica.persistence.subPathExpr }} - subPathExpr: {{ .Values.replica.persistence.subPathExpr }} - {{- end }} - - name: config - mountPath: /opt/bitnami/redis/mounted-etc - - name: empty-dir - mountPath: /opt/bitnami/redis/etc - subPath: app-conf-dir - - name: empty-dir - mountPath: /tmp - subPath: tmp-dir - {{- if .Values.tls.enabled }} - - name: redis-certificates - mountPath: /opt/bitnami/redis/certs - readOnly: true - {{- end }} - {{- if .Values.replica.extraVolumeMounts }} - {{- include "common.tplvalues.render" ( dict "value" .Values.replica.extraVolumeMounts "context" $ ) | nindent 12 }} - {{- end }} - - name: sentinel - image: {{ template "redis.sentinel.image" . }} - imagePullPolicy: {{ .Values.sentinel.image.pullPolicy | quote }} - {{- if not .Values.diagnosticMode.enabled }} - {{- if .Values.sentinel.lifecycleHooks }} - lifecycle: {{- include "common.tplvalues.render" (dict "value" .Values.sentinel.lifecycleHooks "context" $) | nindent 12 }} - {{- else }} - lifecycle: - preStop: - exec: - command: - - /bin/bash - - -c - - /opt/bitnami/scripts/start-scripts/prestop-sentinel.sh - {{- end }} - {{- end }} - {{- if .Values.sentinel.containerSecurityContext.enabled }} - securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.sentinel.containerSecurityContext "context" $) | nindent 12 }} - {{- end }} - {{- if .Values.diagnosticMode.enabled }} - command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }} - {{- else if .Values.sentinel.command }} - command: {{- include "common.tplvalues.render" (dict "value" .Values.sentinel.command "context" $) | nindent 12 }} - {{- else }} - command: - - /bin/bash - {{- end }} - {{- if .Values.diagnosticMode.enabled }} - args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 12 }} - {{- else if .Values.sentinel.args }} - args: {{- include "common.tplvalues.render" (dict "value" .Values.sentinel.args "context" $) | nindent 12 }} - {{- else }} - args: - - -c - - /opt/bitnami/scripts/start-scripts/start-sentinel.sh - {{- end }} - env: - - name: BITNAMI_DEBUG - value: {{ ternary "true" "false" (or .Values.sentinel.image.debug .Values.diagnosticMode.enabled) | quote }} - {{- if .Values.auth.enabled }} - {{- if .Values.auth.usePasswordFiles }} - - name: REDIS_PASSWORD_FILE - value: "/opt/bitnami/redis/secrets/redis-password" - {{- else }} - - name: REDIS_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "redis.secretName" . }} - key: {{ template "redis.secretPasswordKey" . }} - {{- end }} - {{- else }} - - name: ALLOW_EMPTY_PASSWORD - value: "yes" - {{- end }} - - name: REDIS_SENTINEL_TLS_ENABLED - value: {{ ternary "yes" "no" .Values.tls.enabled | quote }} - {{- if .Values.tls.enabled }} - - name: REDIS_SENTINEL_TLS_PORT_NUMBER - value: {{ .Values.sentinel.containerPorts.sentinel | quote }} - - name: REDIS_SENTINEL_TLS_AUTH_CLIENTS - value: {{ ternary "yes" "no" .Values.tls.authClients | quote }} - - name: REDIS_SENTINEL_TLS_CERT_FILE - value: {{ template "redis.tlsCert" . }} - - name: REDIS_SENTINEL_TLS_KEY_FILE - value: {{ template "redis.tlsCertKey" . }} - - name: REDIS_SENTINEL_TLS_CA_FILE - value: {{ template "redis.tlsCACert" . }} - {{- if .Values.tls.dhParamsFilename }} - - name: REDIS_SENTINEL_TLS_DH_PARAMS_FILE - value: {{ template "redis.tlsDHParams" . }} - {{- end }} - {{- else }} - - name: REDIS_SENTINEL_PORT - value: {{ .Values.sentinel.containerPorts.sentinel | quote }} - {{- end }} - {{- if .Values.sentinel.externalMaster.enabled }} - - name: REDIS_EXTERNAL_MASTER_HOST - value: {{ .Values.sentinel.externalMaster.host | quote }} - - name: REDIS_EXTERNAL_MASTER_PORT - value: {{ .Values.sentinel.externalMaster.port | quote }} - {{- end }} - {{- if .Values.sentinel.extraEnvVars }} - {{- include "common.tplvalues.render" ( dict "value" .Values.sentinel.extraEnvVars "context" $ ) | nindent 12 }} - {{- end }} - {{- if or .Values.sentinel.extraEnvVarsCM .Values.sentinel.extraEnvVarsSecret }} - envFrom: - {{- if .Values.sentinel.extraEnvVarsCM }} - - configMapRef: - name: {{ .Values.sentinel.extraEnvVarsCM }} - {{- end }} - {{- if .Values.sentinel.extraEnvVarsSecret }} - - secretRef: - name: {{ .Values.sentinel.extraEnvVarsSecret }} - {{- end }} - {{- end }} - ports: - - name: redis-sentinel - containerPort: {{ .Values.sentinel.containerPorts.sentinel }} - {{- if not .Values.diagnosticMode.enabled }} - {{- if .Values.sentinel.customStartupProbe }} - startupProbe: {{- include "common.tplvalues.render" (dict "value" .Values.sentinel.customStartupProbe "context" $) | nindent 12 }} - {{- else if .Values.sentinel.startupProbe.enabled }} - startupProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.sentinel.startupProbe "enabled") "context" $) | nindent 12 }} - exec: - command: - - sh - - -c - - /health/ping_sentinel.sh {{ .Values.sentinel.livenessProbe.timeoutSeconds }} - {{- end }} - {{- if .Values.sentinel.customLivenessProbe }} - livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.sentinel.customLivenessProbe "context" $) | nindent 12 }} - {{- else if .Values.sentinel.livenessProbe.enabled }} - livenessProbe: - initialDelaySeconds: {{ .Values.sentinel.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.sentinel.livenessProbe.periodSeconds }} - timeoutSeconds: {{ .Values.sentinel.livenessProbe.timeoutSeconds }} - successThreshold: {{ .Values.sentinel.livenessProbe.successThreshold }} - failureThreshold: {{ .Values.sentinel.livenessProbe.failureThreshold }} - exec: - command: - - sh - - -c - - /health/ping_sentinel.sh {{ .Values.sentinel.livenessProbe.timeoutSeconds }} - {{- end }} - {{- end }} - {{- if not .Values.diagnosticMode.enabled }} - {{- if .Values.sentinel.customReadinessProbe }} - readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.sentinel.customReadinessProbe "context" $) | nindent 12 }} - {{- else if .Values.sentinel.readinessProbe.enabled }} - readinessProbe: - initialDelaySeconds: {{ .Values.sentinel.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.sentinel.readinessProbe.periodSeconds }} - timeoutSeconds: {{ .Values.sentinel.readinessProbe.timeoutSeconds }} - successThreshold: {{ .Values.sentinel.readinessProbe.successThreshold }} - failureThreshold: {{ .Values.sentinel.readinessProbe.failureThreshold }} - exec: - command: - - sh - - -c - - /health/ping_sentinel.sh {{ .Values.sentinel.readinessProbe.timeoutSeconds }} - {{- end }} - {{- end }} - {{- if .Values.sentinel.resources }} - resources: {{- toYaml .Values.sentinel.resources | nindent 12 }} - {{- else if ne .Values.sentinel.resourcesPreset "none" }} - resources: {{- include "common.resources.preset" (dict "type" .Values.sentinel.resourcesPreset) | nindent 12 }} - {{- end }} - volumeMounts: - - name: empty-dir - mountPath: /tmp - subPath: tmp-dir - - name: start-scripts - mountPath: /opt/bitnami/scripts/start-scripts - - name: health - mountPath: /health - {{- if or .Values.sentinel.masterService.enabled .Values.sentinel.service.createMaster}} - - name: kubectl-shared - mountPath: /etc/shared - {{- end }} - - name: sentinel-data - mountPath: /opt/bitnami/redis-sentinel/etc - {{- if .Values.auth.usePasswordFiles }} - - name: redis-password - mountPath: /opt/bitnami/redis/secrets/ - {{- end }} - - name: redis-data - mountPath: {{ .Values.replica.persistence.path }} - {{- if .Values.replica.persistence.subPath }} - subPath: {{ .Values.replica.persistence.subPath }} - {{- else if .Values.replica.persistence.subPathExpr }} - subPathExpr: {{ .Values.replica.persistence.subPathExpr }} - {{- end }} - - name: config - mountPath: /opt/bitnami/redis-sentinel/mounted-etc - {{- if .Values.tls.enabled }} - - name: redis-certificates - mountPath: /opt/bitnami/redis/certs - readOnly: true - {{- end }} - {{- if .Values.sentinel.extraVolumeMounts }} - {{- include "common.tplvalues.render" ( dict "value" .Values.sentinel.extraVolumeMounts "context" $ ) | nindent 12 }} - {{- end }} - {{- if .Values.metrics.enabled }} - - name: metrics - image: {{ template "redis.metrics.image" . }} - imagePullPolicy: {{ .Values.metrics.image.pullPolicy | quote }} - {{- if .Values.metrics.containerSecurityContext.enabled }} - securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.metrics.containerSecurityContext "context" $) | nindent 12 }} - {{- end }} - {{- if .Values.diagnosticMode.enabled }} - command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }} - {{- else }} - command: - - /bin/bash - - -c - - | - if [[ -f '/secrets/redis-password' ]]; then - export REDIS_PASSWORD=$(cat /secrets/redis-password) - fi - redis_exporter{{- range $key, $value := .Values.metrics.extraArgs }} --{{ $key }}={{ $value }}{{- end }} - {{- end }} - {{- if .Values.diagnosticMode.enabled }} - args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 12 }} - {{- end }} - env: - - name: REDIS_ALIAS - value: {{ template "common.names.fullname" . }} - - name: REDIS_EXPORTER_WEB_LISTEN_ADDRESS - value: {{ printf ":%v" .Values.metrics.containerPorts.http }} - {{- if .Values.auth.enabled }} - - name: REDIS_USER - value: default - {{- if (not .Values.auth.usePasswordFiles) }} - - name: REDIS_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "redis.secretName" . }} - key: {{ template "redis.secretPasswordKey" . }} - {{- end }} - {{- end }} - {{- if .Values.tls.enabled }} - - name: REDIS_ADDR - value: rediss://{{ .Values.metrics.redisTargetHost }}:{{ .Values.replica.containerPorts.redis }} - {{- if .Values.tls.authClients }} - - name: REDIS_EXPORTER_TLS_CLIENT_KEY_FILE - value: {{ template "redis.tlsCertKey" . }} - - name: REDIS_EXPORTER_TLS_CLIENT_CERT_FILE - value: {{ template "redis.tlsCert" . }} - {{- end }} - - name: REDIS_EXPORTER_TLS_CA_CERT_FILE - value: {{ template "redis.tlsCACert" . }} - {{- end }} - {{- if .Values.metrics.extraEnvVars }} - {{- include "common.tplvalues.render" (dict "value" .Values.metrics.extraEnvVars "context" $) | nindent 12 }} - {{- end }} - ports: - - name: metrics - containerPort: {{ .Values.metrics.containerPorts.http }} - {{- if not .Values.diagnosticMode.enabled }} - {{- if .Values.metrics.customStartupProbe }} - startupProbe: {{- include "common.tplvalues.render" (dict "value" .Values.metrics.customStartupProbe "context" $) | nindent 12 }} - {{- else if .Values.metrics.startupProbe.enabled }} - startupProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.metrics.startupProbe "enabled") "context" $) | nindent 12 }} - tcpSocket: - port: metrics - {{- end }} - {{- if .Values.metrics.customLivenessProbe }} - livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.metrics.customLivenessProbe "context" $) | nindent 12 }} - {{- else if .Values.metrics.livenessProbe.enabled }} - livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.metrics.livenessProbe "enabled") "context" $) | nindent 12 }} - tcpSocket: - port: metrics - {{- end }} - {{- if .Values.metrics.customReadinessProbe }} - readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.metrics.customReadinessProbe "context" $) | nindent 12 }} - {{- else if .Values.metrics.readinessProbe.enabled }} - readinessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.metrics.readinessProbe "enabled") "context" $) | nindent 12 }} - httpGet: - path: / - port: metrics - {{- end }} - {{- end }} - {{- if .Values.metrics.resources }} - resources: {{- toYaml .Values.metrics.resources | nindent 12 }} - {{- else if ne .Values.metrics.resourcesPreset "none" }} - resources: {{- include "common.resources.preset" (dict "type" .Values.metrics.resourcesPreset) | nindent 12 }} - {{- end }} - volumeMounts: - - name: empty-dir - mountPath: /tmp - subPath: tmp-dir - {{- if .Values.auth.usePasswordFiles }} - - name: redis-password - mountPath: /secrets/ - {{- end }} - {{- if .Values.tls.enabled }} - - name: redis-certificates - mountPath: /opt/bitnami/redis/certs - readOnly: true - {{- end }} - {{- if .Values.metrics.extraVolumeMounts }} - {{- include "common.tplvalues.render" ( dict "value" .Values.metrics.extraVolumeMounts "context" $ ) | nindent 12 }} - {{- end }} - {{- end }} - {{- if or .Values.sentinel.masterService.enabled .Values.sentinel.service.createMaster }} - - name: kubectl-shared - image: {{ template "redis.kubectl.image" . }} - imagePullPolicy: {{ .Values.kubectl.image.pullPolicy | quote }} - command: {{- toYaml .Values.kubectl.command | nindent 12 }} - {{- if .Values.kubectl.containerSecurityContext.enabled }} - securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.kubectl.containerSecurityContext "context" $) | nindent 12 }} - {{- end }} - volumeMounts: - - name: kubectl-shared - mountPath: /etc/shared - - name: kubectl-scripts - mountPath: /opt/bitnami/scripts/kubectl-scripts - {{- if .Values.kubectl.resources }} - resources: {{- toYaml .Values.kubectl.resources | nindent 12 }} - {{- end }} - {{- end }} - {{- if .Values.replica.sidecars }} - {{- include "common.tplvalues.render" (dict "value" .Values.replica.sidecars "context" $) | nindent 8 }} - {{- end }} - {{- $needsVolumePermissions := and .Values.volumePermissions.enabled .Values.replica.persistence.enabled .Values.replica.podSecurityContext.enabled .Values.replica.containerSecurityContext.enabled }} - {{- if or .Values.replica.initContainers $needsVolumePermissions .Values.sysctl.enabled }} - initContainers: - {{- if .Values.replica.initContainers }} - {{- include "common.tplvalues.render" (dict "value" .Values.replica.initContainers "context" $) | nindent 8 }} - {{- end }} - {{- if $needsVolumePermissions }} - - name: volume-permissions - image: {{ include "redis.volumePermissions.image" . }} - imagePullPolicy: {{ .Values.volumePermissions.image.pullPolicy | quote }} - command: - - /bin/bash - - -ec - - | - {{- if eq ( toString ( .Values.volumePermissions.containerSecurityContext.runAsUser )) "auto" }} - chown -R `id -u`:`id -G | cut -d " " -f2` {{ .Values.replica.persistence.path }} - {{- else }} - chown -R {{ .Values.replica.containerSecurityContext.runAsUser }}:{{ .Values.replica.podSecurityContext.fsGroup }} {{ .Values.replica.persistence.path }} - {{- end }} - {{- if eq ( toString ( .Values.volumePermissions.containerSecurityContext.runAsUser )) "auto" }} - securityContext: {{- omit .Values.volumePermissions.containerSecurityContext "runAsUser" | toYaml | nindent 12 }} - {{- else }} - securityContext: {{- .Values.volumePermissions.containerSecurityContext | toYaml | nindent 12 }} - {{- end }} - {{- if .Values.volumePermissions.resources }} - resources: {{- toYaml .Values.volumePermissions.resources | nindent 12 }} - {{- else if ne .Values.volumePermissions.resourcesPreset "none" }} - resources: {{- include "common.resources.preset" (dict "type" .Values.volumePermissions.resourcesPreset) | nindent 12 }} - {{- end }} - volumeMounts: - - name: empty-dir - mountPath: /tmp - subPath: tmp-dir - - name: redis-data - mountPath: {{ .Values.replica.persistence.path }} - {{- if .Values.replica.persistence.subPath }} - subPath: {{ .Values.replica.persistence.subPath }} - {{- else if .Values.replica.persistence.subPathExpr }} - subPathExpr: {{ .Values.replica.persistence.subPathExpr }} - {{- end }} - {{- end }} - {{- if .Values.sysctl.enabled }} - - name: init-sysctl - image: {{ include "redis.sysctl.image" . }} - imagePullPolicy: {{ default "" .Values.sysctl.image.pullPolicy | quote }} - securityContext: - privileged: true - runAsUser: 0 - {{- if .Values.sysctl.command }} - command: {{- include "common.tplvalues.render" (dict "value" .Values.sysctl.command "context" $) | nindent 12 }} - {{- end }} - {{- if .Values.sysctl.resources }} - resources: {{- toYaml .Values.sysctl.resources | nindent 12 }} - {{- else if ne .Values.sysctl.resourcesPreset "none" }} - resources: {{- include "common.resources.preset" (dict "type" .Values.sysctl.resourcesPreset) | nindent 12 }} - {{- end }} - {{- if .Values.sysctl.mountHostSys }} - volumeMounts: - - name: empty-dir - mountPath: /tmp - subPath: tmp-dir - - name: host-sys - mountPath: /host-sys - {{- end }} - {{- end }} - {{- end }} - volumes: - - name: start-scripts - configMap: - name: {{ printf "%s-scripts" (include "common.names.fullname" .) }} - defaultMode: 0755 - - name: health - configMap: - name: {{ printf "%s-health" (include "common.names.fullname" .) }} - defaultMode: 0755 - {{- if or .Values.sentinel.masterService.enabled .Values.sentinel.service.createMaster}} - - name: kubectl-shared - emptyDir: {} - - name: kubectl-scripts - configMap: - name: {{ printf "%s-kubectl-scripts" (include "common.names.fullname" .) }} - defaultMode: 0755 - {{- end }} - {{- if .Values.auth.usePasswordFiles }} - - name: redis-password - {{ if .Values.auth.usePasswordFileFromSecret }} - secret: - secretName: {{ template "redis.secretName" . }} - items: - - key: {{ template "redis.secretPasswordKey" . }} - path: redis-password - {{- else }} - emptyDir: {} - {{- end }} - {{- end }} - - name: config - configMap: - name: {{ include "redis.configmapName" . }} - {{- if .Values.sysctl.mountHostSys }} - - name: host-sys - hostPath: - path: /sys - {{- end }} - {{- if not .Values.sentinel.persistence.enabled }} - - name: sentinel-data - {{- if or .Values.sentinel.persistence.medium .Values.sentinel.persistence.sizeLimit }} - emptyDir: - {{- if .Values.sentinel.persistence.medium }} - medium: {{ .Values.sentinel.persistence.medium | quote }} - {{- end }} - {{- if .Values.sentinel.persistence.sizeLimit }} - sizeLimit: {{ .Values.sentinel.persistence.sizeLimit | quote }} - {{- end }} - {{- else }} - emptyDir: {} - {{- end }} - {{- end }} - - name: empty-dir - {{- if or .Values.sentinel.persistence.medium .Values.sentinel.persistence.sizeLimit }} - emptyDir: - {{- if .Values.sentinel.persistence.medium }} - medium: {{ .Values.sentinel.persistence.medium | quote }} - {{- end }} - {{- if .Values.sentinel.persistence.sizeLimit }} - sizeLimit: {{ .Values.sentinel.persistence.sizeLimit | quote }} - {{- end }} - {{- else }} - emptyDir: {} - {{- end }} - {{- if .Values.replica.extraVolumes }} - {{- include "common.tplvalues.render" ( dict "value" .Values.replica.extraVolumes "context" $ ) | nindent 8 }} - {{- end }} - {{- if .Values.metrics.extraVolumes }} - {{- include "common.tplvalues.render" ( dict "value" .Values.metrics.extraVolumes "context" $ ) | nindent 8 }} - {{- end }} - {{- if .Values.sentinel.extraVolumes }} - {{- include "common.tplvalues.render" ( dict "value" .Values.sentinel.extraVolumes "context" $ ) | nindent 8 }} - {{- end }} - {{- if .Values.tls.enabled }} - - name: redis-certificates - secret: - secretName: {{ include "redis.tlsSecretName" . }} - defaultMode: 256 - {{- end }} - {{- if not .Values.replica.persistence.enabled }} - - name: redis-data - {{- if or .Values.replica.persistence.medium .Values.replica.persistence.sizeLimit }} - emptyDir: - {{- if .Values.replica.persistence.medium }} - medium: {{ .Values.replica.persistence.medium | quote }} - {{- end }} - {{- if .Values.replica.persistence.sizeLimit }} - sizeLimit: {{ .Values.replica.persistence.sizeLimit | quote }} - {{- end }} - {{- else }} - emptyDir: {} - {{- end }} - {{- else if .Values.replica.persistence.existingClaim }} - - name: redis-data - persistentVolumeClaim: - claimName: {{ printf "%s" (tpl .Values.replica.persistence.existingClaim .) }} - {{- else }} - {{- if .Values.sentinel.persistentVolumeClaimRetentionPolicy.enabled }} - persistentVolumeClaimRetentionPolicy: - whenDeleted: {{ .Values.sentinel.persistentVolumeClaimRetentionPolicy.whenDeleted }} - whenScaled: {{ .Values.sentinel.persistentVolumeClaimRetentionPolicy.whenScaled }} - {{- end }} - volumeClaimTemplates: - - apiVersion: v1 - kind: PersistentVolumeClaim - metadata: - name: redis-data - labels: {{- include "common.labels.matchLabels" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 10 }} - app.kubernetes.io/component: node - {{- if .Values.replica.persistence.annotations }} - annotations: {{- toYaml .Values.replica.persistence.annotations | nindent 10 }} - {{- end }} - spec: - accessModes: - {{- range .Values.replica.persistence.accessModes }} - - {{ . | quote }} - {{- end }} - resources: - requests: - storage: {{ .Values.replica.persistence.size | quote }} - {{- if .Values.replica.persistence.selector }} - selector: {{- include "common.tplvalues.render" ( dict "value" .Values.replica.persistence.selector "context" $) | nindent 10 }} - {{- end }} - {{- include "common.storage.class" (dict "persistence" .Values.replica.persistence "global" .Values.global) | nindent 8 }} - {{- if .Values.sentinel.persistence.enabled }} - - metadata: - name: sentinel-data - {{- $claimLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.sentinel.persistence.labels .Values.commonLabels ) "context" . ) }} - labels: {{- include "common.labels.matchLabels" ( dict "customLabels" $claimLabels "context" $ ) | nindent 10 }} - app.kubernetes.io/component: node - {{- if .Values.sentinel.persistence.annotations }} - annotations: {{- toYaml .Values.sentinel.persistence.annotations | nindent 10 }} - {{- end }} - spec: - accessModes: - {{- range .Values.sentinel.persistence.accessModes }} - - {{ . | quote }} - {{- end }} - resources: - requests: - storage: {{ .Values.sentinel.persistence.size | quote }} - {{- if .Values.sentinel.persistence.selector }} - selector: {{- include "common.tplvalues.render" ( dict "value" .Values.sentinel.persistence.selector "context" $) | nindent 10 }} - {{- end }} - {{- if .Values.sentinel.persistence.dataSource }} - dataSource: {{- include "common.tplvalues.render" (dict "value" .Values.sentinel.persistence.dataSource "context" $) | nindent 10 }} - {{- end }} - {{- include "common.storage.class" (dict "persistence" .Values.sentinel.persistence "global" .Values.global) | nindent 8 }} - {{- end }} - {{- end }} -{{- end }} -{{- end }} diff --git a/charts/redis/redis/templates/serviceaccount.yaml b/charts/redis/redis/templates/serviceaccount.yaml deleted file mode 100644 index 0b7d39d..0000000 --- a/charts/redis/redis/templates/serviceaccount.yaml +++ /dev/null @@ -1,18 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if and .Values.serviceAccount.create .Values.sentinel.enabled }} -apiVersion: v1 -kind: ServiceAccount -automountServiceAccountToken: {{ .Values.serviceAccount.automountServiceAccountToken }} -metadata: - name: {{ template "redis.serviceAccountName" . }} - namespace: {{ include "common.names.namespace" . | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- if or .Values.commonAnnotations .Values.serviceAccount.annotations }} - {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.serviceAccount.annotations .Values.commonAnnotations ) "context" . ) }} - annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} - {{- end }} -{{- end }} diff --git a/charts/redis/redis/templates/servicemonitor.yaml b/charts/redis/redis/templates/servicemonitor.yaml deleted file mode 100644 index e5ffd90..0000000 --- a/charts/redis/redis/templates/servicemonitor.yaml +++ /dev/null @@ -1,82 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if and .Values.metrics.enabled .Values.metrics.serviceMonitor.enabled }} -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: {{ template "common.names.fullname" . }} - namespace: {{ default (include "common.names.namespace" .) .Values.metrics.serviceMonitor.namespace | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- if .Values.metrics.serviceMonitor.additionalLabels }} - {{- include "common.tplvalues.render" (dict "value" .Values.metrics.serviceMonitor.additionalLabels "context" $) | nindent 4 }} - {{- end }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -spec: - endpoints: - - port: {{ .Values.metrics.serviceMonitor.port }} - {{- if .Values.metrics.serviceMonitor.interval }} - interval: {{ .Values.metrics.serviceMonitor.interval }} - {{- end }} - {{- if .Values.metrics.serviceMonitor.scrapeTimeout }} - scrapeTimeout: {{ .Values.metrics.serviceMonitor.scrapeTimeout }} - {{- end }} - {{- if .Values.metrics.serviceMonitor.honorLabels }} - honorLabels: {{ .Values.metrics.serviceMonitor.honorLabels }} - {{- end }} - {{- with concat .Values.metrics.serviceMonitor.relabelings .Values.metrics.serviceMonitor.relabellings }} - relabelings: {{- toYaml . | nindent 6 }} - {{- end }} - {{- if .Values.metrics.serviceMonitor.metricRelabelings }} - metricRelabelings: {{- toYaml .Values.metrics.serviceMonitor.metricRelabelings | nindent 6 }} - {{- end }} - {{- range .Values.metrics.serviceMonitor.additionalEndpoints }} - - port: {{ .port }} - {{- if .interval }} - interval: {{ .interval }} - {{- end }} - {{- if .scrapeTimeout }} - scrapeTimeout: {{ .scrapeTimeout }} - {{- end }} - {{- if .honorLabels }} - honorLabels: {{ .honorLabels }} - {{- end }} - {{- with concat .Values.metrics.serviceMonitor.relabelings .Values.metrics.serviceMonitor.relabellings }} - relabelings: {{- toYaml . | nindent 6 }} - {{- end }} - {{- if .metricRelabelings }} - metricRelabelings: {{- toYaml .metricRelabelings | nindent 6 }} - {{- end }} - {{- if .path }} - path: {{ .path }} - {{- end }} - {{- if .params }} - params: - {{- range $key, $value := .params }} - {{ $key }}: - {{- range $value }} - - {{ . | quote }} - {{- end }} - {{- end }} - {{- end }} - {{- end }} - {{- if .Values.metrics.serviceMonitor.podTargetLabels }} - podTargetLabels: {{- toYaml .Values.metrics.serviceMonitor.podTargetLabels | nindent 4 }} - {{- end }} - {{- with .Values.metrics.serviceMonitor.sampleLimit }} - sampleLimit: {{ . }} - {{- end }} - {{- with .Values.metrics.serviceMonitor.targetLimit }} - targetLimit: {{ . }} - {{- end }} - namespaceSelector: - matchNames: - - {{ include "common.names.namespace" . | quote }} - selector: - matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 6 }} - app.kubernetes.io/component: metrics -{{- end }} diff --git a/charts/redis/redis/templates/tls-secret.yaml b/charts/redis/redis/templates/tls-secret.yaml deleted file mode 100644 index aa1c1a7..0000000 --- a/charts/redis/redis/templates/tls-secret.yaml +++ /dev/null @@ -1,31 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -{{- if (include "redis.createTlsSecret" .) }} -{{- $secretName := printf "%s-crt" (include "common.names.fullname" .) }} -{{- $ca := genCA "redis-ca" 365 }} -{{- $releaseNamespace := (include "common.names.namespace" .) }} -{{- $clusterDomain := .Values.clusterDomain }} -{{- $fullname := include "common.names.fullname" . }} -{{- $serviceName := include "common.names.fullname" . }} -{{- $headlessServiceName := printf "%s-headless" (include "common.names.fullname" .) }} -{{- $masterServiceName := printf "%s-master" (include "common.names.fullname" .) }} -{{- $altNames := list (printf "*.%s.%s.svc.%s" $serviceName $releaseNamespace $clusterDomain) (printf "%s.%s.svc.%s" $masterServiceName $releaseNamespace $clusterDomain) (printf "*.%s.%s.svc.%s" $masterServiceName $releaseNamespace $clusterDomain) (printf "*.%s.%s.svc.%s" $headlessServiceName $releaseNamespace $clusterDomain) (printf "%s.%s.svc.%s" $headlessServiceName $releaseNamespace $clusterDomain) "127.0.0.1" "localhost" $fullname }} -{{- $cert := genSignedCert $fullname nil $altNames 365 $ca }} -apiVersion: v1 -kind: Secret -metadata: - name: {{ $secretName }} - namespace: {{ include "common.names.namespace" . | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -type: kubernetes.io/tls -data: - tls.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.crt" "defaultValue" $cert.Cert "context" $) }} - tls.key: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.key" "defaultValue" $cert.Key "context" $) }} - ca.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "ca.crt" "defaultValue" $ca.Cert "context" $) }} -{{- end }} diff --git a/charts/redis/redis/values.schema.json b/charts/redis/redis/values.schema.json deleted file mode 100644 index e9feba6..0000000 --- a/charts/redis/redis/values.schema.json +++ /dev/null @@ -1,163 +0,0 @@ -{ - "$schema": "http://json-schema.org/schema#", - "type": "object", - "properties": { - "architecture": { - "type": "string", - "title": "Redis architecture", - "form": true, - "description": "Allowed values: `standalone` or `replication`", - "enum": ["standalone", "replication"] - }, - "auth": { - "type": "object", - "title": "Authentication configuration", - "form": true, - "properties": { - "enabled": { - "type": "boolean", - "form": true, - "title": "Use password authentication" - }, - "password": { - "type": "string", - "title": "Redis password", - "form": true, - "description": "Defaults to a random 10-character alphanumeric string if not set", - "hidden": { - "value": false, - "path": "auth/enabled" - } - } - } - }, - "master": { - "type": "object", - "title": "Master replicas settings", - "form": true, - "properties": { - "kind": { - "type": "string", - "title": "Workload Kind", - "form": true, - "description": "Allowed values: `Deployment`, `StatefulSet` or `DaemonSet`", - "enum": ["Deployment", "StatefulSet", "DaemonSet"] - }, - "persistence": { - "type": "object", - "title": "Persistence for master replicas", - "form": true, - "properties": { - "enabled": { - "type": "boolean", - "form": true, - "title": "Enable persistence", - "description": "Enable persistence using Persistent Volume Claims" - }, - "size": { - "type": "string", - "title": "Persistent Volume Size", - "form": true, - "render": "slider", - "sliderMin": 1, - "sliderMax": 100, - "sliderUnit": "Gi", - "hidden": { - "value": false, - "path": "master/persistence/enabled" - } - } - } - } - } - }, - "replica": { - "type": "object", - "title": "Redis replicas settings", - "form": true, - "hidden": { - "value": "standalone", - "path": "architecture" - }, - "properties": { - "kind": { - "type": "string", - "title": "Workload Kind", - "form": true, - "description": "Allowed values: `DaemonSet` or `StatefulSet`", - "enum": ["DaemonSet", "StatefulSet"] - }, - "replicaCount": { - "type": "integer", - "form": true, - "title": "Number of Redis replicas" - }, - "persistence": { - "type": "object", - "title": "Persistence for Redis replicas", - "form": true, - "properties": { - "enabled": { - "type": "boolean", - "form": true, - "title": "Enable persistence", - "description": "Enable persistence using Persistent Volume Claims" - }, - "size": { - "type": "string", - "title": "Persistent Volume Size", - "form": true, - "render": "slider", - "sliderMin": 1, - "sliderMax": 100, - "sliderUnit": "Gi", - "hidden": { - "value": false, - "path": "replica/persistence/enabled" - } - } - } - } - } - }, - "volumePermissions": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "form": true, - "title": "Enable Init Containers", - "description": "Use an init container to set required folder permissions on the data volume before mounting it in the final destination" - } - } - }, - "metrics": { - "type": "object", - "form": true, - "title": "Prometheus metrics details", - "properties": { - "enabled": { - "type": "boolean", - "title": "Create Prometheus metrics exporter", - "description": "Create a side-car container to expose Prometheus metrics", - "form": true - }, - "serviceMonitor": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "title": "Create Prometheus Operator ServiceMonitor", - "description": "Create a ServiceMonitor to track metrics using Prometheus Operator", - "form": true, - "hidden": { - "value": false, - "path": "metrics/enabled" - } - } - } - } - } - } - } -} diff --git a/charts/redis/redis/values.yaml b/charts/redis/redis/values.yaml deleted file mode 100644 index de2fc53..0000000 --- a/charts/redis/redis/values.yaml +++ /dev/null @@ -1,2237 +0,0 @@ -# Copyright Broadcom, Inc. All Rights Reserved. -# SPDX-License-Identifier: APACHE-2.0 - -## @section Global parameters -## Global Docker image parameters -## Please, note that this will override the image parameters, including dependencies, configured to use the global value -## Current available global Docker image parameters: imageRegistry, imagePullSecrets and storageClass -## - -## @param global.imageRegistry Global Docker image registry -## @param global.imagePullSecrets Global Docker registry secret names as an array -## @param global.defaultStorageClass Global default StorageClass for Persistent Volume(s) -## @param global.storageClass DEPRECATED: use global.defaultStorageClass instead -## @param global.redis.password Global Redis® password (overrides `auth.password`) -## -global: - imageRegistry: "" - ## E.g. - ## imagePullSecrets: - ## - myRegistryKeySecretName - ## - imagePullSecrets: [] - defaultStorageClass: "" - storageClass: "" - redis: - password: "" - ## Compatibility adaptations for Kubernetes platforms - ## - compatibility: - ## Compatibility adaptations for Openshift - ## - openshift: - ## @param global.compatibility.openshift.adaptSecurityContext Adapt the securityContext sections of the deployment to make them compatible with Openshift restricted-v2 SCC: remove runAsUser, runAsGroup and fsGroup and let the platform use their allowed default IDs. Possible values: auto (apply if the detected running cluster is Openshift), force (perform the adaptation always), disabled (do not perform adaptation) - ## - adaptSecurityContext: auto -## @section Common parameters -## - -## @param kubeVersion Override Kubernetes version -## -kubeVersion: "" -## @param nameOverride String to partially override common.names.fullname -## -nameOverride: "" -## @param fullnameOverride String to fully override common.names.fullname -## -fullnameOverride: "" -## @param namespaceOverride String to fully override common.names.namespace -## -namespaceOverride: "" -## @param commonLabels Labels to add to all deployed objects -## -commonLabels: {} -## @param commonAnnotations Annotations to add to all deployed objects -## -commonAnnotations: {} -## @param secretAnnotations Annotations to add to secret -## -secretAnnotations: {} -## @param clusterDomain Kubernetes cluster domain name -## -clusterDomain: cluster.local -## @param extraDeploy Array of extra objects to deploy with the release -## -extraDeploy: [] -## @param useHostnames Use hostnames internally when announcing replication. If false, the hostname will be resolved to an IP address -## -useHostnames: true -## @param nameResolutionThreshold Failure threshold for internal hostnames resolution -## -nameResolutionThreshold: 5 -## @param nameResolutionTimeout Timeout seconds between probes for internal hostnames resolution -## -nameResolutionTimeout: 5 -## Enable diagnostic mode in the deployment -## -diagnosticMode: - ## @param diagnosticMode.enabled Enable diagnostic mode (all probes will be disabled and the command will be overridden) - ## - enabled: false - ## @param diagnosticMode.command Command to override all containers in the deployment - ## - command: - - sleep - ## @param diagnosticMode.args Args to override all containers in the deployment - ## - args: - - infinity -## @section Redis® Image parameters -## - -## Bitnami Redis® image -## ref: https://hub.docker.com/r/bitnami/redis/tags/ -## @param image.registry [default: REGISTRY_NAME] Redis® image registry -## @param image.repository [default: REPOSITORY_NAME/redis] Redis® image repository -## @skip image.tag Redis® image tag (immutable tags are recommended) -## @param image.digest Redis® image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag -## @param image.pullPolicy Redis® image pull policy -## @param image.pullSecrets Redis® image pull secrets -## @param image.debug Enable image debug mode -## -image: - registry: docker.io - repository: bitnami/redis - tag: 7.4.0-debian-12-r0 - digest: "" - ## Specify a imagePullPolicy - ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' - ## ref: https://kubernetes.io/docs/concepts/containers/images/#pre-pulled-images - ## - pullPolicy: IfNotPresent - ## Optionally specify an array of imagePullSecrets. - ## Secrets must be manually created in the namespace. - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ - ## e.g: - ## pullSecrets: - ## - myRegistryKeySecretName - ## - pullSecrets: [] - ## Enable debug mode - ## - debug: false -## @section Redis® common configuration parameters -## https://github.com/bitnami/containers/tree/main/bitnami/redis#configuration -## - -## @param architecture Redis® architecture. Allowed values: `standalone` or `replication` -## -architecture: replication -## Redis® Authentication parameters -## ref: https://github.com/bitnami/containers/tree/main/bitnami/redis#setting-the-server-password-on-first-run -## -auth: - ## @param auth.enabled Enable password authentication - ## - enabled: true - ## @param auth.sentinel Enable password authentication on sentinels too - ## - sentinel: true - ## @param auth.password Redis® password - ## Defaults to a random 10-character alphanumeric string if not set - ## - password: "" - ## @param auth.existingSecret The name of an existing secret with Redis® credentials - ## NOTE: When it's set, the previous `auth.password` parameter is ignored - ## - existingSecret: "" - ## @param auth.existingSecretPasswordKey Password key to be retrieved from existing secret - ## NOTE: ignored unless `auth.existingSecret` parameter is set - ## - existingSecretPasswordKey: "" - ## @param auth.usePasswordFiles Mount credentials as files instead of using an environment variable - ## - usePasswordFiles: false - ## @param auth.usePasswordFileFromSecret Mount password file from secret - ## - usePasswordFileFromSecret: true -## @param commonConfiguration [string] Common configuration to be added into the ConfigMap -## ref: https://redis.io/topics/config -## -commonConfiguration: |- - # Enable AOF https://redis.io/topics/persistence#append-only-file - appendonly yes - # Disable RDB persistence, AOF persistence already enabled. - save "" -## @param existingConfigmap The name of an existing ConfigMap with your custom configuration for Redis® nodes -## -existingConfigmap: "" -## @section Redis® master configuration parameters -## -master: - ## @param master.count Number of Redis® master instances to deploy (experimental, requires additional configuration) - ## - count: 1 - ## @param master.revisionHistoryLimit The number of old history to retain to allow rollback - ## NOTE: Explicitly setting this field to 0, will result in cleaning up all the history, breaking ability to rollback - revisionHistoryLimit: 10 - ## @param master.configuration Configuration for Redis® master nodes - ## ref: https://redis.io/topics/config - ## - configuration: "" - ## @param master.disableCommands Array with Redis® commands to disable on master nodes - ## Commands will be completely disabled by renaming each to an empty string. - ## ref: https://redis.io/topics/security#disabling-of-specific-commands - ## - disableCommands: - - FLUSHDB - - FLUSHALL - ## @param master.command Override default container command (useful when using custom images) - ## - command: [] - ## @param master.args Override default container args (useful when using custom images) - ## - args: [] - ## @param master.enableServiceLinks Whether information about services should be injected into pod's environment variable - ## - enableServiceLinks: true - ## @param master.preExecCmds Additional commands to run prior to starting Redis® master - ## - preExecCmds: [] - ## @param master.extraFlags Array with additional command line flags for Redis® master - ## e.g: - ## extraFlags: - ## - "--maxmemory-policy volatile-ttl" - ## - "--repl-backlog-size 1024mb" - ## - extraFlags: [] - ## @param master.extraEnvVars Array with extra environment variables to add to Redis® master nodes - ## e.g: - ## extraEnvVars: - ## - name: FOO - ## value: "bar" - ## - extraEnvVars: [] - ## @param master.extraEnvVarsCM Name of existing ConfigMap containing extra env vars for Redis® master nodes - ## - extraEnvVarsCM: "" - ## @param master.extraEnvVarsSecret Name of existing Secret containing extra env vars for Redis® master nodes - ## - extraEnvVarsSecret: "" - ## @param master.containerPorts.redis Container port to open on Redis® master nodes - ## - containerPorts: - redis: 6379 - ## Configure extra options for Redis® containers' liveness and readiness probes - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes - ## @param master.startupProbe.enabled Enable startupProbe on Redis® master nodes - ## @param master.startupProbe.initialDelaySeconds Initial delay seconds for startupProbe - ## @param master.startupProbe.periodSeconds Period seconds for startupProbe - ## @param master.startupProbe.timeoutSeconds Timeout seconds for startupProbe - ## @param master.startupProbe.failureThreshold Failure threshold for startupProbe - ## @param master.startupProbe.successThreshold Success threshold for startupProbe - ## - startupProbe: - enabled: false - initialDelaySeconds: 20 - periodSeconds: 5 - timeoutSeconds: 5 - successThreshold: 1 - failureThreshold: 5 - ## @param master.livenessProbe.enabled Enable livenessProbe on Redis® master nodes - ## @param master.livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe - ## @param master.livenessProbe.periodSeconds Period seconds for livenessProbe - ## @param master.livenessProbe.timeoutSeconds Timeout seconds for livenessProbe - ## @param master.livenessProbe.failureThreshold Failure threshold for livenessProbe - ## @param master.livenessProbe.successThreshold Success threshold for livenessProbe - ## - livenessProbe: - enabled: true - initialDelaySeconds: 20 - periodSeconds: 5 - timeoutSeconds: 5 - successThreshold: 1 - failureThreshold: 5 - ## @param master.readinessProbe.enabled Enable readinessProbe on Redis® master nodes - ## @param master.readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe - ## @param master.readinessProbe.periodSeconds Period seconds for readinessProbe - ## @param master.readinessProbe.timeoutSeconds Timeout seconds for readinessProbe - ## @param master.readinessProbe.failureThreshold Failure threshold for readinessProbe - ## @param master.readinessProbe.successThreshold Success threshold for readinessProbe - ## - readinessProbe: - enabled: true - initialDelaySeconds: 20 - periodSeconds: 5 - timeoutSeconds: 1 - successThreshold: 1 - failureThreshold: 5 - ## @param master.customStartupProbe Custom startupProbe that overrides the default one - ## - customStartupProbe: {} - ## @param master.customLivenessProbe Custom livenessProbe that overrides the default one - ## - customLivenessProbe: {} - ## @param master.customReadinessProbe Custom readinessProbe that overrides the default one - ## - customReadinessProbe: {} - ## Redis® master resource requests and limits - ## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ - ## @param master.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if master.resources is set (master.resources is recommended for production). - ## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15 - ## - resourcesPreset: "nano" - ## @param master.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads) - ## Example: - ## resources: - ## requests: - ## cpu: 2 - ## memory: 512Mi - ## limits: - ## cpu: 3 - ## memory: 1024Mi - ## - resources: {} - ## Configure Pods Security Context - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod - ## @param master.podSecurityContext.enabled Enabled Redis® master pods' Security Context - ## @param master.podSecurityContext.fsGroupChangePolicy Set filesystem group change policy - ## @param master.podSecurityContext.sysctls Set kernel settings using the sysctl interface - ## @param master.podSecurityContext.supplementalGroups Set filesystem extra groups - ## @param master.podSecurityContext.fsGroup Set Redis® master pod's Security Context fsGroup - ## - podSecurityContext: - enabled: true - fsGroupChangePolicy: Always - sysctls: [] - supplementalGroups: [] - fsGroup: 1001 - ## Configure Container Security Context - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod - ## @param master.containerSecurityContext.enabled Enabled Redis® master containers' Security Context - ## @param master.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container - ## @param master.containerSecurityContext.runAsUser Set Redis® master containers' Security Context runAsUser - ## @param master.containerSecurityContext.runAsGroup Set Redis® master containers' Security Context runAsGroup - ## @param master.containerSecurityContext.runAsNonRoot Set Redis® master containers' Security Context runAsNonRoot - ## @param master.containerSecurityContext.allowPrivilegeEscalation Is it possible to escalate Redis® pod(s) privileges - ## @param master.containerSecurityContext.readOnlyRootFilesystem Set container's Security Context read-only root filesystem - ## @param master.containerSecurityContext.seccompProfile.type Set Redis® master containers' Security Context seccompProfile - ## @param master.containerSecurityContext.capabilities.drop Set Redis® master containers' Security Context capabilities to drop - ## - containerSecurityContext: - enabled: true - seLinuxOptions: {} - runAsUser: 1001 - runAsGroup: 1001 - runAsNonRoot: true - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - seccompProfile: - type: RuntimeDefault - capabilities: - drop: ["ALL"] - ## @param master.kind Use either Deployment, StatefulSet (default) or DaemonSet - ## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/ - ## - kind: StatefulSet - ## @param master.schedulerName Alternate scheduler for Redis® master pods - ## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/ - ## - schedulerName: "" - ## @param master.updateStrategy.type Redis® master statefulset strategy type - ## @skip master.updateStrategy.rollingUpdate - ## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies - ## - updateStrategy: - ## StrategyType - ## Can be set to RollingUpdate, OnDelete (statefulset), Recreate (deployment) - ## - type: RollingUpdate - ## @param master.minReadySeconds How many seconds a pod needs to be ready before killing the next, during update - ## - minReadySeconds: 0 - ## @param master.priorityClassName Redis® master pods' priorityClassName - ## - priorityClassName: "" - ## @param master.automountServiceAccountToken Mount Service Account token in pod - ## - automountServiceAccountToken: false - ## @param master.hostAliases Redis® master pods host aliases - ## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/ - ## - hostAliases: [] - ## @param master.podLabels Extra labels for Redis® master pods - ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ - ## - podLabels: {} - ## @param master.podAnnotations Annotations for Redis® master pods - ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ - ## - podAnnotations: {} - ## @param master.shareProcessNamespace Share a single process namespace between all of the containers in Redis® master pods - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/share-process-namespace/ - ## - shareProcessNamespace: false - ## @param master.podAffinityPreset Pod affinity preset. Ignored if `master.affinity` is set. Allowed values: `soft` or `hard` - ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity - ## - podAffinityPreset: "" - ## @param master.podAntiAffinityPreset Pod anti-affinity preset. Ignored if `master.affinity` is set. Allowed values: `soft` or `hard` - ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity - ## - podAntiAffinityPreset: soft - ## Node master.affinity preset - ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity - ## - nodeAffinityPreset: - ## @param master.nodeAffinityPreset.type Node affinity preset type. Ignored if `master.affinity` is set. Allowed values: `soft` or `hard` - ## - type: "" - ## @param master.nodeAffinityPreset.key Node label key to match. Ignored if `master.affinity` is set - ## - key: "" - ## @param master.nodeAffinityPreset.values Node label values to match. Ignored if `master.affinity` is set - ## E.g. - ## values: - ## - e2e-az1 - ## - e2e-az2 - ## - values: [] - ## @param master.affinity Affinity for Redis® master pods assignment - ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity - ## NOTE: `master.podAffinityPreset`, `master.podAntiAffinityPreset`, and `master.nodeAffinityPreset` will be ignored when it's set - ## - affinity: {} - ## @param master.nodeSelector Node labels for Redis® master pods assignment - ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/ - ## - nodeSelector: {} - ## @param master.tolerations Tolerations for Redis® master pods assignment - ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ - ## - tolerations: [] - ## @param master.topologySpreadConstraints Spread Constraints for Redis® master pod assignment - ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ - ## E.g. - ## topologySpreadConstraints: - ## - maxSkew: 1 - ## topologyKey: node - ## whenUnsatisfiable: DoNotSchedule - ## - topologySpreadConstraints: [] - ## @param master.dnsPolicy DNS Policy for Redis® master pod - ## ref: https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/ - ## E.g. - ## dnsPolicy: ClusterFirst - ## - dnsPolicy: "" - ## @param master.dnsConfig DNS Configuration for Redis® master pod - ## ref: https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/ - ## E.g. - ## dnsConfig: - ## options: - ## - name: ndots - ## value: "4" - ## - name: single-request-reopen - ## - dnsConfig: {} - ## @param master.lifecycleHooks for the Redis® master container(s) to automate configuration before or after startup - ## - lifecycleHooks: {} - ## @param master.extraVolumes Optionally specify extra list of additional volumes for the Redis® master pod(s) - ## - extraVolumes: [] - ## @param master.extraVolumeMounts Optionally specify extra list of additional volumeMounts for the Redis® master container(s) - ## - extraVolumeMounts: [] - ## @param master.sidecars Add additional sidecar containers to the Redis® master pod(s) - ## e.g: - ## sidecars: - ## - name: your-image-name - ## image: your-image - ## imagePullPolicy: Always - ## ports: - ## - name: portname - ## containerPort: 1234 - ## - sidecars: [] - ## @param master.initContainers Add additional init containers to the Redis® master pod(s) - ## ref: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ - ## e.g: - ## initContainers: - ## - name: your-image-name - ## image: your-image - ## imagePullPolicy: Always - ## command: ['sh', '-c', 'echo "hello world"'] - ## - initContainers: [] - ## Persistence parameters - ## ref: https://kubernetes.io/docs/concepts/storage/persistent-volumes/ - ## - persistence: - ## @param master.persistence.enabled Enable persistence on Redis® master nodes using Persistent Volume Claims - ## - enabled: true - ## @param master.persistence.medium Provide a medium for `emptyDir` volumes. - ## - medium: "" - ## @param master.persistence.sizeLimit Set this to enable a size limit for `emptyDir` volumes. - ## - sizeLimit: "" - ## @param master.persistence.path The path the volume will be mounted at on Redis® master containers - ## NOTE: Useful when using different Redis® images - ## - path: /data - ## @param master.persistence.subPath The subdirectory of the volume to mount on Redis® master containers - ## NOTE: Useful in dev environments - ## - subPath: "" - ## @param master.persistence.subPathExpr Used to construct the subPath subdirectory of the volume to mount on Redis® master containers - ## - subPathExpr: "" - ## @param master.persistence.storageClass Persistent Volume storage class - ## If defined, storageClassName: - ## If set to "-", storageClassName: "", which disables dynamic provisioning - ## If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner - ## - storageClass: "" - ## @param master.persistence.accessModes Persistent Volume access modes - ## - accessModes: - - ReadWriteOnce - ## @param master.persistence.size Persistent Volume size - ## - size: 8Gi - ## @param master.persistence.annotations Additional custom annotations for the PVC - ## - annotations: {} - ## @param master.persistence.labels Additional custom labels for the PVC - ## - labels: {} - ## @param master.persistence.selector Additional labels to match for the PVC - ## e.g: - ## selector: - ## matchLabels: - ## app: my-app - ## - selector: {} - ## @param master.persistence.dataSource Custom PVC data source - ## - dataSource: {} - ## @param master.persistence.existingClaim Use a existing PVC which must be created manually before bound - ## NOTE: requires master.persistence.enabled: true - ## - existingClaim: "" - ## persistentVolumeClaimRetentionPolicy - ## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#persistentvolumeclaim-retention - ## @param master.persistentVolumeClaimRetentionPolicy.enabled Controls if and how PVCs are deleted during the lifecycle of a StatefulSet - ## @param master.persistentVolumeClaimRetentionPolicy.whenScaled Volume retention behavior when the replica count of the StatefulSet is reduced - ## @param master.persistentVolumeClaimRetentionPolicy.whenDeleted Volume retention behavior that applies when the StatefulSet is deleted - ## - persistentVolumeClaimRetentionPolicy: - enabled: false - whenScaled: Retain - whenDeleted: Retain - ## Redis® master service parameters - ## - service: - ## @param master.service.type Redis® master service type - ## - type: ClusterIP - ## @param master.service.portNames.redis Redis® master service port name - ## - portNames: - redis: "tcp-redis" - ## @param master.service.ports.redis Redis® master service port - ## - ports: - redis: 6379 - ## @param master.service.nodePorts.redis Node port for Redis® master - ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport - ## NOTE: choose port between <30000-32767> - ## - nodePorts: - redis: "" - ## @param master.service.externalTrafficPolicy Redis® master service external traffic policy - ## ref: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip - ## - externalTrafficPolicy: Cluster - ## @param master.service.extraPorts Extra ports to expose (normally used with the `sidecar` value) - ## - extraPorts: [] - ## @param master.service.internalTrafficPolicy Redis® master service internal traffic policy (requires Kubernetes v1.22 or greater to be usable) - ## ref: https://kubernetes.io/docs/concepts/services-networking/service-traffic-policy/ - ## - internalTrafficPolicy: Cluster - ## @param master.service.clusterIP Redis® master service Cluster IP - ## - clusterIP: "" - ## @param master.service.loadBalancerIP Redis® master service Load Balancer IP - ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer - ## - loadBalancerIP: "" - ## @param master.service.loadBalancerClass master service Load Balancer class if service type is `LoadBalancer` (optional, cloud specific) - ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-loadbalancer - ## - loadBalancerClass: "" - ## @param master.service.loadBalancerSourceRanges Redis® master service Load Balancer sources - ## https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service - ## e.g. - ## loadBalancerSourceRanges: - ## - 10.10.10.0/24 - ## - loadBalancerSourceRanges: [] - ## @param master.service.externalIPs Redis® master service External IPs - ## https://kubernetes.io/docs/concepts/services-networking/service/#external-ips - ## e.g. - ## externalIPs: - ## - 10.10.10.1 - ## - 201.22.30.1 - ## - externalIPs: [] - ## @param master.service.annotations Additional custom annotations for Redis® master service - ## - annotations: {} - ## @param master.service.sessionAffinity Session Affinity for Kubernetes service, can be "None" or "ClientIP" - ## If "ClientIP", consecutive client requests will be directed to the same Pod - ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies - ## - sessionAffinity: None - ## @param master.service.sessionAffinityConfig Additional settings for the sessionAffinity - ## sessionAffinityConfig: - ## clientIP: - ## timeoutSeconds: 300 - ## - sessionAffinityConfig: {} - ## @param master.terminationGracePeriodSeconds Integer setting the termination grace period for the redis-master pods - ## - terminationGracePeriodSeconds: 30 - ## ServiceAccount configuration - ## - serviceAccount: - ## @param master.serviceAccount.create Specifies whether a ServiceAccount should be created - ## - create: true - ## @param master.serviceAccount.name The name of the ServiceAccount to use. - ## If not set and create is true, a name is generated using the common.names.fullname template - ## - name: "" - ## @param master.serviceAccount.automountServiceAccountToken Whether to auto mount the service account token - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#use-the-default-service-account-to-access-the-api-server - ## - automountServiceAccountToken: false - ## @param master.serviceAccount.annotations Additional custom annotations for the ServiceAccount - ## - annotations: {} - ## Pod Disruption Budget configuration - ## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb - ## @param master.pdb.create Enable/disable a Pod Disruption Budget creation - ## @param master.pdb.minAvailable [object] Minimum number/percentage of pods that should remain scheduled - ## @param master.pdb.maxUnavailable [object] Maximum number/percentage of pods that may be made unavailable. Defaults to `1` if both `master.pdb.minAvailable` and `master.pdb.maxUnavailable` are empty. - ## - pdb: - create: true - minAvailable: "" - maxUnavailable: "" -## @section Redis® replicas configuration parameters -## -replica: - ## @param replica.kind Use either DaemonSet or StatefulSet (default) - ## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/ - ## - kind: StatefulSet - ## @param replica.replicaCount Number of Redis® replicas to deploy - ## - replicaCount: 3 - ## @param replica.revisionHistoryLimit The number of old history to retain to allow rollback - ## NOTE: Explicitly setting this field to 0, will result in cleaning up all the history, breaking ability to rollback - revisionHistoryLimit: 10 - ## @param replica.configuration Configuration for Redis® replicas nodes - ## ref: https://redis.io/topics/config - ## - configuration: "" - ## @param replica.disableCommands Array with Redis® commands to disable on replicas nodes - ## Commands will be completely disabled by renaming each to an empty string. - ## ref: https://redis.io/topics/security#disabling-of-specific-commands - ## - disableCommands: - - FLUSHDB - - FLUSHALL - ## @param replica.command Override default container command (useful when using custom images) - ## - command: [] - ## @param replica.args Override default container args (useful when using custom images) - ## - args: [] - ## @param replica.enableServiceLinks Whether information about services should be injected into pod's environment variable - ## - enableServiceLinks: true - ## @param replica.preExecCmds Additional commands to run prior to starting Redis® replicas - ## - preExecCmds: [] - ## @param replica.extraFlags Array with additional command line flags for Redis® replicas - ## e.g: - ## extraFlags: - ## - "--maxmemory-policy volatile-ttl" - ## - "--repl-backlog-size 1024mb" - ## - extraFlags: [] - ## @param replica.extraEnvVars Array with extra environment variables to add to Redis® replicas nodes - ## e.g: - ## extraEnvVars: - ## - name: FOO - ## value: "bar" - ## - extraEnvVars: [] - ## @param replica.extraEnvVarsCM Name of existing ConfigMap containing extra env vars for Redis® replicas nodes - ## - extraEnvVarsCM: "" - ## @param replica.extraEnvVarsSecret Name of existing Secret containing extra env vars for Redis® replicas nodes - ## - extraEnvVarsSecret: "" - ## @param replica.externalMaster.enabled Use external master for bootstrapping - ## @param replica.externalMaster.host External master host to bootstrap from - ## @param replica.externalMaster.port Port for Redis service external master host - ## - externalMaster: - enabled: false - host: "" - port: 6379 - ## @param replica.containerPorts.redis Container port to open on Redis® replicas nodes - ## - containerPorts: - redis: 6379 - ## Configure extra options for Redis® containers' liveness and readiness probes - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes - ## @param replica.startupProbe.enabled Enable startupProbe on Redis® replicas nodes - ## @param replica.startupProbe.initialDelaySeconds Initial delay seconds for startupProbe - ## @param replica.startupProbe.periodSeconds Period seconds for startupProbe - ## @param replica.startupProbe.timeoutSeconds Timeout seconds for startupProbe - ## @param replica.startupProbe.failureThreshold Failure threshold for startupProbe - ## @param replica.startupProbe.successThreshold Success threshold for startupProbe - ## - startupProbe: - enabled: true - initialDelaySeconds: 10 - periodSeconds: 10 - timeoutSeconds: 5 - successThreshold: 1 - failureThreshold: 22 - ## @param replica.livenessProbe.enabled Enable livenessProbe on Redis® replicas nodes - ## @param replica.livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe - ## @param replica.livenessProbe.periodSeconds Period seconds for livenessProbe - ## @param replica.livenessProbe.timeoutSeconds Timeout seconds for livenessProbe - ## @param replica.livenessProbe.failureThreshold Failure threshold for livenessProbe - ## @param replica.livenessProbe.successThreshold Success threshold for livenessProbe - ## - livenessProbe: - enabled: true - initialDelaySeconds: 20 - periodSeconds: 5 - timeoutSeconds: 5 - successThreshold: 1 - failureThreshold: 5 - ## @param replica.readinessProbe.enabled Enable readinessProbe on Redis® replicas nodes - ## @param replica.readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe - ## @param replica.readinessProbe.periodSeconds Period seconds for readinessProbe - ## @param replica.readinessProbe.timeoutSeconds Timeout seconds for readinessProbe - ## @param replica.readinessProbe.failureThreshold Failure threshold for readinessProbe - ## @param replica.readinessProbe.successThreshold Success threshold for readinessProbe - ## - readinessProbe: - enabled: true - initialDelaySeconds: 20 - periodSeconds: 5 - timeoutSeconds: 1 - successThreshold: 1 - failureThreshold: 5 - ## @param replica.customStartupProbe Custom startupProbe that overrides the default one - ## - customStartupProbe: {} - ## @param replica.customLivenessProbe Custom livenessProbe that overrides the default one - ## - customLivenessProbe: {} - ## @param replica.customReadinessProbe Custom readinessProbe that overrides the default one - ## - customReadinessProbe: {} - ## Redis® replicas resource requests and limits - ## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ - ## @param replica.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if replica.resources is set (replica.resources is recommended for production). - ## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15 - ## - resourcesPreset: "nano" - ## @param replica.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads) - ## Example: - ## resources: - ## requests: - ## cpu: 2 - ## memory: 512Mi - ## limits: - ## cpu: 3 - ## memory: 1024Mi - ## - resources: {} - ## Configure Pods Security Context - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod - ## @param replica.podSecurityContext.enabled Enabled Redis® replicas pods' Security Context - ## @param replica.podSecurityContext.fsGroupChangePolicy Set filesystem group change policy - ## @param replica.podSecurityContext.sysctls Set kernel settings using the sysctl interface - ## @param replica.podSecurityContext.supplementalGroups Set filesystem extra groups - ## @param replica.podSecurityContext.fsGroup Set Redis® replicas pod's Security Context fsGroup - ## - podSecurityContext: - enabled: true - fsGroupChangePolicy: Always - sysctls: [] - supplementalGroups: [] - fsGroup: 1001 - ## Configure Container Security Context - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod - ## @param replica.containerSecurityContext.enabled Enabled Redis® replicas containers' Security Context - ## @param replica.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container - ## @param replica.containerSecurityContext.runAsUser Set Redis® replicas containers' Security Context runAsUser - ## @param replica.containerSecurityContext.runAsGroup Set Redis® replicas containers' Security Context runAsGroup - ## @param replica.containerSecurityContext.runAsNonRoot Set Redis® replicas containers' Security Context runAsNonRoot - ## @param replica.containerSecurityContext.allowPrivilegeEscalation Set Redis® replicas pod's Security Context allowPrivilegeEscalation - ## @param replica.containerSecurityContext.readOnlyRootFilesystem Set container's Security Context read-only root filesystem - ## @param replica.containerSecurityContext.seccompProfile.type Set Redis® replicas containers' Security Context seccompProfile - ## @param replica.containerSecurityContext.capabilities.drop Set Redis® replicas containers' Security Context capabilities to drop - ## - containerSecurityContext: - enabled: true - seLinuxOptions: {} - runAsUser: 1001 - runAsGroup: 1001 - runAsNonRoot: true - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - seccompProfile: - type: RuntimeDefault - capabilities: - drop: ["ALL"] - ## @param replica.schedulerName Alternate scheduler for Redis® replicas pods - ## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/ - ## - schedulerName: "" - ## @param replica.updateStrategy.type Redis® replicas statefulset strategy type - ## @skip replica.updateStrategy.rollingUpdate - ## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies - ## - updateStrategy: - ## StrategyType - ## Can be set to RollingUpdate, OnDelete (statefulset), Recreate (deployment) - ## - type: RollingUpdate - ## @param replica.minReadySeconds How many seconds a pod needs to be ready before killing the next, during update - ## - minReadySeconds: 0 - ## @param replica.priorityClassName Redis® replicas pods' priorityClassName - ## - priorityClassName: "" - ## @param replica.podManagementPolicy podManagementPolicy to manage scaling operation of %%MAIN_CONTAINER_NAME%% pods - ## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#pod-management-policies - ## - podManagementPolicy: "" - ## @param replica.automountServiceAccountToken Mount Service Account token in pod - ## - automountServiceAccountToken: false - ## @param replica.hostAliases Redis® replicas pods host aliases - ## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/ - ## - hostAliases: [] - ## @param replica.podLabels Extra labels for Redis® replicas pods - ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ - ## - podLabels: {} - ## @param replica.podAnnotations Annotations for Redis® replicas pods - ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ - ## - podAnnotations: {} - ## @param replica.shareProcessNamespace Share a single process namespace between all of the containers in Redis® replicas pods - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/share-process-namespace/ - ## - shareProcessNamespace: false - ## @param replica.podAffinityPreset Pod affinity preset. Ignored if `replica.affinity` is set. Allowed values: `soft` or `hard` - ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity - ## - podAffinityPreset: "" - ## @param replica.podAntiAffinityPreset Pod anti-affinity preset. Ignored if `replica.affinity` is set. Allowed values: `soft` or `hard` - ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity - ## - podAntiAffinityPreset: soft - ## Node affinity preset - ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity - ## - nodeAffinityPreset: - ## @param replica.nodeAffinityPreset.type Node affinity preset type. Ignored if `replica.affinity` is set. Allowed values: `soft` or `hard` - ## - type: "" - ## @param replica.nodeAffinityPreset.key Node label key to match. Ignored if `replica.affinity` is set - ## - key: "" - ## @param replica.nodeAffinityPreset.values Node label values to match. Ignored if `replica.affinity` is set - ## E.g. - ## values: - ## - e2e-az1 - ## - e2e-az2 - ## - values: [] - ## @param replica.affinity Affinity for Redis® replicas pods assignment - ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity - ## NOTE: `replica.podAffinityPreset`, `replica.podAntiAffinityPreset`, and `replica.nodeAffinityPreset` will be ignored when it's set - ## - affinity: {} - ## @param replica.nodeSelector Node labels for Redis® replicas pods assignment - ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/ - ## - nodeSelector: {} - ## @param replica.tolerations Tolerations for Redis® replicas pods assignment - ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ - ## - tolerations: [] - ## @param replica.topologySpreadConstraints Spread Constraints for Redis® replicas pod assignment - ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ - ## E.g. - ## topologySpreadConstraints: - ## - maxSkew: 1 - ## topologyKey: node - ## whenUnsatisfiable: DoNotSchedule - ## - topologySpreadConstraints: [] - ## @param replica.dnsPolicy DNS Policy for Redis® replica pods - ## ref: https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/ - ## E.g. - ## dnsPolicy: ClusterFirst - ## - dnsPolicy: "" - ## @param replica.dnsConfig DNS Configuration for Redis® replica pods - ## ref: https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/ - ## E.g. - ## dnsConfig: - ## options: - ## - name: ndots - ## value: "4" - ## - name: single-request-reopen - ## - dnsConfig: {} - ## @param replica.lifecycleHooks for the Redis® replica container(s) to automate configuration before or after startup - ## - lifecycleHooks: {} - ## @param replica.extraVolumes Optionally specify extra list of additional volumes for the Redis® replicas pod(s) - ## - extraVolumes: [] - ## @param replica.extraVolumeMounts Optionally specify extra list of additional volumeMounts for the Redis® replicas container(s) - ## - extraVolumeMounts: [] - ## @param replica.sidecars Add additional sidecar containers to the Redis® replicas pod(s) - ## e.g: - ## sidecars: - ## - name: your-image-name - ## image: your-image - ## imagePullPolicy: Always - ## ports: - ## - name: portname - ## containerPort: 1234 - ## - sidecars: [] - ## @param replica.initContainers Add additional init containers to the Redis® replicas pod(s) - ## ref: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ - ## e.g: - ## initContainers: - ## - name: your-image-name - ## image: your-image - ## imagePullPolicy: Always - ## command: ['sh', '-c', 'echo "hello world"'] - ## - initContainers: [] - ## Persistence Parameters - ## ref: https://kubernetes.io/docs/concepts/storage/persistent-volumes/ - ## - persistence: - ## @param replica.persistence.enabled Enable persistence on Redis® replicas nodes using Persistent Volume Claims - ## - enabled: true - ## @param replica.persistence.medium Provide a medium for `emptyDir` volumes. - ## - medium: "" - ## @param replica.persistence.sizeLimit Set this to enable a size limit for `emptyDir` volumes. - ## - sizeLimit: "" - ## @param replica.persistence.path The path the volume will be mounted at on Redis® replicas containers - ## NOTE: Useful when using different Redis® images - ## - path: /data - ## @param replica.persistence.subPath The subdirectory of the volume to mount on Redis® replicas containers - ## NOTE: Useful in dev environments - ## - subPath: "" - ## @param replica.persistence.subPathExpr Used to construct the subPath subdirectory of the volume to mount on Redis® replicas containers - ## - subPathExpr: "" - ## @param replica.persistence.storageClass Persistent Volume storage class - ## If defined, storageClassName: - ## If set to "-", storageClassName: "", which disables dynamic provisioning - ## If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner - ## - storageClass: "" - ## @param replica.persistence.accessModes Persistent Volume access modes - ## - accessModes: - - ReadWriteOnce - ## @param replica.persistence.size Persistent Volume size - ## - size: 8Gi - ## @param replica.persistence.annotations Additional custom annotations for the PVC - ## - annotations: {} - ## @param replica.persistence.labels Additional custom labels for the PVC - ## - labels: {} - ## @param replica.persistence.selector Additional labels to match for the PVC - ## e.g: - ## selector: - ## matchLabels: - ## app: my-app - ## - selector: {} - ## @param replica.persistence.dataSource Custom PVC data source - ## - dataSource: {} - ## @param replica.persistence.existingClaim Use a existing PVC which must be created manually before bound - ## NOTE: requires replica.persistence.enabled: true - ## - existingClaim: "" - ## persistentVolumeClaimRetentionPolicy - ## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#persistentvolumeclaim-retention - ## @param replica.persistentVolumeClaimRetentionPolicy.enabled Controls if and how PVCs are deleted during the lifecycle of a StatefulSet - ## @param replica.persistentVolumeClaimRetentionPolicy.whenScaled Volume retention behavior when the replica count of the StatefulSet is reduced - ## @param replica.persistentVolumeClaimRetentionPolicy.whenDeleted Volume retention behavior that applies when the StatefulSet is deleted - ## - persistentVolumeClaimRetentionPolicy: - enabled: false - whenScaled: Retain - whenDeleted: Retain - ## Redis® replicas service parameters - ## - service: - ## @param replica.service.type Redis® replicas service type - ## - type: ClusterIP - ## @param replica.service.ports.redis Redis® replicas service port - ## - ports: - redis: 6379 - ## @param replica.service.nodePorts.redis Node port for Redis® replicas - ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport - ## NOTE: choose port between <30000-32767> - ## - nodePorts: - redis: "" - ## @param replica.service.externalTrafficPolicy Redis® replicas service external traffic policy - ## ref: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip - ## - externalTrafficPolicy: Cluster - ## @param replica.service.internalTrafficPolicy Redis® replicas service internal traffic policy (requires Kubernetes v1.22 or greater to be usable) - ## ref: https://kubernetes.io/docs/concepts/services-networking/service-traffic-policy/ - ## - internalTrafficPolicy: Cluster - ## @param replica.service.extraPorts Extra ports to expose (normally used with the `sidecar` value) - ## - extraPorts: [] - ## @param replica.service.clusterIP Redis® replicas service Cluster IP - ## - clusterIP: "" - ## @param replica.service.loadBalancerIP Redis® replicas service Load Balancer IP - ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer - ## - loadBalancerIP: "" - ## @param replica.service.loadBalancerClass replicas service Load Balancer class if service type is `LoadBalancer` (optional, cloud specific) - ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-loadbalancer - ## - loadBalancerClass: "" - ## @param replica.service.loadBalancerSourceRanges Redis® replicas service Load Balancer sources - ## https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service - ## e.g. - ## loadBalancerSourceRanges: - ## - 10.10.10.0/24 - ## - loadBalancerSourceRanges: [] - ## @param replica.service.annotations Additional custom annotations for Redis® replicas service - ## - annotations: {} - ## @param replica.service.sessionAffinity Session Affinity for Kubernetes service, can be "None" or "ClientIP" - ## If "ClientIP", consecutive client requests will be directed to the same Pod - ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies - ## - sessionAffinity: None - ## @param replica.service.sessionAffinityConfig Additional settings for the sessionAffinity - ## sessionAffinityConfig: - ## clientIP: - ## timeoutSeconds: 300 - ## - sessionAffinityConfig: {} - ## @param replica.terminationGracePeriodSeconds Integer setting the termination grace period for the redis-replicas pods - ## - terminationGracePeriodSeconds: 30 - ## Autoscaling configuration - ## - autoscaling: - ## @param replica.autoscaling.enabled Enable replica autoscaling settings - ## - enabled: false - ## @param replica.autoscaling.minReplicas Minimum replicas for the pod autoscaling - ## - minReplicas: 1 - ## @param replica.autoscaling.maxReplicas Maximum replicas for the pod autoscaling - ## - maxReplicas: 11 - ## @param replica.autoscaling.targetCPU Percentage of CPU to consider when autoscaling - ## - targetCPU: "" - ## @param replica.autoscaling.targetMemory Percentage of Memory to consider when autoscaling - ## - targetMemory: "" - ## ServiceAccount configuration - ## - serviceAccount: - ## @param replica.serviceAccount.create Specifies whether a ServiceAccount should be created - ## - create: true - ## @param replica.serviceAccount.name The name of the ServiceAccount to use. - ## If not set and create is true, a name is generated using the common.names.fullname template - ## - name: "" - ## @param replica.serviceAccount.automountServiceAccountToken Whether to auto mount the service account token - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#use-the-default-service-account-to-access-the-api-server - ## - automountServiceAccountToken: false - ## @param replica.serviceAccount.annotations Additional custom annotations for the ServiceAccount - ## - annotations: {} - ## Pod Disruption Budget configuration - ## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb - ## @param replica.pdb.create Enable/disable a Pod Disruption Budget creation - ## @param replica.pdb.minAvailable [object] Minimum number/percentage of pods that should remain scheduled - ## @param replica.pdb.maxUnavailable [object] Maximum number/percentage of pods that may be made unavailable. Defaults to `1` if both `replica.pdb.minAvailable` and `replica.pdb.maxUnavailable` are empty. - ## - pdb: - create: true - minAvailable: "" - maxUnavailable: "" -## @section Redis® Sentinel configuration parameters -## - -sentinel: - ## @param sentinel.enabled Use Redis® Sentinel on Redis® pods. - ## IMPORTANT: this will disable the master and replicas services and - ## create a single Redis® service exposing both the Redis and Sentinel ports - ## - enabled: false - ## Bitnami Redis® Sentinel image version - ## ref: https://hub.docker.com/r/bitnami/redis-sentinel/tags/ - ## @param sentinel.image.registry [default: REGISTRY_NAME] Redis® Sentinel image registry - ## @param sentinel.image.repository [default: REPOSITORY_NAME/redis-sentinel] Redis® Sentinel image repository - ## @skip sentinel.image.tag Redis® Sentinel image tag (immutable tags are recommended) - ## @param sentinel.image.digest Redis® Sentinel image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag - ## @param sentinel.image.pullPolicy Redis® Sentinel image pull policy - ## @param sentinel.image.pullSecrets Redis® Sentinel image pull secrets - ## @param sentinel.image.debug Enable image debug mode - ## - image: - registry: docker.io - repository: bitnami/redis-sentinel - tag: 7.4.0-debian-12-r0 - digest: "" - ## Specify a imagePullPolicy - ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' - ## ref: https://kubernetes.io/docs/concepts/containers/images/#pre-pulled-images - ## - pullPolicy: IfNotPresent - ## Optionally specify an array of imagePullSecrets. - ## Secrets must be manually created in the namespace. - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ - ## e.g: - ## pullSecrets: - ## - myRegistryKeySecretName - ## - pullSecrets: [] - ## Enable debug mode - ## - debug: false - ## @param sentinel.annotations Additional custom annotations for Redis® Sentinel resource - ## - annotations: {} - ## @param sentinel.masterSet Master set name - ## - masterSet: mymaster - ## @param sentinel.quorum Sentinel Quorum - ## - quorum: 2 - ## @param sentinel.getMasterTimeout Amount of time to allow before get_sentinel_master_info() times out. - ## - getMasterTimeout: 90 - ## @param sentinel.automateClusterRecovery Automate cluster recovery in cases where the last replica is not considered a good replica and Sentinel won't automatically failover to it. - ## This also prevents any new replica from starting until the last remaining replica is elected as master to guarantee that it is the one to be elected by Sentinel, and not a newly started replica with no data. - ## NOTE: This feature requires a "downAfterMilliseconds" value less or equal to 2000. - ## - automateClusterRecovery: false - ## @param sentinel.redisShutdownWaitFailover Whether the Redis® master container waits for the failover at shutdown (in addition to the Redis® Sentinel container). - ## - redisShutdownWaitFailover: true - ## Sentinel timing restrictions - ## @param sentinel.downAfterMilliseconds Timeout for detecting a Redis® node is down - ## @param sentinel.failoverTimeout Timeout for performing a election failover - ## - downAfterMilliseconds: 60000 - failoverTimeout: 180000 - ## @param sentinel.parallelSyncs Number of replicas that can be reconfigured in parallel to use the new master after a failover - ## - parallelSyncs: 1 - ## @param sentinel.configuration Configuration for Redis® Sentinel nodes - ## ref: https://redis.io/topics/sentinel - ## - configuration: "" - ## @param sentinel.command Override default container command (useful when using custom images) - ## - command: [] - ## @param sentinel.args Override default container args (useful when using custom images) - ## - args: [] - ## @param sentinel.enableServiceLinks Whether information about services should be injected into pod's environment variable - ## - enableServiceLinks: true - ## @param sentinel.preExecCmds Additional commands to run prior to starting Redis® Sentinel - ## - preExecCmds: [] - ## @param sentinel.extraEnvVars Array with extra environment variables to add to Redis® Sentinel nodes - ## e.g: - ## extraEnvVars: - ## - name: FOO - ## value: "bar" - ## - extraEnvVars: [] - ## @param sentinel.extraEnvVarsCM Name of existing ConfigMap containing extra env vars for Redis® Sentinel nodes - ## - extraEnvVarsCM: "" - ## @param sentinel.extraEnvVarsSecret Name of existing Secret containing extra env vars for Redis® Sentinel nodes - ## - extraEnvVarsSecret: "" - ## @param sentinel.externalMaster.enabled Use external master for bootstrapping - ## @param sentinel.externalMaster.host External master host to bootstrap from - ## @param sentinel.externalMaster.port Port for Redis service external master host - ## - externalMaster: - enabled: false - host: "" - port: 6379 - ## @param sentinel.containerPorts.sentinel Container port to open on Redis® Sentinel nodes - ## - containerPorts: - sentinel: 26379 - ## Configure extra options for Redis® containers' liveness and readiness probes - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes - ## @param sentinel.startupProbe.enabled Enable startupProbe on Redis® Sentinel nodes - ## @param sentinel.startupProbe.initialDelaySeconds Initial delay seconds for startupProbe - ## @param sentinel.startupProbe.periodSeconds Period seconds for startupProbe - ## @param sentinel.startupProbe.timeoutSeconds Timeout seconds for startupProbe - ## @param sentinel.startupProbe.failureThreshold Failure threshold for startupProbe - ## @param sentinel.startupProbe.successThreshold Success threshold for startupProbe - ## - startupProbe: - enabled: true - initialDelaySeconds: 10 - periodSeconds: 10 - timeoutSeconds: 5 - successThreshold: 1 - failureThreshold: 22 - ## @param sentinel.livenessProbe.enabled Enable livenessProbe on Redis® Sentinel nodes - ## @param sentinel.livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe - ## @param sentinel.livenessProbe.periodSeconds Period seconds for livenessProbe - ## @param sentinel.livenessProbe.timeoutSeconds Timeout seconds for livenessProbe - ## @param sentinel.livenessProbe.failureThreshold Failure threshold for livenessProbe - ## @param sentinel.livenessProbe.successThreshold Success threshold for livenessProbe - ## - livenessProbe: - enabled: true - initialDelaySeconds: 20 - periodSeconds: 10 - timeoutSeconds: 5 - successThreshold: 1 - failureThreshold: 6 - ## @param sentinel.readinessProbe.enabled Enable readinessProbe on Redis® Sentinel nodes - ## @param sentinel.readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe - ## @param sentinel.readinessProbe.periodSeconds Period seconds for readinessProbe - ## @param sentinel.readinessProbe.timeoutSeconds Timeout seconds for readinessProbe - ## @param sentinel.readinessProbe.failureThreshold Failure threshold for readinessProbe - ## @param sentinel.readinessProbe.successThreshold Success threshold for readinessProbe - ## - readinessProbe: - enabled: true - initialDelaySeconds: 20 - periodSeconds: 5 - timeoutSeconds: 1 - successThreshold: 1 - failureThreshold: 6 - ## @param sentinel.customStartupProbe Custom startupProbe that overrides the default one - ## - customStartupProbe: {} - ## @param sentinel.customLivenessProbe Custom livenessProbe that overrides the default one - ## - customLivenessProbe: {} - ## @param sentinel.customReadinessProbe Custom readinessProbe that overrides the default one - ## - customReadinessProbe: {} - ## Persistence parameters - ## ref: https://kubernetes.io/docs/concepts/storage/persistent-volumes/ - ## - persistence: - ## @param sentinel.persistence.enabled Enable persistence on Redis® sentinel nodes using Persistent Volume Claims (Experimental) - ## - enabled: false - ## @param sentinel.persistence.storageClass Persistent Volume storage class - ## If defined, storageClassName: - ## If set to "-", storageClassName: "", which disables dynamic provisioning - ## If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner - ## - storageClass: "" - ## @param sentinel.persistence.accessModes Persistent Volume access modes - ## - accessModes: - - ReadWriteOnce - ## @param sentinel.persistence.size Persistent Volume size - ## - size: 100Mi - ## @param sentinel.persistence.annotations Additional custom annotations for the PVC - ## - annotations: {} - ## @param sentinel.persistence.labels Additional custom labels for the PVC - ## - labels: {} - ## @param sentinel.persistence.selector Additional labels to match for the PVC - ## e.g: - ## selector: - ## matchLabels: - ## app: my-app - ## - selector: {} - ## @param sentinel.persistence.dataSource Custom PVC data source - ## - dataSource: {} - ## @param sentinel.persistence.medium Provide a medium for `emptyDir` volumes. - ## - medium: "" - ## @param sentinel.persistence.sizeLimit Set this to enable a size limit for `emptyDir` volumes. - ## - sizeLimit: "" - ## persistentVolumeClaimRetentionPolicy - ## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#persistentvolumeclaim-retention - ## @param sentinel.persistentVolumeClaimRetentionPolicy.enabled Controls if and how PVCs are deleted during the lifecycle of a StatefulSet - ## @param sentinel.persistentVolumeClaimRetentionPolicy.whenScaled Volume retention behavior when the replica count of the StatefulSet is reduced - ## @param sentinel.persistentVolumeClaimRetentionPolicy.whenDeleted Volume retention behavior that applies when the StatefulSet is deleted - ## - persistentVolumeClaimRetentionPolicy: - enabled: false - whenScaled: Retain - whenDeleted: Retain - ## Redis® Sentinel resource requests and limits - ## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ - ## @param sentinel.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if sentinel.resources is set (sentinel.resources is recommended for production). - ## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15 - ## - resourcesPreset: "nano" - ## @param sentinel.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads) - ## Example: - ## resources: - ## requests: - ## cpu: 2 - ## memory: 512Mi - ## limits: - ## cpu: 3 - ## memory: 1024Mi - ## - resources: {} - ## Configure Container Security Context - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod - ## @param sentinel.containerSecurityContext.enabled Enabled Redis® Sentinel containers' Security Context - ## @param sentinel.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container - ## @param sentinel.containerSecurityContext.runAsUser Set Redis® Sentinel containers' Security Context runAsUser - ## @param sentinel.containerSecurityContext.runAsGroup Set Redis® Sentinel containers' Security Context runAsGroup - ## @param sentinel.containerSecurityContext.runAsNonRoot Set Redis® Sentinel containers' Security Context runAsNonRoot - ## @param sentinel.containerSecurityContext.readOnlyRootFilesystem Set container's Security Context read-only root filesystem - ## @param sentinel.containerSecurityContext.allowPrivilegeEscalation Set Redis® Sentinel containers' Security Context allowPrivilegeEscalation - ## @param sentinel.containerSecurityContext.seccompProfile.type Set Redis® Sentinel containers' Security Context seccompProfile - ## @param sentinel.containerSecurityContext.capabilities.drop Set Redis® Sentinel containers' Security Context capabilities to drop - ## - containerSecurityContext: - enabled: true - seLinuxOptions: {} - runAsUser: 1001 - runAsGroup: 1001 - runAsNonRoot: true - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - seccompProfile: - type: RuntimeDefault - capabilities: - drop: ["ALL"] - ## @param sentinel.lifecycleHooks for the Redis® sentinel container(s) to automate configuration before or after startup - ## - lifecycleHooks: {} - ## @param sentinel.extraVolumes Optionally specify extra list of additional volumes for the Redis® Sentinel - ## - extraVolumes: [] - ## @param sentinel.extraVolumeMounts Optionally specify extra list of additional volumeMounts for the Redis® Sentinel container(s) - ## - extraVolumeMounts: [] - ## Redis® Sentinel service parameters - ## Note: values passed in this section also configure the master service, unless the sentinel.masterService is explicitly overridden. - service: - ## @param sentinel.service.type Redis® Sentinel service type - ## - type: ClusterIP - ## @param sentinel.service.ports.redis Redis® service port for Redis® - ## @param sentinel.service.ports.sentinel Redis® service port for Redis® Sentinel - ## - ports: - redis: 6379 - sentinel: 26379 - ## @param sentinel.service.nodePorts.redis Node port for Redis® - ## @param sentinel.service.nodePorts.sentinel Node port for Sentinel - ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport - ## NOTE: choose port between <30000-32767> - ## NOTE: By leaving these values blank, they will be generated by ports-configmap - ## If setting manually, please leave at least replica.replicaCount + 1 in between sentinel.service.nodePorts.redis and sentinel.service.nodePorts.sentinel to take into account the ports that will be created while incrementing that base port - ## - nodePorts: - redis: "" - sentinel: "" - ## @param sentinel.service.externalTrafficPolicy Redis® Sentinel service external traffic policy - ## ref: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip - ## - externalTrafficPolicy: Cluster - ## @param sentinel.service.extraPorts Extra ports to expose (normally used with the `sidecar` value) - ## - extraPorts: [] - ## @param sentinel.service.clusterIP Redis® Sentinel service Cluster IP - ## - clusterIP: "" - ## @param sentinel.service.createMaster Enable master service pointing to the current master (experimental) - ## NOTE: rbac.create need to be set to true - ## - createMaster: false - - ## @param sentinel.service.loadBalancerIP Redis® Sentinel service Load Balancer IP - ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer - ## - loadBalancerIP: "" - ## @param sentinel.service.loadBalancerClass sentinel service Load Balancer class if service type is `LoadBalancer` (optional, cloud specific) - ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-loadbalancer - ## - loadBalancerClass: "" - ## @param sentinel.service.loadBalancerSourceRanges Redis® Sentinel service Load Balancer sources - ## https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service - ## e.g. - ## loadBalancerSourceRanges: - ## - 10.10.10.0/24 - ## - loadBalancerSourceRanges: [] - ## @param sentinel.service.annotations Additional custom annotations for Redis® Sentinel service - ## - annotations: {} - ## @param sentinel.service.sessionAffinity Session Affinity for Kubernetes service, can be "None" or "ClientIP" - ## If "ClientIP", consecutive client requests will be directed to the same Pod - ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies - ## - sessionAffinity: None - ## @param sentinel.service.sessionAffinityConfig Additional settings for the sessionAffinity - ## sessionAffinityConfig: - ## clientIP: - ## timeoutSeconds: 300 - ## - sessionAffinityConfig: {} - ## Headless service properties - ## - headless: - ## @param sentinel.service.headless.annotations Annotations for the headless service. - ## - annotations: {} - - ## Redis® master service parameters - ## - masterService: - ## @param sentinel.masterService.enabled Enable master service pointing to the current master (experimental) - ## NOTE: rbac.create need to be set to true - ## - enabled: false - ## @param sentinel.masterService.type Redis® Sentinel master service type - ## - type: ClusterIP - ## @param sentinel.masterService.ports.redis Redis® service port for Redis® - ## - ports: - redis: 6379 - ## @param sentinel.masterService.nodePorts.redis Node port for Redis® - ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport - ## NOTE: choose port between <30000-32767> - ## NOTE: By leaving these values blank, they will be generated by ports-configmap - ## If setting manually, please leave at least replica.replicaCount + 1 in between sentinel.service.nodePorts.redis and sentinel.service.nodePorts.sentinel to take into account the ports that will be created while incrementing that base port - ## - nodePorts: - redis: "" - ## @param sentinel.masterService.externalTrafficPolicy Redis® master service external traffic policy - ## ref: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip - ## - externalTrafficPolicy: "" - ## @param sentinel.masterService.extraPorts Extra ports to expose (normally used with the `sidecar` value) - ## - extraPorts: [] - ## @param sentinel.masterService.clusterIP Redis® master service Cluster IP - ## - clusterIP: "" - ## @param sentinel.masterService.loadBalancerIP Redis® master service Load Balancer IP - ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer - ## - loadBalancerIP: "" - ## @param sentinel.masterService.loadBalancerClass master service Load Balancer class if service type is `LoadBalancer` (optional, cloud specific) - ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-loadbalancer - ## - loadBalancerClass: "" - ## @param sentinel.masterService.loadBalancerSourceRanges Redis® master service Load Balancer sources - ## https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service - ## e.g. - ## loadBalancerSourceRanges: - ## - 10.10.10.0/24 - ## - loadBalancerSourceRanges: [] - ## @param sentinel.masterService.annotations Additional custom annotations for Redis® master service - ## - annotations: {} - ## @param sentinel.masterService.sessionAffinity Session Affinity for Kubernetes service, can be "None" or "ClientIP" - ## If "ClientIP", consecutive client requests will be directed to the same Pod - ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies - ## - sessionAffinity: None - ## @param sentinel.masterService.sessionAffinityConfig Additional settings for the sessionAffinity - ## sessionAffinityConfig: - ## clientIP: - ## timeoutSeconds: 300 - ## - sessionAffinityConfig: {} - ## @param sentinel.terminationGracePeriodSeconds Integer setting the termination grace period for the redis-node pods - ## - terminationGracePeriodSeconds: 30 -## @section Other Parameters -## - -## @param serviceBindings.enabled Create secret for service binding (Experimental) -## Ref: https://servicebinding.io/service-provider/ -## -serviceBindings: - enabled: false -## Network Policy configuration -## ref: https://kubernetes.io/docs/concepts/services-networking/network-policies/ -## -networkPolicy: - ## @param networkPolicy.enabled Enable creation of NetworkPolicy resources - ## - enabled: true - ## @param networkPolicy.allowExternal Don't require client label for connections - ## When set to false, only pods with the correct client label will have network access to the ports - ## Redis® is listening on. When true, Redis® will accept connections from any source - ## (with the correct destination port). - ## - allowExternal: true - ## @param networkPolicy.allowExternalEgress Allow the pod to access any range of port and all destinations. - ## - allowExternalEgress: true - ## @param networkPolicy.extraIngress Add extra ingress rules to the NetworkPolicy - ## e.g: - ## extraIngress: - ## - ports: - ## - port: 1234 - ## from: - ## - podSelector: - ## - matchLabels: - ## - role: frontend - ## - podSelector: - ## - matchExpressions: - ## - key: role - ## operator: In - ## values: - ## - frontend - ## - extraIngress: [] - ## @param networkPolicy.extraEgress Add extra egress rules to the NetworkPolicy - ## e.g: - ## extraEgress: - ## - ports: - ## - port: 1234 - ## to: - ## - podSelector: - ## - matchLabels: - ## - role: frontend - ## - podSelector: - ## - matchExpressions: - ## - key: role - ## operator: In - ## values: - ## - frontend - ## - extraEgress: [] - ## @param networkPolicy.ingressNSMatchLabels Labels to match to allow traffic from other namespaces - ## @param networkPolicy.ingressNSPodMatchLabels Pod labels to match to allow traffic from other namespaces - ## - ingressNSMatchLabels: {} - ingressNSPodMatchLabels: {} - metrics: - ## @param networkPolicy.metrics.allowExternal Don't require client label for connections for metrics endpoint - ## When set to false, only pods with the correct client label will have network access to the metrics port - ## - allowExternal: true - ## @param networkPolicy.metrics.ingressNSMatchLabels Labels to match to allow traffic from other namespaces to metrics endpoint - ## @param networkPolicy.metrics.ingressNSPodMatchLabels Pod labels to match to allow traffic from other namespaces to metrics endpoint - ## - ingressNSMatchLabels: {} - ingressNSPodMatchLabels: {} -## PodSecurityPolicy configuration -## ref: https://kubernetes.io/docs/concepts/policy/pod-security-policy/ -## -podSecurityPolicy: - ## @param podSecurityPolicy.create Whether to create a PodSecurityPolicy. WARNING: PodSecurityPolicy is deprecated in Kubernetes v1.21 or later, unavailable in v1.25 or later - ## - create: false - ## @param podSecurityPolicy.enabled Enable PodSecurityPolicy's RBAC rules - ## - enabled: false -## RBAC configuration -## -rbac: - ## @param rbac.create Specifies whether RBAC resources should be created - ## - create: false - ## @param rbac.rules Custom RBAC rules to set - ## e.g: - ## rules: - ## - apiGroups: - ## - "" - ## resources: - ## - pods - ## verbs: - ## - get - ## - list - ## - rules: [] -## ServiceAccount configuration -## -serviceAccount: - ## @param serviceAccount.create Specifies whether a ServiceAccount should be created - ## - create: true - ## @param serviceAccount.name The name of the ServiceAccount to use. - ## If not set and create is true, a name is generated using the common.names.fullname template - ## - name: "" - ## @param serviceAccount.automountServiceAccountToken Whether to auto mount the service account token - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#use-the-default-service-account-to-access-the-api-server - ## - automountServiceAccountToken: false - ## @param serviceAccount.annotations Additional custom annotations for the ServiceAccount - ## - annotations: {} -## Redis® Pod Disruption Budget configuration -## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ -## @param pdb DEPRECATED Please use `master.pdb` and `replica.pdb` values instead -## -pdb: {} -## TLS configuration -## -tls: - ## @param tls.enabled Enable TLS traffic - ## - enabled: false - ## @param tls.authClients Require clients to authenticate - ## - authClients: true - ## @param tls.autoGenerated Enable autogenerated certificates - ## - autoGenerated: false - ## @param tls.existingSecret The name of the existing secret that contains the TLS certificates - ## - existingSecret: "" - ## @param tls.certificatesSecret DEPRECATED. Use existingSecret instead. - ## - certificatesSecret: "" - ## @param tls.certFilename Certificate filename - ## - certFilename: "" - ## @param tls.certKeyFilename Certificate Key filename - ## - certKeyFilename: "" - ## @param tls.certCAFilename CA Certificate filename - ## - certCAFilename: "" - ## @param tls.dhParamsFilename File containing DH params (in order to support DH based ciphers) - ## - dhParamsFilename: "" -## @section Metrics Parameters -## -metrics: - ## @param metrics.enabled Start a sidecar prometheus exporter to expose Redis® metrics - ## - enabled: false - ## Bitnami Redis® Exporter image - ## ref: https://hub.docker.com/r/bitnami/redis-exporter/tags/ - ## @param metrics.image.registry [default: REGISTRY_NAME] Redis® Exporter image registry - ## @param metrics.image.repository [default: REPOSITORY_NAME/redis-exporter] Redis® Exporter image repository - ## @skip metrics.image.tag Redis® Exporter image tag (immutable tags are recommended) - ## @param metrics.image.digest Redis® Exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag - ## @param metrics.image.pullPolicy Redis® Exporter image pull policy - ## @param metrics.image.pullSecrets Redis® Exporter image pull secrets - ## - image: - registry: docker.io - repository: bitnami/redis-exporter - tag: 1.62.0-debian-12-r3 - digest: "" - pullPolicy: IfNotPresent - ## Optionally specify an array of imagePullSecrets. - ## Secrets must be manually created in the namespace. - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ - ## e.g: - ## pullSecrets: - ## - myRegistryKeySecretName - ## - pullSecrets: [] - ## @param metrics.containerPorts.http Metrics HTTP container port - ## - containerPorts: - http: 9121 - ## Configure extra options for Redis® containers' liveness, readiness & startup probes - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/ - ## @param metrics.startupProbe.enabled Enable startupProbe on Redis® replicas nodes - ## @param metrics.startupProbe.initialDelaySeconds Initial delay seconds for startupProbe - ## @param metrics.startupProbe.periodSeconds Period seconds for startupProbe - ## @param metrics.startupProbe.timeoutSeconds Timeout seconds for startupProbe - ## @param metrics.startupProbe.failureThreshold Failure threshold for startupProbe - ## @param metrics.startupProbe.successThreshold Success threshold for startupProbe - ## - startupProbe: - enabled: false - initialDelaySeconds: 10 - periodSeconds: 10 - timeoutSeconds: 5 - successThreshold: 1 - failureThreshold: 5 - ## @param metrics.livenessProbe.enabled Enable livenessProbe on Redis® replicas nodes - ## @param metrics.livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe - ## @param metrics.livenessProbe.periodSeconds Period seconds for livenessProbe - ## @param metrics.livenessProbe.timeoutSeconds Timeout seconds for livenessProbe - ## @param metrics.livenessProbe.failureThreshold Failure threshold for livenessProbe - ## @param metrics.livenessProbe.successThreshold Success threshold for livenessProbe - ## - livenessProbe: - enabled: true - initialDelaySeconds: 10 - periodSeconds: 10 - timeoutSeconds: 5 - successThreshold: 1 - failureThreshold: 5 - ## @param metrics.readinessProbe.enabled Enable readinessProbe on Redis® replicas nodes - ## @param metrics.readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe - ## @param metrics.readinessProbe.periodSeconds Period seconds for readinessProbe - ## @param metrics.readinessProbe.timeoutSeconds Timeout seconds for readinessProbe - ## @param metrics.readinessProbe.failureThreshold Failure threshold for readinessProbe - ## @param metrics.readinessProbe.successThreshold Success threshold for readinessProbe - ## - readinessProbe: - enabled: true - initialDelaySeconds: 5 - periodSeconds: 10 - timeoutSeconds: 1 - successThreshold: 1 - failureThreshold: 3 - ## @param metrics.customStartupProbe Custom startupProbe that overrides the default one - ## - customStartupProbe: {} - ## @param metrics.customLivenessProbe Custom livenessProbe that overrides the default one - ## - customLivenessProbe: {} - ## @param metrics.customReadinessProbe Custom readinessProbe that overrides the default one - ## - customReadinessProbe: {} - ## @param metrics.command Override default metrics container init command (useful when using custom images) - ## - command: [] - ## @param metrics.redisTargetHost A way to specify an alternative Redis® hostname - ## Useful for certificate CN/SAN matching - ## - redisTargetHost: "localhost" - ## @param metrics.extraArgs Extra arguments for Redis® exporter, for example: - ## e.g.: - ## extraArgs: - ## check-keys: myKey,myOtherKey - ## - extraArgs: {} - ## @param metrics.extraEnvVars Array with extra environment variables to add to Redis® exporter - ## e.g: - ## extraEnvVars: - ## - name: FOO - ## value: "bar" - ## - extraEnvVars: [] - ## Configure Container Security Context - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod - ## @param metrics.containerSecurityContext.enabled Enabled Redis® exporter containers' Security Context - ## @param metrics.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container - ## @param metrics.containerSecurityContext.runAsUser Set Redis® exporter containers' Security Context runAsUser - ## @param metrics.containerSecurityContext.runAsGroup Set Redis® exporter containers' Security Context runAsGroup - ## @param metrics.containerSecurityContext.runAsNonRoot Set Redis® exporter containers' Security Context runAsNonRoot - ## @param metrics.containerSecurityContext.allowPrivilegeEscalation Set Redis® exporter containers' Security Context allowPrivilegeEscalation - ## @param metrics.containerSecurityContext.readOnlyRootFilesystem Set container's Security Context read-only root filesystem - ## @param metrics.containerSecurityContext.seccompProfile.type Set Redis® exporter containers' Security Context seccompProfile - ## @param metrics.containerSecurityContext.capabilities.drop Set Redis® exporter containers' Security Context capabilities to drop - ## - containerSecurityContext: - enabled: true - seLinuxOptions: {} - runAsUser: 1001 - runAsGroup: 1001 - runAsNonRoot: true - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - seccompProfile: - type: RuntimeDefault - capabilities: - drop: ["ALL"] - ## @param metrics.extraVolumes Optionally specify extra list of additional volumes for the Redis® metrics sidecar - ## - extraVolumes: [] - ## @param metrics.extraVolumeMounts Optionally specify extra list of additional volumeMounts for the Redis® metrics sidecar - ## - extraVolumeMounts: [] - ## Redis® exporter resource requests and limits - ## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ - ## @param metrics.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if metrics.resources is set (metrics.resources is recommended for production). - ## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15 - ## - resourcesPreset: "nano" - ## @param metrics.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads) - ## Example: - ## resources: - ## requests: - ## cpu: 2 - ## memory: 512Mi - ## limits: - ## cpu: 3 - ## memory: 1024Mi - ## - resources: {} - ## @param metrics.podLabels Extra labels for Redis® exporter pods - ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ - ## - podLabels: {} - ## @param metrics.podAnnotations [object] Annotations for Redis® exporter pods - ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ - ## - podAnnotations: - prometheus.io/scrape: "true" - prometheus.io/port: "9121" - ## Redis® exporter service parameters - ## - service: - ## @param metrics.service.enabled Create Service resource(s) for scraping metrics using PrometheusOperator ServiceMonitor, can be disabled when using a PodMonitor - ## - enabled: true - ## @param metrics.service.type Redis® exporter service type - ## - type: ClusterIP - ## @param metrics.service.ports.http Redis® exporter service port - ## - ports: - http: 9121 - ## @param metrics.service.externalTrafficPolicy Redis® exporter service external traffic policy - ## ref: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip - ## - externalTrafficPolicy: Cluster - ## @param metrics.service.extraPorts Extra ports to expose (normally used with the `sidecar` value) - ## - extraPorts: [] - ## @param metrics.service.loadBalancerIP Redis® exporter service Load Balancer IP - ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer - ## - loadBalancerIP: "" - ## @param metrics.service.loadBalancerClass exporter service Load Balancer class if service type is `LoadBalancer` (optional, cloud specific) - ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-loadbalancer - ## - loadBalancerClass: "" - ## @param metrics.service.loadBalancerSourceRanges Redis® exporter service Load Balancer sources - ## https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service - ## e.g. - ## loadBalancerSourceRanges: - ## - 10.10.10.0/24 - ## - loadBalancerSourceRanges: [] - ## @param metrics.service.annotations Additional custom annotations for Redis® exporter service - ## - annotations: {} - ## @param metrics.service.clusterIP Redis® exporter service Cluster IP - ## - clusterIP: "" - ## Prometheus Service Monitor - ## ref: https://github.com/coreos/prometheus-operator - ## https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint - ## - serviceMonitor: - ## @param metrics.serviceMonitor.port the service port to scrape metrics from - ## - port: http-metrics - ## @param metrics.serviceMonitor.enabled Create ServiceMonitor resource(s) for scraping metrics using PrometheusOperator - ## - enabled: false - ## @param metrics.serviceMonitor.namespace The namespace in which the ServiceMonitor will be created - ## - namespace: "" - ## @param metrics.serviceMonitor.interval The interval at which metrics should be scraped - ## - interval: 30s - ## @param metrics.serviceMonitor.scrapeTimeout The timeout after which the scrape is ended - ## - scrapeTimeout: "" - ## @param metrics.serviceMonitor.relabelings Metrics RelabelConfigs to apply to samples before scraping. - ## - relabelings: [] - ## @skip metrics.serviceMonitor.relabellings DEPRECATED: Use `metrics.serviceMonitor.relabelings` instead. - ## - relabellings: [] - ## @param metrics.serviceMonitor.metricRelabelings Metrics RelabelConfigs to apply to samples before ingestion. - ## - metricRelabelings: [] - ## @param metrics.serviceMonitor.honorLabels Specify honorLabels parameter to add the scrape endpoint - ## - honorLabels: false - ## @param metrics.serviceMonitor.additionalLabels Additional labels that can be used so ServiceMonitor resource(s) can be discovered by Prometheus - ## - additionalLabels: {} - ## @param metrics.serviceMonitor.podTargetLabels Labels from the Kubernetes pod to be transferred to the created metrics - ## - podTargetLabels: [] - ## @param metrics.serviceMonitor.sampleLimit Limit of how many samples should be scraped from every Pod - ## - sampleLimit: false - ## @param metrics.serviceMonitor.targetLimit Limit of how many targets should be scraped - ## - targetLimit: false - ## @param metrics.serviceMonitor.additionalEndpoints Additional endpoints to scrape (e.g sentinel) - ## - additionalEndpoints: [] - # uncomment in order to scrape sentinel metrics, also to in order distinguish between Sentinel and Redis container metrics - # add metricRelabelings with label like app=redis to main redis pod-monitor port - # - interval: "30s" - # path: "/scrape" - # port: "metrics" - # params: - # target: ["localhost:26379"] - # metricRelabelings: - # - targetLabel: "app" - # replacement: "sentinel" - ## Prometheus Pod Monitor - ## ref: https://github.com/coreos/prometheus-operator - ## https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#podmonitor - ## - podMonitor: - ## @param metrics.podMonitor.port the pod port to scrape metrics from - ## - port: metrics - ## @param metrics.podMonitor.enabled Create PodMonitor resource(s) for scraping metrics using PrometheusOperator - ## - enabled: false - ## @param metrics.podMonitor.namespace The namespace in which the PodMonitor will be created - ## - namespace: "" - ## @param metrics.podMonitor.interval The interval at which metrics should be scraped - ## - interval: 30s - ## @param metrics.podMonitor.scrapeTimeout The timeout after which the scrape is ended - ## - scrapeTimeout: "" - ## @param metrics.podMonitor.relabelings Metrics RelabelConfigs to apply to samples before scraping. - ## - relabelings: [] - ## @skip metrics.podMonitor.relabellings DEPRECATED: Use `metrics.podMonitor.relabelings` instead. - ## - relabellings: [] - ## @param metrics.podMonitor.metricRelabelings Metrics RelabelConfigs to apply to samples before ingestion. - ## - metricRelabelings: [] - # - targetLabel: "app" - # replacement: "redis" - ## @param metrics.podMonitor.honorLabels Specify honorLabels parameter to add the scrape endpoint - ## - honorLabels: false - ## @param metrics.podMonitor.additionalLabels Additional labels that can be used so PodMonitor resource(s) can be discovered by Prometheus - ## - additionalLabels: {} - ## @param metrics.podMonitor.podTargetLabels Labels from the Kubernetes pod to be transferred to the created metrics - ## - podTargetLabels: [] - ## @param metrics.podMonitor.sampleLimit Limit of how many samples should be scraped from every Pod - ## - sampleLimit: false - ## @param metrics.podMonitor.targetLimit Limit of how many targets should be scraped - ## - targetLimit: false - ## @param metrics.podMonitor.additionalEndpoints Additional endpoints to scrape (e.g sentinel) - ## - additionalEndpoints: [] - # - interval: "30s" - # path: "/scrape" - # port: "metrics" - # params: - # target: ["localhost:26379"] - # metricRelabelings: - # - targetLabel: "app" - # replacement: "sentinel" - ## Custom PrometheusRule to be defined - ## ref: https://github.com/coreos/prometheus-operator#customresourcedefinitions - ## - prometheusRule: - ## @param metrics.prometheusRule.enabled Create a custom prometheusRule Resource for scraping metrics using PrometheusOperator - ## - enabled: false - ## @param metrics.prometheusRule.namespace The namespace in which the prometheusRule will be created - ## - namespace: "" - ## @param metrics.prometheusRule.additionalLabels Additional labels for the prometheusRule - ## - additionalLabels: {} - ## @param metrics.prometheusRule.rules Custom Prometheus rules - ## e.g: - ## rules: - ## - alert: RedisDown - ## expr: redis_up{service="{{ template "common.names.fullname" . }}-metrics"} == 0 - ## for: 2m - ## labels: - ## severity: error - ## annotations: - ## summary: Redis® instance {{ "{{ $labels.instance }}" }} down - ## description: Redis® instance {{ "{{ $labels.instance }}" }} is down - ## - alert: RedisMemoryHigh - ## expr: > - ## redis_memory_used_bytes{service="{{ template "common.names.fullname" . }}-metrics"} * 100 - ## / - ## redis_memory_max_bytes{service="{{ template "common.names.fullname" . }}-metrics"} - ## > 90 - ## for: 2m - ## labels: - ## severity: error - ## annotations: - ## summary: Redis® instance {{ "{{ $labels.instance }}" }} is using too much memory - ## description: | - ## Redis® instance {{ "{{ $labels.instance }}" }} is using {{ "{{ $value }}" }}% of its available memory. - ## - alert: RedisKeyEviction - ## expr: | - ## increase(redis_evicted_keys_total{service="{{ template "common.names.fullname" . }}-metrics"}[5m]) > 0 - ## for: 1s - ## labels: - ## severity: error - ## annotations: - ## summary: Redis® instance {{ "{{ $labels.instance }}" }} has evicted keys - ## description: | - ## Redis® instance {{ "{{ $labels.instance }}" }} has evicted {{ "{{ $value }}" }} keys in the last 5 minutes. - ## - rules: [] -## @section Init Container Parameters -## - -## 'volumePermissions' init container parameters -## Changes the owner and group of the persistent volume mount point to runAsUser:fsGroup values -## based on the *podSecurityContext/*containerSecurityContext parameters -## -volumePermissions: - ## @param volumePermissions.enabled Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` - ## - enabled: false - ## OS Shell + Utility image - ## ref: https://hub.docker.com/r/bitnami/os-shell/tags/ - ## @param volumePermissions.image.registry [default: REGISTRY_NAME] OS Shell + Utility image registry - ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] OS Shell + Utility image repository - ## @skip volumePermissions.image.tag OS Shell + Utility image tag (immutable tags are recommended) - ## @param volumePermissions.image.digest OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag - ## @param volumePermissions.image.pullPolicy OS Shell + Utility image pull policy - ## @param volumePermissions.image.pullSecrets OS Shell + Utility image pull secrets - ## - image: - registry: docker.io - repository: bitnami/os-shell - tag: 12-debian-12-r27 - digest: "" - pullPolicy: IfNotPresent - ## Optionally specify an array of imagePullSecrets. - ## Secrets must be manually created in the namespace. - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ - ## e.g: - ## pullSecrets: - ## - myRegistryKeySecretName - ## - pullSecrets: [] - ## Init container's resource requests and limits - ## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ - ## @param volumePermissions.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if volumePermissions.resources is set (volumePermissions.resources is recommended for production). - ## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15 - ## - resourcesPreset: "nano" - ## @param volumePermissions.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads) - ## Example: - ## resources: - ## requests: - ## cpu: 2 - ## memory: 512Mi - ## limits: - ## cpu: 3 - ## memory: 1024Mi - ## - resources: {} - ## Init container Container Security Context - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container - ## @param volumePermissions.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container - ## @param volumePermissions.containerSecurityContext.runAsUser Set init container's Security Context runAsUser - ## NOTE: when runAsUser is set to special value "auto", init container will try to chown the - ## data folder to auto-determined user&group, using commands: `id -u`:`id -G | cut -d" " -f2` - ## "auto" is especially useful for OpenShift which has scc with dynamic user ids (and 0 is not allowed) - ## - containerSecurityContext: - seLinuxOptions: {} - runAsUser: 0 - -## Kubectl InitContainer -## used by Sentinel to update the isMaster label on the Redis(TM) pods -## -kubectl: - ## Bitnami Kubectl image version - ## ref: https://hub.docker.com/r/bitnami/kubectl/tags/ - ## @param kubectl.image.registry [default: REGISTRY_NAME] Kubectl image registry - ## @param kubectl.image.repository [default: REPOSITORY_NAME/kubectl] Kubectl image repository - ## @skip kubectl.image.tag Kubectl image tag (immutable tags are recommended), by default, using the current version - ## @param kubectl.image.digest Kubectl image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag - ## @param kubectl.image.pullPolicy Kubectl image pull policy - ## @param kubectl.image.pullSecrets Kubectl pull secrets - ## - image: - registry: docker.io - repository: bitnami/kubectl - tag: 1.30.3-debian-12-r5 - digest: "" - ## Specify a imagePullPolicy - ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' - ## ref: https://kubernetes.io/docs/concepts/containers/images/#pre-pulled-images - ## - pullPolicy: IfNotPresent - ## Optionally specify an array of imagePullSecrets. - ## Secrets must be manually created in the namespace. - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ - ## e.g: - ## pullSecrets: - ## - myRegistryKeySecretName - ## - pullSecrets: [] - ## @param kubectl.command kubectl command to execute - ## - command: ["/opt/bitnami/scripts/kubectl-scripts/update-master-label.sh"] - ## Configure Container Security Context - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod - ## @param kubectl.containerSecurityContext.enabled Enabled kubectl containers' Security Context - ## @param kubectl.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container - ## @param kubectl.containerSecurityContext.runAsUser Set kubectl containers' Security Context runAsUser - ## @param kubectl.containerSecurityContext.runAsGroup Set kubectl containers' Security Context runAsGroup - ## @param kubectl.containerSecurityContext.runAsNonRoot Set kubectl containers' Security Context runAsNonRoot - ## @param kubectl.containerSecurityContext.allowPrivilegeEscalation Set kubectl containers' Security Context allowPrivilegeEscalation - ## @param kubectl.containerSecurityContext.readOnlyRootFilesystem Set container's Security Context read-only root filesystem - ## @param kubectl.containerSecurityContext.seccompProfile.type Set kubectl containers' Security Context seccompProfile - ## @param kubectl.containerSecurityContext.capabilities.drop Set kubectl containers' Security Context capabilities to drop - ## - containerSecurityContext: - enabled: true - seLinuxOptions: {} - runAsUser: 1001 - runAsGroup: 1001 - runAsNonRoot: true - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - seccompProfile: - type: RuntimeDefault - capabilities: - drop: ["ALL"] - ## Bitnami Kubectl resource requests and limits - ## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ - ## @param kubectl.resources.limits The resources limits for the kubectl containers - ## @param kubectl.resources.requests The requested resources for the kubectl containers - ## - resources: - limits: {} - requests: {} - -## init-sysctl container parameters -## used to perform sysctl operation to modify Kernel settings (needed sometimes to avoid warnings) -## -sysctl: - ## @param sysctl.enabled Enable init container to modify Kernel settings - ## - enabled: false - ## OS Shell + Utility image - ## ref: https://hub.docker.com/r/bitnami/os-shell/tags/ - ## @param sysctl.image.registry [default: REGISTRY_NAME] OS Shell + Utility image registry - ## @param sysctl.image.repository [default: REPOSITORY_NAME/os-shell] OS Shell + Utility image repository - ## @skip sysctl.image.tag OS Shell + Utility image tag (immutable tags are recommended) - ## @param sysctl.image.digest OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag - ## @param sysctl.image.pullPolicy OS Shell + Utility image pull policy - ## @param sysctl.image.pullSecrets OS Shell + Utility image pull secrets - ## - image: - registry: docker.io - repository: bitnami/os-shell - tag: 12-debian-12-r27 - digest: "" - pullPolicy: IfNotPresent - ## Optionally specify an array of imagePullSecrets. - ## Secrets must be manually created in the namespace. - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ - ## e.g: - ## pullSecrets: - ## - myRegistryKeySecretName - ## - pullSecrets: [] - ## @param sysctl.command Override default init-sysctl container command (useful when using custom images) - ## - command: [] - ## @param sysctl.mountHostSys Mount the host `/sys` folder to `/host-sys` - ## - mountHostSys: false - ## Init container's resource requests and limits - ## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ - ## @param sysctl.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if sysctl.resources is set (sysctl.resources is recommended for production). - ## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15 - ## - resourcesPreset: "nano" - ## @param sysctl.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads) - ## Example: - ## resources: - ## requests: - ## cpu: 2 - ## memory: 512Mi - ## limits: - ## cpu: 3 - ## memory: 1024Mi - ## - resources: {} -## @section useExternalDNS Parameters -## -## @param useExternalDNS.enabled Enable various syntax that would enable external-dns to work. Note this requires a working installation of `external-dns` to be usable. -## @param useExternalDNS.additionalAnnotations Extra annotations to be utilized when `external-dns` is enabled. -## @param useExternalDNS.annotationKey The annotation key utilized when `external-dns` is enabled. Setting this to `false` will disable annotations. -## @param useExternalDNS.suffix The DNS suffix utilized when `external-dns` is enabled. Note that we prepend the suffix with the full name of the release. -## -useExternalDNS: - enabled: false - suffix: "" - annotationKey: external-dns.alpha.kubernetes.io/ - additionalAnnotations: {} diff --git a/charts/redis/values-overrides.yaml b/charts/redis/values-overrides.yaml deleted file mode 100644 index 41f29e1..0000000 --- a/charts/redis/values-overrides.yaml +++ /dev/null @@ -1,8 +0,0 @@ -architecture: standalone -auth: - enabled: false -master: - replicaCount: 1 -fullnameOverride: redis -image: - debug: true \ No newline at end of file diff --git a/charts/traefik/traefik/.helmignore b/charts/traefik/traefik/.helmignore deleted file mode 100644 index 9c42ddd..0000000 --- a/charts/traefik/traefik/.helmignore +++ /dev/null @@ -1,2 +0,0 @@ -tests/ -crds/kustomization.yaml diff --git a/charts/traefik/traefik/Changelog.md b/charts/traefik/traefik/Changelog.md deleted file mode 100644 index be5ee51..0000000 --- a/charts/traefik/traefik/Changelog.md +++ /dev/null @@ -1,10505 +0,0 @@ -# Change Log - -## 33.0.0 ![AppVersion: v3.2.0](https://img.shields.io/static/v1?label=AppVersion&message=v3.2.0&color=success&logo=) ![Kubernetes: >=1.22.0-0](https://img.shields.io/static/v1?label=Kubernetes&message=%3E%3D1.22.0-0&color=informational&logo=kubernetes) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2024-10-30 - -* fix: 🐛 http3 with internal service -* fix: use correct children indentation for logs.access.filters -* fix(schema): :bug: targetPort can also be a string -* fix(certificateResolvers)!: :boom: :bug: use same syntax in Chart and in Traefik -* fix(Traefik)!: :boom: set 8080 as default port for `traefik` entrypoint -* fix(Traefik Hub): RBAC for distributedAcme -* fix(Kubernetes Ingress)!: :boom: :sparkles: enable publishedService by default -* fix(Gateway API): :bug: add missing required RBAC for v3.2 with experimental Channel -* fix(Env Variables)!: allow extending env without overwrite -* feat(deps): update traefik docker tag to v3.2.0 -* feat(deps): update traefik docker tag to v3.1.6 -* feat(Traefik): ✨ support Gateway API statusAddress -* feat(Traefik Proxy): CRDs for v3.2+ -* feat(Gateway API): :sparkles: standard install CRD v1.2.0 -* feat(Gateway API): :sparkles: add infrastructure in the values -* chore: allow TRACE log level -* chore(release): 🚀 publish v33.0.0 -* Update topology spread constraints comments - -**Upgrade Notes** - -There are multiple breaking changes in this release: - -1. The default port of `traefik` entrypoint has changed from `9000` to `8080`, just like the Traefik Proxy default port - * You _may_ have to update probes accordingly (or set this port back to 9000) -2. `publishedService` is enabled by default on Ingress provider - * You _can_ disable it, if needed -3. The `POD_NAME` and `POD_NAMESPACE` environment variables are now set by default, without values. - * It is no longer necessary to add them in values and so, it can be removed from user values. -4. In _values_, **certResolvers** specific syntax has been reworked to align with Traefik Proxy syntax. - * PR [#1214](https://github.com/traefik/traefik-helm-chart/pull/1214) contains a complete before / after example on how to update _values_ -5. Traefik Proxy 3.2 supports Gateway API v1.2 - * The CRDs of this version comes with Gateway API CRD v1.2 of standard channel. - * The CRDs needs to be updated, as documented in the README. - * It is recommended to check that other software using Gateway API on your cluster are compatible - -:information_source: A separate helm chart, just for CRDs, is being considered for a future release. See PR [#1123](https://github.com/traefik/traefik-helm-chart/pull/1223) - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 73371f3..be89b00 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -95,7 +95,7 @@ deployment: - # postStart: - # httpGet: - # path: /ping -- # port: 9000 -+ # port: 8080 - # host: localhost - # scheme: HTTP - # -- Set a runtimeClassName on pod -@@ -138,6 +138,8 @@ gateway: - namespace: "" - # -- Additional gateway annotations (e.g. for cert-manager.io/issuer) - annotations: {} -+ # -- [Infrastructure](https://kubernetes.io/blog/2023/11/28/gateway-api-ga/#gateway-infrastructure-labels) -+ infrastructure: {} - # -- Define listeners - listeners: - web: -@@ -283,10 +285,11 @@ providers: # @schema additionalProperties: false - namespaces: [] - # IP used for Kubernetes Ingress endpoints - publishedService: -- enabled: false -- # Published Kubernetes Service to copy status from. Format: namespace/servicename -- # By default this Traefik service -- # pathOverride: "" -+ # -- Enable [publishedService](https://doc.traefik.io/traefik/providers/kubernetes-ingress/#publishedservice) -+ enabled: true -+ # -- Override path of Kubernetes Service used to copy status from. Format: namespace/servicename. -+ # Default to Service deployed with this Chart. -+ pathOverride: "" - # -- Defines whether to use Native Kubernetes load-balancing mode by default. - nativeLBByDefault: false - -@@ -300,6 +303,15 @@ providers: # @schema additionalProperties: false - namespaces: [] - # -- A label selector can be defined to filter on specific GatewayClass objects only. - labelselector: "" -+ statusAddress: -+ # -- This IP will get copied to the Gateway status.addresses, and currently only supports one IP value (IPv4 or IPv6). -+ ip: "" -+ # -- This Hostname will get copied to the Gateway status.addresses. -+ hostname: "" -+ # -- The Kubernetes service to copy status addresses from. When using third parties tools like External-DNS, this option can be used to copy the service loadbalancer.status (containing the service's endpoints IPs) to the gateways. Default to Service of this Chart. -+ service: -+ name: "{{ (include \"traefik.fullname\" .) }}" -+ namespace: "{{ .Release.Namespace }}" - - file: - # -- Create a file provider -@@ -335,8 +347,8 @@ logs: - # -- Set [logs format](https://doc.traefik.io/traefik/observability/logs/#format) - format: # @schema enum:["common", "json", null]; type:[string, null]; default: "common" - # By default, the level is set to INFO. -- # -- Alternative logging levels are DEBUG, PANIC, FATAL, ERROR, WARN, and INFO. -- level: "INFO" # @schema enum:[INFO,WARN,ERROR,FATAL,PANIC,DEBUG]; default: "INFO" -+ # -- Alternative logging levels are TRACE, DEBUG, INFO, WARN, ERROR, FATAL, and PANIC. -+ level: "INFO" # @schema enum:[TRACE,DEBUG,INFO,WARN,ERROR,FATAL,PANIC]; default: "INFO" - # -- To write the logs into a log file, use the filePath option. - filePath: "" - # -- When set to true and format is common, it disables the colorized output. -@@ -350,10 +362,13 @@ logs: - # -- Set [bufferingSize](https://doc.traefik.io/traefik/observability/access-logs/#bufferingsize) - bufferingSize: # @schema type:[integer, null] - # -- Set [filtering](https://docs.traefik.io/observability/access-logs/#filtering) -- filters: {} -- statuscodes: "" -- retryattempts: false -- minduration: "" -+ filters: # @schema additionalProperties: false -+ # -- Set statusCodes, to limit the access logs to requests with a status codes in the specified range -+ statuscodes: "" -+ # -- Set retryAttempts, to keep the access logs when at least one retry has happened -+ retryattempts: false -+ # -- Set minDuration, to keep access logs when requests take longer than the specified duration -+ minduration: "" - # -- Enables accessLogs for internal resources. Default: false. - addInternals: false - fields: -@@ -566,24 +581,16 @@ additionalArguments: [] - # - "--providers.kubernetesingress.ingressclass=traefik-internal" - # - "--log.level=DEBUG" - --# -- Environment variables to be passed to Traefik's binary -+# -- Additional Environment variables to be passed to Traefik's binary - # @default -- See _values.yaml_ --env: --- name: POD_NAME -- valueFrom: -- fieldRef: -- fieldPath: metadata.name --- name: POD_NAMESPACE -- valueFrom: -- fieldRef: -- fieldPath: metadata.namespace -+env: [] - - # -- Environment variables to be passed to Traefik's binary from configMaps or secrets - envFrom: [] - - ports: - traefik: -- port: 9000 -+ port: 8080 - # -- Use hostPort if set. - hostPort: # @schema type:[integer, null]; minimum:0 - # -- Use hostIP if set. If not set, Kubernetes will default to 0.0.0.0, which -@@ -601,7 +608,7 @@ ports: - expose: - default: false - # -- The exposed port for this service -- exposedPort: 9000 -+ exposedPort: 8080 - # -- The port protocol (TCP/UDP) - protocol: TCP - web: -@@ -614,7 +621,7 @@ ports: - default: true - exposedPort: 80 - ## -- Different target traefik port on the cluster, useful for IP type LB -- targetPort: # @schema type:[integer, null]; minimum:0 -+ targetPort: # @schema type:[string, integer, null]; minimum:0 - # The port protocol (TCP/UDP) - protocol: TCP - # -- See [upstream documentation](https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport) -@@ -653,7 +660,7 @@ ports: - default: true - exposedPort: 443 - ## -- Different target traefik port on the cluster, useful for IP type LB -- targetPort: # @schema type:[integer, null]; minimum:0 -+ targetPort: # @schema type:[string, integer, null]; minimum:0 - ## -- The port protocol (TCP/UDP) - protocol: TCP - # -- See [upstream documentation](https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport) -@@ -780,8 +787,8 @@ autoscaling: - - persistence: - # -- Enable persistence using Persistent Volume Claims -- # ref: http://kubernetes.io/docs/user-guide/persistent-volumes/ -- # It can be used to store TLS certificates, see `storage` in certResolvers -+ # ref: http://kubernetes.io/docs/user-guide/persistent-volumes/. -+ # It can be used to store TLS certificates along with `certificatesResolvers..acme.storage` option - enabled: false - name: data - existingClaim: "" -@@ -797,7 +804,7 @@ persistence: - # -- Certificates resolvers configuration. - # Ref: https://doc.traefik.io/traefik/https/acme/#certificate-resolvers - # See EXAMPLES.md for more details. --certResolvers: {} -+certificatesResolvers: {} - - # -- If hostNetwork is true, runs traefik in the host network namespace - # To prevent unschedulabel pods due to port collisions, if hostNetwork=true -@@ -860,7 +867,7 @@ topologySpreadConstraints: [] - # on nodes where no other traefik pods are scheduled. - # - labelSelector: - # matchLabels: --# app: '{{ template "traefik.name" . }}' -+# app.kubernetes.io/name: '{{ template "traefik.name" . }}' - # maxSkew: 1 - # topologyKey: kubernetes.io/hostname - # whenUnsatisfiable: DoNotSchedule -``` - -## 32.1.0 ![AppVersion: v3.1.5](https://img.shields.io/static/v1?label=AppVersion&message=v3.1.5&color=success&logo=) ![Kubernetes: >=1.22.0-0](https://img.shields.io/static/v1?label=Kubernetes&message=%3E%3D1.22.0-0&color=informational&logo=kubernetes) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2024-10-04 - -* fix: :bug: set disableIngressClassLookup until 3.1.4 -* feat(deps): update traefik docker tag to v3.1.5 -* feat(Traefik Proxy): update rbac following v3.2 migration guide -* chore(release): 🚀 publish v32.1.0 - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index f36a9dd..73371f3 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -809,9 +809,9 @@ hostNetwork: false - rbac: # @schema additionalProperties: false - enabled: true - # When set to true: -- # 1. Use `Role` and `RoleBinding` instead of `ClusterRole` and `ClusterRoleBinding`. -- # 2. Set `disableIngressClassLookup` on Kubernetes Ingress providers with Traefik Proxy v3 until v3.1.1 -- # 3. Set `disableClusterScopeResources` on Kubernetes Ingress and CRD providers with Traefik Proxy v3.1.2+ -+ # 1. It switches respectively the use of `ClusterRole` and `ClusterRoleBinding` to `Role` and `RoleBinding`. -+ # 2. It adds `disableIngressClassLookup` on Kubernetes Ingress with Traefik Proxy v3 until v3.1.4 -+ # 3. It adds `disableClusterScopeResources` on Ingress and CRD (Kubernetes) providers with Traefik Proxy v3.1.2+ - # **NOTE**: `IngressClass`, `NodePortLB` and **Gateway** provider cannot be used with namespaced RBAC. - # See [upstream documentation](https://doc.traefik.io/traefik/providers/kubernetes-ingress/#disableclusterscoperesources) for more details. - namespaced: false - -## 32.0.0 ![AppVersion: v3.1.4](https://img.shields.io/static/v1?label=AppVersion&message=v3.1.4&color=success&logo=) ![Kubernetes: >=1.22.0-0](https://img.shields.io/static/v1?label=Kubernetes&message=%3E%3D1.22.0-0&color=informational&logo=kubernetes) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2024-09-27 - -* chore(release): :rocket: publish 32.0.0 -* fix: replace `CLF` with `common` in `values.yaml` -* feat(Traefik Hub): add APIPlans and APIBundles CRDs - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 51dec67..f36a9dd 100644 -index d5173dc..f36a9dd 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -345,7 +345,7 @@ logs: - # -- To enable access logs - enabled: false - # -- Set [access log format](https://doc.traefik.io/traefik/observability/access-logs/#format) -- format: # @schema enum:["CLF", "json", null]; type:[string, null]; default: "CLF" -+ format: # @schema enum:["common", "json", null]; type:[string, null]; default: "common" - # filePath: "/var/log/traefik/access.log - # -- Set [bufferingSize](https://doc.traefik.io/traefik/observability/access-logs/#bufferingsize) - bufferingSize: # @schema type:[integer, null] -@@ -911,35 +911,34 @@ hub: - # -- Certificate of the WebHook admission server. Default: "hub-agent-cert". - secretName: "" - -- ratelimit: -- redis: -- # -- Enable Redis Cluster. Default: true. -- cluster: # @schema type:[boolean, null] -- # -- Database used to store information. Default: "0". -- database: # @schema type:[string, null] -- # -- Endpoints of the Redis instances to connect to. Default: "". -- endpoints: "" -- # -- The username to use when connecting to Redis endpoints. Default: "". -+ redis: -+ # -- Enable Redis Cluster. Default: true. -+ cluster: # @schema type:[boolean, null] -+ # -- Database used to store information. Default: "0". -+ database: # @schema type:[string, null] -+ # -- Endpoints of the Redis instances to connect to. Default: "". -+ endpoints: "" -+ # -- The username to use when connecting to Redis endpoints. Default: "". -+ username: "" -+ # -- The password to use when connecting to Redis endpoints. Default: "". -+ password: "" -+ sentinel: -+ # -- Name of the set of main nodes to use for main selection. Required when using Sentinel. Default: "". -+ masterset: "" -+ # -- Username to use for sentinel authentication (can be different from endpoint username). Default: "". - username: "" -- # -- The password to use when connecting to Redis endpoints. Default: "". -+ # -- Password to use for sentinel authentication (can be different from endpoint password). Default: "". - password: "" -- sentinel: -- # -- Name of the set of main nodes to use for main selection. Required when using Sentinel. Default: "". -- masterset: "" -- # -- Username to use for sentinel authentication (can be different from endpoint username). Default: "". -- username: "" -- # -- Password to use for sentinel authentication (can be different from endpoint password). Default: "". -- password: "" -- # -- Timeout applied on connection with redis. Default: "0s". -- timeout: "" -- tls: -- # -- Path to the certificate authority used for the secured connection. -- ca: "" -- # -- Path to the public certificate used for the secure connection. -- cert: "" -- # -- Path to the private key used for the secure connection. -- key: "" -- # -- When insecureSkipVerify is set to true, the TLS connection accepts any certificate presented by the server. Default: false. -- insecureSkipVerify: false -+ # -- Timeout applied on connection with redis. Default: "0s". -+ timeout: "" -+ tls: -+ # -- Path to the certificate authority used for the secured connection. -+ ca: "" -+ # -- Path to the public certificate used for the secure connection. -+ cert: "" -+ # -- Path to the private key used for the secure connection. -+ key: "" -+ # -- When insecureSkipVerify is set to true, the TLS connection accepts any certificate presented by the server. Default: false. -+ insecureSkipVerify: false - # Enable export of errors logs to the platform. Default: true. - sendlogs: # @schema type:[boolean, null] -``` - -## 32.0.0-rc1 ![AppVersion: v3.1.4](https://img.shields.io/static/v1?label=AppVersion&message=v3.1.4&color=success&logo=) ![Kubernetes: >=1.22.0-0](https://img.shields.io/static/v1?label=Kubernetes&message=%3E%3D1.22.0-0&color=informational&logo=kubernetes) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2024-09-20 - -* feat(Traefik Hub): add APIPlans and APIBundles CRDs -* chore(release): 🚀 publish 32.0.0-rc1 - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index d5173dc..51dec67 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -911,35 +911,34 @@ hub: - # -- Certificate of the WebHook admission server. Default: "hub-agent-cert". - secretName: "" - -- ratelimit: -- redis: -- # -- Enable Redis Cluster. Default: true. -- cluster: # @schema type:[boolean, null] -- # -- Database used to store information. Default: "0". -- database: # @schema type:[string, null] -- # -- Endpoints of the Redis instances to connect to. Default: "". -- endpoints: "" -- # -- The username to use when connecting to Redis endpoints. Default: "". -+ redis: -+ # -- Enable Redis Cluster. Default: true. -+ cluster: # @schema type:[boolean, null] -+ # -- Database used to store information. Default: "0". -+ database: # @schema type:[string, null] -+ # -- Endpoints of the Redis instances to connect to. Default: "". -+ endpoints: "" -+ # -- The username to use when connecting to Redis endpoints. Default: "". -+ username: "" -+ # -- The password to use when connecting to Redis endpoints. Default: "". -+ password: "" -+ sentinel: -+ # -- Name of the set of main nodes to use for main selection. Required when using Sentinel. Default: "". -+ masterset: "" -+ # -- Username to use for sentinel authentication (can be different from endpoint username). Default: "". - username: "" -- # -- The password to use when connecting to Redis endpoints. Default: "". -+ # -- Password to use for sentinel authentication (can be different from endpoint password). Default: "". - password: "" -- sentinel: -- # -- Name of the set of main nodes to use for main selection. Required when using Sentinel. Default: "". -- masterset: "" -- # -- Username to use for sentinel authentication (can be different from endpoint username). Default: "". -- username: "" -- # -- Password to use for sentinel authentication (can be different from endpoint password). Default: "". -- password: "" -- # -- Timeout applied on connection with redis. Default: "0s". -- timeout: "" -- tls: -- # -- Path to the certificate authority used for the secured connection. -- ca: "" -- # -- Path to the public certificate used for the secure connection. -- cert: "" -- # -- Path to the private key used for the secure connection. -- key: "" -- # -- When insecureSkipVerify is set to true, the TLS connection accepts any certificate presented by the server. Default: false. -- insecureSkipVerify: false -+ # -- Timeout applied on connection with redis. Default: "0s". -+ timeout: "" -+ tls: -+ # -- Path to the certificate authority used for the secured connection. -+ ca: "" -+ # -- Path to the public certificate used for the secure connection. -+ cert: "" -+ # -- Path to the private key used for the secure connection. -+ key: "" -+ # -- When insecureSkipVerify is set to true, the TLS connection accepts any certificate presented by the server. Default: false. -+ insecureSkipVerify: false - # Enable export of errors logs to the platform. Default: true. - sendlogs: # @schema type:[boolean, null] -``` - -## 31.1.1 ![AppVersion: v3.1.4](https://img.shields.io/static/v1?label=AppVersion&message=v3.1.4&color=success&logo=) ![Kubernetes: >=1.22.0-0](https://img.shields.io/static/v1?label=Kubernetes&message=%3E%3D1.22.0-0&color=informational&logo=kubernetes) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2024-09-20 - -* fix: 🐛 updateStrategy behavior -* feat(deps): update traefik docker tag to v3.1.4 -* chore(release): 🚀 publish v31.1.1 - -## 31.1.0 ![AppVersion: v3.1.3](https://img.shields.io/static/v1?label=AppVersion&message=v3.1.3&color=success&logo=) ![Kubernetes: >=1.22.0-0](https://img.shields.io/static/v1?label=Kubernetes&message=%3E%3D1.22.0-0&color=informational&logo=kubernetes) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2024-09-18 - -* fix: 🐛 update CRD to v3.1 -* feat: ✨ input validation using schema -* feat: ✨ add AllowACMEByPass and improve schema/doc on ports values -* feat: add new webhooks and removes unnecessary ones -* feat(deps): update traefik docker tag to v3.1.3 -* chore(release): 🚀 publish v31.1.0 - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 2232d9e..1b9d0fd 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -2,13 +2,13 @@ - # This is a YAML-formatted file. - # Declare variables to be passed into templates - --image: -+image: # @schema additionalProperties: false - # -- Traefik image host registry - registry: docker.io - # -- Traefik image repository - repository: traefik - # -- defaults to appVersion -- tag: -+ tag: # @schema type:[string, null] - # -- Traefik image pull policy - pullPolicy: IfNotPresent - -@@ -23,27 +23,27 @@ deployment: - # -- Number of pods of the deployment (only applies when kind == Deployment) - replicas: 1 - # -- Number of old history to retain to allow rollback (If not set, default Kubernetes value is set to 10) -- # revisionHistoryLimit: 1 -+ revisionHistoryLimit: # @schema type:[integer, null];minimum:0 - # -- Amount of time (in seconds) before Kubernetes will send the SIGKILL signal if Traefik does not shut down - terminationGracePeriodSeconds: 60 - # -- The minimum number of seconds Traefik needs to be up and running before the DaemonSet/Deployment controller considers it available - minReadySeconds: 0 -- ## Override the liveness/readiness port. This is useful to integrate traefik -+ ## -- Override the liveness/readiness port. This is useful to integrate traefik - ## with an external Load Balancer that performs healthchecks. - ## Default: ports.traefik.port -- # healthchecksPort: 9000 -- ## Override the liveness/readiness host. Useful for getting ping to respond on non-default entryPoint. -+ healthchecksPort: # @schema type:[integer, null];minimum:0 -+ ## -- Override the liveness/readiness host. Useful for getting ping to respond on non-default entryPoint. - ## Default: ports.traefik.hostIP if set, otherwise Pod IP -- # healthchecksHost: localhost -- ## Override the liveness/readiness scheme. Useful for getting ping to -+ healthchecksHost: "" -+ ## -- Override the liveness/readiness scheme. Useful for getting ping to - ## respond on websecure entryPoint. -- # healthchecksScheme: HTTPS -- ## Override the readiness path. -+ healthchecksScheme: # @schema enum:[HTTP, HTTPS, null]; type:[string, null]; default: HTTP -+ ## -- Override the readiness path. - ## Default: /ping -- # readinessPath: /ping -- # Override the liveness path. -+ readinessPath: "" -+ # -- Override the liveness path. - # Default: /ping -- # livenessPath: /ping -+ livenessPath: "" - # -- Additional deployment annotations (e.g. for jaeger-operator sidecar injection) - annotations: {} - # -- Additional deployment labels (e.g. for filtering deployment by custom labels) -@@ -80,7 +80,7 @@ deployment: - # -- Use process namespace sharing - shareProcessNamespace: false - # -- Custom pod DNS policy. Apply if `hostNetwork: true` -- # dnsPolicy: ClusterFirstWithHostNet -+ dnsPolicy: "" - # -- Custom pod [DNS config](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#poddnsconfig-v1-core) - dnsConfig: {} - # -- Custom [host aliases](https://kubernetes.io/docs/tasks/network/customize-hosts-file-for-pods/) -@@ -99,24 +99,24 @@ deployment: - # host: localhost - # scheme: HTTP - # -- Set a runtimeClassName on pod -- runtimeClassName: -+ runtimeClassName: "" - - # -- [Pod Disruption Budget](https://kubernetes.io/docs/reference/kubernetes-api/policy-resources/pod-disruption-budget-v1/) --podDisruptionBudget: -- enabled: -- maxUnavailable: -- minAvailable: -+podDisruptionBudget: # @schema additionalProperties: false -+ enabled: false -+ maxUnavailable: # @schema type:[string, integer, null];minimum:0 -+ minAvailable: # @schema type:[string, integer, null];minimum:0 - - # -- Create a default IngressClass for Traefik --ingressClass: -+ingressClass: # @schema additionalProperties: false - enabled: true - isDefaultClass: true -- # name: my-custom-class -+ name: "" - --core: -+core: # @schema additionalProperties: false - # -- Can be used to use globally v2 router syntax - # See https://doc.traefik.io/traefik/v3.0/migration/v2-to-v3/#new-v3-syntax-notable-changes -- defaultRuleSyntax: -+ defaultRuleSyntax: "" - - # Traefik experimental features - experimental: -@@ -133,11 +133,11 @@ gateway: - # -- When providers.kubernetesGateway.enabled, deploy a default gateway - enabled: true - # -- Set a custom name to gateway -- name: -+ name: "" - # -- By default, Gateway is created in the same `Namespace` than Traefik. -- namespace: -+ namespace: "" - # -- Additional gateway annotations (e.g. for cert-manager.io/issuer) -- annotations: -+ annotations: {} - # -- Define listeners - listeners: - web: -@@ -145,11 +145,11 @@ gateway: - # The port must match a port declared in ports section. - port: 8000 - # -- Optional hostname. See [Hostname](https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.Hostname) -- hostname: -+ hostname: "" - # Specify expected protocol on this listener. See [ProtocolType](https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.ProtocolType) - protocol: HTTP - # -- Routes are restricted to namespace of the gateway [by default](https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.FromNamespaces -- namespacePolicy: -+ namespacePolicy: # @schema type:[string, null] - # websecure listener is disabled by default because certificateRefs needs to be added, - # or you may specify TLS protocol with Passthrough mode and add "--providers.kubernetesGateway.experimentalChannel=true" in additionalArguments section. - # websecure: -@@ -167,13 +167,13 @@ gateway: - # # -- TLS behavior for the TLS session initiated by the client. See [TLSModeType](https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.TLSModeType). - # mode: - --gatewayClass: -+gatewayClass: # @schema additionalProperties: false - # -- When providers.kubernetesGateway.enabled and gateway.enabled, deploy a default gatewayClass - enabled: true - # -- Set a custom name to GatewayClass -- name: -+ name: "" - # -- Additional gatewayClass labels (e.g. for filtering gateway objects by custom labels) -- labels: -+ labels: {} - - ingressRoute: - dashboard: -@@ -218,14 +218,14 @@ ingressRoute: - # -- TLS options (e.g. secret containing certificate) - tls: {} - --updateStrategy: -+updateStrategy: # @schema additionalProperties: false - # -- Customize updateStrategy: RollingUpdate or OnDelete - type: RollingUpdate - rollingUpdate: -- maxUnavailable: 0 -- maxSurge: 1 -+ maxUnavailable: 0 # @schema type:[integer, string, null] -+ maxSurge: 1 # @schema type:[integer, string, null] - --readinessProbe: -+readinessProbe: # @schema additionalProperties: false - # -- The number of consecutive failures allowed before considering the probe as failed. - failureThreshold: 1 - # -- The number of seconds to wait before starting the first probe. -@@ -236,7 +236,7 @@ readinessProbe: - successThreshold: 1 - # -- The number of seconds to wait for a probe response before considering it as failed. - timeoutSeconds: 2 --livenessProbe: -+livenessProbe: # @schema additionalProperties: false - # -- The number of consecutive failures allowed before considering the probe as failed. - failureThreshold: 3 - # -- The number of seconds to wait before starting the first probe. -@@ -249,9 +249,9 @@ livenessProbe: - timeoutSeconds: 2 - - # -- Define [Startup Probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#define-startup-probes) --startupProbe: -+startupProbe: {} - --providers: -+providers: # @schema additionalProperties: false - kubernetesCRD: - # -- Load Kubernetes IngressRoute provider - enabled: true -@@ -262,12 +262,12 @@ providers: - # -- Allows to return 503 when there is no endpoints available - allowEmptyServices: true - # -- When the parameter is set, only resources containing an annotation with the same value are processed. Otherwise, resources missing the annotation, having an empty value, or the value traefik are processed. It will also set required annotation on Dashboard and Healthcheck IngressRoute when enabled. -- ingressClass: -+ ingressClass: "" - # labelSelector: environment=production,method=traefik - # -- Array of namespaces to watch. If left empty, Traefik watches all namespaces. - namespaces: [] - # -- Defines whether to use Native Kubernetes load-balancing mode by default. -- nativeLBByDefault: -+ nativeLBByDefault: false - - kubernetesIngress: - # -- Load Kubernetes Ingress provider -@@ -277,7 +277,7 @@ providers: - # -- Allows to return 503 when there is no endpoints available - allowEmptyServices: true - # -- When ingressClass is set, only Ingresses containing an annotation with the same value are processed. Otherwise, Ingresses missing the annotation, having an empty value, or the value traefik are processed. -- ingressClass: -+ ingressClass: # @schema type:[string, null] - # labelSelector: environment=production,method=traefik - # -- Array of namespaces to watch. If left empty, Traefik watches all namespaces. - namespaces: [] -@@ -288,7 +288,7 @@ providers: - # By default this Traefik service - # pathOverride: "" - # -- Defines whether to use Native Kubernetes load-balancing mode by default. -- nativeLBByDefault: -+ nativeLBByDefault: false - - kubernetesGateway: - # -- Enable Traefik Gateway provider for Gateway API -@@ -299,7 +299,7 @@ providers: - # -- Array of namespaces to watch. If left empty, Traefik watches all namespaces. - namespaces: [] - # -- A label selector can be defined to filter on specific GatewayClass objects only. -- labelselector: -+ labelselector: "" - - file: - # -- Create a file provider -@@ -307,7 +307,7 @@ providers: - # -- Allows Traefik to automatically watch for file changes - watch: true - # -- File content (YAML format, go template supported) (see https://doc.traefik.io/traefik/providers/file/) -- content: -+ content: "" - - # -- Add volumes to the traefik pod. The volume name will be passed to tpl. - # This can be used to mount a cert pair or a configmap that holds a config.toml file. -@@ -333,90 +333,88 @@ additionalVolumeMounts: [] - logs: - general: - # -- Set [logs format](https://doc.traefik.io/traefik/observability/logs/#format) -- # @default common -- format: -+ format: # @schema enum:["common", "json", null]; type:[string, null]; default: "common" - # By default, the level is set to INFO. - # -- Alternative logging levels are DEBUG, PANIC, FATAL, ERROR, WARN, and INFO. -- level: INFO -- # -- # filePath: "/var/log/traefik/traefik.log -- # noColor: true -+ level: "INFO" # @schema enum:[INFO,WARN,ERROR,FATAL,PANIC,DEBUG]; default: "INFO" -+ # -- To write the logs into a log file, use the filePath option. -+ filePath: "" -+ # -- When set to true and format is common, it disables the colorized output. -+ noColor: false - access: - # -- To enable access logs - enabled: false - # -- Set [access log format](https://doc.traefik.io/traefik/observability/access-logs/#format) -- format: -+ format: # @schema enum:["CLF", "json", null]; type:[string, null]; default: "CLF" - # filePath: "/var/log/traefik/access.log - # -- Set [bufferingSize](https://doc.traefik.io/traefik/observability/access-logs/#bufferingsize) -- bufferingSize: -+ bufferingSize: # @schema type:[integer, null] - # -- Set [filtering](https://docs.traefik.io/observability/access-logs/#filtering) - filters: {} -- # statuscodes: "200,300-302" -- # retryattempts: true -- # minduration: 10ms -+ statuscodes: "" -+ retryattempts: false -+ minduration: "" - # -- Enables accessLogs for internal resources. Default: false. -- addInternals: -+ addInternals: false - fields: - general: -- # -- Available modes: keep, drop, redact. -- defaultmode: keep -+ # -- Set default mode for fields.names -+ defaultmode: keep # @schema enum:[keep, drop, redact]; default: keep - # -- Names of the fields to limit. - names: {} -- ## Examples: -- # ClientUsername: drop - # -- [Limit logged fields or headers](https://doc.traefik.io/traefik/observability/access-logs/#limiting-the-fieldsincluding-headers) - headers: -- # -- Available modes: keep, drop, redact. -- defaultmode: drop -+ # -- Set default mode for fields.headers -+ defaultmode: drop # @schema enum:[keep, drop, redact]; default: drop - names: {} - - metrics: - ## -- Enable metrics for internal resources. Default: false -- addInternals: -+ addInternals: false - - ## -- Prometheus is enabled by default. - ## -- It can be disabled by setting "prometheus: null" - prometheus: - # -- Entry point used to expose metrics. - entryPoint: metrics -- ## Enable metrics on entry points. Default=true -- # addEntryPointsLabels: false -- ## Enable metrics on routers. Default=false -- # addRoutersLabels: true -- ## Enable metrics on services. Default=true -- # addServicesLabels: false -+ ## Enable metrics on entry points. Default: true -+ addEntryPointsLabels: # @schema type:[boolean, null] -+ ## Enable metrics on routers. Default: false -+ addRoutersLabels: # @schema type:[boolean, null] -+ ## Enable metrics on services. Default: true -+ addServicesLabels: # @schema type:[boolean, null] - ## Buckets for latency metrics. Default="0.1,0.3,1.2,5.0" -- # buckets: "0.5,1.0,2.5" -+ buckets: "" - ## When manualRouting is true, it disables the default internal router in - ## order to allow creating a custom router for prometheus@internal service. -- # manualRouting: true -+ manualRouting: false - service: - # -- Create a dedicated metrics service to use with ServiceMonitor -- enabled: -- labels: -- annotations: -+ enabled: false -+ labels: {} -+ annotations: {} - # -- When set to true, it won't check if Prometheus Operator CRDs are deployed -- disableAPICheck: -+ disableAPICheck: # @schema type:[boolean, null] - serviceMonitor: - # -- Enable optional CR for Prometheus Operator. See EXAMPLES.md for more details. - enabled: false -- metricRelabelings: -- relabelings: -- jobLabel: -- interval: -- honorLabels: -- scrapeTimeout: -- honorTimestamps: -- enableHttp2: -- followRedirects: -- additionalLabels: -- namespace: -- namespaceSelector: -+ metricRelabelings: [] -+ relabelings: [] -+ jobLabel: "" -+ interval: "" -+ honorLabels: false -+ scrapeTimeout: "" -+ honorTimestamps: false -+ enableHttp2: false -+ followRedirects: false -+ additionalLabels: {} -+ namespace: "" -+ namespaceSelector: {} - prometheusRule: - # -- Enable optional CR for Prometheus Operator. See EXAMPLES.md for more details. - enabled: false -- additionalLabels: -- namespace: -+ additionalLabels: {} -+ namespace: "" - - # datadog: - # ## Address instructs exporter to send metrics to datadog-agent at this address. -@@ -469,55 +467,55 @@ metrics: - # -- Set to true in order to enable the OpenTelemetry metrics - enabled: false - # -- Enable metrics on entry points. Default: true -- addEntryPointsLabels: -+ addEntryPointsLabels: # @schema type:[boolean, null] - # -- Enable metrics on routers. Default: false -- addRoutersLabels: -+ addRoutersLabels: # @schema type:[boolean, null] - # -- Enable metrics on services. Default: true -- addServicesLabels: -+ addServicesLabels: # @schema type:[boolean, null] - # -- Explicit boundaries for Histogram data points. Default: [.005, .01, .025, .05, .1, .25, .5, 1, 2.5, 5, 10] -- explicitBoundaries: -+ explicitBoundaries: [] - # -- Interval at which metrics are sent to the OpenTelemetry Collector. Default: 10s -- pushInterval: -+ pushInterval: "" - http: - # -- Set to true in order to send metrics to the OpenTelemetry Collector using HTTP. - enabled: false - # -- Format: ://:. Default: http://localhost:4318/v1/metrics -- endpoint: -+ endpoint: "" - # -- Additional headers sent with metrics by the reporter to the OpenTelemetry Collector. -- headers: -+ headers: {} - ## Defines the TLS configuration used by the reporter to send metrics to the OpenTelemetry Collector. - tls: - # -- The path to the certificate authority, it defaults to the system bundle. -- ca: -+ ca: "" - # -- The path to the public certificate. When using this option, setting the key option is required. -- cert: -+ cert: "" - # -- The path to the private key. When using this option, setting the cert option is required. -- key: -+ key: "" - # -- When set to true, the TLS connection accepts any certificate presented by the server regardless of the hostnames it covers. -- insecureSkipVerify: -+ insecureSkipVerify: # @schema type:[boolean, null] - grpc: - # -- Set to true in order to send metrics to the OpenTelemetry Collector using gRPC - enabled: false - # -- Format: ://:. Default: http://localhost:4318/v1/metrics -- endpoint: -+ endpoint: "" - # -- Allows reporter to send metrics to the OpenTelemetry Collector without using a secured protocol. -- insecure: -+ insecure: false - ## Defines the TLS configuration used by the reporter to send metrics to the OpenTelemetry Collector. - tls: - # -- The path to the certificate authority, it defaults to the system bundle. -- ca: -+ ca: "" - # -- The path to the public certificate. When using this option, setting the key option is required. -- cert: -+ cert: "" - # -- The path to the private key. When using this option, setting the cert option is required. -- key: -+ key: "" - # -- When set to true, the TLS connection accepts any certificate presented by the server regardless of the hostnames it covers. -- insecureSkipVerify: -+ insecureSkipVerify: false - - ## Tracing - # -- https://doc.traefik.io/traefik/observability/tracing/overview/ --tracing: -+tracing: # @schema additionalProperties: false - # -- Enables tracing for internal resources. Default: false. -- addInternals: -+ addInternals: false - otlp: - # -- See https://doc.traefik.io/traefik/v3.0/observability/tracing/opentelemetry/ - enabled: false -@@ -525,36 +523,36 @@ tracing: - # -- Set to true in order to send metrics to the OpenTelemetry Collector using HTTP. - enabled: false - # -- Format: ://:. Default: http://localhost:4318/v1/metrics -- endpoint: -+ endpoint: "" - # -- Additional headers sent with metrics by the reporter to the OpenTelemetry Collector. -- headers: -+ headers: {} - ## Defines the TLS configuration used by the reporter to send metrics to the OpenTelemetry Collector. - tls: - # -- The path to the certificate authority, it defaults to the system bundle. -- ca: -+ ca: "" - # -- The path to the public certificate. When using this option, setting the key option is required. -- cert: -+ cert: "" - # -- The path to the private key. When using this option, setting the cert option is required. -- key: -+ key: "" - # -- When set to true, the TLS connection accepts any certificate presented by the server regardless of the hostnames it covers. -- insecureSkipVerify: -+ insecureSkipVerify: false - grpc: - # -- Set to true in order to send metrics to the OpenTelemetry Collector using gRPC - enabled: false - # -- Format: ://:. Default: http://localhost:4318/v1/metrics -- endpoint: -+ endpoint: "" - # -- Allows reporter to send metrics to the OpenTelemetry Collector without using a secured protocol. -- insecure: -+ insecure: false - ## Defines the TLS configuration used by the reporter to send metrics to the OpenTelemetry Collector. - tls: - # -- The path to the certificate authority, it defaults to the system bundle. -- ca: -+ ca: "" - # -- The path to the public certificate. When using this option, setting the key option is required. -- cert: -+ cert: "" - # -- The path to the private key. When using this option, setting the cert option is required. -- key: -+ key: "" - # -- When set to true, the TLS connection accepts any certificate presented by the server regardless of the hostnames it covers. -- insecureSkipVerify: -+ insecureSkipVerify: false - - # -- Global command arguments to be passed to all traefik's pods - globalArguments: -@@ -587,13 +585,12 @@ ports: - traefik: - port: 9000 - # -- Use hostPort if set. -- # hostPort: 9000 -- # -+ hostPort: # @schema type:[integer, null]; minimum:0 - # -- Use hostIP if set. If not set, Kubernetes will default to 0.0.0.0, which - # means it's listening on all your interfaces and all your IPs. You may want - # to set this value if you need traefik to listen on specific interface - # only. -- # hostIP: 192.168.100.10 -+ hostIP: # @schema type:[string, null] - - # Defines whether the port is exposed if service.type is LoadBalancer or - # NodePort. -@@ -617,112 +614,93 @@ ports: - default: true - exposedPort: 80 - ## -- Different target traefik port on the cluster, useful for IP type LB -- # targetPort: 80 -+ targetPort: # @schema type:[integer, null]; minimum:0 - # The port protocol (TCP/UDP) - protocol: TCP -- # -- Use nodeport if set. This is useful if you have configured Traefik in a -- # LoadBalancer. -- # nodePort: 32080 -+ # -- See [upstream documentation](https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport) -+ nodePort: # @schema type:[integer, null]; minimum:0 - # Port Redirections - # Added in 2.2, you can make permanent redirects via entrypoints. - # https://docs.traefik.io/routing/entrypoints/#redirection -- # redirectTo: -- # port: websecure -- # (Optional) -- # priority: 10 -- # permanent: true -- # -- # -- Trust forwarded headers information (X-Forwarded-*). -- # forwardedHeaders: -- # trustedIPs: [] -- # insecure: false -- # -- # -- Enable the Proxy Protocol header parsing for the entry point -- # proxyProtocol: -- # trustedIPs: [] -- # insecure: false -- # -+ redirectTo: {} -+ forwardedHeaders: -+ # -- Trust forwarded headers information (X-Forwarded-*). -+ trustedIPs: [] -+ insecure: false -+ proxyProtocol: -+ # -- Enable the Proxy Protocol header parsing for the entry point -+ trustedIPs: [] -+ insecure: false - # -- Set transport settings for the entrypoint; see also - # https://doc.traefik.io/traefik/routing/entrypoints/#transport - transport: - respondingTimeouts: -- readTimeout: -- writeTimeout: -- idleTimeout: -+ readTimeout: # @schema type:[string, integer, null] -+ writeTimeout: # @schema type:[string, integer, null] -+ idleTimeout: # @schema type:[string, integer, null] - lifeCycle: -- requestAcceptGraceTimeout: -- graceTimeOut: -- keepAliveMaxRequests: -- keepAliveMaxTime: -+ requestAcceptGraceTimeout: # @schema type:[string, integer, null] -+ graceTimeOut: # @schema type:[string, integer, null] -+ keepAliveMaxRequests: # @schema type:[integer, null]; minimum:0 -+ keepAliveMaxTime: # @schema type:[string, integer, null] - websecure: - ## -- Enable this entrypoint as a default entrypoint. When a service doesn't explicitly set an entrypoint it will only use this entrypoint. - # asDefault: true - port: 8443 -- # hostPort: 8443 -- # containerPort: 8443 -+ hostPort: # @schema type:[integer, null]; minimum:0 -+ containerPort: # @schema type:[integer, null]; minimum:0 - expose: - default: true - exposedPort: 443 - ## -- Different target traefik port on the cluster, useful for IP type LB -- # targetPort: 80 -+ targetPort: # @schema type:[integer, null]; minimum:0 - ## -- The port protocol (TCP/UDP) - protocol: TCP -- # nodePort: 32443 -- ## -- Specify an application protocol. This may be used as a hint for a Layer 7 load balancer. -- # appProtocol: https -- # -- ## -- Enable HTTP/3 on the entrypoint -- ## Enabling it will also enable http3 experimental feature -- ## https://doc.traefik.io/traefik/routing/entrypoints/#http3 -- ## There are known limitations when trying to listen on same ports for -- ## TCP & UDP (Http3). There is a workaround in this chart using dual Service. -- ## https://github.com/kubernetes/kubernetes/issues/47249#issuecomment-587960741 -+ # -- See [upstream documentation](https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport) -+ nodePort: # @schema type:[integer, null]; minimum:0 -+ # -- See [upstream documentation](https://kubernetes.io/docs/concepts/services-networking/service/#application-protocol) -+ appProtocol: # @schema type:[string, null] -+ # -- See [upstream documentation](https://doc.traefik.io/traefik/routing/entrypoints/#allowacmebypass) -+ allowACMEByPass: false - http3: -+ ## -- Enable HTTP/3 on the entrypoint -+ ## Enabling it will also enable http3 experimental feature -+ ## https://doc.traefik.io/traefik/routing/entrypoints/#http3 -+ ## There are known limitations when trying to listen on same ports for -+ ## TCP & UDP (Http3). There is a workaround in this chart using dual Service. -+ ## https://github.com/kubernetes/kubernetes/issues/47249#issuecomment-587960741 - enabled: false -- # advertisedPort: 4443 -- # -- # -- Trust forwarded headers information (X-Forwarded-*). -- # forwardedHeaders: -- # trustedIPs: [] -- # insecure: false -- # -- # -- Enable the Proxy Protocol header parsing for the entry point -- # proxyProtocol: -- # trustedIPs: [] -- # insecure: false -- # -- # -- Set transport settings for the entrypoint; see also -- # https://doc.traefik.io/traefik/routing/entrypoints/#transport -+ advertisedPort: # @schema type:[integer, null]; minimum:0 -+ forwardedHeaders: -+ # -- Trust forwarded headers information (X-Forwarded-*). -+ trustedIPs: [] -+ insecure: false -+ proxyProtocol: -+ # -- Enable the Proxy Protocol header parsing for the entry point -+ trustedIPs: [] -+ insecure: false -+ # -- See [upstream documentation](https://doc.traefik.io/traefik/routing/entrypoints/#transport) - transport: - respondingTimeouts: -- readTimeout: -- writeTimeout: -- idleTimeout: -+ readTimeout: # @schema type:[string, integer, null] -+ writeTimeout: # @schema type:[string, integer, null] -+ idleTimeout: # @schema type:[string, integer, null] - lifeCycle: -- requestAcceptGraceTimeout: -- graceTimeOut: -- keepAliveMaxRequests: -- keepAliveMaxTime: -- # -- ## Set TLS at the entrypoint -- ## https://doc.traefik.io/traefik/routing/entrypoints/#tls -+ requestAcceptGraceTimeout: # @schema type:[string, integer, null] -+ graceTimeOut: # @schema type:[string, integer, null] -+ keepAliveMaxRequests: # @schema type:[integer, null]; minimum:0 -+ keepAliveMaxTime: # @schema type:[string, integer, null] -+ # -- See [upstream documentation](https://doc.traefik.io/traefik/routing/entrypoints/#tls) - tls: - enabled: true -- # this is the name of a TLSOption definition - options: "" - certResolver: "" - domains: [] -- # - main: example.com -- # sans: -- # - foo.example.com -- # - bar.example.com -- # - # -- One can apply Middlewares on an entrypoint - # https://doc.traefik.io/traefik/middlewares/overview/ - # https://doc.traefik.io/traefik/routing/entrypoints/#middlewares - # -- /!\ It introduces here a link between your static configuration and your dynamic configuration /!\ - # It follows the provider naming convention: https://doc.traefik.io/traefik/providers/overview/#provider-namespace -- # middlewares: - # - namespace-name1@kubernetescrd - # - namespace-name2@kubernetescrd - middlewares: [] -@@ -730,10 +708,6 @@ ports: - # -- When using hostNetwork, use another port to avoid conflict with node exporter: - # https://github.com/prometheus/prometheus/wiki/Default-port-allocations - port: 9100 -- # hostPort: 9100 -- # Defines whether the port is exposed if service.type is LoadBalancer or -- # NodePort. -- # - # -- You may not want to expose the metrics port on production deployments. - # If you want to access it from outside your cluster, - # use `kubectl port-forward` or create a secure ingress -@@ -810,15 +784,15 @@ persistence: - # It can be used to store TLS certificates, see `storage` in certResolvers - enabled: false - name: data -- # existingClaim: "" -+ existingClaim: "" - accessMode: ReadWriteOnce - size: 128Mi -- # storageClass: "" -- # volumeName: "" -+ storageClass: "" -+ volumeName: "" - path: /data - annotations: {} - # -- Only mount a subpath of the Volume into the pod -- # subPath: "" -+ subPath: "" - - # -- Certificates resolvers configuration. - # Ref: https://doc.traefik.io/traefik/https/acme/#certificate-resolvers -@@ -832,7 +806,7 @@ certResolvers: {} - hostNetwork: false - - # -- Whether Role Based Access Control objects like roles and rolebindings should be created --rbac: -+rbac: # @schema additionalProperties: false - enabled: true - # When set to true: - # 1. Use `Role` and `RoleBinding` instead of `ClusterRole` and `ClusterRoleBinding`. -@@ -843,7 +817,7 @@ rbac: - namespaced: false - # Enable user-facing roles - # https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles -- # aggregateTo: [ "admin" ] -+ aggregateTo: [] - # List of Kubernetes secrets that are accessible for Traefik. If empty, then access is granted to every secret. - secretResourceNames: [] - -@@ -852,7 +826,7 @@ podSecurityPolicy: - enabled: false - - # -- The service account the pods will use to interact with the Kubernetes API --serviceAccount: -+serviceAccount: # @schema additionalProperties: false - # If set, an existing service account is used - # If not set, a service account is created automatically using the fullname template - name: "" -@@ -918,54 +892,54 @@ extraObjects: [] - - # -- This field override the default Release Namespace for Helm. - # It will not affect optional CRDs such as `ServiceMonitor` and `PrometheusRules` --namespaceOverride: -+namespaceOverride: "" - - ## -- This field override the default app.kubernetes.io/instance label for all Objects. --instanceLabelOverride: -+instanceLabelOverride: "" - - # Traefik Hub configuration. See https://doc.traefik.io/traefik-hub/ - hub: - # -- Name of `Secret` with key 'token' set to a valid license token. - # It enables API Gateway. -- token: -+ token: "" - apimanagement: - # -- Set to true in order to enable API Management. Requires a valid license token. -- enabled: -+ enabled: false - admission: - # -- WebHook admission server listen address. Default: "0.0.0.0:9943". -- listenAddr: -+ listenAddr: "" - # -- Certificate of the WebHook admission server. Default: "hub-agent-cert". -- secretName: -+ secretName: "" - - ratelimit: - redis: - # -- Enable Redis Cluster. Default: true. -- cluster: -+ cluster: # @schema type:[boolean, null] - # -- Database used to store information. Default: "0". -- database: -+ database: # @schema type:[string, null] - # -- Endpoints of the Redis instances to connect to. Default: "". -- endpoints: -+ endpoints: "" - # -- The username to use when connecting to Redis endpoints. Default: "". -- username: -+ username: "" - # -- The password to use when connecting to Redis endpoints. Default: "". -- password: -+ password: "" - sentinel: - # -- Name of the set of main nodes to use for main selection. Required when using Sentinel. Default: "". -- masterset: -+ masterset: "" - # -- Username to use for sentinel authentication (can be different from endpoint username). Default: "". -- username: -+ username: "" - # -- Password to use for sentinel authentication (can be different from endpoint password). Default: "". -- password: -+ password: "" - # -- Timeout applied on connection with redis. Default: "0s". -- timeout: -+ timeout: "" - tls: - # -- Path to the certificate authority used for the secured connection. -- ca: -+ ca: "" - # -- Path to the public certificate used for the secure connection. -- cert: -+ cert: "" - # -- Path to the private key used for the secure connection. -- key: -+ key: "" - # -- When insecureSkipVerify is set to true, the TLS connection accepts any certificate presented by the server. Default: false. -- insecureSkipVerify: -+ insecureSkipVerify: false - # Enable export of errors logs to the platform. Default: true. -- sendlogs: -+ sendlogs: # @schema type:[boolean, null] -``` - -## 31.0.0 ![AppVersion: v3.1.2](https://img.shields.io/static/v1?label=AppVersion&message=v3.1.2&color=success&logo=) ![Kubernetes: >=1.22.0-0](https://img.shields.io/static/v1?label=Kubernetes&message=%3E%3D1.22.0-0&color=informational&logo=kubernetes) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2024-09-03 - -* fix(Traefik Hub): update CRDs to v1.5.0 -* fix(HTTP3): split udp and tcp Service when service.single is false -* fix!: 🐛 set allowEmptyServices to true by default -* feat(Traefik Hub): update CRDs to v1.7.0 -* chore(release): 🚀 publish v31.0.0 - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 78eeacf..2232d9e 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -260,7 +260,7 @@ providers: - # -- Allows to reference ExternalName services in IngressRoute - allowExternalNameServices: false - # -- Allows to return 503 when there is no endpoints available -- allowEmptyServices: false -+ allowEmptyServices: true - # -- When the parameter is set, only resources containing an annotation with the same value are processed. Otherwise, resources missing the annotation, having an empty value, or the value traefik are processed. It will also set required annotation on Dashboard and Healthcheck IngressRoute when enabled. - ingressClass: - # labelSelector: environment=production,method=traefik -@@ -275,7 +275,7 @@ providers: - # -- Allows to reference ExternalName services in Ingress - allowExternalNameServices: false - # -- Allows to return 503 when there is no endpoints available -- allowEmptyServices: false -+ allowEmptyServices: true - # -- When ingressClass is set, only Ingresses containing an annotation with the same value are processed. Otherwise, Ingresses missing the annotation, having an empty value, or the value traefik are processed. - ingressClass: - # labelSelector: environment=production,method=traefik -``` - -## 30.1.0 ![AppVersion: v3.1.2](https://img.shields.io/static/v1?label=AppVersion&message=v3.1.2&color=success&logo=) ![Kubernetes: >=1.22.0-0](https://img.shields.io/static/v1?label=Kubernetes&message=%3E%3D1.22.0-0&color=informational&logo=kubernetes) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2024-08-14 - -* fix: disable default HTTPS listener for gateway -* fix(Gateway API): wildcard support in hostname -* fix(Gateway API): use Standard channel by default -* feat: ✨ rework namespaced RBAC with `disableClusterScopeResources` -* chore(release): 🚀 publish v30.1.0 -* chore(deps): update traefik docker tag to v3.1.2 -* chore(deps): update traefik docker tag to v3.1.1 - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 83b6d98..78eeacf 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -150,20 +150,22 @@ gateway: - protocol: HTTP - # -- Routes are restricted to namespace of the gateway [by default](https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.FromNamespaces - namespacePolicy: -- websecure: -- # -- Port is the network port. Multiple listeners may use the same port, subject to the Listener compatibility rules. -- # The port must match a port declared in ports section. -- port: 8443 -- # -- Optional hostname. See [Hostname](https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.Hostname) -- hostname: -- # Specify expected protocol on this listener See [ProtocolType](https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.ProtocolType) -- protocol: HTTPS -- # -- Routes are restricted to namespace of the gateway [by default](https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.FromNamespaces) -- namespacePolicy: -- # -- Add certificates for TLS or HTTPS protocols. See [GatewayTLSConfig](https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io%2fv1.GatewayTLSConfig) -- certificateRefs: -- # -- TLS behavior for the TLS session initiated by the client. See [TLSModeType](https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.TLSModeType). -- mode: -+ # websecure listener is disabled by default because certificateRefs needs to be added, -+ # or you may specify TLS protocol with Passthrough mode and add "--providers.kubernetesGateway.experimentalChannel=true" in additionalArguments section. -+ # websecure: -+ # # -- Port is the network port. Multiple listeners may use the same port, subject to the Listener compatibility rules. -+ # # The port must match a port declared in ports section. -+ # port: 8443 -+ # # -- Optional hostname. See [Hostname](https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.Hostname) -+ # hostname: -+ # # Specify expected protocol on this listener See [ProtocolType](https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.ProtocolType) -+ # protocol: HTTPS -+ # # -- Routes are restricted to namespace of the gateway [by default](https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.FromNamespaces) -+ # namespacePolicy: -+ # # -- Add certificates for TLS or HTTPS protocols. See [GatewayTLSConfig](https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io%2fv1.GatewayTLSConfig) -+ # certificateRefs: -+ # # -- TLS behavior for the TLS session initiated by the client. See [TLSModeType](https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.TLSModeType). -+ # mode: - - gatewayClass: - # -- When providers.kubernetesGateway.enabled and gateway.enabled, deploy a default gatewayClass -@@ -279,10 +281,6 @@ providers: - # labelSelector: environment=production,method=traefik - # -- Array of namespaces to watch. If left empty, Traefik watches all namespaces. - namespaces: [] -- # - "default" -- # Disable cluster IngressClass Lookup - Requires Traefik V3. -- # When combined with rbac.namespaced: true, ClusterRole will not be created and ingresses must use kubernetes.io/ingress.class annotation instead of spec.ingressClassName. -- disableIngressClassLookup: false - # IP used for Kubernetes Ingress endpoints - publishedService: - enabled: false -@@ -836,9 +834,12 @@ hostNetwork: false - # -- Whether Role Based Access Control objects like roles and rolebindings should be created - rbac: - enabled: true -- # If set to false, installs ClusterRole and ClusterRoleBinding so Traefik can be used across namespaces. -- # If set to true, installs Role and RoleBinding instead of ClusterRole/ClusterRoleBinding. Providers will only watch target namespace. -- # When combined with providers.kubernetesIngress.disableIngressClassLookup: true and Traefik V3, ClusterRole to watch IngressClass is also disabled. -+ # When set to true: -+ # 1. Use `Role` and `RoleBinding` instead of `ClusterRole` and `ClusterRoleBinding`. -+ # 2. Set `disableIngressClassLookup` on Kubernetes Ingress providers with Traefik Proxy v3 until v3.1.1 -+ # 3. Set `disableClusterScopeResources` on Kubernetes Ingress and CRD providers with Traefik Proxy v3.1.2+ -+ # **NOTE**: `IngressClass`, `NodePortLB` and **Gateway** provider cannot be used with namespaced RBAC. -+ # See [upstream documentation](https://doc.traefik.io/traefik/providers/kubernetes-ingress/#disableclusterscoperesources) for more details. - namespaced: false - # Enable user-facing roles - # https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles -``` - -## 30.0.2 ![AppVersion: v3.1.0](https://img.shields.io/static/v1?label=AppVersion&message=v3.1.0&color=success&logo=) ![Kubernetes: >=1.22.0-0](https://img.shields.io/static/v1?label=Kubernetes&message=%3E%3D1.22.0-0&color=informational&logo=kubernetes) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2024-07-30 - -* fix(Traefik Hub): missing RBACs for Traefik Hub -* chore(release): 🚀 publish v30.0.2 - -## 30.0.1 ![AppVersion: v3.1.0](https://img.shields.io/static/v1?label=AppVersion&message=v3.1.0&color=success&logo=) ![Kubernetes: >=1.22.0-0](https://img.shields.io/static/v1?label=Kubernetes&message=%3E%3D1.22.0-0&color=informational&logo=kubernetes) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2024-07-29 - -* fix(Traefik Hub): support new RBACs for upcoming traefik hub release -* fix(Traefik Hub): RBACs missing with API Gateway -* feat: :release: v30.0.1 - -## 30.0.0 ![AppVersion: v3.1.0](https://img.shields.io/static/v1?label=AppVersion&message=v3.1.0&color=success&logo=) ![Kubernetes: >=1.22.0-0](https://img.shields.io/static/v1?label=Kubernetes&message=%3E%3D1.22.0-0&color=informational&logo=kubernetes) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2024-07-24 - -* fix: 🐛 ingressroute default name -* fix: namespaced RBACs hub api gateway -* fix: can't set gateway name -* fix(Gateway API): provide expected roles when using namespaced RBAC -* fix(Gateway API)!: revamp Gateway implementation -* feat: ✨ display release name and image full path in installation notes -* feat: use single ingressRoute template -* feat: handle log filePath and noColor -* chore(release): 🚀 publish v30.0.0 -* chore(deps): update traefik docker tag to v3.1.0 - -**Upgrade Notes** - -There is a breaking upgrade on how to configure Gateway with _values_. -This release supports Traefik Proxy v3.0 **and** v3.1. - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index c8bfd5b..83b6d98 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -134,14 +134,36 @@ gateway: - enabled: true - # -- Set a custom name to gateway - name: -- # -- Routes are restricted to namespace of the gateway [by default](https://gateway-api.sigs.k8s.io/references/spec/#gateway.networking.k8s.io/v1beta1.FromNamespaces) -- namespacePolicy: -- # -- See [GatewayTLSConfig](https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io%2fv1.GatewayTLSConfig) -- certificateRefs: - # -- By default, Gateway is created in the same `Namespace` than Traefik. - namespace: - # -- Additional gateway annotations (e.g. for cert-manager.io/issuer) - annotations: -+ # -- Define listeners -+ listeners: -+ web: -+ # -- Port is the network port. Multiple listeners may use the same port, subject to the Listener compatibility rules. -+ # The port must match a port declared in ports section. -+ port: 8000 -+ # -- Optional hostname. See [Hostname](https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.Hostname) -+ hostname: -+ # Specify expected protocol on this listener. See [ProtocolType](https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.ProtocolType) -+ protocol: HTTP -+ # -- Routes are restricted to namespace of the gateway [by default](https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.FromNamespaces -+ namespacePolicy: -+ websecure: -+ # -- Port is the network port. Multiple listeners may use the same port, subject to the Listener compatibility rules. -+ # The port must match a port declared in ports section. -+ port: 8443 -+ # -- Optional hostname. See [Hostname](https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.Hostname) -+ hostname: -+ # Specify expected protocol on this listener See [ProtocolType](https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.ProtocolType) -+ protocol: HTTPS -+ # -- Routes are restricted to namespace of the gateway [by default](https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.FromNamespaces) -+ namespacePolicy: -+ # -- Add certificates for TLS or HTTPS protocols. See [GatewayTLSConfig](https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io%2fv1.GatewayTLSConfig) -+ certificateRefs: -+ # -- TLS behavior for the TLS session initiated by the client. See [TLSModeType](https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.TLSModeType). -+ mode: - - gatewayClass: - # -- When providers.kubernetesGateway.enabled and gateway.enabled, deploy a default gatewayClass -@@ -161,6 +183,10 @@ ingressRoute: - labels: {} - # -- The router match rule used for the dashboard ingressRoute - matchRule: PathPrefix(`/dashboard`) || PathPrefix(`/api`) -+ # -- The internal service used for the dashboard ingressRoute -+ services: -+ - name: api@internal -+ kind: TraefikService - # -- Specify the allowed entrypoints to use for the dashboard ingress route, (e.g. traefik, web, websecure). - # By default, it's using traefik entrypoint, which is not exposed. - # /!\ Do not expose your dashboard without any protection over the internet /!\ -@@ -178,6 +204,10 @@ ingressRoute: - labels: {} - # -- The router match rule used for the healthcheck ingressRoute - matchRule: PathPrefix(`/ping`) -+ # -- The internal service used for the healthcheck ingressRoute -+ services: -+ - name: ping@internal -+ kind: TraefikService - # -- Specify the allowed entrypoints to use for the healthcheck ingress route, (e.g. traefik, web, websecure). - # By default, it's using traefik entrypoint, which is not exposed. - entryPoints: ["traefik"] -@@ -307,9 +337,12 @@ logs: - # -- Set [logs format](https://doc.traefik.io/traefik/observability/logs/#format) - # @default common - format: -- # By default, the level is set to ERROR. -+ # By default, the level is set to INFO. - # -- Alternative logging levels are DEBUG, PANIC, FATAL, ERROR, WARN, and INFO. - level: INFO -+ # -+ # filePath: "/var/log/traefik/traefik.log -+ # noColor: true - access: - # -- To enable access logs - enabled: false -``` - - -## 29.0.1 ![AppVersion: v3.0.4](https://img.shields.io/static/v1?label=AppVersion&message=v3.0.4&color=success&logo=) ![Kubernetes: >=1.22.0-0](https://img.shields.io/static/v1?label=Kubernetes&message=%3E%3D1.22.0-0&color=informational&logo=kubernetes) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2024-07-09 - -* fix: semverCompare failing on some legitimate tags -* fix: RBACs for hub and disabled namespaced RBACs -* chore(release): 🚀 publish v29.0.1 -* chore(deps): update jnorwood/helm-docs docker tag to v1.14.0 - -## 29.0.0 ![AppVersion: v3.0.4](https://img.shields.io/static/v1?label=AppVersion&message=v3.0.4&color=success&logo=) ![Kubernetes: >=1.22.0-0](https://img.shields.io/static/v1?label=Kubernetes&message=%3E%3D1.22.0-0&color=informational&logo=kubernetes) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Upgrade Notes** - -This is a major breaking upgrade. [Migration guide](https://doc.traefik.io/traefik/v3.1/migration/v3/#v30-to-v31) from v3.0 to v3.1rc has been applied on this chart. - -This release supports both Traefik Proxy v3.0.x and v3.1rc. - -It comes with those breaking changes: - -- Far better support on Gateway API v1.1: Gateway, GatewayClass, CRDs & RBAC (#1107) -- Many changes on CRDs & RBAC (#1072 & #1108) -- Refactor on Prometheus Operator support. Values has changed (#1114) -- Dashboard `IngressRoute` is now disabled by default (#1111) - -CRDs needs to be upgraded: `kubectl apply --server-side --force-conflicts -k https://github.com/traefik/traefik-helm-chart/traefik/crds/` - -**Release date:** 2024-07-05 - -* fix: 🐛 improve error message on additional service without ports -* fix: allow multiples values in the `secretResourceNames` slice -* fix(rbac)!: nodes API permissions for Traefik v3.1+ -* fix(dashboard): Only set ingressClass annotation when kubernetesCRD provider is listening for it -* fix!: prometheus operator settings -* feat: ✨ update CRDs & RBAC for Traefik Proxy -* feat: ✨ migrate to endpointslices rbac -* feat: allow to set hostAliases for traefik pod -* feat(providers): add nativeLBByDefault support -* feat(providers)!: improve kubernetesGateway and Gateway API support -* feat(dashboard)!: dashboard `IngressRoute` should be disabled by default -* docs: fix typos and broken link -* chore: update CRDs to v1.5.0 -* chore: update CRDs to v1.4.0 -* chore(release): publish v29.0.0 -* chore(deps): update traefik docker tag to v3.0.4 -* chore(deps): update traefik docker tag to v3.0.3 - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index e440dcf..c8bfd5b 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -8,7 +8,7 @@ image: - # -- Traefik image repository - repository: traefik - # -- defaults to appVersion -- tag: "" -+ tag: - # -- Traefik image pull policy - pullPolicy: IfNotPresent - -@@ -81,19 +81,12 @@ deployment: - shareProcessNamespace: false - # -- Custom pod DNS policy. Apply if `hostNetwork: true` - # dnsPolicy: ClusterFirstWithHostNet -+ # -- Custom pod [DNS config](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#poddnsconfig-v1-core) - dnsConfig: {} -- # nameservers: -- # - 192.0.2.1 # this is an example -- # searches: -- # - ns1.svc.cluster-domain.example -- # - my.dns.search.suffix -- # options: -- # - name: ndots -- # value: "2" -- # - name: edns0 -- # -- Additional imagePullSecrets -+ # -- Custom [host aliases](https://kubernetes.io/docs/tasks/network/customize-hosts-file-for-pods/) -+ hostAliases: [] -+ # -- Pull secret for fetching traefik container image - imagePullSecrets: [] -- # - name: myRegistryKeySecretName - # -- Pod lifecycle actions - lifecycle: {} - # preStop: -@@ -135,24 +128,33 @@ experimental: - kubernetesGateway: - # -- Enable traefik experimental GatewayClass CRD - enabled: false -- ## Routes are restricted to namespace of the gateway by default. -- ## https://gateway-api.sigs.k8s.io/references/spec/#gateway.networking.k8s.io/v1beta1.FromNamespaces -- # namespacePolicy: All -- # certificate: -- # group: "core" -- # kind: "Secret" -- # name: "mysecret" -- # -- By default, Gateway would be created to the Namespace you are deploying Traefik to. -- # You may create that Gateway in another namespace, setting its name below: -- # namespace: default -- # Additional gateway annotations (e.g. for cert-manager.io/issuer) -- # annotations: -- # cert-manager.io/issuer: letsencrypt -+ -+gateway: -+ # -- When providers.kubernetesGateway.enabled, deploy a default gateway -+ enabled: true -+ # -- Set a custom name to gateway -+ name: -+ # -- Routes are restricted to namespace of the gateway [by default](https://gateway-api.sigs.k8s.io/references/spec/#gateway.networking.k8s.io/v1beta1.FromNamespaces) -+ namespacePolicy: -+ # -- See [GatewayTLSConfig](https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io%2fv1.GatewayTLSConfig) -+ certificateRefs: -+ # -- By default, Gateway is created in the same `Namespace` than Traefik. -+ namespace: -+ # -- Additional gateway annotations (e.g. for cert-manager.io/issuer) -+ annotations: -+ -+gatewayClass: -+ # -- When providers.kubernetesGateway.enabled and gateway.enabled, deploy a default gatewayClass -+ enabled: true -+ # -- Set a custom name to GatewayClass -+ name: -+ # -- Additional gatewayClass labels (e.g. for filtering gateway objects by custom labels) -+ labels: - - ingressRoute: - dashboard: - # -- Create an IngressRoute for the dashboard -- enabled: true -+ enabled: false - # -- Additional ingressRoute annotations (e.g. for kubernetes.io/ingress.class) - annotations: {} - # -- Additional ingressRoute labels (e.g. for filtering IngressRoute by custom labels) -@@ -227,11 +229,13 @@ providers: - allowExternalNameServices: false - # -- Allows to return 503 when there is no endpoints available - allowEmptyServices: false -- # ingressClass: traefik-internal -+ # -- When the parameter is set, only resources containing an annotation with the same value are processed. Otherwise, resources missing the annotation, having an empty value, or the value traefik are processed. It will also set required annotation on Dashboard and Healthcheck IngressRoute when enabled. -+ ingressClass: - # labelSelector: environment=production,method=traefik - # -- Array of namespaces to watch. If left empty, Traefik watches all namespaces. - namespaces: [] -- # - "default" -+ # -- Defines whether to use Native Kubernetes load-balancing mode by default. -+ nativeLBByDefault: - - kubernetesIngress: - # -- Load Kubernetes Ingress provider -@@ -240,7 +244,8 @@ providers: - allowExternalNameServices: false - # -- Allows to return 503 when there is no endpoints available - allowEmptyServices: false -- # ingressClass: traefik-internal -+ # -- When ingressClass is set, only Ingresses containing an annotation with the same value are processed. Otherwise, Ingresses missing the annotation, having an empty value, or the value traefik are processed. -+ ingressClass: - # labelSelector: environment=production,method=traefik - # -- Array of namespaces to watch. If left empty, Traefik watches all namespaces. - namespaces: [] -@@ -254,6 +259,19 @@ providers: - # Published Kubernetes Service to copy status from. Format: namespace/servicename - # By default this Traefik service - # pathOverride: "" -+ # -- Defines whether to use Native Kubernetes load-balancing mode by default. -+ nativeLBByDefault: -+ -+ kubernetesGateway: -+ # -- Enable Traefik Gateway provider for Gateway API -+ enabled: false -+ # -- Toggles support for the Experimental Channel resources (Gateway API release channels documentation). -+ # This option currently enables support for TCPRoute and TLSRoute. -+ experimentalChannel: false -+ # -- Array of namespaces to watch. If left empty, Traefik watches all namespaces. -+ namespaces: [] -+ # -- A label selector can be defined to filter on specific GatewayClass objects only. -+ labelselector: - - file: - # -- Create a file provider -@@ -341,6 +359,34 @@ metrics: - ## When manualRouting is true, it disables the default internal router in - ## order to allow creating a custom router for prometheus@internal service. - # manualRouting: true -+ service: -+ # -- Create a dedicated metrics service to use with ServiceMonitor -+ enabled: -+ labels: -+ annotations: -+ # -- When set to true, it won't check if Prometheus Operator CRDs are deployed -+ disableAPICheck: -+ serviceMonitor: -+ # -- Enable optional CR for Prometheus Operator. See EXAMPLES.md for more details. -+ enabled: false -+ metricRelabelings: -+ relabelings: -+ jobLabel: -+ interval: -+ honorLabels: -+ scrapeTimeout: -+ honorTimestamps: -+ enableHttp2: -+ followRedirects: -+ additionalLabels: -+ namespace: -+ namespaceSelector: -+ prometheusRule: -+ # -- Enable optional CR for Prometheus Operator. See EXAMPLES.md for more details. -+ enabled: false -+ additionalLabels: -+ namespace: -+ - # datadog: - # ## Address instructs exporter to send metrics to datadog-agent at this address. - # address: "127.0.0.1:8125" -@@ -436,55 +482,6 @@ metrics: - # -- When set to true, the TLS connection accepts any certificate presented by the server regardless of the hostnames it covers. - insecureSkipVerify: - -- ## -- enable optional CRDs for Prometheus Operator -- ## -- ## Create a dedicated metrics service for use with ServiceMonitor -- # service: -- # enabled: false -- # labels: {} -- # annotations: {} -- ## When set to true, it won't check if Prometheus Operator CRDs are deployed -- # disableAPICheck: false -- # serviceMonitor: -- # metricRelabelings: [] -- # - sourceLabels: [__name__] -- # separator: ; -- # regex: ^fluentd_output_status_buffer_(oldest|newest)_.+ -- # replacement: $1 -- # action: drop -- # relabelings: [] -- # - sourceLabels: [__meta_kubernetes_pod_node_name] -- # separator: ; -- # regex: ^(.*)$ -- # targetLabel: nodename -- # replacement: $1 -- # action: replace -- # jobLabel: traefik -- # interval: 30s -- # honorLabels: true -- # # (Optional) -- # # scrapeTimeout: 5s -- # # honorTimestamps: true -- # # enableHttp2: true -- # # followRedirects: true -- # # additionalLabels: -- # # foo: bar -- # # namespace: "another-namespace" -- # # namespaceSelector: {} -- # prometheusRule: -- # additionalLabels: {} -- # namespace: "another-namespace" -- # rules: -- # - alert: TraefikDown -- # expr: up{job="traefik"} == 0 -- # for: 5m -- # labels: -- # context: traefik -- # severity: warning -- # annotations: -- # summary: "Traefik Down" -- # description: "{{ $labels.pod }} on {{ $labels.nodename }} is down" -- - ## Tracing - # -- https://doc.traefik.io/traefik/observability/tracing/overview/ - tracing: -``` - -## 28.3.0 ![AppVersion: v3.0.2](https://img.shields.io/static/v1?label=AppVersion&message=v3.0.2&color=success&logo=) ![Kubernetes: >=1.22.0-0](https://img.shields.io/static/v1?label=Kubernetes&message=%3E%3D1.22.0-0&color=informational&logo=kubernetes) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2024-06-14 - -* fix: 🐛 namespaced rbac when kubernetesIngress provider is disabled -* fix: 🐛 add divisor: '1' to GOMAXPROCS and GOMEMLIMIT -* fix(security): 🐛 🔒️ mount service account token on pod level -* fix(Traefik Hub): remove obsolete CRD -* fix(Traefik Hub): remove namespace in mutating webhook -* feat: allow setting permanent on redirectTo -* chore(release): publish v28.3.0 -* chore(deps): update traefik docker tag to v3.0.2 - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index c558c78..e440dcf 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -602,6 +602,7 @@ ports: - # port: websecure - # (Optional) - # priority: 10 -+ # permanent: true - # - # -- Trust forwarded headers information (X-Forwarded-*). - # forwardedHeaders: -``` - -## 28.2.0 ![AppVersion: v3.0.1](https://img.shields.io/static/v1?label=AppVersion&message=v3.0.1&color=success&logo=) ![Kubernetes: >=1.22.0-0](https://img.shields.io/static/v1?label=Kubernetes&message=%3E%3D1.22.0-0&color=informational&logo=kubernetes) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2024-05-28 - -* fix(IngressClass): provides annotation on IngressRoutes when it's enabled -* feat: ✨ simplify values and provide more examples -* feat: add deletecollection right on secrets -* chore(release): 🚀 publish v28.2.0 -* chore(deps): update traefik docker tag to v3.0.1 - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 2fd9282..c558c78 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -1,4 +1,7 @@ - # Default values for Traefik -+# This is a YAML-formatted file. -+# Declare variables to be passed into templates -+ - image: - # -- Traefik image host registry - registry: docker.io -@@ -12,9 +15,6 @@ image: - # -- Add additional label to all resources - commonLabels: {} - --# --# Configure the deployment --# - deployment: - # -- Enable deployment - enabled: true -@@ -74,10 +74,6 @@ deployment: - # - name: volume-permissions - # image: busybox:latest - # command: ["sh", "-c", "touch /data/acme.json; chmod -v 600 /data/acme.json"] -- # securityContext: -- # runAsNonRoot: true -- # runAsGroup: 65532 -- # runAsUser: 65532 - # volumeMounts: - # - name: data - # mountPath: /data -@@ -112,13 +108,11 @@ deployment: - # -- Set a runtimeClassName on pod - runtimeClassName: - --# -- Pod disruption budget -+# -- [Pod Disruption Budget](https://kubernetes.io/docs/reference/kubernetes-api/policy-resources/pod-disruption-budget-v1/) - podDisruptionBudget: -- enabled: false -- # maxUnavailable: 1 -- # maxUnavailable: 33% -- # minAvailable: 0 -- # minAvailable: 25% -+ enabled: -+ maxUnavailable: -+ minAvailable: - - # -- Create a default IngressClass for Traefik - ingressClass: -@@ -155,7 +149,6 @@ experimental: - # annotations: - # cert-manager.io/issuer: letsencrypt - --## Create an IngressRoute for the dashboard - ingressRoute: - dashboard: - # -- Create an IngressRoute for the dashboard -@@ -221,15 +214,7 @@ livenessProbe: - # -- The number of seconds to wait for a probe response before considering it as failed. - timeoutSeconds: 2 - --# -- Define Startup Probe for container: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#define-startup-probes --# eg. --# `startupProbe: --# exec: --# command: --# - mycommand --# - foo --# initialDelaySeconds: 5 --# periodSeconds: 5` -+# -- Define [Startup Probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#define-startup-probes) - startupProbe: - - providers: -@@ -276,18 +261,8 @@ providers: - # -- Allows Traefik to automatically watch for file changes - watch: true - # -- File content (YAML format, go template supported) (see https://doc.traefik.io/traefik/providers/file/) -- content: "" -- # http: -- # routers: -- # router0: -- # entryPoints: -- # - web -- # middlewares: -- # - my-basic-auth -- # service: service-foo -- # rule: Path(`/foo`) -+ content: - --# - # -- Add volumes to the traefik pod. The volume name will be passed to tpl. - # This can be used to mount a cert pair or a configmap that holds a config.toml file. - # After the volume has been mounted, add the configs into traefik by using the `additionalArguments` list below, eg: -@@ -311,26 +286,21 @@ additionalVolumeMounts: [] - - logs: - general: -- # -- By default, the logs use a text format (common), but you can -- # also ask for the json format in the format option -- # format: json -+ # -- Set [logs format](https://doc.traefik.io/traefik/observability/logs/#format) -+ # @default common -+ format: - # By default, the level is set to ERROR. - # -- Alternative logging levels are DEBUG, PANIC, FATAL, ERROR, WARN, and INFO. - level: INFO - access: - # -- To enable access logs - enabled: false -- ## By default, logs are written using the Common Log Format (CLF) on stdout. -- ## To write logs in JSON, use json in the format option. -- ## If the given format is unsupported, the default (CLF) is used instead. -- # format: json -+ # -- Set [access log format](https://doc.traefik.io/traefik/observability/access-logs/#format) -+ format: - # filePath: "/var/log/traefik/access.log -- ## To write the logs in an asynchronous fashion, specify a bufferingSize option. -- ## This option represents the number of log lines Traefik will keep in memory before writing -- ## them to the selected output. In some cases, this option can greatly help performances. -- # bufferingSize: 100 -- ## Filtering -- # -- https://docs.traefik.io/observability/access-logs/#filtering -+ # -- Set [bufferingSize](https://doc.traefik.io/traefik/observability/access-logs/#bufferingsize) -+ bufferingSize: -+ # -- Set [filtering](https://docs.traefik.io/observability/access-logs/#filtering) - filters: {} - # statuscodes: "200,300-302" - # retryattempts: true -@@ -345,15 +315,11 @@ logs: - names: {} - ## Examples: - # ClientUsername: drop -+ # -- [Limit logged fields or headers](https://doc.traefik.io/traefik/observability/access-logs/#limiting-the-fieldsincluding-headers) - headers: - # -- Available modes: keep, drop, redact. - defaultmode: drop -- # -- Names of the headers to limit. - names: {} -- ## Examples: -- # User-Agent: redact -- # Authorization: drop -- # Content-Type: keep - - metrics: - ## -- Enable metrics for internal resources. Default: false -@@ -567,16 +533,15 @@ globalArguments: - - "--global.checknewversion" - - "--global.sendanonymoususage" - --# --# Configure Traefik static configuration - # -- Additional arguments to be passed at Traefik's binary --# All available options available on https://docs.traefik.io/reference/static-configuration/cli/ --## Use curly braces to pass values: `helm install --set="additionalArguments={--providers.kubernetesingress.ingressclass=traefik-internal,--log.level=DEBUG}"` -+# See [CLI Reference](https://docs.traefik.io/reference/static-configuration/cli/) -+# Use curly braces to pass values: `helm install --set="additionalArguments={--providers.kubernetesingress.ingressclass=traefik-internal,--log.level=DEBUG}"` - additionalArguments: [] - # - "--providers.kubernetesingress.ingressclass=traefik-internal" - # - "--log.level=DEBUG" - - # -- Environment variables to be passed to Traefik's binary -+# @default -- See _values.yaml_ - env: - - name: POD_NAME - valueFrom: -@@ -586,25 +551,9 @@ env: - valueFrom: - fieldRef: - fieldPath: metadata.namespace --# - name: SOME_VAR --# value: some-var-value --# - name: SOME_VAR_FROM_CONFIG_MAP --# valueFrom: --# configMapRef: --# name: configmap-name --# key: config-key --# - name: SOME_SECRET --# valueFrom: --# secretKeyRef: --# name: secret-name --# key: secret-key - - # -- Environment variables to be passed to Traefik's binary from configMaps or secrets - envFrom: [] --# - configMapRef: --# name: config-map-name --# - secretRef: --# name: secret-name - - ports: - traefik: -@@ -766,28 +715,12 @@ ports: - # -- The port protocol (TCP/UDP) - protocol: TCP - --# -- TLS Options are created as TLSOption CRDs --# https://doc.traefik.io/traefik/https/tls/#tls-options -+# -- TLS Options are created as [TLSOption CRDs](https://doc.traefik.io/traefik/https/tls/#tls-options) - # When using `labelSelector`, you'll need to set labels on tlsOption accordingly. --# Example: --# tlsOptions: --# default: --# labels: {} --# sniStrict: true --# custom-options: --# labels: {} --# curvePreferences: --# - CurveP521 --# - CurveP384 -+# See EXAMPLE.md for details. - tlsOptions: {} - --# -- TLS Store are created as TLSStore CRDs. This is useful if you want to set a default certificate --# https://doc.traefik.io/traefik/https/tls/#default-certificate --# Example: --# tlsStore: --# default: --# defaultCertificate: --# secretName: tls-cert -+# -- TLS Store are created as [TLSStore CRDs](https://doc.traefik.io/traefik/https/tls/#default-certificate). This is useful if you want to set a default certificate. See EXAMPLE.md for details. - tlsStore: {} - - service: -@@ -839,29 +772,8 @@ service: - - autoscaling: - # -- Create HorizontalPodAutoscaler object. -+ # See EXAMPLES.md for more details. - enabled: false --# minReplicas: 1 --# maxReplicas: 10 --# metrics: --# - type: Resource --# resource: --# name: cpu --# target: --# type: Utilization --# averageUtilization: 60 --# - type: Resource --# resource: --# name: memory --# target: --# type: Utilization --# averageUtilization: 60 --# behavior: --# scaleDown: --# stabilizationWindowSeconds: 300 --# policies: --# - type: Pods --# value: 1 --# periodSeconds: 60 - - persistence: - # -- Enable persistence using Persistent Volume Claims -@@ -879,27 +791,10 @@ persistence: - # -- Only mount a subpath of the Volume into the pod - # subPath: "" - --# -- Certificates resolvers configuration -+# -- Certificates resolvers configuration. -+# Ref: https://doc.traefik.io/traefik/https/acme/#certificate-resolvers -+# See EXAMPLES.md for more details. - certResolvers: {} --# letsencrypt: --# # for challenge options cf. https://doc.traefik.io/traefik/https/acme/ --# email: email@example.com --# dnsChallenge: --# # also add the provider's required configuration under env --# # or expand then from secrets/configmaps with envfrom --# # cf. https://doc.traefik.io/traefik/https/acme/#providers --# provider: digitalocean --# # add futher options for the dns challenge as needed --# # cf. https://doc.traefik.io/traefik/https/acme/#dnschallenge --# delayBeforeCheck: 30 --# resolvers: --# - 1.1.1.1 --# - 8.8.8.8 --# tlsChallenge: true --# httpChallenge: --# entryPoint: "web" --# # It has to match the path with a persistent volume --# storage: /data/acme.json - - # -- If hostNetwork is true, runs traefik in the host network namespace - # To prevent unschedulabel pods due to port collisions, if hostNetwork=true -@@ -933,14 +828,8 @@ serviceAccount: - # -- Additional serviceAccount annotations (e.g. for oidc authentication) - serviceAccountAnnotations: {} - --# -- The resources parameter defines CPU and memory requirements and limits for Traefik's containers. -+# -- [Resources](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) for `traefik` container. - resources: {} --# requests: --# cpu: "100m" --# memory: "50Mi" --# limits: --# cpu: "300m" --# memory: "150Mi" - - # -- This example pod anti-affinity forces the scheduler to put traefik pods - # -- on nodes where no other traefik pods are scheduled. -@@ -970,30 +859,22 @@ topologySpreadConstraints: [] - # topologyKey: kubernetes.io/hostname - # whenUnsatisfiable: DoNotSchedule - --# -- Pods can have priority. --# -- Priority indicates the importance of a Pod relative to other Pods. -+# -- [Pod Priority and Preemption](https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/) - priorityClassName: "" - --# -- Set the container security context --# -- To run the container with ports below 1024 this will need to be adjusted to run as root -+# -- [SecurityContext](https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#security-context-1) -+# @default -- See _values.yaml_ - securityContext: -+ allowPrivilegeEscalation: false - capabilities: - drop: [ALL] - readOnlyRootFilesystem: true -- allowPrivilegeEscalation: false - -+# -- [Pod Security Context](https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#security-context) -+# @default -- See _values.yaml_ - podSecurityContext: -- # /!\ When setting fsGroup, Kubernetes will recursively change ownership and -- # permissions for the contents of each volume to match the fsGroup. This can -- # be an issue when storing sensitive content like TLS Certificates /!\ -- # fsGroup: 65532 -- # -- Specifies the policy for changing ownership and permissions of volume contents to match the fsGroup. -- fsGroupChangePolicy: "OnRootMismatch" -- # -- The ID of the group for all containers in the pod to run as. - runAsGroup: 65532 -- # -- Specifies whether the containers should run as a non-root user. - runAsNonRoot: true -- # -- The ID of the user for all containers in the pod to run as. - runAsUser: 65532 - - # -@@ -1003,16 +884,16 @@ podSecurityContext: - # See #595 for more details and traefik/tests/values/extra.yaml for example. - extraObjects: [] - --# This will override the default Release Namespace for Helm. -+# -- This field override the default Release Namespace for Helm. - # It will not affect optional CRDs such as `ServiceMonitor` and `PrometheusRules` --# namespaceOverride: traefik --# --## -- This will override the default app.kubernetes.io/instance label for all Objects. --# instanceLabelOverride: traefik -+namespaceOverride: -+ -+## -- This field override the default app.kubernetes.io/instance label for all Objects. -+instanceLabelOverride: - --# -- Traefik Hub configuration. See https://doc.traefik.io/traefik-hub/ -+# Traefik Hub configuration. See https://doc.traefik.io/traefik-hub/ - hub: -- # Name of Secret with key 'token' set to a valid license token. -+ # -- Name of `Secret` with key 'token' set to a valid license token. - # It enables API Gateway. - token: - apimanagement: -``` - -## 28.1.0 ![AppVersion: v3.0.0](https://img.shields.io/static/v1?label=AppVersion&message=v3.0.0&color=success&logo=) ![Kubernetes: >=1.22.0-0](https://img.shields.io/static/v1?label=Kubernetes&message=%3E%3D1.22.0-0&color=informational&logo=kubernetes) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -* fix(Traefik Hub): do not deploy mutating webhook when enabling only API Gateway -* feat(Traefik Hub): use Traefik Proxy otlp config -* chore: 🔧 update Traefik Hub CRD to v1.3.3 - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 70297f6..2fd9282 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -1010,3 +1010,49 @@ - ## -- This will override the default app.kubernetes.io/instance label for all Objects. - # instanceLabelOverride: traefik - -+# -- Traefik Hub configuration. See https://doc.traefik.io/traefik-hub/ -+hub: -+ # Name of Secret with key 'token' set to a valid license token. -+ # It enables API Gateway. -+ token: -+ apimanagement: -+ # -- Set to true in order to enable API Management. Requires a valid license token. -+ enabled: -+ admission: -+ # -- WebHook admission server listen address. Default: "0.0.0.0:9943". -+ listenAddr: -+ # -- Certificate of the WebHook admission server. Default: "hub-agent-cert". -+ secretName: -+ -+ ratelimit: -+ redis: -+ # -- Enable Redis Cluster. Default: true. -+ cluster: -+ # -- Database used to store information. Default: "0". -+ database: -+ # -- Endpoints of the Redis instances to connect to. Default: "". -+ endpoints: -+ # -- The username to use when connecting to Redis endpoints. Default: "". -+ username: -+ # -- The password to use when connecting to Redis endpoints. Default: "". -+ password: -+ sentinel: -+ # -- Name of the set of main nodes to use for main selection. Required when using Sentinel. Default: "". -+ masterset: -+ # -- Username to use for sentinel authentication (can be different from endpoint username). Default: "". -+ username: -+ # -- Password to use for sentinel authentication (can be different from endpoint password). Default: "". -+ password: -+ # -- Timeout applied on connection with redis. Default: "0s". -+ timeout: -+ tls: -+ # -- Path to the certificate authority used for the secured connection. -+ ca: -+ # -- Path to the public certificate used for the secure connection. -+ cert: -+ # -- Path to the private key used for the secure connection. -+ key: -+ # -- When insecureSkipVerify is set to true, the TLS connection accepts any certificate presented by the server. Default: false. -+ insecureSkipVerify: -+ # Enable export of errors logs to the platform. Default: true. -+ sendlogs: -``` - -## 28.1.0-beta.3 ![AppVersion: v3.0.0](https://img.shields.io/static/v1?label=AppVersion&message=v3.0.0&color=success&logo=) ![Kubernetes: >=1.22.0-0](https://img.shields.io/static/v1?label=Kubernetes&message=%3E%3D1.22.0-0&color=informational&logo=kubernetes) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2024-05-03 - -* chore: 🔧 update Traefik Hub CRD to v1.3.2 -* chore(release): 🚀 publish v28.1.0-beta.3 - -## 28.1.0-beta.2 ![AppVersion: v3.0.0](https://img.shields.io/static/v1?label=AppVersion&message=v3.0.0&color=success&logo=) ![Kubernetes: >=1.22.0-0](https://img.shields.io/static/v1?label=Kubernetes&message=%3E%3D1.22.0-0&color=informational&logo=kubernetes) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2024-05-02 - -* fix: 🐛 refine Traefik Hub support -* chore(release): 🚀 publish v28.1.0-beta.2 - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index ce0a7a3..70297f6 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -1015,13 +1015,15 @@ hub: - # Name of Secret with key 'token' set to a valid license token. - # It enables API Gateway. - token: -- admission: -- # -- WebHook admission server listen address. Default: "0.0.0.0:9943". -- listenAddr: -- # -- Certificate of the WebHook admission server. Default: "hub-agent-cert". -- secretName: -- # -- Set to true in order to enable API Management. Requires a valid license token. - apimanagement: -+ # -- Set to true in order to enable API Management. Requires a valid license token. -+ enabled: -+ admission: -+ # -- WebHook admission server listen address. Default: "0.0.0.0:9943". -+ listenAddr: -+ # -- Certificate of the WebHook admission server. Default: "hub-agent-cert". -+ secretName: -+ - metrics: - opentelemetry: - # -- Set to true to enable OpenTelemetry metrics exporter of Traefik Hub. -``` - -## 28.1.0-beta.1 ![AppVersion: v3.0.0](https://img.shields.io/static/v1?label=AppVersion&message=v3.0.0&color=success&logo=) ![Kubernetes: >=1.22.0-0](https://img.shields.io/static/v1?label=Kubernetes&message=%3E%3D1.22.0-0&color=informational&logo=kubernetes) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2024-04-30 - -* feat: :rocket: add initial support for Traefik Hub Api Gateway -* chore(release): 🚀 publish v28.1.0-beta.1 - -## 28.0.0 ![AppVersion: v3.0.0](https://img.shields.io/static/v1?label=AppVersion&message=v3.0.0&color=success&logo=) ![Kubernetes: >=1.22.0-0](https://img.shields.io/static/v1?label=Kubernetes&message=%3E%3D1.22.0-0&color=informational&logo=kubernetes) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2024-04-30 - -* style: 🎨 consistent capitalization on `--entryPoints` CLI flag -* fix: 🐛 only expose http3 port on service when TCP variant is exposed -* fix: 🐛 logs filters on status codes -* feat: ✨ add support of `experimental-v3.0` unstable version -* feat: ability to override liveness and readiness probe paths -* feat(ports): add transport options -* chore(release): publish v28.0.0 - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index c0d72d8..2bff10d 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -38,6 +38,12 @@ deployment: - ## Override the liveness/readiness scheme. Useful for getting ping to - ## respond on websecure entryPoint. - # healthchecksScheme: HTTPS -+ ## Override the readiness path. -+ ## Default: /ping -+ # readinessPath: /ping -+ # Override the liveness path. -+ # Default: /ping -+ # livenessPath: /ping - # -- Additional deployment annotations (e.g. for jaeger-operator sidecar injection) - annotations: {} - # -- Additional deployment labels (e.g. for filtering deployment by custom labels) -@@ -648,15 +654,28 @@ ports: - # (Optional) - # priority: 10 - # -- # Trust forwarded headers information (X-Forwarded-*). -+ # -- Trust forwarded headers information (X-Forwarded-*). - # forwardedHeaders: - # trustedIPs: [] - # insecure: false - # -- # Enable the Proxy Protocol header parsing for the entry point -+ # -- Enable the Proxy Protocol header parsing for the entry point - # proxyProtocol: - # trustedIPs: [] - # insecure: false -+ # -+ # -- Set transport settings for the entrypoint; see also -+ # https://doc.traefik.io/traefik/routing/entrypoints/#transport -+ transport: -+ respondingTimeouts: -+ readTimeout: -+ writeTimeout: -+ idleTimeout: -+ lifeCycle: -+ requestAcceptGraceTimeout: -+ graceTimeOut: -+ keepAliveMaxRequests: -+ keepAliveMaxTime: - websecure: - ## -- Enable this entrypoint as a default entrypoint. When a service doesn't explicitly set an entrypoint it will only use this entrypoint. - # asDefault: true -@@ -684,16 +703,29 @@ ports: - enabled: false - # advertisedPort: 4443 - # -- ## -- Trust forwarded headers information (X-Forwarded-*). -+ # -- Trust forwarded headers information (X-Forwarded-*). - # forwardedHeaders: - # trustedIPs: [] - # insecure: false - # -- ## -- Enable the Proxy Protocol header parsing for the entry point -+ # -- Enable the Proxy Protocol header parsing for the entry point - # proxyProtocol: - # trustedIPs: [] - # insecure: false - # -+ # -- Set transport settings for the entrypoint; see also -+ # https://doc.traefik.io/traefik/routing/entrypoints/#transport -+ transport: -+ respondingTimeouts: -+ readTimeout: -+ writeTimeout: -+ idleTimeout: -+ lifeCycle: -+ requestAcceptGraceTimeout: -+ graceTimeOut: -+ keepAliveMaxRequests: -+ keepAliveMaxTime: -+ # - ## Set TLS at the entrypoint - ## https://doc.traefik.io/traefik/routing/entrypoints/#tls - tls: -``` - -## 28.0.0-rc1 ![AppVersion: v3.0.0-rc5](https://img.shields.io/static/v1?label=AppVersion&message=v3.0.0-rc5&color=success&logo=) ![Kubernetes: >=1.16.0-0](https://img.shields.io/static/v1?label=Kubernetes&message=%3E%3D1.16.0-0&color=informational&logo=kubernetes) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2024-04-17 - -**Upgrade Notes** - -This is a major breaking upgrade. [Migration guide](https://doc.traefik.io/traefik/v3.0/migration/v2-to-v3/) have been applied on the chart. - -It needs a Kubernetes v1.22 or higher. -All CRDs using _API Group_ `traefik.containo.us` are not supported anymore in Traefik Proxy v3 - -CRDs needs to be upgraded: `kubectl apply --server-side --force-conflicts -k https://github.com/traefik/traefik-helm-chart/traefik/crds/` - -After upgrade, CRDs with _API Group_ `traefik.containo.us` can be removed: - -```shell -kubectl delete crds \ - ingressroutes.traefik.containo.us \ - ingressroutetcps.traefik.containo.us \ - ingressrouteudps.traefik.containo.us \ - middlewares.traefik.containo.us \ - middlewaretcps.traefik.containo.us \ - serverstransports.traefik.containo.us \ - tlsoptions.traefik.containo.us \ - tlsstores.traefik.containo.us \ - traefikservices.traefik.containo.us -``` - -**Changes** - -* feat(podtemplate): set GOMEMLIMIT, GOMAXPROCS when limits are defined -* feat: ✨ fail gracefully when required port number is not set -* feat!: :boom: initial support of Traefik Proxy v3 -* docs: 📚️ improve EXAMPLES on acme resolver -* chore(release): 🚀 publish v28 rc1 - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index cd9fb6e..c0d72d8 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -120,12 +120,13 @@ ingressClass: - isDefaultClass: true - # name: my-custom-class - -+core: -+ # -- Can be used to use globally v2 router syntax -+ # See https://doc.traefik.io/traefik/v3.0/migration/v2-to-v3/#new-v3-syntax-notable-changes -+ defaultRuleSyntax: -+ - # Traefik experimental features - experimental: -- # This value is no longer used, set the image.tag to a semver higher than 3.0, e.g. "v3.0.0-beta3" -- # v3: -- # -- Enable traefik version 3 -- - # -- Enable traefik experimental plugins - plugins: {} - # demo: -@@ -309,7 +310,7 @@ logs: - # format: json - # By default, the level is set to ERROR. - # -- Alternative logging levels are DEBUG, PANIC, FATAL, ERROR, WARN, and INFO. -- level: ERROR -+ level: INFO - access: - # -- To enable access logs - enabled: false -@@ -328,6 +329,8 @@ logs: - # statuscodes: "200,300-302" - # retryattempts: true - # minduration: 10ms -+ # -- Enables accessLogs for internal resources. Default: false. -+ addInternals: - fields: - general: - # -- Available modes: keep, drop, redact. -@@ -347,6 +350,9 @@ logs: - # Content-Type: keep - - metrics: -+ ## -- Enable metrics for internal resources. Default: false -+ addInternals: -+ - ## -- Prometheus is enabled by default. - ## -- It can be disabled by setting "prometheus: null" - prometheus: -@@ -376,31 +382,6 @@ metrics: - # # addRoutersLabels: true - # ## Enable metrics on services. Default=true - # # addServicesLabels: false -- # influxdb: -- # ## Address instructs exporter to send metrics to influxdb at this address. -- # address: localhost:8089 -- # ## InfluxDB's address protocol (udp or http). Default="udp" -- # protocol: udp -- # ## InfluxDB database used when protocol is http. Default="" -- # # database: "" -- # ## InfluxDB retention policy used when protocol is http. Default="" -- # # retentionPolicy: "" -- # ## InfluxDB username (only with http). Default="" -- # # username: "" -- # ## InfluxDB password (only with http). Default="" -- # # password: "" -- # ## The interval used by the exporter to push metrics to influxdb. Default=10s -- # # pushInterval: 30s -- # ## Additional labels (influxdb tags) on all metrics. -- # # additionalLabels: -- # # env: production -- # # foo: bar -- # ## Enable metrics on entry points. Default=true -- # # addEntryPointsLabels: false -- # ## Enable metrics on routers. Default=false -- # # addRoutersLabels: true -- # ## Enable metrics on services. Default=true -- # # addServicesLabels: false - # influxdb2: - # ## Address instructs exporter to send metrics to influxdb v2 at this address. - # address: localhost:8086 -@@ -435,43 +416,53 @@ metrics: - # # addRoutersLabels: true - # ## Enable metrics on services. Default=true - # # addServicesLabels: false -- # openTelemetry: -- # ## Address of the OpenTelemetry Collector to send metrics to. -- # address: "localhost:4318" -- # ## Enable metrics on entry points. -- # addEntryPointsLabels: true -- # ## Enable metrics on routers. -- # addRoutersLabels: true -- # ## Enable metrics on services. -- # addServicesLabels: true -- # ## Explicit boundaries for Histogram data points. -- # explicitBoundaries: -- # - "0.1" -- # - "0.3" -- # - "1.2" -- # - "5.0" -- # ## Additional headers sent with metrics by the reporter to the OpenTelemetry Collector. -- # headers: -- # foo: bar -- # test: test -- # ## Allows reporter to send metrics to the OpenTelemetry Collector without using a secured protocol. -- # insecure: true -- # ## Interval at which metrics are sent to the OpenTelemetry Collector. -- # pushInterval: 10s -- # ## Allows to override the default URL path used for sending metrics. This option has no effect when using gRPC transport. -- # path: /foo/v1/traces -- # ## Defines the TLS configuration used by the reporter to send metrics to the OpenTelemetry Collector. -- # tls: -- # ## The path to the certificate authority, it defaults to the system bundle. -- # ca: path/to/ca.crt -- # ## The path to the public certificate. When using this option, setting the key option is required. -- # cert: path/to/foo.cert -- # ## The path to the private key. When using this option, setting the cert option is required. -- # key: path/to/key.key -- # ## If set to true, the TLS connection accepts any certificate presented by the server regardless of the hostnames it covers. -- # insecureSkipVerify: true -- # ## This instructs the reporter to send metrics to the OpenTelemetry Collector using gRPC. -- # grpc: true -+ otlp: -+ # -- Set to true in order to enable the OpenTelemetry metrics -+ enabled: false -+ # -- Enable metrics on entry points. Default: true -+ addEntryPointsLabels: -+ # -- Enable metrics on routers. Default: false -+ addRoutersLabels: -+ # -- Enable metrics on services. Default: true -+ addServicesLabels: -+ # -- Explicit boundaries for Histogram data points. Default: [.005, .01, .025, .05, .1, .25, .5, 1, 2.5, 5, 10] -+ explicitBoundaries: -+ # -- Interval at which metrics are sent to the OpenTelemetry Collector. Default: 10s -+ pushInterval: -+ http: -+ # -- Set to true in order to send metrics to the OpenTelemetry Collector using HTTP. -+ enabled: false -+ # -- Format: ://:. Default: http://localhost:4318/v1/metrics -+ endpoint: -+ # -- Additional headers sent with metrics by the reporter to the OpenTelemetry Collector. -+ headers: -+ ## Defines the TLS configuration used by the reporter to send metrics to the OpenTelemetry Collector. -+ tls: -+ # -- The path to the certificate authority, it defaults to the system bundle. -+ ca: -+ # -- The path to the public certificate. When using this option, setting the key option is required. -+ cert: -+ # -- The path to the private key. When using this option, setting the cert option is required. -+ key: -+ # -- When set to true, the TLS connection accepts any certificate presented by the server regardless of the hostnames it covers. -+ insecureSkipVerify: -+ grpc: -+ # -- Set to true in order to send metrics to the OpenTelemetry Collector using gRPC -+ enabled: false -+ # -- Format: ://:. Default: http://localhost:4318/v1/metrics -+ endpoint: -+ # -- Allows reporter to send metrics to the OpenTelemetry Collector without using a secured protocol. -+ insecure: -+ ## Defines the TLS configuration used by the reporter to send metrics to the OpenTelemetry Collector. -+ tls: -+ # -- The path to the certificate authority, it defaults to the system bundle. -+ ca: -+ # -- The path to the public certificate. When using this option, setting the key option is required. -+ cert: -+ # -- The path to the private key. When using this option, setting the cert option is required. -+ key: -+ # -- When set to true, the TLS connection accepts any certificate presented by the server regardless of the hostnames it covers. -+ insecureSkipVerify: - - ## -- enable optional CRDs for Prometheus Operator - ## -@@ -524,51 +515,46 @@ metrics: - - ## Tracing - # -- https://doc.traefik.io/traefik/observability/tracing/overview/ --tracing: {} --# openTelemetry: # traefik v3+ only --# grpc: true --# insecure: true --# address: localhost:4317 --# instana: --# localAgentHost: 127.0.0.1 --# localAgentPort: 42699 --# logLevel: info --# enableAutoProfile: true --# datadog: --# localAgentHostPort: 127.0.0.1:8126 --# debug: false --# globalTag: "" --# prioritySampling: false --# jaeger: --# samplingServerURL: http://localhost:5778/sampling --# samplingType: const --# samplingParam: 1.0 --# localAgentHostPort: 127.0.0.1:6831 --# gen128Bit: false --# propagation: jaeger --# traceContextHeaderName: uber-trace-id --# disableAttemptReconnecting: true --# collector: --# endpoint: "" --# user: "" --# password: "" --# zipkin: --# httpEndpoint: http://localhost:9411/api/v2/spans --# sameSpan: false --# id128Bit: true --# sampleRate: 1.0 --# haystack: --# localAgentHost: 127.0.0.1 --# localAgentPort: 35000 --# globalTag: "" --# traceIDHeaderName: "" --# parentIDHeaderName: "" --# spanIDHeaderName: "" --# baggagePrefixHeaderName: "" --# elastic: --# serverURL: http://localhost:8200 --# secretToken: "" --# serviceEnvironment: "" -+tracing: -+ # -- Enables tracing for internal resources. Default: false. -+ addInternals: -+ otlp: -+ # -- See https://doc.traefik.io/traefik/v3.0/observability/tracing/opentelemetry/ -+ enabled: false -+ http: -+ # -- Set to true in order to send metrics to the OpenTelemetry Collector using HTTP. -+ enabled: false -+ # -- Format: ://:. Default: http://localhost:4318/v1/metrics -+ endpoint: -+ # -- Additional headers sent with metrics by the reporter to the OpenTelemetry Collector. -+ headers: -+ ## Defines the TLS configuration used by the reporter to send metrics to the OpenTelemetry Collector. -+ tls: -+ # -- The path to the certificate authority, it defaults to the system bundle. -+ ca: -+ # -- The path to the public certificate. When using this option, setting the key option is required. -+ cert: -+ # -- The path to the private key. When using this option, setting the cert option is required. -+ key: -+ # -- When set to true, the TLS connection accepts any certificate presented by the server regardless of the hostnames it covers. -+ insecureSkipVerify: -+ grpc: -+ # -- Set to true in order to send metrics to the OpenTelemetry Collector using gRPC -+ enabled: false -+ # -- Format: ://:. Default: http://localhost:4318/v1/metrics -+ endpoint: -+ # -- Allows reporter to send metrics to the OpenTelemetry Collector without using a secured protocol. -+ insecure: -+ ## Defines the TLS configuration used by the reporter to send metrics to the OpenTelemetry Collector. -+ tls: -+ # -- The path to the certificate authority, it defaults to the system bundle. -+ ca: -+ # -- The path to the public certificate. When using this option, setting the key option is required. -+ cert: -+ # -- The path to the private key. When using this option, setting the cert option is required. -+ key: -+ # -- When set to true, the TLS connection accepts any certificate presented by the server regardless of the hostnames it covers. -+ insecureSkipVerify: - - # -- Global command arguments to be passed to all traefik's pods - globalArguments: -@@ -756,7 +742,6 @@ ports: - # default: - # labels: {} - # sniStrict: true --# preferServerCipherSuites: true - # custom-options: - # labels: {} - # curvePreferences: -``` - -## 27.0.0 ![AppVersion: v2.11.0](https://img.shields.io/static/v1?label=AppVersion&message=v2.11.0&color=success&logo=) ![Kubernetes: >=1.16.0-0](https://img.shields.io/static/v1?label=Kubernetes&message=%3E%3D1.16.0-0&color=informational&logo=kubernetes) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2024-04-02 - -**Upgrade notes** - -Custom services and port exposure have been redesigned, requiring the following changes: -- if you were overriding port exposure behavior using the `expose` or `exposeInternal` flags, you should replace them with a service name to boolean mapping, i.e. replace this: - -```yaml -ports: - web: - expose: false - exposeInternal: true -``` - -with this: - -```yaml -ports: - web: - expose: - default: false - internal: true -``` - -- if you were previously using the `service.internal` value, you should migrate the values to the `service.additionalServices.internal` value instead; this should yield the same results, but make sure to carefully check for any changes! - -**Changes** - -* fix: remove null annotations on dashboard `IngressRoute` -* fix(rbac): do not create clusterrole for namespace deployment on Traefik v3 -* feat: restrict access to secrets -* feat!: :boom: refactor custom services and port exposure -* chore(release): 🚀 publish v27.0.0 - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index dbd078f..363871d 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -250,6 +250,9 @@ providers: - # -- Array of namespaces to watch. If left empty, Traefik watches all namespaces. - namespaces: [] - # - "default" -+ # Disable cluster IngressClass Lookup - Requires Traefik V3. -+ # When combined with rbac.namespaced: true, ClusterRole will not be created and ingresses must use kubernetes.io/ingress.class annotation instead of spec.ingressClassName. -+ disableIngressClassLookup: false - # IP used for Kubernetes Ingress endpoints - publishedService: - enabled: false -@@ -626,22 +629,20 @@ ports: - # -- You SHOULD NOT expose the traefik port on production deployments. - # If you want to access it from outside your cluster, - # use `kubectl port-forward` or create a secure ingress -- expose: false -+ expose: -+ default: false - # -- The exposed port for this service - exposedPort: 9000 - # -- The port protocol (TCP/UDP) - protocol: TCP -- # -- Defines whether the port is exposed on the internal service; -- # note that ports exposed on the default service are exposed on the internal -- # service by default as well. -- exposeInternal: false - web: - ## -- Enable this entrypoint as a default entrypoint. When a service doesn't explicitly set an entrypoint it will only use this entrypoint. - # asDefault: true - port: 8000 - # hostPort: 8000 - # containerPort: 8000 -- expose: true -+ expose: -+ default: true - exposedPort: 80 - ## -- Different target traefik port on the cluster, useful for IP type LB - # targetPort: 80 -@@ -650,10 +651,6 @@ ports: - # -- Use nodeport if set. This is useful if you have configured Traefik in a - # LoadBalancer. - # nodePort: 32080 -- # -- Defines whether the port is exposed on the internal service; -- # note that ports exposed on the default service are exposed on the internal -- # service by default as well. -- exposeInternal: false - # Port Redirections - # Added in 2.2, you can make permanent redirects via entrypoints. - # https://docs.traefik.io/routing/entrypoints/#redirection -@@ -677,17 +674,14 @@ ports: - port: 8443 - # hostPort: 8443 - # containerPort: 8443 -- expose: true -+ expose: -+ default: true - exposedPort: 443 - ## -- Different target traefik port on the cluster, useful for IP type LB - # targetPort: 80 - ## -- The port protocol (TCP/UDP) - protocol: TCP - # nodePort: 32443 -- # -- Defines whether the port is exposed on the internal service; -- # note that ports exposed on the default service are exposed on the internal -- # service by default as well. -- exposeInternal: false - ## -- Specify an application protocol. This may be used as a hint for a Layer 7 load balancer. - # appProtocol: https - # -@@ -744,15 +738,12 @@ ports: - # -- You may not want to expose the metrics port on production deployments. - # If you want to access it from outside your cluster, - # use `kubectl port-forward` or create a secure ingress -- expose: false -+ expose: -+ default: false - # -- The exposed port for this service - exposedPort: 9100 - # -- The port protocol (TCP/UDP) - protocol: TCP -- # -- Defines whether the port is exposed on the internal service; -- # note that ports exposed on the default service are exposed on the internal -- # service by default as well. -- exposeInternal: false - - # -- TLS Options are created as TLSOption CRDs - # https://doc.traefik.io/traefik/https/tls/#tls-options -@@ -814,6 +805,7 @@ service: - # - IPv4 - # - IPv6 - ## -+ additionalServices: {} - ## -- An additional and optional internal Service. - ## Same parameters as external Service - # internal: -@@ -899,11 +891,14 @@ hostNetwork: false - rbac: - enabled: true - # If set to false, installs ClusterRole and ClusterRoleBinding so Traefik can be used across namespaces. -- # If set to true, installs Role and RoleBinding. Providers will only watch target namespace. -+ # If set to true, installs Role and RoleBinding instead of ClusterRole/ClusterRoleBinding. Providers will only watch target namespace. -+ # When combined with providers.kubernetesIngress.disableIngressClassLookup: true and Traefik V3, ClusterRole to watch IngressClass is also disabled. - namespaced: false - # Enable user-facing roles - # https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles - # aggregateTo: [ "admin" ] -+ # List of Kubernetes secrets that are accessible for Traefik. If empty, then access is granted to every secret. -+ secretResourceNames: [] - - # -- Enable to create a PodSecurityPolicy and assign it to the Service Account via RoleBinding or ClusterRoleBinding - podSecurityPolicy: -``` - -## 26.1.0 ![AppVersion: v2.11.0](https://img.shields.io/static/v1?label=AppVersion&message=v2.11.0&color=success&logo=) ![Kubernetes: >=1.16.0-0](https://img.shields.io/static/v1?label=Kubernetes&message=%3E%3D1.16.0-0&color=informational&logo=kubernetes) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2024-02-19 - -* fix: 🐛 set runtimeClassName at pod level -* fix: 🐛 missing quote on experimental plugin args -* fix: update traefik v3 serverstransporttcps CRD -* feat: set runtimeClassName on pod spec -* feat: create v1 Gateway and GatewayClass Version for Traefik v3 -* feat: allow exposure of ports on internal service only -* doc: fix invalid suggestion on TLSOption (#996) -* chore: 🔧 update maintainers -* chore: 🔧 promote jnoordsij to Traefik Helm Chart maintainer -* chore(release): 🚀 publish v26.1.0 -* chore(deps): update traefik docker tag to v2.11.0 -* chore(deps): update traefik docker tag to v2.10.7 -* chore(crds): update definitions for traefik v2.11 - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index f9dac91..dbd078f 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -100,6 +100,8 @@ deployment: - # port: 9000 - # host: localhost - # scheme: HTTP -+ # -- Set a runtimeClassName on pod -+ runtimeClassName: - - # -- Pod disruption budget - podDisruptionBudget: -@@ -629,6 +631,10 @@ ports: - exposedPort: 9000 - # -- The port protocol (TCP/UDP) - protocol: TCP -+ # -- Defines whether the port is exposed on the internal service; -+ # note that ports exposed on the default service are exposed on the internal -+ # service by default as well. -+ exposeInternal: false - web: - ## -- Enable this entrypoint as a default entrypoint. When a service doesn't explicitly set an entrypoint it will only use this entrypoint. - # asDefault: true -@@ -644,6 +650,10 @@ ports: - # -- Use nodeport if set. This is useful if you have configured Traefik in a - # LoadBalancer. - # nodePort: 32080 -+ # -- Defines whether the port is exposed on the internal service; -+ # note that ports exposed on the default service are exposed on the internal -+ # service by default as well. -+ exposeInternal: false - # Port Redirections - # Added in 2.2, you can make permanent redirects via entrypoints. - # https://docs.traefik.io/routing/entrypoints/#redirection -@@ -674,6 +684,10 @@ ports: - ## -- The port protocol (TCP/UDP) - protocol: TCP - # nodePort: 32443 -+ # -- Defines whether the port is exposed on the internal service; -+ # note that ports exposed on the default service are exposed on the internal -+ # service by default as well. -+ exposeInternal: false - ## -- Specify an application protocol. This may be used as a hint for a Layer 7 load balancer. - # appProtocol: https - # -@@ -735,6 +749,10 @@ ports: - exposedPort: 9100 - # -- The port protocol (TCP/UDP) - protocol: TCP -+ # -- Defines whether the port is exposed on the internal service; -+ # note that ports exposed on the default service are exposed on the internal -+ # service by default as well. -+ exposeInternal: false - - # -- TLS Options are created as TLSOption CRDs - # https://doc.traefik.io/traefik/https/tls/#tls-options -@@ -745,7 +763,7 @@ ports: - # labels: {} - # sniStrict: true - # preferServerCipherSuites: true --# customOptions: -+# custom-options: - # labels: {} - # curvePreferences: - # - CurveP521 -@@ -796,7 +814,7 @@ service: - # - IPv4 - # - IPv6 - ## -- ## -- An additionnal and optional internal Service. -+ ## -- An additional and optional internal Service. - ## Same parameters as external Service - # internal: - # type: ClusterIP -``` - -## 26.0.0 ![AppVersion: v2.10.6](https://img.shields.io/static/v1?label=AppVersion&message=v2.10.6&color=success&logo=) ![Kubernetes: >=1.16.0-0](https://img.shields.io/static/v1?label=Kubernetes&message=%3E%3D1.16.0-0&color=informational&logo=kubernetes) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2023-12-05 - -* fix: 🐛 improve confusing suggested value on openTelemetry.grpc -* fix: 🐛 declare http3 udp port, with or without hostport -* feat: 💥 deployment.podannotations support interpolation with tpl -* feat: allow update of namespace policy for websecure listener -* feat: allow defining startupProbe -* feat: add file provider -* feat: :boom: unify plugin import between traefik and this chart -* chore(release): 🚀 publish v26 -* chore(deps): update traefik docker tag to v2.10.6 -* Release namespace for Prometheus Operator resources - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 71e377e..f9dac91 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -40,6 +40,7 @@ deployment: - # -- Additional deployment labels (e.g. for filtering deployment by custom labels) - labels: {} - # -- Additional pod annotations (e.g. for mesh injection or prometheus scraping) -+ # It supports templating. One can set it with values like traefik/name: '{{ template "traefik.name" . }}' - podAnnotations: {} - # -- Additional Pod labels (e.g. for filtering Pod by custom labels) - podLabels: {} -@@ -119,10 +120,12 @@ experimental: - # This value is no longer used, set the image.tag to a semver higher than 3.0, e.g. "v3.0.0-beta3" - # v3: - # -- Enable traefik version 3 -- # enabled: false -- plugins: -- # -- Enable traefik experimental plugins -- enabled: false -+ -+ # -- Enable traefik experimental plugins -+ plugins: {} -+ # demo: -+ # moduleName: github.com/traefik/plugindemo -+ # version: v0.2.1 - kubernetesGateway: - # -- Enable traefik experimental GatewayClass CRD - enabled: false -@@ -206,6 +209,17 @@ livenessProbe: - # -- The number of seconds to wait for a probe response before considering it as failed. - timeoutSeconds: 2 - -+# -- Define Startup Probe for container: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#define-startup-probes -+# eg. -+# `startupProbe: -+# exec: -+# command: -+# - mycommand -+# - foo -+# initialDelaySeconds: 5 -+# periodSeconds: 5` -+startupProbe: -+ - providers: - kubernetesCRD: - # -- Load Kubernetes IngressRoute provider -@@ -241,6 +255,23 @@ providers: - # By default this Traefik service - # pathOverride: "" - -+ file: -+ # -- Create a file provider -+ enabled: false -+ # -- Allows Traefik to automatically watch for file changes -+ watch: true -+ # -- File content (YAML format, go template supported) (see https://doc.traefik.io/traefik/providers/file/) -+ content: "" -+ # http: -+ # routers: -+ # router0: -+ # entryPoints: -+ # - web -+ # middlewares: -+ # - my-basic-auth -+ # service: service-foo -+ # rule: Path(`/foo`) -+ - # - # -- Add volumes to the traefik pod. The volume name will be passed to tpl. - # This can be used to mount a cert pair or a configmap that holds a config.toml file. -@@ -487,7 +518,7 @@ metrics: - # -- https://doc.traefik.io/traefik/observability/tracing/overview/ - tracing: {} - # openTelemetry: # traefik v3+ only --# grpc: {} -+# grpc: true - # insecure: true - # address: localhost:4317 - # instana: -``` - -## 25.0.0 ![AppVersion: v2.10.5](https://img.shields.io/static/v1?label=AppVersion&message=v2.10.5&color=success&logo=) ![Kubernetes: >=1.16.0-0](https://img.shields.io/static/v1?label=Kubernetes&message=%3E%3D1.16.0-0&color=informational&logo=kubernetes) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2023-10-23 - -* revert: "fix: 🐛 remove old CRDs using traefik.containo.us" -* fix: 🐛 remove old CRDs using traefik.containo.us -* fix: disable ClusterRole and ClusterRoleBinding when not needed -* fix: detect correctly v3 version when using sha in `image.tag` -* fix: allow updateStrategy.rollingUpdate.maxUnavailable to be passed in as an int or string -* fix: add missing separator in crds -* fix: add Prometheus scraping annotations only if serviceMonitor not created -* feat: ✨ add healthcheck ingressRoute -* feat: :boom: support http redirections and http challenges with cert-manager -* feat: :boom: rework and allow update of namespace policy for Gateway -* docs: Fix typo in the default values file -* chore: remove label whitespace at TLSOption -* chore(release): publish v25.0.0 -* chore(deps): update traefik docker tag to v2.10.5 -* chore(deps): update docker.io/helmunittest/helm-unittest docker tag to v3.12.3 -* chore(ci): 🔧 👷 add e2e test when releasing - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index aeec85c..71e377e 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -45,60 +45,60 @@ deployment: - podLabels: {} - # -- Additional containers (e.g. for metric offloading sidecars) - additionalContainers: [] -- # https://docs.datadoghq.com/developers/dogstatsd/unix_socket/?tab=host -- # - name: socat-proxy -- # image: alpine/socat:1.0.5 -- # args: ["-s", "-u", "udp-recv:8125", "unix-sendto:/socket/socket"] -- # volumeMounts: -- # - name: dsdsocket -- # mountPath: /socket -+ # https://docs.datadoghq.com/developers/dogstatsd/unix_socket/?tab=host -+ # - name: socat-proxy -+ # image: alpine/socat:1.0.5 -+ # args: ["-s", "-u", "udp-recv:8125", "unix-sendto:/socket/socket"] -+ # volumeMounts: -+ # - name: dsdsocket -+ # mountPath: /socket - # -- Additional volumes available for use with initContainers and additionalContainers - additionalVolumes: [] -- # - name: dsdsocket -- # hostPath: -- # path: /var/run/statsd-exporter -+ # - name: dsdsocket -+ # hostPath: -+ # path: /var/run/statsd-exporter - # -- Additional initContainers (e.g. for setting file permission as shown below) - initContainers: [] -- # The "volume-permissions" init container is required if you run into permission issues. -- # Related issue: https://github.com/traefik/traefik-helm-chart/issues/396 -- # - name: volume-permissions -- # image: busybox:latest -- # command: ["sh", "-c", "touch /data/acme.json; chmod -v 600 /data/acme.json"] -- # securityContext: -- # runAsNonRoot: true -- # runAsGroup: 65532 -- # runAsUser: 65532 -- # volumeMounts: -- # - name: data -- # mountPath: /data -+ # The "volume-permissions" init container is required if you run into permission issues. -+ # Related issue: https://github.com/traefik/traefik-helm-chart/issues/396 -+ # - name: volume-permissions -+ # image: busybox:latest -+ # command: ["sh", "-c", "touch /data/acme.json; chmod -v 600 /data/acme.json"] -+ # securityContext: -+ # runAsNonRoot: true -+ # runAsGroup: 65532 -+ # runAsUser: 65532 -+ # volumeMounts: -+ # - name: data -+ # mountPath: /data - # -- Use process namespace sharing - shareProcessNamespace: false - # -- Custom pod DNS policy. Apply if `hostNetwork: true` - # dnsPolicy: ClusterFirstWithHostNet - dnsConfig: {} -- # nameservers: -- # - 192.0.2.1 # this is an example -- # searches: -- # - ns1.svc.cluster-domain.example -- # - my.dns.search.suffix -- # options: -- # - name: ndots -- # value: "2" -- # - name: edns0 -+ # nameservers: -+ # - 192.0.2.1 # this is an example -+ # searches: -+ # - ns1.svc.cluster-domain.example -+ # - my.dns.search.suffix -+ # options: -+ # - name: ndots -+ # value: "2" -+ # - name: edns0 - # -- Additional imagePullSecrets - imagePullSecrets: [] -- # - name: myRegistryKeySecretName -+ # - name: myRegistryKeySecretName - # -- Pod lifecycle actions - lifecycle: {} -- # preStop: -- # exec: -- # command: ["/bin/sh", "-c", "sleep 40"] -- # postStart: -- # httpGet: -- # path: /ping -- # port: 9000 -- # host: localhost -- # scheme: HTTP -+ # preStop: -+ # exec: -+ # command: ["/bin/sh", "-c", "sleep 40"] -+ # postStart: -+ # httpGet: -+ # path: /ping -+ # port: 9000 -+ # host: localhost -+ # scheme: HTTP - - # -- Pod disruption budget - podDisruptionBudget: -@@ -116,9 +116,9 @@ ingressClass: - - # Traefik experimental features - experimental: -- #This value is no longer used, set the image.tag to a semver higher than 3.0, e.g. "v3.0.0-beta3" -- #v3: -- # -- Enable traefik version 3 -+ # This value is no longer used, set the image.tag to a semver higher than 3.0, e.g. "v3.0.0-beta3" -+ # v3: -+ # -- Enable traefik version 3 - # enabled: false - plugins: - # -- Enable traefik experimental plugins -@@ -126,9 +126,9 @@ experimental: - kubernetesGateway: - # -- Enable traefik experimental GatewayClass CRD - enabled: false -- gateway: -- # -- Enable traefik regular kubernetes gateway -- enabled: true -+ ## Routes are restricted to namespace of the gateway by default. -+ ## https://gateway-api.sigs.k8s.io/references/spec/#gateway.networking.k8s.io/v1beta1.FromNamespaces -+ # namespacePolicy: All - # certificate: - # group: "core" - # kind: "Secret" -@@ -159,6 +159,22 @@ ingressRoute: - middlewares: [] - # -- TLS options (e.g. secret containing certificate) - tls: {} -+ healthcheck: -+ # -- Create an IngressRoute for the healthcheck probe -+ enabled: false -+ # -- Additional ingressRoute annotations (e.g. for kubernetes.io/ingress.class) -+ annotations: {} -+ # -- Additional ingressRoute labels (e.g. for filtering IngressRoute by custom labels) -+ labels: {} -+ # -- The router match rule used for the healthcheck ingressRoute -+ matchRule: PathPrefix(`/ping`) -+ # -- Specify the allowed entrypoints to use for the healthcheck ingress route, (e.g. traefik, web, websecure). -+ # By default, it's using traefik entrypoint, which is not exposed. -+ entryPoints: ["traefik"] -+ # -- Additional ingressRoute middlewares (e.g. for authentication) -+ middlewares: [] -+ # -- TLS options (e.g. secret containing certificate) -+ tls: {} - - updateStrategy: - # -- Customize updateStrategy: RollingUpdate or OnDelete -@@ -204,10 +220,10 @@ providers: - # labelSelector: environment=production,method=traefik - # -- Array of namespaces to watch. If left empty, Traefik watches all namespaces. - namespaces: [] -- # - "default" -+ # - "default" - - kubernetesIngress: -- # -- Load Kubernetes IngressRoute provider -+ # -- Load Kubernetes Ingress provider - enabled: true - # -- Allows to reference ExternalName services in Ingress - allowExternalNameServices: false -@@ -217,7 +233,7 @@ providers: - # labelSelector: environment=production,method=traefik - # -- Array of namespaces to watch. If left empty, Traefik watches all namespaces. - namespaces: [] -- # - "default" -+ # - "default" - # IP used for Kubernetes Ingress endpoints - publishedService: - enabled: false -@@ -243,9 +259,9 @@ volumes: [] - - # -- Additional volumeMounts to add to the Traefik container - additionalVolumeMounts: [] -- # -- For instance when using a logshipper for access logs -- # - name: traefik-logs -- # mountPath: /var/log/traefik -+# -- For instance when using a logshipper for access logs -+# - name: traefik-logs -+# mountPath: /var/log/traefik - - logs: - general: -@@ -270,26 +286,26 @@ logs: - ## Filtering - # -- https://docs.traefik.io/observability/access-logs/#filtering - filters: {} -- # statuscodes: "200,300-302" -- # retryattempts: true -- # minduration: 10ms -+ # statuscodes: "200,300-302" -+ # retryattempts: true -+ # minduration: 10ms - fields: - general: - # -- Available modes: keep, drop, redact. - defaultmode: keep - # -- Names of the fields to limit. - names: {} -- ## Examples: -- # ClientUsername: drop -+ ## Examples: -+ # ClientUsername: drop - headers: - # -- Available modes: keep, drop, redact. - defaultmode: drop - # -- Names of the headers to limit. - names: {} -- ## Examples: -- # User-Agent: redact -- # Authorization: drop -- # Content-Type: keep -+ ## Examples: -+ # User-Agent: redact -+ # Authorization: drop -+ # Content-Type: keep - - metrics: - ## -- Prometheus is enabled by default. -@@ -308,118 +324,118 @@ metrics: - ## When manualRouting is true, it disables the default internal router in - ## order to allow creating a custom router for prometheus@internal service. - # manualRouting: true --# datadog: --# ## Address instructs exporter to send metrics to datadog-agent at this address. --# address: "127.0.0.1:8125" --# ## The interval used by the exporter to push metrics to datadog-agent. Default=10s --# # pushInterval: 30s --# ## The prefix to use for metrics collection. Default="traefik" --# # prefix: traefik --# ## Enable metrics on entry points. Default=true --# # addEntryPointsLabels: false --# ## Enable metrics on routers. Default=false --# # addRoutersLabels: true --# ## Enable metrics on services. Default=true --# # addServicesLabels: false --# influxdb: --# ## Address instructs exporter to send metrics to influxdb at this address. --# address: localhost:8089 --# ## InfluxDB's address protocol (udp or http). Default="udp" --# protocol: udp --# ## InfluxDB database used when protocol is http. Default="" --# # database: "" --# ## InfluxDB retention policy used when protocol is http. Default="" --# # retentionPolicy: "" --# ## InfluxDB username (only with http). Default="" --# # username: "" --# ## InfluxDB password (only with http). Default="" --# # password: "" --# ## The interval used by the exporter to push metrics to influxdb. Default=10s --# # pushInterval: 30s --# ## Additional labels (influxdb tags) on all metrics. --# # additionalLabels: --# # env: production --# # foo: bar --# ## Enable metrics on entry points. Default=true --# # addEntryPointsLabels: false --# ## Enable metrics on routers. Default=false --# # addRoutersLabels: true --# ## Enable metrics on services. Default=true --# # addServicesLabels: false --# influxdb2: --# ## Address instructs exporter to send metrics to influxdb v2 at this address. --# address: localhost:8086 --# ## Token with which to connect to InfluxDB v2. --# token: xxx --# ## Organisation where metrics will be stored. --# org: "" --# ## Bucket where metrics will be stored. --# bucket: "" --# ## The interval used by the exporter to push metrics to influxdb. Default=10s --# # pushInterval: 30s --# ## Additional labels (influxdb tags) on all metrics. --# # additionalLabels: --# # env: production --# # foo: bar --# ## Enable metrics on entry points. Default=true --# # addEntryPointsLabels: false --# ## Enable metrics on routers. Default=false --# # addRoutersLabels: true --# ## Enable metrics on services. Default=true --# # addServicesLabels: false --# statsd: --# ## Address instructs exporter to send metrics to statsd at this address. --# address: localhost:8125 --# ## The interval used by the exporter to push metrics to influxdb. Default=10s --# # pushInterval: 30s --# ## The prefix to use for metrics collection. Default="traefik" --# # prefix: traefik --# ## Enable metrics on entry points. Default=true --# # addEntryPointsLabels: false --# ## Enable metrics on routers. Default=false --# # addRoutersLabels: true --# ## Enable metrics on services. Default=true --# # addServicesLabels: false --# openTelemetry: --# ## Address of the OpenTelemetry Collector to send metrics to. --# address: "localhost:4318" --# ## Enable metrics on entry points. --# addEntryPointsLabels: true --# ## Enable metrics on routers. --# addRoutersLabels: true --# ## Enable metrics on services. --# addServicesLabels: true --# ## Explicit boundaries for Histogram data points. --# explicitBoundaries: --# - "0.1" --# - "0.3" --# - "1.2" --# - "5.0" --# ## Additional headers sent with metrics by the reporter to the OpenTelemetry Collector. --# headers: --# foo: bar --# test: test --# ## Allows reporter to send metrics to the OpenTelemetry Collector without using a secured protocol. --# insecure: true --# ## Interval at which metrics are sent to the OpenTelemetry Collector. --# pushInterval: 10s --# ## Allows to override the default URL path used for sending metrics. This option has no effect when using gRPC transport. --# path: /foo/v1/traces --# ## Defines the TLS configuration used by the reporter to send metrics to the OpenTelemetry Collector. --# tls: --# ## The path to the certificate authority, it defaults to the system bundle. --# ca: path/to/ca.crt --# ## The path to the public certificate. When using this option, setting the key option is required. --# cert: path/to/foo.cert --# ## The path to the private key. When using this option, setting the cert option is required. --# key: path/to/key.key --# ## If set to true, the TLS connection accepts any certificate presented by the server regardless of the hostnames it covers. --# insecureSkipVerify: true --# ## This instructs the reporter to send metrics to the OpenTelemetry Collector using gRPC. --# grpc: true -- --## -- enable optional CRDs for Prometheus Operator --## -+ # datadog: -+ # ## Address instructs exporter to send metrics to datadog-agent at this address. -+ # address: "127.0.0.1:8125" -+ # ## The interval used by the exporter to push metrics to datadog-agent. Default=10s -+ # # pushInterval: 30s -+ # ## The prefix to use for metrics collection. Default="traefik" -+ # # prefix: traefik -+ # ## Enable metrics on entry points. Default=true -+ # # addEntryPointsLabels: false -+ # ## Enable metrics on routers. Default=false -+ # # addRoutersLabels: true -+ # ## Enable metrics on services. Default=true -+ # # addServicesLabels: false -+ # influxdb: -+ # ## Address instructs exporter to send metrics to influxdb at this address. -+ # address: localhost:8089 -+ # ## InfluxDB's address protocol (udp or http). Default="udp" -+ # protocol: udp -+ # ## InfluxDB database used when protocol is http. Default="" -+ # # database: "" -+ # ## InfluxDB retention policy used when protocol is http. Default="" -+ # # retentionPolicy: "" -+ # ## InfluxDB username (only with http). Default="" -+ # # username: "" -+ # ## InfluxDB password (only with http). Default="" -+ # # password: "" -+ # ## The interval used by the exporter to push metrics to influxdb. Default=10s -+ # # pushInterval: 30s -+ # ## Additional labels (influxdb tags) on all metrics. -+ # # additionalLabels: -+ # # env: production -+ # # foo: bar -+ # ## Enable metrics on entry points. Default=true -+ # # addEntryPointsLabels: false -+ # ## Enable metrics on routers. Default=false -+ # # addRoutersLabels: true -+ # ## Enable metrics on services. Default=true -+ # # addServicesLabels: false -+ # influxdb2: -+ # ## Address instructs exporter to send metrics to influxdb v2 at this address. -+ # address: localhost:8086 -+ # ## Token with which to connect to InfluxDB v2. -+ # token: xxx -+ # ## Organisation where metrics will be stored. -+ # org: "" -+ # ## Bucket where metrics will be stored. -+ # bucket: "" -+ # ## The interval used by the exporter to push metrics to influxdb. Default=10s -+ # # pushInterval: 30s -+ # ## Additional labels (influxdb tags) on all metrics. -+ # # additionalLabels: -+ # # env: production -+ # # foo: bar -+ # ## Enable metrics on entry points. Default=true -+ # # addEntryPointsLabels: false -+ # ## Enable metrics on routers. Default=false -+ # # addRoutersLabels: true -+ # ## Enable metrics on services. Default=true -+ # # addServicesLabels: false -+ # statsd: -+ # ## Address instructs exporter to send metrics to statsd at this address. -+ # address: localhost:8125 -+ # ## The interval used by the exporter to push metrics to influxdb. Default=10s -+ # # pushInterval: 30s -+ # ## The prefix to use for metrics collection. Default="traefik" -+ # # prefix: traefik -+ # ## Enable metrics on entry points. Default=true -+ # # addEntryPointsLabels: false -+ # ## Enable metrics on routers. Default=false -+ # # addRoutersLabels: true -+ # ## Enable metrics on services. Default=true -+ # # addServicesLabels: false -+ # openTelemetry: -+ # ## Address of the OpenTelemetry Collector to send metrics to. -+ # address: "localhost:4318" -+ # ## Enable metrics on entry points. -+ # addEntryPointsLabels: true -+ # ## Enable metrics on routers. -+ # addRoutersLabels: true -+ # ## Enable metrics on services. -+ # addServicesLabels: true -+ # ## Explicit boundaries for Histogram data points. -+ # explicitBoundaries: -+ # - "0.1" -+ # - "0.3" -+ # - "1.2" -+ # - "5.0" -+ # ## Additional headers sent with metrics by the reporter to the OpenTelemetry Collector. -+ # headers: -+ # foo: bar -+ # test: test -+ # ## Allows reporter to send metrics to the OpenTelemetry Collector without using a secured protocol. -+ # insecure: true -+ # ## Interval at which metrics are sent to the OpenTelemetry Collector. -+ # pushInterval: 10s -+ # ## Allows to override the default URL path used for sending metrics. This option has no effect when using gRPC transport. -+ # path: /foo/v1/traces -+ # ## Defines the TLS configuration used by the reporter to send metrics to the OpenTelemetry Collector. -+ # tls: -+ # ## The path to the certificate authority, it defaults to the system bundle. -+ # ca: path/to/ca.crt -+ # ## The path to the public certificate. When using this option, setting the key option is required. -+ # cert: path/to/foo.cert -+ # ## The path to the private key. When using this option, setting the cert option is required. -+ # key: path/to/key.key -+ # ## If set to true, the TLS connection accepts any certificate presented by the server regardless of the hostnames it covers. -+ # insecureSkipVerify: true -+ # ## This instructs the reporter to send metrics to the OpenTelemetry Collector using gRPC. -+ # grpc: true -+ -+ ## -- enable optional CRDs for Prometheus Operator -+ ## - ## Create a dedicated metrics service for use with ServiceMonitor - # service: - # enabled: false -@@ -470,55 +486,55 @@ metrics: - ## Tracing - # -- https://doc.traefik.io/traefik/observability/tracing/overview/ - tracing: {} -- # openTelemetry: # traefik v3+ only -- # grpc: {} -- # insecure: true -- # address: localhost:4317 -- # instana: -- # localAgentHost: 127.0.0.1 -- # localAgentPort: 42699 -- # logLevel: info -- # enableAutoProfile: true -- # datadog: -- # localAgentHostPort: 127.0.0.1:8126 -- # debug: false -- # globalTag: "" -- # prioritySampling: false -- # jaeger: -- # samplingServerURL: http://localhost:5778/sampling -- # samplingType: const -- # samplingParam: 1.0 -- # localAgentHostPort: 127.0.0.1:6831 -- # gen128Bit: false -- # propagation: jaeger -- # traceContextHeaderName: uber-trace-id -- # disableAttemptReconnecting: true -- # collector: -- # endpoint: "" -- # user: "" -- # password: "" -- # zipkin: -- # httpEndpoint: http://localhost:9411/api/v2/spans -- # sameSpan: false -- # id128Bit: true -- # sampleRate: 1.0 -- # haystack: -- # localAgentHost: 127.0.0.1 -- # localAgentPort: 35000 -- # globalTag: "" -- # traceIDHeaderName: "" -- # parentIDHeaderName: "" -- # spanIDHeaderName: "" -- # baggagePrefixHeaderName: "" -- # elastic: -- # serverURL: http://localhost:8200 -- # secretToken: "" -- # serviceEnvironment: "" -+# openTelemetry: # traefik v3+ only -+# grpc: {} -+# insecure: true -+# address: localhost:4317 -+# instana: -+# localAgentHost: 127.0.0.1 -+# localAgentPort: 42699 -+# logLevel: info -+# enableAutoProfile: true -+# datadog: -+# localAgentHostPort: 127.0.0.1:8126 -+# debug: false -+# globalTag: "" -+# prioritySampling: false -+# jaeger: -+# samplingServerURL: http://localhost:5778/sampling -+# samplingType: const -+# samplingParam: 1.0 -+# localAgentHostPort: 127.0.0.1:6831 -+# gen128Bit: false -+# propagation: jaeger -+# traceContextHeaderName: uber-trace-id -+# disableAttemptReconnecting: true -+# collector: -+# endpoint: "" -+# user: "" -+# password: "" -+# zipkin: -+# httpEndpoint: http://localhost:9411/api/v2/spans -+# sameSpan: false -+# id128Bit: true -+# sampleRate: 1.0 -+# haystack: -+# localAgentHost: 127.0.0.1 -+# localAgentPort: 35000 -+# globalTag: "" -+# traceIDHeaderName: "" -+# parentIDHeaderName: "" -+# spanIDHeaderName: "" -+# baggagePrefixHeaderName: "" -+# elastic: -+# serverURL: http://localhost:8200 -+# secretToken: "" -+# serviceEnvironment: "" - - # -- Global command arguments to be passed to all traefik's pods - globalArguments: -- - "--global.checknewversion" -- - "--global.sendanonymoususage" -+- "--global.checknewversion" -+- "--global.sendanonymoususage" - - # - # Configure Traefik static configuration -@@ -531,14 +547,14 @@ additionalArguments: [] - - # -- Environment variables to be passed to Traefik's binary - env: -- - name: POD_NAME -- valueFrom: -- fieldRef: -- fieldPath: metadata.name -- - name: POD_NAMESPACE -- valueFrom: -- fieldRef: -- fieldPath: metadata.namespace -+- name: POD_NAME -+ valueFrom: -+ fieldRef: -+ fieldPath: metadata.name -+- name: POD_NAMESPACE -+ valueFrom: -+ fieldRef: -+ fieldPath: metadata.namespace - # - name: SOME_VAR - # value: some-var-value - # - name: SOME_VAR_FROM_CONFIG_MAP -@@ -600,7 +616,10 @@ ports: - # Port Redirections - # Added in 2.2, you can make permanent redirects via entrypoints. - # https://docs.traefik.io/routing/entrypoints/#redirection -- # redirectTo: websecure -+ # redirectTo: -+ # port: websecure -+ # (Optional) -+ # priority: 10 - # - # Trust forwarded headers information (X-Forwarded-*). - # forwardedHeaders: -@@ -638,14 +657,14 @@ ports: - # advertisedPort: 4443 - # - ## -- Trust forwarded headers information (X-Forwarded-*). -- #forwardedHeaders: -- # trustedIPs: [] -- # insecure: false -+ # forwardedHeaders: -+ # trustedIPs: [] -+ # insecure: false - # - ## -- Enable the Proxy Protocol header parsing for the entry point -- #proxyProtocol: -- # trustedIPs: [] -- # insecure: false -+ # proxyProtocol: -+ # trustedIPs: [] -+ # insecure: false - # - ## Set TLS at the entrypoint - ## https://doc.traefik.io/traefik/routing/entrypoints/#tls -@@ -728,16 +747,16 @@ service: - # -- Additional entries here will be added to the service spec. - # -- Cannot contain type, selector or ports entries. - spec: {} -- # externalTrafficPolicy: Cluster -- # loadBalancerIP: "1.2.3.4" -- # clusterIP: "2.3.4.5" -+ # externalTrafficPolicy: Cluster -+ # loadBalancerIP: "1.2.3.4" -+ # clusterIP: "2.3.4.5" - loadBalancerSourceRanges: [] -- # - 192.168.0.1/32 -- # - 172.16.0.0/16 -+ # - 192.168.0.1/32 -+ # - 172.16.0.0/16 - ## -- Class of the load balancer implementation - # loadBalancerClass: service.k8s.aws/nlb - externalIPs: [] -- # - 1.2.3.4 -+ # - 1.2.3.4 - ## One of SingleStack, PreferDualStack, or RequireDualStack. - # ipFamilyPolicy: SingleStack - ## List of IP families (e.g. IPv4 and/or IPv6). -@@ -789,7 +808,7 @@ persistence: - # It can be used to store TLS certificates, see `storage` in certResolvers - enabled: false - name: data --# existingClaim: "" -+ # existingClaim: "" - accessMode: ReadWriteOnce - size: 128Mi - # storageClass: "" -@@ -852,12 +871,12 @@ serviceAccountAnnotations: {} - - # -- The resources parameter defines CPU and memory requirements and limits for Traefik's containers. - resources: {} -- # requests: -- # cpu: "100m" -- # memory: "50Mi" -- # limits: -- # cpu: "300m" -- # memory: "150Mi" -+# requests: -+# cpu: "100m" -+# memory: "50Mi" -+# limits: -+# cpu: "300m" -+# memory: "150Mi" - - # -- This example pod anti-affinity forces the scheduler to put traefik pods - # -- on nodes where no other traefik pods are scheduled. -``` - -## 24.0.0 ![AppVersion: v2.10.4](https://img.shields.io/static/v1?label=AppVersion&message=v2.10.4&color=success&logo=) ![Kubernetes: >=1.16.0-0](https://img.shields.io/static/v1?label=Kubernetes&message=%3E%3D1.16.0-0&color=informational&logo=kubernetes) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2023-08-10 - -* fix: 💥 BREAKING CHANGE on healthchecks and traefik port -* fix: tracing.opentelemetry.tls is optional for all values -* fix: http3 support broken when advertisedPort set -* feat: multi namespace RBAC manifests -* chore(tests): 🔧 fix typo on tracing test -* chore(release): 🚀 publish v24.0.0 -* chore(deps): update docker.io/helmunittest/helm-unittest docker tag to v3.12.2 - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 947ba56..aeec85c 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -28,6 +28,13 @@ deployment: - terminationGracePeriodSeconds: 60 - # -- The minimum number of seconds Traefik needs to be up and running before the DaemonSet/Deployment controller considers it available - minReadySeconds: 0 -+ ## Override the liveness/readiness port. This is useful to integrate traefik -+ ## with an external Load Balancer that performs healthchecks. -+ ## Default: ports.traefik.port -+ # healthchecksPort: 9000 -+ ## Override the liveness/readiness scheme. Useful for getting ping to -+ ## respond on websecure entryPoint. -+ # healthchecksScheme: HTTPS - # -- Additional deployment annotations (e.g. for jaeger-operator sidecar injection) - annotations: {} - # -- Additional deployment labels (e.g. for filtering deployment by custom labels) -@@ -112,7 +119,7 @@ experimental: - #This value is no longer used, set the image.tag to a semver higher than 3.0, e.g. "v3.0.0-beta3" - #v3: - # -- Enable traefik version 3 -- # enabled: false -+ # enabled: false - plugins: - # -- Enable traefik experimental plugins - enabled: false -@@ -564,15 +571,6 @@ ports: - # only. - # hostIP: 192.168.100.10 - -- # Override the liveness/readiness port. This is useful to integrate traefik -- # with an external Load Balancer that performs healthchecks. -- # Default: ports.traefik.port -- # healthchecksPort: 9000 -- -- # Override the liveness/readiness scheme. Useful for getting ping to -- # respond on websecure entryPoint. -- # healthchecksScheme: HTTPS -- - # Defines whether the port is exposed if service.type is LoadBalancer or - # NodePort. - # -@@ -877,7 +875,7 @@ affinity: {} - nodeSelector: {} - # -- Tolerations allow the scheduler to schedule pods with matching taints. - tolerations: [] --# -- You can use topology spread constraints to control -+# -- You can use topology spread constraints to control - # how Pods are spread across your cluster among failure-domains. - topologySpreadConstraints: [] - # This example topologySpreadConstraints forces the scheduler to put traefik pods -``` - -## 23.2.0 ![AppVersion: v2.10.4](https://img.shields.io/static/v1?label=AppVersion&message=v2.10.4&color=success&logo=) ![Kubernetes: >=1.16.0-0](https://img.shields.io/static/v1?label=Kubernetes&message=%3E%3D1.16.0-0&color=informational&logo=kubernetes) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2023-07-27 - -* ⬆️ Upgrade traefik Docker tag to v2.10.3 -* release: :rocket: publish v23.2.0 -* fix: 🐛 update traefik.containo.us CRDs to v2.10 -* fix: 🐛 traefik or metrics port can be disabled -* fix: ingressclass name should be customizable (#864) -* feat: ✨ add support for traefik v3.0.0-beta3 and openTelemetry -* feat: disable allowPrivilegeEscalation -* feat: add pod_name as default in values.yaml -* chore(tests): 🔧 use more accurate asserts on refactor'd isNull test -* chore(deps): update traefik docker tag to v2.10.4 -* chore(deps): update docker.io/helmunittest/helm-unittest docker tag to v3.11.3 - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 345bbd8..947ba56 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -105,12 +105,14 @@ podDisruptionBudget: - ingressClass: - enabled: true - isDefaultClass: true -+ # name: my-custom-class - - # Traefik experimental features - experimental: -- v3: -+ #This value is no longer used, set the image.tag to a semver higher than 3.0, e.g. "v3.0.0-beta3" -+ #v3: - # -- Enable traefik version 3 -- enabled: false -+ # enabled: false - plugins: - # -- Enable traefik experimental plugins - enabled: false -@@ -461,6 +463,10 @@ metrics: - ## Tracing - # -- https://doc.traefik.io/traefik/observability/tracing/overview/ - tracing: {} -+ # openTelemetry: # traefik v3+ only -+ # grpc: {} -+ # insecure: true -+ # address: localhost:4317 - # instana: - # localAgentHost: 127.0.0.1 - # localAgentPort: 42699 -@@ -517,7 +523,15 @@ additionalArguments: [] - # - "--log.level=DEBUG" - - # -- Environment variables to be passed to Traefik's binary --env: [] -+env: -+ - name: POD_NAME -+ valueFrom: -+ fieldRef: -+ fieldPath: metadata.name -+ - name: POD_NAMESPACE -+ valueFrom: -+ fieldRef: -+ fieldPath: metadata.namespace - # - name: SOME_VAR - # value: some-var-value - # - name: SOME_VAR_FROM_CONFIG_MAP -@@ -563,7 +577,7 @@ ports: - # NodePort. - # - # -- You SHOULD NOT expose the traefik port on production deployments. -- # If you want to access it from outside of your cluster, -+ # If you want to access it from outside your cluster, - # use `kubectl port-forward` or create a secure ingress - expose: false - # -- The exposed port for this service -@@ -571,7 +585,7 @@ ports: - # -- The port protocol (TCP/UDP) - protocol: TCP - web: -- ## -- Enable this entrypoint as a default entrypoint. When a service doesn't explicity set an entrypoint it will only use this entrypoint. -+ ## -- Enable this entrypoint as a default entrypoint. When a service doesn't explicitly set an entrypoint it will only use this entrypoint. - # asDefault: true - port: 8000 - # hostPort: 8000 -@@ -600,7 +614,7 @@ ports: - # trustedIPs: [] - # insecure: false - websecure: -- ## -- Enable this entrypoint as a default entrypoint. When a service doesn't explicity set an entrypoint it will only use this entrypoint. -+ ## -- Enable this entrypoint as a default entrypoint. When a service doesn't explicitly set an entrypoint it will only use this entrypoint. - # asDefault: true - port: 8443 - # hostPort: 8443 -@@ -666,7 +680,7 @@ ports: - # NodePort. - # - # -- You may not want to expose the metrics port on production deployments. -- # If you want to access it from outside of your cluster, -+ # If you want to access it from outside your cluster, - # use `kubectl port-forward` or create a secure ingress - expose: false - # -- The exposed port for this service -@@ -880,14 +894,15 @@ topologySpreadConstraints: [] - priorityClassName: "" - - # -- Set the container security context --# -- To run the container with ports below 1024 this will need to be adjust to run as root -+# -- To run the container with ports below 1024 this will need to be adjusted to run as root - securityContext: - capabilities: - drop: [ALL] - readOnlyRootFilesystem: true -+ allowPrivilegeEscalation: false - - podSecurityContext: -- # /!\ When setting fsGroup, Kubernetes will recursively changes ownership and -+ # /!\ When setting fsGroup, Kubernetes will recursively change ownership and - # permissions for the contents of each volume to match the fsGroup. This can - # be an issue when storing sensitive content like TLS Certificates /!\ - # fsGroup: 65532 -``` - -## 23.1.0 ![AppVersion: v2.10.1](https://img.shields.io/static/v1?label=AppVersion&message=v2.10.1&color=success&logo=) ![Kubernetes: >=1.16.0-0](https://img.shields.io/static/v1?label=Kubernetes&message=%3E%3D1.16.0-0&color=informational&logo=kubernetes) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2023-06-06 - -* release: 🚀 publish v23.1.0 -* fix: 🐛 use k8s version for hpa api version -* fix: 🐛 http3 support on traefik v3 -* fix: use `targetPort` instead of `port` on ServiceMonitor -* feat: ➖ remove Traefik Hub v1 integration -* feat: ✨ add a warning when labelSelector don't match -* feat: common labels for all resources -* feat: allow specifying service loadBalancerClass -* feat: add optional `appProtocol` field on Service ports -* doc: added values README via helm-docs cli - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 71273cc..345bbd8 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -1,70 +1,56 @@ - # Default values for Traefik - image: -+ # -- Traefik image host registry - registry: docker.io -+ # -- Traefik image repository - repository: traefik -- # defaults to appVersion -+ # -- defaults to appVersion - tag: "" -+ # -- Traefik image pull policy - pullPolicy: IfNotPresent - --# --# Configure integration with Traefik Hub --# --hub: -- ## Enabling Hub will: -- # * enable Traefik Hub integration on Traefik -- # * add `traefikhub-tunl` endpoint -- # * enable Prometheus metrics with addRoutersLabels -- # * enable allowExternalNameServices on KubernetesIngress provider -- # * enable allowCrossNamespace on KubernetesCRD provider -- # * add an internal (ClusterIP) Service, dedicated for Traefik Hub -- enabled: false -- ## Default port can be changed -- # tunnelPort: 9901 -- ## TLS is optional. Insecure is mutually exclusive with any other options -- # tls: -- # insecure: false -- # ca: "/path/to/ca.pem" -- # cert: "/path/to/cert.pem" -- # key: "/path/to/key.pem" -+# -- Add additional label to all resources -+commonLabels: {} - - # - # Configure the deployment - # - deployment: -+ # -- Enable deployment - enabled: true -- # Can be either Deployment or DaemonSet -+ # -- Deployment or DaemonSet - kind: Deployment -- # Number of pods of the deployment (only applies when kind == Deployment) -+ # -- Number of pods of the deployment (only applies when kind == Deployment) - replicas: 1 -- # Number of old history to retain to allow rollback (If not set, default Kubernetes value is set to 10) -+ # -- Number of old history to retain to allow rollback (If not set, default Kubernetes value is set to 10) - # revisionHistoryLimit: 1 -- # Amount of time (in seconds) before Kubernetes will send the SIGKILL signal if Traefik does not shut down -+ # -- Amount of time (in seconds) before Kubernetes will send the SIGKILL signal if Traefik does not shut down - terminationGracePeriodSeconds: 60 -- # The minimum number of seconds Traefik needs to be up and running before the DaemonSet/Deployment controller considers it available -+ # -- The minimum number of seconds Traefik needs to be up and running before the DaemonSet/Deployment controller considers it available - minReadySeconds: 0 -- # Additional deployment annotations (e.g. for jaeger-operator sidecar injection) -+ # -- Additional deployment annotations (e.g. for jaeger-operator sidecar injection) - annotations: {} -- # Additional deployment labels (e.g. for filtering deployment by custom labels) -+ # -- Additional deployment labels (e.g. for filtering deployment by custom labels) - labels: {} -- # Additional pod annotations (e.g. for mesh injection or prometheus scraping) -+ # -- Additional pod annotations (e.g. for mesh injection or prometheus scraping) - podAnnotations: {} -- # Additional Pod labels (e.g. for filtering Pod by custom labels) -+ # -- Additional Pod labels (e.g. for filtering Pod by custom labels) - podLabels: {} -- # Additional containers (e.g. for metric offloading sidecars) -+ # -- Additional containers (e.g. for metric offloading sidecars) - additionalContainers: [] - # https://docs.datadoghq.com/developers/dogstatsd/unix_socket/?tab=host - # - name: socat-proxy -- # image: alpine/socat:1.0.5 -- # args: ["-s", "-u", "udp-recv:8125", "unix-sendto:/socket/socket"] -- # volumeMounts: -- # - name: dsdsocket -- # mountPath: /socket -- # Additional volumes available for use with initContainers and additionalContainers -+ # image: alpine/socat:1.0.5 -+ # args: ["-s", "-u", "udp-recv:8125", "unix-sendto:/socket/socket"] -+ # volumeMounts: -+ # - name: dsdsocket -+ # mountPath: /socket -+ # -- Additional volumes available for use with initContainers and additionalContainers - additionalVolumes: [] - # - name: dsdsocket - # hostPath: - # path: /var/run/statsd-exporter -- # Additional initContainers (e.g. for setting file permission as shown below) -+ # -- Additional initContainers (e.g. for setting file permission as shown below) - initContainers: [] - # The "volume-permissions" init container is required if you run into permission issues. - # Related issue: https://github.com/traefik/traefik-helm-chart/issues/396 -@@ -78,9 +64,9 @@ deployment: - # volumeMounts: - # - name: data - # mountPath: /data -- # Use process namespace sharing -+ # -- Use process namespace sharing - shareProcessNamespace: false -- # Custom pod DNS policy. Apply if `hostNetwork: true` -+ # -- Custom pod DNS policy. Apply if `hostNetwork: true` - # dnsPolicy: ClusterFirstWithHostNet - dnsConfig: {} - # nameservers: -@@ -92,10 +78,10 @@ deployment: - # - name: ndots - # value: "2" - # - name: edns0 -- # Additional imagePullSecrets -+ # -- Additional imagePullSecrets - imagePullSecrets: [] - # - name: myRegistryKeySecretName -- # Pod lifecycle actions -+ # -- Pod lifecycle actions - lifecycle: {} - # preStop: - # exec: -@@ -107,7 +93,7 @@ deployment: - # host: localhost - # scheme: HTTP - --# Pod disruption budget -+# -- Pod disruption budget - podDisruptionBudget: - enabled: false - # maxUnavailable: 1 -@@ -115,93 +101,112 @@ podDisruptionBudget: - # minAvailable: 0 - # minAvailable: 25% - --# Create a default IngressClass for Traefik -+# -- Create a default IngressClass for Traefik - ingressClass: - enabled: true - isDefaultClass: true - --# Enable experimental features -+# Traefik experimental features - experimental: - v3: -+ # -- Enable traefik version 3 - enabled: false - plugins: -+ # -- Enable traefik experimental plugins - enabled: false - kubernetesGateway: -+ # -- Enable traefik experimental GatewayClass CRD - enabled: false - gateway: -+ # -- Enable traefik regular kubernetes gateway - enabled: true - # certificate: - # group: "core" - # kind: "Secret" - # name: "mysecret" -- # By default, Gateway would be created to the Namespace you are deploying Traefik to. -+ # -- By default, Gateway would be created to the Namespace you are deploying Traefik to. - # You may create that Gateway in another namespace, setting its name below: - # namespace: default - # Additional gateway annotations (e.g. for cert-manager.io/issuer) - # annotations: - # cert-manager.io/issuer: letsencrypt - --# Create an IngressRoute for the dashboard -+## Create an IngressRoute for the dashboard - ingressRoute: - dashboard: -+ # -- Create an IngressRoute for the dashboard - enabled: true -- # Additional ingressRoute annotations (e.g. for kubernetes.io/ingress.class) -+ # -- Additional ingressRoute annotations (e.g. for kubernetes.io/ingress.class) - annotations: {} -- # Additional ingressRoute labels (e.g. for filtering IngressRoute by custom labels) -+ # -- Additional ingressRoute labels (e.g. for filtering IngressRoute by custom labels) - labels: {} -- # The router match rule used for the dashboard ingressRoute -+ # -- The router match rule used for the dashboard ingressRoute - matchRule: PathPrefix(`/dashboard`) || PathPrefix(`/api`) -- # Specify the allowed entrypoints to use for the dashboard ingress route, (e.g. traefik, web, websecure). -+ # -- Specify the allowed entrypoints to use for the dashboard ingress route, (e.g. traefik, web, websecure). - # By default, it's using traefik entrypoint, which is not exposed. - # /!\ Do not expose your dashboard without any protection over the internet /!\ - entryPoints: ["traefik"] -- # Additional ingressRoute middlewares (e.g. for authentication) -+ # -- Additional ingressRoute middlewares (e.g. for authentication) - middlewares: [] -- # TLS options (e.g. secret containing certificate) -+ # -- TLS options (e.g. secret containing certificate) - tls: {} - --# Customize updateStrategy of traefik pods - updateStrategy: -+ # -- Customize updateStrategy: RollingUpdate or OnDelete - type: RollingUpdate - rollingUpdate: - maxUnavailable: 0 - maxSurge: 1 - --# Customize liveness and readiness probe values. - readinessProbe: -+ # -- The number of consecutive failures allowed before considering the probe as failed. - failureThreshold: 1 -+ # -- The number of seconds to wait before starting the first probe. - initialDelaySeconds: 2 -+ # -- The number of seconds to wait between consecutive probes. - periodSeconds: 10 -+ # -- The minimum consecutive successes required to consider the probe successful. - successThreshold: 1 -+ # -- The number of seconds to wait for a probe response before considering it as failed. - timeoutSeconds: 2 -- - livenessProbe: -+ # -- The number of consecutive failures allowed before considering the probe as failed. - failureThreshold: 3 -+ # -- The number of seconds to wait before starting the first probe. - initialDelaySeconds: 2 -+ # -- The number of seconds to wait between consecutive probes. - periodSeconds: 10 -+ # -- The minimum consecutive successes required to consider the probe successful. - successThreshold: 1 -+ # -- The number of seconds to wait for a probe response before considering it as failed. - timeoutSeconds: 2 - --# --# Configure providers --# - providers: - kubernetesCRD: -+ # -- Load Kubernetes IngressRoute provider - enabled: true -+ # -- Allows IngressRoute to reference resources in namespace other than theirs - allowCrossNamespace: false -+ # -- Allows to reference ExternalName services in IngressRoute - allowExternalNameServices: false -+ # -- Allows to return 503 when there is no endpoints available - allowEmptyServices: false - # ingressClass: traefik-internal - # labelSelector: environment=production,method=traefik -+ # -- Array of namespaces to watch. If left empty, Traefik watches all namespaces. - namespaces: [] - # - "default" - - kubernetesIngress: -+ # -- Load Kubernetes IngressRoute provider - enabled: true -+ # -- Allows to reference ExternalName services in Ingress - allowExternalNameServices: false -+ # -- Allows to return 503 when there is no endpoints available - allowEmptyServices: false - # ingressClass: traefik-internal - # labelSelector: environment=production,method=traefik -+ # -- Array of namespaces to watch. If left empty, Traefik watches all namespaces. - namespaces: [] - # - "default" - # IP used for Kubernetes Ingress endpoints -@@ -212,13 +217,13 @@ providers: - # pathOverride: "" - - # --# Add volumes to the traefik pod. The volume name will be passed to tpl. -+# -- Add volumes to the traefik pod. The volume name will be passed to tpl. - # This can be used to mount a cert pair or a configmap that holds a config.toml file. - # After the volume has been mounted, add the configs into traefik by using the `additionalArguments` list below, eg: --# additionalArguments: -+# `additionalArguments: - # - "--providers.file.filename=/config/dynamic.toml" - # - "--ping" --# - "--ping.entrypoint=web" -+# - "--ping.entrypoint=web"` - volumes: [] - # - name: public-cert - # mountPath: "/certs" -@@ -227,25 +232,22 @@ volumes: [] - # mountPath: "/config" - # type: configMap - --# Additional volumeMounts to add to the Traefik container -+# -- Additional volumeMounts to add to the Traefik container - additionalVolumeMounts: [] -- # For instance when using a logshipper for access logs -+ # -- For instance when using a logshipper for access logs - # - name: traefik-logs - # mountPath: /var/log/traefik - --## Logs --## https://docs.traefik.io/observability/logs/ - logs: -- ## Traefik logs concern everything that happens to Traefik itself (startup, configuration, events, shutdown, and so on). - general: -- # By default, the logs use a text format (common), but you can -+ # -- By default, the logs use a text format (common), but you can - # also ask for the json format in the format option - # format: json - # By default, the level is set to ERROR. -- # Alternative logging levels are DEBUG, PANIC, FATAL, ERROR, WARN, and INFO. -+ # -- Alternative logging levels are DEBUG, PANIC, FATAL, ERROR, WARN, and INFO. - level: ERROR - access: -- # To enable access logs -+ # -- To enable access logs - enabled: false - ## By default, logs are written using the Common Log Format (CLF) on stdout. - ## To write logs in JSON, use json in the format option. -@@ -256,21 +258,24 @@ logs: - ## This option represents the number of log lines Traefik will keep in memory before writing - ## them to the selected output. In some cases, this option can greatly help performances. - # bufferingSize: 100 -- ## Filtering https://docs.traefik.io/observability/access-logs/#filtering -+ ## Filtering -+ # -- https://docs.traefik.io/observability/access-logs/#filtering - filters: {} - # statuscodes: "200,300-302" - # retryattempts: true - # minduration: 10ms -- ## Fields -- ## https://docs.traefik.io/observability/access-logs/#limiting-the-fieldsincluding-headers - fields: - general: -+ # -- Available modes: keep, drop, redact. - defaultmode: keep -+ # -- Names of the fields to limit. - names: {} - ## Examples: - # ClientUsername: drop - headers: -+ # -- Available modes: keep, drop, redact. - defaultmode: drop -+ # -- Names of the headers to limit. - names: {} - ## Examples: - # User-Agent: redact -@@ -278,10 +283,10 @@ logs: - # Content-Type: keep - - metrics: -- ## Prometheus is enabled by default. -- ## It can be disabled by setting "prometheus: null" -+ ## -- Prometheus is enabled by default. -+ ## -- It can be disabled by setting "prometheus: null" - prometheus: -- ## Entry point used to expose metrics. -+ # -- Entry point used to expose metrics. - entryPoint: metrics - ## Enable metrics on entry points. Default=true - # addEntryPointsLabels: false -@@ -404,11 +409,9 @@ metrics: - # ## This instructs the reporter to send metrics to the OpenTelemetry Collector using gRPC. - # grpc: true - --## --## enable optional CRDs for Prometheus Operator -+## -- enable optional CRDs for Prometheus Operator - ## - ## Create a dedicated metrics service for use with ServiceMonitor -- ## When hub.enabled is set to true, it's not needed: it will use hub service. - # service: - # enabled: false - # labels: {} -@@ -455,6 +458,8 @@ metrics: - # summary: "Traefik Down" - # description: "{{ $labels.pod }} on {{ $labels.nodename }} is down" - -+## Tracing -+# -- https://doc.traefik.io/traefik/observability/tracing/overview/ - tracing: {} - # instana: - # localAgentHost: 127.0.0.1 -@@ -497,20 +502,21 @@ tracing: {} - # secretToken: "" - # serviceEnvironment: "" - -+# -- Global command arguments to be passed to all traefik's pods - globalArguments: - - "--global.checknewversion" - - "--global.sendanonymoususage" - - # - # Configure Traefik static configuration --# Additional arguments to be passed at Traefik's binary -+# -- Additional arguments to be passed at Traefik's binary - # All available options available on https://docs.traefik.io/reference/static-configuration/cli/ - ## Use curly braces to pass values: `helm install --set="additionalArguments={--providers.kubernetesingress.ingressclass=traefik-internal,--log.level=DEBUG}"` - additionalArguments: [] - # - "--providers.kubernetesingress.ingressclass=traefik-internal" - # - "--log.level=DEBUG" - --# Environment variables to be passed to Traefik's binary -+# -- Environment variables to be passed to Traefik's binary - env: [] - # - name: SOME_VAR - # value: some-var-value -@@ -525,22 +531,20 @@ env: [] - # name: secret-name - # key: secret-key - -+# -- Environment variables to be passed to Traefik's binary from configMaps or secrets - envFrom: [] - # - configMapRef: - # name: config-map-name - # - secretRef: - # name: secret-name - --# Configure ports - ports: -- # The name of this one can't be changed as it is used for the readiness and -- # liveness probes, but you can adjust its config to your liking - traefik: - port: 9000 -- # Use hostPort if set. -+ # -- Use hostPort if set. - # hostPort: 9000 - # -- # Use hostIP if set. If not set, Kubernetes will default to 0.0.0.0, which -+ # -- Use hostIP if set. If not set, Kubernetes will default to 0.0.0.0, which - # means it's listening on all your interfaces and all your IPs. You may want - # to set this value if you need traefik to listen on specific interface - # only. -@@ -558,27 +562,27 @@ ports: - # Defines whether the port is exposed if service.type is LoadBalancer or - # NodePort. - # -- # You SHOULD NOT expose the traefik port on production deployments. -+ # -- You SHOULD NOT expose the traefik port on production deployments. - # If you want to access it from outside of your cluster, - # use `kubectl port-forward` or create a secure ingress - expose: false -- # The exposed port for this service -+ # -- The exposed port for this service - exposedPort: 9000 -- # The port protocol (TCP/UDP) -+ # -- The port protocol (TCP/UDP) - protocol: TCP - web: -- ## Enable this entrypoint as a default entrypoint. When a service doesn't explicity set an entrypoint it will only use this entrypoint. -+ ## -- Enable this entrypoint as a default entrypoint. When a service doesn't explicity set an entrypoint it will only use this entrypoint. - # asDefault: true - port: 8000 - # hostPort: 8000 - # containerPort: 8000 - expose: true - exposedPort: 80 -- ## Different target traefik port on the cluster, useful for IP type LB -+ ## -- Different target traefik port on the cluster, useful for IP type LB - # targetPort: 80 - # The port protocol (TCP/UDP) - protocol: TCP -- # Use nodeport if set. This is useful if you have configured Traefik in a -+ # -- Use nodeport if set. This is useful if you have configured Traefik in a - # LoadBalancer. - # nodePort: 32080 - # Port Redirections -@@ -596,20 +600,22 @@ ports: - # trustedIPs: [] - # insecure: false - websecure: -- ## Enable this entrypoint as a default entrypoint. When a service doesn't explicity set an entrypoint it will only use this entrypoint. -+ ## -- Enable this entrypoint as a default entrypoint. When a service doesn't explicity set an entrypoint it will only use this entrypoint. - # asDefault: true - port: 8443 - # hostPort: 8443 - # containerPort: 8443 - expose: true - exposedPort: 443 -- ## Different target traefik port on the cluster, useful for IP type LB -+ ## -- Different target traefik port on the cluster, useful for IP type LB - # targetPort: 80 -- ## The port protocol (TCP/UDP) -+ ## -- The port protocol (TCP/UDP) - protocol: TCP - # nodePort: 32443 -+ ## -- Specify an application protocol. This may be used as a hint for a Layer 7 load balancer. -+ # appProtocol: https - # -- ## Enable HTTP/3 on the entrypoint -+ ## -- Enable HTTP/3 on the entrypoint - ## Enabling it will also enable http3 experimental feature - ## https://doc.traefik.io/traefik/routing/entrypoints/#http3 - ## There are known limitations when trying to listen on same ports for -@@ -619,12 +625,12 @@ ports: - enabled: false - # advertisedPort: 4443 - # -- ## Trust forwarded headers information (X-Forwarded-*). -+ ## -- Trust forwarded headers information (X-Forwarded-*). - #forwardedHeaders: - # trustedIPs: [] - # insecure: false - # -- ## Enable the Proxy Protocol header parsing for the entry point -+ ## -- Enable the Proxy Protocol header parsing for the entry point - #proxyProtocol: - # trustedIPs: [] - # insecure: false -@@ -642,33 +648,33 @@ ports: - # - foo.example.com - # - bar.example.com - # -- # One can apply Middlewares on an entrypoint -+ # -- One can apply Middlewares on an entrypoint - # https://doc.traefik.io/traefik/middlewares/overview/ - # https://doc.traefik.io/traefik/routing/entrypoints/#middlewares -- # /!\ It introduces here a link between your static configuration and your dynamic configuration /!\ -+ # -- /!\ It introduces here a link between your static configuration and your dynamic configuration /!\ - # It follows the provider naming convention: https://doc.traefik.io/traefik/providers/overview/#provider-namespace - # middlewares: - # - namespace-name1@kubernetescrd - # - namespace-name2@kubernetescrd - middlewares: [] - metrics: -- # When using hostNetwork, use another port to avoid conflict with node exporter: -+ # -- When using hostNetwork, use another port to avoid conflict with node exporter: - # https://github.com/prometheus/prometheus/wiki/Default-port-allocations - port: 9100 - # hostPort: 9100 - # Defines whether the port is exposed if service.type is LoadBalancer or - # NodePort. - # -- # You may not want to expose the metrics port on production deployments. -+ # -- You may not want to expose the metrics port on production deployments. - # If you want to access it from outside of your cluster, - # use `kubectl port-forward` or create a secure ingress - expose: false -- # The exposed port for this service -+ # -- The exposed port for this service - exposedPort: 9100 -- # The port protocol (TCP/UDP) -+ # -- The port protocol (TCP/UDP) - protocol: TCP - --# TLS Options are created as TLSOption CRDs -+# -- TLS Options are created as TLSOption CRDs - # https://doc.traefik.io/traefik/https/tls/#tls-options - # When using `labelSelector`, you'll need to set labels on tlsOption accordingly. - # Example: -@@ -684,7 +690,7 @@ ports: - # - CurveP384 - tlsOptions: {} - --# TLS Store are created as TLSStore CRDs. This is useful if you want to set a default certificate -+# -- TLS Store are created as TLSStore CRDs. This is useful if you want to set a default certificate - # https://doc.traefik.io/traefik/https/tls/#default-certificate - # Example: - # tlsStore: -@@ -693,24 +699,22 @@ tlsOptions: {} - # secretName: tls-cert - tlsStore: {} - --# Options for the main traefik service, where the entrypoints traffic comes --# from. - service: - enabled: true -- ## Single service is using `MixedProtocolLBService` feature gate. -- ## When set to false, it will create two Service, one for TCP and one for UDP. -+ ## -- Single service is using `MixedProtocolLBService` feature gate. -+ ## -- When set to false, it will create two Service, one for TCP and one for UDP. - single: true - type: LoadBalancer -- # Additional annotations applied to both TCP and UDP services (e.g. for cloud provider specific config) -+ # -- Additional annotations applied to both TCP and UDP services (e.g. for cloud provider specific config) - annotations: {} -- # Additional annotations for TCP service only -+ # -- Additional annotations for TCP service only - annotationsTCP: {} -- # Additional annotations for UDP service only -+ # -- Additional annotations for UDP service only - annotationsUDP: {} -- # Additional service labels (e.g. for filtering Service by custom labels) -+ # -- Additional service labels (e.g. for filtering Service by custom labels) - labels: {} -- # Additional entries here will be added to the service spec. -- # Cannot contain type, selector or ports entries. -+ # -- Additional entries here will be added to the service spec. -+ # -- Cannot contain type, selector or ports entries. - spec: {} - # externalTrafficPolicy: Cluster - # loadBalancerIP: "1.2.3.4" -@@ -718,6 +722,8 @@ service: - loadBalancerSourceRanges: [] - # - 192.168.0.1/32 - # - 172.16.0.0/16 -+ ## -- Class of the load balancer implementation -+ # loadBalancerClass: service.k8s.aws/nlb - externalIPs: [] - # - 1.2.3.4 - ## One of SingleStack, PreferDualStack, or RequireDualStack. -@@ -728,7 +734,7 @@ service: - # - IPv4 - # - IPv6 - ## -- ## An additionnal and optional internal Service. -+ ## -- An additionnal and optional internal Service. - ## Same parameters as external Service - # internal: - # type: ClusterIP -@@ -739,9 +745,8 @@ service: - # # externalIPs: [] - # # ipFamilies: [ "IPv4","IPv6" ] - --## Create HorizontalPodAutoscaler object. --## - autoscaling: -+ # -- Create HorizontalPodAutoscaler object. - enabled: false - # minReplicas: 1 - # maxReplicas: 10 -@@ -766,10 +771,10 @@ autoscaling: - # value: 1 - # periodSeconds: 60 - --# Enable persistence using Persistent Volume Claims --# ref: http://kubernetes.io/docs/user-guide/persistent-volumes/ --# It can be used to store TLS certificates, see `storage` in certResolvers - persistence: -+ # -- Enable persistence using Persistent Volume Claims -+ # ref: http://kubernetes.io/docs/user-guide/persistent-volumes/ -+ # It can be used to store TLS certificates, see `storage` in certResolvers - enabled: false - name: data - # existingClaim: "" -@@ -779,8 +784,10 @@ persistence: - # volumeName: "" - path: /data - annotations: {} -- # subPath: "" # only mount a subpath of the Volume into the pod -+ # -- Only mount a subpath of the Volume into the pod -+ # subPath: "" - -+# -- Certificates resolvers configuration - certResolvers: {} - # letsencrypt: - # # for challenge options cf. https://doc.traefik.io/traefik/https/acme/ -@@ -802,13 +809,13 @@ certResolvers: {} - # # It has to match the path with a persistent volume - # storage: /data/acme.json - --# If hostNetwork is true, runs traefik in the host network namespace -+# -- If hostNetwork is true, runs traefik in the host network namespace - # To prevent unschedulabel pods due to port collisions, if hostNetwork=true - # and replicas>1, a pod anti-affinity is recommended and will be set if the - # affinity is left as default. - hostNetwork: false - --# Whether Role Based Access Control objects like roles and rolebindings should be created -+# -- Whether Role Based Access Control objects like roles and rolebindings should be created - rbac: - enabled: true - # If set to false, installs ClusterRole and ClusterRoleBinding so Traefik can be used across namespaces. -@@ -818,19 +825,20 @@ rbac: - # https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles - # aggregateTo: [ "admin" ] - --# Enable to create a PodSecurityPolicy and assign it to the Service Account via RoleBinding or ClusterRoleBinding -+# -- Enable to create a PodSecurityPolicy and assign it to the Service Account via RoleBinding or ClusterRoleBinding - podSecurityPolicy: - enabled: false - --# The service account the pods will use to interact with the Kubernetes API -+# -- The service account the pods will use to interact with the Kubernetes API - serviceAccount: - # If set, an existing service account is used - # If not set, a service account is created automatically using the fullname template - name: "" - --# Additional serviceAccount annotations (e.g. for oidc authentication) -+# -- Additional serviceAccount annotations (e.g. for oidc authentication) - serviceAccountAnnotations: {} - -+# -- The resources parameter defines CPU and memory requirements and limits for Traefik's containers. - resources: {} - # requests: - # cpu: "100m" -@@ -839,8 +847,8 @@ resources: {} - # cpu: "300m" - # memory: "150Mi" - --# This example pod anti-affinity forces the scheduler to put traefik pods --# on nodes where no other traefik pods are scheduled. -+# -- This example pod anti-affinity forces the scheduler to put traefik pods -+# -- on nodes where no other traefik pods are scheduled. - # It should be used when hostNetwork: true to prevent port conflicts - affinity: {} - # podAntiAffinity: -@@ -851,11 +859,15 @@ affinity: {} - # app.kubernetes.io/instance: '{{ .Release.Name }}-{{ .Release.Namespace }}' - # topologyKey: kubernetes.io/hostname - -+# -- nodeSelector is the simplest recommended form of node selection constraint. - nodeSelector: {} -+# -- Tolerations allow the scheduler to schedule pods with matching taints. - tolerations: [] -+# -- You can use topology spread constraints to control -+# how Pods are spread across your cluster among failure-domains. - topologySpreadConstraints: [] --# # This example topologySpreadConstraints forces the scheduler to put traefik pods --# # on nodes where no other traefik pods are scheduled. -+# This example topologySpreadConstraints forces the scheduler to put traefik pods -+# on nodes where no other traefik pods are scheduled. - # - labelSelector: - # matchLabels: - # app: '{{ template "traefik.name" . }}' -@@ -863,29 +875,33 @@ topologySpreadConstraints: [] - # topologyKey: kubernetes.io/hostname - # whenUnsatisfiable: DoNotSchedule - --# Pods can have priority. --# Priority indicates the importance of a Pod relative to other Pods. -+# -- Pods can have priority. -+# -- Priority indicates the importance of a Pod relative to other Pods. - priorityClassName: "" - --# Set the container security context --# To run the container with ports below 1024 this will need to be adjust to run as root -+# -- Set the container security context -+# -- To run the container with ports below 1024 this will need to be adjust to run as root - securityContext: - capabilities: - drop: [ALL] - readOnlyRootFilesystem: true - - podSecurityContext: --# # /!\ When setting fsGroup, Kubernetes will recursively changes ownership and --# # permissions for the contents of each volume to match the fsGroup. This can --# # be an issue when storing sensitive content like TLS Certificates /!\ --# fsGroup: 65532 -+ # /!\ When setting fsGroup, Kubernetes will recursively changes ownership and -+ # permissions for the contents of each volume to match the fsGroup. This can -+ # be an issue when storing sensitive content like TLS Certificates /!\ -+ # fsGroup: 65532 -+ # -- Specifies the policy for changing ownership and permissions of volume contents to match the fsGroup. - fsGroupChangePolicy: "OnRootMismatch" -+ # -- The ID of the group for all containers in the pod to run as. - runAsGroup: 65532 -+ # -- Specifies whether the containers should run as a non-root user. - runAsNonRoot: true -+ # -- The ID of the user for all containers in the pod to run as. - runAsUser: 65532 - - # --# Extra objects to deploy (value evaluated as a template) -+# -- Extra objects to deploy (value evaluated as a template) - # - # In some cases, it can avoid the need for additional, extended or adhoc deployments. - # See #595 for more details and traefik/tests/values/extra.yaml for example. -@@ -895,5 +911,5 @@ extraObjects: [] - # It will not affect optional CRDs such as `ServiceMonitor` and `PrometheusRules` - # namespaceOverride: traefik - # --## This will override the default app.kubernetes.io/instance label for all Objects. -+## -- This will override the default app.kubernetes.io/instance label for all Objects. - # instanceLabelOverride: traefik -``` - -## 23.0.1 ![AppVersion: v2.10.1](https://img.shields.io/static/v1?label=AppVersion&message=v2.10.1&color=success&logo=) ![Kubernetes: >=1.16.0-0](https://img.shields.io/static/v1?label=Kubernetes&message=%3E%3D1.16.0-0&color=informational&logo=kubernetes) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2023-04-28 - -* fix: ⬆️ Upgrade traefik Docker tag to v2.10.1 - - -## 23.0.0 ![AppVersion: v2.10.0](https://img.shields.io/static/v1?label=AppVersion&message=v2.10.0&color=success&logo=) ![Kubernetes: >=1.16.0-0](https://img.shields.io/static/v1?label=Kubernetes&message=%3E%3D1.16.0-0&color=informational&logo=kubernetes) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2023-04-26 - -* BREAKING CHANGE: Traefik 2.10 comes with CRDs update on API Group - - -## 22.3.0 ![AppVersion: v2.10.0](https://img.shields.io/static/v1?label=AppVersion&message=v2.10.0&color=success&logo=) ![Kubernetes: >=1.16.0-0](https://img.shields.io/static/v1?label=Kubernetes&message=%3E%3D1.16.0-0&color=informational&logo=kubernetes) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2023-04-25 - -* ⬆️ Upgrade traefik Docker tag to v2.10.0 -* fix: 🐛 update rbac for both traefik.io and containo.us apigroups (#836) -* breaking: 💥 update CRDs needed for Traefik v2.10 - - -## 22.2.0 ![AppVersion: v2.9.10](https://img.shields.io/static/v1?label=AppVersion&message=v2.9.10&color=success&logo=) ![Kubernetes: >=1.16.0-0](https://img.shields.io/static/v1?label=Kubernetes&message=%3E%3D1.16.0-0&color=informational&logo=kubernetes) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2023-04-24 - -* test: 👷 Update unit tests tooling -* fix: 🐛 annotations leaking between aliased subcharts -* fix: indentation on `TLSOption` -* feat: override container port -* feat: allow to set dnsConfig on pod template -* chore: 🔧 new release -* added targetPort support - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 9ece303..71273cc 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -82,6 +82,16 @@ deployment: - shareProcessNamespace: false - # Custom pod DNS policy. Apply if `hostNetwork: true` - # dnsPolicy: ClusterFirstWithHostNet -+ dnsConfig: {} -+ # nameservers: -+ # - 192.0.2.1 # this is an example -+ # searches: -+ # - ns1.svc.cluster-domain.example -+ # - my.dns.search.suffix -+ # options: -+ # - name: ndots -+ # value: "2" -+ # - name: edns0 - # Additional imagePullSecrets - imagePullSecrets: [] - # - name: myRegistryKeySecretName -@@ -561,8 +571,11 @@ ports: - # asDefault: true - port: 8000 - # hostPort: 8000 -+ # containerPort: 8000 - expose: true - exposedPort: 80 -+ ## Different target traefik port on the cluster, useful for IP type LB -+ # targetPort: 80 - # The port protocol (TCP/UDP) - protocol: TCP - # Use nodeport if set. This is useful if you have configured Traefik in a -@@ -587,8 +600,11 @@ ports: - # asDefault: true - port: 8443 - # hostPort: 8443 -+ # containerPort: 8443 - expose: true - exposedPort: 443 -+ ## Different target traefik port on the cluster, useful for IP type LB -+ # targetPort: 80 - ## The port protocol (TCP/UDP) - protocol: TCP - # nodePort: 32443 -``` - -## 22.1.0 ![AppVersion: v2.9.10](https://img.shields.io/static/v1?label=AppVersion&message=v2.9.10&color=success&logo=) ![Kubernetes: >=1.16.0-0](https://img.shields.io/static/v1?label=Kubernetes&message=%3E%3D1.16.0-0&color=informational&logo=kubernetes) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2023-04-07 - -* ⬆️ Upgrade traefik Docker tag to v2.9.10 -* feat: add additional labels to tlsoption - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 4762b77..9ece303 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -654,12 +654,15 @@ ports: - - # TLS Options are created as TLSOption CRDs - # https://doc.traefik.io/traefik/https/tls/#tls-options -+# When using `labelSelector`, you'll need to set labels on tlsOption accordingly. - # Example: - # tlsOptions: - # default: -+# labels: {} - # sniStrict: true - # preferServerCipherSuites: true --# foobar: -+# customOptions: -+# labels: {} - # curvePreferences: - # - CurveP521 - # - CurveP384 -``` - -## 22.0.0 ![AppVersion: v2.9.9](https://img.shields.io/static/v1?label=AppVersion&message=v2.9.9&color=success&logo=) ![Kubernetes: >=1.16.0-0](https://img.shields.io/static/v1?label=Kubernetes&message=%3E%3D1.16.0-0&color=informational&logo=kubernetes) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2023-03-29 - -* BREAKING CHANGE: `image.repository` introduction may break during the upgrade. See PR #802. - - -## 21.2.1 ![AppVersion: v2.9.9](https://img.shields.io/static/v1?label=AppVersion&message=v2.9.9&color=success&logo=) ![Kubernetes: >=1.16.0-0](https://img.shields.io/static/v1?label=Kubernetes&message=%3E%3D1.16.0-0&color=informational&logo=kubernetes) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2023-03-28 - -* 🎨 Introduce `image.registry` and add explicit default (it may impact custom `image.repository`) -* ⬆️ Upgrade traefik Docker tag to v2.9.9 -* :memo: Clarify the need of an initContainer when enabling persistence for TLS Certificates - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index cadc7a6..4762b77 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -1,5 +1,6 @@ - # Default values for Traefik - image: -+ registry: docker.io - repository: traefik - # defaults to appVersion - tag: "" -@@ -66,10 +67,14 @@ deployment: - # Additional initContainers (e.g. for setting file permission as shown below) - initContainers: [] - # The "volume-permissions" init container is required if you run into permission issues. -- # Related issue: https://github.com/traefik/traefik/issues/6825 -+ # Related issue: https://github.com/traefik/traefik-helm-chart/issues/396 - # - name: volume-permissions -- # image: busybox:1.35 -- # command: ["sh", "-c", "touch /data/acme.json && chmod -Rv 600 /data/* && chown 65532:65532 /data/acme.json"] -+ # image: busybox:latest -+ # command: ["sh", "-c", "touch /data/acme.json; chmod -v 600 /data/acme.json"] -+ # securityContext: -+ # runAsNonRoot: true -+ # runAsGroup: 65532 -+ # runAsUser: 65532 - # volumeMounts: - # - name: data - # mountPath: /data -@@ -849,13 +854,17 @@ securityContext: - capabilities: - drop: [ALL] - readOnlyRootFilesystem: true -+ -+podSecurityContext: -+# # /!\ When setting fsGroup, Kubernetes will recursively changes ownership and -+# # permissions for the contents of each volume to match the fsGroup. This can -+# # be an issue when storing sensitive content like TLS Certificates /!\ -+# fsGroup: 65532 -+ fsGroupChangePolicy: "OnRootMismatch" - runAsGroup: 65532 - runAsNonRoot: true - runAsUser: 65532 - --podSecurityContext: -- fsGroup: 65532 -- - # - # Extra objects to deploy (value evaluated as a template) - # -``` - -## 21.2.0 ![AppVersion: v2.9.8](https://img.shields.io/static/v1?label=AppVersion&message=v2.9.8&color=success&logo=) ![Kubernetes: >=1.16.0-0](https://img.shields.io/static/v1?label=Kubernetes&message=%3E%3D1.16.0-0&color=informational&logo=kubernetes) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2023-03-08 - -* 🚨 Fail when enabling PSP on Kubernetes v1.25+ (#801) -* ⬆️ Upgrade traefik Docker tag to v2.9.8 -* Separate UDP hostPort for HTTP/3 -* :sparkles: release 21.2.0 (#805) - - -## 21.1.0 ![AppVersion: v2.9.7](https://img.shields.io/static/v1?label=AppVersion&message=v2.9.7&color=success&logo=) ![Kubernetes: >=1.16.0-0](https://img.shields.io/static/v1?label=Kubernetes&message=%3E%3D1.16.0-0&color=informational&logo=kubernetes) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2023-02-15 - -* ⬆️ Upgrade traefik Docker tag to v2.9.7 -* ✨ release 21.1.0 -* fix: traefik image name for renovate -* feat: Add volumeName to PersistentVolumeClaim (#792) -* Allow setting TLS options on dashboard IngressRoute - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 780b04b..cadc7a6 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -142,6 +142,8 @@ ingressRoute: - entryPoints: ["traefik"] - # Additional ingressRoute middlewares (e.g. for authentication) - middlewares: [] -+ # TLS options (e.g. secret containing certificate) -+ tls: {} - - # Customize updateStrategy of traefik pods - updateStrategy: -@@ -750,6 +752,7 @@ persistence: - accessMode: ReadWriteOnce - size: 128Mi - # storageClass: "" -+ # volumeName: "" - path: /data - annotations: {} - # subPath: "" # only mount a subpath of the Volume into the pod -``` - -## 21.0.0 ![AppVersion: v2.9.6](https://img.shields.io/static/v1?label=AppVersion&message=v2.9.6&color=success&logo=) ![Kubernetes: >=1.16.0-0](https://img.shields.io/static/v1?label=Kubernetes&message=%3E%3D1.16.0-0&color=informational&logo=kubernetes) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2023-02-10 - -* 🙈 Add a setting disable API check on Prometheus Operator (#769) -* 📝 Improve documentation on entrypoint options -* 💥 New release with BREAKING changes (#786) -* ✨ Chart.yaml - add kubeVersion: ">=1.16.0-0" -* fix: allowExternalNameServices for kubernetes ingress when hub enabled (#772) -* fix(service-metrics): invert prometheus svc & fullname length checking -* Configure Renovate (#783) -* :necktie: Improve labels settings behavior on metrics providers (#774) -* :bug: Disabling dashboard ingressroute should delete it (#785) -* :boom: Rename image.name => image.repository (#784) - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 42a27f9..780b04b 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -1,6 +1,6 @@ - # Default values for Traefik - image: -- name: traefik -+ repository: traefik - # defaults to appVersion - tag: "" - pullPolicy: IfNotPresent -@@ -396,6 +396,8 @@ metrics: - # enabled: false - # labels: {} - # annotations: {} -+ ## When set to true, it won't check if Prometheus Operator CRDs are deployed -+ # disableAPICheck: false - # serviceMonitor: - # metricRelabelings: [] - # - sourceLabels: [__name__] -@@ -580,7 +582,7 @@ ports: - # hostPort: 8443 - expose: true - exposedPort: 443 -- # The port protocol (TCP/UDP) -+ ## The port protocol (TCP/UDP) - protocol: TCP - # nodePort: 32443 - # -@@ -594,6 +596,16 @@ ports: - enabled: false - # advertisedPort: 4443 - # -+ ## Trust forwarded headers information (X-Forwarded-*). -+ #forwardedHeaders: -+ # trustedIPs: [] -+ # insecure: false -+ # -+ ## Enable the Proxy Protocol header parsing for the entry point -+ #proxyProtocol: -+ # trustedIPs: [] -+ # insecure: false -+ # - ## Set TLS at the entrypoint - ## https://doc.traefik.io/traefik/routing/entrypoints/#tls - tls: -@@ -607,16 +619,6 @@ ports: - # - foo.example.com - # - bar.example.com - # -- # Trust forwarded headers information (X-Forwarded-*). -- # forwardedHeaders: -- # trustedIPs: [] -- # insecure: false -- # -- # Enable the Proxy Protocol header parsing for the entry point -- # proxyProtocol: -- # trustedIPs: [] -- # insecure: false -- # - # One can apply Middlewares on an entrypoint - # https://doc.traefik.io/traefik/middlewares/overview/ - # https://doc.traefik.io/traefik/routing/entrypoints/#middlewares -``` - -## 20.8.0 ![AppVersion: v2.9.6](https://img.shields.io/static/v1?label=AppVersion&message=v2.9.6&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-12-09 - -* ✨ update chart to version 20.8.0 -* ✨ add support for default entrypoints -* ✨ add support for OpenTelemetry and Traefik v3 - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index b77539d..42a27f9 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -107,6 +107,8 @@ ingressClass: - - # Enable experimental features - experimental: -+ v3: -+ enabled: false - plugins: - enabled: false - kubernetesGateway: -@@ -347,7 +349,43 @@ metrics: - # # addRoutersLabels: true - # ## Enable metrics on services. Default=true - # # addServicesLabels: false -- -+# openTelemetry: -+# ## Address of the OpenTelemetry Collector to send metrics to. -+# address: "localhost:4318" -+# ## Enable metrics on entry points. -+# addEntryPointsLabels: true -+# ## Enable metrics on routers. -+# addRoutersLabels: true -+# ## Enable metrics on services. -+# addServicesLabels: true -+# ## Explicit boundaries for Histogram data points. -+# explicitBoundaries: -+# - "0.1" -+# - "0.3" -+# - "1.2" -+# - "5.0" -+# ## Additional headers sent with metrics by the reporter to the OpenTelemetry Collector. -+# headers: -+# foo: bar -+# test: test -+# ## Allows reporter to send metrics to the OpenTelemetry Collector without using a secured protocol. -+# insecure: true -+# ## Interval at which metrics are sent to the OpenTelemetry Collector. -+# pushInterval: 10s -+# ## Allows to override the default URL path used for sending metrics. This option has no effect when using gRPC transport. -+# path: /foo/v1/traces -+# ## Defines the TLS configuration used by the reporter to send metrics to the OpenTelemetry Collector. -+# tls: -+# ## The path to the certificate authority, it defaults to the system bundle. -+# ca: path/to/ca.crt -+# ## The path to the public certificate. When using this option, setting the key option is required. -+# cert: path/to/foo.cert -+# ## The path to the private key. When using this option, setting the cert option is required. -+# key: path/to/key.key -+# ## If set to true, the TLS connection accepts any certificate presented by the server regardless of the hostnames it covers. -+# insecureSkipVerify: true -+# ## This instructs the reporter to send metrics to the OpenTelemetry Collector using gRPC. -+# grpc: true - - ## - ## enable optional CRDs for Prometheus Operator -@@ -510,6 +548,8 @@ ports: - # The port protocol (TCP/UDP) - protocol: TCP - web: -+ ## Enable this entrypoint as a default entrypoint. When a service doesn't explicity set an entrypoint it will only use this entrypoint. -+ # asDefault: true - port: 8000 - # hostPort: 8000 - expose: true -@@ -534,6 +574,8 @@ ports: - # trustedIPs: [] - # insecure: false - websecure: -+ ## Enable this entrypoint as a default entrypoint. When a service doesn't explicity set an entrypoint it will only use this entrypoint. -+ # asDefault: true - port: 8443 - # hostPort: 8443 - expose: true -``` - -## 20.7.0 ![AppVersion: v2.9.6](https://img.shields.io/static/v1?label=AppVersion&message=v2.9.6&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-12-08 - -* 🐛 Don't fail when prometheus is disabled (#756) -* ⬆️ Update default Traefik release to v2.9.6 (#758) -* ✨ support for Gateway annotations -* add keywords [networking], for artifacthub category quering -* :bug: Fix typo on bufferingSize for access logs (#753) -* :adhesive_bandage: Add quotes for artifacthub changelog parsing (#748) - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 4f2fb2a..b77539d 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -120,6 +120,9 @@ experimental: - # By default, Gateway would be created to the Namespace you are deploying Traefik to. - # You may create that Gateway in another namespace, setting its name below: - # namespace: default -+ # Additional gateway annotations (e.g. for cert-manager.io/issuer) -+ # annotations: -+ # cert-manager.io/issuer: letsencrypt - - # Create an IngressRoute for the dashboard - ingressRoute: -@@ -219,7 +222,8 @@ logs: - # By default, the logs use a text format (common), but you can - # also ask for the json format in the format option - # format: json -- # By default, the level is set to ERROR. Alternative logging levels are DEBUG, PANIC, FATAL, ERROR, WARN, and INFO. -+ # By default, the level is set to ERROR. -+ # Alternative logging levels are DEBUG, PANIC, FATAL, ERROR, WARN, and INFO. - level: ERROR - access: - # To enable access logs -``` - -## 20.6.0 ![AppVersion: v2.9.5](https://img.shields.io/static/v1?label=AppVersion&message=v2.9.5&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-11-30 - -* 🔍️ Add filePath support on access logs (#747) -* :memo: Improve documentation on using PVC with TLS certificates -* :bug: Add missing scheme in help on Traefik Hub integration (#746) - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 15f1682..4f2fb2a 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -211,10 +211,10 @@ additionalVolumeMounts: [] - # - name: traefik-logs - # mountPath: /var/log/traefik - --# Logs --# https://docs.traefik.io/observability/logs/ -+## Logs -+## https://docs.traefik.io/observability/logs/ - logs: -- # Traefik logs concern everything that happens to Traefik itself (startup, configuration, events, shutdown, and so on). -+ ## Traefik logs concern everything that happens to Traefik itself (startup, configuration, events, shutdown, and so on). - general: - # By default, the logs use a text format (common), but you can - # also ask for the json format in the format option -@@ -224,31 +224,32 @@ logs: - access: - # To enable access logs - enabled: false -- # By default, logs are written using the Common Log Format (CLF). -- # To write logs in JSON, use json in the format option. -- # If the given format is unsupported, the default (CLF) is used instead. -+ ## By default, logs are written using the Common Log Format (CLF) on stdout. -+ ## To write logs in JSON, use json in the format option. -+ ## If the given format is unsupported, the default (CLF) is used instead. - # format: json -- # To write the logs in an asynchronous fashion, specify a bufferingSize option. -- # This option represents the number of log lines Traefik will keep in memory before writing -- # them to the selected output. In some cases, this option can greatly help performances. -+ # filePath: "/var/log/traefik/access.log -+ ## To write the logs in an asynchronous fashion, specify a bufferingSize option. -+ ## This option represents the number of log lines Traefik will keep in memory before writing -+ ## them to the selected output. In some cases, this option can greatly help performances. - # bufferingSize: 100 -- # Filtering https://docs.traefik.io/observability/access-logs/#filtering -+ ## Filtering https://docs.traefik.io/observability/access-logs/#filtering - filters: {} - # statuscodes: "200,300-302" - # retryattempts: true - # minduration: 10ms -- # Fields -- # https://docs.traefik.io/observability/access-logs/#limiting-the-fieldsincluding-headers -+ ## Fields -+ ## https://docs.traefik.io/observability/access-logs/#limiting-the-fieldsincluding-headers - fields: - general: - defaultmode: keep - names: {} -- # Examples: -+ ## Examples: - # ClientUsername: drop - headers: - defaultmode: drop - names: {} -- # Examples: -+ ## Examples: - # User-Agent: redact - # Authorization: drop - # Content-Type: keep -@@ -693,10 +694,7 @@ autoscaling: - - # Enable persistence using Persistent Volume Claims - # ref: http://kubernetes.io/docs/user-guide/persistent-volumes/ --# After the pvc has been mounted, add the configs into traefik by using the `additionalArguments` list below, eg: --# additionalArguments: --# - "--certificatesresolvers.le.acme.storage=/data/acme.json" --# It will persist TLS certificates. -+# It can be used to store TLS certificates, see `storage` in certResolvers - persistence: - enabled: false - name: data -@@ -726,7 +724,7 @@ certResolvers: {} - # tlsChallenge: true - # httpChallenge: - # entryPoint: "web" --# # match the path to persistence -+# # It has to match the path with a persistent volume - # storage: /data/acme.json - - # If hostNetwork is true, runs traefik in the host network namespace -``` - -## 20.5.3 ![AppVersion: v2.9.5](https://img.shields.io/static/v1?label=AppVersion&message=v2.9.5&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-11-25 - -* 🐛 Fix template issue with obsolete helm version + add helm version requirement (#743) - - -## 20.5.2 ![AppVersion: v2.9.5](https://img.shields.io/static/v1?label=AppVersion&message=v2.9.5&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-11-24 - -* ⬆️Update Traefik to v2.9.5 (#740) - - -## 20.5.1 ![AppVersion: v2.9.4](https://img.shields.io/static/v1?label=AppVersion&message=v2.9.4&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-11-23 - -* 🐛 Fix namespaceSelector on ServiceMonitor (#737) - - -## 20.5.0 ![AppVersion: v2.9.4](https://img.shields.io/static/v1?label=AppVersion&message=v2.9.4&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-11-23 - -* 🚀 Add complete support on metrics options (#735) -* 🐛 make tests use fixed version - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index e49d02d..15f1682 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -12,7 +12,7 @@ hub: - ## Enabling Hub will: - # * enable Traefik Hub integration on Traefik - # * add `traefikhub-tunl` endpoint -- # * enable addRoutersLabels on prometheus metrics -+ # * enable Prometheus metrics with addRoutersLabels - # * enable allowExternalNameServices on KubernetesIngress provider - # * enable allowCrossNamespace on KubernetesCRD provider - # * add an internal (ClusterIP) Service, dedicated for Traefik Hub -@@ -254,16 +254,96 @@ logs: - # Content-Type: keep - - metrics: -- # datadog: -- # address: 127.0.0.1:8125 -- # influxdb: -- # address: localhost:8089 -- # protocol: udp -+ ## Prometheus is enabled by default. -+ ## It can be disabled by setting "prometheus: null" - prometheus: -+ ## Entry point used to expose metrics. - entryPoint: metrics -- # addRoutersLabels: true -- # statsd: -- # address: localhost:8125 -+ ## Enable metrics on entry points. Default=true -+ # addEntryPointsLabels: false -+ ## Enable metrics on routers. Default=false -+ # addRoutersLabels: true -+ ## Enable metrics on services. Default=true -+ # addServicesLabels: false -+ ## Buckets for latency metrics. Default="0.1,0.3,1.2,5.0" -+ # buckets: "0.5,1.0,2.5" -+ ## When manualRouting is true, it disables the default internal router in -+ ## order to allow creating a custom router for prometheus@internal service. -+ # manualRouting: true -+# datadog: -+# ## Address instructs exporter to send metrics to datadog-agent at this address. -+# address: "127.0.0.1:8125" -+# ## The interval used by the exporter to push metrics to datadog-agent. Default=10s -+# # pushInterval: 30s -+# ## The prefix to use for metrics collection. Default="traefik" -+# # prefix: traefik -+# ## Enable metrics on entry points. Default=true -+# # addEntryPointsLabels: false -+# ## Enable metrics on routers. Default=false -+# # addRoutersLabels: true -+# ## Enable metrics on services. Default=true -+# # addServicesLabels: false -+# influxdb: -+# ## Address instructs exporter to send metrics to influxdb at this address. -+# address: localhost:8089 -+# ## InfluxDB's address protocol (udp or http). Default="udp" -+# protocol: udp -+# ## InfluxDB database used when protocol is http. Default="" -+# # database: "" -+# ## InfluxDB retention policy used when protocol is http. Default="" -+# # retentionPolicy: "" -+# ## InfluxDB username (only with http). Default="" -+# # username: "" -+# ## InfluxDB password (only with http). Default="" -+# # password: "" -+# ## The interval used by the exporter to push metrics to influxdb. Default=10s -+# # pushInterval: 30s -+# ## Additional labels (influxdb tags) on all metrics. -+# # additionalLabels: -+# # env: production -+# # foo: bar -+# ## Enable metrics on entry points. Default=true -+# # addEntryPointsLabels: false -+# ## Enable metrics on routers. Default=false -+# # addRoutersLabels: true -+# ## Enable metrics on services. Default=true -+# # addServicesLabels: false -+# influxdb2: -+# ## Address instructs exporter to send metrics to influxdb v2 at this address. -+# address: localhost:8086 -+# ## Token with which to connect to InfluxDB v2. -+# token: xxx -+# ## Organisation where metrics will be stored. -+# org: "" -+# ## Bucket where metrics will be stored. -+# bucket: "" -+# ## The interval used by the exporter to push metrics to influxdb. Default=10s -+# # pushInterval: 30s -+# ## Additional labels (influxdb tags) on all metrics. -+# # additionalLabels: -+# # env: production -+# # foo: bar -+# ## Enable metrics on entry points. Default=true -+# # addEntryPointsLabels: false -+# ## Enable metrics on routers. Default=false -+# # addRoutersLabels: true -+# ## Enable metrics on services. Default=true -+# # addServicesLabels: false -+# statsd: -+# ## Address instructs exporter to send metrics to statsd at this address. -+# address: localhost:8125 -+# ## The interval used by the exporter to push metrics to influxdb. Default=10s -+# # pushInterval: 30s -+# ## The prefix to use for metrics collection. Default="traefik" -+# # prefix: traefik -+# ## Enable metrics on entry points. Default=true -+# # addEntryPointsLabels: false -+# ## Enable metrics on routers. Default=false -+# # addRoutersLabels: true -+# ## Enable metrics on services. Default=true -+# # addServicesLabels: false -+ -+ - ## - ## enable optional CRDs for Prometheus Operator - ## -``` - -## 20.4.1 ![AppVersion: v2.9.4](https://img.shields.io/static/v1?label=AppVersion&message=v2.9.4&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-11-21 - -* 🐛 fix namespace references to support namespaceOverride - - -## 20.4.0 ![AppVersion: v2.9.4](https://img.shields.io/static/v1?label=AppVersion&message=v2.9.4&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-11-21 - -* Add (optional) dedicated metrics service (#727) - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index ca15f6a..e49d02d 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -267,6 +267,12 @@ metrics: - ## - ## enable optional CRDs for Prometheus Operator - ## -+ ## Create a dedicated metrics service for use with ServiceMonitor -+ ## When hub.enabled is set to true, it's not needed: it will use hub service. -+ # service: -+ # enabled: false -+ # labels: {} -+ # annotations: {} - # serviceMonitor: - # metricRelabelings: [] - # - sourceLabels: [__name__] -``` - -## 20.3.1 ![AppVersion: v2.9.4](https://img.shields.io/static/v1?label=AppVersion&message=v2.9.4&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-11-21 - -* 🐛 Fix namespace override which was missing on `ServiceAccount` (#731) - - -## 20.3.0 ![AppVersion: v2.9.4](https://img.shields.io/static/v1?label=AppVersion&message=v2.9.4&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-11-17 - -* Add overwrite option for instance label value (#725) - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index c7f84a7..ca15f6a 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -731,3 +731,6 @@ extraObjects: [] - # This will override the default Release Namespace for Helm. - # It will not affect optional CRDs such as `ServiceMonitor` and `PrometheusRules` - # namespaceOverride: traefik -+# -+## This will override the default app.kubernetes.io/instance label for all Objects. -+# instanceLabelOverride: traefik -``` - -## 20.2.1 ![AppVersion: v2.9.4](https://img.shields.io/static/v1?label=AppVersion&message=v2.9.4&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-11-17 - -* 🙈 do not namespace ingress class (#723) -* ✨ copy LICENSE and README.md on release - - -## 20.2.0 ![AppVersion: v2.9.4](https://img.shields.io/static/v1?label=AppVersion&message=v2.9.4&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-11-15 - -* ✨ add support for namespace overrides (#718) -* Document recent changes in the README (#717) - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 97a1b71..c7f84a7 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -725,5 +725,9 @@ podSecurityContext: - # Extra objects to deploy (value evaluated as a template) - # - # In some cases, it can avoid the need for additional, extended or adhoc deployments. --# See #595 for more details and traefik/tests/extra.yaml for example. -+# See #595 for more details and traefik/tests/values/extra.yaml for example. - extraObjects: [] -+ -+# This will override the default Release Namespace for Helm. -+# It will not affect optional CRDs such as `ServiceMonitor` and `PrometheusRules` -+# namespaceOverride: traefik -``` - -## 20.1.1 ![AppVersion: v2.9.4](https://img.shields.io/static/v1?label=AppVersion&message=v2.9.4&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-11-10 - -* fix: use consistent appVersion with Traefik Proxy - - -## 20.1.0 ![AppVersion: 2.9.4](https://img.shields.io/static/v1?label=AppVersion&message=2.9.4&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-11-09 - -* 🔧 Adds more settings for dashboard ingressRoute (#710) -* 🐛 fix chart releases - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 2ec3736..97a1b71 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -129,10 +129,14 @@ ingressRoute: - annotations: {} - # Additional ingressRoute labels (e.g. for filtering IngressRoute by custom labels) - labels: {} -+ # The router match rule used for the dashboard ingressRoute -+ matchRule: PathPrefix(`/dashboard`) || PathPrefix(`/api`) - # Specify the allowed entrypoints to use for the dashboard ingress route, (e.g. traefik, web, websecure). - # By default, it's using traefik entrypoint, which is not exposed. - # /!\ Do not expose your dashboard without any protection over the internet /!\ - entryPoints: ["traefik"] -+ # Additional ingressRoute middlewares (e.g. for authentication) -+ middlewares: [] - - # Customize updateStrategy of traefik pods - updateStrategy: -``` - -## 20.0.0 ![AppVersion: 2.9.4](https://img.shields.io/static/v1?label=AppVersion&message=2.9.4&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-11-08 - -* 🐛 remove old deployment workflow -* ✨ migrate to centralised helm repository -* Allow updateStrategy to be configurable - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 413aa88..2ec3736 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -134,9 +134,12 @@ ingressRoute: - # /!\ Do not expose your dashboard without any protection over the internet /!\ - entryPoints: ["traefik"] - --rollingUpdate: -- maxUnavailable: 0 -- maxSurge: 1 -+# Customize updateStrategy of traefik pods -+updateStrategy: -+ type: RollingUpdate -+ rollingUpdate: -+ maxUnavailable: 0 -+ maxSurge: 1 - - # Customize liveness and readiness probe values. - readinessProbe: -``` - -## 19.0.4 ![AppVersion: 2.9.4](https://img.shields.io/static/v1?label=AppVersion&message=2.9.4&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-11-08 - -* 🔧 Adds more settings & rename (wrong) scrapeInterval to (valid) interval on ServiceMonitor (#703) - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index b24c1cb..413aa88 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -261,10 +261,6 @@ metrics: - ## enable optional CRDs for Prometheus Operator - ## - # serviceMonitor: -- # additionalLabels: -- # foo: bar -- # namespace: "another-namespace" -- # namespaceSelector: {} - # metricRelabelings: [] - # - sourceLabels: [__name__] - # separator: ; -@@ -279,9 +275,17 @@ metrics: - # replacement: $1 - # action: replace - # jobLabel: traefik -- # scrapeInterval: 30s -- # scrapeTimeout: 5s -+ # interval: 30s - # honorLabels: true -+ # # (Optional) -+ # # scrapeTimeout: 5s -+ # # honorTimestamps: true -+ # # enableHttp2: true -+ # # followRedirects: true -+ # # additionalLabels: -+ # # foo: bar -+ # # namespace: "another-namespace" -+ # # namespaceSelector: {} - # prometheusRule: - # additionalLabels: {} - # namespace: "another-namespace" -``` - -## 19.0.3 ![AppVersion: 2.9.4](https://img.shields.io/static/v1?label=AppVersion&message=2.9.4&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-11-03 - -* 🎨 Don't require exposed Ports when enabling Hub (#700) - - -## 19.0.2 ![AppVersion: 2.9.4](https://img.shields.io/static/v1?label=AppVersion&message=2.9.4&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-11-03 - -* :speech_balloon: Support volume secrets with '.' in name (#695) - - -## 19.0.1 ![AppVersion: 2.9.4](https://img.shields.io/static/v1?label=AppVersion&message=2.9.4&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-11-03 - -* 🐛 Fix IngressClass install on EKS (#699) - - -## 19.0.0 ![AppVersion: 2.9.4](https://img.shields.io/static/v1?label=AppVersion&message=2.9.4&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-11-02 - -* ✨ Provides Default IngressClass for Traefik by default (#693) - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 69190f1..b24c1cb 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -100,11 +100,10 @@ podDisruptionBudget: - # minAvailable: 0 - # minAvailable: 25% - --# Use ingressClass. Ignored if Traefik version < 2.3 / kubernetes < 1.18.x -+# Create a default IngressClass for Traefik - ingressClass: -- # true is not unit-testable yet, pending https://github.com/rancher/helm-unittest/pull/12 -- enabled: false -- isDefaultClass: false -+ enabled: true -+ isDefaultClass: true - - # Enable experimental features - experimental: -``` - -## 18.3.0 ![AppVersion: 2.9.4](https://img.shields.io/static/v1?label=AppVersion&message=2.9.4&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-10-31 - -* ⬆️ Update Traefik appVersion to 2.9.4 (#696) - - -## 18.2.0 ![AppVersion: 2.9.1](https://img.shields.io/static/v1?label=AppVersion&message=2.9.1&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-10-31 - -* 🚩 Add an optional "internal" service (#683) - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 8033a87..69190f1 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -416,7 +416,7 @@ ports: - # The port protocol (TCP/UDP) - protocol: TCP - # Use nodeport if set. This is useful if you have configured Traefik in a -- # LoadBalancer -+ # LoadBalancer. - # nodePort: 32080 - # Port Redirections - # Added in 2.2, you can make permanent redirects via entrypoints. -@@ -549,13 +549,24 @@ service: - # - 172.16.0.0/16 - externalIPs: [] - # - 1.2.3.4 -- # One of SingleStack, PreferDualStack, or RequireDualStack. -+ ## One of SingleStack, PreferDualStack, or RequireDualStack. - # ipFamilyPolicy: SingleStack -- # List of IP families (e.g. IPv4 and/or IPv6). -- # ref: https://kubernetes.io/docs/concepts/services-networking/dual-stack/#services -+ ## List of IP families (e.g. IPv4 and/or IPv6). -+ ## ref: https://kubernetes.io/docs/concepts/services-networking/dual-stack/#services - # ipFamilies: - # - IPv4 - # - IPv6 -+ ## -+ ## An additionnal and optional internal Service. -+ ## Same parameters as external Service -+ # internal: -+ # type: ClusterIP -+ # # labels: {} -+ # # annotations: {} -+ # # spec: {} -+ # # loadBalancerSourceRanges: [] -+ # # externalIPs: [] -+ # # ipFamilies: [ "IPv4","IPv6" ] - - ## Create HorizontalPodAutoscaler object. - ## -``` - -## 18.1.0 ![AppVersion: 2.9.1](https://img.shields.io/static/v1?label=AppVersion&message=2.9.1&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-10-27 - -* 🚀 Add native support for Traefik Hub (#676) - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index acce704..8033a87 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -5,6 +5,27 @@ image: - tag: "" - pullPolicy: IfNotPresent - -+# -+# Configure integration with Traefik Hub -+# -+hub: -+ ## Enabling Hub will: -+ # * enable Traefik Hub integration on Traefik -+ # * add `traefikhub-tunl` endpoint -+ # * enable addRoutersLabels on prometheus metrics -+ # * enable allowExternalNameServices on KubernetesIngress provider -+ # * enable allowCrossNamespace on KubernetesCRD provider -+ # * add an internal (ClusterIP) Service, dedicated for Traefik Hub -+ enabled: false -+ ## Default port can be changed -+ # tunnelPort: 9901 -+ ## TLS is optional. Insecure is mutually exclusive with any other options -+ # tls: -+ # insecure: false -+ # ca: "/path/to/ca.pem" -+ # cert: "/path/to/cert.pem" -+ # key: "/path/to/key.pem" -+ - # - # Configure the deployment - # -@@ -505,6 +526,8 @@ tlsStore: {} - # from. - service: - enabled: true -+ ## Single service is using `MixedProtocolLBService` feature gate. -+ ## When set to false, it will create two Service, one for TCP and one for UDP. - single: true - type: LoadBalancer - # Additional annotations applied to both TCP and UDP services (e.g. for cloud provider specific config) -``` - -## 18.0.0 ![AppVersion: 2.9.1](https://img.shields.io/static/v1?label=AppVersion&message=2.9.1&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-10-26 - -* Refactor http3 and merge TCP with UDP ports into a single service (#656) - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 807bd09..acce704 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -87,8 +87,6 @@ ingressClass: - - # Enable experimental features - experimental: -- http3: -- enabled: false - plugins: - enabled: false - kubernetesGateway: -@@ -421,12 +419,19 @@ ports: - # The port protocol (TCP/UDP) - protocol: TCP - # nodePort: 32443 -- # Enable HTTP/3. -- # Requires enabling experimental http3 feature and tls. -- # Note that you cannot have a UDP entrypoint with the same port. -- # http3: true -- # Set TLS at the entrypoint -- # https://doc.traefik.io/traefik/routing/entrypoints/#tls -+ # -+ ## Enable HTTP/3 on the entrypoint -+ ## Enabling it will also enable http3 experimental feature -+ ## https://doc.traefik.io/traefik/routing/entrypoints/#http3 -+ ## There are known limitations when trying to listen on same ports for -+ ## TCP & UDP (Http3). There is a workaround in this chart using dual Service. -+ ## https://github.com/kubernetes/kubernetes/issues/47249#issuecomment-587960741 -+ http3: -+ enabled: false -+ # advertisedPort: 4443 -+ # -+ ## Set TLS at the entrypoint -+ ## https://doc.traefik.io/traefik/routing/entrypoints/#tls - tls: - enabled: true - # this is the name of a TLSOption definition -@@ -500,6 +505,7 @@ tlsStore: {} - # from. - service: - enabled: true -+ single: true - type: LoadBalancer - # Additional annotations applied to both TCP and UDP services (e.g. for cloud provider specific config) - annotations: {} -``` - -## 17.0.5 ![AppVersion: 2.9.1](https://img.shields.io/static/v1?label=AppVersion&message=2.9.1&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-10-21 - -* 📝 Add annotations changelog for artifacthub.io & update Maintainers - - -## 17.0.4 ![AppVersion: 2.9.1](https://img.shields.io/static/v1?label=AppVersion&message=2.9.1&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-10-21 - -* :art: Add helper function for label selector - - -## 17.0.3 ![AppVersion: 2.9.1](https://img.shields.io/static/v1?label=AppVersion&message=2.9.1&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-10-20 - -* 🐛 fix changing label selectors - - -## 17.0.2 ![AppVersion: 2.9.1](https://img.shields.io/static/v1?label=AppVersion&message=2.9.1&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-10-20 - -* fix: setting ports.web.proxyProtocol.insecure=true - - -## 17.0.1 ![AppVersion: 2.9.1](https://img.shields.io/static/v1?label=AppVersion&message=2.9.1&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-10-20 - -* :bug: Unify all labels selector with traefik chart labels (#681) - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 6a90bc6..807bd09 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -639,7 +639,7 @@ affinity: {} - # - labelSelector: - # matchLabels: - # app.kubernetes.io/name: '{{ template "traefik.name" . }}' --# app.kubernetes.io/instance: '{{ .Release.Name }}' -+# app.kubernetes.io/instance: '{{ .Release.Name }}-{{ .Release.Namespace }}' - # topologyKey: kubernetes.io/hostname - - nodeSelector: {} -``` - -## 17.0.0 ![AppVersion: 2.9.1](https://img.shields.io/static/v1?label=AppVersion&message=2.9.1&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-10-20 - -* :bug: Fix `ClusterRole`, `ClusterRoleBinding` names and `app.kubernetes.io/instance` label (#662) - - -## 16.2.0 ![AppVersion: 2.9.1](https://img.shields.io/static/v1?label=AppVersion&message=2.9.1&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-10-20 - -* Add forwardedHeaders and proxyProtocol config (#673) - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 9b5afc4..6a90bc6 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -403,6 +403,16 @@ ports: - # Added in 2.2, you can make permanent redirects via entrypoints. - # https://docs.traefik.io/routing/entrypoints/#redirection - # redirectTo: websecure -+ # -+ # Trust forwarded headers information (X-Forwarded-*). -+ # forwardedHeaders: -+ # trustedIPs: [] -+ # insecure: false -+ # -+ # Enable the Proxy Protocol header parsing for the entry point -+ # proxyProtocol: -+ # trustedIPs: [] -+ # insecure: false - websecure: - port: 8443 - # hostPort: 8443 -@@ -428,6 +438,16 @@ ports: - # - foo.example.com - # - bar.example.com - # -+ # Trust forwarded headers information (X-Forwarded-*). -+ # forwardedHeaders: -+ # trustedIPs: [] -+ # insecure: false -+ # -+ # Enable the Proxy Protocol header parsing for the entry point -+ # proxyProtocol: -+ # trustedIPs: [] -+ # insecure: false -+ # - # One can apply Middlewares on an entrypoint - # https://doc.traefik.io/traefik/middlewares/overview/ - # https://doc.traefik.io/traefik/routing/entrypoints/#middlewares -``` - -## 16.1.0 ![AppVersion: 2.9.1](https://img.shields.io/static/v1?label=AppVersion&message=2.9.1&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-10-19 - -* ✨ add optional ServiceMonitor & PrometheusRules CRDs (#425) - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 7e335b5..9b5afc4 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -237,8 +237,46 @@ metrics: - prometheus: - entryPoint: metrics - # addRoutersLabels: true -- # statsd: -- # address: localhost:8125 -+ # statsd: -+ # address: localhost:8125 -+## -+## enable optional CRDs for Prometheus Operator -+## -+ # serviceMonitor: -+ # additionalLabels: -+ # foo: bar -+ # namespace: "another-namespace" -+ # namespaceSelector: {} -+ # metricRelabelings: [] -+ # - sourceLabels: [__name__] -+ # separator: ; -+ # regex: ^fluentd_output_status_buffer_(oldest|newest)_.+ -+ # replacement: $1 -+ # action: drop -+ # relabelings: [] -+ # - sourceLabels: [__meta_kubernetes_pod_node_name] -+ # separator: ; -+ # regex: ^(.*)$ -+ # targetLabel: nodename -+ # replacement: $1 -+ # action: replace -+ # jobLabel: traefik -+ # scrapeInterval: 30s -+ # scrapeTimeout: 5s -+ # honorLabels: true -+ # prometheusRule: -+ # additionalLabels: {} -+ # namespace: "another-namespace" -+ # rules: -+ # - alert: TraefikDown -+ # expr: up{job="traefik"} == 0 -+ # for: 5m -+ # labels: -+ # context: traefik -+ # severity: warning -+ # annotations: -+ # summary: "Traefik Down" -+ # description: "{{ $labels.pod }} on {{ $labels.nodename }} is down" - - tracing: {} - # instana: -``` - -## 16.0.0 ![AppVersion: 2.9.1](https://img.shields.io/static/v1?label=AppVersion&message=2.9.1&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-10-19 - -* :fire: Remove `Pilot` and `fallbackApiVersion` (#665) - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 03fdaed..7e335b5 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -84,15 +84,6 @@ ingressClass: - # true is not unit-testable yet, pending https://github.com/rancher/helm-unittest/pull/12 - enabled: false - isDefaultClass: false -- # Use to force a networking.k8s.io API Version for certain CI/CD applications. E.g. "v1beta1" -- fallbackApiVersion: "" -- --# Activate Pilot integration --pilot: -- enabled: false -- token: "" -- # Toggle Pilot Dashboard -- # dashboard: false - - # Enable experimental features - experimental: -``` - -## 15.3.1 ![AppVersion: 2.9.1](https://img.shields.io/static/v1?label=AppVersion&message=2.9.1&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-10-18 - -* :art: Improve `IngressRoute` structure (#674) - - -## 15.3.0 ![AppVersion: 2.9.1](https://img.shields.io/static/v1?label=AppVersion&message=2.9.1&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-10-18 - -* 📌 Add capacity to enable User-facing role - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 76aac93..03fdaed 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -553,10 +553,12 @@ hostNetwork: false - # Whether Role Based Access Control objects like roles and rolebindings should be created - rbac: - enabled: true -- - # If set to false, installs ClusterRole and ClusterRoleBinding so Traefik can be used across namespaces. - # If set to true, installs Role and RoleBinding. Providers will only watch target namespace. - namespaced: false -+ # Enable user-facing roles -+ # https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles -+ # aggregateTo: [ "admin" ] - - # Enable to create a PodSecurityPolicy and assign it to the Service Account via RoleBinding or ClusterRoleBinding - podSecurityPolicy: -``` - -## 15.2.2 ![AppVersion: 2.9.1](https://img.shields.io/static/v1?label=AppVersion&message=2.9.1&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-10-17 - -* Fix provider namespace changes - - -## 15.2.1 ![AppVersion: 2.9.1](https://img.shields.io/static/v1?label=AppVersion&message=2.9.1&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-10-17 - -* 🐛 fix provider namespace changes - - -## 15.2.0 ![AppVersion: 2.9.1](https://img.shields.io/static/v1?label=AppVersion&message=2.9.1&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-10-17 - -* :bug: Allow to watch on specific namespaces without using rbac.namespaced (#666) - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 781ac15..76aac93 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -555,7 +555,7 @@ rbac: - enabled: true - - # If set to false, installs ClusterRole and ClusterRoleBinding so Traefik can be used across namespaces. -- # If set to true, installs namespace-specific Role and RoleBinding and requires provider configuration be set to that same namespace -+ # If set to true, installs Role and RoleBinding. Providers will only watch target namespace. - namespaced: false - - # Enable to create a PodSecurityPolicy and assign it to the Service Account via RoleBinding or ClusterRoleBinding -``` - -## 15.1.1 ![AppVersion: 2.9.1](https://img.shields.io/static/v1?label=AppVersion&message=2.9.1&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-10-17 - -* :goal_net: Fail gracefully when http3 is not enabled correctly (#667) - - -## 15.1.0 ![AppVersion: 2.9.1](https://img.shields.io/static/v1?label=AppVersion&message=2.9.1&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-10-14 - -* :sparkles: add optional topologySpreadConstraints (#663) - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index fc2c371..781ac15 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -593,6 +593,15 @@ affinity: {} - - nodeSelector: {} - tolerations: [] -+topologySpreadConstraints: [] -+# # This example topologySpreadConstraints forces the scheduler to put traefik pods -+# # on nodes where no other traefik pods are scheduled. -+# - labelSelector: -+# matchLabels: -+# app: '{{ template "traefik.name" . }}' -+# maxSkew: 1 -+# topologyKey: kubernetes.io/hostname -+# whenUnsatisfiable: DoNotSchedule - - # Pods can have priority. - # Priority indicates the importance of a Pod relative to other Pods. -``` - -## 15.0.0 ![AppVersion: 2.9.1](https://img.shields.io/static/v1?label=AppVersion&message=2.9.1&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-10-13 - -* :rocket: Enable TLS by default on `websecure` port (#657) - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 400a29a..fc2c371 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -389,7 +389,7 @@ ports: - # Set TLS at the entrypoint - # https://doc.traefik.io/traefik/routing/entrypoints/#tls - tls: -- enabled: false -+ enabled: true - # this is the name of a TLSOption definition - options: "" - certResolver: "" -``` - -## 14.0.2 ![AppVersion: 2.9.1](https://img.shields.io/static/v1?label=AppVersion&message=2.9.1&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-10-13 - -* :memo: Add Changelog (#661) - - -## 14.0.1 ![AppVersion: 2.9.1](https://img.shields.io/static/v1?label=AppVersion&message=2.9.1&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-10-11 - -* :memo: Update workaround for permissions 660 on acme.json - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index a4e4ff2..400a29a 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -45,10 +45,10 @@ deployment: - # Additional initContainers (e.g. for setting file permission as shown below) - initContainers: [] - # The "volume-permissions" init container is required if you run into permission issues. -- # Related issue: https://github.com/traefik/traefik/issues/6972 -+ # Related issue: https://github.com/traefik/traefik/issues/6825 - # - name: volume-permissions -- # image: busybox:1.31.1 -- # command: ["sh", "-c", "chmod -Rv 600 /data/*"] -+ # image: busybox:1.35 -+ # command: ["sh", "-c", "touch /data/acme.json && chmod -Rv 600 /data/* && chown 65532:65532 /data/acme.json"] - # volumeMounts: - # - name: data - # mountPath: /data -``` - -## 14.0.0 ![AppVersion: 2.9.1](https://img.shields.io/static/v1?label=AppVersion&message=2.9.1&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-10-11 - -* Limit rbac to only required resources for Ingress and CRD providers - - -## 13.0.1 ![AppVersion: 2.9.1](https://img.shields.io/static/v1?label=AppVersion&message=2.9.1&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-10-11 - -* Add helper function for common labels - - -## 13.0.0 ![AppVersion: 2.9.1](https://img.shields.io/static/v1?label=AppVersion&message=2.9.1&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-10-11 - -* Moved list object to individual objects - - -## 12.0.7 ![AppVersion: 2.9.1](https://img.shields.io/static/v1?label=AppVersion&message=2.9.1&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-10-10 - -* :lipstick: Affinity templating and example (#557) - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 4431c36..a4e4ff2 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -578,19 +578,19 @@ resources: {} - # limits: - # cpu: "300m" - # memory: "150Mi" -+ -+# This example pod anti-affinity forces the scheduler to put traefik pods -+# on nodes where no other traefik pods are scheduled. -+# It should be used when hostNetwork: true to prevent port conflicts - affinity: {} --# # This example pod anti-affinity forces the scheduler to put traefik pods --# # on nodes where no other traefik pods are scheduled. --# # It should be used when hostNetwork: true to prevent port conflicts --# podAntiAffinity: --# requiredDuringSchedulingIgnoredDuringExecution: --# - labelSelector: --# matchExpressions: --# - key: app.kubernetes.io/name --# operator: In --# values: --# - {{ template "traefik.name" . }} --# topologyKey: kubernetes.io/hostname -+# podAntiAffinity: -+# requiredDuringSchedulingIgnoredDuringExecution: -+# - labelSelector: -+# matchLabels: -+# app.kubernetes.io/name: '{{ template "traefik.name" . }}' -+# app.kubernetes.io/instance: '{{ .Release.Name }}' -+# topologyKey: kubernetes.io/hostname -+ - nodeSelector: {} - tolerations: [] - -``` - -## 12.0.6 ![AppVersion: 2.9.1](https://img.shields.io/static/v1?label=AppVersion&message=2.9.1&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-10-10 - -* :bug: Ignore kustomization file used for CRDs update (#653) - - -## 12.0.5 ![AppVersion: 2.9.1](https://img.shields.io/static/v1?label=AppVersion&message=2.9.1&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-10-10 - -* :memo: Establish Traefik & CRD update process - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 3526729..4431c36 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -342,6 +342,7 @@ ports: - - # Override the liveness/readiness port. This is useful to integrate traefik - # with an external Load Balancer that performs healthchecks. -+ # Default: ports.traefik.port - # healthchecksPort: 9000 - - # Override the liveness/readiness scheme. Useful for getting ping to -``` - -## 12.0.4 ![AppVersion: 2.9.1](https://img.shields.io/static/v1?label=AppVersion&message=2.9.1&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-10-10 - -* Allows ingressClass to be used without semver-compatible image tag - - -## 12.0.3 ![AppVersion: 2.9.1](https://img.shields.io/static/v1?label=AppVersion&message=2.9.1&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-10-10 - -* :bug: Should check hostNetwork when hostPort != containerPort - - -## 12.0.2 ![AppVersion: 2.9.1](https://img.shields.io/static/v1?label=AppVersion&message=2.9.1&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-10-07 - -* :goal_net: Fail gracefully when hostNetwork is enabled and hostPort != containerPort - - -## 12.0.1 ![AppVersion: 2.9.1](https://img.shields.io/static/v1?label=AppVersion&message=2.9.1&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-10-07 - -* :bug: Fix a typo on `behavior` for HPA v2 - - -## 12.0.0 ![AppVersion: 2.9.1](https://img.shields.io/static/v1?label=AppVersion&message=2.9.1&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-10-06 - -* Update default HPA API Version to `v2` and add support for behavior (#518) - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 2bd51f8..3526729 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -488,11 +488,22 @@ autoscaling: - # - type: Resource - # resource: - # name: cpu --# targetAverageUtilization: 60 -+# target: -+# type: Utilization -+# averageUtilization: 60 - # - type: Resource - # resource: - # name: memory --# targetAverageUtilization: 60 -+# target: -+# type: Utilization -+# averageUtilization: 60 -+# behavior: -+# scaleDown: -+# stabilizationWindowSeconds: 300 -+# policies: -+# - type: Pods -+# value: 1 -+# periodSeconds: 60 - - # Enable persistence using Persistent Volume Claims - # ref: http://kubernetes.io/docs/user-guide/persistent-volumes/ -``` - -## 11.1.1 ![AppVersion: 2.9.1](https://img.shields.io/static/v1?label=AppVersion&message=2.9.1&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-10-05 - -* 🔊 add failure message when using maxUnavailable 0 and hostNetwork - - -## 11.1.0 ![AppVersion: 2.9.1](https://img.shields.io/static/v1?label=AppVersion&message=2.9.1&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-10-04 - -* Update Traefik to v2.9.1 - - -## 11.0.0 ![AppVersion: 2.8.7](https://img.shields.io/static/v1?label=AppVersion&message=2.8.7&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-10-04 - -* tweak default values to avoid downtime when updating - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 844cadc..2bd51f8 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -126,20 +126,20 @@ ingressRoute: - entryPoints: ["traefik"] - - rollingUpdate: -- maxUnavailable: 1 -+ maxUnavailable: 0 - maxSurge: 1 - - # Customize liveness and readiness probe values. - readinessProbe: - failureThreshold: 1 -- initialDelaySeconds: 10 -+ initialDelaySeconds: 2 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 2 - - livenessProbe: - failureThreshold: 3 -- initialDelaySeconds: 10 -+ initialDelaySeconds: 2 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 2 -``` - -## 10.33.0 ![AppVersion: 2.8.7](https://img.shields.io/static/v1?label=AppVersion&message=2.8.7&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-10-04 - -* :rocket: Add `extraObjects` value that allows creating adhoc resources - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index c926bd9..844cadc 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -598,3 +598,10 @@ securityContext: - - podSecurityContext: - fsGroup: 65532 -+ -+# -+# Extra objects to deploy (value evaluated as a template) -+# -+# In some cases, it can avoid the need for additional, extended or adhoc deployments. -+# See #595 for more details and traefik/tests/extra.yaml for example. -+extraObjects: [] -``` - -## 10.32.0 ![AppVersion: 2.8.7](https://img.shields.io/static/v1?label=AppVersion&message=2.8.7&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-10-03 - -* Add support setting middleware on entrypoint - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 3957448..c926bd9 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -397,6 +397,16 @@ ports: - # sans: - # - foo.example.com - # - bar.example.com -+ # -+ # One can apply Middlewares on an entrypoint -+ # https://doc.traefik.io/traefik/middlewares/overview/ -+ # https://doc.traefik.io/traefik/routing/entrypoints/#middlewares -+ # /!\ It introduces here a link between your static configuration and your dynamic configuration /!\ -+ # It follows the provider naming convention: https://doc.traefik.io/traefik/providers/overview/#provider-namespace -+ # middlewares: -+ # - namespace-name1@kubernetescrd -+ # - namespace-name2@kubernetescrd -+ middlewares: [] - metrics: - # When using hostNetwork, use another port to avoid conflict with node exporter: - # https://github.com/prometheus/prometheus/wiki/Default-port-allocations -``` - -## 10.31.0 ![AppVersion: 2.8.7](https://img.shields.io/static/v1?label=AppVersion&message=2.8.7&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-10-03 - -* Support setting dashboard entryPoints for ingressRoute resource - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index c9feb76..3957448 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -120,6 +120,10 @@ ingressRoute: - annotations: {} - # Additional ingressRoute labels (e.g. for filtering IngressRoute by custom labels) - labels: {} -+ # Specify the allowed entrypoints to use for the dashboard ingress route, (e.g. traefik, web, websecure). -+ # By default, it's using traefik entrypoint, which is not exposed. -+ # /!\ Do not expose your dashboard without any protection over the internet /!\ -+ entryPoints: ["traefik"] - - rollingUpdate: - maxUnavailable: 1 -``` - -## 10.30.2 ![AppVersion: 2.8.7](https://img.shields.io/static/v1?label=AppVersion&message=2.8.7&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-10-03 - -* :test_tube: Fail gracefully when asked to provide a service without ports - - -## 10.30.1 ![AppVersion: 2.8.7](https://img.shields.io/static/v1?label=AppVersion&message=2.8.7&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-09-30 - -* :arrow_up: Upgrade helm, ct & unittest (#638) - - -## 10.30.0 ![AppVersion: 2.8.7](https://img.shields.io/static/v1?label=AppVersion&message=2.8.7&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-09-30 - -* Add support HTTPS scheme for healthcheks - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index fed4a8a..c9feb76 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -340,6 +340,10 @@ ports: - # with an external Load Balancer that performs healthchecks. - # healthchecksPort: 9000 - -+ # Override the liveness/readiness scheme. Useful for getting ping to -+ # respond on websecure entryPoint. -+ # healthchecksScheme: HTTPS -+ - # Defines whether the port is exposed if service.type is LoadBalancer or - # NodePort. - # -``` - -## 10.29.0 ![AppVersion: 2.8.7](https://img.shields.io/static/v1?label=AppVersion&message=2.8.7&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-09-29 - -* Add missing tracing options - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index d1708cc..fed4a8a 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -247,12 +247,45 @@ metrics: - - tracing: {} - # instana: -- # enabled: true -+ # localAgentHost: 127.0.0.1 -+ # localAgentPort: 42699 -+ # logLevel: info -+ # enableAutoProfile: true - # datadog: - # localAgentHostPort: 127.0.0.1:8126 - # debug: false - # globalTag: "" - # prioritySampling: false -+ # jaeger: -+ # samplingServerURL: http://localhost:5778/sampling -+ # samplingType: const -+ # samplingParam: 1.0 -+ # localAgentHostPort: 127.0.0.1:6831 -+ # gen128Bit: false -+ # propagation: jaeger -+ # traceContextHeaderName: uber-trace-id -+ # disableAttemptReconnecting: true -+ # collector: -+ # endpoint: "" -+ # user: "" -+ # password: "" -+ # zipkin: -+ # httpEndpoint: http://localhost:9411/api/v2/spans -+ # sameSpan: false -+ # id128Bit: true -+ # sampleRate: 1.0 -+ # haystack: -+ # localAgentHost: 127.0.0.1 -+ # localAgentPort: 35000 -+ # globalTag: "" -+ # traceIDHeaderName: "" -+ # parentIDHeaderName: "" -+ # spanIDHeaderName: "" -+ # baggagePrefixHeaderName: "" -+ # elastic: -+ # serverURL: http://localhost:8200 -+ # secretToken: "" -+ # serviceEnvironment: "" - - globalArguments: - - "--global.checknewversion" -``` - -## 10.28.0 ![AppVersion: 2.8.7](https://img.shields.io/static/v1?label=AppVersion&message=2.8.7&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-09-29 - -* feat: add lifecycle for prestop and poststart - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 19a133c..d1708cc 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -59,6 +59,17 @@ deployment: - # Additional imagePullSecrets - imagePullSecrets: [] - # - name: myRegistryKeySecretName -+ # Pod lifecycle actions -+ lifecycle: {} -+ # preStop: -+ # exec: -+ # command: ["/bin/sh", "-c", "sleep 40"] -+ # postStart: -+ # httpGet: -+ # path: /ping -+ # port: 9000 -+ # host: localhost -+ # scheme: HTTP - - # Pod disruption budget - podDisruptionBudget: -``` - -## 10.27.0 ![AppVersion: 2.8.7](https://img.shields.io/static/v1?label=AppVersion&message=2.8.7&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-09-29 - -* feat: add create gateway option - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index d9c745e..19a133c 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -91,6 +91,8 @@ experimental: - enabled: false - kubernetesGateway: - enabled: false -+ gateway: -+ enabled: true - # certificate: - # group: "core" - # kind: "Secret" -``` - -## 10.26.1 ![AppVersion: 2.8.7](https://img.shields.io/static/v1?label=AppVersion&message=2.8.7&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-09-28 - -* 🐛 fix rbac templating (#636) - - -## 10.26.0 ![AppVersion: 2.8.7](https://img.shields.io/static/v1?label=AppVersion&message=2.8.7&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-09-28 - -* :bug: Fix ingressClass support when rbac.namespaced=true (#499) - - -## 10.25.1 ![AppVersion: 2.8.7](https://img.shields.io/static/v1?label=AppVersion&message=2.8.7&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-09-28 - -* Add ingressclasses to traefik role - - -## 10.25.0 ![AppVersion: 2.8.7](https://img.shields.io/static/v1?label=AppVersion&message=2.8.7&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-09-27 - -* Add TLSStore resource to chart - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index d4011c3..d9c745e 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -373,6 +373,15 @@ ports: - # - CurveP384 - tlsOptions: {} - -+# TLS Store are created as TLSStore CRDs. This is useful if you want to set a default certificate -+# https://doc.traefik.io/traefik/https/tls/#default-certificate -+# Example: -+# tlsStore: -+# default: -+# defaultCertificate: -+# secretName: tls-cert -+tlsStore: {} -+ - # Options for the main traefik service, where the entrypoints traffic comes - # from. - service: -``` - -## 10.24.5 ![AppVersion: 2.8.7](https://img.shields.io/static/v1?label=AppVersion&message=2.8.7&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-09-27 - -* Suggest an alternative port for metrics - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 81f2e85..d4011c3 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -344,6 +344,8 @@ ports: - # - foo.example.com - # - bar.example.com - metrics: -+ # When using hostNetwork, use another port to avoid conflict with node exporter: -+ # https://github.com/prometheus/prometheus/wiki/Default-port-allocations - port: 9100 - # hostPort: 9100 - # Defines whether the port is exposed if service.type is LoadBalancer or -``` - -## 10.24.4 ![AppVersion: 2.8.7](https://img.shields.io/static/v1?label=AppVersion&message=2.8.7&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-09-26 - -* Update Traefik to v2.8.7 - - -## 10.24.3 ![AppVersion: 2.8.5](https://img.shields.io/static/v1?label=AppVersion&message=2.8.5&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-09-14 - -* Update Traefik version to v2.8.5 - - -## 10.24.2 ![AppVersion: 2.8.4](https://img.shields.io/static/v1?label=AppVersion&message=2.8.4&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-09-05 - -* Update Traefik version to v2.8.4 - - -## 10.24.1 ![AppVersion: 2.8.0](https://img.shields.io/static/v1?label=AppVersion&message=2.8.0&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-08-29 - -* Update PodDisruptionBudget apiVersion to policy/v1 - - -## 10.24.0 ![AppVersion: 2.8.0](https://img.shields.io/static/v1?label=AppVersion&message=2.8.0&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-06-30 - -* Update Traefik version to v2.8.0 - - -## 10.23.0 ![AppVersion: 2.7.1](https://img.shields.io/static/v1?label=AppVersion&message=2.7.1&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-06-27 - -* Support environment variable usage for Datadog - - -## 10.22.0 ![AppVersion: 2.7.1](https://img.shields.io/static/v1?label=AppVersion&message=2.7.1&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-06-22 - -* Allow setting revisionHistoryLimit for Deployment and DaemonSet - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index d5785ab..81f2e85 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -14,6 +14,8 @@ deployment: - kind: Deployment - # Number of pods of the deployment (only applies when kind == Deployment) - replicas: 1 -+ # Number of old history to retain to allow rollback (If not set, default Kubernetes value is set to 10) -+ # revisionHistoryLimit: 1 - # Amount of time (in seconds) before Kubernetes will send the SIGKILL signal if Traefik does not shut down - terminationGracePeriodSeconds: 60 - # The minimum number of seconds Traefik needs to be up and running before the DaemonSet/Deployment controller considers it available -``` - -## 10.21.1 ![AppVersion: 2.7.1](https://img.shields.io/static/v1?label=AppVersion&message=2.7.1&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-06-15 - -* Update Traefik version to 2.7.1 - - -## 10.21.0 ![AppVersion: 2.7.0](https://img.shields.io/static/v1?label=AppVersion&message=2.7.0&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-06-15 - -* Support allowEmptyServices config for KubernetesCRD - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index e141e29..d5785ab 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -133,6 +133,7 @@ providers: - enabled: true - allowCrossNamespace: false - allowExternalNameServices: false -+ allowEmptyServices: false - # ingressClass: traefik-internal - # labelSelector: environment=production,method=traefik - namespaces: [] -``` - -## 10.20.1 ![AppVersion: 2.7.0](https://img.shields.io/static/v1?label=AppVersion&message=2.7.0&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-06-01 - -* Add Acme certificate resolver configuration - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index a16b107..e141e29 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -433,6 +433,27 @@ persistence: - annotations: {} - # subPath: "" # only mount a subpath of the Volume into the pod - -+certResolvers: {} -+# letsencrypt: -+# # for challenge options cf. https://doc.traefik.io/traefik/https/acme/ -+# email: email@example.com -+# dnsChallenge: -+# # also add the provider's required configuration under env -+# # or expand then from secrets/configmaps with envfrom -+# # cf. https://doc.traefik.io/traefik/https/acme/#providers -+# provider: digitalocean -+# # add futher options for the dns challenge as needed -+# # cf. https://doc.traefik.io/traefik/https/acme/#dnschallenge -+# delayBeforeCheck: 30 -+# resolvers: -+# - 1.1.1.1 -+# - 8.8.8.8 -+# tlsChallenge: true -+# httpChallenge: -+# entryPoint: "web" -+# # match the path to persistence -+# storage: /data/acme.json -+ - # If hostNetwork is true, runs traefik in the host network namespace - # To prevent unschedulabel pods due to port collisions, if hostNetwork=true - # and replicas>1, a pod anti-affinity is recommended and will be set if the -``` - -## 10.20.0 ![AppVersion: 2.7.0](https://img.shields.io/static/v1?label=AppVersion&message=2.7.0&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-05-25 - -* Update Traefik Proxy to v2.7.0 - - -## 10.19.5 ![AppVersion: 2.6.6](https://img.shields.io/static/v1?label=AppVersion&message=2.6.6&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-05-04 - -* Upgrade Traefik to 2.6.6 - - -## 10.19.4 ![AppVersion: 2.6.3](https://img.shields.io/static/v1?label=AppVersion&message=2.6.3&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-03-31 - -* Update Traefik dependency version to 2.6.3 - - -## 10.19.3 ![AppVersion: 2.6.2](https://img.shields.io/static/v1?label=AppVersion&message=2.6.2&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-03-30 - -* Update CRDs to match the ones defined in the reference documentation - - -## 10.19.2 ![AppVersion: 2.6.2](https://img.shields.io/static/v1?label=AppVersion&message=2.6.2&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-03-30 - -* Revert Traefik version to 2.6.2 - - -## 10.19.1 ![AppVersion: 2.6.3](https://img.shields.io/static/v1?label=AppVersion&message=2.6.3&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-03-30 - -* Update Traefik version to 2.6.3 - - -## 10.19.0 ![AppVersion: 2.6.2](https://img.shields.io/static/v1?label=AppVersion&message=2.6.2&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-03-28 - -* Support ingressClass option for KubernetesIngress provider - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 02ab704..a16b107 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -142,6 +142,7 @@ providers: - enabled: true - allowExternalNameServices: false - allowEmptyServices: false -+ # ingressClass: traefik-internal - # labelSelector: environment=production,method=traefik - namespaces: [] - # - "default" -``` - -## 10.18.0 ![AppVersion: 2.6.2](https://img.shields.io/static/v1?label=AppVersion&message=2.6.2&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-03-28 - -* Support liveness and readyness probes customization - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 15f1103..02ab704 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -110,6 +110,20 @@ rollingUpdate: - maxUnavailable: 1 - maxSurge: 1 - -+# Customize liveness and readiness probe values. -+readinessProbe: -+ failureThreshold: 1 -+ initialDelaySeconds: 10 -+ periodSeconds: 10 -+ successThreshold: 1 -+ timeoutSeconds: 2 -+ -+livenessProbe: -+ failureThreshold: 3 -+ initialDelaySeconds: 10 -+ periodSeconds: 10 -+ successThreshold: 1 -+ timeoutSeconds: 2 - - # - # Configure providers -``` - -## 10.17.0 ![AppVersion: 2.6.2](https://img.shields.io/static/v1?label=AppVersion&message=2.6.2&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-03-28 - -* Support Datadog tracing - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 4dccd1a..15f1103 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -217,6 +217,11 @@ metrics: - tracing: {} - # instana: - # enabled: true -+ # datadog: -+ # localAgentHostPort: 127.0.0.1:8126 -+ # debug: false -+ # globalTag: "" -+ # prioritySampling: false - - globalArguments: - - "--global.checknewversion" -``` - -## 10.16.1 ![AppVersion: 2.6.2](https://img.shields.io/static/v1?label=AppVersion&message=2.6.2&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-03-28 - -* Update Traefik version to 2.6.2 - - -## 10.16.0 ![AppVersion: 2.6.1](https://img.shields.io/static/v1?label=AppVersion&message=2.6.1&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-03-28 - -* Support allowEmptyServices for KubernetesIngress provider - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 1f9dbbe..4dccd1a 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -127,6 +127,7 @@ providers: - kubernetesIngress: - enabled: true - allowExternalNameServices: false -+ allowEmptyServices: false - # labelSelector: environment=production,method=traefik - namespaces: [] - # - "default" -``` - -## 10.15.0 ![AppVersion: 2.6.1](https://img.shields.io/static/v1?label=AppVersion&message=2.6.1&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-03-08 - -* Add metrics.prometheus.addRoutersLabels option - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index cd4d49b..1f9dbbe 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -209,6 +209,7 @@ metrics: - # protocol: udp - prometheus: - entryPoint: metrics -+ # addRoutersLabels: true - # statsd: - # address: localhost:8125 - -``` - -## 10.14.2 ![AppVersion: 2.6.1](https://img.shields.io/static/v1?label=AppVersion&message=2.6.1&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-02-18 - -* Update Traefik to v2.6.1 - - -## 10.14.1 ![AppVersion: 2.6.0](https://img.shields.io/static/v1?label=AppVersion&message=2.6.0&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-02-09 - -* Add missing inFlightConn TCP middleware CRD - - -## 10.14.0 ![AppVersion: 2.6.0](https://img.shields.io/static/v1?label=AppVersion&message=2.6.0&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-02-03 - -* Add experimental HTTP/3 support - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index d49122f..cd4d49b 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -83,6 +83,8 @@ pilot: - - # Enable experimental features - experimental: -+ http3: -+ enabled: false - plugins: - enabled: false - kubernetesGateway: -@@ -300,6 +302,10 @@ ports: - # The port protocol (TCP/UDP) - protocol: TCP - # nodePort: 32443 -+ # Enable HTTP/3. -+ # Requires enabling experimental http3 feature and tls. -+ # Note that you cannot have a UDP entrypoint with the same port. -+ # http3: true - # Set TLS at the entrypoint - # https://doc.traefik.io/traefik/routing/entrypoints/#tls - tls: -``` - -## 10.13.0 ![AppVersion: 2.6.0](https://img.shields.io/static/v1?label=AppVersion&message=2.6.0&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-02-01 - -* Add support for ipFamilies - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 32fce6f..d49122f 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -366,6 +366,11 @@ service: - # - 1.2.3.4 - # One of SingleStack, PreferDualStack, or RequireDualStack. - # ipFamilyPolicy: SingleStack -+ # List of IP families (e.g. IPv4 and/or IPv6). -+ # ref: https://kubernetes.io/docs/concepts/services-networking/dual-stack/#services -+ # ipFamilies: -+ # - IPv4 -+ # - IPv6 - - ## Create HorizontalPodAutoscaler object. - ## -``` - -## 10.12.0 ![AppVersion: 2.6.0](https://img.shields.io/static/v1?label=AppVersion&message=2.6.0&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-02-01 - -* Add shareProcessNamespace option to podtemplate - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index ab25456..32fce6f 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -50,6 +50,8 @@ deployment: - # volumeMounts: - # - name: data - # mountPath: /data -+ # Use process namespace sharing -+ shareProcessNamespace: false - # Custom pod DNS policy. Apply if `hostNetwork: true` - # dnsPolicy: ClusterFirstWithHostNet - # Additional imagePullSecrets -``` - -## 10.11.1 ![AppVersion: 2.6.0](https://img.shields.io/static/v1?label=AppVersion&message=2.6.0&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-01-31 - -* Fix anti-affinity example - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 8c72905..ab25456 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -438,13 +438,13 @@ affinity: {} - # # It should be used when hostNetwork: true to prevent port conflicts - # podAntiAffinity: - # requiredDuringSchedulingIgnoredDuringExecution: --# - labelSelector: --# matchExpressions: --# - key: app --# operator: In --# values: --# - {{ template "traefik.name" . }} --# topologyKey: failure-domain.beta.kubernetes.io/zone -+# - labelSelector: -+# matchExpressions: -+# - key: app.kubernetes.io/name -+# operator: In -+# values: -+# - {{ template "traefik.name" . }} -+# topologyKey: kubernetes.io/hostname - nodeSelector: {} - tolerations: [] - -``` - -## 10.11.0 ![AppVersion: 2.6.0](https://img.shields.io/static/v1?label=AppVersion&message=2.6.0&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-01-31 - -* Add setting to enable Instana tracing - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 7fe4a2c..8c72905 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -208,6 +208,10 @@ metrics: - # statsd: - # address: localhost:8125 - -+tracing: {} -+ # instana: -+ # enabled: true -+ - globalArguments: - - "--global.checknewversion" - - "--global.sendanonymoususage" -``` - -## 10.10.0 ![AppVersion: 2.6.0](https://img.shields.io/static/v1?label=AppVersion&message=2.6.0&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2022-01-31 - -* Update Traefik to v2.6 - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 8ae4bd8..7fe4a2c 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -85,9 +85,8 @@ experimental: - enabled: false - kubernetesGateway: - enabled: false -- appLabelSelector: "traefik" -- certificates: [] -- # - group: "core" -+ # certificate: -+ # group: "core" - # kind: "Secret" - # name: "mysecret" - # By default, Gateway would be created to the Namespace you are deploying Traefik to. -``` - -## 10.9.1 ![AppVersion: 2.5.6](https://img.shields.io/static/v1?label=AppVersion&message=2.5.6&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2021-12-24 - -* Bump traefik version to 2.5.6 - - -## 10.9.0 ![AppVersion: 2.5.4](https://img.shields.io/static/v1?label=AppVersion&message=2.5.4&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2021-12-20 - -* feat: add allowExternalNameServices to KubernetesIngress provider - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 79df205..8ae4bd8 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -123,6 +123,7 @@ providers: - - kubernetesIngress: - enabled: true -+ allowExternalNameServices: false - # labelSelector: environment=production,method=traefik - namespaces: [] - # - "default" -``` - -## 10.8.0 ![AppVersion: 2.5.4](https://img.shields.io/static/v1?label=AppVersion&message=2.5.4&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2021-12-20 - -* Add support to specify minReadySeconds on Deployment/DaemonSet - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 7e9186b..79df205 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -16,6 +16,8 @@ deployment: - replicas: 1 - # Amount of time (in seconds) before Kubernetes will send the SIGKILL signal if Traefik does not shut down - terminationGracePeriodSeconds: 60 -+ # The minimum number of seconds Traefik needs to be up and running before the DaemonSet/Deployment controller considers it available -+ minReadySeconds: 0 - # Additional deployment annotations (e.g. for jaeger-operator sidecar injection) - annotations: {} - # Additional deployment labels (e.g. for filtering deployment by custom labels) -``` - -## 10.7.1 ![AppVersion: 2.5.4](https://img.shields.io/static/v1?label=AppVersion&message=2.5.4&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2021-12-06 - -* Fix pod disruption when using percentages - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index e0655c8..7e9186b 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -52,13 +52,15 @@ deployment: - # dnsPolicy: ClusterFirstWithHostNet - # Additional imagePullSecrets - imagePullSecrets: [] -- # - name: myRegistryKeySecretName -+ # - name: myRegistryKeySecretName - - # Pod disruption budget - podDisruptionBudget: - enabled: false - # maxUnavailable: 1 -+ # maxUnavailable: 33% - # minAvailable: 0 -+ # minAvailable: 25% - - # Use ingressClass. Ignored if Traefik version < 2.3 / kubernetes < 1.18.x - ingressClass: -``` - -## 10.7.0 ![AppVersion: 2.5.4](https://img.shields.io/static/v1?label=AppVersion&message=2.5.4&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2021-12-06 - -* Add support for ipFamilyPolicy - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 3ec7105..e0655c8 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -343,8 +343,8 @@ service: - annotationsUDP: {} - # Additional service labels (e.g. for filtering Service by custom labels) - labels: {} -- # Additional entries here will be added to the service spec. Cannot contains -- # type, selector or ports entries. -+ # Additional entries here will be added to the service spec. -+ # Cannot contain type, selector or ports entries. - spec: {} - # externalTrafficPolicy: Cluster - # loadBalancerIP: "1.2.3.4" -@@ -354,6 +354,8 @@ service: - # - 172.16.0.0/16 - externalIPs: [] - # - 1.2.3.4 -+ # One of SingleStack, PreferDualStack, or RequireDualStack. -+ # ipFamilyPolicy: SingleStack - - ## Create HorizontalPodAutoscaler object. - ## -``` - -## 10.6.2 ![AppVersion: 2.5.4](https://img.shields.io/static/v1?label=AppVersion&message=2.5.4&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2021-11-15 - -* Bump Traefik version to 2.5.4 - - -## 10.6.1 ![AppVersion: 2.5.3](https://img.shields.io/static/v1?label=AppVersion&message=2.5.3&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2021-11-05 - -* Add missing Gateway API resources to ClusterRole - - -## 10.6.0 ![AppVersion: 2.5.3](https://img.shields.io/static/v1?label=AppVersion&message=2.5.3&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2021-10-13 - -* feat: allow termination grace period to be configurable - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index f06ebc6..3ec7105 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -14,6 +14,8 @@ deployment: - kind: Deployment - # Number of pods of the deployment (only applies when kind == Deployment) - replicas: 1 -+ # Amount of time (in seconds) before Kubernetes will send the SIGKILL signal if Traefik does not shut down -+ terminationGracePeriodSeconds: 60 - # Additional deployment annotations (e.g. for jaeger-operator sidecar injection) - annotations: {} - # Additional deployment labels (e.g. for filtering deployment by custom labels) -``` - -## 10.5.0 ![AppVersion: 2.5.3](https://img.shields.io/static/v1?label=AppVersion&message=2.5.3&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2021-10-13 - -* feat: add allowExternalNameServices to Kubernetes CRD provider - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 3bcb350..f06ebc6 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -109,6 +109,7 @@ providers: - kubernetesCRD: - enabled: true - allowCrossNamespace: false -+ allowExternalNameServices: false - # ingressClass: traefik-internal - # labelSelector: environment=production,method=traefik - namespaces: [] -``` - -## 10.4.2 ![AppVersion: 2.5.3](https://img.shields.io/static/v1?label=AppVersion&message=2.5.3&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2021-10-13 - -* fix(crd): add permissionsPolicy to headers middleware - - -## 10.4.1 ![AppVersion: 2.5.3](https://img.shields.io/static/v1?label=AppVersion&message=2.5.3&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2021-10-13 - -* fix(crd): add peerCertURI option to ServersTransport - - -## 10.4.0 ![AppVersion: 2.5.3](https://img.shields.io/static/v1?label=AppVersion&message=2.5.3&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2021-10-12 - -* Add Kubernetes CRD labelSelector and ingressClass options - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index f54f5fe..3bcb350 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -109,8 +109,11 @@ providers: - kubernetesCRD: - enabled: true - allowCrossNamespace: false -+ # ingressClass: traefik-internal -+ # labelSelector: environment=production,method=traefik - namespaces: [] - # - "default" -+ - kubernetesIngress: - enabled: true - # labelSelector: environment=production,method=traefik -``` - -## 10.3.6 ![AppVersion: 2.5.3](https://img.shields.io/static/v1?label=AppVersion&message=2.5.3&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2021-09-24 - -* Fix missing RequireAnyClientCert value to TLSOption CRD - - -## 10.3.5 ![AppVersion: 2.5.3](https://img.shields.io/static/v1?label=AppVersion&message=2.5.3&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2021-09-23 - -* Bump Traefik version to 2.5.3 - - -## 10.3.4 ![AppVersion: 2.5.1](https://img.shields.io/static/v1?label=AppVersion&message=2.5.1&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2021-09-17 - -* Add allowCrossNamespace option on kubernetesCRD provider - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 7e3a579..f54f5fe 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -108,6 +108,7 @@ rollingUpdate: - providers: - kubernetesCRD: - enabled: true -+ allowCrossNamespace: false - namespaces: [] - # - "default" - kubernetesIngress: -``` - -## 10.3.3 ![AppVersion: 2.5.1](https://img.shields.io/static/v1?label=AppVersion&message=2.5.1&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2021-09-17 - -* fix(crd): missing alpnProtocols in TLSOption - - -## 10.3.2 ![AppVersion: 2.5.1](https://img.shields.io/static/v1?label=AppVersion&message=2.5.1&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2021-08-23 - -* Releasing 2.5.1 - - -## 10.3.1 ![AppVersion: 2.5.0](https://img.shields.io/static/v1?label=AppVersion&message=2.5.0&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2021-08-20 - -* Fix Ingress RBAC for namespaced scoped deployment - - -## 10.3.0 ![AppVersion: 2.5.0](https://img.shields.io/static/v1?label=AppVersion&message=2.5.0&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2021-08-18 - -* Releasing Traefik 2.5.0 - - -## 10.2.0 ![AppVersion: 2.4.13](https://img.shields.io/static/v1?label=AppVersion&message=2.4.13&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2021-08-18 - -* Allow setting TCP and UDP service annotations separately - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 72a01ea..7e3a579 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -328,8 +328,12 @@ tlsOptions: {} - service: - enabled: true - type: LoadBalancer -- # Additional annotations (e.g. for cloud provider specific config) -+ # Additional annotations applied to both TCP and UDP services (e.g. for cloud provider specific config) - annotations: {} -+ # Additional annotations for TCP service only -+ annotationsTCP: {} -+ # Additional annotations for UDP service only -+ annotationsUDP: {} - # Additional service labels (e.g. for filtering Service by custom labels) - labels: {} - # Additional entries here will be added to the service spec. Cannot contains -``` - -## 10.1.6 ![AppVersion: 2.4.13](https://img.shields.io/static/v1?label=AppVersion&message=2.4.13&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2021-08-17 - -* fix: missing service labels - - -## 10.1.5 ![AppVersion: 2.4.13](https://img.shields.io/static/v1?label=AppVersion&message=2.4.13&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2021-08-17 - -* fix(pvc-annotaions): see traefik/traefik-helm-chart#471 - - -## 10.1.4 ![AppVersion: 2.4.13](https://img.shields.io/static/v1?label=AppVersion&message=2.4.13&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2021-08-17 - -* fix(ingressclass): fallbackApiVersion default shouldn't be `nil` - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 04d336c..72a01ea 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -64,7 +64,7 @@ ingressClass: - enabled: false - isDefaultClass: false - # Use to force a networking.k8s.io API Version for certain CI/CD applications. E.g. "v1beta1" -- fallbackApiVersion: -+ fallbackApiVersion: "" - - # Activate Pilot integration - pilot: -``` - -## 10.1.3 ![AppVersion: 2.4.13](https://img.shields.io/static/v1?label=AppVersion&message=2.4.13&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2021-08-16 - -* Move Prometheus annotations to Pods - - -## 10.1.2 ![AppVersion: 2.4.13](https://img.shields.io/static/v1?label=AppVersion&message=2.4.13&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2021-08-10 - -* Version bumped 2.4.13 - - -## 10.1.1 ![AppVersion: 2.4.9](https://img.shields.io/static/v1?label=AppVersion&message=2.4.9&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2021-07-20 - -* Fixing Prometheus.io/port annotation - - -## 10.1.0 ![AppVersion: 2.4.9](https://img.shields.io/static/v1?label=AppVersion&message=2.4.9&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2021-07-20 - -* Add metrics framework, and prom annotations - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index f6e370a..04d336c 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -186,6 +186,17 @@ logs: - # Authorization: drop - # Content-Type: keep - -+metrics: -+ # datadog: -+ # address: 127.0.0.1:8125 -+ # influxdb: -+ # address: localhost:8089 -+ # protocol: udp -+ prometheus: -+ entryPoint: metrics -+ # statsd: -+ # address: localhost:8125 -+ - globalArguments: - - "--global.checknewversion" - - "--global.sendanonymoususage" -@@ -284,6 +295,20 @@ ports: - # sans: - # - foo.example.com - # - bar.example.com -+ metrics: -+ port: 9100 -+ # hostPort: 9100 -+ # Defines whether the port is exposed if service.type is LoadBalancer or -+ # NodePort. -+ # -+ # You may not want to expose the metrics port on production deployments. -+ # If you want to access it from outside of your cluster, -+ # use `kubectl port-forward` or create a secure ingress -+ expose: false -+ # The exposed port for this service -+ exposedPort: 9100 -+ # The port protocol (TCP/UDP) -+ protocol: TCP - - # TLS Options are created as TLSOption CRDs - # https://doc.traefik.io/traefik/https/tls/#tls-options -``` - -## 10.0.2 ![AppVersion: 2.4.9](https://img.shields.io/static/v1?label=AppVersion&message=2.4.9&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2021-07-14 - -* feat(gateway): introduces param / pick Namespace installing Gateway - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 9bf90ea..f6e370a 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -84,6 +84,9 @@ experimental: - # - group: "core" - # kind: "Secret" - # name: "mysecret" -+ # By default, Gateway would be created to the Namespace you are deploying Traefik to. -+ # You may create that Gateway in another namespace, setting its name below: -+ # namespace: default - - # Create an IngressRoute for the dashboard - ingressRoute: -``` - -## 10.0.1 ![AppVersion: 2.4.9](https://img.shields.io/static/v1?label=AppVersion&message=2.4.9&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2021-07-14 - -* Add RBAC for middlewaretcps - - -## 10.0.0 ![AppVersion: 2.4.9](https://img.shields.io/static/v1?label=AppVersion&message=2.4.9&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2021-07-07 - -* Update CRD versions - - -## 9.20.1 ![AppVersion: 2.4.8](https://img.shields.io/static/v1?label=AppVersion&message=2.4.8&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2021-07-05 - -* Revert CRD templating - - -## 9.20.0 ![AppVersion: 2.4.8](https://img.shields.io/static/v1?label=AppVersion&message=2.4.8&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2021-07-05 - -* Add support for apiextensions v1 CRDs - - -## 9.19.2 ![AppVersion: 2.4.8](https://img.shields.io/static/v1?label=AppVersion&message=2.4.8&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2021-06-16 - -* Add name-metadata for service "List" object - - -## 9.19.1 ![AppVersion: 2.4.8](https://img.shields.io/static/v1?label=AppVersion&message=2.4.8&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2021-05-13 - -* fix simple typo - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index b30afac..9bf90ea 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -363,7 +363,7 @@ rbac: - # If set to true, installs namespace-specific Role and RoleBinding and requires provider configuration be set to that same namespace - namespaced: false - --# Enable to create a PodSecurityPolicy and assign it to the Service Account via RoleBindin or ClusterRoleBinding -+# Enable to create a PodSecurityPolicy and assign it to the Service Account via RoleBinding or ClusterRoleBinding - podSecurityPolicy: - enabled: false - -``` - -## 9.19.0 ![AppVersion: 2.4.8](https://img.shields.io/static/v1?label=AppVersion&message=2.4.8&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2021-04-29 - -* Fix IngressClass api version - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 0aa2d6b..b30afac 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -63,6 +63,8 @@ ingressClass: - # true is not unit-testable yet, pending https://github.com/rancher/helm-unittest/pull/12 - enabled: false - isDefaultClass: false -+ # Use to force a networking.k8s.io API Version for certain CI/CD applications. E.g. "v1beta1" -+ fallbackApiVersion: - - # Activate Pilot integration - pilot: -``` - -## 9.18.3 ![AppVersion: 2.4.8](https://img.shields.io/static/v1?label=AppVersion&message=2.4.8&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2021-04-26 - -* Fix: ignore provider namespace args on disabled - - -## 9.18.2 ![AppVersion: 2.4.8](https://img.shields.io/static/v1?label=AppVersion&message=2.4.8&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2021-04-02 - -* Fix pilot dashboard deactivation - - -## 9.18.1 ![AppVersion: 2.4.8](https://img.shields.io/static/v1?label=AppVersion&message=2.4.8&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2021-03-29 - -* Do not disable Traefik Pilot in the dashboard by default - - -## 9.18.0 ![AppVersion: 2.4.8](https://img.shields.io/static/v1?label=AppVersion&message=2.4.8&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2021-03-24 - -* Add an option to toggle the pilot dashboard - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 017f771..0aa2d6b 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -68,6 +68,8 @@ ingressClass: - pilot: - enabled: false - token: "" -+ # Toggle Pilot Dashboard -+ # dashboard: false - - # Enable experimental features - experimental: -``` - -## 9.17.6 ![AppVersion: 2.4.8](https://img.shields.io/static/v1?label=AppVersion&message=2.4.8&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2021-03-24 - -* Bump Traefik to 2.4.8 - - -## 9.17.5 ![AppVersion: 2.4.7](https://img.shields.io/static/v1?label=AppVersion&message=2.4.7&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2021-03-17 - -* feat(labelSelector): option matching Ingresses based on labelSelectors - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 868a985..017f771 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -105,6 +105,7 @@ providers: - # - "default" - kubernetesIngress: - enabled: true -+ # labelSelector: environment=production,method=traefik - namespaces: [] - # - "default" - # IP used for Kubernetes Ingress endpoints -``` - -## 9.17.4 ![AppVersion: 2.4.7](https://img.shields.io/static/v1?label=AppVersion&message=2.4.7&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2021-03-17 - -* Add helm resource-policy annotation on PVC - - -## 9.17.3 ![AppVersion: 2.4.7](https://img.shields.io/static/v1?label=AppVersion&message=2.4.7&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2021-03-17 - -* Throw error with explicit latest tag - - -## 9.17.2 ![AppVersion: 2.4.7](https://img.shields.io/static/v1?label=AppVersion&message=2.4.7&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2021-03-10 - -* fix(keywords): removed by mistake - - -## 9.17.1 ![AppVersion: 2.4.7](https://img.shields.io/static/v1?label=AppVersion&message=2.4.7&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2021-03-10 - -* feat(healthchecksPort): Support for overriding the liveness/readiness probes port - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 56abb93..868a985 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -120,6 +120,8 @@ providers: - # After the volume has been mounted, add the configs into traefik by using the `additionalArguments` list below, eg: - # additionalArguments: - # - "--providers.file.filename=/config/dynamic.toml" -+# - "--ping" -+# - "--ping.entrypoint=web" - volumes: [] - # - name: public-cert - # mountPath: "/certs" -@@ -225,6 +227,10 @@ ports: - # only. - # hostIP: 192.168.100.10 - -+ # Override the liveness/readiness port. This is useful to integrate traefik -+ # with an external Load Balancer that performs healthchecks. -+ # healthchecksPort: 9000 -+ - # Defines whether the port is exposed if service.type is LoadBalancer or - # NodePort. - # -``` - -## 9.16.2 ![AppVersion: 2.4.7](https://img.shields.io/static/v1?label=AppVersion&message=2.4.7&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2021-03-09 - -* Bump Traefik to 2.4.7 - - -## 9.16.1 ![AppVersion: 2.4.6](https://img.shields.io/static/v1?label=AppVersion&message=2.4.6&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2021-03-09 - -* Adding custom labels to deployment - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index ba24be7..56abb93 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -16,6 +16,8 @@ deployment: - replicas: 1 - # Additional deployment annotations (e.g. for jaeger-operator sidecar injection) - annotations: {} -+ # Additional deployment labels (e.g. for filtering deployment by custom labels) -+ labels: {} - # Additional pod annotations (e.g. for mesh injection or prometheus scraping) - podAnnotations: {} - # Additional Pod labels (e.g. for filtering Pod by custom labels) -``` - -## 9.15.2 ![AppVersion: 2.4.6](https://img.shields.io/static/v1?label=AppVersion&message=2.4.6&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2021-03-02 - -* Upgrade Traefik to 2.4.6 - - -## 9.15.1 ![AppVersion: 2.4.5](https://img.shields.io/static/v1?label=AppVersion&message=2.4.5&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2021-03-02 - -* Configurable PVC name - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 1e0e5a9..ba24be7 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -327,6 +327,7 @@ autoscaling: - # It will persist TLS certificates. - persistence: - enabled: false -+ name: data - # existingClaim: "" - accessMode: ReadWriteOnce - size: 128Mi -``` - -## 9.14.4 ![AppVersion: 2.4.5](https://img.shields.io/static/v1?label=AppVersion&message=2.4.5&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2021-03-02 - -* fix typo - - -## 9.14.3 ![AppVersion: 2.4.5](https://img.shields.io/static/v1?label=AppVersion&message=2.4.5&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2021-02-19 - -* Bump Traefik to 2.4.5 - - -## 9.14.2 ![AppVersion: 2.4.2](https://img.shields.io/static/v1?label=AppVersion&message=2.4.2&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2021-02-03 - -* docs: indent nit for dsdsocket example - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 56485ad..1e0e5a9 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -33,7 +33,7 @@ deployment: - additionalVolumes: [] - # - name: dsdsocket - # hostPath: -- # path: /var/run/statsd-exporter -+ # path: /var/run/statsd-exporter - # Additional initContainers (e.g. for setting file permission as shown below) - initContainers: [] - # The "volume-permissions" init container is required if you run into permission issues. -``` - -## 9.14.1 ![AppVersion: 2.4.2](https://img.shields.io/static/v1?label=AppVersion&message=2.4.2&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2021-02-03 - -* Update Traefik to 2.4.2 - - -## 9.14.0 ![AppVersion: 2.4.0](https://img.shields.io/static/v1?label=AppVersion&message=2.4.0&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2021-02-01 - -* Enable Kubernetes Gateway provider with an experimental flag - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 50cab94..56485ad 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -71,6 +71,13 @@ pilot: - experimental: - plugins: - enabled: false -+ kubernetesGateway: -+ enabled: false -+ appLabelSelector: "traefik" -+ certificates: [] -+ # - group: "core" -+ # kind: "Secret" -+ # name: "mysecret" - - # Create an IngressRoute for the dashboard - ingressRoute: -``` - -## 9.13.0 ![AppVersion: 2.4.0](https://img.shields.io/static/v1?label=AppVersion&message=2.4.0&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2021-01-22 - -* Update Traefik to 2.4 and add resources - - -## 9.12.3 ![AppVersion: 2.3.6](https://img.shields.io/static/v1?label=AppVersion&message=2.3.6&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-12-31 - -* Revert API Upgrade - - -## 9.12.2 ![AppVersion: 2.3.6](https://img.shields.io/static/v1?label=AppVersion&message=2.3.6&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-12-31 - -* Bump Traefik to 2.3.6 - - -## 9.12.1 ![AppVersion: 2.3.3](https://img.shields.io/static/v1?label=AppVersion&message=2.3.3&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-12-30 - -* Resolve #303, change CRD version from v1beta1 to v1 - - -## 9.12.0 ![AppVersion: 2.3.3](https://img.shields.io/static/v1?label=AppVersion&message=2.3.3&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-12-30 - -* Implement support for DaemonSet - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 60a721d..50cab94 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -10,7 +10,9 @@ image: - # - deployment: - enabled: true -- # Number of pods of the deployment -+ # Can be either Deployment or DaemonSet -+ kind: Deployment -+ # Number of pods of the deployment (only applies when kind == Deployment) - replicas: 1 - # Additional deployment annotations (e.g. for jaeger-operator sidecar injection) - annotations: {} -``` - -## 9.11.0 ![AppVersion: 2.3.3](https://img.shields.io/static/v1?label=AppVersion&message=2.3.3&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-11-20 - -* add podLabels - custom labels - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index a187df7..60a721d 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -16,6 +16,8 @@ deployment: - annotations: {} - # Additional pod annotations (e.g. for mesh injection or prometheus scraping) - podAnnotations: {} -+ # Additional Pod labels (e.g. for filtering Pod by custom labels) -+ podLabels: {} - # Additional containers (e.g. for metric offloading sidecars) - additionalContainers: [] - # https://docs.datadoghq.com/developers/dogstatsd/unix_socket/?tab=host -``` - -## 9.10.2 ![AppVersion: 2.3.3](https://img.shields.io/static/v1?label=AppVersion&message=2.3.3&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-11-20 - -* Bump Traefik to 2.3.3 - - -## 9.10.1 ![AppVersion: 2.3.1](https://img.shields.io/static/v1?label=AppVersion&message=2.3.1&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-11-04 - -* Specify IngressClass resource when checking for cluster capability - - -## 9.10.0 ![AppVersion: 2.3.1](https://img.shields.io/static/v1?label=AppVersion&message=2.3.1&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-11-03 - -* Add list of watched provider namespaces - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index e6b85ca..a187df7 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -88,8 +88,12 @@ rollingUpdate: - providers: - kubernetesCRD: - enabled: true -+ namespaces: [] -+ # - "default" - kubernetesIngress: - enabled: true -+ namespaces: [] -+ # - "default" - # IP used for Kubernetes Ingress endpoints - publishedService: - enabled: false -``` - -## 9.9.0 ![AppVersion: 2.3.1](https://img.shields.io/static/v1?label=AppVersion&message=2.3.1&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-11-03 - -* Add additionalVolumeMounts for traefik container - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 37dd151..e6b85ca 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -111,6 +111,12 @@ volumes: [] - # mountPath: "/config" - # type: configMap - -+# Additional volumeMounts to add to the Traefik container -+additionalVolumeMounts: [] -+ # For instance when using a logshipper for access logs -+ # - name: traefik-logs -+ # mountPath: /var/log/traefik -+ - # Logs - # https://docs.traefik.io/observability/logs/ - logs: -``` - -## 9.8.4 ![AppVersion: 2.3.1](https://img.shields.io/static/v1?label=AppVersion&message=2.3.1&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-11-03 - -* fix: multiple ImagePullSecrets - - -## 9.8.3 ![AppVersion: 2.3.1](https://img.shields.io/static/v1?label=AppVersion&message=2.3.1&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-10-30 - -* Add imagePullSecrets - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 87f60c0..37dd151 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -42,6 +42,9 @@ deployment: - # mountPath: /data - # Custom pod DNS policy. Apply if `hostNetwork: true` - # dnsPolicy: ClusterFirstWithHostNet -+ # Additional imagePullSecrets -+ imagePullSecrets: [] -+ # - name: myRegistryKeySecretName - - # Pod disruption budget - podDisruptionBudget: -``` - -## 9.8.2 ![AppVersion: 2.3.1](https://img.shields.io/static/v1?label=AppVersion&message=2.3.1&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-10-28 - -* Add chart repo to source - - -## 9.8.1 ![AppVersion: 2.3.1](https://img.shields.io/static/v1?label=AppVersion&message=2.3.1&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-10-23 - -* fix semver compare - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 4ca1f8f..87f60c0 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -1,7 +1,8 @@ - # Default values for Traefik - image: - name: traefik -- tag: 2.3.1 -+ # defaults to appVersion -+ tag: "" - pullPolicy: IfNotPresent - - # -``` - -## 9.8.0 ![AppVersion: 2.3.1](https://img.shields.io/static/v1?label=AppVersion&message=2.3.1&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-10-20 - -* feat: Enable entrypoint tls config + TLSOption - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index eee3622..4ca1f8f 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -231,6 +231,31 @@ ports: - # The port protocol (TCP/UDP) - protocol: TCP - # nodePort: 32443 -+ # Set TLS at the entrypoint -+ # https://doc.traefik.io/traefik/routing/entrypoints/#tls -+ tls: -+ enabled: false -+ # this is the name of a TLSOption definition -+ options: "" -+ certResolver: "" -+ domains: [] -+ # - main: example.com -+ # sans: -+ # - foo.example.com -+ # - bar.example.com -+ -+# TLS Options are created as TLSOption CRDs -+# https://doc.traefik.io/traefik/https/tls/#tls-options -+# Example: -+# tlsOptions: -+# default: -+# sniStrict: true -+# preferServerCipherSuites: true -+# foobar: -+# curvePreferences: -+# - CurveP521 -+# - CurveP384 -+tlsOptions: {} - - # Options for the main traefik service, where the entrypoints traffic comes - # from. -``` - -## 9.7.0 ![AppVersion: 2.3.1](https://img.shields.io/static/v1?label=AppVersion&message=2.3.1&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-10-15 - -* Add a configuration option for an emptyDir as plugin storage - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index b7153a1..eee3622 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -54,10 +54,16 @@ ingressClass: - enabled: false - isDefaultClass: false - -+# Activate Pilot integration - pilot: - enabled: false - token: "" - -+# Enable experimental features -+experimental: -+ plugins: -+ enabled: false -+ - # Create an IngressRoute for the dashboard - ingressRoute: - dashboard: -``` - -## 9.6.0 ![AppVersion: 2.3.1](https://img.shields.io/static/v1?label=AppVersion&message=2.3.1&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-10-15 - -* Add additional volumes for init and additional containers - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 9bac45e..b7153a1 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -17,6 +17,18 @@ deployment: - podAnnotations: {} - # Additional containers (e.g. for metric offloading sidecars) - additionalContainers: [] -+ # https://docs.datadoghq.com/developers/dogstatsd/unix_socket/?tab=host -+ # - name: socat-proxy -+ # image: alpine/socat:1.0.5 -+ # args: ["-s", "-u", "udp-recv:8125", "unix-sendto:/socket/socket"] -+ # volumeMounts: -+ # - name: dsdsocket -+ # mountPath: /socket -+ # Additional volumes available for use with initContainers and additionalContainers -+ additionalVolumes: [] -+ # - name: dsdsocket -+ # hostPath: -+ # path: /var/run/statsd-exporter - # Additional initContainers (e.g. for setting file permission as shown below) - initContainers: [] - # The "volume-permissions" init container is required if you run into permission issues. -``` - -## 9.5.2 ![AppVersion: 2.3.1](https://img.shields.io/static/v1?label=AppVersion&message=2.3.1&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-10-15 - -* Replace extensions with policy because of deprecation - - -## 9.5.1 ![AppVersion: 2.3.1](https://img.shields.io/static/v1?label=AppVersion&message=2.3.1&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-10-14 - -* Template custom volume name - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 5a8d8ea..9bac45e 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -76,7 +76,7 @@ providers: - # pathOverride: "" - - # --# Add volumes to the traefik pod. -+# Add volumes to the traefik pod. The volume name will be passed to tpl. - # This can be used to mount a cert pair or a configmap that holds a config.toml file. - # After the volume has been mounted, add the configs into traefik by using the `additionalArguments` list below, eg: - # additionalArguments: -@@ -85,7 +85,7 @@ volumes: [] - # - name: public-cert - # mountPath: "/certs" - # type: secret --# - name: configs -+# - name: '{{ printf "%s-configs" .Release.Name }}' - # mountPath: "/config" - # type: configMap - -``` - -## 9.5.0 ![AppVersion: 2.3.1](https://img.shields.io/static/v1?label=AppVersion&message=2.3.1&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-10-02 - -* Create PodSecurityPolicy and RBAC when needed. - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 8c4d866..5a8d8ea 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -281,6 +281,10 @@ rbac: - # If set to true, installs namespace-specific Role and RoleBinding and requires provider configuration be set to that same namespace - namespaced: false - -+# Enable to create a PodSecurityPolicy and assign it to the Service Account via RoleBindin or ClusterRoleBinding -+podSecurityPolicy: -+ enabled: false -+ - # The service account the pods will use to interact with the Kubernetes API - serviceAccount: - # If set, an existing service account is used -``` - -## 9.4.3 ![AppVersion: 2.3.1](https://img.shields.io/static/v1?label=AppVersion&message=2.3.1&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-10-02 - -* Update traefik to v2.3.1 - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 3df75a4..8c4d866 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -1,7 +1,7 @@ - # Default values for Traefik - image: - name: traefik -- tag: 2.3.0 -+ tag: 2.3.1 - pullPolicy: IfNotPresent - - # -``` - -## 9.4.2 ![AppVersion: 2.3.0](https://img.shields.io/static/v1?label=AppVersion&message=2.3.0&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-10-02 - -* Add Artifact Hub repository metadata file - - -## 9.4.1 ![AppVersion: 2.3.0](https://img.shields.io/static/v1?label=AppVersion&message=2.3.0&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-10-01 - -* Fix broken chart icon url - - -## 9.4.0 ![AppVersion: 2.3.0](https://img.shields.io/static/v1?label=AppVersion&message=2.3.0&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-10-01 - -* Allow to specify custom labels on Service - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index a6175ff..3df75a4 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -221,6 +221,8 @@ service: - type: LoadBalancer - # Additional annotations (e.g. for cloud provider specific config) - annotations: {} -+ # Additional service labels (e.g. for filtering Service by custom labels) -+ labels: {} - # Additional entries here will be added to the service spec. Cannot contains - # type, selector or ports entries. - spec: {} -``` - -## 9.3.0 ![AppVersion: 2.3.0](https://img.shields.io/static/v1?label=AppVersion&message=2.3.0&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-09-24 - -* Release Traefik 2.3 - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index fba955d..a6175ff 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -1,7 +1,7 @@ - # Default values for Traefik - image: - name: traefik -- tag: 2.2.8 -+ tag: 2.3.0 - pullPolicy: IfNotPresent - - # -@@ -36,6 +36,16 @@ podDisruptionBudget: - # maxUnavailable: 1 - # minAvailable: 0 - -+# Use ingressClass. Ignored if Traefik version < 2.3 / kubernetes < 1.18.x -+ingressClass: -+ # true is not unit-testable yet, pending https://github.com/rancher/helm-unittest/pull/12 -+ enabled: false -+ isDefaultClass: false -+ -+pilot: -+ enabled: false -+ token: "" -+ - # Create an IngressRoute for the dashboard - ingressRoute: - dashboard: -``` - -## 9.2.1 ![AppVersion: 2.2.8](https://img.shields.io/static/v1?label=AppVersion&message=2.2.8&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-09-18 - -* Add new helm url - - -## 9.2.0 ![AppVersion: 2.2.8](https://img.shields.io/static/v1?label=AppVersion&message=2.2.8&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-09-16 - -* chore: move to new organization. - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 9f52c39..fba955d 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -20,7 +20,7 @@ deployment: - # Additional initContainers (e.g. for setting file permission as shown below) - initContainers: [] - # The "volume-permissions" init container is required if you run into permission issues. -- # Related issue: https://github.com/containous/traefik/issues/6972 -+ # Related issue: https://github.com/traefik/traefik/issues/6972 - # - name: volume-permissions - # image: busybox:1.31.1 - # command: ["sh", "-c", "chmod -Rv 600 /data/*"] -``` - -## 9.1.1 ![AppVersion: 2.2.8](https://img.shields.io/static/v1?label=AppVersion&message=2.2.8&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-09-04 - -* Update reference to using kubectl proxy to kubectl port-forward - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 7b74a39..9f52c39 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -175,7 +175,7 @@ ports: - # - # You SHOULD NOT expose the traefik port on production deployments. - # If you want to access it from outside of your cluster, -- # use `kubectl proxy` or create a secure ingress -+ # use `kubectl port-forward` or create a secure ingress - expose: false - # The exposed port for this service - exposedPort: 9000 -``` - -## 9.1.0 ![AppVersion: 2.2.8](https://img.shields.io/static/v1?label=AppVersion&message=2.2.8&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-08-24 - -* PublishedService option - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index e161a14..7b74a39 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -58,6 +58,12 @@ providers: - enabled: true - kubernetesIngress: - enabled: true -+ # IP used for Kubernetes Ingress endpoints -+ publishedService: -+ enabled: false -+ # Published Kubernetes Service to copy status from. Format: namespace/servicename -+ # By default this Traefik service -+ # pathOverride: "" - - # - # Add volumes to the traefik pod. -``` - -## 9.0.0 ![AppVersion: 2.2.8](https://img.shields.io/static/v1?label=AppVersion&message=2.2.8&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-08-21 - -* feat: Move Chart apiVersion: v2 - - -## 8.13.3 ![AppVersion: 2.2.8](https://img.shields.io/static/v1?label=AppVersion&message=2.2.8&color=success&logo=) ![Helm: v2](https://img.shields.io/static/v1?label=Helm&message=v2&color=inactive&logo=helm) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-08-21 - -* bug: Check for port config - - -## 8.13.2 ![AppVersion: 2.2.8](https://img.shields.io/static/v1?label=AppVersion&message=2.2.8&color=success&logo=) ![Helm: v2](https://img.shields.io/static/v1?label=Helm&message=v2&color=inactive&logo=helm) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-08-19 - -* Fix log level configuration - - -## 8.13.1 ![AppVersion: 2.2.8](https://img.shields.io/static/v1?label=AppVersion&message=2.2.8&color=success&logo=) ![Helm: v2](https://img.shields.io/static/v1?label=Helm&message=v2&color=inactive&logo=helm) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-08-18 - -* Dont redirect to websecure by default - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 67276f7..e161a14 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -188,7 +188,7 @@ ports: - # Port Redirections - # Added in 2.2, you can make permanent redirects via entrypoints. - # https://docs.traefik.io/routing/entrypoints/#redirection -- redirectTo: websecure -+ # redirectTo: websecure - websecure: - port: 8443 - # hostPort: 8443 -``` - -## 8.13.0 ![AppVersion: 2.2.8](https://img.shields.io/static/v1?label=AppVersion&message=2.2.8&color=success&logo=) ![Helm: v2](https://img.shields.io/static/v1?label=Helm&message=v2&color=inactive&logo=helm) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-08-18 - -* Add logging, and http redirect config - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 6f79580..67276f7 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -73,6 +73,48 @@ volumes: [] - # mountPath: "/config" - # type: configMap - -+# Logs -+# https://docs.traefik.io/observability/logs/ -+logs: -+ # Traefik logs concern everything that happens to Traefik itself (startup, configuration, events, shutdown, and so on). -+ general: -+ # By default, the logs use a text format (common), but you can -+ # also ask for the json format in the format option -+ # format: json -+ # By default, the level is set to ERROR. Alternative logging levels are DEBUG, PANIC, FATAL, ERROR, WARN, and INFO. -+ level: ERROR -+ access: -+ # To enable access logs -+ enabled: false -+ # By default, logs are written using the Common Log Format (CLF). -+ # To write logs in JSON, use json in the format option. -+ # If the given format is unsupported, the default (CLF) is used instead. -+ # format: json -+ # To write the logs in an asynchronous fashion, specify a bufferingSize option. -+ # This option represents the number of log lines Traefik will keep in memory before writing -+ # them to the selected output. In some cases, this option can greatly help performances. -+ # bufferingSize: 100 -+ # Filtering https://docs.traefik.io/observability/access-logs/#filtering -+ filters: {} -+ # statuscodes: "200,300-302" -+ # retryattempts: true -+ # minduration: 10ms -+ # Fields -+ # https://docs.traefik.io/observability/access-logs/#limiting-the-fieldsincluding-headers -+ fields: -+ general: -+ defaultmode: keep -+ names: {} -+ # Examples: -+ # ClientUsername: drop -+ headers: -+ defaultmode: drop -+ names: {} -+ # Examples: -+ # User-Agent: redact -+ # Authorization: drop -+ # Content-Type: keep -+ - globalArguments: - - "--global.checknewversion" - - "--global.sendanonymoususage" -@@ -143,6 +185,10 @@ ports: - # Use nodeport if set. This is useful if you have configured Traefik in a - # LoadBalancer - # nodePort: 32080 -+ # Port Redirections -+ # Added in 2.2, you can make permanent redirects via entrypoints. -+ # https://docs.traefik.io/routing/entrypoints/#redirection -+ redirectTo: websecure - websecure: - port: 8443 - # hostPort: 8443 -``` - -## 8.12.0 ![AppVersion: 2.2.8](https://img.shields.io/static/v1?label=AppVersion&message=2.2.8&color=success&logo=) ![Helm: v2](https://img.shields.io/static/v1?label=Helm&message=v2&color=inactive&logo=helm) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-08-14 - -* Add image pull policy - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 10b3949..6f79580 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -2,6 +2,7 @@ - image: - name: traefik - tag: 2.2.8 -+ pullPolicy: IfNotPresent - - # - # Configure the deployment -``` - -## 8.11.0 ![AppVersion: 2.2.8](https://img.shields.io/static/v1?label=AppVersion&message=2.2.8&color=success&logo=) ![Helm: v2](https://img.shields.io/static/v1?label=Helm&message=v2&color=inactive&logo=helm) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-08-12 - -* Add dns policy option - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 80ddaaa..10b3949 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -26,6 +26,8 @@ deployment: - # volumeMounts: - # - name: data - # mountPath: /data -+ # Custom pod DNS policy. Apply if `hostNetwork: true` -+ # dnsPolicy: ClusterFirstWithHostNet - - # Pod disruption budget - podDisruptionBudget: -``` - -## 8.10.0 ![AppVersion: 2.2.8](https://img.shields.io/static/v1?label=AppVersion&message=2.2.8&color=success&logo=) ![Helm: v2](https://img.shields.io/static/v1?label=Helm&message=v2&color=inactive&logo=helm) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-08-11 - -* Add hostIp to port configuration - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 936ab92..80ddaaa 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -112,6 +112,12 @@ ports: - port: 9000 - # Use hostPort if set. - # hostPort: 9000 -+ # -+ # Use hostIP if set. If not set, Kubernetes will default to 0.0.0.0, which -+ # means it's listening on all your interfaces and all your IPs. You may want -+ # to set this value if you need traefik to listen on specific interface -+ # only. -+ # hostIP: 192.168.100.10 - - # Defines whether the port is exposed if service.type is LoadBalancer or - # NodePort. -``` - -## 8.9.2 ![AppVersion: 2.2.8](https://img.shields.io/static/v1?label=AppVersion&message=2.2.8&color=success&logo=) ![Helm: v2](https://img.shields.io/static/v1?label=Helm&message=v2&color=inactive&logo=helm) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-08-10 - -* Bump Traefik to 2.2.8 - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 42ee893..936ab92 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -1,7 +1,7 @@ - # Default values for Traefik - image: - name: traefik -- tag: 2.2.5 -+ tag: 2.2.8 - - # - # Configure the deployment -``` - -## 8.9.1 ![AppVersion: 2.2.5](https://img.shields.io/static/v1?label=AppVersion&message=2.2.5&color=success&logo=) ![Helm: v2](https://img.shields.io/static/v1?label=Helm&message=v2&color=inactive&logo=helm) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-07-15 - -* Upgrade traefik version - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index a7fb668..42ee893 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -1,7 +1,7 @@ - # Default values for Traefik - image: - name: traefik -- tag: 2.2.1 -+ tag: 2.2.5 - - # - # Configure the deployment -``` - -## 8.9.0 ![AppVersion: 2.2.1](https://img.shields.io/static/v1?label=AppVersion&message=2.2.1&color=success&logo=) ![Helm: v2](https://img.shields.io/static/v1?label=Helm&message=v2&color=inactive&logo=helm) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-07-08 - -* run init container to set proper permissions on volume - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 62e3a77..a7fb668 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -16,6 +16,16 @@ deployment: - podAnnotations: {} - # Additional containers (e.g. for metric offloading sidecars) - additionalContainers: [] -+ # Additional initContainers (e.g. for setting file permission as shown below) -+ initContainers: [] -+ # The "volume-permissions" init container is required if you run into permission issues. -+ # Related issue: https://github.com/containous/traefik/issues/6972 -+ # - name: volume-permissions -+ # image: busybox:1.31.1 -+ # command: ["sh", "-c", "chmod -Rv 600 /data/*"] -+ # volumeMounts: -+ # - name: data -+ # mountPath: /data - - # Pod disruption budget - podDisruptionBudget: -``` - -## 8.8.1 ![AppVersion: 2.2.1](https://img.shields.io/static/v1?label=AppVersion&message=2.2.1&color=success&logo=) ![Helm: v2](https://img.shields.io/static/v1?label=Helm&message=v2&color=inactive&logo=helm) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-07-02 - -* Additional container fix - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 85df29c..62e3a77 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -15,7 +15,7 @@ deployment: - # Additional pod annotations (e.g. for mesh injection or prometheus scraping) - podAnnotations: {} - # Additional containers (e.g. for metric offloading sidecars) -- additionalContainers: {} -+ additionalContainers: [] - - # Pod disruption budget - podDisruptionBudget: -``` - -## 8.8.0 ![AppVersion: 2.2.1](https://img.shields.io/static/v1?label=AppVersion&message=2.2.1&color=success&logo=) ![Helm: v2](https://img.shields.io/static/v1?label=Helm&message=v2&color=inactive&logo=helm) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-07-01 - -* added additionalContainers option to chart - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 6a9dfd8..85df29c 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -14,6 +14,8 @@ deployment: - annotations: {} - # Additional pod annotations (e.g. for mesh injection or prometheus scraping) - podAnnotations: {} -+ # Additional containers (e.g. for metric offloading sidecars) -+ additionalContainers: {} - - # Pod disruption budget - podDisruptionBudget: -``` - -## 8.7.2 ![AppVersion: 2.2.1](https://img.shields.io/static/v1?label=AppVersion&message=2.2.1&color=success&logo=) ![Helm: v2](https://img.shields.io/static/v1?label=Helm&message=v2&color=inactive&logo=helm) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-06-30 - -* Update image - - -## 8.7.1 ![AppVersion: 2.2.1](https://img.shields.io/static/v1?label=AppVersion&message=2.2.1&color=success&logo=) ![Helm: v2](https://img.shields.io/static/v1?label=Helm&message=v2&color=inactive&logo=helm) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-06-26 - -* Update values.yaml - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 05f9eab..6a9dfd8 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -196,7 +196,7 @@ rbac: - # If set to true, installs namespace-specific Role and RoleBinding and requires provider configuration be set to that same namespace - namespaced: false - --# The service account the pods will use to interact with the Kubernates API -+# The service account the pods will use to interact with the Kubernetes API - serviceAccount: - # If set, an existing service account is used - # If not set, a service account is created automatically using the fullname template -``` - -## 8.7.0 ![AppVersion: 2.2.1](https://img.shields.io/static/v1?label=AppVersion&message=2.2.1&color=success&logo=) ![Helm: v2](https://img.shields.io/static/v1?label=Helm&message=v2&color=inactive&logo=helm) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-06-23 - -* Add option to disable providers - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 102ae00..05f9eab 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -34,6 +34,16 @@ rollingUpdate: - maxUnavailable: 1 - maxSurge: 1 - -+ -+# -+# Configure providers -+# -+providers: -+ kubernetesCRD: -+ enabled: true -+ kubernetesIngress: -+ enabled: true -+ - # - # Add volumes to the traefik pod. - # This can be used to mount a cert pair or a configmap that holds a config.toml file. -``` - -## 8.6.1 ![AppVersion: 2.2.1](https://img.shields.io/static/v1?label=AppVersion&message=2.2.1&color=success&logo=) ![Helm: v2](https://img.shields.io/static/v1?label=Helm&message=v2&color=inactive&logo=helm) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-06-18 - -* Fix read-only /tmp - - -## 8.6.0 ![AppVersion: 2.2.1](https://img.shields.io/static/v1?label=AppVersion&message=2.2.1&color=success&logo=) ![Helm: v2](https://img.shields.io/static/v1?label=Helm&message=v2&color=inactive&logo=helm) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-06-17 - -* Add existing PVC support(#158) - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index b2f4fc3..102ae00 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -164,6 +164,7 @@ autoscaling: - # It will persist TLS certificates. - persistence: - enabled: false -+# existingClaim: "" - accessMode: ReadWriteOnce - size: 128Mi - # storageClass: "" -``` - -## 8.5.0 ![AppVersion: 2.2.1](https://img.shields.io/static/v1?label=AppVersion&message=2.2.1&color=success&logo=) ![Helm: v2](https://img.shields.io/static/v1?label=Helm&message=v2&color=inactive&logo=helm) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-06-16 - -* UDP support - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 9a9b668..b2f4fc3 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -100,11 +100,15 @@ ports: - expose: false - # The exposed port for this service - exposedPort: 9000 -+ # The port protocol (TCP/UDP) -+ protocol: TCP - web: - port: 8000 - # hostPort: 8000 - expose: true - exposedPort: 80 -+ # The port protocol (TCP/UDP) -+ protocol: TCP - # Use nodeport if set. This is useful if you have configured Traefik in a - # LoadBalancer - # nodePort: 32080 -@@ -113,6 +117,8 @@ ports: - # hostPort: 8443 - expose: true - exposedPort: 443 -+ # The port protocol (TCP/UDP) -+ protocol: TCP - # nodePort: 32443 - - # Options for the main traefik service, where the entrypoints traffic comes -``` - -## 8.4.1 ![AppVersion: 2.2.1](https://img.shields.io/static/v1?label=AppVersion&message=2.2.1&color=success&logo=) ![Helm: v2](https://img.shields.io/static/v1?label=Helm&message=v2&color=inactive&logo=helm) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-06-10 - -* Fix PDB with minAvailable set - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index e812b98..9a9b668 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -18,7 +18,7 @@ deployment: - # Pod disruption budget - podDisruptionBudget: - enabled: false -- maxUnavailable: 1 -+ # maxUnavailable: 1 - # minAvailable: 0 - - # Create an IngressRoute for the dashboard -``` - -## 8.4.0 ![AppVersion: 2.2.1](https://img.shields.io/static/v1?label=AppVersion&message=2.2.1&color=success&logo=) ![Helm: v2](https://img.shields.io/static/v1?label=Helm&message=v2&color=inactive&logo=helm) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-06-09 - -* Add pod disruption budget (#192) - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 5f44e5c..e812b98 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -15,6 +15,12 @@ deployment: - # Additional pod annotations (e.g. for mesh injection or prometheus scraping) - podAnnotations: {} - -+# Pod disruption budget -+podDisruptionBudget: -+ enabled: false -+ maxUnavailable: 1 -+ # minAvailable: 0 -+ - # Create an IngressRoute for the dashboard - ingressRoute: - dashboard: -``` - -## 8.3.0 ![AppVersion: 2.2.1](https://img.shields.io/static/v1?label=AppVersion&message=2.2.1&color=success&logo=) ![Helm: v2](https://img.shields.io/static/v1?label=Helm&message=v2&color=inactive&logo=helm) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-06-08 - -* Add option to disable RBAC and ServiceAccount - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 96bba18..5f44e5c 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -165,6 +165,20 @@ persistence: - # affinity is left as default. - hostNetwork: false - -+# Whether Role Based Access Control objects like roles and rolebindings should be created -+rbac: -+ enabled: true -+ -+ # If set to false, installs ClusterRole and ClusterRoleBinding so Traefik can be used across namespaces. -+ # If set to true, installs namespace-specific Role and RoleBinding and requires provider configuration be set to that same namespace -+ namespaced: false -+ -+# The service account the pods will use to interact with the Kubernates API -+serviceAccount: -+ # If set, an existing service account is used -+ # If not set, a service account is created automatically using the fullname template -+ name: "" -+ - # Additional serviceAccount annotations (e.g. for oidc authentication) - serviceAccountAnnotations: {} - -``` - -## 8.2.1 ![AppVersion: 2.2.1](https://img.shields.io/static/v1?label=AppVersion&message=2.2.1&color=success&logo=) ![Helm: v2](https://img.shields.io/static/v1?label=Helm&message=v2&color=inactive&logo=helm) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-05-25 - -* Remove suggested providers.kubernetesingress value - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index e35bdf9..96bba18 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -50,9 +50,9 @@ globalArguments: - # Configure Traefik static configuration - # Additional arguments to be passed at Traefik's binary - # All available options available on https://docs.traefik.io/reference/static-configuration/cli/ --## Use curly braces to pass values: `helm install --set="additionalArguments={--providers.kubernetesingress,--log.level=DEBUG}"` -+## Use curly braces to pass values: `helm install --set="additionalArguments={--providers.kubernetesingress.ingressclass=traefik-internal,--log.level=DEBUG}"` - additionalArguments: [] --# - "--providers.kubernetesingress" -+# - "--providers.kubernetesingress.ingressclass=traefik-internal" - # - "--log.level=DEBUG" - - # Environment variables to be passed to Traefik's binary -``` - -## 8.2.0 ![AppVersion: 2.2.1](https://img.shields.io/static/v1?label=AppVersion&message=2.2.1&color=success&logo=) ![Helm: v2](https://img.shields.io/static/v1?label=Helm&message=v2&color=inactive&logo=helm) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-05-18 - -* Add kubernetes ingress by default - - -## 8.1.5 ![AppVersion: 2.2.1](https://img.shields.io/static/v1?label=AppVersion&message=2.2.1&color=success&logo=) ![Helm: v2](https://img.shields.io/static/v1?label=Helm&message=v2&color=inactive&logo=helm) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-05-18 - -* Fix example log params in values.yml - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index abe2334..e35bdf9 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -50,10 +50,10 @@ globalArguments: - # Configure Traefik static configuration - # Additional arguments to be passed at Traefik's binary - # All available options available on https://docs.traefik.io/reference/static-configuration/cli/ --## Use curly braces to pass values: `helm install --set="additionalArguments={--providers.kubernetesingress,--logs.level=DEBUG}"` -+## Use curly braces to pass values: `helm install --set="additionalArguments={--providers.kubernetesingress,--log.level=DEBUG}"` - additionalArguments: [] - # - "--providers.kubernetesingress" --# - "--logs.level=DEBUG" -+# - "--log.level=DEBUG" - - # Environment variables to be passed to Traefik's binary - env: [] -``` - -## 8.1.4 ![AppVersion: 2.2.1](https://img.shields.io/static/v1?label=AppVersion&message=2.2.1&color=success&logo=) ![Helm: v2](https://img.shields.io/static/v1?label=Helm&message=v2&color=inactive&logo=helm) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-04-30 - -* Update Traefik to v2.2.1 - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 57cc7e1..abe2334 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -1,7 +1,7 @@ - # Default values for Traefik - image: - name: traefik -- tag: 2.2.0 -+ tag: 2.2.1 - - # - # Configure the deployment -``` - -## 8.1.3 ![AppVersion: 2.2.0](https://img.shields.io/static/v1?label=AppVersion&message=2.2.0&color=success&logo=) ![Helm: v2](https://img.shields.io/static/v1?label=Helm&message=v2&color=inactive&logo=helm) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-04-29 - -* Clarify additionnal arguments log - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index d639f72..57cc7e1 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -50,9 +50,10 @@ globalArguments: - # Configure Traefik static configuration - # Additional arguments to be passed at Traefik's binary - # All available options available on https://docs.traefik.io/reference/static-configuration/cli/ --## Use curly braces to pass values: `helm install --set="additionalArguments={--providers.kubernetesingress,--global.checknewversion=true}"` -+## Use curly braces to pass values: `helm install --set="additionalArguments={--providers.kubernetesingress,--logs.level=DEBUG}"` - additionalArguments: [] - # - "--providers.kubernetesingress" -+# - "--logs.level=DEBUG" - - # Environment variables to be passed to Traefik's binary - env: [] -``` - -## 8.1.2 ![AppVersion: 2.2.0](https://img.shields.io/static/v1?label=AppVersion&message=2.2.0&color=success&logo=) ![Helm: v2](https://img.shields.io/static/v1?label=Helm&message=v2&color=inactive&logo=helm) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-04-23 - -* Remove invalid flags. (#161) - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 0e7aaef..d639f72 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -34,8 +34,6 @@ rollingUpdate: - # After the volume has been mounted, add the configs into traefik by using the `additionalArguments` list below, eg: - # additionalArguments: - # - "--providers.file.filename=/config/dynamic.toml" --# - "--tls.certificates.certFile=/certs/tls.crt" --# - "--tls.certificates.keyFile=/certs/tls.key" - volumes: [] - # - name: public-cert - # mountPath: "/certs" -``` - -## 8.1.1 ![AppVersion: 2.2.0](https://img.shields.io/static/v1?label=AppVersion&message=2.2.0&color=success&logo=) ![Helm: v2](https://img.shields.io/static/v1?label=Helm&message=v2&color=inactive&logo=helm) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-04-23 - -* clarify project philosophy and guidelines - - -## 8.1.0 ![AppVersion: 2.2.0](https://img.shields.io/static/v1?label=AppVersion&message=2.2.0&color=success&logo=) ![Helm: v2](https://img.shields.io/static/v1?label=Helm&message=v2&color=inactive&logo=helm) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-04-22 - -* Add priorityClassName & securityContext - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index d55a40a..0e7aaef 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -191,3 +191,20 @@ affinity: {} - # topologyKey: failure-domain.beta.kubernetes.io/zone - nodeSelector: {} - tolerations: [] -+ -+# Pods can have priority. -+# Priority indicates the importance of a Pod relative to other Pods. -+priorityClassName: "" -+ -+# Set the container security context -+# To run the container with ports below 1024 this will need to be adjust to run as root -+securityContext: -+ capabilities: -+ drop: [ALL] -+ readOnlyRootFilesystem: true -+ runAsGroup: 65532 -+ runAsNonRoot: true -+ runAsUser: 65532 -+ -+podSecurityContext: -+ fsGroup: 65532 -``` - -## 8.0.4 ![AppVersion: 2.2.0](https://img.shields.io/static/v1?label=AppVersion&message=2.2.0&color=success&logo=) ![Helm: v2](https://img.shields.io/static/v1?label=Helm&message=v2&color=inactive&logo=helm) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-04-20 - -* Possibility to bind environment variables via envFrom - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 7f8092e..d55a40a 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -71,6 +71,12 @@ env: [] - # name: secret-name - # key: secret-key - -+envFrom: [] -+# - configMapRef: -+# name: config-map-name -+# - secretRef: -+# name: secret-name -+ - # Configure ports - ports: - # The name of this one can't be changed as it is used for the readiness and -``` - -## 8.0.3 ![AppVersion: 2.2.0](https://img.shields.io/static/v1?label=AppVersion&message=2.2.0&color=success&logo=) ![Helm: v2](https://img.shields.io/static/v1?label=Helm&message=v2&color=inactive&logo=helm) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-04-15 - -* Add support for data volume subPath. (#147) - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 152339b..7f8092e 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -152,6 +152,7 @@ persistence: - # storageClass: "" - path: /data - annotations: {} -+ # subPath: "" # only mount a subpath of the Volume into the pod - - # If hostNetwork is true, runs traefik in the host network namespace - # To prevent unschedulabel pods due to port collisions, if hostNetwork=true -``` - -## 8.0.2 ![AppVersion: 2.2.0](https://img.shields.io/static/v1?label=AppVersion&message=2.2.0&color=success&logo=) ![Helm: v2](https://img.shields.io/static/v1?label=Helm&message=v2&color=inactive&logo=helm) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-04-10 - -* Ability to add custom labels to dashboard's IngressRoute - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 5d294b7..152339b 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -21,6 +21,8 @@ ingressRoute: - enabled: true - # Additional ingressRoute annotations (e.g. for kubernetes.io/ingress.class) - annotations: {} -+ # Additional ingressRoute labels (e.g. for filtering IngressRoute by custom labels) -+ labels: {} - - rollingUpdate: - maxUnavailable: 1 -``` - -## 8.0.1 ![AppVersion: 2.2.0](https://img.shields.io/static/v1?label=AppVersion&message=2.2.0&color=success&logo=) ![Helm: v2](https://img.shields.io/static/v1?label=Helm&message=v2&color=inactive&logo=helm) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-04-10 - -* rbac does not need "pods" per documentation - - -## 8.0.0 ![AppVersion: 2.2.0](https://img.shields.io/static/v1?label=AppVersion&message=2.2.0&color=success&logo=) ![Helm: v2](https://img.shields.io/static/v1?label=Helm&message=v2&color=inactive&logo=helm) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-04-07 - -* follow helm best practices - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index e61a9fd..5d294b7 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -10,7 +10,7 @@ deployment: - enabled: true - # Number of pods of the deployment - replicas: 1 -- # Addtional deployment annotations (e.g. for jaeger-operator sidecar injection) -+ # Additional deployment annotations (e.g. for jaeger-operator sidecar injection) - annotations: {} - # Additional pod annotations (e.g. for mesh injection or prometheus scraping) - podAnnotations: {} -@@ -19,7 +19,7 @@ deployment: - ingressRoute: - dashboard: - enabled: true -- # Addtional ingressRoute annotations (e.g. for kubernetes.io/ingress.class) -+ # Additional ingressRoute annotations (e.g. for kubernetes.io/ingress.class) - annotations: {} - - rollingUpdate: -``` - -## 7.2.1 ![AppVersion: 2.2.0](https://img.shields.io/static/v1?label=AppVersion&message=2.2.0&color=success&logo=) ![Helm: v2](https://img.shields.io/static/v1?label=Helm&message=v2&color=inactive&logo=helm) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-04-07 - -* add annotations to ingressRoute - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 15d1c25..e61a9fd 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -19,6 +19,8 @@ deployment: - ingressRoute: - dashboard: - enabled: true -+ # Addtional ingressRoute annotations (e.g. for kubernetes.io/ingress.class) -+ annotations: {} - - rollingUpdate: - maxUnavailable: 1 -``` - -## 7.2.0 ![AppVersion: 2.2.0](https://img.shields.io/static/v1?label=AppVersion&message=2.2.0&color=success&logo=) ![Helm: v2](https://img.shields.io/static/v1?label=Helm&message=v2&color=inactive&logo=helm) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-04-03 - -* Add support for helm 2 - - -## 7.1.0 ![AppVersion: 2.2.0](https://img.shields.io/static/v1?label=AppVersion&message=2.2.0&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-03-31 - -* Add support for externalIPs - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 6d6d13f..15d1c25 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -116,6 +116,8 @@ service: - loadBalancerSourceRanges: [] - # - 192.168.0.1/32 - # - 172.16.0.0/16 -+ externalIPs: [] -+ # - 1.2.3.4 - - ## Create HorizontalPodAutoscaler object. - ## -``` - -## 7.0.0 ![AppVersion: 2.2.0](https://img.shields.io/static/v1?label=AppVersion&message=2.2.0&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-03-27 - -* Remove secretsEnv value key - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 1ac720d..6d6d13f 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -52,18 +52,20 @@ globalArguments: - additionalArguments: [] - # - "--providers.kubernetesingress" - --# Secret to be set as environment variables to be passed to Traefik's binary --secretEnv: [] -- # - name: SOME_VAR -- # secretName: my-secret-name -- # secretKey: my-secret-key -- - # Environment variables to be passed to Traefik's binary - env: [] -- # - name: SOME_VAR -- # value: some-var-value -- # - name: SOME_OTHER_VAR -- # value: some-other-var-value -+# - name: SOME_VAR -+# value: some-var-value -+# - name: SOME_VAR_FROM_CONFIG_MAP -+# valueFrom: -+# configMapRef: -+# name: configmap-name -+# key: config-key -+# - name: SOME_SECRET -+# valueFrom: -+# secretKeyRef: -+# name: secret-name -+# key: secret-key - - # Configure ports - ports: -``` - -## 6.4.0 ![AppVersion: 2.2.0](https://img.shields.io/static/v1?label=AppVersion&message=2.2.0&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-03-27 - -* Add ability to set serviceAccount annotations - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 85abe42..1ac720d 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -151,6 +151,9 @@ persistence: - # affinity is left as default. - hostNetwork: false - -+# Additional serviceAccount annotations (e.g. for oidc authentication) -+serviceAccountAnnotations: {} -+ - resources: {} - # requests: - # cpu: "100m" -``` - -## 6.3.0 ![AppVersion: 2.2.0](https://img.shields.io/static/v1?label=AppVersion&message=2.2.0&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-03-27 - -* hpa - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 2f5d132..85abe42 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -115,6 +115,22 @@ service: - # - 192.168.0.1/32 - # - 172.16.0.0/16 - -+## Create HorizontalPodAutoscaler object. -+## -+autoscaling: -+ enabled: false -+# minReplicas: 1 -+# maxReplicas: 10 -+# metrics: -+# - type: Resource -+# resource: -+# name: cpu -+# targetAverageUtilization: 60 -+# - type: Resource -+# resource: -+# name: memory -+# targetAverageUtilization: 60 -+ - # Enable persistence using Persistent Volume Claims - # ref: http://kubernetes.io/docs/user-guide/persistent-volumes/ - # After the pvc has been mounted, add the configs into traefik by using the `additionalArguments` list below, eg: -``` - -## 6.2.0 ![AppVersion: 2.2.0](https://img.shields.io/static/v1?label=AppVersion&message=2.2.0&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-03-26 - -* Update to v2.2 (#96) - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index ebd2fde..2f5d132 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -1,7 +1,7 @@ - # Default values for Traefik - image: - name: traefik -- tag: 2.1.8 -+ tag: 2.2.0 - - # - # Configure the deployment -``` - -## 6.1.2 ![AppVersion: 2.1.8](https://img.shields.io/static/v1?label=AppVersion&message=2.1.8&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-03-20 - -* Upgrade traefik version - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 65c7665..ebd2fde 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -1,7 +1,7 @@ - # Default values for Traefik - image: - name: traefik -- tag: 2.1.4 -+ tag: 2.1.8 - - # - # Configure the deployment -``` - -## 6.1.1 ![AppVersion: 2.1.4](https://img.shields.io/static/v1?label=AppVersion&message=2.1.4&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-03-20 - -* Upgrade traefik version - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 89c7ac1..65c7665 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -1,7 +1,7 @@ - # Default values for Traefik - image: - name: traefik -- tag: 2.1.3 -+ tag: 2.1.4 - - # - # Configure the deployment -``` - -## 6.1.0 ![AppVersion: 2.1.3](https://img.shields.io/static/v1?label=AppVersion&message=2.1.3&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-03-20 - -* Add ability to add annotations to deployment - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 8d66111..89c7ac1 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -10,6 +10,8 @@ deployment: - enabled: true - # Number of pods of the deployment - replicas: 1 -+ # Addtional deployment annotations (e.g. for jaeger-operator sidecar injection) -+ annotations: {} - # Additional pod annotations (e.g. for mesh injection or prometheus scraping) - podAnnotations: {} - -``` - -## 6.0.2 ![AppVersion: 2.1.3](https://img.shields.io/static/v1?label=AppVersion&message=2.1.3&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-03-16 - -* Correct storage class key name - - -## 6.0.1 ![AppVersion: 2.1.3](https://img.shields.io/static/v1?label=AppVersion&message=2.1.3&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-03-16 - -* Change default values of arrays from objects to actual arrays - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 490b2b6..8d66111 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -51,13 +51,13 @@ additionalArguments: [] - # - "--providers.kubernetesingress" - - # Secret to be set as environment variables to be passed to Traefik's binary --secretEnv: {} -+secretEnv: [] - # - name: SOME_VAR - # secretName: my-secret-name - # secretKey: my-secret-key - - # Environment variables to be passed to Traefik's binary --env: {} -+env: [] - # - name: SOME_VAR - # value: some-var-value - # - name: SOME_OTHER_VAR -@@ -109,7 +109,7 @@ service: - # externalTrafficPolicy: Cluster - # loadBalancerIP: "1.2.3.4" - # clusterIP: "2.3.4.5" -- loadBalancerSourceRanges: {} -+ loadBalancerSourceRanges: [] - # - 192.168.0.1/32 - # - 172.16.0.0/16 - -``` - -## 6.0.0 ![AppVersion: 2.1.3](https://img.shields.io/static/v1?label=AppVersion&message=2.1.3&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-03-15 - -* Cleanup - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 7aebefe..490b2b6 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -18,15 +18,10 @@ ingressRoute: - dashboard: - enabled: true - --additional: -- checkNewVersion: true -- sendAnonymousUsage: true -- - rollingUpdate: - maxUnavailable: 1 - maxSurge: 1 - -- - # - # Add volumes to the traefik pod. - # This can be used to mount a cert pair or a configmap that holds a config.toml file. -@@ -43,9 +38,14 @@ volumes: [] - # mountPath: "/config" - # type: configMap - -+globalArguments: -+ - "--global.checknewversion" -+ - "--global.sendanonymoususage" -+ - # --# Configure Traefik entry points -+# Configure Traefik static configuration - # Additional arguments to be passed at Traefik's binary -+# All available options available on https://docs.traefik.io/reference/static-configuration/cli/ - ## Use curly braces to pass values: `helm install --set="additionalArguments={--providers.kubernetesingress,--global.checknewversion=true}"` - additionalArguments: [] - # - "--providers.kubernetesingress" -@@ -63,7 +63,7 @@ env: {} - # - name: SOME_OTHER_VAR - # value: some-other-var-value - --# -+# Configure ports - ports: - # The name of this one can't be changed as it is used for the readiness and - # liveness probes, but you can adjust its config to your liking -@@ -94,7 +94,7 @@ ports: - # hostPort: 8443 - expose: true - exposedPort: 443 -- # nodePort: 32443 -+ # nodePort: 32443 - - # Options for the main traefik service, where the entrypoints traffic comes - # from. -@@ -113,9 +113,6 @@ service: - # - 192.168.0.1/32 - # - 172.16.0.0/16 - --logs: -- loglevel: WARN -- - # Enable persistence using Persistent Volume Claims - # ref: http://kubernetes.io/docs/user-guide/persistent-volumes/ - # After the pvc has been mounted, add the configs into traefik by using the `additionalArguments` list below, eg: -``` - -## 5.6.0 ![AppVersion: 2.1.3](https://img.shields.io/static/v1?label=AppVersion&message=2.1.3&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-03-12 - -* Add field enabled for resources - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 38bb263..7aebefe 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -7,11 +7,17 @@ image: - # Configure the deployment - # - deployment: -+ enabled: true - # Number of pods of the deployment - replicas: 1 - # Additional pod annotations (e.g. for mesh injection or prometheus scraping) - podAnnotations: {} - -+# Create an IngressRoute for the dashboard -+ingressRoute: -+ dashboard: -+ enabled: true -+ - additional: - checkNewVersion: true - sendAnonymousUsage: true -@@ -93,6 +99,7 @@ ports: - # Options for the main traefik service, where the entrypoints traffic comes - # from. - service: -+ enabled: true - type: LoadBalancer - # Additional annotations (e.g. for cloud provider specific config) - annotations: {} -``` - -## 5.5.0 ![AppVersion: 2.1.3](https://img.shields.io/static/v1?label=AppVersion&message=2.1.3&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-03-12 - -* expose hostnetwork option - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index ecb2833..38bb263 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -123,6 +123,12 @@ persistence: - path: /data - annotations: {} - -+# If hostNetwork is true, runs traefik in the host network namespace -+# To prevent unschedulabel pods due to port collisions, if hostNetwork=true -+# and replicas>1, a pod anti-affinity is recommended and will be set if the -+# affinity is left as default. -+hostNetwork: false -+ - resources: {} - # requests: - # cpu: "100m" -@@ -131,5 +137,17 @@ resources: {} - # cpu: "300m" - # memory: "150Mi" - affinity: {} -+# # This example pod anti-affinity forces the scheduler to put traefik pods -+# # on nodes where no other traefik pods are scheduled. -+# # It should be used when hostNetwork: true to prevent port conflicts -+# podAntiAffinity: -+# requiredDuringSchedulingIgnoredDuringExecution: -+# - labelSelector: -+# matchExpressions: -+# - key: app -+# operator: In -+# values: -+# - {{ template "traefik.name" . }} -+# topologyKey: failure-domain.beta.kubernetes.io/zone - nodeSelector: {} - tolerations: [] -``` - -## 5.4.0 ![AppVersion: 2.1.3](https://img.shields.io/static/v1?label=AppVersion&message=2.1.3&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-03-12 - -* Add support for hostport - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index ec1d619..ecb2833 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -63,6 +63,9 @@ ports: - # liveness probes, but you can adjust its config to your liking - traefik: - port: 9000 -+ # Use hostPort if set. -+ # hostPort: 9000 -+ - # Defines whether the port is exposed if service.type is LoadBalancer or - # NodePort. - # -@@ -74,6 +77,7 @@ ports: - exposedPort: 9000 - web: - port: 8000 -+ # hostPort: 8000 - expose: true - exposedPort: 80 - # Use nodeport if set. This is useful if you have configured Traefik in a -@@ -81,6 +85,7 @@ ports: - # nodePort: 32080 - websecure: - port: 8443 -+ # hostPort: 8443 - expose: true - exposedPort: 443 - # nodePort: 32443 -``` - -## 5.3.3 ![AppVersion: 2.1.3](https://img.shields.io/static/v1?label=AppVersion&message=2.1.3&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-03-12 - -* Fix replica check - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 7f31548..ec1d619 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -40,7 +40,7 @@ volumes: [] - # - # Configure Traefik entry points - # Additional arguments to be passed at Traefik's binary --## Use curly braces to pass values: `helm install --set="{--providers.kubernetesingress,--global.checknewversion=true}" ." -+## Use curly braces to pass values: `helm install --set="additionalArguments={--providers.kubernetesingress,--global.checknewversion=true}"` - additionalArguments: [] - # - "--providers.kubernetesingress" - -``` - -## 5.3.2 ![AppVersion: 2.1.3](https://img.shields.io/static/v1?label=AppVersion&message=2.1.3&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-03-11 - -* Fixed typo in README - - -## 5.3.1 ![AppVersion: 2.1.3](https://img.shields.io/static/v1?label=AppVersion&message=2.1.3&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-03-11 - -* Production ready - - -## 5.3.0 ![AppVersion: 2.1.3](https://img.shields.io/static/v1?label=AppVersion&message=2.1.3&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-03-11 - -* Not authorise acme if replica > 1 - - -## 5.2.1 ![AppVersion: 2.1.3](https://img.shields.io/static/v1?label=AppVersion&message=2.1.3&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-03-11 - -* Fix volume mount - - -## 5.2.0 ![AppVersion: 2.1.3](https://img.shields.io/static/v1?label=AppVersion&message=2.1.3&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-03-11 - -* Add secret as env var - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index ccea845..7f31548 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -44,12 +44,18 @@ volumes: [] - additionalArguments: [] - # - "--providers.kubernetesingress" - -+# Secret to be set as environment variables to be passed to Traefik's binary -+secretEnv: {} -+ # - name: SOME_VAR -+ # secretName: my-secret-name -+ # secretKey: my-secret-key -+ - # Environment variables to be passed to Traefik's binary - env: {} --# - name: SOME_VAR --# value: some-var-value --# - name: SOME_OTHER_VAR --# value: some-other-var-value -+ # - name: SOME_VAR -+ # value: some-var-value -+ # - name: SOME_OTHER_VAR -+ # value: some-other-var-value - - # - ports: -``` - -## 5.1.0 ![AppVersion: 2.1.3](https://img.shields.io/static/v1?label=AppVersion&message=2.1.3&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-03-10 - -* Enhance security by add loadBalancerSourceRanges to lockdown ip address. - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 78bbee0..ccea845 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -91,6 +91,9 @@ service: - # externalTrafficPolicy: Cluster - # loadBalancerIP: "1.2.3.4" - # clusterIP: "2.3.4.5" -+ loadBalancerSourceRanges: {} -+ # - 192.168.0.1/32 -+ # - 172.16.0.0/16 - - logs: - loglevel: WARN -``` - -## 5.0.0 ![AppVersion: 2.1.3](https://img.shields.io/static/v1?label=AppVersion&message=2.1.3&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-03-10 - -* Expose dashboard by default but only on traefik entrypoint - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index a442fca..78bbee0 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -92,15 +92,6 @@ service: - # loadBalancerIP: "1.2.3.4" - # clusterIP: "2.3.4.5" - --dashboard: -- # Enable the dashboard on Traefik -- enable: true -- -- # Expose the dashboard and api through an ingress route at /dashboard -- # and /api This is not secure and SHOULD NOT be enabled on production -- # deployments -- ingressRoute: false -- - logs: - loglevel: WARN - -``` - -## 4.1.3 ![AppVersion: 2.1.3](https://img.shields.io/static/v1?label=AppVersion&message=2.1.3&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-03-10 - -* Add annotations for PVC (#98) - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 8b2f4db..a442fca 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -116,6 +116,7 @@ persistence: - size: 128Mi - # storageClass: "" - path: /data -+ annotations: {} - - resources: {} - # requests: -``` - -## 4.1.2 ![AppVersion: 2.1.3](https://img.shields.io/static/v1?label=AppVersion&message=2.1.3&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-03-10 - -* Added persistent volume support. (#86) - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 2a2554f..8b2f4db 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -103,7 +103,20 @@ dashboard: - - logs: - loglevel: WARN --# -+ -+# Enable persistence using Persistent Volume Claims -+# ref: http://kubernetes.io/docs/user-guide/persistent-volumes/ -+# After the pvc has been mounted, add the configs into traefik by using the `additionalArguments` list below, eg: -+# additionalArguments: -+# - "--certificatesresolvers.le.acme.storage=/data/acme.json" -+# It will persist TLS certificates. -+persistence: -+ enabled: false -+ accessMode: ReadWriteOnce -+ size: 128Mi -+ # storageClass: "" -+ path: /data -+ - resources: {} - # requests: - # cpu: "100m" -``` - -## 4.1.1 ![AppVersion: 2.1.3](https://img.shields.io/static/v1?label=AppVersion&message=2.1.3&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-03-10 - -* Add values to mount secrets or configmaps as volumes to the traefik pod (#84) - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 5401832..2a2554f 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -20,6 +20,23 @@ rollingUpdate: - maxUnavailable: 1 - maxSurge: 1 - -+ -+# -+# Add volumes to the traefik pod. -+# This can be used to mount a cert pair or a configmap that holds a config.toml file. -+# After the volume has been mounted, add the configs into traefik by using the `additionalArguments` list below, eg: -+# additionalArguments: -+# - "--providers.file.filename=/config/dynamic.toml" -+# - "--tls.certificates.certFile=/certs/tls.crt" -+# - "--tls.certificates.keyFile=/certs/tls.key" -+volumes: [] -+# - name: public-cert -+# mountPath: "/certs" -+# type: secret -+# - name: configs -+# mountPath: "/config" -+# type: configMap -+ - # - # Configure Traefik entry points - # Additional arguments to be passed at Traefik's binary -``` - -## 4.1.0 ![AppVersion: 2.1.3](https://img.shields.io/static/v1?label=AppVersion&message=2.1.3&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-03-10 - -* Add podAnnotations to the deployment (#83) - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 5eab74b..5401832 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -9,6 +9,8 @@ image: - deployment: - # Number of pods of the deployment - replicas: 1 -+ # Additional pod annotations (e.g. for mesh injection or prometheus scraping) -+ podAnnotations: {} - - additional: - checkNewVersion: true -``` - -## 4.0.0 ![AppVersion: 2.1.3](https://img.shields.io/static/v1?label=AppVersion&message=2.1.3&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-03-06 - -* Migrate to helm v3 (#94) - - -## 3.5.0 ![AppVersion: 2.1.3](https://img.shields.io/static/v1?label=AppVersion&message=2.1.3&color=success&logo=) ![Helm: v2](https://img.shields.io/static/v1?label=Helm&message=v2&color=inactive&logo=helm) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-02-18 - -* Publish helm chart (#81) - - -## 3.4.0 ![AppVersion: 2.1.3](https://img.shields.io/static/v1?label=AppVersion&message=2.1.3&color=success&logo=) ![Helm: v2](https://img.shields.io/static/v1?label=Helm&message=v2&color=inactive&logo=helm) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-02-13 - -* fix: tests. -* feat: bump traefik to v2.1.3 -* Enable configuration of global checknewversion and sendanonymoususage (#80) - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index bcc42f8..5eab74b 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -1,7 +1,7 @@ - # Default values for Traefik - image: - name: traefik -- tag: 2.1.1 -+ tag: 2.1.3 - - # - # Configure the deployment -@@ -10,6 +10,10 @@ deployment: - # Number of pods of the deployment - replicas: 1 - -+additional: -+ checkNewVersion: true -+ sendAnonymousUsage: true -+ - rollingUpdate: - maxUnavailable: 1 - maxSurge: 1 -``` - -## 3.3.3 ![AppVersion: 2.1.1](https://img.shields.io/static/v1?label=AppVersion&message=2.1.1&color=success&logo=) ![Helm: v2](https://img.shields.io/static/v1?label=Helm&message=v2&color=inactive&logo=helm) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-02-05 - -* fix: deployment environment variables. -* fix: chart version. - - -## 3.3.2 ![AppVersion: 2.1.1](https://img.shields.io/static/v1?label=AppVersion&message=2.1.1&color=success&logo=) ![Helm: v2](https://img.shields.io/static/v1?label=Helm&message=v2&color=inactive&logo=helm) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-02-03 - -* ix: deployment environment variables. - - -## 3.3.1 ![AppVersion: 2.1.1](https://img.shields.io/static/v1?label=AppVersion&message=2.1.1&color=success&logo=) ![Helm: v2](https://img.shields.io/static/v1?label=Helm&message=v2&color=inactive&logo=helm) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-01-27 - -* fix: deployment environment variables. - - -## 3.3.0 ![AppVersion: 2.1.1](https://img.shields.io/static/v1?label=AppVersion&message=2.1.1&color=success&logo=) ![Helm: v2](https://img.shields.io/static/v1?label=Helm&message=v2&color=inactive&logo=helm) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-01-24 - -* Enable configuration of environment variables in traefik deployment (#71) - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index 4462359..bcc42f8 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -21,6 +21,13 @@ rollingUpdate: - additionalArguments: [] - # - "--providers.kubernetesingress" - -+# Environment variables to be passed to Traefik's binary -+env: {} -+# - name: SOME_VAR -+# value: some-var-value -+# - name: SOME_OTHER_VAR -+# value: some-other-var-value -+ - # - ports: - # The name of this one can't be changed as it is used for the readiness and -``` - -## 3.2.1 ![AppVersion: 2.1.1](https://img.shields.io/static/v1?label=AppVersion&message=2.1.1&color=success&logo=) ![Helm: v2](https://img.shields.io/static/v1?label=Helm&message=v2&color=inactive&logo=helm) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-01-22 - -* Add Unit Tests for the chart (#60) - - -## 3.2.0 ![AppVersion: 2.1.1](https://img.shields.io/static/v1?label=AppVersion&message=2.1.1&color=success&logo=) ![Helm: v2](https://img.shields.io/static/v1?label=Helm&message=v2&color=inactive&logo=helm) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-01-22 - -* Make NodePort configurable (#67) - -### Default value changes - -```diff -diff --git a/traefik/values.yaml b/traefik/values.yaml -index b1fe42a..4462359 100644 ---- a/traefik/values.yaml -+++ b/traefik/values.yaml -@@ -40,10 +40,14 @@ ports: - port: 8000 - expose: true - exposedPort: 80 -+ # Use nodeport if set. This is useful if you have configured Traefik in a -+ # LoadBalancer -+ # nodePort: 32080 - websecure: - port: 8443 - expose: true - exposedPort: 443 -+ # nodePort: 32443 - - # Options for the main traefik service, where the entrypoints traffic comes - # from. -``` - -## 3.1.0 ![AppVersion: 2.1.1](https://img.shields.io/static/v1?label=AppVersion&message=2.1.1&color=success&logo=) ![Helm: v2](https://img.shields.io/static/v1?label=Helm&message=v2&color=inactive&logo=helm) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) - -**Release date:** 2020-01-20 - -* Switch Chart linting to ct (#59) - -### Default value changes - -```diff -# Default values for Traefik -image: - name: traefik - tag: 2.1.1 - -# -# Configure the deployment -# -deployment: - # Number of pods of the deployment - replicas: 1 - -rollingUpdate: - maxUnavailable: 1 - maxSurge: 1 - -# -# Configure Traefik entry points -# Additional arguments to be passed at Traefik's binary -## Use curly braces to pass values: `helm install --set="{--providers.kubernetesingress,--global.checknewversion=true}" ." -additionalArguments: [] -# - "--providers.kubernetesingress" - -# -ports: - # The name of this one can't be changed as it is used for the readiness and - # liveness probes, but you can adjust its config to your liking - traefik: - port: 9000 - # Defines whether the port is exposed if service.type is LoadBalancer or - # NodePort. - # - # You SHOULD NOT expose the traefik port on production deployments. - # If you want to access it from outside of your cluster, - # use `kubectl proxy` or create a secure ingress - expose: false - # The exposed port for this service - exposedPort: 9000 - web: - port: 8000 - expose: true - exposedPort: 80 - websecure: - port: 8443 - expose: true - exposedPort: 443 - -# Options for the main traefik service, where the entrypoints traffic comes -# from. -service: - type: LoadBalancer - # Additional annotations (e.g. for cloud provider specific config) - annotations: {} - # Additional entries here will be added to the service spec. Cannot contains - # type, selector or ports entries. - spec: {} - # externalTrafficPolicy: Cluster - # loadBalancerIP: "1.2.3.4" - # clusterIP: "2.3.4.5" - -dashboard: - # Enable the dashboard on Traefik - enable: true - - # Expose the dashboard and api through an ingress route at /dashboard - # and /api This is not secure and SHOULD NOT be enabled on production - # deployments - ingressRoute: false - -logs: - loglevel: WARN -# -resources: {} - # requests: - # cpu: "100m" - # memory: "50Mi" - # limits: - # cpu: "300m" - # memory: "150Mi" -affinity: {} -nodeSelector: {} -tolerations: [] -``` - ---- -Autogenerated from Helm Chart and git history using [helm-changelog](https://github.com/mogensen/helm-changelog) diff --git a/charts/traefik/traefik/Chart.yaml b/charts/traefik/traefik/Chart.yaml deleted file mode 100644 index 0d1220a..0000000 --- a/charts/traefik/traefik/Chart.yaml +++ /dev/null @@ -1,39 +0,0 @@ -annotations: - artifacthub.io/changes: "- \"fix: \U0001F41B http3 with internal service\"\n- \"fix: - use correct children indentation for logs.access.filters\"\n- \"fix(schema): :bug: - targetPort can also be a string\"\n- \"fix(certificateResolvers)!: :boom: :bug: - use same syntax in Chart and in Traefik\"\n- \"fix(Traefik)!: :boom: set 8080 - as default port for `traefik` entrypoint\"\n- \"fix(Traefik Hub): RBAC for distributedAcme\"\n- - \"fix(Kubernetes Ingress)!: :boom: :sparkles: enable publishedService by default\"\n- - \"fix(Gateway API): :bug: add missing required RBAC for v3.2 with experimental - Channel\"\n- \"fix(Env Variables)!: allow extending env without overwrite\"\n- - \"feat(deps): update traefik docker tag to v3.2.0\"\n- \"feat(deps): update traefik - docker tag to v3.1.6\"\n- \"feat(Traefik): ✨ support Gateway API statusAddress\"\n- - \"feat(Traefik Proxy): CRDs for v3.2+\"\n- \"feat(Gateway API): :sparkles: standard - install CRD v1.2.0\"\n- \"feat(Gateway API): :sparkles: add infrastructure in - the values\"\n- \"chore: allow TRACE log level\"\n- \"chore(release): \U0001F680 - publish v33.0.0\"\n- \"Update topology spread constraints comments\"\n" -apiVersion: v2 -appVersion: v3.2.0 -description: A Traefik based Kubernetes ingress controller -home: https://traefik.io/ -icon: https://raw.githubusercontent.com/traefik/traefik/v2.3/docs/content/assets/img/traefik.logo.png -keywords: -- traefik -- ingress -- networking -kubeVersion: '>=1.22.0-0' -maintainers: -- email: michel.loiseleur@traefik.io - name: mloiseleur -- email: charlie.haley@traefik.io - name: charlie-haley -- email: remi.buisson@traefik.io - name: darkweaver87 -- name: jnoordsij -name: traefik -sources: -- https://github.com/traefik/traefik -- https://github.com/traefik/traefik-helm-chart -type: application -version: 33.0.0 diff --git a/charts/traefik/traefik/EXAMPLES.md b/charts/traefik/traefik/EXAMPLES.md deleted file mode 100644 index 6c70f5a..0000000 --- a/charts/traefik/traefik/EXAMPLES.md +++ /dev/null @@ -1,1014 +0,0 @@ -# Install as a DaemonSet - -Default install is using a `Deployment` but it's possible to use `DaemonSet` - -```yaml -deployment: - kind: DaemonSet -``` - -# Configure traefik Pod parameters - -## Extending /etc/hosts records - -In some specific cases, you'll need to add extra records to the `/etc/hosts` file for the Traefik containers. -You can configure it using [hostAliases](https://kubernetes.io/docs/tasks/network/customize-hosts-file-for-pods/): - -```yaml -deployment: - hostAliases: - - ip: "127.0.0.1" # this is an example - hostnames: - - "foo.local" - - "bar.local" -``` -## Extending DNS config - -In order to configure additional DNS servers for your traefik pod, you can use `dnsConfig` option: - -```yaml -deployment: - dnsConfig: - nameservers: - - 192.0.2.1 # this is an example - searches: - - ns1.svc.cluster-domain.example - - my.dns.search.suffix - options: - - name: ndots - value: "2" - - name: edns0 -``` - -# Install in a dedicated namespace, with limited RBAC - -Default install is using Cluster-wide RBAC but it can be restricted to target namespace. - -```yaml -rbac: - namespaced: true -``` - -# Install with auto-scaling - -When enabling [HPA](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) -to adjust replicas count according to CPU Usage, you'll need to set resources and nullify replicas. - -```yaml -deployment: - replicas: null -resources: - requests: - cpu: "100m" - memory: "50Mi" - limits: - cpu: "300m" - memory: "150Mi" -autoscaling: - enabled: true - maxReplicas: 2 - metrics: - - type: Resource - resource: - name: cpu - target: - type: Utilization - averageUtilization: 80 -``` - -# Access Traefik dashboard without exposing it - -This Chart does not expose the Traefik local dashboard by default. It's explained in upstream [documentation](https://doc.traefik.io/traefik/operations/api/) why: - -> Enabling the API in production is not recommended, because it will expose all configuration elements, including sensitive data. - -It says also: - -> In production, it should be at least secured by authentication and authorizations. - -Thus, there are multiple ways to expose the dashboard. For instance, after enabling the creation of dashboard `IngressRoute` in the values: - -```yaml -ingressRoute: - dashboard: - enabled: true -``` - -The traefik admin port can be forwarded locally: - -```bash -kubectl port-forward $(kubectl get pods --selector "app.kubernetes.io/name=traefik" --output=name) 8080:8080 -``` - -This command makes the dashboard accessible on the url: http://127.0.0.1:8080/dashboard/ - -# Publish and protect Traefik Dashboard with basic Auth - -To expose the dashboard in a secure way as [recommended](https://doc.traefik.io/traefik/operations/dashboard/#dashboard-router-rule) -in the documentation, it may be useful to override the router rule to specify -a domain to match, or accept requests on the root path (/) in order to redirect -them to /dashboard/. - -```yaml -# Create an IngressRoute for the dashboard -ingressRoute: - dashboard: - enabled: true - # Custom match rule with host domain - matchRule: Host(`traefik-dashboard.example.com`) - entryPoints: ["websecure"] - # Add custom middlewares : authentication and redirection - middlewares: - - name: traefik-dashboard-auth - -# Create the custom middlewares used by the IngressRoute dashboard (can also be created in another way). -# /!\ Yes, you need to replace "changeme" password with a better one. /!\ -extraObjects: - - apiVersion: v1 - kind: Secret - metadata: - name: traefik-dashboard-auth-secret - type: kubernetes.io/basic-auth - stringData: - username: admin - password: changeme - - - apiVersion: traefik.io/v1alpha1 - kind: Middleware - metadata: - name: traefik-dashboard-auth - spec: - basicAuth: - secret: traefik-dashboard-auth-secret -``` - -# Publish and protect Traefik Dashboard with an Ingress - -To expose the dashboard without IngressRoute, it's more complicated and less -secure. You'll need to create an internal Service exposing Traefik API with -special _traefik_ entrypoint. This internal Service can be created from an other tool, with the `extraObjects` section or using [custom services](#add-custom-internal-services). - -You'll need to double check: -1. Service selector with your setup. -2. Middleware annotation on the ingress, _default_ should be replaced with traefik's namespace - -```yaml -ingressRoute: - dashboard: - enabled: false -additionalArguments: -- "--api.insecure=true" -# Create the service, middleware and Ingress used to expose the dashboard (can also be created in another way). -# /!\ Yes, you need to replace "changeme" password with a better one. /!\ -extraObjects: - - apiVersion: v1 - kind: Service - metadata: - name: traefik-api - spec: - type: ClusterIP - selector: - app.kubernetes.io/name: traefik - app.kubernetes.io/instance: traefik-default - ports: - - port: 8080 - name: traefik - targetPort: 8080 - protocol: TCP - - - apiVersion: v1 - kind: Secret - metadata: - name: traefik-dashboard-auth-secret - type: kubernetes.io/basic-auth - stringData: - username: admin - password: changeme - - - apiVersion: traefik.io/v1alpha1 - kind: Middleware - metadata: - name: traefik-dashboard-auth - spec: - basicAuth: - secret: traefik-dashboard-auth-secret - - - apiVersion: networking.k8s.io/v1 - kind: Ingress - metadata: - name: traefik-dashboard - annotations: - traefik.ingress.kubernetes.io/router.entrypoints: websecure - traefik.ingress.kubernetes.io/router.middlewares: default-traefik-dashboard-auth@kubernetescrd - spec: - rules: - - host: traefik-dashboard.example.com - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: traefik-api - port: - name: traefik -``` - - -# Install on AWS - -It can use [native AWS support](https://kubernetes.io/docs/concepts/services-networking/service/#aws-nlb-support) on Kubernetes - -```yaml -service: - annotations: - service.beta.kubernetes.io/aws-load-balancer-type: nlb -``` - -Or if [AWS LB controller](https://kubernetes-sigs.github.io/aws-load-balancer-controller/v2.2/guide/service/annotations/#legacy-cloud-provider) is installed : -```yaml -service: - annotations: - service.beta.kubernetes.io/aws-load-balancer-type: nlb-ip -``` - -# Install on GCP - -A [regional IP with a Service](https://cloud.google.com/kubernetes-engine/docs/tutorials/configuring-domain-name-static-ip#use_a_service) can be used -```yaml -service: - spec: - loadBalancerIP: "1.2.3.4" -``` - -Or a [global IP on Ingress](https://cloud.google.com/kubernetes-engine/docs/tutorials/configuring-domain-name-static-ip#use_an_ingress) -```yaml -service: - type: NodePort -extraObjects: - - apiVersion: networking.k8s.io/v1 - kind: Ingress - metadata: - name: traefik - annotations: - kubernetes.io/ingress.global-static-ip-name: "myGlobalIpName" - spec: - defaultBackend: - service: - name: traefik - port: - number: 80 -``` - -Or a [global IP on a Gateway](https://cloud.google.com/kubernetes-engine/docs/how-to/deploying-gateways) with continuous HTTPS encryption. - -```yaml -ports: - websecure: - appProtocol: HTTPS # Hint for Google L7 load balancer -service: - type: ClusterIP -extraObjects: -- apiVersion: gateway.networking.k8s.io/v1beta1 - kind: Gateway - metadata: - name: traefik - annotations: - networking.gke.io/certmap: "myCertificateMap" - spec: - gatewayClassName: gke-l7-global-external-managed - addresses: - - type: NamedAddress - value: "myGlobalIPName" - listeners: - - name: https - protocol: HTTPS - port: 443 -- apiVersion: gateway.networking.k8s.io/v1beta1 - kind: HTTPRoute - metadata: - name: traefik - spec: - parentRefs: - - kind: Gateway - name: traefik - rules: - - backendRefs: - - name: traefik - port: 443 -- apiVersion: networking.gke.io/v1 - kind: HealthCheckPolicy - metadata: - name: traefik - spec: - default: - config: - type: HTTP - httpHealthCheck: - port: 8080 - requestPath: /ping - targetRef: - group: "" - kind: Service - name: traefik -``` - -# Install on Azure - -A [static IP on a resource group](https://learn.microsoft.com/en-us/azure/aks/static-ip) can be used: - -```yaml -service: - spec: - loadBalancerIP: "1.2.3.4" - annotations: - service.beta.kubernetes.io/azure-load-balancer-resource-group: myResourceGroup -``` - -Here is a more complete example, using also native Let's encrypt feature of Traefik Proxy with Azure DNS: - -```yaml -persistence: - enabled: true - size: 128Mi -certificatesResolvers: - letsencrypt: - acme: - email: "{{ letsencrypt_email }}" - #caServer: https://acme-v02.api.letsencrypt.org/directory # Production server - caServer: https://acme-staging-v02.api.letsencrypt.org/directory # Staging server - dnsChallenge: - provider: azuredns - storage: /data/acme.json -env: - - name: AZURE_CLIENT_ID - value: "{{ azure_dns_challenge_application_id }}" - - name: AZURE_CLIENT_SECRET - valueFrom: - secretKeyRef: - name: azuredns-secret - key: client-secret - - name: AZURE_SUBSCRIPTION_ID - value: "{{ azure_subscription_id }}" - - name: AZURE_TENANT_ID - value: "{{ azure_tenant_id }}" - - name: AZURE_RESOURCE_GROUP - value: "{{ azure_resource_group }}" -deployment: - initContainers: - - name: volume-permissions - image: busybox:latest - command: ["sh", "-c", "ls -la /; touch /data/acme.json; chmod -v 600 /data/acme.json"] - volumeMounts: - - mountPath: /data - name: data -podSecurityContext: - fsGroup: 65532 - fsGroupChangePolicy: "OnRootMismatch" -service: - spec: - type: LoadBalancer - annotations: - service.beta.kubernetes.io/azure-load-balancer-resource-group: "{{ azure_node_resource_group }}" - service.beta.kubernetes.io/azure-pip-name: "{{ azure_resource_group }}" - service.beta.kubernetes.io/azure-dns-label-name: "{{ azure_resource_group }}" - service.beta.kubernetes.io/azure-allowed-ip-ranges: "{{ ip_range | join(',') }}" -extraObjects: - - apiVersion: v1 - kind: Secret - metadata: - name: azuredns-secret - namespace: traefik - type: Opaque - stringData: - client-secret: "{{ azure_dns_challenge_application_secret }}" -``` - -# Use an IngressClass - -Default install comes with an `IngressClass` resource that can be enabled on providers. - -Here's how one can enable it on CRD & Ingress Kubernetes provider: - -```yaml -ingressClass: - name: traefik -providers: - kubernetesCRD: - ingressClass: traefik - kubernetesIngress: - ingressClass: traefik -``` - -# Use HTTP3 - -By default, it will use a Load balancers with mixed protocols on `websecure` -entrypoint. They are available since v1.20 and in beta as of Kubernetes v1.24. -Availability may depend on your Kubernetes provider. - -When using TCP and UDP with a single service, you may encounter [this issue](https://github.com/kubernetes/kubernetes/issues/47249#issuecomment-587960741) from Kubernetes. -If you want to avoid this issue, you can set `ports.websecure.http3.advertisedPort` -to an other value than 443 - -```yaml -ports: - websecure: - http3: - enabled: true -``` - -You can also create two `Service`, one for TCP and one for UDP: - -```yaml -ports: - websecure: - http3: - enabled: true -service: - single: false -``` - -# Use PROXY protocol on Digital Ocean - -PROXY protocol is a protocol for sending client connection information, such as origin IP addresses and port numbers, to the final backend server, rather than discarding it at the load balancer. - -```yaml -.DOTrustedIPs: &DOTrustedIPs - - 127.0.0.1/32 - - 10.120.0.0/16 - -service: - enabled: true - type: LoadBalancer - annotations: - # This will tell DigitalOcean to enable the proxy protocol. - service.beta.kubernetes.io/do-loadbalancer-enable-proxy-protocol: "true" - spec: - # This is the default and should stay as cluster to keep the DO health checks working. - externalTrafficPolicy: Cluster - -ports: - web: - forwardedHeaders: - trustedIPs: *DOTrustedIPs - proxyProtocol: - trustedIPs: *DOTrustedIPs - websecure: - forwardedHeaders: - trustedIPs: *DOTrustedIPs - proxyProtocol: - trustedIPs: *DOTrustedIPs -``` - -# Enable plugin storage - -This chart follows common security practices: it runs as non root with a readonly root filesystem. -When enabling a plugin which needs storage, you have to add it to the deployment. - -Here is a simple example with crowdsec. You may want to replace with your plugin or see complete exemple on crowdsec [here](https://github.com/maxlerebourg/crowdsec-bouncer-traefik-plugin/blob/main/examples/kubernetes/README.md). - -```yaml -deployment: - additionalVolumes: - - name: plugins -additionalVolumeMounts: -- name: plugins - mountPath: /plugins-storage -additionalArguments: -- "--experimental.plugins.bouncer.moduleName=github.com/maxlerebourg/crowdsec-bouncer-traefik-plugin" -- "--experimental.plugins.bouncer.version=v1.1.9" -``` - -# Use Traefik native Let's Encrypt integration, without cert-manager - -In Traefik Proxy, ACME certificates are stored in a JSON file. - -This file needs to have 0600 permissions, meaning, only the owner of the file has full read and write access to it. -By default, Kubernetes recursively changes ownership and permissions for the content of each volume. - -=> An initContainer can be used to avoid an issue on this sensitive file. -See [#396](https://github.com/traefik/traefik-helm-chart/issues/396) for more details. - -Once the provider is ready, it can be used in an `IngressRoute`: - -```yaml -apiVersion: traefik.io/v1alpha1 -kind: IngressRoute -metadata: - name: [...] -spec: - entryPoints: [...] - routes: [...] - tls: - certResolver: letsencrypt -``` - -:information_source: Change `apiVersion` to `traefik.containo.us/v1alpha1` for charts prior to v28.0.0 - -See [the list of supported providers](https://doc.traefik.io/traefik/https/acme/#providers) for others. - -## Example with CloudFlare - -This example needs a CloudFlare token in a Kubernetes `Secret` and a working `StorageClass`. - -**Step 1**: Create `Secret` with CloudFlare token: - -```yaml ---- -apiVersion: v1 -kind: Secret -metadata: - name: cloudflare -type: Opaque -stringData: - token: {{ SET_A_VALID_TOKEN_HERE }} -``` - -**Step 2**: - -```yaml -persistence: - enabled: true - storageClass: xxx -certificatesResolvers: - letsencrypt: - acme: - dnsChallenge: - provider: cloudflare - storage: /data/acme.json -env: - - name: CF_DNS_API_TOKEN - valueFrom: - secretKeyRef: - name: cloudflare - key: token -deployment: - initContainers: - - name: volume-permissions - image: busybox:latest - command: ["sh", "-c", "touch /data/acme.json; chmod -v 600 /data/acme.json"] - volumeMounts: - - mountPath: /data - name: data -podSecurityContext: - fsGroup: 65532 - fsGroupChangePolicy: "OnRootMismatch" -``` - ->[!NOTE] -> With [Traefik Hub](https://traefik.io/traefik-hub/), certificates can be stored as a `Secret` on Kubernetes with `distributedAcme` resolver. - -# Provide default certificate with cert-manager and CloudFlare DNS - -Setup: - -* cert-manager installed in `cert-manager` namespace -* A cloudflare account on a DNS Zone - -**Step 1**: Create `Secret` and `Issuer` needed by `cert-manager` with your API Token. -See [cert-manager documentation](https://cert-manager.io/docs/configuration/acme/dns01/cloudflare/) -for creating this token with needed rights: - -```yaml ---- -apiVersion: v1 -kind: Secret -metadata: - name: cloudflare - namespace: traefik -type: Opaque -stringData: - api-token: XXX ---- -apiVersion: cert-manager.io/v1 -kind: Issuer -metadata: - name: cloudflare - namespace: traefik -spec: - acme: - server: https://acme-v02.api.letsencrypt.org/directory - email: email@example.com - privateKeySecretRef: - name: cloudflare-key - solvers: - - dns01: - cloudflare: - apiTokenSecretRef: - name: cloudflare - key: api-token -``` - -**Step 2**: Create `Certificate` in traefik namespace - -```yaml -apiVersion: cert-manager.io/v1 -kind: Certificate -metadata: - name: wildcard-example-com - namespace: traefik -spec: - secretName: wildcard-example-com-tls - dnsNames: - - "example.com" - - "*.example.com" - issuerRef: - name: cloudflare - kind: Issuer -``` - -**Step 3**: Check that it's ready - -```bash -kubectl get certificate -n traefik -``` - -If needed, logs of cert-manager pod can give you more information - -**Step 4**: Use it on the TLS Store in **values.yaml** file for this Helm Chart - -```yaml -tlsStore: - default: - defaultCertificate: - secretName: wildcard-example-com-tls -``` - -**Step 5**: Enjoy. All your `IngressRoute` use this certificate by default now. - -They should use websecure entrypoint like this: - -```yaml -apiVersion: traefik.io/v1alpha1 -kind: IngressRoute -metadata: - name: example-com-tls -spec: - entryPoints: - - websecure - routes: - - match: Host(`test.example.com`) - kind: Rule - services: - - name: XXXX - port: 80 -``` - -# Add custom (internal) services - -In some cases you might want to have more than one Traefik service within your cluster, -e.g. a default (external) one and a service that is only exposed internally to pods within your cluster. - -The `service.additionalServices` allows you to add an arbitrary amount of services, -provided as a name to service details mapping; for example you can use the following values: - -```yaml -service: - additionalServices: - internal: - type: ClusterIP - labels: - traefik-service-label: internal -``` - -Ports can then be exposed on this service by using the port name to boolean mapping `expose` on the respective port; -e.g. to expose the `traefik` API port on your internal service so pods within your cluster can use it, you can do: - -```yaml -ports: - traefik: - expose: - # Sensitive data should not be exposed on the internet - # => Keep this disabled ! - default: false - internal: true -``` - -This will then provide an additional Service manifest, looking like this: - -```yaml ---- -# Source: traefik/templates/service.yaml -apiVersion: v1 -kind: Service -metadata: - name: traefik-internal - namespace: traefik -[...] -spec: - type: ClusterIP - selector: - app.kubernetes.io/name: traefik - app.kubernetes.io/instance: traefik-traefik - ports: - - port: 8080 - name: "traefik" - targetPort: traefik - protocol: TCP -``` - -# Use this Chart as a dependency of your own chart - - -First, let's create a default Helm Chart, with Traefik as a dependency. -```bash -helm create foo -cd foo -echo " -dependencies: - - name: traefik - version: "24.0.0" - repository: "https://traefik.github.io/charts" -" >> Chart.yaml -``` - -Second, let's tune some values like enabling HPA: - -```bash -cat <<-EOF >> values.yaml -traefik: - autoscaling: - enabled: true - maxReplicas: 3 -EOF -``` - -Third, one can see if it works as expected: -```bash -helm dependency update -helm dependency build -helm template . | grep -A 14 -B 3 Horizontal -``` - -It should produce this output: - -```yaml ---- -# Source: foo/charts/traefik/templates/hpa.yaml -apiVersion: autoscaling/v2 -kind: HorizontalPodAutoscaler -metadata: - name: release-name-traefik - namespace: flux-system - labels: - app.kubernetes.io/name: traefik - app.kubernetes.io/instance: release-name-flux-system - helm.sh/chart: traefik-24.0.0 - app.kubernetes.io/managed-by: Helm -spec: - scaleTargetRef: - apiVersion: apps/v1 - kind: Deployment - name: release-name-traefik - maxReplicas: 3 -``` - -# Configure TLS - -The [TLS options](https://doc.traefik.io/traefik/https/tls/#tls-options) allow one to configure some parameters of the TLS connection. - -```yaml -tlsOptions: - default: - labels: {} - sniStrict: true - custom-options: - labels: {} - curvePreferences: - - CurveP521 - - CurveP384 -``` - -# Use latest build of Traefik v3 from master - -An experimental build of Traefik Proxy is available on a specific repository. - -It can be used with those _values_: - -```yaml -image: - repository: traefik/traefik - tag: experimental-v3.0 -``` - -# Use Prometheus Operator - -An optional support of this operator is included in this Chart. See documentation of this operator for more details. - -It can be used with those _values_: - -```yaml -metrics: - prometheus: - service: - enabled: true - disableAPICheck: false - serviceMonitor: - enabled: true - metricRelabelings: - - sourceLabels: [__name__] - separator: ; - regex: ^fluentd_output_status_buffer_(oldest|newest)_.+ - replacement: $1 - action: drop - relabelings: - - sourceLabels: [__meta_kubernetes_pod_node_name] - separator: ; - regex: ^(.*)$ - targetLabel: nodename - replacement: $1 - action: replace - jobLabel: traefik - interval: 30s - honorLabels: true - prometheusRule: - enabled: true - rules: - - alert: TraefikDown - expr: up{job="traefik"} == 0 - for: 5m - labels: - context: traefik - severity: warning - annotations: - summary: "Traefik Down" - description: "{{ $labels.pod }} on {{ $labels.nodename }} is down" -``` - -# Use kubernetes Gateway API - -One can use the new stable kubernetes gateway API provider setting the following _values_: - -```yaml -providers: - kubernetesGateway: - enabled: true -``` - -
- -With those values, a whoami service can be exposed with a HTTPRoute - -```yaml ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: whoami -spec: - replicas: 2 - selector: - matchLabels: - app: whoami - template: - metadata: - labels: - app: whoami - spec: - containers: - - name: whoami - image: traefik/whoami - ---- -apiVersion: v1 -kind: Service -metadata: - name: whoami -spec: - selector: - app: whoami - ports: - - protocol: TCP - port: 80 - ---- -apiVersion: gateway.networking.k8s.io/v1 -kind: HTTPRoute -metadata: - name: whoami -spec: - parentRefs: - - name: traefik-gateway - hostnames: - - whoami.docker.localhost - rules: - - matches: - - path: - type: Exact - value: / - - backendRefs: - - name: whoami - port: 80 - weight: 1 -``` - -Once it's applied, whoami should be accessible on http://whoami.docker.localhost/ - -
- -:information_source: In this example, `Deployment` and `HTTPRoute` should be deployed in the same namespace as the Traefik Gateway: Chart namespace. - -# Use Kubernetes Gateway API with cert-manager - -One can use the new stable kubernetes gateway API provider with automatic TLS certificates delivery (with cert-manager) setting the following _values_: - -```yaml -providers: - kubernetesGateway: - enabled: true -gateway: - enabled: true - annotations: - cert-manager.io/issuer: selfsigned-issuer - listeners: - websecure: - hostname: whoami.docker.localhost - port: 8443 - protocol: HTTPS - certificateRefs: - - name: whoami-tls -``` - -Install cert-manager: - -```bash -helm repo add jetstack https://charts.jetstack.io --force-update -helm upgrade --install \ -cert-manager jetstack/cert-manager \ ---namespace cert-manager \ ---create-namespace \ ---version v1.15.1 \ ---set crds.enabled=true \ ---set "extraArgs={--enable-gateway-api}" -``` - -
- -With those values, a whoami service can be exposed with HTTPRoute on both HTTP and HTTPS - -```yaml ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: whoami -spec: - replicas: 2 - selector: - matchLabels: - app: whoami - template: - metadata: - labels: - app: whoami - spec: - containers: - - name: whoami - image: traefik/whoami - ---- -apiVersion: v1 -kind: Service -metadata: - name: whoami -spec: - selector: - app: whoami - ports: - - protocol: TCP - port: 80 - ---- -apiVersion: gateway.networking.k8s.io/v1 -kind: HTTPRoute -metadata: - name: whoami -spec: - parentRefs: - - name: traefik-gateway - hostnames: - - whoami.docker.localhost - rules: - - matches: - - path: - type: Exact - value: / - - backendRefs: - - name: whoami - port: 80 - weight: 1 - ---- -apiVersion: cert-manager.io/v1 -kind: Issuer -metadata: - name: selfsigned-issuer -spec: - selfSigned: {} -``` - -Once it's applied, whoami should be accessible on https://whoami.docker.localhost/ - -
diff --git a/charts/traefik/traefik/Guidelines.md b/charts/traefik/traefik/Guidelines.md deleted file mode 100644 index 3b72a40..0000000 --- a/charts/traefik/traefik/Guidelines.md +++ /dev/null @@ -1,34 +0,0 @@ -# Traefik Helm Chart Guidelines - -This document outlines the guidelines for developing, managing and extending the Traefik helm chart. - -This Helm Chart is documented using field description from comments with [helm-docs](https://github.com/norwoodj/helm-docs). - -It comes with a JSON schema generated from values with [helm schema](https://github.com/losisin/helm-values-schema-json) plugin. - -## Feature Example - -```yaml -logs: - general: - # -- Set [logs format](https://doc.traefik.io/traefik/observability/logs/#format) - format: # @schema enum:["common", "json", null]; type:[string, null]; default: "common" -``` - -Documention is on the first comment, starting with `# --` -Specific instructions for schema, when needed, are done with the inline comment starting with `# @schema`. - -## Whitespace - -Extra whitespace is to be avoided in templating. Conditionals should chomp whitespace: - -```yaml -{{- if .Values }} -{{- end }} -``` - -There should be an empty commented line between each primary key in the values.yaml file to separate features from each other. - -## Values YAML Design - -The values.yaml file is designed to be user-friendly. It does not have to resemble the templated configuration if it is not conducive. Similarly, value names to not have to correspond to fields in the template if it is not conducive. diff --git a/charts/traefik/traefik/LICENSE b/charts/traefik/traefik/LICENSE deleted file mode 100644 index 907ff83..0000000 --- a/charts/traefik/traefik/LICENSE +++ /dev/null @@ -1,202 +0,0 @@ - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright 2020 Containous - Copyright 2020 Traefik Labs - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/charts/traefik/traefik/README.md b/charts/traefik/traefik/README.md deleted file mode 100644 index cd963c1..0000000 --- a/charts/traefik/traefik/README.md +++ /dev/null @@ -1,158 +0,0 @@ -# Traefik - -[Traefik](https://traefik.io/) is a modern HTTP reverse proxy and load balancer made to deploy -microservices with ease. - -## Introduction - -Starting with v28.x, this chart now bootstraps Traefik Proxy version 3 as a Kubernetes ingress controller, -using Custom Resources `IngressRoute`: . - -It's possible to use this chart with Traefik Proxy v2 using v27.x -This chart support policy is aligned with [upstream support policy](https://doc.traefik.io/traefik/deprecation/releases/) of Traefik Proxy. - -See [Migration guide from v2 to v3](https://doc.traefik.io/traefik/v3.0/migration/v2-to-v3/) and upgrading section of this chart on CRDs. - -### Philosophy - -The Traefik HelmChart is focused on Traefik deployment configuration. - -To keep this HelmChart as generic as possible we tend -to avoid integrating any third party solutions nor any specific use cases. - -Accordingly, the encouraged approach to fulfill your needs: - -1. Override the default Traefik configuration values ([yaml file or cli](https://helm.sh/docs/chart_template_guide/values_files/)) -2. Append your own configurations (`kubectl apply -f myconf.yaml`) - -[Examples](https://github.com/traefik/traefik-helm-chart/blob/master/EXAMPLES.md) of common usage are provided. - -If needed, one may use [extraObjects](./traefik/tests/values/extra.yaml) or extend this HelmChart [as a Subchart](https://helm.sh/docs/chart_template_guide/subcharts_and_globals/). - -## Installing - -### Prerequisites - -1. [x] Helm **v3 > 3.9.0** [installed](https://helm.sh/docs/using_helm/#installing-helm): `helm version` -2. [x] Traefik's chart repository: `helm repo add traefik https://traefik.github.io/charts` - -### Kubernetes Version Support - -Due to changes in CRD version support, the following versions of the chart are usable and supported on the following Kubernetes versions: - -| | Kubernetes v1.15 and below | Kubernetes v1.16-v1.21 | Kubernetes v1.22 and above | -|-------------------------|-----------------------------|------------------------|----------------------------| -| Chart v9.20.2 and below | [x] | [x] | | -| Chart v10.0.0 and above | | [x] | [x] | -| Chart v22.0.0 and above | | | [x] | - -### CRDs Support of Traefik Proxy - -Due to changes in API Group of Traefik CRDs from `containo.us` to `traefik.io`, this Chart install CRDs needed by default Traefik Proxy version, following this table: - -| | `containo.us` | `traefik.io` | -|-------------------------|-----------------------------|------------------------| -| Chart v22.0.0 and below | [x] | | -| Chart v23.0.0 and above | [x] | [x] | -| Chart v28.0.0 and above | | [x] | - -### Deploying Traefik - -```bash -helm install traefik traefik/traefik -``` - -or: - -```bash -helm install traefik oci://ghcr.io/traefik/helm/traefik -``` - -You can customize the install with a `values` file. There are some [EXAMPLES](./EXAMPLES.md) provided. -Complete documentation on all available parameters is in the [default file](./traefik/values.yaml). - -```bash -helm install -f myvalues.yaml traefik traefik/traefik -``` - -🛂 **Warning**: Helm v2 support was removed in the chart version 10.0.0. - -## Upgrading - -One can check what has changed in the [Changelog](./traefik/Changelog.md). - -:information_source: With Helm v3, CRDs created by this chart can not be updated, cf. the [Helm Documentation on CRDs](https://helm.sh/docs/chart_best_practices/custom_resource_definitions). - -:warning: Please read carefully release notes of this chart before upgrading CRDs. - -```bash -# Update repository -helm repo update -# See current Chart & Traefik version -helm search repo traefik/traefik -# Update CRDs (Traefik Proxy v3 CRDs) -kubectl apply --server-side --force-conflicts -k https://github.com/traefik/traefik-helm-chart/traefik/crds/ -# Upgrade Traefik -helm upgrade traefik traefik/traefik -``` - -New major version indicates that there is an incompatible breaking change. - -#### Upgrade up to 27.X - -When upgrading on Traefik Proxy v2 version, one need to stay at Traefik Helm Chart v27.x. The command to upgrade to the latest Traefik Proxy v2 CRD is: - -```bash -kubectl apply --server-side --force-conflicts -k https://github.com/traefik/traefik-helm-chart/traefik/crds/?ref=v27 -``` - -### Upgrading after 18.X+ - -It's detailed in [release notes](https://github.com/traefik/traefik-helm-chart/releases). - -### Upgrading from 17.x to 18.x - -Since v18.x, this chart by default merges TCP and UDP ports into a single (LoadBalancer) `Service`. -Load balancers with mixed protocols are available since v1.20 and in -[beta as of Kubernetes v1.24](https://kubernetes.io/docs/concepts/services-networking/service/#load-balancers-with-mixed-protocol-types). -Availability may depend on your Kubernetes provider. - -To retain the old default behavior, set `service.single` to `false` in your values. - -When using TCP and UDP with a single service, you may encounter -[this issue](https://github.com/kubernetes/kubernetes/issues/47249#issuecomment-587960741) -from Kubernetes. - -On HTTP/3, if you want to avoid this issue, you can set -`ports.websecure.http3.advertisedPort` to an other value than `443` - -If you were previously using HTTP/3, you should update your values as follows: - - Replace the old value (`true`) of `ports.websecure.http3` with a key `enabled: true` - - Remove `experimental.http3.enabled=true` entry - -### Upgrading from 16.x to 17.x - -Since v17.x, this chart provides unified labels following -[Kubernetes recommendation](https://kubernetes.io/docs/concepts/overview/working-with-objects/common-labels/). - -This version needs to change an immutable field, which is not supported by -Kubernetes and Helm, see [this issue](https://github.com/helm/helm/issues/7350) -for more details. -So you will have to delete your `Service`, `Deployment` or `DaemonSet` in -order to be able to upgrade. - -You may also upgrade by deploying another Traefik to a different namespace and -removing after your first Traefik. - -Alternatively, since version 20.3.0 of this chart, you may set `instanceLabelOverride` to the previous value of that label. -This will override the new `Release.Name-Release.Namespace` pattern to avoid any (longer) downtime. - -## Contributing - -If you want to contribute to this chart, please read the [Contributing Guide](./CONTRIBUTING.md). - -Thanks to all the people who have already contributed! - - - - diff --git a/charts/traefik/traefik/VALUES.md b/charts/traefik/traefik/VALUES.md deleted file mode 100644 index aa3d014..0000000 --- a/charts/traefik/traefik/VALUES.md +++ /dev/null @@ -1,321 +0,0 @@ -# traefik - -![Version: 33.0.0](https://img.shields.io/badge/Version-33.0.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v3.2.0](https://img.shields.io/badge/AppVersion-v3.2.0-informational?style=flat-square) - -A Traefik based Kubernetes ingress controller - -**Homepage:** - -## Maintainers - -| Name | Email | Url | -| ---- | ------ | --- | -| mloiseleur | | | -| charlie-haley | | | -| darkweaver87 | | | -| jnoordsij | | | - -## Source Code - -* -* - -## Requirements - -Kubernetes: `>=1.22.0-0` - -## Values - -| Key | Type | Default | Description | -|-----|------|---------|-------------| -| additionalArguments | list | `[]` | Additional arguments to be passed at Traefik's binary See [CLI Reference](https://docs.traefik.io/reference/static-configuration/cli/) Use curly braces to pass values: `helm install --set="additionalArguments={--providers.kubernetesingress.ingressclass=traefik-internal,--log.level=DEBUG}"` | -| additionalVolumeMounts | list | `[]` | Additional volumeMounts to add to the Traefik container | -| affinity | object | `{}` | on nodes where no other traefik pods are scheduled. It should be used when hostNetwork: true to prevent port conflicts | -| autoscaling.enabled | bool | `false` | Create HorizontalPodAutoscaler object. See EXAMPLES.md for more details. | -| certificatesResolvers | object | `{}` | Certificates resolvers configuration. Ref: https://doc.traefik.io/traefik/https/acme/#certificate-resolvers See EXAMPLES.md for more details. | -| commonLabels | object | `{}` | Add additional label to all resources | -| core.defaultRuleSyntax | string | `""` | Can be used to use globally v2 router syntax See https://doc.traefik.io/traefik/v3.0/migration/v2-to-v3/#new-v3-syntax-notable-changes | -| deployment.additionalContainers | list | `[]` | Additional containers (e.g. for metric offloading sidecars) | -| deployment.additionalVolumes | list | `[]` | Additional volumes available for use with initContainers and additionalContainers | -| deployment.annotations | object | `{}` | Additional deployment annotations (e.g. for jaeger-operator sidecar injection) | -| deployment.dnsConfig | object | `{}` | Custom pod [DNS config](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#poddnsconfig-v1-core) | -| deployment.dnsPolicy | string | `""` | Custom pod DNS policy. Apply if `hostNetwork: true` | -| deployment.enabled | bool | `true` | Enable deployment | -| deployment.healthchecksHost | string | `""` | | -| deployment.healthchecksPort | string | `nil` | | -| deployment.healthchecksScheme | string | `nil` | | -| deployment.hostAliases | list | `[]` | Custom [host aliases](https://kubernetes.io/docs/tasks/network/customize-hosts-file-for-pods/) | -| deployment.imagePullSecrets | list | `[]` | Pull secret for fetching traefik container image | -| deployment.initContainers | list | `[]` | Additional initContainers (e.g. for setting file permission as shown below) | -| deployment.kind | string | `"Deployment"` | Deployment or DaemonSet | -| deployment.labels | object | `{}` | Additional deployment labels (e.g. for filtering deployment by custom labels) | -| deployment.lifecycle | object | `{}` | Pod lifecycle actions | -| deployment.livenessPath | string | `""` | Override the liveness path. Default: /ping | -| deployment.minReadySeconds | int | `0` | The minimum number of seconds Traefik needs to be up and running before the DaemonSet/Deployment controller considers it available | -| deployment.podAnnotations | object | `{}` | Additional pod annotations (e.g. for mesh injection or prometheus scraping) It supports templating. One can set it with values like traefik/name: '{{ template "traefik.name" . }}' | -| deployment.podLabels | object | `{}` | Additional Pod labels (e.g. for filtering Pod by custom labels) | -| deployment.readinessPath | string | `""` | | -| deployment.replicas | int | `1` | Number of pods of the deployment (only applies when kind == Deployment) | -| deployment.revisionHistoryLimit | string | `nil` | Number of old history to retain to allow rollback (If not set, default Kubernetes value is set to 10) | -| deployment.runtimeClassName | string | `""` | Set a runtimeClassName on pod | -| deployment.shareProcessNamespace | bool | `false` | Use process namespace sharing | -| deployment.terminationGracePeriodSeconds | int | `60` | Amount of time (in seconds) before Kubernetes will send the SIGKILL signal if Traefik does not shut down | -| env | list | See _values.yaml_ | Additional Environment variables to be passed to Traefik's binary | -| envFrom | list | `[]` | Environment variables to be passed to Traefik's binary from configMaps or secrets | -| experimental.kubernetesGateway.enabled | bool | `false` | Enable traefik experimental GatewayClass CRD | -| experimental.plugins | object | `{}` | Enable traefik experimental plugins | -| extraObjects | list | `[]` | Extra objects to deploy (value evaluated as a template) In some cases, it can avoid the need for additional, extended or adhoc deployments. See #595 for more details and traefik/tests/values/extra.yaml for example. | -| gateway.annotations | object | `{}` | Additional gateway annotations (e.g. for cert-manager.io/issuer) | -| gateway.enabled | bool | `true` | When providers.kubernetesGateway.enabled, deploy a default gateway | -| gateway.infrastructure | object | `{}` | [Infrastructure](https://kubernetes.io/blog/2023/11/28/gateway-api-ga/#gateway-infrastructure-labels) | -| gateway.listeners | object | `{"web":{"hostname":"","namespacePolicy":null,"port":8000,"protocol":"HTTP"}}` | Define listeners | -| gateway.listeners.web.hostname | string | `""` | Optional hostname. See [Hostname](https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.Hostname) | -| gateway.listeners.web.namespacePolicy | string | `nil` | Routes are restricted to namespace of the gateway [by default](https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.FromNamespaces | -| gateway.listeners.web.port | int | `8000` | Port is the network port. Multiple listeners may use the same port, subject to the Listener compatibility rules. The port must match a port declared in ports section. | -| gateway.name | string | `""` | Set a custom name to gateway | -| gateway.namespace | string | `""` | By default, Gateway is created in the same `Namespace` than Traefik. | -| gatewayClass.enabled | bool | `true` | When providers.kubernetesGateway.enabled and gateway.enabled, deploy a default gatewayClass | -| gatewayClass.labels | object | `{}` | Additional gatewayClass labels (e.g. for filtering gateway objects by custom labels) | -| gatewayClass.name | string | `""` | Set a custom name to GatewayClass | -| globalArguments | list | `["--global.checknewversion","--global.sendanonymoususage"]` | Global command arguments to be passed to all traefik's pods | -| hostNetwork | bool | `false` | If hostNetwork is true, runs traefik in the host network namespace To prevent unschedulabel pods due to port collisions, if hostNetwork=true and replicas>1, a pod anti-affinity is recommended and will be set if the affinity is left as default. | -| hub.apimanagement.admission.listenAddr | string | `""` | WebHook admission server listen address. Default: "0.0.0.0:9943". | -| hub.apimanagement.admission.secretName | string | `""` | Certificate of the WebHook admission server. Default: "hub-agent-cert". | -| hub.apimanagement.enabled | bool | `false` | Set to true in order to enable API Management. Requires a valid license token. | -| hub.redis.cluster | string | `nil` | Enable Redis Cluster. Default: true. | -| hub.redis.database | string | `nil` | Database used to store information. Default: "0". | -| hub.redis.endpoints | string | `""` | Endpoints of the Redis instances to connect to. Default: "". | -| hub.redis.password | string | `""` | The password to use when connecting to Redis endpoints. Default: "". | -| hub.redis.sentinel.masterset | string | `""` | Name of the set of main nodes to use for main selection. Required when using Sentinel. Default: "". | -| hub.redis.sentinel.password | string | `""` | Password to use for sentinel authentication (can be different from endpoint password). Default: "". | -| hub.redis.sentinel.username | string | `""` | Username to use for sentinel authentication (can be different from endpoint username). Default: "". | -| hub.redis.timeout | string | `""` | Timeout applied on connection with redis. Default: "0s". | -| hub.redis.tls.ca | string | `""` | Path to the certificate authority used for the secured connection. | -| hub.redis.tls.cert | string | `""` | Path to the public certificate used for the secure connection. | -| hub.redis.tls.insecureSkipVerify | bool | `false` | When insecureSkipVerify is set to true, the TLS connection accepts any certificate presented by the server. Default: false. | -| hub.redis.tls.key | string | `""` | Path to the private key used for the secure connection. | -| hub.redis.username | string | `""` | The username to use when connecting to Redis endpoints. Default: "". | -| hub.sendlogs | string | `nil` | | -| hub.token | string | `""` | Name of `Secret` with key 'token' set to a valid license token. It enables API Gateway. | -| image.pullPolicy | string | `"IfNotPresent"` | Traefik image pull policy | -| image.registry | string | `"docker.io"` | Traefik image host registry | -| image.repository | string | `"traefik"` | Traefik image repository | -| image.tag | string | `nil` | defaults to appVersion | -| ingressClass | object | `{"enabled":true,"isDefaultClass":true,"name":""}` | Create a default IngressClass for Traefik | -| ingressRoute.dashboard.annotations | object | `{}` | Additional ingressRoute annotations (e.g. for kubernetes.io/ingress.class) | -| ingressRoute.dashboard.enabled | bool | `false` | Create an IngressRoute for the dashboard | -| ingressRoute.dashboard.entryPoints | list | `["traefik"]` | Specify the allowed entrypoints to use for the dashboard ingress route, (e.g. traefik, web, websecure). By default, it's using traefik entrypoint, which is not exposed. /!\ Do not expose your dashboard without any protection over the internet /!\ | -| ingressRoute.dashboard.labels | object | `{}` | Additional ingressRoute labels (e.g. for filtering IngressRoute by custom labels) | -| ingressRoute.dashboard.matchRule | string | `"PathPrefix(`/dashboard`) || PathPrefix(`/api`)"` | The router match rule used for the dashboard ingressRoute | -| ingressRoute.dashboard.middlewares | list | `[]` | Additional ingressRoute middlewares (e.g. for authentication) | -| ingressRoute.dashboard.services | list | `[{"kind":"TraefikService","name":"api@internal"}]` | The internal service used for the dashboard ingressRoute | -| ingressRoute.dashboard.tls | object | `{}` | TLS options (e.g. secret containing certificate) | -| ingressRoute.healthcheck.annotations | object | `{}` | Additional ingressRoute annotations (e.g. for kubernetes.io/ingress.class) | -| ingressRoute.healthcheck.enabled | bool | `false` | Create an IngressRoute for the healthcheck probe | -| ingressRoute.healthcheck.entryPoints | list | `["traefik"]` | Specify the allowed entrypoints to use for the healthcheck ingress route, (e.g. traefik, web, websecure). By default, it's using traefik entrypoint, which is not exposed. | -| ingressRoute.healthcheck.labels | object | `{}` | Additional ingressRoute labels (e.g. for filtering IngressRoute by custom labels) | -| ingressRoute.healthcheck.matchRule | string | `"PathPrefix(`/ping`)"` | The router match rule used for the healthcheck ingressRoute | -| ingressRoute.healthcheck.middlewares | list | `[]` | Additional ingressRoute middlewares (e.g. for authentication) | -| ingressRoute.healthcheck.services | list | `[{"kind":"TraefikService","name":"ping@internal"}]` | The internal service used for the healthcheck ingressRoute | -| ingressRoute.healthcheck.tls | object | `{}` | TLS options (e.g. secret containing certificate) | -| instanceLabelOverride | string | `""` | | -| livenessProbe.failureThreshold | int | `3` | The number of consecutive failures allowed before considering the probe as failed. | -| livenessProbe.initialDelaySeconds | int | `2` | The number of seconds to wait before starting the first probe. | -| livenessProbe.periodSeconds | int | `10` | The number of seconds to wait between consecutive probes. | -| livenessProbe.successThreshold | int | `1` | The minimum consecutive successes required to consider the probe successful. | -| livenessProbe.timeoutSeconds | int | `2` | The number of seconds to wait for a probe response before considering it as failed. | -| logs.access.addInternals | bool | `false` | Enables accessLogs for internal resources. Default: false. | -| logs.access.bufferingSize | string | `nil` | Set [bufferingSize](https://doc.traefik.io/traefik/observability/access-logs/#bufferingsize) | -| logs.access.enabled | bool | `false` | To enable access logs | -| logs.access.fields.general.defaultmode | string | `"keep"` | Set default mode for fields.names | -| logs.access.fields.general.names | object | `{}` | Names of the fields to limit. | -| logs.access.fields.headers | object | `{"defaultmode":"drop","names":{}}` | [Limit logged fields or headers](https://doc.traefik.io/traefik/observability/access-logs/#limiting-the-fieldsincluding-headers) | -| logs.access.fields.headers.defaultmode | string | `"drop"` | Set default mode for fields.headers | -| logs.access.filters | object | `{"minduration":"","retryattempts":false,"statuscodes":""}` | Set [filtering](https://docs.traefik.io/observability/access-logs/#filtering) | -| logs.access.filters.minduration | string | `""` | Set minDuration, to keep access logs when requests take longer than the specified duration | -| logs.access.filters.retryattempts | bool | `false` | Set retryAttempts, to keep the access logs when at least one retry has happened | -| logs.access.filters.statuscodes | string | `""` | Set statusCodes, to limit the access logs to requests with a status codes in the specified range | -| logs.access.format | string | `nil` | Set [access log format](https://doc.traefik.io/traefik/observability/access-logs/#format) | -| logs.general.filePath | string | `""` | To write the logs into a log file, use the filePath option. | -| logs.general.format | string | `nil` | Set [logs format](https://doc.traefik.io/traefik/observability/logs/#format) | -| logs.general.level | string | `"INFO"` | Alternative logging levels are TRACE, DEBUG, INFO, WARN, ERROR, FATAL, and PANIC. | -| logs.general.noColor | bool | `false` | When set to true and format is common, it disables the colorized output. | -| metrics.addInternals | bool | `false` | | -| metrics.otlp.addEntryPointsLabels | string | `nil` | Enable metrics on entry points. Default: true | -| metrics.otlp.addRoutersLabels | string | `nil` | Enable metrics on routers. Default: false | -| metrics.otlp.addServicesLabels | string | `nil` | Enable metrics on services. Default: true | -| metrics.otlp.enabled | bool | `false` | Set to true in order to enable the OpenTelemetry metrics | -| metrics.otlp.explicitBoundaries | list | `[]` | Explicit boundaries for Histogram data points. Default: [.005, .01, .025, .05, .1, .25, .5, 1, 2.5, 5, 10] | -| metrics.otlp.grpc.enabled | bool | `false` | Set to true in order to send metrics to the OpenTelemetry Collector using gRPC | -| metrics.otlp.grpc.endpoint | string | `""` | Format: ://:. Default: http://localhost:4318/v1/metrics | -| metrics.otlp.grpc.insecure | bool | `false` | Allows reporter to send metrics to the OpenTelemetry Collector without using a secured protocol. | -| metrics.otlp.grpc.tls.ca | string | `""` | The path to the certificate authority, it defaults to the system bundle. | -| metrics.otlp.grpc.tls.cert | string | `""` | The path to the public certificate. When using this option, setting the key option is required. | -| metrics.otlp.grpc.tls.insecureSkipVerify | bool | `false` | When set to true, the TLS connection accepts any certificate presented by the server regardless of the hostnames it covers. | -| metrics.otlp.grpc.tls.key | string | `""` | The path to the private key. When using this option, setting the cert option is required. | -| metrics.otlp.http.enabled | bool | `false` | Set to true in order to send metrics to the OpenTelemetry Collector using HTTP. | -| metrics.otlp.http.endpoint | string | `""` | Format: ://:. Default: http://localhost:4318/v1/metrics | -| metrics.otlp.http.headers | object | `{}` | Additional headers sent with metrics by the reporter to the OpenTelemetry Collector. | -| metrics.otlp.http.tls.ca | string | `""` | The path to the certificate authority, it defaults to the system bundle. | -| metrics.otlp.http.tls.cert | string | `""` | The path to the public certificate. When using this option, setting the key option is required. | -| metrics.otlp.http.tls.insecureSkipVerify | string | `nil` | When set to true, the TLS connection accepts any certificate presented by the server regardless of the hostnames it covers. | -| metrics.otlp.http.tls.key | string | `""` | The path to the private key. When using this option, setting the cert option is required. | -| metrics.otlp.pushInterval | string | `""` | Interval at which metrics are sent to the OpenTelemetry Collector. Default: 10s | -| metrics.prometheus.addEntryPointsLabels | string | `nil` | | -| metrics.prometheus.addRoutersLabels | string | `nil` | | -| metrics.prometheus.addServicesLabels | string | `nil` | | -| metrics.prometheus.buckets | string | `""` | | -| metrics.prometheus.disableAPICheck | string | `nil` | When set to true, it won't check if Prometheus Operator CRDs are deployed | -| metrics.prometheus.entryPoint | string | `"metrics"` | Entry point used to expose metrics. | -| metrics.prometheus.manualRouting | bool | `false` | | -| metrics.prometheus.prometheusRule.additionalLabels | object | `{}` | | -| metrics.prometheus.prometheusRule.enabled | bool | `false` | Enable optional CR for Prometheus Operator. See EXAMPLES.md for more details. | -| metrics.prometheus.prometheusRule.namespace | string | `""` | | -| metrics.prometheus.service.annotations | object | `{}` | | -| metrics.prometheus.service.enabled | bool | `false` | Create a dedicated metrics service to use with ServiceMonitor | -| metrics.prometheus.service.labels | object | `{}` | | -| metrics.prometheus.serviceMonitor.additionalLabels | object | `{}` | | -| metrics.prometheus.serviceMonitor.enableHttp2 | bool | `false` | | -| metrics.prometheus.serviceMonitor.enabled | bool | `false` | Enable optional CR for Prometheus Operator. See EXAMPLES.md for more details. | -| metrics.prometheus.serviceMonitor.followRedirects | bool | `false` | | -| metrics.prometheus.serviceMonitor.honorLabels | bool | `false` | | -| metrics.prometheus.serviceMonitor.honorTimestamps | bool | `false` | | -| metrics.prometheus.serviceMonitor.interval | string | `""` | | -| metrics.prometheus.serviceMonitor.jobLabel | string | `""` | | -| metrics.prometheus.serviceMonitor.metricRelabelings | list | `[]` | | -| metrics.prometheus.serviceMonitor.namespace | string | `""` | | -| metrics.prometheus.serviceMonitor.namespaceSelector | object | `{}` | | -| metrics.prometheus.serviceMonitor.relabelings | list | `[]` | | -| metrics.prometheus.serviceMonitor.scrapeTimeout | string | `""` | | -| namespaceOverride | string | `""` | This field override the default Release Namespace for Helm. It will not affect optional CRDs such as `ServiceMonitor` and `PrometheusRules` | -| nodeSelector | object | `{}` | nodeSelector is the simplest recommended form of node selection constraint. | -| persistence.accessMode | string | `"ReadWriteOnce"` | | -| persistence.annotations | object | `{}` | | -| persistence.enabled | bool | `false` | Enable persistence using Persistent Volume Claims ref: http://kubernetes.io/docs/user-guide/persistent-volumes/. It can be used to store TLS certificates along with `certificatesResolvers..acme.storage` option | -| persistence.existingClaim | string | `""` | | -| persistence.name | string | `"data"` | | -| persistence.path | string | `"/data"` | | -| persistence.size | string | `"128Mi"` | | -| persistence.storageClass | string | `""` | | -| persistence.subPath | string | `""` | Only mount a subpath of the Volume into the pod | -| persistence.volumeName | string | `""` | | -| podDisruptionBudget | object | `{"enabled":false,"maxUnavailable":null,"minAvailable":null}` | [Pod Disruption Budget](https://kubernetes.io/docs/reference/kubernetes-api/policy-resources/pod-disruption-budget-v1/) | -| podSecurityContext | object | See _values.yaml_ | [Pod Security Context](https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#security-context) | -| podSecurityPolicy | object | `{"enabled":false}` | Enable to create a PodSecurityPolicy and assign it to the Service Account via RoleBinding or ClusterRoleBinding | -| ports.metrics.expose | object | `{"default":false}` | You may not want to expose the metrics port on production deployments. If you want to access it from outside your cluster, use `kubectl port-forward` or create a secure ingress | -| ports.metrics.exposedPort | int | `9100` | The exposed port for this service | -| ports.metrics.port | int | `9100` | When using hostNetwork, use another port to avoid conflict with node exporter: https://github.com/prometheus/prometheus/wiki/Default-port-allocations | -| ports.metrics.protocol | string | `"TCP"` | The port protocol (TCP/UDP) | -| ports.traefik.expose | object | `{"default":false}` | You SHOULD NOT expose the traefik port on production deployments. If you want to access it from outside your cluster, use `kubectl port-forward` or create a secure ingress | -| ports.traefik.exposedPort | int | `8080` | The exposed port for this service | -| ports.traefik.hostIP | string | `nil` | Use hostIP if set. If not set, Kubernetes will default to 0.0.0.0, which means it's listening on all your interfaces and all your IPs. You may want to set this value if you need traefik to listen on specific interface only. | -| ports.traefik.hostPort | string | `nil` | Use hostPort if set. | -| ports.traefik.port | int | `8080` | | -| ports.traefik.protocol | string | `"TCP"` | The port protocol (TCP/UDP) | -| ports.web.expose.default | bool | `true` | | -| ports.web.exposedPort | int | `80` | | -| ports.web.forwardedHeaders.insecure | bool | `false` | | -| ports.web.forwardedHeaders.trustedIPs | list | `[]` | Trust forwarded headers information (X-Forwarded-*). | -| ports.web.nodePort | string | `nil` | See [upstream documentation](https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport) | -| ports.web.port | int | `8000` | | -| ports.web.protocol | string | `"TCP"` | | -| ports.web.proxyProtocol.insecure | bool | `false` | | -| ports.web.proxyProtocol.trustedIPs | list | `[]` | Enable the Proxy Protocol header parsing for the entry point | -| ports.web.redirectTo | object | `{}` | | -| ports.web.targetPort | string | `nil` | | -| ports.web.transport | object | `{"keepAliveMaxRequests":null,"keepAliveMaxTime":null,"lifeCycle":{"graceTimeOut":null,"requestAcceptGraceTimeout":null},"respondingTimeouts":{"idleTimeout":null,"readTimeout":null,"writeTimeout":null}}` | Set transport settings for the entrypoint; see also https://doc.traefik.io/traefik/routing/entrypoints/#transport | -| ports.websecure.allowACMEByPass | bool | `false` | See [upstream documentation](https://doc.traefik.io/traefik/routing/entrypoints/#allowacmebypass) | -| ports.websecure.appProtocol | string | `nil` | See [upstream documentation](https://kubernetes.io/docs/concepts/services-networking/service/#application-protocol) | -| ports.websecure.containerPort | string | `nil` | | -| ports.websecure.expose.default | bool | `true` | | -| ports.websecure.exposedPort | int | `443` | | -| ports.websecure.forwardedHeaders.insecure | bool | `false` | | -| ports.websecure.forwardedHeaders.trustedIPs | list | `[]` | Trust forwarded headers information (X-Forwarded-*). | -| ports.websecure.hostPort | string | `nil` | | -| ports.websecure.http3.advertisedPort | string | `nil` | | -| ports.websecure.http3.enabled | bool | `false` | | -| ports.websecure.middlewares | list | `[]` | /!\ It introduces here a link between your static configuration and your dynamic configuration /!\ It follows the provider naming convention: https://doc.traefik.io/traefik/providers/overview/#provider-namespace - namespace-name1@kubernetescrd - namespace-name2@kubernetescrd | -| ports.websecure.nodePort | string | `nil` | See [upstream documentation](https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport) | -| ports.websecure.port | int | `8443` | | -| ports.websecure.protocol | string | `"TCP"` | | -| ports.websecure.proxyProtocol.insecure | bool | `false` | | -| ports.websecure.proxyProtocol.trustedIPs | list | `[]` | Enable the Proxy Protocol header parsing for the entry point | -| ports.websecure.targetPort | string | `nil` | | -| ports.websecure.tls | object | `{"certResolver":"","domains":[],"enabled":true,"options":""}` | See [upstream documentation](https://doc.traefik.io/traefik/routing/entrypoints/#tls) | -| ports.websecure.transport | object | `{"keepAliveMaxRequests":null,"keepAliveMaxTime":null,"lifeCycle":{"graceTimeOut":null,"requestAcceptGraceTimeout":null},"respondingTimeouts":{"idleTimeout":null,"readTimeout":null,"writeTimeout":null}}` | See [upstream documentation](https://doc.traefik.io/traefik/routing/entrypoints/#transport) | -| priorityClassName | string | `""` | [Pod Priority and Preemption](https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/) | -| providers.file.content | string | `""` | File content (YAML format, go template supported) (see https://doc.traefik.io/traefik/providers/file/) | -| providers.file.enabled | bool | `false` | Create a file provider | -| providers.file.watch | bool | `true` | Allows Traefik to automatically watch for file changes | -| providers.kubernetesCRD.allowCrossNamespace | bool | `false` | Allows IngressRoute to reference resources in namespace other than theirs | -| providers.kubernetesCRD.allowEmptyServices | bool | `true` | Allows to return 503 when there is no endpoints available | -| providers.kubernetesCRD.allowExternalNameServices | bool | `false` | Allows to reference ExternalName services in IngressRoute | -| providers.kubernetesCRD.enabled | bool | `true` | Load Kubernetes IngressRoute provider | -| providers.kubernetesCRD.ingressClass | string | `""` | When the parameter is set, only resources containing an annotation with the same value are processed. Otherwise, resources missing the annotation, having an empty value, or the value traefik are processed. It will also set required annotation on Dashboard and Healthcheck IngressRoute when enabled. | -| providers.kubernetesCRD.namespaces | list | `[]` | Array of namespaces to watch. If left empty, Traefik watches all namespaces. | -| providers.kubernetesCRD.nativeLBByDefault | bool | `false` | Defines whether to use Native Kubernetes load-balancing mode by default. | -| providers.kubernetesGateway.enabled | bool | `false` | Enable Traefik Gateway provider for Gateway API | -| providers.kubernetesGateway.experimentalChannel | bool | `false` | Toggles support for the Experimental Channel resources (Gateway API release channels documentation). This option currently enables support for TCPRoute and TLSRoute. | -| providers.kubernetesGateway.labelselector | string | `""` | A label selector can be defined to filter on specific GatewayClass objects only. | -| providers.kubernetesGateway.namespaces | list | `[]` | Array of namespaces to watch. If left empty, Traefik watches all namespaces. | -| providers.kubernetesGateway.statusAddress.hostname | string | `""` | This Hostname will get copied to the Gateway status.addresses. | -| providers.kubernetesGateway.statusAddress.ip | string | `""` | This IP will get copied to the Gateway status.addresses, and currently only supports one IP value (IPv4 or IPv6). | -| providers.kubernetesGateway.statusAddress.service | object | `{"name":"{{ (include \"traefik.fullname\" .) }}","namespace":"{{ .Release.Namespace }}"}` | The Kubernetes service to copy status addresses from. When using third parties tools like External-DNS, this option can be used to copy the service loadbalancer.status (containing the service's endpoints IPs) to the gateways. Default to Service of this Chart. | -| providers.kubernetesIngress.allowEmptyServices | bool | `true` | Allows to return 503 when there is no endpoints available | -| providers.kubernetesIngress.allowExternalNameServices | bool | `false` | Allows to reference ExternalName services in Ingress | -| providers.kubernetesIngress.enabled | bool | `true` | Load Kubernetes Ingress provider | -| providers.kubernetesIngress.ingressClass | string | `nil` | When ingressClass is set, only Ingresses containing an annotation with the same value are processed. Otherwise, Ingresses missing the annotation, having an empty value, or the value traefik are processed. | -| providers.kubernetesIngress.namespaces | list | `[]` | Array of namespaces to watch. If left empty, Traefik watches all namespaces. | -| providers.kubernetesIngress.nativeLBByDefault | bool | `false` | Defines whether to use Native Kubernetes load-balancing mode by default. | -| providers.kubernetesIngress.publishedService.enabled | bool | `true` | Enable [publishedService](https://doc.traefik.io/traefik/providers/kubernetes-ingress/#publishedservice) | -| providers.kubernetesIngress.publishedService.pathOverride | string | `""` | Override path of Kubernetes Service used to copy status from. Format: namespace/servicename. Default to Service deployed with this Chart. | -| rbac | object | `{"aggregateTo":[],"enabled":true,"namespaced":false,"secretResourceNames":[]}` | Whether Role Based Access Control objects like roles and rolebindings should be created | -| readinessProbe.failureThreshold | int | `1` | The number of consecutive failures allowed before considering the probe as failed. | -| readinessProbe.initialDelaySeconds | int | `2` | The number of seconds to wait before starting the first probe. | -| readinessProbe.periodSeconds | int | `10` | The number of seconds to wait between consecutive probes. | -| readinessProbe.successThreshold | int | `1` | The minimum consecutive successes required to consider the probe successful. | -| readinessProbe.timeoutSeconds | int | `2` | The number of seconds to wait for a probe response before considering it as failed. | -| resources | object | `{}` | [Resources](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) for `traefik` container. | -| securityContext | object | See _values.yaml_ | [SecurityContext](https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#security-context-1) | -| service.additionalServices | object | `{}` | | -| service.annotations | object | `{}` | Additional annotations applied to both TCP and UDP services (e.g. for cloud provider specific config) | -| service.annotationsTCP | object | `{}` | Additional annotations for TCP service only | -| service.annotationsUDP | object | `{}` | Additional annotations for UDP service only | -| service.enabled | bool | `true` | | -| service.externalIPs | list | `[]` | | -| service.labels | object | `{}` | Additional service labels (e.g. for filtering Service by custom labels) | -| service.loadBalancerSourceRanges | list | `[]` | | -| service.single | bool | `true` | | -| service.spec | object | `{}` | Cannot contain type, selector or ports entries. | -| service.type | string | `"LoadBalancer"` | | -| serviceAccount | object | `{"name":""}` | The service account the pods will use to interact with the Kubernetes API | -| serviceAccountAnnotations | object | `{}` | Additional serviceAccount annotations (e.g. for oidc authentication) | -| startupProbe | object | `{}` | Define [Startup Probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#define-startup-probes) | -| tlsOptions | object | `{}` | TLS Options are created as [TLSOption CRDs](https://doc.traefik.io/traefik/https/tls/#tls-options) When using `labelSelector`, you'll need to set labels on tlsOption accordingly. See EXAMPLE.md for details. | -| tlsStore | object | `{}` | TLS Store are created as [TLSStore CRDs](https://doc.traefik.io/traefik/https/tls/#default-certificate). This is useful if you want to set a default certificate. See EXAMPLE.md for details. | -| tolerations | list | `[]` | Tolerations allow the scheduler to schedule pods with matching taints. | -| topologySpreadConstraints | list | `[]` | You can use topology spread constraints to control how Pods are spread across your cluster among failure-domains. | -| tracing | object | `{"addInternals":false,"otlp":{"enabled":false,"grpc":{"enabled":false,"endpoint":"","insecure":false,"tls":{"ca":"","cert":"","insecureSkipVerify":false,"key":""}},"http":{"enabled":false,"endpoint":"","headers":{},"tls":{"ca":"","cert":"","insecureSkipVerify":false,"key":""}}}}` | https://doc.traefik.io/traefik/observability/tracing/overview/ | -| tracing.addInternals | bool | `false` | Enables tracing for internal resources. Default: false. | -| tracing.otlp.enabled | bool | `false` | See https://doc.traefik.io/traefik/v3.0/observability/tracing/opentelemetry/ | -| tracing.otlp.grpc.enabled | bool | `false` | Set to true in order to send metrics to the OpenTelemetry Collector using gRPC | -| tracing.otlp.grpc.endpoint | string | `""` | Format: ://:. Default: http://localhost:4318/v1/metrics | -| tracing.otlp.grpc.insecure | bool | `false` | Allows reporter to send metrics to the OpenTelemetry Collector without using a secured protocol. | -| tracing.otlp.grpc.tls.ca | string | `""` | The path to the certificate authority, it defaults to the system bundle. | -| tracing.otlp.grpc.tls.cert | string | `""` | The path to the public certificate. When using this option, setting the key option is required. | -| tracing.otlp.grpc.tls.insecureSkipVerify | bool | `false` | When set to true, the TLS connection accepts any certificate presented by the server regardless of the hostnames it covers. | -| tracing.otlp.grpc.tls.key | string | `""` | The path to the private key. When using this option, setting the cert option is required. | -| tracing.otlp.http.enabled | bool | `false` | Set to true in order to send metrics to the OpenTelemetry Collector using HTTP. | -| tracing.otlp.http.endpoint | string | `""` | Format: ://:. Default: http://localhost:4318/v1/metrics | -| tracing.otlp.http.headers | object | `{}` | Additional headers sent with metrics by the reporter to the OpenTelemetry Collector. | -| tracing.otlp.http.tls.ca | string | `""` | The path to the certificate authority, it defaults to the system bundle. | -| tracing.otlp.http.tls.cert | string | `""` | The path to the public certificate. When using this option, setting the key option is required. | -| tracing.otlp.http.tls.insecureSkipVerify | bool | `false` | When set to true, the TLS connection accepts any certificate presented by the server regardless of the hostnames it covers. | -| tracing.otlp.http.tls.key | string | `""` | The path to the private key. When using this option, setting the cert option is required. | -| updateStrategy.rollingUpdate.maxSurge | int | `1` | | -| updateStrategy.rollingUpdate.maxUnavailable | int | `0` | | -| updateStrategy.type | string | `"RollingUpdate"` | Customize updateStrategy of Deployment or DaemonSet | -| volumes | list | `[]` | Add volumes to the traefik pod. The volume name will be passed to tpl. This can be used to mount a cert pair or a configmap that holds a config.toml file. After the volume has been mounted, add the configs into traefik by using the `additionalArguments` list below, eg: `additionalArguments: - "--providers.file.filename=/config/dynamic.toml" - "--ping" - "--ping.entrypoint=web"` | - ----------------------------------------------- -Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2) diff --git a/charts/traefik/traefik/crds/gateway-standard-install-v1.2.0.yaml b/charts/traefik/traefik/crds/gateway-standard-install-v1.2.0.yaml deleted file mode 100644 index 0efb1ac..0000000 --- a/charts/traefik/traefik/crds/gateway-standard-install-v1.2.0.yaml +++ /dev/null @@ -1,10345 +0,0 @@ -# Copyright 2024 The Kubernetes Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# -# Gateway API Standard channel install -# ---- -# -# config/crd/standard/gateway.networking.k8s.io_gatewayclasses.yaml -# -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - api-approved.kubernetes.io: https://github.com/kubernetes-sigs/gateway-api/pull/3328 - gateway.networking.k8s.io/bundle-version: v1.2.0 - gateway.networking.k8s.io/channel: standard - creationTimestamp: null - name: gatewayclasses.gateway.networking.k8s.io -spec: - group: gateway.networking.k8s.io - names: - categories: - - gateway-api - kind: GatewayClass - listKind: GatewayClassList - plural: gatewayclasses - shortNames: - - gc - singular: gatewayclass - scope: Cluster - versions: - - additionalPrinterColumns: - - jsonPath: .spec.controllerName - name: Controller - type: string - - jsonPath: .status.conditions[?(@.type=="Accepted")].status - name: Accepted - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .spec.description - name: Description - priority: 1 - type: string - name: v1 - schema: - openAPIV3Schema: - description: |- - GatewayClass describes a class of Gateways available to the user for creating - Gateway resources. - - It is recommended that this resource be used as a template for Gateways. This - means that a Gateway is based on the state of the GatewayClass at the time it - was created and changes to the GatewayClass or associated parameters are not - propagated down to existing Gateways. This recommendation is intended to - limit the blast radius of changes to GatewayClass or associated parameters. - If implementations choose to propagate GatewayClass changes to existing - Gateways, that MUST be clearly documented by the implementation. - - Whenever one or more Gateways are using a GatewayClass, implementations SHOULD - add the `gateway-exists-finalizer.gateway.networking.k8s.io` finalizer on the - associated GatewayClass. This ensures that a GatewayClass associated with a - Gateway is not deleted while in use. - - GatewayClass is a Cluster level resource. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: Spec defines the desired state of GatewayClass. - properties: - controllerName: - description: |- - ControllerName is the name of the controller that is managing Gateways of - this class. The value of this field MUST be a domain prefixed path. - - Example: "example.net/gateway-controller". - - This field is not mutable and cannot be empty. - - Support: Core - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9\/\-._~%!$&'()*+,;=:]+$ - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - description: - description: Description helps describe a GatewayClass with more details. - maxLength: 64 - type: string - parametersRef: - description: |- - ParametersRef is a reference to a resource that contains the configuration - parameters corresponding to the GatewayClass. This is optional if the - controller does not require any additional configuration. - - ParametersRef can reference a standard Kubernetes resource, i.e. ConfigMap, - or an implementation-specific custom resource. The resource can be - cluster-scoped or namespace-scoped. - - If the referent cannot be found, refers to an unsupported kind, or when - the data within that resource is malformed, the GatewayClass SHOULD be - rejected with the "Accepted" status condition set to "False" and an - "InvalidParameters" reason. - - A Gateway for this GatewayClass may provide its own `parametersRef`. When both are specified, - the merging behavior is implementation specific. - It is generally recommended that GatewayClass provides defaults that can be overridden by a Gateway. - - Support: Implementation-specific - properties: - group: - description: Group is the group of the referent. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - description: Kind is kind of the referent. - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: |- - Namespace is the namespace of the referent. - This field is required when referring to a Namespace-scoped resource and - MUST be unset when referring to a Cluster-scoped resource. - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - required: - - group - - kind - - name - type: object - required: - - controllerName - type: object - status: - default: - conditions: - - lastTransitionTime: "1970-01-01T00:00:00Z" - message: Waiting for controller - reason: Pending - status: Unknown - type: Accepted - description: |- - Status defines the current state of GatewayClass. - - Implementations MUST populate status on all GatewayClass resources which - specify their controller name. - properties: - conditions: - default: - - lastTransitionTime: "1970-01-01T00:00:00Z" - message: Waiting for controller - reason: Pending - status: Unknown - type: Accepted - description: |- - Conditions is the current status from the controller for - this GatewayClass. - - Controllers should prefer to publish conditions using values - of GatewayClassConditionType for the type of each Condition. - items: - description: Condition contains details for one aspect of the current - state of this API Resource. - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - maxItems: 8 - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .spec.controllerName - name: Controller - type: string - - jsonPath: .status.conditions[?(@.type=="Accepted")].status - name: Accepted - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .spec.description - name: Description - priority: 1 - type: string - name: v1beta1 - schema: - openAPIV3Schema: - description: |- - GatewayClass describes a class of Gateways available to the user for creating - Gateway resources. - - It is recommended that this resource be used as a template for Gateways. This - means that a Gateway is based on the state of the GatewayClass at the time it - was created and changes to the GatewayClass or associated parameters are not - propagated down to existing Gateways. This recommendation is intended to - limit the blast radius of changes to GatewayClass or associated parameters. - If implementations choose to propagate GatewayClass changes to existing - Gateways, that MUST be clearly documented by the implementation. - - Whenever one or more Gateways are using a GatewayClass, implementations SHOULD - add the `gateway-exists-finalizer.gateway.networking.k8s.io` finalizer on the - associated GatewayClass. This ensures that a GatewayClass associated with a - Gateway is not deleted while in use. - - GatewayClass is a Cluster level resource. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: Spec defines the desired state of GatewayClass. - properties: - controllerName: - description: |- - ControllerName is the name of the controller that is managing Gateways of - this class. The value of this field MUST be a domain prefixed path. - - Example: "example.net/gateway-controller". - - This field is not mutable and cannot be empty. - - Support: Core - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9\/\-._~%!$&'()*+,;=:]+$ - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - description: - description: Description helps describe a GatewayClass with more details. - maxLength: 64 - type: string - parametersRef: - description: |- - ParametersRef is a reference to a resource that contains the configuration - parameters corresponding to the GatewayClass. This is optional if the - controller does not require any additional configuration. - - ParametersRef can reference a standard Kubernetes resource, i.e. ConfigMap, - or an implementation-specific custom resource. The resource can be - cluster-scoped or namespace-scoped. - - If the referent cannot be found, refers to an unsupported kind, or when - the data within that resource is malformed, the GatewayClass SHOULD be - rejected with the "Accepted" status condition set to "False" and an - "InvalidParameters" reason. - - A Gateway for this GatewayClass may provide its own `parametersRef`. When both are specified, - the merging behavior is implementation specific. - It is generally recommended that GatewayClass provides defaults that can be overridden by a Gateway. - - Support: Implementation-specific - properties: - group: - description: Group is the group of the referent. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - description: Kind is kind of the referent. - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: |- - Namespace is the namespace of the referent. - This field is required when referring to a Namespace-scoped resource and - MUST be unset when referring to a Cluster-scoped resource. - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - required: - - group - - kind - - name - type: object - required: - - controllerName - type: object - status: - default: - conditions: - - lastTransitionTime: "1970-01-01T00:00:00Z" - message: Waiting for controller - reason: Pending - status: Unknown - type: Accepted - description: |- - Status defines the current state of GatewayClass. - - Implementations MUST populate status on all GatewayClass resources which - specify their controller name. - properties: - conditions: - default: - - lastTransitionTime: "1970-01-01T00:00:00Z" - message: Waiting for controller - reason: Pending - status: Unknown - type: Accepted - description: |- - Conditions is the current status from the controller for - this GatewayClass. - - Controllers should prefer to publish conditions using values - of GatewayClassConditionType for the type of each Condition. - items: - description: Condition contains details for one aspect of the current - state of this API Resource. - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - maxItems: 8 - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - type: object - required: - - spec - type: object - served: true - storage: false - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: null - storedVersions: null ---- -# -# config/crd/standard/gateway.networking.k8s.io_gateways.yaml -# -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - api-approved.kubernetes.io: https://github.com/kubernetes-sigs/gateway-api/pull/3328 - gateway.networking.k8s.io/bundle-version: v1.2.0 - gateway.networking.k8s.io/channel: standard - creationTimestamp: null - name: gateways.gateway.networking.k8s.io -spec: - group: gateway.networking.k8s.io - names: - categories: - - gateway-api - kind: Gateway - listKind: GatewayList - plural: gateways - shortNames: - - gtw - singular: gateway - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .spec.gatewayClassName - name: Class - type: string - - jsonPath: .status.addresses[*].value - name: Address - type: string - - jsonPath: .status.conditions[?(@.type=="Programmed")].status - name: Programmed - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1 - schema: - openAPIV3Schema: - description: |- - Gateway represents an instance of a service-traffic handling infrastructure - by binding Listeners to a set of IP addresses. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: Spec defines the desired state of Gateway. - properties: - addresses: - description: |+ - Addresses requested for this Gateway. This is optional and behavior can - depend on the implementation. If a value is set in the spec and the - requested address is invalid or unavailable, the implementation MUST - indicate this in the associated entry in GatewayStatus.Addresses. - - The Addresses field represents a request for the address(es) on the - "outside of the Gateway", that traffic bound for this Gateway will use. - This could be the IP address or hostname of an external load balancer or - other networking infrastructure, or some other address that traffic will - be sent to. - - If no Addresses are specified, the implementation MAY schedule the - Gateway in an implementation-specific manner, assigning an appropriate - set of Addresses. - - The implementation MUST bind all Listeners to every GatewayAddress that - it assigns to the Gateway and add a corresponding entry in - GatewayStatus.Addresses. - - Support: Extended - - items: - description: GatewayAddress describes an address that can be bound - to a Gateway. - oneOf: - - properties: - type: - enum: - - IPAddress - value: - anyOf: - - format: ipv4 - - format: ipv6 - - properties: - type: - not: - enum: - - IPAddress - properties: - type: - default: IPAddress - description: Type of the address. - maxLength: 253 - minLength: 1 - pattern: ^Hostname|IPAddress|NamedAddress|[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9\/\-._~%!$&'()*+,;=:]+$ - type: string - value: - description: |- - Value of the address. The validity of the values will depend - on the type and support by the controller. - - Examples: `1.2.3.4`, `128::1`, `my-ip-address`. - maxLength: 253 - minLength: 1 - type: string - required: - - value - type: object - x-kubernetes-validations: - - message: Hostname value must only contain valid characters (matching - ^(\*\.)?[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$) - rule: 'self.type == ''Hostname'' ? self.value.matches(r"""^(\*\.)?[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$"""): - true' - maxItems: 16 - type: array - x-kubernetes-validations: - - message: IPAddress values must be unique - rule: 'self.all(a1, a1.type == ''IPAddress'' ? self.exists_one(a2, - a2.type == a1.type && a2.value == a1.value) : true )' - - message: Hostname values must be unique - rule: 'self.all(a1, a1.type == ''Hostname'' ? self.exists_one(a2, - a2.type == a1.type && a2.value == a1.value) : true )' - gatewayClassName: - description: |- - GatewayClassName used for this Gateway. This is the name of a - GatewayClass resource. - maxLength: 253 - minLength: 1 - type: string - infrastructure: - description: |- - Infrastructure defines infrastructure level attributes about this Gateway instance. - - Support: Extended - properties: - annotations: - additionalProperties: - description: |- - AnnotationValue is the value of an annotation in Gateway API. This is used - for validation of maps such as TLS options. This roughly matches Kubernetes - annotation validation, although the length validation in that case is based - on the entire size of the annotations struct. - maxLength: 4096 - minLength: 0 - type: string - description: |- - Annotations that SHOULD be applied to any resources created in response to this Gateway. - - For implementations creating other Kubernetes objects, this should be the `metadata.annotations` field on resources. - For other implementations, this refers to any relevant (implementation specific) "annotations" concepts. - - An implementation may chose to add additional implementation-specific annotations as they see fit. - - Support: Extended - maxProperties: 8 - type: object - x-kubernetes-validations: - - message: Annotation keys must be in the form of an optional - DNS subdomain prefix followed by a required name segment of - up to 63 characters. - rule: self.all(key, key.matches(r"""^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?([A-Za-z0-9][-A-Za-z0-9_.]{0,61})?[A-Za-z0-9]$""")) - - message: If specified, the annotation key's prefix must be a - DNS subdomain not longer than 253 characters in total. - rule: self.all(key, key.split("/")[0].size() < 253) - labels: - additionalProperties: - description: |- - LabelValue is the value of a label in the Gateway API. This is used for validation - of maps such as Gateway infrastructure labels. This matches the Kubernetes - label validation rules: - * must be 63 characters or less (can be empty), - * unless empty, must begin and end with an alphanumeric character ([a-z0-9A-Z]), - * could contain dashes (-), underscores (_), dots (.), and alphanumerics between. - - Valid values include: - - * MyValue - * my.name - * 123-my-value - maxLength: 63 - minLength: 0 - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - description: |- - Labels that SHOULD be applied to any resources created in response to this Gateway. - - For implementations creating other Kubernetes objects, this should be the `metadata.labels` field on resources. - For other implementations, this refers to any relevant (implementation specific) "labels" concepts. - - An implementation may chose to add additional implementation-specific labels as they see fit. - - If an implementation maps these labels to Pods, or any other resource that would need to be recreated when labels - change, it SHOULD clearly warn about this behavior in documentation. - - Support: Extended - maxProperties: 8 - type: object - x-kubernetes-validations: - - message: Label keys must be in the form of an optional DNS subdomain - prefix followed by a required name segment of up to 63 characters. - rule: self.all(key, key.matches(r"""^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?([A-Za-z0-9][-A-Za-z0-9_.]{0,61})?[A-Za-z0-9]$""")) - - message: If specified, the label key's prefix must be a DNS - subdomain not longer than 253 characters in total. - rule: self.all(key, key.split("/")[0].size() < 253) - parametersRef: - description: |- - ParametersRef is a reference to a resource that contains the configuration - parameters corresponding to the Gateway. This is optional if the - controller does not require any additional configuration. - - This follows the same semantics as GatewayClass's `parametersRef`, but on a per-Gateway basis - - The Gateway's GatewayClass may provide its own `parametersRef`. When both are specified, - the merging behavior is implementation specific. - It is generally recommended that GatewayClass provides defaults that can be overridden by a Gateway. - - Support: Implementation-specific - properties: - group: - description: Group is the group of the referent. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - description: Kind is kind of the referent. - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - required: - - group - - kind - - name - type: object - type: object - listeners: - description: |- - Listeners associated with this Gateway. Listeners define - logical endpoints that are bound on this Gateway's addresses. - At least one Listener MUST be specified. - - Each Listener in a set of Listeners (for example, in a single Gateway) - MUST be _distinct_, in that a traffic flow MUST be able to be assigned to - exactly one listener. (This section uses "set of Listeners" rather than - "Listeners in a single Gateway" because implementations MAY merge configuration - from multiple Gateways onto a single data plane, and these rules _also_ - apply in that case). - - Practically, this means that each listener in a set MUST have a unique - combination of Port, Protocol, and, if supported by the protocol, Hostname. - - Some combinations of port, protocol, and TLS settings are considered - Core support and MUST be supported by implementations based on their - targeted conformance profile: - - HTTP Profile - - 1. HTTPRoute, Port: 80, Protocol: HTTP - 2. HTTPRoute, Port: 443, Protocol: HTTPS, TLS Mode: Terminate, TLS keypair provided - - TLS Profile - - 1. TLSRoute, Port: 443, Protocol: TLS, TLS Mode: Passthrough - - "Distinct" Listeners have the following property: - - The implementation can match inbound requests to a single distinct - Listener. When multiple Listeners share values for fields (for - example, two Listeners with the same Port value), the implementation - can match requests to only one of the Listeners using other - Listener fields. - - For example, the following Listener scenarios are distinct: - - 1. Multiple Listeners with the same Port that all use the "HTTP" - Protocol that all have unique Hostname values. - 2. Multiple Listeners with the same Port that use either the "HTTPS" or - "TLS" Protocol that all have unique Hostname values. - 3. A mixture of "TCP" and "UDP" Protocol Listeners, where no Listener - with the same Protocol has the same Port value. - - Some fields in the Listener struct have possible values that affect - whether the Listener is distinct. Hostname is particularly relevant - for HTTP or HTTPS protocols. - - When using the Hostname value to select between same-Port, same-Protocol - Listeners, the Hostname value must be different on each Listener for the - Listener to be distinct. - - When the Listeners are distinct based on Hostname, inbound request - hostnames MUST match from the most specific to least specific Hostname - values to choose the correct Listener and its associated set of Routes. - - Exact matches must be processed before wildcard matches, and wildcard - matches must be processed before fallback (empty Hostname value) - matches. For example, `"foo.example.com"` takes precedence over - `"*.example.com"`, and `"*.example.com"` takes precedence over `""`. - - Additionally, if there are multiple wildcard entries, more specific - wildcard entries must be processed before less specific wildcard entries. - For example, `"*.foo.example.com"` takes precedence over `"*.example.com"`. - The precise definition here is that the higher the number of dots in the - hostname to the right of the wildcard character, the higher the precedence. - - The wildcard character will match any number of characters _and dots_ to - the left, however, so `"*.example.com"` will match both - `"foo.bar.example.com"` _and_ `"bar.example.com"`. - - If a set of Listeners contains Listeners that are not distinct, then those - Listeners are Conflicted, and the implementation MUST set the "Conflicted" - condition in the Listener Status to "True". - - Implementations MAY choose to accept a Gateway with some Conflicted - Listeners only if they only accept the partial Listener set that contains - no Conflicted Listeners. To put this another way, implementations may - accept a partial Listener set only if they throw out *all* the conflicting - Listeners. No picking one of the conflicting listeners as the winner. - This also means that the Gateway must have at least one non-conflicting - Listener in this case, otherwise it violates the requirement that at - least one Listener must be present. - - The implementation MUST set a "ListenersNotValid" condition on the - Gateway Status when the Gateway contains Conflicted Listeners whether or - not they accept the Gateway. That Condition SHOULD clearly - indicate in the Message which Listeners are conflicted, and which are - Accepted. Additionally, the Listener status for those listeners SHOULD - indicate which Listeners are conflicted and not Accepted. - - A Gateway's Listeners are considered "compatible" if: - - 1. They are distinct. - 2. The implementation can serve them in compliance with the Addresses - requirement that all Listeners are available on all assigned - addresses. - - Compatible combinations in Extended support are expected to vary across - implementations. A combination that is compatible for one implementation - may not be compatible for another. - - For example, an implementation that cannot serve both TCP and UDP listeners - on the same address, or cannot mix HTTPS and generic TLS listens on the same port - would not consider those cases compatible, even though they are distinct. - - Note that requests SHOULD match at most one Listener. For example, if - Listeners are defined for "foo.example.com" and "*.example.com", a - request to "foo.example.com" SHOULD only be routed using routes attached - to the "foo.example.com" Listener (and not the "*.example.com" Listener). - This concept is known as "Listener Isolation". Implementations that do - not support Listener Isolation MUST clearly document this. - - Implementations MAY merge separate Gateways onto a single set of - Addresses if all Listeners across all Gateways are compatible. - - Support: Core - items: - description: |- - Listener embodies the concept of a logical endpoint where a Gateway accepts - network connections. - properties: - allowedRoutes: - default: - namespaces: - from: Same - description: |- - AllowedRoutes defines the types of routes that MAY be attached to a - Listener and the trusted namespaces where those Route resources MAY be - present. - - Although a client request may match multiple route rules, only one rule - may ultimately receive the request. Matching precedence MUST be - determined in order of the following criteria: - - * The most specific match as defined by the Route type. - * The oldest Route based on creation timestamp. For example, a Route with - a creation timestamp of "2020-09-08 01:02:03" is given precedence over - a Route with a creation timestamp of "2020-09-08 01:02:04". - * If everything else is equivalent, the Route appearing first in - alphabetical order (namespace/name) should be given precedence. For - example, foo/bar is given precedence over foo/baz. - - All valid rules within a Route attached to this Listener should be - implemented. Invalid Route rules can be ignored (sometimes that will mean - the full Route). If a Route rule transitions from valid to invalid, - support for that Route rule should be dropped to ensure consistency. For - example, even if a filter specified by a Route rule is invalid, the rest - of the rules within that Route should still be supported. - - Support: Core - properties: - kinds: - description: |- - Kinds specifies the groups and kinds of Routes that are allowed to bind - to this Gateway Listener. When unspecified or empty, the kinds of Routes - selected are determined using the Listener protocol. - - A RouteGroupKind MUST correspond to kinds of Routes that are compatible - with the application protocol specified in the Listener's Protocol field. - If an implementation does not support or recognize this resource type, it - MUST set the "ResolvedRefs" condition to False for this Listener with the - "InvalidRouteKinds" reason. - - Support: Core - items: - description: RouteGroupKind indicates the group and kind - of a Route resource. - properties: - group: - default: gateway.networking.k8s.io - description: Group is the group of the Route. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - description: Kind is the kind of the Route. - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - required: - - kind - type: object - maxItems: 8 - type: array - namespaces: - default: - from: Same - description: |- - Namespaces indicates namespaces from which Routes may be attached to this - Listener. This is restricted to the namespace of this Gateway by default. - - Support: Core - properties: - from: - default: Same - description: |- - From indicates where Routes will be selected for this Gateway. Possible - values are: - - * All: Routes in all namespaces may be used by this Gateway. - * Selector: Routes in namespaces selected by the selector may be used by - this Gateway. - * Same: Only Routes in the same namespace may be used by this Gateway. - - Support: Core - enum: - - All - - Selector - - Same - type: string - selector: - description: |- - Selector must be specified when From is set to "Selector". In that case, - only Routes in Namespaces matching this Selector will be selected by this - Gateway. This field is ignored for other values of "From". - - Support: Core - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the - selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - type: object - type: object - hostname: - description: |- - Hostname specifies the virtual hostname to match for protocol types that - define this concept. When unspecified, all hostnames are matched. This - field is ignored for protocols that don't require hostname based - matching. - - Implementations MUST apply Hostname matching appropriately for each of - the following protocols: - - * TLS: The Listener Hostname MUST match the SNI. - * HTTP: The Listener Hostname MUST match the Host header of the request. - * HTTPS: The Listener Hostname SHOULD match at both the TLS and HTTP - protocol layers as described above. If an implementation does not - ensure that both the SNI and Host header match the Listener hostname, - it MUST clearly document that. - - For HTTPRoute and TLSRoute resources, there is an interaction with the - `spec.hostnames` array. When both listener and route specify hostnames, - there MUST be an intersection between the values for a Route to be - accepted. For more information, refer to the Route specific Hostnames - documentation. - - Hostnames that are prefixed with a wildcard label (`*.`) are interpreted - as a suffix match. That means that a match for `*.example.com` would match - both `test.example.com`, and `foo.test.example.com`, but not `example.com`. - - Support: Core - maxLength: 253 - minLength: 1 - pattern: ^(\*\.)?[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - name: - description: |- - Name is the name of the Listener. This name MUST be unique within a - Gateway. - - Support: Core - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - port: - description: |- - Port is the network port. Multiple listeners may use the - same port, subject to the Listener compatibility rules. - - Support: Core - format: int32 - maximum: 65535 - minimum: 1 - type: integer - protocol: - description: |- - Protocol specifies the network protocol this listener expects to receive. - - Support: Core - maxLength: 255 - minLength: 1 - pattern: ^[a-zA-Z0-9]([-a-zA-Z0-9]*[a-zA-Z0-9])?$|[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9]+$ - type: string - tls: - description: |- - TLS is the TLS configuration for the Listener. This field is required if - the Protocol field is "HTTPS" or "TLS". It is invalid to set this field - if the Protocol field is "HTTP", "TCP", or "UDP". - - The association of SNIs to Certificate defined in GatewayTLSConfig is - defined based on the Hostname field for this listener. - - The GatewayClass MUST use the longest matching SNI out of all - available certificates for any TLS handshake. - - Support: Core - properties: - certificateRefs: - description: |- - CertificateRefs contains a series of references to Kubernetes objects that - contains TLS certificates and private keys. These certificates are used to - establish a TLS handshake for requests that match the hostname of the - associated listener. - - A single CertificateRef to a Kubernetes Secret has "Core" support. - Implementations MAY choose to support attaching multiple certificates to - a Listener, but this behavior is implementation-specific. - - References to a resource in different namespace are invalid UNLESS there - is a ReferenceGrant in the target namespace that allows the certificate - to be attached. If a ReferenceGrant does not allow this reference, the - "ResolvedRefs" condition MUST be set to False for this listener with the - "RefNotPermitted" reason. - - This field is required to have at least one element when the mode is set - to "Terminate" (default) and is optional otherwise. - - CertificateRefs can reference to standard Kubernetes resources, i.e. - Secret, or implementation-specific custom resources. - - Support: Core - A single reference to a Kubernetes Secret of type kubernetes.io/tls - - Support: Implementation-specific (More than one reference or other resource types) - items: - description: |- - SecretObjectReference identifies an API object including its namespace, - defaulting to Secret. - - The API object must be valid in the cluster; the Group and Kind must - be registered in the cluster for this reference to be valid. - - References to objects with invalid Group and Kind are not valid, and must - be rejected by the implementation, with appropriate Conditions set - on the containing object. - properties: - group: - default: "" - description: |- - Group is the group of the referent. For example, "gateway.networking.k8s.io". - When unspecified or empty string, core API group is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Secret - description: Kind is kind of the referent. For example - "Secret". - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: |- - Namespace is the namespace of the referenced object. When unspecified, the local - namespace is inferred. - - Note that when a namespace different than the local namespace is specified, - a ReferenceGrant object is required in the referent namespace to allow that - namespace's owner to accept the reference. See the ReferenceGrant - documentation for details. - - Support: Core - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - required: - - name - type: object - maxItems: 64 - type: array - mode: - default: Terminate - description: |- - Mode defines the TLS behavior for the TLS session initiated by the client. - There are two possible modes: - - - Terminate: The TLS session between the downstream client and the - Gateway is terminated at the Gateway. This mode requires certificates - to be specified in some way, such as populating the certificateRefs - field. - - Passthrough: The TLS session is NOT terminated by the Gateway. This - implies that the Gateway can't decipher the TLS stream except for - the ClientHello message of the TLS protocol. The certificateRefs field - is ignored in this mode. - - Support: Core - enum: - - Terminate - - Passthrough - type: string - options: - additionalProperties: - description: |- - AnnotationValue is the value of an annotation in Gateway API. This is used - for validation of maps such as TLS options. This roughly matches Kubernetes - annotation validation, although the length validation in that case is based - on the entire size of the annotations struct. - maxLength: 4096 - minLength: 0 - type: string - description: |- - Options are a list of key/value pairs to enable extended TLS - configuration for each implementation. For example, configuring the - minimum TLS version or supported cipher suites. - - A set of common keys MAY be defined by the API in the future. To avoid - any ambiguity, implementation-specific definitions MUST use - domain-prefixed names, such as `example.com/my-custom-option`. - Un-prefixed names are reserved for key names defined by Gateway API. - - Support: Implementation-specific - maxProperties: 16 - type: object - type: object - x-kubernetes-validations: - - message: certificateRefs or options must be specified when - mode is Terminate - rule: 'self.mode == ''Terminate'' ? size(self.certificateRefs) - > 0 || size(self.options) > 0 : true' - required: - - name - - port - - protocol - type: object - maxItems: 64 - minItems: 1 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - x-kubernetes-validations: - - message: tls must not be specified for protocols ['HTTP', 'TCP', - 'UDP'] - rule: 'self.all(l, l.protocol in [''HTTP'', ''TCP'', ''UDP''] ? - !has(l.tls) : true)' - - message: tls mode must be Terminate for protocol HTTPS - rule: 'self.all(l, (l.protocol == ''HTTPS'' && has(l.tls)) ? (l.tls.mode - == '''' || l.tls.mode == ''Terminate'') : true)' - - message: hostname must not be specified for protocols ['TCP', 'UDP'] - rule: 'self.all(l, l.protocol in [''TCP'', ''UDP''] ? (!has(l.hostname) - || l.hostname == '''') : true)' - - message: Listener name must be unique within the Gateway - rule: self.all(l1, self.exists_one(l2, l1.name == l2.name)) - - message: Combination of port, protocol and hostname must be unique - for each listener - rule: 'self.all(l1, self.exists_one(l2, l1.port == l2.port && l1.protocol - == l2.protocol && (has(l1.hostname) && has(l2.hostname) ? l1.hostname - == l2.hostname : !has(l1.hostname) && !has(l2.hostname))))' - required: - - gatewayClassName - - listeners - type: object - status: - default: - conditions: - - lastTransitionTime: "1970-01-01T00:00:00Z" - message: Waiting for controller - reason: Pending - status: Unknown - type: Accepted - - lastTransitionTime: "1970-01-01T00:00:00Z" - message: Waiting for controller - reason: Pending - status: Unknown - type: Programmed - description: Status defines the current state of Gateway. - properties: - addresses: - description: |+ - Addresses lists the network addresses that have been bound to the - Gateway. - - This list may differ from the addresses provided in the spec under some - conditions: - - * no addresses are specified, all addresses are dynamically assigned - * a combination of specified and dynamic addresses are assigned - * a specified address was unusable (e.g. already in use) - - items: - description: GatewayStatusAddress describes a network address that - is bound to a Gateway. - oneOf: - - properties: - type: - enum: - - IPAddress - value: - anyOf: - - format: ipv4 - - format: ipv6 - - properties: - type: - not: - enum: - - IPAddress - properties: - type: - default: IPAddress - description: Type of the address. - maxLength: 253 - minLength: 1 - pattern: ^Hostname|IPAddress|NamedAddress|[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9\/\-._~%!$&'()*+,;=:]+$ - type: string - value: - description: |- - Value of the address. The validity of the values will depend - on the type and support by the controller. - - Examples: `1.2.3.4`, `128::1`, `my-ip-address`. - maxLength: 253 - minLength: 1 - type: string - required: - - value - type: object - x-kubernetes-validations: - - message: Hostname value must only contain valid characters (matching - ^(\*\.)?[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$) - rule: 'self.type == ''Hostname'' ? self.value.matches(r"""^(\*\.)?[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$"""): - true' - maxItems: 16 - type: array - conditions: - default: - - lastTransitionTime: "1970-01-01T00:00:00Z" - message: Waiting for controller - reason: Pending - status: Unknown - type: Accepted - - lastTransitionTime: "1970-01-01T00:00:00Z" - message: Waiting for controller - reason: Pending - status: Unknown - type: Programmed - description: |- - Conditions describe the current conditions of the Gateway. - - Implementations should prefer to express Gateway conditions - using the `GatewayConditionType` and `GatewayConditionReason` - constants so that operators and tools can converge on a common - vocabulary to describe Gateway state. - - Known condition types are: - - * "Accepted" - * "Programmed" - * "Ready" - items: - description: Condition contains details for one aspect of the current - state of this API Resource. - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - maxItems: 8 - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - listeners: - description: Listeners provide status for each unique listener port - defined in the Spec. - items: - description: ListenerStatus is the status associated with a Listener. - properties: - attachedRoutes: - description: |- - AttachedRoutes represents the total number of Routes that have been - successfully attached to this Listener. - - Successful attachment of a Route to a Listener is based solely on the - combination of the AllowedRoutes field on the corresponding Listener - and the Route's ParentRefs field. A Route is successfully attached to - a Listener when it is selected by the Listener's AllowedRoutes field - AND the Route has a valid ParentRef selecting the whole Gateway - resource or a specific Listener as a parent resource (more detail on - attachment semantics can be found in the documentation on the various - Route kinds ParentRefs fields). Listener or Route status does not impact - successful attachment, i.e. the AttachedRoutes field count MUST be set - for Listeners with condition Accepted: false and MUST count successfully - attached Routes that may themselves have Accepted: false conditions. - - Uses for this field include troubleshooting Route attachment and - measuring blast radius/impact of changes to a Listener. - format: int32 - type: integer - conditions: - description: Conditions describe the current condition of this - listener. - items: - description: Condition contains details for one aspect of - the current state of this API Resource. - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, - Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - maxItems: 8 - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - name: - description: Name is the name of the Listener that this status - corresponds to. - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - supportedKinds: - description: |- - SupportedKinds is the list indicating the Kinds supported by this - listener. This MUST represent the kinds an implementation supports for - that Listener configuration. - - If kinds are specified in Spec that are not supported, they MUST NOT - appear in this list and an implementation MUST set the "ResolvedRefs" - condition to "False" with the "InvalidRouteKinds" reason. If both valid - and invalid Route kinds are specified, the implementation MUST - reference the valid Route kinds that have been specified. - items: - description: RouteGroupKind indicates the group and kind of - a Route resource. - properties: - group: - default: gateway.networking.k8s.io - description: Group is the group of the Route. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - description: Kind is the kind of the Route. - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - required: - - kind - type: object - maxItems: 8 - type: array - required: - - attachedRoutes - - conditions - - name - - supportedKinds - type: object - maxItems: 64 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .spec.gatewayClassName - name: Class - type: string - - jsonPath: .status.addresses[*].value - name: Address - type: string - - jsonPath: .status.conditions[?(@.type=="Programmed")].status - name: Programmed - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1beta1 - schema: - openAPIV3Schema: - description: |- - Gateway represents an instance of a service-traffic handling infrastructure - by binding Listeners to a set of IP addresses. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: Spec defines the desired state of Gateway. - properties: - addresses: - description: |+ - Addresses requested for this Gateway. This is optional and behavior can - depend on the implementation. If a value is set in the spec and the - requested address is invalid or unavailable, the implementation MUST - indicate this in the associated entry in GatewayStatus.Addresses. - - The Addresses field represents a request for the address(es) on the - "outside of the Gateway", that traffic bound for this Gateway will use. - This could be the IP address or hostname of an external load balancer or - other networking infrastructure, or some other address that traffic will - be sent to. - - If no Addresses are specified, the implementation MAY schedule the - Gateway in an implementation-specific manner, assigning an appropriate - set of Addresses. - - The implementation MUST bind all Listeners to every GatewayAddress that - it assigns to the Gateway and add a corresponding entry in - GatewayStatus.Addresses. - - Support: Extended - - items: - description: GatewayAddress describes an address that can be bound - to a Gateway. - oneOf: - - properties: - type: - enum: - - IPAddress - value: - anyOf: - - format: ipv4 - - format: ipv6 - - properties: - type: - not: - enum: - - IPAddress - properties: - type: - default: IPAddress - description: Type of the address. - maxLength: 253 - minLength: 1 - pattern: ^Hostname|IPAddress|NamedAddress|[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9\/\-._~%!$&'()*+,;=:]+$ - type: string - value: - description: |- - Value of the address. The validity of the values will depend - on the type and support by the controller. - - Examples: `1.2.3.4`, `128::1`, `my-ip-address`. - maxLength: 253 - minLength: 1 - type: string - required: - - value - type: object - x-kubernetes-validations: - - message: Hostname value must only contain valid characters (matching - ^(\*\.)?[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$) - rule: 'self.type == ''Hostname'' ? self.value.matches(r"""^(\*\.)?[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$"""): - true' - maxItems: 16 - type: array - x-kubernetes-validations: - - message: IPAddress values must be unique - rule: 'self.all(a1, a1.type == ''IPAddress'' ? self.exists_one(a2, - a2.type == a1.type && a2.value == a1.value) : true )' - - message: Hostname values must be unique - rule: 'self.all(a1, a1.type == ''Hostname'' ? self.exists_one(a2, - a2.type == a1.type && a2.value == a1.value) : true )' - gatewayClassName: - description: |- - GatewayClassName used for this Gateway. This is the name of a - GatewayClass resource. - maxLength: 253 - minLength: 1 - type: string - infrastructure: - description: |- - Infrastructure defines infrastructure level attributes about this Gateway instance. - - Support: Extended - properties: - annotations: - additionalProperties: - description: |- - AnnotationValue is the value of an annotation in Gateway API. This is used - for validation of maps such as TLS options. This roughly matches Kubernetes - annotation validation, although the length validation in that case is based - on the entire size of the annotations struct. - maxLength: 4096 - minLength: 0 - type: string - description: |- - Annotations that SHOULD be applied to any resources created in response to this Gateway. - - For implementations creating other Kubernetes objects, this should be the `metadata.annotations` field on resources. - For other implementations, this refers to any relevant (implementation specific) "annotations" concepts. - - An implementation may chose to add additional implementation-specific annotations as they see fit. - - Support: Extended - maxProperties: 8 - type: object - x-kubernetes-validations: - - message: Annotation keys must be in the form of an optional - DNS subdomain prefix followed by a required name segment of - up to 63 characters. - rule: self.all(key, key.matches(r"""^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?([A-Za-z0-9][-A-Za-z0-9_.]{0,61})?[A-Za-z0-9]$""")) - - message: If specified, the annotation key's prefix must be a - DNS subdomain not longer than 253 characters in total. - rule: self.all(key, key.split("/")[0].size() < 253) - labels: - additionalProperties: - description: |- - LabelValue is the value of a label in the Gateway API. This is used for validation - of maps such as Gateway infrastructure labels. This matches the Kubernetes - label validation rules: - * must be 63 characters or less (can be empty), - * unless empty, must begin and end with an alphanumeric character ([a-z0-9A-Z]), - * could contain dashes (-), underscores (_), dots (.), and alphanumerics between. - - Valid values include: - - * MyValue - * my.name - * 123-my-value - maxLength: 63 - minLength: 0 - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - description: |- - Labels that SHOULD be applied to any resources created in response to this Gateway. - - For implementations creating other Kubernetes objects, this should be the `metadata.labels` field on resources. - For other implementations, this refers to any relevant (implementation specific) "labels" concepts. - - An implementation may chose to add additional implementation-specific labels as they see fit. - - If an implementation maps these labels to Pods, or any other resource that would need to be recreated when labels - change, it SHOULD clearly warn about this behavior in documentation. - - Support: Extended - maxProperties: 8 - type: object - x-kubernetes-validations: - - message: Label keys must be in the form of an optional DNS subdomain - prefix followed by a required name segment of up to 63 characters. - rule: self.all(key, key.matches(r"""^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?([A-Za-z0-9][-A-Za-z0-9_.]{0,61})?[A-Za-z0-9]$""")) - - message: If specified, the label key's prefix must be a DNS - subdomain not longer than 253 characters in total. - rule: self.all(key, key.split("/")[0].size() < 253) - parametersRef: - description: |- - ParametersRef is a reference to a resource that contains the configuration - parameters corresponding to the Gateway. This is optional if the - controller does not require any additional configuration. - - This follows the same semantics as GatewayClass's `parametersRef`, but on a per-Gateway basis - - The Gateway's GatewayClass may provide its own `parametersRef`. When both are specified, - the merging behavior is implementation specific. - It is generally recommended that GatewayClass provides defaults that can be overridden by a Gateway. - - Support: Implementation-specific - properties: - group: - description: Group is the group of the referent. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - description: Kind is kind of the referent. - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - required: - - group - - kind - - name - type: object - type: object - listeners: - description: |- - Listeners associated with this Gateway. Listeners define - logical endpoints that are bound on this Gateway's addresses. - At least one Listener MUST be specified. - - Each Listener in a set of Listeners (for example, in a single Gateway) - MUST be _distinct_, in that a traffic flow MUST be able to be assigned to - exactly one listener. (This section uses "set of Listeners" rather than - "Listeners in a single Gateway" because implementations MAY merge configuration - from multiple Gateways onto a single data plane, and these rules _also_ - apply in that case). - - Practically, this means that each listener in a set MUST have a unique - combination of Port, Protocol, and, if supported by the protocol, Hostname. - - Some combinations of port, protocol, and TLS settings are considered - Core support and MUST be supported by implementations based on their - targeted conformance profile: - - HTTP Profile - - 1. HTTPRoute, Port: 80, Protocol: HTTP - 2. HTTPRoute, Port: 443, Protocol: HTTPS, TLS Mode: Terminate, TLS keypair provided - - TLS Profile - - 1. TLSRoute, Port: 443, Protocol: TLS, TLS Mode: Passthrough - - "Distinct" Listeners have the following property: - - The implementation can match inbound requests to a single distinct - Listener. When multiple Listeners share values for fields (for - example, two Listeners with the same Port value), the implementation - can match requests to only one of the Listeners using other - Listener fields. - - For example, the following Listener scenarios are distinct: - - 1. Multiple Listeners with the same Port that all use the "HTTP" - Protocol that all have unique Hostname values. - 2. Multiple Listeners with the same Port that use either the "HTTPS" or - "TLS" Protocol that all have unique Hostname values. - 3. A mixture of "TCP" and "UDP" Protocol Listeners, where no Listener - with the same Protocol has the same Port value. - - Some fields in the Listener struct have possible values that affect - whether the Listener is distinct. Hostname is particularly relevant - for HTTP or HTTPS protocols. - - When using the Hostname value to select between same-Port, same-Protocol - Listeners, the Hostname value must be different on each Listener for the - Listener to be distinct. - - When the Listeners are distinct based on Hostname, inbound request - hostnames MUST match from the most specific to least specific Hostname - values to choose the correct Listener and its associated set of Routes. - - Exact matches must be processed before wildcard matches, and wildcard - matches must be processed before fallback (empty Hostname value) - matches. For example, `"foo.example.com"` takes precedence over - `"*.example.com"`, and `"*.example.com"` takes precedence over `""`. - - Additionally, if there are multiple wildcard entries, more specific - wildcard entries must be processed before less specific wildcard entries. - For example, `"*.foo.example.com"` takes precedence over `"*.example.com"`. - The precise definition here is that the higher the number of dots in the - hostname to the right of the wildcard character, the higher the precedence. - - The wildcard character will match any number of characters _and dots_ to - the left, however, so `"*.example.com"` will match both - `"foo.bar.example.com"` _and_ `"bar.example.com"`. - - If a set of Listeners contains Listeners that are not distinct, then those - Listeners are Conflicted, and the implementation MUST set the "Conflicted" - condition in the Listener Status to "True". - - Implementations MAY choose to accept a Gateway with some Conflicted - Listeners only if they only accept the partial Listener set that contains - no Conflicted Listeners. To put this another way, implementations may - accept a partial Listener set only if they throw out *all* the conflicting - Listeners. No picking one of the conflicting listeners as the winner. - This also means that the Gateway must have at least one non-conflicting - Listener in this case, otherwise it violates the requirement that at - least one Listener must be present. - - The implementation MUST set a "ListenersNotValid" condition on the - Gateway Status when the Gateway contains Conflicted Listeners whether or - not they accept the Gateway. That Condition SHOULD clearly - indicate in the Message which Listeners are conflicted, and which are - Accepted. Additionally, the Listener status for those listeners SHOULD - indicate which Listeners are conflicted and not Accepted. - - A Gateway's Listeners are considered "compatible" if: - - 1. They are distinct. - 2. The implementation can serve them in compliance with the Addresses - requirement that all Listeners are available on all assigned - addresses. - - Compatible combinations in Extended support are expected to vary across - implementations. A combination that is compatible for one implementation - may not be compatible for another. - - For example, an implementation that cannot serve both TCP and UDP listeners - on the same address, or cannot mix HTTPS and generic TLS listens on the same port - would not consider those cases compatible, even though they are distinct. - - Note that requests SHOULD match at most one Listener. For example, if - Listeners are defined for "foo.example.com" and "*.example.com", a - request to "foo.example.com" SHOULD only be routed using routes attached - to the "foo.example.com" Listener (and not the "*.example.com" Listener). - This concept is known as "Listener Isolation". Implementations that do - not support Listener Isolation MUST clearly document this. - - Implementations MAY merge separate Gateways onto a single set of - Addresses if all Listeners across all Gateways are compatible. - - Support: Core - items: - description: |- - Listener embodies the concept of a logical endpoint where a Gateway accepts - network connections. - properties: - allowedRoutes: - default: - namespaces: - from: Same - description: |- - AllowedRoutes defines the types of routes that MAY be attached to a - Listener and the trusted namespaces where those Route resources MAY be - present. - - Although a client request may match multiple route rules, only one rule - may ultimately receive the request. Matching precedence MUST be - determined in order of the following criteria: - - * The most specific match as defined by the Route type. - * The oldest Route based on creation timestamp. For example, a Route with - a creation timestamp of "2020-09-08 01:02:03" is given precedence over - a Route with a creation timestamp of "2020-09-08 01:02:04". - * If everything else is equivalent, the Route appearing first in - alphabetical order (namespace/name) should be given precedence. For - example, foo/bar is given precedence over foo/baz. - - All valid rules within a Route attached to this Listener should be - implemented. Invalid Route rules can be ignored (sometimes that will mean - the full Route). If a Route rule transitions from valid to invalid, - support for that Route rule should be dropped to ensure consistency. For - example, even if a filter specified by a Route rule is invalid, the rest - of the rules within that Route should still be supported. - - Support: Core - properties: - kinds: - description: |- - Kinds specifies the groups and kinds of Routes that are allowed to bind - to this Gateway Listener. When unspecified or empty, the kinds of Routes - selected are determined using the Listener protocol. - - A RouteGroupKind MUST correspond to kinds of Routes that are compatible - with the application protocol specified in the Listener's Protocol field. - If an implementation does not support or recognize this resource type, it - MUST set the "ResolvedRefs" condition to False for this Listener with the - "InvalidRouteKinds" reason. - - Support: Core - items: - description: RouteGroupKind indicates the group and kind - of a Route resource. - properties: - group: - default: gateway.networking.k8s.io - description: Group is the group of the Route. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - description: Kind is the kind of the Route. - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - required: - - kind - type: object - maxItems: 8 - type: array - namespaces: - default: - from: Same - description: |- - Namespaces indicates namespaces from which Routes may be attached to this - Listener. This is restricted to the namespace of this Gateway by default. - - Support: Core - properties: - from: - default: Same - description: |- - From indicates where Routes will be selected for this Gateway. Possible - values are: - - * All: Routes in all namespaces may be used by this Gateway. - * Selector: Routes in namespaces selected by the selector may be used by - this Gateway. - * Same: Only Routes in the same namespace may be used by this Gateway. - - Support: Core - enum: - - All - - Selector - - Same - type: string - selector: - description: |- - Selector must be specified when From is set to "Selector". In that case, - only Routes in Namespaces matching this Selector will be selected by this - Gateway. This field is ignored for other values of "From". - - Support: Core - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the - selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - type: object - type: object - hostname: - description: |- - Hostname specifies the virtual hostname to match for protocol types that - define this concept. When unspecified, all hostnames are matched. This - field is ignored for protocols that don't require hostname based - matching. - - Implementations MUST apply Hostname matching appropriately for each of - the following protocols: - - * TLS: The Listener Hostname MUST match the SNI. - * HTTP: The Listener Hostname MUST match the Host header of the request. - * HTTPS: The Listener Hostname SHOULD match at both the TLS and HTTP - protocol layers as described above. If an implementation does not - ensure that both the SNI and Host header match the Listener hostname, - it MUST clearly document that. - - For HTTPRoute and TLSRoute resources, there is an interaction with the - `spec.hostnames` array. When both listener and route specify hostnames, - there MUST be an intersection between the values for a Route to be - accepted. For more information, refer to the Route specific Hostnames - documentation. - - Hostnames that are prefixed with a wildcard label (`*.`) are interpreted - as a suffix match. That means that a match for `*.example.com` would match - both `test.example.com`, and `foo.test.example.com`, but not `example.com`. - - Support: Core - maxLength: 253 - minLength: 1 - pattern: ^(\*\.)?[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - name: - description: |- - Name is the name of the Listener. This name MUST be unique within a - Gateway. - - Support: Core - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - port: - description: |- - Port is the network port. Multiple listeners may use the - same port, subject to the Listener compatibility rules. - - Support: Core - format: int32 - maximum: 65535 - minimum: 1 - type: integer - protocol: - description: |- - Protocol specifies the network protocol this listener expects to receive. - - Support: Core - maxLength: 255 - minLength: 1 - pattern: ^[a-zA-Z0-9]([-a-zA-Z0-9]*[a-zA-Z0-9])?$|[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9]+$ - type: string - tls: - description: |- - TLS is the TLS configuration for the Listener. This field is required if - the Protocol field is "HTTPS" or "TLS". It is invalid to set this field - if the Protocol field is "HTTP", "TCP", or "UDP". - - The association of SNIs to Certificate defined in GatewayTLSConfig is - defined based on the Hostname field for this listener. - - The GatewayClass MUST use the longest matching SNI out of all - available certificates for any TLS handshake. - - Support: Core - properties: - certificateRefs: - description: |- - CertificateRefs contains a series of references to Kubernetes objects that - contains TLS certificates and private keys. These certificates are used to - establish a TLS handshake for requests that match the hostname of the - associated listener. - - A single CertificateRef to a Kubernetes Secret has "Core" support. - Implementations MAY choose to support attaching multiple certificates to - a Listener, but this behavior is implementation-specific. - - References to a resource in different namespace are invalid UNLESS there - is a ReferenceGrant in the target namespace that allows the certificate - to be attached. If a ReferenceGrant does not allow this reference, the - "ResolvedRefs" condition MUST be set to False for this listener with the - "RefNotPermitted" reason. - - This field is required to have at least one element when the mode is set - to "Terminate" (default) and is optional otherwise. - - CertificateRefs can reference to standard Kubernetes resources, i.e. - Secret, or implementation-specific custom resources. - - Support: Core - A single reference to a Kubernetes Secret of type kubernetes.io/tls - - Support: Implementation-specific (More than one reference or other resource types) - items: - description: |- - SecretObjectReference identifies an API object including its namespace, - defaulting to Secret. - - The API object must be valid in the cluster; the Group and Kind must - be registered in the cluster for this reference to be valid. - - References to objects with invalid Group and Kind are not valid, and must - be rejected by the implementation, with appropriate Conditions set - on the containing object. - properties: - group: - default: "" - description: |- - Group is the group of the referent. For example, "gateway.networking.k8s.io". - When unspecified or empty string, core API group is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Secret - description: Kind is kind of the referent. For example - "Secret". - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: |- - Namespace is the namespace of the referenced object. When unspecified, the local - namespace is inferred. - - Note that when a namespace different than the local namespace is specified, - a ReferenceGrant object is required in the referent namespace to allow that - namespace's owner to accept the reference. See the ReferenceGrant - documentation for details. - - Support: Core - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - required: - - name - type: object - maxItems: 64 - type: array - mode: - default: Terminate - description: |- - Mode defines the TLS behavior for the TLS session initiated by the client. - There are two possible modes: - - - Terminate: The TLS session between the downstream client and the - Gateway is terminated at the Gateway. This mode requires certificates - to be specified in some way, such as populating the certificateRefs - field. - - Passthrough: The TLS session is NOT terminated by the Gateway. This - implies that the Gateway can't decipher the TLS stream except for - the ClientHello message of the TLS protocol. The certificateRefs field - is ignored in this mode. - - Support: Core - enum: - - Terminate - - Passthrough - type: string - options: - additionalProperties: - description: |- - AnnotationValue is the value of an annotation in Gateway API. This is used - for validation of maps such as TLS options. This roughly matches Kubernetes - annotation validation, although the length validation in that case is based - on the entire size of the annotations struct. - maxLength: 4096 - minLength: 0 - type: string - description: |- - Options are a list of key/value pairs to enable extended TLS - configuration for each implementation. For example, configuring the - minimum TLS version or supported cipher suites. - - A set of common keys MAY be defined by the API in the future. To avoid - any ambiguity, implementation-specific definitions MUST use - domain-prefixed names, such as `example.com/my-custom-option`. - Un-prefixed names are reserved for key names defined by Gateway API. - - Support: Implementation-specific - maxProperties: 16 - type: object - type: object - x-kubernetes-validations: - - message: certificateRefs or options must be specified when - mode is Terminate - rule: 'self.mode == ''Terminate'' ? size(self.certificateRefs) - > 0 || size(self.options) > 0 : true' - required: - - name - - port - - protocol - type: object - maxItems: 64 - minItems: 1 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - x-kubernetes-validations: - - message: tls must not be specified for protocols ['HTTP', 'TCP', - 'UDP'] - rule: 'self.all(l, l.protocol in [''HTTP'', ''TCP'', ''UDP''] ? - !has(l.tls) : true)' - - message: tls mode must be Terminate for protocol HTTPS - rule: 'self.all(l, (l.protocol == ''HTTPS'' && has(l.tls)) ? (l.tls.mode - == '''' || l.tls.mode == ''Terminate'') : true)' - - message: hostname must not be specified for protocols ['TCP', 'UDP'] - rule: 'self.all(l, l.protocol in [''TCP'', ''UDP''] ? (!has(l.hostname) - || l.hostname == '''') : true)' - - message: Listener name must be unique within the Gateway - rule: self.all(l1, self.exists_one(l2, l1.name == l2.name)) - - message: Combination of port, protocol and hostname must be unique - for each listener - rule: 'self.all(l1, self.exists_one(l2, l1.port == l2.port && l1.protocol - == l2.protocol && (has(l1.hostname) && has(l2.hostname) ? l1.hostname - == l2.hostname : !has(l1.hostname) && !has(l2.hostname))))' - required: - - gatewayClassName - - listeners - type: object - status: - default: - conditions: - - lastTransitionTime: "1970-01-01T00:00:00Z" - message: Waiting for controller - reason: Pending - status: Unknown - type: Accepted - - lastTransitionTime: "1970-01-01T00:00:00Z" - message: Waiting for controller - reason: Pending - status: Unknown - type: Programmed - description: Status defines the current state of Gateway. - properties: - addresses: - description: |+ - Addresses lists the network addresses that have been bound to the - Gateway. - - This list may differ from the addresses provided in the spec under some - conditions: - - * no addresses are specified, all addresses are dynamically assigned - * a combination of specified and dynamic addresses are assigned - * a specified address was unusable (e.g. already in use) - - items: - description: GatewayStatusAddress describes a network address that - is bound to a Gateway. - oneOf: - - properties: - type: - enum: - - IPAddress - value: - anyOf: - - format: ipv4 - - format: ipv6 - - properties: - type: - not: - enum: - - IPAddress - properties: - type: - default: IPAddress - description: Type of the address. - maxLength: 253 - minLength: 1 - pattern: ^Hostname|IPAddress|NamedAddress|[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9\/\-._~%!$&'()*+,;=:]+$ - type: string - value: - description: |- - Value of the address. The validity of the values will depend - on the type and support by the controller. - - Examples: `1.2.3.4`, `128::1`, `my-ip-address`. - maxLength: 253 - minLength: 1 - type: string - required: - - value - type: object - x-kubernetes-validations: - - message: Hostname value must only contain valid characters (matching - ^(\*\.)?[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$) - rule: 'self.type == ''Hostname'' ? self.value.matches(r"""^(\*\.)?[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$"""): - true' - maxItems: 16 - type: array - conditions: - default: - - lastTransitionTime: "1970-01-01T00:00:00Z" - message: Waiting for controller - reason: Pending - status: Unknown - type: Accepted - - lastTransitionTime: "1970-01-01T00:00:00Z" - message: Waiting for controller - reason: Pending - status: Unknown - type: Programmed - description: |- - Conditions describe the current conditions of the Gateway. - - Implementations should prefer to express Gateway conditions - using the `GatewayConditionType` and `GatewayConditionReason` - constants so that operators and tools can converge on a common - vocabulary to describe Gateway state. - - Known condition types are: - - * "Accepted" - * "Programmed" - * "Ready" - items: - description: Condition contains details for one aspect of the current - state of this API Resource. - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - maxItems: 8 - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - listeners: - description: Listeners provide status for each unique listener port - defined in the Spec. - items: - description: ListenerStatus is the status associated with a Listener. - properties: - attachedRoutes: - description: |- - AttachedRoutes represents the total number of Routes that have been - successfully attached to this Listener. - - Successful attachment of a Route to a Listener is based solely on the - combination of the AllowedRoutes field on the corresponding Listener - and the Route's ParentRefs field. A Route is successfully attached to - a Listener when it is selected by the Listener's AllowedRoutes field - AND the Route has a valid ParentRef selecting the whole Gateway - resource or a specific Listener as a parent resource (more detail on - attachment semantics can be found in the documentation on the various - Route kinds ParentRefs fields). Listener or Route status does not impact - successful attachment, i.e. the AttachedRoutes field count MUST be set - for Listeners with condition Accepted: false and MUST count successfully - attached Routes that may themselves have Accepted: false conditions. - - Uses for this field include troubleshooting Route attachment and - measuring blast radius/impact of changes to a Listener. - format: int32 - type: integer - conditions: - description: Conditions describe the current condition of this - listener. - items: - description: Condition contains details for one aspect of - the current state of this API Resource. - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, - Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - maxItems: 8 - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - name: - description: Name is the name of the Listener that this status - corresponds to. - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - supportedKinds: - description: |- - SupportedKinds is the list indicating the Kinds supported by this - listener. This MUST represent the kinds an implementation supports for - that Listener configuration. - - If kinds are specified in Spec that are not supported, they MUST NOT - appear in this list and an implementation MUST set the "ResolvedRefs" - condition to "False" with the "InvalidRouteKinds" reason. If both valid - and invalid Route kinds are specified, the implementation MUST - reference the valid Route kinds that have been specified. - items: - description: RouteGroupKind indicates the group and kind of - a Route resource. - properties: - group: - default: gateway.networking.k8s.io - description: Group is the group of the Route. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - description: Kind is the kind of the Route. - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - required: - - kind - type: object - maxItems: 8 - type: array - required: - - attachedRoutes - - conditions - - name - - supportedKinds - type: object - maxItems: 64 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - required: - - spec - type: object - served: true - storage: false - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: null - storedVersions: null ---- -# -# config/crd/standard/gateway.networking.k8s.io_grpcroutes.yaml -# -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - api-approved.kubernetes.io: https://github.com/kubernetes-sigs/gateway-api/pull/3328 - gateway.networking.k8s.io/bundle-version: v1.2.0 - gateway.networking.k8s.io/channel: standard - creationTimestamp: null - name: grpcroutes.gateway.networking.k8s.io -spec: - group: gateway.networking.k8s.io - names: - categories: - - gateway-api - kind: GRPCRoute - listKind: GRPCRouteList - plural: grpcroutes - singular: grpcroute - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .spec.hostnames - name: Hostnames - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1 - schema: - openAPIV3Schema: - description: |- - GRPCRoute provides a way to route gRPC requests. This includes the capability - to match requests by hostname, gRPC service, gRPC method, or HTTP/2 header. - Filters can be used to specify additional processing steps. Backends specify - where matching requests will be routed. - - GRPCRoute falls under extended support within the Gateway API. Within the - following specification, the word "MUST" indicates that an implementation - supporting GRPCRoute must conform to the indicated requirement, but an - implementation not supporting this route type need not follow the requirement - unless explicitly indicated. - - Implementations supporting `GRPCRoute` with the `HTTPS` `ProtocolType` MUST - accept HTTP/2 connections without an initial upgrade from HTTP/1.1, i.e. via - ALPN. If the implementation does not support this, then it MUST set the - "Accepted" condition to "False" for the affected listener with a reason of - "UnsupportedProtocol". Implementations MAY also accept HTTP/2 connections - with an upgrade from HTTP/1. - - Implementations supporting `GRPCRoute` with the `HTTP` `ProtocolType` MUST - support HTTP/2 over cleartext TCP (h2c, - https://www.rfc-editor.org/rfc/rfc7540#section-3.1) without an initial - upgrade from HTTP/1.1, i.e. with prior knowledge - (https://www.rfc-editor.org/rfc/rfc7540#section-3.4). If the implementation - does not support this, then it MUST set the "Accepted" condition to "False" - for the affected listener with a reason of "UnsupportedProtocol". - Implementations MAY also accept HTTP/2 connections with an upgrade from - HTTP/1, i.e. without prior knowledge. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: Spec defines the desired state of GRPCRoute. - properties: - hostnames: - description: |- - Hostnames defines a set of hostnames to match against the GRPC - Host header to select a GRPCRoute to process the request. This matches - the RFC 1123 definition of a hostname with 2 notable exceptions: - - 1. IPs are not allowed. - 2. A hostname may be prefixed with a wildcard label (`*.`). The wildcard - label MUST appear by itself as the first label. - - If a hostname is specified by both the Listener and GRPCRoute, there - MUST be at least one intersecting hostname for the GRPCRoute to be - attached to the Listener. For example: - - * A Listener with `test.example.com` as the hostname matches GRPCRoutes - that have either not specified any hostnames, or have specified at - least one of `test.example.com` or `*.example.com`. - * A Listener with `*.example.com` as the hostname matches GRPCRoutes - that have either not specified any hostnames or have specified at least - one hostname that matches the Listener hostname. For example, - `test.example.com` and `*.example.com` would both match. On the other - hand, `example.com` and `test.example.net` would not match. - - Hostnames that are prefixed with a wildcard label (`*.`) are interpreted - as a suffix match. That means that a match for `*.example.com` would match - both `test.example.com`, and `foo.test.example.com`, but not `example.com`. - - If both the Listener and GRPCRoute have specified hostnames, any - GRPCRoute hostnames that do not match the Listener hostname MUST be - ignored. For example, if a Listener specified `*.example.com`, and the - GRPCRoute specified `test.example.com` and `test.example.net`, - `test.example.net` MUST NOT be considered for a match. - - If both the Listener and GRPCRoute have specified hostnames, and none - match with the criteria above, then the GRPCRoute MUST NOT be accepted by - the implementation. The implementation MUST raise an 'Accepted' Condition - with a status of `False` in the corresponding RouteParentStatus. - - If a Route (A) of type HTTPRoute or GRPCRoute is attached to a - Listener and that listener already has another Route (B) of the other - type attached and the intersection of the hostnames of A and B is - non-empty, then the implementation MUST accept exactly one of these two - routes, determined by the following criteria, in order: - - * The oldest Route based on creation timestamp. - * The Route appearing first in alphabetical order by - "{namespace}/{name}". - - The rejected Route MUST raise an 'Accepted' condition with a status of - 'False' in the corresponding RouteParentStatus. - - Support: Core - items: - description: |- - Hostname is the fully qualified domain name of a network host. This matches - the RFC 1123 definition of a hostname with 2 notable exceptions: - - 1. IPs are not allowed. - 2. A hostname may be prefixed with a wildcard label (`*.`). The wildcard - label must appear by itself as the first label. - - Hostname can be "precise" which is a domain name without the terminating - dot of a network host (e.g. "foo.example.com") or "wildcard", which is a - domain name prefixed with a single wildcard label (e.g. `*.example.com`). - - Note that as per RFC1035 and RFC1123, a *label* must consist of lower case - alphanumeric characters or '-', and must start and end with an alphanumeric - character. No other punctuation is allowed. - maxLength: 253 - minLength: 1 - pattern: ^(\*\.)?[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - maxItems: 16 - type: array - parentRefs: - description: |+ - ParentRefs references the resources (usually Gateways) that a Route wants - to be attached to. Note that the referenced parent resource needs to - allow this for the attachment to be complete. For Gateways, that means - the Gateway needs to allow attachment from Routes of this kind and - namespace. For Services, that means the Service must either be in the same - namespace for a "producer" route, or the mesh implementation must support - and allow "consumer" routes for the referenced Service. ReferenceGrant is - not applicable for governing ParentRefs to Services - it is not possible to - create a "producer" route for a Service in a different namespace from the - Route. - - There are two kinds of parent resources with "Core" support: - - * Gateway (Gateway conformance profile) - * Service (Mesh conformance profile, ClusterIP Services only) - - This API may be extended in the future to support additional kinds of parent - resources. - - ParentRefs must be _distinct_. This means either that: - - * They select different objects. If this is the case, then parentRef - entries are distinct. In terms of fields, this means that the - multi-part key defined by `group`, `kind`, `namespace`, and `name` must - be unique across all parentRef entries in the Route. - * They do not select different objects, but for each optional field used, - each ParentRef that selects the same object must set the same set of - optional fields to different values. If one ParentRef sets a - combination of optional fields, all must set the same combination. - - Some examples: - - * If one ParentRef sets `sectionName`, all ParentRefs referencing the - same object must also set `sectionName`. - * If one ParentRef sets `port`, all ParentRefs referencing the same - object must also set `port`. - * If one ParentRef sets `sectionName` and `port`, all ParentRefs - referencing the same object must also set `sectionName` and `port`. - - It is possible to separately reference multiple distinct objects that may - be collapsed by an implementation. For example, some implementations may - choose to merge compatible Gateway Listeners together. If that is the - case, the list of routes attached to those resources should also be - merged. - - Note that for ParentRefs that cross namespace boundaries, there are specific - rules. Cross-namespace references are only valid if they are explicitly - allowed by something in the namespace they are referring to. For example, - Gateway has the AllowedRoutes field, and ReferenceGrant provides a - generic way to enable other kinds of cross-namespace reference. - - - - - - - items: - description: |- - ParentReference identifies an API object (usually a Gateway) that can be considered - a parent of this resource (usually a route). There are two kinds of parent resources - with "Core" support: - - * Gateway (Gateway conformance profile) - * Service (Mesh conformance profile, ClusterIP Services only) - - This API may be extended in the future to support additional kinds of parent - resources. - - The API object must be valid in the cluster; the Group and Kind must - be registered in the cluster for this reference to be valid. - properties: - group: - default: gateway.networking.k8s.io - description: |- - Group is the group of the referent. - When unspecified, "gateway.networking.k8s.io" is inferred. - To set the core API group (such as for a "Service" kind referent), - Group must be explicitly set to "" (empty string). - - Support: Core - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Gateway - description: |- - Kind is kind of the referent. - - There are two kinds of parent resources with "Core" support: - - * Gateway (Gateway conformance profile) - * Service (Mesh conformance profile, ClusterIP Services only) - - Support for other resources is Implementation-Specific. - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: |- - Name is the name of the referent. - - Support: Core - maxLength: 253 - minLength: 1 - type: string - namespace: - description: |- - Namespace is the namespace of the referent. When unspecified, this refers - to the local namespace of the Route. - - Note that there are specific rules for ParentRefs which cross namespace - boundaries. Cross-namespace references are only valid if they are explicitly - allowed by something in the namespace they are referring to. For example: - Gateway has the AllowedRoutes field, and ReferenceGrant provides a - generic way to enable any other kind of cross-namespace reference. - - - - Support: Core - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - port: - description: |- - Port is the network port this Route targets. It can be interpreted - differently based on the type of parent resource. - - When the parent resource is a Gateway, this targets all listeners - listening on the specified port that also support this kind of Route(and - select this Route). It's not recommended to set `Port` unless the - networking behaviors specified in a Route must apply to a specific port - as opposed to a listener(s) whose port(s) may be changed. When both Port - and SectionName are specified, the name and port of the selected listener - must match both specified values. - - - - Implementations MAY choose to support other parent resources. - Implementations supporting other types of parent resources MUST clearly - document how/if Port is interpreted. - - For the purpose of status, an attachment is considered successful as - long as the parent resource accepts it partially. For example, Gateway - listeners can restrict which Routes can attach to them by Route kind, - namespace, or hostname. If 1 of 2 Gateway listeners accept attachment - from the referencing Route, the Route MUST be considered successfully - attached. If no Gateway listeners accept attachment from this Route, - the Route MUST be considered detached from the Gateway. - - Support: Extended - format: int32 - maximum: 65535 - minimum: 1 - type: integer - sectionName: - description: |- - SectionName is the name of a section within the target resource. In the - following resources, SectionName is interpreted as the following: - - * Gateway: Listener name. When both Port (experimental) and SectionName - are specified, the name and port of the selected listener must match - both specified values. - * Service: Port name. When both Port (experimental) and SectionName - are specified, the name and port of the selected listener must match - both specified values. - - Implementations MAY choose to support attaching Routes to other resources. - If that is the case, they MUST clearly document how SectionName is - interpreted. - - When unspecified (empty string), this will reference the entire resource. - For the purpose of status, an attachment is considered successful if at - least one section in the parent resource accepts it. For example, Gateway - listeners can restrict which Routes can attach to them by Route kind, - namespace, or hostname. If 1 of 2 Gateway listeners accept attachment from - the referencing Route, the Route MUST be considered successfully - attached. If no Gateway listeners accept attachment from this Route, the - Route MUST be considered detached from the Gateway. - - Support: Core - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - required: - - name - type: object - maxItems: 32 - type: array - x-kubernetes-validations: - - message: sectionName must be specified when parentRefs includes - 2 or more references to the same parent - rule: 'self.all(p1, self.all(p2, p1.group == p2.group && p1.kind - == p2.kind && p1.name == p2.name && (((!has(p1.__namespace__) - || p1.__namespace__ == '''') && (!has(p2.__namespace__) || p2.__namespace__ - == '''')) || (has(p1.__namespace__) && has(p2.__namespace__) && - p1.__namespace__ == p2.__namespace__ )) ? ((!has(p1.sectionName) - || p1.sectionName == '''') == (!has(p2.sectionName) || p2.sectionName - == '''')) : true))' - - message: sectionName must be unique when parentRefs includes 2 or - more references to the same parent - rule: self.all(p1, self.exists_one(p2, p1.group == p2.group && p1.kind - == p2.kind && p1.name == p2.name && (((!has(p1.__namespace__) - || p1.__namespace__ == '') && (!has(p2.__namespace__) || p2.__namespace__ - == '')) || (has(p1.__namespace__) && has(p2.__namespace__) && - p1.__namespace__ == p2.__namespace__ )) && (((!has(p1.sectionName) - || p1.sectionName == '') && (!has(p2.sectionName) || p2.sectionName - == '')) || (has(p1.sectionName) && has(p2.sectionName) && p1.sectionName - == p2.sectionName)))) - rules: - description: |+ - Rules are a list of GRPC matchers, filters and actions. - - items: - description: |- - GRPCRouteRule defines the semantics for matching a gRPC request based on - conditions (matches), processing it (filters), and forwarding the request to - an API object (backendRefs). - properties: - backendRefs: - description: |- - BackendRefs defines the backend(s) where matching requests should be - sent. - - Failure behavior here depends on how many BackendRefs are specified and - how many are invalid. - - If *all* entries in BackendRefs are invalid, and there are also no filters - specified in this route rule, *all* traffic which matches this rule MUST - receive an `UNAVAILABLE` status. - - See the GRPCBackendRef definition for the rules about what makes a single - GRPCBackendRef invalid. - - When a GRPCBackendRef is invalid, `UNAVAILABLE` statuses MUST be returned for - requests that would have otherwise been routed to an invalid backend. If - multiple backends are specified, and some are invalid, the proportion of - requests that would otherwise have been routed to an invalid backend - MUST receive an `UNAVAILABLE` status. - - For example, if two backends are specified with equal weights, and one is - invalid, 50 percent of traffic MUST receive an `UNAVAILABLE` status. - Implementations may choose how that 50 percent is determined. - - Support: Core for Kubernetes Service - - Support: Implementation-specific for any other resource - - Support for weight: Core - items: - description: |- - GRPCBackendRef defines how a GRPCRoute forwards a gRPC request. - - Note that when a namespace different than the local namespace is specified, a - ReferenceGrant object is required in the referent namespace to allow that - namespace's owner to accept the reference. See the ReferenceGrant - documentation for details. - - - - When the BackendRef points to a Kubernetes Service, implementations SHOULD - honor the appProtocol field if it is set for the target Service Port. - - Implementations supporting appProtocol SHOULD recognize the Kubernetes - Standard Application Protocols defined in KEP-3726. - - If a Service appProtocol isn't specified, an implementation MAY infer the - backend protocol through its own means. Implementations MAY infer the - protocol from the Route type referring to the backend Service. - - If a Route is not able to send traffic to the backend using the specified - protocol then the backend is considered invalid. Implementations MUST set the - "ResolvedRefs" condition to "False" with the "UnsupportedProtocol" reason. - - - properties: - filters: - description: |- - Filters defined at this level MUST be executed if and only if the - request is being forwarded to the backend defined here. - - Support: Implementation-specific (For broader support of filters, use the - Filters field in GRPCRouteRule.) - items: - description: |- - GRPCRouteFilter defines processing steps that must be completed during the - request or response lifecycle. GRPCRouteFilters are meant as an extension - point to express processing that may be done in Gateway implementations. Some - examples include request or response modification, implementing - authentication strategies, rate-limiting, and traffic shaping. API - guarantee/conformance is defined based on the type of the filter. - properties: - extensionRef: - description: |- - ExtensionRef is an optional, implementation-specific extension to the - "filter" behavior. For example, resource "myroutefilter" in group - "networking.example.net"). ExtensionRef MUST NOT be used for core and - extended filters. - - Support: Implementation-specific - - This filter can be used multiple times within the same rule. - properties: - group: - description: |- - Group is the group of the referent. For example, "gateway.networking.k8s.io". - When unspecified or empty string, core API group is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - description: Kind is kind of the referent. For - example "HTTPRoute" or "Service". - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - required: - - group - - kind - - name - type: object - requestHeaderModifier: - description: |- - RequestHeaderModifier defines a schema for a filter that modifies request - headers. - - Support: Core - properties: - add: - description: |- - Add adds the given header(s) (name, value) to the request - before the action. It appends to any existing values associated - with the header name. - - Input: - GET /foo HTTP/1.1 - my-header: foo - - Config: - add: - - name: "my-header" - value: "bar,baz" - - Output: - GET /foo HTTP/1.1 - my-header: foo,bar,baz - items: - description: HTTPHeader represents an HTTP - Header name and value as defined by RFC - 7230. - properties: - name: - description: |- - Name is the name of the HTTP Header to be matched. Name matching MUST be - case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - - If multiple entries specify equivalent header names, the first entry with - an equivalent name MUST be considered for a match. Subsequent entries - with an equivalent header name MUST be ignored. Due to the - case-insensitivity of header names, "foo" and "Foo" are considered - equivalent. - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP - Header to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - remove: - description: |- - Remove the given header(s) from the HTTP request before the action. The - value of Remove is a list of HTTP header names. Note that the header - names are case-insensitive (see - https://datatracker.ietf.org/doc/html/rfc2616#section-4.2). - - Input: - GET /foo HTTP/1.1 - my-header1: foo - my-header2: bar - my-header3: baz - - Config: - remove: ["my-header1", "my-header3"] - - Output: - GET /foo HTTP/1.1 - my-header2: bar - items: - type: string - maxItems: 16 - type: array - x-kubernetes-list-type: set - set: - description: |- - Set overwrites the request with the given header (name, value) - before the action. - - Input: - GET /foo HTTP/1.1 - my-header: foo - - Config: - set: - - name: "my-header" - value: "bar" - - Output: - GET /foo HTTP/1.1 - my-header: bar - items: - description: HTTPHeader represents an HTTP - Header name and value as defined by RFC - 7230. - properties: - name: - description: |- - Name is the name of the HTTP Header to be matched. Name matching MUST be - case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - - If multiple entries specify equivalent header names, the first entry with - an equivalent name MUST be considered for a match. Subsequent entries - with an equivalent header name MUST be ignored. Due to the - case-insensitivity of header names, "foo" and "Foo" are considered - equivalent. - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP - Header to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - requestMirror: - description: |+ - RequestMirror defines a schema for a filter that mirrors requests. - Requests are sent to the specified destination, but responses from - that destination are ignored. - - This filter can be used multiple times within the same rule. Note that - not all implementations will be able to support mirroring to multiple - backends. - - Support: Extended - - properties: - backendRef: - description: |- - BackendRef references a resource where mirrored requests are sent. - - Mirrored requests must be sent only to a single destination endpoint - within this BackendRef, irrespective of how many endpoints are present - within this BackendRef. - - If the referent cannot be found, this BackendRef is invalid and must be - dropped from the Gateway. The controller must ensure the "ResolvedRefs" - condition on the Route status is set to `status: False` and not configure - this backend in the underlying implementation. - - If there is a cross-namespace reference to an *existing* object - that is not allowed by a ReferenceGrant, the controller must ensure the - "ResolvedRefs" condition on the Route is set to `status: False`, - with the "RefNotPermitted" reason and not configure this backend in the - underlying implementation. - - In either error case, the Message of the `ResolvedRefs` Condition - should be used to provide more detail about the problem. - - Support: Extended for Kubernetes Service - - Support: Implementation-specific for any other resource - properties: - group: - default: "" - description: |- - Group is the group of the referent. For example, "gateway.networking.k8s.io". - When unspecified or empty string, core API group is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Service - description: |- - Kind is the Kubernetes resource kind of the referent. For example - "Service". - - Defaults to "Service" when not specified. - - ExternalName services can refer to CNAME DNS records that may live - outside of the cluster and as such are difficult to reason about in - terms of conformance. They also may not be safe to forward to (see - CVE-2021-25740 for more information). Implementations SHOULD NOT - support ExternalName Services. - - Support: Core (Services with a type other than ExternalName) - - Support: Implementation-specific (Services with type ExternalName) - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: |- - Namespace is the namespace of the backend. When unspecified, the local - namespace is inferred. - - Note that when a namespace different than the local namespace is specified, - a ReferenceGrant object is required in the referent namespace to allow that - namespace's owner to accept the reference. See the ReferenceGrant - documentation for details. - - Support: Core - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - port: - description: |- - Port specifies the destination port number to use for this resource. - Port is required when the referent is a Kubernetes Service. In this - case, the port number is the service port number, not the target port. - For other resources, destination port might be derived from the referent - resource or this field. - format: int32 - maximum: 65535 - minimum: 1 - type: integer - required: - - name - type: object - x-kubernetes-validations: - - message: Must have port for Service reference - rule: '(size(self.group) == 0 && self.kind - == ''Service'') ? has(self.port) : true' - required: - - backendRef - type: object - responseHeaderModifier: - description: |- - ResponseHeaderModifier defines a schema for a filter that modifies response - headers. - - Support: Extended - properties: - add: - description: |- - Add adds the given header(s) (name, value) to the request - before the action. It appends to any existing values associated - with the header name. - - Input: - GET /foo HTTP/1.1 - my-header: foo - - Config: - add: - - name: "my-header" - value: "bar,baz" - - Output: - GET /foo HTTP/1.1 - my-header: foo,bar,baz - items: - description: HTTPHeader represents an HTTP - Header name and value as defined by RFC - 7230. - properties: - name: - description: |- - Name is the name of the HTTP Header to be matched. Name matching MUST be - case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - - If multiple entries specify equivalent header names, the first entry with - an equivalent name MUST be considered for a match. Subsequent entries - with an equivalent header name MUST be ignored. Due to the - case-insensitivity of header names, "foo" and "Foo" are considered - equivalent. - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP - Header to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - remove: - description: |- - Remove the given header(s) from the HTTP request before the action. The - value of Remove is a list of HTTP header names. Note that the header - names are case-insensitive (see - https://datatracker.ietf.org/doc/html/rfc2616#section-4.2). - - Input: - GET /foo HTTP/1.1 - my-header1: foo - my-header2: bar - my-header3: baz - - Config: - remove: ["my-header1", "my-header3"] - - Output: - GET /foo HTTP/1.1 - my-header2: bar - items: - type: string - maxItems: 16 - type: array - x-kubernetes-list-type: set - set: - description: |- - Set overwrites the request with the given header (name, value) - before the action. - - Input: - GET /foo HTTP/1.1 - my-header: foo - - Config: - set: - - name: "my-header" - value: "bar" - - Output: - GET /foo HTTP/1.1 - my-header: bar - items: - description: HTTPHeader represents an HTTP - Header name and value as defined by RFC - 7230. - properties: - name: - description: |- - Name is the name of the HTTP Header to be matched. Name matching MUST be - case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - - If multiple entries specify equivalent header names, the first entry with - an equivalent name MUST be considered for a match. Subsequent entries - with an equivalent header name MUST be ignored. Due to the - case-insensitivity of header names, "foo" and "Foo" are considered - equivalent. - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP - Header to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - type: - description: |+ - Type identifies the type of filter to apply. As with other API fields, - types are classified into three conformance levels: - - - Core: Filter types and their corresponding configuration defined by - "Support: Core" in this package, e.g. "RequestHeaderModifier". All - implementations supporting GRPCRoute MUST support core filters. - - - Extended: Filter types and their corresponding configuration defined by - "Support: Extended" in this package, e.g. "RequestMirror". Implementers - are encouraged to support extended filters. - - - Implementation-specific: Filters that are defined and supported by specific vendors. - In the future, filters showing convergence in behavior across multiple - implementations will be considered for inclusion in extended or core - conformance levels. Filter-specific configuration for such filters - is specified using the ExtensionRef field. `Type` MUST be set to - "ExtensionRef" for custom filters. - - Implementers are encouraged to define custom implementation types to - extend the core API with implementation-specific behavior. - - If a reference to a custom filter type cannot be resolved, the filter - MUST NOT be skipped. Instead, requests that would have been processed by - that filter MUST receive a HTTP error response. - - enum: - - ResponseHeaderModifier - - RequestHeaderModifier - - RequestMirror - - ExtensionRef - type: string - required: - - type - type: object - x-kubernetes-validations: - - message: filter.requestHeaderModifier must be nil - if the filter.type is not RequestHeaderModifier - rule: '!(has(self.requestHeaderModifier) && self.type - != ''RequestHeaderModifier'')' - - message: filter.requestHeaderModifier must be specified - for RequestHeaderModifier filter.type - rule: '!(!has(self.requestHeaderModifier) && self.type - == ''RequestHeaderModifier'')' - - message: filter.responseHeaderModifier must be nil - if the filter.type is not ResponseHeaderModifier - rule: '!(has(self.responseHeaderModifier) && self.type - != ''ResponseHeaderModifier'')' - - message: filter.responseHeaderModifier must be specified - for ResponseHeaderModifier filter.type - rule: '!(!has(self.responseHeaderModifier) && self.type - == ''ResponseHeaderModifier'')' - - message: filter.requestMirror must be nil if the filter.type - is not RequestMirror - rule: '!(has(self.requestMirror) && self.type != ''RequestMirror'')' - - message: filter.requestMirror must be specified for - RequestMirror filter.type - rule: '!(!has(self.requestMirror) && self.type == - ''RequestMirror'')' - - message: filter.extensionRef must be nil if the filter.type - is not ExtensionRef - rule: '!(has(self.extensionRef) && self.type != ''ExtensionRef'')' - - message: filter.extensionRef must be specified for - ExtensionRef filter.type - rule: '!(!has(self.extensionRef) && self.type == ''ExtensionRef'')' - maxItems: 16 - type: array - x-kubernetes-validations: - - message: RequestHeaderModifier filter cannot be repeated - rule: self.filter(f, f.type == 'RequestHeaderModifier').size() - <= 1 - - message: ResponseHeaderModifier filter cannot be repeated - rule: self.filter(f, f.type == 'ResponseHeaderModifier').size() - <= 1 - group: - default: "" - description: |- - Group is the group of the referent. For example, "gateway.networking.k8s.io". - When unspecified or empty string, core API group is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Service - description: |- - Kind is the Kubernetes resource kind of the referent. For example - "Service". - - Defaults to "Service" when not specified. - - ExternalName services can refer to CNAME DNS records that may live - outside of the cluster and as such are difficult to reason about in - terms of conformance. They also may not be safe to forward to (see - CVE-2021-25740 for more information). Implementations SHOULD NOT - support ExternalName Services. - - Support: Core (Services with a type other than ExternalName) - - Support: Implementation-specific (Services with type ExternalName) - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: |- - Namespace is the namespace of the backend. When unspecified, the local - namespace is inferred. - - Note that when a namespace different than the local namespace is specified, - a ReferenceGrant object is required in the referent namespace to allow that - namespace's owner to accept the reference. See the ReferenceGrant - documentation for details. - - Support: Core - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - port: - description: |- - Port specifies the destination port number to use for this resource. - Port is required when the referent is a Kubernetes Service. In this - case, the port number is the service port number, not the target port. - For other resources, destination port might be derived from the referent - resource or this field. - format: int32 - maximum: 65535 - minimum: 1 - type: integer - weight: - default: 1 - description: |- - Weight specifies the proportion of requests forwarded to the referenced - backend. This is computed as weight/(sum of all weights in this - BackendRefs list). For non-zero values, there may be some epsilon from - the exact proportion defined here depending on the precision an - implementation supports. Weight is not a percentage and the sum of - weights does not need to equal 100. - - If only one backend is specified and it has a weight greater than 0, 100% - of the traffic is forwarded to that backend. If weight is set to 0, no - traffic should be forwarded for this entry. If unspecified, weight - defaults to 1. - - Support for this field varies based on the context where used. - format: int32 - maximum: 1000000 - minimum: 0 - type: integer - required: - - name - type: object - x-kubernetes-validations: - - message: Must have port for Service reference - rule: '(size(self.group) == 0 && self.kind == ''Service'') - ? has(self.port) : true' - maxItems: 16 - type: array - filters: - description: |- - Filters define the filters that are applied to requests that match - this rule. - - The effects of ordering of multiple behaviors are currently unspecified. - This can change in the future based on feedback during the alpha stage. - - Conformance-levels at this level are defined based on the type of filter: - - - ALL core filters MUST be supported by all implementations that support - GRPCRoute. - - Implementers are encouraged to support extended filters. - - Implementation-specific custom filters have no API guarantees across - implementations. - - Specifying the same filter multiple times is not supported unless explicitly - indicated in the filter. - - If an implementation can not support a combination of filters, it must clearly - document that limitation. In cases where incompatible or unsupported - filters are specified and cause the `Accepted` condition to be set to status - `False`, implementations may use the `IncompatibleFilters` reason to specify - this configuration error. - - Support: Core - items: - description: |- - GRPCRouteFilter defines processing steps that must be completed during the - request or response lifecycle. GRPCRouteFilters are meant as an extension - point to express processing that may be done in Gateway implementations. Some - examples include request or response modification, implementing - authentication strategies, rate-limiting, and traffic shaping. API - guarantee/conformance is defined based on the type of the filter. - properties: - extensionRef: - description: |- - ExtensionRef is an optional, implementation-specific extension to the - "filter" behavior. For example, resource "myroutefilter" in group - "networking.example.net"). ExtensionRef MUST NOT be used for core and - extended filters. - - Support: Implementation-specific - - This filter can be used multiple times within the same rule. - properties: - group: - description: |- - Group is the group of the referent. For example, "gateway.networking.k8s.io". - When unspecified or empty string, core API group is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - description: Kind is kind of the referent. For example - "HTTPRoute" or "Service". - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - required: - - group - - kind - - name - type: object - requestHeaderModifier: - description: |- - RequestHeaderModifier defines a schema for a filter that modifies request - headers. - - Support: Core - properties: - add: - description: |- - Add adds the given header(s) (name, value) to the request - before the action. It appends to any existing values associated - with the header name. - - Input: - GET /foo HTTP/1.1 - my-header: foo - - Config: - add: - - name: "my-header" - value: "bar,baz" - - Output: - GET /foo HTTP/1.1 - my-header: foo,bar,baz - items: - description: HTTPHeader represents an HTTP Header - name and value as defined by RFC 7230. - properties: - name: - description: |- - Name is the name of the HTTP Header to be matched. Name matching MUST be - case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - - If multiple entries specify equivalent header names, the first entry with - an equivalent name MUST be considered for a match. Subsequent entries - with an equivalent header name MUST be ignored. Due to the - case-insensitivity of header names, "foo" and "Foo" are considered - equivalent. - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP Header - to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - remove: - description: |- - Remove the given header(s) from the HTTP request before the action. The - value of Remove is a list of HTTP header names. Note that the header - names are case-insensitive (see - https://datatracker.ietf.org/doc/html/rfc2616#section-4.2). - - Input: - GET /foo HTTP/1.1 - my-header1: foo - my-header2: bar - my-header3: baz - - Config: - remove: ["my-header1", "my-header3"] - - Output: - GET /foo HTTP/1.1 - my-header2: bar - items: - type: string - maxItems: 16 - type: array - x-kubernetes-list-type: set - set: - description: |- - Set overwrites the request with the given header (name, value) - before the action. - - Input: - GET /foo HTTP/1.1 - my-header: foo - - Config: - set: - - name: "my-header" - value: "bar" - - Output: - GET /foo HTTP/1.1 - my-header: bar - items: - description: HTTPHeader represents an HTTP Header - name and value as defined by RFC 7230. - properties: - name: - description: |- - Name is the name of the HTTP Header to be matched. Name matching MUST be - case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - - If multiple entries specify equivalent header names, the first entry with - an equivalent name MUST be considered for a match. Subsequent entries - with an equivalent header name MUST be ignored. Due to the - case-insensitivity of header names, "foo" and "Foo" are considered - equivalent. - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP Header - to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - requestMirror: - description: |+ - RequestMirror defines a schema for a filter that mirrors requests. - Requests are sent to the specified destination, but responses from - that destination are ignored. - - This filter can be used multiple times within the same rule. Note that - not all implementations will be able to support mirroring to multiple - backends. - - Support: Extended - - properties: - backendRef: - description: |- - BackendRef references a resource where mirrored requests are sent. - - Mirrored requests must be sent only to a single destination endpoint - within this BackendRef, irrespective of how many endpoints are present - within this BackendRef. - - If the referent cannot be found, this BackendRef is invalid and must be - dropped from the Gateway. The controller must ensure the "ResolvedRefs" - condition on the Route status is set to `status: False` and not configure - this backend in the underlying implementation. - - If there is a cross-namespace reference to an *existing* object - that is not allowed by a ReferenceGrant, the controller must ensure the - "ResolvedRefs" condition on the Route is set to `status: False`, - with the "RefNotPermitted" reason and not configure this backend in the - underlying implementation. - - In either error case, the Message of the `ResolvedRefs` Condition - should be used to provide more detail about the problem. - - Support: Extended for Kubernetes Service - - Support: Implementation-specific for any other resource - properties: - group: - default: "" - description: |- - Group is the group of the referent. For example, "gateway.networking.k8s.io". - When unspecified or empty string, core API group is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Service - description: |- - Kind is the Kubernetes resource kind of the referent. For example - "Service". - - Defaults to "Service" when not specified. - - ExternalName services can refer to CNAME DNS records that may live - outside of the cluster and as such are difficult to reason about in - terms of conformance. They also may not be safe to forward to (see - CVE-2021-25740 for more information). Implementations SHOULD NOT - support ExternalName Services. - - Support: Core (Services with a type other than ExternalName) - - Support: Implementation-specific (Services with type ExternalName) - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: |- - Namespace is the namespace of the backend. When unspecified, the local - namespace is inferred. - - Note that when a namespace different than the local namespace is specified, - a ReferenceGrant object is required in the referent namespace to allow that - namespace's owner to accept the reference. See the ReferenceGrant - documentation for details. - - Support: Core - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - port: - description: |- - Port specifies the destination port number to use for this resource. - Port is required when the referent is a Kubernetes Service. In this - case, the port number is the service port number, not the target port. - For other resources, destination port might be derived from the referent - resource or this field. - format: int32 - maximum: 65535 - minimum: 1 - type: integer - required: - - name - type: object - x-kubernetes-validations: - - message: Must have port for Service reference - rule: '(size(self.group) == 0 && self.kind == ''Service'') - ? has(self.port) : true' - required: - - backendRef - type: object - responseHeaderModifier: - description: |- - ResponseHeaderModifier defines a schema for a filter that modifies response - headers. - - Support: Extended - properties: - add: - description: |- - Add adds the given header(s) (name, value) to the request - before the action. It appends to any existing values associated - with the header name. - - Input: - GET /foo HTTP/1.1 - my-header: foo - - Config: - add: - - name: "my-header" - value: "bar,baz" - - Output: - GET /foo HTTP/1.1 - my-header: foo,bar,baz - items: - description: HTTPHeader represents an HTTP Header - name and value as defined by RFC 7230. - properties: - name: - description: |- - Name is the name of the HTTP Header to be matched. Name matching MUST be - case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - - If multiple entries specify equivalent header names, the first entry with - an equivalent name MUST be considered for a match. Subsequent entries - with an equivalent header name MUST be ignored. Due to the - case-insensitivity of header names, "foo" and "Foo" are considered - equivalent. - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP Header - to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - remove: - description: |- - Remove the given header(s) from the HTTP request before the action. The - value of Remove is a list of HTTP header names. Note that the header - names are case-insensitive (see - https://datatracker.ietf.org/doc/html/rfc2616#section-4.2). - - Input: - GET /foo HTTP/1.1 - my-header1: foo - my-header2: bar - my-header3: baz - - Config: - remove: ["my-header1", "my-header3"] - - Output: - GET /foo HTTP/1.1 - my-header2: bar - items: - type: string - maxItems: 16 - type: array - x-kubernetes-list-type: set - set: - description: |- - Set overwrites the request with the given header (name, value) - before the action. - - Input: - GET /foo HTTP/1.1 - my-header: foo - - Config: - set: - - name: "my-header" - value: "bar" - - Output: - GET /foo HTTP/1.1 - my-header: bar - items: - description: HTTPHeader represents an HTTP Header - name and value as defined by RFC 7230. - properties: - name: - description: |- - Name is the name of the HTTP Header to be matched. Name matching MUST be - case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - - If multiple entries specify equivalent header names, the first entry with - an equivalent name MUST be considered for a match. Subsequent entries - with an equivalent header name MUST be ignored. Due to the - case-insensitivity of header names, "foo" and "Foo" are considered - equivalent. - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP Header - to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - type: - description: |+ - Type identifies the type of filter to apply. As with other API fields, - types are classified into three conformance levels: - - - Core: Filter types and their corresponding configuration defined by - "Support: Core" in this package, e.g. "RequestHeaderModifier". All - implementations supporting GRPCRoute MUST support core filters. - - - Extended: Filter types and their corresponding configuration defined by - "Support: Extended" in this package, e.g. "RequestMirror". Implementers - are encouraged to support extended filters. - - - Implementation-specific: Filters that are defined and supported by specific vendors. - In the future, filters showing convergence in behavior across multiple - implementations will be considered for inclusion in extended or core - conformance levels. Filter-specific configuration for such filters - is specified using the ExtensionRef field. `Type` MUST be set to - "ExtensionRef" for custom filters. - - Implementers are encouraged to define custom implementation types to - extend the core API with implementation-specific behavior. - - If a reference to a custom filter type cannot be resolved, the filter - MUST NOT be skipped. Instead, requests that would have been processed by - that filter MUST receive a HTTP error response. - - enum: - - ResponseHeaderModifier - - RequestHeaderModifier - - RequestMirror - - ExtensionRef - type: string - required: - - type - type: object - x-kubernetes-validations: - - message: filter.requestHeaderModifier must be nil if the - filter.type is not RequestHeaderModifier - rule: '!(has(self.requestHeaderModifier) && self.type != - ''RequestHeaderModifier'')' - - message: filter.requestHeaderModifier must be specified - for RequestHeaderModifier filter.type - rule: '!(!has(self.requestHeaderModifier) && self.type == - ''RequestHeaderModifier'')' - - message: filter.responseHeaderModifier must be nil if the - filter.type is not ResponseHeaderModifier - rule: '!(has(self.responseHeaderModifier) && self.type != - ''ResponseHeaderModifier'')' - - message: filter.responseHeaderModifier must be specified - for ResponseHeaderModifier filter.type - rule: '!(!has(self.responseHeaderModifier) && self.type - == ''ResponseHeaderModifier'')' - - message: filter.requestMirror must be nil if the filter.type - is not RequestMirror - rule: '!(has(self.requestMirror) && self.type != ''RequestMirror'')' - - message: filter.requestMirror must be specified for RequestMirror - filter.type - rule: '!(!has(self.requestMirror) && self.type == ''RequestMirror'')' - - message: filter.extensionRef must be nil if the filter.type - is not ExtensionRef - rule: '!(has(self.extensionRef) && self.type != ''ExtensionRef'')' - - message: filter.extensionRef must be specified for ExtensionRef - filter.type - rule: '!(!has(self.extensionRef) && self.type == ''ExtensionRef'')' - maxItems: 16 - type: array - x-kubernetes-validations: - - message: RequestHeaderModifier filter cannot be repeated - rule: self.filter(f, f.type == 'RequestHeaderModifier').size() - <= 1 - - message: ResponseHeaderModifier filter cannot be repeated - rule: self.filter(f, f.type == 'ResponseHeaderModifier').size() - <= 1 - matches: - description: |- - Matches define conditions used for matching the rule against incoming - gRPC requests. Each match is independent, i.e. this rule will be matched - if **any** one of the matches is satisfied. - - For example, take the following matches configuration: - - ``` - matches: - - method: - service: foo.bar - headers: - values: - version: 2 - - method: - service: foo.bar.v2 - ``` - - For a request to match against this rule, it MUST satisfy - EITHER of the two conditions: - - - service of foo.bar AND contains the header `version: 2` - - service of foo.bar.v2 - - See the documentation for GRPCRouteMatch on how to specify multiple - match conditions to be ANDed together. - - If no matches are specified, the implementation MUST match every gRPC request. - - Proxy or Load Balancer routing configuration generated from GRPCRoutes - MUST prioritize rules based on the following criteria, continuing on - ties. Merging MUST not be done between GRPCRoutes and HTTPRoutes. - Precedence MUST be given to the rule with the largest number of: - - * Characters in a matching non-wildcard hostname. - * Characters in a matching hostname. - * Characters in a matching service. - * Characters in a matching method. - * Header matches. - - If ties still exist across multiple Routes, matching precedence MUST be - determined in order of the following criteria, continuing on ties: - - * The oldest Route based on creation timestamp. - * The Route appearing first in alphabetical order by - "{namespace}/{name}". - - If ties still exist within the Route that has been given precedence, - matching precedence MUST be granted to the first matching rule meeting - the above criteria. - items: - description: |- - GRPCRouteMatch defines the predicate used to match requests to a given - action. Multiple match types are ANDed together, i.e. the match will - evaluate to true only if all conditions are satisfied. - - For example, the match below will match a gRPC request only if its service - is `foo` AND it contains the `version: v1` header: - - ``` - matches: - - method: - type: Exact - service: "foo" - headers: - - name: "version" - value "v1" - - ``` - properties: - headers: - description: |- - Headers specifies gRPC request header matchers. Multiple match values are - ANDed together, meaning, a request MUST match all the specified headers - to select the route. - items: - description: |- - GRPCHeaderMatch describes how to select a gRPC route by matching gRPC request - headers. - properties: - name: - description: |- - Name is the name of the gRPC Header to be matched. - - If multiple entries specify equivalent header names, only the first - entry with an equivalent name MUST be considered for a match. Subsequent - entries with an equivalent header name MUST be ignored. Due to the - case-insensitivity of header names, "foo" and "Foo" are considered - equivalent. - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - type: - default: Exact - description: Type specifies how to match against - the value of the header. - enum: - - Exact - - RegularExpression - type: string - value: - description: Value is the value of the gRPC Header - to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - method: - description: |- - Method specifies a gRPC request service/method matcher. If this field is - not specified, all services and methods will match. - properties: - method: - description: |- - Value of the method to match against. If left empty or omitted, will - match all services. - - At least one of Service and Method MUST be a non-empty string. - maxLength: 1024 - type: string - service: - description: |- - Value of the service to match against. If left empty or omitted, will - match any service. - - At least one of Service and Method MUST be a non-empty string. - maxLength: 1024 - type: string - type: - default: Exact - description: |- - Type specifies how to match against the service and/or method. - Support: Core (Exact with service and method specified) - - Support: Implementation-specific (Exact with method specified but no service specified) - - Support: Implementation-specific (RegularExpression) - enum: - - Exact - - RegularExpression - type: string - type: object - x-kubernetes-validations: - - message: One or both of 'service' or 'method' must be - specified - rule: 'has(self.type) ? has(self.service) || has(self.method) - : true' - - message: service must only contain valid characters - (matching ^(?i)\.?[a-z_][a-z_0-9]*(\.[a-z_][a-z_0-9]*)*$) - rule: '(!has(self.type) || self.type == ''Exact'') && - has(self.service) ? self.service.matches(r"""^(?i)\.?[a-z_][a-z_0-9]*(\.[a-z_][a-z_0-9]*)*$"""): - true' - - message: method must only contain valid characters (matching - ^[A-Za-z_][A-Za-z_0-9]*$) - rule: '(!has(self.type) || self.type == ''Exact'') && - has(self.method) ? self.method.matches(r"""^[A-Za-z_][A-Za-z_0-9]*$"""): - true' - type: object - maxItems: 8 - type: array - type: object - maxItems: 16 - type: array - x-kubernetes-validations: - - message: While 16 rules and 64 matches per rule are allowed, the - total number of matches across all rules in a route must be less - than 128 - rule: '(self.size() > 0 ? (has(self[0].matches) ? self[0].matches.size() - : 0) : 0) + (self.size() > 1 ? (has(self[1].matches) ? self[1].matches.size() - : 0) : 0) + (self.size() > 2 ? (has(self[2].matches) ? self[2].matches.size() - : 0) : 0) + (self.size() > 3 ? (has(self[3].matches) ? self[3].matches.size() - : 0) : 0) + (self.size() > 4 ? (has(self[4].matches) ? self[4].matches.size() - : 0) : 0) + (self.size() > 5 ? (has(self[5].matches) ? self[5].matches.size() - : 0) : 0) + (self.size() > 6 ? (has(self[6].matches) ? self[6].matches.size() - : 0) : 0) + (self.size() > 7 ? (has(self[7].matches) ? self[7].matches.size() - : 0) : 0) + (self.size() > 8 ? (has(self[8].matches) ? self[8].matches.size() - : 0) : 0) + (self.size() > 9 ? (has(self[9].matches) ? self[9].matches.size() - : 0) : 0) + (self.size() > 10 ? (has(self[10].matches) ? self[10].matches.size() - : 0) : 0) + (self.size() > 11 ? (has(self[11].matches) ? self[11].matches.size() - : 0) : 0) + (self.size() > 12 ? (has(self[12].matches) ? self[12].matches.size() - : 0) : 0) + (self.size() > 13 ? (has(self[13].matches) ? self[13].matches.size() - : 0) : 0) + (self.size() > 14 ? (has(self[14].matches) ? self[14].matches.size() - : 0) : 0) + (self.size() > 15 ? (has(self[15].matches) ? self[15].matches.size() - : 0) : 0) <= 128' - type: object - status: - description: Status defines the current state of GRPCRoute. - properties: - parents: - description: |- - Parents is a list of parent resources (usually Gateways) that are - associated with the route, and the status of the route with respect to - each parent. When this route attaches to a parent, the controller that - manages the parent must add an entry to this list when the controller - first sees the route and should update the entry as appropriate when the - route or gateway is modified. - - Note that parent references that cannot be resolved by an implementation - of this API will not be added to this list. Implementations of this API - can only populate Route status for the Gateways/parent resources they are - responsible for. - - A maximum of 32 Gateways will be represented in this list. An empty list - means the route has not been attached to any Gateway. - items: - description: |- - RouteParentStatus describes the status of a route with respect to an - associated Parent. - properties: - conditions: - description: |- - Conditions describes the status of the route with respect to the Gateway. - Note that the route's availability is also subject to the Gateway's own - status conditions and listener status. - - If the Route's ParentRef specifies an existing Gateway that supports - Routes of this kind AND that Gateway's controller has sufficient access, - then that Gateway's controller MUST set the "Accepted" condition on the - Route, to indicate whether the route has been accepted or rejected by the - Gateway, and why. - - A Route MUST be considered "Accepted" if at least one of the Route's - rules is implemented by the Gateway. - - There are a number of cases where the "Accepted" condition may not be set - due to lack of controller visibility, that includes when: - - * The Route refers to a non-existent parent. - * The Route is of a type that the controller does not support. - * The Route is in a namespace the controller does not have access to. - items: - description: Condition contains details for one aspect of - the current state of this API Resource. - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, - Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - maxItems: 8 - minItems: 1 - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - controllerName: - description: |- - ControllerName is a domain/path string that indicates the name of the - controller that wrote this status. This corresponds with the - controllerName field on GatewayClass. - - Example: "example.net/gateway-controller". - - The format of this field is DOMAIN "/" PATH, where DOMAIN and PATH are - valid Kubernetes names - (https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names). - - Controllers MUST populate this field when writing status. Controllers should ensure that - entries to status populated with their ControllerName are cleaned up when they are no - longer necessary. - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9\/\-._~%!$&'()*+,;=:]+$ - type: string - parentRef: - description: |- - ParentRef corresponds with a ParentRef in the spec that this - RouteParentStatus struct describes the status of. - properties: - group: - default: gateway.networking.k8s.io - description: |- - Group is the group of the referent. - When unspecified, "gateway.networking.k8s.io" is inferred. - To set the core API group (such as for a "Service" kind referent), - Group must be explicitly set to "" (empty string). - - Support: Core - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Gateway - description: |- - Kind is kind of the referent. - - There are two kinds of parent resources with "Core" support: - - * Gateway (Gateway conformance profile) - * Service (Mesh conformance profile, ClusterIP Services only) - - Support for other resources is Implementation-Specific. - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: |- - Name is the name of the referent. - - Support: Core - maxLength: 253 - minLength: 1 - type: string - namespace: - description: |- - Namespace is the namespace of the referent. When unspecified, this refers - to the local namespace of the Route. - - Note that there are specific rules for ParentRefs which cross namespace - boundaries. Cross-namespace references are only valid if they are explicitly - allowed by something in the namespace they are referring to. For example: - Gateway has the AllowedRoutes field, and ReferenceGrant provides a - generic way to enable any other kind of cross-namespace reference. - - - - Support: Core - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - port: - description: |- - Port is the network port this Route targets. It can be interpreted - differently based on the type of parent resource. - - When the parent resource is a Gateway, this targets all listeners - listening on the specified port that also support this kind of Route(and - select this Route). It's not recommended to set `Port` unless the - networking behaviors specified in a Route must apply to a specific port - as opposed to a listener(s) whose port(s) may be changed. When both Port - and SectionName are specified, the name and port of the selected listener - must match both specified values. - - - - Implementations MAY choose to support other parent resources. - Implementations supporting other types of parent resources MUST clearly - document how/if Port is interpreted. - - For the purpose of status, an attachment is considered successful as - long as the parent resource accepts it partially. For example, Gateway - listeners can restrict which Routes can attach to them by Route kind, - namespace, or hostname. If 1 of 2 Gateway listeners accept attachment - from the referencing Route, the Route MUST be considered successfully - attached. If no Gateway listeners accept attachment from this Route, - the Route MUST be considered detached from the Gateway. - - Support: Extended - format: int32 - maximum: 65535 - minimum: 1 - type: integer - sectionName: - description: |- - SectionName is the name of a section within the target resource. In the - following resources, SectionName is interpreted as the following: - - * Gateway: Listener name. When both Port (experimental) and SectionName - are specified, the name and port of the selected listener must match - both specified values. - * Service: Port name. When both Port (experimental) and SectionName - are specified, the name and port of the selected listener must match - both specified values. - - Implementations MAY choose to support attaching Routes to other resources. - If that is the case, they MUST clearly document how SectionName is - interpreted. - - When unspecified (empty string), this will reference the entire resource. - For the purpose of status, an attachment is considered successful if at - least one section in the parent resource accepts it. For example, Gateway - listeners can restrict which Routes can attach to them by Route kind, - namespace, or hostname. If 1 of 2 Gateway listeners accept attachment from - the referencing Route, the Route MUST be considered successfully - attached. If no Gateway listeners accept attachment from this Route, the - Route MUST be considered detached from the Gateway. - - Support: Core - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - required: - - name - type: object - required: - - controllerName - - parentRef - type: object - maxItems: 32 - type: array - required: - - parents - type: object - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: null - storedVersions: null ---- -# -# config/crd/standard/gateway.networking.k8s.io_httproutes.yaml -# -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - api-approved.kubernetes.io: https://github.com/kubernetes-sigs/gateway-api/pull/3328 - gateway.networking.k8s.io/bundle-version: v1.2.0 - gateway.networking.k8s.io/channel: standard - creationTimestamp: null - name: httproutes.gateway.networking.k8s.io -spec: - group: gateway.networking.k8s.io - names: - categories: - - gateway-api - kind: HTTPRoute - listKind: HTTPRouteList - plural: httproutes - singular: httproute - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .spec.hostnames - name: Hostnames - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1 - schema: - openAPIV3Schema: - description: |- - HTTPRoute provides a way to route HTTP requests. This includes the capability - to match requests by hostname, path, header, or query param. Filters can be - used to specify additional processing steps. Backends specify where matching - requests should be routed. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: Spec defines the desired state of HTTPRoute. - properties: - hostnames: - description: |- - Hostnames defines a set of hostnames that should match against the HTTP Host - header to select a HTTPRoute used to process the request. Implementations - MUST ignore any port value specified in the HTTP Host header while - performing a match and (absent of any applicable header modification - configuration) MUST forward this header unmodified to the backend. - - Valid values for Hostnames are determined by RFC 1123 definition of a - hostname with 2 notable exceptions: - - 1. IPs are not allowed. - 2. A hostname may be prefixed with a wildcard label (`*.`). The wildcard - label must appear by itself as the first label. - - If a hostname is specified by both the Listener and HTTPRoute, there - must be at least one intersecting hostname for the HTTPRoute to be - attached to the Listener. For example: - - * A Listener with `test.example.com` as the hostname matches HTTPRoutes - that have either not specified any hostnames, or have specified at - least one of `test.example.com` or `*.example.com`. - * A Listener with `*.example.com` as the hostname matches HTTPRoutes - that have either not specified any hostnames or have specified at least - one hostname that matches the Listener hostname. For example, - `*.example.com`, `test.example.com`, and `foo.test.example.com` would - all match. On the other hand, `example.com` and `test.example.net` would - not match. - - Hostnames that are prefixed with a wildcard label (`*.`) are interpreted - as a suffix match. That means that a match for `*.example.com` would match - both `test.example.com`, and `foo.test.example.com`, but not `example.com`. - - If both the Listener and HTTPRoute have specified hostnames, any - HTTPRoute hostnames that do not match the Listener hostname MUST be - ignored. For example, if a Listener specified `*.example.com`, and the - HTTPRoute specified `test.example.com` and `test.example.net`, - `test.example.net` must not be considered for a match. - - If both the Listener and HTTPRoute have specified hostnames, and none - match with the criteria above, then the HTTPRoute is not accepted. The - implementation must raise an 'Accepted' Condition with a status of - `False` in the corresponding RouteParentStatus. - - In the event that multiple HTTPRoutes specify intersecting hostnames (e.g. - overlapping wildcard matching and exact matching hostnames), precedence must - be given to rules from the HTTPRoute with the largest number of: - - * Characters in a matching non-wildcard hostname. - * Characters in a matching hostname. - - If ties exist across multiple Routes, the matching precedence rules for - HTTPRouteMatches takes over. - - Support: Core - items: - description: |- - Hostname is the fully qualified domain name of a network host. This matches - the RFC 1123 definition of a hostname with 2 notable exceptions: - - 1. IPs are not allowed. - 2. A hostname may be prefixed with a wildcard label (`*.`). The wildcard - label must appear by itself as the first label. - - Hostname can be "precise" which is a domain name without the terminating - dot of a network host (e.g. "foo.example.com") or "wildcard", which is a - domain name prefixed with a single wildcard label (e.g. `*.example.com`). - - Note that as per RFC1035 and RFC1123, a *label* must consist of lower case - alphanumeric characters or '-', and must start and end with an alphanumeric - character. No other punctuation is allowed. - maxLength: 253 - minLength: 1 - pattern: ^(\*\.)?[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - maxItems: 16 - type: array - parentRefs: - description: |+ - ParentRefs references the resources (usually Gateways) that a Route wants - to be attached to. Note that the referenced parent resource needs to - allow this for the attachment to be complete. For Gateways, that means - the Gateway needs to allow attachment from Routes of this kind and - namespace. For Services, that means the Service must either be in the same - namespace for a "producer" route, or the mesh implementation must support - and allow "consumer" routes for the referenced Service. ReferenceGrant is - not applicable for governing ParentRefs to Services - it is not possible to - create a "producer" route for a Service in a different namespace from the - Route. - - There are two kinds of parent resources with "Core" support: - - * Gateway (Gateway conformance profile) - * Service (Mesh conformance profile, ClusterIP Services only) - - This API may be extended in the future to support additional kinds of parent - resources. - - ParentRefs must be _distinct_. This means either that: - - * They select different objects. If this is the case, then parentRef - entries are distinct. In terms of fields, this means that the - multi-part key defined by `group`, `kind`, `namespace`, and `name` must - be unique across all parentRef entries in the Route. - * They do not select different objects, but for each optional field used, - each ParentRef that selects the same object must set the same set of - optional fields to different values. If one ParentRef sets a - combination of optional fields, all must set the same combination. - - Some examples: - - * If one ParentRef sets `sectionName`, all ParentRefs referencing the - same object must also set `sectionName`. - * If one ParentRef sets `port`, all ParentRefs referencing the same - object must also set `port`. - * If one ParentRef sets `sectionName` and `port`, all ParentRefs - referencing the same object must also set `sectionName` and `port`. - - It is possible to separately reference multiple distinct objects that may - be collapsed by an implementation. For example, some implementations may - choose to merge compatible Gateway Listeners together. If that is the - case, the list of routes attached to those resources should also be - merged. - - Note that for ParentRefs that cross namespace boundaries, there are specific - rules. Cross-namespace references are only valid if they are explicitly - allowed by something in the namespace they are referring to. For example, - Gateway has the AllowedRoutes field, and ReferenceGrant provides a - generic way to enable other kinds of cross-namespace reference. - - - - - - - items: - description: |- - ParentReference identifies an API object (usually a Gateway) that can be considered - a parent of this resource (usually a route). There are two kinds of parent resources - with "Core" support: - - * Gateway (Gateway conformance profile) - * Service (Mesh conformance profile, ClusterIP Services only) - - This API may be extended in the future to support additional kinds of parent - resources. - - The API object must be valid in the cluster; the Group and Kind must - be registered in the cluster for this reference to be valid. - properties: - group: - default: gateway.networking.k8s.io - description: |- - Group is the group of the referent. - When unspecified, "gateway.networking.k8s.io" is inferred. - To set the core API group (such as for a "Service" kind referent), - Group must be explicitly set to "" (empty string). - - Support: Core - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Gateway - description: |- - Kind is kind of the referent. - - There are two kinds of parent resources with "Core" support: - - * Gateway (Gateway conformance profile) - * Service (Mesh conformance profile, ClusterIP Services only) - - Support for other resources is Implementation-Specific. - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: |- - Name is the name of the referent. - - Support: Core - maxLength: 253 - minLength: 1 - type: string - namespace: - description: |- - Namespace is the namespace of the referent. When unspecified, this refers - to the local namespace of the Route. - - Note that there are specific rules for ParentRefs which cross namespace - boundaries. Cross-namespace references are only valid if they are explicitly - allowed by something in the namespace they are referring to. For example: - Gateway has the AllowedRoutes field, and ReferenceGrant provides a - generic way to enable any other kind of cross-namespace reference. - - - - Support: Core - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - port: - description: |- - Port is the network port this Route targets. It can be interpreted - differently based on the type of parent resource. - - When the parent resource is a Gateway, this targets all listeners - listening on the specified port that also support this kind of Route(and - select this Route). It's not recommended to set `Port` unless the - networking behaviors specified in a Route must apply to a specific port - as opposed to a listener(s) whose port(s) may be changed. When both Port - and SectionName are specified, the name and port of the selected listener - must match both specified values. - - - - Implementations MAY choose to support other parent resources. - Implementations supporting other types of parent resources MUST clearly - document how/if Port is interpreted. - - For the purpose of status, an attachment is considered successful as - long as the parent resource accepts it partially. For example, Gateway - listeners can restrict which Routes can attach to them by Route kind, - namespace, or hostname. If 1 of 2 Gateway listeners accept attachment - from the referencing Route, the Route MUST be considered successfully - attached. If no Gateway listeners accept attachment from this Route, - the Route MUST be considered detached from the Gateway. - - Support: Extended - format: int32 - maximum: 65535 - minimum: 1 - type: integer - sectionName: - description: |- - SectionName is the name of a section within the target resource. In the - following resources, SectionName is interpreted as the following: - - * Gateway: Listener name. When both Port (experimental) and SectionName - are specified, the name and port of the selected listener must match - both specified values. - * Service: Port name. When both Port (experimental) and SectionName - are specified, the name and port of the selected listener must match - both specified values. - - Implementations MAY choose to support attaching Routes to other resources. - If that is the case, they MUST clearly document how SectionName is - interpreted. - - When unspecified (empty string), this will reference the entire resource. - For the purpose of status, an attachment is considered successful if at - least one section in the parent resource accepts it. For example, Gateway - listeners can restrict which Routes can attach to them by Route kind, - namespace, or hostname. If 1 of 2 Gateway listeners accept attachment from - the referencing Route, the Route MUST be considered successfully - attached. If no Gateway listeners accept attachment from this Route, the - Route MUST be considered detached from the Gateway. - - Support: Core - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - required: - - name - type: object - maxItems: 32 - type: array - x-kubernetes-validations: - - message: sectionName must be specified when parentRefs includes - 2 or more references to the same parent - rule: 'self.all(p1, self.all(p2, p1.group == p2.group && p1.kind - == p2.kind && p1.name == p2.name && (((!has(p1.__namespace__) - || p1.__namespace__ == '''') && (!has(p2.__namespace__) || p2.__namespace__ - == '''')) || (has(p1.__namespace__) && has(p2.__namespace__) && - p1.__namespace__ == p2.__namespace__ )) ? ((!has(p1.sectionName) - || p1.sectionName == '''') == (!has(p2.sectionName) || p2.sectionName - == '''')) : true))' - - message: sectionName must be unique when parentRefs includes 2 or - more references to the same parent - rule: self.all(p1, self.exists_one(p2, p1.group == p2.group && p1.kind - == p2.kind && p1.name == p2.name && (((!has(p1.__namespace__) - || p1.__namespace__ == '') && (!has(p2.__namespace__) || p2.__namespace__ - == '')) || (has(p1.__namespace__) && has(p2.__namespace__) && - p1.__namespace__ == p2.__namespace__ )) && (((!has(p1.sectionName) - || p1.sectionName == '') && (!has(p2.sectionName) || p2.sectionName - == '')) || (has(p1.sectionName) && has(p2.sectionName) && p1.sectionName - == p2.sectionName)))) - rules: - default: - - matches: - - path: - type: PathPrefix - value: / - description: |+ - Rules are a list of HTTP matchers, filters and actions. - - items: - description: |- - HTTPRouteRule defines semantics for matching an HTTP request based on - conditions (matches), processing it (filters), and forwarding the request to - an API object (backendRefs). - properties: - backendRefs: - description: |- - BackendRefs defines the backend(s) where matching requests should be - sent. - - Failure behavior here depends on how many BackendRefs are specified and - how many are invalid. - - If *all* entries in BackendRefs are invalid, and there are also no filters - specified in this route rule, *all* traffic which matches this rule MUST - receive a 500 status code. - - See the HTTPBackendRef definition for the rules about what makes a single - HTTPBackendRef invalid. - - When a HTTPBackendRef is invalid, 500 status codes MUST be returned for - requests that would have otherwise been routed to an invalid backend. If - multiple backends are specified, and some are invalid, the proportion of - requests that would otherwise have been routed to an invalid backend - MUST receive a 500 status code. - - For example, if two backends are specified with equal weights, and one is - invalid, 50 percent of traffic must receive a 500. Implementations may - choose how that 50 percent is determined. - - When a HTTPBackendRef refers to a Service that has no ready endpoints, - implementations SHOULD return a 503 for requests to that backend instead. - If an implementation chooses to do this, all of the above rules for 500 responses - MUST also apply for responses that return a 503. - - Support: Core for Kubernetes Service - - Support: Extended for Kubernetes ServiceImport - - Support: Implementation-specific for any other resource - - Support for weight: Core - items: - description: |- - HTTPBackendRef defines how a HTTPRoute forwards a HTTP request. - - Note that when a namespace different than the local namespace is specified, a - ReferenceGrant object is required in the referent namespace to allow that - namespace's owner to accept the reference. See the ReferenceGrant - documentation for details. - - - - When the BackendRef points to a Kubernetes Service, implementations SHOULD - honor the appProtocol field if it is set for the target Service Port. - - Implementations supporting appProtocol SHOULD recognize the Kubernetes - Standard Application Protocols defined in KEP-3726. - - If a Service appProtocol isn't specified, an implementation MAY infer the - backend protocol through its own means. Implementations MAY infer the - protocol from the Route type referring to the backend Service. - - If a Route is not able to send traffic to the backend using the specified - protocol then the backend is considered invalid. Implementations MUST set the - "ResolvedRefs" condition to "False" with the "UnsupportedProtocol" reason. - - - properties: - filters: - description: |- - Filters defined at this level should be executed if and only if the - request is being forwarded to the backend defined here. - - Support: Implementation-specific (For broader support of filters, use the - Filters field in HTTPRouteRule.) - items: - description: |- - HTTPRouteFilter defines processing steps that must be completed during the - request or response lifecycle. HTTPRouteFilters are meant as an extension - point to express processing that may be done in Gateway implementations. Some - examples include request or response modification, implementing - authentication strategies, rate-limiting, and traffic shaping. API - guarantee/conformance is defined based on the type of the filter. - properties: - extensionRef: - description: |- - ExtensionRef is an optional, implementation-specific extension to the - "filter" behavior. For example, resource "myroutefilter" in group - "networking.example.net"). ExtensionRef MUST NOT be used for core and - extended filters. - - This filter can be used multiple times within the same rule. - - Support: Implementation-specific - properties: - group: - description: |- - Group is the group of the referent. For example, "gateway.networking.k8s.io". - When unspecified or empty string, core API group is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - description: Kind is kind of the referent. For - example "HTTPRoute" or "Service". - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - required: - - group - - kind - - name - type: object - requestHeaderModifier: - description: |- - RequestHeaderModifier defines a schema for a filter that modifies request - headers. - - Support: Core - properties: - add: - description: |- - Add adds the given header(s) (name, value) to the request - before the action. It appends to any existing values associated - with the header name. - - Input: - GET /foo HTTP/1.1 - my-header: foo - - Config: - add: - - name: "my-header" - value: "bar,baz" - - Output: - GET /foo HTTP/1.1 - my-header: foo,bar,baz - items: - description: HTTPHeader represents an HTTP - Header name and value as defined by RFC - 7230. - properties: - name: - description: |- - Name is the name of the HTTP Header to be matched. Name matching MUST be - case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - - If multiple entries specify equivalent header names, the first entry with - an equivalent name MUST be considered for a match. Subsequent entries - with an equivalent header name MUST be ignored. Due to the - case-insensitivity of header names, "foo" and "Foo" are considered - equivalent. - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP - Header to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - remove: - description: |- - Remove the given header(s) from the HTTP request before the action. The - value of Remove is a list of HTTP header names. Note that the header - names are case-insensitive (see - https://datatracker.ietf.org/doc/html/rfc2616#section-4.2). - - Input: - GET /foo HTTP/1.1 - my-header1: foo - my-header2: bar - my-header3: baz - - Config: - remove: ["my-header1", "my-header3"] - - Output: - GET /foo HTTP/1.1 - my-header2: bar - items: - type: string - maxItems: 16 - type: array - x-kubernetes-list-type: set - set: - description: |- - Set overwrites the request with the given header (name, value) - before the action. - - Input: - GET /foo HTTP/1.1 - my-header: foo - - Config: - set: - - name: "my-header" - value: "bar" - - Output: - GET /foo HTTP/1.1 - my-header: bar - items: - description: HTTPHeader represents an HTTP - Header name and value as defined by RFC - 7230. - properties: - name: - description: |- - Name is the name of the HTTP Header to be matched. Name matching MUST be - case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - - If multiple entries specify equivalent header names, the first entry with - an equivalent name MUST be considered for a match. Subsequent entries - with an equivalent header name MUST be ignored. Due to the - case-insensitivity of header names, "foo" and "Foo" are considered - equivalent. - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP - Header to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - requestMirror: - description: |+ - RequestMirror defines a schema for a filter that mirrors requests. - Requests are sent to the specified destination, but responses from - that destination are ignored. - - This filter can be used multiple times within the same rule. Note that - not all implementations will be able to support mirroring to multiple - backends. - - Support: Extended - - properties: - backendRef: - description: |- - BackendRef references a resource where mirrored requests are sent. - - Mirrored requests must be sent only to a single destination endpoint - within this BackendRef, irrespective of how many endpoints are present - within this BackendRef. - - If the referent cannot be found, this BackendRef is invalid and must be - dropped from the Gateway. The controller must ensure the "ResolvedRefs" - condition on the Route status is set to `status: False` and not configure - this backend in the underlying implementation. - - If there is a cross-namespace reference to an *existing* object - that is not allowed by a ReferenceGrant, the controller must ensure the - "ResolvedRefs" condition on the Route is set to `status: False`, - with the "RefNotPermitted" reason and not configure this backend in the - underlying implementation. - - In either error case, the Message of the `ResolvedRefs` Condition - should be used to provide more detail about the problem. - - Support: Extended for Kubernetes Service - - Support: Implementation-specific for any other resource - properties: - group: - default: "" - description: |- - Group is the group of the referent. For example, "gateway.networking.k8s.io". - When unspecified or empty string, core API group is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Service - description: |- - Kind is the Kubernetes resource kind of the referent. For example - "Service". - - Defaults to "Service" when not specified. - - ExternalName services can refer to CNAME DNS records that may live - outside of the cluster and as such are difficult to reason about in - terms of conformance. They also may not be safe to forward to (see - CVE-2021-25740 for more information). Implementations SHOULD NOT - support ExternalName Services. - - Support: Core (Services with a type other than ExternalName) - - Support: Implementation-specific (Services with type ExternalName) - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: |- - Namespace is the namespace of the backend. When unspecified, the local - namespace is inferred. - - Note that when a namespace different than the local namespace is specified, - a ReferenceGrant object is required in the referent namespace to allow that - namespace's owner to accept the reference. See the ReferenceGrant - documentation for details. - - Support: Core - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - port: - description: |- - Port specifies the destination port number to use for this resource. - Port is required when the referent is a Kubernetes Service. In this - case, the port number is the service port number, not the target port. - For other resources, destination port might be derived from the referent - resource or this field. - format: int32 - maximum: 65535 - minimum: 1 - type: integer - required: - - name - type: object - x-kubernetes-validations: - - message: Must have port for Service reference - rule: '(size(self.group) == 0 && self.kind - == ''Service'') ? has(self.port) : true' - required: - - backendRef - type: object - requestRedirect: - description: |- - RequestRedirect defines a schema for a filter that responds to the - request with an HTTP redirection. - - Support: Core - properties: - hostname: - description: |- - Hostname is the hostname to be used in the value of the `Location` - header in the response. - When empty, the hostname in the `Host` header of the request is used. - - Support: Core - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - path: - description: |- - Path defines parameters used to modify the path of the incoming request. - The modified path is then used to construct the `Location` header. When - empty, the request path is used as-is. - - Support: Extended - properties: - replaceFullPath: - description: |- - ReplaceFullPath specifies the value with which to replace the full path - of a request during a rewrite or redirect. - maxLength: 1024 - type: string - replacePrefixMatch: - description: |- - ReplacePrefixMatch specifies the value with which to replace the prefix - match of a request during a rewrite or redirect. For example, a request - to "/foo/bar" with a prefix match of "/foo" and a ReplacePrefixMatch - of "/xyz" would be modified to "/xyz/bar". - - Note that this matches the behavior of the PathPrefix match type. This - matches full path elements. A path element refers to the list of labels - in the path split by the `/` separator. When specified, a trailing `/` is - ignored. For example, the paths `/abc`, `/abc/`, and `/abc/def` would all - match the prefix `/abc`, but the path `/abcd` would not. - - ReplacePrefixMatch is only compatible with a `PathPrefix` HTTPRouteMatch. - Using any other HTTPRouteMatch type on the same HTTPRouteRule will result in - the implementation setting the Accepted Condition for the Route to `status: False`. - - Request Path | Prefix Match | Replace Prefix | Modified Path - maxLength: 1024 - type: string - type: - description: |- - Type defines the type of path modifier. Additional types may be - added in a future release of the API. - - Note that values may be added to this enum, implementations - must ensure that unknown values will not cause a crash. - - Unknown values here must result in the implementation setting the - Accepted Condition for the Route to `status: False`, with a - Reason of `UnsupportedValue`. - enum: - - ReplaceFullPath - - ReplacePrefixMatch - type: string - required: - - type - type: object - x-kubernetes-validations: - - message: replaceFullPath must be specified - when type is set to 'ReplaceFullPath' - rule: 'self.type == ''ReplaceFullPath'' ? - has(self.replaceFullPath) : true' - - message: type must be 'ReplaceFullPath' when - replaceFullPath is set - rule: 'has(self.replaceFullPath) ? self.type - == ''ReplaceFullPath'' : true' - - message: replacePrefixMatch must be specified - when type is set to 'ReplacePrefixMatch' - rule: 'self.type == ''ReplacePrefixMatch'' - ? has(self.replacePrefixMatch) : true' - - message: type must be 'ReplacePrefixMatch' - when replacePrefixMatch is set - rule: 'has(self.replacePrefixMatch) ? self.type - == ''ReplacePrefixMatch'' : true' - port: - description: |- - Port is the port to be used in the value of the `Location` - header in the response. - - If no port is specified, the redirect port MUST be derived using the - following rules: - - * If redirect scheme is not-empty, the redirect port MUST be the well-known - port associated with the redirect scheme. Specifically "http" to port 80 - and "https" to port 443. If the redirect scheme does not have a - well-known port, the listener port of the Gateway SHOULD be used. - * If redirect scheme is empty, the redirect port MUST be the Gateway - Listener port. - - Implementations SHOULD NOT add the port number in the 'Location' - header in the following cases: - - * A Location header that will use HTTP (whether that is determined via - the Listener protocol or the Scheme field) _and_ use port 80. - * A Location header that will use HTTPS (whether that is determined via - the Listener protocol or the Scheme field) _and_ use port 443. - - Support: Extended - format: int32 - maximum: 65535 - minimum: 1 - type: integer - scheme: - description: |- - Scheme is the scheme to be used in the value of the `Location` header in - the response. When empty, the scheme of the request is used. - - Scheme redirects can affect the port of the redirect, for more information, - refer to the documentation for the port field of this filter. - - Note that values may be added to this enum, implementations - must ensure that unknown values will not cause a crash. - - Unknown values here must result in the implementation setting the - Accepted Condition for the Route to `status: False`, with a - Reason of `UnsupportedValue`. - - Support: Extended - enum: - - http - - https - type: string - statusCode: - default: 302 - description: |- - StatusCode is the HTTP status code to be used in response. - - Note that values may be added to this enum, implementations - must ensure that unknown values will not cause a crash. - - Unknown values here must result in the implementation setting the - Accepted Condition for the Route to `status: False`, with a - Reason of `UnsupportedValue`. - - Support: Core - enum: - - 301 - - 302 - type: integer - type: object - responseHeaderModifier: - description: |- - ResponseHeaderModifier defines a schema for a filter that modifies response - headers. - - Support: Extended - properties: - add: - description: |- - Add adds the given header(s) (name, value) to the request - before the action. It appends to any existing values associated - with the header name. - - Input: - GET /foo HTTP/1.1 - my-header: foo - - Config: - add: - - name: "my-header" - value: "bar,baz" - - Output: - GET /foo HTTP/1.1 - my-header: foo,bar,baz - items: - description: HTTPHeader represents an HTTP - Header name and value as defined by RFC - 7230. - properties: - name: - description: |- - Name is the name of the HTTP Header to be matched. Name matching MUST be - case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - - If multiple entries specify equivalent header names, the first entry with - an equivalent name MUST be considered for a match. Subsequent entries - with an equivalent header name MUST be ignored. Due to the - case-insensitivity of header names, "foo" and "Foo" are considered - equivalent. - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP - Header to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - remove: - description: |- - Remove the given header(s) from the HTTP request before the action. The - value of Remove is a list of HTTP header names. Note that the header - names are case-insensitive (see - https://datatracker.ietf.org/doc/html/rfc2616#section-4.2). - - Input: - GET /foo HTTP/1.1 - my-header1: foo - my-header2: bar - my-header3: baz - - Config: - remove: ["my-header1", "my-header3"] - - Output: - GET /foo HTTP/1.1 - my-header2: bar - items: - type: string - maxItems: 16 - type: array - x-kubernetes-list-type: set - set: - description: |- - Set overwrites the request with the given header (name, value) - before the action. - - Input: - GET /foo HTTP/1.1 - my-header: foo - - Config: - set: - - name: "my-header" - value: "bar" - - Output: - GET /foo HTTP/1.1 - my-header: bar - items: - description: HTTPHeader represents an HTTP - Header name and value as defined by RFC - 7230. - properties: - name: - description: |- - Name is the name of the HTTP Header to be matched. Name matching MUST be - case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - - If multiple entries specify equivalent header names, the first entry with - an equivalent name MUST be considered for a match. Subsequent entries - with an equivalent header name MUST be ignored. Due to the - case-insensitivity of header names, "foo" and "Foo" are considered - equivalent. - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP - Header to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - type: - description: |- - Type identifies the type of filter to apply. As with other API fields, - types are classified into three conformance levels: - - - Core: Filter types and their corresponding configuration defined by - "Support: Core" in this package, e.g. "RequestHeaderModifier". All - implementations must support core filters. - - - Extended: Filter types and their corresponding configuration defined by - "Support: Extended" in this package, e.g. "RequestMirror". Implementers - are encouraged to support extended filters. - - - Implementation-specific: Filters that are defined and supported by - specific vendors. - In the future, filters showing convergence in behavior across multiple - implementations will be considered for inclusion in extended or core - conformance levels. Filter-specific configuration for such filters - is specified using the ExtensionRef field. `Type` should be set to - "ExtensionRef" for custom filters. - - Implementers are encouraged to define custom implementation types to - extend the core API with implementation-specific behavior. - - If a reference to a custom filter type cannot be resolved, the filter - MUST NOT be skipped. Instead, requests that would have been processed by - that filter MUST receive a HTTP error response. - - Note that values may be added to this enum, implementations - must ensure that unknown values will not cause a crash. - - Unknown values here must result in the implementation setting the - Accepted Condition for the Route to `status: False`, with a - Reason of `UnsupportedValue`. - enum: - - RequestHeaderModifier - - ResponseHeaderModifier - - RequestMirror - - RequestRedirect - - URLRewrite - - ExtensionRef - type: string - urlRewrite: - description: |- - URLRewrite defines a schema for a filter that modifies a request during forwarding. - - Support: Extended - properties: - hostname: - description: |- - Hostname is the value to be used to replace the Host header value during - forwarding. - - Support: Extended - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - path: - description: |- - Path defines a path rewrite. - - Support: Extended - properties: - replaceFullPath: - description: |- - ReplaceFullPath specifies the value with which to replace the full path - of a request during a rewrite or redirect. - maxLength: 1024 - type: string - replacePrefixMatch: - description: |- - ReplacePrefixMatch specifies the value with which to replace the prefix - match of a request during a rewrite or redirect. For example, a request - to "/foo/bar" with a prefix match of "/foo" and a ReplacePrefixMatch - of "/xyz" would be modified to "/xyz/bar". - - Note that this matches the behavior of the PathPrefix match type. This - matches full path elements. A path element refers to the list of labels - in the path split by the `/` separator. When specified, a trailing `/` is - ignored. For example, the paths `/abc`, `/abc/`, and `/abc/def` would all - match the prefix `/abc`, but the path `/abcd` would not. - - ReplacePrefixMatch is only compatible with a `PathPrefix` HTTPRouteMatch. - Using any other HTTPRouteMatch type on the same HTTPRouteRule will result in - the implementation setting the Accepted Condition for the Route to `status: False`. - - Request Path | Prefix Match | Replace Prefix | Modified Path - maxLength: 1024 - type: string - type: - description: |- - Type defines the type of path modifier. Additional types may be - added in a future release of the API. - - Note that values may be added to this enum, implementations - must ensure that unknown values will not cause a crash. - - Unknown values here must result in the implementation setting the - Accepted Condition for the Route to `status: False`, with a - Reason of `UnsupportedValue`. - enum: - - ReplaceFullPath - - ReplacePrefixMatch - type: string - required: - - type - type: object - x-kubernetes-validations: - - message: replaceFullPath must be specified - when type is set to 'ReplaceFullPath' - rule: 'self.type == ''ReplaceFullPath'' ? - has(self.replaceFullPath) : true' - - message: type must be 'ReplaceFullPath' when - replaceFullPath is set - rule: 'has(self.replaceFullPath) ? self.type - == ''ReplaceFullPath'' : true' - - message: replacePrefixMatch must be specified - when type is set to 'ReplacePrefixMatch' - rule: 'self.type == ''ReplacePrefixMatch'' - ? has(self.replacePrefixMatch) : true' - - message: type must be 'ReplacePrefixMatch' - when replacePrefixMatch is set - rule: 'has(self.replacePrefixMatch) ? self.type - == ''ReplacePrefixMatch'' : true' - type: object - required: - - type - type: object - x-kubernetes-validations: - - message: filter.requestHeaderModifier must be nil - if the filter.type is not RequestHeaderModifier - rule: '!(has(self.requestHeaderModifier) && self.type - != ''RequestHeaderModifier'')' - - message: filter.requestHeaderModifier must be specified - for RequestHeaderModifier filter.type - rule: '!(!has(self.requestHeaderModifier) && self.type - == ''RequestHeaderModifier'')' - - message: filter.responseHeaderModifier must be nil - if the filter.type is not ResponseHeaderModifier - rule: '!(has(self.responseHeaderModifier) && self.type - != ''ResponseHeaderModifier'')' - - message: filter.responseHeaderModifier must be specified - for ResponseHeaderModifier filter.type - rule: '!(!has(self.responseHeaderModifier) && self.type - == ''ResponseHeaderModifier'')' - - message: filter.requestMirror must be nil if the filter.type - is not RequestMirror - rule: '!(has(self.requestMirror) && self.type != ''RequestMirror'')' - - message: filter.requestMirror must be specified for - RequestMirror filter.type - rule: '!(!has(self.requestMirror) && self.type == - ''RequestMirror'')' - - message: filter.requestRedirect must be nil if the - filter.type is not RequestRedirect - rule: '!(has(self.requestRedirect) && self.type != - ''RequestRedirect'')' - - message: filter.requestRedirect must be specified - for RequestRedirect filter.type - rule: '!(!has(self.requestRedirect) && self.type == - ''RequestRedirect'')' - - message: filter.urlRewrite must be nil if the filter.type - is not URLRewrite - rule: '!(has(self.urlRewrite) && self.type != ''URLRewrite'')' - - message: filter.urlRewrite must be specified for URLRewrite - filter.type - rule: '!(!has(self.urlRewrite) && self.type == ''URLRewrite'')' - - message: filter.extensionRef must be nil if the filter.type - is not ExtensionRef - rule: '!(has(self.extensionRef) && self.type != ''ExtensionRef'')' - - message: filter.extensionRef must be specified for - ExtensionRef filter.type - rule: '!(!has(self.extensionRef) && self.type == ''ExtensionRef'')' - maxItems: 16 - type: array - x-kubernetes-validations: - - message: May specify either httpRouteFilterRequestRedirect - or httpRouteFilterRequestRewrite, but not both - rule: '!(self.exists(f, f.type == ''RequestRedirect'') - && self.exists(f, f.type == ''URLRewrite''))' - - message: May specify either httpRouteFilterRequestRedirect - or httpRouteFilterRequestRewrite, but not both - rule: '!(self.exists(f, f.type == ''RequestRedirect'') - && self.exists(f, f.type == ''URLRewrite''))' - - message: RequestHeaderModifier filter cannot be repeated - rule: self.filter(f, f.type == 'RequestHeaderModifier').size() - <= 1 - - message: ResponseHeaderModifier filter cannot be repeated - rule: self.filter(f, f.type == 'ResponseHeaderModifier').size() - <= 1 - - message: RequestRedirect filter cannot be repeated - rule: self.filter(f, f.type == 'RequestRedirect').size() - <= 1 - - message: URLRewrite filter cannot be repeated - rule: self.filter(f, f.type == 'URLRewrite').size() - <= 1 - group: - default: "" - description: |- - Group is the group of the referent. For example, "gateway.networking.k8s.io". - When unspecified or empty string, core API group is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Service - description: |- - Kind is the Kubernetes resource kind of the referent. For example - "Service". - - Defaults to "Service" when not specified. - - ExternalName services can refer to CNAME DNS records that may live - outside of the cluster and as such are difficult to reason about in - terms of conformance. They also may not be safe to forward to (see - CVE-2021-25740 for more information). Implementations SHOULD NOT - support ExternalName Services. - - Support: Core (Services with a type other than ExternalName) - - Support: Implementation-specific (Services with type ExternalName) - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: |- - Namespace is the namespace of the backend. When unspecified, the local - namespace is inferred. - - Note that when a namespace different than the local namespace is specified, - a ReferenceGrant object is required in the referent namespace to allow that - namespace's owner to accept the reference. See the ReferenceGrant - documentation for details. - - Support: Core - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - port: - description: |- - Port specifies the destination port number to use for this resource. - Port is required when the referent is a Kubernetes Service. In this - case, the port number is the service port number, not the target port. - For other resources, destination port might be derived from the referent - resource or this field. - format: int32 - maximum: 65535 - minimum: 1 - type: integer - weight: - default: 1 - description: |- - Weight specifies the proportion of requests forwarded to the referenced - backend. This is computed as weight/(sum of all weights in this - BackendRefs list). For non-zero values, there may be some epsilon from - the exact proportion defined here depending on the precision an - implementation supports. Weight is not a percentage and the sum of - weights does not need to equal 100. - - If only one backend is specified and it has a weight greater than 0, 100% - of the traffic is forwarded to that backend. If weight is set to 0, no - traffic should be forwarded for this entry. If unspecified, weight - defaults to 1. - - Support for this field varies based on the context where used. - format: int32 - maximum: 1000000 - minimum: 0 - type: integer - required: - - name - type: object - x-kubernetes-validations: - - message: Must have port for Service reference - rule: '(size(self.group) == 0 && self.kind == ''Service'') - ? has(self.port) : true' - maxItems: 16 - type: array - filters: - description: |- - Filters define the filters that are applied to requests that match - this rule. - - Wherever possible, implementations SHOULD implement filters in the order - they are specified. - - Implementations MAY choose to implement this ordering strictly, rejecting - any combination or order of filters that can not be supported. If implementations - choose a strict interpretation of filter ordering, they MUST clearly document - that behavior. - - To reject an invalid combination or order of filters, implementations SHOULD - consider the Route Rules with this configuration invalid. If all Route Rules - in a Route are invalid, the entire Route would be considered invalid. If only - a portion of Route Rules are invalid, implementations MUST set the - "PartiallyInvalid" condition for the Route. - - Conformance-levels at this level are defined based on the type of filter: - - - ALL core filters MUST be supported by all implementations. - - Implementers are encouraged to support extended filters. - - Implementation-specific custom filters have no API guarantees across - implementations. - - Specifying the same filter multiple times is not supported unless explicitly - indicated in the filter. - - All filters are expected to be compatible with each other except for the - URLRewrite and RequestRedirect filters, which may not be combined. If an - implementation can not support other combinations of filters, they must clearly - document that limitation. In cases where incompatible or unsupported - filters are specified and cause the `Accepted` condition to be set to status - `False`, implementations may use the `IncompatibleFilters` reason to specify - this configuration error. - - Support: Core - items: - description: |- - HTTPRouteFilter defines processing steps that must be completed during the - request or response lifecycle. HTTPRouteFilters are meant as an extension - point to express processing that may be done in Gateway implementations. Some - examples include request or response modification, implementing - authentication strategies, rate-limiting, and traffic shaping. API - guarantee/conformance is defined based on the type of the filter. - properties: - extensionRef: - description: |- - ExtensionRef is an optional, implementation-specific extension to the - "filter" behavior. For example, resource "myroutefilter" in group - "networking.example.net"). ExtensionRef MUST NOT be used for core and - extended filters. - - This filter can be used multiple times within the same rule. - - Support: Implementation-specific - properties: - group: - description: |- - Group is the group of the referent. For example, "gateway.networking.k8s.io". - When unspecified or empty string, core API group is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - description: Kind is kind of the referent. For example - "HTTPRoute" or "Service". - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - required: - - group - - kind - - name - type: object - requestHeaderModifier: - description: |- - RequestHeaderModifier defines a schema for a filter that modifies request - headers. - - Support: Core - properties: - add: - description: |- - Add adds the given header(s) (name, value) to the request - before the action. It appends to any existing values associated - with the header name. - - Input: - GET /foo HTTP/1.1 - my-header: foo - - Config: - add: - - name: "my-header" - value: "bar,baz" - - Output: - GET /foo HTTP/1.1 - my-header: foo,bar,baz - items: - description: HTTPHeader represents an HTTP Header - name and value as defined by RFC 7230. - properties: - name: - description: |- - Name is the name of the HTTP Header to be matched. Name matching MUST be - case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - - If multiple entries specify equivalent header names, the first entry with - an equivalent name MUST be considered for a match. Subsequent entries - with an equivalent header name MUST be ignored. Due to the - case-insensitivity of header names, "foo" and "Foo" are considered - equivalent. - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP Header - to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - remove: - description: |- - Remove the given header(s) from the HTTP request before the action. The - value of Remove is a list of HTTP header names. Note that the header - names are case-insensitive (see - https://datatracker.ietf.org/doc/html/rfc2616#section-4.2). - - Input: - GET /foo HTTP/1.1 - my-header1: foo - my-header2: bar - my-header3: baz - - Config: - remove: ["my-header1", "my-header3"] - - Output: - GET /foo HTTP/1.1 - my-header2: bar - items: - type: string - maxItems: 16 - type: array - x-kubernetes-list-type: set - set: - description: |- - Set overwrites the request with the given header (name, value) - before the action. - - Input: - GET /foo HTTP/1.1 - my-header: foo - - Config: - set: - - name: "my-header" - value: "bar" - - Output: - GET /foo HTTP/1.1 - my-header: bar - items: - description: HTTPHeader represents an HTTP Header - name and value as defined by RFC 7230. - properties: - name: - description: |- - Name is the name of the HTTP Header to be matched. Name matching MUST be - case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - - If multiple entries specify equivalent header names, the first entry with - an equivalent name MUST be considered for a match. Subsequent entries - with an equivalent header name MUST be ignored. Due to the - case-insensitivity of header names, "foo" and "Foo" are considered - equivalent. - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP Header - to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - requestMirror: - description: |+ - RequestMirror defines a schema for a filter that mirrors requests. - Requests are sent to the specified destination, but responses from - that destination are ignored. - - This filter can be used multiple times within the same rule. Note that - not all implementations will be able to support mirroring to multiple - backends. - - Support: Extended - - properties: - backendRef: - description: |- - BackendRef references a resource where mirrored requests are sent. - - Mirrored requests must be sent only to a single destination endpoint - within this BackendRef, irrespective of how many endpoints are present - within this BackendRef. - - If the referent cannot be found, this BackendRef is invalid and must be - dropped from the Gateway. The controller must ensure the "ResolvedRefs" - condition on the Route status is set to `status: False` and not configure - this backend in the underlying implementation. - - If there is a cross-namespace reference to an *existing* object - that is not allowed by a ReferenceGrant, the controller must ensure the - "ResolvedRefs" condition on the Route is set to `status: False`, - with the "RefNotPermitted" reason and not configure this backend in the - underlying implementation. - - In either error case, the Message of the `ResolvedRefs` Condition - should be used to provide more detail about the problem. - - Support: Extended for Kubernetes Service - - Support: Implementation-specific for any other resource - properties: - group: - default: "" - description: |- - Group is the group of the referent. For example, "gateway.networking.k8s.io". - When unspecified or empty string, core API group is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Service - description: |- - Kind is the Kubernetes resource kind of the referent. For example - "Service". - - Defaults to "Service" when not specified. - - ExternalName services can refer to CNAME DNS records that may live - outside of the cluster and as such are difficult to reason about in - terms of conformance. They also may not be safe to forward to (see - CVE-2021-25740 for more information). Implementations SHOULD NOT - support ExternalName Services. - - Support: Core (Services with a type other than ExternalName) - - Support: Implementation-specific (Services with type ExternalName) - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: |- - Namespace is the namespace of the backend. When unspecified, the local - namespace is inferred. - - Note that when a namespace different than the local namespace is specified, - a ReferenceGrant object is required in the referent namespace to allow that - namespace's owner to accept the reference. See the ReferenceGrant - documentation for details. - - Support: Core - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - port: - description: |- - Port specifies the destination port number to use for this resource. - Port is required when the referent is a Kubernetes Service. In this - case, the port number is the service port number, not the target port. - For other resources, destination port might be derived from the referent - resource or this field. - format: int32 - maximum: 65535 - minimum: 1 - type: integer - required: - - name - type: object - x-kubernetes-validations: - - message: Must have port for Service reference - rule: '(size(self.group) == 0 && self.kind == ''Service'') - ? has(self.port) : true' - required: - - backendRef - type: object - requestRedirect: - description: |- - RequestRedirect defines a schema for a filter that responds to the - request with an HTTP redirection. - - Support: Core - properties: - hostname: - description: |- - Hostname is the hostname to be used in the value of the `Location` - header in the response. - When empty, the hostname in the `Host` header of the request is used. - - Support: Core - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - path: - description: |- - Path defines parameters used to modify the path of the incoming request. - The modified path is then used to construct the `Location` header. When - empty, the request path is used as-is. - - Support: Extended - properties: - replaceFullPath: - description: |- - ReplaceFullPath specifies the value with which to replace the full path - of a request during a rewrite or redirect. - maxLength: 1024 - type: string - replacePrefixMatch: - description: |- - ReplacePrefixMatch specifies the value with which to replace the prefix - match of a request during a rewrite or redirect. For example, a request - to "/foo/bar" with a prefix match of "/foo" and a ReplacePrefixMatch - of "/xyz" would be modified to "/xyz/bar". - - Note that this matches the behavior of the PathPrefix match type. This - matches full path elements. A path element refers to the list of labels - in the path split by the `/` separator. When specified, a trailing `/` is - ignored. For example, the paths `/abc`, `/abc/`, and `/abc/def` would all - match the prefix `/abc`, but the path `/abcd` would not. - - ReplacePrefixMatch is only compatible with a `PathPrefix` HTTPRouteMatch. - Using any other HTTPRouteMatch type on the same HTTPRouteRule will result in - the implementation setting the Accepted Condition for the Route to `status: False`. - - Request Path | Prefix Match | Replace Prefix | Modified Path - maxLength: 1024 - type: string - type: - description: |- - Type defines the type of path modifier. Additional types may be - added in a future release of the API. - - Note that values may be added to this enum, implementations - must ensure that unknown values will not cause a crash. - - Unknown values here must result in the implementation setting the - Accepted Condition for the Route to `status: False`, with a - Reason of `UnsupportedValue`. - enum: - - ReplaceFullPath - - ReplacePrefixMatch - type: string - required: - - type - type: object - x-kubernetes-validations: - - message: replaceFullPath must be specified when - type is set to 'ReplaceFullPath' - rule: 'self.type == ''ReplaceFullPath'' ? has(self.replaceFullPath) - : true' - - message: type must be 'ReplaceFullPath' when replaceFullPath - is set - rule: 'has(self.replaceFullPath) ? self.type == - ''ReplaceFullPath'' : true' - - message: replacePrefixMatch must be specified when - type is set to 'ReplacePrefixMatch' - rule: 'self.type == ''ReplacePrefixMatch'' ? has(self.replacePrefixMatch) - : true' - - message: type must be 'ReplacePrefixMatch' when - replacePrefixMatch is set - rule: 'has(self.replacePrefixMatch) ? self.type - == ''ReplacePrefixMatch'' : true' - port: - description: |- - Port is the port to be used in the value of the `Location` - header in the response. - - If no port is specified, the redirect port MUST be derived using the - following rules: - - * If redirect scheme is not-empty, the redirect port MUST be the well-known - port associated with the redirect scheme. Specifically "http" to port 80 - and "https" to port 443. If the redirect scheme does not have a - well-known port, the listener port of the Gateway SHOULD be used. - * If redirect scheme is empty, the redirect port MUST be the Gateway - Listener port. - - Implementations SHOULD NOT add the port number in the 'Location' - header in the following cases: - - * A Location header that will use HTTP (whether that is determined via - the Listener protocol or the Scheme field) _and_ use port 80. - * A Location header that will use HTTPS (whether that is determined via - the Listener protocol or the Scheme field) _and_ use port 443. - - Support: Extended - format: int32 - maximum: 65535 - minimum: 1 - type: integer - scheme: - description: |- - Scheme is the scheme to be used in the value of the `Location` header in - the response. When empty, the scheme of the request is used. - - Scheme redirects can affect the port of the redirect, for more information, - refer to the documentation for the port field of this filter. - - Note that values may be added to this enum, implementations - must ensure that unknown values will not cause a crash. - - Unknown values here must result in the implementation setting the - Accepted Condition for the Route to `status: False`, with a - Reason of `UnsupportedValue`. - - Support: Extended - enum: - - http - - https - type: string - statusCode: - default: 302 - description: |- - StatusCode is the HTTP status code to be used in response. - - Note that values may be added to this enum, implementations - must ensure that unknown values will not cause a crash. - - Unknown values here must result in the implementation setting the - Accepted Condition for the Route to `status: False`, with a - Reason of `UnsupportedValue`. - - Support: Core - enum: - - 301 - - 302 - type: integer - type: object - responseHeaderModifier: - description: |- - ResponseHeaderModifier defines a schema for a filter that modifies response - headers. - - Support: Extended - properties: - add: - description: |- - Add adds the given header(s) (name, value) to the request - before the action. It appends to any existing values associated - with the header name. - - Input: - GET /foo HTTP/1.1 - my-header: foo - - Config: - add: - - name: "my-header" - value: "bar,baz" - - Output: - GET /foo HTTP/1.1 - my-header: foo,bar,baz - items: - description: HTTPHeader represents an HTTP Header - name and value as defined by RFC 7230. - properties: - name: - description: |- - Name is the name of the HTTP Header to be matched. Name matching MUST be - case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - - If multiple entries specify equivalent header names, the first entry with - an equivalent name MUST be considered for a match. Subsequent entries - with an equivalent header name MUST be ignored. Due to the - case-insensitivity of header names, "foo" and "Foo" are considered - equivalent. - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP Header - to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - remove: - description: |- - Remove the given header(s) from the HTTP request before the action. The - value of Remove is a list of HTTP header names. Note that the header - names are case-insensitive (see - https://datatracker.ietf.org/doc/html/rfc2616#section-4.2). - - Input: - GET /foo HTTP/1.1 - my-header1: foo - my-header2: bar - my-header3: baz - - Config: - remove: ["my-header1", "my-header3"] - - Output: - GET /foo HTTP/1.1 - my-header2: bar - items: - type: string - maxItems: 16 - type: array - x-kubernetes-list-type: set - set: - description: |- - Set overwrites the request with the given header (name, value) - before the action. - - Input: - GET /foo HTTP/1.1 - my-header: foo - - Config: - set: - - name: "my-header" - value: "bar" - - Output: - GET /foo HTTP/1.1 - my-header: bar - items: - description: HTTPHeader represents an HTTP Header - name and value as defined by RFC 7230. - properties: - name: - description: |- - Name is the name of the HTTP Header to be matched. Name matching MUST be - case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - - If multiple entries specify equivalent header names, the first entry with - an equivalent name MUST be considered for a match. Subsequent entries - with an equivalent header name MUST be ignored. Due to the - case-insensitivity of header names, "foo" and "Foo" are considered - equivalent. - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP Header - to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - type: - description: |- - Type identifies the type of filter to apply. As with other API fields, - types are classified into three conformance levels: - - - Core: Filter types and their corresponding configuration defined by - "Support: Core" in this package, e.g. "RequestHeaderModifier". All - implementations must support core filters. - - - Extended: Filter types and their corresponding configuration defined by - "Support: Extended" in this package, e.g. "RequestMirror". Implementers - are encouraged to support extended filters. - - - Implementation-specific: Filters that are defined and supported by - specific vendors. - In the future, filters showing convergence in behavior across multiple - implementations will be considered for inclusion in extended or core - conformance levels. Filter-specific configuration for such filters - is specified using the ExtensionRef field. `Type` should be set to - "ExtensionRef" for custom filters. - - Implementers are encouraged to define custom implementation types to - extend the core API with implementation-specific behavior. - - If a reference to a custom filter type cannot be resolved, the filter - MUST NOT be skipped. Instead, requests that would have been processed by - that filter MUST receive a HTTP error response. - - Note that values may be added to this enum, implementations - must ensure that unknown values will not cause a crash. - - Unknown values here must result in the implementation setting the - Accepted Condition for the Route to `status: False`, with a - Reason of `UnsupportedValue`. - enum: - - RequestHeaderModifier - - ResponseHeaderModifier - - RequestMirror - - RequestRedirect - - URLRewrite - - ExtensionRef - type: string - urlRewrite: - description: |- - URLRewrite defines a schema for a filter that modifies a request during forwarding. - - Support: Extended - properties: - hostname: - description: |- - Hostname is the value to be used to replace the Host header value during - forwarding. - - Support: Extended - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - path: - description: |- - Path defines a path rewrite. - - Support: Extended - properties: - replaceFullPath: - description: |- - ReplaceFullPath specifies the value with which to replace the full path - of a request during a rewrite or redirect. - maxLength: 1024 - type: string - replacePrefixMatch: - description: |- - ReplacePrefixMatch specifies the value with which to replace the prefix - match of a request during a rewrite or redirect. For example, a request - to "/foo/bar" with a prefix match of "/foo" and a ReplacePrefixMatch - of "/xyz" would be modified to "/xyz/bar". - - Note that this matches the behavior of the PathPrefix match type. This - matches full path elements. A path element refers to the list of labels - in the path split by the `/` separator. When specified, a trailing `/` is - ignored. For example, the paths `/abc`, `/abc/`, and `/abc/def` would all - match the prefix `/abc`, but the path `/abcd` would not. - - ReplacePrefixMatch is only compatible with a `PathPrefix` HTTPRouteMatch. - Using any other HTTPRouteMatch type on the same HTTPRouteRule will result in - the implementation setting the Accepted Condition for the Route to `status: False`. - - Request Path | Prefix Match | Replace Prefix | Modified Path - maxLength: 1024 - type: string - type: - description: |- - Type defines the type of path modifier. Additional types may be - added in a future release of the API. - - Note that values may be added to this enum, implementations - must ensure that unknown values will not cause a crash. - - Unknown values here must result in the implementation setting the - Accepted Condition for the Route to `status: False`, with a - Reason of `UnsupportedValue`. - enum: - - ReplaceFullPath - - ReplacePrefixMatch - type: string - required: - - type - type: object - x-kubernetes-validations: - - message: replaceFullPath must be specified when - type is set to 'ReplaceFullPath' - rule: 'self.type == ''ReplaceFullPath'' ? has(self.replaceFullPath) - : true' - - message: type must be 'ReplaceFullPath' when replaceFullPath - is set - rule: 'has(self.replaceFullPath) ? self.type == - ''ReplaceFullPath'' : true' - - message: replacePrefixMatch must be specified when - type is set to 'ReplacePrefixMatch' - rule: 'self.type == ''ReplacePrefixMatch'' ? has(self.replacePrefixMatch) - : true' - - message: type must be 'ReplacePrefixMatch' when - replacePrefixMatch is set - rule: 'has(self.replacePrefixMatch) ? self.type - == ''ReplacePrefixMatch'' : true' - type: object - required: - - type - type: object - x-kubernetes-validations: - - message: filter.requestHeaderModifier must be nil if the - filter.type is not RequestHeaderModifier - rule: '!(has(self.requestHeaderModifier) && self.type != - ''RequestHeaderModifier'')' - - message: filter.requestHeaderModifier must be specified - for RequestHeaderModifier filter.type - rule: '!(!has(self.requestHeaderModifier) && self.type == - ''RequestHeaderModifier'')' - - message: filter.responseHeaderModifier must be nil if the - filter.type is not ResponseHeaderModifier - rule: '!(has(self.responseHeaderModifier) && self.type != - ''ResponseHeaderModifier'')' - - message: filter.responseHeaderModifier must be specified - for ResponseHeaderModifier filter.type - rule: '!(!has(self.responseHeaderModifier) && self.type - == ''ResponseHeaderModifier'')' - - message: filter.requestMirror must be nil if the filter.type - is not RequestMirror - rule: '!(has(self.requestMirror) && self.type != ''RequestMirror'')' - - message: filter.requestMirror must be specified for RequestMirror - filter.type - rule: '!(!has(self.requestMirror) && self.type == ''RequestMirror'')' - - message: filter.requestRedirect must be nil if the filter.type - is not RequestRedirect - rule: '!(has(self.requestRedirect) && self.type != ''RequestRedirect'')' - - message: filter.requestRedirect must be specified for RequestRedirect - filter.type - rule: '!(!has(self.requestRedirect) && self.type == ''RequestRedirect'')' - - message: filter.urlRewrite must be nil if the filter.type - is not URLRewrite - rule: '!(has(self.urlRewrite) && self.type != ''URLRewrite'')' - - message: filter.urlRewrite must be specified for URLRewrite - filter.type - rule: '!(!has(self.urlRewrite) && self.type == ''URLRewrite'')' - - message: filter.extensionRef must be nil if the filter.type - is not ExtensionRef - rule: '!(has(self.extensionRef) && self.type != ''ExtensionRef'')' - - message: filter.extensionRef must be specified for ExtensionRef - filter.type - rule: '!(!has(self.extensionRef) && self.type == ''ExtensionRef'')' - maxItems: 16 - type: array - x-kubernetes-validations: - - message: May specify either httpRouteFilterRequestRedirect - or httpRouteFilterRequestRewrite, but not both - rule: '!(self.exists(f, f.type == ''RequestRedirect'') && - self.exists(f, f.type == ''URLRewrite''))' - - message: RequestHeaderModifier filter cannot be repeated - rule: self.filter(f, f.type == 'RequestHeaderModifier').size() - <= 1 - - message: ResponseHeaderModifier filter cannot be repeated - rule: self.filter(f, f.type == 'ResponseHeaderModifier').size() - <= 1 - - message: RequestRedirect filter cannot be repeated - rule: self.filter(f, f.type == 'RequestRedirect').size() <= - 1 - - message: URLRewrite filter cannot be repeated - rule: self.filter(f, f.type == 'URLRewrite').size() <= 1 - matches: - default: - - path: - type: PathPrefix - value: / - description: |- - Matches define conditions used for matching the rule against incoming - HTTP requests. Each match is independent, i.e. this rule will be matched - if **any** one of the matches is satisfied. - - For example, take the following matches configuration: - - ``` - matches: - - path: - value: "/foo" - headers: - - name: "version" - value: "v2" - - path: - value: "/v2/foo" - ``` - - For a request to match against this rule, a request must satisfy - EITHER of the two conditions: - - - path prefixed with `/foo` AND contains the header `version: v2` - - path prefix of `/v2/foo` - - See the documentation for HTTPRouteMatch on how to specify multiple - match conditions that should be ANDed together. - - If no matches are specified, the default is a prefix - path match on "/", which has the effect of matching every - HTTP request. - - Proxy or Load Balancer routing configuration generated from HTTPRoutes - MUST prioritize matches based on the following criteria, continuing on - ties. Across all rules specified on applicable Routes, precedence must be - given to the match having: - - * "Exact" path match. - * "Prefix" path match with largest number of characters. - * Method match. - * Largest number of header matches. - * Largest number of query param matches. - - Note: The precedence of RegularExpression path matches are implementation-specific. - - If ties still exist across multiple Routes, matching precedence MUST be - determined in order of the following criteria, continuing on ties: - - * The oldest Route based on creation timestamp. - * The Route appearing first in alphabetical order by - "{namespace}/{name}". - - If ties still exist within an HTTPRoute, matching precedence MUST be granted - to the FIRST matching rule (in list order) with a match meeting the above - criteria. - - When no rules matching a request have been successfully attached to the - parent a request is coming from, a HTTP 404 status code MUST be returned. - items: - description: "HTTPRouteMatch defines the predicate used to - match requests to a given\naction. Multiple match types - are ANDed together, i.e. the match will\nevaluate to true - only if all conditions are satisfied.\n\nFor example, the - match below will match a HTTP request only if its path\nstarts - with `/foo` AND it contains the `version: v1` header:\n\n```\nmatch:\n\n\tpath:\n\t - \ value: \"/foo\"\n\theaders:\n\t- name: \"version\"\n\t - \ value \"v1\"\n\n```" - properties: - headers: - description: |- - Headers specifies HTTP request header matchers. Multiple match values are - ANDed together, meaning, a request must match all the specified headers - to select the route. - items: - description: |- - HTTPHeaderMatch describes how to select a HTTP route by matching HTTP request - headers. - properties: - name: - description: |- - Name is the name of the HTTP Header to be matched. Name matching MUST be - case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - - If multiple entries specify equivalent header names, only the first - entry with an equivalent name MUST be considered for a match. Subsequent - entries with an equivalent header name MUST be ignored. Due to the - case-insensitivity of header names, "foo" and "Foo" are considered - equivalent. - - When a header is repeated in an HTTP request, it is - implementation-specific behavior as to how this is represented. - Generally, proxies should follow the guidance from the RFC: - https://www.rfc-editor.org/rfc/rfc7230.html#section-3.2.2 regarding - processing a repeated header, with special handling for "Set-Cookie". - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - type: - default: Exact - description: |- - Type specifies how to match against the value of the header. - - Support: Core (Exact) - - Support: Implementation-specific (RegularExpression) - - Since RegularExpression HeaderMatchType has implementation-specific - conformance, implementations can support POSIX, PCRE or any other dialects - of regular expressions. Please read the implementation's documentation to - determine the supported dialect. - enum: - - Exact - - RegularExpression - type: string - value: - description: Value is the value of HTTP Header to - be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - method: - description: |- - Method specifies HTTP method matcher. - When specified, this route will be matched only if the request has the - specified method. - - Support: Extended - enum: - - GET - - HEAD - - POST - - PUT - - DELETE - - CONNECT - - OPTIONS - - TRACE - - PATCH - type: string - path: - default: - type: PathPrefix - value: / - description: |- - Path specifies a HTTP request path matcher. If this field is not - specified, a default prefix match on the "/" path is provided. - properties: - type: - default: PathPrefix - description: |- - Type specifies how to match against the path Value. - - Support: Core (Exact, PathPrefix) - - Support: Implementation-specific (RegularExpression) - enum: - - Exact - - PathPrefix - - RegularExpression - type: string - value: - default: / - description: Value of the HTTP path to match against. - maxLength: 1024 - type: string - type: object - x-kubernetes-validations: - - message: value must be an absolute path and start with - '/' when type one of ['Exact', 'PathPrefix'] - rule: '(self.type in [''Exact'',''PathPrefix'']) ? self.value.startsWith(''/'') - : true' - - message: must not contain '//' when type one of ['Exact', - 'PathPrefix'] - rule: '(self.type in [''Exact'',''PathPrefix'']) ? !self.value.contains(''//'') - : true' - - message: must not contain '/./' when type one of ['Exact', - 'PathPrefix'] - rule: '(self.type in [''Exact'',''PathPrefix'']) ? !self.value.contains(''/./'') - : true' - - message: must not contain '/../' when type one of ['Exact', - 'PathPrefix'] - rule: '(self.type in [''Exact'',''PathPrefix'']) ? !self.value.contains(''/../'') - : true' - - message: must not contain '%2f' when type one of ['Exact', - 'PathPrefix'] - rule: '(self.type in [''Exact'',''PathPrefix'']) ? !self.value.contains(''%2f'') - : true' - - message: must not contain '%2F' when type one of ['Exact', - 'PathPrefix'] - rule: '(self.type in [''Exact'',''PathPrefix'']) ? !self.value.contains(''%2F'') - : true' - - message: must not contain '#' when type one of ['Exact', - 'PathPrefix'] - rule: '(self.type in [''Exact'',''PathPrefix'']) ? !self.value.contains(''#'') - : true' - - message: must not end with '/..' when type one of ['Exact', - 'PathPrefix'] - rule: '(self.type in [''Exact'',''PathPrefix'']) ? !self.value.endsWith(''/..'') - : true' - - message: must not end with '/.' when type one of ['Exact', - 'PathPrefix'] - rule: '(self.type in [''Exact'',''PathPrefix'']) ? !self.value.endsWith(''/.'') - : true' - - message: type must be one of ['Exact', 'PathPrefix', - 'RegularExpression'] - rule: self.type in ['Exact','PathPrefix'] || self.type - == 'RegularExpression' - - message: must only contain valid characters (matching - ^(?:[-A-Za-z0-9/._~!$&'()*+,;=:@]|[%][0-9a-fA-F]{2})+$) - for types ['Exact', 'PathPrefix'] - rule: '(self.type in [''Exact'',''PathPrefix'']) ? self.value.matches(r"""^(?:[-A-Za-z0-9/._~!$&''()*+,;=:@]|[%][0-9a-fA-F]{2})+$""") - : true' - queryParams: - description: |- - QueryParams specifies HTTP query parameter matchers. Multiple match - values are ANDed together, meaning, a request must match all the - specified query parameters to select the route. - - Support: Extended - items: - description: |- - HTTPQueryParamMatch describes how to select a HTTP route by matching HTTP - query parameters. - properties: - name: - description: |- - Name is the name of the HTTP query param to be matched. This must be an - exact string match. (See - https://tools.ietf.org/html/rfc7230#section-2.7.3). - - If multiple entries specify equivalent query param names, only the first - entry with an equivalent name MUST be considered for a match. Subsequent - entries with an equivalent query param name MUST be ignored. - - If a query param is repeated in an HTTP request, the behavior is - purposely left undefined, since different data planes have different - capabilities. However, it is *recommended* that implementations should - match against the first value of the param if the data plane supports it, - as this behavior is expected in other load balancing contexts outside of - the Gateway API. - - Users SHOULD NOT route traffic based on repeated query params to guard - themselves against potential differences in the implementations. - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - type: - default: Exact - description: |- - Type specifies how to match against the value of the query parameter. - - Support: Extended (Exact) - - Support: Implementation-specific (RegularExpression) - - Since RegularExpression QueryParamMatchType has Implementation-specific - conformance, implementations can support POSIX, PCRE or any other - dialects of regular expressions. Please read the implementation's - documentation to determine the supported dialect. - enum: - - Exact - - RegularExpression - type: string - value: - description: Value is the value of HTTP query param - to be matched. - maxLength: 1024 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - maxItems: 64 - type: array - timeouts: - description: |- - Timeouts defines the timeouts that can be configured for an HTTP request. - - Support: Extended - properties: - backendRequest: - description: |- - BackendRequest specifies a timeout for an individual request from the gateway - to a backend. This covers the time from when the request first starts being - sent from the gateway to when the full response has been received from the backend. - - Setting a timeout to the zero duration (e.g. "0s") SHOULD disable the timeout - completely. Implementations that cannot completely disable the timeout MUST - instead interpret the zero duration as the longest possible value to which - the timeout can be set. - - An entire client HTTP transaction with a gateway, covered by the Request timeout, - may result in more than one call from the gateway to the destination backend, - for example, if automatic retries are supported. - - The value of BackendRequest must be a Gateway API Duration string as defined by - GEP-2257. When this field is unspecified, its behavior is implementation-specific; - when specified, the value of BackendRequest must be no more than the value of the - Request timeout (since the Request timeout encompasses the BackendRequest timeout). - - Support: Extended - pattern: ^([0-9]{1,5}(h|m|s|ms)){1,4}$ - type: string - request: - description: |- - Request specifies the maximum duration for a gateway to respond to an HTTP request. - If the gateway has not been able to respond before this deadline is met, the gateway - MUST return a timeout error. - - For example, setting the `rules.timeouts.request` field to the value `10s` in an - `HTTPRoute` will cause a timeout if a client request is taking longer than 10 seconds - to complete. - - Setting a timeout to the zero duration (e.g. "0s") SHOULD disable the timeout - completely. Implementations that cannot completely disable the timeout MUST - instead interpret the zero duration as the longest possible value to which - the timeout can be set. - - This timeout is intended to cover as close to the whole request-response transaction - as possible although an implementation MAY choose to start the timeout after the entire - request stream has been received instead of immediately after the transaction is - initiated by the client. - - The value of Request is a Gateway API Duration string as defined by GEP-2257. When this - field is unspecified, request timeout behavior is implementation-specific. - - Support: Extended - pattern: ^([0-9]{1,5}(h|m|s|ms)){1,4}$ - type: string - type: object - x-kubernetes-validations: - - message: backendRequest timeout cannot be longer than request - timeout - rule: '!(has(self.request) && has(self.backendRequest) && - duration(self.request) != duration(''0s'') && duration(self.backendRequest) - > duration(self.request))' - type: object - x-kubernetes-validations: - - message: RequestRedirect filter must not be used together with - backendRefs - rule: '(has(self.backendRefs) && size(self.backendRefs) > 0) ? - (!has(self.filters) || self.filters.all(f, !has(f.requestRedirect))): - true' - - message: When using RequestRedirect filter with path.replacePrefixMatch, - exactly one PathPrefix match must be specified - rule: '(has(self.filters) && self.filters.exists_one(f, has(f.requestRedirect) - && has(f.requestRedirect.path) && f.requestRedirect.path.type - == ''ReplacePrefixMatch'' && has(f.requestRedirect.path.replacePrefixMatch))) - ? ((size(self.matches) != 1 || !has(self.matches[0].path) || - self.matches[0].path.type != ''PathPrefix'') ? false : true) - : true' - - message: When using URLRewrite filter with path.replacePrefixMatch, - exactly one PathPrefix match must be specified - rule: '(has(self.filters) && self.filters.exists_one(f, has(f.urlRewrite) - && has(f.urlRewrite.path) && f.urlRewrite.path.type == ''ReplacePrefixMatch'' - && has(f.urlRewrite.path.replacePrefixMatch))) ? ((size(self.matches) - != 1 || !has(self.matches[0].path) || self.matches[0].path.type - != ''PathPrefix'') ? false : true) : true' - - message: Within backendRefs, when using RequestRedirect filter - with path.replacePrefixMatch, exactly one PathPrefix match must - be specified - rule: '(has(self.backendRefs) && self.backendRefs.exists_one(b, - (has(b.filters) && b.filters.exists_one(f, has(f.requestRedirect) - && has(f.requestRedirect.path) && f.requestRedirect.path.type - == ''ReplacePrefixMatch'' && has(f.requestRedirect.path.replacePrefixMatch))) - )) ? ((size(self.matches) != 1 || !has(self.matches[0].path) - || self.matches[0].path.type != ''PathPrefix'') ? false : true) - : true' - - message: Within backendRefs, When using URLRewrite filter with - path.replacePrefixMatch, exactly one PathPrefix match must be - specified - rule: '(has(self.backendRefs) && self.backendRefs.exists_one(b, - (has(b.filters) && b.filters.exists_one(f, has(f.urlRewrite) - && has(f.urlRewrite.path) && f.urlRewrite.path.type == ''ReplacePrefixMatch'' - && has(f.urlRewrite.path.replacePrefixMatch))) )) ? ((size(self.matches) - != 1 || !has(self.matches[0].path) || self.matches[0].path.type - != ''PathPrefix'') ? false : true) : true' - maxItems: 16 - type: array - x-kubernetes-validations: - - message: While 16 rules and 64 matches per rule are allowed, the - total number of matches across all rules in a route must be less - than 128 - rule: '(self.size() > 0 ? self[0].matches.size() : 0) + (self.size() - > 1 ? self[1].matches.size() : 0) + (self.size() > 2 ? self[2].matches.size() - : 0) + (self.size() > 3 ? self[3].matches.size() : 0) + (self.size() - > 4 ? self[4].matches.size() : 0) + (self.size() > 5 ? self[5].matches.size() - : 0) + (self.size() > 6 ? self[6].matches.size() : 0) + (self.size() - > 7 ? self[7].matches.size() : 0) + (self.size() > 8 ? self[8].matches.size() - : 0) + (self.size() > 9 ? self[9].matches.size() : 0) + (self.size() - > 10 ? self[10].matches.size() : 0) + (self.size() > 11 ? self[11].matches.size() - : 0) + (self.size() > 12 ? self[12].matches.size() : 0) + (self.size() - > 13 ? self[13].matches.size() : 0) + (self.size() > 14 ? self[14].matches.size() - : 0) + (self.size() > 15 ? self[15].matches.size() : 0) <= 128' - type: object - status: - description: Status defines the current state of HTTPRoute. - properties: - parents: - description: |- - Parents is a list of parent resources (usually Gateways) that are - associated with the route, and the status of the route with respect to - each parent. When this route attaches to a parent, the controller that - manages the parent must add an entry to this list when the controller - first sees the route and should update the entry as appropriate when the - route or gateway is modified. - - Note that parent references that cannot be resolved by an implementation - of this API will not be added to this list. Implementations of this API - can only populate Route status for the Gateways/parent resources they are - responsible for. - - A maximum of 32 Gateways will be represented in this list. An empty list - means the route has not been attached to any Gateway. - items: - description: |- - RouteParentStatus describes the status of a route with respect to an - associated Parent. - properties: - conditions: - description: |- - Conditions describes the status of the route with respect to the Gateway. - Note that the route's availability is also subject to the Gateway's own - status conditions and listener status. - - If the Route's ParentRef specifies an existing Gateway that supports - Routes of this kind AND that Gateway's controller has sufficient access, - then that Gateway's controller MUST set the "Accepted" condition on the - Route, to indicate whether the route has been accepted or rejected by the - Gateway, and why. - - A Route MUST be considered "Accepted" if at least one of the Route's - rules is implemented by the Gateway. - - There are a number of cases where the "Accepted" condition may not be set - due to lack of controller visibility, that includes when: - - * The Route refers to a non-existent parent. - * The Route is of a type that the controller does not support. - * The Route is in a namespace the controller does not have access to. - items: - description: Condition contains details for one aspect of - the current state of this API Resource. - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, - Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - maxItems: 8 - minItems: 1 - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - controllerName: - description: |- - ControllerName is a domain/path string that indicates the name of the - controller that wrote this status. This corresponds with the - controllerName field on GatewayClass. - - Example: "example.net/gateway-controller". - - The format of this field is DOMAIN "/" PATH, where DOMAIN and PATH are - valid Kubernetes names - (https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names). - - Controllers MUST populate this field when writing status. Controllers should ensure that - entries to status populated with their ControllerName are cleaned up when they are no - longer necessary. - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9\/\-._~%!$&'()*+,;=:]+$ - type: string - parentRef: - description: |- - ParentRef corresponds with a ParentRef in the spec that this - RouteParentStatus struct describes the status of. - properties: - group: - default: gateway.networking.k8s.io - description: |- - Group is the group of the referent. - When unspecified, "gateway.networking.k8s.io" is inferred. - To set the core API group (such as for a "Service" kind referent), - Group must be explicitly set to "" (empty string). - - Support: Core - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Gateway - description: |- - Kind is kind of the referent. - - There are two kinds of parent resources with "Core" support: - - * Gateway (Gateway conformance profile) - * Service (Mesh conformance profile, ClusterIP Services only) - - Support for other resources is Implementation-Specific. - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: |- - Name is the name of the referent. - - Support: Core - maxLength: 253 - minLength: 1 - type: string - namespace: - description: |- - Namespace is the namespace of the referent. When unspecified, this refers - to the local namespace of the Route. - - Note that there are specific rules for ParentRefs which cross namespace - boundaries. Cross-namespace references are only valid if they are explicitly - allowed by something in the namespace they are referring to. For example: - Gateway has the AllowedRoutes field, and ReferenceGrant provides a - generic way to enable any other kind of cross-namespace reference. - - - - Support: Core - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - port: - description: |- - Port is the network port this Route targets. It can be interpreted - differently based on the type of parent resource. - - When the parent resource is a Gateway, this targets all listeners - listening on the specified port that also support this kind of Route(and - select this Route). It's not recommended to set `Port` unless the - networking behaviors specified in a Route must apply to a specific port - as opposed to a listener(s) whose port(s) may be changed. When both Port - and SectionName are specified, the name and port of the selected listener - must match both specified values. - - - - Implementations MAY choose to support other parent resources. - Implementations supporting other types of parent resources MUST clearly - document how/if Port is interpreted. - - For the purpose of status, an attachment is considered successful as - long as the parent resource accepts it partially. For example, Gateway - listeners can restrict which Routes can attach to them by Route kind, - namespace, or hostname. If 1 of 2 Gateway listeners accept attachment - from the referencing Route, the Route MUST be considered successfully - attached. If no Gateway listeners accept attachment from this Route, - the Route MUST be considered detached from the Gateway. - - Support: Extended - format: int32 - maximum: 65535 - minimum: 1 - type: integer - sectionName: - description: |- - SectionName is the name of a section within the target resource. In the - following resources, SectionName is interpreted as the following: - - * Gateway: Listener name. When both Port (experimental) and SectionName - are specified, the name and port of the selected listener must match - both specified values. - * Service: Port name. When both Port (experimental) and SectionName - are specified, the name and port of the selected listener must match - both specified values. - - Implementations MAY choose to support attaching Routes to other resources. - If that is the case, they MUST clearly document how SectionName is - interpreted. - - When unspecified (empty string), this will reference the entire resource. - For the purpose of status, an attachment is considered successful if at - least one section in the parent resource accepts it. For example, Gateway - listeners can restrict which Routes can attach to them by Route kind, - namespace, or hostname. If 1 of 2 Gateway listeners accept attachment from - the referencing Route, the Route MUST be considered successfully - attached. If no Gateway listeners accept attachment from this Route, the - Route MUST be considered detached from the Gateway. - - Support: Core - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - required: - - name - type: object - required: - - controllerName - - parentRef - type: object - maxItems: 32 - type: array - required: - - parents - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .spec.hostnames - name: Hostnames - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1beta1 - schema: - openAPIV3Schema: - description: |- - HTTPRoute provides a way to route HTTP requests. This includes the capability - to match requests by hostname, path, header, or query param. Filters can be - used to specify additional processing steps. Backends specify where matching - requests should be routed. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: Spec defines the desired state of HTTPRoute. - properties: - hostnames: - description: |- - Hostnames defines a set of hostnames that should match against the HTTP Host - header to select a HTTPRoute used to process the request. Implementations - MUST ignore any port value specified in the HTTP Host header while - performing a match and (absent of any applicable header modification - configuration) MUST forward this header unmodified to the backend. - - Valid values for Hostnames are determined by RFC 1123 definition of a - hostname with 2 notable exceptions: - - 1. IPs are not allowed. - 2. A hostname may be prefixed with a wildcard label (`*.`). The wildcard - label must appear by itself as the first label. - - If a hostname is specified by both the Listener and HTTPRoute, there - must be at least one intersecting hostname for the HTTPRoute to be - attached to the Listener. For example: - - * A Listener with `test.example.com` as the hostname matches HTTPRoutes - that have either not specified any hostnames, or have specified at - least one of `test.example.com` or `*.example.com`. - * A Listener with `*.example.com` as the hostname matches HTTPRoutes - that have either not specified any hostnames or have specified at least - one hostname that matches the Listener hostname. For example, - `*.example.com`, `test.example.com`, and `foo.test.example.com` would - all match. On the other hand, `example.com` and `test.example.net` would - not match. - - Hostnames that are prefixed with a wildcard label (`*.`) are interpreted - as a suffix match. That means that a match for `*.example.com` would match - both `test.example.com`, and `foo.test.example.com`, but not `example.com`. - - If both the Listener and HTTPRoute have specified hostnames, any - HTTPRoute hostnames that do not match the Listener hostname MUST be - ignored. For example, if a Listener specified `*.example.com`, and the - HTTPRoute specified `test.example.com` and `test.example.net`, - `test.example.net` must not be considered for a match. - - If both the Listener and HTTPRoute have specified hostnames, and none - match with the criteria above, then the HTTPRoute is not accepted. The - implementation must raise an 'Accepted' Condition with a status of - `False` in the corresponding RouteParentStatus. - - In the event that multiple HTTPRoutes specify intersecting hostnames (e.g. - overlapping wildcard matching and exact matching hostnames), precedence must - be given to rules from the HTTPRoute with the largest number of: - - * Characters in a matching non-wildcard hostname. - * Characters in a matching hostname. - - If ties exist across multiple Routes, the matching precedence rules for - HTTPRouteMatches takes over. - - Support: Core - items: - description: |- - Hostname is the fully qualified domain name of a network host. This matches - the RFC 1123 definition of a hostname with 2 notable exceptions: - - 1. IPs are not allowed. - 2. A hostname may be prefixed with a wildcard label (`*.`). The wildcard - label must appear by itself as the first label. - - Hostname can be "precise" which is a domain name without the terminating - dot of a network host (e.g. "foo.example.com") or "wildcard", which is a - domain name prefixed with a single wildcard label (e.g. `*.example.com`). - - Note that as per RFC1035 and RFC1123, a *label* must consist of lower case - alphanumeric characters or '-', and must start and end with an alphanumeric - character. No other punctuation is allowed. - maxLength: 253 - minLength: 1 - pattern: ^(\*\.)?[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - maxItems: 16 - type: array - parentRefs: - description: |+ - ParentRefs references the resources (usually Gateways) that a Route wants - to be attached to. Note that the referenced parent resource needs to - allow this for the attachment to be complete. For Gateways, that means - the Gateway needs to allow attachment from Routes of this kind and - namespace. For Services, that means the Service must either be in the same - namespace for a "producer" route, or the mesh implementation must support - and allow "consumer" routes for the referenced Service. ReferenceGrant is - not applicable for governing ParentRefs to Services - it is not possible to - create a "producer" route for a Service in a different namespace from the - Route. - - There are two kinds of parent resources with "Core" support: - - * Gateway (Gateway conformance profile) - * Service (Mesh conformance profile, ClusterIP Services only) - - This API may be extended in the future to support additional kinds of parent - resources. - - ParentRefs must be _distinct_. This means either that: - - * They select different objects. If this is the case, then parentRef - entries are distinct. In terms of fields, this means that the - multi-part key defined by `group`, `kind`, `namespace`, and `name` must - be unique across all parentRef entries in the Route. - * They do not select different objects, but for each optional field used, - each ParentRef that selects the same object must set the same set of - optional fields to different values. If one ParentRef sets a - combination of optional fields, all must set the same combination. - - Some examples: - - * If one ParentRef sets `sectionName`, all ParentRefs referencing the - same object must also set `sectionName`. - * If one ParentRef sets `port`, all ParentRefs referencing the same - object must also set `port`. - * If one ParentRef sets `sectionName` and `port`, all ParentRefs - referencing the same object must also set `sectionName` and `port`. - - It is possible to separately reference multiple distinct objects that may - be collapsed by an implementation. For example, some implementations may - choose to merge compatible Gateway Listeners together. If that is the - case, the list of routes attached to those resources should also be - merged. - - Note that for ParentRefs that cross namespace boundaries, there are specific - rules. Cross-namespace references are only valid if they are explicitly - allowed by something in the namespace they are referring to. For example, - Gateway has the AllowedRoutes field, and ReferenceGrant provides a - generic way to enable other kinds of cross-namespace reference. - - - - - - - items: - description: |- - ParentReference identifies an API object (usually a Gateway) that can be considered - a parent of this resource (usually a route). There are two kinds of parent resources - with "Core" support: - - * Gateway (Gateway conformance profile) - * Service (Mesh conformance profile, ClusterIP Services only) - - This API may be extended in the future to support additional kinds of parent - resources. - - The API object must be valid in the cluster; the Group and Kind must - be registered in the cluster for this reference to be valid. - properties: - group: - default: gateway.networking.k8s.io - description: |- - Group is the group of the referent. - When unspecified, "gateway.networking.k8s.io" is inferred. - To set the core API group (such as for a "Service" kind referent), - Group must be explicitly set to "" (empty string). - - Support: Core - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Gateway - description: |- - Kind is kind of the referent. - - There are two kinds of parent resources with "Core" support: - - * Gateway (Gateway conformance profile) - * Service (Mesh conformance profile, ClusterIP Services only) - - Support for other resources is Implementation-Specific. - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: |- - Name is the name of the referent. - - Support: Core - maxLength: 253 - minLength: 1 - type: string - namespace: - description: |- - Namespace is the namespace of the referent. When unspecified, this refers - to the local namespace of the Route. - - Note that there are specific rules for ParentRefs which cross namespace - boundaries. Cross-namespace references are only valid if they are explicitly - allowed by something in the namespace they are referring to. For example: - Gateway has the AllowedRoutes field, and ReferenceGrant provides a - generic way to enable any other kind of cross-namespace reference. - - - - Support: Core - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - port: - description: |- - Port is the network port this Route targets. It can be interpreted - differently based on the type of parent resource. - - When the parent resource is a Gateway, this targets all listeners - listening on the specified port that also support this kind of Route(and - select this Route). It's not recommended to set `Port` unless the - networking behaviors specified in a Route must apply to a specific port - as opposed to a listener(s) whose port(s) may be changed. When both Port - and SectionName are specified, the name and port of the selected listener - must match both specified values. - - - - Implementations MAY choose to support other parent resources. - Implementations supporting other types of parent resources MUST clearly - document how/if Port is interpreted. - - For the purpose of status, an attachment is considered successful as - long as the parent resource accepts it partially. For example, Gateway - listeners can restrict which Routes can attach to them by Route kind, - namespace, or hostname. If 1 of 2 Gateway listeners accept attachment - from the referencing Route, the Route MUST be considered successfully - attached. If no Gateway listeners accept attachment from this Route, - the Route MUST be considered detached from the Gateway. - - Support: Extended - format: int32 - maximum: 65535 - minimum: 1 - type: integer - sectionName: - description: |- - SectionName is the name of a section within the target resource. In the - following resources, SectionName is interpreted as the following: - - * Gateway: Listener name. When both Port (experimental) and SectionName - are specified, the name and port of the selected listener must match - both specified values. - * Service: Port name. When both Port (experimental) and SectionName - are specified, the name and port of the selected listener must match - both specified values. - - Implementations MAY choose to support attaching Routes to other resources. - If that is the case, they MUST clearly document how SectionName is - interpreted. - - When unspecified (empty string), this will reference the entire resource. - For the purpose of status, an attachment is considered successful if at - least one section in the parent resource accepts it. For example, Gateway - listeners can restrict which Routes can attach to them by Route kind, - namespace, or hostname. If 1 of 2 Gateway listeners accept attachment from - the referencing Route, the Route MUST be considered successfully - attached. If no Gateway listeners accept attachment from this Route, the - Route MUST be considered detached from the Gateway. - - Support: Core - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - required: - - name - type: object - maxItems: 32 - type: array - x-kubernetes-validations: - - message: sectionName must be specified when parentRefs includes - 2 or more references to the same parent - rule: 'self.all(p1, self.all(p2, p1.group == p2.group && p1.kind - == p2.kind && p1.name == p2.name && (((!has(p1.__namespace__) - || p1.__namespace__ == '''') && (!has(p2.__namespace__) || p2.__namespace__ - == '''')) || (has(p1.__namespace__) && has(p2.__namespace__) && - p1.__namespace__ == p2.__namespace__ )) ? ((!has(p1.sectionName) - || p1.sectionName == '''') == (!has(p2.sectionName) || p2.sectionName - == '''')) : true))' - - message: sectionName must be unique when parentRefs includes 2 or - more references to the same parent - rule: self.all(p1, self.exists_one(p2, p1.group == p2.group && p1.kind - == p2.kind && p1.name == p2.name && (((!has(p1.__namespace__) - || p1.__namespace__ == '') && (!has(p2.__namespace__) || p2.__namespace__ - == '')) || (has(p1.__namespace__) && has(p2.__namespace__) && - p1.__namespace__ == p2.__namespace__ )) && (((!has(p1.sectionName) - || p1.sectionName == '') && (!has(p2.sectionName) || p2.sectionName - == '')) || (has(p1.sectionName) && has(p2.sectionName) && p1.sectionName - == p2.sectionName)))) - rules: - default: - - matches: - - path: - type: PathPrefix - value: / - description: |+ - Rules are a list of HTTP matchers, filters and actions. - - items: - description: |- - HTTPRouteRule defines semantics for matching an HTTP request based on - conditions (matches), processing it (filters), and forwarding the request to - an API object (backendRefs). - properties: - backendRefs: - description: |- - BackendRefs defines the backend(s) where matching requests should be - sent. - - Failure behavior here depends on how many BackendRefs are specified and - how many are invalid. - - If *all* entries in BackendRefs are invalid, and there are also no filters - specified in this route rule, *all* traffic which matches this rule MUST - receive a 500 status code. - - See the HTTPBackendRef definition for the rules about what makes a single - HTTPBackendRef invalid. - - When a HTTPBackendRef is invalid, 500 status codes MUST be returned for - requests that would have otherwise been routed to an invalid backend. If - multiple backends are specified, and some are invalid, the proportion of - requests that would otherwise have been routed to an invalid backend - MUST receive a 500 status code. - - For example, if two backends are specified with equal weights, and one is - invalid, 50 percent of traffic must receive a 500. Implementations may - choose how that 50 percent is determined. - - When a HTTPBackendRef refers to a Service that has no ready endpoints, - implementations SHOULD return a 503 for requests to that backend instead. - If an implementation chooses to do this, all of the above rules for 500 responses - MUST also apply for responses that return a 503. - - Support: Core for Kubernetes Service - - Support: Extended for Kubernetes ServiceImport - - Support: Implementation-specific for any other resource - - Support for weight: Core - items: - description: |- - HTTPBackendRef defines how a HTTPRoute forwards a HTTP request. - - Note that when a namespace different than the local namespace is specified, a - ReferenceGrant object is required in the referent namespace to allow that - namespace's owner to accept the reference. See the ReferenceGrant - documentation for details. - - - - When the BackendRef points to a Kubernetes Service, implementations SHOULD - honor the appProtocol field if it is set for the target Service Port. - - Implementations supporting appProtocol SHOULD recognize the Kubernetes - Standard Application Protocols defined in KEP-3726. - - If a Service appProtocol isn't specified, an implementation MAY infer the - backend protocol through its own means. Implementations MAY infer the - protocol from the Route type referring to the backend Service. - - If a Route is not able to send traffic to the backend using the specified - protocol then the backend is considered invalid. Implementations MUST set the - "ResolvedRefs" condition to "False" with the "UnsupportedProtocol" reason. - - - properties: - filters: - description: |- - Filters defined at this level should be executed if and only if the - request is being forwarded to the backend defined here. - - Support: Implementation-specific (For broader support of filters, use the - Filters field in HTTPRouteRule.) - items: - description: |- - HTTPRouteFilter defines processing steps that must be completed during the - request or response lifecycle. HTTPRouteFilters are meant as an extension - point to express processing that may be done in Gateway implementations. Some - examples include request or response modification, implementing - authentication strategies, rate-limiting, and traffic shaping. API - guarantee/conformance is defined based on the type of the filter. - properties: - extensionRef: - description: |- - ExtensionRef is an optional, implementation-specific extension to the - "filter" behavior. For example, resource "myroutefilter" in group - "networking.example.net"). ExtensionRef MUST NOT be used for core and - extended filters. - - This filter can be used multiple times within the same rule. - - Support: Implementation-specific - properties: - group: - description: |- - Group is the group of the referent. For example, "gateway.networking.k8s.io". - When unspecified or empty string, core API group is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - description: Kind is kind of the referent. For - example "HTTPRoute" or "Service". - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - required: - - group - - kind - - name - type: object - requestHeaderModifier: - description: |- - RequestHeaderModifier defines a schema for a filter that modifies request - headers. - - Support: Core - properties: - add: - description: |- - Add adds the given header(s) (name, value) to the request - before the action. It appends to any existing values associated - with the header name. - - Input: - GET /foo HTTP/1.1 - my-header: foo - - Config: - add: - - name: "my-header" - value: "bar,baz" - - Output: - GET /foo HTTP/1.1 - my-header: foo,bar,baz - items: - description: HTTPHeader represents an HTTP - Header name and value as defined by RFC - 7230. - properties: - name: - description: |- - Name is the name of the HTTP Header to be matched. Name matching MUST be - case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - - If multiple entries specify equivalent header names, the first entry with - an equivalent name MUST be considered for a match. Subsequent entries - with an equivalent header name MUST be ignored. Due to the - case-insensitivity of header names, "foo" and "Foo" are considered - equivalent. - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP - Header to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - remove: - description: |- - Remove the given header(s) from the HTTP request before the action. The - value of Remove is a list of HTTP header names. Note that the header - names are case-insensitive (see - https://datatracker.ietf.org/doc/html/rfc2616#section-4.2). - - Input: - GET /foo HTTP/1.1 - my-header1: foo - my-header2: bar - my-header3: baz - - Config: - remove: ["my-header1", "my-header3"] - - Output: - GET /foo HTTP/1.1 - my-header2: bar - items: - type: string - maxItems: 16 - type: array - x-kubernetes-list-type: set - set: - description: |- - Set overwrites the request with the given header (name, value) - before the action. - - Input: - GET /foo HTTP/1.1 - my-header: foo - - Config: - set: - - name: "my-header" - value: "bar" - - Output: - GET /foo HTTP/1.1 - my-header: bar - items: - description: HTTPHeader represents an HTTP - Header name and value as defined by RFC - 7230. - properties: - name: - description: |- - Name is the name of the HTTP Header to be matched. Name matching MUST be - case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - - If multiple entries specify equivalent header names, the first entry with - an equivalent name MUST be considered for a match. Subsequent entries - with an equivalent header name MUST be ignored. Due to the - case-insensitivity of header names, "foo" and "Foo" are considered - equivalent. - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP - Header to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - requestMirror: - description: |+ - RequestMirror defines a schema for a filter that mirrors requests. - Requests are sent to the specified destination, but responses from - that destination are ignored. - - This filter can be used multiple times within the same rule. Note that - not all implementations will be able to support mirroring to multiple - backends. - - Support: Extended - - properties: - backendRef: - description: |- - BackendRef references a resource where mirrored requests are sent. - - Mirrored requests must be sent only to a single destination endpoint - within this BackendRef, irrespective of how many endpoints are present - within this BackendRef. - - If the referent cannot be found, this BackendRef is invalid and must be - dropped from the Gateway. The controller must ensure the "ResolvedRefs" - condition on the Route status is set to `status: False` and not configure - this backend in the underlying implementation. - - If there is a cross-namespace reference to an *existing* object - that is not allowed by a ReferenceGrant, the controller must ensure the - "ResolvedRefs" condition on the Route is set to `status: False`, - with the "RefNotPermitted" reason and not configure this backend in the - underlying implementation. - - In either error case, the Message of the `ResolvedRefs` Condition - should be used to provide more detail about the problem. - - Support: Extended for Kubernetes Service - - Support: Implementation-specific for any other resource - properties: - group: - default: "" - description: |- - Group is the group of the referent. For example, "gateway.networking.k8s.io". - When unspecified or empty string, core API group is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Service - description: |- - Kind is the Kubernetes resource kind of the referent. For example - "Service". - - Defaults to "Service" when not specified. - - ExternalName services can refer to CNAME DNS records that may live - outside of the cluster and as such are difficult to reason about in - terms of conformance. They also may not be safe to forward to (see - CVE-2021-25740 for more information). Implementations SHOULD NOT - support ExternalName Services. - - Support: Core (Services with a type other than ExternalName) - - Support: Implementation-specific (Services with type ExternalName) - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: |- - Namespace is the namespace of the backend. When unspecified, the local - namespace is inferred. - - Note that when a namespace different than the local namespace is specified, - a ReferenceGrant object is required in the referent namespace to allow that - namespace's owner to accept the reference. See the ReferenceGrant - documentation for details. - - Support: Core - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - port: - description: |- - Port specifies the destination port number to use for this resource. - Port is required when the referent is a Kubernetes Service. In this - case, the port number is the service port number, not the target port. - For other resources, destination port might be derived from the referent - resource or this field. - format: int32 - maximum: 65535 - minimum: 1 - type: integer - required: - - name - type: object - x-kubernetes-validations: - - message: Must have port for Service reference - rule: '(size(self.group) == 0 && self.kind - == ''Service'') ? has(self.port) : true' - required: - - backendRef - type: object - requestRedirect: - description: |- - RequestRedirect defines a schema for a filter that responds to the - request with an HTTP redirection. - - Support: Core - properties: - hostname: - description: |- - Hostname is the hostname to be used in the value of the `Location` - header in the response. - When empty, the hostname in the `Host` header of the request is used. - - Support: Core - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - path: - description: |- - Path defines parameters used to modify the path of the incoming request. - The modified path is then used to construct the `Location` header. When - empty, the request path is used as-is. - - Support: Extended - properties: - replaceFullPath: - description: |- - ReplaceFullPath specifies the value with which to replace the full path - of a request during a rewrite or redirect. - maxLength: 1024 - type: string - replacePrefixMatch: - description: |- - ReplacePrefixMatch specifies the value with which to replace the prefix - match of a request during a rewrite or redirect. For example, a request - to "/foo/bar" with a prefix match of "/foo" and a ReplacePrefixMatch - of "/xyz" would be modified to "/xyz/bar". - - Note that this matches the behavior of the PathPrefix match type. This - matches full path elements. A path element refers to the list of labels - in the path split by the `/` separator. When specified, a trailing `/` is - ignored. For example, the paths `/abc`, `/abc/`, and `/abc/def` would all - match the prefix `/abc`, but the path `/abcd` would not. - - ReplacePrefixMatch is only compatible with a `PathPrefix` HTTPRouteMatch. - Using any other HTTPRouteMatch type on the same HTTPRouteRule will result in - the implementation setting the Accepted Condition for the Route to `status: False`. - - Request Path | Prefix Match | Replace Prefix | Modified Path - maxLength: 1024 - type: string - type: - description: |- - Type defines the type of path modifier. Additional types may be - added in a future release of the API. - - Note that values may be added to this enum, implementations - must ensure that unknown values will not cause a crash. - - Unknown values here must result in the implementation setting the - Accepted Condition for the Route to `status: False`, with a - Reason of `UnsupportedValue`. - enum: - - ReplaceFullPath - - ReplacePrefixMatch - type: string - required: - - type - type: object - x-kubernetes-validations: - - message: replaceFullPath must be specified - when type is set to 'ReplaceFullPath' - rule: 'self.type == ''ReplaceFullPath'' ? - has(self.replaceFullPath) : true' - - message: type must be 'ReplaceFullPath' when - replaceFullPath is set - rule: 'has(self.replaceFullPath) ? self.type - == ''ReplaceFullPath'' : true' - - message: replacePrefixMatch must be specified - when type is set to 'ReplacePrefixMatch' - rule: 'self.type == ''ReplacePrefixMatch'' - ? has(self.replacePrefixMatch) : true' - - message: type must be 'ReplacePrefixMatch' - when replacePrefixMatch is set - rule: 'has(self.replacePrefixMatch) ? self.type - == ''ReplacePrefixMatch'' : true' - port: - description: |- - Port is the port to be used in the value of the `Location` - header in the response. - - If no port is specified, the redirect port MUST be derived using the - following rules: - - * If redirect scheme is not-empty, the redirect port MUST be the well-known - port associated with the redirect scheme. Specifically "http" to port 80 - and "https" to port 443. If the redirect scheme does not have a - well-known port, the listener port of the Gateway SHOULD be used. - * If redirect scheme is empty, the redirect port MUST be the Gateway - Listener port. - - Implementations SHOULD NOT add the port number in the 'Location' - header in the following cases: - - * A Location header that will use HTTP (whether that is determined via - the Listener protocol or the Scheme field) _and_ use port 80. - * A Location header that will use HTTPS (whether that is determined via - the Listener protocol or the Scheme field) _and_ use port 443. - - Support: Extended - format: int32 - maximum: 65535 - minimum: 1 - type: integer - scheme: - description: |- - Scheme is the scheme to be used in the value of the `Location` header in - the response. When empty, the scheme of the request is used. - - Scheme redirects can affect the port of the redirect, for more information, - refer to the documentation for the port field of this filter. - - Note that values may be added to this enum, implementations - must ensure that unknown values will not cause a crash. - - Unknown values here must result in the implementation setting the - Accepted Condition for the Route to `status: False`, with a - Reason of `UnsupportedValue`. - - Support: Extended - enum: - - http - - https - type: string - statusCode: - default: 302 - description: |- - StatusCode is the HTTP status code to be used in response. - - Note that values may be added to this enum, implementations - must ensure that unknown values will not cause a crash. - - Unknown values here must result in the implementation setting the - Accepted Condition for the Route to `status: False`, with a - Reason of `UnsupportedValue`. - - Support: Core - enum: - - 301 - - 302 - type: integer - type: object - responseHeaderModifier: - description: |- - ResponseHeaderModifier defines a schema for a filter that modifies response - headers. - - Support: Extended - properties: - add: - description: |- - Add adds the given header(s) (name, value) to the request - before the action. It appends to any existing values associated - with the header name. - - Input: - GET /foo HTTP/1.1 - my-header: foo - - Config: - add: - - name: "my-header" - value: "bar,baz" - - Output: - GET /foo HTTP/1.1 - my-header: foo,bar,baz - items: - description: HTTPHeader represents an HTTP - Header name and value as defined by RFC - 7230. - properties: - name: - description: |- - Name is the name of the HTTP Header to be matched. Name matching MUST be - case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - - If multiple entries specify equivalent header names, the first entry with - an equivalent name MUST be considered for a match. Subsequent entries - with an equivalent header name MUST be ignored. Due to the - case-insensitivity of header names, "foo" and "Foo" are considered - equivalent. - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP - Header to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - remove: - description: |- - Remove the given header(s) from the HTTP request before the action. The - value of Remove is a list of HTTP header names. Note that the header - names are case-insensitive (see - https://datatracker.ietf.org/doc/html/rfc2616#section-4.2). - - Input: - GET /foo HTTP/1.1 - my-header1: foo - my-header2: bar - my-header3: baz - - Config: - remove: ["my-header1", "my-header3"] - - Output: - GET /foo HTTP/1.1 - my-header2: bar - items: - type: string - maxItems: 16 - type: array - x-kubernetes-list-type: set - set: - description: |- - Set overwrites the request with the given header (name, value) - before the action. - - Input: - GET /foo HTTP/1.1 - my-header: foo - - Config: - set: - - name: "my-header" - value: "bar" - - Output: - GET /foo HTTP/1.1 - my-header: bar - items: - description: HTTPHeader represents an HTTP - Header name and value as defined by RFC - 7230. - properties: - name: - description: |- - Name is the name of the HTTP Header to be matched. Name matching MUST be - case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - - If multiple entries specify equivalent header names, the first entry with - an equivalent name MUST be considered for a match. Subsequent entries - with an equivalent header name MUST be ignored. Due to the - case-insensitivity of header names, "foo" and "Foo" are considered - equivalent. - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP - Header to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - type: - description: |- - Type identifies the type of filter to apply. As with other API fields, - types are classified into three conformance levels: - - - Core: Filter types and their corresponding configuration defined by - "Support: Core" in this package, e.g. "RequestHeaderModifier". All - implementations must support core filters. - - - Extended: Filter types and their corresponding configuration defined by - "Support: Extended" in this package, e.g. "RequestMirror". Implementers - are encouraged to support extended filters. - - - Implementation-specific: Filters that are defined and supported by - specific vendors. - In the future, filters showing convergence in behavior across multiple - implementations will be considered for inclusion in extended or core - conformance levels. Filter-specific configuration for such filters - is specified using the ExtensionRef field. `Type` should be set to - "ExtensionRef" for custom filters. - - Implementers are encouraged to define custom implementation types to - extend the core API with implementation-specific behavior. - - If a reference to a custom filter type cannot be resolved, the filter - MUST NOT be skipped. Instead, requests that would have been processed by - that filter MUST receive a HTTP error response. - - Note that values may be added to this enum, implementations - must ensure that unknown values will not cause a crash. - - Unknown values here must result in the implementation setting the - Accepted Condition for the Route to `status: False`, with a - Reason of `UnsupportedValue`. - enum: - - RequestHeaderModifier - - ResponseHeaderModifier - - RequestMirror - - RequestRedirect - - URLRewrite - - ExtensionRef - type: string - urlRewrite: - description: |- - URLRewrite defines a schema for a filter that modifies a request during forwarding. - - Support: Extended - properties: - hostname: - description: |- - Hostname is the value to be used to replace the Host header value during - forwarding. - - Support: Extended - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - path: - description: |- - Path defines a path rewrite. - - Support: Extended - properties: - replaceFullPath: - description: |- - ReplaceFullPath specifies the value with which to replace the full path - of a request during a rewrite or redirect. - maxLength: 1024 - type: string - replacePrefixMatch: - description: |- - ReplacePrefixMatch specifies the value with which to replace the prefix - match of a request during a rewrite or redirect. For example, a request - to "/foo/bar" with a prefix match of "/foo" and a ReplacePrefixMatch - of "/xyz" would be modified to "/xyz/bar". - - Note that this matches the behavior of the PathPrefix match type. This - matches full path elements. A path element refers to the list of labels - in the path split by the `/` separator. When specified, a trailing `/` is - ignored. For example, the paths `/abc`, `/abc/`, and `/abc/def` would all - match the prefix `/abc`, but the path `/abcd` would not. - - ReplacePrefixMatch is only compatible with a `PathPrefix` HTTPRouteMatch. - Using any other HTTPRouteMatch type on the same HTTPRouteRule will result in - the implementation setting the Accepted Condition for the Route to `status: False`. - - Request Path | Prefix Match | Replace Prefix | Modified Path - maxLength: 1024 - type: string - type: - description: |- - Type defines the type of path modifier. Additional types may be - added in a future release of the API. - - Note that values may be added to this enum, implementations - must ensure that unknown values will not cause a crash. - - Unknown values here must result in the implementation setting the - Accepted Condition for the Route to `status: False`, with a - Reason of `UnsupportedValue`. - enum: - - ReplaceFullPath - - ReplacePrefixMatch - type: string - required: - - type - type: object - x-kubernetes-validations: - - message: replaceFullPath must be specified - when type is set to 'ReplaceFullPath' - rule: 'self.type == ''ReplaceFullPath'' ? - has(self.replaceFullPath) : true' - - message: type must be 'ReplaceFullPath' when - replaceFullPath is set - rule: 'has(self.replaceFullPath) ? self.type - == ''ReplaceFullPath'' : true' - - message: replacePrefixMatch must be specified - when type is set to 'ReplacePrefixMatch' - rule: 'self.type == ''ReplacePrefixMatch'' - ? has(self.replacePrefixMatch) : true' - - message: type must be 'ReplacePrefixMatch' - when replacePrefixMatch is set - rule: 'has(self.replacePrefixMatch) ? self.type - == ''ReplacePrefixMatch'' : true' - type: object - required: - - type - type: object - x-kubernetes-validations: - - message: filter.requestHeaderModifier must be nil - if the filter.type is not RequestHeaderModifier - rule: '!(has(self.requestHeaderModifier) && self.type - != ''RequestHeaderModifier'')' - - message: filter.requestHeaderModifier must be specified - for RequestHeaderModifier filter.type - rule: '!(!has(self.requestHeaderModifier) && self.type - == ''RequestHeaderModifier'')' - - message: filter.responseHeaderModifier must be nil - if the filter.type is not ResponseHeaderModifier - rule: '!(has(self.responseHeaderModifier) && self.type - != ''ResponseHeaderModifier'')' - - message: filter.responseHeaderModifier must be specified - for ResponseHeaderModifier filter.type - rule: '!(!has(self.responseHeaderModifier) && self.type - == ''ResponseHeaderModifier'')' - - message: filter.requestMirror must be nil if the filter.type - is not RequestMirror - rule: '!(has(self.requestMirror) && self.type != ''RequestMirror'')' - - message: filter.requestMirror must be specified for - RequestMirror filter.type - rule: '!(!has(self.requestMirror) && self.type == - ''RequestMirror'')' - - message: filter.requestRedirect must be nil if the - filter.type is not RequestRedirect - rule: '!(has(self.requestRedirect) && self.type != - ''RequestRedirect'')' - - message: filter.requestRedirect must be specified - for RequestRedirect filter.type - rule: '!(!has(self.requestRedirect) && self.type == - ''RequestRedirect'')' - - message: filter.urlRewrite must be nil if the filter.type - is not URLRewrite - rule: '!(has(self.urlRewrite) && self.type != ''URLRewrite'')' - - message: filter.urlRewrite must be specified for URLRewrite - filter.type - rule: '!(!has(self.urlRewrite) && self.type == ''URLRewrite'')' - - message: filter.extensionRef must be nil if the filter.type - is not ExtensionRef - rule: '!(has(self.extensionRef) && self.type != ''ExtensionRef'')' - - message: filter.extensionRef must be specified for - ExtensionRef filter.type - rule: '!(!has(self.extensionRef) && self.type == ''ExtensionRef'')' - maxItems: 16 - type: array - x-kubernetes-validations: - - message: May specify either httpRouteFilterRequestRedirect - or httpRouteFilterRequestRewrite, but not both - rule: '!(self.exists(f, f.type == ''RequestRedirect'') - && self.exists(f, f.type == ''URLRewrite''))' - - message: May specify either httpRouteFilterRequestRedirect - or httpRouteFilterRequestRewrite, but not both - rule: '!(self.exists(f, f.type == ''RequestRedirect'') - && self.exists(f, f.type == ''URLRewrite''))' - - message: RequestHeaderModifier filter cannot be repeated - rule: self.filter(f, f.type == 'RequestHeaderModifier').size() - <= 1 - - message: ResponseHeaderModifier filter cannot be repeated - rule: self.filter(f, f.type == 'ResponseHeaderModifier').size() - <= 1 - - message: RequestRedirect filter cannot be repeated - rule: self.filter(f, f.type == 'RequestRedirect').size() - <= 1 - - message: URLRewrite filter cannot be repeated - rule: self.filter(f, f.type == 'URLRewrite').size() - <= 1 - group: - default: "" - description: |- - Group is the group of the referent. For example, "gateway.networking.k8s.io". - When unspecified or empty string, core API group is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Service - description: |- - Kind is the Kubernetes resource kind of the referent. For example - "Service". - - Defaults to "Service" when not specified. - - ExternalName services can refer to CNAME DNS records that may live - outside of the cluster and as such are difficult to reason about in - terms of conformance. They also may not be safe to forward to (see - CVE-2021-25740 for more information). Implementations SHOULD NOT - support ExternalName Services. - - Support: Core (Services with a type other than ExternalName) - - Support: Implementation-specific (Services with type ExternalName) - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: |- - Namespace is the namespace of the backend. When unspecified, the local - namespace is inferred. - - Note that when a namespace different than the local namespace is specified, - a ReferenceGrant object is required in the referent namespace to allow that - namespace's owner to accept the reference. See the ReferenceGrant - documentation for details. - - Support: Core - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - port: - description: |- - Port specifies the destination port number to use for this resource. - Port is required when the referent is a Kubernetes Service. In this - case, the port number is the service port number, not the target port. - For other resources, destination port might be derived from the referent - resource or this field. - format: int32 - maximum: 65535 - minimum: 1 - type: integer - weight: - default: 1 - description: |- - Weight specifies the proportion of requests forwarded to the referenced - backend. This is computed as weight/(sum of all weights in this - BackendRefs list). For non-zero values, there may be some epsilon from - the exact proportion defined here depending on the precision an - implementation supports. Weight is not a percentage and the sum of - weights does not need to equal 100. - - If only one backend is specified and it has a weight greater than 0, 100% - of the traffic is forwarded to that backend. If weight is set to 0, no - traffic should be forwarded for this entry. If unspecified, weight - defaults to 1. - - Support for this field varies based on the context where used. - format: int32 - maximum: 1000000 - minimum: 0 - type: integer - required: - - name - type: object - x-kubernetes-validations: - - message: Must have port for Service reference - rule: '(size(self.group) == 0 && self.kind == ''Service'') - ? has(self.port) : true' - maxItems: 16 - type: array - filters: - description: |- - Filters define the filters that are applied to requests that match - this rule. - - Wherever possible, implementations SHOULD implement filters in the order - they are specified. - - Implementations MAY choose to implement this ordering strictly, rejecting - any combination or order of filters that can not be supported. If implementations - choose a strict interpretation of filter ordering, they MUST clearly document - that behavior. - - To reject an invalid combination or order of filters, implementations SHOULD - consider the Route Rules with this configuration invalid. If all Route Rules - in a Route are invalid, the entire Route would be considered invalid. If only - a portion of Route Rules are invalid, implementations MUST set the - "PartiallyInvalid" condition for the Route. - - Conformance-levels at this level are defined based on the type of filter: - - - ALL core filters MUST be supported by all implementations. - - Implementers are encouraged to support extended filters. - - Implementation-specific custom filters have no API guarantees across - implementations. - - Specifying the same filter multiple times is not supported unless explicitly - indicated in the filter. - - All filters are expected to be compatible with each other except for the - URLRewrite and RequestRedirect filters, which may not be combined. If an - implementation can not support other combinations of filters, they must clearly - document that limitation. In cases where incompatible or unsupported - filters are specified and cause the `Accepted` condition to be set to status - `False`, implementations may use the `IncompatibleFilters` reason to specify - this configuration error. - - Support: Core - items: - description: |- - HTTPRouteFilter defines processing steps that must be completed during the - request or response lifecycle. HTTPRouteFilters are meant as an extension - point to express processing that may be done in Gateway implementations. Some - examples include request or response modification, implementing - authentication strategies, rate-limiting, and traffic shaping. API - guarantee/conformance is defined based on the type of the filter. - properties: - extensionRef: - description: |- - ExtensionRef is an optional, implementation-specific extension to the - "filter" behavior. For example, resource "myroutefilter" in group - "networking.example.net"). ExtensionRef MUST NOT be used for core and - extended filters. - - This filter can be used multiple times within the same rule. - - Support: Implementation-specific - properties: - group: - description: |- - Group is the group of the referent. For example, "gateway.networking.k8s.io". - When unspecified or empty string, core API group is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - description: Kind is kind of the referent. For example - "HTTPRoute" or "Service". - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - required: - - group - - kind - - name - type: object - requestHeaderModifier: - description: |- - RequestHeaderModifier defines a schema for a filter that modifies request - headers. - - Support: Core - properties: - add: - description: |- - Add adds the given header(s) (name, value) to the request - before the action. It appends to any existing values associated - with the header name. - - Input: - GET /foo HTTP/1.1 - my-header: foo - - Config: - add: - - name: "my-header" - value: "bar,baz" - - Output: - GET /foo HTTP/1.1 - my-header: foo,bar,baz - items: - description: HTTPHeader represents an HTTP Header - name and value as defined by RFC 7230. - properties: - name: - description: |- - Name is the name of the HTTP Header to be matched. Name matching MUST be - case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - - If multiple entries specify equivalent header names, the first entry with - an equivalent name MUST be considered for a match. Subsequent entries - with an equivalent header name MUST be ignored. Due to the - case-insensitivity of header names, "foo" and "Foo" are considered - equivalent. - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP Header - to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - remove: - description: |- - Remove the given header(s) from the HTTP request before the action. The - value of Remove is a list of HTTP header names. Note that the header - names are case-insensitive (see - https://datatracker.ietf.org/doc/html/rfc2616#section-4.2). - - Input: - GET /foo HTTP/1.1 - my-header1: foo - my-header2: bar - my-header3: baz - - Config: - remove: ["my-header1", "my-header3"] - - Output: - GET /foo HTTP/1.1 - my-header2: bar - items: - type: string - maxItems: 16 - type: array - x-kubernetes-list-type: set - set: - description: |- - Set overwrites the request with the given header (name, value) - before the action. - - Input: - GET /foo HTTP/1.1 - my-header: foo - - Config: - set: - - name: "my-header" - value: "bar" - - Output: - GET /foo HTTP/1.1 - my-header: bar - items: - description: HTTPHeader represents an HTTP Header - name and value as defined by RFC 7230. - properties: - name: - description: |- - Name is the name of the HTTP Header to be matched. Name matching MUST be - case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - - If multiple entries specify equivalent header names, the first entry with - an equivalent name MUST be considered for a match. Subsequent entries - with an equivalent header name MUST be ignored. Due to the - case-insensitivity of header names, "foo" and "Foo" are considered - equivalent. - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP Header - to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - requestMirror: - description: |+ - RequestMirror defines a schema for a filter that mirrors requests. - Requests are sent to the specified destination, but responses from - that destination are ignored. - - This filter can be used multiple times within the same rule. Note that - not all implementations will be able to support mirroring to multiple - backends. - - Support: Extended - - properties: - backendRef: - description: |- - BackendRef references a resource where mirrored requests are sent. - - Mirrored requests must be sent only to a single destination endpoint - within this BackendRef, irrespective of how many endpoints are present - within this BackendRef. - - If the referent cannot be found, this BackendRef is invalid and must be - dropped from the Gateway. The controller must ensure the "ResolvedRefs" - condition on the Route status is set to `status: False` and not configure - this backend in the underlying implementation. - - If there is a cross-namespace reference to an *existing* object - that is not allowed by a ReferenceGrant, the controller must ensure the - "ResolvedRefs" condition on the Route is set to `status: False`, - with the "RefNotPermitted" reason and not configure this backend in the - underlying implementation. - - In either error case, the Message of the `ResolvedRefs` Condition - should be used to provide more detail about the problem. - - Support: Extended for Kubernetes Service - - Support: Implementation-specific for any other resource - properties: - group: - default: "" - description: |- - Group is the group of the referent. For example, "gateway.networking.k8s.io". - When unspecified or empty string, core API group is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Service - description: |- - Kind is the Kubernetes resource kind of the referent. For example - "Service". - - Defaults to "Service" when not specified. - - ExternalName services can refer to CNAME DNS records that may live - outside of the cluster and as such are difficult to reason about in - terms of conformance. They also may not be safe to forward to (see - CVE-2021-25740 for more information). Implementations SHOULD NOT - support ExternalName Services. - - Support: Core (Services with a type other than ExternalName) - - Support: Implementation-specific (Services with type ExternalName) - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: |- - Namespace is the namespace of the backend. When unspecified, the local - namespace is inferred. - - Note that when a namespace different than the local namespace is specified, - a ReferenceGrant object is required in the referent namespace to allow that - namespace's owner to accept the reference. See the ReferenceGrant - documentation for details. - - Support: Core - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - port: - description: |- - Port specifies the destination port number to use for this resource. - Port is required when the referent is a Kubernetes Service. In this - case, the port number is the service port number, not the target port. - For other resources, destination port might be derived from the referent - resource or this field. - format: int32 - maximum: 65535 - minimum: 1 - type: integer - required: - - name - type: object - x-kubernetes-validations: - - message: Must have port for Service reference - rule: '(size(self.group) == 0 && self.kind == ''Service'') - ? has(self.port) : true' - required: - - backendRef - type: object - requestRedirect: - description: |- - RequestRedirect defines a schema for a filter that responds to the - request with an HTTP redirection. - - Support: Core - properties: - hostname: - description: |- - Hostname is the hostname to be used in the value of the `Location` - header in the response. - When empty, the hostname in the `Host` header of the request is used. - - Support: Core - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - path: - description: |- - Path defines parameters used to modify the path of the incoming request. - The modified path is then used to construct the `Location` header. When - empty, the request path is used as-is. - - Support: Extended - properties: - replaceFullPath: - description: |- - ReplaceFullPath specifies the value with which to replace the full path - of a request during a rewrite or redirect. - maxLength: 1024 - type: string - replacePrefixMatch: - description: |- - ReplacePrefixMatch specifies the value with which to replace the prefix - match of a request during a rewrite or redirect. For example, a request - to "/foo/bar" with a prefix match of "/foo" and a ReplacePrefixMatch - of "/xyz" would be modified to "/xyz/bar". - - Note that this matches the behavior of the PathPrefix match type. This - matches full path elements. A path element refers to the list of labels - in the path split by the `/` separator. When specified, a trailing `/` is - ignored. For example, the paths `/abc`, `/abc/`, and `/abc/def` would all - match the prefix `/abc`, but the path `/abcd` would not. - - ReplacePrefixMatch is only compatible with a `PathPrefix` HTTPRouteMatch. - Using any other HTTPRouteMatch type on the same HTTPRouteRule will result in - the implementation setting the Accepted Condition for the Route to `status: False`. - - Request Path | Prefix Match | Replace Prefix | Modified Path - maxLength: 1024 - type: string - type: - description: |- - Type defines the type of path modifier. Additional types may be - added in a future release of the API. - - Note that values may be added to this enum, implementations - must ensure that unknown values will not cause a crash. - - Unknown values here must result in the implementation setting the - Accepted Condition for the Route to `status: False`, with a - Reason of `UnsupportedValue`. - enum: - - ReplaceFullPath - - ReplacePrefixMatch - type: string - required: - - type - type: object - x-kubernetes-validations: - - message: replaceFullPath must be specified when - type is set to 'ReplaceFullPath' - rule: 'self.type == ''ReplaceFullPath'' ? has(self.replaceFullPath) - : true' - - message: type must be 'ReplaceFullPath' when replaceFullPath - is set - rule: 'has(self.replaceFullPath) ? self.type == - ''ReplaceFullPath'' : true' - - message: replacePrefixMatch must be specified when - type is set to 'ReplacePrefixMatch' - rule: 'self.type == ''ReplacePrefixMatch'' ? has(self.replacePrefixMatch) - : true' - - message: type must be 'ReplacePrefixMatch' when - replacePrefixMatch is set - rule: 'has(self.replacePrefixMatch) ? self.type - == ''ReplacePrefixMatch'' : true' - port: - description: |- - Port is the port to be used in the value of the `Location` - header in the response. - - If no port is specified, the redirect port MUST be derived using the - following rules: - - * If redirect scheme is not-empty, the redirect port MUST be the well-known - port associated with the redirect scheme. Specifically "http" to port 80 - and "https" to port 443. If the redirect scheme does not have a - well-known port, the listener port of the Gateway SHOULD be used. - * If redirect scheme is empty, the redirect port MUST be the Gateway - Listener port. - - Implementations SHOULD NOT add the port number in the 'Location' - header in the following cases: - - * A Location header that will use HTTP (whether that is determined via - the Listener protocol or the Scheme field) _and_ use port 80. - * A Location header that will use HTTPS (whether that is determined via - the Listener protocol or the Scheme field) _and_ use port 443. - - Support: Extended - format: int32 - maximum: 65535 - minimum: 1 - type: integer - scheme: - description: |- - Scheme is the scheme to be used in the value of the `Location` header in - the response. When empty, the scheme of the request is used. - - Scheme redirects can affect the port of the redirect, for more information, - refer to the documentation for the port field of this filter. - - Note that values may be added to this enum, implementations - must ensure that unknown values will not cause a crash. - - Unknown values here must result in the implementation setting the - Accepted Condition for the Route to `status: False`, with a - Reason of `UnsupportedValue`. - - Support: Extended - enum: - - http - - https - type: string - statusCode: - default: 302 - description: |- - StatusCode is the HTTP status code to be used in response. - - Note that values may be added to this enum, implementations - must ensure that unknown values will not cause a crash. - - Unknown values here must result in the implementation setting the - Accepted Condition for the Route to `status: False`, with a - Reason of `UnsupportedValue`. - - Support: Core - enum: - - 301 - - 302 - type: integer - type: object - responseHeaderModifier: - description: |- - ResponseHeaderModifier defines a schema for a filter that modifies response - headers. - - Support: Extended - properties: - add: - description: |- - Add adds the given header(s) (name, value) to the request - before the action. It appends to any existing values associated - with the header name. - - Input: - GET /foo HTTP/1.1 - my-header: foo - - Config: - add: - - name: "my-header" - value: "bar,baz" - - Output: - GET /foo HTTP/1.1 - my-header: foo,bar,baz - items: - description: HTTPHeader represents an HTTP Header - name and value as defined by RFC 7230. - properties: - name: - description: |- - Name is the name of the HTTP Header to be matched. Name matching MUST be - case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - - If multiple entries specify equivalent header names, the first entry with - an equivalent name MUST be considered for a match. Subsequent entries - with an equivalent header name MUST be ignored. Due to the - case-insensitivity of header names, "foo" and "Foo" are considered - equivalent. - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP Header - to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - remove: - description: |- - Remove the given header(s) from the HTTP request before the action. The - value of Remove is a list of HTTP header names. Note that the header - names are case-insensitive (see - https://datatracker.ietf.org/doc/html/rfc2616#section-4.2). - - Input: - GET /foo HTTP/1.1 - my-header1: foo - my-header2: bar - my-header3: baz - - Config: - remove: ["my-header1", "my-header3"] - - Output: - GET /foo HTTP/1.1 - my-header2: bar - items: - type: string - maxItems: 16 - type: array - x-kubernetes-list-type: set - set: - description: |- - Set overwrites the request with the given header (name, value) - before the action. - - Input: - GET /foo HTTP/1.1 - my-header: foo - - Config: - set: - - name: "my-header" - value: "bar" - - Output: - GET /foo HTTP/1.1 - my-header: bar - items: - description: HTTPHeader represents an HTTP Header - name and value as defined by RFC 7230. - properties: - name: - description: |- - Name is the name of the HTTP Header to be matched. Name matching MUST be - case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - - If multiple entries specify equivalent header names, the first entry with - an equivalent name MUST be considered for a match. Subsequent entries - with an equivalent header name MUST be ignored. Due to the - case-insensitivity of header names, "foo" and "Foo" are considered - equivalent. - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP Header - to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - type: - description: |- - Type identifies the type of filter to apply. As with other API fields, - types are classified into three conformance levels: - - - Core: Filter types and their corresponding configuration defined by - "Support: Core" in this package, e.g. "RequestHeaderModifier". All - implementations must support core filters. - - - Extended: Filter types and their corresponding configuration defined by - "Support: Extended" in this package, e.g. "RequestMirror". Implementers - are encouraged to support extended filters. - - - Implementation-specific: Filters that are defined and supported by - specific vendors. - In the future, filters showing convergence in behavior across multiple - implementations will be considered for inclusion in extended or core - conformance levels. Filter-specific configuration for such filters - is specified using the ExtensionRef field. `Type` should be set to - "ExtensionRef" for custom filters. - - Implementers are encouraged to define custom implementation types to - extend the core API with implementation-specific behavior. - - If a reference to a custom filter type cannot be resolved, the filter - MUST NOT be skipped. Instead, requests that would have been processed by - that filter MUST receive a HTTP error response. - - Note that values may be added to this enum, implementations - must ensure that unknown values will not cause a crash. - - Unknown values here must result in the implementation setting the - Accepted Condition for the Route to `status: False`, with a - Reason of `UnsupportedValue`. - enum: - - RequestHeaderModifier - - ResponseHeaderModifier - - RequestMirror - - RequestRedirect - - URLRewrite - - ExtensionRef - type: string - urlRewrite: - description: |- - URLRewrite defines a schema for a filter that modifies a request during forwarding. - - Support: Extended - properties: - hostname: - description: |- - Hostname is the value to be used to replace the Host header value during - forwarding. - - Support: Extended - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - path: - description: |- - Path defines a path rewrite. - - Support: Extended - properties: - replaceFullPath: - description: |- - ReplaceFullPath specifies the value with which to replace the full path - of a request during a rewrite or redirect. - maxLength: 1024 - type: string - replacePrefixMatch: - description: |- - ReplacePrefixMatch specifies the value with which to replace the prefix - match of a request during a rewrite or redirect. For example, a request - to "/foo/bar" with a prefix match of "/foo" and a ReplacePrefixMatch - of "/xyz" would be modified to "/xyz/bar". - - Note that this matches the behavior of the PathPrefix match type. This - matches full path elements. A path element refers to the list of labels - in the path split by the `/` separator. When specified, a trailing `/` is - ignored. For example, the paths `/abc`, `/abc/`, and `/abc/def` would all - match the prefix `/abc`, but the path `/abcd` would not. - - ReplacePrefixMatch is only compatible with a `PathPrefix` HTTPRouteMatch. - Using any other HTTPRouteMatch type on the same HTTPRouteRule will result in - the implementation setting the Accepted Condition for the Route to `status: False`. - - Request Path | Prefix Match | Replace Prefix | Modified Path - maxLength: 1024 - type: string - type: - description: |- - Type defines the type of path modifier. Additional types may be - added in a future release of the API. - - Note that values may be added to this enum, implementations - must ensure that unknown values will not cause a crash. - - Unknown values here must result in the implementation setting the - Accepted Condition for the Route to `status: False`, with a - Reason of `UnsupportedValue`. - enum: - - ReplaceFullPath - - ReplacePrefixMatch - type: string - required: - - type - type: object - x-kubernetes-validations: - - message: replaceFullPath must be specified when - type is set to 'ReplaceFullPath' - rule: 'self.type == ''ReplaceFullPath'' ? has(self.replaceFullPath) - : true' - - message: type must be 'ReplaceFullPath' when replaceFullPath - is set - rule: 'has(self.replaceFullPath) ? self.type == - ''ReplaceFullPath'' : true' - - message: replacePrefixMatch must be specified when - type is set to 'ReplacePrefixMatch' - rule: 'self.type == ''ReplacePrefixMatch'' ? has(self.replacePrefixMatch) - : true' - - message: type must be 'ReplacePrefixMatch' when - replacePrefixMatch is set - rule: 'has(self.replacePrefixMatch) ? self.type - == ''ReplacePrefixMatch'' : true' - type: object - required: - - type - type: object - x-kubernetes-validations: - - message: filter.requestHeaderModifier must be nil if the - filter.type is not RequestHeaderModifier - rule: '!(has(self.requestHeaderModifier) && self.type != - ''RequestHeaderModifier'')' - - message: filter.requestHeaderModifier must be specified - for RequestHeaderModifier filter.type - rule: '!(!has(self.requestHeaderModifier) && self.type == - ''RequestHeaderModifier'')' - - message: filter.responseHeaderModifier must be nil if the - filter.type is not ResponseHeaderModifier - rule: '!(has(self.responseHeaderModifier) && self.type != - ''ResponseHeaderModifier'')' - - message: filter.responseHeaderModifier must be specified - for ResponseHeaderModifier filter.type - rule: '!(!has(self.responseHeaderModifier) && self.type - == ''ResponseHeaderModifier'')' - - message: filter.requestMirror must be nil if the filter.type - is not RequestMirror - rule: '!(has(self.requestMirror) && self.type != ''RequestMirror'')' - - message: filter.requestMirror must be specified for RequestMirror - filter.type - rule: '!(!has(self.requestMirror) && self.type == ''RequestMirror'')' - - message: filter.requestRedirect must be nil if the filter.type - is not RequestRedirect - rule: '!(has(self.requestRedirect) && self.type != ''RequestRedirect'')' - - message: filter.requestRedirect must be specified for RequestRedirect - filter.type - rule: '!(!has(self.requestRedirect) && self.type == ''RequestRedirect'')' - - message: filter.urlRewrite must be nil if the filter.type - is not URLRewrite - rule: '!(has(self.urlRewrite) && self.type != ''URLRewrite'')' - - message: filter.urlRewrite must be specified for URLRewrite - filter.type - rule: '!(!has(self.urlRewrite) && self.type == ''URLRewrite'')' - - message: filter.extensionRef must be nil if the filter.type - is not ExtensionRef - rule: '!(has(self.extensionRef) && self.type != ''ExtensionRef'')' - - message: filter.extensionRef must be specified for ExtensionRef - filter.type - rule: '!(!has(self.extensionRef) && self.type == ''ExtensionRef'')' - maxItems: 16 - type: array - x-kubernetes-validations: - - message: May specify either httpRouteFilterRequestRedirect - or httpRouteFilterRequestRewrite, but not both - rule: '!(self.exists(f, f.type == ''RequestRedirect'') && - self.exists(f, f.type == ''URLRewrite''))' - - message: RequestHeaderModifier filter cannot be repeated - rule: self.filter(f, f.type == 'RequestHeaderModifier').size() - <= 1 - - message: ResponseHeaderModifier filter cannot be repeated - rule: self.filter(f, f.type == 'ResponseHeaderModifier').size() - <= 1 - - message: RequestRedirect filter cannot be repeated - rule: self.filter(f, f.type == 'RequestRedirect').size() <= - 1 - - message: URLRewrite filter cannot be repeated - rule: self.filter(f, f.type == 'URLRewrite').size() <= 1 - matches: - default: - - path: - type: PathPrefix - value: / - description: |- - Matches define conditions used for matching the rule against incoming - HTTP requests. Each match is independent, i.e. this rule will be matched - if **any** one of the matches is satisfied. - - For example, take the following matches configuration: - - ``` - matches: - - path: - value: "/foo" - headers: - - name: "version" - value: "v2" - - path: - value: "/v2/foo" - ``` - - For a request to match against this rule, a request must satisfy - EITHER of the two conditions: - - - path prefixed with `/foo` AND contains the header `version: v2` - - path prefix of `/v2/foo` - - See the documentation for HTTPRouteMatch on how to specify multiple - match conditions that should be ANDed together. - - If no matches are specified, the default is a prefix - path match on "/", which has the effect of matching every - HTTP request. - - Proxy or Load Balancer routing configuration generated from HTTPRoutes - MUST prioritize matches based on the following criteria, continuing on - ties. Across all rules specified on applicable Routes, precedence must be - given to the match having: - - * "Exact" path match. - * "Prefix" path match with largest number of characters. - * Method match. - * Largest number of header matches. - * Largest number of query param matches. - - Note: The precedence of RegularExpression path matches are implementation-specific. - - If ties still exist across multiple Routes, matching precedence MUST be - determined in order of the following criteria, continuing on ties: - - * The oldest Route based on creation timestamp. - * The Route appearing first in alphabetical order by - "{namespace}/{name}". - - If ties still exist within an HTTPRoute, matching precedence MUST be granted - to the FIRST matching rule (in list order) with a match meeting the above - criteria. - - When no rules matching a request have been successfully attached to the - parent a request is coming from, a HTTP 404 status code MUST be returned. - items: - description: "HTTPRouteMatch defines the predicate used to - match requests to a given\naction. Multiple match types - are ANDed together, i.e. the match will\nevaluate to true - only if all conditions are satisfied.\n\nFor example, the - match below will match a HTTP request only if its path\nstarts - with `/foo` AND it contains the `version: v1` header:\n\n```\nmatch:\n\n\tpath:\n\t - \ value: \"/foo\"\n\theaders:\n\t- name: \"version\"\n\t - \ value \"v1\"\n\n```" - properties: - headers: - description: |- - Headers specifies HTTP request header matchers. Multiple match values are - ANDed together, meaning, a request must match all the specified headers - to select the route. - items: - description: |- - HTTPHeaderMatch describes how to select a HTTP route by matching HTTP request - headers. - properties: - name: - description: |- - Name is the name of the HTTP Header to be matched. Name matching MUST be - case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - - If multiple entries specify equivalent header names, only the first - entry with an equivalent name MUST be considered for a match. Subsequent - entries with an equivalent header name MUST be ignored. Due to the - case-insensitivity of header names, "foo" and "Foo" are considered - equivalent. - - When a header is repeated in an HTTP request, it is - implementation-specific behavior as to how this is represented. - Generally, proxies should follow the guidance from the RFC: - https://www.rfc-editor.org/rfc/rfc7230.html#section-3.2.2 regarding - processing a repeated header, with special handling for "Set-Cookie". - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - type: - default: Exact - description: |- - Type specifies how to match against the value of the header. - - Support: Core (Exact) - - Support: Implementation-specific (RegularExpression) - - Since RegularExpression HeaderMatchType has implementation-specific - conformance, implementations can support POSIX, PCRE or any other dialects - of regular expressions. Please read the implementation's documentation to - determine the supported dialect. - enum: - - Exact - - RegularExpression - type: string - value: - description: Value is the value of HTTP Header to - be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - method: - description: |- - Method specifies HTTP method matcher. - When specified, this route will be matched only if the request has the - specified method. - - Support: Extended - enum: - - GET - - HEAD - - POST - - PUT - - DELETE - - CONNECT - - OPTIONS - - TRACE - - PATCH - type: string - path: - default: - type: PathPrefix - value: / - description: |- - Path specifies a HTTP request path matcher. If this field is not - specified, a default prefix match on the "/" path is provided. - properties: - type: - default: PathPrefix - description: |- - Type specifies how to match against the path Value. - - Support: Core (Exact, PathPrefix) - - Support: Implementation-specific (RegularExpression) - enum: - - Exact - - PathPrefix - - RegularExpression - type: string - value: - default: / - description: Value of the HTTP path to match against. - maxLength: 1024 - type: string - type: object - x-kubernetes-validations: - - message: value must be an absolute path and start with - '/' when type one of ['Exact', 'PathPrefix'] - rule: '(self.type in [''Exact'',''PathPrefix'']) ? self.value.startsWith(''/'') - : true' - - message: must not contain '//' when type one of ['Exact', - 'PathPrefix'] - rule: '(self.type in [''Exact'',''PathPrefix'']) ? !self.value.contains(''//'') - : true' - - message: must not contain '/./' when type one of ['Exact', - 'PathPrefix'] - rule: '(self.type in [''Exact'',''PathPrefix'']) ? !self.value.contains(''/./'') - : true' - - message: must not contain '/../' when type one of ['Exact', - 'PathPrefix'] - rule: '(self.type in [''Exact'',''PathPrefix'']) ? !self.value.contains(''/../'') - : true' - - message: must not contain '%2f' when type one of ['Exact', - 'PathPrefix'] - rule: '(self.type in [''Exact'',''PathPrefix'']) ? !self.value.contains(''%2f'') - : true' - - message: must not contain '%2F' when type one of ['Exact', - 'PathPrefix'] - rule: '(self.type in [''Exact'',''PathPrefix'']) ? !self.value.contains(''%2F'') - : true' - - message: must not contain '#' when type one of ['Exact', - 'PathPrefix'] - rule: '(self.type in [''Exact'',''PathPrefix'']) ? !self.value.contains(''#'') - : true' - - message: must not end with '/..' when type one of ['Exact', - 'PathPrefix'] - rule: '(self.type in [''Exact'',''PathPrefix'']) ? !self.value.endsWith(''/..'') - : true' - - message: must not end with '/.' when type one of ['Exact', - 'PathPrefix'] - rule: '(self.type in [''Exact'',''PathPrefix'']) ? !self.value.endsWith(''/.'') - : true' - - message: type must be one of ['Exact', 'PathPrefix', - 'RegularExpression'] - rule: self.type in ['Exact','PathPrefix'] || self.type - == 'RegularExpression' - - message: must only contain valid characters (matching - ^(?:[-A-Za-z0-9/._~!$&'()*+,;=:@]|[%][0-9a-fA-F]{2})+$) - for types ['Exact', 'PathPrefix'] - rule: '(self.type in [''Exact'',''PathPrefix'']) ? self.value.matches(r"""^(?:[-A-Za-z0-9/._~!$&''()*+,;=:@]|[%][0-9a-fA-F]{2})+$""") - : true' - queryParams: - description: |- - QueryParams specifies HTTP query parameter matchers. Multiple match - values are ANDed together, meaning, a request must match all the - specified query parameters to select the route. - - Support: Extended - items: - description: |- - HTTPQueryParamMatch describes how to select a HTTP route by matching HTTP - query parameters. - properties: - name: - description: |- - Name is the name of the HTTP query param to be matched. This must be an - exact string match. (See - https://tools.ietf.org/html/rfc7230#section-2.7.3). - - If multiple entries specify equivalent query param names, only the first - entry with an equivalent name MUST be considered for a match. Subsequent - entries with an equivalent query param name MUST be ignored. - - If a query param is repeated in an HTTP request, the behavior is - purposely left undefined, since different data planes have different - capabilities. However, it is *recommended* that implementations should - match against the first value of the param if the data plane supports it, - as this behavior is expected in other load balancing contexts outside of - the Gateway API. - - Users SHOULD NOT route traffic based on repeated query params to guard - themselves against potential differences in the implementations. - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - type: - default: Exact - description: |- - Type specifies how to match against the value of the query parameter. - - Support: Extended (Exact) - - Support: Implementation-specific (RegularExpression) - - Since RegularExpression QueryParamMatchType has Implementation-specific - conformance, implementations can support POSIX, PCRE or any other - dialects of regular expressions. Please read the implementation's - documentation to determine the supported dialect. - enum: - - Exact - - RegularExpression - type: string - value: - description: Value is the value of HTTP query param - to be matched. - maxLength: 1024 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - maxItems: 64 - type: array - timeouts: - description: |- - Timeouts defines the timeouts that can be configured for an HTTP request. - - Support: Extended - properties: - backendRequest: - description: |- - BackendRequest specifies a timeout for an individual request from the gateway - to a backend. This covers the time from when the request first starts being - sent from the gateway to when the full response has been received from the backend. - - Setting a timeout to the zero duration (e.g. "0s") SHOULD disable the timeout - completely. Implementations that cannot completely disable the timeout MUST - instead interpret the zero duration as the longest possible value to which - the timeout can be set. - - An entire client HTTP transaction with a gateway, covered by the Request timeout, - may result in more than one call from the gateway to the destination backend, - for example, if automatic retries are supported. - - The value of BackendRequest must be a Gateway API Duration string as defined by - GEP-2257. When this field is unspecified, its behavior is implementation-specific; - when specified, the value of BackendRequest must be no more than the value of the - Request timeout (since the Request timeout encompasses the BackendRequest timeout). - - Support: Extended - pattern: ^([0-9]{1,5}(h|m|s|ms)){1,4}$ - type: string - request: - description: |- - Request specifies the maximum duration for a gateway to respond to an HTTP request. - If the gateway has not been able to respond before this deadline is met, the gateway - MUST return a timeout error. - - For example, setting the `rules.timeouts.request` field to the value `10s` in an - `HTTPRoute` will cause a timeout if a client request is taking longer than 10 seconds - to complete. - - Setting a timeout to the zero duration (e.g. "0s") SHOULD disable the timeout - completely. Implementations that cannot completely disable the timeout MUST - instead interpret the zero duration as the longest possible value to which - the timeout can be set. - - This timeout is intended to cover as close to the whole request-response transaction - as possible although an implementation MAY choose to start the timeout after the entire - request stream has been received instead of immediately after the transaction is - initiated by the client. - - The value of Request is a Gateway API Duration string as defined by GEP-2257. When this - field is unspecified, request timeout behavior is implementation-specific. - - Support: Extended - pattern: ^([0-9]{1,5}(h|m|s|ms)){1,4}$ - type: string - type: object - x-kubernetes-validations: - - message: backendRequest timeout cannot be longer than request - timeout - rule: '!(has(self.request) && has(self.backendRequest) && - duration(self.request) != duration(''0s'') && duration(self.backendRequest) - > duration(self.request))' - type: object - x-kubernetes-validations: - - message: RequestRedirect filter must not be used together with - backendRefs - rule: '(has(self.backendRefs) && size(self.backendRefs) > 0) ? - (!has(self.filters) || self.filters.all(f, !has(f.requestRedirect))): - true' - - message: When using RequestRedirect filter with path.replacePrefixMatch, - exactly one PathPrefix match must be specified - rule: '(has(self.filters) && self.filters.exists_one(f, has(f.requestRedirect) - && has(f.requestRedirect.path) && f.requestRedirect.path.type - == ''ReplacePrefixMatch'' && has(f.requestRedirect.path.replacePrefixMatch))) - ? ((size(self.matches) != 1 || !has(self.matches[0].path) || - self.matches[0].path.type != ''PathPrefix'') ? false : true) - : true' - - message: When using URLRewrite filter with path.replacePrefixMatch, - exactly one PathPrefix match must be specified - rule: '(has(self.filters) && self.filters.exists_one(f, has(f.urlRewrite) - && has(f.urlRewrite.path) && f.urlRewrite.path.type == ''ReplacePrefixMatch'' - && has(f.urlRewrite.path.replacePrefixMatch))) ? ((size(self.matches) - != 1 || !has(self.matches[0].path) || self.matches[0].path.type - != ''PathPrefix'') ? false : true) : true' - - message: Within backendRefs, when using RequestRedirect filter - with path.replacePrefixMatch, exactly one PathPrefix match must - be specified - rule: '(has(self.backendRefs) && self.backendRefs.exists_one(b, - (has(b.filters) && b.filters.exists_one(f, has(f.requestRedirect) - && has(f.requestRedirect.path) && f.requestRedirect.path.type - == ''ReplacePrefixMatch'' && has(f.requestRedirect.path.replacePrefixMatch))) - )) ? ((size(self.matches) != 1 || !has(self.matches[0].path) - || self.matches[0].path.type != ''PathPrefix'') ? false : true) - : true' - - message: Within backendRefs, When using URLRewrite filter with - path.replacePrefixMatch, exactly one PathPrefix match must be - specified - rule: '(has(self.backendRefs) && self.backendRefs.exists_one(b, - (has(b.filters) && b.filters.exists_one(f, has(f.urlRewrite) - && has(f.urlRewrite.path) && f.urlRewrite.path.type == ''ReplacePrefixMatch'' - && has(f.urlRewrite.path.replacePrefixMatch))) )) ? ((size(self.matches) - != 1 || !has(self.matches[0].path) || self.matches[0].path.type - != ''PathPrefix'') ? false : true) : true' - maxItems: 16 - type: array - x-kubernetes-validations: - - message: While 16 rules and 64 matches per rule are allowed, the - total number of matches across all rules in a route must be less - than 128 - rule: '(self.size() > 0 ? self[0].matches.size() : 0) + (self.size() - > 1 ? self[1].matches.size() : 0) + (self.size() > 2 ? self[2].matches.size() - : 0) + (self.size() > 3 ? self[3].matches.size() : 0) + (self.size() - > 4 ? self[4].matches.size() : 0) + (self.size() > 5 ? self[5].matches.size() - : 0) + (self.size() > 6 ? self[6].matches.size() : 0) + (self.size() - > 7 ? self[7].matches.size() : 0) + (self.size() > 8 ? self[8].matches.size() - : 0) + (self.size() > 9 ? self[9].matches.size() : 0) + (self.size() - > 10 ? self[10].matches.size() : 0) + (self.size() > 11 ? self[11].matches.size() - : 0) + (self.size() > 12 ? self[12].matches.size() : 0) + (self.size() - > 13 ? self[13].matches.size() : 0) + (self.size() > 14 ? self[14].matches.size() - : 0) + (self.size() > 15 ? self[15].matches.size() : 0) <= 128' - type: object - status: - description: Status defines the current state of HTTPRoute. - properties: - parents: - description: |- - Parents is a list of parent resources (usually Gateways) that are - associated with the route, and the status of the route with respect to - each parent. When this route attaches to a parent, the controller that - manages the parent must add an entry to this list when the controller - first sees the route and should update the entry as appropriate when the - route or gateway is modified. - - Note that parent references that cannot be resolved by an implementation - of this API will not be added to this list. Implementations of this API - can only populate Route status for the Gateways/parent resources they are - responsible for. - - A maximum of 32 Gateways will be represented in this list. An empty list - means the route has not been attached to any Gateway. - items: - description: |- - RouteParentStatus describes the status of a route with respect to an - associated Parent. - properties: - conditions: - description: |- - Conditions describes the status of the route with respect to the Gateway. - Note that the route's availability is also subject to the Gateway's own - status conditions and listener status. - - If the Route's ParentRef specifies an existing Gateway that supports - Routes of this kind AND that Gateway's controller has sufficient access, - then that Gateway's controller MUST set the "Accepted" condition on the - Route, to indicate whether the route has been accepted or rejected by the - Gateway, and why. - - A Route MUST be considered "Accepted" if at least one of the Route's - rules is implemented by the Gateway. - - There are a number of cases where the "Accepted" condition may not be set - due to lack of controller visibility, that includes when: - - * The Route refers to a non-existent parent. - * The Route is of a type that the controller does not support. - * The Route is in a namespace the controller does not have access to. - items: - description: Condition contains details for one aspect of - the current state of this API Resource. - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, - Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - maxItems: 8 - minItems: 1 - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - controllerName: - description: |- - ControllerName is a domain/path string that indicates the name of the - controller that wrote this status. This corresponds with the - controllerName field on GatewayClass. - - Example: "example.net/gateway-controller". - - The format of this field is DOMAIN "/" PATH, where DOMAIN and PATH are - valid Kubernetes names - (https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names). - - Controllers MUST populate this field when writing status. Controllers should ensure that - entries to status populated with their ControllerName are cleaned up when they are no - longer necessary. - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9\/\-._~%!$&'()*+,;=:]+$ - type: string - parentRef: - description: |- - ParentRef corresponds with a ParentRef in the spec that this - RouteParentStatus struct describes the status of. - properties: - group: - default: gateway.networking.k8s.io - description: |- - Group is the group of the referent. - When unspecified, "gateway.networking.k8s.io" is inferred. - To set the core API group (such as for a "Service" kind referent), - Group must be explicitly set to "" (empty string). - - Support: Core - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Gateway - description: |- - Kind is kind of the referent. - - There are two kinds of parent resources with "Core" support: - - * Gateway (Gateway conformance profile) - * Service (Mesh conformance profile, ClusterIP Services only) - - Support for other resources is Implementation-Specific. - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: |- - Name is the name of the referent. - - Support: Core - maxLength: 253 - minLength: 1 - type: string - namespace: - description: |- - Namespace is the namespace of the referent. When unspecified, this refers - to the local namespace of the Route. - - Note that there are specific rules for ParentRefs which cross namespace - boundaries. Cross-namespace references are only valid if they are explicitly - allowed by something in the namespace they are referring to. For example: - Gateway has the AllowedRoutes field, and ReferenceGrant provides a - generic way to enable any other kind of cross-namespace reference. - - - - Support: Core - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - port: - description: |- - Port is the network port this Route targets. It can be interpreted - differently based on the type of parent resource. - - When the parent resource is a Gateway, this targets all listeners - listening on the specified port that also support this kind of Route(and - select this Route). It's not recommended to set `Port` unless the - networking behaviors specified in a Route must apply to a specific port - as opposed to a listener(s) whose port(s) may be changed. When both Port - and SectionName are specified, the name and port of the selected listener - must match both specified values. - - - - Implementations MAY choose to support other parent resources. - Implementations supporting other types of parent resources MUST clearly - document how/if Port is interpreted. - - For the purpose of status, an attachment is considered successful as - long as the parent resource accepts it partially. For example, Gateway - listeners can restrict which Routes can attach to them by Route kind, - namespace, or hostname. If 1 of 2 Gateway listeners accept attachment - from the referencing Route, the Route MUST be considered successfully - attached. If no Gateway listeners accept attachment from this Route, - the Route MUST be considered detached from the Gateway. - - Support: Extended - format: int32 - maximum: 65535 - minimum: 1 - type: integer - sectionName: - description: |- - SectionName is the name of a section within the target resource. In the - following resources, SectionName is interpreted as the following: - - * Gateway: Listener name. When both Port (experimental) and SectionName - are specified, the name and port of the selected listener must match - both specified values. - * Service: Port name. When both Port (experimental) and SectionName - are specified, the name and port of the selected listener must match - both specified values. - - Implementations MAY choose to support attaching Routes to other resources. - If that is the case, they MUST clearly document how SectionName is - interpreted. - - When unspecified (empty string), this will reference the entire resource. - For the purpose of status, an attachment is considered successful if at - least one section in the parent resource accepts it. For example, Gateway - listeners can restrict which Routes can attach to them by Route kind, - namespace, or hostname. If 1 of 2 Gateway listeners accept attachment from - the referencing Route, the Route MUST be considered successfully - attached. If no Gateway listeners accept attachment from this Route, the - Route MUST be considered detached from the Gateway. - - Support: Core - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - required: - - name - type: object - required: - - controllerName - - parentRef - type: object - maxItems: 32 - type: array - required: - - parents - type: object - required: - - spec - type: object - served: true - storage: false - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: null - storedVersions: null ---- -# -# config/crd/standard/gateway.networking.k8s.io_referencegrants.yaml -# -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - api-approved.kubernetes.io: https://github.com/kubernetes-sigs/gateway-api/pull/3328 - gateway.networking.k8s.io/bundle-version: v1.2.0 - gateway.networking.k8s.io/channel: standard - creationTimestamp: null - name: referencegrants.gateway.networking.k8s.io -spec: - group: gateway.networking.k8s.io - names: - categories: - - gateway-api - kind: ReferenceGrant - listKind: ReferenceGrantList - plural: referencegrants - shortNames: - - refgrant - singular: referencegrant - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1beta1 - schema: - openAPIV3Schema: - description: |- - ReferenceGrant identifies kinds of resources in other namespaces that are - trusted to reference the specified kinds of resources in the same namespace - as the policy. - - Each ReferenceGrant can be used to represent a unique trust relationship. - Additional Reference Grants can be used to add to the set of trusted - sources of inbound references for the namespace they are defined within. - - All cross-namespace references in Gateway API (with the exception of cross-namespace - Gateway-route attachment) require a ReferenceGrant. - - ReferenceGrant is a form of runtime verification allowing users to assert - which cross-namespace object references are permitted. Implementations that - support ReferenceGrant MUST NOT permit cross-namespace references which have - no grant, and MUST respond to the removal of a grant by revoking the access - that the grant allowed. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: Spec defines the desired state of ReferenceGrant. - properties: - from: - description: |- - From describes the trusted namespaces and kinds that can reference the - resources described in "To". Each entry in this list MUST be considered - to be an additional place that references can be valid from, or to put - this another way, entries MUST be combined using OR. - - Support: Core - items: - description: ReferenceGrantFrom describes trusted namespaces and - kinds. - properties: - group: - description: |- - Group is the group of the referent. - When empty, the Kubernetes core API group is inferred. - - Support: Core - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - description: |- - Kind is the kind of the referent. Although implementations may support - additional resources, the following types are part of the "Core" - support level for this field. - - When used to permit a SecretObjectReference: - - * Gateway - - When used to permit a BackendObjectReference: - - * GRPCRoute - * HTTPRoute - * TCPRoute - * TLSRoute - * UDPRoute - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - namespace: - description: |- - Namespace is the namespace of the referent. - - Support: Core - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - required: - - group - - kind - - namespace - type: object - maxItems: 16 - minItems: 1 - type: array - to: - description: |- - To describes the resources that may be referenced by the resources - described in "From". Each entry in this list MUST be considered to be an - additional place that references can be valid to, or to put this another - way, entries MUST be combined using OR. - - Support: Core - items: - description: |- - ReferenceGrantTo describes what Kinds are allowed as targets of the - references. - properties: - group: - description: |- - Group is the group of the referent. - When empty, the Kubernetes core API group is inferred. - - Support: Core - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - description: |- - Kind is the kind of the referent. Although implementations may support - additional resources, the following types are part of the "Core" - support level for this field: - - * Secret when used to permit a SecretObjectReference - * Service when used to permit a BackendObjectReference - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: |- - Name is the name of the referent. When unspecified, this policy - refers to all resources of the specified Group and Kind in the local - namespace. - maxLength: 253 - minLength: 1 - type: string - required: - - group - - kind - type: object - maxItems: 16 - minItems: 1 - type: array - required: - - from - - to - type: object - type: object - served: true - storage: true - subresources: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: null - storedVersions: null diff --git a/charts/traefik/traefik/crds/hub.traefik.io_accesscontrolpolicies.yaml b/charts/traefik/traefik/crds/hub.traefik.io_accesscontrolpolicies.yaml deleted file mode 100644 index 821f969..0000000 --- a/charts/traefik/traefik/crds/hub.traefik.io_accesscontrolpolicies.yaml +++ /dev/null @@ -1,368 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.14.0 - name: accesscontrolpolicies.hub.traefik.io -spec: - group: hub.traefik.io - names: - kind: AccessControlPolicy - listKind: AccessControlPolicyList - plural: accesscontrolpolicies - singular: accesscontrolpolicy - scope: Cluster - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: AccessControlPolicy defines an access control policy. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: AccessControlPolicySpec configures an access control policy. - properties: - apiKey: - description: AccessControlPolicyAPIKey configure an APIKey control - policy. - properties: - forwardHeaders: - additionalProperties: - type: string - description: ForwardHeaders instructs the middleware to forward - key metadata as header values upon successful authentication. - type: object - keySource: - description: KeySource defines how to extract API keys from requests. - properties: - cookie: - description: Cookie is the name of a cookie. - type: string - header: - description: Header is the name of a header. - type: string - headerAuthScheme: - description: |- - HeaderAuthScheme sets an optional auth scheme when Header is set to "Authorization". - If set, this scheme is removed from the token, and all requests not including it are dropped. - type: string - query: - description: Query is the name of a query parameter. - type: string - type: object - keys: - description: Keys define the set of authorized keys to access - a protected resource. - items: - description: AccessControlPolicyAPIKeyKey defines an API key. - properties: - id: - description: ID is the unique identifier of the key. - type: string - metadata: - additionalProperties: - type: string - description: Metadata holds arbitrary metadata for this - key, can be used by ForwardHeaders. - type: object - value: - description: Value is the SHAKE-256 hash (using 64 bytes) - of the API key. - type: string - required: - - id - - value - type: object - type: array - required: - - keySource - type: object - basicAuth: - description: AccessControlPolicyBasicAuth holds the HTTP basic authentication - configuration. - properties: - forwardUsernameHeader: - type: string - realm: - type: string - stripAuthorizationHeader: - type: boolean - users: - items: - type: string - type: array - type: object - jwt: - description: AccessControlPolicyJWT configures a JWT access control - policy. - properties: - claims: - type: string - forwardHeaders: - additionalProperties: - type: string - type: object - jwksFile: - type: string - jwksUrl: - type: string - publicKey: - type: string - signingSecret: - type: string - signingSecretBase64Encoded: - type: boolean - stripAuthorizationHeader: - type: boolean - tokenQueryKey: - type: string - type: object - oAuthIntro: - description: AccessControlOAuthIntro configures an OAuth 2.0 Token - Introspection access control policy. - properties: - claims: - type: string - clientConfig: - description: AccessControlOAuthIntroClientConfig configures the - OAuth 2.0 client for issuing token introspection requests. - properties: - headers: - additionalProperties: - type: string - description: Headers to set when sending requests to the Authorization - Server. - type: object - maxRetries: - default: 3 - description: MaxRetries defines the number of retries for - introspection requests. - type: integer - timeoutSeconds: - default: 5 - description: TimeoutSeconds configures the maximum amount - of seconds to wait before giving up on requests. - type: integer - tls: - description: TLS configures TLS communication with the Authorization - Server. - properties: - ca: - description: CA sets the CA bundle used to sign the Authorization - Server certificate. - type: string - insecureSkipVerify: - description: |- - InsecureSkipVerify skips the Authorization Server certificate validation. - For testing purposes only, do not use in production. - type: boolean - type: object - tokenTypeHint: - description: |- - TokenTypeHint is a hint to pass to the Authorization Server. - See https://tools.ietf.org/html/rfc7662#section-2.1 for more information. - type: string - url: - description: URL of the Authorization Server. - type: string - required: - - url - type: object - forwardHeaders: - additionalProperties: - type: string - type: object - tokenSource: - description: |- - TokenSource describes how to extract tokens from HTTP requests. - If multiple sources are set, the order is the following: header > query > cookie. - properties: - cookie: - description: Cookie is the name of a cookie. - type: string - header: - description: Header is the name of a header. - type: string - headerAuthScheme: - description: |- - HeaderAuthScheme sets an optional auth scheme when Header is set to "Authorization". - If set, this scheme is removed from the token, and all requests not including it are dropped. - type: string - query: - description: Query is the name of a query parameter. - type: string - type: object - required: - - clientConfig - - tokenSource - type: object - oidc: - description: AccessControlPolicyOIDC holds the OIDC authentication - configuration. - properties: - authParams: - additionalProperties: - type: string - type: object - claims: - type: string - clientId: - type: string - disableAuthRedirectionPaths: - items: - type: string - type: array - forwardHeaders: - additionalProperties: - type: string - type: object - issuer: - type: string - logoutUrl: - type: string - redirectUrl: - type: string - scopes: - items: - type: string - type: array - secret: - description: |- - SecretReference represents a Secret Reference. It has enough information to retrieve secret - in any namespace - properties: - name: - description: name is unique within a namespace to reference - a secret resource. - type: string - namespace: - description: namespace defines the space within which the - secret name must be unique. - type: string - type: object - x-kubernetes-map-type: atomic - session: - description: Session holds session configuration. - properties: - domain: - type: string - path: - type: string - refresh: - type: boolean - sameSite: - type: string - secure: - type: boolean - type: object - stateCookie: - description: StateCookie holds state cookie configuration. - properties: - domain: - type: string - path: - type: string - sameSite: - type: string - secure: - type: boolean - type: object - type: object - oidcGoogle: - description: AccessControlPolicyOIDCGoogle holds the Google OIDC authentication - configuration. - properties: - authParams: - additionalProperties: - type: string - type: object - clientId: - type: string - emails: - description: Emails are the allowed emails to connect. - items: - type: string - minItems: 1 - type: array - forwardHeaders: - additionalProperties: - type: string - type: object - logoutUrl: - type: string - redirectUrl: - type: string - secret: - description: |- - SecretReference represents a Secret Reference. It has enough information to retrieve secret - in any namespace - properties: - name: - description: name is unique within a namespace to reference - a secret resource. - type: string - namespace: - description: namespace defines the space within which the - secret name must be unique. - type: string - type: object - x-kubernetes-map-type: atomic - session: - description: Session holds session configuration. - properties: - domain: - type: string - path: - type: string - refresh: - type: boolean - sameSite: - type: string - secure: - type: boolean - type: object - stateCookie: - description: StateCookie holds state cookie configuration. - properties: - domain: - type: string - path: - type: string - sameSite: - type: string - secure: - type: boolean - type: object - type: object - type: object - status: - description: The current status of this access control policy. - properties: - specHash: - type: string - syncedAt: - format: date-time - type: string - version: - type: string - type: object - type: object - served: true - storage: true diff --git a/charts/traefik/traefik/crds/hub.traefik.io_apiaccesses.yaml b/charts/traefik/traefik/crds/hub.traefik.io_apiaccesses.yaml deleted file mode 100644 index ee8ecaf..0000000 --- a/charts/traefik/traefik/crds/hub.traefik.io_apiaccesses.yaml +++ /dev/null @@ -1,188 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.14.0 - name: apiaccesses.hub.traefik.io -spec: - group: hub.traefik.io - names: - kind: APIAccess - listKind: APIAccessList - plural: apiaccesses - singular: apiaccess - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: APIAccess defines who can access to a set of APIs. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: The desired behavior of this APIAccess. - properties: - apiBundles: - description: |- - APIBundles defines a set of APIBundle that will be accessible to the configured audience. - Multiple APIAccesses can select the same APIBundles. - items: - description: APIBundleReference references an APIBundle. - properties: - name: - description: Name of the APIBundle. - maxLength: 253 - type: string - required: - - name - type: object - maxItems: 100 - type: array - x-kubernetes-validations: - - message: duplicated apiBundles - rule: self.all(x, self.exists_one(y, x.name == y.name)) - apiPlan: - description: APIPlan defines which APIPlan will be used. - properties: - name: - description: Name of the APIPlan. - maxLength: 253 - type: string - required: - - name - type: object - apiSelector: - description: |- - APISelector selects the APIs that will be accessible to the configured audience. - Multiple APIAccesses can select the same set of APIs. - This field is optional and follows standard label selector semantics. - An empty APISelector matches any API. - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - apis: - description: |- - APIs defines a set of APIs that will be accessible to the configured audience. - Multiple APIAccesses can select the same APIs. - When combined with APISelector, this set of APIs is appended to the matching APIs. - items: - description: APIReference references an API. - properties: - name: - description: Name of the API. - maxLength: 253 - type: string - required: - - name - type: object - maxItems: 100 - type: array - x-kubernetes-validations: - - message: duplicated apis - rule: self.all(x, self.exists_one(y, x.name == y.name)) - everyone: - description: Everyone indicates that all users will have access to - the selected APIs. - type: boolean - groups: - description: Groups are the consumer groups that will gain access - to the selected APIs. - items: - type: string - type: array - operationFilter: - description: |- - OperationFilter specifies the allowed operations on APIs and APIVersions. - If not set, all operations are available. - An empty OperationFilter prohibits all operations. - properties: - include: - description: Include defines the names of OperationSets that will - be accessible. - items: - type: string - maxItems: 100 - type: array - type: object - weight: - description: Weight specifies the evaluation order of the plan. - type: integer - x-kubernetes-validations: - - message: must be a positive number - rule: self >= 0 - type: object - x-kubernetes-validations: - - message: groups and everyone are mutually exclusive - rule: '(has(self.everyone) && has(self.groups)) ? !(self.everyone && - self.groups.size() > 0) : true' - status: - description: The current status of this APIAccess. - properties: - hash: - description: Hash is a hash representing the APIAccess. - type: string - syncedAt: - format: date-time - type: string - version: - type: string - type: object - type: object - served: true - storage: true diff --git a/charts/traefik/traefik/crds/hub.traefik.io_apibundles.yaml b/charts/traefik/traefik/crds/hub.traefik.io_apibundles.yaml deleted file mode 100644 index a45a0b1..0000000 --- a/charts/traefik/traefik/crds/hub.traefik.io_apibundles.yaml +++ /dev/null @@ -1,125 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.14.0 - name: apibundles.hub.traefik.io -spec: - group: hub.traefik.io - names: - kind: APIBundle - listKind: APIBundleList - plural: apibundles - singular: apibundle - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: APIBundle defines a set of APIs. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: The desired behavior of this APIBundle. - properties: - apiSelector: - description: |- - APISelector selects the APIs that will be accessible to the configured audience. - Multiple APIBundles can select the same set of APIs. - This field is optional and follows standard label selector semantics. - An empty APISelector matches any API. - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - apis: - description: |- - APIs defines a set of APIs that will be accessible to the configured audience. - Multiple APIBundles can select the same APIs. - When combined with APISelector, this set of APIs is appended to the matching APIs. - items: - description: APIReference references an API. - properties: - name: - description: Name of the API. - maxLength: 253 - type: string - required: - - name - type: object - maxItems: 100 - type: array - x-kubernetes-validations: - - message: duplicated apis - rule: self.all(x, self.exists_one(y, x.name == y.name)) - type: object - status: - description: The current status of this APIBundle. - properties: - hash: - description: Hash is a hash representing the APIBundle. - type: string - syncedAt: - format: date-time - type: string - version: - type: string - type: object - type: object - served: true - storage: true diff --git a/charts/traefik/traefik/crds/hub.traefik.io_apiplans.yaml b/charts/traefik/traefik/crds/hub.traefik.io_apiplans.yaml deleted file mode 100644 index 92e1b9b..0000000 --- a/charts/traefik/traefik/crds/hub.traefik.io_apiplans.yaml +++ /dev/null @@ -1,103 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.14.0 - name: apiplans.hub.traefik.io -spec: - group: hub.traefik.io - names: - kind: APIPlan - listKind: APIPlanList - plural: apiplans - singular: apiplan - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: APIPlan defines API Plan policy. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: The desired behavior of this APIPlan. - properties: - description: - description: Description describes the plan. - type: string - quota: - description: Quota defines the quota policy. - properties: - limit: - description: Limit is the maximum number of token in the bucket. - type: integer - x-kubernetes-validations: - - message: must be a positive number - rule: self >= 0 - period: - description: Period is the unit of time for the Limit. - format: duration - type: string - x-kubernetes-validations: - - message: must be between 1s and 9999h - rule: self >= duration('1s') && self <= duration('9999h') - required: - - limit - type: object - rateLimit: - description: RateLimit defines the rate limit policy. - properties: - limit: - description: Limit is the maximum number of token in the bucket. - type: integer - x-kubernetes-validations: - - message: must be a positive number - rule: self >= 0 - period: - description: Period is the unit of time for the Limit. - format: duration - type: string - x-kubernetes-validations: - - message: must be between 1s and 1h - rule: self >= duration('1s') && self <= duration('1h') - required: - - limit - type: object - title: - description: Title is the human-readable name of the plan. - type: string - required: - - title - type: object - status: - description: The current status of this APIPlan. - properties: - hash: - description: Hash is a hash representing the APIPlan. - type: string - syncedAt: - format: date-time - type: string - version: - type: string - type: object - type: object - served: true - storage: true diff --git a/charts/traefik/traefik/crds/hub.traefik.io_apiportals.yaml b/charts/traefik/traefik/crds/hub.traefik.io_apiportals.yaml deleted file mode 100644 index bc04170..0000000 --- a/charts/traefik/traefik/crds/hub.traefik.io_apiportals.yaml +++ /dev/null @@ -1,139 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.14.0 - name: apiportals.hub.traefik.io -spec: - group: hub.traefik.io - names: - kind: APIPortal - listKind: APIPortalList - plural: apiportals - singular: apiportal - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: APIPortal defines a developer portal for accessing the documentation - of APIs. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: The desired behavior of this APIPortal. - properties: - description: - description: Description of the APIPortal. - type: string - title: - description: Title is the public facing name of the APIPortal. - type: string - trustedUrls: - description: TrustedURLs are the urls that are trusted by the OAuth - 2.0 authorization server. - items: - type: string - maxItems: 1 - minItems: 1 - type: array - x-kubernetes-validations: - - message: must be a valid URLs - rule: self.all(x, isURL(x)) - ui: - description: UI holds the UI customization options. - properties: - logoUrl: - description: LogoURL is the public URL of the logo. - type: string - type: object - required: - - trustedUrls - type: object - status: - description: The current status of this APIPortal. - properties: - hash: - description: Hash is a hash representing the APIPortal. - type: string - oidc: - description: OIDC is the OIDC configuration for accessing the exposed - APIPortal WebUI. - properties: - clientId: - description: ClientID is the OIDC ClientID for accessing the exposed - APIPortal WebUI. - type: string - companyClaim: - description: CompanyClaim is the name of the JWT claim containing - the user company. - type: string - emailClaim: - description: EmailClaim is the name of the JWT claim containing - the user email. - type: string - firstnameClaim: - description: FirstnameClaim is the name of the JWT claim containing - the user firstname. - type: string - generic: - description: Generic indicates whether or not the APIPortal authentication - relies on Generic OIDC. - type: boolean - groupsClaim: - description: GroupsClaim is the name of the JWT claim containing - the user groups. - type: string - issuer: - description: Issuer is the OIDC issuer for accessing the exposed - APIPortal WebUI. - type: string - lastnameClaim: - description: LastnameClaim is the name of the JWT claim containing - the user lastname. - type: string - scopes: - description: Scopes is the OIDC scopes for getting user attributes - during the authentication to the exposed APIPortal WebUI. - type: string - secretName: - description: SecretName is the name of the secret containing the - OIDC ClientSecret for accessing the exposed APIPortal WebUI. - type: string - syncedAttributes: - description: SyncedAttributes configure the user attributes to - sync. - items: - type: string - type: array - userIdClaim: - description: UserIDClaim is the name of the JWT claim containing - the user ID. - type: string - type: object - syncedAt: - format: date-time - type: string - version: - type: string - type: object - type: object - served: true - storage: true diff --git a/charts/traefik/traefik/crds/hub.traefik.io_apiratelimits.yaml b/charts/traefik/traefik/crds/hub.traefik.io_apiratelimits.yaml deleted file mode 100644 index 8e328d3..0000000 --- a/charts/traefik/traefik/crds/hub.traefik.io_apiratelimits.yaml +++ /dev/null @@ -1,166 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.14.0 - name: apiratelimits.hub.traefik.io -spec: - group: hub.traefik.io - names: - kind: APIRateLimit - listKind: APIRateLimitList - plural: apiratelimits - singular: apiratelimit - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: APIRateLimit defines how group of consumers are rate limited - on a set of APIs. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: The desired behavior of this APIRateLimit. - properties: - apiSelector: - description: |- - APISelector selects the APIs that will be rate limited. - Multiple APIRateLimits can select the same set of APIs. - This field is optional and follows standard label selector semantics. - An empty APISelector matches any API. - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - apis: - description: |- - APIs defines a set of APIs that will be rate limited. - Multiple APIRateLimits can select the same APIs. - When combined with APISelector, this set of APIs is appended to the matching APIs. - items: - description: APIReference references an API. - properties: - name: - description: Name of the API. - maxLength: 253 - type: string - required: - - name - type: object - maxItems: 100 - type: array - x-kubernetes-validations: - - message: duplicated apis - rule: self.all(x, self.exists_one(y, x.name == y.name)) - everyone: - description: |- - Everyone indicates that all users will, by default, be rate limited with this configuration. - If an APIRateLimit explicitly target a group, the default rate limit will be ignored. - type: boolean - groups: - description: |- - Groups are the consumer groups that will be rate limited. - Multiple APIRateLimits can target the same set of consumer groups, the most restrictive one applies. - When a consumer belongs to multiple groups, the least restrictive APIRateLimit applies. - items: - type: string - type: array - limit: - description: Limit is the maximum number of token in the bucket. - type: integer - x-kubernetes-validations: - - message: must be a positive number - rule: self >= 0 - period: - description: Period is the unit of time for the Limit. - format: duration - type: string - x-kubernetes-validations: - - message: must be between 1s and 1h - rule: self >= duration('1s') && self <= duration('1h') - strategy: - description: |- - Strategy defines how the bucket state will be synchronized between the different Traefik Hub instances. - It can be, either "local" or "distributed". - enum: - - local - - distributed - type: string - required: - - limit - type: object - x-kubernetes-validations: - - message: groups and everyone are mutually exclusive - rule: '(has(self.everyone) && has(self.groups)) ? !(self.everyone && - self.groups.size() > 0) : true' - status: - description: The current status of this APIRateLimit. - properties: - hash: - description: Hash is a hash representing the APIRateLimit. - type: string - syncedAt: - format: date-time - type: string - version: - type: string - type: object - type: object - served: true - storage: true diff --git a/charts/traefik/traefik/crds/hub.traefik.io_apis.yaml b/charts/traefik/traefik/crds/hub.traefik.io_apis.yaml deleted file mode 100644 index a7b9e5e..0000000 --- a/charts/traefik/traefik/crds/hub.traefik.io_apis.yaml +++ /dev/null @@ -1,190 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.14.0 - name: apis.hub.traefik.io -spec: - group: hub.traefik.io - names: - kind: API - listKind: APIList - plural: apis - singular: api - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: |- - API defines an HTTP interface that is exposed to external clients. It specifies the supported versions - and provides instructions for accessing its documentation. Once instantiated, an API object is associated - with an Ingress, IngressRoute, or HTTPRoute resource, enabling the exposure of the described API to the outside world. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: APISpec describes the API. - properties: - openApiSpec: - description: OpenAPISpec defines the API contract as an OpenAPI specification. - properties: - operationSets: - description: OperationSets defines the sets of operations to be - referenced for granular filtering in APIAccesses. - items: - description: |- - OperationSet gives a name to a set of matching OpenAPI operations. - This set of operations can then be referenced for granular filtering in APIAccesses. - properties: - matchers: - description: Matchers defines a list of alternative rules - for matching OpenAPI operations. - items: - description: OperationMatcher defines criteria for matching - an OpenAPI operation. - minProperties: 1 - properties: - methods: - description: Methods specifies the HTTP methods to - be included for selection. - items: - type: string - maxItems: 10 - type: array - path: - description: Path specifies the exact path of the - operations to select. - maxLength: 255 - type: string - x-kubernetes-validations: - - message: must start with a '/' - rule: self.startsWith('/') - - message: cannot contains '../' - rule: '!self.matches(r"""(\/\.\.\/)|(\/\.\.$)""")' - pathPrefix: - description: PathPrefix specifies the path prefix - of the operations to select. - maxLength: 255 - type: string - x-kubernetes-validations: - - message: must start with a '/' - rule: self.startsWith('/') - - message: cannot contains '../' - rule: '!self.matches(r"""(\/\.\.\/)|(\/\.\.$)""")' - pathRegex: - description: PathRegex specifies a regular expression - pattern for matching operations based on their paths. - type: string - type: object - x-kubernetes-validations: - - message: path, pathPrefix and pathRegex are mutually - exclusive - rule: '[has(self.path), has(self.pathPrefix), has(self.pathRegex)].filter(x, - x).size() <= 1' - maxItems: 100 - minItems: 1 - type: array - name: - description: Name is the name of the OperationSet to reference - in APIAccesses. - maxLength: 253 - type: string - required: - - matchers - - name - type: object - maxItems: 100 - type: array - override: - description: Override holds data used to override OpenAPI specification. - properties: - servers: - items: - properties: - url: - type: string - x-kubernetes-validations: - - message: must be a valid URL - rule: isURL(self) - required: - - url - type: object - maxItems: 100 - minItems: 1 - type: array - required: - - servers - type: object - path: - description: |- - Path specifies the endpoint path within the Kubernetes Service where the OpenAPI specification can be obtained. - The Service queried is determined by the associated Ingress, IngressRoute, or HTTPRoute resource to which the API is attached. - It's important to note that this option is incompatible if the Ingress or IngressRoute specifies multiple backend services. - The Path must be accessible via a GET request method and should serve a YAML or JSON document containing the OpenAPI specification. - maxLength: 255 - type: string - x-kubernetes-validations: - - message: must start with a '/' - rule: self.startsWith('/') - - message: cannot contains '../' - rule: '!self.matches(r"""(\/\.\.\/)|(\/\.\.$)""")' - url: - description: |- - URL is a Traefik Hub agent accessible URL for obtaining the OpenAPI specification. - The URL must be accessible via a GET request method and should serve a YAML or JSON document containing the OpenAPI specification. - type: string - x-kubernetes-validations: - - message: must be a valid URL - rule: isURL(self) - type: object - x-kubernetes-validations: - - message: path or url must be defined - rule: has(self.path) || has(self.url) - versions: - description: Versions are the different APIVersions available. - items: - description: APIVersionRef references an APIVersion. - properties: - name: - description: Name of the APIVersion. - maxLength: 253 - type: string - required: - - name - type: object - maxItems: 100 - minItems: 1 - type: array - type: object - status: - description: The current status of this API. - properties: - hash: - description: Hash is a hash representing the API. - type: string - syncedAt: - format: date-time - type: string - version: - type: string - type: object - type: object - served: true - storage: true diff --git a/charts/traefik/traefik/crds/hub.traefik.io_apiversions.yaml b/charts/traefik/traefik/crds/hub.traefik.io_apiversions.yaml deleted file mode 100644 index 97184ef..0000000 --- a/charts/traefik/traefik/crds/hub.traefik.io_apiversions.yaml +++ /dev/null @@ -1,194 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.14.0 - name: apiversions.hub.traefik.io -spec: - group: hub.traefik.io - names: - kind: APIVersion - listKind: APIVersionList - plural: apiversions - singular: apiversion - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .spec.title - name: Title - type: string - - jsonPath: .spec.release - name: Release - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: APIVersion defines a version of an API. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: The desired behavior of this APIVersion. - properties: - openApiSpec: - description: OpenAPISpec defines the API contract as an OpenAPI specification. - properties: - operationSets: - description: OperationSets defines the sets of operations to be - referenced for granular filtering in APIAccesses. - items: - description: |- - OperationSet gives a name to a set of matching OpenAPI operations. - This set of operations can then be referenced for granular filtering in APIAccesses. - properties: - matchers: - description: Matchers defines a list of alternative rules - for matching OpenAPI operations. - items: - description: OperationMatcher defines criteria for matching - an OpenAPI operation. - minProperties: 1 - properties: - methods: - description: Methods specifies the HTTP methods to - be included for selection. - items: - type: string - maxItems: 10 - type: array - path: - description: Path specifies the exact path of the - operations to select. - maxLength: 255 - type: string - x-kubernetes-validations: - - message: must start with a '/' - rule: self.startsWith('/') - - message: cannot contains '../' - rule: '!self.matches(r"""(\/\.\.\/)|(\/\.\.$)""")' - pathPrefix: - description: PathPrefix specifies the path prefix - of the operations to select. - maxLength: 255 - type: string - x-kubernetes-validations: - - message: must start with a '/' - rule: self.startsWith('/') - - message: cannot contains '../' - rule: '!self.matches(r"""(\/\.\.\/)|(\/\.\.$)""")' - pathRegex: - description: PathRegex specifies a regular expression - pattern for matching operations based on their paths. - type: string - type: object - x-kubernetes-validations: - - message: path, pathPrefix and pathRegex are mutually - exclusive - rule: '[has(self.path), has(self.pathPrefix), has(self.pathRegex)].filter(x, - x).size() <= 1' - maxItems: 100 - minItems: 1 - type: array - name: - description: Name is the name of the OperationSet to reference - in APIAccesses. - maxLength: 253 - type: string - required: - - matchers - - name - type: object - maxItems: 100 - type: array - override: - description: Override holds data used to override OpenAPI specification. - properties: - servers: - items: - properties: - url: - type: string - x-kubernetes-validations: - - message: must be a valid URL - rule: isURL(self) - required: - - url - type: object - maxItems: 100 - minItems: 1 - type: array - required: - - servers - type: object - path: - description: |- - Path specifies the endpoint path within the Kubernetes Service where the OpenAPI specification can be obtained. - The Service queried is determined by the associated Ingress, IngressRoute, or HTTPRoute resource to which the API is attached. - It's important to note that this option is incompatible if the Ingress or IngressRoute specifies multiple backend services. - The Path must be accessible via a GET request method and should serve a YAML or JSON document containing the OpenAPI specification. - maxLength: 255 - type: string - x-kubernetes-validations: - - message: must start with a '/' - rule: self.startsWith('/') - - message: cannot contains '../' - rule: '!self.matches(r"""(\/\.\.\/)|(\/\.\.$)""")' - url: - description: |- - URL is a Traefik Hub agent accessible URL for obtaining the OpenAPI specification. - The URL must be accessible via a GET request method and should serve a YAML or JSON document containing the OpenAPI specification. - type: string - x-kubernetes-validations: - - message: must be a valid URL - rule: isURL(self) - type: object - x-kubernetes-validations: - - message: path or url must be defined - rule: has(self.path) || has(self.url) - release: - description: |- - Release is the version number of the API. - This value must follow the SemVer format: https://semver.org/ - maxLength: 100 - type: string - x-kubernetes-validations: - - message: must be a valid semver version - rule: self.matches(r"""^v?(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(?:-((?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?$""") - title: - description: Title is the public facing name of the APIVersion. - type: string - required: - - release - type: object - status: - description: The current status of this APIVersion. - properties: - hash: - description: Hash is a hash representing the APIVersion. - type: string - syncedAt: - format: date-time - type: string - version: - type: string - type: object - type: object - served: true - storage: true - subresources: {} diff --git a/charts/traefik/traefik/crds/traefik.io_ingressroutes.yaml b/charts/traefik/traefik/crds/traefik.io_ingressroutes.yaml deleted file mode 100644 index ccb374a..0000000 --- a/charts/traefik/traefik/crds/traefik.io_ingressroutes.yaml +++ /dev/null @@ -1,366 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.16.1 - name: ingressroutes.traefik.io -spec: - group: traefik.io - names: - kind: IngressRoute - listKind: IngressRouteList - plural: ingressroutes - singular: ingressroute - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: IngressRoute is the CRD implementation of a Traefik HTTP Router. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: IngressRouteSpec defines the desired state of IngressRoute. - properties: - entryPoints: - description: |- - EntryPoints defines the list of entry point names to bind to. - Entry points have to be configured in the static configuration. - More info: https://doc.traefik.io/traefik/v3.2/routing/entrypoints/ - Default: all. - items: - type: string - type: array - routes: - description: Routes defines the list of routes. - items: - description: Route holds the HTTP route configuration. - properties: - kind: - description: |- - Kind defines the kind of the route. - Rule is the only supported kind. - enum: - - Rule - type: string - match: - description: |- - Match defines the router's rule. - More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#rule - type: string - middlewares: - description: |- - Middlewares defines the list of references to Middleware resources. - More info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#kind-middleware - items: - description: MiddlewareRef is a reference to a Middleware - resource. - properties: - name: - description: Name defines the name of the referenced Middleware - resource. - type: string - namespace: - description: Namespace defines the namespace of the referenced - Middleware resource. - type: string - required: - - name - type: object - type: array - priority: - description: |- - Priority defines the router's priority. - More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#priority - type: integer - services: - description: |- - Services defines the list of Service. - It can contain any combination of TraefikService and/or reference to a Kubernetes Service. - items: - description: Service defines an upstream HTTP service to proxy - traffic to. - properties: - healthCheck: - description: Healthcheck defines health checks for ExternalName - services. - properties: - followRedirects: - description: |- - FollowRedirects defines whether redirects should be followed during the health check calls. - Default: true - type: boolean - headers: - additionalProperties: - type: string - description: Headers defines custom headers to be - sent to the health check endpoint. - type: object - hostname: - description: Hostname defines the value of hostname - in the Host header of the health check request. - type: string - interval: - anyOf: - - type: integer - - type: string - description: |- - Interval defines the frequency of the health check calls. - Default: 30s - x-kubernetes-int-or-string: true - method: - description: Method defines the healthcheck method. - type: string - mode: - description: |- - Mode defines the health check mode. - If defined to grpc, will use the gRPC health check protocol to probe the server. - Default: http - type: string - path: - description: Path defines the server URL path for - the health check endpoint. - type: string - port: - description: Port defines the server URL port for - the health check endpoint. - type: integer - scheme: - description: Scheme replaces the server URL scheme - for the health check endpoint. - type: string - status: - description: Status defines the expected HTTP status - code of the response to the health check request. - type: integer - timeout: - anyOf: - - type: integer - - type: string - description: |- - Timeout defines the maximum duration Traefik will wait for a health check request before considering the server unhealthy. - Default: 5s - x-kubernetes-int-or-string: true - type: object - kind: - description: Kind defines the kind of the Service. - enum: - - Service - - TraefikService - type: string - name: - description: |- - Name defines the name of the referenced Kubernetes Service or TraefikService. - The differentiation between the two is specified in the Kind field. - type: string - namespace: - description: Namespace defines the namespace of the referenced - Kubernetes Service or TraefikService. - type: string - nativeLB: - description: |- - NativeLB controls, when creating the load-balancer, - whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP. - The Kubernetes Service itself does load-balance to the pods. - By default, NativeLB is false. - type: boolean - nodePortLB: - description: |- - NodePortLB controls, when creating the load-balancer, - whether the LB's children are directly the nodes internal IPs using the nodePort when the service type is NodePort. - It allows services to be reachable when Traefik runs externally from the Kubernetes cluster but within the same network of the nodes. - By default, NodePortLB is false. - type: boolean - passHostHeader: - description: |- - PassHostHeader defines whether the client Host header is forwarded to the upstream Kubernetes Service. - By default, passHostHeader is true. - type: boolean - port: - anyOf: - - type: integer - - type: string - description: |- - Port defines the port of a Kubernetes Service. - This can be a reference to a named port. - x-kubernetes-int-or-string: true - responseForwarding: - description: ResponseForwarding defines how Traefik forwards - the response from the upstream Kubernetes Service to - the client. - properties: - flushInterval: - description: |- - FlushInterval defines the interval, in milliseconds, in between flushes to the client while copying the response body. - A negative value means to flush immediately after each write to the client. - This configuration is ignored when ReverseProxy recognizes a response as a streaming response; - for such responses, writes are flushed to the client immediately. - Default: 100ms - type: string - type: object - scheme: - description: |- - Scheme defines the scheme to use for the request to the upstream Kubernetes Service. - It defaults to https when Kubernetes Service port is 443, http otherwise. - type: string - serversTransport: - description: |- - ServersTransport defines the name of ServersTransport resource to use. - It allows to configure the transport between Traefik and your servers. - Can only be used on a Kubernetes Service. - type: string - sticky: - description: |- - Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v3.2/routing/services/#sticky-sessions - properties: - cookie: - description: Cookie defines the sticky cookie configuration. - properties: - httpOnly: - description: HTTPOnly defines whether the cookie - can be accessed by client-side APIs, such as - JavaScript. - type: boolean - maxAge: - description: |- - MaxAge indicates the number of seconds until the cookie expires. - When set to a negative number, the cookie expires immediately. - When set to zero, the cookie never expires. - type: integer - name: - description: Name defines the Cookie name. - type: string - sameSite: - description: |- - SameSite defines the same site policy. - More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite - type: string - secure: - description: Secure defines whether the cookie - can only be transmitted over an encrypted connection - (i.e. HTTPS). - type: boolean - type: object - type: object - strategy: - description: |- - Strategy defines the load balancing strategy between the servers. - RoundRobin is the only supported value at the moment. - type: string - weight: - description: |- - Weight defines the weight and should only be specified when Name references a TraefikService object - (and to be precise, one that embeds a Weighted Round Robin). - type: integer - required: - - name - type: object - type: array - syntax: - description: |- - Syntax defines the router's rule syntax. - More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#rulesyntax - type: string - required: - - kind - - match - type: object - type: array - tls: - description: |- - TLS defines the TLS configuration. - More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#tls - properties: - certResolver: - description: |- - CertResolver defines the name of the certificate resolver to use. - Cert resolvers have to be configured in the static configuration. - More info: https://doc.traefik.io/traefik/v3.2/https/acme/#certificate-resolvers - type: string - domains: - description: |- - Domains defines the list of domains that will be used to issue certificates. - More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#domains - items: - description: Domain holds a domain name with SANs. - properties: - main: - description: Main defines the main domain name. - type: string - sans: - description: SANs defines the subject alternative domain - names. - items: - type: string - type: array - type: object - type: array - options: - description: |- - Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection. - If not defined, the `default` TLSOption is used. - More info: https://doc.traefik.io/traefik/v3.2/https/tls/#tls-options - properties: - name: - description: |- - Name defines the name of the referenced TLSOption. - More info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#kind-tlsoption - type: string - namespace: - description: |- - Namespace defines the namespace of the referenced TLSOption. - More info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#kind-tlsoption - type: string - required: - - name - type: object - secretName: - description: SecretName is the name of the referenced Kubernetes - Secret to specify the certificate details. - type: string - store: - description: |- - Store defines the reference to the TLSStore, that will be used to store certificates. - Please note that only `default` TLSStore can be used. - properties: - name: - description: |- - Name defines the name of the referenced TLSStore. - More info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#kind-tlsstore - type: string - namespace: - description: |- - Namespace defines the namespace of the referenced TLSStore. - More info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#kind-tlsstore - type: string - required: - - name - type: object - type: object - required: - - routes - type: object - required: - - metadata - - spec - type: object - served: true - storage: true diff --git a/charts/traefik/traefik/crds/traefik.io_ingressroutetcps.yaml b/charts/traefik/traefik/crds/traefik.io_ingressroutetcps.yaml deleted file mode 100644 index ae675f6..0000000 --- a/charts/traefik/traefik/crds/traefik.io_ingressroutetcps.yaml +++ /dev/null @@ -1,247 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.16.1 - name: ingressroutetcps.traefik.io -spec: - group: traefik.io - names: - kind: IngressRouteTCP - listKind: IngressRouteTCPList - plural: ingressroutetcps - singular: ingressroutetcp - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: IngressRouteTCP is the CRD implementation of a Traefik TCP Router. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: IngressRouteTCPSpec defines the desired state of IngressRouteTCP. - properties: - entryPoints: - description: |- - EntryPoints defines the list of entry point names to bind to. - Entry points have to be configured in the static configuration. - More info: https://doc.traefik.io/traefik/v3.2/routing/entrypoints/ - Default: all. - items: - type: string - type: array - routes: - description: Routes defines the list of routes. - items: - description: RouteTCP holds the TCP route configuration. - properties: - match: - description: |- - Match defines the router's rule. - More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#rule_1 - type: string - middlewares: - description: Middlewares defines the list of references to MiddlewareTCP - resources. - items: - description: ObjectReference is a generic reference to a Traefik - resource. - properties: - name: - description: Name defines the name of the referenced Traefik - resource. - type: string - namespace: - description: Namespace defines the namespace of the referenced - Traefik resource. - type: string - required: - - name - type: object - type: array - priority: - description: |- - Priority defines the router's priority. - More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#priority_1 - type: integer - services: - description: Services defines the list of TCP services. - items: - description: ServiceTCP defines an upstream TCP service to - proxy traffic to. - properties: - name: - description: Name defines the name of the referenced Kubernetes - Service. - type: string - namespace: - description: Namespace defines the namespace of the referenced - Kubernetes Service. - type: string - nativeLB: - description: |- - NativeLB controls, when creating the load-balancer, - whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP. - The Kubernetes Service itself does load-balance to the pods. - By default, NativeLB is false. - type: boolean - nodePortLB: - description: |- - NodePortLB controls, when creating the load-balancer, - whether the LB's children are directly the nodes internal IPs using the nodePort when the service type is NodePort. - It allows services to be reachable when Traefik runs externally from the Kubernetes cluster but within the same network of the nodes. - By default, NodePortLB is false. - type: boolean - port: - anyOf: - - type: integer - - type: string - description: |- - Port defines the port of a Kubernetes Service. - This can be a reference to a named port. - x-kubernetes-int-or-string: true - proxyProtocol: - description: |- - ProxyProtocol defines the PROXY protocol configuration. - More info: https://doc.traefik.io/traefik/v3.2/routing/services/#proxy-protocol - properties: - version: - description: Version defines the PROXY Protocol version - to use. - type: integer - type: object - serversTransport: - description: |- - ServersTransport defines the name of ServersTransportTCP resource to use. - It allows to configure the transport between Traefik and your servers. - Can only be used on a Kubernetes Service. - type: string - terminationDelay: - description: |- - TerminationDelay defines the deadline that the proxy sets, after one of its connected peers indicates - it has closed the writing capability of its connection, to close the reading capability as well, - hence fully terminating the connection. - It is a duration in milliseconds, defaulting to 100. - A negative value means an infinite deadline (i.e. the reading capability is never closed). - Deprecated: TerminationDelay will not be supported in future APIVersions, please use ServersTransport to configure the TerminationDelay instead. - type: integer - tls: - description: TLS determines whether to use TLS when dialing - with the backend. - type: boolean - weight: - description: Weight defines the weight used when balancing - requests between multiple Kubernetes Service. - type: integer - required: - - name - - port - type: object - type: array - syntax: - description: |- - Syntax defines the router's rule syntax. - More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#rulesyntax_1 - type: string - required: - - match - type: object - type: array - tls: - description: |- - TLS defines the TLS configuration on a layer 4 / TCP Route. - More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#tls_1 - properties: - certResolver: - description: |- - CertResolver defines the name of the certificate resolver to use. - Cert resolvers have to be configured in the static configuration. - More info: https://doc.traefik.io/traefik/v3.2/https/acme/#certificate-resolvers - type: string - domains: - description: |- - Domains defines the list of domains that will be used to issue certificates. - More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#domains - items: - description: Domain holds a domain name with SANs. - properties: - main: - description: Main defines the main domain name. - type: string - sans: - description: SANs defines the subject alternative domain - names. - items: - type: string - type: array - type: object - type: array - options: - description: |- - Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection. - If not defined, the `default` TLSOption is used. - More info: https://doc.traefik.io/traefik/v3.2/https/tls/#tls-options - properties: - name: - description: Name defines the name of the referenced Traefik - resource. - type: string - namespace: - description: Namespace defines the namespace of the referenced - Traefik resource. - type: string - required: - - name - type: object - passthrough: - description: Passthrough defines whether a TLS router will terminate - the TLS connection. - type: boolean - secretName: - description: SecretName is the name of the referenced Kubernetes - Secret to specify the certificate details. - type: string - store: - description: |- - Store defines the reference to the TLSStore, that will be used to store certificates. - Please note that only `default` TLSStore can be used. - properties: - name: - description: Name defines the name of the referenced Traefik - resource. - type: string - namespace: - description: Namespace defines the namespace of the referenced - Traefik resource. - type: string - required: - - name - type: object - type: object - required: - - routes - type: object - required: - - metadata - - spec - type: object - served: true - storage: true diff --git a/charts/traefik/traefik/crds/traefik.io_ingressrouteudps.yaml b/charts/traefik/traefik/crds/traefik.io_ingressrouteudps.yaml deleted file mode 100644 index a815d86..0000000 --- a/charts/traefik/traefik/crds/traefik.io_ingressrouteudps.yaml +++ /dev/null @@ -1,111 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.16.1 - name: ingressrouteudps.traefik.io -spec: - group: traefik.io - names: - kind: IngressRouteUDP - listKind: IngressRouteUDPList - plural: ingressrouteudps - singular: ingressrouteudp - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: IngressRouteUDP is a CRD implementation of a Traefik UDP Router. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: IngressRouteUDPSpec defines the desired state of a IngressRouteUDP. - properties: - entryPoints: - description: |- - EntryPoints defines the list of entry point names to bind to. - Entry points have to be configured in the static configuration. - More info: https://doc.traefik.io/traefik/v3.2/routing/entrypoints/ - Default: all. - items: - type: string - type: array - routes: - description: Routes defines the list of routes. - items: - description: RouteUDP holds the UDP route configuration. - properties: - services: - description: Services defines the list of UDP services. - items: - description: ServiceUDP defines an upstream UDP service to - proxy traffic to. - properties: - name: - description: Name defines the name of the referenced Kubernetes - Service. - type: string - namespace: - description: Namespace defines the namespace of the referenced - Kubernetes Service. - type: string - nativeLB: - description: |- - NativeLB controls, when creating the load-balancer, - whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP. - The Kubernetes Service itself does load-balance to the pods. - By default, NativeLB is false. - type: boolean - nodePortLB: - description: |- - NodePortLB controls, when creating the load-balancer, - whether the LB's children are directly the nodes internal IPs using the nodePort when the service type is NodePort. - It allows services to be reachable when Traefik runs externally from the Kubernetes cluster but within the same network of the nodes. - By default, NodePortLB is false. - type: boolean - port: - anyOf: - - type: integer - - type: string - description: |- - Port defines the port of a Kubernetes Service. - This can be a reference to a named port. - x-kubernetes-int-or-string: true - weight: - description: Weight defines the weight used when balancing - requests between multiple Kubernetes Service. - type: integer - required: - - name - - port - type: object - type: array - type: object - type: array - required: - - routes - type: object - required: - - metadata - - spec - type: object - served: true - storage: true diff --git a/charts/traefik/traefik/crds/traefik.io_middlewares.yaml b/charts/traefik/traefik/crds/traefik.io_middlewares.yaml deleted file mode 100644 index f3ea9fc..0000000 --- a/charts/traefik/traefik/crds/traefik.io_middlewares.yaml +++ /dev/null @@ -1,1126 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.16.1 - name: middlewares.traefik.io -spec: - group: traefik.io - names: - kind: Middleware - listKind: MiddlewareList - plural: middlewares - singular: middleware - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: |- - Middleware is the CRD implementation of a Traefik Middleware. - More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/overview/ - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: MiddlewareSpec defines the desired state of a Middleware. - properties: - addPrefix: - description: |- - AddPrefix holds the add prefix middleware configuration. - This middleware updates the path of a request before forwarding it. - More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/addprefix/ - properties: - prefix: - description: |- - Prefix is the string to add before the current path in the requested URL. - It should include a leading slash (/). - type: string - type: object - basicAuth: - description: |- - BasicAuth holds the basic auth middleware configuration. - This middleware restricts access to your services to known users. - More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/basicauth/ - properties: - headerField: - description: |- - HeaderField defines a header field to store the authenticated user. - More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/basicauth/#headerfield - type: string - realm: - description: |- - Realm allows the protected resources on a server to be partitioned into a set of protection spaces, each with its own authentication scheme. - Default: traefik. - type: string - removeHeader: - description: |- - RemoveHeader sets the removeHeader option to true to remove the authorization header before forwarding the request to your service. - Default: false. - type: boolean - secret: - description: Secret is the name of the referenced Kubernetes Secret - containing user credentials. - type: string - type: object - buffering: - description: |- - Buffering holds the buffering middleware configuration. - This middleware retries or limits the size of requests that can be forwarded to backends. - More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/buffering/#maxrequestbodybytes - properties: - maxRequestBodyBytes: - description: |- - MaxRequestBodyBytes defines the maximum allowed body size for the request (in bytes). - If the request exceeds the allowed size, it is not forwarded to the service, and the client gets a 413 (Request Entity Too Large) response. - Default: 0 (no maximum). - format: int64 - type: integer - maxResponseBodyBytes: - description: |- - MaxResponseBodyBytes defines the maximum allowed response size from the service (in bytes). - If the response exceeds the allowed size, it is not forwarded to the client. The client gets a 500 (Internal Server Error) response instead. - Default: 0 (no maximum). - format: int64 - type: integer - memRequestBodyBytes: - description: |- - MemRequestBodyBytes defines the threshold (in bytes) from which the request will be buffered on disk instead of in memory. - Default: 1048576 (1Mi). - format: int64 - type: integer - memResponseBodyBytes: - description: |- - MemResponseBodyBytes defines the threshold (in bytes) from which the response will be buffered on disk instead of in memory. - Default: 1048576 (1Mi). - format: int64 - type: integer - retryExpression: - description: |- - RetryExpression defines the retry conditions. - It is a logical combination of functions with operators AND (&&) and OR (||). - More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/buffering/#retryexpression - type: string - type: object - chain: - description: |- - Chain holds the configuration of the chain middleware. - This middleware enables to define reusable combinations of other pieces of middleware. - More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/chain/ - properties: - middlewares: - description: Middlewares is the list of MiddlewareRef which composes - the chain. - items: - description: MiddlewareRef is a reference to a Middleware resource. - properties: - name: - description: Name defines the name of the referenced Middleware - resource. - type: string - namespace: - description: Namespace defines the namespace of the referenced - Middleware resource. - type: string - required: - - name - type: object - type: array - type: object - circuitBreaker: - description: CircuitBreaker holds the circuit breaker configuration. - properties: - checkPeriod: - anyOf: - - type: integer - - type: string - description: CheckPeriod is the interval between successive checks - of the circuit breaker condition (when in standby state). - x-kubernetes-int-or-string: true - expression: - description: Expression is the condition that triggers the tripped - state. - type: string - fallbackDuration: - anyOf: - - type: integer - - type: string - description: FallbackDuration is the duration for which the circuit - breaker will wait before trying to recover (from a tripped state). - x-kubernetes-int-or-string: true - recoveryDuration: - anyOf: - - type: integer - - type: string - description: RecoveryDuration is the duration for which the circuit - breaker will try to recover (as soon as it is in recovering - state). - x-kubernetes-int-or-string: true - responseCode: - description: ResponseCode is the status code that the circuit - breaker will return while it is in the open state. - type: integer - type: object - compress: - description: |- - Compress holds the compress middleware configuration. - This middleware compresses responses before sending them to the client, using gzip, brotli, or zstd compression. - More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/compress/ - properties: - defaultEncoding: - description: DefaultEncoding specifies the default encoding if - the `Accept-Encoding` header is not in the request or contains - a wildcard (`*`). - type: string - encodings: - description: Encodings defines the list of supported compression - algorithms. - items: - type: string - type: array - excludedContentTypes: - description: |- - ExcludedContentTypes defines the list of content types to compare the Content-Type header of the incoming requests and responses before compressing. - `application/grpc` is always excluded. - items: - type: string - type: array - includedContentTypes: - description: IncludedContentTypes defines the list of content - types to compare the Content-Type header of the responses before - compressing. - items: - type: string - type: array - minResponseBodyBytes: - description: |- - MinResponseBodyBytes defines the minimum amount of bytes a response body must have to be compressed. - Default: 1024. - type: integer - type: object - contentType: - description: |- - ContentType holds the content-type middleware configuration. - This middleware exists to enable the correct behavior until at least the default one can be changed in a future version. - properties: - autoDetect: - description: |- - AutoDetect specifies whether to let the `Content-Type` header, if it has not been set by the backend, - be automatically set to a value derived from the contents of the response. - Deprecated: AutoDetect option is deprecated, Content-Type middleware is only meant to be used to enable the content-type detection, please remove any usage of this option. - type: boolean - type: object - digestAuth: - description: |- - DigestAuth holds the digest auth middleware configuration. - This middleware restricts access to your services to known users. - More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/digestauth/ - properties: - headerField: - description: |- - HeaderField defines a header field to store the authenticated user. - More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/basicauth/#headerfield - type: string - realm: - description: |- - Realm allows the protected resources on a server to be partitioned into a set of protection spaces, each with its own authentication scheme. - Default: traefik. - type: string - removeHeader: - description: RemoveHeader defines whether to remove the authorization - header before forwarding the request to the backend. - type: boolean - secret: - description: Secret is the name of the referenced Kubernetes Secret - containing user credentials. - type: string - type: object - errors: - description: |- - ErrorPage holds the custom error middleware configuration. - This middleware returns a custom page in lieu of the default, according to configured ranges of HTTP Status codes. - More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/errorpages/ - properties: - query: - description: |- - Query defines the URL for the error page (hosted by service). - The {status} variable can be used in order to insert the status code in the URL. - type: string - service: - description: |- - Service defines the reference to a Kubernetes Service that will serve the error page. - More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/errorpages/#service - properties: - healthCheck: - description: Healthcheck defines health checks for ExternalName - services. - properties: - followRedirects: - description: |- - FollowRedirects defines whether redirects should be followed during the health check calls. - Default: true - type: boolean - headers: - additionalProperties: - type: string - description: Headers defines custom headers to be sent - to the health check endpoint. - type: object - hostname: - description: Hostname defines the value of hostname in - the Host header of the health check request. - type: string - interval: - anyOf: - - type: integer - - type: string - description: |- - Interval defines the frequency of the health check calls. - Default: 30s - x-kubernetes-int-or-string: true - method: - description: Method defines the healthcheck method. - type: string - mode: - description: |- - Mode defines the health check mode. - If defined to grpc, will use the gRPC health check protocol to probe the server. - Default: http - type: string - path: - description: Path defines the server URL path for the - health check endpoint. - type: string - port: - description: Port defines the server URL port for the - health check endpoint. - type: integer - scheme: - description: Scheme replaces the server URL scheme for - the health check endpoint. - type: string - status: - description: Status defines the expected HTTP status code - of the response to the health check request. - type: integer - timeout: - anyOf: - - type: integer - - type: string - description: |- - Timeout defines the maximum duration Traefik will wait for a health check request before considering the server unhealthy. - Default: 5s - x-kubernetes-int-or-string: true - type: object - kind: - description: Kind defines the kind of the Service. - enum: - - Service - - TraefikService - type: string - name: - description: |- - Name defines the name of the referenced Kubernetes Service or TraefikService. - The differentiation between the two is specified in the Kind field. - type: string - namespace: - description: Namespace defines the namespace of the referenced - Kubernetes Service or TraefikService. - type: string - nativeLB: - description: |- - NativeLB controls, when creating the load-balancer, - whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP. - The Kubernetes Service itself does load-balance to the pods. - By default, NativeLB is false. - type: boolean - nodePortLB: - description: |- - NodePortLB controls, when creating the load-balancer, - whether the LB's children are directly the nodes internal IPs using the nodePort when the service type is NodePort. - It allows services to be reachable when Traefik runs externally from the Kubernetes cluster but within the same network of the nodes. - By default, NodePortLB is false. - type: boolean - passHostHeader: - description: |- - PassHostHeader defines whether the client Host header is forwarded to the upstream Kubernetes Service. - By default, passHostHeader is true. - type: boolean - port: - anyOf: - - type: integer - - type: string - description: |- - Port defines the port of a Kubernetes Service. - This can be a reference to a named port. - x-kubernetes-int-or-string: true - responseForwarding: - description: ResponseForwarding defines how Traefik forwards - the response from the upstream Kubernetes Service to the - client. - properties: - flushInterval: - description: |- - FlushInterval defines the interval, in milliseconds, in between flushes to the client while copying the response body. - A negative value means to flush immediately after each write to the client. - This configuration is ignored when ReverseProxy recognizes a response as a streaming response; - for such responses, writes are flushed to the client immediately. - Default: 100ms - type: string - type: object - scheme: - description: |- - Scheme defines the scheme to use for the request to the upstream Kubernetes Service. - It defaults to https when Kubernetes Service port is 443, http otherwise. - type: string - serversTransport: - description: |- - ServersTransport defines the name of ServersTransport resource to use. - It allows to configure the transport between Traefik and your servers. - Can only be used on a Kubernetes Service. - type: string - sticky: - description: |- - Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v3.2/routing/services/#sticky-sessions - properties: - cookie: - description: Cookie defines the sticky cookie configuration. - properties: - httpOnly: - description: HTTPOnly defines whether the cookie can - be accessed by client-side APIs, such as JavaScript. - type: boolean - maxAge: - description: |- - MaxAge indicates the number of seconds until the cookie expires. - When set to a negative number, the cookie expires immediately. - When set to zero, the cookie never expires. - type: integer - name: - description: Name defines the Cookie name. - type: string - sameSite: - description: |- - SameSite defines the same site policy. - More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite - type: string - secure: - description: Secure defines whether the cookie can - only be transmitted over an encrypted connection - (i.e. HTTPS). - type: boolean - type: object - type: object - strategy: - description: |- - Strategy defines the load balancing strategy between the servers. - RoundRobin is the only supported value at the moment. - type: string - weight: - description: |- - Weight defines the weight and should only be specified when Name references a TraefikService object - (and to be precise, one that embeds a Weighted Round Robin). - type: integer - required: - - name - type: object - status: - description: |- - Status defines which status or range of statuses should result in an error page. - It can be either a status code as a number (500), - as multiple comma-separated numbers (500,502), - as ranges by separating two codes with a dash (500-599), - or a combination of the two (404,418,500-599). - items: - type: string - type: array - type: object - forwardAuth: - description: |- - ForwardAuth holds the forward auth middleware configuration. - This middleware delegates the request authentication to a Service. - More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/forwardauth/ - properties: - addAuthCookiesToResponse: - description: AddAuthCookiesToResponse defines the list of cookies - to copy from the authentication server response to the response. - items: - type: string - type: array - address: - description: Address defines the authentication server address. - type: string - authRequestHeaders: - description: |- - AuthRequestHeaders defines the list of the headers to copy from the request to the authentication server. - If not set or empty then all request headers are passed. - items: - type: string - type: array - authResponseHeaders: - description: AuthResponseHeaders defines the list of headers to - copy from the authentication server response and set on forwarded - request, replacing any existing conflicting headers. - items: - type: string - type: array - authResponseHeadersRegex: - description: |- - AuthResponseHeadersRegex defines the regex to match headers to copy from the authentication server response and set on forwarded request, after stripping all headers that match the regex. - More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/forwardauth/#authresponseheadersregex - type: string - tls: - description: TLS defines the configuration used to secure the - connection to the authentication server. - properties: - caOptional: - description: 'Deprecated: TLS client authentication is a server - side option (see https://github.com/golang/go/blob/740a490f71d026bb7d2d13cb8fa2d6d6e0572b70/src/crypto/tls/common.go#L634).' - type: boolean - caSecret: - description: |- - CASecret is the name of the referenced Kubernetes Secret containing the CA to validate the server certificate. - The CA certificate is extracted from key `tls.ca` or `ca.crt`. - type: string - certSecret: - description: |- - CertSecret is the name of the referenced Kubernetes Secret containing the client certificate. - The client certificate is extracted from the keys `tls.crt` and `tls.key`. - type: string - insecureSkipVerify: - description: InsecureSkipVerify defines whether the server - certificates should be validated. - type: boolean - type: object - trustForwardHeader: - description: 'TrustForwardHeader defines whether to trust (ie: - forward) all X-Forwarded-* headers.' - type: boolean - type: object - grpcWeb: - description: |- - GrpcWeb holds the gRPC web middleware configuration. - This middleware converts a gRPC web request to an HTTP/2 gRPC request. - properties: - allowOrigins: - description: |- - AllowOrigins is a list of allowable origins. - Can also be a wildcard origin "*". - items: - type: string - type: array - type: object - headers: - description: |- - Headers holds the headers middleware configuration. - This middleware manages the requests and responses headers. - More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/headers/#customrequestheaders - properties: - accessControlAllowCredentials: - description: AccessControlAllowCredentials defines whether the - request can include user credentials. - type: boolean - accessControlAllowHeaders: - description: AccessControlAllowHeaders defines the Access-Control-Request-Headers - values sent in preflight response. - items: - type: string - type: array - accessControlAllowMethods: - description: AccessControlAllowMethods defines the Access-Control-Request-Method - values sent in preflight response. - items: - type: string - type: array - accessControlAllowOriginList: - description: AccessControlAllowOriginList is a list of allowable - origins. Can also be a wildcard origin "*". - items: - type: string - type: array - accessControlAllowOriginListRegex: - description: AccessControlAllowOriginListRegex is a list of allowable - origins written following the Regular Expression syntax (https://golang.org/pkg/regexp/). - items: - type: string - type: array - accessControlExposeHeaders: - description: AccessControlExposeHeaders defines the Access-Control-Expose-Headers - values sent in preflight response. - items: - type: string - type: array - accessControlMaxAge: - description: AccessControlMaxAge defines the time that a preflight - request may be cached. - format: int64 - type: integer - addVaryHeader: - description: AddVaryHeader defines whether the Vary header is - automatically added/updated when the AccessControlAllowOriginList - is set. - type: boolean - allowedHosts: - description: AllowedHosts defines the fully qualified list of - allowed domain names. - items: - type: string - type: array - browserXssFilter: - description: BrowserXSSFilter defines whether to add the X-XSS-Protection - header with the value 1; mode=block. - type: boolean - contentSecurityPolicy: - description: ContentSecurityPolicy defines the Content-Security-Policy - header value. - type: string - contentSecurityPolicyReportOnly: - description: ContentSecurityPolicyReportOnly defines the Content-Security-Policy-Report-Only - header value. - type: string - contentTypeNosniff: - description: ContentTypeNosniff defines whether to add the X-Content-Type-Options - header with the nosniff value. - type: boolean - customBrowserXSSValue: - description: |- - CustomBrowserXSSValue defines the X-XSS-Protection header value. - This overrides the BrowserXssFilter option. - type: string - customFrameOptionsValue: - description: |- - CustomFrameOptionsValue defines the X-Frame-Options header value. - This overrides the FrameDeny option. - type: string - customRequestHeaders: - additionalProperties: - type: string - description: CustomRequestHeaders defines the header names and - values to apply to the request. - type: object - customResponseHeaders: - additionalProperties: - type: string - description: CustomResponseHeaders defines the header names and - values to apply to the response. - type: object - featurePolicy: - description: 'Deprecated: FeaturePolicy option is deprecated, - please use PermissionsPolicy instead.' - type: string - forceSTSHeader: - description: ForceSTSHeader defines whether to add the STS header - even when the connection is HTTP. - type: boolean - frameDeny: - description: FrameDeny defines whether to add the X-Frame-Options - header with the DENY value. - type: boolean - hostsProxyHeaders: - description: HostsProxyHeaders defines the header keys that may - hold a proxied hostname value for the request. - items: - type: string - type: array - isDevelopment: - description: |- - IsDevelopment defines whether to mitigate the unwanted effects of the AllowedHosts, SSL, and STS options when developing. - Usually testing takes place using HTTP, not HTTPS, and on localhost, not your production domain. - If you would like your development environment to mimic production with complete Host blocking, SSL redirects, - and STS headers, leave this as false. - type: boolean - permissionsPolicy: - description: |- - PermissionsPolicy defines the Permissions-Policy header value. - This allows sites to control browser features. - type: string - publicKey: - description: PublicKey is the public key that implements HPKP - to prevent MITM attacks with forged certificates. - type: string - referrerPolicy: - description: |- - ReferrerPolicy defines the Referrer-Policy header value. - This allows sites to control whether browsers forward the Referer header to other sites. - type: string - sslForceHost: - description: 'Deprecated: SSLForceHost option is deprecated, please - use RedirectRegex instead.' - type: boolean - sslHost: - description: 'Deprecated: SSLHost option is deprecated, please - use RedirectRegex instead.' - type: string - sslProxyHeaders: - additionalProperties: - type: string - description: |- - SSLProxyHeaders defines the header keys with associated values that would indicate a valid HTTPS request. - It can be useful when using other proxies (example: "X-Forwarded-Proto": "https"). - type: object - sslRedirect: - description: 'Deprecated: SSLRedirect option is deprecated, please - use EntryPoint redirection or RedirectScheme instead.' - type: boolean - sslTemporaryRedirect: - description: 'Deprecated: SSLTemporaryRedirect option is deprecated, - please use EntryPoint redirection or RedirectScheme instead.' - type: boolean - stsIncludeSubdomains: - description: STSIncludeSubdomains defines whether the includeSubDomains - directive is appended to the Strict-Transport-Security header. - type: boolean - stsPreload: - description: STSPreload defines whether the preload flag is appended - to the Strict-Transport-Security header. - type: boolean - stsSeconds: - description: |- - STSSeconds defines the max-age of the Strict-Transport-Security header. - If set to 0, the header is not set. - format: int64 - type: integer - type: object - inFlightReq: - description: |- - InFlightReq holds the in-flight request middleware configuration. - This middleware limits the number of requests being processed and served concurrently. - More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/inflightreq/ - properties: - amount: - description: |- - Amount defines the maximum amount of allowed simultaneous in-flight request. - The middleware responds with HTTP 429 Too Many Requests if there are already amount requests in progress (based on the same sourceCriterion strategy). - format: int64 - type: integer - sourceCriterion: - description: |- - SourceCriterion defines what criterion is used to group requests as originating from a common source. - If several strategies are defined at the same time, an error will be raised. - If none are set, the default is to use the requestHost. - More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/inflightreq/#sourcecriterion - properties: - ipStrategy: - description: |- - IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP. - More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/ipallowlist/#ipstrategy - properties: - depth: - description: Depth tells Traefik to use the X-Forwarded-For - header and take the IP located at the depth position - (starting from the right). - type: integer - excludedIPs: - description: ExcludedIPs configures Traefik to scan the - X-Forwarded-For header and select the first IP not in - the list. - items: - type: string - type: array - ipv6Subnet: - description: IPv6Subnet configures Traefik to consider - all IPv6 addresses from the defined subnet as originating - from the same IP. Applies to RemoteAddrStrategy and - DepthStrategy. - type: integer - type: object - requestHeaderName: - description: RequestHeaderName defines the name of the header - used to group incoming requests. - type: string - requestHost: - description: RequestHost defines whether to consider the request - Host as the source. - type: boolean - type: object - type: object - ipAllowList: - description: |- - IPAllowList holds the IP allowlist middleware configuration. - This middleware limits allowed requests based on the client IP. - More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/ipallowlist/ - properties: - ipStrategy: - description: |- - IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP. - More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/ipallowlist/#ipstrategy - properties: - depth: - description: Depth tells Traefik to use the X-Forwarded-For - header and take the IP located at the depth position (starting - from the right). - type: integer - excludedIPs: - description: ExcludedIPs configures Traefik to scan the X-Forwarded-For - header and select the first IP not in the list. - items: - type: string - type: array - ipv6Subnet: - description: IPv6Subnet configures Traefik to consider all - IPv6 addresses from the defined subnet as originating from - the same IP. Applies to RemoteAddrStrategy and DepthStrategy. - type: integer - type: object - rejectStatusCode: - description: |- - RejectStatusCode defines the HTTP status code used for refused requests. - If not set, the default is 403 (Forbidden). - type: integer - sourceRange: - description: SourceRange defines the set of allowed IPs (or ranges - of allowed IPs by using CIDR notation). - items: - type: string - type: array - type: object - ipWhiteList: - description: 'Deprecated: please use IPAllowList instead.' - properties: - ipStrategy: - description: |- - IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP. - More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/ipallowlist/#ipstrategy - properties: - depth: - description: Depth tells Traefik to use the X-Forwarded-For - header and take the IP located at the depth position (starting - from the right). - type: integer - excludedIPs: - description: ExcludedIPs configures Traefik to scan the X-Forwarded-For - header and select the first IP not in the list. - items: - type: string - type: array - ipv6Subnet: - description: IPv6Subnet configures Traefik to consider all - IPv6 addresses from the defined subnet as originating from - the same IP. Applies to RemoteAddrStrategy and DepthStrategy. - type: integer - type: object - sourceRange: - description: SourceRange defines the set of allowed IPs (or ranges - of allowed IPs by using CIDR notation). Required. - items: - type: string - type: array - type: object - passTLSClientCert: - description: |- - PassTLSClientCert holds the pass TLS client cert middleware configuration. - This middleware adds the selected data from the passed client TLS certificate to a header. - More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/passtlsclientcert/ - properties: - info: - description: Info selects the specific client certificate details - you want to add to the X-Forwarded-Tls-Client-Cert-Info header. - properties: - issuer: - description: Issuer defines the client certificate issuer - details to add to the X-Forwarded-Tls-Client-Cert-Info header. - properties: - commonName: - description: CommonName defines whether to add the organizationalUnit - information into the issuer. - type: boolean - country: - description: Country defines whether to add the country - information into the issuer. - type: boolean - domainComponent: - description: DomainComponent defines whether to add the - domainComponent information into the issuer. - type: boolean - locality: - description: Locality defines whether to add the locality - information into the issuer. - type: boolean - organization: - description: Organization defines whether to add the organization - information into the issuer. - type: boolean - province: - description: Province defines whether to add the province - information into the issuer. - type: boolean - serialNumber: - description: SerialNumber defines whether to add the serialNumber - information into the issuer. - type: boolean - type: object - notAfter: - description: NotAfter defines whether to add the Not After - information from the Validity part. - type: boolean - notBefore: - description: NotBefore defines whether to add the Not Before - information from the Validity part. - type: boolean - sans: - description: Sans defines whether to add the Subject Alternative - Name information from the Subject Alternative Name part. - type: boolean - serialNumber: - description: SerialNumber defines whether to add the client - serialNumber information. - type: boolean - subject: - description: Subject defines the client certificate subject - details to add to the X-Forwarded-Tls-Client-Cert-Info header. - properties: - commonName: - description: CommonName defines whether to add the organizationalUnit - information into the subject. - type: boolean - country: - description: Country defines whether to add the country - information into the subject. - type: boolean - domainComponent: - description: DomainComponent defines whether to add the - domainComponent information into the subject. - type: boolean - locality: - description: Locality defines whether to add the locality - information into the subject. - type: boolean - organization: - description: Organization defines whether to add the organization - information into the subject. - type: boolean - organizationalUnit: - description: OrganizationalUnit defines whether to add - the organizationalUnit information into the subject. - type: boolean - province: - description: Province defines whether to add the province - information into the subject. - type: boolean - serialNumber: - description: SerialNumber defines whether to add the serialNumber - information into the subject. - type: boolean - type: object - type: object - pem: - description: PEM sets the X-Forwarded-Tls-Client-Cert header with - the certificate. - type: boolean - type: object - plugin: - additionalProperties: - x-kubernetes-preserve-unknown-fields: true - description: |- - Plugin defines the middleware plugin configuration. - More info: https://doc.traefik.io/traefik/plugins/ - type: object - rateLimit: - description: |- - RateLimit holds the rate limit configuration. - This middleware ensures that services will receive a fair amount of requests, and allows one to define what fair is. - More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/ratelimit/ - properties: - average: - description: |- - Average is the maximum rate, by default in requests/s, allowed for the given source. - It defaults to 0, which means no rate limiting. - The rate is actually defined by dividing Average by Period. So for a rate below 1req/s, - one needs to define a Period larger than a second. - format: int64 - type: integer - burst: - description: |- - Burst is the maximum number of requests allowed to arrive in the same arbitrarily small period of time. - It defaults to 1. - format: int64 - type: integer - period: - anyOf: - - type: integer - - type: string - description: |- - Period, in combination with Average, defines the actual maximum rate, such as: - r = Average / Period. It defaults to a second. - x-kubernetes-int-or-string: true - sourceCriterion: - description: |- - SourceCriterion defines what criterion is used to group requests as originating from a common source. - If several strategies are defined at the same time, an error will be raised. - If none are set, the default is to use the request's remote address field (as an ipStrategy). - properties: - ipStrategy: - description: |- - IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP. - More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/ipallowlist/#ipstrategy - properties: - depth: - description: Depth tells Traefik to use the X-Forwarded-For - header and take the IP located at the depth position - (starting from the right). - type: integer - excludedIPs: - description: ExcludedIPs configures Traefik to scan the - X-Forwarded-For header and select the first IP not in - the list. - items: - type: string - type: array - ipv6Subnet: - description: IPv6Subnet configures Traefik to consider - all IPv6 addresses from the defined subnet as originating - from the same IP. Applies to RemoteAddrStrategy and - DepthStrategy. - type: integer - type: object - requestHeaderName: - description: RequestHeaderName defines the name of the header - used to group incoming requests. - type: string - requestHost: - description: RequestHost defines whether to consider the request - Host as the source. - type: boolean - type: object - type: object - redirectRegex: - description: |- - RedirectRegex holds the redirect regex middleware configuration. - This middleware redirects a request using regex matching and replacement. - More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/redirectregex/#regex - properties: - permanent: - description: Permanent defines whether the redirection is permanent - (301). - type: boolean - regex: - description: Regex defines the regex used to match and capture - elements from the request URL. - type: string - replacement: - description: Replacement defines how to modify the URL to have - the new target URL. - type: string - type: object - redirectScheme: - description: |- - RedirectScheme holds the redirect scheme middleware configuration. - This middleware redirects requests from a scheme/port to another. - More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/redirectscheme/ - properties: - permanent: - description: Permanent defines whether the redirection is permanent - (301). - type: boolean - port: - description: Port defines the port of the new URL. - type: string - scheme: - description: Scheme defines the scheme of the new URL. - type: string - type: object - replacePath: - description: |- - ReplacePath holds the replace path middleware configuration. - This middleware replaces the path of the request URL and store the original path in an X-Replaced-Path header. - More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/replacepath/ - properties: - path: - description: Path defines the path to use as replacement in the - request URL. - type: string - type: object - replacePathRegex: - description: |- - ReplacePathRegex holds the replace path regex middleware configuration. - This middleware replaces the path of a URL using regex matching and replacement. - More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/replacepathregex/ - properties: - regex: - description: Regex defines the regular expression used to match - and capture the path from the request URL. - type: string - replacement: - description: Replacement defines the replacement path format, - which can include captured variables. - type: string - type: object - retry: - description: |- - Retry holds the retry middleware configuration. - This middleware reissues requests a given number of times to a backend server if that server does not reply. - As soon as the server answers, the middleware stops retrying, regardless of the response status. - More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/retry/ - properties: - attempts: - description: Attempts defines how many times the request should - be retried. - type: integer - initialInterval: - anyOf: - - type: integer - - type: string - description: |- - InitialInterval defines the first wait time in the exponential backoff series. - The maximum interval is calculated as twice the initialInterval. - If unspecified, requests will be retried immediately. - The value of initialInterval should be provided in seconds or as a valid duration format, - see https://pkg.go.dev/time#ParseDuration. - x-kubernetes-int-or-string: true - type: object - stripPrefix: - description: |- - StripPrefix holds the strip prefix middleware configuration. - This middleware removes the specified prefixes from the URL path. - More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/stripprefix/ - properties: - forceSlash: - description: |- - Deprecated: ForceSlash option is deprecated, please remove any usage of this option. - ForceSlash ensures that the resulting stripped path is not the empty string, by replacing it with / when necessary. - Default: true. - type: boolean - prefixes: - description: Prefixes defines the prefixes to strip from the request - URL. - items: - type: string - type: array - type: object - stripPrefixRegex: - description: |- - StripPrefixRegex holds the strip prefix regex middleware configuration. - This middleware removes the matching prefixes from the URL path. - More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/stripprefixregex/ - properties: - regex: - description: Regex defines the regular expression to match the - path prefix from the request URL. - items: - type: string - type: array - type: object - type: object - required: - - metadata - - spec - type: object - served: true - storage: true diff --git a/charts/traefik/traefik/crds/traefik.io_middlewaretcps.yaml b/charts/traefik/traefik/crds/traefik.io_middlewaretcps.yaml deleted file mode 100644 index fc23e11..0000000 --- a/charts/traefik/traefik/crds/traefik.io_middlewaretcps.yaml +++ /dev/null @@ -1,87 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.16.1 - name: middlewaretcps.traefik.io -spec: - group: traefik.io - names: - kind: MiddlewareTCP - listKind: MiddlewareTCPList - plural: middlewaretcps - singular: middlewaretcp - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: |- - MiddlewareTCP is the CRD implementation of a Traefik TCP middleware. - More info: https://doc.traefik.io/traefik/v3.2/middlewares/overview/ - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: MiddlewareTCPSpec defines the desired state of a MiddlewareTCP. - properties: - inFlightConn: - description: InFlightConn defines the InFlightConn middleware configuration. - properties: - amount: - description: |- - Amount defines the maximum amount of allowed simultaneous connections. - The middleware closes the connection if there are already amount connections opened. - format: int64 - type: integer - type: object - ipAllowList: - description: |- - IPAllowList defines the IPAllowList middleware configuration. - This middleware accepts/refuses connections based on the client IP. - More info: https://doc.traefik.io/traefik/v3.2/middlewares/tcp/ipallowlist/ - properties: - sourceRange: - description: SourceRange defines the allowed IPs (or ranges of - allowed IPs by using CIDR notation). - items: - type: string - type: array - type: object - ipWhiteList: - description: |- - IPWhiteList defines the IPWhiteList middleware configuration. - This middleware accepts/refuses connections based on the client IP. - Deprecated: please use IPAllowList instead. - More info: https://doc.traefik.io/traefik/v3.2/middlewares/tcp/ipwhitelist/ - properties: - sourceRange: - description: SourceRange defines the allowed IPs (or ranges of - allowed IPs by using CIDR notation). - items: - type: string - type: array - type: object - type: object - required: - - metadata - - spec - type: object - served: true - storage: true diff --git a/charts/traefik/traefik/crds/traefik.io_serverstransports.yaml b/charts/traefik/traefik/crds/traefik.io_serverstransports.yaml deleted file mode 100644 index fe2f129..0000000 --- a/charts/traefik/traefik/crds/traefik.io_serverstransports.yaml +++ /dev/null @@ -1,139 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.16.1 - name: serverstransports.traefik.io -spec: - group: traefik.io - names: - kind: ServersTransport - listKind: ServersTransportList - plural: serverstransports - singular: serverstransport - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: |- - ServersTransport is the CRD implementation of a ServersTransport. - If no serversTransport is specified, the default@internal will be used. - The default@internal serversTransport is created from the static configuration. - More info: https://doc.traefik.io/traefik/v3.2/routing/services/#serverstransport_1 - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: ServersTransportSpec defines the desired state of a ServersTransport. - properties: - certificatesSecrets: - description: CertificatesSecrets defines a list of secret storing - client certificates for mTLS. - items: - type: string - type: array - disableHTTP2: - description: DisableHTTP2 disables HTTP/2 for connections with backend - servers. - type: boolean - forwardingTimeouts: - description: ForwardingTimeouts defines the timeouts for requests - forwarded to the backend servers. - properties: - dialTimeout: - anyOf: - - type: integer - - type: string - description: DialTimeout is the amount of time to wait until a - connection to a backend server can be established. - x-kubernetes-int-or-string: true - idleConnTimeout: - anyOf: - - type: integer - - type: string - description: IdleConnTimeout is the maximum period for which an - idle HTTP keep-alive connection will remain open before closing - itself. - x-kubernetes-int-or-string: true - pingTimeout: - anyOf: - - type: integer - - type: string - description: PingTimeout is the timeout after which the HTTP/2 - connection will be closed if a response to ping is not received. - x-kubernetes-int-or-string: true - readIdleTimeout: - anyOf: - - type: integer - - type: string - description: ReadIdleTimeout is the timeout after which a health - check using ping frame will be carried out if no frame is received - on the HTTP/2 connection. - x-kubernetes-int-or-string: true - responseHeaderTimeout: - anyOf: - - type: integer - - type: string - description: ResponseHeaderTimeout is the amount of time to wait - for a server's response headers after fully writing the request - (including its body, if any). - x-kubernetes-int-or-string: true - type: object - insecureSkipVerify: - description: InsecureSkipVerify disables SSL certificate verification. - type: boolean - maxIdleConnsPerHost: - description: MaxIdleConnsPerHost controls the maximum idle (keep-alive) - to keep per-host. - type: integer - peerCertURI: - description: PeerCertURI defines the peer cert URI used to match against - SAN URI during the peer certificate verification. - type: string - rootCAsSecrets: - description: RootCAsSecrets defines a list of CA secret used to validate - self-signed certificate. - items: - type: string - type: array - serverName: - description: ServerName defines the server name used to contact the - server. - type: string - spiffe: - description: Spiffe defines the SPIFFE configuration. - properties: - ids: - description: IDs defines the allowed SPIFFE IDs (takes precedence - over the SPIFFE TrustDomain). - items: - type: string - type: array - trustDomain: - description: TrustDomain defines the allowed SPIFFE trust domain. - type: string - type: object - type: object - required: - - metadata - - spec - type: object - served: true - storage: true diff --git a/charts/traefik/traefik/crds/traefik.io_serverstransporttcps.yaml b/charts/traefik/traefik/crds/traefik.io_serverstransporttcps.yaml deleted file mode 100644 index 2f24c84..0000000 --- a/charts/traefik/traefik/crds/traefik.io_serverstransporttcps.yaml +++ /dev/null @@ -1,120 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.16.1 - name: serverstransporttcps.traefik.io -spec: - group: traefik.io - names: - kind: ServersTransportTCP - listKind: ServersTransportTCPList - plural: serverstransporttcps - singular: serverstransporttcp - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: |- - ServersTransportTCP is the CRD implementation of a TCPServersTransport. - If no tcpServersTransport is specified, a default one named default@internal will be used. - The default@internal tcpServersTransport can be configured in the static configuration. - More info: https://doc.traefik.io/traefik/v3.2/routing/services/#serverstransport_3 - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: ServersTransportTCPSpec defines the desired state of a ServersTransportTCP. - properties: - dialKeepAlive: - anyOf: - - type: integer - - type: string - description: DialKeepAlive is the interval between keep-alive probes - for an active network connection. If zero, keep-alive probes are - sent with a default value (currently 15 seconds), if supported by - the protocol and operating system. Network protocols or operating - systems that do not support keep-alives ignore this field. If negative, - keep-alive probes are disabled. - x-kubernetes-int-or-string: true - dialTimeout: - anyOf: - - type: integer - - type: string - description: DialTimeout is the amount of time to wait until a connection - to a backend server can be established. - x-kubernetes-int-or-string: true - terminationDelay: - anyOf: - - type: integer - - type: string - description: TerminationDelay defines the delay to wait before fully - terminating the connection, after one connected peer has closed - its writing capability. - x-kubernetes-int-or-string: true - tls: - description: TLS defines the TLS configuration - properties: - certificatesSecrets: - description: CertificatesSecrets defines a list of secret storing - client certificates for mTLS. - items: - type: string - type: array - insecureSkipVerify: - description: InsecureSkipVerify disables TLS certificate verification. - type: boolean - peerCertURI: - description: |- - MaxIdleConnsPerHost controls the maximum idle (keep-alive) to keep per-host. - PeerCertURI defines the peer cert URI used to match against SAN URI during the peer certificate verification. - type: string - rootCAsSecrets: - description: RootCAsSecrets defines a list of CA secret used to - validate self-signed certificates. - items: - type: string - type: array - serverName: - description: ServerName defines the server name used to contact - the server. - type: string - spiffe: - description: Spiffe defines the SPIFFE configuration. - properties: - ids: - description: IDs defines the allowed SPIFFE IDs (takes precedence - over the SPIFFE TrustDomain). - items: - type: string - type: array - trustDomain: - description: TrustDomain defines the allowed SPIFFE trust - domain. - type: string - type: object - type: object - type: object - required: - - metadata - - spec - type: object - served: true - storage: true diff --git a/charts/traefik/traefik/crds/traefik.io_tlsoptions.yaml b/charts/traefik/traefik/crds/traefik.io_tlsoptions.yaml deleted file mode 100644 index 498fc3c..0000000 --- a/charts/traefik/traefik/crds/traefik.io_tlsoptions.yaml +++ /dev/null @@ -1,114 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.16.1 - name: tlsoptions.traefik.io -spec: - group: traefik.io - names: - kind: TLSOption - listKind: TLSOptionList - plural: tlsoptions - singular: tlsoption - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: |- - TLSOption is the CRD implementation of a Traefik TLS Option, allowing to configure some parameters of the TLS connection. - More info: https://doc.traefik.io/traefik/v3.2/https/tls/#tls-options - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: TLSOptionSpec defines the desired state of a TLSOption. - properties: - alpnProtocols: - description: |- - ALPNProtocols defines the list of supported application level protocols for the TLS handshake, in order of preference. - More info: https://doc.traefik.io/traefik/v3.2/https/tls/#alpn-protocols - items: - type: string - type: array - cipherSuites: - description: |- - CipherSuites defines the list of supported cipher suites for TLS versions up to TLS 1.2. - More info: https://doc.traefik.io/traefik/v3.2/https/tls/#cipher-suites - items: - type: string - type: array - clientAuth: - description: ClientAuth defines the server's policy for TLS Client - Authentication. - properties: - clientAuthType: - description: ClientAuthType defines the client authentication - type to apply. - enum: - - NoClientCert - - RequestClientCert - - RequireAnyClientCert - - VerifyClientCertIfGiven - - RequireAndVerifyClientCert - type: string - secretNames: - description: SecretNames defines the names of the referenced Kubernetes - Secret storing certificate details. - items: - type: string - type: array - type: object - curvePreferences: - description: |- - CurvePreferences defines the preferred elliptic curves in a specific order. - More info: https://doc.traefik.io/traefik/v3.2/https/tls/#curve-preferences - items: - type: string - type: array - maxVersion: - description: |- - MaxVersion defines the maximum TLS version that Traefik will accept. - Possible values: VersionTLS10, VersionTLS11, VersionTLS12, VersionTLS13. - Default: None. - type: string - minVersion: - description: |- - MinVersion defines the minimum TLS version that Traefik will accept. - Possible values: VersionTLS10, VersionTLS11, VersionTLS12, VersionTLS13. - Default: VersionTLS10. - type: string - preferServerCipherSuites: - description: |- - PreferServerCipherSuites defines whether the server chooses a cipher suite among his own instead of among the client's. - It is enabled automatically when minVersion or maxVersion is set. - Deprecated: https://github.com/golang/go/issues/45430 - type: boolean - sniStrict: - description: SniStrict defines whether Traefik allows connections - from clients connections that do not specify a server_name extension. - type: boolean - type: object - required: - - metadata - - spec - type: object - served: true - storage: true diff --git a/charts/traefik/traefik/crds/traefik.io_tlsstores.yaml b/charts/traefik/traefik/crds/traefik.io_tlsstores.yaml deleted file mode 100644 index 7eacb77..0000000 --- a/charts/traefik/traefik/crds/traefik.io_tlsstores.yaml +++ /dev/null @@ -1,97 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.16.1 - name: tlsstores.traefik.io -spec: - group: traefik.io - names: - kind: TLSStore - listKind: TLSStoreList - plural: tlsstores - singular: tlsstore - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: |- - TLSStore is the CRD implementation of a Traefik TLS Store. - For the time being, only the TLSStore named default is supported. - This means that you cannot have two stores that are named default in different Kubernetes namespaces. - More info: https://doc.traefik.io/traefik/v3.2/https/tls/#certificates-stores - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: TLSStoreSpec defines the desired state of a TLSStore. - properties: - certificates: - description: Certificates is a list of secret names, each secret holding - a key/certificate pair to add to the store. - items: - description: Certificate holds a secret name for the TLSStore resource. - properties: - secretName: - description: SecretName is the name of the referenced Kubernetes - Secret to specify the certificate details. - type: string - required: - - secretName - type: object - type: array - defaultCertificate: - description: DefaultCertificate defines the default certificate configuration. - properties: - secretName: - description: SecretName is the name of the referenced Kubernetes - Secret to specify the certificate details. - type: string - required: - - secretName - type: object - defaultGeneratedCert: - description: DefaultGeneratedCert defines the default generated certificate - configuration. - properties: - domain: - description: Domain is the domain definition for the DefaultCertificate. - properties: - main: - description: Main defines the main domain name. - type: string - sans: - description: SANs defines the subject alternative domain names. - items: - type: string - type: array - type: object - resolver: - description: Resolver is the name of the resolver that will be - used to issue the DefaultCertificate. - type: string - type: object - type: object - required: - - metadata - - spec - type: object - served: true - storage: true diff --git a/charts/traefik/traefik/crds/traefik.io_traefikservices.yaml b/charts/traefik/traefik/crds/traefik.io_traefikservices.yaml deleted file mode 100644 index 01e28fc..0000000 --- a/charts/traefik/traefik/crds/traefik.io_traefikservices.yaml +++ /dev/null @@ -1,644 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.16.1 - name: traefikservices.traefik.io -spec: - group: traefik.io - names: - kind: TraefikService - listKind: TraefikServiceList - plural: traefikservices - singular: traefikservice - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: |- - TraefikService is the CRD implementation of a Traefik Service. - TraefikService object allows to: - - Apply weight to Services on load-balancing - - Mirror traffic on services - More info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#kind-traefikservice - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: TraefikServiceSpec defines the desired state of a TraefikService. - properties: - mirroring: - description: Mirroring defines the Mirroring service configuration. - properties: - healthCheck: - description: Healthcheck defines health checks for ExternalName - services. - properties: - followRedirects: - description: |- - FollowRedirects defines whether redirects should be followed during the health check calls. - Default: true - type: boolean - headers: - additionalProperties: - type: string - description: Headers defines custom headers to be sent to - the health check endpoint. - type: object - hostname: - description: Hostname defines the value of hostname in the - Host header of the health check request. - type: string - interval: - anyOf: - - type: integer - - type: string - description: |- - Interval defines the frequency of the health check calls. - Default: 30s - x-kubernetes-int-or-string: true - method: - description: Method defines the healthcheck method. - type: string - mode: - description: |- - Mode defines the health check mode. - If defined to grpc, will use the gRPC health check protocol to probe the server. - Default: http - type: string - path: - description: Path defines the server URL path for the health - check endpoint. - type: string - port: - description: Port defines the server URL port for the health - check endpoint. - type: integer - scheme: - description: Scheme replaces the server URL scheme for the - health check endpoint. - type: string - status: - description: Status defines the expected HTTP status code - of the response to the health check request. - type: integer - timeout: - anyOf: - - type: integer - - type: string - description: |- - Timeout defines the maximum duration Traefik will wait for a health check request before considering the server unhealthy. - Default: 5s - x-kubernetes-int-or-string: true - type: object - kind: - description: Kind defines the kind of the Service. - enum: - - Service - - TraefikService - type: string - maxBodySize: - description: |- - MaxBodySize defines the maximum size allowed for the body of the request. - If the body is larger, the request is not mirrored. - Default value is -1, which means unlimited size. - format: int64 - type: integer - mirrorBody: - description: |- - MirrorBody defines whether the body of the request should be mirrored. - Default value is true. - type: boolean - mirrors: - description: Mirrors defines the list of mirrors where Traefik - will duplicate the traffic. - items: - description: MirrorService holds the mirror configuration. - properties: - healthCheck: - description: Healthcheck defines health checks for ExternalName - services. - properties: - followRedirects: - description: |- - FollowRedirects defines whether redirects should be followed during the health check calls. - Default: true - type: boolean - headers: - additionalProperties: - type: string - description: Headers defines custom headers to be sent - to the health check endpoint. - type: object - hostname: - description: Hostname defines the value of hostname - in the Host header of the health check request. - type: string - interval: - anyOf: - - type: integer - - type: string - description: |- - Interval defines the frequency of the health check calls. - Default: 30s - x-kubernetes-int-or-string: true - method: - description: Method defines the healthcheck method. - type: string - mode: - description: |- - Mode defines the health check mode. - If defined to grpc, will use the gRPC health check protocol to probe the server. - Default: http - type: string - path: - description: Path defines the server URL path for the - health check endpoint. - type: string - port: - description: Port defines the server URL port for the - health check endpoint. - type: integer - scheme: - description: Scheme replaces the server URL scheme for - the health check endpoint. - type: string - status: - description: Status defines the expected HTTP status - code of the response to the health check request. - type: integer - timeout: - anyOf: - - type: integer - - type: string - description: |- - Timeout defines the maximum duration Traefik will wait for a health check request before considering the server unhealthy. - Default: 5s - x-kubernetes-int-or-string: true - type: object - kind: - description: Kind defines the kind of the Service. - enum: - - Service - - TraefikService - type: string - name: - description: |- - Name defines the name of the referenced Kubernetes Service or TraefikService. - The differentiation between the two is specified in the Kind field. - type: string - namespace: - description: Namespace defines the namespace of the referenced - Kubernetes Service or TraefikService. - type: string - nativeLB: - description: |- - NativeLB controls, when creating the load-balancer, - whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP. - The Kubernetes Service itself does load-balance to the pods. - By default, NativeLB is false. - type: boolean - nodePortLB: - description: |- - NodePortLB controls, when creating the load-balancer, - whether the LB's children are directly the nodes internal IPs using the nodePort when the service type is NodePort. - It allows services to be reachable when Traefik runs externally from the Kubernetes cluster but within the same network of the nodes. - By default, NodePortLB is false. - type: boolean - passHostHeader: - description: |- - PassHostHeader defines whether the client Host header is forwarded to the upstream Kubernetes Service. - By default, passHostHeader is true. - type: boolean - percent: - description: |- - Percent defines the part of the traffic to mirror. - Supported values: 0 to 100. - type: integer - port: - anyOf: - - type: integer - - type: string - description: |- - Port defines the port of a Kubernetes Service. - This can be a reference to a named port. - x-kubernetes-int-or-string: true - responseForwarding: - description: ResponseForwarding defines how Traefik forwards - the response from the upstream Kubernetes Service to the - client. - properties: - flushInterval: - description: |- - FlushInterval defines the interval, in milliseconds, in between flushes to the client while copying the response body. - A negative value means to flush immediately after each write to the client. - This configuration is ignored when ReverseProxy recognizes a response as a streaming response; - for such responses, writes are flushed to the client immediately. - Default: 100ms - type: string - type: object - scheme: - description: |- - Scheme defines the scheme to use for the request to the upstream Kubernetes Service. - It defaults to https when Kubernetes Service port is 443, http otherwise. - type: string - serversTransport: - description: |- - ServersTransport defines the name of ServersTransport resource to use. - It allows to configure the transport between Traefik and your servers. - Can only be used on a Kubernetes Service. - type: string - sticky: - description: |- - Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v3.2/routing/services/#sticky-sessions - properties: - cookie: - description: Cookie defines the sticky cookie configuration. - properties: - httpOnly: - description: HTTPOnly defines whether the cookie - can be accessed by client-side APIs, such as JavaScript. - type: boolean - maxAge: - description: |- - MaxAge indicates the number of seconds until the cookie expires. - When set to a negative number, the cookie expires immediately. - When set to zero, the cookie never expires. - type: integer - name: - description: Name defines the Cookie name. - type: string - sameSite: - description: |- - SameSite defines the same site policy. - More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite - type: string - secure: - description: Secure defines whether the cookie can - only be transmitted over an encrypted connection - (i.e. HTTPS). - type: boolean - type: object - type: object - strategy: - description: |- - Strategy defines the load balancing strategy between the servers. - RoundRobin is the only supported value at the moment. - type: string - weight: - description: |- - Weight defines the weight and should only be specified when Name references a TraefikService object - (and to be precise, one that embeds a Weighted Round Robin). - type: integer - required: - - name - type: object - type: array - name: - description: |- - Name defines the name of the referenced Kubernetes Service or TraefikService. - The differentiation between the two is specified in the Kind field. - type: string - namespace: - description: Namespace defines the namespace of the referenced - Kubernetes Service or TraefikService. - type: string - nativeLB: - description: |- - NativeLB controls, when creating the load-balancer, - whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP. - The Kubernetes Service itself does load-balance to the pods. - By default, NativeLB is false. - type: boolean - nodePortLB: - description: |- - NodePortLB controls, when creating the load-balancer, - whether the LB's children are directly the nodes internal IPs using the nodePort when the service type is NodePort. - It allows services to be reachable when Traefik runs externally from the Kubernetes cluster but within the same network of the nodes. - By default, NodePortLB is false. - type: boolean - passHostHeader: - description: |- - PassHostHeader defines whether the client Host header is forwarded to the upstream Kubernetes Service. - By default, passHostHeader is true. - type: boolean - port: - anyOf: - - type: integer - - type: string - description: |- - Port defines the port of a Kubernetes Service. - This can be a reference to a named port. - x-kubernetes-int-or-string: true - responseForwarding: - description: ResponseForwarding defines how Traefik forwards the - response from the upstream Kubernetes Service to the client. - properties: - flushInterval: - description: |- - FlushInterval defines the interval, in milliseconds, in between flushes to the client while copying the response body. - A negative value means to flush immediately after each write to the client. - This configuration is ignored when ReverseProxy recognizes a response as a streaming response; - for such responses, writes are flushed to the client immediately. - Default: 100ms - type: string - type: object - scheme: - description: |- - Scheme defines the scheme to use for the request to the upstream Kubernetes Service. - It defaults to https when Kubernetes Service port is 443, http otherwise. - type: string - serversTransport: - description: |- - ServersTransport defines the name of ServersTransport resource to use. - It allows to configure the transport between Traefik and your servers. - Can only be used on a Kubernetes Service. - type: string - sticky: - description: |- - Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v3.2/routing/services/#sticky-sessions - properties: - cookie: - description: Cookie defines the sticky cookie configuration. - properties: - httpOnly: - description: HTTPOnly defines whether the cookie can be - accessed by client-side APIs, such as JavaScript. - type: boolean - maxAge: - description: |- - MaxAge indicates the number of seconds until the cookie expires. - When set to a negative number, the cookie expires immediately. - When set to zero, the cookie never expires. - type: integer - name: - description: Name defines the Cookie name. - type: string - sameSite: - description: |- - SameSite defines the same site policy. - More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite - type: string - secure: - description: Secure defines whether the cookie can only - be transmitted over an encrypted connection (i.e. HTTPS). - type: boolean - type: object - type: object - strategy: - description: |- - Strategy defines the load balancing strategy between the servers. - RoundRobin is the only supported value at the moment. - type: string - weight: - description: |- - Weight defines the weight and should only be specified when Name references a TraefikService object - (and to be precise, one that embeds a Weighted Round Robin). - type: integer - required: - - name - type: object - weighted: - description: Weighted defines the Weighted Round Robin configuration. - properties: - services: - description: Services defines the list of Kubernetes Service and/or - TraefikService to load-balance, with weight. - items: - description: Service defines an upstream HTTP service to proxy - traffic to. - properties: - healthCheck: - description: Healthcheck defines health checks for ExternalName - services. - properties: - followRedirects: - description: |- - FollowRedirects defines whether redirects should be followed during the health check calls. - Default: true - type: boolean - headers: - additionalProperties: - type: string - description: Headers defines custom headers to be sent - to the health check endpoint. - type: object - hostname: - description: Hostname defines the value of hostname - in the Host header of the health check request. - type: string - interval: - anyOf: - - type: integer - - type: string - description: |- - Interval defines the frequency of the health check calls. - Default: 30s - x-kubernetes-int-or-string: true - method: - description: Method defines the healthcheck method. - type: string - mode: - description: |- - Mode defines the health check mode. - If defined to grpc, will use the gRPC health check protocol to probe the server. - Default: http - type: string - path: - description: Path defines the server URL path for the - health check endpoint. - type: string - port: - description: Port defines the server URL port for the - health check endpoint. - type: integer - scheme: - description: Scheme replaces the server URL scheme for - the health check endpoint. - type: string - status: - description: Status defines the expected HTTP status - code of the response to the health check request. - type: integer - timeout: - anyOf: - - type: integer - - type: string - description: |- - Timeout defines the maximum duration Traefik will wait for a health check request before considering the server unhealthy. - Default: 5s - x-kubernetes-int-or-string: true - type: object - kind: - description: Kind defines the kind of the Service. - enum: - - Service - - TraefikService - type: string - name: - description: |- - Name defines the name of the referenced Kubernetes Service or TraefikService. - The differentiation between the two is specified in the Kind field. - type: string - namespace: - description: Namespace defines the namespace of the referenced - Kubernetes Service or TraefikService. - type: string - nativeLB: - description: |- - NativeLB controls, when creating the load-balancer, - whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP. - The Kubernetes Service itself does load-balance to the pods. - By default, NativeLB is false. - type: boolean - nodePortLB: - description: |- - NodePortLB controls, when creating the load-balancer, - whether the LB's children are directly the nodes internal IPs using the nodePort when the service type is NodePort. - It allows services to be reachable when Traefik runs externally from the Kubernetes cluster but within the same network of the nodes. - By default, NodePortLB is false. - type: boolean - passHostHeader: - description: |- - PassHostHeader defines whether the client Host header is forwarded to the upstream Kubernetes Service. - By default, passHostHeader is true. - type: boolean - port: - anyOf: - - type: integer - - type: string - description: |- - Port defines the port of a Kubernetes Service. - This can be a reference to a named port. - x-kubernetes-int-or-string: true - responseForwarding: - description: ResponseForwarding defines how Traefik forwards - the response from the upstream Kubernetes Service to the - client. - properties: - flushInterval: - description: |- - FlushInterval defines the interval, in milliseconds, in between flushes to the client while copying the response body. - A negative value means to flush immediately after each write to the client. - This configuration is ignored when ReverseProxy recognizes a response as a streaming response; - for such responses, writes are flushed to the client immediately. - Default: 100ms - type: string - type: object - scheme: - description: |- - Scheme defines the scheme to use for the request to the upstream Kubernetes Service. - It defaults to https when Kubernetes Service port is 443, http otherwise. - type: string - serversTransport: - description: |- - ServersTransport defines the name of ServersTransport resource to use. - It allows to configure the transport between Traefik and your servers. - Can only be used on a Kubernetes Service. - type: string - sticky: - description: |- - Sticky defines the sticky sessions configuration. - More info: https://doc.traefik.io/traefik/v3.2/routing/services/#sticky-sessions - properties: - cookie: - description: Cookie defines the sticky cookie configuration. - properties: - httpOnly: - description: HTTPOnly defines whether the cookie - can be accessed by client-side APIs, such as JavaScript. - type: boolean - maxAge: - description: |- - MaxAge indicates the number of seconds until the cookie expires. - When set to a negative number, the cookie expires immediately. - When set to zero, the cookie never expires. - type: integer - name: - description: Name defines the Cookie name. - type: string - sameSite: - description: |- - SameSite defines the same site policy. - More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite - type: string - secure: - description: Secure defines whether the cookie can - only be transmitted over an encrypted connection - (i.e. HTTPS). - type: boolean - type: object - type: object - strategy: - description: |- - Strategy defines the load balancing strategy between the servers. - RoundRobin is the only supported value at the moment. - type: string - weight: - description: |- - Weight defines the weight and should only be specified when Name references a TraefikService object - (and to be precise, one that embeds a Weighted Round Robin). - type: integer - required: - - name - type: object - type: array - sticky: - description: |- - Sticky defines whether sticky sessions are enabled. - More info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#stickiness-and-load-balancing - properties: - cookie: - description: Cookie defines the sticky cookie configuration. - properties: - httpOnly: - description: HTTPOnly defines whether the cookie can be - accessed by client-side APIs, such as JavaScript. - type: boolean - maxAge: - description: |- - MaxAge indicates the number of seconds until the cookie expires. - When set to a negative number, the cookie expires immediately. - When set to zero, the cookie never expires. - type: integer - name: - description: Name defines the Cookie name. - type: string - sameSite: - description: |- - SameSite defines the same site policy. - More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite - type: string - secure: - description: Secure defines whether the cookie can only - be transmitted over an encrypted connection (i.e. HTTPS). - type: boolean - type: object - type: object - type: object - type: object - required: - - metadata - - spec - type: object - served: true - storage: true diff --git a/charts/traefik/traefik/templates/NOTES.txt b/charts/traefik/traefik/templates/NOTES.txt deleted file mode 100644 index a1a10bf..0000000 --- a/charts/traefik/traefik/templates/NOTES.txt +++ /dev/null @@ -1,36 +0,0 @@ - - -{{ .Release.Name }} with {{ .Values.image.registry }}/{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }} has been deployed successfully on {{ template "traefik.namespace" . }} namespace ! - -{{- if .Values.persistence }} -{{- if and .Values.persistence.enabled (empty .Values.deployment.initContainer)}} - -🚨 When enabling persistence for certificates, permissions on acme.json can be -lost when Traefik restarts. You can ensure correct permissions with an -initContainer. See https://github.com/traefik/traefik-helm-chart/blob/master/EXAMPLES.md#use-traefik-native-lets-encrypt-integration-without-cert-manager -for more info. 🚨 - -{{- end }} -{{- end }} -{{- with .Values.providers.kubernetesCRD.labelSelector }} - {{- $labelsApplied := include "traefik.labels" $ }} - {{- $labelSelectors := regexSplit "," . -1 }} - {{- range $labelSelectors }} - {{- $labelSelectorRaw := regexSplit "=" . -1 }} - {{- $labelSelector := printf "%s: %s" (first $labelSelectorRaw) (last $labelSelectorRaw) }} - {{- if not (contains $labelSelector $labelsApplied) }} -🚨 Resources populated with this chart don't match with labelSelector `{{.}}` applied on kubernetesCRD provider 🚨 - {{- end }} - {{- end }} -{{- end }} -{{- with .Values.providers.kubernetesIngress.labelSelector }} - {{- $labelsApplied := include "traefik.labels" $ }} - {{- $labelSelectors := regexSplit "," . -1 }} - {{- range $labelSelectors }} - {{- $labelSelectorRaw := regexSplit "=" . -1 }} - {{- $labelSelector := printf "%s: %s" (first $labelSelectorRaw) (last $labelSelectorRaw) }} - {{- if not (contains $labelSelector $labelsApplied) }} -🚨 Resources populated with this chart don't match with labelSelector `{{.}}` applied on kubernetesIngress provider 🚨 - {{- end }} - {{- end }} -{{- end }} diff --git a/charts/traefik/traefik/templates/_helpers.tpl b/charts/traefik/traefik/templates/_helpers.tpl deleted file mode 100644 index 284e912..0000000 --- a/charts/traefik/traefik/templates/_helpers.tpl +++ /dev/null @@ -1,178 +0,0 @@ -{{/* vim: set filetype=mustache: */}} - -{{/* -Expand the name of the chart. -*/}} -{{- define "traefik.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "traefik.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create the chart image name. -*/}} -{{- define "traefik.image-name" -}} -{{- printf "%s/%s:%s" .Values.image.registry .Values.image.repository (.Values.image.tag | default .Chart.AppVersion) }} -{{- end -}} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "traefik.fullname" -}} -{{- if .Values.fullnameOverride -}} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- $name := default .Chart.Name .Values.nameOverride -}} -{{- if contains $name .Release.Name -}} -{{- .Release.Name | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} -{{- end -}} -{{- end -}} -{{- end -}} - -{{/* -Allow customization of the instance label value. -*/}} -{{- define "traefik.instance-name" -}} -{{- default (printf "%s-%s" .Release.Name .Release.Namespace) .Values.instanceLabelOverride | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* Shared labels used for selector*/}} -{{/* This is an immutable field: this should not change between upgrade */}} -{{- define "traefik.labelselector" -}} -app.kubernetes.io/name: {{ template "traefik.name" . }} -app.kubernetes.io/instance: {{ template "traefik.instance-name" . }} -{{- end }} - -{{/* Shared labels used in metada */}} -{{- define "traefik.labels" -}} -{{ include "traefik.labelselector" . }} -helm.sh/chart: {{ template "traefik.chart" . }} -app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- with .Values.commonLabels }} -{{ toYaml . }} -{{- end }} -{{- end }} - -{{/* -Construct the namespace for all namespaced resources -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -Preserve the default behavior of the Release namespace if no override is provided -*/}} -{{- define "traefik.namespace" -}} -{{- if .Values.namespaceOverride -}} -{{- .Values.namespaceOverride | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- .Release.Namespace -}} -{{- end -}} -{{- end -}} - -{{/* -The name of the service account to use -*/}} -{{- define "traefik.serviceAccountName" -}} -{{- default (include "traefik.fullname" .) .Values.serviceAccount.name -}} -{{- end -}} - -{{/* -The name of the ClusterRole and ClusterRoleBinding to use. -Adds the namespace to name to prevent duplicate resource names when there -are multiple namespaced releases with the same release name. -*/}} -{{- define "traefik.clusterRoleName" -}} -{{- (printf "%s-%s" (include "traefik.fullname" .) .Release.Namespace) | trunc 63 | trimSuffix "-" }} -{{- end -}} - -{{/* -Construct the path for the providers.kubernetesingress.ingressendpoint.publishedservice. -By convention this will simply use the / to match the name of the -service generated. -Users can provide an override for an explicit service they want bound via `.Values.providers.kubernetesIngress.publishedService.pathOverride` -*/}} -{{- define "providers.kubernetesIngress.publishedServicePath" -}} -{{- $defServiceName := printf "%s/%s" .Release.Namespace (include "traefik.fullname" .) -}} -{{- $servicePath := default $defServiceName .Values.providers.kubernetesIngress.publishedService.pathOverride }} -{{- print $servicePath | trimSuffix "-" -}} -{{- end -}} - -{{/* -Construct a comma-separated list of whitelisted namespaces -*/}} -{{- define "providers.kubernetesCRD.namespaces" -}} -{{- default (include "traefik.namespace" .) (join "," .Values.providers.kubernetesCRD.namespaces) }} -{{- end -}} -{{- define "providers.kubernetesGateway.namespaces" -}} -{{- default (include "traefik.namespace" .) (join "," .Values.providers.kubernetesGateway.namespaces) }} -{{- end -}} -{{- define "providers.kubernetesIngress.namespaces" -}} -{{- default (include "traefik.namespace" .) (join "," .Values.providers.kubernetesIngress.namespaces) }} -{{- end -}} - -{{/* -Renders a complete tree, even values that contains template. -*/}} -{{- define "traefik.render" -}} - {{- if typeIs "string" .value }} - {{- tpl .value .context }} - {{ else }} - {{- tpl (.value | toYaml) .context }} - {{- end }} -{{- end -}} - -{{- define "imageVersion" -}} -{{/* -Traefik hub is based on v3.1 (v3.0 before v3.3.1) of traefik proxy, so this is a hack to avoid to much complexity in RBAC management which are -based on semverCompare -*/}} -{{- if $.Values.hub.token -}} -{{ if and (regexMatch "v[0-9]+.[0-9]+.[0-9]+" (default "" $.Values.image.tag)) (semverCompare "=3.1.2-0" $version) }} - - "--providers.kubernetescrd.disableClusterScopeResources=true" - {{- end }} - {{- if .Values.providers.kubernetesCRD.nativeLBByDefault }} - - "--providers.kubernetescrd.nativeLBByDefault=true" - {{- end }} - {{- end }} - {{- if .Values.providers.kubernetesIngress.enabled }} - - "--providers.kubernetesingress" - {{- if .Values.providers.kubernetesIngress.allowExternalNameServices }} - - "--providers.kubernetesingress.allowExternalNameServices=true" - {{- end }} - {{- if .Values.providers.kubernetesIngress.allowEmptyServices }} - - "--providers.kubernetesingress.allowEmptyServices=true" - {{- end }} - {{- if and .Values.service.enabled .Values.providers.kubernetesIngress.publishedService.enabled }} - - "--providers.kubernetesingress.ingressendpoint.publishedservice={{ template "providers.kubernetesIngress.publishedServicePath" . }}" - {{- end }} - {{- if .Values.providers.kubernetesIngress.labelSelector }} - - "--providers.kubernetesingress.labelSelector={{ .Values.providers.kubernetesIngress.labelSelector }}" - {{- end }} - {{- if .Values.providers.kubernetesIngress.ingressClass }} - - "--providers.kubernetesingress.ingressClass={{ .Values.providers.kubernetesIngress.ingressClass }}" - {{- end }} - {{- if .Values.rbac.namespaced }} - {{- if semverCompare "<3.1.5-0" $version }} - - "--providers.kubernetesingress.disableIngressClassLookup=true" - {{- if semverCompare ">=3.1.2-0" $version }} - - "--providers.kubernetesingress.disableClusterScopeResources=true" - {{- end }} - {{- else }} - - "--providers.kubernetesingress.disableClusterScopeResources=true" - {{- end }} - {{- end }} - {{- if .Values.providers.kubernetesIngress.nativeLBByDefault }} - - "--providers.kubernetesingress.nativeLBByDefault=true" - {{- end }} - {{- end }} - {{- if .Values.experimental.kubernetesGateway.enabled }} - - "--experimental.kubernetesgateway" - {{- end }} - {{- with .Values.providers.kubernetesCRD }} - {{- if (and .enabled (or .namespaces (and $.Values.rbac.enabled $.Values.rbac.namespaced))) }} - - "--providers.kubernetescrd.namespaces={{ template "providers.kubernetesCRD.namespaces" $ }}" - {{- end }} - {{- end }} - {{- with .Values.providers.kubernetesGateway }} - {{- if .enabled }} - - "--providers.kubernetesgateway" - {{- with .statusAddress }} - {{- with .ip }} - - "--providers.kubernetesgateway.statusaddress.ip={{ . }}" - {{- end }} - {{- with .hostname }} - - "--providers.kubernetesgateway.statusaddress.hostname={{ . }}" - {{- end }} - {{- with .service }} - - "--providers.kubernetesgateway.statusaddress.service.name={{ tpl .name $ }}" - - "--providers.kubernetesgateway.statusaddress.service.namespace={{ tpl .namespace $ }}" - {{- end }} - {{- end }} - {{- if or .namespaces (and $.Values.rbac.enabled $.Values.rbac.namespaced) }} - - "--providers.kubernetesgateway.namespaces={{ template "providers.kubernetesGateway.namespaces" $ }}" - {{- end }} - {{- if .experimentalChannel }} - - "--providers.kubernetesgateway.experimentalchannel=true" - {{- end }} - {{- with .labelselector }} - - "--providers.kubernetesgateway.labelselector={{ . }}" - {{- end }} - {{- end }} - {{- end }} - {{- with .Values.providers.kubernetesIngress }} - {{- if (and .enabled (or .namespaces (and $.Values.rbac.enabled $.Values.rbac.namespaced))) }} - - "--providers.kubernetesingress.namespaces={{ template "providers.kubernetesIngress.namespaces" $ }}" - {{- end }} - {{- end }} - {{- with .Values.providers.file }} - {{- if .enabled }} - - "--providers.file.directory=/etc/traefik/dynamic" - {{- if .watch }} - - "--providers.file.watch=true" - {{- end }} - {{- end }} - {{- end }} - {{- range $entrypoint, $config := $.Values.ports }} - {{- if $config }} - {{- if $config.redirectTo }} - {{- $toPort := index $.Values.ports $config.redirectTo.port }} - - "--entryPoints.{{ $entrypoint }}.http.redirections.entryPoint.to=:{{ $toPort.exposedPort }}" - - "--entryPoints.{{ $entrypoint }}.http.redirections.entryPoint.scheme=https" - {{- if $config.redirectTo.priority }} - - "--entryPoints.{{ $entrypoint }}.http.redirections.entryPoint.priority={{ $config.redirectTo.priority }}" - {{- end }} - {{- if $config.redirectTo.permanent }} - - "--entryPoints.{{ $entrypoint }}.http.redirections.entryPoint.permanent=true" - {{- end }} - {{- end }} - {{- if $config.middlewares }} - - "--entryPoints.{{ $entrypoint }}.http.middlewares={{ join "," $config.middlewares }}" - {{- end }} - {{- if $config.tls }} - {{- if $config.tls.enabled }} - - "--entryPoints.{{ $entrypoint }}.http.tls=true" - {{- if $config.tls.options }} - - "--entryPoints.{{ $entrypoint }}.http.tls.options={{ $config.tls.options }}" - {{- end }} - {{- if $config.tls.certResolver }} - - "--entryPoints.{{ $entrypoint }}.http.tls.certResolver={{ $config.tls.certResolver }}" - {{- end }} - {{- if $config.tls.domains }} - {{- range $index, $domain := $config.tls.domains }} - {{- if $domain.main }} - - "--entryPoints.{{ $entrypoint }}.http.tls.domains[{{ $index }}].main={{ $domain.main }}" - {{- end }} - {{- if $domain.sans }} - - "--entryPoints.{{ $entrypoint }}.http.tls.domains[{{ $index }}].sans={{ join "," $domain.sans }}" - {{- end }} - {{- end }} - {{- end }} - {{- if $config.http3 }} - {{- if $config.http3.enabled }} - - "--entryPoints.{{ $entrypoint }}.http3" - {{- if $config.http3.advertisedPort }} - - "--entryPoints.{{ $entrypoint }}.http3.advertisedPort={{ $config.http3.advertisedPort }}" - {{- end }} - {{- end }} - {{- end }} - {{- end }} - {{- end }} - {{- if $config.allowACMEByPass }} - {{- if (semverCompare "<3.1.3-0" $version) }} - {{- fail "ERROR: allowACMEByPass has been introduced with Traefik v3.1.3+" -}} - {{- end }} - - "--entryPoints.name.allowACMEByPass=true" - {{- end }} - {{- if $config.forwardedHeaders }} - {{- if $config.forwardedHeaders.trustedIPs }} - - "--entryPoints.{{ $entrypoint }}.forwardedHeaders.trustedIPs={{ join "," $config.forwardedHeaders.trustedIPs }}" - {{- end }} - {{- if $config.forwardedHeaders.insecure }} - - "--entryPoints.{{ $entrypoint }}.forwardedHeaders.insecure" - {{- end }} - {{- end }} - {{- if $config.proxyProtocol }} - {{- if $config.proxyProtocol.trustedIPs }} - - "--entryPoints.{{ $entrypoint }}.proxyProtocol.trustedIPs={{ join "," $config.proxyProtocol.trustedIPs }}" - {{- end }} - {{- if $config.proxyProtocol.insecure }} - - "--entryPoints.{{ $entrypoint }}.proxyProtocol.insecure" - {{- end }} - {{- end }} - {{- with $config.transport }} - {{- with .respondingTimeouts }} - {{- if and (ne .readTimeout nil) (toString .readTimeout) }} - - "--entryPoints.{{ $entrypoint }}.transport.respondingTimeouts.readTimeout={{ .readTimeout }}" - {{- end }} - {{- if and (ne .writeTimeout nil) (toString .writeTimeout) }} - - "--entryPoints.{{ $entrypoint }}.transport.respondingTimeouts.writeTimeout={{ .writeTimeout }}" - {{- end }} - {{- if and (ne .idleTimeout nil) (toString .idleTimeout) }} - - "--entryPoints.{{ $entrypoint }}.transport.respondingTimeouts.idleTimeout={{ .idleTimeout }}" - {{- end }} - {{- end }} - {{- with .lifeCycle }} - {{- if and (ne .requestAcceptGraceTimeout nil) (toString .requestAcceptGraceTimeout) }} - - "--entryPoints.{{ $entrypoint }}.transport.lifeCycle.requestAcceptGraceTimeout={{ .requestAcceptGraceTimeout }}" - {{- end }} - {{- if and (ne .graceTimeOut nil) (toString .graceTimeOut) }} - - "--entryPoints.{{ $entrypoint }}.transport.lifeCycle.graceTimeOut={{ .graceTimeOut }}" - {{- end }} - {{- end }} - {{- if and (ne .keepAliveMaxRequests nil) (toString .keepAliveMaxRequests) }} - - "--entryPoints.{{ $entrypoint }}.transport.keepAliveMaxRequests={{ .keepAliveMaxRequests }}" - {{- end }} - {{- if and (ne .keepAliveMaxTime nil) (toString .keepAliveMaxTime) }} - - "--entryPoints.{{ $entrypoint }}.transport.keepAliveMaxTime={{ .keepAliveMaxTime }}" - {{- end }} - {{- end }} - {{- end }} - {{- end }} - {{- with .Values.logs }} - {{- if and .general.format (not (has .general.format (list "common" "json"))) }} - {{- fail "ERROR: .Values.logs.general.format must be either common or json" }} - {{- end }} - {{- with .general.format }} - - "--log.format={{ . }}" - {{- end }} - {{- with .general.filePath }} - - "--log.filePath={{ . }}" - {{- end }} - {{- if and (or (eq .general.format "common") (not .general.format)) (eq .general.noColor true) }} - - "--log.noColor={{ .general.noColor }}" - {{- end }} - {{- with .general.level }} - - "--log.level={{ . | upper }}" - {{- end }} - {{- if .access.enabled }} - - "--accesslog=true" - {{- with .access.format }} - - "--accesslog.format={{ . }}" - {{- end }} - {{- with .access.filePath }} - - "--accesslog.filepath={{ . }}" - {{- end }} - {{- if .access.addInternals }} - - "--accesslog.addinternals" - {{- end }} - {{- with .access.bufferingSize }} - - "--accesslog.bufferingsize={{ . }}" - {{- end }} - {{- with .access.filters }} - {{- with .statuscodes }} - - "--accesslog.filters.statuscodes={{ . }}" - {{- end }} - {{- if .retryattempts }} - - "--accesslog.filters.retryattempts" - {{- end }} - {{- with .minduration }} - - "--accesslog.filters.minduration={{ . }}" - {{- end }} - {{- end }} - - "--accesslog.fields.defaultmode={{ .access.fields.general.defaultmode }}" - {{- range $fieldname, $fieldaction := .access.fields.general.names }} - - "--accesslog.fields.names.{{ $fieldname }}={{ $fieldaction }}" - {{- end }} - - "--accesslog.fields.headers.defaultmode={{ .access.fields.headers.defaultmode }}" - {{- range $fieldname, $fieldaction := .access.fields.headers.names }} - - "--accesslog.fields.headers.names.{{ $fieldname }}={{ $fieldaction }}" - {{- end }} - {{- end }} - {{- end }} - {{- include "traefik.yaml2CommandLineArgs" (dict "path" "certificatesresolvers" "content" $.Values.certificatesResolvers) | nindent 10 }} - {{- with .Values.additionalArguments }} - {{- range . }} - - {{ . | quote }} - {{- end }} - {{- end }} - {{- with .Values.hub }} - {{- if .token }} - - "--hub.token=$(HUB_TOKEN)" - {{- if and (not .apimanagement.enabled) ($.Values.hub.apimanagement.admission.listenAddr) }} - {{- fail "ERROR: Cannot configure admission without enabling hub.apimanagement" }} - {{- end }} - {{- with .apimanagement }} - {{- if .enabled }} - {{- $listenAddr := default ":9943" .admission.listenAddr }} - - "--hub.apimanagement" - - "--hub.apimanagement.admission.listenAddr={{ $listenAddr }}" - {{- with .admission.secretName }} - - "--hub.apimanagement.admission.secretName={{ . }}" - {{- end }} - {{- end }} - {{- end }} - {{- with .platformUrl }} - - "--hub.platformUrl={{ . }}" - {{- end -}} - {{- range $field, $value := .redis }} - {{- if has $field (list "cluster" "database" "endpoints" "username" "password" "timeout") -}} - {{- with $value }} - - "--hub.redis.{{ $field }}={{ $value }}" - {{- end }} - {{- end }} - {{- end }} - {{- range $field, $value := .redis.sentinel }} - {{- if has $field (list "masterset" "password" "username") -}} - {{- with $value }} - - "--hub.redis.sentinel.{{ $field }}={{ $value }}" - {{- end }} - {{- end }} - {{- end }} - {{- range $field, $value := .redis.tls }} - {{- if has $field (list "ca" "cert" "insecureSkipVerify" "key") -}} - {{- with $value }} - - "--hub.redis.tls.{{ $field }}={{ $value }}" - {{- end }} - {{- end }} - {{- end }} - {{- with .sendlogs }} - - "--hub.sendlogs={{ . }}" - {{- end }} - {{- end }} - {{- end }} - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - {{- if ($.Values.resources.limits).cpu }} - - name: GOMAXPROCS - valueFrom: - resourceFieldRef: - resource: limits.cpu - divisor: '1' - {{- end }} - {{- if ($.Values.resources.limits).memory }} - - name: GOMEMLIMIT - valueFrom: - resourceFieldRef: - resource: limits.memory - divisor: '1' - {{- end }} - {{- with .Values.hub.token }} - - name: HUB_TOKEN - valueFrom: - secretKeyRef: - name: {{ . }} - key: token - {{- end }} - {{- with .Values.env }} - {{- toYaml . | nindent 10 }} - {{- end }} - {{- with .Values.envFrom }} - envFrom: - {{- toYaml . | nindent 10 }} - {{- end }} - {{- if .Values.deployment.additionalContainers }} - {{- toYaml .Values.deployment.additionalContainers | nindent 6 }} - {{- end }} - volumes: - - name: {{ .Values.persistence.name }} - {{- if .Values.persistence.enabled }} - persistentVolumeClaim: - claimName: {{ default (include "traefik.fullname" .) .Values.persistence.existingClaim }} - {{- else }} - emptyDir: {} - {{- end }} - - name: tmp - emptyDir: {} - {{- $root := . }} - {{- range .Values.volumes }} - - name: {{ tpl (.name) $root | replace "." "-" }} - {{- if eq .type "secret" }} - secret: - secretName: {{ tpl (.name) $root }} - {{- else if eq .type "configMap" }} - configMap: - name: {{ tpl (.name) $root }} - {{- end }} - {{- end }} - {{- if .Values.deployment.additionalVolumes }} - {{- toYaml .Values.deployment.additionalVolumes | nindent 8 }} - {{- end }} - {{- if gt (len .Values.experimental.plugins) 0 }} - - name: plugins - emptyDir: {} - {{- end }} - {{- if .Values.providers.file.enabled }} - - name: traefik-extra-config - configMap: - name: {{ template "traefik.fullname" . }}-file-provider - {{- end }} - {{- if .Values.affinity }} - affinity: - {{- tpl (toYaml .Values.affinity) . | nindent 8 }} - {{- end }} - {{- with .Values.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- if .Values.priorityClassName }} - priorityClassName: {{ .Values.priorityClassName }} - {{- end }} - {{- with .Values.podSecurityContext }} - securityContext: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- if .Values.topologySpreadConstraints }} - {{- if (semverCompare "<1.19.0-0" .Capabilities.KubeVersion.Version) }} - {{- fail "ERROR: topologySpreadConstraints are supported only on kubernetes >= v1.19" -}} - {{- end }} - topologySpreadConstraints: - {{- tpl (toYaml .Values.topologySpreadConstraints) . | nindent 8 }} - {{- end }} -{{ end -}} diff --git a/charts/traefik/traefik/templates/_service-metrics.tpl b/charts/traefik/traefik/templates/_service-metrics.tpl deleted file mode 100644 index d16a362..0000000 --- a/charts/traefik/traefik/templates/_service-metrics.tpl +++ /dev/null @@ -1,25 +0,0 @@ -{{- define "traefik.metrics-service-metadata" }} - labels: - {{- include "traefik.metricsservicelabels" . | nindent 4 -}} - {{- with .Values.metrics.prometheus.service.labels }} - {{- toYaml . | nindent 4 }} - {{- end }} -{{- end }} - -{{/* Labels used for metrics-relevant selector*/}} -{{/* This is an immutable field: this should not change between upgrade */}} -{{- define "traefik.metricslabelselector" -}} -{{- include "traefik.labelselector" . }} -app.kubernetes.io/component: metrics -{{- end }} - -{{/* Shared labels used in metadata of metrics-service and servicemonitor */}} -{{- define "traefik.metricsservicelabels" -}} -{{ include "traefik.metricslabelselector" . }} -helm.sh/chart: {{ template "traefik.chart" . }} -app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- with .Values.commonLabels }} -{{ toYaml . }} -{{- end }} -{{- end }} - diff --git a/charts/traefik/traefik/templates/_service.tpl b/charts/traefik/traefik/templates/_service.tpl deleted file mode 100644 index 27d5bc4..0000000 --- a/charts/traefik/traefik/templates/_service.tpl +++ /dev/null @@ -1,84 +0,0 @@ -{{- define "traefik.service-name" -}} -{{- $fullname := printf "%s-%s" (include "traefik.fullname" .root) .name -}} -{{- if eq .name "default" -}} -{{- $fullname = include "traefik.fullname" .root -}} -{{- end -}} - -{{- if ge (len $fullname) 60 -}} # 64 - 4 (udp-postfix) = 60 - {{- fail "ERROR: Cannot create a service whose full name contains more than 60 characters" -}} -{{- end -}} - -{{- $fullname -}} -{{- end -}} - -{{- define "traefik.service-metadata" }} - labels: - {{- include "traefik.labels" .root | nindent 4 -}} - {{- with .service.labels }} - {{- toYaml . | nindent 4 }} - {{- end }} -{{- end }} - -{{- define "traefik.service-spec" -}} - {{- $type := default "LoadBalancer" .service.type }} - type: {{ $type }} - {{- with .service.loadBalancerClass }} - loadBalancerClass: {{ . }} - {{- end}} - {{- with .service.spec }} - {{- toYaml . | nindent 2 }} - {{- end }} - selector: - {{- include "traefik.labelselector" .root | nindent 4 }} - {{- if eq $type "LoadBalancer" }} - {{- with .service.loadBalancerSourceRanges }} - loadBalancerSourceRanges: - {{- toYaml . | nindent 2 }} - {{- end -}} - {{- end -}} - {{- with .service.externalIPs }} - externalIPs: - {{- toYaml . | nindent 2 }} - {{- end -}} - {{- with .service.ipFamilyPolicy }} - ipFamilyPolicy: {{ . }} - {{- end }} - {{- with .service.ipFamilies }} - ipFamilies: - {{- toYaml . | nindent 2 }} - {{- end -}} -{{- end }} - -{{- define "traefik.service-ports" }} - {{- range $name, $config := .ports }} - {{- if (index (default dict $config.expose) $.serviceName) }} - {{- $port := default $config.port $config.exposedPort }} - {{- if empty $port }} - {{- fail (print "ERROR: Cannot create " (trim $name) " port on Service without .port or .exposedPort") }} - {{- end }} - - port: {{ $port }} - name: {{ $name | quote }} - targetPort: {{ default $name $config.targetPort }} - protocol: {{ default "TCP" $config.protocol }} - {{- if $config.nodePort }} - nodePort: {{ $config.nodePort }} - {{- end }} - {{- if $config.appProtocol }} - appProtocol: {{ $config.appProtocol }} - {{- end }} - {{- if and ($config.http3).enabled ($config.single) }} - {{- $http3Port := default $config.exposedPort $config.http3.advertisedPort }} - - port: {{ $http3Port }} - name: "{{ $name }}-http3" - targetPort: "{{ $name }}-http3" - protocol: UDP - {{- if $config.nodePort }} - nodePort: {{ $config.nodePort }} - {{- end }} - {{- if $config.appProtocol }} - appProtocol: {{ $config.appProtocol }} - {{- end }} - {{- end }} - {{- end }} - {{- end }} -{{- end }} diff --git a/charts/traefik/traefik/templates/daemonset.yaml b/charts/traefik/traefik/templates/daemonset.yaml deleted file mode 100644 index b370c22..0000000 --- a/charts/traefik/traefik/templates/daemonset.yaml +++ /dev/null @@ -1,58 +0,0 @@ -{{- if and .Values.deployment.enabled (eq .Values.deployment.kind "DaemonSet") -}} - {{- with .Values.additionalArguments -}} - {{- range . -}} - {{- if contains ".acme." . -}} - {{- fail (printf "ACME functionality is not supported when running Traefik as a DaemonSet") -}} - {{- end -}} - {{- end -}} - {{- end -}} - {{- if eq (default .Chart.AppVersion .Values.image.tag) "latest" }} - {{- fail "\n\n ERROR: latest tag should not be used" }} - {{- end }} - {{- with .Values.updateStrategy }} - {{- if and (eq (.type) "RollingUpdate") (.rollingUpdate) }} - {{- if not (contains "%" (toString .rollingUpdate.maxUnavailable)) }} - {{- if and ($.Values.hostNetwork) (lt (float64 .rollingUpdate.maxUnavailable) 1.0) }} - {{- fail "maxUnavailable should be greater than 1 when using hostNetwork." }} - {{- end }} - {{- end }} - {{- end }} - {{- end }} - ---- -apiVersion: apps/v1 -kind: DaemonSet -metadata: - name: {{ template "traefik.fullname" . }} - namespace: {{ template "traefik.namespace" . }} - labels: - {{- include "traefik.labels" . | nindent 4 }} - {{- with .Values.deployment.labels }} - {{- toYaml . | nindent 4 }} - {{- end }} - annotations: - {{- if and .Values.providers.file.enabled (not .Values.providers.file.watch) }} - checksum/traefik-dynamic-conf: {{ include (print $.Template.BasePath "/provider-file-cm.yaml") . | sha256sum }} - {{- end }} - {{- with .Values.deployment.annotations }} - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - selector: - matchLabels: - {{- include "traefik.labelselector" . | nindent 6 }} - {{- with .Values.updateStrategy }} - updateStrategy: - type: {{ .type }} - {{- if (eq .type "RollingUpdate") }} - rollingUpdate: - maxUnavailable: {{ .rollingUpdate.maxUnavailable }} - maxSurge: {{ .rollingUpdate.maxSurge }} - {{- end }} - {{- end }} - minReadySeconds: {{ .Values.deployment.minReadySeconds }} - {{- if .Values.deployment.revisionHistoryLimit }} - revisionHistoryLimit: {{ .Values.deployment.revisionHistoryLimit }} - {{- end }} - template: {{ template "traefik.podTemplate" . }} -{{- end -}} diff --git a/charts/traefik/traefik/templates/deployment.yaml b/charts/traefik/traefik/templates/deployment.yaml deleted file mode 100644 index 4b3a1ae..0000000 --- a/charts/traefik/traefik/templates/deployment.yaml +++ /dev/null @@ -1,58 +0,0 @@ -{{/* check helm version */}} -{{- if (semverCompare "= 3.9.0 is required" -}} -{{- end -}} - -{{- if and .Values.deployment.enabled (eq .Values.deployment.kind "Deployment") -}} - {{- if gt (int .Values.deployment.replicas) 1 -}} - {{- with .Values.additionalArguments -}} - {{- range . -}} - {{- if contains ".acme." . -}} - {{- fail (printf "You can not enable acme if you set more than one traefik replica") -}} - {{- end -}} - {{- end -}} - {{- end -}} - {{- end -}} - {{- if eq (default .Chart.AppVersion .Values.image.tag) "latest" }} - {{- fail "\n\n ERROR: latest tag should not be used" }} - {{- end }} ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ template "traefik.fullname" . }} - namespace: {{ template "traefik.namespace" . }} - labels: - {{- include "traefik.labels" . | nindent 4 }} - {{- with .Values.deployment.labels }} - {{- toYaml . | nindent 4 }} - {{- end }} - annotations: - {{- if and .Values.providers.file.enabled (not .Values.providers.file.watch) }} - checksum/traefik-dynamic-conf: {{ include (print $.Template.BasePath "/provider-file-cm.yaml") . | sha256sum }} - {{- end }} - {{- with .Values.deployment.annotations }} - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - {{- if not .Values.autoscaling.enabled }} - replicas: {{ default 1 .Values.deployment.replicas }} - {{- end }} - {{- if .Values.deployment.revisionHistoryLimit }} - revisionHistoryLimit: {{ .Values.deployment.revisionHistoryLimit }} - {{- end }} - selector: - matchLabels: - {{- include "traefik.labelselector" . | nindent 6 }} - {{- with .Values.updateStrategy }} - strategy: - type: {{ .type }} - {{- if (eq .type "RollingUpdate") }} - rollingUpdate: - maxUnavailable: {{ .rollingUpdate.maxUnavailable }} - maxSurge: {{ .rollingUpdate.maxSurge }} - {{- end }} - {{- end }} - minReadySeconds: {{ .Values.deployment.minReadySeconds }} - template: {{ template "traefik.podTemplate" . }} -{{- end -}} diff --git a/charts/traefik/traefik/templates/extra-objects.yaml b/charts/traefik/traefik/templates/extra-objects.yaml deleted file mode 100644 index fb38e97..0000000 --- a/charts/traefik/traefik/templates/extra-objects.yaml +++ /dev/null @@ -1,4 +0,0 @@ -{{- range .Values.extraObjects }} ---- -{{ include "traefik.render" (dict "value" . "context" $) }} -{{- end }} diff --git a/charts/traefik/traefik/templates/gateway.yaml b/charts/traefik/traefik/templates/gateway.yaml deleted file mode 100644 index 42bc33d..0000000 --- a/charts/traefik/traefik/templates/gateway.yaml +++ /dev/null @@ -1,62 +0,0 @@ -{{- if and (.Values.gateway).enabled (.Values.providers.kubernetesGateway).enabled }} - {{- if not .Values.gateway.listeners }} - {{- fail "ERROR: gateway must have at least one listener or should be disabled" }} - {{- end }} ---- -apiVersion: gateway.networking.k8s.io/v1 -kind: Gateway -metadata: - name: {{ default "traefik-gateway" .Values.gateway.name }} - namespace: {{ template "traefik.namespace" . }} - labels: - {{- include "traefik.labels" . | nindent 4 }} - {{- with .Values.gateway.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - gatewayClassName: {{ default "traefik" .Values.gatewayClass.name }} - {{- with .Values.gateway.infrastructure }} - infrastructure: - {{ toYaml . | nindent 4 }} - {{- end }} - listeners: - {{- range $name, $config := .Values.gateway.listeners }} - - name: {{ $name }} - {{ if not .port }} - {{- fail "ERROR: port needs to be specified" }} - {{- end -}} - {{ $found := false }} - {{- range $portName, $portConfig := $.Values.ports -}} - {{- if eq $portConfig.port $config.port -}} - {{ $found = true }} - {{- end -}} - {{- end -}} - {{ if not $found }} - {{- fail (printf "ERROR: port %0.f is not declared in ports" .port ) }} - {{- end -}} - port: {{ .port }} - protocol: {{ .protocol }} - {{- with .hostname }} - hostname: {{ . | toYaml }} - {{- end }} - {{- with .namespacePolicy }} - allowedRoutes: - namespaces: - from: {{ . }} - {{- end }} - {{ if and (eq .protocol "HTTPS") (not .certificateRefs) }} - {{- fail "ERROR: certificateRefs needs to be specified using HTTPS" }} - {{- end }} - {{ if or .certificateRefs .mode }} - tls: - {{ with .mode }} - mode: {{ . }} - {{- end }} - {{ with .certificateRefs }} - certificateRefs: - {{- toYaml . | nindent 10 }} - {{- end }} - {{- end }} - {{- end }} -{{- end }} diff --git a/charts/traefik/traefik/templates/gatewayclass.yaml b/charts/traefik/traefik/templates/gatewayclass.yaml deleted file mode 100644 index 7f98c1e..0000000 --- a/charts/traefik/traefik/templates/gatewayclass.yaml +++ /dev/null @@ -1,14 +0,0 @@ -{{- if and (.Values.gatewayClass).enabled (.Values.providers.kubernetesGateway).enabled }} ---- -apiVersion: gateway.networking.k8s.io/v1 -kind: GatewayClass -metadata: - name: {{ default "traefik" .Values.gatewayClass.name }} - labels: - {{- include "traefik.labels" . | nindent 4 }} - {{- with .Values.gatewayClass.labels }} - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - controllerName: traefik.io/gateway-controller -{{- end }} diff --git a/charts/traefik/traefik/templates/hpa.yaml b/charts/traefik/traefik/templates/hpa.yaml deleted file mode 100644 index cfa1e5a..0000000 --- a/charts/traefik/traefik/templates/hpa.yaml +++ /dev/null @@ -1,35 +0,0 @@ -{{- if .Values.autoscaling.enabled }} - -{{- if not .Values.autoscaling.maxReplicas }} - {{- fail "ERROR: maxReplicas is required on HPA" }} -{{- end }} - -{{- if semverCompare ">=1.23.0-0" .Capabilities.KubeVersion.Version }} -apiVersion: autoscaling/v2 -{{- else }} -apiVersion: autoscaling/v2beta2 -{{- end }} -kind: HorizontalPodAutoscaler -metadata: - name: {{ template "traefik.fullname" . }} - namespace: {{ template "traefik.namespace" . }} - labels: - {{- include "traefik.labels" . | nindent 4 }} -spec: - scaleTargetRef: - apiVersion: apps/v1 - kind: Deployment - name: {{ template "traefik.fullname" . }} -{{- if .Values.autoscaling.minReplicas }} - minReplicas: {{ .Values.autoscaling.minReplicas }} -{{- end }} - maxReplicas: {{ .Values.autoscaling.maxReplicas }} -{{- if .Values.autoscaling.metrics }} - metrics: -{{ toYaml .Values.autoscaling.metrics | indent 4 }} -{{- end }} -{{- if .Values.autoscaling.behavior }} - behavior: -{{ toYaml .Values.autoscaling.behavior | indent 4 }} -{{- end }} -{{- end }} diff --git a/charts/traefik/traefik/templates/hub-admission-controller.yaml b/charts/traefik/traefik/templates/hub-admission-controller.yaml deleted file mode 100644 index 37b2314..0000000 --- a/charts/traefik/traefik/templates/hub-admission-controller.yaml +++ /dev/null @@ -1,198 +0,0 @@ -{{- if .Values.hub.token -}} -{{- if .Values.hub.apimanagement.enabled }} -{{- $cert := include "traefik-hub.webhook_cert" . | fromYaml }} ---- -apiVersion: v1 -kind: Secret -type: kubernetes.io/tls -metadata: - name: hub-agent-cert - namespace: {{ template "traefik.namespace" . }} - labels: - {{- include "traefik.labels" . | nindent 4 }} -data: - tls.crt: {{ $cert.Cert }} - tls.key: {{ $cert.Key }} - ---- -apiVersion: admissionregistration.k8s.io/v1 -kind: MutatingWebhookConfiguration -metadata: - name: hub-acp - labels: - {{- include "traefik.labels" . | nindent 4 }} -webhooks: - - name: admission.traefik.svc - clientConfig: - service: - name: admission - namespace: {{ template "traefik.namespace" . }} - path: /acp - caBundle: {{ $cert.Cert }} - sideEffects: None - admissionReviewVersions: - - v1 - rules: - - operations: - - CREATE - - UPDATE - - DELETE - apiGroups: - - hub.traefik.io - apiVersions: - - v1alpha1 - resources: - - accesscontrolpolicies - ---- -apiVersion: admissionregistration.k8s.io/v1 -kind: MutatingWebhookConfiguration -metadata: - name: hub-api - labels: - {{- include "traefik.labels" . | nindent 4 }} -webhooks: - - name: hub-agent.traefik.portal - clientConfig: - service: - name: admission - namespace: {{ template "traefik.namespace" . }} - path: /api-portal - caBundle: {{ $cert.Cert }} - sideEffects: None - admissionReviewVersions: - - v1 - rules: - - operations: - - CREATE - - UPDATE - - DELETE - apiGroups: - - hub.traefik.io - apiVersions: - - v1alpha1 - resources: - - apiportals - - name: hub-agent.traefik.api - clientConfig: - service: - name: admission - namespace: {{ template "traefik.namespace" . }} - path: /api - caBundle: {{ $cert.Cert }} - sideEffects: None - admissionReviewVersions: - - v1 - rules: - - operations: - - CREATE - - UPDATE - - DELETE - apiGroups: - - hub.traefik.io - apiVersions: - - v1alpha1 - resources: - - apis - - name: hub-agent.traefik.access - clientConfig: - service: - name: admission - namespace: {{ template "traefik.namespace" . }} - path: /api-access - caBundle: {{ $cert.Cert }} - sideEffects: None - admissionReviewVersions: - - v1 - rules: - - operations: - - CREATE - - UPDATE - - DELETE - apiGroups: - - hub.traefik.io - apiVersions: - - v1alpha1 - resources: - - apiaccesses - - name: hub-agent.traefik.plan - clientConfig: - service: - name: admission - namespace: {{ template "traefik.namespace" . }} - path: /api-plan - caBundle: {{ $cert.Cert }} - sideEffects: None - admissionReviewVersions: - - v1 - rules: - - operations: - - CREATE - - UPDATE - - DELETE - apiGroups: - - hub.traefik.io - apiVersions: - - v1alpha1 - resources: - - apiplans - - name: hub-agent.traefik.bundle - clientConfig: - service: - name: admission - namespace: {{ template "traefik.namespace" . }} - path: /api-bundle - caBundle: {{ $cert.Cert }} - sideEffects: None - admissionReviewVersions: - - v1 - rules: - - operations: - - CREATE - - UPDATE - - DELETE - apiGroups: - - hub.traefik.io - apiVersions: - - v1alpha1 - resources: - - apibundles - - name: hub-agent.traefik.version - clientConfig: - service: - name: admission - namespace: {{ template "traefik.namespace" . }} - path: /api-version - caBundle: {{ $cert.Cert }} - sideEffects: None - admissionReviewVersions: - - v1 - rules: - - operations: - - CREATE - - UPDATE - - DELETE - apiGroups: - - hub.traefik.io - apiVersions: - - v1alpha1 - resources: - - apiversions - ---- -apiVersion: v1 -kind: Service -metadata: - name: admission - namespace: {{ template "traefik.namespace" . }} - labels: - {{- include "traefik.labels" . | nindent 4 }} -spec: - ports: - - name: https - port: 443 - targetPort: admission - selector: - {{- include "traefik.labelselector" . | nindent 4 }} -{{- end -}} -{{- end -}} diff --git a/charts/traefik/traefik/templates/hub-apiportal.yaml b/charts/traefik/traefik/templates/hub-apiportal.yaml deleted file mode 100644 index 246b127..0000000 --- a/charts/traefik/traefik/templates/hub-apiportal.yaml +++ /dev/null @@ -1,19 +0,0 @@ -{{- if .Values.hub.apimanagement.enabled }} ---- -apiVersion: v1 -kind: Service -metadata: - name: apiportal - namespace: {{ template "traefik.namespace" . }} - labels: - {{- include "traefik.labels" . | nindent 4 }} -spec: - ports: - - name: apiportal - port: 9903 - protocol: TCP - targetPort: apiportal - selector: - {{- include "traefik.labelselector" . | nindent 4 }} -{{- end -}} - diff --git a/charts/traefik/traefik/templates/ingressclass.yaml b/charts/traefik/traefik/templates/ingressclass.yaml deleted file mode 100644 index 6a8ff81..0000000 --- a/charts/traefik/traefik/templates/ingressclass.yaml +++ /dev/null @@ -1,12 +0,0 @@ -{{- if .Values.ingressClass.enabled -}} -apiVersion: networking.k8s.io/v1 -kind: IngressClass -metadata: - annotations: - ingressclass.kubernetes.io/is-default-class: {{ .Values.ingressClass.isDefaultClass | quote }} - labels: - {{- include "traefik.labels" . | nindent 4 }} - name: {{ .Values.ingressClass.name | default (include "traefik.fullname" .) }} -spec: - controller: traefik.io/ingress-controller -{{- end -}} diff --git a/charts/traefik/traefik/templates/ingressroute.yaml b/charts/traefik/traefik/templates/ingressroute.yaml deleted file mode 100644 index 2f35abb..0000000 --- a/charts/traefik/traefik/templates/ingressroute.yaml +++ /dev/null @@ -1,43 +0,0 @@ -{{ range $name, $config := .Values.ingressRoute }} -{{ if $config.enabled }} ---- -apiVersion: traefik.io/v1alpha1 -kind: IngressRoute -metadata: - name: {{ $.Release.Name }}-{{ $name }} - namespace: {{ template "traefik.namespace" $ }} - annotations: - {{- if and $.Values.ingressClass.enabled $.Values.providers.kubernetesCRD.enabled $.Values.providers.kubernetesCRD.ingressClass }} - kubernetes.io/ingress.class: {{ $.Values.providers.kubernetesCRD.ingressClass }} - {{- end }} - {{- with $config.annotations }} - {{- toYaml . | nindent 4 }} - {{- end }} - labels: - {{- include "traefik.labels" $ | nindent 4 }} - {{- with $config.labels }} - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - entryPoints: - {{- range $config.entryPoints }} - - {{ . }} - {{- end }} - routes: - - match: {{ $config.matchRule }} - kind: Rule - {{- with $config.services }} - services: - {{- toYaml . | nindent 6 }} - {{- end -}} - {{- with $config.middlewares }} - middlewares: - {{- toYaml . | nindent 6 }} - {{- end -}} - - {{- with $config.tls }} - tls: - {{- toYaml . | nindent 4 }} - {{- end }} -{{- end -}} -{{ end }} diff --git a/charts/traefik/traefik/templates/poddisruptionbudget.yaml b/charts/traefik/traefik/templates/poddisruptionbudget.yaml deleted file mode 100644 index f171639..0000000 --- a/charts/traefik/traefik/templates/poddisruptionbudget.yaml +++ /dev/null @@ -1,23 +0,0 @@ -{{- if .Values.podDisruptionBudget.enabled -}} -{{- if .Capabilities.APIVersions.Has "policy/v1/PodDisruptionBudget" }} -apiVersion: policy/v1 -{{- else }} -apiVersion: policy/v1beta1 -{{- end }} -kind: PodDisruptionBudget -metadata: - name: {{ template "traefik.fullname" . }} - namespace: {{ template "traefik.namespace" . }} - labels: - {{- include "traefik.labels" . | nindent 4 }} -spec: - selector: - matchLabels: - {{- include "traefik.labelselector" . | nindent 6 }} - {{- if .Values.podDisruptionBudget.minAvailable }} - minAvailable: {{ .Values.podDisruptionBudget.minAvailable }} - {{- end }} - {{- if .Values.podDisruptionBudget.maxUnavailable }} - maxUnavailable: {{ .Values.podDisruptionBudget.maxUnavailable }} - {{- end }} -{{- end -}} diff --git a/charts/traefik/traefik/templates/prometheusrules.yaml b/charts/traefik/traefik/templates/prometheusrules.yaml deleted file mode 100644 index 3231aba..0000000 --- a/charts/traefik/traefik/templates/prometheusrules.yaml +++ /dev/null @@ -1,28 +0,0 @@ -{{- if .Values.metrics.prometheus }} -{{- if (.Values.metrics.prometheus.prometheusRule).enabled }} - {{- if (not (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1")) }} - {{- if (not (.Values.metrics.prometheus.disableAPICheck)) }} - {{- fail "ERROR: You have to deploy monitoring.coreos.com/v1 first" }} - {{- end }} - {{- end }} -apiVersion: monitoring.coreos.com/v1 -kind: PrometheusRule -metadata: - name: {{ template "traefik.fullname" . }} - namespace: {{ .Values.metrics.prometheus.prometheusRule.namespace | default (include "traefik.namespace" .) }} - labels: - {{- include "traefik.labels" . | nindent 4 }} - {{- with .Values.metrics.prometheus.prometheusRule.additionalLabels }} - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - {{- if .Values.metrics.prometheus.prometheusRule.rules }} - groups: - - name: {{ template "traefik.name" $ }} - rules: - {{- with .Values.metrics.prometheus.prometheusRule.rules }} - {{- toYaml . | nindent 4 }} - {{- end }} - {{- end }} -{{- end }} -{{- end }} diff --git a/charts/traefik/traefik/templates/provider-file-cm.yaml b/charts/traefik/traefik/templates/provider-file-cm.yaml deleted file mode 100644 index 139a5a6..0000000 --- a/charts/traefik/traefik/templates/provider-file-cm.yaml +++ /dev/null @@ -1,12 +0,0 @@ -{{- if .Values.providers.file.enabled -}} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "traefik.fullname" . }}-file-provider - namespace: {{ template "traefik.namespace" . }} - labels: - {{- include "traefik.labels" . | nindent 4 }} -data: - config.yml: - {{ toYaml .Values.providers.file.content | nindent 4 }} -{{- end -}} diff --git a/charts/traefik/traefik/templates/pvc.yaml b/charts/traefik/traefik/templates/pvc.yaml deleted file mode 100644 index 7ab96f9..0000000 --- a/charts/traefik/traefik/templates/pvc.yaml +++ /dev/null @@ -1,26 +0,0 @@ -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: {{ template "traefik.fullname" . }} - namespace: {{ template "traefik.namespace" . }} - annotations: - {{- with .Values.persistence.annotations }} - {{ toYaml . | nindent 4 }} - {{- end }} - helm.sh/resource-policy: keep - labels: - {{- include "traefik.labels" . | nindent 4 }} -spec: - accessModes: - - {{ .Values.persistence.accessMode | quote }} - resources: - requests: - storage: {{ .Values.persistence.size | quote }} - {{- if .Values.persistence.storageClass }} - storageClassName: {{ .Values.persistence.storageClass | quote }} - {{- end }} - {{- if .Values.persistence.volumeName }} - volumeName: {{ .Values.persistence.volumeName | quote }} - {{- end }} -{{- end -}} diff --git a/charts/traefik/traefik/templates/rbac/clusterrole.yaml b/charts/traefik/traefik/templates/rbac/clusterrole.yaml deleted file mode 100644 index 9e52d53..0000000 --- a/charts/traefik/traefik/templates/rbac/clusterrole.yaml +++ /dev/null @@ -1,271 +0,0 @@ -{{- $version := include "imageVersion" $ }} -{{- if and .Values.rbac.enabled (not .Values.rbac.namespaced) }} ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: {{ template "traefik.clusterRoleName" . }} - labels: - {{- include "traefik.labels" . | nindent 4 }} - {{- range .Values.rbac.aggregateTo }} - rbac.authorization.k8s.io/aggregate-to-{{ . }}: "true" - {{- end }} -rules: - {{- if semverCompare ">=v3.1.0-0" $version }} - - apiGroups: - - "" - resources: - - nodes - verbs: - - get - - list - - watch - {{- end }} - {{- if (semverCompare "=v3.2.0-0" $version }} - - configmaps - {{- end }} - verbs: - - get - - list - - watch - {{- if (semverCompare ">=v3.1.0-0" $version) }} - - apiGroups: - - discovery.k8s.io - resources: - - endpointslices - verbs: - - list - - watch - {{- end }} - - apiGroups: - - gateway.networking.k8s.io - resources: - {{- if semverCompare ">=v3.2.0-0" $version }} - - backendtlspolicies - {{- end }} - - gatewayclasses - - gateways - {{- if semverCompare ">=v3.2.0-0" $version }} - - grpcroutes - {{- end }} - - httproutes - - referencegrants - - tcproutes - - tlsroutes - verbs: - - get - - list - - watch - - apiGroups: - - gateway.networking.k8s.io - resources: - {{- if semverCompare ">=v3.2.0-0" $version }} - - backendtlspolicies/status - {{- end }} - - gatewayclasses/status - - gateways/status - {{- if semverCompare ">=v3.2.0-0" $version }} - - grpcroutes/status - {{- end }} - - httproutes/status - - tcproutes/status - - tlsroutes/status - verbs: - - update - {{- end }} - {{- if .Values.hub.token }} - - apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - get - - list - - watch - - create - - update - - patch - - delete - {{- end }} - {{- if .Values.hub.token }} - {{- if or (semverCompare ">=v3.1.0-0" $version) .Values.hub.apimanagement.enabled }} - - apiGroups: - - "" - resources: - - endpoints - verbs: - - list - - watch - {{- end }} - - apiGroups: - - "" - resources: - - namespaces - {{- if .Values.hub.apimanagement.enabled }} - - pods - {{- end }} - verbs: - - get - - list - {{- if .Values.hub.apimanagement.enabled }} - - watch - {{- end }} - {{- if .Values.hub.apimanagement.enabled }} - - apiGroups: - - hub.traefik.io - resources: - - accesscontrolpolicies - - apiaccesses - - apiportals - - apiratelimits - - apis - - apiversions - - apibundles - - apiplans - verbs: - - list - - watch - - create - - update - - patch - - delete - - get - - apiGroups: - - "" - resources: - - events - verbs: - - create - - patch - - apiGroups: - - apps - resources: - - replicasets - verbs: - - get - - list - - watch - {{- if (semverCompare "=1.25.0-0" .Capabilities.KubeVersion.Version }} - {{- fail "ERROR: PodSecurityPolicy has been removed in Kubernetes v1.25+" }} -{{- end }} ---- -apiVersion: policy/v1beta1 -kind: PodSecurityPolicy -metadata: - annotations: - seccomp.security.alpha.kubernetes.io/allowedProfileNames: runtime/default - seccomp.security.alpha.kubernetes.io/defaultProfileName: runtime/default - name: {{ template "traefik.fullname" . }} - labels: - {{- include "traefik.labels" . | nindent 4 }} -spec: - privileged: false - allowPrivilegeEscalation: false - requiredDropCapabilities: - - ALL -{{- if not .Values.securityContext.runAsNonRoot }} - allowedCapabilities: - - NET_BIND_SERVICE -{{- end }} - hostNetwork: {{ .Values.hostNetwork }} - hostIPC: false - hostPID: false - fsGroup: -{{- if .Values.securityContext.runAsNonRoot }} - ranges: - - max: 65535 - min: 1 - rule: MustRunAs -{{- else }} - rule: RunAsAny -{{- end }} -{{- if .Values.hostNetwork }} - hostPorts: - - max: 65535 - min: 1 -{{- end }} - readOnlyRootFilesystem: true - runAsUser: -{{- if .Values.securityContext.runAsNonRoot }} - rule: MustRunAsNonRoot -{{- else }} - rule: RunAsAny -{{- end }} - seLinux: - rule: RunAsAny - supplementalGroups: -{{- if .Values.securityContext.runAsNonRoot }} - ranges: - - max: 65535 - min: 1 - rule: MustRunAs -{{- else }} - rule: RunAsAny -{{- end }} - volumes: - - configMap - - downwardAPI - - secret - - emptyDir - - projected -{{- if .Values.persistence.enabled }} - - persistentVolumeClaim -{{- end -}} -{{- end -}} diff --git a/charts/traefik/traefik/templates/rbac/role.yaml b/charts/traefik/traefik/templates/rbac/role.yaml deleted file mode 100644 index e81aaa8..0000000 --- a/charts/traefik/traefik/templates/rbac/role.yaml +++ /dev/null @@ -1,143 +0,0 @@ -{{- $version := include "imageVersion" $ }} -{{- $ingressNamespaces := concat (include "traefik.namespace" . | list) .Values.providers.kubernetesIngress.namespaces -}} -{{- $CRDNamespaces := concat (include "traefik.namespace" . | list) .Values.providers.kubernetesCRD.namespaces -}} -{{- $allNamespaces := sortAlpha (uniq (concat $ingressNamespaces $CRDNamespaces)) -}} - -{{- if and .Values.rbac.enabled .Values.rbac.namespaced -}} -{{- range $allNamespaces }} ---- -kind: Role -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: {{ template "traefik.fullname" $ }} - namespace: {{ . }} - labels: - {{- include "traefik.labels" $ | nindent 4 }} -rules: - {{- if (semverCompare "://:. Default: http://localhost:4318/v1/metrics - endpoint: "" - # -- Additional headers sent with metrics by the reporter to the OpenTelemetry Collector. - headers: {} - ## Defines the TLS configuration used by the reporter to send metrics to the OpenTelemetry Collector. - tls: - # -- The path to the certificate authority, it defaults to the system bundle. - ca: "" - # -- The path to the public certificate. When using this option, setting the key option is required. - cert: "" - # -- The path to the private key. When using this option, setting the cert option is required. - key: "" - # -- When set to true, the TLS connection accepts any certificate presented by the server regardless of the hostnames it covers. - insecureSkipVerify: # @schema type:[boolean, null] - grpc: - # -- Set to true in order to send metrics to the OpenTelemetry Collector using gRPC - enabled: false - # -- Format: ://:. Default: http://localhost:4318/v1/metrics - endpoint: "" - # -- Allows reporter to send metrics to the OpenTelemetry Collector without using a secured protocol. - insecure: false - ## Defines the TLS configuration used by the reporter to send metrics to the OpenTelemetry Collector. - tls: - # -- The path to the certificate authority, it defaults to the system bundle. - ca: "" - # -- The path to the public certificate. When using this option, setting the key option is required. - cert: "" - # -- The path to the private key. When using this option, setting the cert option is required. - key: "" - # -- When set to true, the TLS connection accepts any certificate presented by the server regardless of the hostnames it covers. - insecureSkipVerify: false - -## Tracing -# -- https://doc.traefik.io/traefik/observability/tracing/overview/ -tracing: # @schema additionalProperties: false - # -- Enables tracing for internal resources. Default: false. - addInternals: false - otlp: - # -- See https://doc.traefik.io/traefik/v3.0/observability/tracing/opentelemetry/ - enabled: false - http: - # -- Set to true in order to send metrics to the OpenTelemetry Collector using HTTP. - enabled: false - # -- Format: ://:. Default: http://localhost:4318/v1/metrics - endpoint: "" - # -- Additional headers sent with metrics by the reporter to the OpenTelemetry Collector. - headers: {} - ## Defines the TLS configuration used by the reporter to send metrics to the OpenTelemetry Collector. - tls: - # -- The path to the certificate authority, it defaults to the system bundle. - ca: "" - # -- The path to the public certificate. When using this option, setting the key option is required. - cert: "" - # -- The path to the private key. When using this option, setting the cert option is required. - key: "" - # -- When set to true, the TLS connection accepts any certificate presented by the server regardless of the hostnames it covers. - insecureSkipVerify: false - grpc: - # -- Set to true in order to send metrics to the OpenTelemetry Collector using gRPC - enabled: false - # -- Format: ://:. Default: http://localhost:4318/v1/metrics - endpoint: "" - # -- Allows reporter to send metrics to the OpenTelemetry Collector without using a secured protocol. - insecure: false - ## Defines the TLS configuration used by the reporter to send metrics to the OpenTelemetry Collector. - tls: - # -- The path to the certificate authority, it defaults to the system bundle. - ca: "" - # -- The path to the public certificate. When using this option, setting the key option is required. - cert: "" - # -- The path to the private key. When using this option, setting the cert option is required. - key: "" - # -- When set to true, the TLS connection accepts any certificate presented by the server regardless of the hostnames it covers. - insecureSkipVerify: false - -# -- Global command arguments to be passed to all traefik's pods -globalArguments: -- "--global.checknewversion" -- "--global.sendanonymoususage" - -# -- Additional arguments to be passed at Traefik's binary -# See [CLI Reference](https://docs.traefik.io/reference/static-configuration/cli/) -# Use curly braces to pass values: `helm install --set="additionalArguments={--providers.kubernetesingress.ingressclass=traefik-internal,--log.level=DEBUG}"` -additionalArguments: [] -# - "--providers.kubernetesingress.ingressclass=traefik-internal" -# - "--log.level=DEBUG" - -# -- Additional Environment variables to be passed to Traefik's binary -# @default -- See _values.yaml_ -env: [] - -# -- Environment variables to be passed to Traefik's binary from configMaps or secrets -envFrom: [] - -ports: - traefik: - port: 8080 - # -- Use hostPort if set. - hostPort: # @schema type:[integer, null]; minimum:0 - # -- Use hostIP if set. If not set, Kubernetes will default to 0.0.0.0, which - # means it's listening on all your interfaces and all your IPs. You may want - # to set this value if you need traefik to listen on specific interface - # only. - hostIP: # @schema type:[string, null] - - # Defines whether the port is exposed if service.type is LoadBalancer or - # NodePort. - # - # -- You SHOULD NOT expose the traefik port on production deployments. - # If you want to access it from outside your cluster, - # use `kubectl port-forward` or create a secure ingress - expose: - default: false - # -- The exposed port for this service - exposedPort: 8080 - # -- The port protocol (TCP/UDP) - protocol: TCP - web: - ## -- Enable this entrypoint as a default entrypoint. When a service doesn't explicitly set an entrypoint it will only use this entrypoint. - # asDefault: true - port: 8000 - # hostPort: 8000 - # containerPort: 8000 - expose: - default: true - exposedPort: 80 - ## -- Different target traefik port on the cluster, useful for IP type LB - targetPort: # @schema type:[string, integer, null]; minimum:0 - # The port protocol (TCP/UDP) - protocol: TCP - # -- See [upstream documentation](https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport) - nodePort: # @schema type:[integer, null]; minimum:0 - # Port Redirections - # Added in 2.2, you can make permanent redirects via entrypoints. - # https://docs.traefik.io/routing/entrypoints/#redirection - redirectTo: {} - forwardedHeaders: - # -- Trust forwarded headers information (X-Forwarded-*). - trustedIPs: [] - insecure: false - proxyProtocol: - # -- Enable the Proxy Protocol header parsing for the entry point - trustedIPs: [] - insecure: false - # -- Set transport settings for the entrypoint; see also - # https://doc.traefik.io/traefik/routing/entrypoints/#transport - transport: - respondingTimeouts: - readTimeout: # @schema type:[string, integer, null] - writeTimeout: # @schema type:[string, integer, null] - idleTimeout: # @schema type:[string, integer, null] - lifeCycle: - requestAcceptGraceTimeout: # @schema type:[string, integer, null] - graceTimeOut: # @schema type:[string, integer, null] - keepAliveMaxRequests: # @schema type:[integer, null]; minimum:0 - keepAliveMaxTime: # @schema type:[string, integer, null] - websecure: - ## -- Enable this entrypoint as a default entrypoint. When a service doesn't explicitly set an entrypoint it will only use this entrypoint. - # asDefault: true - port: 8443 - hostPort: # @schema type:[integer, null]; minimum:0 - containerPort: # @schema type:[integer, null]; minimum:0 - expose: - default: true - exposedPort: 443 - ## -- Different target traefik port on the cluster, useful for IP type LB - targetPort: # @schema type:[string, integer, null]; minimum:0 - ## -- The port protocol (TCP/UDP) - protocol: TCP - # -- See [upstream documentation](https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport) - nodePort: # @schema type:[integer, null]; minimum:0 - # -- See [upstream documentation](https://kubernetes.io/docs/concepts/services-networking/service/#application-protocol) - appProtocol: # @schema type:[string, null] - # -- See [upstream documentation](https://doc.traefik.io/traefik/routing/entrypoints/#allowacmebypass) - allowACMEByPass: false - http3: - ## -- Enable HTTP/3 on the entrypoint - ## Enabling it will also enable http3 experimental feature - ## https://doc.traefik.io/traefik/routing/entrypoints/#http3 - ## There are known limitations when trying to listen on same ports for - ## TCP & UDP (Http3). There is a workaround in this chart using dual Service. - ## https://github.com/kubernetes/kubernetes/issues/47249#issuecomment-587960741 - enabled: false - advertisedPort: # @schema type:[integer, null]; minimum:0 - forwardedHeaders: - # -- Trust forwarded headers information (X-Forwarded-*). - trustedIPs: [] - insecure: false - proxyProtocol: - # -- Enable the Proxy Protocol header parsing for the entry point - trustedIPs: [] - insecure: false - # -- See [upstream documentation](https://doc.traefik.io/traefik/routing/entrypoints/#transport) - transport: - respondingTimeouts: - readTimeout: # @schema type:[string, integer, null] - writeTimeout: # @schema type:[string, integer, null] - idleTimeout: # @schema type:[string, integer, null] - lifeCycle: - requestAcceptGraceTimeout: # @schema type:[string, integer, null] - graceTimeOut: # @schema type:[string, integer, null] - keepAliveMaxRequests: # @schema type:[integer, null]; minimum:0 - keepAliveMaxTime: # @schema type:[string, integer, null] - # -- See [upstream documentation](https://doc.traefik.io/traefik/routing/entrypoints/#tls) - tls: - enabled: true - options: "" - certResolver: "" - domains: [] - # -- One can apply Middlewares on an entrypoint - # https://doc.traefik.io/traefik/middlewares/overview/ - # https://doc.traefik.io/traefik/routing/entrypoints/#middlewares - # -- /!\ It introduces here a link between your static configuration and your dynamic configuration /!\ - # It follows the provider naming convention: https://doc.traefik.io/traefik/providers/overview/#provider-namespace - # - namespace-name1@kubernetescrd - # - namespace-name2@kubernetescrd - middlewares: [] - metrics: - # -- When using hostNetwork, use another port to avoid conflict with node exporter: - # https://github.com/prometheus/prometheus/wiki/Default-port-allocations - port: 9100 - # -- You may not want to expose the metrics port on production deployments. - # If you want to access it from outside your cluster, - # use `kubectl port-forward` or create a secure ingress - expose: - default: false - # -- The exposed port for this service - exposedPort: 9100 - # -- The port protocol (TCP/UDP) - protocol: TCP - -# -- TLS Options are created as [TLSOption CRDs](https://doc.traefik.io/traefik/https/tls/#tls-options) -# When using `labelSelector`, you'll need to set labels on tlsOption accordingly. -# See EXAMPLE.md for details. -tlsOptions: {} - -# -- TLS Store are created as [TLSStore CRDs](https://doc.traefik.io/traefik/https/tls/#default-certificate). This is useful if you want to set a default certificate. See EXAMPLE.md for details. -tlsStore: {} - -service: - enabled: true - ## -- Single service is using `MixedProtocolLBService` feature gate. - ## -- When set to false, it will create two Service, one for TCP and one for UDP. - single: true - type: LoadBalancer - # -- Additional annotations applied to both TCP and UDP services (e.g. for cloud provider specific config) - annotations: {} - # -- Additional annotations for TCP service only - annotationsTCP: {} - # -- Additional annotations for UDP service only - annotationsUDP: {} - # -- Additional service labels (e.g. for filtering Service by custom labels) - labels: {} - # -- Additional entries here will be added to the service spec. - # -- Cannot contain type, selector or ports entries. - spec: {} - # externalTrafficPolicy: Cluster - # loadBalancerIP: "1.2.3.4" - # clusterIP: "2.3.4.5" - loadBalancerSourceRanges: [] - # - 192.168.0.1/32 - # - 172.16.0.0/16 - ## -- Class of the load balancer implementation - # loadBalancerClass: service.k8s.aws/nlb - externalIPs: [] - # - 1.2.3.4 - ## One of SingleStack, PreferDualStack, or RequireDualStack. - # ipFamilyPolicy: SingleStack - ## List of IP families (e.g. IPv4 and/or IPv6). - ## ref: https://kubernetes.io/docs/concepts/services-networking/dual-stack/#services - # ipFamilies: - # - IPv4 - # - IPv6 - ## - additionalServices: {} - ## -- An additional and optional internal Service. - ## Same parameters as external Service - # internal: - # type: ClusterIP - # # labels: {} - # # annotations: {} - # # spec: {} - # # loadBalancerSourceRanges: [] - # # externalIPs: [] - # # ipFamilies: [ "IPv4","IPv6" ] - -autoscaling: - # -- Create HorizontalPodAutoscaler object. - # See EXAMPLES.md for more details. - enabled: false - -persistence: - # -- Enable persistence using Persistent Volume Claims - # ref: http://kubernetes.io/docs/user-guide/persistent-volumes/. - # It can be used to store TLS certificates along with `certificatesResolvers..acme.storage` option - enabled: false - name: data - existingClaim: "" - accessMode: ReadWriteOnce - size: 128Mi - storageClass: "" - volumeName: "" - path: /data - annotations: {} - # -- Only mount a subpath of the Volume into the pod - subPath: "" - -# -- Certificates resolvers configuration. -# Ref: https://doc.traefik.io/traefik/https/acme/#certificate-resolvers -# See EXAMPLES.md for more details. -certificatesResolvers: {} - -# -- If hostNetwork is true, runs traefik in the host network namespace -# To prevent unschedulabel pods due to port collisions, if hostNetwork=true -# and replicas>1, a pod anti-affinity is recommended and will be set if the -# affinity is left as default. -hostNetwork: false - -# -- Whether Role Based Access Control objects like roles and rolebindings should be created -rbac: # @schema additionalProperties: false - enabled: true - # When set to true: - # 1. It switches respectively the use of `ClusterRole` and `ClusterRoleBinding` to `Role` and `RoleBinding`. - # 2. It adds `disableIngressClassLookup` on Kubernetes Ingress with Traefik Proxy v3 until v3.1.4 - # 3. It adds `disableClusterScopeResources` on Ingress and CRD (Kubernetes) providers with Traefik Proxy v3.1.2+ - # **NOTE**: `IngressClass`, `NodePortLB` and **Gateway** provider cannot be used with namespaced RBAC. - # See [upstream documentation](https://doc.traefik.io/traefik/providers/kubernetes-ingress/#disableclusterscoperesources) for more details. - namespaced: false - # Enable user-facing roles - # https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles - aggregateTo: [] - # List of Kubernetes secrets that are accessible for Traefik. If empty, then access is granted to every secret. - secretResourceNames: [] - -# -- Enable to create a PodSecurityPolicy and assign it to the Service Account via RoleBinding or ClusterRoleBinding -podSecurityPolicy: - enabled: false - -# -- The service account the pods will use to interact with the Kubernetes API -serviceAccount: # @schema additionalProperties: false - # If set, an existing service account is used - # If not set, a service account is created automatically using the fullname template - name: "" - -# -- Additional serviceAccount annotations (e.g. for oidc authentication) -serviceAccountAnnotations: {} - -# -- [Resources](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) for `traefik` container. -resources: {} - -# -- This example pod anti-affinity forces the scheduler to put traefik pods -# -- on nodes where no other traefik pods are scheduled. -# It should be used when hostNetwork: true to prevent port conflicts -affinity: {} -# podAntiAffinity: -# requiredDuringSchedulingIgnoredDuringExecution: -# - labelSelector: -# matchLabels: -# app.kubernetes.io/name: '{{ template "traefik.name" . }}' -# app.kubernetes.io/instance: '{{ .Release.Name }}-{{ .Release.Namespace }}' -# topologyKey: kubernetes.io/hostname - -# -- nodeSelector is the simplest recommended form of node selection constraint. -nodeSelector: {} -# -- Tolerations allow the scheduler to schedule pods with matching taints. -tolerations: [] -# -- You can use topology spread constraints to control -# how Pods are spread across your cluster among failure-domains. -topologySpreadConstraints: [] -# This example topologySpreadConstraints forces the scheduler to put traefik pods -# on nodes where no other traefik pods are scheduled. -# - labelSelector: -# matchLabels: -# app.kubernetes.io/name: '{{ template "traefik.name" . }}' -# maxSkew: 1 -# topologyKey: kubernetes.io/hostname -# whenUnsatisfiable: DoNotSchedule - -# -- [Pod Priority and Preemption](https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/) -priorityClassName: "" - -# -- [SecurityContext](https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#security-context-1) -# @default -- See _values.yaml_ -securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: [ALL] - readOnlyRootFilesystem: true - -# -- [Pod Security Context](https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#security-context) -# @default -- See _values.yaml_ -podSecurityContext: - runAsGroup: 65532 - runAsNonRoot: true - runAsUser: 65532 - -# -# -- Extra objects to deploy (value evaluated as a template) -# -# In some cases, it can avoid the need for additional, extended or adhoc deployments. -# See #595 for more details and traefik/tests/values/extra.yaml for example. -extraObjects: [] - -# -- This field override the default Release Namespace for Helm. -# It will not affect optional CRDs such as `ServiceMonitor` and `PrometheusRules` -namespaceOverride: "" - -## -- This field override the default app.kubernetes.io/instance label for all Objects. -instanceLabelOverride: "" - -# Traefik Hub configuration. See https://doc.traefik.io/traefik-hub/ -hub: - # -- Name of `Secret` with key 'token' set to a valid license token. - # It enables API Gateway. - token: "" - apimanagement: - # -- Set to true in order to enable API Management. Requires a valid license token. - enabled: false - admission: - # -- WebHook admission server listen address. Default: "0.0.0.0:9943". - listenAddr: "" - # -- Certificate of the WebHook admission server. Default: "hub-agent-cert". - secretName: "" - - redis: - # -- Enable Redis Cluster. Default: true. - cluster: # @schema type:[boolean, null] - # -- Database used to store information. Default: "0". - database: # @schema type:[string, null] - # -- Endpoints of the Redis instances to connect to. Default: "". - endpoints: "" - # -- The username to use when connecting to Redis endpoints. Default: "". - username: "" - # -- The password to use when connecting to Redis endpoints. Default: "". - password: "" - sentinel: - # -- Name of the set of main nodes to use for main selection. Required when using Sentinel. Default: "". - masterset: "" - # -- Username to use for sentinel authentication (can be different from endpoint username). Default: "". - username: "" - # -- Password to use for sentinel authentication (can be different from endpoint password). Default: "". - password: "" - # -- Timeout applied on connection with redis. Default: "0s". - timeout: "" - tls: - # -- Path to the certificate authority used for the secured connection. - ca: "" - # -- Path to the public certificate used for the secure connection. - cert: "" - # -- Path to the private key used for the secure connection. - key: "" - # -- When insecureSkipVerify is set to true, the TLS connection accepts any certificate presented by the server. Default: false. - insecureSkipVerify: false - # Enable export of errors logs to the platform. Default: true. - sendlogs: # @schema type:[boolean, null] diff --git a/charts/traefik/values-overrides.yaml b/charts/traefik/values-overrides.yaml deleted file mode 100644 index 5c5ceb9..0000000 --- a/charts/traefik/values-overrides.yaml +++ /dev/null @@ -1,39 +0,0 @@ - - -fullnameOverride: traefik - -globalArguments: - - --global.sendanonymoususage=false - - --api.insecure=true # api.insecure=true is required for the dashboard to be reachable via traefik entrypoint -service: - enabled: true - annotations: - # chisel-operator.io/exit-node-name: "vault-exit-node" - type: ClusterIP # this needs to be LoadBalancer in prod, but here in dev we want ClusterIP - -logs: - access: - enabled: true - format: json - general: - level: DEBUG - format: json -providers: - kubernetesCRD: - enabled: false - kubernetesIngress: - enabled: false - publishedService: - enabled: false - kubernetesGateway: - enabled: true - -# ingressRoute: -# dashboard: -# # we disable dashboard via the chart and enable it ourselves in traefik.yaml -# enabled: false -# matchRule: PathPrefix(`/doshboard`) -# # # -- The internal service used for the dashboard ingressRoute -# services: -# - name: dashboard@internal -# kind: TraefikService \ No newline at end of file diff --git a/charts/velero/values.yaml b/charts/velero/values.yaml deleted file mode 100644 index 2ddae71..0000000 --- a/charts/velero/values.yaml +++ /dev/null @@ -1,34 +0,0 @@ -credentials: - useSecret: true - existingSecret: velero - -backupsEnabled: true -snapshotsEnabled: true - -initContainers: - - name: velero-plugin-for-aws - image: velero/velero-plugin-for-aws:v1.10.1 - imagePullPolicy: IfNotPresent - volumeMounts: - - mountPath: /target - name: plugins - -configuration: - backupStorageLocation: - - name: futureporn-db-backup-dev - provider: aws - bucket: futureporn-db-backup-dev - default: true - s3ForcePathStyle: true - config: - region: us-west-000 - s3Url: https://s3.us-west-000.backblazeb2.com - checksumAlgorithm: "" - - volumeSnapshotLocation: - - name: futureporn-db-backup-dev - provider: aws - bucket: futureporn-db-backup-dev - s3ForcePathStyle: true - config: - region: us-west-000 diff --git a/charts/velero/velero/.helmignore b/charts/velero/velero/.helmignore deleted file mode 100644 index f0c1319..0000000 --- a/charts/velero/velero/.helmignore +++ /dev/null @@ -1,21 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj diff --git a/charts/velero/velero/Chart.yaml b/charts/velero/velero/Chart.yaml deleted file mode 100644 index 2eb64a4..0000000 --- a/charts/velero/velero/Chart.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: v2 -appVersion: 1.14.1 -description: A Helm chart for velero -home: https://github.com/vmware-tanzu/velero -icon: https://cdn-images-1.medium.com/max/1600/1*-9mb3AKnKdcL_QD3CMnthQ.png -kubeVersion: '>=1.16.0-0' -maintainers: -- email: hsiaoairplane@gmail.com - name: jenting -- email: jiangd@vmware.com - name: reasonerjt -- email: mqiu@vmware.com - name: qiuming-best -- email: yinw@vmware.com - name: ywk253100 -name: velero -sources: -- https://github.com/vmware-tanzu/velero -version: 7.2.1 diff --git a/charts/velero/velero/OWNERS b/charts/velero/velero/OWNERS deleted file mode 100644 index d705d91..0000000 --- a/charts/velero/velero/OWNERS +++ /dev/null @@ -1,10 +0,0 @@ -approvers: -- jenting -- reasonerjt -- qiuming-best -- ywk253100 -reviewers: -- jenting -- reasonerjt -- qiuming-best -- ywk253100 diff --git a/charts/velero/velero/README.md b/charts/velero/velero/README.md deleted file mode 100644 index e6176d8..0000000 --- a/charts/velero/velero/README.md +++ /dev/null @@ -1,173 +0,0 @@ -# Velero - -Velero is an open source tool to safely backup and restore, perform disaster recovery, and migrate Kubernetes cluster resources and persistent volumes. - -Velero has two main components: a CLI, and a server-side Kubernetes deployment. - -## Installing the Velero CLI - -See the different options for installing the [Velero CLI](https://velero.io/docs/v1.13/basic-install/#install-the-cli). - -## Installing the Velero server - -### Installation Requirements - -Kubernetes v1.16+, because this helm chart uses CustomResourceDefinition `apiextensions.k8s.io/v1`. This API version was introduced in Kubernetes v1.16. - -### Velero version - -This helm chart installs Velero version v1.14 https://velero.io/docs/v1.14/. See the [#Upgrading](#upgrading) section for information on how to upgrade from other versions. - -### Provider credentials - -When installing using the Helm chart, the provider's credential information will need to be appended into your values. The easiest way to do this is with the `--set-file` argument, available in Helm 2.10 and higher. See your cloud provider's documentation for the contents and creation of the `credentials-velero` file. - -### Azure resources - -When using the Azure plug-in, requests and limits must be set. See https://github.com/vmware-tanzu/velero/issues/3234 and https://github.com/vmware-tanzu/helm-charts/issues/469 for details. - -### Installing - -The default configuration values for this chart are listed in values.yaml. - -See Velero's full [official documentation](https://velero.io/docs/v1.13/basic-install/). More specifically, find your provider in the Velero list of [supported providers](https://velero.io/docs/v1.13/supported-providers/) for specific configuration information and examples. - -#### Set up Helm - -See the main [README.md](https://github.com/vmware-tanzu/helm-charts#kubernetes-helm-charts-for-vmware-tanzu). - -#### Using Helm 3 - -##### Option 1) CLI commands - -Note: You may add the flag `--set cleanUpCRDs=true` if you want to delete the Velero CRDs after deleting a release. -Please note that cleaning up CRDs will also delete any CRD instance, such as BackupStorageLocation and VolumeSnapshotLocation, which would have to be reconfigured when reinstalling Velero. The backup data in object storage will not be deleted, even though the backup instances in the cluster will. - -Specify the necessary values using the --set key=value[,key=value] argument to helm install. For example, - -```bash -helm install velero vmware-tanzu/velero \ ---namespace \ ---create-namespace \ ---set-file credentials.secretContents.cloud= \ ---set configuration.backupStorageLocation[0].name= \ ---set configuration.backupStorageLocation[0].provider= \ ---set configuration.backupStorageLocation[0].bucket= \ ---set configuration.backupStorageLocation[0].config.region= \ ---set configuration.volumeSnapshotLocation[0].name= \ ---set configuration.volumeSnapshotLocation[0].provider= \ ---set configuration.volumeSnapshotLocation[0].config.region= \ ---set initContainers[0].name=velero-plugin-for- \ ---set initContainers[0].image=velero/velero-plugin-for-: \ ---set initContainers[0].volumeMounts[0].mountPath=/target \ ---set initContainers[0].volumeMounts[0].name=plugins -``` - -Users of zsh might need to put quotes around key/value pairs. - -##### Option 2) YAML file - -Add/update the necessary values by changing the values.yaml from this repository, then run: - -```bash -helm install vmware-tanzu/velero --namespace -f values.yaml --generate-name -``` -##### Upgrade the configuration - -If a value needs to be added or changed, you may do so with the `upgrade` command. An example: - -```bash -helm upgrade vmware-tanzu/velero --namespace --reuse-values --set configuration.backupStorageLocation[0].provider= -``` - -#### Using Helm 2 - -We're no longer supporting Helm v2 since it was deprecated in November 2020. - -##### Upgrade the configuration - -If a value needs to be added or changed, you may do so with the `upgrade` command. An example: - -```bash -helm upgrade vmware-tanzu/velero --reuse-values --set configuration.backupStorageLocation[0].provider= -``` -## Upgrading Chart - -### Upgrading to 7.0.0 - -Delete the CSI plugin. Because the Velero CSI plugin is already merged into the Velero, need to remove the existing CSI plugin InitContainer. Otherwise, the Velero server plugin would fail to start due to same plugin registered twice. -CSI plugin has been merged into velero repo in v1.14 release. It will be installed by default as an internal plugin. - -### Upgrading to 6.0.0 - -This version removes the `nodeAgent.privileged` field, you should use `nodeAgent.containerSecurityContext.privileged` instead - -## Upgrading Velero - -### Upgrading to v1.14 - -The [instructions found here](https://velero.io/docs/v1.14/upgrade-to-1.14/) will assist you in upgrading from version v1.13.x to v1.14. - -### Upgrading to v1.13 - -The [instructions found here](https://velero.io/docs/v1.13/upgrade-to-1.13/) will assist you in upgrading from version v1.12.x to v1.13. - -### Upgrading to v1.12 - -The [instructions found here](https://velero.io/docs/v1.12/upgrade-to-1.12/) will assist you in upgrading from version v1.11.x to v1.12. - -### Upgrading to v1.11 - -The [instructions found here](https://velero.io/docs/v1.11/upgrade-to-1.11/) will assist you in upgrading from version v1.10.x to v1.11. - -### Upgrading to v1.10 - -The [instructions found here](https://velero.io/docs/v1.10/upgrade-to-1.10/) will assist you in upgrading from version v1.9.x to v1.10. - -### Upgrading to v1.9 - -The [instructions found here](https://velero.io/docs/v1.9/upgrade-to-1.9/) will assist you in upgrading from version v1.8.x to v1.9. - -### Upgrading to v1.8 - -The [instructions found here](https://velero.io/docs/v1.8/upgrade-to-1.8/) will assist you in upgrading from version v1.7.x to v1.8. - -### Upgrading to v1.7 - -The [instructions found here](https://velero.io/docs/v1.7/upgrade-to-1.7/) will assist you in upgrading from version v1.6.x to v1.7. - -### Upgrading to v1.6 - -The [instructions found here](https://velero.io/docs/v1.6/upgrade-to-1.6/) will assist you in upgrading from version v1.5.x to v1.6. - -### Upgrading to v1.5 - -The [instructions found here](https://velero.io/docs/v1.5/upgrade-to-1.5/) will assist you in upgrading from version v1.4.x to v1.5. - -### Upgrading to v1.4 - -The [instructions found here](https://velero.io/docs/v1.4/upgrade-to-1.4/) will assist you in upgrading from version v1.3.x to v1.4. - -### Upgrading to v1.3.1 - -The [instructions found here](https://velero.io/docs/v1.3.1/upgrade-to-1.3/) will assist you in upgrading from version v1.2.0 or v1.3.0 to v1.3.1. - -### Upgrading to v1.2.0 - -The [instructions found here](https://velero.io/docs/v1.2.0/upgrade-to-1.2/) will assist you in upgrading from version v1.0.0 or v1.1.0 to v1.2.0. - -### Upgrading to v1.1.0 - -The [instructions found here](https://velero.io/docs/v1.1.0/upgrade-to-1.1/) will assist you in upgrading from version v1.0.0 to v1.1.0. - -## Uninstall Velero - -Note: when you uninstall the Velero server, all backups remain untouched. - -### Using Helm 3 - -```bash -helm uninstall -n -``` -### Note -Since from velero v1.10.0, it has supported both Restic and Kopia to do file-system level backup and restore, some configuration that contains the keyword Restic is not suitable anymore, which means from chart version 3.0.0 is not backward compatible, and we've done a configure filed name validation. diff --git a/charts/velero/velero/ci/test-values.yaml b/charts/velero/velero/ci/test-values.yaml deleted file mode 100644 index 80d1fbf..0000000 --- a/charts/velero/velero/ci/test-values.yaml +++ /dev/null @@ -1,119 +0,0 @@ -# Set provider name and backup storage location bucket name -configuration: - backupStorageLocation: - - name: default - bucket: velero-backups - default: true - provider: aws - credential: - name: test-credential - key: test-key - config: - region: us-east-1 - profile: us-east-1-profile - - name: backups-secondary - bucket: velero-backups - provider: aws - config: - region: us-west-1 - profile: us-west-1-profile - volumeSnapshotLocation: - - name: ebs-us-east-1 - provider: aws - config: - region: us-east-1 - - name: portworx-cloud - provider: portworx - config: - type: cloud - -schedules: - mybackup: - labels: - myenv: foo - schedule: "0 0 * * *" - template: - ttl: "240h" - includedNamespaces: - - foo - -# Set a service account so that the CRD clean up job has proper permissions to delete CRDs -serviceAccount: - server: - name: velero - -# The Velero server -# Annotations to Velero deployment -annotations: - annotation: velero - foo: bar - -# Labels to Velero deployment -labels: - label: velero - foo: bar - -# Annotations to Velero deployment's template -podAnnotations: - pod-annotation: velero - foo: bar - -# Labels to Velero deployment's template -podLabels: - pod-label: velero - foo: bar - -# Resources to Velero deployment -resources: - requests: - cpu: 100m - memory: 128Mi - limits: - cpu: 100m - memory: 128Mi - -# The node-agent daemonset -deployNodeAgent: true - -nodeAgent: - # Annotations to node-agent daemonset - annotations: - annotation: node-agent - foo: bar - # Labels to node-agent daemonset - labels: - label: node-agent - foo: bar - # Resources to node-agent daemonset - resources: - requests: - cpu: 100m - memory: 128Mi - limits: - cpu: 100m - memory: 128Mi - -# The kubectl upgrade/cleanup job -kubectl: - # Annotations to kubectl job - annotations: - annotation: kubectl - foo: bar - # Labels to kubectl job - labels: - label: kubectl - foo: bar - # Resources to kubectl job - resources: - requests: - cpu: 100m - memory: 128Mi - limits: - cpu: 100m - memory: 128Mi - -# Whether or not to clean up CustomResourceDefintions when deleting a release. -# Cleaning up CRDs will delete the BackupStorageLocation and VolumeSnapshotLocation instances, which would have to be reconfigured. -# Backup data in object storage will _not_ be deleted, however Backup instances in the Kubernetes API will. -# Always clean up CRDs in CI. -cleanUpCRDs: true diff --git a/charts/velero/velero/crds/backuprepositories.yaml b/charts/velero/velero/crds/backuprepositories.yaml deleted file mode 100644 index 4453dca..0000000 --- a/charts/velero/velero/crds/backuprepositories.yaml +++ /dev/null @@ -1,106 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - component: velero - annotations: - controller-gen.kubebuilder.io/version: v0.14.0 - name: backuprepositories.velero.io -spec: - group: velero.io - names: - kind: BackupRepository - listKind: BackupRepositoryList - plural: backuprepositories - singular: backuprepository - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .spec.repositoryType - name: Repository Type - type: string - name: v1 - schema: - openAPIV3Schema: - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: BackupRepositorySpec is the specification for a BackupRepository. - properties: - backupStorageLocation: - description: |- - BackupStorageLocation is the name of the BackupStorageLocation - that should contain this repository. - type: string - maintenanceFrequency: - description: MaintenanceFrequency is how often maintenance should - be run. - type: string - repositoryType: - description: RepositoryType indicates the type of the backend repository - enum: - - kopia - - restic - - "" - type: string - resticIdentifier: - description: |- - ResticIdentifier is the full restic-compatible string for identifying - this repository. - type: string - volumeNamespace: - description: |- - VolumeNamespace is the namespace this backup repository contains - pod volume backups for. - type: string - required: - - backupStorageLocation - - maintenanceFrequency - - resticIdentifier - - volumeNamespace - type: object - status: - description: BackupRepositoryStatus is the current status of a BackupRepository. - properties: - lastMaintenanceTime: - description: LastMaintenanceTime is the last time maintenance was - run. - format: date-time - nullable: true - type: string - message: - description: Message is a message about the current status of the - BackupRepository. - type: string - phase: - description: Phase is the current state of the BackupRepository. - enum: - - New - - Ready - - NotReady - type: string - type: object - type: object - served: true - storage: true - subresources: {} \ No newline at end of file diff --git a/charts/velero/velero/crds/backups.yaml b/charts/velero/velero/crds/backups.yaml deleted file mode 100644 index fd08085..0000000 --- a/charts/velero/velero/crds/backups.yaml +++ /dev/null @@ -1,662 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - component: velero - annotations: - controller-gen.kubebuilder.io/version: v0.14.0 - name: backups.velero.io -spec: - group: velero.io - names: - kind: Backup - listKind: BackupList - plural: backups - singular: backup - scope: Namespaced - versions: - - name: v1 - schema: - openAPIV3Schema: - description: |- - Backup is a Velero resource that represents the capture of Kubernetes - cluster state at a point in time (API objects and associated volume state). - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: BackupSpec defines the specification for a Velero backup. - properties: - csiSnapshotTimeout: - description: |- - CSISnapshotTimeout specifies the time used to wait for CSI VolumeSnapshot status turns to - ReadyToUse during creation, before returning error as timeout. - The default value is 10 minute. - type: string - datamover: - description: |- - DataMover specifies the data mover to be used by the backup. - If DataMover is "" or "velero", the built-in data mover will be used. - type: string - defaultVolumesToFsBackup: - description: |- - DefaultVolumesToFsBackup specifies whether pod volume file system backup should be used - for all volumes by default. - nullable: true - type: boolean - defaultVolumesToRestic: - description: |- - DefaultVolumesToRestic specifies whether restic should be used to take a - backup of all pod volumes by default. - - - Deprecated: this field is no longer used and will be removed entirely in future. Use DefaultVolumesToFsBackup instead. - nullable: true - type: boolean - excludedClusterScopedResources: - description: |- - ExcludedClusterScopedResources is a slice of cluster-scoped - resource type names to exclude from the backup. - If set to "*", all cluster-scoped resource types are excluded. - The default value is empty. - items: - type: string - nullable: true - type: array - excludedNamespaceScopedResources: - description: |- - ExcludedNamespaceScopedResources is a slice of namespace-scoped - resource type names to exclude from the backup. - If set to "*", all namespace-scoped resource types are excluded. - The default value is empty. - items: - type: string - nullable: true - type: array - excludedNamespaces: - description: |- - ExcludedNamespaces contains a list of namespaces that are not - included in the backup. - items: - type: string - nullable: true - type: array - excludedResources: - description: |- - ExcludedResources is a slice of resource names that are not - included in the backup. - items: - type: string - nullable: true - type: array - hooks: - description: Hooks represent custom behaviors that should be executed - at different phases of the backup. - properties: - resources: - description: Resources are hooks that should be executed when - backing up individual instances of a resource. - items: - description: |- - BackupResourceHookSpec defines one or more BackupResourceHooks that should be executed based on - the rules defined for namespaces, resources, and label selector. - properties: - excludedNamespaces: - description: ExcludedNamespaces specifies the namespaces - to which this hook spec does not apply. - items: - type: string - nullable: true - type: array - excludedResources: - description: ExcludedResources specifies the resources to - which this hook spec does not apply. - items: - type: string - nullable: true - type: array - includedNamespaces: - description: |- - IncludedNamespaces specifies the namespaces to which this hook spec applies. If empty, it applies - to all namespaces. - items: - type: string - nullable: true - type: array - includedResources: - description: |- - IncludedResources specifies the resources to which this hook spec applies. If empty, it applies - to all resources. - items: - type: string - nullable: true - type: array - labelSelector: - description: LabelSelector, if specified, filters the resources - to which this hook spec applies. - nullable: true - properties: - matchExpressions: - description: matchExpressions is a list of label selector - requirements. The requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the selector - applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - name: - description: Name is the name of this hook. - type: string - post: - description: |- - PostHooks is a list of BackupResourceHooks to execute after storing the item in the backup. - These are executed after all "additional items" from item actions are processed. - items: - description: BackupResourceHook defines a hook for a resource. - properties: - exec: - description: Exec defines an exec hook. - properties: - command: - description: Command is the command and arguments - to execute. - items: - type: string - minItems: 1 - type: array - container: - description: |- - Container is the container in the pod where the command should be executed. If not specified, - the pod's first container is used. - type: string - onError: - description: OnError specifies how Velero should - behave if it encounters an error executing this - hook. - enum: - - Continue - - Fail - type: string - timeout: - description: |- - Timeout defines the maximum amount of time Velero should wait for the hook to complete before - considering the execution a failure. - type: string - required: - - command - type: object - required: - - exec - type: object - type: array - pre: - description: |- - PreHooks is a list of BackupResourceHooks to execute prior to storing the item in the backup. - These are executed before any "additional items" from item actions are processed. - items: - description: BackupResourceHook defines a hook for a resource. - properties: - exec: - description: Exec defines an exec hook. - properties: - command: - description: Command is the command and arguments - to execute. - items: - type: string - minItems: 1 - type: array - container: - description: |- - Container is the container in the pod where the command should be executed. If not specified, - the pod's first container is used. - type: string - onError: - description: OnError specifies how Velero should - behave if it encounters an error executing this - hook. - enum: - - Continue - - Fail - type: string - timeout: - description: |- - Timeout defines the maximum amount of time Velero should wait for the hook to complete before - considering the execution a failure. - type: string - required: - - command - type: object - required: - - exec - type: object - type: array - required: - - name - type: object - nullable: true - type: array - type: object - includeClusterResources: - description: |- - IncludeClusterResources specifies whether cluster-scoped resources - should be included for consideration in the backup. - nullable: true - type: boolean - includedClusterScopedResources: - description: |- - IncludedClusterScopedResources is a slice of cluster-scoped - resource type names to include in the backup. - If set to "*", all cluster-scoped resource types are included. - The default value is empty, which means only related - cluster-scoped resources are included. - items: - type: string - nullable: true - type: array - includedNamespaceScopedResources: - description: |- - IncludedNamespaceScopedResources is a slice of namespace-scoped - resource type names to include in the backup. - The default value is "*". - items: - type: string - nullable: true - type: array - includedNamespaces: - description: |- - IncludedNamespaces is a slice of namespace names to include objects - from. If empty, all namespaces are included. - items: - type: string - nullable: true - type: array - includedResources: - description: |- - IncludedResources is a slice of resource names to include - in the backup. If empty, all resources are included. - items: - type: string - nullable: true - type: array - itemOperationTimeout: - description: |- - ItemOperationTimeout specifies the time used to wait for asynchronous BackupItemAction operations - The default value is 4 hour. - type: string - labelSelector: - description: |- - LabelSelector is a metav1.LabelSelector to filter with - when adding individual objects to the backup. If empty - or nil, all objects are included. Optional. - nullable: true - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - metadata: - properties: - labels: - additionalProperties: - type: string - type: object - type: object - orLabelSelectors: - description: |- - OrLabelSelectors is list of metav1.LabelSelector to filter with - when adding individual objects to the backup. If multiple provided - they will be joined by the OR operator. LabelSelector as well as - OrLabelSelectors cannot co-exist in backup request, only one of them - can be used. - items: - description: |- - A label selector is a label query over a set of resources. The result of matchLabels and - matchExpressions are ANDed. An empty label selector matches all objects. A null - label selector matches no objects. - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - nullable: true - type: array - orderedResources: - additionalProperties: - type: string - description: |- - OrderedResources specifies the backup order of resources of specific Kind. - The map key is the resource name and value is a list of object names separated by commas. - Each resource name has format "namespace/objectname". For cluster resources, simply use "objectname". - nullable: true - type: object - resourcePolicy: - description: ResourcePolicy specifies the referenced resource policies - that backup should follow - properties: - apiGroup: - description: |- - APIGroup is the group for the resource being referenced. - If APIGroup is not specified, the specified Kind must be in the core API group. - For any other third-party types, APIGroup is required. - type: string - kind: - description: Kind is the type of resource being referenced - type: string - name: - description: Name is the name of resource being referenced - type: string - required: - - kind - - name - type: object - x-kubernetes-map-type: atomic - snapshotMoveData: - description: SnapshotMoveData specifies whether snapshot data should - be moved - nullable: true - type: boolean - snapshotVolumes: - description: |- - SnapshotVolumes specifies whether to take snapshots - of any PV's referenced in the set of objects included - in the Backup. - nullable: true - type: boolean - storageLocation: - description: StorageLocation is a string containing the name of a - BackupStorageLocation where the backup should be stored. - type: string - ttl: - description: |- - TTL is a time.Duration-parseable string describing how long - the Backup should be retained for. - type: string - uploaderConfig: - description: UploaderConfig specifies the configuration for the uploader. - nullable: true - properties: - parallelFilesUpload: - description: ParallelFilesUpload is the number of files parallel - uploads to perform when using the uploader. - type: integer - type: object - volumeSnapshotLocations: - description: VolumeSnapshotLocations is a list containing names of - VolumeSnapshotLocations associated with this backup. - items: - type: string - type: array - type: object - status: - description: BackupStatus captures the current status of a Velero backup. - properties: - backupItemOperationsAttempted: - description: |- - BackupItemOperationsAttempted is the total number of attempted - async BackupItemAction operations for this backup. - type: integer - backupItemOperationsCompleted: - description: |- - BackupItemOperationsCompleted is the total number of successfully completed - async BackupItemAction operations for this backup. - type: integer - backupItemOperationsFailed: - description: |- - BackupItemOperationsFailed is the total number of async - BackupItemAction operations for this backup which ended with an error. - type: integer - completionTimestamp: - description: |- - CompletionTimestamp records the time a backup was completed. - Completion time is recorded even on failed backups. - Completion time is recorded before uploading the backup object. - The server's time is used for CompletionTimestamps - format: date-time - nullable: true - type: string - csiVolumeSnapshotsAttempted: - description: |- - CSIVolumeSnapshotsAttempted is the total number of attempted - CSI VolumeSnapshots for this backup. - type: integer - csiVolumeSnapshotsCompleted: - description: |- - CSIVolumeSnapshotsCompleted is the total number of successfully - completed CSI VolumeSnapshots for this backup. - type: integer - errors: - description: |- - Errors is a count of all error messages that were generated during - execution of the backup. The actual errors are in the backup's log - file in object storage. - type: integer - expiration: - description: Expiration is when this Backup is eligible for garbage-collection. - format: date-time - nullable: true - type: string - failureReason: - description: FailureReason is an error that caused the entire backup - to fail. - type: string - formatVersion: - description: FormatVersion is the backup format version, including - major, minor, and patch version. - type: string - hookStatus: - description: HookStatus contains information about the status of the - hooks. - nullable: true - properties: - hooksAttempted: - description: |- - HooksAttempted is the total number of attempted hooks - Specifically, HooksAttempted represents the number of hooks that failed to execute - and the number of hooks that executed successfully. - type: integer - hooksFailed: - description: HooksFailed is the total number of hooks which ended - with an error - type: integer - type: object - phase: - description: Phase is the current state of the Backup. - enum: - - New - - FailedValidation - - InProgress - - WaitingForPluginOperations - - WaitingForPluginOperationsPartiallyFailed - - Finalizing - - FinalizingPartiallyFailed - - Completed - - PartiallyFailed - - Failed - - Deleting - type: string - progress: - description: |- - Progress contains information about the backup's execution progress. Note - that this information is best-effort only -- if Velero fails to update it - during a backup for any reason, it may be inaccurate/stale. - nullable: true - properties: - itemsBackedUp: - description: |- - ItemsBackedUp is the number of items that have actually been written to the - backup tarball so far. - type: integer - totalItems: - description: |- - TotalItems is the total number of items to be backed up. This number may change - throughout the execution of the backup due to plugins that return additional related - items to back up, the velero.io/exclude-from-backup label, and various other - filters that happen as items are processed. - type: integer - type: object - startTimestamp: - description: |- - StartTimestamp records the time a backup was started. - Separate from CreationTimestamp, since that value changes - on restores. - The server's time is used for StartTimestamps - format: date-time - nullable: true - type: string - validationErrors: - description: |- - ValidationErrors is a slice of all validation errors (if - applicable). - items: - type: string - nullable: true - type: array - version: - description: |- - Version is the backup format major version. - Deprecated: Please see FormatVersion - type: integer - volumeSnapshotsAttempted: - description: |- - VolumeSnapshotsAttempted is the total number of attempted - volume snapshots for this backup. - type: integer - volumeSnapshotsCompleted: - description: |- - VolumeSnapshotsCompleted is the total number of successfully - completed volume snapshots for this backup. - type: integer - warnings: - description: |- - Warnings is a count of all warning messages that were generated during - execution of the backup. The actual warnings are in the backup's log - file in object storage. - type: integer - type: object - type: object - served: true - storage: true \ No newline at end of file diff --git a/charts/velero/velero/crds/backupstoragelocations.yaml b/charts/velero/velero/crds/backupstoragelocations.yaml deleted file mode 100644 index 05251b5..0000000 --- a/charts/velero/velero/crds/backupstoragelocations.yaml +++ /dev/null @@ -1,190 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - component: velero - annotations: - controller-gen.kubebuilder.io/version: v0.14.0 - name: backupstoragelocations.velero.io -spec: - group: velero.io - names: - kind: BackupStorageLocation - listKind: BackupStorageLocationList - plural: backupstoragelocations - shortNames: - - bsl - singular: backupstoragelocation - scope: Namespaced - versions: - - additionalPrinterColumns: - - description: Backup Storage Location status such as Available/Unavailable - jsonPath: .status.phase - name: Phase - type: string - - description: LastValidationTime is the last time the backup store location was - validated - jsonPath: .status.lastValidationTime - name: Last Validated - type: date - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - description: Default backup storage location - jsonPath: .spec.default - name: Default - type: boolean - name: v1 - schema: - openAPIV3Schema: - description: BackupStorageLocation is a location where Velero stores backup - objects - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: BackupStorageLocationSpec defines the desired state of a - Velero BackupStorageLocation - properties: - accessMode: - description: AccessMode defines the permissions for the backup storage - location. - enum: - - ReadOnly - - ReadWrite - type: string - backupSyncPeriod: - description: BackupSyncPeriod defines how frequently to sync backup - API objects from object storage. A value of 0 disables sync. - nullable: true - type: string - config: - additionalProperties: - type: string - description: Config is for provider-specific configuration fields. - type: object - credential: - description: Credential contains the credential information intended - to be used with this location - properties: - key: - description: The key of the secret to select from. Must be a - valid secret key. - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? - type: string - optional: - description: Specify whether the Secret or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - default: - description: Default indicates this location is the default backup - storage location. - type: boolean - objectStorage: - description: ObjectStorageLocation specifies the settings necessary - to connect to a provider's object storage. - properties: - bucket: - description: Bucket is the bucket to use for object storage. - type: string - caCert: - description: CACert defines a CA bundle to use when verifying - TLS connections to the provider. - format: byte - type: string - prefix: - description: Prefix is the path inside a bucket to use for Velero - storage. Optional. - type: string - required: - - bucket - type: object - provider: - description: Provider is the provider of the backup storage. - type: string - validationFrequency: - description: ValidationFrequency defines how frequently to validate - the corresponding object storage. A value of 0 disables validation. - nullable: true - type: string - required: - - objectStorage - - provider - type: object - status: - description: BackupStorageLocationStatus defines the observed state of - BackupStorageLocation - properties: - accessMode: - description: |- - AccessMode is an unused field. - - - Deprecated: there is now an AccessMode field on the Spec and this field - will be removed entirely as of v2.0. - enum: - - ReadOnly - - ReadWrite - type: string - lastSyncedRevision: - description: |- - LastSyncedRevision is the value of the `metadata/revision` file in the backup - storage location the last time the BSL's contents were synced into the cluster. - - - Deprecated: this field is no longer updated or used for detecting changes to - the location's contents and will be removed entirely in v2.0. - type: string - lastSyncedTime: - description: |- - LastSyncedTime is the last time the contents of the location were synced into - the cluster. - format: date-time - nullable: true - type: string - lastValidationTime: - description: |- - LastValidationTime is the last time the backup store location was validated - the cluster. - format: date-time - nullable: true - type: string - message: - description: Message is a message about the backup storage location's - status. - type: string - phase: - description: Phase is the current state of the BackupStorageLocation. - enum: - - Available - - Unavailable - type: string - type: object - type: object - served: true - storage: true - subresources: {} \ No newline at end of file diff --git a/charts/velero/velero/crds/datadownloads.yaml b/charts/velero/velero/crds/datadownloads.yaml deleted file mode 100644 index ecbca2c..0000000 --- a/charts/velero/velero/crds/datadownloads.yaml +++ /dev/null @@ -1,191 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - component: velero - annotations: - controller-gen.kubebuilder.io/version: v0.14.0 - name: datadownloads.velero.io -spec: - group: velero.io - names: - kind: DataDownload - listKind: DataDownloadList - plural: datadownloads - singular: datadownload - scope: Namespaced - versions: - - additionalPrinterColumns: - - description: DataDownload status such as New/InProgress - jsonPath: .status.phase - name: Status - type: string - - description: Time duration since this DataDownload was started - jsonPath: .status.startTimestamp - name: Started - type: date - - description: Completed bytes - format: int64 - jsonPath: .status.progress.bytesDone - name: Bytes Done - type: integer - - description: Total bytes - format: int64 - jsonPath: .status.progress.totalBytes - name: Total Bytes - type: integer - - description: Name of the Backup Storage Location where the backup data is stored - jsonPath: .spec.backupStorageLocation - name: Storage Location - type: string - - description: Time duration since this DataDownload was created - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - description: Name of the node where the DataDownload is processed - jsonPath: .status.node - name: Node - type: string - name: v2alpha1 - schema: - openAPIV3Schema: - description: DataDownload acts as the protocol between data mover plugins - and data mover controller for the datamover restore operation - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: DataDownloadSpec is the specification for a DataDownload. - properties: - backupStorageLocation: - description: |- - BackupStorageLocation is the name of the backup storage location - where the backup repository is stored. - type: string - cancel: - description: |- - Cancel indicates request to cancel the ongoing DataDownload. It can be set - when the DataDownload is in InProgress phase - type: boolean - dataMoverConfig: - additionalProperties: - type: string - description: DataMoverConfig is for data-mover-specific configuration - fields. - type: object - datamover: - description: |- - DataMover specifies the data mover to be used by the backup. - If DataMover is "" or "velero", the built-in data mover will be used. - type: string - operationTimeout: - description: |- - OperationTimeout specifies the time used to wait internal operations, - before returning error as timeout. - type: string - snapshotID: - description: SnapshotID is the ID of the Velero backup snapshot to - be restored from. - type: string - sourceNamespace: - description: |- - SourceNamespace is the original namespace where the volume is backed up from. - It may be different from SourcePVC's namespace if namespace is remapped during restore. - type: string - targetVolume: - description: TargetVolume is the information of the target PVC and - PV. - properties: - namespace: - description: Namespace is the target namespace - type: string - pv: - description: PV is the name of the target PV that is created by - Velero restore - type: string - pvc: - description: PVC is the name of the target PVC that is created - by Velero restore - type: string - required: - - namespace - - pv - - pvc - type: object - required: - - backupStorageLocation - - operationTimeout - - snapshotID - - sourceNamespace - - targetVolume - type: object - status: - description: DataDownloadStatus is the current status of a DataDownload. - properties: - completionTimestamp: - description: |- - CompletionTimestamp records the time a restore was completed. - Completion time is recorded even on failed restores. - The server's time is used for CompletionTimestamps - format: date-time - nullable: true - type: string - message: - description: Message is a message about the DataDownload's status. - type: string - node: - description: Node is name of the node where the DataDownload is processed. - type: string - phase: - description: Phase is the current state of the DataDownload. - enum: - - New - - Accepted - - Prepared - - InProgress - - Canceling - - Canceled - - Completed - - Failed - type: string - progress: - description: |- - Progress holds the total number of bytes of the snapshot and the current - number of restored bytes. This can be used to display progress information - about the restore operation. - properties: - bytesDone: - format: int64 - type: integer - totalBytes: - format: int64 - type: integer - type: object - startTimestamp: - description: |- - StartTimestamp records the time a restore was started. - The server's time is used for StartTimestamps - format: date-time - nullable: true - type: string - type: object - type: object - served: true - storage: true - subresources: {} \ No newline at end of file diff --git a/charts/velero/velero/crds/datauploads.yaml b/charts/velero/velero/crds/datauploads.yaml deleted file mode 100644 index f0dd8cf..0000000 --- a/charts/velero/velero/crds/datauploads.yaml +++ /dev/null @@ -1,216 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - component: velero - annotations: - controller-gen.kubebuilder.io/version: v0.14.0 - name: datauploads.velero.io -spec: - group: velero.io - names: - kind: DataUpload - listKind: DataUploadList - plural: datauploads - singular: dataupload - scope: Namespaced - versions: - - additionalPrinterColumns: - - description: DataUpload status such as New/InProgress - jsonPath: .status.phase - name: Status - type: string - - description: Time duration since this DataUpload was started - jsonPath: .status.startTimestamp - name: Started - type: date - - description: Completed bytes - format: int64 - jsonPath: .status.progress.bytesDone - name: Bytes Done - type: integer - - description: Total bytes - format: int64 - jsonPath: .status.progress.totalBytes - name: Total Bytes - type: integer - - description: Name of the Backup Storage Location where this backup should be - stored - jsonPath: .spec.backupStorageLocation - name: Storage Location - type: string - - description: Time duration since this DataUpload was created - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - description: Name of the node where the DataUpload is processed - jsonPath: .status.node - name: Node - type: string - name: v2alpha1 - schema: - openAPIV3Schema: - description: DataUpload acts as the protocol between data mover plugins and - data mover controller for the datamover backup operation - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: DataUploadSpec is the specification for a DataUpload. - properties: - backupStorageLocation: - description: |- - BackupStorageLocation is the name of the backup storage location - where the backup repository is stored. - type: string - cancel: - description: |- - Cancel indicates request to cancel the ongoing DataUpload. It can be set - when the DataUpload is in InProgress phase - type: boolean - csiSnapshot: - description: If SnapshotType is CSI, CSISnapshot provides the information - of the CSI snapshot. - nullable: true - properties: - snapshotClass: - description: SnapshotClass is the name of the snapshot class that - the volume snapshot is created with - type: string - storageClass: - description: StorageClass is the name of the storage class of - the PVC that the volume snapshot is created from - type: string - volumeSnapshot: - description: VolumeSnapshot is the name of the volume snapshot - to be backed up - type: string - required: - - storageClass - - volumeSnapshot - type: object - dataMoverConfig: - additionalProperties: - type: string - description: DataMoverConfig is for data-mover-specific configuration - fields. - nullable: true - type: object - datamover: - description: |- - DataMover specifies the data mover to be used by the backup. - If DataMover is "" or "velero", the built-in data mover will be used. - type: string - operationTimeout: - description: |- - OperationTimeout specifies the time used to wait internal operations, - before returning error as timeout. - type: string - snapshotType: - description: SnapshotType is the type of the snapshot to be backed - up. - type: string - sourceNamespace: - description: |- - SourceNamespace is the original namespace where the volume is backed up from. - It is the same namespace for SourcePVC and CSI namespaced objects. - type: string - sourcePVC: - description: SourcePVC is the name of the PVC which the snapshot is - taken for. - type: string - required: - - backupStorageLocation - - operationTimeout - - snapshotType - - sourceNamespace - - sourcePVC - type: object - status: - description: DataUploadStatus is the current status of a DataUpload. - properties: - completionTimestamp: - description: |- - CompletionTimestamp records the time a backup was completed. - Completion time is recorded even on failed backups. - Completion time is recorded before uploading the backup object. - The server's time is used for CompletionTimestamps - format: date-time - nullable: true - type: string - dataMoverResult: - additionalProperties: - type: string - description: DataMoverResult stores data-mover-specific information - as a result of the DataUpload. - nullable: true - type: object - message: - description: Message is a message about the DataUpload's status. - type: string - node: - description: Node is name of the node where the DataUpload is processed. - type: string - path: - description: Path is the full path of the snapshot volume being backed - up. - type: string - phase: - description: Phase is the current state of the DataUpload. - enum: - - New - - Accepted - - Prepared - - InProgress - - Canceling - - Canceled - - Completed - - Failed - type: string - progress: - description: |- - Progress holds the total number of bytes of the volume and the current - number of backed up bytes. This can be used to display progress information - about the backup operation. - properties: - bytesDone: - format: int64 - type: integer - totalBytes: - format: int64 - type: integer - type: object - snapshotID: - description: SnapshotID is the identifier for the snapshot in the - backup repository. - type: string - startTimestamp: - description: |- - StartTimestamp records the time a backup was started. - Separate from CreationTimestamp, since that value changes - on restores. - The server's time is used for StartTimestamps - format: date-time - nullable: true - type: string - type: object - type: object - served: true - storage: true - subresources: {} \ No newline at end of file diff --git a/charts/velero/velero/crds/deletebackuprequests.yaml b/charts/velero/velero/crds/deletebackuprequests.yaml deleted file mode 100644 index 62c8431..0000000 --- a/charts/velero/velero/crds/deletebackuprequests.yaml +++ /dev/null @@ -1,80 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - component: velero - annotations: - controller-gen.kubebuilder.io/version: v0.14.0 - name: deletebackuprequests.velero.io -spec: - group: velero.io - names: - kind: DeleteBackupRequest - listKind: DeleteBackupRequestList - plural: deletebackuprequests - singular: deletebackuprequest - scope: Namespaced - versions: - - additionalPrinterColumns: - - description: The name of the backup to be deleted - jsonPath: .spec.backupName - name: BackupName - type: string - - description: The status of the deletion request - jsonPath: .status.phase - name: Status - type: string - name: v1 - schema: - openAPIV3Schema: - description: DeleteBackupRequest is a request to delete one or more backups. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: DeleteBackupRequestSpec is the specification for which backups - to delete. - properties: - backupName: - type: string - required: - - backupName - type: object - status: - description: DeleteBackupRequestStatus is the current status of a DeleteBackupRequest. - properties: - errors: - description: Errors contains any errors that were encountered during - the deletion process. - items: - type: string - nullable: true - type: array - phase: - description: Phase is the current state of the DeleteBackupRequest. - enum: - - New - - InProgress - - Processed - type: string - type: object - type: object - served: true - storage: true - subresources: {} \ No newline at end of file diff --git a/charts/velero/velero/crds/downloadrequests.yaml b/charts/velero/velero/crds/downloadrequests.yaml deleted file mode 100644 index 6582379..0000000 --- a/charts/velero/velero/crds/downloadrequests.yaml +++ /dev/null @@ -1,100 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - component: velero - annotations: - controller-gen.kubebuilder.io/version: v0.14.0 - name: downloadrequests.velero.io -spec: - group: velero.io - names: - kind: DownloadRequest - listKind: DownloadRequestList - plural: downloadrequests - singular: downloadrequest - scope: Namespaced - versions: - - name: v1 - schema: - openAPIV3Schema: - description: |- - DownloadRequest is a request to download an artifact from backup object storage, such as a backup - log file. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: DownloadRequestSpec is the specification for a download request. - properties: - target: - description: Target is what to download (e.g. logs for a backup). - properties: - kind: - description: Kind is the type of file to download. - enum: - - BackupLog - - BackupContents - - BackupVolumeSnapshots - - BackupItemOperations - - BackupResourceList - - BackupResults - - RestoreLog - - RestoreResults - - RestoreResourceList - - RestoreItemOperations - - CSIBackupVolumeSnapshots - - CSIBackupVolumeSnapshotContents - - BackupVolumeInfos - - RestoreVolumeInfo - type: string - name: - description: Name is the name of the Kubernetes resource with - which the file is associated. - type: string - required: - - kind - - name - type: object - required: - - target - type: object - status: - description: DownloadRequestStatus is the current status of a DownloadRequest. - properties: - downloadURL: - description: DownloadURL contains the pre-signed URL for the target - file. - type: string - expiration: - description: Expiration is when this DownloadRequest expires and can - be deleted by the system. - format: date-time - nullable: true - type: string - phase: - description: Phase is the current state of the DownloadRequest. - enum: - - New - - Processed - type: string - type: object - type: object - served: true - storage: true \ No newline at end of file diff --git a/charts/velero/velero/crds/podvolumebackups.yaml b/charts/velero/velero/crds/podvolumebackups.yaml deleted file mode 100644 index 7727b8c..0000000 --- a/charts/velero/velero/crds/podvolumebackups.yaml +++ /dev/null @@ -1,225 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - component: velero - annotations: - controller-gen.kubebuilder.io/version: v0.14.0 - name: podvolumebackups.velero.io -spec: - group: velero.io - names: - kind: PodVolumeBackup - listKind: PodVolumeBackupList - plural: podvolumebackups - singular: podvolumebackup - scope: Namespaced - versions: - - additionalPrinterColumns: - - description: Pod Volume Backup status such as New/InProgress - jsonPath: .status.phase - name: Status - type: string - - description: Time when this backup was started - jsonPath: .status.startTimestamp - name: Created - type: date - - description: Namespace of the pod containing the volume to be backed up - jsonPath: .spec.pod.namespace - name: Namespace - type: string - - description: Name of the pod containing the volume to be backed up - jsonPath: .spec.pod.name - name: Pod - type: string - - description: Name of the volume to be backed up - jsonPath: .spec.volume - name: Volume - type: string - - description: The type of the uploader to handle data transfer - jsonPath: .spec.uploaderType - name: Uploader Type - type: string - - description: Name of the Backup Storage Location where this backup should be - stored - jsonPath: .spec.backupStorageLocation - name: Storage Location - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1 - schema: - openAPIV3Schema: - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: PodVolumeBackupSpec is the specification for a PodVolumeBackup. - properties: - backupStorageLocation: - description: |- - BackupStorageLocation is the name of the backup storage location - where the backup repository is stored. - type: string - node: - description: Node is the name of the node that the Pod is running - on. - type: string - pod: - description: Pod is a reference to the pod containing the volume to - be backed up. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: |- - If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would take on a value like: - "spec.containers{name}" (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" (container with - index 2 in this pod). This syntax is chosen only to have some well-defined way of - referencing a part of an object. - TODO: this design is not final and this field is subject to change in the future. - type: string - kind: - description: |- - Kind of the referent. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - namespace: - description: |- - Namespace of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ - type: string - resourceVersion: - description: |- - Specific resourceVersion to which this reference is made, if any. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency - type: string - uid: - description: |- - UID of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids - type: string - type: object - x-kubernetes-map-type: atomic - repoIdentifier: - description: RepoIdentifier is the backup repository identifier. - type: string - tags: - additionalProperties: - type: string - description: |- - Tags are a map of key-value pairs that should be applied to the - volume backup as tags. - type: object - uploaderSettings: - additionalProperties: - type: string - description: |- - UploaderSettings are a map of key-value pairs that should be applied to the - uploader configuration. - nullable: true - type: object - uploaderType: - description: UploaderType is the type of the uploader to handle the - data transfer. - enum: - - kopia - - restic - - "" - type: string - volume: - description: |- - Volume is the name of the volume within the Pod to be backed - up. - type: string - required: - - backupStorageLocation - - node - - pod - - repoIdentifier - - volume - type: object - status: - description: PodVolumeBackupStatus is the current status of a PodVolumeBackup. - properties: - completionTimestamp: - description: |- - CompletionTimestamp records the time a backup was completed. - Completion time is recorded even on failed backups. - Completion time is recorded before uploading the backup object. - The server's time is used for CompletionTimestamps - format: date-time - nullable: true - type: string - message: - description: Message is a message about the pod volume backup's status. - type: string - path: - description: Path is the full path within the controller pod being - backed up. - type: string - phase: - description: Phase is the current state of the PodVolumeBackup. - enum: - - New - - InProgress - - Completed - - Failed - type: string - progress: - description: |- - Progress holds the total number of bytes of the volume and the current - number of backed up bytes. This can be used to display progress information - about the backup operation. - properties: - bytesDone: - format: int64 - type: integer - totalBytes: - format: int64 - type: integer - type: object - snapshotID: - description: SnapshotID is the identifier for the snapshot of the - pod volume. - type: string - startTimestamp: - description: |- - StartTimestamp records the time a backup was started. - Separate from CreationTimestamp, since that value changes - on restores. - The server's time is used for StartTimestamps - format: date-time - nullable: true - type: string - type: object - type: object - served: true - storage: true - subresources: {} \ No newline at end of file diff --git a/charts/velero/velero/crds/podvolumerestores.yaml b/charts/velero/velero/crds/podvolumerestores.yaml deleted file mode 100644 index 48296ac..0000000 --- a/charts/velero/velero/crds/podvolumerestores.yaml +++ /dev/null @@ -1,211 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - component: velero - annotations: - controller-gen.kubebuilder.io/version: v0.14.0 - name: podvolumerestores.velero.io -spec: - group: velero.io - names: - kind: PodVolumeRestore - listKind: PodVolumeRestoreList - plural: podvolumerestores - singular: podvolumerestore - scope: Namespaced - versions: - - additionalPrinterColumns: - - description: Namespace of the pod containing the volume to be restored - jsonPath: .spec.pod.namespace - name: Namespace - type: string - - description: Name of the pod containing the volume to be restored - jsonPath: .spec.pod.name - name: Pod - type: string - - description: The type of the uploader to handle data transfer - jsonPath: .spec.uploaderType - name: Uploader Type - type: string - - description: Name of the volume to be restored - jsonPath: .spec.volume - name: Volume - type: string - - description: Pod Volume Restore status such as New/InProgress - jsonPath: .status.phase - name: Status - type: string - - description: Pod Volume Restore status such as New/InProgress - format: int64 - jsonPath: .status.progress.totalBytes - name: TotalBytes - type: integer - - description: Pod Volume Restore status such as New/InProgress - format: int64 - jsonPath: .status.progress.bytesDone - name: BytesDone - type: integer - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1 - schema: - openAPIV3Schema: - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: PodVolumeRestoreSpec is the specification for a PodVolumeRestore. - properties: - backupStorageLocation: - description: |- - BackupStorageLocation is the name of the backup storage location - where the backup repository is stored. - type: string - pod: - description: Pod is a reference to the pod containing the volume to - be restored. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: |- - If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would take on a value like: - "spec.containers{name}" (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" (container with - index 2 in this pod). This syntax is chosen only to have some well-defined way of - referencing a part of an object. - TODO: this design is not final and this field is subject to change in the future. - type: string - kind: - description: |- - Kind of the referent. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - namespace: - description: |- - Namespace of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ - type: string - resourceVersion: - description: |- - Specific resourceVersion to which this reference is made, if any. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency - type: string - uid: - description: |- - UID of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids - type: string - type: object - x-kubernetes-map-type: atomic - repoIdentifier: - description: RepoIdentifier is the backup repository identifier. - type: string - snapshotID: - description: SnapshotID is the ID of the volume snapshot to be restored. - type: string - sourceNamespace: - description: SourceNamespace is the original namespace for namaspace - mapping. - type: string - uploaderSettings: - additionalProperties: - type: string - description: |- - UploaderSettings are a map of key-value pairs that should be applied to the - uploader configuration. - nullable: true - type: object - uploaderType: - description: UploaderType is the type of the uploader to handle the - data transfer. - enum: - - kopia - - restic - - "" - type: string - volume: - description: Volume is the name of the volume within the Pod to be - restored. - type: string - required: - - backupStorageLocation - - pod - - repoIdentifier - - snapshotID - - sourceNamespace - - volume - type: object - status: - description: PodVolumeRestoreStatus is the current status of a PodVolumeRestore. - properties: - completionTimestamp: - description: |- - CompletionTimestamp records the time a restore was completed. - Completion time is recorded even on failed restores. - The server's time is used for CompletionTimestamps - format: date-time - nullable: true - type: string - message: - description: Message is a message about the pod volume restore's status. - type: string - phase: - description: Phase is the current state of the PodVolumeRestore. - enum: - - New - - InProgress - - Completed - - Failed - type: string - progress: - description: |- - Progress holds the total number of bytes of the snapshot and the current - number of restored bytes. This can be used to display progress information - about the restore operation. - properties: - bytesDone: - format: int64 - type: integer - totalBytes: - format: int64 - type: integer - type: object - startTimestamp: - description: |- - StartTimestamp records the time a restore was started. - The server's time is used for StartTimestamps - format: date-time - nullable: true - type: string - type: object - type: object - served: true - storage: true - subresources: {} diff --git a/charts/velero/velero/crds/restores.yaml b/charts/velero/velero/crds/restores.yaml deleted file mode 100644 index 43b52b7..0000000 --- a/charts/velero/velero/crds/restores.yaml +++ /dev/null @@ -1,558 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - component: velero - annotations: - controller-gen.kubebuilder.io/version: v0.14.0 - name: restores.velero.io -spec: - group: velero.io - names: - kind: Restore - listKind: RestoreList - plural: restores - singular: restore - scope: Namespaced - versions: - - name: v1 - schema: - openAPIV3Schema: - description: |- - Restore is a Velero resource that represents the application of - resources from a Velero backup to a target Kubernetes cluster. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: RestoreSpec defines the specification for a Velero restore. - properties: - backupName: - description: |- - BackupName is the unique name of the Velero backup to restore - from. - type: string - excludedNamespaces: - description: |- - ExcludedNamespaces contains a list of namespaces that are not - included in the restore. - items: - type: string - nullable: true - type: array - excludedResources: - description: |- - ExcludedResources is a slice of resource names that are not - included in the restore. - items: - type: string - nullable: true - type: array - existingResourcePolicy: - description: ExistingResourcePolicy specifies the restore behavior - for the Kubernetes resource to be restored - nullable: true - type: string - hooks: - description: Hooks represent custom behaviors that should be executed - during or post restore. - properties: - resources: - items: - description: |- - RestoreResourceHookSpec defines one or more RestoreResrouceHooks that should be executed based on - the rules defined for namespaces, resources, and label selector. - properties: - excludedNamespaces: - description: ExcludedNamespaces specifies the namespaces - to which this hook spec does not apply. - items: - type: string - nullable: true - type: array - excludedResources: - description: ExcludedResources specifies the resources to - which this hook spec does not apply. - items: - type: string - nullable: true - type: array - includedNamespaces: - description: |- - IncludedNamespaces specifies the namespaces to which this hook spec applies. If empty, it applies - to all namespaces. - items: - type: string - nullable: true - type: array - includedResources: - description: |- - IncludedResources specifies the resources to which this hook spec applies. If empty, it applies - to all resources. - items: - type: string - nullable: true - type: array - labelSelector: - description: LabelSelector, if specified, filters the resources - to which this hook spec applies. - nullable: true - properties: - matchExpressions: - description: matchExpressions is a list of label selector - requirements. The requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the selector - applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - name: - description: Name is the name of this hook. - type: string - postHooks: - description: PostHooks is a list of RestoreResourceHooks - to execute during and after restoring a resource. - items: - description: RestoreResourceHook defines a restore hook - for a resource. - properties: - exec: - description: Exec defines an exec restore hook. - properties: - command: - description: Command is the command and arguments - to execute from within a container after a pod - has been restored. - items: - type: string - minItems: 1 - type: array - container: - description: |- - Container is the container in the pod where the command should be executed. If not specified, - the pod's first container is used. - type: string - execTimeout: - description: |- - ExecTimeout defines the maximum amount of time Velero should wait for the hook to complete before - considering the execution a failure. - type: string - onError: - description: OnError specifies how Velero should - behave if it encounters an error executing this - hook. - enum: - - Continue - - Fail - type: string - waitForReady: - description: WaitForReady ensures command will - be launched when container is Ready instead - of Running. - nullable: true - type: boolean - waitTimeout: - description: |- - WaitTimeout defines the maximum amount of time Velero should wait for the container to be Ready - before attempting to run the command. - type: string - required: - - command - type: object - init: - description: Init defines an init restore hook. - properties: - initContainers: - description: InitContainers is list of init containers - to be added to a pod during its restore. - items: - type: object - x-kubernetes-preserve-unknown-fields: true - type: array - x-kubernetes-preserve-unknown-fields: true - timeout: - description: Timeout defines the maximum amount - of time Velero should wait for the initContainers - to complete. - type: string - type: object - type: object - type: array - required: - - name - type: object - type: array - type: object - includeClusterResources: - description: |- - IncludeClusterResources specifies whether cluster-scoped resources - should be included for consideration in the restore. If null, defaults - to true. - nullable: true - type: boolean - includedNamespaces: - description: |- - IncludedNamespaces is a slice of namespace names to include objects - from. If empty, all namespaces are included. - items: - type: string - nullable: true - type: array - includedResources: - description: |- - IncludedResources is a slice of resource names to include - in the restore. If empty, all resources in the backup are included. - items: - type: string - nullable: true - type: array - itemOperationTimeout: - description: |- - ItemOperationTimeout specifies the time used to wait for RestoreItemAction operations - The default value is 4 hour. - type: string - labelSelector: - description: |- - LabelSelector is a metav1.LabelSelector to filter with - when restoring individual objects from the backup. If empty - or nil, all objects are included. Optional. - nullable: true - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - namespaceMapping: - additionalProperties: - type: string - description: |- - NamespaceMapping is a map of source namespace names - to target namespace names to restore into. Any source - namespaces not included in the map will be restored into - namespaces of the same name. - type: object - orLabelSelectors: - description: |- - OrLabelSelectors is list of metav1.LabelSelector to filter with - when restoring individual objects from the backup. If multiple provided - they will be joined by the OR operator. LabelSelector as well as - OrLabelSelectors cannot co-exist in restore request, only one of them - can be used - items: - description: |- - A label selector is a label query over a set of resources. The result of matchLabels and - matchExpressions are ANDed. An empty label selector matches all objects. A null - label selector matches no objects. - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - nullable: true - type: array - preserveNodePorts: - description: PreserveNodePorts specifies whether to restore old nodePorts - from backup. - nullable: true - type: boolean - resourceModifier: - description: ResourceModifier specifies the reference to JSON resource - patches that should be applied to resources before restoration. - nullable: true - properties: - apiGroup: - description: |- - APIGroup is the group for the resource being referenced. - If APIGroup is not specified, the specified Kind must be in the core API group. - For any other third-party types, APIGroup is required. - type: string - kind: - description: Kind is the type of resource being referenced - type: string - name: - description: Name is the name of resource being referenced - type: string - required: - - kind - - name - type: object - x-kubernetes-map-type: atomic - restorePVs: - description: |- - RestorePVs specifies whether to restore all included - PVs from snapshot - nullable: true - type: boolean - restoreStatus: - description: |- - RestoreStatus specifies which resources we should restore the status - field. If nil, no objects are included. Optional. - nullable: true - properties: - excludedResources: - description: ExcludedResources specifies the resources to which - will not restore the status. - items: - type: string - nullable: true - type: array - includedResources: - description: |- - IncludedResources specifies the resources to which will restore the status. - If empty, it applies to all resources. - items: - type: string - nullable: true - type: array - type: object - scheduleName: - description: |- - ScheduleName is the unique name of the Velero schedule to restore - from. If specified, and BackupName is empty, Velero will restore - from the most recent successful backup created from this schedule. - type: string - uploaderConfig: - description: UploaderConfig specifies the configuration for the restore. - nullable: true - properties: - parallelFilesDownload: - description: ParallelFilesDownload is the concurrency number setting - for restore. - type: integer - writeSparseFiles: - description: WriteSparseFiles is a flag to indicate whether write - files sparsely or not. - nullable: true - type: boolean - type: object - type: object - status: - description: RestoreStatus captures the current status of a Velero restore - properties: - completionTimestamp: - description: |- - CompletionTimestamp records the time the restore operation was completed. - Completion time is recorded even on failed restore. - The server's time is used for StartTimestamps - format: date-time - nullable: true - type: string - errors: - description: |- - Errors is a count of all error messages that were generated during - execution of the restore. The actual errors are stored in object storage. - type: integer - failureReason: - description: FailureReason is an error that caused the entire restore - to fail. - type: string - hookStatus: - description: HookStatus contains information about the status of the - hooks. - nullable: true - properties: - hooksAttempted: - description: |- - HooksAttempted is the total number of attempted hooks - Specifically, HooksAttempted represents the number of hooks that failed to execute - and the number of hooks that executed successfully. - type: integer - hooksFailed: - description: HooksFailed is the total number of hooks which ended - with an error - type: integer - type: object - phase: - description: Phase is the current state of the Restore - enum: - - New - - FailedValidation - - InProgress - - WaitingForPluginOperations - - WaitingForPluginOperationsPartiallyFailed - - Completed - - PartiallyFailed - - Failed - - Finalizing - - FinalizingPartiallyFailed - type: string - progress: - description: |- - Progress contains information about the restore's execution progress. Note - that this information is best-effort only -- if Velero fails to update it - during a restore for any reason, it may be inaccurate/stale. - nullable: true - properties: - itemsRestored: - description: ItemsRestored is the number of items that have actually - been restored so far - type: integer - totalItems: - description: |- - TotalItems is the total number of items to be restored. This number may change - throughout the execution of the restore due to plugins that return additional related - items to restore - type: integer - type: object - restoreItemOperationsAttempted: - description: |- - RestoreItemOperationsAttempted is the total number of attempted - async RestoreItemAction operations for this restore. - type: integer - restoreItemOperationsCompleted: - description: |- - RestoreItemOperationsCompleted is the total number of successfully completed - async RestoreItemAction operations for this restore. - type: integer - restoreItemOperationsFailed: - description: |- - RestoreItemOperationsFailed is the total number of async - RestoreItemAction operations for this restore which ended with an error. - type: integer - startTimestamp: - description: |- - StartTimestamp records the time the restore operation was started. - The server's time is used for StartTimestamps - format: date-time - nullable: true - type: string - validationErrors: - description: |- - ValidationErrors is a slice of all validation errors (if - applicable) - items: - type: string - nullable: true - type: array - warnings: - description: |- - Warnings is a count of all warning messages that were generated during - execution of the restore. The actual warnings are stored in object storage. - type: integer - type: object - type: object - served: true - storage: true \ No newline at end of file diff --git a/charts/velero/velero/crds/schedules.yaml b/charts/velero/velero/crds/schedules.yaml deleted file mode 100644 index 4d6889d..0000000 --- a/charts/velero/velero/crds/schedules.yaml +++ /dev/null @@ -1,599 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - component: velero - annotations: - controller-gen.kubebuilder.io/version: v0.14.0 - name: schedules.velero.io -spec: - group: velero.io - names: - kind: Schedule - listKind: ScheduleList - plural: schedules - singular: schedule - scope: Namespaced - versions: - - additionalPrinterColumns: - - description: Status of the schedule - jsonPath: .status.phase - name: Status - type: string - - description: A Cron expression defining when to run the Backup - jsonPath: .spec.schedule - name: Schedule - type: string - - description: The last time a Backup was run for this schedule - jsonPath: .status.lastBackup - name: LastBackup - type: date - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .spec.paused - name: Paused - type: boolean - name: v1 - schema: - openAPIV3Schema: - description: |- - Schedule is a Velero resource that represents a pre-scheduled or - periodic Backup that should be run. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: ScheduleSpec defines the specification for a Velero schedule - properties: - paused: - description: Paused specifies whether the schedule is paused or not - type: boolean - schedule: - description: |- - Schedule is a Cron expression defining when to run - the Backup. - type: string - skipImmediately: - description: |- - SkipImmediately specifies whether to skip backup if schedule is due immediately from `schedule.status.lastBackup` timestamp when schedule is unpaused or if schedule is new. - If true, backup will be skipped immediately when schedule is unpaused if it is due based on .Status.LastBackupTimestamp or schedule is new, and will run at next schedule time. - If false, backup will not be skipped immediately when schedule is unpaused, but will run at next schedule time. - If empty, will follow server configuration (default: false). - type: boolean - template: - description: |- - Template is the definition of the Backup to be run - on the provided schedule - properties: - csiSnapshotTimeout: - description: |- - CSISnapshotTimeout specifies the time used to wait for CSI VolumeSnapshot status turns to - ReadyToUse during creation, before returning error as timeout. - The default value is 10 minute. - type: string - datamover: - description: |- - DataMover specifies the data mover to be used by the backup. - If DataMover is "" or "velero", the built-in data mover will be used. - type: string - defaultVolumesToFsBackup: - description: |- - DefaultVolumesToFsBackup specifies whether pod volume file system backup should be used - for all volumes by default. - nullable: true - type: boolean - defaultVolumesToRestic: - description: |- - DefaultVolumesToRestic specifies whether restic should be used to take a - backup of all pod volumes by default. - - - Deprecated: this field is no longer used and will be removed entirely in future. Use DefaultVolumesToFsBackup instead. - nullable: true - type: boolean - excludedClusterScopedResources: - description: |- - ExcludedClusterScopedResources is a slice of cluster-scoped - resource type names to exclude from the backup. - If set to "*", all cluster-scoped resource types are excluded. - The default value is empty. - items: - type: string - nullable: true - type: array - excludedNamespaceScopedResources: - description: |- - ExcludedNamespaceScopedResources is a slice of namespace-scoped - resource type names to exclude from the backup. - If set to "*", all namespace-scoped resource types are excluded. - The default value is empty. - items: - type: string - nullable: true - type: array - excludedNamespaces: - description: |- - ExcludedNamespaces contains a list of namespaces that are not - included in the backup. - items: - type: string - nullable: true - type: array - excludedResources: - description: |- - ExcludedResources is a slice of resource names that are not - included in the backup. - items: - type: string - nullable: true - type: array - hooks: - description: Hooks represent custom behaviors that should be executed - at different phases of the backup. - properties: - resources: - description: Resources are hooks that should be executed when - backing up individual instances of a resource. - items: - description: |- - BackupResourceHookSpec defines one or more BackupResourceHooks that should be executed based on - the rules defined for namespaces, resources, and label selector. - properties: - excludedNamespaces: - description: ExcludedNamespaces specifies the namespaces - to which this hook spec does not apply. - items: - type: string - nullable: true - type: array - excludedResources: - description: ExcludedResources specifies the resources - to which this hook spec does not apply. - items: - type: string - nullable: true - type: array - includedNamespaces: - description: |- - IncludedNamespaces specifies the namespaces to which this hook spec applies. If empty, it applies - to all namespaces. - items: - type: string - nullable: true - type: array - includedResources: - description: |- - IncludedResources specifies the resources to which this hook spec applies. If empty, it applies - to all resources. - items: - type: string - nullable: true - type: array - labelSelector: - description: LabelSelector, if specified, filters the - resources to which this hook spec applies. - nullable: true - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the - selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - name: - description: Name is the name of this hook. - type: string - post: - description: |- - PostHooks is a list of BackupResourceHooks to execute after storing the item in the backup. - These are executed after all "additional items" from item actions are processed. - items: - description: BackupResourceHook defines a hook for - a resource. - properties: - exec: - description: Exec defines an exec hook. - properties: - command: - description: Command is the command and arguments - to execute. - items: - type: string - minItems: 1 - type: array - container: - description: |- - Container is the container in the pod where the command should be executed. If not specified, - the pod's first container is used. - type: string - onError: - description: OnError specifies how Velero - should behave if it encounters an error - executing this hook. - enum: - - Continue - - Fail - type: string - timeout: - description: |- - Timeout defines the maximum amount of time Velero should wait for the hook to complete before - considering the execution a failure. - type: string - required: - - command - type: object - required: - - exec - type: object - type: array - pre: - description: |- - PreHooks is a list of BackupResourceHooks to execute prior to storing the item in the backup. - These are executed before any "additional items" from item actions are processed. - items: - description: BackupResourceHook defines a hook for - a resource. - properties: - exec: - description: Exec defines an exec hook. - properties: - command: - description: Command is the command and arguments - to execute. - items: - type: string - minItems: 1 - type: array - container: - description: |- - Container is the container in the pod where the command should be executed. If not specified, - the pod's first container is used. - type: string - onError: - description: OnError specifies how Velero - should behave if it encounters an error - executing this hook. - enum: - - Continue - - Fail - type: string - timeout: - description: |- - Timeout defines the maximum amount of time Velero should wait for the hook to complete before - considering the execution a failure. - type: string - required: - - command - type: object - required: - - exec - type: object - type: array - required: - - name - type: object - nullable: true - type: array - type: object - includeClusterResources: - description: |- - IncludeClusterResources specifies whether cluster-scoped resources - should be included for consideration in the backup. - nullable: true - type: boolean - includedClusterScopedResources: - description: |- - IncludedClusterScopedResources is a slice of cluster-scoped - resource type names to include in the backup. - If set to "*", all cluster-scoped resource types are included. - The default value is empty, which means only related - cluster-scoped resources are included. - items: - type: string - nullable: true - type: array - includedNamespaceScopedResources: - description: |- - IncludedNamespaceScopedResources is a slice of namespace-scoped - resource type names to include in the backup. - The default value is "*". - items: - type: string - nullable: true - type: array - includedNamespaces: - description: |- - IncludedNamespaces is a slice of namespace names to include objects - from. If empty, all namespaces are included. - items: - type: string - nullable: true - type: array - includedResources: - description: |- - IncludedResources is a slice of resource names to include - in the backup. If empty, all resources are included. - items: - type: string - nullable: true - type: array - itemOperationTimeout: - description: |- - ItemOperationTimeout specifies the time used to wait for asynchronous BackupItemAction operations - The default value is 4 hour. - type: string - labelSelector: - description: |- - LabelSelector is a metav1.LabelSelector to filter with - when adding individual objects to the backup. If empty - or nil, all objects are included. Optional. - nullable: true - properties: - matchExpressions: - description: matchExpressions is a list of label selector - requirements. The requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the selector - applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - metadata: - properties: - labels: - additionalProperties: - type: string - type: object - type: object - orLabelSelectors: - description: |- - OrLabelSelectors is list of metav1.LabelSelector to filter with - when adding individual objects to the backup. If multiple provided - they will be joined by the OR operator. LabelSelector as well as - OrLabelSelectors cannot co-exist in backup request, only one of them - can be used. - items: - description: |- - A label selector is a label query over a set of resources. The result of matchLabels and - matchExpressions are ANDed. An empty label selector matches all objects. A null - label selector matches no objects. - properties: - matchExpressions: - description: matchExpressions is a list of label selector - requirements. The requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the selector - applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - nullable: true - type: array - orderedResources: - additionalProperties: - type: string - description: |- - OrderedResources specifies the backup order of resources of specific Kind. - The map key is the resource name and value is a list of object names separated by commas. - Each resource name has format "namespace/objectname". For cluster resources, simply use "objectname". - nullable: true - type: object - resourcePolicy: - description: ResourcePolicy specifies the referenced resource - policies that backup should follow - properties: - apiGroup: - description: |- - APIGroup is the group for the resource being referenced. - If APIGroup is not specified, the specified Kind must be in the core API group. - For any other third-party types, APIGroup is required. - type: string - kind: - description: Kind is the type of resource being referenced - type: string - name: - description: Name is the name of resource being referenced - type: string - required: - - kind - - name - type: object - x-kubernetes-map-type: atomic - snapshotMoveData: - description: SnapshotMoveData specifies whether snapshot data - should be moved - nullable: true - type: boolean - snapshotVolumes: - description: |- - SnapshotVolumes specifies whether to take snapshots - of any PV's referenced in the set of objects included - in the Backup. - nullable: true - type: boolean - storageLocation: - description: StorageLocation is a string containing the name of - a BackupStorageLocation where the backup should be stored. - type: string - ttl: - description: |- - TTL is a time.Duration-parseable string describing how long - the Backup should be retained for. - type: string - uploaderConfig: - description: UploaderConfig specifies the configuration for the - uploader. - nullable: true - properties: - parallelFilesUpload: - description: ParallelFilesUpload is the number of files parallel - uploads to perform when using the uploader. - type: integer - type: object - volumeSnapshotLocations: - description: VolumeSnapshotLocations is a list containing names - of VolumeSnapshotLocations associated with this backup. - items: - type: string - type: array - type: object - useOwnerReferencesInBackup: - description: |- - UseOwnerReferencesBackup specifies whether to use - OwnerReferences on backups created by this Schedule. - nullable: true - type: boolean - required: - - schedule - - template - type: object - status: - description: ScheduleStatus captures the current state of a Velero schedule - properties: - lastBackup: - description: |- - LastBackup is the last time a Backup was run for this - Schedule schedule - format: date-time - nullable: true - type: string - lastSkipped: - description: LastSkipped is the last time a Schedule was skipped - format: date-time - nullable: true - type: string - phase: - description: Phase is the current phase of the Schedule - enum: - - New - - Enabled - - FailedValidation - type: string - validationErrors: - description: |- - ValidationErrors is a slice of all validation errors (if - applicable) - items: - type: string - type: array - type: object - type: object - served: true - storage: true - subresources: {} diff --git a/charts/velero/velero/crds/serverstatusrequests.yaml b/charts/velero/velero/crds/serverstatusrequests.yaml deleted file mode 100644 index 234d40c..0000000 --- a/charts/velero/velero/crds/serverstatusrequests.yaml +++ /dev/null @@ -1,86 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - component: velero - annotations: - controller-gen.kubebuilder.io/version: v0.14.0 - name: serverstatusrequests.velero.io -spec: - group: velero.io - names: - kind: ServerStatusRequest - listKind: ServerStatusRequestList - plural: serverstatusrequests - shortNames: - - ssr - singular: serverstatusrequest - scope: Namespaced - versions: - - name: v1 - schema: - openAPIV3Schema: - description: |- - ServerStatusRequest is a request to access current status information about - the Velero server. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: ServerStatusRequestSpec is the specification for a ServerStatusRequest. - type: object - status: - description: ServerStatusRequestStatus is the current status of a ServerStatusRequest. - properties: - phase: - description: Phase is the current lifecycle phase of the ServerStatusRequest. - enum: - - New - - Processed - type: string - plugins: - description: Plugins list information about the plugins running on - the Velero server - items: - description: PluginInfo contains attributes of a Velero plugin - properties: - kind: - type: string - name: - type: string - required: - - kind - - name - type: object - nullable: true - type: array - processedTimestamp: - description: |- - ProcessedTimestamp is when the ServerStatusRequest was processed - by the ServerStatusRequestController. - format: date-time - nullable: true - type: string - serverVersion: - description: ServerVersion is the Velero server version. - type: string - type: object - type: object - served: true - storage: true diff --git a/charts/velero/velero/crds/volumesnapshotlocations.yaml b/charts/velero/velero/crds/volumesnapshotlocations.yaml deleted file mode 100644 index cb349fe..0000000 --- a/charts/velero/velero/crds/volumesnapshotlocations.yaml +++ /dev/null @@ -1,94 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - component: velero - annotations: - controller-gen.kubebuilder.io/version: v0.14.0 - name: volumesnapshotlocations.velero.io -spec: - group: velero.io - names: - kind: VolumeSnapshotLocation - listKind: VolumeSnapshotLocationList - plural: volumesnapshotlocations - shortNames: - - vsl - singular: volumesnapshotlocation - scope: Namespaced - versions: - - name: v1 - schema: - openAPIV3Schema: - description: VolumeSnapshotLocation is a location where Velero stores volume - snapshots. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: VolumeSnapshotLocationSpec defines the specification for - a Velero VolumeSnapshotLocation. - properties: - config: - additionalProperties: - type: string - description: Config is for provider-specific configuration fields. - type: object - credential: - description: Credential contains the credential information intended - to be used with this location - properties: - key: - description: The key of the secret to select from. Must be a - valid secret key. - type: string - name: - description: |- - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? - type: string - optional: - description: Specify whether the Secret or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - provider: - description: Provider is the provider of the volume storage. - type: string - required: - - provider - type: object - status: - description: VolumeSnapshotLocationStatus describes the current status - of a Velero VolumeSnapshotLocation. - properties: - phase: - description: VolumeSnapshotLocationPhase is the lifecycle phase of - a Velero VolumeSnapshotLocation. - enum: - - Available - - Unavailable - type: string - type: object - type: object - served: true - storage: true \ No newline at end of file diff --git a/charts/velero/velero/templates/NOTES.txt b/charts/velero/velero/templates/NOTES.txt deleted file mode 100644 index 940c6be..0000000 --- a/charts/velero/velero/templates/NOTES.txt +++ /dev/null @@ -1,79 +0,0 @@ -Check that the velero is up and running: - - kubectl get deployment/{{ include "velero.fullname" . }} -n {{ .Release.Namespace }} - -Check that the secret has been created: - - kubectl get secret/{{ include "velero.fullname" . }} -n {{ .Release.Namespace }} - -Once velero server is up and running you need the client before you can use it -1. wget https://github.com/vmware-tanzu/velero/releases/download/{{ .Values.image.tag }}/velero-{{ .Values.image.tag }}-darwin-amd64.tar.gz -2. tar -xvf velero-{{ .Values.image.tag }}-darwin-amd64.tar.gz -C velero-client - -More info on the official site: https://velero.io/docs - -{{- /* - Breaking changes. -*/}} - -{{- $breaking := "" }} -{{- $breaking_title := "\n" }} -{{- $breaking_title = print $breaking_title "\n#################################################################################" }} -{{- $breaking_title = print $breaking_title "\n###### BREAKING: The config values passed contained no longer accepted #####" }} -{{- $breaking_title = print $breaking_title "\n###### options. See the messages below for more details. #####" }} -{{- $breaking_title = print $breaking_title "\n###### #####" }} -{{- $breaking_title = print $breaking_title "\n###### To verify your updated config is accepted, you can use #####" }} -{{- $breaking_title = print $breaking_title "\n###### the `helm template` command. #####" }} -{{- $breaking_title = print $breaking_title "\n#################################################################################" }} - -{{- if typeIs "map[string]interface {}" .Values.configuration.backupStorageLocation }} -{{- $breaking = print $breaking "\n\nERROR: Please make .configuration.backupStorageLocation from map to slice" }} -{{- end }} - -{{- if typeIs "map[string]interface {}" .Values.configuration.volumeSnapshotLocation }} -{{- $breaking = print $breaking "\n\nERROR: Please make .configuration.volumeSnapshotLocation from map to slice" }} -{{- end }} - -{{- if hasKey .Values.configuration "provider" }} -{{- $breaking = print $breaking "\n\nREMOVED: .configuration.provider has been removed, instead each backupStorageLocation and volumeSnapshotLocation has a provider configured" }} -{{- end }} - -{{- if hasKey .Values "resticTimeout" }} -{{- $breaking = print $breaking "\n\nREMOVED: resticTimeout has been removed, and it is named fsBackupTimeout" }} -{{- end }} - -{{- if hasKey .Values "defaultVolumesToRestic" }} -{{- $breaking = print $breaking "\n\nREMOVED: defaultVolumesToRestic has been removed, and it is named defaultVolumesToFsBackup" }} -{{- end }} - -{{- if hasKey .Values "defaultResticPruneFrequency" }} -{{- $breaking = print $breaking "\n\nREMOVED: defaultResticPruneFrequency has been removed, and it is named defaultRepoMaintainFrequency" }} -{{- end }} - -{{- if hasKey .Values "deployRestic" }} -{{- $breaking = print $breaking "\n\nREMOVED: deployRestic has been removed, and it is named deployNodeAgent" }} -{{- end }} - -{{- if hasKey .Values "restic" }} -{{- $breaking = print $breaking "\n\nREMOVED: restic has been removed, and it is named nodeAgent" }} -{{- end }} - -{{- if hasKey .Values.configMaps "restic-restore-action-config" }} -{{- $breaking = print $breaking "\n\nREMOVED: restic-restore-action-config has been removed, and it is named fs-restore-action-config" }} -{{- end }} - -{{- range $key, $value := .Values.configMaps }} -{{- eq $key "fs-restore-action-config" }} -{{- if hasKey $value.labels "velero.io/restic" }} -{{- $breaking = print $breaking "\n\nREMOVED: velero.io/restic has been removed, and it is named velero.io/pod-volume-restore" }} -{{- end }} -{{- if and $value.data.image }} -{{- if contains "velero-restic-restore-helper" $value.data.image }} -{{- $breaking = print $breaking "\n\nREMOVED: restore helper image velero-restic-restore-helper has been changed to velero-restore-helper" }} -{{- end }} -{{- end }} -{{- end }} - -{{- if $breaking }} -{{- fail (print $breaking_title $breaking) }} -{{- end }} diff --git a/charts/velero/velero/templates/_helpers.tpl b/charts/velero/velero/templates/_helpers.tpl deleted file mode 100644 index 00d97db..0000000 --- a/charts/velero/velero/templates/_helpers.tpl +++ /dev/null @@ -1,96 +0,0 @@ -{{/* vim: set filetype=mustache: */}} -{{/* -Expand the name of the chart. -*/}} -{{- define "velero.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "velero.fullname" -}} -{{- if .Values.fullnameOverride -}} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- $name := default .Chart.Name .Values.nameOverride -}} -{{- if contains $name .Release.Name -}} -{{- .Release.Name | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} -{{- end -}} -{{- end -}} -{{- end -}} - -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "velero.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create the name of the service account to use for creating or deleting the velero server -*/}} -{{- define "velero.serverServiceAccount" -}} -{{- if .Values.serviceAccount.server.create -}} - {{ default (printf "%s-%s" (include "velero.fullname" .) "server") .Values.serviceAccount.server.name }} -{{- else -}} - {{ default "default" .Values.serviceAccount.server.name }} -{{- end -}} -{{- end -}} - -{{/* -Create the name for the credentials secret. -*/}} -{{- define "velero.secretName" -}} -{{- if .Values.credentials.existingSecret -}} - {{- .Values.credentials.existingSecret -}} -{{- else -}} - {{ default (include "velero.fullname" .) .Values.credentials.name }} -{{- end -}} -{{- end -}} - -{{/* -Create the Velero priority class name. -*/}} -{{- define "velero.priorityClassName" -}} -{{- if .Values.priorityClassName -}} - {{- .Values.priorityClassName -}} -{{- else -}} - {{- include "velero.fullname" . -}} -{{- end -}} -{{- end -}} - -{{/* -Create the node-Agent priority class name. -*/}} -{{- define "velero.nodeAgent.priorityClassName" -}} -{{- if .Values.nodeAgent.priorityClassName -}} - {{- .Values.nodeAgent.priorityClassName -}} -{{- else -}} - {{- include "velero.fullname" . -}} -{{- end -}} -{{- end -}} - -{{/* -Kubernetes version -Built-in object .Capabilities.KubeVersion.Minor can provide non-number output -For examples: -- on GKE it returns "18+" instead of "18" -- on EKS it returns "20+" instead of "20" -*/}} -{{- define "chart.KubernetesVersion" -}} -{{- $minorVersion := .Capabilities.KubeVersion.Minor | regexFind "[0-9]+" -}} -{{- printf "%s.%s" .Capabilities.KubeVersion.Major $minorVersion -}} -{{- end -}} - - -{{/* -Calculate the checksum of the credentials secret. -*/}} -{{- define "chart.config-checksum" -}} -{{- tpl (print .Values.credentials.secretContents .Values.credentials.extraEnvVars ) $ | sha256sum -}} -{{- end -}} diff --git a/charts/velero/velero/templates/backupstoragelocation.yaml b/charts/velero/velero/templates/backupstoragelocation.yaml deleted file mode 100644 index b86cf19..0000000 --- a/charts/velero/velero/templates/backupstoragelocation.yaml +++ /dev/null @@ -1,56 +0,0 @@ -{{- if .Values.backupsEnabled }} - -{{- if typeIs "[]interface {}" .Values.configuration.backupStorageLocation }} -{{- range .Values.configuration.backupStorageLocation }} ---- -apiVersion: velero.io/v1 -kind: BackupStorageLocation -metadata: - name: {{ .name | default "default" }} - namespace: {{ $.Release.Namespace }} - {{- with .annotations }} - annotations: - {{- range $key, $value := . }} - {{- $key | nindent 4 }}: {{ $value | quote }} - {{- end }} - {{- end }} - labels: - app.kubernetes.io/name: {{ include "velero.name" $ }} - app.kubernetes.io/instance: {{ $.Release.Name }} - app.kubernetes.io/managed-by: {{ $.Release.Service }} - helm.sh/chart: {{ include "velero.chart" $ }} -spec: - {{- if not (empty .credential) }} - credential: - {{- with .credential.name }} - name: {{ . }} - {{- end }} - {{- with .credential.key }} - key: {{ . }} - {{- end }} - {{- end }} - provider: {{ .provider }} - accessMode: {{ .accessMode | default "ReadWrite" }} - {{- with .default }} - default: {{ . }} - {{- end }} - {{- with .validationFrequency }} - validationFrequency: {{ . }} - {{- end }} - objectStorage: - bucket: {{ .bucket | quote }} - {{- with .prefix }} - prefix: {{ . | quote }} - {{- end }} - {{- with .caCert }} - caCert: {{ . }} - {{- end }} -{{- with .config }} - config: -{{- range $key, $value := . }} -{{- $key | nindent 4 }}: {{ $value | quote }} -{{- end }} -{{- end }} -{{- end }} -{{- end }} -{{- end }} diff --git a/charts/velero/velero/templates/cleanup-crds.yaml b/charts/velero/velero/templates/cleanup-crds.yaml deleted file mode 100644 index 4e86320..0000000 --- a/charts/velero/velero/templates/cleanup-crds.yaml +++ /dev/null @@ -1,85 +0,0 @@ -{{- if .Values.cleanUpCRDs }} -# This job is meant primarily for cleaning up on CI systems. -# Using this on production systems, especially those that have multiple releases of Velero, will be destructive. -{{/* 'securityContext' got renamed to 'podSecurityContext', merge both dicts into one for backward compatibility */}} -{{- $podSecurityContext := merge (.Values.podSecurityContext | default dict) (.Values.securityContext | default dict) -}} -apiVersion: batch/v1 -kind: Job -metadata: - name: {{ template "velero.fullname" . }}-cleanup-crds - namespace: {{ .Release.Namespace }} - annotations: - "helm.sh/hook": pre-delete - "helm.sh/hook-delete-policy": hook-succeeded - labels: - app.kubernetes.io/name: {{ include "velero.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} - helm.sh/chart: {{ include "velero.chart" . }} -spec: - backoffLimit: 3 - template: - metadata: - name: velero-cleanup-crds - {{- with .Values.kubectl.labels }} - labels: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.kubectl.annotations }} - annotations: - {{- toYaml . | nindent 8 }} - {{- end }} - spec: - {{- if .Values.image.imagePullSecrets }} - imagePullSecrets: - {{- range .Values.image.imagePullSecrets }} - - name: {{ . }} - {{- end }} - {{- end }} - serviceAccountName: {{ include "velero.serverServiceAccount" . }} - containers: - - name: kubectl - {{- if .Values.kubectl.image.digest }} - image: "{{ .Values.kubectl.image.repository }}@{{ .Values.kubectl.image.digest }}" - {{- else if .Values.kubectl.image.tag }} - image: "{{ .Values.kubectl.image.repository }}:{{ .Values.kubectl.image.tag }}" - {{- else }} - image: "{{ .Values.kubectl.image.repository }}:{{ template "chart.KubernetesVersion" . }}" - {{- end }} - imagePullPolicy: {{ .Values.image.pullPolicy }} - command: - - /bin/sh - - -c - - > - kubectl delete restore --all; - kubectl delete backup --all; - kubectl delete backupstoragelocation --all; - kubectl delete volumesnapshotlocation --all; - kubectl delete podvolumerestore --all; - kubectl delete crd -l component=velero; - {{- with .Values.kubectl.containerSecurityContext }} - securityContext: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- with .Values.kubectl.resources }} - resources: - {{- toYaml . | nindent 12 }} - {{- end }} - restartPolicy: OnFailure - {{- with $podSecurityContext }} - securityContext: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} -{{- end }} diff --git a/charts/velero/velero/templates/clusterrolebinding.yaml b/charts/velero/velero/templates/clusterrolebinding.yaml deleted file mode 100644 index 669289c..0000000 --- a/charts/velero/velero/templates/clusterrolebinding.yaml +++ /dev/null @@ -1,20 +0,0 @@ -{{- if and .Values.rbac.create .Values.rbac.clusterAdministrator }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: {{ include "velero.fullname" . }}-server - labels: - app.kubernetes.io/component: server - app.kubernetes.io/name: {{ include "velero.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} - helm.sh/chart: {{ include "velero.chart" . }} -subjects: - - kind: ServiceAccount - namespace: {{ .Release.Namespace }} - name: {{ include "velero.serverServiceAccount" . }} -roleRef: - kind: ClusterRole - name: {{ .Values.rbac.clusterAdministratorName }} - apiGroup: rbac.authorization.k8s.io -{{- end }} diff --git a/charts/velero/velero/templates/configmaps.yaml b/charts/velero/velero/templates/configmaps.yaml deleted file mode 100644 index 5840681..0000000 --- a/charts/velero/velero/templates/configmaps.yaml +++ /dev/null @@ -1,18 +0,0 @@ -{{- range $configMapName, $configMap := .Values.configMaps }} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "velero.fullname" $ }}-{{ $configMapName }} - namespace: {{ $.Release.Namespace }} - labels: - app.kubernetes.io/name: {{ include "velero.name" $ }} - app.kubernetes.io/instance: {{ $.Release.Name }} - app.kubernetes.io/managed-by: {{ $.Release.Service }} - helm.sh/chart: {{ include "velero.chart" $ }} - {{- with $configMap.labels }} - {{- toYaml . | nindent 4 }} - {{- end }} -data: - {{- toYaml $configMap.data | nindent 2 }} ---- -{{- end }} diff --git a/charts/velero/velero/templates/deployment.yaml b/charts/velero/velero/templates/deployment.yaml deleted file mode 100644 index 93f8061..0000000 --- a/charts/velero/velero/templates/deployment.yaml +++ /dev/null @@ -1,315 +0,0 @@ -{{/* 'securityContext' got renamed to 'podSecurityContext', merge both dicts into one for backward compatibility */}} -{{- $podSecurityContext := merge (.Values.podSecurityContext | default dict) (.Values.securityContext | default dict) -}} -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "velero.fullname" . }} - namespace: {{ .Release.Namespace }} - {{- with .Values.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} - labels: - app.kubernetes.io/name: {{ include "velero.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} - helm.sh/chart: {{ include "velero.chart" . }} - component: velero - {{- with .Values.labels }} - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - replicas: 1 - {{- if .Values.revisionHistoryLimit }} - revisionHistoryLimit: {{ .Values.revisionHistoryLimit }} - {{- end }} - strategy: - type: Recreate - selector: - matchLabels: - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/name: {{ include "velero.name" . }} - template: - metadata: - labels: - name: velero - app.kubernetes.io/name: {{ include "velero.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} - helm.sh/chart: {{ include "velero.chart" . }} - {{- if .Values.podLabels }} - {{- toYaml .Values.podLabels | nindent 8 }} - {{- end }} - {{- if or .Values.podAnnotations .Values.metrics.enabled (and .Values.credentials.useSecret (not .Values.credentials.existingSecret)) }} - annotations: - {{- with .Values.podAnnotations }} - {{- toYaml . | nindent 8 }} - {{- end }} - {{- if and (.Values.metrics.enabled) (not .Values.metrics.serviceMonitor.enabled) }} - {{- with .Values.metrics.podAnnotations }} - {{- toYaml . | nindent 8 }} - {{- end }} - {{- end }} - {{- if and .Values.credentials.useSecret (not .Values.credentials.existingSecret) }} - checksum/secret: {{ template "chart.config-checksum" . }} - {{- end }} - {{- end }} - spec: - {{- if .Values.image.imagePullSecrets }} - imagePullSecrets: - {{- range .Values.image.imagePullSecrets }} - - name: {{ . }} - {{- end }} - {{- end }} - restartPolicy: Always - serviceAccountName: {{ include "velero.serverServiceAccount" . }} - {{- if .Values.priorityClassName }} - priorityClassName: {{ include "velero.priorityClassName" . }} - {{- end }} - terminationGracePeriodSeconds: {{ .Values.terminationGracePeriodSeconds }} - containers: - - name: velero - {{- if .Values.image.digest }} - image: "{{ .Values.image.repository }}@{{ .Values.image.digest }}" - {{- else }} - image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" - {{- end }} - imagePullPolicy: {{ .Values.image.pullPolicy }} - {{- if .Values.metrics.enabled }} - ports: - - name: http-monitoring - containerPort: 8085 - {{- end }} - command: - - /velero - args: - - server - ### Flags - {{- with .Values.configuration }} - - --uploader-type={{ default "kopia" .uploaderType }} - {{- with .backupSyncPeriod }} - - --backup-sync-period={{ . }} - {{- end }} - {{- with .fsBackupTimeout }} - - --fs-backup-timeout={{ . }} - {{- end }} - {{- with .clientBurst }} - - --client-burst={{ . }} - {{- end }} - {{- with .clientPageSize }} - - --client-page-size={{ . }} - {{- end }} - {{- with .clientQPS }} - - --client-qps={{ . }} - {{- end }} - {{- with .defaultBackupStorageLocation }} - - --default-backup-storage-location={{ . }} - {{- end }} - {{- with .defaultBackupTTL }} - - --default-backup-ttl={{ . }} - {{- end }} - {{- with .defaultItemOperationTimeout }} - - --default-item-operation-timeout={{ . }} - {{- end }} - {{- with .defaultVolumeSnapshotLocations }} - - --default-volume-snapshot-locations={{ . }} - {{- end }} - {{- if .defaultVolumesToFsBackup }} - - --default-volumes-to-fs-backup - {{- end }} - {{- with .defaultRepoMaintainFrequency }} - - --default-repo-maintain-frequency={{ . }} - {{- end }} - {{- with .disableControllers }} - - --disable-controllers={{ . }} - {{- end }} - {{- with .disableInformerCache }} - - --disable-informer-cache={{ . }} - {{- end }} - {{- with .garbageCollectionFrequency }} - - --garbage-collection-frequency={{ . }} - {{- end }} - {{- with .logFormat }} - - --log-format={{ . }} - {{- end }} - {{- with .logLevel }} - - --log-level={{ . }} - {{- end }} - {{- with .metricsAddress }} - - --metrics-address={{ . }} - {{- end }} - {{- with .pluginDir }} - - --plugin-dir={{ . }} - {{- end }} - {{- with .profilerAddress }} - - --profiler-address={{ . }} - {{- end }} - {{- if .restoreOnlyMode }} - - --restore-only - {{- end }} - {{- with .restoreResourcePriorities }} - - --restore-resource-priorities={{ . }} - {{- end }} - {{- with .storeValidationFrequency }} - - --store-validation-frequency={{ . }} - {{- end }} - {{- with .terminatingResourceTimeout }} - - --terminating-resource-timeout={{ . }} - {{- end }} - {{- with .defaultSnapshotMoveData }} - - --default-snapshot-move-data={{ . }} - {{- end }} - ### Global Flags - {{- with .features }} - - --features={{ . }} - {{- end }} - {{- with .namespace }} - - --namespace={{ . }} - {{- end }} - {{- with .repositoryMaintenanceJob }} - {{- with .requests }} - {{- with .cpu }} - - --maintenance-job-cpu-request={{ . }} - {{- end }} - {{- with .memory }} - - --maintenance-job-mem-request={{ . }} - {{- end }} - {{- end }} - {{- with .limits }} - {{- with .cpu }} - - --maintenance-job-cpu-limit={{ . }} - {{- end }} - {{- with .memory }} - - --maintenance-job-mem-limit={{ . }} - {{- end }} - {{- end }} - {{- with .latestJobsCount }} - - --keep-latest-maintenance-jobs={{ . }} - {{- end }} - {{- end }} - {{- with .extraArgs }} - ### User-supplied overwrite flags - {{- toYaml . | nindent 12 }} - {{- end }} - {{- end }} - {{- with .Values.resources }} - resources: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- if .Values.metrics.enabled }} - {{- with .Values.livenessProbe }} - livenessProbe: {{- toYaml . | nindent 12 }} - {{- end }} - {{- with .Values.readinessProbe }} - readinessProbe: {{- toYaml . | nindent 12 }} - {{- end }} - {{- end }} - {{- with .Values.containerSecurityContext }} - securityContext: - {{- toYaml . | nindent 12 }} - {{- end }} - volumeMounts: - - name: plugins - mountPath: /plugins - {{- if .Values.credentials.useSecret }} - - name: cloud-credentials - mountPath: /credentials - {{- end }} - - name: scratch - mountPath: /scratch - {{- if .Values.containerSecurityContext.readOnlyRootFilesystem }} - - name: tmpdir - mountPath: /tmp - {{- end }} - {{- if .Values.extraVolumeMounts }} - {{- toYaml .Values.extraVolumeMounts | nindent 12 }} - {{- end }} - {{- if .Values.credentials.extraSecretRef }} - envFrom: - - secretRef: - name: {{ .Values.credentials.extraSecretRef }} - {{- end }} - env: - - name: VELERO_SCRATCH_DIR - value: /scratch - - name: VELERO_NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - - name: LD_LIBRARY_PATH - value: /plugins - {{- if .Values.credentials.useSecret }} - - name: AWS_SHARED_CREDENTIALS_FILE - value: /credentials/cloud - - name: GOOGLE_APPLICATION_CREDENTIALS - value: /credentials/cloud - - name: AZURE_CREDENTIALS_FILE - value: /credentials/cloud - - name: ALIBABA_CLOUD_CREDENTIALS_FILE - value: /credentials/cloud - {{- end }} - {{- with .Values.configuration.extraEnvVars }} - {{- range $key, $value := . }} - - name: {{ default "none" $key }} - value: {{ tpl (default "none" $value) $ | quote }} - {{- end }} - {{- end }} - {{- with .Values.credentials.extraEnvVars }} - {{- range $key, $value := . }} - - name: {{ default "none" $key }} - valueFrom: - secretKeyRef: - name: {{ include "velero.secretName" $ }} - key: {{ default "none" $key }} - {{- end }} - {{- end }} - {{- if .Values.lifecycle }} - lifecycle: {{ toYaml .Values.lifecycle | nindent 12 }} - {{- end }} - dnsPolicy: {{ .Values.dnsPolicy }} -{{- if .Values.initContainers }} - initContainers: - {{- if eq (typeOf .Values.initContainers) "string" }} - {{- tpl .Values.initContainers . | nindent 8 }} - {{- else }} - {{- toYaml .Values.initContainers | nindent 8 }} - {{- end }} -{{- end }} - volumes: - {{- if .Values.credentials.useSecret }} - - name: cloud-credentials - secret: - secretName: {{ include "velero.secretName" . }} - {{- end }} - - name: plugins - emptyDir: {} - - name: scratch - emptyDir: {} - {{- if .Values.containerSecurityContext.readOnlyRootFilesystem }} - - name: tmpdir - emptyDir: {} - {{- end }} - {{- if .Values.extraVolumes }} - {{- toYaml .Values.extraVolumes | nindent 8 }} - {{- end }} - {{- with $podSecurityContext }} - securityContext: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.dnsConfig }} - dnsConfig: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} diff --git a/charts/velero/velero/templates/extra-manifests.yaml b/charts/velero/velero/templates/extra-manifests.yaml deleted file mode 100644 index a9bb3b6..0000000 --- a/charts/velero/velero/templates/extra-manifests.yaml +++ /dev/null @@ -1,4 +0,0 @@ -{{ range .Values.extraObjects }} ---- -{{ tpl (toYaml .) $ }} -{{ end }} diff --git a/charts/velero/velero/templates/label-namespace/labelnamespace.yaml b/charts/velero/velero/templates/label-namespace/labelnamespace.yaml deleted file mode 100644 index 47b63f1..0000000 --- a/charts/velero/velero/templates/label-namespace/labelnamespace.yaml +++ /dev/null @@ -1,39 +0,0 @@ -{{- if .Values.namespace }} -{{- if gt (len .Values.namespace.labels) 0 }} -apiVersion: batch/v1 -kind: Job -metadata: - name: {{ template "velero.fullname" . }}-label-namespace - namespace: {{ .Release.Namespace }} - annotations: - "helm.sh/hook": post-install,post-upgrade,post-rollback - "helm.sh/hook-delete-policy": hook-succeeded - labels: - app.kubernetes.io/name: {{ include "velero.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} - helm.sh/chart: {{ include "velero.chart" . }} -spec: - template: - spec: - serviceAccountName: {{ include "velero.serverServiceAccount" . }} - containers: - - name: label-namespace - {{- if .Values.kubectl.image.digest }} - image: "{{ .Values.kubectl.image.repository }}@{{ .Values.kubectl.image.digest }}" - {{- else if .Values.kubectl.image.tag }} - image: "{{ .Values.kubectl.image.repository }}:{{ .Values.kubectl.image.tag }}" - {{- else }} - image: "{{ .Values.kubectl.image.repository }}:{{ template "chart.KubernetesVersion" . }}" - {{- end }} - command: - - /bin/sh - - -c - - | - {{- range .Values.namespace.labels }} - kubectl label namespace {{ $.Release.Namespace }} {{ .key }}={{ .value }} - {{- end }} - restartPolicy: Never - backoffLimit: 3 -{{- end }} -{{- end }} \ No newline at end of file diff --git a/charts/velero/velero/templates/node-agent-daemonset.yaml b/charts/velero/velero/templates/node-agent-daemonset.yaml deleted file mode 100644 index 68fedf3..0000000 --- a/charts/velero/velero/templates/node-agent-daemonset.yaml +++ /dev/null @@ -1,204 +0,0 @@ -{{- if .Values.deployNodeAgent }} -{{/* 'nodeAgent.securityContext' got renamed to 'nodeAgent.containerSecurityContext', merge both dicts into one for backward compatibility */}} -{{- $containerSecurityContext := merge (.Values.nodeAgent.containerSecurityContext | default dict) (.Values.nodeAgent.securityContext | default dict) -}} -apiVersion: apps/v1 -kind: DaemonSet -metadata: - name: node-agent - namespace: {{ .Release.Namespace }} - {{- with .Values.nodeAgent.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} - labels: - app.kubernetes.io/name: {{ include "velero.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} - helm.sh/chart: {{ include "velero.chart" . }} - {{- with .Values.nodeAgent.labels }} - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - selector: - matchLabels: - name: node-agent - template: - metadata: - labels: - name: node-agent - app.kubernetes.io/name: {{ include "velero.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} - helm.sh/chart: {{ include "velero.chart" . }} - {{- if .Values.podLabels }} - {{- toYaml .Values.podLabels | nindent 8 }} - {{- end }} - {{- if or .Values.podAnnotations .Values.metrics.enabled (and .Values.credentials.useSecret (not .Values.credentials.existingSecret)) }} - annotations: - {{- with .Values.podAnnotations }} - {{- toYaml . | nindent 8 }} - {{- end }} - {{- if and (.Values.metrics.enabled) (not .Values.metrics.nodeAgentPodMonitor.enabled) }} - {{- with .Values.metrics.podAnnotations }} - {{- toYaml . | nindent 8 }} - {{- end }} - {{- end }} - {{- if and .Values.credentials.useSecret (not .Values.credentials.existingSecret) }} - checksum/secret: {{ template "chart.config-checksum" . }} - {{- end }} - {{- end }} - spec: - {{- if .Values.image.imagePullSecrets }} - imagePullSecrets: - {{- range .Values.image.imagePullSecrets }} - - name: {{ . }} - {{- end }} - {{- end }} - serviceAccountName: {{ include "velero.serverServiceAccount" . }} - {{- with .Values.nodeAgent.podSecurityContext }} - securityContext: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- if .Values.nodeAgent.priorityClassName }} - priorityClassName: {{ include "velero.nodeAgent.priorityClassName" . }} - {{- end }} - terminationGracePeriodSeconds: {{ .Values.terminationGracePeriodSeconds }} - volumes: - {{- if .Values.credentials.useSecret }} - - name: cloud-credentials - secret: - secretName: {{ include "velero.secretName" . }} - {{- end }} - - name: host-pods - hostPath: - path: {{ .Values.nodeAgent.podVolumePath }} - {{- if .Values.nodeAgent.useScratchEmptyDir }} - - name: scratch - emptyDir: {} - {{- end }} - {{- if .Values.nodeAgent.extraVolumes }} - {{- toYaml .Values.nodeAgent.extraVolumes | nindent 8 }} - {{- end }} - dnsPolicy: {{ .Values.nodeAgent.dnsPolicy }} - containers: - - name: node-agent - {{- if .Values.image.digest }} - image: "{{ .Values.image.repository }}@{{ .Values.image.digest }}" - {{- else }} - image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" - {{- end }} - imagePullPolicy: {{ .Values.image.pullPolicy }} - {{- if .Values.metrics.enabled }} - ports: - - name: http-monitoring - containerPort: 8085 - {{- end }} - command: - - /velero - args: - - node-agent - - server - {{- with .Values.configuration }} - {{- with .features }} - - --features={{ . }} - {{- end }} - {{- with .logLevel }} - - --log-level={{ . }} - {{- end }} - {{- with .logFormat }} - - --log-format={{ . }} - {{- end }} - {{- end }} - {{- with .Values.nodeAgent.extraArgs }} - {{- toYaml . | nindent 12 }} - {{- end }} - volumeMounts: - {{- if .Values.credentials.useSecret }} - - name: cloud-credentials - mountPath: /credentials - {{- end }} - - name: host-pods - mountPath: /host_pods - mountPropagation: HostToContainer - {{- if .Values.nodeAgent.useScratchEmptyDir }} - - name: scratch - mountPath: /scratch - {{- end }} - {{- if .Values.nodeAgent.extraVolumeMounts }} - {{- toYaml .Values.nodeAgent.extraVolumeMounts | nindent 12 }} - {{- end }} - {{- if .Values.credentials.extraSecretRef }} - envFrom: - - secretRef: - name: {{ .Values.credentials.extraSecretRef }} - {{- end }} - env: - - name: VELERO_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: NODE_NAME - valueFrom: - fieldRef: - fieldPath: spec.nodeName - - name: VELERO_SCRATCH_DIR - value: /scratch - {{- if .Values.credentials.useSecret }} - - name: AWS_SHARED_CREDENTIALS_FILE - value: /credentials/cloud - - name: GOOGLE_APPLICATION_CREDENTIALS - value: /credentials/cloud - - name: AZURE_CREDENTIALS_FILE - value: /credentials/cloud - - name: ALIBABA_CLOUD_CREDENTIALS_FILE - value: /credentials/cloud - {{- end }} - {{- with .Values.configuration.extraEnvVars }} - {{- range $key, $value := . }} - - name: {{ default "none" $key }} - value: {{ tpl (default "none" $value) $ | quote }} - {{- end }} - {{- end }} - {{- with .Values.credentials.extraEnvVars }} - {{- range $key, $value := . }} - - name: {{ default "none" $key }} - valueFrom: - secretKeyRef: - name: {{ include "velero.secretName" $ }} - key: {{ default "none" $key }} - {{- end }} - {{- end }} - {{- with .Values.nodeAgent.extraEnvVars }} - {{- range $key, $value := . }} - - name: {{ default "none" $key }} - value: {{ default "none" $value | quote }} - {{- end }} - {{- end }} - {{- if .Values.lifecycle }} - lifecycle: {{ toYaml .Values.nodeAgent.lifecycle | nindent 12 }} - {{- end }} - securityContext: - {{- with $containerSecurityContext }} - {{- toYaml . | nindent 12 }} - {{- end }} - {{- with .Values.nodeAgent.resources }} - resources: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- with .Values.nodeAgent.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.nodeAgent.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.nodeAgent.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.nodeAgent.dnsConfig }} - dnsConfig: - {{- toYaml . | nindent 8 }} - {{- end }} -{{- end }} diff --git a/charts/velero/velero/templates/podmonitor.yaml b/charts/velero/velero/templates/podmonitor.yaml deleted file mode 100644 index 3e6a3b9..0000000 --- a/charts/velero/velero/templates/podmonitor.yaml +++ /dev/null @@ -1,44 +0,0 @@ -{{ if and (and .Values.metrics.enabled .Values.metrics.nodeAgentPodMonitor.enabled) (or (not .Values.metrics.nodeAgentPodMonitor.autodetect) (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1")) }} -apiVersion: monitoring.coreos.com/v1 -kind: PodMonitor -metadata: - name: node-agent - {{- if .Values.metrics.nodeAgentPodMonitor.namespace }} - namespace: {{ .Values.metrics.nodeAgentPodMonitor.namespace }} - {{- end }} - {{- with .Values.metrics.nodeAgentPodMonitor.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} - labels: - app.kubernetes.io/name: {{ include "velero.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} - helm.sh/chart: {{ include "velero.chart" . }} - {{- with .Values.metrics.nodeAgentPodMonitor.additionalLabels }} - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - namespaceSelector: - matchNames: - - {{ .Release.Namespace }} - selector: - matchLabels: - app.kubernetes.io/name: {{ include "velero.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - name: node-agent - {{- with .Values.nodeAgent.labels }} - {{- toYaml . | nindent 6 }} - {{- end }} - podMetricsEndpoints: - - port: http-monitoring - interval: {{ .Values.metrics.scrapeInterval }} - scrapeTimeout: {{ .Values.metrics.scrapeTimeout }} - {{- if .Values.metrics.nodeAgentPodMonitor.scheme }} - scheme: {{ .Values.metrics.nodeAgentPodMonitor.scheme }} - {{- end }} - {{- if .Values.metrics.nodeAgentPodMonitor.tlsConfig }} - tlsConfig: - {{- toYaml .Values.metrics.nodeAgentPodMonitor.tlsConfig | nindent 6 }} - {{- end }} -{{- end }} diff --git a/charts/velero/velero/templates/prometheusrule.yaml b/charts/velero/velero/templates/prometheusrule.yaml deleted file mode 100644 index 60bcfc3..0000000 --- a/charts/velero/velero/templates/prometheusrule.yaml +++ /dev/null @@ -1,21 +0,0 @@ -{{- if and (and .Values.metrics.enabled .Values.metrics.prometheusRule.enabled) (or (not .Values.metrics.prometheusRule.autodetect) (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1")) (.Values.metrics.prometheusRule.spec) }} -apiVersion: monitoring.coreos.com/v1 -kind: PrometheusRule -metadata: - name: {{ include "velero.fullname" . }} - {{- if .Values.metrics.prometheusRule.namespace }} - namespace: {{ .Values.metrics.prometheusRule.namespace }} - {{- end }} - labels: - app.kubernetes.io/name: {{ include "velero.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} - {{- if .Values.metrics.prometheusRule.additionalLabels }} - {{- toYaml .Values.metrics.prometheusRule.additionalLabels | nindent 4 }} - {{- end }} -spec: - groups: - - name: {{ include "velero.name" . }} - rules: - {{- toYaml .Values.metrics.prometheusRule.spec | nindent 4 }} -{{- end }} diff --git a/charts/velero/velero/templates/role.yaml b/charts/velero/velero/templates/role.yaml deleted file mode 100644 index f6bc87c..0000000 --- a/charts/velero/velero/templates/role.yaml +++ /dev/null @@ -1,21 +0,0 @@ -{{- if .Values.rbac.create }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: {{ include "velero.fullname" . }}-server - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/component: server - app.kubernetes.io/name: {{ include "velero.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} - helm.sh/chart: {{ include "velero.chart" . }} -rules: -- apiGroups: - - "*" - resources: - - "*" - verbs: - - "*" - -{{- end }} diff --git a/charts/velero/velero/templates/rolebinding.yaml b/charts/velero/velero/templates/rolebinding.yaml deleted file mode 100644 index d77bea4..0000000 --- a/charts/velero/velero/templates/rolebinding.yaml +++ /dev/null @@ -1,21 +0,0 @@ -{{- if .Values.rbac.create }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: {{ include "velero.fullname" . }}-server - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/component: server - app.kubernetes.io/name: {{ include "velero.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} - helm.sh/chart: {{ include "velero.chart" . }} -subjects: - - kind: ServiceAccount - namespace: {{ .Release.Namespace }} - name: {{ include "velero.serverServiceAccount" . }} -roleRef: - kind: Role - name: {{ include "velero.fullname" . }}-server - apiGroup: rbac.authorization.k8s.io -{{- end }} diff --git a/charts/velero/velero/templates/schedule.yaml b/charts/velero/velero/templates/schedule.yaml deleted file mode 100644 index d09d900..0000000 --- a/charts/velero/velero/templates/schedule.yaml +++ /dev/null @@ -1,34 +0,0 @@ -{{- range $scheduleName, $schedule := .Values.schedules }} -{{- if (not $schedule.disabled) }} -apiVersion: velero.io/v1 -kind: Schedule -metadata: - name: {{ include "velero.fullname" $ }}-{{ $scheduleName }} - namespace: {{ $.Release.Namespace }} - {{- if $schedule.annotations }} - annotations: - {{- toYaml $schedule.annotations | nindent 4 }} - {{- end }} - labels: - app.kubernetes.io/name: {{ include "velero.name" $ }} - app.kubernetes.io/instance: {{ $.Release.Name }} - app.kubernetes.io/managed-by: {{ $.Release.Service }} - helm.sh/chart: {{ include "velero.chart" $ }} - {{- if $schedule.labels }} - {{- toYaml $schedule.labels | nindent 4 }} - {{- end }} -spec: -{{- if $schedule.paused }} - paused: {{ $schedule.paused }} -{{- end }} -{{- if $schedule.useOwnerReferencesInBackup }} - useOwnerReferencesInBackup: {{ $schedule.useOwnerReferencesInBackup }} -{{- end }} - schedule: {{ $schedule.schedule | quote }} -{{- with $schedule.template }} - template: - {{- toYaml . | nindent 4 }} -{{- end }} ---- -{{- end }} -{{- end }} diff --git a/charts/velero/velero/templates/secret.yaml b/charts/velero/velero/templates/secret.yaml deleted file mode 100644 index 0cd9d57..0000000 --- a/charts/velero/velero/templates/secret.yaml +++ /dev/null @@ -1,24 +0,0 @@ -{{- if and .Values.credentials.useSecret (not .Values.credentials.existingSecret) -}} -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "velero.secretName" . }} - namespace: {{ .Release.Namespace }} - {{- with .Values.secretAnnotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} - labels: - app.kubernetes.io/name: {{ include "velero.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} - helm.sh/chart: {{ include "velero.chart" . }} -type: Opaque -data: -{{- range $key, $value := .Values.credentials.secretContents }} - {{ $key }}: {{ tpl $value $ | b64enc | quote }} -{{- end }} -{{- range $key, $value := .Values.credentials.extraEnvVars }} - {{ $key }}: {{ tpl $value $ | b64enc | quote }} -{{- end }} -{{- end -}} diff --git a/charts/velero/velero/templates/service.yaml b/charts/velero/velero/templates/service.yaml deleted file mode 100644 index bd66c31..0000000 --- a/charts/velero/velero/templates/service.yaml +++ /dev/null @@ -1,29 +0,0 @@ -{{- if .Values.metrics.enabled }} -apiVersion: v1 -kind: Service -metadata: - name: {{ include "velero.fullname" . }} - namespace: {{ .Release.Namespace }} - {{- with .Values.metrics.service.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} - labels: - app.kubernetes.io/name: {{ include "velero.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} - helm.sh/chart: {{ include "velero.chart" . }} - {{- with .Values.metrics.service.labels }} - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - type: ClusterIP - ports: - - name: http-monitoring - port: 8085 - targetPort: http-monitoring - selector: - name: velero - app.kubernetes.io/name: {{ include "velero.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} -{{- end }} diff --git a/charts/velero/velero/templates/serviceaccount-server.yaml b/charts/velero/velero/templates/serviceaccount-server.yaml deleted file mode 100644 index 76feca0..0000000 --- a/charts/velero/velero/templates/serviceaccount-server.yaml +++ /dev/null @@ -1,25 +0,0 @@ -{{- if .Values.serviceAccount.server.create }} -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ include "velero.serverServiceAccount" . }} - namespace: {{ .Release.Namespace }} -{{- if .Values.serviceAccount.server.annotations }} - annotations: -{{ toYaml .Values.serviceAccount.server.annotations | nindent 4 }} -{{- end }} - labels: - app.kubernetes.io/name: {{ include "velero.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} - helm.sh/chart: {{ include "velero.chart" . }} -{{- with .Values.serviceAccount.server.labels }} - {{- toYaml . | nindent 4 }} -{{- end }} -{{- if .Values.serviceAccount.server.imagePullSecrets }} -imagePullSecrets: -{{- range .Values.serviceAccount.server.imagePullSecrets }} - - name: {{ . }} -{{- end }} -{{- end }} -{{- end }} diff --git a/charts/velero/velero/templates/servicemonitor.yaml b/charts/velero/velero/templates/servicemonitor.yaml deleted file mode 100644 index 777ff9f..0000000 --- a/charts/velero/velero/templates/servicemonitor.yaml +++ /dev/null @@ -1,46 +0,0 @@ -{{ if and (and .Values.metrics.enabled .Values.metrics.serviceMonitor.enabled) (or (not .Values.metrics.serviceMonitor.autodetect) (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1")) }} -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: {{ include "velero.fullname" . }} - {{- if .Values.metrics.serviceMonitor.namespace }} - namespace: {{ .Values.metrics.serviceMonitor.namespace }} - {{- end }} - {{- with .Values.metrics.serviceMonitor.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} - labels: - app.kubernetes.io/name: {{ include "velero.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} - helm.sh/chart: {{ include "velero.chart" . }} - {{- with .Values.metrics.serviceMonitor.additionalLabels }} - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - namespaceSelector: - matchNames: - - {{ .Release.Namespace }} - selector: - matchLabels: - app.kubernetes.io/name: {{ include "velero.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - endpoints: - - port: http-monitoring - interval: {{ .Values.metrics.scrapeInterval }} - scrapeTimeout: {{ .Values.metrics.scrapeTimeout }} - {{- if .Values.metrics.serviceMonitor.scheme }} - scheme: {{ .Values.metrics.serviceMonitor.scheme }} - {{- end }} - {{- if .Values.metrics.serviceMonitor.metricRelabelings }} - metricRelabelings: {{- toYaml .Values.metrics.serviceMonitor.metricRelabelings | nindent 6 }} - {{- end }} - {{- if .Values.metrics.serviceMonitor.relabelings }} - relabelings: {{ toYaml .Values.metrics.serviceMonitor.relabelings | nindent 6 }} - {{- end }} - {{- if .Values.metrics.serviceMonitor.tlsConfig }} - tlsConfig: - {{- toYaml .Values.metrics.serviceMonitor.tlsConfig | nindent 6 }} - {{- end }} -{{- end }} diff --git a/charts/velero/velero/templates/upgrade-crds/clusterrole-upgrade.yaml b/charts/velero/velero/templates/upgrade-crds/clusterrole-upgrade.yaml deleted file mode 100644 index 426d1cb..0000000 --- a/charts/velero/velero/templates/upgrade-crds/clusterrole-upgrade.yaml +++ /dev/null @@ -1,27 +0,0 @@ -{{- if .Values.upgradeCRDs }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: {{ include "velero.fullname" . }}-upgrade-crds - annotations: - "helm.sh/hook": pre-install,pre-upgrade,pre-rollback - "helm.sh/hook-weight": "-5" - "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded - labels: - app.kubernetes.io/component: upgrade-crds - app.kubernetes.io/name: {{ include "velero.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} - helm.sh/chart: {{ include "velero.chart" . }} -rules: -- apiGroups: - - "apiextensions.k8s.io" - resources: - - "customresourcedefinitions" - verbs: - - create - - patch - - update - - get - - list -{{- end }} diff --git a/charts/velero/velero/templates/upgrade-crds/clusterrolebinding-upgrade.yaml b/charts/velero/velero/templates/upgrade-crds/clusterrolebinding-upgrade.yaml deleted file mode 100644 index 07d802c..0000000 --- a/charts/velero/velero/templates/upgrade-crds/clusterrolebinding-upgrade.yaml +++ /dev/null @@ -1,25 +0,0 @@ -{{- if .Values.upgradeCRDs }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: {{ include "velero.fullname" . }}-upgrade-crds - labels: - app.kubernetes.io/component: upgrade-crds - app.kubernetes.io/name: {{ include "velero.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} - helm.sh/chart: {{ include "velero.chart" . }} - annotations: - "helm.sh/hook": pre-install,pre-upgrade,pre-rollback - "helm.sh/hook-weight": "-3" - "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded -subjects: - - kind: ServiceAccount - namespace: {{ .Release.Namespace }} - name: {{ include "velero.serverServiceAccount" . }}-upgrade-crds -roleRef: - kind: ClusterRole - name: {{ include "velero.fullname" . }}-upgrade-crds - apiGroup: rbac.authorization.k8s.io -{{- end }} - diff --git a/charts/velero/velero/templates/upgrade-crds/serviceaccount-upgrade.yaml b/charts/velero/velero/templates/upgrade-crds/serviceaccount-upgrade.yaml deleted file mode 100644 index 93e3f1e..0000000 --- a/charts/velero/velero/templates/upgrade-crds/serviceaccount-upgrade.yaml +++ /dev/null @@ -1,22 +0,0 @@ -{{- if .Values.upgradeCRDs }} -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ include "velero.serverServiceAccount" . }}-upgrade-crds - namespace: {{ .Release.Namespace }} - annotations: - "helm.sh/hook": pre-install,pre-upgrade,pre-rollback - "helm.sh/hook-weight": "-4" - "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded -{{- if .Values.serviceAccount.server.annotations }} -{{ toYaml .Values.serviceAccount.server.annotations | nindent 4 }} -{{- end }} - labels: - app.kubernetes.io/name: {{ include "velero.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} - helm.sh/chart: {{ include "velero.chart" . }} -{{- with .Values.serviceAccount.server.labels }} - {{- toYaml . | nindent 4 }} -{{- end }} -{{- end }} diff --git a/charts/velero/velero/templates/upgrade-crds/upgrade-crds.yaml b/charts/velero/velero/templates/upgrade-crds/upgrade-crds.yaml deleted file mode 100644 index 59d3b2e..0000000 --- a/charts/velero/velero/templates/upgrade-crds/upgrade-crds.yaml +++ /dev/null @@ -1,127 +0,0 @@ -{{- if .Values.upgradeCRDs }} -{{/* 'securityContext' got renamed to 'podSecurityContext', merge both dicts into one for backward compatibility */}} -{{- $podSecurityContext := merge (.Values.podSecurityContext | default dict) (.Values.securityContext | default dict) -}} -apiVersion: batch/v1 -kind: Job -metadata: - name: {{ template "velero.fullname" . }}-upgrade-crds - namespace: {{ .Release.Namespace }} - annotations: - "helm.sh/hook": pre-install,pre-upgrade,pre-rollback - "helm.sh/hook-weight": "5" - "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded - labels: - app.kubernetes.io/name: {{ include "velero.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} - helm.sh/chart: {{ include "velero.chart" . }} - {{- with .Values.kubectl.labels }} - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - backoffLimit: 3 - template: - metadata: - name: velero-upgrade-crds - {{- with .Values.kubectl.labels }} - labels: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.kubectl.annotations }} - annotations: - {{- toYaml . | nindent 8 }} - {{- end }} - spec: - {{- if .Values.image.imagePullSecrets }} - imagePullSecrets: - {{- range .Values.image.imagePullSecrets }} - - name: {{ . }} - {{- end }} - {{- end }} - serviceAccountName: {{ include "velero.serverServiceAccount" . }}-upgrade-crds - initContainers: - - name: kubectl - {{- if .Values.kubectl.image.digest }} - image: "{{ .Values.kubectl.image.repository }}@{{ .Values.kubectl.image.digest }}" - {{- else if .Values.kubectl.image.tag }} - image: "{{ .Values.kubectl.image.repository }}:{{ .Values.kubectl.image.tag }}" - {{- else }} - image: "{{ .Values.kubectl.image.repository }}:{{ template "chart.KubernetesVersion" . }}" - {{- end }} - imagePullPolicy: {{ .Values.image.pullPolicy }} - command: - - /bin/sh - args: - - -c - - cp `which sh` /tmp && cp `which kubectl` /tmp - {{- with .Values.kubectl.resources }} - resources: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- with .Values.kubectl.containerSecurityContext }} - securityContext: - {{- toYaml . | nindent 12 }} - {{- end }} - volumeMounts: - - mountPath: /tmp - name: crds - containers: - - name: velero - {{- if .Values.image.digest }} - image: "{{ .Values.image.repository }}@{{ .Values.image.digest }}" - {{- else }} - image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" - {{- end }} - imagePullPolicy: {{ .Values.image.pullPolicy }} - command: - - /tmp/sh - args: - - -c - - /velero install --crds-only --dry-run -o yaml | /tmp/kubectl apply -f - - {{- with .Values.upgradeJobResources }} - resources: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- with .Values.containerSecurityContext }} - securityContext: - {{- toYaml . | nindent 12 }} - {{- end }} - volumeMounts: - - mountPath: /tmp - name: crds - {{- if (.Values.upgradeCRDsJob).extraVolumeMounts }} - {{- toYaml .Values.upgradeCRDsJob.extraVolumeMounts | nindent 12 }} - {{- end }} - {{- if (.Values.upgradeCRDsJob).extraEnvVars }} - env: - {{- with .Values.upgradeCRDsJob.extraEnvVars }} - {{- range $key, $value := . }} - - name: {{ default "none" $key }} - value: {{ default "none" $value | quote }} - {{- end }} - {{- end }} - {{- end }} - volumes: - - name: crds - emptyDir: {} - {{- if (.Values.upgradeCRDsJob).extraVolumes }} - {{- toYaml .Values.upgradeCRDsJob.extraVolumes | nindent 8 }} - {{- end }} - restartPolicy: OnFailure - {{- with $podSecurityContext }} - securityContext: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} -{{- end }} diff --git a/charts/velero/velero/templates/volumesnapshotlocation.yaml b/charts/velero/velero/templates/volumesnapshotlocation.yaml deleted file mode 100644 index 8319968..0000000 --- a/charts/velero/velero/templates/volumesnapshotlocation.yaml +++ /dev/null @@ -1,41 +0,0 @@ -{{- if .Values.snapshotsEnabled }} - -{{- if typeIs "[]interface {}" .Values.configuration.volumeSnapshotLocation }} -{{- range .Values.configuration.volumeSnapshotLocation }} ---- -apiVersion: velero.io/v1 -kind: VolumeSnapshotLocation -metadata: - name: {{ .name | default "default" }} - namespace: {{ $.Release.Namespace }} - {{- with .annotations }} - annotations: - {{- range $key, $value := . }} - {{- $key | nindent 4 }}: {{ $value | quote }} - {{- end }} - {{- end }} - labels: - app.kubernetes.io/name: {{ include "velero.name" $ }} - app.kubernetes.io/instance: {{ $.Release.Name }} - app.kubernetes.io/managed-by: {{ $.Release.Service }} - helm.sh/chart: {{ include "velero.chart" $ }} -spec: - {{- if not (empty .credential) }} - credential: - {{- with .credential.name }} - name: {{ . }} - {{- end }} - {{- with .credential.key }} - key: {{ . }} - {{- end }} - {{- end }} - provider: {{ .provider }} -{{- with .config }} - config: -{{- range $key, $value := . }} -{{- $key | nindent 4 }}: {{ $value | quote }} -{{- end }} -{{- end -}} -{{- end }} -{{- end }} -{{- end }} diff --git a/charts/velero/velero/values.yaml b/charts/velero/velero/values.yaml deleted file mode 100644 index d38a268..0000000 --- a/charts/velero/velero/values.yaml +++ /dev/null @@ -1,656 +0,0 @@ -## -## Configuration settings related to Velero installation namespace -## - -# Labels settings in namespace -namespace: - labels: {} - # Enforce Pod Security Standards with Namespace Labels - # https://kubernetes.io/docs/tasks/configure-pod-container/enforce-standards-namespace-labels/ - # - key: pod-security.kubernetes.io/enforce - # value: privileged - # - key: pod-security.kubernetes.io/enforce-version - # value: latest - # - key: pod-security.kubernetes.io/audit - # value: privileged - # - key: pod-security.kubernetes.io/audit-version - # value: latest - # - key: pod-security.kubernetes.io/warn - # value: privileged - # - key: pod-security.kubernetes.io/warn-version - # value: latest - -## -## End of namespace-related settings. -## - - -## -## Configuration settings that directly affect the Velero deployment YAML. -## - -# Details of the container image to use in the Velero deployment & daemonset (if -# enabling node-agent). Required. -image: - repository: velero/velero - tag: v1.14.1 - # Digest value example: sha256:d238835e151cec91c6a811fe3a89a66d3231d9f64d09e5f3c49552672d271f38. - # If used, it will take precedence over the image.tag. - # digest: - pullPolicy: IfNotPresent - # One or more secrets to be used when pulling images - imagePullSecrets: [] - # - registrySecretName - -nameOverride: "" -fullnameOverride: "" - -# Annotations to add to the Velero deployment's. Optional. -# -# If you are using reloader use the following annotation with your VELERO_SECRET_NAME -annotations: {} -# secret.reloader.stakater.com/reload: "" - -# Annotations to add to secret -secretAnnotations: {} - -# Labels to add to the Velero deployment's. Optional. -labels: {} - -# Annotations to add to the Velero deployment's pod template. Optional. -# -# If using kube2iam or kiam, use the following annotation with your AWS_ACCOUNT_ID -# and VELERO_ROLE_NAME filled in: -podAnnotations: {} - # iam.amazonaws.com/role: "arn:aws:iam:::role/" - -# Additional pod labels for Velero deployment's template. Optional -# ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ -podLabels: {} - -# Number of old history to retain to allow rollback (If not set, default Kubernetes value is set to 10) -# revisionHistoryLimit: 1 - -# Resource requests/limits to specify for the Velero deployment. -# https://velero.io/docs/v1.6/customize-installation/#customize-resource-requests-and-limits -resources: {} - # requests: - # cpu: 500m - # memory: 128Mi - # limits: - # cpu: 1000m - # memory: 512Mi - -# Resource requests/limits to specify for the upgradeCRDs job pod. Need to be adjusted by user accordingly. -upgradeJobResources: {} -# requests: -# cpu: 50m -# memory: 128Mi -# limits: -# cpu: 100m -# memory: 256Mi -upgradeCRDsJob: - # Extra volumes for the Upgrade CRDs Job. Optional. - extraVolumes: [] - # Extra volumeMounts for the Upgrade CRDs Job. Optional. - extraVolumeMounts: [] - # Extra key/value pairs to be used as environment variables. Optional. - extraEnvVars: {} - - -# Configure the dnsPolicy of the Velero deployment -# See: https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-s-dns-policy -dnsPolicy: ClusterFirst - -# Init containers to add to the Velero deployment's pod spec. At least one plugin provider image is required. -# If the value is a string then it is evaluated as a template. -initContainers: - # - name: velero-plugin-for-aws - # image: velero/velero-plugin-for-aws:v1.10.0 - # imagePullPolicy: IfNotPresent - # volumeMounts: - # - mountPath: /target - # name: plugins - -# SecurityContext to use for the Velero deployment. Optional. -# Set fsGroup for `AWS IAM Roles for Service Accounts` -# see more informations at: https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html -podSecurityContext: {} - # fsGroup: 1337 - -# Container Level Security Context for the 'velero' container of the Velero deployment. Optional. -# See: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container -containerSecurityContext: {} - # allowPrivilegeEscalation: false - # capabilities: - # drop: ["ALL"] - # add: [] - # readOnlyRootFilesystem: true - -# Container Lifecycle Hooks to use for the Velero deployment. Optional. -lifecycle: {} - -# Pod priority class name to use for the Velero deployment. Optional. -priorityClassName: "" - -# The number of seconds to allow for graceful termination of the pod. Optional. -terminationGracePeriodSeconds: 3600 - -# Liveness probe of the pod -livenessProbe: - httpGet: - path: /metrics - port: http-monitoring - scheme: HTTP - initialDelaySeconds: 10 - periodSeconds: 30 - timeoutSeconds: 5 - successThreshold: 1 - failureThreshold: 5 - -# Readiness probe of the pod -readinessProbe: - httpGet: - path: /metrics - port: http-monitoring - scheme: HTTP - initialDelaySeconds: 10 - periodSeconds: 30 - timeoutSeconds: 5 - successThreshold: 1 - failureThreshold: 5 - -# Tolerations to use for the Velero deployment. Optional. -tolerations: [] - -# Affinity to use for the Velero deployment. Optional. -affinity: {} - -# Node selector to use for the Velero deployment. Optional. -nodeSelector: {} - -# DNS configuration to use for the Velero deployment. Optional. -dnsConfig: {} - -# Extra volumes for the Velero deployment. Optional. -extraVolumes: [] - -# Extra volumeMounts for the Velero deployment. Optional. -extraVolumeMounts: [] - -# Extra K8s manifests to deploy -extraObjects: [] - # - apiVersion: secrets-store.csi.x-k8s.io/v1 - # kind: SecretProviderClass - # metadata: - # name: velero-secrets-store - # spec: - # provider: aws - # parameters: - # objects: | - # - objectName: "velero" - # objectType: "secretsmanager" - # jmesPath: - # - path: "access_key" - # objectAlias: "access_key" - # - path: "secret_key" - # objectAlias: "secret_key" - # secretObjects: - # - data: - # - key: access_key - # objectName: client-id - # - key: client-secret - # objectName: client-secret - # secretName: velero-secrets-store - # type: Opaque - -# Settings for Velero's prometheus metrics. Enabled by default. -metrics: - enabled: true - scrapeInterval: 30s - scrapeTimeout: 10s - - # service metdata if metrics are enabled - service: - annotations: {} - labels: {} - - # Pod annotations for Prometheus - podAnnotations: - prometheus.io/scrape: "true" - prometheus.io/port: "8085" - prometheus.io/path: "/metrics" - - serviceMonitor: - autodetect: true - enabled: false - annotations: {} - additionalLabels: {} - - # metrics.serviceMonitor.metricRelabelings Specify Metric Relabelings to add to the scrape endpoint - # ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#relabelconfig - # metricRelabelings: [] - # metrics.serviceMonitor.relabelings [array] Prometheus relabeling rules - # relabelings: [] - # ServiceMonitor namespace. Default to Velero namespace. - # namespace: - # ServiceMonitor connection scheme. Defaults to HTTP. - # scheme: "" - # ServiceMonitor connection tlsConfig. Defaults to {}. - # tlsConfig: {} - nodeAgentPodMonitor: - autodetect: true - enabled: false - annotations: {} - additionalLabels: {} - # ServiceMonitor namespace. Default to Velero namespace. - # namespace: - # ServiceMonitor connection scheme. Defaults to HTTP. - # scheme: "" - # ServiceMonitor connection tlsConfig. Defaults to {}. - # tlsConfig: {} - - prometheusRule: - autodetect: true - enabled: false - # Additional labels to add to deployed PrometheusRule - additionalLabels: {} - # PrometheusRule namespace. Defaults to Velero namespace. - # namespace: "" - # Rules to be deployed - spec: [] - # - alert: VeleroBackupPartialFailures - # annotations: - # message: Velero backup {{ $labels.schedule }} has {{ $value | humanizePercentage }} partialy failed backups. - # expr: |- - # velero_backup_partial_failure_total{schedule!=""} / velero_backup_attempt_total{schedule!=""} > 0.25 - # for: 15m - # labels: - # severity: warning - # - alert: VeleroBackupFailures - # annotations: - # message: Velero backup {{ $labels.schedule }} has {{ $value | humanizePercentage }} failed backups. - # expr: |- - # velero_backup_failure_total{schedule!=""} / velero_backup_attempt_total{schedule!=""} > 0.25 - # for: 15m - # labels: - # severity: warning - -kubectl: - image: - repository: docker.io/bitnami/kubectl - # Digest value example: sha256:d238835e151cec91c6a811fe3a89a66d3231d9f64d09e5f3c49552672d271f38. - # If used, it will take precedence over the kubectl.image.tag. - # digest: - # kubectl image tag. If used, it will take precedence over the cluster Kubernetes version. - # tag: 1.16.15 - # Container Level Security Context for the 'kubectl' container of the crd jobs. Optional. - # See: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container - containerSecurityContext: {} - # Resource requests/limits to specify for the upgrade/cleanup job. Optional - resources: {} - # Annotations to set for the upgrade/cleanup job. Optional. - annotations: {} - # Labels to set for the upgrade/cleanup job. Optional. - labels: {} - -# This job upgrades the CRDs. -upgradeCRDs: true - -# This job is meant primarily for cleaning up CRDs on CI systems. -# Using this on production systems, especially those that have multiple releases of Velero, will be destructive. -cleanUpCRDs: false - -## -## End of deployment-related settings. -## - - -## -## Parameters for the `default` BackupStorageLocation and VolumeSnapshotLocation, -## and additional server settings. -## -configuration: - # Parameters for the BackupStorageLocation(s). Configure multiple by adding other element(s) to the backupStorageLocation slice. - # See https://velero.io/docs/v1.6/api-types/backupstoragelocation/ - backupStorageLocation: - # name is the name of the backup storage location where backups should be stored. If a name is not provided, - # a backup storage location will be created with the name "default". Optional. - - name: - # provider is the name for the backup storage location provider. - provider: - # bucket is the name of the bucket to store backups in. Required. - bucket: - # caCert defines a base64 encoded CA bundle to use when verifying TLS connections to the provider. Optional. - caCert: - # prefix is the directory under which all Velero data should be stored within the bucket. Optional. - prefix: - # default indicates this location is the default backup storage location. Optional. - default: - # validationFrequency defines how frequently Velero should validate the object storage. Optional. - validationFrequency: - # accessMode determines if velero can write to this backup storage location. Optional. - # default to ReadWrite, ReadOnly is used during migrations and restores. - accessMode: ReadWrite - credential: - # name of the secret used by this backupStorageLocation. - name: - # name of key that contains the secret data to be used. - key: - # Additional provider-specific configuration. See link above - # for details of required/optional fields for your provider. - config: {} - # region: - # s3ForcePathStyle: - # s3Url: - # kmsKeyId: - # resourceGroup: - # The ID of the subscription containing the storage account, if different from the cluster’s subscription. (Azure only) - # subscriptionId: - # storageAccount: - # publicUrl: - # Name of the GCP service account to use for this backup storage location. Specify the - # service account here if you want to use workload identity instead of providing the key file.(GCP only) - # serviceAccount: - # Option to skip certificate validation or not if insecureSkipTLSVerify is set to be true, the client side should set the - # flag. For Velero client Command like velero backup describe, velero backup logs needs to add the flag --insecure-skip-tls-verify - # insecureSkipTLSVerify: - - # annotations allows adding arbitrary annotations to this BackupStorageLocation resource. Optional. - annotations: {} - - # Parameters for the VolumeSnapshotLocation(s). Configure multiple by adding other element(s) to the volumeSnapshotLocation slice. - # See https://velero.io/docs/v1.6/api-types/volumesnapshotlocation/ - volumeSnapshotLocation: - # name is the name of the volume snapshot location where snapshots are being taken. Required. - - name: - # provider is the name for the volume snapshot provider. - provider: - credential: - # name of the secret used by this volumeSnapshotLocation. - name: - # name of key that contains the secret data to be used. - key: - # Additional provider-specific configuration. See link above - # for details of required/optional fields for your provider. - config: {} - # region: - # apiTimeout: - # resourceGroup: - # The ID of the subscription where volume snapshots should be stored, if different from the cluster’s subscription. If specified, also requires `configuration.volumeSnapshotLocation.config.resourceGroup`to be set. (Azure only) - # subscriptionId: - # incremental: - # snapshotLocation: - # project: - - # annotations allows adding arbitrary annotations to this VolumeSnapshotLocation resource. Optional. - annotations: {} - - # These are server-level settings passed as CLI flags to the `velero server` command. Velero - # uses default values if they're not passed in, so they only need to be explicitly specified - # here if using a non-default value. The `velero server` default values are shown in the - # comments below. - # -------------------- - # `velero server` default: kopia - uploaderType: - # `velero server` default: 1m - backupSyncPeriod: - # `velero server` default: 4h - fsBackupTimeout: - # `velero server` default: 30 - clientBurst: - # `velero server` default: 500 - clientPageSize: - # `velero server` default: 20.0 - clientQPS: - # Name of the default backup storage location. Default: default - defaultBackupStorageLocation: - # The default duration any single item operation can take before timing out, especially important for large volume schedules. Default 4h - defaultItemOperationTimeout: - # How long to wait by default before backups can be garbage collected. Default: 72h - defaultBackupTTL: - # Name of the default volume snapshot location. - defaultVolumeSnapshotLocations: - # `velero server` default: empty - disableControllers: - # `velero server` default: false - disableInformerCache: false - # `velero server` default: 1h - garbageCollectionFrequency: - # Set log-format for Velero pod. Default: text. Other option: json. - logFormat: - # Set log-level for Velero pod. Default: info. Other options: debug, warning, error, fatal, panic. - logLevel: - # The address to expose prometheus metrics. Default: :8085 - metricsAddress: - # Directory containing Velero plugins. Default: /plugins - pluginDir: - # The address to expose the pprof profiler. Default: localhost:6060 - profilerAddress: - # `velero server` default: false - restoreOnlyMode: - # `velero server` default: customresourcedefinitions,namespaces,storageclasses,volumesnapshotclass.snapshot.storage.k8s.io,volumesnapshotcontents.snapshot.storage.k8s.io,volumesnapshots.snapshot.storage.k8s.io,persistentvolumes,persistentvolumeclaims,secrets,configmaps,serviceaccounts,limitranges,pods,replicasets.apps,clusterclasses.cluster.x-k8s.io,clusters.cluster.x-k8s.io,clusterresourcesets.addons.cluster.x-k8s.io - restoreResourcePriorities: - # `velero server` default: 1m - storeValidationFrequency: - # How long to wait on persistent volumes and namespaces to terminate during a restore before timing out. Default: 10m - terminatingResourceTimeout: - # Bool flag to configure Velero server to move data by default for all snapshots supporting data movement. Default: false - defaultSnapshotMoveData: - # Comma separated list of velero feature flags. default: empty - # features: EnableCSI - features: - # Resource requests/limits to specify for the repository-maintenance job. Optional. - # https://velero.io/docs/v1.14/repository-maintenance/#resource-limitation - repositoryMaintenanceJob: - requests: - # cpu: 500m - # memory: 512Mi - limits: - # cpu: 1000m - # memory: 1024Mi - # Number of latest maintenance jobs to keep for each repository - latestJobsCount: 3 - # `velero server` default: velero - namespace: - # additional command-line arguments that will be passed to the `velero server` - # e.g.: extraArgs: ["--foo=bar"] - extraArgs: [] - - # additional key/value pairs to be used as environment variables such as "AWS_CLUSTER_NAME: 'yourcluster.domain.tld'" - extraEnvVars: {} - - # Set true for backup all pod volumes without having to apply annotation on the pod when used file system backup Default: false. - defaultVolumesToFsBackup: - - # How often repository maintain is run for repositories by default. - defaultRepoMaintainFrequency: - -## -## End of backup/snapshot location settings. -## - - -## -## Settings for additional Velero resources. -## - -rbac: - # Whether to create the Velero role and role binding to give all permissions to the namespace to Velero. - create: true - # Whether to create the cluster role binding to give administrator permissions to Velero - clusterAdministrator: true - # Name of the ClusterRole. - clusterAdministratorName: cluster-admin - -# Information about the Kubernetes service account Velero uses. -serviceAccount: - server: - create: true - name: - annotations: - labels: - imagePullSecrets: [] - # - registrySecretName - -# Info about the secret to be used by the Velero deployment, which -# should contain credentials for the cloud provider IAM account you've -# set up for Velero. -credentials: - # Whether a secret should be used. Set to false if, for examples: - # - using kube2iam or kiam to provide AWS IAM credentials instead of providing the key file. (AWS only) - # - using workload identity instead of providing the key file. (Azure/GCP only) - useSecret: true - # Name of the secret to create if `useSecret` is true and `existingSecret` is empty - name: - # Name of a pre-existing secret (if any) in the Velero namespace - # that should be used to get IAM account credentials. Optional. - existingSecret: - # Data to be stored in the Velero secret, if `useSecret` is true and `existingSecret` is empty. - # As of the current Velero release, Velero only uses one secret key/value at a time. - # The key must be named `cloud`, and the value corresponds to the entire content of your IAM credentials file. - # Note that the format will be different for different providers, please check their documentation. - # Here is a list of documentation for plugins maintained by the Velero team: - # [AWS] https://github.com/vmware-tanzu/velero-plugin-for-aws/blob/main/README.md - # [GCP] https://github.com/vmware-tanzu/velero-plugin-for-gcp/blob/main/README.md - # [Azure] https://github.com/vmware-tanzu/velero-plugin-for-microsoft-azure/blob/main/README.md - secretContents: {} - # cloud: | - # [default] - # aws_access_key_id= - # aws_secret_access_key= - # additional key/value pairs to be used as environment variables such as "DIGITALOCEAN_TOKEN: ". Values will be stored in the secret. - extraEnvVars: {} - # Name of a pre-existing secret (if any) in the Velero namespace - # that will be used to load environment variables into velero and node-agent. - # Secret should be in format - https://kubernetes.io/docs/concepts/configuration/secret/#use-case-as-container-environment-variables - extraSecretRef: "" - -# Whether to create backupstoragelocation crd, if false => do not create a default backup location -backupsEnabled: true -# Whether to create volumesnapshotlocation crd, if false => disable snapshot feature -snapshotsEnabled: true - -# Whether to deploy the node-agent daemonset. -deployNodeAgent: false - -nodeAgent: - podVolumePath: /var/lib/kubelet/pods - # Pod priority class name to use for the node-agent daemonset. Optional. - priorityClassName: "" - # Resource requests/limits to specify for the node-agent daemonset deployment. Optional. - # https://velero.io/docs/v1.6/customize-installation/#customize-resource-requests-and-limits - resources: {} - # requests: - # cpu: 500m - # memory: 512Mi - # limits: - # cpu: 1000m - # memory: 1024Mi - - # Tolerations to use for the node-agent daemonset. Optional. - tolerations: [] - - # Annotations to set for the node-agent daemonset. Optional. - annotations: {} - - # labels to set for the node-agent daemonset. Optional. - labels: {} - - # will map /scratch to emptyDir. Set to false and specify your own volume - # via extraVolumes and extraVolumeMounts that maps to /scratch - # if you don't want to use emptyDir. - useScratchEmptyDir: true - - # Extra volumes for the node-agent daemonset. Optional. - extraVolumes: [] - - # Extra volumeMounts for the node-agent daemonset. Optional. - extraVolumeMounts: [] - - # Key/value pairs to be used as environment variables for the node-agent daemonset. Optional. - extraEnvVars: {} - - # Additional command-line arguments that will be passed to the node-agent. Optional. - # e.g.: extraArgs: ["--foo=bar"] - extraArgs: [] - - # Configure the dnsPolicy of the node-agent daemonset - # See: https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-s-dns-policy - dnsPolicy: ClusterFirst - - # SecurityContext to use for the Velero deployment. Optional. - # Set fsGroup for `AWS IAM Roles for Service Accounts` - # see more informations at: https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html - podSecurityContext: - runAsUser: 0 - # fsGroup: 1337 - - # Container Level Security Context for the 'node-agent' container of the node-agent daemonset. Optional. - # See: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container - containerSecurityContext: {} - - # Container Lifecycle Hooks to use for the node-agent daemonset. Optional. - lifecycle: {} - - # Node selector to use for the node-agent daemonset. Optional. - nodeSelector: {} - - # Affinity to use with node-agent daemonset. Optional. - affinity: {} - - # DNS configuration to use for the node-agent daemonset. Optional. - dnsConfig: {} - -# Backup schedules to create. -# Eg: -# schedules: -# mybackup: -# disabled: false -# labels: -# myenv: foo -# annotations: -# myenv: foo -# schedule: "0 0 * * *" -# useOwnerReferencesInBackup: false -# paused: false -# template: -# ttl: "240h" -# storageLocation: default -# includedNamespaces: -# - foo -# # See: https://velero.io/docs/v1.14/resource-filtering/#excludes -# excludedNamespaceScopedResources: -# - persistentVolumeClaims -# excludedClusterScopedResources: -# - persistentVolumes -schedules: {} - -# Velero ConfigMaps. -# Eg: -# configMaps: - # See: https://velero.io/docs/v1.11/file-system-backup/ -# fs-restore-action-config: -# labels: -# velero.io/plugin-config: "" -# velero.io/pod-volume-restore: RestoreItemAction -# data: -# image: velero/velero-restore-helper:v1.10.2 -# cpuRequest: 200m -# memRequest: 128Mi -# cpuLimit: 200m -# memLimit: 128Mi -# secCtx: | -# capabilities: -# drop: -# - ALL -# add: [] -# allowPrivilegeEscalation: false -# readOnlyRootFilesystem: true -# runAsUser: 1001 -# runAsGroup: 999 -configMaps: {} - -## -## End of additional Velero resource settings. -## diff --git a/config/deploy.yml b/config/deploy.yml index a9affbf..983522b 100644 --- a/config/deploy.yml +++ b/config/deploy.yml @@ -9,7 +9,8 @@ image: futureporn/bright # Deploy to these servers. servers: web: - - 194.163.140.228 + - 45.76.57.101 + # - 127.0.0.1 # job: # hosts: # - 192.168.0.1 @@ -39,7 +40,6 @@ registry: # Configure builder setup. builder: arch: amd64 - context: ../ dockerfile: ./dockerfiles/bright.dockerfile # Pass in additional build args needed for your Dockerfile. # args: @@ -83,24 +83,23 @@ ssh: # Use accessory services (secrets come from .kamal/secrets). # -# accessories: -# db: -# image: mysql:8.0 -# host: 192.168.0.2 -# port: 3306 -# env: -# clear: -# MYSQL_ROOT_HOST: '%' -# secret: -# - MYSQL_ROOT_PASSWORD -# files: -# - config/mysql/production.cnf:/etc/mysql/my.cnf -# - db/production.sql:/docker-entrypoint-initdb.d/setup.sql -# directories: -# - data:/var/lib/mysql -# redis: -# image: valkey/valkey:8 -# host: 192.168.0.2 -# port: 6379 -# directories: -# - data:/data +accessories: + db: + image: postgres:15 + host: 45.76.57.101 + port: 5432 + env: + clear: + POSTGRES_USER: postgres + POSTGRES_DB: phoenix_dev + secret: + - POSTGRES_PASSWORD + directories: + - pg_data:/var/lib/postgresql/data + redis: + image: valkey/valkey:8 + host: 45.76.57.101 + port: 6379 + directories: + - data:/data + diff --git a/contrib/superstreamer b/contrib/superstreamer deleted file mode 160000 index 9e868ac..0000000 --- a/contrib/superstreamer +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 9e868acede851f396b3db98fb9799ab4bf712b02 diff --git a/devbox.json b/devbox.json index 400c5a8..962b648 100644 --- a/devbox.json +++ b/devbox.json @@ -2,20 +2,13 @@ "$schema": "https://raw.githubusercontent.com/jetify-com/devbox/0.12.0/.schema/devbox.schema.json", "packages": [ "nodejs@20", - "tilt@latest", - "ctlptl@latest", - "kubectl@latest", - "cmctl@latest", - "kubernetes-helm@latest", - "k9s@latest", "ffmpeg@latest", "yt-dlp@latest", "python310@latest", "python310Packages.pip@latest", - "vips@latest", "hcloud@latest", - "ruby@latest", - "doppler@latest" + "lazydocker@latest", + "ruby@latest" ], "env": { "DEVBOX_COREPACK_ENABLED": "true", @@ -33,7 +26,7 @@ "test": [ "echo \"Error: no test specified\" && exit 1" ], - "tilt": "tilt up -f ./Tiltfile" + "backup": "docker exec -t postgres_db pg_dumpall -c -U postgres > ./backups/dev_`date +%Y-%m-%d_%H_%M_%S`.sql" } } } diff --git a/devbox.lock b/devbox.lock index cc30d9e..2ba8f4c 100644 --- a/devbox.lock +++ b/devbox.lock @@ -1,150 +1,6 @@ { "lockfile_version": "1", "packages": { - "cmctl@latest": { - "last_modified": "2024-07-07T07:43:47Z", - "resolved": "github:NixOS/nixpkgs/b60793b86201040d9dee019a05089a9150d08b5b#cmctl", - "source": "devbox-search", - "version": "1.14.7", - "systems": { - "aarch64-darwin": { - "outputs": [ - { - "name": "out", - "path": "/nix/store/69lc5y36840ccy6d1pzph994psadk4bm-cmctl-1.14.7", - "default": true - } - ], - "store_path": "/nix/store/69lc5y36840ccy6d1pzph994psadk4bm-cmctl-1.14.7" - }, - "aarch64-linux": { - "outputs": [ - { - "name": "out", - "path": "/nix/store/d5l61iil1gaax5sipnzg80mb0p1hqk9f-cmctl-1.14.7", - "default": true - } - ], - "store_path": "/nix/store/d5l61iil1gaax5sipnzg80mb0p1hqk9f-cmctl-1.14.7" - }, - "x86_64-darwin": { - "outputs": [ - { - "name": "out", - "path": "/nix/store/j0r3wavi836mp31l0s7r1c3rjryw2z62-cmctl-1.14.7", - "default": true - } - ], - "store_path": "/nix/store/j0r3wavi836mp31l0s7r1c3rjryw2z62-cmctl-1.14.7" - }, - "x86_64-linux": { - "outputs": [ - { - "name": "out", - "path": "/nix/store/lnmy96wjzmjna7z9f0dbqd16nf2x5qbv-cmctl-1.14.7", - "default": true - } - ], - "store_path": "/nix/store/lnmy96wjzmjna7z9f0dbqd16nf2x5qbv-cmctl-1.14.7" - } - } - }, - "ctlptl@latest": { - "last_modified": "2024-07-07T07:43:47Z", - "resolved": "github:NixOS/nixpkgs/b60793b86201040d9dee019a05089a9150d08b5b#ctlptl", - "source": "devbox-search", - "version": "0.8.29", - "systems": { - "aarch64-darwin": { - "outputs": [ - { - "name": "out", - "path": "/nix/store/gvnmvb315zngbg5a0idynlwxcc45gmyd-ctlptl-0.8.29", - "default": true - } - ], - "store_path": "/nix/store/gvnmvb315zngbg5a0idynlwxcc45gmyd-ctlptl-0.8.29" - }, - "aarch64-linux": { - "outputs": [ - { - "name": "out", - "path": "/nix/store/vgwbxwaf773mmgcbc1j5h6n5a7g587lf-ctlptl-0.8.29", - "default": true - } - ], - "store_path": "/nix/store/vgwbxwaf773mmgcbc1j5h6n5a7g587lf-ctlptl-0.8.29" - }, - "x86_64-darwin": { - "outputs": [ - { - "name": "out", - "path": "/nix/store/ga4rp2188c6k24162s2n23nfi4846790-ctlptl-0.8.29", - "default": true - } - ], - "store_path": "/nix/store/ga4rp2188c6k24162s2n23nfi4846790-ctlptl-0.8.29" - }, - "x86_64-linux": { - "outputs": [ - { - "name": "out", - "path": "/nix/store/wbfjbk575ny949rfyqpm4vai4ap5rbpp-ctlptl-0.8.29", - "default": true - } - ], - "store_path": "/nix/store/wbfjbk575ny949rfyqpm4vai4ap5rbpp-ctlptl-0.8.29" - } - } - }, - "doppler@latest": { - "last_modified": "2024-12-23T21:10:33Z", - "resolved": "github:NixOS/nixpkgs/de1864217bfa9b5845f465e771e0ecb48b30e02d#doppler", - "source": "devbox-search", - "version": "3.71.0", - "systems": { - "aarch64-darwin": { - "outputs": [ - { - "name": "out", - "path": "/nix/store/6820wwrx8r525zq48bpv295wssiad4s1-doppler-3.71.0", - "default": true - } - ], - "store_path": "/nix/store/6820wwrx8r525zq48bpv295wssiad4s1-doppler-3.71.0" - }, - "aarch64-linux": { - "outputs": [ - { - "name": "out", - "path": "/nix/store/lz24rlrrazcwfhz2kn5dszjwdcasvivw-doppler-3.71.0", - "default": true - } - ], - "store_path": "/nix/store/lz24rlrrazcwfhz2kn5dszjwdcasvivw-doppler-3.71.0" - }, - "x86_64-darwin": { - "outputs": [ - { - "name": "out", - "path": "/nix/store/k908q0cadca9p70jrfr2lcrfclpr343n-doppler-3.71.0", - "default": true - } - ], - "store_path": "/nix/store/k908q0cadca9p70jrfr2lcrfclpr343n-doppler-3.71.0" - }, - "x86_64-linux": { - "outputs": [ - { - "name": "out", - "path": "/nix/store/0vsjlajvmzg816sfphg5mswv4ply20ys-doppler-3.71.0", - "default": true - } - ], - "store_path": "/nix/store/0vsjlajvmzg816sfphg5mswv4ply20ys-doppler-3.71.0" - } - } - }, "ffmpeg@latest": { "last_modified": "2024-07-24T00:53:51Z", "resolved": "github:NixOS/nixpkgs/4f02464258baaf54992debfd010a7a3662a25536#ffmpeg", @@ -341,183 +197,51 @@ } } }, - "k9s@latest": { - "last_modified": "2024-07-20T09:11:00Z", - "resolved": "github:NixOS/nixpkgs/6e14bbce7bea6c4efd7adfa88a40dac750d80100#k9s", + "lazydocker@latest": { + "last_modified": "2024-12-23T21:10:33Z", + "resolved": "github:NixOS/nixpkgs/de1864217bfa9b5845f465e771e0ecb48b30e02d#lazydocker", "source": "devbox-search", - "version": "0.32.5", + "version": "0.24.1", "systems": { "aarch64-darwin": { "outputs": [ { "name": "out", - "path": "/nix/store/gcbiad83pqc4xyc3qr85gc7vdzn31yvl-k9s-0.32.5", + "path": "/nix/store/5hv519gz95pwhg4vr9ka8g98bdd91mvx-lazydocker-0.24.1", "default": true } ], - "store_path": "/nix/store/gcbiad83pqc4xyc3qr85gc7vdzn31yvl-k9s-0.32.5" + "store_path": "/nix/store/5hv519gz95pwhg4vr9ka8g98bdd91mvx-lazydocker-0.24.1" }, "aarch64-linux": { "outputs": [ { "name": "out", - "path": "/nix/store/p977rq0i7cqirirnv5gzj4kdvi2gz0av-k9s-0.32.5", + "path": "/nix/store/5wb57rjn6xwyf4nc0mifgjd934i545ph-lazydocker-0.24.1", "default": true } ], - "store_path": "/nix/store/p977rq0i7cqirirnv5gzj4kdvi2gz0av-k9s-0.32.5" + "store_path": "/nix/store/5wb57rjn6xwyf4nc0mifgjd934i545ph-lazydocker-0.24.1" }, "x86_64-darwin": { "outputs": [ { "name": "out", - "path": "/nix/store/xsv5smy3931nznpilp2vlva8slzk63ps-k9s-0.32.5", + "path": "/nix/store/bj056q5lmy3dx6xafwlmvhjqgxjr3awq-lazydocker-0.24.1", "default": true } ], - "store_path": "/nix/store/xsv5smy3931nznpilp2vlva8slzk63ps-k9s-0.32.5" + "store_path": "/nix/store/bj056q5lmy3dx6xafwlmvhjqgxjr3awq-lazydocker-0.24.1" }, "x86_64-linux": { "outputs": [ { "name": "out", - "path": "/nix/store/6zmdvw89ql0ani1zjh2im6wfhm3i0c94-k9s-0.32.5", + "path": "/nix/store/4gwbhlb13pvdbxcb31mslkgd6pr62gyk-lazydocker-0.24.1", "default": true } ], - "store_path": "/nix/store/6zmdvw89ql0ani1zjh2im6wfhm3i0c94-k9s-0.32.5" - } - } - }, - "kubectl@latest": { - "last_modified": "2024-07-07T07:43:47Z", - "resolved": "github:NixOS/nixpkgs/b60793b86201040d9dee019a05089a9150d08b5b#kubectl", - "source": "devbox-search", - "version": "1.30.2", - "systems": { - "aarch64-darwin": { - "outputs": [ - { - "name": "out", - "path": "/nix/store/i1zidf41bkfzs2l1pq9fi1frymsfgywc-kubectl-1.30.2", - "default": true - }, - { - "name": "man", - "path": "/nix/store/dzxnn9mk9plcx3w9862jyd0nxys2yywz-kubectl-1.30.2-man", - "default": true - }, - { - "name": "convert", - "path": "/nix/store/v9ij5fnxxa02jkzpjvkbxw2jc4p9cbld-kubectl-1.30.2-convert" - } - ], - "store_path": "/nix/store/i1zidf41bkfzs2l1pq9fi1frymsfgywc-kubectl-1.30.2" - }, - "aarch64-linux": { - "outputs": [ - { - "name": "out", - "path": "/nix/store/k7ql4247qs6ny27m3iz5c9xf5gb248a2-kubectl-1.30.2", - "default": true - }, - { - "name": "man", - "path": "/nix/store/wy64r4nn3isydw4nx257h95qy2x2z4mx-kubectl-1.30.2-man", - "default": true - }, - { - "name": "convert", - "path": "/nix/store/ic8za302hvb4kf4zrs55ivr4q2n2lznn-kubectl-1.30.2-convert" - } - ], - "store_path": "/nix/store/k7ql4247qs6ny27m3iz5c9xf5gb248a2-kubectl-1.30.2" - }, - "x86_64-darwin": { - "outputs": [ - { - "name": "out", - "path": "/nix/store/v029n959l5b289br0cq591b04yc48516-kubectl-1.30.2", - "default": true - }, - { - "name": "man", - "path": "/nix/store/0dvcxn7gsi2ycy9blb7pcy506w4xp2vi-kubectl-1.30.2-man", - "default": true - }, - { - "name": "convert", - "path": "/nix/store/2nfq4ivwa4a7jwc0183f2wpl1jxbn754-kubectl-1.30.2-convert" - } - ], - "store_path": "/nix/store/v029n959l5b289br0cq591b04yc48516-kubectl-1.30.2" - }, - "x86_64-linux": { - "outputs": [ - { - "name": "out", - "path": "/nix/store/3vkf0406s1i6l89hk5wrakh4bbn0p1p2-kubectl-1.30.2", - "default": true - }, - { - "name": "man", - "path": "/nix/store/3wbvgkkka1knkxvyr4c8qbpr448smw8i-kubectl-1.30.2-man", - "default": true - }, - { - "name": "convert", - "path": "/nix/store/h5zxz8db6wligwhw5gnwk4gbc8j1ixik-kubectl-1.30.2-convert" - } - ], - "store_path": "/nix/store/3vkf0406s1i6l89hk5wrakh4bbn0p1p2-kubectl-1.30.2" - } - } - }, - "kubernetes-helm@latest": { - "last_modified": "2024-07-20T09:11:00Z", - "resolved": "github:NixOS/nixpkgs/6e14bbce7bea6c4efd7adfa88a40dac750d80100#kubernetes-helm", - "source": "devbox-search", - "version": "3.15.3", - "systems": { - "aarch64-darwin": { - "outputs": [ - { - "name": "out", - "path": "/nix/store/z4w7bnylg9h3f543yrf9bcwkxzfs82z2-kubernetes-helm-3.15.3", - "default": true - } - ], - "store_path": "/nix/store/z4w7bnylg9h3f543yrf9bcwkxzfs82z2-kubernetes-helm-3.15.3" - }, - "aarch64-linux": { - "outputs": [ - { - "name": "out", - "path": "/nix/store/aa4jksq9ljgha8plw5cqyxf60n931dir-kubernetes-helm-3.15.3", - "default": true - } - ], - "store_path": "/nix/store/aa4jksq9ljgha8plw5cqyxf60n931dir-kubernetes-helm-3.15.3" - }, - "x86_64-darwin": { - "outputs": [ - { - "name": "out", - "path": "/nix/store/5gjk6w3agm49ljiwi991ailvmw35zq1j-kubernetes-helm-3.15.3", - "default": true - } - ], - "store_path": "/nix/store/5gjk6w3agm49ljiwi991ailvmw35zq1j-kubernetes-helm-3.15.3" - }, - "x86_64-linux": { - "outputs": [ - { - "name": "out", - "path": "/nix/store/n4p0zh1s8jz9mqf1r1pki23kviq4waa7-kubernetes-helm-3.15.3", - "default": true - } - ], - "store_path": "/nix/store/n4p0zh1s8jz9mqf1r1pki23kviq4waa7-kubernetes-helm-3.15.3" + "store_path": "/nix/store/4gwbhlb13pvdbxcb31mslkgd6pr62gyk-lazydocker-0.24.1" } } }, @@ -793,162 +517,6 @@ } } }, - "tilt@latest": { - "last_modified": "2024-07-15T21:47:20Z", - "resolved": "github:NixOS/nixpkgs/b2c1f10bfbb3f617ea8e8669ac13f3f56ceb2ea2#tilt", - "source": "devbox-search", - "version": "0.33.17", - "systems": { - "aarch64-darwin": { - "outputs": [ - { - "name": "out", - "path": "/nix/store/l19qinywsx7y86xp8vgwr3bgnbi0rfcj-tilt-0.33.17", - "default": true - } - ], - "store_path": "/nix/store/l19qinywsx7y86xp8vgwr3bgnbi0rfcj-tilt-0.33.17" - }, - "aarch64-linux": { - "outputs": [ - { - "name": "out", - "path": "/nix/store/f6swxifmvnxjxifxyw4k4aiyxh0dgfyq-tilt-0.33.17", - "default": true - } - ], - "store_path": "/nix/store/f6swxifmvnxjxifxyw4k4aiyxh0dgfyq-tilt-0.33.17" - }, - "x86_64-darwin": { - "outputs": [ - { - "name": "out", - "path": "/nix/store/d59rlsabcqxax6bgw6d30zhmflw65ch0-tilt-0.33.17", - "default": true - } - ], - "store_path": "/nix/store/d59rlsabcqxax6bgw6d30zhmflw65ch0-tilt-0.33.17" - }, - "x86_64-linux": { - "outputs": [ - { - "name": "out", - "path": "/nix/store/qfv96sjcsslynqbilwj823x8nxvgj5cv-tilt-0.33.17", - "default": true - } - ], - "store_path": "/nix/store/qfv96sjcsslynqbilwj823x8nxvgj5cv-tilt-0.33.17" - } - } - }, - "vips@latest": { - "last_modified": "2024-09-01T03:39:50Z", - "resolved": "github:NixOS/nixpkgs/4a9443e2a4e06cbaff89056b5cdf6777c1fe5755#vips", - "source": "devbox-search", - "version": "8.15.2", - "systems": { - "aarch64-darwin": { - "outputs": [ - { - "name": "bin", - "path": "/nix/store/06dc4n06zs4jygbqa8c7fg9dcg39q9j9-vips-8.15.2-bin", - "default": true - }, - { - "name": "man", - "path": "/nix/store/442bpcz5cx0x2ddc2cp4041arqf87ph0-vips-8.15.2-man", - "default": true - }, - { - "name": "dev", - "path": "/nix/store/1l68927a29x2g1kyxcf7kxsh0lpnshvn-vips-8.15.2-dev" - }, - { - "name": "out", - "path": "/nix/store/6jnr4f8i012ki83bp0aml84acfigsdqr-vips-8.15.2" - } - ], - "store_path": "/nix/store/06dc4n06zs4jygbqa8c7fg9dcg39q9j9-vips-8.15.2-bin" - }, - "aarch64-linux": { - "outputs": [ - { - "name": "bin", - "path": "/nix/store/17asmchn0w4s7gic59r75n3drqdv12cn-vips-8.15.2-bin", - "default": true - }, - { - "name": "man", - "path": "/nix/store/1syxsf45h4ppyx1q0nynx1wnl4dxrnnv-vips-8.15.2-man", - "default": true - }, - { - "name": "dev", - "path": "/nix/store/afy2j1kdch6sb3ryqljlf163khs7hwkl-vips-8.15.2-dev" - }, - { - "name": "devdoc", - "path": "/nix/store/sifwrcrirz82gv0d9n0a683qz88msfzp-vips-8.15.2-devdoc" - }, - { - "name": "out", - "path": "/nix/store/rhlb3vk0sqy6cn521806qpw1rqzji0iv-vips-8.15.2" - } - ], - "store_path": "/nix/store/17asmchn0w4s7gic59r75n3drqdv12cn-vips-8.15.2-bin" - }, - "x86_64-darwin": { - "outputs": [ - { - "name": "bin", - "path": "/nix/store/gzqa0mv4czbw0c5243r97bhw8kch8qmi-vips-8.15.2-bin", - "default": true - }, - { - "name": "man", - "path": "/nix/store/38knm1dzqngi6w517g147gnpd2q720b1-vips-8.15.2-man", - "default": true - }, - { - "name": "dev", - "path": "/nix/store/f9vf62bnkrn1azgyvcjnmgsh1jknc33b-vips-8.15.2-dev" - }, - { - "name": "out", - "path": "/nix/store/487rhwp65bxzhanzf7brma1lcbis7w6c-vips-8.15.2" - } - ], - "store_path": "/nix/store/gzqa0mv4czbw0c5243r97bhw8kch8qmi-vips-8.15.2-bin" - }, - "x86_64-linux": { - "outputs": [ - { - "name": "bin", - "path": "/nix/store/bfy830xkb34pn4dym88rhzsqvlav25bq-vips-8.15.2-bin", - "default": true - }, - { - "name": "man", - "path": "/nix/store/ppi3phzcnr8bh4q4jnz5pp2grvh1dki9-vips-8.15.2-man", - "default": true - }, - { - "name": "dev", - "path": "/nix/store/6v5dd9lz15dls9k62dqnmdpi2af1y59n-vips-8.15.2-dev" - }, - { - "name": "devdoc", - "path": "/nix/store/9kf40jgp84bkxc6202x8z4nqwzn8627v-vips-8.15.2-devdoc" - }, - { - "name": "out", - "path": "/nix/store/k6aq70ncjh3d0vjcw6r8grw764hlagn5-vips-8.15.2" - } - ], - "store_path": "/nix/store/bfy830xkb34pn4dym88rhzsqvlav25bq-vips-8.15.2-bin" - } - } - }, "yt-dlp@latest": { "last_modified": "2024-07-18T22:08:26Z", "resolved": "github:NixOS/nixpkgs/cfa5366588c940ab6ee3bee399b337175545c664#yt-dlp", diff --git a/dockerfiles/bright.dockerfile b/dockerfiles/bright.dockerfile index 3b4b59a..70864d7 100644 --- a/dockerfiles/bright.dockerfile +++ b/dockerfiles/bright.dockerfile @@ -16,27 +16,26 @@ # - https://hub.docker.com/_/debian?tab=tags&page=1&name=bullseye-20241202-slim - for the release image # - https://pkgs.org/ - resource for finding needed packages # - Ex: hexpm/elixir:1.17.3-erlang-27.1.2-debian-bullseye-20241202-slim -# -ARG ELIXIR_VERSION=1.17.3 -ARG OTP_VERSION=27.1.2 -ARG DEBIAN_VERSION=bullseye-20241202-slim - -ARG BUILDER_IMAGE="hexpm/elixir:${ELIXIR_VERSION}-erlang-${OTP_VERSION}-debian-${DEBIAN_VERSION}" -ARG RUNNER_IMAGE="debian:${DEBIAN_VERSION}" +# - https://gitlab.com/ericlathrop/dockerize_elixir/-/blob/main/priv/templates/Dockerfile?ref_type=heads - - - - -FROM ${BUILDER_IMAGE} AS dev +FROM elixir:1.17.2-alpine AS dev # install build dependencies -RUN apt-get update -y && apt-get install -y build-essential git inotify-tools \ - && apt-get clean && rm -f /var/lib/apt/lists/*_* +RUN apt-get update -y \ + && apt-get install -y build-essential \ + && apt-get install -y git \ + && apt-get install -y inotify-tools \ + && apt-get clean \ + && rm -f /var/lib/apt/lists/*_* \ + && mkdir /home/user && \ + chown 1000.1000 /home/user + +ENV HOME=/home/user +USER 1000:1000 # prepare build dir WORKDIR /app @@ -47,6 +46,8 @@ RUN mix local.hex --force && \ # set build ENV ENV MIX_ENV="dev" +ENV DATABASE_URL="" +ENV PORT="" # install mix dependencies COPY ./services/bright/mix.exs ./services/bright/mix.lock ./ @@ -64,47 +65,4 @@ COPY ./services/bright/lib lib COPY ./services/bright/assets assets - -CMD ["mix", "phx.server"] - - - - - - - - - - -# # start a new build stage so that the final image will only contain -# # the compiled release and other runtime necessities -# FROM ${RUNNER_IMAGE} - -# RUN apt-get update -y && \ -# apt-get install -y libstdc++6 openssl libncurses5 locales ca-certificates \ -# && apt-get clean && rm -f /var/lib/apt/lists/*_* - -# # Set the locale -# RUN sed -i '/en_US.UTF-8/s/^# //g' /etc/locale.gen && locale-gen - -# ENV LANG en_US.UTF-8 -# ENV LANGUAGE en_US:en -# ENV LC_ALL en_US.UTF-8 - -# WORKDIR "/app" -# RUN chown nobody /app - -# # set runner ENV -# ENV MIX_ENV="prod" - -# # Only copy the final release from the build stage -# COPY --from=builder --chown=nobody:root /app/_build/${MIX_ENV}/rel/bright ./ - -# USER nobody - -# # If using an environment that doesn't automatically reap zombie processes, it is -# # advised to add an init process such as tini via `apt-get install` -# # above and adding an entrypoint. See https://github.com/krallin/tini for details -# # ENTRYPOINT ["/tini", "--"] - -# CMD ["/app/bin/server"] +CMD [ "mix", "ecto.setup", "&&", "mix", "phx.server" ] diff --git a/flux/README.md b/flux/README.md deleted file mode 100644 index 8d52bed..0000000 --- a/flux/README.md +++ /dev/null @@ -1,3 +0,0 @@ -# Futureporn flux - -Gitops https://fluxcd.io/flux/get-started/ \ No newline at end of file diff --git a/flux/apps/base/bitnami/kustomization.yaml b/flux/apps/base/bitnami/kustomization.yaml deleted file mode 100644 index 2bac203..0000000 --- a/flux/apps/base/bitnami/kustomization.yaml +++ /dev/null @@ -1,5 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -namespace: futureporn -resources: - - repository.yaml diff --git a/flux/apps/base/bitnami/repository.yaml b/flux/apps/base/bitnami/repository.yaml deleted file mode 100644 index 8d2af4c..0000000 --- a/flux/apps/base/bitnami/repository.yaml +++ /dev/null @@ -1,8 +0,0 @@ -apiVersion: source.toolkit.fluxcd.io/v1beta2 -kind: HelmRepository -metadata: - name: bitnami - namespace: futureporn -spec: - interval: 5m - url: https://charts.bitnami.com/bitnami diff --git a/flux/apps/base/drupal/kustomization.yaml b/flux/apps/base/drupal/kustomization.yaml deleted file mode 100644 index 7d4eed5..0000000 --- a/flux/apps/base/drupal/kustomization.yaml +++ /dev/null @@ -1,5 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -namespace: futureporn -resources: - - release.yaml diff --git a/flux/apps/base/drupal/release.yaml b/flux/apps/base/drupal/release.yaml deleted file mode 100644 index f0cb671..0000000 --- a/flux/apps/base/drupal/release.yaml +++ /dev/null @@ -1,25 +0,0 @@ -apiVersion: helm.toolkit.fluxcd.io/v2 -kind: HelmRelease -metadata: - namespace: futureporn - name: drupal -spec: - releaseName: drupal - chart: - spec: - version: "20.0.10" - chart: drupal - sourceRef: - kind: HelmRepository - name: bitnami - interval: 5m - install: - remediation: - retries: -1 - # Default values - # https://artifacthub.io/packages/helm/bitnami/drupal?modal=values - values: - fullnameOverride: drupal - mariadb: - enabled: true - allowEmptyPassword: true diff --git a/flux/apps/base/fp/kustomization.yaml b/flux/apps/base/fp/kustomization.yaml deleted file mode 100644 index c9b68af..0000000 --- a/flux/apps/base/fp/kustomization.yaml +++ /dev/null @@ -1,6 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -namespace: futureporn -resources: - - repository.yaml - - release.yaml diff --git a/flux/apps/base/fp/release.yaml b/flux/apps/base/fp/release.yaml deleted file mode 100644 index 77201fa..0000000 --- a/flux/apps/base/fp/release.yaml +++ /dev/null @@ -1,57 +0,0 @@ -apiVersion: helm.toolkit.fluxcd.io/v2 -kind: HelmRelease -metadata: - name: fp - namespace: futureporn - annotations: - meta.helm.sh/release-name: fp - meta.helm.sh/release-namespace: futureporn - labels: - app.kubernetes.io/managed-by: Helm -spec: - chart: - spec: - chart: ./charts/fp - ignoreMissingValuesFiles: false - sourceRef: - kind: GitRepository - name: fp - interval: 1m - install: - remediation: - retries: -1 - values: - storageClassName: vultr-block-storage-hdd - link2cid: - imageName: gitea.futureporn.net/futureporn/link2cid:latest - next: - imageName: gitea.futureporn.net/futureporn/next:latest - hostname: next.futureporn.svc.cluster.local - ingressClassName: nginx - capture: - imageName: gitea.futureporn.net/futureporn/capture:latest - worker: - imageName: gitea.futureporn.net/futureporn/worker:latest - replicas: 2 - scout: - manager: - imageName: gitea.futureporn.net/futureporn/scout-manager:latest - pubsubServerUrl: https://realtime.futureporn.svc.cluster.local/faye - hostname: next.futureporn.svc.cluster.local - cdnBucketUrl: https://fp-dev.b-cdn.net - s3BucketName: fp-dev - imageName: fp/scout - strapi: - imageName: fp/strapi - port: 1339 - url: https://strapi.fp.sbtp.xyz - hostname: strapi.futureporn.svc.cluster.local - ingressClassName: nginx - realtime: - imageName: gitea.futureporn.net/futureporn/realtime:latest - adminEmail: cj@futureporn.net - certManager: - issuer: letsencrypt-staging - echo: - hostname: echo.fp.sbtp.xyz - \ No newline at end of file diff --git a/flux/apps/base/fp/repository.yaml b/flux/apps/base/fp/repository.yaml deleted file mode 100644 index 88b5528..0000000 --- a/flux/apps/base/fp/repository.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: source.toolkit.fluxcd.io/v1 -kind: GitRepository -metadata: - name: fp - namespace: futureporn -spec: - interval: 1m - url: https://gitea.futureporn.net/futureporn/fp - ref: - branch: main - ignore: | - # exclude all - /* - # include charts directory - !/charts/ diff --git a/flux/apps/base/mariadb/kustomization.yaml b/flux/apps/base/mariadb/kustomization.yaml deleted file mode 100644 index 7d4eed5..0000000 --- a/flux/apps/base/mariadb/kustomization.yaml +++ /dev/null @@ -1,5 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -namespace: futureporn -resources: - - release.yaml diff --git a/flux/apps/base/mariadb/release.yaml b/flux/apps/base/mariadb/release.yaml deleted file mode 100644 index 7220dc6..0000000 --- a/flux/apps/base/mariadb/release.yaml +++ /dev/null @@ -1,23 +0,0 @@ -apiVersion: helm.toolkit.fluxcd.io/v2 -kind: HelmRelease -metadata: - namespace: futureporn - name: mariadb -spec: - releaseName: mariadb - chart: - spec: - version: "19.0.1" - chart: mariadb - sourceRef: - kind: HelmRepository - name: bitnami - interval: 5m - install: - remediation: - retries: -1 - # Default values - # https://artifacthub.io/packages/helm/bitnami/mariadb?modal=values - values: - fullnameOverride: mariadb-via-kustomize - diff --git a/flux/apps/base/podinfo/kustomization.yaml b/flux/apps/base/podinfo/kustomization.yaml deleted file mode 100644 index 026ca9d..0000000 --- a/flux/apps/base/podinfo/kustomization.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -namespace: futureporn -resources: - - namespace.yaml - - repository.yaml - - release.yaml diff --git a/flux/apps/base/podinfo/namespace.yaml b/flux/apps/base/podinfo/namespace.yaml deleted file mode 100644 index 5128776..0000000 --- a/flux/apps/base/podinfo/namespace.yaml +++ /dev/null @@ -1,4 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - name: podinfo diff --git a/flux/apps/base/podinfo/release.yaml b/flux/apps/base/podinfo/release.yaml deleted file mode 100644 index 01871d5..0000000 --- a/flux/apps/base/podinfo/release.yaml +++ /dev/null @@ -1,39 +0,0 @@ -apiVersion: helm.toolkit.fluxcd.io/v2 -kind: HelmRelease -metadata: - name: podinfo - namespace: futureporn -spec: - releaseName: podinfo - chart: - spec: - version: '6.6.3' - chart: podinfo - sourceRef: - kind: HelmRepository - name: podinfo - interval: 10m - install: - remediation: - retries: 3 - # Default values - # https://github.com/stefanprodan/podinfo/blob/master/charts/podinfo/values.yaml - values: - redis: - enabled: true - ingress: - enabled: true - className: "nginx" - annotations: - external-dns.alpha.kubernetes.io/hostname: podinfo.fp.sbtp.xyz - # cert-manager.io/cluster-issuer: "letsencrypt-staging" - # ingress.kubernetes.io/ssl-redirect: "true" - hosts: - - host: podinfo.fp.sbtp.xyz - paths: - - path: / - pathType: Prefix - tls: - - secretName: podinfo-tls - hosts: - - podinfo.fp.sbtp.xyz diff --git a/flux/apps/base/podinfo/repository.yaml b/flux/apps/base/podinfo/repository.yaml deleted file mode 100644 index e678008..0000000 --- a/flux/apps/base/podinfo/repository.yaml +++ /dev/null @@ -1,8 +0,0 @@ -apiVersion: source.toolkit.fluxcd.io/v1beta2 -kind: HelmRepository -metadata: - name: podinfo - namespace: futureporn -spec: - interval: 5m - url: https://stefanprodan.github.io/podinfo diff --git a/flux/apps/base/postgresql/kustomization.yaml b/flux/apps/base/postgresql/kustomization.yaml deleted file mode 100644 index 7d4eed5..0000000 --- a/flux/apps/base/postgresql/kustomization.yaml +++ /dev/null @@ -1,5 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -namespace: futureporn -resources: - - release.yaml diff --git a/flux/apps/base/postgresql/release.yaml b/flux/apps/base/postgresql/release.yaml deleted file mode 100644 index 6bd646b..0000000 --- a/flux/apps/base/postgresql/release.yaml +++ /dev/null @@ -1,36 +0,0 @@ -apiVersion: helm.toolkit.fluxcd.io/v2 -kind: HelmRelease -metadata: - namespace: futureporn - name: postgresql -spec: - releaseName: postgresql - chart: - spec: - version: "15.5.17" - chart: postgresql - sourceRef: - kind: HelmRepository - name: bitnami - interval: 5m - install: - remediation: - retries: -1 - # Default values - # https://artifacthub.io/packages/helm/bitnami/postgresql?modal=values - values: - auth: - enablePostgresUser: true - existingSecret: postgres - architecture: replication - readReplicas: - replicaCount: 3 - persistence: - size: 40Gi ## Vultr HDD minimum size - replication: - syncronousCommit: "on" - numSyncronousReplicas: 3 - applicationName: futureporn - primary: - persistence: - size: 40Gi ## Vultr HDD minimum size diff --git a/flux/apps/base/redis/kustomization.yaml b/flux/apps/base/redis/kustomization.yaml deleted file mode 100644 index 7d4eed5..0000000 --- a/flux/apps/base/redis/kustomization.yaml +++ /dev/null @@ -1,5 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -namespace: futureporn -resources: - - release.yaml diff --git a/flux/apps/base/redis/release.yaml b/flux/apps/base/redis/release.yaml deleted file mode 100644 index ef730cc..0000000 --- a/flux/apps/base/redis/release.yaml +++ /dev/null @@ -1,30 +0,0 @@ -apiVersion: helm.toolkit.fluxcd.io/v2 -kind: HelmRelease -metadata: - namespace: futureporn - name: redis -spec: - releaseName: redis - chart: - spec: - version: "19.6.2" - chart: redis - sourceRef: - kind: HelmRepository - name: bitnami - interval: 5m - install: - remediation: - retries: -1 - ## see https://artifacthub.io/packages/helm/bitnami/redis?modal=values - values: - master: - persistence: - enabled: false - auth: - existingSecret: redis - existingSecretPasswordKey: password - replica: - persistence: - enabled: false - architecture: standalone \ No newline at end of file diff --git a/flux/apps/development/README.md b/flux/apps/development/README.md deleted file mode 100644 index 7275cc3..0000000 --- a/flux/apps/development/README.md +++ /dev/null @@ -1,10 +0,0 @@ -Right now, we use Tilt for dev, flux for prod. - -It would be very nice to have only one way of deploying things regardless of the environment (development|staging|production) - -however, this doesn't work because fp Helm chart is pulled from git rather than a folder relative to the flux dir. (kind: GitRepository) - -We are constrained to CrossNamespaceObjectReference kind list - -https://fluxcd.io/flux/components/helm/api/v2/#helm.toolkit.fluxcd.io/v2.CrossNamespaceObjectReference -https://github.com/fluxcd/helm-controller/blob/c8ae4b6ad225d37b19bacb634db784d6096908ac/api/v2beta2/reference_types.go#L53 \ No newline at end of file diff --git a/flux/apps/development/fp-values.yaml b/flux/apps/development/fp-values.yaml deleted file mode 100644 index 2379d25..0000000 --- a/flux/apps/development/fp-values.yaml +++ /dev/null @@ -1,20 +0,0 @@ -apiVersion: helm.toolkit.fluxcd.io/v2 -kind: HelmRelease -metadata: - name: fp - namespace: futureporn -spec: - values: - next: - hostname: next.fp.sbtp.xyz - scout: - cdnBucketUrl: https://fp-dev.b-cdn.net - s3BucketName: fp-dev - imageName: gitea.futureporn.net/futureporn/scout:latest - strapi: - url: https://strapi.sbtp.xyz - hostname: strapi.fp.sbtp.xyz - imageName: gitea.futureporn.net/futureporn/strapi:latest - managedBy: Helm - certManager: - issuer: letsencrypt-staging \ No newline at end of file diff --git a/flux/apps/development/kustomization.yaml b/flux/apps/development/kustomization.yaml deleted file mode 100644 index 7486b38..0000000 --- a/flux/apps/development/kustomization.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -namespace: futureporn -resources: - - ../base/bitnami - - ../base/podinfo - - ../base/postgresql - - ../base/mariadb - - ../base/drupal - # - ../base/fp -patches: - # - path: podinfo-values.yaml - # target: - # kind: HelmRelease - # name: podinfo - - path: fp-values.yaml - target: - kind: HelmRelease - name: fp diff --git a/flux/apps/development/podinfo-values.yaml b/flux/apps/development/podinfo-values.yaml deleted file mode 100644 index 174cc82..0000000 --- a/flux/apps/development/podinfo-values.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: helm.toolkit.fluxcd.io/v2 -kind: HelmRelease -metadata: - name: podinfo - namespace: futureporn -spec: - chart: - spec: - version: ">=1.0.0-alpha" - test: - enable: false - values: - fullnameOverride: mariadb-taco - ingress: - hosts: - - host: podinfo.fp.sbtp.xyz - paths: - - path: / - pathType: ImplementationSpecific diff --git a/flux/apps/production/fp-values.yaml b/flux/apps/production/fp-values.yaml deleted file mode 100644 index e15715f..0000000 --- a/flux/apps/production/fp-values.yaml +++ /dev/null @@ -1,18 +0,0 @@ -apiVersion: helm.toolkit.fluxcd.io/v2 -kind: HelmRelease -metadata: - name: fp - namespace: futureporn -spec: - values: - next: - certIssuer: letsencrypt-prod - hostname: next.futureporn.net - scout: - cdnBucketUrl: https://futureporn-b2.b-cdn.net - s3BucketName: futureporn-b2 - strapi: - url: https://portal.futureporn.net - hostname: portal.futureporn.net - certManager: - issuer: letsencrypt-production \ No newline at end of file diff --git a/flux/apps/production/kustomization.yaml b/flux/apps/production/kustomization.yaml deleted file mode 100644 index 1e2099c..0000000 --- a/flux/apps/production/kustomization.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -namespace: futureporn -resources: - - ../base/bitnami - - ../base/redis - - ../base/postgresql - - ../base/fp -patches: - - path: fp-values.yaml - target: - kind: HelmRelease - name: fp diff --git a/flux/apps/staging/fp-values.yaml b/flux/apps/staging/fp-values.yaml deleted file mode 100644 index 2379d25..0000000 --- a/flux/apps/staging/fp-values.yaml +++ /dev/null @@ -1,20 +0,0 @@ -apiVersion: helm.toolkit.fluxcd.io/v2 -kind: HelmRelease -metadata: - name: fp - namespace: futureporn -spec: - values: - next: - hostname: next.fp.sbtp.xyz - scout: - cdnBucketUrl: https://fp-dev.b-cdn.net - s3BucketName: fp-dev - imageName: gitea.futureporn.net/futureporn/scout:latest - strapi: - url: https://strapi.sbtp.xyz - hostname: strapi.fp.sbtp.xyz - imageName: gitea.futureporn.net/futureporn/strapi:latest - managedBy: Helm - certManager: - issuer: letsencrypt-staging \ No newline at end of file diff --git a/flux/apps/staging/kustomization.yaml b/flux/apps/staging/kustomization.yaml deleted file mode 100644 index 0a9ec56..0000000 --- a/flux/apps/staging/kustomization.yaml +++ /dev/null @@ -1,18 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -namespace: futureporn -resources: - - ../base/bitnami - - ../base/redis - - ../base/podinfo - - ../base/postgresql - - ../base/fp -patches: - # - path: podinfo-values.yaml - # target: - # kind: HelmRelease - # name: podinfo - - path: fp-values.yaml - target: - kind: HelmRelease - name: fp diff --git a/flux/apps/staging/podinfo-values.yaml b/flux/apps/staging/podinfo-values.yaml deleted file mode 100644 index b0ee71a..0000000 --- a/flux/apps/staging/podinfo-values.yaml +++ /dev/null @@ -1,18 +0,0 @@ -apiVersion: helm.toolkit.fluxcd.io/v2 -kind: HelmRelease -metadata: - name: podinfo - namespace: futureporn -spec: - chart: - spec: - version: ">=1.0.0-alpha" - test: - enable: false - values: - ingress: - hosts: - - host: podinfo.fp.sbtp.xyz - paths: - - path: / - pathType: ImplementationSpecific diff --git a/flux/clusters/production/apps.yaml b/flux/clusters/production/apps.yaml deleted file mode 100644 index 0495f92..0000000 --- a/flux/clusters/production/apps.yaml +++ /dev/null @@ -1,17 +0,0 @@ ---- -apiVersion: kustomize.toolkit.fluxcd.io/v1 -kind: Kustomization -metadata: - name: apps - namespace: flux-system -spec: - interval: 10m0s - dependsOn: - - name: infra-configs - sourceRef: - kind: GitRepository - name: flux-system - path: ./apps/production - prune: true - wait: true - timeout: 5m0s diff --git a/flux/clusters/production/flux-system/gotk-components.yaml b/flux/clusters/production/flux-system/gotk-components.yaml deleted file mode 100644 index 8fd99ab..0000000 --- a/flux/clusters/production/flux-system/gotk-components.yaml +++ /dev/null @@ -1,12385 +0,0 @@ ---- -# This manifest was generated by flux. DO NOT EDIT. -# Flux Version: v2.3.0 -# Components: source-controller,kustomize-controller,helm-controller,notification-controller -apiVersion: v1 -kind: Namespace -metadata: - labels: - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.3.0 - pod-security.kubernetes.io/warn: restricted - pod-security.kubernetes.io/warn-version: latest - name: flux-system ---- -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - labels: - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.3.0 - name: allow-egress - namespace: flux-system -spec: - egress: - - {} - ingress: - - from: - - podSelector: {} - podSelector: {} - policyTypes: - - Ingress - - Egress ---- -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - labels: - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.3.0 - name: allow-scraping - namespace: flux-system -spec: - ingress: - - from: - - namespaceSelector: {} - ports: - - port: 8080 - protocol: TCP - podSelector: {} - policyTypes: - - Ingress ---- -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - labels: - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.3.0 - name: allow-webhooks - namespace: flux-system -spec: - ingress: - - from: - - namespaceSelector: {} - podSelector: - matchLabels: - app: notification-controller - policyTypes: - - Ingress ---- -apiVersion: v1 -kind: ResourceQuota -metadata: - labels: - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.3.0 - name: critical-pods-flux-system - namespace: flux-system -spec: - hard: - pods: "1000" - scopeSelector: - matchExpressions: - - operator: In - scopeName: PriorityClass - values: - - system-node-critical - - system-cluster-critical ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.3.0 - name: crd-controller-flux-system -rules: -- apiGroups: - - source.toolkit.fluxcd.io - resources: - - '*' - verbs: - - '*' -- apiGroups: - - kustomize.toolkit.fluxcd.io - resources: - - '*' - verbs: - - '*' -- apiGroups: - - helm.toolkit.fluxcd.io - resources: - - '*' - verbs: - - '*' -- apiGroups: - - notification.toolkit.fluxcd.io - resources: - - '*' - verbs: - - '*' -- apiGroups: - - image.toolkit.fluxcd.io - resources: - - '*' - verbs: - - '*' -- apiGroups: - - "" - resources: - - namespaces - - secrets - - configmaps - - serviceaccounts - verbs: - - get - - list - - watch -- apiGroups: - - "" - resources: - - events - verbs: - - create - - patch -- apiGroups: - - "" - resources: - - configmaps - verbs: - - get - - list - - watch - - create - - update - - patch - - delete -- apiGroups: - - "" - resources: - - configmaps/status - verbs: - - get - - update - - patch -- apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - get - - list - - watch - - create - - update - - patch - - delete -- nonResourceURLs: - - /livez/ping - verbs: - - head ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.3.0 - rbac.authorization.k8s.io/aggregate-to-admin: "true" - rbac.authorization.k8s.io/aggregate-to-edit: "true" - name: flux-edit-flux-system -rules: -- apiGroups: - - notification.toolkit.fluxcd.io - - source.toolkit.fluxcd.io - - helm.toolkit.fluxcd.io - - image.toolkit.fluxcd.io - - kustomize.toolkit.fluxcd.io - resources: - - '*' - verbs: - - create - - delete - - deletecollection - - patch - - update ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.3.0 - rbac.authorization.k8s.io/aggregate-to-admin: "true" - rbac.authorization.k8s.io/aggregate-to-edit: "true" - rbac.authorization.k8s.io/aggregate-to-view: "true" - name: flux-view-flux-system -rules: -- apiGroups: - - notification.toolkit.fluxcd.io - - source.toolkit.fluxcd.io - - helm.toolkit.fluxcd.io - - image.toolkit.fluxcd.io - - kustomize.toolkit.fluxcd.io - resources: - - '*' - verbs: - - get - - list - - watch ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - labels: - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.3.0 - name: cluster-reconciler-flux-system -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: cluster-admin -subjects: -- kind: ServiceAccount - name: kustomize-controller - namespace: flux-system -- kind: ServiceAccount - name: helm-controller - namespace: flux-system ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - labels: - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.3.0 - name: crd-controller-flux-system -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: crd-controller-flux-system -subjects: -- kind: ServiceAccount - name: kustomize-controller - namespace: flux-system -- kind: ServiceAccount - name: helm-controller - namespace: flux-system -- kind: ServiceAccount - name: source-controller - namespace: flux-system -- kind: ServiceAccount - name: notification-controller - namespace: flux-system -- kind: ServiceAccount - name: image-reflector-controller - namespace: flux-system -- kind: ServiceAccount - name: image-automation-controller - namespace: flux-system ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.15.0 - labels: - app.kubernetes.io/component: source-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.3.0 - name: buckets.source.toolkit.fluxcd.io -spec: - group: source.toolkit.fluxcd.io - names: - kind: Bucket - listKind: BucketList - plural: buckets - singular: bucket - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .spec.endpoint - name: Endpoint - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - deprecated: true - deprecationWarning: v1beta1 Bucket is deprecated, upgrade to v1beta2 - name: v1beta1 - schema: - openAPIV3Schema: - description: Bucket is the Schema for the buckets API - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: BucketSpec defines the desired state of an S3 compatible - bucket - properties: - accessFrom: - description: AccessFrom defines an Access Control List for allowing - cross-namespace references to this object. - properties: - namespaceSelectors: - description: |- - NamespaceSelectors is the list of namespace selectors to which this ACL applies. - Items in this list are evaluated using a logical OR operation. - items: - description: |- - NamespaceSelector selects the namespaces to which this ACL applies. - An empty map of MatchLabels matches all namespaces in a cluster. - properties: - matchLabels: - additionalProperties: - type: string - description: |- - MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - type: array - required: - - namespaceSelectors - type: object - bucketName: - description: The bucket name. - type: string - endpoint: - description: The bucket endpoint address. - type: string - ignore: - description: |- - Ignore overrides the set of excluded patterns in the .sourceignore format - (which is the same as .gitignore). If not provided, a default will be used, - consult the documentation for your version to find out what those are. - type: string - insecure: - description: Insecure allows connecting to a non-TLS S3 HTTP endpoint. - type: boolean - interval: - description: The interval at which to check for bucket updates. - type: string - provider: - default: generic - description: The S3 compatible storage provider name, default ('generic'). - enum: - - generic - - aws - - gcp - type: string - region: - description: The bucket region. - type: string - secretRef: - description: |- - The name of the secret containing authentication credentials - for the Bucket. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - suspend: - description: This flag tells the controller to suspend the reconciliation - of this source. - type: boolean - timeout: - default: 60s - description: The timeout for download operations, defaults to 60s. - type: string - required: - - bucketName - - endpoint - - interval - type: object - status: - default: - observedGeneration: -1 - description: BucketStatus defines the observed state of a bucket - properties: - artifact: - description: Artifact represents the output of the last successful - Bucket sync. - properties: - checksum: - description: Checksum is the SHA256 checksum of the artifact. - type: string - lastUpdateTime: - description: |- - LastUpdateTime is the timestamp corresponding to the last update of this - artifact. - format: date-time - type: string - path: - description: Path is the relative file path of this artifact. - type: string - revision: - description: |- - Revision is a human readable identifier traceable in the origin source - system. It can be a Git commit SHA, Git tag, a Helm index timestamp, a Helm - chart version, etc. - type: string - url: - description: URL is the HTTP address of this artifact. - type: string - required: - - path - - url - type: object - conditions: - description: Conditions holds the conditions for the Bucket. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - lastHandledReconcileAt: - description: |- - LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value - can be detected. - type: string - observedGeneration: - description: ObservedGeneration is the last observed generation. - format: int64 - type: integer - url: - description: URL is the download link for the artifact output of the - last Bucket sync. - type: string - type: object - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .spec.endpoint - name: Endpoint - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - name: v1beta2 - schema: - openAPIV3Schema: - description: Bucket is the Schema for the buckets API. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: |- - BucketSpec specifies the required configuration to produce an Artifact for - an object storage bucket. - properties: - accessFrom: - description: |- - AccessFrom specifies an Access Control List for allowing cross-namespace - references to this object. - NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092 - properties: - namespaceSelectors: - description: |- - NamespaceSelectors is the list of namespace selectors to which this ACL applies. - Items in this list are evaluated using a logical OR operation. - items: - description: |- - NamespaceSelector selects the namespaces to which this ACL applies. - An empty map of MatchLabels matches all namespaces in a cluster. - properties: - matchLabels: - additionalProperties: - type: string - description: |- - MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - type: array - required: - - namespaceSelectors - type: object - bucketName: - description: BucketName is the name of the object storage bucket. - type: string - endpoint: - description: Endpoint is the object storage address the BucketName - is located at. - type: string - ignore: - description: |- - Ignore overrides the set of excluded patterns in the .sourceignore format - (which is the same as .gitignore). If not provided, a default will be used, - consult the documentation for your version to find out what those are. - type: string - insecure: - description: Insecure allows connecting to a non-TLS HTTP Endpoint. - type: boolean - interval: - description: |- - Interval at which the Bucket Endpoint is checked for updates. - This interval is approximate and may be subject to jitter to ensure - efficient use of resources. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - prefix: - description: Prefix to use for server-side filtering of files in the - Bucket. - type: string - provider: - default: generic - description: |- - Provider of the object storage bucket. - Defaults to 'generic', which expects an S3 (API) compatible object - storage. - enum: - - generic - - aws - - gcp - - azure - type: string - region: - description: Region of the Endpoint where the BucketName is located - in. - type: string - secretRef: - description: |- - SecretRef specifies the Secret containing authentication credentials - for the Bucket. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - suspend: - description: |- - Suspend tells the controller to suspend the reconciliation of this - Bucket. - type: boolean - timeout: - default: 60s - description: Timeout for fetch operations, defaults to 60s. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ - type: string - required: - - bucketName - - endpoint - - interval - type: object - status: - default: - observedGeneration: -1 - description: BucketStatus records the observed state of a Bucket. - properties: - artifact: - description: Artifact represents the last successful Bucket reconciliation. - properties: - digest: - description: Digest is the digest of the file in the form of ':'. - pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ - type: string - lastUpdateTime: - description: |- - LastUpdateTime is the timestamp corresponding to the last update of the - Artifact. - format: date-time - type: string - metadata: - additionalProperties: - type: string - description: Metadata holds upstream information such as OCI annotations. - type: object - path: - description: |- - Path is the relative file path of the Artifact. It can be used to locate - the file in the root of the Artifact storage on the local file system of - the controller managing the Source. - type: string - revision: - description: |- - Revision is a human-readable identifier traceable in the origin source - system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. - type: string - size: - description: Size is the number of bytes in the file. - format: int64 - type: integer - url: - description: |- - URL is the HTTP address of the Artifact as exposed by the controller - managing the Source. It can be used to retrieve the Artifact for - consumption, e.g. by another controller applying the Artifact contents. - type: string - required: - - lastUpdateTime - - path - - revision - - url - type: object - conditions: - description: Conditions holds the conditions for the Bucket. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - lastHandledReconcileAt: - description: |- - LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value - can be detected. - type: string - observedGeneration: - description: ObservedGeneration is the last observed generation of - the Bucket object. - format: int64 - type: integer - observedIgnore: - description: |- - ObservedIgnore is the observed exclusion patterns used for constructing - the source artifact. - type: string - url: - description: |- - URL is the dynamic fetch link for the latest Artifact. - It is provided on a "best effort" basis, and using the precise - BucketStatus.Artifact data is recommended. - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.15.0 - labels: - app.kubernetes.io/component: source-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.3.0 - name: gitrepositories.source.toolkit.fluxcd.io -spec: - group: source.toolkit.fluxcd.io - names: - kind: GitRepository - listKind: GitRepositoryList - plural: gitrepositories - shortNames: - - gitrepo - singular: gitrepository - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .spec.url - name: URL - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - name: v1 - schema: - openAPIV3Schema: - description: GitRepository is the Schema for the gitrepositories API. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: |- - GitRepositorySpec specifies the required configuration to produce an - Artifact for a Git repository. - properties: - ignore: - description: |- - Ignore overrides the set of excluded patterns in the .sourceignore format - (which is the same as .gitignore). If not provided, a default will be used, - consult the documentation for your version to find out what those are. - type: string - include: - description: |- - Include specifies a list of GitRepository resources which Artifacts - should be included in the Artifact produced for this GitRepository. - items: - description: |- - GitRepositoryInclude specifies a local reference to a GitRepository which - Artifact (sub-)contents must be included, and where they should be placed. - properties: - fromPath: - description: |- - FromPath specifies the path to copy contents from, defaults to the root - of the Artifact. - type: string - repository: - description: |- - GitRepositoryRef specifies the GitRepository which Artifact contents - must be included. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - toPath: - description: |- - ToPath specifies the path to copy contents to, defaults to the name of - the GitRepositoryRef. - type: string - required: - - repository - type: object - type: array - interval: - description: |- - Interval at which the GitRepository URL is checked for updates. - This interval is approximate and may be subject to jitter to ensure - efficient use of resources. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - proxySecretRef: - description: |- - ProxySecretRef specifies the Secret containing the proxy configuration - to use while communicating with the Git server. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - recurseSubmodules: - description: |- - RecurseSubmodules enables the initialization of all submodules within - the GitRepository as cloned from the URL, using their default settings. - type: boolean - ref: - description: |- - Reference specifies the Git reference to resolve and monitor for - changes, defaults to the 'master' branch. - properties: - branch: - description: Branch to check out, defaults to 'master' if no other - field is defined. - type: string - commit: - description: |- - Commit SHA to check out, takes precedence over all reference fields. - - - This can be combined with Branch to shallow clone the branch, in which - the commit is expected to exist. - type: string - name: - description: |- - Name of the reference to check out; takes precedence over Branch, Tag and SemVer. - - - It must be a valid Git reference: https://git-scm.com/docs/git-check-ref-format#_description - Examples: "refs/heads/main", "refs/tags/v0.1.0", "refs/pull/420/head", "refs/merge-requests/1/head" - type: string - semver: - description: SemVer tag expression to check out, takes precedence - over Tag. - type: string - tag: - description: Tag to check out, takes precedence over Branch. - type: string - type: object - secretRef: - description: |- - SecretRef specifies the Secret containing authentication credentials for - the GitRepository. - For HTTPS repositories the Secret must contain 'username' and 'password' - fields for basic auth or 'bearerToken' field for token auth. - For SSH repositories the Secret must contain 'identity' - and 'known_hosts' fields. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - suspend: - description: |- - Suspend tells the controller to suspend the reconciliation of this - GitRepository. - type: boolean - timeout: - default: 60s - description: Timeout for Git operations like cloning, defaults to - 60s. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ - type: string - url: - description: URL specifies the Git repository URL, it can be an HTTP/S - or SSH address. - pattern: ^(http|https|ssh)://.*$ - type: string - verify: - description: |- - Verification specifies the configuration to verify the Git commit - signature(s). - properties: - mode: - default: HEAD - description: |- - Mode specifies which Git object(s) should be verified. - - - The variants "head" and "HEAD" both imply the same thing, i.e. verify - the commit that the HEAD of the Git repository points to. The variant - "head" solely exists to ensure backwards compatibility. - enum: - - head - - HEAD - - Tag - - TagAndHEAD - type: string - secretRef: - description: |- - SecretRef specifies the Secret containing the public keys of trusted Git - authors. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - required: - - secretRef - type: object - required: - - interval - - url - type: object - status: - default: - observedGeneration: -1 - description: GitRepositoryStatus records the observed state of a Git repository. - properties: - artifact: - description: Artifact represents the last successful GitRepository - reconciliation. - properties: - digest: - description: Digest is the digest of the file in the form of ':'. - pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ - type: string - lastUpdateTime: - description: |- - LastUpdateTime is the timestamp corresponding to the last update of the - Artifact. - format: date-time - type: string - metadata: - additionalProperties: - type: string - description: Metadata holds upstream information such as OCI annotations. - type: object - path: - description: |- - Path is the relative file path of the Artifact. It can be used to locate - the file in the root of the Artifact storage on the local file system of - the controller managing the Source. - type: string - revision: - description: |- - Revision is a human-readable identifier traceable in the origin source - system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. - type: string - size: - description: Size is the number of bytes in the file. - format: int64 - type: integer - url: - description: |- - URL is the HTTP address of the Artifact as exposed by the controller - managing the Source. It can be used to retrieve the Artifact for - consumption, e.g. by another controller applying the Artifact contents. - type: string - required: - - lastUpdateTime - - path - - revision - - url - type: object - conditions: - description: Conditions holds the conditions for the GitRepository. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - includedArtifacts: - description: |- - IncludedArtifacts contains a list of the last successfully included - Artifacts as instructed by GitRepositorySpec.Include. - items: - description: Artifact represents the output of a Source reconciliation. - properties: - digest: - description: Digest is the digest of the file in the form of - ':'. - pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ - type: string - lastUpdateTime: - description: |- - LastUpdateTime is the timestamp corresponding to the last update of the - Artifact. - format: date-time - type: string - metadata: - additionalProperties: - type: string - description: Metadata holds upstream information such as OCI - annotations. - type: object - path: - description: |- - Path is the relative file path of the Artifact. It can be used to locate - the file in the root of the Artifact storage on the local file system of - the controller managing the Source. - type: string - revision: - description: |- - Revision is a human-readable identifier traceable in the origin source - system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. - type: string - size: - description: Size is the number of bytes in the file. - format: int64 - type: integer - url: - description: |- - URL is the HTTP address of the Artifact as exposed by the controller - managing the Source. It can be used to retrieve the Artifact for - consumption, e.g. by another controller applying the Artifact contents. - type: string - required: - - lastUpdateTime - - path - - revision - - url - type: object - type: array - lastHandledReconcileAt: - description: |- - LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value - can be detected. - type: string - observedGeneration: - description: |- - ObservedGeneration is the last observed generation of the GitRepository - object. - format: int64 - type: integer - observedIgnore: - description: |- - ObservedIgnore is the observed exclusion patterns used for constructing - the source artifact. - type: string - observedInclude: - description: |- - ObservedInclude is the observed list of GitRepository resources used to - produce the current Artifact. - items: - description: |- - GitRepositoryInclude specifies a local reference to a GitRepository which - Artifact (sub-)contents must be included, and where they should be placed. - properties: - fromPath: - description: |- - FromPath specifies the path to copy contents from, defaults to the root - of the Artifact. - type: string - repository: - description: |- - GitRepositoryRef specifies the GitRepository which Artifact contents - must be included. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - toPath: - description: |- - ToPath specifies the path to copy contents to, defaults to the name of - the GitRepositoryRef. - type: string - required: - - repository - type: object - type: array - observedRecurseSubmodules: - description: |- - ObservedRecurseSubmodules is the observed resource submodules - configuration used to produce the current Artifact. - type: boolean - sourceVerificationMode: - description: |- - SourceVerificationMode is the last used verification mode indicating - which Git object(s) have been verified. - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .spec.url - name: URL - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - deprecated: true - deprecationWarning: v1beta1 GitRepository is deprecated, upgrade to v1 - name: v1beta1 - schema: - openAPIV3Schema: - description: GitRepository is the Schema for the gitrepositories API - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: GitRepositorySpec defines the desired state of a Git repository. - properties: - accessFrom: - description: AccessFrom defines an Access Control List for allowing - cross-namespace references to this object. - properties: - namespaceSelectors: - description: |- - NamespaceSelectors is the list of namespace selectors to which this ACL applies. - Items in this list are evaluated using a logical OR operation. - items: - description: |- - NamespaceSelector selects the namespaces to which this ACL applies. - An empty map of MatchLabels matches all namespaces in a cluster. - properties: - matchLabels: - additionalProperties: - type: string - description: |- - MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - type: array - required: - - namespaceSelectors - type: object - gitImplementation: - default: go-git - description: |- - Determines which git client library to use. - Defaults to go-git, valid values are ('go-git', 'libgit2'). - enum: - - go-git - - libgit2 - type: string - ignore: - description: |- - Ignore overrides the set of excluded patterns in the .sourceignore format - (which is the same as .gitignore). If not provided, a default will be used, - consult the documentation for your version to find out what those are. - type: string - include: - description: Extra git repositories to map into the repository - items: - description: GitRepositoryInclude defines a source with a from and - to path. - properties: - fromPath: - description: The path to copy contents from, defaults to the - root directory. - type: string - repository: - description: Reference to a GitRepository to include. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - toPath: - description: The path to copy contents to, defaults to the name - of the source ref. - type: string - required: - - repository - type: object - type: array - interval: - description: The interval at which to check for repository updates. - type: string - recurseSubmodules: - description: |- - When enabled, after the clone is created, initializes all submodules within, - using their default settings. - This option is available only when using the 'go-git' GitImplementation. - type: boolean - ref: - description: |- - The Git reference to checkout and monitor for changes, defaults to - master branch. - properties: - branch: - description: The Git branch to checkout, defaults to master. - type: string - commit: - description: The Git commit SHA to checkout, if specified Tag - filters will be ignored. - type: string - semver: - description: The Git tag semver expression, takes precedence over - Tag. - type: string - tag: - description: The Git tag to checkout, takes precedence over Branch. - type: string - type: object - secretRef: - description: |- - The secret name containing the Git credentials. - For HTTPS repositories the secret must contain username and password - fields. - For SSH repositories the secret must contain identity and known_hosts - fields. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - suspend: - description: This flag tells the controller to suspend the reconciliation - of this source. - type: boolean - timeout: - default: 60s - description: The timeout for remote Git operations like cloning, defaults - to 60s. - type: string - url: - description: The repository URL, can be a HTTP/S or SSH address. - pattern: ^(http|https|ssh)://.*$ - type: string - verify: - description: Verify OpenPGP signature for the Git commit HEAD points - to. - properties: - mode: - description: Mode describes what git object should be verified, - currently ('head'). - enum: - - head - type: string - secretRef: - description: The secret name containing the public keys of all - trusted Git authors. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - required: - - mode - type: object - required: - - interval - - url - type: object - status: - default: - observedGeneration: -1 - description: GitRepositoryStatus defines the observed state of a Git repository. - properties: - artifact: - description: Artifact represents the output of the last successful - repository sync. - properties: - checksum: - description: Checksum is the SHA256 checksum of the artifact. - type: string - lastUpdateTime: - description: |- - LastUpdateTime is the timestamp corresponding to the last update of this - artifact. - format: date-time - type: string - path: - description: Path is the relative file path of this artifact. - type: string - revision: - description: |- - Revision is a human readable identifier traceable in the origin source - system. It can be a Git commit SHA, Git tag, a Helm index timestamp, a Helm - chart version, etc. - type: string - url: - description: URL is the HTTP address of this artifact. - type: string - required: - - path - - url - type: object - conditions: - description: Conditions holds the conditions for the GitRepository. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - includedArtifacts: - description: IncludedArtifacts represents the included artifacts from - the last successful repository sync. - items: - description: Artifact represents the output of a source synchronisation. - properties: - checksum: - description: Checksum is the SHA256 checksum of the artifact. - type: string - lastUpdateTime: - description: |- - LastUpdateTime is the timestamp corresponding to the last update of this - artifact. - format: date-time - type: string - path: - description: Path is the relative file path of this artifact. - type: string - revision: - description: |- - Revision is a human readable identifier traceable in the origin source - system. It can be a Git commit SHA, Git tag, a Helm index timestamp, a Helm - chart version, etc. - type: string - url: - description: URL is the HTTP address of this artifact. - type: string - required: - - path - - url - type: object - type: array - lastHandledReconcileAt: - description: |- - LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value - can be detected. - type: string - observedGeneration: - description: ObservedGeneration is the last observed generation. - format: int64 - type: integer - url: - description: |- - URL is the download link for the artifact output of the last repository - sync. - type: string - type: object - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .spec.url - name: URL - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - deprecated: true - deprecationWarning: v1beta2 GitRepository is deprecated, upgrade to v1 - name: v1beta2 - schema: - openAPIV3Schema: - description: GitRepository is the Schema for the gitrepositories API. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: |- - GitRepositorySpec specifies the required configuration to produce an - Artifact for a Git repository. - properties: - accessFrom: - description: |- - AccessFrom specifies an Access Control List for allowing cross-namespace - references to this object. - NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092 - properties: - namespaceSelectors: - description: |- - NamespaceSelectors is the list of namespace selectors to which this ACL applies. - Items in this list are evaluated using a logical OR operation. - items: - description: |- - NamespaceSelector selects the namespaces to which this ACL applies. - An empty map of MatchLabels matches all namespaces in a cluster. - properties: - matchLabels: - additionalProperties: - type: string - description: |- - MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - type: array - required: - - namespaceSelectors - type: object - gitImplementation: - default: go-git - description: |- - GitImplementation specifies which Git client library implementation to - use. Defaults to 'go-git', valid values are ('go-git', 'libgit2'). - Deprecated: gitImplementation is deprecated now that 'go-git' is the - only supported implementation. - enum: - - go-git - - libgit2 - type: string - ignore: - description: |- - Ignore overrides the set of excluded patterns in the .sourceignore format - (which is the same as .gitignore). If not provided, a default will be used, - consult the documentation for your version to find out what those are. - type: string - include: - description: |- - Include specifies a list of GitRepository resources which Artifacts - should be included in the Artifact produced for this GitRepository. - items: - description: |- - GitRepositoryInclude specifies a local reference to a GitRepository which - Artifact (sub-)contents must be included, and where they should be placed. - properties: - fromPath: - description: |- - FromPath specifies the path to copy contents from, defaults to the root - of the Artifact. - type: string - repository: - description: |- - GitRepositoryRef specifies the GitRepository which Artifact contents - must be included. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - toPath: - description: |- - ToPath specifies the path to copy contents to, defaults to the name of - the GitRepositoryRef. - type: string - required: - - repository - type: object - type: array - interval: - description: Interval at which to check the GitRepository for updates. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - recurseSubmodules: - description: |- - RecurseSubmodules enables the initialization of all submodules within - the GitRepository as cloned from the URL, using their default settings. - type: boolean - ref: - description: |- - Reference specifies the Git reference to resolve and monitor for - changes, defaults to the 'master' branch. - properties: - branch: - description: Branch to check out, defaults to 'master' if no other - field is defined. - type: string - commit: - description: |- - Commit SHA to check out, takes precedence over all reference fields. - - - This can be combined with Branch to shallow clone the branch, in which - the commit is expected to exist. - type: string - name: - description: |- - Name of the reference to check out; takes precedence over Branch, Tag and SemVer. - - - It must be a valid Git reference: https://git-scm.com/docs/git-check-ref-format#_description - Examples: "refs/heads/main", "refs/tags/v0.1.0", "refs/pull/420/head", "refs/merge-requests/1/head" - type: string - semver: - description: SemVer tag expression to check out, takes precedence - over Tag. - type: string - tag: - description: Tag to check out, takes precedence over Branch. - type: string - type: object - secretRef: - description: |- - SecretRef specifies the Secret containing authentication credentials for - the GitRepository. - For HTTPS repositories the Secret must contain 'username' and 'password' - fields for basic auth or 'bearerToken' field for token auth. - For SSH repositories the Secret must contain 'identity' - and 'known_hosts' fields. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - suspend: - description: |- - Suspend tells the controller to suspend the reconciliation of this - GitRepository. - type: boolean - timeout: - default: 60s - description: Timeout for Git operations like cloning, defaults to - 60s. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ - type: string - url: - description: URL specifies the Git repository URL, it can be an HTTP/S - or SSH address. - pattern: ^(http|https|ssh)://.*$ - type: string - verify: - description: |- - Verification specifies the configuration to verify the Git commit - signature(s). - properties: - mode: - description: Mode specifies what Git object should be verified, - currently ('head'). - enum: - - head - type: string - secretRef: - description: |- - SecretRef specifies the Secret containing the public keys of trusted Git - authors. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - required: - - mode - - secretRef - type: object - required: - - interval - - url - type: object - status: - default: - observedGeneration: -1 - description: GitRepositoryStatus records the observed state of a Git repository. - properties: - artifact: - description: Artifact represents the last successful GitRepository - reconciliation. - properties: - digest: - description: Digest is the digest of the file in the form of ':'. - pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ - type: string - lastUpdateTime: - description: |- - LastUpdateTime is the timestamp corresponding to the last update of the - Artifact. - format: date-time - type: string - metadata: - additionalProperties: - type: string - description: Metadata holds upstream information such as OCI annotations. - type: object - path: - description: |- - Path is the relative file path of the Artifact. It can be used to locate - the file in the root of the Artifact storage on the local file system of - the controller managing the Source. - type: string - revision: - description: |- - Revision is a human-readable identifier traceable in the origin source - system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. - type: string - size: - description: Size is the number of bytes in the file. - format: int64 - type: integer - url: - description: |- - URL is the HTTP address of the Artifact as exposed by the controller - managing the Source. It can be used to retrieve the Artifact for - consumption, e.g. by another controller applying the Artifact contents. - type: string - required: - - lastUpdateTime - - path - - revision - - url - type: object - conditions: - description: Conditions holds the conditions for the GitRepository. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - contentConfigChecksum: - description: |- - ContentConfigChecksum is a checksum of all the configurations related to - the content of the source artifact: - - .spec.ignore - - .spec.recurseSubmodules - - .spec.included and the checksum of the included artifacts - observed in .status.observedGeneration version of the object. This can - be used to determine if the content of the included repository has - changed. - It has the format of `:`, for example: `sha256:`. - - - Deprecated: Replaced with explicit fields for observed artifact content - config in the status. - type: string - includedArtifacts: - description: |- - IncludedArtifacts contains a list of the last successfully included - Artifacts as instructed by GitRepositorySpec.Include. - items: - description: Artifact represents the output of a Source reconciliation. - properties: - digest: - description: Digest is the digest of the file in the form of - ':'. - pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ - type: string - lastUpdateTime: - description: |- - LastUpdateTime is the timestamp corresponding to the last update of the - Artifact. - format: date-time - type: string - metadata: - additionalProperties: - type: string - description: Metadata holds upstream information such as OCI - annotations. - type: object - path: - description: |- - Path is the relative file path of the Artifact. It can be used to locate - the file in the root of the Artifact storage on the local file system of - the controller managing the Source. - type: string - revision: - description: |- - Revision is a human-readable identifier traceable in the origin source - system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. - type: string - size: - description: Size is the number of bytes in the file. - format: int64 - type: integer - url: - description: |- - URL is the HTTP address of the Artifact as exposed by the controller - managing the Source. It can be used to retrieve the Artifact for - consumption, e.g. by another controller applying the Artifact contents. - type: string - required: - - lastUpdateTime - - path - - revision - - url - type: object - type: array - lastHandledReconcileAt: - description: |- - LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value - can be detected. - type: string - observedGeneration: - description: |- - ObservedGeneration is the last observed generation of the GitRepository - object. - format: int64 - type: integer - observedIgnore: - description: |- - ObservedIgnore is the observed exclusion patterns used for constructing - the source artifact. - type: string - observedInclude: - description: |- - ObservedInclude is the observed list of GitRepository resources used to - to produce the current Artifact. - items: - description: |- - GitRepositoryInclude specifies a local reference to a GitRepository which - Artifact (sub-)contents must be included, and where they should be placed. - properties: - fromPath: - description: |- - FromPath specifies the path to copy contents from, defaults to the root - of the Artifact. - type: string - repository: - description: |- - GitRepositoryRef specifies the GitRepository which Artifact contents - must be included. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - toPath: - description: |- - ToPath specifies the path to copy contents to, defaults to the name of - the GitRepositoryRef. - type: string - required: - - repository - type: object - type: array - observedRecurseSubmodules: - description: |- - ObservedRecurseSubmodules is the observed resource submodules - configuration used to produce the current Artifact. - type: boolean - url: - description: |- - URL is the dynamic fetch link for the latest Artifact. - It is provided on a "best effort" basis, and using the precise - GitRepositoryStatus.Artifact data is recommended. - type: string - type: object - type: object - served: true - storage: false - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.15.0 - labels: - app.kubernetes.io/component: source-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.3.0 - name: helmcharts.source.toolkit.fluxcd.io -spec: - group: source.toolkit.fluxcd.io - names: - kind: HelmChart - listKind: HelmChartList - plural: helmcharts - shortNames: - - hc - singular: helmchart - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .spec.chart - name: Chart - type: string - - jsonPath: .spec.version - name: Version - type: string - - jsonPath: .spec.sourceRef.kind - name: Source Kind - type: string - - jsonPath: .spec.sourceRef.name - name: Source Name - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - name: v1 - schema: - openAPIV3Schema: - description: HelmChart is the Schema for the helmcharts API. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: HelmChartSpec specifies the desired state of a Helm chart. - properties: - chart: - description: |- - Chart is the name or path the Helm chart is available at in the - SourceRef. - type: string - ignoreMissingValuesFiles: - description: |- - IgnoreMissingValuesFiles controls whether to silently ignore missing values - files rather than failing. - type: boolean - interval: - description: |- - Interval at which the HelmChart SourceRef is checked for updates. - This interval is approximate and may be subject to jitter to ensure - efficient use of resources. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - reconcileStrategy: - default: ChartVersion - description: |- - ReconcileStrategy determines what enables the creation of a new artifact. - Valid values are ('ChartVersion', 'Revision'). - See the documentation of the values for an explanation on their behavior. - Defaults to ChartVersion when omitted. - enum: - - ChartVersion - - Revision - type: string - sourceRef: - description: SourceRef is the reference to the Source the chart is - available at. - properties: - apiVersion: - description: APIVersion of the referent. - type: string - kind: - description: |- - Kind of the referent, valid values are ('HelmRepository', 'GitRepository', - 'Bucket'). - enum: - - HelmRepository - - GitRepository - - Bucket - type: string - name: - description: Name of the referent. - type: string - required: - - kind - - name - type: object - suspend: - description: |- - Suspend tells the controller to suspend the reconciliation of this - source. - type: boolean - valuesFiles: - description: |- - ValuesFiles is an alternative list of values files to use as the chart - values (values.yaml is not included by default), expected to be a - relative path in the SourceRef. - Values files are merged in the order of this list with the last file - overriding the first. Ignored when omitted. - items: - type: string - type: array - verify: - description: |- - Verify contains the secret name containing the trusted public keys - used to verify the signature and specifies which provider to use to check - whether OCI image is authentic. - This field is only supported when using HelmRepository source with spec.type 'oci'. - Chart dependencies, which are not bundled in the umbrella chart artifact, are not verified. - properties: - matchOIDCIdentity: - description: |- - MatchOIDCIdentity specifies the identity matching criteria to use - while verifying an OCI artifact which was signed using Cosign keyless - signing. The artifact's identity is deemed to be verified if any of the - specified matchers match against the identity. - items: - description: |- - OIDCIdentityMatch specifies options for verifying the certificate identity, - i.e. the issuer and the subject of the certificate. - properties: - issuer: - description: |- - Issuer specifies the regex pattern to match against to verify - the OIDC issuer in the Fulcio certificate. The pattern must be a - valid Go regular expression. - type: string - subject: - description: |- - Subject specifies the regex pattern to match against to verify - the identity subject in the Fulcio certificate. The pattern must - be a valid Go regular expression. - type: string - required: - - issuer - - subject - type: object - type: array - provider: - default: cosign - description: Provider specifies the technology used to sign the - OCI Artifact. - enum: - - cosign - - notation - type: string - secretRef: - description: |- - SecretRef specifies the Kubernetes Secret containing the - trusted public keys. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - required: - - provider - type: object - version: - default: '*' - description: |- - Version is the chart version semver expression, ignored for charts from - GitRepository and Bucket sources. Defaults to latest when omitted. - type: string - required: - - chart - - interval - - sourceRef - type: object - status: - default: - observedGeneration: -1 - description: HelmChartStatus records the observed state of the HelmChart. - properties: - artifact: - description: Artifact represents the output of the last successful - reconciliation. - properties: - digest: - description: Digest is the digest of the file in the form of ':'. - pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ - type: string - lastUpdateTime: - description: |- - LastUpdateTime is the timestamp corresponding to the last update of the - Artifact. - format: date-time - type: string - metadata: - additionalProperties: - type: string - description: Metadata holds upstream information such as OCI annotations. - type: object - path: - description: |- - Path is the relative file path of the Artifact. It can be used to locate - the file in the root of the Artifact storage on the local file system of - the controller managing the Source. - type: string - revision: - description: |- - Revision is a human-readable identifier traceable in the origin source - system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. - type: string - size: - description: Size is the number of bytes in the file. - format: int64 - type: integer - url: - description: |- - URL is the HTTP address of the Artifact as exposed by the controller - managing the Source. It can be used to retrieve the Artifact for - consumption, e.g. by another controller applying the Artifact contents. - type: string - required: - - lastUpdateTime - - path - - revision - - url - type: object - conditions: - description: Conditions holds the conditions for the HelmChart. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - lastHandledReconcileAt: - description: |- - LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value - can be detected. - type: string - observedChartName: - description: |- - ObservedChartName is the last observed chart name as specified by the - resolved chart reference. - type: string - observedGeneration: - description: |- - ObservedGeneration is the last observed generation of the HelmChart - object. - format: int64 - type: integer - observedSourceArtifactRevision: - description: |- - ObservedSourceArtifactRevision is the last observed Artifact.Revision - of the HelmChartSpec.SourceRef. - type: string - observedValuesFiles: - description: |- - ObservedValuesFiles are the observed value files of the last successful - reconciliation. - It matches the chart in the last successfully reconciled artifact. - items: - type: string - type: array - url: - description: |- - URL is the dynamic fetch link for the latest Artifact. - It is provided on a "best effort" basis, and using the precise - BucketStatus.Artifact data is recommended. - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .spec.chart - name: Chart - type: string - - jsonPath: .spec.version - name: Version - type: string - - jsonPath: .spec.sourceRef.kind - name: Source Kind - type: string - - jsonPath: .spec.sourceRef.name - name: Source Name - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - deprecated: true - deprecationWarning: v1beta1 HelmChart is deprecated, upgrade to v1 - name: v1beta1 - schema: - openAPIV3Schema: - description: HelmChart is the Schema for the helmcharts API - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: HelmChartSpec defines the desired state of a Helm chart. - properties: - accessFrom: - description: AccessFrom defines an Access Control List for allowing - cross-namespace references to this object. - properties: - namespaceSelectors: - description: |- - NamespaceSelectors is the list of namespace selectors to which this ACL applies. - Items in this list are evaluated using a logical OR operation. - items: - description: |- - NamespaceSelector selects the namespaces to which this ACL applies. - An empty map of MatchLabels matches all namespaces in a cluster. - properties: - matchLabels: - additionalProperties: - type: string - description: |- - MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - type: array - required: - - namespaceSelectors - type: object - chart: - description: The name or path the Helm chart is available at in the - SourceRef. - type: string - interval: - description: The interval at which to check the Source for updates. - type: string - reconcileStrategy: - default: ChartVersion - description: |- - Determines what enables the creation of a new artifact. Valid values are - ('ChartVersion', 'Revision'). - See the documentation of the values for an explanation on their behavior. - Defaults to ChartVersion when omitted. - enum: - - ChartVersion - - Revision - type: string - sourceRef: - description: The reference to the Source the chart is available at. - properties: - apiVersion: - description: APIVersion of the referent. - type: string - kind: - description: |- - Kind of the referent, valid values are ('HelmRepository', 'GitRepository', - 'Bucket'). - enum: - - HelmRepository - - GitRepository - - Bucket - type: string - name: - description: Name of the referent. - type: string - required: - - kind - - name - type: object - suspend: - description: This flag tells the controller to suspend the reconciliation - of this source. - type: boolean - valuesFile: - description: |- - Alternative values file to use as the default chart values, expected to - be a relative path in the SourceRef. Deprecated in favor of ValuesFiles, - for backwards compatibility the file defined here is merged before the - ValuesFiles items. Ignored when omitted. - type: string - valuesFiles: - description: |- - Alternative list of values files to use as the chart values (values.yaml - is not included by default), expected to be a relative path in the SourceRef. - Values files are merged in the order of this list with the last file overriding - the first. Ignored when omitted. - items: - type: string - type: array - version: - default: '*' - description: |- - The chart version semver expression, ignored for charts from GitRepository - and Bucket sources. Defaults to latest when omitted. - type: string - required: - - chart - - interval - - sourceRef - type: object - status: - default: - observedGeneration: -1 - description: HelmChartStatus defines the observed state of the HelmChart. - properties: - artifact: - description: Artifact represents the output of the last successful - chart sync. - properties: - checksum: - description: Checksum is the SHA256 checksum of the artifact. - type: string - lastUpdateTime: - description: |- - LastUpdateTime is the timestamp corresponding to the last update of this - artifact. - format: date-time - type: string - path: - description: Path is the relative file path of this artifact. - type: string - revision: - description: |- - Revision is a human readable identifier traceable in the origin source - system. It can be a Git commit SHA, Git tag, a Helm index timestamp, a Helm - chart version, etc. - type: string - url: - description: URL is the HTTP address of this artifact. - type: string - required: - - path - - url - type: object - conditions: - description: Conditions holds the conditions for the HelmChart. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - lastHandledReconcileAt: - description: |- - LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value - can be detected. - type: string - observedGeneration: - description: ObservedGeneration is the last observed generation. - format: int64 - type: integer - url: - description: URL is the download link for the last chart pulled. - type: string - type: object - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .spec.chart - name: Chart - type: string - - jsonPath: .spec.version - name: Version - type: string - - jsonPath: .spec.sourceRef.kind - name: Source Kind - type: string - - jsonPath: .spec.sourceRef.name - name: Source Name - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - deprecated: true - deprecationWarning: v1beta2 HelmChart is deprecated, upgrade to v1 - name: v1beta2 - schema: - openAPIV3Schema: - description: HelmChart is the Schema for the helmcharts API. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: HelmChartSpec specifies the desired state of a Helm chart. - properties: - accessFrom: - description: |- - AccessFrom specifies an Access Control List for allowing cross-namespace - references to this object. - NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092 - properties: - namespaceSelectors: - description: |- - NamespaceSelectors is the list of namespace selectors to which this ACL applies. - Items in this list are evaluated using a logical OR operation. - items: - description: |- - NamespaceSelector selects the namespaces to which this ACL applies. - An empty map of MatchLabels matches all namespaces in a cluster. - properties: - matchLabels: - additionalProperties: - type: string - description: |- - MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - type: array - required: - - namespaceSelectors - type: object - chart: - description: |- - Chart is the name or path the Helm chart is available at in the - SourceRef. - type: string - ignoreMissingValuesFiles: - description: |- - IgnoreMissingValuesFiles controls whether to silently ignore missing values - files rather than failing. - type: boolean - interval: - description: |- - Interval at which the HelmChart SourceRef is checked for updates. - This interval is approximate and may be subject to jitter to ensure - efficient use of resources. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - reconcileStrategy: - default: ChartVersion - description: |- - ReconcileStrategy determines what enables the creation of a new artifact. - Valid values are ('ChartVersion', 'Revision'). - See the documentation of the values for an explanation on their behavior. - Defaults to ChartVersion when omitted. - enum: - - ChartVersion - - Revision - type: string - sourceRef: - description: SourceRef is the reference to the Source the chart is - available at. - properties: - apiVersion: - description: APIVersion of the referent. - type: string - kind: - description: |- - Kind of the referent, valid values are ('HelmRepository', 'GitRepository', - 'Bucket'). - enum: - - HelmRepository - - GitRepository - - Bucket - type: string - name: - description: Name of the referent. - type: string - required: - - kind - - name - type: object - suspend: - description: |- - Suspend tells the controller to suspend the reconciliation of this - source. - type: boolean - valuesFile: - description: |- - ValuesFile is an alternative values file to use as the default chart - values, expected to be a relative path in the SourceRef. Deprecated in - favor of ValuesFiles, for backwards compatibility the file specified here - is merged before the ValuesFiles items. Ignored when omitted. - type: string - valuesFiles: - description: |- - ValuesFiles is an alternative list of values files to use as the chart - values (values.yaml is not included by default), expected to be a - relative path in the SourceRef. - Values files are merged in the order of this list with the last file - overriding the first. Ignored when omitted. - items: - type: string - type: array - verify: - description: |- - Verify contains the secret name containing the trusted public keys - used to verify the signature and specifies which provider to use to check - whether OCI image is authentic. - This field is only supported when using HelmRepository source with spec.type 'oci'. - Chart dependencies, which are not bundled in the umbrella chart artifact, are not verified. - properties: - matchOIDCIdentity: - description: |- - MatchOIDCIdentity specifies the identity matching criteria to use - while verifying an OCI artifact which was signed using Cosign keyless - signing. The artifact's identity is deemed to be verified if any of the - specified matchers match against the identity. - items: - description: |- - OIDCIdentityMatch specifies options for verifying the certificate identity, - i.e. the issuer and the subject of the certificate. - properties: - issuer: - description: |- - Issuer specifies the regex pattern to match against to verify - the OIDC issuer in the Fulcio certificate. The pattern must be a - valid Go regular expression. - type: string - subject: - description: |- - Subject specifies the regex pattern to match against to verify - the identity subject in the Fulcio certificate. The pattern must - be a valid Go regular expression. - type: string - required: - - issuer - - subject - type: object - type: array - provider: - default: cosign - description: Provider specifies the technology used to sign the - OCI Artifact. - enum: - - cosign - - notation - type: string - secretRef: - description: |- - SecretRef specifies the Kubernetes Secret containing the - trusted public keys. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - required: - - provider - type: object - version: - default: '*' - description: |- - Version is the chart version semver expression, ignored for charts from - GitRepository and Bucket sources. Defaults to latest when omitted. - type: string - required: - - chart - - interval - - sourceRef - type: object - status: - default: - observedGeneration: -1 - description: HelmChartStatus records the observed state of the HelmChart. - properties: - artifact: - description: Artifact represents the output of the last successful - reconciliation. - properties: - digest: - description: Digest is the digest of the file in the form of ':'. - pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ - type: string - lastUpdateTime: - description: |- - LastUpdateTime is the timestamp corresponding to the last update of the - Artifact. - format: date-time - type: string - metadata: - additionalProperties: - type: string - description: Metadata holds upstream information such as OCI annotations. - type: object - path: - description: |- - Path is the relative file path of the Artifact. It can be used to locate - the file in the root of the Artifact storage on the local file system of - the controller managing the Source. - type: string - revision: - description: |- - Revision is a human-readable identifier traceable in the origin source - system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. - type: string - size: - description: Size is the number of bytes in the file. - format: int64 - type: integer - url: - description: |- - URL is the HTTP address of the Artifact as exposed by the controller - managing the Source. It can be used to retrieve the Artifact for - consumption, e.g. by another controller applying the Artifact contents. - type: string - required: - - lastUpdateTime - - path - - revision - - url - type: object - conditions: - description: Conditions holds the conditions for the HelmChart. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - lastHandledReconcileAt: - description: |- - LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value - can be detected. - type: string - observedChartName: - description: |- - ObservedChartName is the last observed chart name as specified by the - resolved chart reference. - type: string - observedGeneration: - description: |- - ObservedGeneration is the last observed generation of the HelmChart - object. - format: int64 - type: integer - observedSourceArtifactRevision: - description: |- - ObservedSourceArtifactRevision is the last observed Artifact.Revision - of the HelmChartSpec.SourceRef. - type: string - observedValuesFiles: - description: |- - ObservedValuesFiles are the observed value files of the last successful - reconciliation. - It matches the chart in the last successfully reconciled artifact. - items: - type: string - type: array - url: - description: |- - URL is the dynamic fetch link for the latest Artifact. - It is provided on a "best effort" basis, and using the precise - BucketStatus.Artifact data is recommended. - type: string - type: object - type: object - served: true - storage: false - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.15.0 - labels: - app.kubernetes.io/component: source-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.3.0 - name: helmrepositories.source.toolkit.fluxcd.io -spec: - group: source.toolkit.fluxcd.io - names: - kind: HelmRepository - listKind: HelmRepositoryList - plural: helmrepositories - shortNames: - - helmrepo - singular: helmrepository - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .spec.url - name: URL - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - name: v1 - schema: - openAPIV3Schema: - description: HelmRepository is the Schema for the helmrepositories API. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: |- - HelmRepositorySpec specifies the required configuration to produce an - Artifact for a Helm repository index YAML. - properties: - accessFrom: - description: |- - AccessFrom specifies an Access Control List for allowing cross-namespace - references to this object. - NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092 - properties: - namespaceSelectors: - description: |- - NamespaceSelectors is the list of namespace selectors to which this ACL applies. - Items in this list are evaluated using a logical OR operation. - items: - description: |- - NamespaceSelector selects the namespaces to which this ACL applies. - An empty map of MatchLabels matches all namespaces in a cluster. - properties: - matchLabels: - additionalProperties: - type: string - description: |- - MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - type: array - required: - - namespaceSelectors - type: object - certSecretRef: - description: |- - CertSecretRef can be given the name of a Secret containing - either or both of - - - - a PEM-encoded client certificate (`tls.crt`) and private - key (`tls.key`); - - a PEM-encoded CA certificate (`ca.crt`) - - - and whichever are supplied, will be used for connecting to the - registry. The client cert and key are useful if you are - authenticating with a certificate; the CA cert is useful if - you are using a self-signed server certificate. The Secret must - be of type `Opaque` or `kubernetes.io/tls`. - - - It takes precedence over the values specified in the Secret referred - to by `.spec.secretRef`. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - insecure: - description: |- - Insecure allows connecting to a non-TLS HTTP container registry. - This field is only taken into account if the .spec.type field is set to 'oci'. - type: boolean - interval: - description: |- - Interval at which the HelmRepository URL is checked for updates. - This interval is approximate and may be subject to jitter to ensure - efficient use of resources. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - passCredentials: - description: |- - PassCredentials allows the credentials from the SecretRef to be passed - on to a host that does not match the host as defined in URL. - This may be required if the host of the advertised chart URLs in the - index differ from the defined URL. - Enabling this should be done with caution, as it can potentially result - in credentials getting stolen in a MITM-attack. - type: boolean - provider: - default: generic - description: |- - Provider used for authentication, can be 'aws', 'azure', 'gcp' or 'generic'. - This field is optional, and only taken into account if the .spec.type field is set to 'oci'. - When not specified, defaults to 'generic'. - enum: - - generic - - aws - - azure - - gcp - type: string - secretRef: - description: |- - SecretRef specifies the Secret containing authentication credentials - for the HelmRepository. - For HTTP/S basic auth the secret must contain 'username' and 'password' - fields. - Support for TLS auth using the 'certFile' and 'keyFile', and/or 'caFile' - keys is deprecated. Please use `.spec.certSecretRef` instead. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - suspend: - description: |- - Suspend tells the controller to suspend the reconciliation of this - HelmRepository. - type: boolean - timeout: - description: |- - Timeout is used for the index fetch operation for an HTTPS helm repository, - and for remote OCI Repository operations like pulling for an OCI helm - chart by the associated HelmChart. - Its default value is 60s. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ - type: string - type: - description: |- - Type of the HelmRepository. - When this field is set to "oci", the URL field value must be prefixed with "oci://". - enum: - - default - - oci - type: string - url: - description: |- - URL of the Helm repository, a valid URL contains at least a protocol and - host. - pattern: ^(http|https|oci)://.*$ - type: string - required: - - url - type: object - status: - default: - observedGeneration: -1 - description: HelmRepositoryStatus records the observed state of the HelmRepository. - properties: - artifact: - description: Artifact represents the last successful HelmRepository - reconciliation. - properties: - digest: - description: Digest is the digest of the file in the form of ':'. - pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ - type: string - lastUpdateTime: - description: |- - LastUpdateTime is the timestamp corresponding to the last update of the - Artifact. - format: date-time - type: string - metadata: - additionalProperties: - type: string - description: Metadata holds upstream information such as OCI annotations. - type: object - path: - description: |- - Path is the relative file path of the Artifact. It can be used to locate - the file in the root of the Artifact storage on the local file system of - the controller managing the Source. - type: string - revision: - description: |- - Revision is a human-readable identifier traceable in the origin source - system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. - type: string - size: - description: Size is the number of bytes in the file. - format: int64 - type: integer - url: - description: |- - URL is the HTTP address of the Artifact as exposed by the controller - managing the Source. It can be used to retrieve the Artifact for - consumption, e.g. by another controller applying the Artifact contents. - type: string - required: - - lastUpdateTime - - path - - revision - - url - type: object - conditions: - description: Conditions holds the conditions for the HelmRepository. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - lastHandledReconcileAt: - description: |- - LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value - can be detected. - type: string - observedGeneration: - description: |- - ObservedGeneration is the last observed generation of the HelmRepository - object. - format: int64 - type: integer - url: - description: |- - URL is the dynamic fetch link for the latest Artifact. - It is provided on a "best effort" basis, and using the precise - HelmRepositoryStatus.Artifact data is recommended. - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .spec.url - name: URL - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - deprecated: true - deprecationWarning: v1beta1 HelmRepository is deprecated, upgrade to v1 - name: v1beta1 - schema: - openAPIV3Schema: - description: HelmRepository is the Schema for the helmrepositories API - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: HelmRepositorySpec defines the reference to a Helm repository. - properties: - accessFrom: - description: AccessFrom defines an Access Control List for allowing - cross-namespace references to this object. - properties: - namespaceSelectors: - description: |- - NamespaceSelectors is the list of namespace selectors to which this ACL applies. - Items in this list are evaluated using a logical OR operation. - items: - description: |- - NamespaceSelector selects the namespaces to which this ACL applies. - An empty map of MatchLabels matches all namespaces in a cluster. - properties: - matchLabels: - additionalProperties: - type: string - description: |- - MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - type: array - required: - - namespaceSelectors - type: object - interval: - description: The interval at which to check the upstream for updates. - type: string - passCredentials: - description: |- - PassCredentials allows the credentials from the SecretRef to be passed on to - a host that does not match the host as defined in URL. - This may be required if the host of the advertised chart URLs in the index - differ from the defined URL. - Enabling this should be done with caution, as it can potentially result in - credentials getting stolen in a MITM-attack. - type: boolean - secretRef: - description: |- - The name of the secret containing authentication credentials for the Helm - repository. - For HTTP/S basic auth the secret must contain username and - password fields. - For TLS the secret must contain a certFile and keyFile, and/or - caFile fields. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - suspend: - description: This flag tells the controller to suspend the reconciliation - of this source. - type: boolean - timeout: - default: 60s - description: The timeout of index downloading, defaults to 60s. - type: string - url: - description: The Helm repository URL, a valid URL contains at least - a protocol and host. - type: string - required: - - interval - - url - type: object - status: - default: - observedGeneration: -1 - description: HelmRepositoryStatus defines the observed state of the HelmRepository. - properties: - artifact: - description: Artifact represents the output of the last successful - repository sync. - properties: - checksum: - description: Checksum is the SHA256 checksum of the artifact. - type: string - lastUpdateTime: - description: |- - LastUpdateTime is the timestamp corresponding to the last update of this - artifact. - format: date-time - type: string - path: - description: Path is the relative file path of this artifact. - type: string - revision: - description: |- - Revision is a human readable identifier traceable in the origin source - system. It can be a Git commit SHA, Git tag, a Helm index timestamp, a Helm - chart version, etc. - type: string - url: - description: URL is the HTTP address of this artifact. - type: string - required: - - path - - url - type: object - conditions: - description: Conditions holds the conditions for the HelmRepository. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - lastHandledReconcileAt: - description: |- - LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value - can be detected. - type: string - observedGeneration: - description: ObservedGeneration is the last observed generation. - format: int64 - type: integer - url: - description: URL is the download link for the last index fetched. - type: string - type: object - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .spec.url - name: URL - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - deprecated: true - deprecationWarning: v1beta2 HelmRepository is deprecated, upgrade to v1 - name: v1beta2 - schema: - openAPIV3Schema: - description: HelmRepository is the Schema for the helmrepositories API. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: |- - HelmRepositorySpec specifies the required configuration to produce an - Artifact for a Helm repository index YAML. - properties: - accessFrom: - description: |- - AccessFrom specifies an Access Control List for allowing cross-namespace - references to this object. - NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092 - properties: - namespaceSelectors: - description: |- - NamespaceSelectors is the list of namespace selectors to which this ACL applies. - Items in this list are evaluated using a logical OR operation. - items: - description: |- - NamespaceSelector selects the namespaces to which this ACL applies. - An empty map of MatchLabels matches all namespaces in a cluster. - properties: - matchLabels: - additionalProperties: - type: string - description: |- - MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - type: array - required: - - namespaceSelectors - type: object - certSecretRef: - description: |- - CertSecretRef can be given the name of a Secret containing - either or both of - - - - a PEM-encoded client certificate (`tls.crt`) and private - key (`tls.key`); - - a PEM-encoded CA certificate (`ca.crt`) - - - and whichever are supplied, will be used for connecting to the - registry. The client cert and key are useful if you are - authenticating with a certificate; the CA cert is useful if - you are using a self-signed server certificate. The Secret must - be of type `Opaque` or `kubernetes.io/tls`. - - - It takes precedence over the values specified in the Secret referred - to by `.spec.secretRef`. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - insecure: - description: |- - Insecure allows connecting to a non-TLS HTTP container registry. - This field is only taken into account if the .spec.type field is set to 'oci'. - type: boolean - interval: - description: |- - Interval at which the HelmRepository URL is checked for updates. - This interval is approximate and may be subject to jitter to ensure - efficient use of resources. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - passCredentials: - description: |- - PassCredentials allows the credentials from the SecretRef to be passed - on to a host that does not match the host as defined in URL. - This may be required if the host of the advertised chart URLs in the - index differ from the defined URL. - Enabling this should be done with caution, as it can potentially result - in credentials getting stolen in a MITM-attack. - type: boolean - provider: - default: generic - description: |- - Provider used for authentication, can be 'aws', 'azure', 'gcp' or 'generic'. - This field is optional, and only taken into account if the .spec.type field is set to 'oci'. - When not specified, defaults to 'generic'. - enum: - - generic - - aws - - azure - - gcp - type: string - secretRef: - description: |- - SecretRef specifies the Secret containing authentication credentials - for the HelmRepository. - For HTTP/S basic auth the secret must contain 'username' and 'password' - fields. - Support for TLS auth using the 'certFile' and 'keyFile', and/or 'caFile' - keys is deprecated. Please use `.spec.certSecretRef` instead. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - suspend: - description: |- - Suspend tells the controller to suspend the reconciliation of this - HelmRepository. - type: boolean - timeout: - description: |- - Timeout is used for the index fetch operation for an HTTPS helm repository, - and for remote OCI Repository operations like pulling for an OCI helm - chart by the associated HelmChart. - Its default value is 60s. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ - type: string - type: - description: |- - Type of the HelmRepository. - When this field is set to "oci", the URL field value must be prefixed with "oci://". - enum: - - default - - oci - type: string - url: - description: |- - URL of the Helm repository, a valid URL contains at least a protocol and - host. - pattern: ^(http|https|oci)://.*$ - type: string - required: - - url - type: object - status: - default: - observedGeneration: -1 - description: HelmRepositoryStatus records the observed state of the HelmRepository. - properties: - artifact: - description: Artifact represents the last successful HelmRepository - reconciliation. - properties: - digest: - description: Digest is the digest of the file in the form of ':'. - pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ - type: string - lastUpdateTime: - description: |- - LastUpdateTime is the timestamp corresponding to the last update of the - Artifact. - format: date-time - type: string - metadata: - additionalProperties: - type: string - description: Metadata holds upstream information such as OCI annotations. - type: object - path: - description: |- - Path is the relative file path of the Artifact. It can be used to locate - the file in the root of the Artifact storage on the local file system of - the controller managing the Source. - type: string - revision: - description: |- - Revision is a human-readable identifier traceable in the origin source - system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. - type: string - size: - description: Size is the number of bytes in the file. - format: int64 - type: integer - url: - description: |- - URL is the HTTP address of the Artifact as exposed by the controller - managing the Source. It can be used to retrieve the Artifact for - consumption, e.g. by another controller applying the Artifact contents. - type: string - required: - - lastUpdateTime - - path - - revision - - url - type: object - conditions: - description: Conditions holds the conditions for the HelmRepository. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - lastHandledReconcileAt: - description: |- - LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value - can be detected. - type: string - observedGeneration: - description: |- - ObservedGeneration is the last observed generation of the HelmRepository - object. - format: int64 - type: integer - url: - description: |- - URL is the dynamic fetch link for the latest Artifact. - It is provided on a "best effort" basis, and using the precise - HelmRepositoryStatus.Artifact data is recommended. - type: string - type: object - type: object - served: true - storage: false - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.15.0 - labels: - app.kubernetes.io/component: source-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.3.0 - name: ocirepositories.source.toolkit.fluxcd.io -spec: - group: source.toolkit.fluxcd.io - names: - kind: OCIRepository - listKind: OCIRepositoryList - plural: ocirepositories - shortNames: - - ocirepo - singular: ocirepository - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .spec.url - name: URL - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1beta2 - schema: - openAPIV3Schema: - description: OCIRepository is the Schema for the ocirepositories API - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: OCIRepositorySpec defines the desired state of OCIRepository - properties: - certSecretRef: - description: |- - CertSecretRef can be given the name of a Secret containing - either or both of - - - - a PEM-encoded client certificate (`tls.crt`) and private - key (`tls.key`); - - a PEM-encoded CA certificate (`ca.crt`) - - - and whichever are supplied, will be used for connecting to the - registry. The client cert and key are useful if you are - authenticating with a certificate; the CA cert is useful if - you are using a self-signed server certificate. The Secret must - be of type `Opaque` or `kubernetes.io/tls`. - - - Note: Support for the `caFile`, `certFile` and `keyFile` keys have - been deprecated. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - ignore: - description: |- - Ignore overrides the set of excluded patterns in the .sourceignore format - (which is the same as .gitignore). If not provided, a default will be used, - consult the documentation for your version to find out what those are. - type: string - insecure: - description: Insecure allows connecting to a non-TLS HTTP container - registry. - type: boolean - interval: - description: |- - Interval at which the OCIRepository URL is checked for updates. - This interval is approximate and may be subject to jitter to ensure - efficient use of resources. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - layerSelector: - description: |- - LayerSelector specifies which layer should be extracted from the OCI artifact. - When not specified, the first layer found in the artifact is selected. - properties: - mediaType: - description: |- - MediaType specifies the OCI media type of the layer - which should be extracted from the OCI Artifact. The - first layer matching this type is selected. - type: string - operation: - description: |- - Operation specifies how the selected layer should be processed. - By default, the layer compressed content is extracted to storage. - When the operation is set to 'copy', the layer compressed content - is persisted to storage as it is. - enum: - - extract - - copy - type: string - type: object - provider: - default: generic - description: |- - The provider used for authentication, can be 'aws', 'azure', 'gcp' or 'generic'. - When not specified, defaults to 'generic'. - enum: - - generic - - aws - - azure - - gcp - type: string - ref: - description: |- - The OCI reference to pull and monitor for changes, - defaults to the latest tag. - properties: - digest: - description: |- - Digest is the image digest to pull, takes precedence over SemVer. - The value should be in the format 'sha256:'. - type: string - semver: - description: |- - SemVer is the range of tags to pull selecting the latest within - the range, takes precedence over Tag. - type: string - semverFilter: - description: SemverFilter is a regex pattern to filter the tags - within the SemVer range. - type: string - tag: - description: Tag is the image tag to pull, defaults to latest. - type: string - type: object - secretRef: - description: |- - SecretRef contains the secret name containing the registry login - credentials to resolve image metadata. - The secret must be of type kubernetes.io/dockerconfigjson. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - serviceAccountName: - description: |- - ServiceAccountName is the name of the Kubernetes ServiceAccount used to authenticate - the image pull if the service account has attached pull secrets. For more information: - https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#add-imagepullsecrets-to-a-service-account - type: string - suspend: - description: This flag tells the controller to suspend the reconciliation - of this source. - type: boolean - timeout: - default: 60s - description: The timeout for remote OCI Repository operations like - pulling, defaults to 60s. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ - type: string - url: - description: |- - URL is a reference to an OCI artifact repository hosted - on a remote container registry. - pattern: ^oci://.*$ - type: string - verify: - description: |- - Verify contains the secret name containing the trusted public keys - used to verify the signature and specifies which provider to use to check - whether OCI image is authentic. - properties: - matchOIDCIdentity: - description: |- - MatchOIDCIdentity specifies the identity matching criteria to use - while verifying an OCI artifact which was signed using Cosign keyless - signing. The artifact's identity is deemed to be verified if any of the - specified matchers match against the identity. - items: - description: |- - OIDCIdentityMatch specifies options for verifying the certificate identity, - i.e. the issuer and the subject of the certificate. - properties: - issuer: - description: |- - Issuer specifies the regex pattern to match against to verify - the OIDC issuer in the Fulcio certificate. The pattern must be a - valid Go regular expression. - type: string - subject: - description: |- - Subject specifies the regex pattern to match against to verify - the identity subject in the Fulcio certificate. The pattern must - be a valid Go regular expression. - type: string - required: - - issuer - - subject - type: object - type: array - provider: - default: cosign - description: Provider specifies the technology used to sign the - OCI Artifact. - enum: - - cosign - - notation - type: string - secretRef: - description: |- - SecretRef specifies the Kubernetes Secret containing the - trusted public keys. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - required: - - provider - type: object - required: - - interval - - url - type: object - status: - default: - observedGeneration: -1 - description: OCIRepositoryStatus defines the observed state of OCIRepository - properties: - artifact: - description: Artifact represents the output of the last successful - OCI Repository sync. - properties: - digest: - description: Digest is the digest of the file in the form of ':'. - pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ - type: string - lastUpdateTime: - description: |- - LastUpdateTime is the timestamp corresponding to the last update of the - Artifact. - format: date-time - type: string - metadata: - additionalProperties: - type: string - description: Metadata holds upstream information such as OCI annotations. - type: object - path: - description: |- - Path is the relative file path of the Artifact. It can be used to locate - the file in the root of the Artifact storage on the local file system of - the controller managing the Source. - type: string - revision: - description: |- - Revision is a human-readable identifier traceable in the origin source - system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. - type: string - size: - description: Size is the number of bytes in the file. - format: int64 - type: integer - url: - description: |- - URL is the HTTP address of the Artifact as exposed by the controller - managing the Source. It can be used to retrieve the Artifact for - consumption, e.g. by another controller applying the Artifact contents. - type: string - required: - - lastUpdateTime - - path - - revision - - url - type: object - conditions: - description: Conditions holds the conditions for the OCIRepository. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - contentConfigChecksum: - description: |- - ContentConfigChecksum is a checksum of all the configurations related to - the content of the source artifact: - - .spec.ignore - - .spec.layerSelector - observed in .status.observedGeneration version of the object. This can - be used to determine if the content configuration has changed and the - artifact needs to be rebuilt. - It has the format of `:`, for example: `sha256:`. - - - Deprecated: Replaced with explicit fields for observed artifact content - config in the status. - type: string - lastHandledReconcileAt: - description: |- - LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value - can be detected. - type: string - observedGeneration: - description: ObservedGeneration is the last observed generation. - format: int64 - type: integer - observedIgnore: - description: |- - ObservedIgnore is the observed exclusion patterns used for constructing - the source artifact. - type: string - observedLayerSelector: - description: |- - ObservedLayerSelector is the observed layer selector used for constructing - the source artifact. - properties: - mediaType: - description: |- - MediaType specifies the OCI media type of the layer - which should be extracted from the OCI Artifact. The - first layer matching this type is selected. - type: string - operation: - description: |- - Operation specifies how the selected layer should be processed. - By default, the layer compressed content is extracted to storage. - When the operation is set to 'copy', the layer compressed content - is persisted to storage as it is. - enum: - - extract - - copy - type: string - type: object - url: - description: URL is the download link for the artifact output of the - last OCI Repository sync. - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - labels: - app.kubernetes.io/component: source-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.3.0 - name: source-controller - namespace: flux-system ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app.kubernetes.io/component: source-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.3.0 - control-plane: controller - name: source-controller - namespace: flux-system -spec: - ports: - - name: http - port: 80 - protocol: TCP - targetPort: http - selector: - app: source-controller - type: ClusterIP ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app.kubernetes.io/component: source-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.3.0 - control-plane: controller - name: source-controller - namespace: flux-system -spec: - replicas: 1 - selector: - matchLabels: - app: source-controller - strategy: - type: Recreate - template: - metadata: - annotations: - prometheus.io/port: "8080" - prometheus.io/scrape: "true" - labels: - app: source-controller - spec: - containers: - - args: - - --events-addr=http://notification-controller.flux-system.svc.cluster.local./ - - --watch-all-namespaces=true - - --log-level=info - - --log-encoding=json - - --enable-leader-election - - --storage-path=/data - - --storage-adv-addr=source-controller.$(RUNTIME_NAMESPACE).svc.cluster.local. - env: - - name: RUNTIME_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: TUF_ROOT - value: /tmp/.sigstore - - name: GOMAXPROCS - valueFrom: - resourceFieldRef: - containerName: manager - resource: limits.cpu - - name: GOMEMLIMIT - valueFrom: - resourceFieldRef: - containerName: manager - resource: limits.memory - image: ghcr.io/fluxcd/source-controller:v1.3.0 - imagePullPolicy: IfNotPresent - livenessProbe: - httpGet: - path: /healthz - port: healthz - name: manager - ports: - - containerPort: 9090 - name: http - protocol: TCP - - containerPort: 8080 - name: http-prom - protocol: TCP - - containerPort: 9440 - name: healthz - protocol: TCP - readinessProbe: - httpGet: - path: / - port: http - resources: - limits: - cpu: 1000m - memory: 1Gi - requests: - cpu: 50m - memory: 64Mi - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - runAsNonRoot: true - seccompProfile: - type: RuntimeDefault - volumeMounts: - - mountPath: /data - name: data - - mountPath: /tmp - name: tmp - nodeSelector: - kubernetes.io/os: linux - priorityClassName: system-cluster-critical - securityContext: - fsGroup: 1337 - serviceAccountName: source-controller - terminationGracePeriodSeconds: 10 - volumes: - - emptyDir: {} - name: data - - emptyDir: {} - name: tmp ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.15.0 - labels: - app.kubernetes.io/component: kustomize-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.3.0 - name: kustomizations.kustomize.toolkit.fluxcd.io -spec: - group: kustomize.toolkit.fluxcd.io - names: - kind: Kustomization - listKind: KustomizationList - plural: kustomizations - shortNames: - - ks - singular: kustomization - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - name: v1 - schema: - openAPIV3Schema: - description: Kustomization is the Schema for the kustomizations API. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: |- - KustomizationSpec defines the configuration to calculate the desired state - from a Source using Kustomize. - properties: - commonMetadata: - description: |- - CommonMetadata specifies the common labels and annotations that are - applied to all resources. Any existing label or annotation will be - overridden if its key matches a common one. - properties: - annotations: - additionalProperties: - type: string - description: Annotations to be added to the object's metadata. - type: object - labels: - additionalProperties: - type: string - description: Labels to be added to the object's metadata. - type: object - type: object - components: - description: Components specifies relative paths to specifications - of other Components. - items: - type: string - type: array - decryption: - description: Decrypt Kubernetes secrets before applying them on the - cluster. - properties: - provider: - description: Provider is the name of the decryption engine. - enum: - - sops - type: string - secretRef: - description: The secret name containing the private OpenPGP keys - used for decryption. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - required: - - provider - type: object - dependsOn: - description: |- - DependsOn may contain a meta.NamespacedObjectReference slice - with references to Kustomization resources that must be ready before this - Kustomization can be reconciled. - items: - description: |- - NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource object in any - namespace. - properties: - name: - description: Name of the referent. - type: string - namespace: - description: Namespace of the referent, when not specified it - acts as LocalObjectReference. - type: string - required: - - name - type: object - type: array - force: - default: false - description: |- - Force instructs the controller to recreate resources - when patching fails due to an immutable field change. - type: boolean - healthChecks: - description: A list of resources to be included in the health assessment. - items: - description: |- - NamespacedObjectKindReference contains enough information to locate the typed referenced Kubernetes resource object - in any namespace. - properties: - apiVersion: - description: API version of the referent, if not specified the - Kubernetes preferred version will be used. - type: string - kind: - description: Kind of the referent. - type: string - name: - description: Name of the referent. - type: string - namespace: - description: Namespace of the referent, when not specified it - acts as LocalObjectReference. - type: string - required: - - kind - - name - type: object - type: array - images: - description: |- - Images is a list of (image name, new name, new tag or digest) - for changing image names, tags or digests. This can also be achieved with a - patch, but this operator is simpler to specify. - items: - description: Image contains an image name, a new name, a new tag - or digest, which will replace the original name and tag. - properties: - digest: - description: |- - Digest is the value used to replace the original image tag. - If digest is present NewTag value is ignored. - type: string - name: - description: Name is a tag-less image name. - type: string - newName: - description: NewName is the value used to replace the original - name. - type: string - newTag: - description: NewTag is the value used to replace the original - tag. - type: string - required: - - name - type: object - type: array - interval: - description: |- - The interval at which to reconcile the Kustomization. - This interval is approximate and may be subject to jitter to ensure - efficient use of resources. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - kubeConfig: - description: |- - The KubeConfig for reconciling the Kustomization on a remote cluster. - When used in combination with KustomizationSpec.ServiceAccountName, - forces the controller to act on behalf of that Service Account at the - target cluster. - If the --default-service-account flag is set, its value will be used as - a controller level fallback for when KustomizationSpec.ServiceAccountName - is empty. - properties: - secretRef: - description: |- - SecretRef holds the name of a secret that contains a key with - the kubeconfig file as the value. If no key is set, the key will default - to 'value'. - It is recommended that the kubeconfig is self-contained, and the secret - is regularly updated if credentials such as a cloud-access-token expire. - Cloud specific `cmd-path` auth helpers will not function without adding - binaries and credentials to the Pod that is responsible for reconciling - Kubernetes resources. - properties: - key: - description: Key in the Secret, when not specified an implementation-specific - default key is used. - type: string - name: - description: Name of the Secret. - type: string - required: - - name - type: object - required: - - secretRef - type: object - namePrefix: - description: NamePrefix will prefix the names of all managed resources. - maxLength: 200 - minLength: 1 - type: string - nameSuffix: - description: NameSuffix will suffix the names of all managed resources. - maxLength: 200 - minLength: 1 - type: string - patches: - description: |- - Strategic merge and JSON patches, defined as inline YAML objects, - capable of targeting objects based on kind, label and annotation selectors. - items: - description: |- - Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should - be applied to. - properties: - patch: - description: |- - Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with - an array of operation objects. - type: string - target: - description: Target points to the resources that the patch document - should be applied to. - properties: - annotationSelector: - description: |- - AnnotationSelector is a string that follows the label selection expression - https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource annotations. - type: string - group: - description: |- - Group is the API group to select resources from. - Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - kind: - description: |- - Kind of the API Group to select resources from. - Together with Group and Version it is capable of unambiguously - identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - labelSelector: - description: |- - LabelSelector is a string that follows the label selection expression - https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource labels. - type: string - name: - description: Name to match resources with. - type: string - namespace: - description: Namespace to select resources from. - type: string - version: - description: |- - Version of the API Group to select resources from. - Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - type: object - required: - - patch - type: object - type: array - path: - description: |- - Path to the directory containing the kustomization.yaml file, or the - set of plain YAMLs a kustomization.yaml should be generated for. - Defaults to 'None', which translates to the root path of the SourceRef. - type: string - postBuild: - description: |- - PostBuild describes which actions to perform on the YAML manifest - generated by building the kustomize overlay. - properties: - substitute: - additionalProperties: - type: string - description: |- - Substitute holds a map of key/value pairs. - The variables defined in your YAML manifests that match any of the keys - defined in the map will be substituted with the set value. - Includes support for bash string replacement functions - e.g. ${var:=default}, ${var:position} and ${var/substring/replacement}. - type: object - substituteFrom: - description: |- - SubstituteFrom holds references to ConfigMaps and Secrets containing - the variables and their values to be substituted in the YAML manifests. - The ConfigMap and the Secret data keys represent the var names, and they - must match the vars declared in the manifests for the substitution to - happen. - items: - description: |- - SubstituteReference contains a reference to a resource containing - the variables name and value. - properties: - kind: - description: Kind of the values referent, valid values are - ('Secret', 'ConfigMap'). - enum: - - Secret - - ConfigMap - type: string - name: - description: |- - Name of the values referent. Should reside in the same namespace as the - referring resource. - maxLength: 253 - minLength: 1 - type: string - optional: - default: false - description: |- - Optional indicates whether the referenced resource must exist, or whether to - tolerate its absence. If true and the referenced resource is absent, proceed - as if the resource was present but empty, without any variables defined. - type: boolean - required: - - kind - - name - type: object - type: array - type: object - prune: - description: Prune enables garbage collection. - type: boolean - retryInterval: - description: |- - The interval at which to retry a previously failed reconciliation. - When not specified, the controller uses the KustomizationSpec.Interval - value to retry failures. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - serviceAccountName: - description: |- - The name of the Kubernetes service account to impersonate - when reconciling this Kustomization. - type: string - sourceRef: - description: Reference of the source where the kustomization file - is. - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: Kind of the referent. - enum: - - OCIRepository - - GitRepository - - Bucket - type: string - name: - description: Name of the referent. - type: string - namespace: - description: |- - Namespace of the referent, defaults to the namespace of the Kubernetes - resource object that contains the reference. - type: string - required: - - kind - - name - type: object - suspend: - description: |- - This flag tells the controller to suspend subsequent kustomize executions, - it does not apply to already started executions. Defaults to false. - type: boolean - targetNamespace: - description: |- - TargetNamespace sets or overrides the namespace in the - kustomization.yaml file. - maxLength: 63 - minLength: 1 - type: string - timeout: - description: |- - Timeout for validation, apply and health checking operations. - Defaults to 'Interval' duration. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - wait: - description: |- - Wait instructs the controller to check the health of all the reconciled - resources. When enabled, the HealthChecks are ignored. Defaults to false. - type: boolean - required: - - interval - - prune - - sourceRef - type: object - status: - default: - observedGeneration: -1 - description: KustomizationStatus defines the observed state of a kustomization. - properties: - conditions: - items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - inventory: - description: |- - Inventory contains the list of Kubernetes resource object references that - have been successfully applied. - properties: - entries: - description: Entries of Kubernetes resource object references. - items: - description: ResourceRef contains the information necessary - to locate a resource within a cluster. - properties: - id: - description: |- - ID is the string representation of the Kubernetes resource object's metadata, - in the format '___'. - type: string - v: - description: Version is the API version of the Kubernetes - resource object's kind. - type: string - required: - - id - - v - type: object - type: array - required: - - entries - type: object - lastAppliedRevision: - description: |- - The last successfully applied revision. - Equals the Revision of the applied Artifact from the referenced Source. - type: string - lastAttemptedRevision: - description: LastAttemptedRevision is the revision of the last reconciliation - attempt. - type: string - lastHandledReconcileAt: - description: |- - LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value - can be detected. - type: string - observedGeneration: - description: ObservedGeneration is the last reconciled generation. - format: int64 - type: integer - type: object - type: object - served: true - storage: true - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - deprecated: true - deprecationWarning: v1beta1 Kustomization is deprecated, upgrade to v1 - name: v1beta1 - schema: - openAPIV3Schema: - description: Kustomization is the Schema for the kustomizations API. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: KustomizationSpec defines the desired state of a kustomization. - properties: - decryption: - description: Decrypt Kubernetes secrets before applying them on the - cluster. - properties: - provider: - description: Provider is the name of the decryption engine. - enum: - - sops - type: string - secretRef: - description: The secret name containing the private OpenPGP keys - used for decryption. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - required: - - provider - type: object - dependsOn: - description: |- - DependsOn may contain a meta.NamespacedObjectReference slice - with references to Kustomization resources that must be ready before this - Kustomization can be reconciled. - items: - description: |- - NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource object in any - namespace. - properties: - name: - description: Name of the referent. - type: string - namespace: - description: Namespace of the referent, when not specified it - acts as LocalObjectReference. - type: string - required: - - name - type: object - type: array - force: - default: false - description: |- - Force instructs the controller to recreate resources - when patching fails due to an immutable field change. - type: boolean - healthChecks: - description: A list of resources to be included in the health assessment. - items: - description: |- - NamespacedObjectKindReference contains enough information to locate the typed referenced Kubernetes resource object - in any namespace. - properties: - apiVersion: - description: API version of the referent, if not specified the - Kubernetes preferred version will be used. - type: string - kind: - description: Kind of the referent. - type: string - name: - description: Name of the referent. - type: string - namespace: - description: Namespace of the referent, when not specified it - acts as LocalObjectReference. - type: string - required: - - kind - - name - type: object - type: array - images: - description: |- - Images is a list of (image name, new name, new tag or digest) - for changing image names, tags or digests. This can also be achieved with a - patch, but this operator is simpler to specify. - items: - description: Image contains an image name, a new name, a new tag - or digest, which will replace the original name and tag. - properties: - digest: - description: |- - Digest is the value used to replace the original image tag. - If digest is present NewTag value is ignored. - type: string - name: - description: Name is a tag-less image name. - type: string - newName: - description: NewName is the value used to replace the original - name. - type: string - newTag: - description: NewTag is the value used to replace the original - tag. - type: string - required: - - name - type: object - type: array - interval: - description: The interval at which to reconcile the Kustomization. - type: string - kubeConfig: - description: |- - The KubeConfig for reconciling the Kustomization on a remote cluster. - When specified, KubeConfig takes precedence over ServiceAccountName. - properties: - secretRef: - description: |- - SecretRef holds the name to a secret that contains a 'value' key with - the kubeconfig file as the value. It must be in the same namespace as - the Kustomization. - It is recommended that the kubeconfig is self-contained, and the secret - is regularly updated if credentials such as a cloud-access-token expire. - Cloud specific `cmd-path` auth helpers will not function without adding - binaries and credentials to the Pod that is responsible for reconciling - the Kustomization. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - type: object - patches: - description: |- - Strategic merge and JSON patches, defined as inline YAML objects, - capable of targeting objects based on kind, label and annotation selectors. - items: - description: |- - Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should - be applied to. - properties: - patch: - description: |- - Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with - an array of operation objects. - type: string - target: - description: Target points to the resources that the patch document - should be applied to. - properties: - annotationSelector: - description: |- - AnnotationSelector is a string that follows the label selection expression - https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource annotations. - type: string - group: - description: |- - Group is the API group to select resources from. - Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - kind: - description: |- - Kind of the API Group to select resources from. - Together with Group and Version it is capable of unambiguously - identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - labelSelector: - description: |- - LabelSelector is a string that follows the label selection expression - https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource labels. - type: string - name: - description: Name to match resources with. - type: string - namespace: - description: Namespace to select resources from. - type: string - version: - description: |- - Version of the API Group to select resources from. - Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - type: object - required: - - patch - type: object - type: array - patchesJson6902: - description: JSON 6902 patches, defined as inline YAML objects. - items: - description: JSON6902Patch contains a JSON6902 patch and the target - the patch should be applied to. - properties: - patch: - description: Patch contains the JSON6902 patch document with - an array of operation objects. - items: - description: |- - JSON6902 is a JSON6902 operation object. - https://datatracker.ietf.org/doc/html/rfc6902#section-4 - properties: - from: - description: |- - From contains a JSON-pointer value that references a location within the target document where the operation is - performed. The meaning of the value depends on the value of Op, and is NOT taken into account by all operations. - type: string - op: - description: |- - Op indicates the operation to perform. Its value MUST be one of "add", "remove", "replace", "move", "copy", or - "test". - https://datatracker.ietf.org/doc/html/rfc6902#section-4 - enum: - - test - - remove - - add - - replace - - move - - copy - type: string - path: - description: |- - Path contains the JSON-pointer value that references a location within the target document where the operation - is performed. The meaning of the value depends on the value of Op. - type: string - value: - description: |- - Value contains a valid JSON structure. The meaning of the value depends on the value of Op, and is NOT taken into - account by all operations. - x-kubernetes-preserve-unknown-fields: true - required: - - op - - path - type: object - type: array - target: - description: Target points to the resources that the patch document - should be applied to. - properties: - annotationSelector: - description: |- - AnnotationSelector is a string that follows the label selection expression - https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource annotations. - type: string - group: - description: |- - Group is the API group to select resources from. - Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - kind: - description: |- - Kind of the API Group to select resources from. - Together with Group and Version it is capable of unambiguously - identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - labelSelector: - description: |- - LabelSelector is a string that follows the label selection expression - https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource labels. - type: string - name: - description: Name to match resources with. - type: string - namespace: - description: Namespace to select resources from. - type: string - version: - description: |- - Version of the API Group to select resources from. - Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - type: object - required: - - patch - - target - type: object - type: array - patchesStrategicMerge: - description: Strategic merge patches, defined as inline YAML objects. - items: - x-kubernetes-preserve-unknown-fields: true - type: array - path: - description: |- - Path to the directory containing the kustomization.yaml file, or the - set of plain YAMLs a kustomization.yaml should be generated for. - Defaults to 'None', which translates to the root path of the SourceRef. - type: string - postBuild: - description: |- - PostBuild describes which actions to perform on the YAML manifest - generated by building the kustomize overlay. - properties: - substitute: - additionalProperties: - type: string - description: |- - Substitute holds a map of key/value pairs. - The variables defined in your YAML manifests - that match any of the keys defined in the map - will be substituted with the set value. - Includes support for bash string replacement functions - e.g. ${var:=default}, ${var:position} and ${var/substring/replacement}. - type: object - substituteFrom: - description: |- - SubstituteFrom holds references to ConfigMaps and Secrets containing - the variables and their values to be substituted in the YAML manifests. - The ConfigMap and the Secret data keys represent the var names and they - must match the vars declared in the manifests for the substitution to happen. - items: - description: |- - SubstituteReference contains a reference to a resource containing - the variables name and value. - properties: - kind: - description: Kind of the values referent, valid values are - ('Secret', 'ConfigMap'). - enum: - - Secret - - ConfigMap - type: string - name: - description: |- - Name of the values referent. Should reside in the same namespace as the - referring resource. - maxLength: 253 - minLength: 1 - type: string - required: - - kind - - name - type: object - type: array - type: object - prune: - description: Prune enables garbage collection. - type: boolean - retryInterval: - description: |- - The interval at which to retry a previously failed reconciliation. - When not specified, the controller uses the KustomizationSpec.Interval - value to retry failures. - type: string - serviceAccountName: - description: |- - The name of the Kubernetes service account to impersonate - when reconciling this Kustomization. - type: string - sourceRef: - description: Reference of the source where the kustomization file - is. - properties: - apiVersion: - description: API version of the referent - type: string - kind: - description: Kind of the referent - enum: - - GitRepository - - Bucket - type: string - name: - description: Name of the referent - type: string - namespace: - description: Namespace of the referent, defaults to the Kustomization - namespace - type: string - required: - - kind - - name - type: object - suspend: - description: |- - This flag tells the controller to suspend subsequent kustomize executions, - it does not apply to already started executions. Defaults to false. - type: boolean - targetNamespace: - description: |- - TargetNamespace sets or overrides the namespace in the - kustomization.yaml file. - maxLength: 63 - minLength: 1 - type: string - timeout: - description: |- - Timeout for validation, apply and health checking operations. - Defaults to 'Interval' duration. - type: string - validation: - description: |- - Validate the Kubernetes objects before applying them on the cluster. - The validation strategy can be 'client' (local dry-run), 'server' - (APIServer dry-run) or 'none'. - When 'Force' is 'true', validation will fallback to 'client' if set to - 'server' because server-side validation is not supported in this scenario. - enum: - - none - - client - - server - type: string - required: - - interval - - prune - - sourceRef - type: object - status: - default: - observedGeneration: -1 - description: KustomizationStatus defines the observed state of a kustomization. - properties: - conditions: - items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - lastAppliedRevision: - description: |- - The last successfully applied revision. - The revision format for Git sources is /. - type: string - lastAttemptedRevision: - description: LastAttemptedRevision is the revision of the last reconciliation - attempt. - type: string - lastHandledReconcileAt: - description: |- - LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value - can be detected. - type: string - observedGeneration: - description: ObservedGeneration is the last reconciled generation. - format: int64 - type: integer - snapshot: - description: The last successfully applied revision metadata. - properties: - checksum: - description: The manifests sha1 checksum. - type: string - entries: - description: A list of Kubernetes kinds grouped by namespace. - items: - description: |- - Snapshot holds the metadata of namespaced - Kubernetes objects - properties: - kinds: - additionalProperties: - type: string - description: The list of Kubernetes kinds. - type: object - namespace: - description: The namespace of this entry. - type: string - required: - - kinds - type: object - type: array - required: - - checksum - - entries - type: object - type: object - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - deprecated: true - deprecationWarning: v1beta2 Kustomization is deprecated, upgrade to v1 - name: v1beta2 - schema: - openAPIV3Schema: - description: Kustomization is the Schema for the kustomizations API. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: KustomizationSpec defines the configuration to calculate - the desired state from a Source using Kustomize. - properties: - commonMetadata: - description: |- - CommonMetadata specifies the common labels and annotations that are applied to all resources. - Any existing label or annotation will be overridden if its key matches a common one. - properties: - annotations: - additionalProperties: - type: string - description: Annotations to be added to the object's metadata. - type: object - labels: - additionalProperties: - type: string - description: Labels to be added to the object's metadata. - type: object - type: object - components: - description: Components specifies relative paths to specifications - of other Components. - items: - type: string - type: array - decryption: - description: Decrypt Kubernetes secrets before applying them on the - cluster. - properties: - provider: - description: Provider is the name of the decryption engine. - enum: - - sops - type: string - secretRef: - description: The secret name containing the private OpenPGP keys - used for decryption. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - required: - - provider - type: object - dependsOn: - description: |- - DependsOn may contain a meta.NamespacedObjectReference slice - with references to Kustomization resources that must be ready before this - Kustomization can be reconciled. - items: - description: |- - NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource object in any - namespace. - properties: - name: - description: Name of the referent. - type: string - namespace: - description: Namespace of the referent, when not specified it - acts as LocalObjectReference. - type: string - required: - - name - type: object - type: array - force: - default: false - description: |- - Force instructs the controller to recreate resources - when patching fails due to an immutable field change. - type: boolean - healthChecks: - description: A list of resources to be included in the health assessment. - items: - description: |- - NamespacedObjectKindReference contains enough information to locate the typed referenced Kubernetes resource object - in any namespace. - properties: - apiVersion: - description: API version of the referent, if not specified the - Kubernetes preferred version will be used. - type: string - kind: - description: Kind of the referent. - type: string - name: - description: Name of the referent. - type: string - namespace: - description: Namespace of the referent, when not specified it - acts as LocalObjectReference. - type: string - required: - - kind - - name - type: object - type: array - images: - description: |- - Images is a list of (image name, new name, new tag or digest) - for changing image names, tags or digests. This can also be achieved with a - patch, but this operator is simpler to specify. - items: - description: Image contains an image name, a new name, a new tag - or digest, which will replace the original name and tag. - properties: - digest: - description: |- - Digest is the value used to replace the original image tag. - If digest is present NewTag value is ignored. - type: string - name: - description: Name is a tag-less image name. - type: string - newName: - description: NewName is the value used to replace the original - name. - type: string - newTag: - description: NewTag is the value used to replace the original - tag. - type: string - required: - - name - type: object - type: array - interval: - description: The interval at which to reconcile the Kustomization. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - kubeConfig: - description: |- - The KubeConfig for reconciling the Kustomization on a remote cluster. - When used in combination with KustomizationSpec.ServiceAccountName, - forces the controller to act on behalf of that Service Account at the - target cluster. - If the --default-service-account flag is set, its value will be used as - a controller level fallback for when KustomizationSpec.ServiceAccountName - is empty. - properties: - secretRef: - description: |- - SecretRef holds the name of a secret that contains a key with - the kubeconfig file as the value. If no key is set, the key will default - to 'value'. - It is recommended that the kubeconfig is self-contained, and the secret - is regularly updated if credentials such as a cloud-access-token expire. - Cloud specific `cmd-path` auth helpers will not function without adding - binaries and credentials to the Pod that is responsible for reconciling - Kubernetes resources. - properties: - key: - description: Key in the Secret, when not specified an implementation-specific - default key is used. - type: string - name: - description: Name of the Secret. - type: string - required: - - name - type: object - required: - - secretRef - type: object - patches: - description: |- - Strategic merge and JSON patches, defined as inline YAML objects, - capable of targeting objects based on kind, label and annotation selectors. - items: - description: |- - Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should - be applied to. - properties: - patch: - description: |- - Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with - an array of operation objects. - type: string - target: - description: Target points to the resources that the patch document - should be applied to. - properties: - annotationSelector: - description: |- - AnnotationSelector is a string that follows the label selection expression - https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource annotations. - type: string - group: - description: |- - Group is the API group to select resources from. - Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - kind: - description: |- - Kind of the API Group to select resources from. - Together with Group and Version it is capable of unambiguously - identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - labelSelector: - description: |- - LabelSelector is a string that follows the label selection expression - https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource labels. - type: string - name: - description: Name to match resources with. - type: string - namespace: - description: Namespace to select resources from. - type: string - version: - description: |- - Version of the API Group to select resources from. - Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - type: object - required: - - patch - type: object - type: array - patchesJson6902: - description: |- - JSON 6902 patches, defined as inline YAML objects. - Deprecated: Use Patches instead. - items: - description: JSON6902Patch contains a JSON6902 patch and the target - the patch should be applied to. - properties: - patch: - description: Patch contains the JSON6902 patch document with - an array of operation objects. - items: - description: |- - JSON6902 is a JSON6902 operation object. - https://datatracker.ietf.org/doc/html/rfc6902#section-4 - properties: - from: - description: |- - From contains a JSON-pointer value that references a location within the target document where the operation is - performed. The meaning of the value depends on the value of Op, and is NOT taken into account by all operations. - type: string - op: - description: |- - Op indicates the operation to perform. Its value MUST be one of "add", "remove", "replace", "move", "copy", or - "test". - https://datatracker.ietf.org/doc/html/rfc6902#section-4 - enum: - - test - - remove - - add - - replace - - move - - copy - type: string - path: - description: |- - Path contains the JSON-pointer value that references a location within the target document where the operation - is performed. The meaning of the value depends on the value of Op. - type: string - value: - description: |- - Value contains a valid JSON structure. The meaning of the value depends on the value of Op, and is NOT taken into - account by all operations. - x-kubernetes-preserve-unknown-fields: true - required: - - op - - path - type: object - type: array - target: - description: Target points to the resources that the patch document - should be applied to. - properties: - annotationSelector: - description: |- - AnnotationSelector is a string that follows the label selection expression - https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource annotations. - type: string - group: - description: |- - Group is the API group to select resources from. - Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - kind: - description: |- - Kind of the API Group to select resources from. - Together with Group and Version it is capable of unambiguously - identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - labelSelector: - description: |- - LabelSelector is a string that follows the label selection expression - https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource labels. - type: string - name: - description: Name to match resources with. - type: string - namespace: - description: Namespace to select resources from. - type: string - version: - description: |- - Version of the API Group to select resources from. - Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - type: object - required: - - patch - - target - type: object - type: array - patchesStrategicMerge: - description: |- - Strategic merge patches, defined as inline YAML objects. - Deprecated: Use Patches instead. - items: - x-kubernetes-preserve-unknown-fields: true - type: array - path: - description: |- - Path to the directory containing the kustomization.yaml file, or the - set of plain YAMLs a kustomization.yaml should be generated for. - Defaults to 'None', which translates to the root path of the SourceRef. - type: string - postBuild: - description: |- - PostBuild describes which actions to perform on the YAML manifest - generated by building the kustomize overlay. - properties: - substitute: - additionalProperties: - type: string - description: |- - Substitute holds a map of key/value pairs. - The variables defined in your YAML manifests - that match any of the keys defined in the map - will be substituted with the set value. - Includes support for bash string replacement functions - e.g. ${var:=default}, ${var:position} and ${var/substring/replacement}. - type: object - substituteFrom: - description: |- - SubstituteFrom holds references to ConfigMaps and Secrets containing - the variables and their values to be substituted in the YAML manifests. - The ConfigMap and the Secret data keys represent the var names and they - must match the vars declared in the manifests for the substitution to happen. - items: - description: |- - SubstituteReference contains a reference to a resource containing - the variables name and value. - properties: - kind: - description: Kind of the values referent, valid values are - ('Secret', 'ConfigMap'). - enum: - - Secret - - ConfigMap - type: string - name: - description: |- - Name of the values referent. Should reside in the same namespace as the - referring resource. - maxLength: 253 - minLength: 1 - type: string - optional: - default: false - description: |- - Optional indicates whether the referenced resource must exist, or whether to - tolerate its absence. If true and the referenced resource is absent, proceed - as if the resource was present but empty, without any variables defined. - type: boolean - required: - - kind - - name - type: object - type: array - type: object - prune: - description: Prune enables garbage collection. - type: boolean - retryInterval: - description: |- - The interval at which to retry a previously failed reconciliation. - When not specified, the controller uses the KustomizationSpec.Interval - value to retry failures. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - serviceAccountName: - description: |- - The name of the Kubernetes service account to impersonate - when reconciling this Kustomization. - type: string - sourceRef: - description: Reference of the source where the kustomization file - is. - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: Kind of the referent. - enum: - - OCIRepository - - GitRepository - - Bucket - type: string - name: - description: Name of the referent. - type: string - namespace: - description: Namespace of the referent, defaults to the namespace - of the Kubernetes resource object that contains the reference. - type: string - required: - - kind - - name - type: object - suspend: - description: |- - This flag tells the controller to suspend subsequent kustomize executions, - it does not apply to already started executions. Defaults to false. - type: boolean - targetNamespace: - description: |- - TargetNamespace sets or overrides the namespace in the - kustomization.yaml file. - maxLength: 63 - minLength: 1 - type: string - timeout: - description: |- - Timeout for validation, apply and health checking operations. - Defaults to 'Interval' duration. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - validation: - description: 'Deprecated: Not used in v1beta2.' - enum: - - none - - client - - server - type: string - wait: - description: |- - Wait instructs the controller to check the health of all the reconciled resources. - When enabled, the HealthChecks are ignored. Defaults to false. - type: boolean - required: - - interval - - prune - - sourceRef - type: object - status: - default: - observedGeneration: -1 - description: KustomizationStatus defines the observed state of a kustomization. - properties: - conditions: - items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - inventory: - description: Inventory contains the list of Kubernetes resource object - references that have been successfully applied. - properties: - entries: - description: Entries of Kubernetes resource object references. - items: - description: ResourceRef contains the information necessary - to locate a resource within a cluster. - properties: - id: - description: |- - ID is the string representation of the Kubernetes resource object's metadata, - in the format '___'. - type: string - v: - description: Version is the API version of the Kubernetes - resource object's kind. - type: string - required: - - id - - v - type: object - type: array - required: - - entries - type: object - lastAppliedRevision: - description: |- - The last successfully applied revision. - Equals the Revision of the applied Artifact from the referenced Source. - type: string - lastAttemptedRevision: - description: LastAttemptedRevision is the revision of the last reconciliation - attempt. - type: string - lastHandledReconcileAt: - description: |- - LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value - can be detected. - type: string - observedGeneration: - description: ObservedGeneration is the last reconciled generation. - format: int64 - type: integer - type: object - type: object - served: true - storage: false - subresources: - status: {} ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - labels: - app.kubernetes.io/component: kustomize-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.3.0 - name: kustomize-controller - namespace: flux-system ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app.kubernetes.io/component: kustomize-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.3.0 - control-plane: controller - name: kustomize-controller - namespace: flux-system -spec: - replicas: 1 - selector: - matchLabels: - app: kustomize-controller - template: - metadata: - annotations: - prometheus.io/port: "8080" - prometheus.io/scrape: "true" - labels: - app: kustomize-controller - spec: - containers: - - args: - - --events-addr=http://notification-controller.flux-system.svc.cluster.local./ - - --watch-all-namespaces=true - - --log-level=info - - --log-encoding=json - - --enable-leader-election - env: - - name: RUNTIME_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: GOMAXPROCS - valueFrom: - resourceFieldRef: - containerName: manager - resource: limits.cpu - - name: GOMEMLIMIT - valueFrom: - resourceFieldRef: - containerName: manager - resource: limits.memory - image: ghcr.io/fluxcd/kustomize-controller:v1.3.0 - imagePullPolicy: IfNotPresent - livenessProbe: - httpGet: - path: /healthz - port: healthz - name: manager - ports: - - containerPort: 8080 - name: http-prom - protocol: TCP - - containerPort: 9440 - name: healthz - protocol: TCP - readinessProbe: - httpGet: - path: /readyz - port: healthz - resources: - limits: - cpu: 1000m - memory: 1Gi - requests: - cpu: 100m - memory: 64Mi - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - runAsNonRoot: true - seccompProfile: - type: RuntimeDefault - volumeMounts: - - mountPath: /tmp - name: temp - nodeSelector: - kubernetes.io/os: linux - priorityClassName: system-cluster-critical - securityContext: - fsGroup: 1337 - serviceAccountName: kustomize-controller - terminationGracePeriodSeconds: 60 - volumes: - - emptyDir: {} - name: temp ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.15.0 - labels: - app.kubernetes.io/component: helm-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.3.0 - name: helmreleases.helm.toolkit.fluxcd.io -spec: - group: helm.toolkit.fluxcd.io - names: - kind: HelmRelease - listKind: HelmReleaseList - plural: helmreleases - shortNames: - - hr - singular: helmrelease - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - name: v2 - schema: - openAPIV3Schema: - description: HelmRelease is the Schema for the helmreleases API - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: HelmReleaseSpec defines the desired state of a Helm release. - properties: - chart: - description: |- - Chart defines the template of the v1.HelmChart that should be created - for this HelmRelease. - properties: - metadata: - description: ObjectMeta holds the template for metadata like labels - and annotations. - properties: - annotations: - additionalProperties: - type: string - description: |- - Annotations is an unstructured key value map stored with a resource that may be - set by external tools to store and retrieve arbitrary metadata. They are not - queryable and should be preserved when modifying objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ - type: object - labels: - additionalProperties: - type: string - description: |- - Map of string keys and values that can be used to organize and categorize - (scope and select) objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ - type: object - type: object - spec: - description: Spec holds the template for the v1.HelmChartSpec - for this HelmRelease. - properties: - chart: - description: The name or path the Helm chart is available - at in the SourceRef. - maxLength: 2048 - minLength: 1 - type: string - ignoreMissingValuesFiles: - description: IgnoreMissingValuesFiles controls whether to - silently ignore missing values files rather than failing. - type: boolean - interval: - description: |- - Interval at which to check the v1.Source for updates. Defaults to - 'HelmReleaseSpec.Interval'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - reconcileStrategy: - default: ChartVersion - description: |- - Determines what enables the creation of a new artifact. Valid values are - ('ChartVersion', 'Revision'). - See the documentation of the values for an explanation on their behavior. - Defaults to ChartVersion when omitted. - enum: - - ChartVersion - - Revision - type: string - sourceRef: - description: The name and namespace of the v1.Source the chart - is available at. - properties: - apiVersion: - description: APIVersion of the referent. - type: string - kind: - description: Kind of the referent. - enum: - - HelmRepository - - GitRepository - - Bucket - type: string - name: - description: Name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: Namespace of the referent. - maxLength: 63 - minLength: 1 - type: string - required: - - name - type: object - valuesFiles: - description: |- - Alternative list of values files to use as the chart values (values.yaml - is not included by default), expected to be a relative path in the SourceRef. - Values files are merged in the order of this list with the last file overriding - the first. Ignored when omitted. - items: - type: string - type: array - verify: - description: |- - Verify contains the secret name containing the trusted public keys - used to verify the signature and specifies which provider to use to check - whether OCI image is authentic. - This field is only supported for OCI sources. - Chart dependencies, which are not bundled in the umbrella chart artifact, - are not verified. - properties: - provider: - default: cosign - description: Provider specifies the technology used to - sign the OCI Helm chart. - enum: - - cosign - - notation - type: string - secretRef: - description: |- - SecretRef specifies the Kubernetes Secret containing the - trusted public keys. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - required: - - provider - type: object - version: - default: '*' - description: |- - Version semver expression, ignored for charts from v1.GitRepository and - v1beta2.Bucket sources. Defaults to latest when omitted. - type: string - required: - - chart - - sourceRef - type: object - required: - - spec - type: object - chartRef: - description: |- - ChartRef holds a reference to a source controller resource containing the - Helm chart artifact. - properties: - apiVersion: - description: APIVersion of the referent. - type: string - kind: - description: Kind of the referent. - enum: - - OCIRepository - - HelmChart - type: string - name: - description: Name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: |- - Namespace of the referent, defaults to the namespace of the Kubernetes - resource object that contains the reference. - maxLength: 63 - minLength: 1 - type: string - required: - - kind - - name - type: object - dependsOn: - description: |- - DependsOn may contain a meta.NamespacedObjectReference slice with - references to HelmRelease resources that must be ready before this HelmRelease - can be reconciled. - items: - description: |- - NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource object in any - namespace. - properties: - name: - description: Name of the referent. - type: string - namespace: - description: Namespace of the referent, when not specified it - acts as LocalObjectReference. - type: string - required: - - name - type: object - type: array - driftDetection: - description: |- - DriftDetection holds the configuration for detecting and handling - differences between the manifest in the Helm storage and the resources - currently existing in the cluster. - properties: - ignore: - description: |- - Ignore contains a list of rules for specifying which changes to ignore - during diffing. - items: - description: |- - IgnoreRule defines a rule to selectively disregard specific changes during - the drift detection process. - properties: - paths: - description: |- - Paths is a list of JSON Pointer (RFC 6901) paths to be excluded from - consideration in a Kubernetes object. - items: - type: string - type: array - target: - description: |- - Target is a selector for specifying Kubernetes objects to which this - rule applies. - If Target is not set, the Paths will be ignored for all Kubernetes - objects within the manifest of the Helm release. - properties: - annotationSelector: - description: |- - AnnotationSelector is a string that follows the label selection expression - https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource annotations. - type: string - group: - description: |- - Group is the API group to select resources from. - Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - kind: - description: |- - Kind of the API Group to select resources from. - Together with Group and Version it is capable of unambiguously - identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - labelSelector: - description: |- - LabelSelector is a string that follows the label selection expression - https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource labels. - type: string - name: - description: Name to match resources with. - type: string - namespace: - description: Namespace to select resources from. - type: string - version: - description: |- - Version of the API Group to select resources from. - Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - type: object - required: - - paths - type: object - type: array - mode: - description: |- - Mode defines how differences should be handled between the Helm manifest - and the manifest currently applied to the cluster. - If not explicitly set, it defaults to DiffModeDisabled. - enum: - - enabled - - warn - - disabled - type: string - type: object - install: - description: Install holds the configuration for Helm install actions - for this HelmRelease. - properties: - crds: - description: |- - CRDs upgrade CRDs from the Helm Chart's crds directory according - to the CRD upgrade policy provided here. Valid values are `Skip`, - `Create` or `CreateReplace`. Default is `Create` and if omitted - CRDs are installed but not updated. - - - Skip: do neither install nor replace (update) any CRDs. - - - Create: new CRDs are created, existing CRDs are neither updated nor deleted. - - - CreateReplace: new CRDs are created, existing CRDs are updated (replaced) - but not deleted. - - - By default, CRDs are applied (installed) during Helm install action. - With this option users can opt in to CRD replace existing CRDs on Helm - install actions, which is not (yet) natively supported by Helm. - https://helm.sh/docs/chart_best_practices/custom_resource_definitions. - enum: - - Skip - - Create - - CreateReplace - type: string - createNamespace: - description: |- - CreateNamespace tells the Helm install action to create the - HelmReleaseSpec.TargetNamespace if it does not exist yet. - On uninstall, the namespace will not be garbage collected. - type: boolean - disableHooks: - description: DisableHooks prevents hooks from running during the - Helm install action. - type: boolean - disableOpenAPIValidation: - description: |- - DisableOpenAPIValidation prevents the Helm install action from validating - rendered templates against the Kubernetes OpenAPI Schema. - type: boolean - disableWait: - description: |- - DisableWait disables the waiting for resources to be ready after a Helm - install has been performed. - type: boolean - disableWaitForJobs: - description: |- - DisableWaitForJobs disables waiting for jobs to complete after a Helm - install has been performed. - type: boolean - remediation: - description: |- - Remediation holds the remediation configuration for when the Helm install - action for the HelmRelease fails. The default is to not perform any action. - properties: - ignoreTestFailures: - description: |- - IgnoreTestFailures tells the controller to skip remediation when the Helm - tests are run after an install action but fail. Defaults to - 'Test.IgnoreFailures'. - type: boolean - remediateLastFailure: - description: |- - RemediateLastFailure tells the controller to remediate the last failure, when - no retries remain. Defaults to 'false'. - type: boolean - retries: - description: |- - Retries is the number of retries that should be attempted on failures before - bailing. Remediation, using an uninstall, is performed between each attempt. - Defaults to '0', a negative integer equals to unlimited retries. - type: integer - type: object - replace: - description: |- - Replace tells the Helm install action to re-use the 'ReleaseName', but only - if that name is a deleted release which remains in the history. - type: boolean - skipCRDs: - description: |- - SkipCRDs tells the Helm install action to not install any CRDs. By default, - CRDs are installed if not already present. - - - Deprecated use CRD policy (`crds`) attribute with value `Skip` instead. - type: boolean - timeout: - description: |- - Timeout is the time to wait for any individual Kubernetes operation (like - Jobs for hooks) during the performance of a Helm install action. Defaults to - 'HelmReleaseSpec.Timeout'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - type: object - interval: - description: Interval at which to reconcile the Helm release. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - kubeConfig: - description: |- - KubeConfig for reconciling the HelmRelease on a remote cluster. - When used in combination with HelmReleaseSpec.ServiceAccountName, - forces the controller to act on behalf of that Service Account at the - target cluster. - If the --default-service-account flag is set, its value will be used as - a controller level fallback for when HelmReleaseSpec.ServiceAccountName - is empty. - properties: - secretRef: - description: |- - SecretRef holds the name of a secret that contains a key with - the kubeconfig file as the value. If no key is set, the key will default - to 'value'. - It is recommended that the kubeconfig is self-contained, and the secret - is regularly updated if credentials such as a cloud-access-token expire. - Cloud specific `cmd-path` auth helpers will not function without adding - binaries and credentials to the Pod that is responsible for reconciling - Kubernetes resources. - properties: - key: - description: Key in the Secret, when not specified an implementation-specific - default key is used. - type: string - name: - description: Name of the Secret. - type: string - required: - - name - type: object - required: - - secretRef - type: object - maxHistory: - description: |- - MaxHistory is the number of revisions saved by Helm for this HelmRelease. - Use '0' for an unlimited number of revisions; defaults to '5'. - type: integer - persistentClient: - description: |- - PersistentClient tells the controller to use a persistent Kubernetes - client for this release. When enabled, the client will be reused for the - duration of the reconciliation, instead of being created and destroyed - for each (step of a) Helm action. - - - This can improve performance, but may cause issues with some Helm charts - that for example do create Custom Resource Definitions during installation - outside Helm's CRD lifecycle hooks, which are then not observed to be - available by e.g. post-install hooks. - - - If not set, it defaults to true. - type: boolean - postRenderers: - description: |- - PostRenderers holds an array of Helm PostRenderers, which will be applied in order - of their definition. - items: - description: PostRenderer contains a Helm PostRenderer specification. - properties: - kustomize: - description: Kustomization to apply as PostRenderer. - properties: - images: - description: |- - Images is a list of (image name, new name, new tag or digest) - for changing image names, tags or digests. This can also be achieved with a - patch, but this operator is simpler to specify. - items: - description: Image contains an image name, a new name, - a new tag or digest, which will replace the original - name and tag. - properties: - digest: - description: |- - Digest is the value used to replace the original image tag. - If digest is present NewTag value is ignored. - type: string - name: - description: Name is a tag-less image name. - type: string - newName: - description: NewName is the value used to replace - the original name. - type: string - newTag: - description: NewTag is the value used to replace the - original tag. - type: string - required: - - name - type: object - type: array - patches: - description: |- - Strategic merge and JSON patches, defined as inline YAML objects, - capable of targeting objects based on kind, label and annotation selectors. - items: - description: |- - Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should - be applied to. - properties: - patch: - description: |- - Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with - an array of operation objects. - type: string - target: - description: Target points to the resources that the - patch document should be applied to. - properties: - annotationSelector: - description: |- - AnnotationSelector is a string that follows the label selection expression - https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource annotations. - type: string - group: - description: |- - Group is the API group to select resources from. - Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - kind: - description: |- - Kind of the API Group to select resources from. - Together with Group and Version it is capable of unambiguously - identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - labelSelector: - description: |- - LabelSelector is a string that follows the label selection expression - https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource labels. - type: string - name: - description: Name to match resources with. - type: string - namespace: - description: Namespace to select resources from. - type: string - version: - description: |- - Version of the API Group to select resources from. - Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - type: object - required: - - patch - type: object - type: array - type: object - type: object - type: array - releaseName: - description: |- - ReleaseName used for the Helm release. Defaults to a composition of - '[TargetNamespace-]Name'. - maxLength: 53 - minLength: 1 - type: string - rollback: - description: Rollback holds the configuration for Helm rollback actions - for this HelmRelease. - properties: - cleanupOnFail: - description: |- - CleanupOnFail allows deletion of new resources created during the Helm - rollback action when it fails. - type: boolean - disableHooks: - description: DisableHooks prevents hooks from running during the - Helm rollback action. - type: boolean - disableWait: - description: |- - DisableWait disables the waiting for resources to be ready after a Helm - rollback has been performed. - type: boolean - disableWaitForJobs: - description: |- - DisableWaitForJobs disables waiting for jobs to complete after a Helm - rollback has been performed. - type: boolean - force: - description: Force forces resource updates through a replacement - strategy. - type: boolean - recreate: - description: Recreate performs pod restarts for the resource if - applicable. - type: boolean - timeout: - description: |- - Timeout is the time to wait for any individual Kubernetes operation (like - Jobs for hooks) during the performance of a Helm rollback action. Defaults to - 'HelmReleaseSpec.Timeout'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - type: object - serviceAccountName: - description: |- - The name of the Kubernetes service account to impersonate - when reconciling this HelmRelease. - maxLength: 253 - minLength: 1 - type: string - storageNamespace: - description: |- - StorageNamespace used for the Helm storage. - Defaults to the namespace of the HelmRelease. - maxLength: 63 - minLength: 1 - type: string - suspend: - description: |- - Suspend tells the controller to suspend reconciliation for this HelmRelease, - it does not apply to already started reconciliations. Defaults to false. - type: boolean - targetNamespace: - description: |- - TargetNamespace to target when performing operations for the HelmRelease. - Defaults to the namespace of the HelmRelease. - maxLength: 63 - minLength: 1 - type: string - test: - description: Test holds the configuration for Helm test actions for - this HelmRelease. - properties: - enable: - description: |- - Enable enables Helm test actions for this HelmRelease after an Helm install - or upgrade action has been performed. - type: boolean - filters: - description: Filters is a list of tests to run or exclude from - running. - items: - description: Filter holds the configuration for individual Helm - test filters. - properties: - exclude: - description: Exclude specifies whether the named test should - be excluded. - type: boolean - name: - description: Name is the name of the test. - maxLength: 253 - minLength: 1 - type: string - required: - - name - type: object - type: array - ignoreFailures: - description: |- - IgnoreFailures tells the controller to skip remediation when the Helm tests - are run but fail. Can be overwritten for tests run after install or upgrade - actions in 'Install.IgnoreTestFailures' and 'Upgrade.IgnoreTestFailures'. - type: boolean - timeout: - description: |- - Timeout is the time to wait for any individual Kubernetes operation during - the performance of a Helm test action. Defaults to 'HelmReleaseSpec.Timeout'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - type: object - timeout: - description: |- - Timeout is the time to wait for any individual Kubernetes operation (like Jobs - for hooks) during the performance of a Helm action. Defaults to '5m0s'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - uninstall: - description: Uninstall holds the configuration for Helm uninstall - actions for this HelmRelease. - properties: - deletionPropagation: - default: background - description: |- - DeletionPropagation specifies the deletion propagation policy when - a Helm uninstall is performed. - enum: - - background - - foreground - - orphan - type: string - disableHooks: - description: DisableHooks prevents hooks from running during the - Helm rollback action. - type: boolean - disableWait: - description: |- - DisableWait disables waiting for all the resources to be deleted after - a Helm uninstall is performed. - type: boolean - keepHistory: - description: |- - KeepHistory tells Helm to remove all associated resources and mark the - release as deleted, but retain the release history. - type: boolean - timeout: - description: |- - Timeout is the time to wait for any individual Kubernetes operation (like - Jobs for hooks) during the performance of a Helm uninstall action. Defaults - to 'HelmReleaseSpec.Timeout'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - type: object - upgrade: - description: Upgrade holds the configuration for Helm upgrade actions - for this HelmRelease. - properties: - cleanupOnFail: - description: |- - CleanupOnFail allows deletion of new resources created during the Helm - upgrade action when it fails. - type: boolean - crds: - description: |- - CRDs upgrade CRDs from the Helm Chart's crds directory according - to the CRD upgrade policy provided here. Valid values are `Skip`, - `Create` or `CreateReplace`. Default is `Skip` and if omitted - CRDs are neither installed nor upgraded. - - - Skip: do neither install nor replace (update) any CRDs. - - - Create: new CRDs are created, existing CRDs are neither updated nor deleted. - - - CreateReplace: new CRDs are created, existing CRDs are updated (replaced) - but not deleted. - - - By default, CRDs are not applied during Helm upgrade action. With this - option users can opt-in to CRD upgrade, which is not (yet) natively supported by Helm. - https://helm.sh/docs/chart_best_practices/custom_resource_definitions. - enum: - - Skip - - Create - - CreateReplace - type: string - disableHooks: - description: DisableHooks prevents hooks from running during the - Helm upgrade action. - type: boolean - disableOpenAPIValidation: - description: |- - DisableOpenAPIValidation prevents the Helm upgrade action from validating - rendered templates against the Kubernetes OpenAPI Schema. - type: boolean - disableWait: - description: |- - DisableWait disables the waiting for resources to be ready after a Helm - upgrade has been performed. - type: boolean - disableWaitForJobs: - description: |- - DisableWaitForJobs disables waiting for jobs to complete after a Helm - upgrade has been performed. - type: boolean - force: - description: Force forces resource updates through a replacement - strategy. - type: boolean - preserveValues: - description: |- - PreserveValues will make Helm reuse the last release's values and merge in - overrides from 'Values'. Setting this flag makes the HelmRelease - non-declarative. - type: boolean - remediation: - description: |- - Remediation holds the remediation configuration for when the Helm upgrade - action for the HelmRelease fails. The default is to not perform any action. - properties: - ignoreTestFailures: - description: |- - IgnoreTestFailures tells the controller to skip remediation when the Helm - tests are run after an upgrade action but fail. - Defaults to 'Test.IgnoreFailures'. - type: boolean - remediateLastFailure: - description: |- - RemediateLastFailure tells the controller to remediate the last failure, when - no retries remain. Defaults to 'false' unless 'Retries' is greater than 0. - type: boolean - retries: - description: |- - Retries is the number of retries that should be attempted on failures before - bailing. Remediation, using 'Strategy', is performed between each attempt. - Defaults to '0', a negative integer equals to unlimited retries. - type: integer - strategy: - description: Strategy to use for failure remediation. Defaults - to 'rollback'. - enum: - - rollback - - uninstall - type: string - type: object - timeout: - description: |- - Timeout is the time to wait for any individual Kubernetes operation (like - Jobs for hooks) during the performance of a Helm upgrade action. Defaults to - 'HelmReleaseSpec.Timeout'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - type: object - values: - description: Values holds the values for this Helm release. - x-kubernetes-preserve-unknown-fields: true - valuesFrom: - description: |- - ValuesFrom holds references to resources containing Helm values for this HelmRelease, - and information about how they should be merged. - items: - description: |- - ValuesReference contains a reference to a resource containing Helm values, - and optionally the key they can be found at. - properties: - kind: - description: Kind of the values referent, valid values are ('Secret', - 'ConfigMap'). - enum: - - Secret - - ConfigMap - type: string - name: - description: |- - Name of the values referent. Should reside in the same namespace as the - referring resource. - maxLength: 253 - minLength: 1 - type: string - optional: - description: |- - Optional marks this ValuesReference as optional. When set, a not found error - for the values reference is ignored, but any ValuesKey, TargetPath or - transient error will still result in a reconciliation failure. - type: boolean - targetPath: - description: |- - TargetPath is the YAML dot notation path the value should be merged at. When - set, the ValuesKey is expected to be a single flat value. Defaults to 'None', - which results in the values getting merged at the root. - maxLength: 250 - pattern: ^([a-zA-Z0-9_\-.\\\/]|\[[0-9]{1,5}\])+$ - type: string - valuesKey: - description: |- - ValuesKey is the data key where the values.yaml or a specific value can be - found at. Defaults to 'values.yaml'. - maxLength: 253 - pattern: ^[\-._a-zA-Z0-9]+$ - type: string - required: - - kind - - name - type: object - type: array - required: - - interval - type: object - x-kubernetes-validations: - - message: either chart or chartRef must be set - rule: (has(self.chart) && !has(self.chartRef)) || (!has(self.chart) - && has(self.chartRef)) - status: - default: - observedGeneration: -1 - description: HelmReleaseStatus defines the observed state of a HelmRelease. - properties: - conditions: - description: Conditions holds the conditions for the HelmRelease. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - failures: - description: |- - Failures is the reconciliation failure count against the latest desired - state. It is reset after a successful reconciliation. - format: int64 - type: integer - helmChart: - description: |- - HelmChart is the namespaced name of the HelmChart resource created by - the controller for the HelmRelease. - type: string - history: - description: |- - History holds the history of Helm releases performed for this HelmRelease - up to the last successfully completed release. - items: - description: |- - Snapshot captures a point-in-time copy of the status information for a Helm release, - as managed by the controller. - properties: - apiVersion: - description: |- - APIVersion is the API version of the Snapshot. - Provisional: when the calculation method of the Digest field is changed, - this field will be used to distinguish between the old and new methods. - type: string - appVersion: - description: AppVersion is the chart app version of the release - object in storage. - type: string - chartName: - description: ChartName is the chart name of the release object - in storage. - type: string - chartVersion: - description: |- - ChartVersion is the chart version of the release object in - storage. - type: string - configDigest: - description: |- - ConfigDigest is the checksum of the config (better known as - "values") of the release object in storage. - It has the format of `:`. - type: string - deleted: - description: Deleted is when the release was deleted. - format: date-time - type: string - digest: - description: |- - Digest is the checksum of the release object in storage. - It has the format of `:`. - type: string - firstDeployed: - description: FirstDeployed is when the release was first deployed. - format: date-time - type: string - lastDeployed: - description: LastDeployed is when the release was last deployed. - format: date-time - type: string - name: - description: Name is the name of the release. - type: string - namespace: - description: Namespace is the namespace the release is deployed - to. - type: string - ociDigest: - description: OCIDigest is the digest of the OCI artifact associated - with the release. - type: string - status: - description: Status is the current state of the release. - type: string - testHooks: - additionalProperties: - description: |- - TestHookStatus holds the status information for a test hook as observed - to be run by the controller. - properties: - lastCompleted: - description: LastCompleted is the time the test hook last - completed. - format: date-time - type: string - lastStarted: - description: LastStarted is the time the test hook was - last started. - format: date-time - type: string - phase: - description: Phase the test hook was observed to be in. - type: string - type: object - description: |- - TestHooks is the list of test hooks for the release as observed to be - run by the controller. - type: object - version: - description: Version is the version of the release object in - storage. - type: integer - required: - - chartName - - chartVersion - - configDigest - - digest - - firstDeployed - - lastDeployed - - name - - namespace - - status - - version - type: object - type: array - installFailures: - description: |- - InstallFailures is the install failure count against the latest desired - state. It is reset after a successful reconciliation. - format: int64 - type: integer - lastAttemptedConfigDigest: - description: |- - LastAttemptedConfigDigest is the digest for the config (better known as - "values") of the last reconciliation attempt. - type: string - lastAttemptedGeneration: - description: |- - LastAttemptedGeneration is the last generation the controller attempted - to reconcile. - format: int64 - type: integer - lastAttemptedReleaseAction: - description: |- - LastAttemptedReleaseAction is the last release action performed for this - HelmRelease. It is used to determine the active remediation strategy. - enum: - - install - - upgrade - type: string - lastAttemptedRevision: - description: |- - LastAttemptedRevision is the Source revision of the last reconciliation - attempt. For OCIRepository sources, the 12 first characters of the digest are - appended to the chart version e.g. "1.2.3+1234567890ab". - type: string - lastAttemptedRevisionDigest: - description: |- - LastAttemptedRevisionDigest is the digest of the last reconciliation attempt. - This is only set for OCIRepository sources. - type: string - lastAttemptedValuesChecksum: - description: |- - LastAttemptedValuesChecksum is the SHA1 checksum for the values of the last - reconciliation attempt. - Deprecated: Use LastAttemptedConfigDigest instead. - type: string - lastHandledForceAt: - description: |- - LastHandledForceAt holds the value of the most recent force request - value, so a change of the annotation value can be detected. - type: string - lastHandledReconcileAt: - description: |- - LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value - can be detected. - type: string - lastHandledResetAt: - description: |- - LastHandledResetAt holds the value of the most recent reset request - value, so a change of the annotation value can be detected. - type: string - lastReleaseRevision: - description: |- - LastReleaseRevision is the revision of the last successful Helm release. - Deprecated: Use History instead. - type: integer - observedGeneration: - description: ObservedGeneration is the last observed generation. - format: int64 - type: integer - observedPostRenderersDigest: - description: |- - ObservedPostRenderersDigest is the digest for the post-renderers of - the last successful reconciliation attempt. - type: string - storageNamespace: - description: |- - StorageNamespace is the namespace of the Helm release storage for the - current release. - maxLength: 63 - minLength: 1 - type: string - upgradeFailures: - description: |- - UpgradeFailures is the upgrade failure count against the latest desired - state. It is reset after a successful reconciliation. - format: int64 - type: integer - type: object - type: object - served: true - storage: true - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - deprecated: true - deprecationWarning: v2beta1 HelmRelease is deprecated, upgrade to v2 - name: v2beta1 - schema: - openAPIV3Schema: - description: HelmRelease is the Schema for the helmreleases API - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: HelmReleaseSpec defines the desired state of a Helm release. - properties: - chart: - description: |- - Chart defines the template of the v1beta2.HelmChart that should be created - for this HelmRelease. - properties: - metadata: - description: ObjectMeta holds the template for metadata like labels - and annotations. - properties: - annotations: - additionalProperties: - type: string - description: |- - Annotations is an unstructured key value map stored with a resource that may be - set by external tools to store and retrieve arbitrary metadata. They are not - queryable and should be preserved when modifying objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ - type: object - labels: - additionalProperties: - type: string - description: |- - Map of string keys and values that can be used to organize and categorize - (scope and select) objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ - type: object - type: object - spec: - description: Spec holds the template for the v1beta2.HelmChartSpec - for this HelmRelease. - properties: - chart: - description: The name or path the Helm chart is available - at in the SourceRef. - type: string - interval: - description: |- - Interval at which to check the v1beta2.Source for updates. Defaults to - 'HelmReleaseSpec.Interval'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - reconcileStrategy: - default: ChartVersion - description: |- - Determines what enables the creation of a new artifact. Valid values are - ('ChartVersion', 'Revision'). - See the documentation of the values for an explanation on their behavior. - Defaults to ChartVersion when omitted. - enum: - - ChartVersion - - Revision - type: string - sourceRef: - description: The name and namespace of the v1beta2.Source - the chart is available at. - properties: - apiVersion: - description: APIVersion of the referent. - type: string - kind: - description: Kind of the referent. - enum: - - HelmRepository - - GitRepository - - Bucket - type: string - name: - description: Name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: Namespace of the referent. - maxLength: 63 - minLength: 1 - type: string - required: - - name - type: object - valuesFile: - description: |- - Alternative values file to use as the default chart values, expected to - be a relative path in the SourceRef. Deprecated in favor of ValuesFiles, - for backwards compatibility the file defined here is merged before the - ValuesFiles items. Ignored when omitted. - type: string - valuesFiles: - description: |- - Alternative list of values files to use as the chart values (values.yaml - is not included by default), expected to be a relative path in the SourceRef. - Values files are merged in the order of this list with the last file overriding - the first. Ignored when omitted. - items: - type: string - type: array - verify: - description: |- - Verify contains the secret name containing the trusted public keys - used to verify the signature and specifies which provider to use to check - whether OCI image is authentic. - This field is only supported for OCI sources. - Chart dependencies, which are not bundled in the umbrella chart artifact, are not verified. - properties: - provider: - default: cosign - description: Provider specifies the technology used to - sign the OCI Helm chart. - enum: - - cosign - type: string - secretRef: - description: |- - SecretRef specifies the Kubernetes Secret containing the - trusted public keys. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - required: - - provider - type: object - version: - default: '*' - description: |- - Version semver expression, ignored for charts from v1beta2.GitRepository and - v1beta2.Bucket sources. Defaults to latest when omitted. - type: string - required: - - chart - - sourceRef - type: object - required: - - spec - type: object - chartRef: - description: |- - ChartRef holds a reference to a source controller resource containing the - Helm chart artifact. - - - Note: this field is provisional to the v2 API, and not actively used - by v2beta1 HelmReleases. - properties: - apiVersion: - description: APIVersion of the referent. - type: string - kind: - description: Kind of the referent. - enum: - - OCIRepository - - HelmChart - type: string - name: - description: Name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: |- - Namespace of the referent, defaults to the namespace of the Kubernetes - resource object that contains the reference. - maxLength: 63 - minLength: 1 - type: string - required: - - kind - - name - type: object - dependsOn: - description: |- - DependsOn may contain a meta.NamespacedObjectReference slice with - references to HelmRelease resources that must be ready before this HelmRelease - can be reconciled. - items: - description: |- - NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource object in any - namespace. - properties: - name: - description: Name of the referent. - type: string - namespace: - description: Namespace of the referent, when not specified it - acts as LocalObjectReference. - type: string - required: - - name - type: object - type: array - driftDetection: - description: |- - DriftDetection holds the configuration for detecting and handling - differences between the manifest in the Helm storage and the resources - currently existing in the cluster. - - - Note: this field is provisional to the v2beta2 API, and not actively used - by v2beta1 HelmReleases. - properties: - ignore: - description: |- - Ignore contains a list of rules for specifying which changes to ignore - during diffing. - items: - description: |- - IgnoreRule defines a rule to selectively disregard specific changes during - the drift detection process. - properties: - paths: - description: |- - Paths is a list of JSON Pointer (RFC 6901) paths to be excluded from - consideration in a Kubernetes object. - items: - type: string - type: array - target: - description: |- - Target is a selector for specifying Kubernetes objects to which this - rule applies. - If Target is not set, the Paths will be ignored for all Kubernetes - objects within the manifest of the Helm release. - properties: - annotationSelector: - description: |- - AnnotationSelector is a string that follows the label selection expression - https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource annotations. - type: string - group: - description: |- - Group is the API group to select resources from. - Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - kind: - description: |- - Kind of the API Group to select resources from. - Together with Group and Version it is capable of unambiguously - identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - labelSelector: - description: |- - LabelSelector is a string that follows the label selection expression - https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource labels. - type: string - name: - description: Name to match resources with. - type: string - namespace: - description: Namespace to select resources from. - type: string - version: - description: |- - Version of the API Group to select resources from. - Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - type: object - required: - - paths - type: object - type: array - mode: - description: |- - Mode defines how differences should be handled between the Helm manifest - and the manifest currently applied to the cluster. - If not explicitly set, it defaults to DiffModeDisabled. - enum: - - enabled - - warn - - disabled - type: string - type: object - install: - description: Install holds the configuration for Helm install actions - for this HelmRelease. - properties: - crds: - description: |- - CRDs upgrade CRDs from the Helm Chart's crds directory according - to the CRD upgrade policy provided here. Valid values are `Skip`, - `Create` or `CreateReplace`. Default is `Create` and if omitted - CRDs are installed but not updated. - - - Skip: do neither install nor replace (update) any CRDs. - - - Create: new CRDs are created, existing CRDs are neither updated nor deleted. - - - CreateReplace: new CRDs are created, existing CRDs are updated (replaced) - but not deleted. - - - By default, CRDs are applied (installed) during Helm install action. - With this option users can opt-in to CRD replace existing CRDs on Helm - install actions, which is not (yet) natively supported by Helm. - https://helm.sh/docs/chart_best_practices/custom_resource_definitions. - enum: - - Skip - - Create - - CreateReplace - type: string - createNamespace: - description: |- - CreateNamespace tells the Helm install action to create the - HelmReleaseSpec.TargetNamespace if it does not exist yet. - On uninstall, the namespace will not be garbage collected. - type: boolean - disableHooks: - description: DisableHooks prevents hooks from running during the - Helm install action. - type: boolean - disableOpenAPIValidation: - description: |- - DisableOpenAPIValidation prevents the Helm install action from validating - rendered templates against the Kubernetes OpenAPI Schema. - type: boolean - disableWait: - description: |- - DisableWait disables the waiting for resources to be ready after a Helm - install has been performed. - type: boolean - disableWaitForJobs: - description: |- - DisableWaitForJobs disables waiting for jobs to complete after a Helm - install has been performed. - type: boolean - remediation: - description: |- - Remediation holds the remediation configuration for when the Helm install - action for the HelmRelease fails. The default is to not perform any action. - properties: - ignoreTestFailures: - description: |- - IgnoreTestFailures tells the controller to skip remediation when the Helm - tests are run after an install action but fail. Defaults to - 'Test.IgnoreFailures'. - type: boolean - remediateLastFailure: - description: |- - RemediateLastFailure tells the controller to remediate the last failure, when - no retries remain. Defaults to 'false'. - type: boolean - retries: - description: |- - Retries is the number of retries that should be attempted on failures before - bailing. Remediation, using an uninstall, is performed between each attempt. - Defaults to '0', a negative integer equals to unlimited retries. - type: integer - type: object - replace: - description: |- - Replace tells the Helm install action to re-use the 'ReleaseName', but only - if that name is a deleted release which remains in the history. - type: boolean - skipCRDs: - description: |- - SkipCRDs tells the Helm install action to not install any CRDs. By default, - CRDs are installed if not already present. - - - Deprecated use CRD policy (`crds`) attribute with value `Skip` instead. - type: boolean - timeout: - description: |- - Timeout is the time to wait for any individual Kubernetes operation (like - Jobs for hooks) during the performance of a Helm install action. Defaults to - 'HelmReleaseSpec.Timeout'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - type: object - interval: - description: |- - Interval at which to reconcile the Helm release. - This interval is approximate and may be subject to jitter to ensure - efficient use of resources. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - kubeConfig: - description: |- - KubeConfig for reconciling the HelmRelease on a remote cluster. - When used in combination with HelmReleaseSpec.ServiceAccountName, - forces the controller to act on behalf of that Service Account at the - target cluster. - If the --default-service-account flag is set, its value will be used as - a controller level fallback for when HelmReleaseSpec.ServiceAccountName - is empty. - properties: - secretRef: - description: |- - SecretRef holds the name of a secret that contains a key with - the kubeconfig file as the value. If no key is set, the key will default - to 'value'. - It is recommended that the kubeconfig is self-contained, and the secret - is regularly updated if credentials such as a cloud-access-token expire. - Cloud specific `cmd-path` auth helpers will not function without adding - binaries and credentials to the Pod that is responsible for reconciling - Kubernetes resources. - properties: - key: - description: Key in the Secret, when not specified an implementation-specific - default key is used. - type: string - name: - description: Name of the Secret. - type: string - required: - - name - type: object - required: - - secretRef - type: object - maxHistory: - description: |- - MaxHistory is the number of revisions saved by Helm for this HelmRelease. - Use '0' for an unlimited number of revisions; defaults to '10'. - type: integer - persistentClient: - description: |- - PersistentClient tells the controller to use a persistent Kubernetes - client for this release. When enabled, the client will be reused for the - duration of the reconciliation, instead of being created and destroyed - for each (step of a) Helm action. - - - This can improve performance, but may cause issues with some Helm charts - that for example do create Custom Resource Definitions during installation - outside Helm's CRD lifecycle hooks, which are then not observed to be - available by e.g. post-install hooks. - - - If not set, it defaults to true. - type: boolean - postRenderers: - description: |- - PostRenderers holds an array of Helm PostRenderers, which will be applied in order - of their definition. - items: - description: PostRenderer contains a Helm PostRenderer specification. - properties: - kustomize: - description: Kustomization to apply as PostRenderer. - properties: - images: - description: |- - Images is a list of (image name, new name, new tag or digest) - for changing image names, tags or digests. This can also be achieved with a - patch, but this operator is simpler to specify. - items: - description: Image contains an image name, a new name, - a new tag or digest, which will replace the original - name and tag. - properties: - digest: - description: |- - Digest is the value used to replace the original image tag. - If digest is present NewTag value is ignored. - type: string - name: - description: Name is a tag-less image name. - type: string - newName: - description: NewName is the value used to replace - the original name. - type: string - newTag: - description: NewTag is the value used to replace the - original tag. - type: string - required: - - name - type: object - type: array - patches: - description: |- - Strategic merge and JSON patches, defined as inline YAML objects, - capable of targeting objects based on kind, label and annotation selectors. - items: - description: |- - Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should - be applied to. - properties: - patch: - description: |- - Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with - an array of operation objects. - type: string - target: - description: Target points to the resources that the - patch document should be applied to. - properties: - annotationSelector: - description: |- - AnnotationSelector is a string that follows the label selection expression - https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource annotations. - type: string - group: - description: |- - Group is the API group to select resources from. - Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - kind: - description: |- - Kind of the API Group to select resources from. - Together with Group and Version it is capable of unambiguously - identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - labelSelector: - description: |- - LabelSelector is a string that follows the label selection expression - https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource labels. - type: string - name: - description: Name to match resources with. - type: string - namespace: - description: Namespace to select resources from. - type: string - version: - description: |- - Version of the API Group to select resources from. - Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - type: object - required: - - patch - type: object - type: array - patchesJson6902: - description: JSON 6902 patches, defined as inline YAML objects. - items: - description: JSON6902Patch contains a JSON6902 patch and - the target the patch should be applied to. - properties: - patch: - description: Patch contains the JSON6902 patch document - with an array of operation objects. - items: - description: |- - JSON6902 is a JSON6902 operation object. - https://datatracker.ietf.org/doc/html/rfc6902#section-4 - properties: - from: - description: |- - From contains a JSON-pointer value that references a location within the target document where the operation is - performed. The meaning of the value depends on the value of Op, and is NOT taken into account by all operations. - type: string - op: - description: |- - Op indicates the operation to perform. Its value MUST be one of "add", "remove", "replace", "move", "copy", or - "test". - https://datatracker.ietf.org/doc/html/rfc6902#section-4 - enum: - - test - - remove - - add - - replace - - move - - copy - type: string - path: - description: |- - Path contains the JSON-pointer value that references a location within the target document where the operation - is performed. The meaning of the value depends on the value of Op. - type: string - value: - description: |- - Value contains a valid JSON structure. The meaning of the value depends on the value of Op, and is NOT taken into - account by all operations. - x-kubernetes-preserve-unknown-fields: true - required: - - op - - path - type: object - type: array - target: - description: Target points to the resources that the - patch document should be applied to. - properties: - annotationSelector: - description: |- - AnnotationSelector is a string that follows the label selection expression - https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource annotations. - type: string - group: - description: |- - Group is the API group to select resources from. - Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - kind: - description: |- - Kind of the API Group to select resources from. - Together with Group and Version it is capable of unambiguously - identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - labelSelector: - description: |- - LabelSelector is a string that follows the label selection expression - https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource labels. - type: string - name: - description: Name to match resources with. - type: string - namespace: - description: Namespace to select resources from. - type: string - version: - description: |- - Version of the API Group to select resources from. - Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - type: object - required: - - patch - - target - type: object - type: array - patchesStrategicMerge: - description: Strategic merge patches, defined as inline - YAML objects. - items: - x-kubernetes-preserve-unknown-fields: true - type: array - type: object - type: object - type: array - releaseName: - description: |- - ReleaseName used for the Helm release. Defaults to a composition of - '[TargetNamespace-]Name'. - maxLength: 53 - minLength: 1 - type: string - rollback: - description: Rollback holds the configuration for Helm rollback actions - for this HelmRelease. - properties: - cleanupOnFail: - description: |- - CleanupOnFail allows deletion of new resources created during the Helm - rollback action when it fails. - type: boolean - disableHooks: - description: DisableHooks prevents hooks from running during the - Helm rollback action. - type: boolean - disableWait: - description: |- - DisableWait disables the waiting for resources to be ready after a Helm - rollback has been performed. - type: boolean - disableWaitForJobs: - description: |- - DisableWaitForJobs disables waiting for jobs to complete after a Helm - rollback has been performed. - type: boolean - force: - description: Force forces resource updates through a replacement - strategy. - type: boolean - recreate: - description: Recreate performs pod restarts for the resource if - applicable. - type: boolean - timeout: - description: |- - Timeout is the time to wait for any individual Kubernetes operation (like - Jobs for hooks) during the performance of a Helm rollback action. Defaults to - 'HelmReleaseSpec.Timeout'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - type: object - serviceAccountName: - description: |- - The name of the Kubernetes service account to impersonate - when reconciling this HelmRelease. - type: string - storageNamespace: - description: |- - StorageNamespace used for the Helm storage. - Defaults to the namespace of the HelmRelease. - maxLength: 63 - minLength: 1 - type: string - suspend: - description: |- - Suspend tells the controller to suspend reconciliation for this HelmRelease, - it does not apply to already started reconciliations. Defaults to false. - type: boolean - targetNamespace: - description: |- - TargetNamespace to target when performing operations for the HelmRelease. - Defaults to the namespace of the HelmRelease. - maxLength: 63 - minLength: 1 - type: string - test: - description: Test holds the configuration for Helm test actions for - this HelmRelease. - properties: - enable: - description: |- - Enable enables Helm test actions for this HelmRelease after an Helm install - or upgrade action has been performed. - type: boolean - ignoreFailures: - description: |- - IgnoreFailures tells the controller to skip remediation when the Helm tests - are run but fail. Can be overwritten for tests run after install or upgrade - actions in 'Install.IgnoreTestFailures' and 'Upgrade.IgnoreTestFailures'. - type: boolean - timeout: - description: |- - Timeout is the time to wait for any individual Kubernetes operation during - the performance of a Helm test action. Defaults to 'HelmReleaseSpec.Timeout'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - type: object - timeout: - description: |- - Timeout is the time to wait for any individual Kubernetes operation (like Jobs - for hooks) during the performance of a Helm action. Defaults to '5m0s'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - uninstall: - description: Uninstall holds the configuration for Helm uninstall - actions for this HelmRelease. - properties: - deletionPropagation: - default: background - description: |- - DeletionPropagation specifies the deletion propagation policy when - a Helm uninstall is performed. - enum: - - background - - foreground - - orphan - type: string - disableHooks: - description: DisableHooks prevents hooks from running during the - Helm rollback action. - type: boolean - disableWait: - description: |- - DisableWait disables waiting for all the resources to be deleted after - a Helm uninstall is performed. - type: boolean - keepHistory: - description: |- - KeepHistory tells Helm to remove all associated resources and mark the - release as deleted, but retain the release history. - type: boolean - timeout: - description: |- - Timeout is the time to wait for any individual Kubernetes operation (like - Jobs for hooks) during the performance of a Helm uninstall action. Defaults - to 'HelmReleaseSpec.Timeout'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - type: object - upgrade: - description: Upgrade holds the configuration for Helm upgrade actions - for this HelmRelease. - properties: - cleanupOnFail: - description: |- - CleanupOnFail allows deletion of new resources created during the Helm - upgrade action when it fails. - type: boolean - crds: - description: |- - CRDs upgrade CRDs from the Helm Chart's crds directory according - to the CRD upgrade policy provided here. Valid values are `Skip`, - `Create` or `CreateReplace`. Default is `Skip` and if omitted - CRDs are neither installed nor upgraded. - - - Skip: do neither install nor replace (update) any CRDs. - - - Create: new CRDs are created, existing CRDs are neither updated nor deleted. - - - CreateReplace: new CRDs are created, existing CRDs are updated (replaced) - but not deleted. - - - By default, CRDs are not applied during Helm upgrade action. With this - option users can opt-in to CRD upgrade, which is not (yet) natively supported by Helm. - https://helm.sh/docs/chart_best_practices/custom_resource_definitions. - enum: - - Skip - - Create - - CreateReplace - type: string - disableHooks: - description: DisableHooks prevents hooks from running during the - Helm upgrade action. - type: boolean - disableOpenAPIValidation: - description: |- - DisableOpenAPIValidation prevents the Helm upgrade action from validating - rendered templates against the Kubernetes OpenAPI Schema. - type: boolean - disableWait: - description: |- - DisableWait disables the waiting for resources to be ready after a Helm - upgrade has been performed. - type: boolean - disableWaitForJobs: - description: |- - DisableWaitForJobs disables waiting for jobs to complete after a Helm - upgrade has been performed. - type: boolean - force: - description: Force forces resource updates through a replacement - strategy. - type: boolean - preserveValues: - description: |- - PreserveValues will make Helm reuse the last release's values and merge in - overrides from 'Values'. Setting this flag makes the HelmRelease - non-declarative. - type: boolean - remediation: - description: |- - Remediation holds the remediation configuration for when the Helm upgrade - action for the HelmRelease fails. The default is to not perform any action. - properties: - ignoreTestFailures: - description: |- - IgnoreTestFailures tells the controller to skip remediation when the Helm - tests are run after an upgrade action but fail. - Defaults to 'Test.IgnoreFailures'. - type: boolean - remediateLastFailure: - description: |- - RemediateLastFailure tells the controller to remediate the last failure, when - no retries remain. Defaults to 'false' unless 'Retries' is greater than 0. - type: boolean - retries: - description: |- - Retries is the number of retries that should be attempted on failures before - bailing. Remediation, using 'Strategy', is performed between each attempt. - Defaults to '0', a negative integer equals to unlimited retries. - type: integer - strategy: - description: Strategy to use for failure remediation. Defaults - to 'rollback'. - enum: - - rollback - - uninstall - type: string - type: object - timeout: - description: |- - Timeout is the time to wait for any individual Kubernetes operation (like - Jobs for hooks) during the performance of a Helm upgrade action. Defaults to - 'HelmReleaseSpec.Timeout'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - type: object - values: - description: Values holds the values for this Helm release. - x-kubernetes-preserve-unknown-fields: true - valuesFrom: - description: |- - ValuesFrom holds references to resources containing Helm values for this HelmRelease, - and information about how they should be merged. - items: - description: |- - ValuesReference contains a reference to a resource containing Helm values, - and optionally the key they can be found at. - properties: - kind: - description: Kind of the values referent, valid values are ('Secret', - 'ConfigMap'). - enum: - - Secret - - ConfigMap - type: string - name: - description: |- - Name of the values referent. Should reside in the same namespace as the - referring resource. - maxLength: 253 - minLength: 1 - type: string - optional: - description: |- - Optional marks this ValuesReference as optional. When set, a not found error - for the values reference is ignored, but any ValuesKey, TargetPath or - transient error will still result in a reconciliation failure. - type: boolean - targetPath: - description: |- - TargetPath is the YAML dot notation path the value should be merged at. When - set, the ValuesKey is expected to be a single flat value. Defaults to 'None', - which results in the values getting merged at the root. - maxLength: 250 - pattern: ^([a-zA-Z0-9_\-.\\\/]|\[[0-9]{1,5}\])+$ - type: string - valuesKey: - description: |- - ValuesKey is the data key where the values.yaml or a specific value can be - found at. Defaults to 'values.yaml'. - When set, must be a valid Data Key, consisting of alphanumeric characters, - '-', '_' or '.'. - maxLength: 253 - pattern: ^[\-._a-zA-Z0-9]+$ - type: string - required: - - kind - - name - type: object - type: array - required: - - interval - type: object - status: - default: - observedGeneration: -1 - description: HelmReleaseStatus defines the observed state of a HelmRelease. - properties: - conditions: - description: Conditions holds the conditions for the HelmRelease. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - failures: - description: |- - Failures is the reconciliation failure count against the latest desired - state. It is reset after a successful reconciliation. - format: int64 - type: integer - helmChart: - description: |- - HelmChart is the namespaced name of the HelmChart resource created by - the controller for the HelmRelease. - type: string - history: - description: |- - History holds the history of Helm releases performed for this HelmRelease - up to the last successfully completed release. - - - Note: this field is provisional to the v2beta2 API, and not actively used - by v2beta1 HelmReleases. - items: - description: |- - Snapshot captures a point-in-time copy of the status information for a Helm release, - as managed by the controller. - properties: - apiVersion: - description: |- - APIVersion is the API version of the Snapshot. - Provisional: when the calculation method of the Digest field is changed, - this field will be used to distinguish between the old and new methods. - type: string - appVersion: - description: AppVersion is the chart app version of the release - object in storage. - type: string - chartName: - description: ChartName is the chart name of the release object - in storage. - type: string - chartVersion: - description: |- - ChartVersion is the chart version of the release object in - storage. - type: string - configDigest: - description: |- - ConfigDigest is the checksum of the config (better known as - "values") of the release object in storage. - It has the format of `:`. - type: string - deleted: - description: Deleted is when the release was deleted. - format: date-time - type: string - digest: - description: |- - Digest is the checksum of the release object in storage. - It has the format of `:`. - type: string - firstDeployed: - description: FirstDeployed is when the release was first deployed. - format: date-time - type: string - lastDeployed: - description: LastDeployed is when the release was last deployed. - format: date-time - type: string - name: - description: Name is the name of the release. - type: string - namespace: - description: Namespace is the namespace the release is deployed - to. - type: string - ociDigest: - description: OCIDigest is the digest of the OCI artifact associated - with the release. - type: string - status: - description: Status is the current state of the release. - type: string - testHooks: - additionalProperties: - description: |- - TestHookStatus holds the status information for a test hook as observed - to be run by the controller. - properties: - lastCompleted: - description: LastCompleted is the time the test hook last - completed. - format: date-time - type: string - lastStarted: - description: LastStarted is the time the test hook was - last started. - format: date-time - type: string - phase: - description: Phase the test hook was observed to be in. - type: string - type: object - description: |- - TestHooks is the list of test hooks for the release as observed to be - run by the controller. - type: object - version: - description: Version is the version of the release object in - storage. - type: integer - required: - - chartName - - chartVersion - - configDigest - - digest - - firstDeployed - - lastDeployed - - name - - namespace - - status - - version - type: object - type: array - installFailures: - description: |- - InstallFailures is the install failure count against the latest desired - state. It is reset after a successful reconciliation. - format: int64 - type: integer - lastAppliedRevision: - description: LastAppliedRevision is the revision of the last successfully - applied source. - type: string - lastAttemptedConfigDigest: - description: |- - LastAttemptedConfigDigest is the digest for the config (better known as - "values") of the last reconciliation attempt. - - - Note: this field is provisional to the v2beta2 API, and not actively used - by v2beta1 HelmReleases. - type: string - lastAttemptedGeneration: - description: |- - LastAttemptedGeneration is the last generation the controller attempted - to reconcile. - - - Note: this field is provisional to the v2beta2 API, and not actively used - by v2beta1 HelmReleases. - format: int64 - type: integer - lastAttemptedReleaseAction: - description: |- - LastAttemptedReleaseAction is the last release action performed for this - HelmRelease. It is used to determine the active remediation strategy. - - - Note: this field is provisional to the v2beta2 API, and not actively used - by v2beta1 HelmReleases. - type: string - lastAttemptedRevision: - description: LastAttemptedRevision is the revision of the last reconciliation - attempt. - type: string - lastAttemptedValuesChecksum: - description: |- - LastAttemptedValuesChecksum is the SHA1 checksum of the values of the last - reconciliation attempt. - type: string - lastHandledForceAt: - description: |- - LastHandledForceAt holds the value of the most recent force request - value, so a change of the annotation value can be detected. - - - Note: this field is provisional to the v2beta2 API, and not actively used - by v2beta1 HelmReleases. - type: string - lastHandledReconcileAt: - description: |- - LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value - can be detected. - type: string - lastHandledResetAt: - description: |- - LastHandledResetAt holds the value of the most recent reset request - value, so a change of the annotation value can be detected. - - - Note: this field is provisional to the v2beta2 API, and not actively used - by v2beta1 HelmReleases. - type: string - lastReleaseRevision: - description: LastReleaseRevision is the revision of the last successful - Helm release. - type: integer - observedGeneration: - description: ObservedGeneration is the last observed generation. - format: int64 - type: integer - observedPostRenderersDigest: - description: |- - ObservedPostRenderersDigest is the digest for the post-renderers of - the last successful reconciliation attempt. - type: string - storageNamespace: - description: |- - StorageNamespace is the namespace of the Helm release storage for the - current release. - - - Note: this field is provisional to the v2beta2 API, and not actively used - by v2beta1 HelmReleases. - type: string - upgradeFailures: - description: |- - UpgradeFailures is the upgrade failure count against the latest desired - state. It is reset after a successful reconciliation. - format: int64 - type: integer - type: object - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - deprecated: true - deprecationWarning: v2beta2 HelmRelease is deprecated, upgrade to v2 - name: v2beta2 - schema: - openAPIV3Schema: - description: HelmRelease is the Schema for the helmreleases API - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: HelmReleaseSpec defines the desired state of a Helm release. - properties: - chart: - description: |- - Chart defines the template of the v1beta2.HelmChart that should be created - for this HelmRelease. - properties: - metadata: - description: ObjectMeta holds the template for metadata like labels - and annotations. - properties: - annotations: - additionalProperties: - type: string - description: |- - Annotations is an unstructured key value map stored with a resource that may be - set by external tools to store and retrieve arbitrary metadata. They are not - queryable and should be preserved when modifying objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ - type: object - labels: - additionalProperties: - type: string - description: |- - Map of string keys and values that can be used to organize and categorize - (scope and select) objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ - type: object - type: object - spec: - description: Spec holds the template for the v1beta2.HelmChartSpec - for this HelmRelease. - properties: - chart: - description: The name or path the Helm chart is available - at in the SourceRef. - maxLength: 2048 - minLength: 1 - type: string - ignoreMissingValuesFiles: - description: IgnoreMissingValuesFiles controls whether to - silently ignore missing values files rather than failing. - type: boolean - interval: - description: |- - Interval at which to check the v1.Source for updates. Defaults to - 'HelmReleaseSpec.Interval'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - reconcileStrategy: - default: ChartVersion - description: |- - Determines what enables the creation of a new artifact. Valid values are - ('ChartVersion', 'Revision'). - See the documentation of the values for an explanation on their behavior. - Defaults to ChartVersion when omitted. - enum: - - ChartVersion - - Revision - type: string - sourceRef: - description: The name and namespace of the v1.Source the chart - is available at. - properties: - apiVersion: - description: APIVersion of the referent. - type: string - kind: - description: Kind of the referent. - enum: - - HelmRepository - - GitRepository - - Bucket - type: string - name: - description: Name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: Namespace of the referent. - maxLength: 63 - minLength: 1 - type: string - required: - - name - type: object - valuesFile: - description: |- - Alternative values file to use as the default chart values, expected to - be a relative path in the SourceRef. Deprecated in favor of ValuesFiles, - for backwards compatibility the file defined here is merged before the - ValuesFiles items. Ignored when omitted. - type: string - valuesFiles: - description: |- - Alternative list of values files to use as the chart values (values.yaml - is not included by default), expected to be a relative path in the SourceRef. - Values files are merged in the order of this list with the last file overriding - the first. Ignored when omitted. - items: - type: string - type: array - verify: - description: |- - Verify contains the secret name containing the trusted public keys - used to verify the signature and specifies which provider to use to check - whether OCI image is authentic. - This field is only supported for OCI sources. - Chart dependencies, which are not bundled in the umbrella chart artifact, - are not verified. - properties: - provider: - default: cosign - description: Provider specifies the technology used to - sign the OCI Helm chart. - enum: - - cosign - - notation - type: string - secretRef: - description: |- - SecretRef specifies the Kubernetes Secret containing the - trusted public keys. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - required: - - provider - type: object - version: - default: '*' - description: |- - Version semver expression, ignored for charts from v1beta2.GitRepository and - v1beta2.Bucket sources. Defaults to latest when omitted. - type: string - required: - - chart - - sourceRef - type: object - required: - - spec - type: object - chartRef: - description: |- - ChartRef holds a reference to a source controller resource containing the - Helm chart artifact. - - - Note: this field is provisional to the v2 API, and not actively used - by v2beta2 HelmReleases. - properties: - apiVersion: - description: APIVersion of the referent. - type: string - kind: - description: Kind of the referent. - enum: - - OCIRepository - - HelmChart - type: string - name: - description: Name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: |- - Namespace of the referent, defaults to the namespace of the Kubernetes - resource object that contains the reference. - maxLength: 63 - minLength: 1 - type: string - required: - - kind - - name - type: object - dependsOn: - description: |- - DependsOn may contain a meta.NamespacedObjectReference slice with - references to HelmRelease resources that must be ready before this HelmRelease - can be reconciled. - items: - description: |- - NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource object in any - namespace. - properties: - name: - description: Name of the referent. - type: string - namespace: - description: Namespace of the referent, when not specified it - acts as LocalObjectReference. - type: string - required: - - name - type: object - type: array - driftDetection: - description: |- - DriftDetection holds the configuration for detecting and handling - differences between the manifest in the Helm storage and the resources - currently existing in the cluster. - properties: - ignore: - description: |- - Ignore contains a list of rules for specifying which changes to ignore - during diffing. - items: - description: |- - IgnoreRule defines a rule to selectively disregard specific changes during - the drift detection process. - properties: - paths: - description: |- - Paths is a list of JSON Pointer (RFC 6901) paths to be excluded from - consideration in a Kubernetes object. - items: - type: string - type: array - target: - description: |- - Target is a selector for specifying Kubernetes objects to which this - rule applies. - If Target is not set, the Paths will be ignored for all Kubernetes - objects within the manifest of the Helm release. - properties: - annotationSelector: - description: |- - AnnotationSelector is a string that follows the label selection expression - https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource annotations. - type: string - group: - description: |- - Group is the API group to select resources from. - Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - kind: - description: |- - Kind of the API Group to select resources from. - Together with Group and Version it is capable of unambiguously - identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - labelSelector: - description: |- - LabelSelector is a string that follows the label selection expression - https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource labels. - type: string - name: - description: Name to match resources with. - type: string - namespace: - description: Namespace to select resources from. - type: string - version: - description: |- - Version of the API Group to select resources from. - Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - type: object - required: - - paths - type: object - type: array - mode: - description: |- - Mode defines how differences should be handled between the Helm manifest - and the manifest currently applied to the cluster. - If not explicitly set, it defaults to DiffModeDisabled. - enum: - - enabled - - warn - - disabled - type: string - type: object - install: - description: Install holds the configuration for Helm install actions - for this HelmRelease. - properties: - crds: - description: |- - CRDs upgrade CRDs from the Helm Chart's crds directory according - to the CRD upgrade policy provided here. Valid values are `Skip`, - `Create` or `CreateReplace`. Default is `Create` and if omitted - CRDs are installed but not updated. - - - Skip: do neither install nor replace (update) any CRDs. - - - Create: new CRDs are created, existing CRDs are neither updated nor deleted. - - - CreateReplace: new CRDs are created, existing CRDs are updated (replaced) - but not deleted. - - - By default, CRDs are applied (installed) during Helm install action. - With this option users can opt in to CRD replace existing CRDs on Helm - install actions, which is not (yet) natively supported by Helm. - https://helm.sh/docs/chart_best_practices/custom_resource_definitions. - enum: - - Skip - - Create - - CreateReplace - type: string - createNamespace: - description: |- - CreateNamespace tells the Helm install action to create the - HelmReleaseSpec.TargetNamespace if it does not exist yet. - On uninstall, the namespace will not be garbage collected. - type: boolean - disableHooks: - description: DisableHooks prevents hooks from running during the - Helm install action. - type: boolean - disableOpenAPIValidation: - description: |- - DisableOpenAPIValidation prevents the Helm install action from validating - rendered templates against the Kubernetes OpenAPI Schema. - type: boolean - disableWait: - description: |- - DisableWait disables the waiting for resources to be ready after a Helm - install has been performed. - type: boolean - disableWaitForJobs: - description: |- - DisableWaitForJobs disables waiting for jobs to complete after a Helm - install has been performed. - type: boolean - remediation: - description: |- - Remediation holds the remediation configuration for when the Helm install - action for the HelmRelease fails. The default is to not perform any action. - properties: - ignoreTestFailures: - description: |- - IgnoreTestFailures tells the controller to skip remediation when the Helm - tests are run after an install action but fail. Defaults to - 'Test.IgnoreFailures'. - type: boolean - remediateLastFailure: - description: |- - RemediateLastFailure tells the controller to remediate the last failure, when - no retries remain. Defaults to 'false'. - type: boolean - retries: - description: |- - Retries is the number of retries that should be attempted on failures before - bailing. Remediation, using an uninstall, is performed between each attempt. - Defaults to '0', a negative integer equals to unlimited retries. - type: integer - type: object - replace: - description: |- - Replace tells the Helm install action to re-use the 'ReleaseName', but only - if that name is a deleted release which remains in the history. - type: boolean - skipCRDs: - description: |- - SkipCRDs tells the Helm install action to not install any CRDs. By default, - CRDs are installed if not already present. - - - Deprecated use CRD policy (`crds`) attribute with value `Skip` instead. - type: boolean - timeout: - description: |- - Timeout is the time to wait for any individual Kubernetes operation (like - Jobs for hooks) during the performance of a Helm install action. Defaults to - 'HelmReleaseSpec.Timeout'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - type: object - interval: - description: Interval at which to reconcile the Helm release. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - kubeConfig: - description: |- - KubeConfig for reconciling the HelmRelease on a remote cluster. - When used in combination with HelmReleaseSpec.ServiceAccountName, - forces the controller to act on behalf of that Service Account at the - target cluster. - If the --default-service-account flag is set, its value will be used as - a controller level fallback for when HelmReleaseSpec.ServiceAccountName - is empty. - properties: - secretRef: - description: |- - SecretRef holds the name of a secret that contains a key with - the kubeconfig file as the value. If no key is set, the key will default - to 'value'. - It is recommended that the kubeconfig is self-contained, and the secret - is regularly updated if credentials such as a cloud-access-token expire. - Cloud specific `cmd-path` auth helpers will not function without adding - binaries and credentials to the Pod that is responsible for reconciling - Kubernetes resources. - properties: - key: - description: Key in the Secret, when not specified an implementation-specific - default key is used. - type: string - name: - description: Name of the Secret. - type: string - required: - - name - type: object - required: - - secretRef - type: object - maxHistory: - description: |- - MaxHistory is the number of revisions saved by Helm for this HelmRelease. - Use '0' for an unlimited number of revisions; defaults to '5'. - type: integer - persistentClient: - description: |- - PersistentClient tells the controller to use a persistent Kubernetes - client for this release. When enabled, the client will be reused for the - duration of the reconciliation, instead of being created and destroyed - for each (step of a) Helm action. - - - This can improve performance, but may cause issues with some Helm charts - that for example do create Custom Resource Definitions during installation - outside Helm's CRD lifecycle hooks, which are then not observed to be - available by e.g. post-install hooks. - - - If not set, it defaults to true. - type: boolean - postRenderers: - description: |- - PostRenderers holds an array of Helm PostRenderers, which will be applied in order - of their definition. - items: - description: PostRenderer contains a Helm PostRenderer specification. - properties: - kustomize: - description: Kustomization to apply as PostRenderer. - properties: - images: - description: |- - Images is a list of (image name, new name, new tag or digest) - for changing image names, tags or digests. This can also be achieved with a - patch, but this operator is simpler to specify. - items: - description: Image contains an image name, a new name, - a new tag or digest, which will replace the original - name and tag. - properties: - digest: - description: |- - Digest is the value used to replace the original image tag. - If digest is present NewTag value is ignored. - type: string - name: - description: Name is a tag-less image name. - type: string - newName: - description: NewName is the value used to replace - the original name. - type: string - newTag: - description: NewTag is the value used to replace the - original tag. - type: string - required: - - name - type: object - type: array - patches: - description: |- - Strategic merge and JSON patches, defined as inline YAML objects, - capable of targeting objects based on kind, label and annotation selectors. - items: - description: |- - Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should - be applied to. - properties: - patch: - description: |- - Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with - an array of operation objects. - type: string - target: - description: Target points to the resources that the - patch document should be applied to. - properties: - annotationSelector: - description: |- - AnnotationSelector is a string that follows the label selection expression - https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource annotations. - type: string - group: - description: |- - Group is the API group to select resources from. - Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - kind: - description: |- - Kind of the API Group to select resources from. - Together with Group and Version it is capable of unambiguously - identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - labelSelector: - description: |- - LabelSelector is a string that follows the label selection expression - https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource labels. - type: string - name: - description: Name to match resources with. - type: string - namespace: - description: Namespace to select resources from. - type: string - version: - description: |- - Version of the API Group to select resources from. - Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - type: object - required: - - patch - type: object - type: array - patchesJson6902: - description: |- - JSON 6902 patches, defined as inline YAML objects. - Deprecated: use Patches instead. - items: - description: JSON6902Patch contains a JSON6902 patch and - the target the patch should be applied to. - properties: - patch: - description: Patch contains the JSON6902 patch document - with an array of operation objects. - items: - description: |- - JSON6902 is a JSON6902 operation object. - https://datatracker.ietf.org/doc/html/rfc6902#section-4 - properties: - from: - description: |- - From contains a JSON-pointer value that references a location within the target document where the operation is - performed. The meaning of the value depends on the value of Op, and is NOT taken into account by all operations. - type: string - op: - description: |- - Op indicates the operation to perform. Its value MUST be one of "add", "remove", "replace", "move", "copy", or - "test". - https://datatracker.ietf.org/doc/html/rfc6902#section-4 - enum: - - test - - remove - - add - - replace - - move - - copy - type: string - path: - description: |- - Path contains the JSON-pointer value that references a location within the target document where the operation - is performed. The meaning of the value depends on the value of Op. - type: string - value: - description: |- - Value contains a valid JSON structure. The meaning of the value depends on the value of Op, and is NOT taken into - account by all operations. - x-kubernetes-preserve-unknown-fields: true - required: - - op - - path - type: object - type: array - target: - description: Target points to the resources that the - patch document should be applied to. - properties: - annotationSelector: - description: |- - AnnotationSelector is a string that follows the label selection expression - https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource annotations. - type: string - group: - description: |- - Group is the API group to select resources from. - Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - kind: - description: |- - Kind of the API Group to select resources from. - Together with Group and Version it is capable of unambiguously - identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - labelSelector: - description: |- - LabelSelector is a string that follows the label selection expression - https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource labels. - type: string - name: - description: Name to match resources with. - type: string - namespace: - description: Namespace to select resources from. - type: string - version: - description: |- - Version of the API Group to select resources from. - Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - type: object - required: - - patch - - target - type: object - type: array - patchesStrategicMerge: - description: |- - Strategic merge patches, defined as inline YAML objects. - Deprecated: use Patches instead. - items: - x-kubernetes-preserve-unknown-fields: true - type: array - type: object - type: object - type: array - releaseName: - description: |- - ReleaseName used for the Helm release. Defaults to a composition of - '[TargetNamespace-]Name'. - maxLength: 53 - minLength: 1 - type: string - rollback: - description: Rollback holds the configuration for Helm rollback actions - for this HelmRelease. - properties: - cleanupOnFail: - description: |- - CleanupOnFail allows deletion of new resources created during the Helm - rollback action when it fails. - type: boolean - disableHooks: - description: DisableHooks prevents hooks from running during the - Helm rollback action. - type: boolean - disableWait: - description: |- - DisableWait disables the waiting for resources to be ready after a Helm - rollback has been performed. - type: boolean - disableWaitForJobs: - description: |- - DisableWaitForJobs disables waiting for jobs to complete after a Helm - rollback has been performed. - type: boolean - force: - description: Force forces resource updates through a replacement - strategy. - type: boolean - recreate: - description: Recreate performs pod restarts for the resource if - applicable. - type: boolean - timeout: - description: |- - Timeout is the time to wait for any individual Kubernetes operation (like - Jobs for hooks) during the performance of a Helm rollback action. Defaults to - 'HelmReleaseSpec.Timeout'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - type: object - serviceAccountName: - description: |- - The name of the Kubernetes service account to impersonate - when reconciling this HelmRelease. - maxLength: 253 - minLength: 1 - type: string - storageNamespace: - description: |- - StorageNamespace used for the Helm storage. - Defaults to the namespace of the HelmRelease. - maxLength: 63 - minLength: 1 - type: string - suspend: - description: |- - Suspend tells the controller to suspend reconciliation for this HelmRelease, - it does not apply to already started reconciliations. Defaults to false. - type: boolean - targetNamespace: - description: |- - TargetNamespace to target when performing operations for the HelmRelease. - Defaults to the namespace of the HelmRelease. - maxLength: 63 - minLength: 1 - type: string - test: - description: Test holds the configuration for Helm test actions for - this HelmRelease. - properties: - enable: - description: |- - Enable enables Helm test actions for this HelmRelease after an Helm install - or upgrade action has been performed. - type: boolean - filters: - description: Filters is a list of tests to run or exclude from - running. - items: - description: Filter holds the configuration for individual Helm - test filters. - properties: - exclude: - description: Exclude specifies whether the named test should - be excluded. - type: boolean - name: - description: Name is the name of the test. - maxLength: 253 - minLength: 1 - type: string - required: - - name - type: object - type: array - ignoreFailures: - description: |- - IgnoreFailures tells the controller to skip remediation when the Helm tests - are run but fail. Can be overwritten for tests run after install or upgrade - actions in 'Install.IgnoreTestFailures' and 'Upgrade.IgnoreTestFailures'. - type: boolean - timeout: - description: |- - Timeout is the time to wait for any individual Kubernetes operation during - the performance of a Helm test action. Defaults to 'HelmReleaseSpec.Timeout'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - type: object - timeout: - description: |- - Timeout is the time to wait for any individual Kubernetes operation (like Jobs - for hooks) during the performance of a Helm action. Defaults to '5m0s'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - uninstall: - description: Uninstall holds the configuration for Helm uninstall - actions for this HelmRelease. - properties: - deletionPropagation: - default: background - description: |- - DeletionPropagation specifies the deletion propagation policy when - a Helm uninstall is performed. - enum: - - background - - foreground - - orphan - type: string - disableHooks: - description: DisableHooks prevents hooks from running during the - Helm rollback action. - type: boolean - disableWait: - description: |- - DisableWait disables waiting for all the resources to be deleted after - a Helm uninstall is performed. - type: boolean - keepHistory: - description: |- - KeepHistory tells Helm to remove all associated resources and mark the - release as deleted, but retain the release history. - type: boolean - timeout: - description: |- - Timeout is the time to wait for any individual Kubernetes operation (like - Jobs for hooks) during the performance of a Helm uninstall action. Defaults - to 'HelmReleaseSpec.Timeout'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - type: object - upgrade: - description: Upgrade holds the configuration for Helm upgrade actions - for this HelmRelease. - properties: - cleanupOnFail: - description: |- - CleanupOnFail allows deletion of new resources created during the Helm - upgrade action when it fails. - type: boolean - crds: - description: |- - CRDs upgrade CRDs from the Helm Chart's crds directory according - to the CRD upgrade policy provided here. Valid values are `Skip`, - `Create` or `CreateReplace`. Default is `Skip` and if omitted - CRDs are neither installed nor upgraded. - - - Skip: do neither install nor replace (update) any CRDs. - - - Create: new CRDs are created, existing CRDs are neither updated nor deleted. - - - CreateReplace: new CRDs are created, existing CRDs are updated (replaced) - but not deleted. - - - By default, CRDs are not applied during Helm upgrade action. With this - option users can opt-in to CRD upgrade, which is not (yet) natively supported by Helm. - https://helm.sh/docs/chart_best_practices/custom_resource_definitions. - enum: - - Skip - - Create - - CreateReplace - type: string - disableHooks: - description: DisableHooks prevents hooks from running during the - Helm upgrade action. - type: boolean - disableOpenAPIValidation: - description: |- - DisableOpenAPIValidation prevents the Helm upgrade action from validating - rendered templates against the Kubernetes OpenAPI Schema. - type: boolean - disableWait: - description: |- - DisableWait disables the waiting for resources to be ready after a Helm - upgrade has been performed. - type: boolean - disableWaitForJobs: - description: |- - DisableWaitForJobs disables waiting for jobs to complete after a Helm - upgrade has been performed. - type: boolean - force: - description: Force forces resource updates through a replacement - strategy. - type: boolean - preserveValues: - description: |- - PreserveValues will make Helm reuse the last release's values and merge in - overrides from 'Values'. Setting this flag makes the HelmRelease - non-declarative. - type: boolean - remediation: - description: |- - Remediation holds the remediation configuration for when the Helm upgrade - action for the HelmRelease fails. The default is to not perform any action. - properties: - ignoreTestFailures: - description: |- - IgnoreTestFailures tells the controller to skip remediation when the Helm - tests are run after an upgrade action but fail. - Defaults to 'Test.IgnoreFailures'. - type: boolean - remediateLastFailure: - description: |- - RemediateLastFailure tells the controller to remediate the last failure, when - no retries remain. Defaults to 'false' unless 'Retries' is greater than 0. - type: boolean - retries: - description: |- - Retries is the number of retries that should be attempted on failures before - bailing. Remediation, using 'Strategy', is performed between each attempt. - Defaults to '0', a negative integer equals to unlimited retries. - type: integer - strategy: - description: Strategy to use for failure remediation. Defaults - to 'rollback'. - enum: - - rollback - - uninstall - type: string - type: object - timeout: - description: |- - Timeout is the time to wait for any individual Kubernetes operation (like - Jobs for hooks) during the performance of a Helm upgrade action. Defaults to - 'HelmReleaseSpec.Timeout'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - type: object - values: - description: Values holds the values for this Helm release. - x-kubernetes-preserve-unknown-fields: true - valuesFrom: - description: |- - ValuesFrom holds references to resources containing Helm values for this HelmRelease, - and information about how they should be merged. - items: - description: |- - ValuesReference contains a reference to a resource containing Helm values, - and optionally the key they can be found at. - properties: - kind: - description: Kind of the values referent, valid values are ('Secret', - 'ConfigMap'). - enum: - - Secret - - ConfigMap - type: string - name: - description: |- - Name of the values referent. Should reside in the same namespace as the - referring resource. - maxLength: 253 - minLength: 1 - type: string - optional: - description: |- - Optional marks this ValuesReference as optional. When set, a not found error - for the values reference is ignored, but any ValuesKey, TargetPath or - transient error will still result in a reconciliation failure. - type: boolean - targetPath: - description: |- - TargetPath is the YAML dot notation path the value should be merged at. When - set, the ValuesKey is expected to be a single flat value. Defaults to 'None', - which results in the values getting merged at the root. - maxLength: 250 - pattern: ^([a-zA-Z0-9_\-.\\\/]|\[[0-9]{1,5}\])+$ - type: string - valuesKey: - description: |- - ValuesKey is the data key where the values.yaml or a specific value can be - found at. Defaults to 'values.yaml'. - maxLength: 253 - pattern: ^[\-._a-zA-Z0-9]+$ - type: string - required: - - kind - - name - type: object - type: array - required: - - interval - type: object - x-kubernetes-validations: - - message: either chart or chartRef must be set - rule: (has(self.chart) && !has(self.chartRef)) || (!has(self.chart) - && has(self.chartRef)) - status: - default: - observedGeneration: -1 - description: HelmReleaseStatus defines the observed state of a HelmRelease. - properties: - conditions: - description: Conditions holds the conditions for the HelmRelease. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - failures: - description: |- - Failures is the reconciliation failure count against the latest desired - state. It is reset after a successful reconciliation. - format: int64 - type: integer - helmChart: - description: |- - HelmChart is the namespaced name of the HelmChart resource created by - the controller for the HelmRelease. - type: string - history: - description: |- - History holds the history of Helm releases performed for this HelmRelease - up to the last successfully completed release. - items: - description: |- - Snapshot captures a point-in-time copy of the status information for a Helm release, - as managed by the controller. - properties: - apiVersion: - description: |- - APIVersion is the API version of the Snapshot. - Provisional: when the calculation method of the Digest field is changed, - this field will be used to distinguish between the old and new methods. - type: string - appVersion: - description: AppVersion is the chart app version of the release - object in storage. - type: string - chartName: - description: ChartName is the chart name of the release object - in storage. - type: string - chartVersion: - description: |- - ChartVersion is the chart version of the release object in - storage. - type: string - configDigest: - description: |- - ConfigDigest is the checksum of the config (better known as - "values") of the release object in storage. - It has the format of `:`. - type: string - deleted: - description: Deleted is when the release was deleted. - format: date-time - type: string - digest: - description: |- - Digest is the checksum of the release object in storage. - It has the format of `:`. - type: string - firstDeployed: - description: FirstDeployed is when the release was first deployed. - format: date-time - type: string - lastDeployed: - description: LastDeployed is when the release was last deployed. - format: date-time - type: string - name: - description: Name is the name of the release. - type: string - namespace: - description: Namespace is the namespace the release is deployed - to. - type: string - ociDigest: - description: OCIDigest is the digest of the OCI artifact associated - with the release. - type: string - status: - description: Status is the current state of the release. - type: string - testHooks: - additionalProperties: - description: |- - TestHookStatus holds the status information for a test hook as observed - to be run by the controller. - properties: - lastCompleted: - description: LastCompleted is the time the test hook last - completed. - format: date-time - type: string - lastStarted: - description: LastStarted is the time the test hook was - last started. - format: date-time - type: string - phase: - description: Phase the test hook was observed to be in. - type: string - type: object - description: |- - TestHooks is the list of test hooks for the release as observed to be - run by the controller. - type: object - version: - description: Version is the version of the release object in - storage. - type: integer - required: - - chartName - - chartVersion - - configDigest - - digest - - firstDeployed - - lastDeployed - - name - - namespace - - status - - version - type: object - type: array - installFailures: - description: |- - InstallFailures is the install failure count against the latest desired - state. It is reset after a successful reconciliation. - format: int64 - type: integer - lastAppliedRevision: - description: |- - LastAppliedRevision is the revision of the last successfully applied - source. - Deprecated: the revision can now be found in the History. - type: string - lastAttemptedConfigDigest: - description: |- - LastAttemptedConfigDigest is the digest for the config (better known as - "values") of the last reconciliation attempt. - type: string - lastAttemptedGeneration: - description: |- - LastAttemptedGeneration is the last generation the controller attempted - to reconcile. - format: int64 - type: integer - lastAttemptedReleaseAction: - description: |- - LastAttemptedReleaseAction is the last release action performed for this - HelmRelease. It is used to determine the active remediation strategy. - enum: - - install - - upgrade - type: string - lastAttemptedRevision: - description: |- - LastAttemptedRevision is the Source revision of the last reconciliation - attempt. For OCIRepository sources, the 12 first characters of the digest are - appended to the chart version e.g. "1.2.3+1234567890ab". - type: string - lastAttemptedRevisionDigest: - description: |- - LastAttemptedRevisionDigest is the digest of the last reconciliation attempt. - This is only set for OCIRepository sources. - type: string - lastAttemptedValuesChecksum: - description: |- - LastAttemptedValuesChecksum is the SHA1 checksum for the values of the last - reconciliation attempt. - Deprecated: Use LastAttemptedConfigDigest instead. - type: string - lastHandledForceAt: - description: |- - LastHandledForceAt holds the value of the most recent force request - value, so a change of the annotation value can be detected. - type: string - lastHandledReconcileAt: - description: |- - LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value - can be detected. - type: string - lastHandledResetAt: - description: |- - LastHandledResetAt holds the value of the most recent reset request - value, so a change of the annotation value can be detected. - type: string - lastReleaseRevision: - description: |- - LastReleaseRevision is the revision of the last successful Helm release. - Deprecated: Use History instead. - type: integer - observedGeneration: - description: ObservedGeneration is the last observed generation. - format: int64 - type: integer - observedPostRenderersDigest: - description: |- - ObservedPostRenderersDigest is the digest for the post-renderers of - the last successful reconciliation attempt. - type: string - storageNamespace: - description: |- - StorageNamespace is the namespace of the Helm release storage for the - current release. - maxLength: 63 - minLength: 1 - type: string - upgradeFailures: - description: |- - UpgradeFailures is the upgrade failure count against the latest desired - state. It is reset after a successful reconciliation. - format: int64 - type: integer - type: object - type: object - served: true - storage: false - subresources: - status: {} ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - labels: - app.kubernetes.io/component: helm-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.3.0 - name: helm-controller - namespace: flux-system ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app.kubernetes.io/component: helm-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.3.0 - control-plane: controller - name: helm-controller - namespace: flux-system -spec: - replicas: 1 - selector: - matchLabels: - app: helm-controller - template: - metadata: - annotations: - prometheus.io/port: "8080" - prometheus.io/scrape: "true" - labels: - app: helm-controller - spec: - containers: - - args: - - --events-addr=http://notification-controller.flux-system.svc.cluster.local./ - - --watch-all-namespaces=true - - --log-level=info - - --log-encoding=json - - --enable-leader-election - env: - - name: RUNTIME_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: GOMAXPROCS - valueFrom: - resourceFieldRef: - containerName: manager - resource: limits.cpu - - name: GOMEMLIMIT - valueFrom: - resourceFieldRef: - containerName: manager - resource: limits.memory - image: ghcr.io/fluxcd/helm-controller:v1.0.1 - imagePullPolicy: IfNotPresent - livenessProbe: - httpGet: - path: /healthz - port: healthz - name: manager - ports: - - containerPort: 8080 - name: http-prom - protocol: TCP - - containerPort: 9440 - name: healthz - protocol: TCP - readinessProbe: - httpGet: - path: /readyz - port: healthz - resources: - limits: - cpu: 1000m - memory: 1Gi - requests: - cpu: 100m - memory: 64Mi - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - runAsNonRoot: true - seccompProfile: - type: RuntimeDefault - volumeMounts: - - mountPath: /tmp - name: temp - nodeSelector: - kubernetes.io/os: linux - priorityClassName: system-cluster-critical - securityContext: - fsGroup: 1337 - serviceAccountName: helm-controller - terminationGracePeriodSeconds: 600 - volumes: - - emptyDir: {} - name: temp ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.15.0 - labels: - app.kubernetes.io/component: notification-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.3.0 - name: alerts.notification.toolkit.fluxcd.io -spec: - group: notification.toolkit.fluxcd.io - names: - kind: Alert - listKind: AlertList - plural: alerts - singular: alert - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - deprecated: true - deprecationWarning: v1beta1 Alert is deprecated, upgrade to v1beta3 - name: v1beta1 - schema: - openAPIV3Schema: - description: Alert is the Schema for the alerts API - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: AlertSpec defines an alerting rule for events involving a - list of objects - properties: - eventSeverity: - default: info - description: |- - Filter events based on severity, defaults to ('info'). - If set to 'info' no events will be filtered. - enum: - - info - - error - type: string - eventSources: - description: Filter events based on the involved objects. - items: - description: |- - CrossNamespaceObjectReference contains enough information to let you locate the - typed referenced object at cluster level - properties: - apiVersion: - description: API version of the referent - type: string - kind: - description: Kind of the referent - enum: - - Bucket - - GitRepository - - Kustomization - - HelmRelease - - HelmChart - - HelmRepository - - ImageRepository - - ImagePolicy - - ImageUpdateAutomation - - OCIRepository - type: string - matchLabels: - additionalProperties: - type: string - description: |- - MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - name: - description: Name of the referent - maxLength: 53 - minLength: 1 - type: string - namespace: - description: Namespace of the referent - maxLength: 53 - minLength: 1 - type: string - required: - - name - type: object - type: array - exclusionList: - description: A list of Golang regular expressions to be used for excluding - messages. - items: - type: string - type: array - providerRef: - description: Send events using this provider. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - summary: - description: Short description of the impact and affected cluster. - type: string - suspend: - description: |- - This flag tells the controller to suspend subsequent events dispatching. - Defaults to false. - type: boolean - required: - - eventSources - - providerRef - type: object - status: - default: - observedGeneration: -1 - description: AlertStatus defines the observed state of Alert - properties: - conditions: - items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - observedGeneration: - description: ObservedGeneration is the last observed generation. - format: int64 - type: integer - type: object - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - deprecated: true - deprecationWarning: v1beta2 Alert is deprecated, upgrade to v1beta3 - name: v1beta2 - schema: - openAPIV3Schema: - description: Alert is the Schema for the alerts API - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: AlertSpec defines an alerting rule for events involving a - list of objects. - properties: - eventMetadata: - additionalProperties: - type: string - description: |- - EventMetadata is an optional field for adding metadata to events dispatched by the - controller. This can be used for enhancing the context of the event. If a field - would override one already present on the original event as generated by the emitter, - then the override doesn't happen, i.e. the original value is preserved, and an info - log is printed. - type: object - eventSeverity: - default: info - description: |- - EventSeverity specifies how to filter events based on severity. - If set to 'info' no events will be filtered. - enum: - - info - - error - type: string - eventSources: - description: |- - EventSources specifies how to filter events based - on the involved object kind, name and namespace. - items: - description: |- - CrossNamespaceObjectReference contains enough information to let you locate the - typed referenced object at cluster level - properties: - apiVersion: - description: API version of the referent - type: string - kind: - description: Kind of the referent - enum: - - Bucket - - GitRepository - - Kustomization - - HelmRelease - - HelmChart - - HelmRepository - - ImageRepository - - ImagePolicy - - ImageUpdateAutomation - - OCIRepository - type: string - matchLabels: - additionalProperties: - type: string - description: |- - MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - MatchLabels requires the name to be set to `*`. - type: object - name: - description: |- - Name of the referent - If multiple resources are targeted `*` may be set. - maxLength: 53 - minLength: 1 - type: string - namespace: - description: Namespace of the referent - maxLength: 53 - minLength: 1 - type: string - required: - - kind - - name - type: object - type: array - exclusionList: - description: |- - ExclusionList specifies a list of Golang regular expressions - to be used for excluding messages. - items: - type: string - type: array - inclusionList: - description: |- - InclusionList specifies a list of Golang regular expressions - to be used for including messages. - items: - type: string - type: array - providerRef: - description: ProviderRef specifies which Provider this Alert should - use. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - summary: - description: Summary holds a short description of the impact and affected - cluster. - maxLength: 255 - type: string - suspend: - description: |- - Suspend tells the controller to suspend subsequent - events handling for this Alert. - type: boolean - required: - - eventSources - - providerRef - type: object - status: - default: - observedGeneration: -1 - description: AlertStatus defines the observed state of the Alert. - properties: - conditions: - description: Conditions holds the conditions for the Alert. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - lastHandledReconcileAt: - description: |- - LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value - can be detected. - type: string - observedGeneration: - description: ObservedGeneration is the last observed generation. - format: int64 - type: integer - type: object - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1beta3 - schema: - openAPIV3Schema: - description: Alert is the Schema for the alerts API - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: AlertSpec defines an alerting rule for events involving a - list of objects. - properties: - eventMetadata: - additionalProperties: - type: string - description: |- - EventMetadata is an optional field for adding metadata to events dispatched by the - controller. This can be used for enhancing the context of the event. If a field - would override one already present on the original event as generated by the emitter, - then the override doesn't happen, i.e. the original value is preserved, and an info - log is printed. - type: object - eventSeverity: - default: info - description: |- - EventSeverity specifies how to filter events based on severity. - If set to 'info' no events will be filtered. - enum: - - info - - error - type: string - eventSources: - description: |- - EventSources specifies how to filter events based - on the involved object kind, name and namespace. - items: - description: |- - CrossNamespaceObjectReference contains enough information to let you locate the - typed referenced object at cluster level - properties: - apiVersion: - description: API version of the referent - type: string - kind: - description: Kind of the referent - enum: - - Bucket - - GitRepository - - Kustomization - - HelmRelease - - HelmChart - - HelmRepository - - ImageRepository - - ImagePolicy - - ImageUpdateAutomation - - OCIRepository - type: string - matchLabels: - additionalProperties: - type: string - description: |- - MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - MatchLabels requires the name to be set to `*`. - type: object - name: - description: |- - Name of the referent - If multiple resources are targeted `*` may be set. - maxLength: 53 - minLength: 1 - type: string - namespace: - description: Namespace of the referent - maxLength: 53 - minLength: 1 - type: string - required: - - kind - - name - type: object - type: array - exclusionList: - description: |- - ExclusionList specifies a list of Golang regular expressions - to be used for excluding messages. - items: - type: string - type: array - inclusionList: - description: |- - InclusionList specifies a list of Golang regular expressions - to be used for including messages. - items: - type: string - type: array - providerRef: - description: ProviderRef specifies which Provider this Alert should - use. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - summary: - description: Summary holds a short description of the impact and affected - cluster. - maxLength: 255 - type: string - suspend: - description: |- - Suspend tells the controller to suspend subsequent - events handling for this Alert. - type: boolean - required: - - eventSources - - providerRef - type: object - type: object - served: true - storage: true - subresources: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.15.0 - labels: - app.kubernetes.io/component: notification-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.3.0 - name: providers.notification.toolkit.fluxcd.io -spec: - group: notification.toolkit.fluxcd.io - names: - kind: Provider - listKind: ProviderList - plural: providers - singular: provider - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - deprecated: true - deprecationWarning: v1beta1 Provider is deprecated, upgrade to v1beta3 - name: v1beta1 - schema: - openAPIV3Schema: - description: Provider is the Schema for the providers API - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: ProviderSpec defines the desired state of Provider - properties: - address: - description: HTTP/S webhook address of this provider - pattern: ^(http|https):// - type: string - certSecretRef: - description: |- - CertSecretRef can be given the name of a secret containing - a PEM-encoded CA certificate (`caFile`) - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - channel: - description: Alert channel for this provider - type: string - proxy: - description: HTTP/S address of the proxy - pattern: ^(http|https):// - type: string - secretRef: - description: |- - Secret reference containing the provider webhook URL - using "address" as data key - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - suspend: - description: |- - This flag tells the controller to suspend subsequent events handling. - Defaults to false. - type: boolean - timeout: - description: Timeout for sending alerts to the provider. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ - type: string - type: - description: Type of provider - enum: - - slack - - discord - - msteams - - rocket - - generic - - generic-hmac - - github - - gitlab - - bitbucket - - azuredevops - - googlechat - - webex - - sentry - - azureeventhub - - telegram - - lark - - matrix - - opsgenie - - alertmanager - - grafana - - githubdispatch - type: string - username: - description: Bot username for this provider - type: string - required: - - type - type: object - status: - default: - observedGeneration: -1 - description: ProviderStatus defines the observed state of Provider - properties: - conditions: - items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - observedGeneration: - description: ObservedGeneration is the last reconciled generation. - format: int64 - type: integer - type: object - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - deprecated: true - deprecationWarning: v1beta2 Provider is deprecated, upgrade to v1beta3 - name: v1beta2 - schema: - openAPIV3Schema: - description: Provider is the Schema for the providers API. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: ProviderSpec defines the desired state of the Provider. - properties: - address: - description: |- - Address specifies the endpoint, in a generic sense, to where alerts are sent. - What kind of endpoint depends on the specific Provider type being used. - For the generic Provider, for example, this is an HTTP/S address. - For other Provider types this could be a project ID or a namespace. - maxLength: 2048 - type: string - certSecretRef: - description: |- - CertSecretRef specifies the Secret containing - a PEM-encoded CA certificate (in the `ca.crt` key). - - - Note: Support for the `caFile` key has - been deprecated. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - channel: - description: Channel specifies the destination channel where events - should be posted. - maxLength: 2048 - type: string - interval: - description: Interval at which to reconcile the Provider with its - Secret references. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - proxy: - description: Proxy the HTTP/S address of the proxy server. - maxLength: 2048 - pattern: ^(http|https)://.*$ - type: string - secretRef: - description: |- - SecretRef specifies the Secret containing the authentication - credentials for this Provider. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - suspend: - description: |- - Suspend tells the controller to suspend subsequent - events handling for this Provider. - type: boolean - timeout: - description: Timeout for sending alerts to the Provider. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ - type: string - type: - description: Type specifies which Provider implementation to use. - enum: - - slack - - discord - - msteams - - rocket - - generic - - generic-hmac - - github - - gitlab - - gitea - - bitbucketserver - - bitbucket - - azuredevops - - googlechat - - googlepubsub - - webex - - sentry - - azureeventhub - - telegram - - lark - - matrix - - opsgenie - - alertmanager - - grafana - - githubdispatch - - pagerduty - - datadog - type: string - username: - description: Username specifies the name under which events are posted. - maxLength: 2048 - type: string - required: - - type - type: object - status: - default: - observedGeneration: -1 - description: ProviderStatus defines the observed state of the Provider. - properties: - conditions: - description: Conditions holds the conditions for the Provider. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - lastHandledReconcileAt: - description: |- - LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value - can be detected. - type: string - observedGeneration: - description: ObservedGeneration is the last reconciled generation. - format: int64 - type: integer - type: object - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1beta3 - schema: - openAPIV3Schema: - description: Provider is the Schema for the providers API - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: ProviderSpec defines the desired state of the Provider. - properties: - address: - description: |- - Address specifies the endpoint, in a generic sense, to where alerts are sent. - What kind of endpoint depends on the specific Provider type being used. - For the generic Provider, for example, this is an HTTP/S address. - For other Provider types this could be a project ID or a namespace. - maxLength: 2048 - type: string - certSecretRef: - description: |- - CertSecretRef specifies the Secret containing - a PEM-encoded CA certificate (in the `ca.crt` key). - - - Note: Support for the `caFile` key has - been deprecated. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - channel: - description: Channel specifies the destination channel where events - should be posted. - maxLength: 2048 - type: string - interval: - description: |- - Interval at which to reconcile the Provider with its Secret references. - Deprecated and not used in v1beta3. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - proxy: - description: Proxy the HTTP/S address of the proxy server. - maxLength: 2048 - pattern: ^(http|https)://.*$ - type: string - secretRef: - description: |- - SecretRef specifies the Secret containing the authentication - credentials for this Provider. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - suspend: - description: |- - Suspend tells the controller to suspend subsequent - events handling for this Provider. - type: boolean - timeout: - description: Timeout for sending alerts to the Provider. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ - type: string - type: - description: Type specifies which Provider implementation to use. - enum: - - slack - - discord - - msteams - - rocket - - generic - - generic-hmac - - github - - gitlab - - gitea - - bitbucketserver - - bitbucket - - azuredevops - - googlechat - - googlepubsub - - webex - - sentry - - azureeventhub - - telegram - - lark - - matrix - - opsgenie - - alertmanager - - grafana - - githubdispatch - - pagerduty - - datadog - - nats - type: string - username: - description: Username specifies the name under which events are posted. - maxLength: 2048 - type: string - required: - - type - type: object - type: object - served: true - storage: true - subresources: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.15.0 - labels: - app.kubernetes.io/component: notification-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.3.0 - name: receivers.notification.toolkit.fluxcd.io -spec: - group: notification.toolkit.fluxcd.io - names: - kind: Receiver - listKind: ReceiverList - plural: receivers - singular: receiver - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - name: v1 - schema: - openAPIV3Schema: - description: Receiver is the Schema for the receivers API. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: ReceiverSpec defines the desired state of the Receiver. - properties: - events: - description: |- - Events specifies the list of event types to handle, - e.g. 'push' for GitHub or 'Push Hook' for GitLab. - items: - type: string - type: array - interval: - default: 10m - description: Interval at which to reconcile the Receiver with its - Secret references. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - resources: - description: A list of resources to be notified about changes. - items: - description: |- - CrossNamespaceObjectReference contains enough information to let you locate the - typed referenced object at cluster level - properties: - apiVersion: - description: API version of the referent - type: string - kind: - description: Kind of the referent - enum: - - Bucket - - GitRepository - - Kustomization - - HelmRelease - - HelmChart - - HelmRepository - - ImageRepository - - ImagePolicy - - ImageUpdateAutomation - - OCIRepository - type: string - matchLabels: - additionalProperties: - type: string - description: |- - MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - MatchLabels requires the name to be set to `*`. - type: object - name: - description: |- - Name of the referent - If multiple resources are targeted `*` may be set. - maxLength: 53 - minLength: 1 - type: string - namespace: - description: Namespace of the referent - maxLength: 53 - minLength: 1 - type: string - required: - - kind - - name - type: object - type: array - secretRef: - description: |- - SecretRef specifies the Secret containing the token used - to validate the payload authenticity. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - suspend: - description: |- - Suspend tells the controller to suspend subsequent - events handling for this receiver. - type: boolean - type: - description: |- - Type of webhook sender, used to determine - the validation procedure and payload deserialization. - enum: - - generic - - generic-hmac - - github - - gitlab - - bitbucket - - harbor - - dockerhub - - quay - - gcr - - nexus - - acr - - cdevents - type: string - required: - - resources - - secretRef - - type - type: object - status: - default: - observedGeneration: -1 - description: ReceiverStatus defines the observed state of the Receiver. - properties: - conditions: - description: Conditions holds the conditions for the Receiver. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - lastHandledReconcileAt: - description: |- - LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value - can be detected. - type: string - observedGeneration: - description: ObservedGeneration is the last observed generation of - the Receiver object. - format: int64 - type: integer - webhookPath: - description: |- - WebhookPath is the generated incoming webhook address in the format - of '/hook/sha256sum(token+name+namespace)'. - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - deprecated: true - deprecationWarning: v1beta1 Receiver is deprecated, upgrade to v1 - name: v1beta1 - schema: - openAPIV3Schema: - description: Receiver is the Schema for the receivers API - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: ReceiverSpec defines the desired state of Receiver - properties: - events: - description: |- - A list of events to handle, - e.g. 'push' for GitHub or 'Push Hook' for GitLab. - items: - type: string - type: array - resources: - description: A list of resources to be notified about changes. - items: - description: |- - CrossNamespaceObjectReference contains enough information to let you locate the - typed referenced object at cluster level - properties: - apiVersion: - description: API version of the referent - type: string - kind: - description: Kind of the referent - enum: - - Bucket - - GitRepository - - Kustomization - - HelmRelease - - HelmChart - - HelmRepository - - ImageRepository - - ImagePolicy - - ImageUpdateAutomation - - OCIRepository - type: string - matchLabels: - additionalProperties: - type: string - description: |- - MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - name: - description: Name of the referent - maxLength: 53 - minLength: 1 - type: string - namespace: - description: Namespace of the referent - maxLength: 53 - minLength: 1 - type: string - required: - - name - type: object - type: array - secretRef: - description: |- - Secret reference containing the token used - to validate the payload authenticity - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - suspend: - description: |- - This flag tells the controller to suspend subsequent events handling. - Defaults to false. - type: boolean - type: - description: |- - Type of webhook sender, used to determine - the validation procedure and payload deserialization. - enum: - - generic - - generic-hmac - - github - - gitlab - - bitbucket - - harbor - - dockerhub - - quay - - gcr - - nexus - - acr - type: string - required: - - resources - - type - type: object - status: - default: - observedGeneration: -1 - description: ReceiverStatus defines the observed state of Receiver - properties: - conditions: - items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - observedGeneration: - description: ObservedGeneration is the last observed generation. - format: int64 - type: integer - url: - description: |- - Generated webhook URL in the format - of '/hook/sha256sum(token+name+namespace)'. - type: string - type: object - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - deprecated: true - deprecationWarning: v1beta2 Receiver is deprecated, upgrade to v1 - name: v1beta2 - schema: - openAPIV3Schema: - description: Receiver is the Schema for the receivers API. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: ReceiverSpec defines the desired state of the Receiver. - properties: - events: - description: |- - Events specifies the list of event types to handle, - e.g. 'push' for GitHub or 'Push Hook' for GitLab. - items: - type: string - type: array - interval: - description: Interval at which to reconcile the Receiver with its - Secret references. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - resources: - description: A list of resources to be notified about changes. - items: - description: |- - CrossNamespaceObjectReference contains enough information to let you locate the - typed referenced object at cluster level - properties: - apiVersion: - description: API version of the referent - type: string - kind: - description: Kind of the referent - enum: - - Bucket - - GitRepository - - Kustomization - - HelmRelease - - HelmChart - - HelmRepository - - ImageRepository - - ImagePolicy - - ImageUpdateAutomation - - OCIRepository - type: string - matchLabels: - additionalProperties: - type: string - description: |- - MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - MatchLabels requires the name to be set to `*`. - type: object - name: - description: |- - Name of the referent - If multiple resources are targeted `*` may be set. - maxLength: 53 - minLength: 1 - type: string - namespace: - description: Namespace of the referent - maxLength: 53 - minLength: 1 - type: string - required: - - kind - - name - type: object - type: array - secretRef: - description: |- - SecretRef specifies the Secret containing the token used - to validate the payload authenticity. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - suspend: - description: |- - Suspend tells the controller to suspend subsequent - events handling for this receiver. - type: boolean - type: - description: |- - Type of webhook sender, used to determine - the validation procedure and payload deserialization. - enum: - - generic - - generic-hmac - - github - - gitlab - - bitbucket - - harbor - - dockerhub - - quay - - gcr - - nexus - - acr - type: string - required: - - resources - - type - type: object - status: - default: - observedGeneration: -1 - description: ReceiverStatus defines the observed state of the Receiver. - properties: - conditions: - description: Conditions holds the conditions for the Receiver. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - lastHandledReconcileAt: - description: |- - LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value - can be detected. - type: string - observedGeneration: - description: ObservedGeneration is the last observed generation of - the Receiver object. - format: int64 - type: integer - url: - description: |- - URL is the generated incoming webhook address in the format - of '/hook/sha256sum(token+name+namespace)'. - Deprecated: Replaced by WebhookPath. - type: string - webhookPath: - description: |- - WebhookPath is the generated incoming webhook address in the format - of '/hook/sha256sum(token+name+namespace)'. - type: string - type: object - type: object - served: true - storage: false - subresources: - status: {} ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - labels: - app.kubernetes.io/component: notification-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.3.0 - name: notification-controller - namespace: flux-system ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app.kubernetes.io/component: notification-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.3.0 - control-plane: controller - name: notification-controller - namespace: flux-system -spec: - ports: - - name: http - port: 80 - protocol: TCP - targetPort: http - selector: - app: notification-controller - type: ClusterIP ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app.kubernetes.io/component: notification-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.3.0 - control-plane: controller - name: webhook-receiver - namespace: flux-system -spec: - ports: - - name: http - port: 80 - protocol: TCP - targetPort: http-webhook - selector: - app: notification-controller - type: ClusterIP ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app.kubernetes.io/component: notification-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.3.0 - control-plane: controller - name: notification-controller - namespace: flux-system -spec: - replicas: 1 - selector: - matchLabels: - app: notification-controller - template: - metadata: - annotations: - prometheus.io/port: "8080" - prometheus.io/scrape: "true" - labels: - app: notification-controller - spec: - containers: - - args: - - --watch-all-namespaces=true - - --log-level=info - - --log-encoding=json - - --enable-leader-election - env: - - name: RUNTIME_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: GOMAXPROCS - valueFrom: - resourceFieldRef: - containerName: manager - resource: limits.cpu - - name: GOMEMLIMIT - valueFrom: - resourceFieldRef: - containerName: manager - resource: limits.memory - image: ghcr.io/fluxcd/notification-controller:v1.3.0 - imagePullPolicy: IfNotPresent - livenessProbe: - httpGet: - path: /healthz - port: healthz - name: manager - ports: - - containerPort: 9090 - name: http - protocol: TCP - - containerPort: 9292 - name: http-webhook - protocol: TCP - - containerPort: 8080 - name: http-prom - protocol: TCP - - containerPort: 9440 - name: healthz - protocol: TCP - readinessProbe: - httpGet: - path: /readyz - port: healthz - resources: - limits: - cpu: 1000m - memory: 1Gi - requests: - cpu: 100m - memory: 64Mi - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - runAsNonRoot: true - seccompProfile: - type: RuntimeDefault - volumeMounts: - - mountPath: /tmp - name: temp - nodeSelector: - kubernetes.io/os: linux - securityContext: - fsGroup: 1337 - serviceAccountName: notification-controller - terminationGracePeriodSeconds: 10 - volumes: - - emptyDir: {} - name: temp diff --git a/flux/clusters/production/flux-system/gotk-sync.yaml b/flux/clusters/production/flux-system/gotk-sync.yaml deleted file mode 100644 index 00a6fbd..0000000 --- a/flux/clusters/production/flux-system/gotk-sync.yaml +++ /dev/null @@ -1,27 +0,0 @@ -# This manifest was generated by flux. DO NOT EDIT. ---- -apiVersion: source.toolkit.fluxcd.io/v1 -kind: GitRepository -metadata: - name: flux-system - namespace: flux-system -spec: - interval: 1m0s - ref: - branch: main - secretRef: - name: flux-system - url: ssh://git@gitea.futureporn.net:2222/futureporn/fp ---- -apiVersion: kustomize.toolkit.fluxcd.io/v1 -kind: Kustomization -metadata: - name: flux-system - namespace: flux-system -spec: - interval: 10m0s - path: ./clusters/production - prune: true - sourceRef: - kind: GitRepository - name: flux-system diff --git a/flux/clusters/production/flux-system/kustomization.yaml b/flux/clusters/production/flux-system/kustomization.yaml deleted file mode 100644 index a3a32be..0000000 --- a/flux/clusters/production/flux-system/kustomization.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: - - gotk-components.yaml - - gotk-sync.yaml -labels: - - pairs: - toolkit.fluxcd.io/tenant: sre-team -patches: - - patch: | - - op: add - path: /spec/template/spec/containers/0/args/- - value: --concurrent=20 - - op: add - path: /spec/template/spec/containers/0/args/- - value: --requeue-dependency=5s - target: - kind: Deployment - name: "(kustomize-controller|helm-controller|source-controller)" diff --git a/flux/clusters/production/infrastructure.yaml b/flux/clusters/production/infrastructure.yaml deleted file mode 100644 index 72bc16f..0000000 --- a/flux/clusters/production/infrastructure.yaml +++ /dev/null @@ -1,56 +0,0 @@ ---- -apiVersion: kustomize.toolkit.fluxcd.io/v1 -kind: Kustomization -metadata: - name: infra-controllers - namespace: flux-system -spec: - interval: 1h - retryInterval: 1m - timeout: 5m - sourceRef: - kind: GitRepository - name: flux-system - path: ./flux/infrastructure/controllers - prune: true - wait: true - ---- -apiVersion: kustomize.toolkit.fluxcd.io/v1 -kind: Kustomization -metadata: - name: infra-configs - namespace: flux-system -spec: - dependsOn: - - name: infra-controllers - interval: 1h - retryInterval: 1m - timeout: 5m - sourceRef: - kind: GitRepository - name: flux-system - path: ./flux/infrastructure/configs - prune: true - patches: - - patch: | - - op: replace - path: /spec/acme/privateKeySecretRef/name - value: letsencrypt-production - target: - kind: ClusterIssuer - name: letsencrypt - - patch: | - - op: replace - path: /spec/acme/server - value: https://acme-staging-v02.api.letsencrypt.org/directory - target: - kind: ClusterIssuer - name: letsencrypt - - patch: | - - op: replace - path: /metadata/name - value: letsencrypt-production - target: - kind: ClusterIssuer - name: letsencrypt \ No newline at end of file diff --git a/flux/clusters/staging/apps.yaml b/flux/clusters/staging/apps.yaml deleted file mode 100644 index 1213410..0000000 --- a/flux/clusters/staging/apps.yaml +++ /dev/null @@ -1,16 +0,0 @@ -apiVersion: kustomize.toolkit.fluxcd.io/v1 -kind: Kustomization -metadata: - name: apps - namespace: flux-system -spec: - interval: 1m0s - dependsOn: - - name: infra-configs - sourceRef: - kind: GitRepository - name: flux-system - path: ./flux/apps/staging - prune: true - wait: true - timeout: 5m0s diff --git a/flux/clusters/staging/flux-system/gotk-components.yaml b/flux/clusters/staging/flux-system/gotk-components.yaml deleted file mode 100644 index 8fd99ab..0000000 --- a/flux/clusters/staging/flux-system/gotk-components.yaml +++ /dev/null @@ -1,12385 +0,0 @@ ---- -# This manifest was generated by flux. DO NOT EDIT. -# Flux Version: v2.3.0 -# Components: source-controller,kustomize-controller,helm-controller,notification-controller -apiVersion: v1 -kind: Namespace -metadata: - labels: - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.3.0 - pod-security.kubernetes.io/warn: restricted - pod-security.kubernetes.io/warn-version: latest - name: flux-system ---- -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - labels: - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.3.0 - name: allow-egress - namespace: flux-system -spec: - egress: - - {} - ingress: - - from: - - podSelector: {} - podSelector: {} - policyTypes: - - Ingress - - Egress ---- -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - labels: - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.3.0 - name: allow-scraping - namespace: flux-system -spec: - ingress: - - from: - - namespaceSelector: {} - ports: - - port: 8080 - protocol: TCP - podSelector: {} - policyTypes: - - Ingress ---- -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - labels: - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.3.0 - name: allow-webhooks - namespace: flux-system -spec: - ingress: - - from: - - namespaceSelector: {} - podSelector: - matchLabels: - app: notification-controller - policyTypes: - - Ingress ---- -apiVersion: v1 -kind: ResourceQuota -metadata: - labels: - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.3.0 - name: critical-pods-flux-system - namespace: flux-system -spec: - hard: - pods: "1000" - scopeSelector: - matchExpressions: - - operator: In - scopeName: PriorityClass - values: - - system-node-critical - - system-cluster-critical ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.3.0 - name: crd-controller-flux-system -rules: -- apiGroups: - - source.toolkit.fluxcd.io - resources: - - '*' - verbs: - - '*' -- apiGroups: - - kustomize.toolkit.fluxcd.io - resources: - - '*' - verbs: - - '*' -- apiGroups: - - helm.toolkit.fluxcd.io - resources: - - '*' - verbs: - - '*' -- apiGroups: - - notification.toolkit.fluxcd.io - resources: - - '*' - verbs: - - '*' -- apiGroups: - - image.toolkit.fluxcd.io - resources: - - '*' - verbs: - - '*' -- apiGroups: - - "" - resources: - - namespaces - - secrets - - configmaps - - serviceaccounts - verbs: - - get - - list - - watch -- apiGroups: - - "" - resources: - - events - verbs: - - create - - patch -- apiGroups: - - "" - resources: - - configmaps - verbs: - - get - - list - - watch - - create - - update - - patch - - delete -- apiGroups: - - "" - resources: - - configmaps/status - verbs: - - get - - update - - patch -- apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - get - - list - - watch - - create - - update - - patch - - delete -- nonResourceURLs: - - /livez/ping - verbs: - - head ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.3.0 - rbac.authorization.k8s.io/aggregate-to-admin: "true" - rbac.authorization.k8s.io/aggregate-to-edit: "true" - name: flux-edit-flux-system -rules: -- apiGroups: - - notification.toolkit.fluxcd.io - - source.toolkit.fluxcd.io - - helm.toolkit.fluxcd.io - - image.toolkit.fluxcd.io - - kustomize.toolkit.fluxcd.io - resources: - - '*' - verbs: - - create - - delete - - deletecollection - - patch - - update ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.3.0 - rbac.authorization.k8s.io/aggregate-to-admin: "true" - rbac.authorization.k8s.io/aggregate-to-edit: "true" - rbac.authorization.k8s.io/aggregate-to-view: "true" - name: flux-view-flux-system -rules: -- apiGroups: - - notification.toolkit.fluxcd.io - - source.toolkit.fluxcd.io - - helm.toolkit.fluxcd.io - - image.toolkit.fluxcd.io - - kustomize.toolkit.fluxcd.io - resources: - - '*' - verbs: - - get - - list - - watch ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - labels: - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.3.0 - name: cluster-reconciler-flux-system -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: cluster-admin -subjects: -- kind: ServiceAccount - name: kustomize-controller - namespace: flux-system -- kind: ServiceAccount - name: helm-controller - namespace: flux-system ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - labels: - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.3.0 - name: crd-controller-flux-system -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: crd-controller-flux-system -subjects: -- kind: ServiceAccount - name: kustomize-controller - namespace: flux-system -- kind: ServiceAccount - name: helm-controller - namespace: flux-system -- kind: ServiceAccount - name: source-controller - namespace: flux-system -- kind: ServiceAccount - name: notification-controller - namespace: flux-system -- kind: ServiceAccount - name: image-reflector-controller - namespace: flux-system -- kind: ServiceAccount - name: image-automation-controller - namespace: flux-system ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.15.0 - labels: - app.kubernetes.io/component: source-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.3.0 - name: buckets.source.toolkit.fluxcd.io -spec: - group: source.toolkit.fluxcd.io - names: - kind: Bucket - listKind: BucketList - plural: buckets - singular: bucket - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .spec.endpoint - name: Endpoint - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - deprecated: true - deprecationWarning: v1beta1 Bucket is deprecated, upgrade to v1beta2 - name: v1beta1 - schema: - openAPIV3Schema: - description: Bucket is the Schema for the buckets API - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: BucketSpec defines the desired state of an S3 compatible - bucket - properties: - accessFrom: - description: AccessFrom defines an Access Control List for allowing - cross-namespace references to this object. - properties: - namespaceSelectors: - description: |- - NamespaceSelectors is the list of namespace selectors to which this ACL applies. - Items in this list are evaluated using a logical OR operation. - items: - description: |- - NamespaceSelector selects the namespaces to which this ACL applies. - An empty map of MatchLabels matches all namespaces in a cluster. - properties: - matchLabels: - additionalProperties: - type: string - description: |- - MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - type: array - required: - - namespaceSelectors - type: object - bucketName: - description: The bucket name. - type: string - endpoint: - description: The bucket endpoint address. - type: string - ignore: - description: |- - Ignore overrides the set of excluded patterns in the .sourceignore format - (which is the same as .gitignore). If not provided, a default will be used, - consult the documentation for your version to find out what those are. - type: string - insecure: - description: Insecure allows connecting to a non-TLS S3 HTTP endpoint. - type: boolean - interval: - description: The interval at which to check for bucket updates. - type: string - provider: - default: generic - description: The S3 compatible storage provider name, default ('generic'). - enum: - - generic - - aws - - gcp - type: string - region: - description: The bucket region. - type: string - secretRef: - description: |- - The name of the secret containing authentication credentials - for the Bucket. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - suspend: - description: This flag tells the controller to suspend the reconciliation - of this source. - type: boolean - timeout: - default: 60s - description: The timeout for download operations, defaults to 60s. - type: string - required: - - bucketName - - endpoint - - interval - type: object - status: - default: - observedGeneration: -1 - description: BucketStatus defines the observed state of a bucket - properties: - artifact: - description: Artifact represents the output of the last successful - Bucket sync. - properties: - checksum: - description: Checksum is the SHA256 checksum of the artifact. - type: string - lastUpdateTime: - description: |- - LastUpdateTime is the timestamp corresponding to the last update of this - artifact. - format: date-time - type: string - path: - description: Path is the relative file path of this artifact. - type: string - revision: - description: |- - Revision is a human readable identifier traceable in the origin source - system. It can be a Git commit SHA, Git tag, a Helm index timestamp, a Helm - chart version, etc. - type: string - url: - description: URL is the HTTP address of this artifact. - type: string - required: - - path - - url - type: object - conditions: - description: Conditions holds the conditions for the Bucket. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - lastHandledReconcileAt: - description: |- - LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value - can be detected. - type: string - observedGeneration: - description: ObservedGeneration is the last observed generation. - format: int64 - type: integer - url: - description: URL is the download link for the artifact output of the - last Bucket sync. - type: string - type: object - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .spec.endpoint - name: Endpoint - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - name: v1beta2 - schema: - openAPIV3Schema: - description: Bucket is the Schema for the buckets API. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: |- - BucketSpec specifies the required configuration to produce an Artifact for - an object storage bucket. - properties: - accessFrom: - description: |- - AccessFrom specifies an Access Control List for allowing cross-namespace - references to this object. - NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092 - properties: - namespaceSelectors: - description: |- - NamespaceSelectors is the list of namespace selectors to which this ACL applies. - Items in this list are evaluated using a logical OR operation. - items: - description: |- - NamespaceSelector selects the namespaces to which this ACL applies. - An empty map of MatchLabels matches all namespaces in a cluster. - properties: - matchLabels: - additionalProperties: - type: string - description: |- - MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - type: array - required: - - namespaceSelectors - type: object - bucketName: - description: BucketName is the name of the object storage bucket. - type: string - endpoint: - description: Endpoint is the object storage address the BucketName - is located at. - type: string - ignore: - description: |- - Ignore overrides the set of excluded patterns in the .sourceignore format - (which is the same as .gitignore). If not provided, a default will be used, - consult the documentation for your version to find out what those are. - type: string - insecure: - description: Insecure allows connecting to a non-TLS HTTP Endpoint. - type: boolean - interval: - description: |- - Interval at which the Bucket Endpoint is checked for updates. - This interval is approximate and may be subject to jitter to ensure - efficient use of resources. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - prefix: - description: Prefix to use for server-side filtering of files in the - Bucket. - type: string - provider: - default: generic - description: |- - Provider of the object storage bucket. - Defaults to 'generic', which expects an S3 (API) compatible object - storage. - enum: - - generic - - aws - - gcp - - azure - type: string - region: - description: Region of the Endpoint where the BucketName is located - in. - type: string - secretRef: - description: |- - SecretRef specifies the Secret containing authentication credentials - for the Bucket. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - suspend: - description: |- - Suspend tells the controller to suspend the reconciliation of this - Bucket. - type: boolean - timeout: - default: 60s - description: Timeout for fetch operations, defaults to 60s. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ - type: string - required: - - bucketName - - endpoint - - interval - type: object - status: - default: - observedGeneration: -1 - description: BucketStatus records the observed state of a Bucket. - properties: - artifact: - description: Artifact represents the last successful Bucket reconciliation. - properties: - digest: - description: Digest is the digest of the file in the form of ':'. - pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ - type: string - lastUpdateTime: - description: |- - LastUpdateTime is the timestamp corresponding to the last update of the - Artifact. - format: date-time - type: string - metadata: - additionalProperties: - type: string - description: Metadata holds upstream information such as OCI annotations. - type: object - path: - description: |- - Path is the relative file path of the Artifact. It can be used to locate - the file in the root of the Artifact storage on the local file system of - the controller managing the Source. - type: string - revision: - description: |- - Revision is a human-readable identifier traceable in the origin source - system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. - type: string - size: - description: Size is the number of bytes in the file. - format: int64 - type: integer - url: - description: |- - URL is the HTTP address of the Artifact as exposed by the controller - managing the Source. It can be used to retrieve the Artifact for - consumption, e.g. by another controller applying the Artifact contents. - type: string - required: - - lastUpdateTime - - path - - revision - - url - type: object - conditions: - description: Conditions holds the conditions for the Bucket. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - lastHandledReconcileAt: - description: |- - LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value - can be detected. - type: string - observedGeneration: - description: ObservedGeneration is the last observed generation of - the Bucket object. - format: int64 - type: integer - observedIgnore: - description: |- - ObservedIgnore is the observed exclusion patterns used for constructing - the source artifact. - type: string - url: - description: |- - URL is the dynamic fetch link for the latest Artifact. - It is provided on a "best effort" basis, and using the precise - BucketStatus.Artifact data is recommended. - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.15.0 - labels: - app.kubernetes.io/component: source-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.3.0 - name: gitrepositories.source.toolkit.fluxcd.io -spec: - group: source.toolkit.fluxcd.io - names: - kind: GitRepository - listKind: GitRepositoryList - plural: gitrepositories - shortNames: - - gitrepo - singular: gitrepository - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .spec.url - name: URL - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - name: v1 - schema: - openAPIV3Schema: - description: GitRepository is the Schema for the gitrepositories API. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: |- - GitRepositorySpec specifies the required configuration to produce an - Artifact for a Git repository. - properties: - ignore: - description: |- - Ignore overrides the set of excluded patterns in the .sourceignore format - (which is the same as .gitignore). If not provided, a default will be used, - consult the documentation for your version to find out what those are. - type: string - include: - description: |- - Include specifies a list of GitRepository resources which Artifacts - should be included in the Artifact produced for this GitRepository. - items: - description: |- - GitRepositoryInclude specifies a local reference to a GitRepository which - Artifact (sub-)contents must be included, and where they should be placed. - properties: - fromPath: - description: |- - FromPath specifies the path to copy contents from, defaults to the root - of the Artifact. - type: string - repository: - description: |- - GitRepositoryRef specifies the GitRepository which Artifact contents - must be included. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - toPath: - description: |- - ToPath specifies the path to copy contents to, defaults to the name of - the GitRepositoryRef. - type: string - required: - - repository - type: object - type: array - interval: - description: |- - Interval at which the GitRepository URL is checked for updates. - This interval is approximate and may be subject to jitter to ensure - efficient use of resources. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - proxySecretRef: - description: |- - ProxySecretRef specifies the Secret containing the proxy configuration - to use while communicating with the Git server. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - recurseSubmodules: - description: |- - RecurseSubmodules enables the initialization of all submodules within - the GitRepository as cloned from the URL, using their default settings. - type: boolean - ref: - description: |- - Reference specifies the Git reference to resolve and monitor for - changes, defaults to the 'master' branch. - properties: - branch: - description: Branch to check out, defaults to 'master' if no other - field is defined. - type: string - commit: - description: |- - Commit SHA to check out, takes precedence over all reference fields. - - - This can be combined with Branch to shallow clone the branch, in which - the commit is expected to exist. - type: string - name: - description: |- - Name of the reference to check out; takes precedence over Branch, Tag and SemVer. - - - It must be a valid Git reference: https://git-scm.com/docs/git-check-ref-format#_description - Examples: "refs/heads/main", "refs/tags/v0.1.0", "refs/pull/420/head", "refs/merge-requests/1/head" - type: string - semver: - description: SemVer tag expression to check out, takes precedence - over Tag. - type: string - tag: - description: Tag to check out, takes precedence over Branch. - type: string - type: object - secretRef: - description: |- - SecretRef specifies the Secret containing authentication credentials for - the GitRepository. - For HTTPS repositories the Secret must contain 'username' and 'password' - fields for basic auth or 'bearerToken' field for token auth. - For SSH repositories the Secret must contain 'identity' - and 'known_hosts' fields. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - suspend: - description: |- - Suspend tells the controller to suspend the reconciliation of this - GitRepository. - type: boolean - timeout: - default: 60s - description: Timeout for Git operations like cloning, defaults to - 60s. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ - type: string - url: - description: URL specifies the Git repository URL, it can be an HTTP/S - or SSH address. - pattern: ^(http|https|ssh)://.*$ - type: string - verify: - description: |- - Verification specifies the configuration to verify the Git commit - signature(s). - properties: - mode: - default: HEAD - description: |- - Mode specifies which Git object(s) should be verified. - - - The variants "head" and "HEAD" both imply the same thing, i.e. verify - the commit that the HEAD of the Git repository points to. The variant - "head" solely exists to ensure backwards compatibility. - enum: - - head - - HEAD - - Tag - - TagAndHEAD - type: string - secretRef: - description: |- - SecretRef specifies the Secret containing the public keys of trusted Git - authors. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - required: - - secretRef - type: object - required: - - interval - - url - type: object - status: - default: - observedGeneration: -1 - description: GitRepositoryStatus records the observed state of a Git repository. - properties: - artifact: - description: Artifact represents the last successful GitRepository - reconciliation. - properties: - digest: - description: Digest is the digest of the file in the form of ':'. - pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ - type: string - lastUpdateTime: - description: |- - LastUpdateTime is the timestamp corresponding to the last update of the - Artifact. - format: date-time - type: string - metadata: - additionalProperties: - type: string - description: Metadata holds upstream information such as OCI annotations. - type: object - path: - description: |- - Path is the relative file path of the Artifact. It can be used to locate - the file in the root of the Artifact storage on the local file system of - the controller managing the Source. - type: string - revision: - description: |- - Revision is a human-readable identifier traceable in the origin source - system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. - type: string - size: - description: Size is the number of bytes in the file. - format: int64 - type: integer - url: - description: |- - URL is the HTTP address of the Artifact as exposed by the controller - managing the Source. It can be used to retrieve the Artifact for - consumption, e.g. by another controller applying the Artifact contents. - type: string - required: - - lastUpdateTime - - path - - revision - - url - type: object - conditions: - description: Conditions holds the conditions for the GitRepository. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - includedArtifacts: - description: |- - IncludedArtifacts contains a list of the last successfully included - Artifacts as instructed by GitRepositorySpec.Include. - items: - description: Artifact represents the output of a Source reconciliation. - properties: - digest: - description: Digest is the digest of the file in the form of - ':'. - pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ - type: string - lastUpdateTime: - description: |- - LastUpdateTime is the timestamp corresponding to the last update of the - Artifact. - format: date-time - type: string - metadata: - additionalProperties: - type: string - description: Metadata holds upstream information such as OCI - annotations. - type: object - path: - description: |- - Path is the relative file path of the Artifact. It can be used to locate - the file in the root of the Artifact storage on the local file system of - the controller managing the Source. - type: string - revision: - description: |- - Revision is a human-readable identifier traceable in the origin source - system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. - type: string - size: - description: Size is the number of bytes in the file. - format: int64 - type: integer - url: - description: |- - URL is the HTTP address of the Artifact as exposed by the controller - managing the Source. It can be used to retrieve the Artifact for - consumption, e.g. by another controller applying the Artifact contents. - type: string - required: - - lastUpdateTime - - path - - revision - - url - type: object - type: array - lastHandledReconcileAt: - description: |- - LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value - can be detected. - type: string - observedGeneration: - description: |- - ObservedGeneration is the last observed generation of the GitRepository - object. - format: int64 - type: integer - observedIgnore: - description: |- - ObservedIgnore is the observed exclusion patterns used for constructing - the source artifact. - type: string - observedInclude: - description: |- - ObservedInclude is the observed list of GitRepository resources used to - produce the current Artifact. - items: - description: |- - GitRepositoryInclude specifies a local reference to a GitRepository which - Artifact (sub-)contents must be included, and where they should be placed. - properties: - fromPath: - description: |- - FromPath specifies the path to copy contents from, defaults to the root - of the Artifact. - type: string - repository: - description: |- - GitRepositoryRef specifies the GitRepository which Artifact contents - must be included. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - toPath: - description: |- - ToPath specifies the path to copy contents to, defaults to the name of - the GitRepositoryRef. - type: string - required: - - repository - type: object - type: array - observedRecurseSubmodules: - description: |- - ObservedRecurseSubmodules is the observed resource submodules - configuration used to produce the current Artifact. - type: boolean - sourceVerificationMode: - description: |- - SourceVerificationMode is the last used verification mode indicating - which Git object(s) have been verified. - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .spec.url - name: URL - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - deprecated: true - deprecationWarning: v1beta1 GitRepository is deprecated, upgrade to v1 - name: v1beta1 - schema: - openAPIV3Schema: - description: GitRepository is the Schema for the gitrepositories API - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: GitRepositorySpec defines the desired state of a Git repository. - properties: - accessFrom: - description: AccessFrom defines an Access Control List for allowing - cross-namespace references to this object. - properties: - namespaceSelectors: - description: |- - NamespaceSelectors is the list of namespace selectors to which this ACL applies. - Items in this list are evaluated using a logical OR operation. - items: - description: |- - NamespaceSelector selects the namespaces to which this ACL applies. - An empty map of MatchLabels matches all namespaces in a cluster. - properties: - matchLabels: - additionalProperties: - type: string - description: |- - MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - type: array - required: - - namespaceSelectors - type: object - gitImplementation: - default: go-git - description: |- - Determines which git client library to use. - Defaults to go-git, valid values are ('go-git', 'libgit2'). - enum: - - go-git - - libgit2 - type: string - ignore: - description: |- - Ignore overrides the set of excluded patterns in the .sourceignore format - (which is the same as .gitignore). If not provided, a default will be used, - consult the documentation for your version to find out what those are. - type: string - include: - description: Extra git repositories to map into the repository - items: - description: GitRepositoryInclude defines a source with a from and - to path. - properties: - fromPath: - description: The path to copy contents from, defaults to the - root directory. - type: string - repository: - description: Reference to a GitRepository to include. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - toPath: - description: The path to copy contents to, defaults to the name - of the source ref. - type: string - required: - - repository - type: object - type: array - interval: - description: The interval at which to check for repository updates. - type: string - recurseSubmodules: - description: |- - When enabled, after the clone is created, initializes all submodules within, - using their default settings. - This option is available only when using the 'go-git' GitImplementation. - type: boolean - ref: - description: |- - The Git reference to checkout and monitor for changes, defaults to - master branch. - properties: - branch: - description: The Git branch to checkout, defaults to master. - type: string - commit: - description: The Git commit SHA to checkout, if specified Tag - filters will be ignored. - type: string - semver: - description: The Git tag semver expression, takes precedence over - Tag. - type: string - tag: - description: The Git tag to checkout, takes precedence over Branch. - type: string - type: object - secretRef: - description: |- - The secret name containing the Git credentials. - For HTTPS repositories the secret must contain username and password - fields. - For SSH repositories the secret must contain identity and known_hosts - fields. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - suspend: - description: This flag tells the controller to suspend the reconciliation - of this source. - type: boolean - timeout: - default: 60s - description: The timeout for remote Git operations like cloning, defaults - to 60s. - type: string - url: - description: The repository URL, can be a HTTP/S or SSH address. - pattern: ^(http|https|ssh)://.*$ - type: string - verify: - description: Verify OpenPGP signature for the Git commit HEAD points - to. - properties: - mode: - description: Mode describes what git object should be verified, - currently ('head'). - enum: - - head - type: string - secretRef: - description: The secret name containing the public keys of all - trusted Git authors. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - required: - - mode - type: object - required: - - interval - - url - type: object - status: - default: - observedGeneration: -1 - description: GitRepositoryStatus defines the observed state of a Git repository. - properties: - artifact: - description: Artifact represents the output of the last successful - repository sync. - properties: - checksum: - description: Checksum is the SHA256 checksum of the artifact. - type: string - lastUpdateTime: - description: |- - LastUpdateTime is the timestamp corresponding to the last update of this - artifact. - format: date-time - type: string - path: - description: Path is the relative file path of this artifact. - type: string - revision: - description: |- - Revision is a human readable identifier traceable in the origin source - system. It can be a Git commit SHA, Git tag, a Helm index timestamp, a Helm - chart version, etc. - type: string - url: - description: URL is the HTTP address of this artifact. - type: string - required: - - path - - url - type: object - conditions: - description: Conditions holds the conditions for the GitRepository. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - includedArtifacts: - description: IncludedArtifacts represents the included artifacts from - the last successful repository sync. - items: - description: Artifact represents the output of a source synchronisation. - properties: - checksum: - description: Checksum is the SHA256 checksum of the artifact. - type: string - lastUpdateTime: - description: |- - LastUpdateTime is the timestamp corresponding to the last update of this - artifact. - format: date-time - type: string - path: - description: Path is the relative file path of this artifact. - type: string - revision: - description: |- - Revision is a human readable identifier traceable in the origin source - system. It can be a Git commit SHA, Git tag, a Helm index timestamp, a Helm - chart version, etc. - type: string - url: - description: URL is the HTTP address of this artifact. - type: string - required: - - path - - url - type: object - type: array - lastHandledReconcileAt: - description: |- - LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value - can be detected. - type: string - observedGeneration: - description: ObservedGeneration is the last observed generation. - format: int64 - type: integer - url: - description: |- - URL is the download link for the artifact output of the last repository - sync. - type: string - type: object - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .spec.url - name: URL - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - deprecated: true - deprecationWarning: v1beta2 GitRepository is deprecated, upgrade to v1 - name: v1beta2 - schema: - openAPIV3Schema: - description: GitRepository is the Schema for the gitrepositories API. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: |- - GitRepositorySpec specifies the required configuration to produce an - Artifact for a Git repository. - properties: - accessFrom: - description: |- - AccessFrom specifies an Access Control List for allowing cross-namespace - references to this object. - NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092 - properties: - namespaceSelectors: - description: |- - NamespaceSelectors is the list of namespace selectors to which this ACL applies. - Items in this list are evaluated using a logical OR operation. - items: - description: |- - NamespaceSelector selects the namespaces to which this ACL applies. - An empty map of MatchLabels matches all namespaces in a cluster. - properties: - matchLabels: - additionalProperties: - type: string - description: |- - MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - type: array - required: - - namespaceSelectors - type: object - gitImplementation: - default: go-git - description: |- - GitImplementation specifies which Git client library implementation to - use. Defaults to 'go-git', valid values are ('go-git', 'libgit2'). - Deprecated: gitImplementation is deprecated now that 'go-git' is the - only supported implementation. - enum: - - go-git - - libgit2 - type: string - ignore: - description: |- - Ignore overrides the set of excluded patterns in the .sourceignore format - (which is the same as .gitignore). If not provided, a default will be used, - consult the documentation for your version to find out what those are. - type: string - include: - description: |- - Include specifies a list of GitRepository resources which Artifacts - should be included in the Artifact produced for this GitRepository. - items: - description: |- - GitRepositoryInclude specifies a local reference to a GitRepository which - Artifact (sub-)contents must be included, and where they should be placed. - properties: - fromPath: - description: |- - FromPath specifies the path to copy contents from, defaults to the root - of the Artifact. - type: string - repository: - description: |- - GitRepositoryRef specifies the GitRepository which Artifact contents - must be included. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - toPath: - description: |- - ToPath specifies the path to copy contents to, defaults to the name of - the GitRepositoryRef. - type: string - required: - - repository - type: object - type: array - interval: - description: Interval at which to check the GitRepository for updates. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - recurseSubmodules: - description: |- - RecurseSubmodules enables the initialization of all submodules within - the GitRepository as cloned from the URL, using their default settings. - type: boolean - ref: - description: |- - Reference specifies the Git reference to resolve and monitor for - changes, defaults to the 'master' branch. - properties: - branch: - description: Branch to check out, defaults to 'master' if no other - field is defined. - type: string - commit: - description: |- - Commit SHA to check out, takes precedence over all reference fields. - - - This can be combined with Branch to shallow clone the branch, in which - the commit is expected to exist. - type: string - name: - description: |- - Name of the reference to check out; takes precedence over Branch, Tag and SemVer. - - - It must be a valid Git reference: https://git-scm.com/docs/git-check-ref-format#_description - Examples: "refs/heads/main", "refs/tags/v0.1.0", "refs/pull/420/head", "refs/merge-requests/1/head" - type: string - semver: - description: SemVer tag expression to check out, takes precedence - over Tag. - type: string - tag: - description: Tag to check out, takes precedence over Branch. - type: string - type: object - secretRef: - description: |- - SecretRef specifies the Secret containing authentication credentials for - the GitRepository. - For HTTPS repositories the Secret must contain 'username' and 'password' - fields for basic auth or 'bearerToken' field for token auth. - For SSH repositories the Secret must contain 'identity' - and 'known_hosts' fields. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - suspend: - description: |- - Suspend tells the controller to suspend the reconciliation of this - GitRepository. - type: boolean - timeout: - default: 60s - description: Timeout for Git operations like cloning, defaults to - 60s. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ - type: string - url: - description: URL specifies the Git repository URL, it can be an HTTP/S - or SSH address. - pattern: ^(http|https|ssh)://.*$ - type: string - verify: - description: |- - Verification specifies the configuration to verify the Git commit - signature(s). - properties: - mode: - description: Mode specifies what Git object should be verified, - currently ('head'). - enum: - - head - type: string - secretRef: - description: |- - SecretRef specifies the Secret containing the public keys of trusted Git - authors. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - required: - - mode - - secretRef - type: object - required: - - interval - - url - type: object - status: - default: - observedGeneration: -1 - description: GitRepositoryStatus records the observed state of a Git repository. - properties: - artifact: - description: Artifact represents the last successful GitRepository - reconciliation. - properties: - digest: - description: Digest is the digest of the file in the form of ':'. - pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ - type: string - lastUpdateTime: - description: |- - LastUpdateTime is the timestamp corresponding to the last update of the - Artifact. - format: date-time - type: string - metadata: - additionalProperties: - type: string - description: Metadata holds upstream information such as OCI annotations. - type: object - path: - description: |- - Path is the relative file path of the Artifact. It can be used to locate - the file in the root of the Artifact storage on the local file system of - the controller managing the Source. - type: string - revision: - description: |- - Revision is a human-readable identifier traceable in the origin source - system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. - type: string - size: - description: Size is the number of bytes in the file. - format: int64 - type: integer - url: - description: |- - URL is the HTTP address of the Artifact as exposed by the controller - managing the Source. It can be used to retrieve the Artifact for - consumption, e.g. by another controller applying the Artifact contents. - type: string - required: - - lastUpdateTime - - path - - revision - - url - type: object - conditions: - description: Conditions holds the conditions for the GitRepository. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - contentConfigChecksum: - description: |- - ContentConfigChecksum is a checksum of all the configurations related to - the content of the source artifact: - - .spec.ignore - - .spec.recurseSubmodules - - .spec.included and the checksum of the included artifacts - observed in .status.observedGeneration version of the object. This can - be used to determine if the content of the included repository has - changed. - It has the format of `:`, for example: `sha256:`. - - - Deprecated: Replaced with explicit fields for observed artifact content - config in the status. - type: string - includedArtifacts: - description: |- - IncludedArtifacts contains a list of the last successfully included - Artifacts as instructed by GitRepositorySpec.Include. - items: - description: Artifact represents the output of a Source reconciliation. - properties: - digest: - description: Digest is the digest of the file in the form of - ':'. - pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ - type: string - lastUpdateTime: - description: |- - LastUpdateTime is the timestamp corresponding to the last update of the - Artifact. - format: date-time - type: string - metadata: - additionalProperties: - type: string - description: Metadata holds upstream information such as OCI - annotations. - type: object - path: - description: |- - Path is the relative file path of the Artifact. It can be used to locate - the file in the root of the Artifact storage on the local file system of - the controller managing the Source. - type: string - revision: - description: |- - Revision is a human-readable identifier traceable in the origin source - system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. - type: string - size: - description: Size is the number of bytes in the file. - format: int64 - type: integer - url: - description: |- - URL is the HTTP address of the Artifact as exposed by the controller - managing the Source. It can be used to retrieve the Artifact for - consumption, e.g. by another controller applying the Artifact contents. - type: string - required: - - lastUpdateTime - - path - - revision - - url - type: object - type: array - lastHandledReconcileAt: - description: |- - LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value - can be detected. - type: string - observedGeneration: - description: |- - ObservedGeneration is the last observed generation of the GitRepository - object. - format: int64 - type: integer - observedIgnore: - description: |- - ObservedIgnore is the observed exclusion patterns used for constructing - the source artifact. - type: string - observedInclude: - description: |- - ObservedInclude is the observed list of GitRepository resources used to - to produce the current Artifact. - items: - description: |- - GitRepositoryInclude specifies a local reference to a GitRepository which - Artifact (sub-)contents must be included, and where they should be placed. - properties: - fromPath: - description: |- - FromPath specifies the path to copy contents from, defaults to the root - of the Artifact. - type: string - repository: - description: |- - GitRepositoryRef specifies the GitRepository which Artifact contents - must be included. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - toPath: - description: |- - ToPath specifies the path to copy contents to, defaults to the name of - the GitRepositoryRef. - type: string - required: - - repository - type: object - type: array - observedRecurseSubmodules: - description: |- - ObservedRecurseSubmodules is the observed resource submodules - configuration used to produce the current Artifact. - type: boolean - url: - description: |- - URL is the dynamic fetch link for the latest Artifact. - It is provided on a "best effort" basis, and using the precise - GitRepositoryStatus.Artifact data is recommended. - type: string - type: object - type: object - served: true - storage: false - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.15.0 - labels: - app.kubernetes.io/component: source-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.3.0 - name: helmcharts.source.toolkit.fluxcd.io -spec: - group: source.toolkit.fluxcd.io - names: - kind: HelmChart - listKind: HelmChartList - plural: helmcharts - shortNames: - - hc - singular: helmchart - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .spec.chart - name: Chart - type: string - - jsonPath: .spec.version - name: Version - type: string - - jsonPath: .spec.sourceRef.kind - name: Source Kind - type: string - - jsonPath: .spec.sourceRef.name - name: Source Name - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - name: v1 - schema: - openAPIV3Schema: - description: HelmChart is the Schema for the helmcharts API. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: HelmChartSpec specifies the desired state of a Helm chart. - properties: - chart: - description: |- - Chart is the name or path the Helm chart is available at in the - SourceRef. - type: string - ignoreMissingValuesFiles: - description: |- - IgnoreMissingValuesFiles controls whether to silently ignore missing values - files rather than failing. - type: boolean - interval: - description: |- - Interval at which the HelmChart SourceRef is checked for updates. - This interval is approximate and may be subject to jitter to ensure - efficient use of resources. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - reconcileStrategy: - default: ChartVersion - description: |- - ReconcileStrategy determines what enables the creation of a new artifact. - Valid values are ('ChartVersion', 'Revision'). - See the documentation of the values for an explanation on their behavior. - Defaults to ChartVersion when omitted. - enum: - - ChartVersion - - Revision - type: string - sourceRef: - description: SourceRef is the reference to the Source the chart is - available at. - properties: - apiVersion: - description: APIVersion of the referent. - type: string - kind: - description: |- - Kind of the referent, valid values are ('HelmRepository', 'GitRepository', - 'Bucket'). - enum: - - HelmRepository - - GitRepository - - Bucket - type: string - name: - description: Name of the referent. - type: string - required: - - kind - - name - type: object - suspend: - description: |- - Suspend tells the controller to suspend the reconciliation of this - source. - type: boolean - valuesFiles: - description: |- - ValuesFiles is an alternative list of values files to use as the chart - values (values.yaml is not included by default), expected to be a - relative path in the SourceRef. - Values files are merged in the order of this list with the last file - overriding the first. Ignored when omitted. - items: - type: string - type: array - verify: - description: |- - Verify contains the secret name containing the trusted public keys - used to verify the signature and specifies which provider to use to check - whether OCI image is authentic. - This field is only supported when using HelmRepository source with spec.type 'oci'. - Chart dependencies, which are not bundled in the umbrella chart artifact, are not verified. - properties: - matchOIDCIdentity: - description: |- - MatchOIDCIdentity specifies the identity matching criteria to use - while verifying an OCI artifact which was signed using Cosign keyless - signing. The artifact's identity is deemed to be verified if any of the - specified matchers match against the identity. - items: - description: |- - OIDCIdentityMatch specifies options for verifying the certificate identity, - i.e. the issuer and the subject of the certificate. - properties: - issuer: - description: |- - Issuer specifies the regex pattern to match against to verify - the OIDC issuer in the Fulcio certificate. The pattern must be a - valid Go regular expression. - type: string - subject: - description: |- - Subject specifies the regex pattern to match against to verify - the identity subject in the Fulcio certificate. The pattern must - be a valid Go regular expression. - type: string - required: - - issuer - - subject - type: object - type: array - provider: - default: cosign - description: Provider specifies the technology used to sign the - OCI Artifact. - enum: - - cosign - - notation - type: string - secretRef: - description: |- - SecretRef specifies the Kubernetes Secret containing the - trusted public keys. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - required: - - provider - type: object - version: - default: '*' - description: |- - Version is the chart version semver expression, ignored for charts from - GitRepository and Bucket sources. Defaults to latest when omitted. - type: string - required: - - chart - - interval - - sourceRef - type: object - status: - default: - observedGeneration: -1 - description: HelmChartStatus records the observed state of the HelmChart. - properties: - artifact: - description: Artifact represents the output of the last successful - reconciliation. - properties: - digest: - description: Digest is the digest of the file in the form of ':'. - pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ - type: string - lastUpdateTime: - description: |- - LastUpdateTime is the timestamp corresponding to the last update of the - Artifact. - format: date-time - type: string - metadata: - additionalProperties: - type: string - description: Metadata holds upstream information such as OCI annotations. - type: object - path: - description: |- - Path is the relative file path of the Artifact. It can be used to locate - the file in the root of the Artifact storage on the local file system of - the controller managing the Source. - type: string - revision: - description: |- - Revision is a human-readable identifier traceable in the origin source - system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. - type: string - size: - description: Size is the number of bytes in the file. - format: int64 - type: integer - url: - description: |- - URL is the HTTP address of the Artifact as exposed by the controller - managing the Source. It can be used to retrieve the Artifact for - consumption, e.g. by another controller applying the Artifact contents. - type: string - required: - - lastUpdateTime - - path - - revision - - url - type: object - conditions: - description: Conditions holds the conditions for the HelmChart. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - lastHandledReconcileAt: - description: |- - LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value - can be detected. - type: string - observedChartName: - description: |- - ObservedChartName is the last observed chart name as specified by the - resolved chart reference. - type: string - observedGeneration: - description: |- - ObservedGeneration is the last observed generation of the HelmChart - object. - format: int64 - type: integer - observedSourceArtifactRevision: - description: |- - ObservedSourceArtifactRevision is the last observed Artifact.Revision - of the HelmChartSpec.SourceRef. - type: string - observedValuesFiles: - description: |- - ObservedValuesFiles are the observed value files of the last successful - reconciliation. - It matches the chart in the last successfully reconciled artifact. - items: - type: string - type: array - url: - description: |- - URL is the dynamic fetch link for the latest Artifact. - It is provided on a "best effort" basis, and using the precise - BucketStatus.Artifact data is recommended. - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .spec.chart - name: Chart - type: string - - jsonPath: .spec.version - name: Version - type: string - - jsonPath: .spec.sourceRef.kind - name: Source Kind - type: string - - jsonPath: .spec.sourceRef.name - name: Source Name - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - deprecated: true - deprecationWarning: v1beta1 HelmChart is deprecated, upgrade to v1 - name: v1beta1 - schema: - openAPIV3Schema: - description: HelmChart is the Schema for the helmcharts API - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: HelmChartSpec defines the desired state of a Helm chart. - properties: - accessFrom: - description: AccessFrom defines an Access Control List for allowing - cross-namespace references to this object. - properties: - namespaceSelectors: - description: |- - NamespaceSelectors is the list of namespace selectors to which this ACL applies. - Items in this list are evaluated using a logical OR operation. - items: - description: |- - NamespaceSelector selects the namespaces to which this ACL applies. - An empty map of MatchLabels matches all namespaces in a cluster. - properties: - matchLabels: - additionalProperties: - type: string - description: |- - MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - type: array - required: - - namespaceSelectors - type: object - chart: - description: The name or path the Helm chart is available at in the - SourceRef. - type: string - interval: - description: The interval at which to check the Source for updates. - type: string - reconcileStrategy: - default: ChartVersion - description: |- - Determines what enables the creation of a new artifact. Valid values are - ('ChartVersion', 'Revision'). - See the documentation of the values for an explanation on their behavior. - Defaults to ChartVersion when omitted. - enum: - - ChartVersion - - Revision - type: string - sourceRef: - description: The reference to the Source the chart is available at. - properties: - apiVersion: - description: APIVersion of the referent. - type: string - kind: - description: |- - Kind of the referent, valid values are ('HelmRepository', 'GitRepository', - 'Bucket'). - enum: - - HelmRepository - - GitRepository - - Bucket - type: string - name: - description: Name of the referent. - type: string - required: - - kind - - name - type: object - suspend: - description: This flag tells the controller to suspend the reconciliation - of this source. - type: boolean - valuesFile: - description: |- - Alternative values file to use as the default chart values, expected to - be a relative path in the SourceRef. Deprecated in favor of ValuesFiles, - for backwards compatibility the file defined here is merged before the - ValuesFiles items. Ignored when omitted. - type: string - valuesFiles: - description: |- - Alternative list of values files to use as the chart values (values.yaml - is not included by default), expected to be a relative path in the SourceRef. - Values files are merged in the order of this list with the last file overriding - the first. Ignored when omitted. - items: - type: string - type: array - version: - default: '*' - description: |- - The chart version semver expression, ignored for charts from GitRepository - and Bucket sources. Defaults to latest when omitted. - type: string - required: - - chart - - interval - - sourceRef - type: object - status: - default: - observedGeneration: -1 - description: HelmChartStatus defines the observed state of the HelmChart. - properties: - artifact: - description: Artifact represents the output of the last successful - chart sync. - properties: - checksum: - description: Checksum is the SHA256 checksum of the artifact. - type: string - lastUpdateTime: - description: |- - LastUpdateTime is the timestamp corresponding to the last update of this - artifact. - format: date-time - type: string - path: - description: Path is the relative file path of this artifact. - type: string - revision: - description: |- - Revision is a human readable identifier traceable in the origin source - system. It can be a Git commit SHA, Git tag, a Helm index timestamp, a Helm - chart version, etc. - type: string - url: - description: URL is the HTTP address of this artifact. - type: string - required: - - path - - url - type: object - conditions: - description: Conditions holds the conditions for the HelmChart. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - lastHandledReconcileAt: - description: |- - LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value - can be detected. - type: string - observedGeneration: - description: ObservedGeneration is the last observed generation. - format: int64 - type: integer - url: - description: URL is the download link for the last chart pulled. - type: string - type: object - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .spec.chart - name: Chart - type: string - - jsonPath: .spec.version - name: Version - type: string - - jsonPath: .spec.sourceRef.kind - name: Source Kind - type: string - - jsonPath: .spec.sourceRef.name - name: Source Name - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - deprecated: true - deprecationWarning: v1beta2 HelmChart is deprecated, upgrade to v1 - name: v1beta2 - schema: - openAPIV3Schema: - description: HelmChart is the Schema for the helmcharts API. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: HelmChartSpec specifies the desired state of a Helm chart. - properties: - accessFrom: - description: |- - AccessFrom specifies an Access Control List for allowing cross-namespace - references to this object. - NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092 - properties: - namespaceSelectors: - description: |- - NamespaceSelectors is the list of namespace selectors to which this ACL applies. - Items in this list are evaluated using a logical OR operation. - items: - description: |- - NamespaceSelector selects the namespaces to which this ACL applies. - An empty map of MatchLabels matches all namespaces in a cluster. - properties: - matchLabels: - additionalProperties: - type: string - description: |- - MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - type: array - required: - - namespaceSelectors - type: object - chart: - description: |- - Chart is the name or path the Helm chart is available at in the - SourceRef. - type: string - ignoreMissingValuesFiles: - description: |- - IgnoreMissingValuesFiles controls whether to silently ignore missing values - files rather than failing. - type: boolean - interval: - description: |- - Interval at which the HelmChart SourceRef is checked for updates. - This interval is approximate and may be subject to jitter to ensure - efficient use of resources. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - reconcileStrategy: - default: ChartVersion - description: |- - ReconcileStrategy determines what enables the creation of a new artifact. - Valid values are ('ChartVersion', 'Revision'). - See the documentation of the values for an explanation on their behavior. - Defaults to ChartVersion when omitted. - enum: - - ChartVersion - - Revision - type: string - sourceRef: - description: SourceRef is the reference to the Source the chart is - available at. - properties: - apiVersion: - description: APIVersion of the referent. - type: string - kind: - description: |- - Kind of the referent, valid values are ('HelmRepository', 'GitRepository', - 'Bucket'). - enum: - - HelmRepository - - GitRepository - - Bucket - type: string - name: - description: Name of the referent. - type: string - required: - - kind - - name - type: object - suspend: - description: |- - Suspend tells the controller to suspend the reconciliation of this - source. - type: boolean - valuesFile: - description: |- - ValuesFile is an alternative values file to use as the default chart - values, expected to be a relative path in the SourceRef. Deprecated in - favor of ValuesFiles, for backwards compatibility the file specified here - is merged before the ValuesFiles items. Ignored when omitted. - type: string - valuesFiles: - description: |- - ValuesFiles is an alternative list of values files to use as the chart - values (values.yaml is not included by default), expected to be a - relative path in the SourceRef. - Values files are merged in the order of this list with the last file - overriding the first. Ignored when omitted. - items: - type: string - type: array - verify: - description: |- - Verify contains the secret name containing the trusted public keys - used to verify the signature and specifies which provider to use to check - whether OCI image is authentic. - This field is only supported when using HelmRepository source with spec.type 'oci'. - Chart dependencies, which are not bundled in the umbrella chart artifact, are not verified. - properties: - matchOIDCIdentity: - description: |- - MatchOIDCIdentity specifies the identity matching criteria to use - while verifying an OCI artifact which was signed using Cosign keyless - signing. The artifact's identity is deemed to be verified if any of the - specified matchers match against the identity. - items: - description: |- - OIDCIdentityMatch specifies options for verifying the certificate identity, - i.e. the issuer and the subject of the certificate. - properties: - issuer: - description: |- - Issuer specifies the regex pattern to match against to verify - the OIDC issuer in the Fulcio certificate. The pattern must be a - valid Go regular expression. - type: string - subject: - description: |- - Subject specifies the regex pattern to match against to verify - the identity subject in the Fulcio certificate. The pattern must - be a valid Go regular expression. - type: string - required: - - issuer - - subject - type: object - type: array - provider: - default: cosign - description: Provider specifies the technology used to sign the - OCI Artifact. - enum: - - cosign - - notation - type: string - secretRef: - description: |- - SecretRef specifies the Kubernetes Secret containing the - trusted public keys. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - required: - - provider - type: object - version: - default: '*' - description: |- - Version is the chart version semver expression, ignored for charts from - GitRepository and Bucket sources. Defaults to latest when omitted. - type: string - required: - - chart - - interval - - sourceRef - type: object - status: - default: - observedGeneration: -1 - description: HelmChartStatus records the observed state of the HelmChart. - properties: - artifact: - description: Artifact represents the output of the last successful - reconciliation. - properties: - digest: - description: Digest is the digest of the file in the form of ':'. - pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ - type: string - lastUpdateTime: - description: |- - LastUpdateTime is the timestamp corresponding to the last update of the - Artifact. - format: date-time - type: string - metadata: - additionalProperties: - type: string - description: Metadata holds upstream information such as OCI annotations. - type: object - path: - description: |- - Path is the relative file path of the Artifact. It can be used to locate - the file in the root of the Artifact storage on the local file system of - the controller managing the Source. - type: string - revision: - description: |- - Revision is a human-readable identifier traceable in the origin source - system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. - type: string - size: - description: Size is the number of bytes in the file. - format: int64 - type: integer - url: - description: |- - URL is the HTTP address of the Artifact as exposed by the controller - managing the Source. It can be used to retrieve the Artifact for - consumption, e.g. by another controller applying the Artifact contents. - type: string - required: - - lastUpdateTime - - path - - revision - - url - type: object - conditions: - description: Conditions holds the conditions for the HelmChart. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - lastHandledReconcileAt: - description: |- - LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value - can be detected. - type: string - observedChartName: - description: |- - ObservedChartName is the last observed chart name as specified by the - resolved chart reference. - type: string - observedGeneration: - description: |- - ObservedGeneration is the last observed generation of the HelmChart - object. - format: int64 - type: integer - observedSourceArtifactRevision: - description: |- - ObservedSourceArtifactRevision is the last observed Artifact.Revision - of the HelmChartSpec.SourceRef. - type: string - observedValuesFiles: - description: |- - ObservedValuesFiles are the observed value files of the last successful - reconciliation. - It matches the chart in the last successfully reconciled artifact. - items: - type: string - type: array - url: - description: |- - URL is the dynamic fetch link for the latest Artifact. - It is provided on a "best effort" basis, and using the precise - BucketStatus.Artifact data is recommended. - type: string - type: object - type: object - served: true - storage: false - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.15.0 - labels: - app.kubernetes.io/component: source-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.3.0 - name: helmrepositories.source.toolkit.fluxcd.io -spec: - group: source.toolkit.fluxcd.io - names: - kind: HelmRepository - listKind: HelmRepositoryList - plural: helmrepositories - shortNames: - - helmrepo - singular: helmrepository - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .spec.url - name: URL - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - name: v1 - schema: - openAPIV3Schema: - description: HelmRepository is the Schema for the helmrepositories API. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: |- - HelmRepositorySpec specifies the required configuration to produce an - Artifact for a Helm repository index YAML. - properties: - accessFrom: - description: |- - AccessFrom specifies an Access Control List for allowing cross-namespace - references to this object. - NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092 - properties: - namespaceSelectors: - description: |- - NamespaceSelectors is the list of namespace selectors to which this ACL applies. - Items in this list are evaluated using a logical OR operation. - items: - description: |- - NamespaceSelector selects the namespaces to which this ACL applies. - An empty map of MatchLabels matches all namespaces in a cluster. - properties: - matchLabels: - additionalProperties: - type: string - description: |- - MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - type: array - required: - - namespaceSelectors - type: object - certSecretRef: - description: |- - CertSecretRef can be given the name of a Secret containing - either or both of - - - - a PEM-encoded client certificate (`tls.crt`) and private - key (`tls.key`); - - a PEM-encoded CA certificate (`ca.crt`) - - - and whichever are supplied, will be used for connecting to the - registry. The client cert and key are useful if you are - authenticating with a certificate; the CA cert is useful if - you are using a self-signed server certificate. The Secret must - be of type `Opaque` or `kubernetes.io/tls`. - - - It takes precedence over the values specified in the Secret referred - to by `.spec.secretRef`. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - insecure: - description: |- - Insecure allows connecting to a non-TLS HTTP container registry. - This field is only taken into account if the .spec.type field is set to 'oci'. - type: boolean - interval: - description: |- - Interval at which the HelmRepository URL is checked for updates. - This interval is approximate and may be subject to jitter to ensure - efficient use of resources. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - passCredentials: - description: |- - PassCredentials allows the credentials from the SecretRef to be passed - on to a host that does not match the host as defined in URL. - This may be required if the host of the advertised chart URLs in the - index differ from the defined URL. - Enabling this should be done with caution, as it can potentially result - in credentials getting stolen in a MITM-attack. - type: boolean - provider: - default: generic - description: |- - Provider used for authentication, can be 'aws', 'azure', 'gcp' or 'generic'. - This field is optional, and only taken into account if the .spec.type field is set to 'oci'. - When not specified, defaults to 'generic'. - enum: - - generic - - aws - - azure - - gcp - type: string - secretRef: - description: |- - SecretRef specifies the Secret containing authentication credentials - for the HelmRepository. - For HTTP/S basic auth the secret must contain 'username' and 'password' - fields. - Support for TLS auth using the 'certFile' and 'keyFile', and/or 'caFile' - keys is deprecated. Please use `.spec.certSecretRef` instead. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - suspend: - description: |- - Suspend tells the controller to suspend the reconciliation of this - HelmRepository. - type: boolean - timeout: - description: |- - Timeout is used for the index fetch operation for an HTTPS helm repository, - and for remote OCI Repository operations like pulling for an OCI helm - chart by the associated HelmChart. - Its default value is 60s. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ - type: string - type: - description: |- - Type of the HelmRepository. - When this field is set to "oci", the URL field value must be prefixed with "oci://". - enum: - - default - - oci - type: string - url: - description: |- - URL of the Helm repository, a valid URL contains at least a protocol and - host. - pattern: ^(http|https|oci)://.*$ - type: string - required: - - url - type: object - status: - default: - observedGeneration: -1 - description: HelmRepositoryStatus records the observed state of the HelmRepository. - properties: - artifact: - description: Artifact represents the last successful HelmRepository - reconciliation. - properties: - digest: - description: Digest is the digest of the file in the form of ':'. - pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ - type: string - lastUpdateTime: - description: |- - LastUpdateTime is the timestamp corresponding to the last update of the - Artifact. - format: date-time - type: string - metadata: - additionalProperties: - type: string - description: Metadata holds upstream information such as OCI annotations. - type: object - path: - description: |- - Path is the relative file path of the Artifact. It can be used to locate - the file in the root of the Artifact storage on the local file system of - the controller managing the Source. - type: string - revision: - description: |- - Revision is a human-readable identifier traceable in the origin source - system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. - type: string - size: - description: Size is the number of bytes in the file. - format: int64 - type: integer - url: - description: |- - URL is the HTTP address of the Artifact as exposed by the controller - managing the Source. It can be used to retrieve the Artifact for - consumption, e.g. by another controller applying the Artifact contents. - type: string - required: - - lastUpdateTime - - path - - revision - - url - type: object - conditions: - description: Conditions holds the conditions for the HelmRepository. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - lastHandledReconcileAt: - description: |- - LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value - can be detected. - type: string - observedGeneration: - description: |- - ObservedGeneration is the last observed generation of the HelmRepository - object. - format: int64 - type: integer - url: - description: |- - URL is the dynamic fetch link for the latest Artifact. - It is provided on a "best effort" basis, and using the precise - HelmRepositoryStatus.Artifact data is recommended. - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .spec.url - name: URL - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - deprecated: true - deprecationWarning: v1beta1 HelmRepository is deprecated, upgrade to v1 - name: v1beta1 - schema: - openAPIV3Schema: - description: HelmRepository is the Schema for the helmrepositories API - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: HelmRepositorySpec defines the reference to a Helm repository. - properties: - accessFrom: - description: AccessFrom defines an Access Control List for allowing - cross-namespace references to this object. - properties: - namespaceSelectors: - description: |- - NamespaceSelectors is the list of namespace selectors to which this ACL applies. - Items in this list are evaluated using a logical OR operation. - items: - description: |- - NamespaceSelector selects the namespaces to which this ACL applies. - An empty map of MatchLabels matches all namespaces in a cluster. - properties: - matchLabels: - additionalProperties: - type: string - description: |- - MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - type: array - required: - - namespaceSelectors - type: object - interval: - description: The interval at which to check the upstream for updates. - type: string - passCredentials: - description: |- - PassCredentials allows the credentials from the SecretRef to be passed on to - a host that does not match the host as defined in URL. - This may be required if the host of the advertised chart URLs in the index - differ from the defined URL. - Enabling this should be done with caution, as it can potentially result in - credentials getting stolen in a MITM-attack. - type: boolean - secretRef: - description: |- - The name of the secret containing authentication credentials for the Helm - repository. - For HTTP/S basic auth the secret must contain username and - password fields. - For TLS the secret must contain a certFile and keyFile, and/or - caFile fields. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - suspend: - description: This flag tells the controller to suspend the reconciliation - of this source. - type: boolean - timeout: - default: 60s - description: The timeout of index downloading, defaults to 60s. - type: string - url: - description: The Helm repository URL, a valid URL contains at least - a protocol and host. - type: string - required: - - interval - - url - type: object - status: - default: - observedGeneration: -1 - description: HelmRepositoryStatus defines the observed state of the HelmRepository. - properties: - artifact: - description: Artifact represents the output of the last successful - repository sync. - properties: - checksum: - description: Checksum is the SHA256 checksum of the artifact. - type: string - lastUpdateTime: - description: |- - LastUpdateTime is the timestamp corresponding to the last update of this - artifact. - format: date-time - type: string - path: - description: Path is the relative file path of this artifact. - type: string - revision: - description: |- - Revision is a human readable identifier traceable in the origin source - system. It can be a Git commit SHA, Git tag, a Helm index timestamp, a Helm - chart version, etc. - type: string - url: - description: URL is the HTTP address of this artifact. - type: string - required: - - path - - url - type: object - conditions: - description: Conditions holds the conditions for the HelmRepository. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - lastHandledReconcileAt: - description: |- - LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value - can be detected. - type: string - observedGeneration: - description: ObservedGeneration is the last observed generation. - format: int64 - type: integer - url: - description: URL is the download link for the last index fetched. - type: string - type: object - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .spec.url - name: URL - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - deprecated: true - deprecationWarning: v1beta2 HelmRepository is deprecated, upgrade to v1 - name: v1beta2 - schema: - openAPIV3Schema: - description: HelmRepository is the Schema for the helmrepositories API. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: |- - HelmRepositorySpec specifies the required configuration to produce an - Artifact for a Helm repository index YAML. - properties: - accessFrom: - description: |- - AccessFrom specifies an Access Control List for allowing cross-namespace - references to this object. - NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092 - properties: - namespaceSelectors: - description: |- - NamespaceSelectors is the list of namespace selectors to which this ACL applies. - Items in this list are evaluated using a logical OR operation. - items: - description: |- - NamespaceSelector selects the namespaces to which this ACL applies. - An empty map of MatchLabels matches all namespaces in a cluster. - properties: - matchLabels: - additionalProperties: - type: string - description: |- - MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - type: array - required: - - namespaceSelectors - type: object - certSecretRef: - description: |- - CertSecretRef can be given the name of a Secret containing - either or both of - - - - a PEM-encoded client certificate (`tls.crt`) and private - key (`tls.key`); - - a PEM-encoded CA certificate (`ca.crt`) - - - and whichever are supplied, will be used for connecting to the - registry. The client cert and key are useful if you are - authenticating with a certificate; the CA cert is useful if - you are using a self-signed server certificate. The Secret must - be of type `Opaque` or `kubernetes.io/tls`. - - - It takes precedence over the values specified in the Secret referred - to by `.spec.secretRef`. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - insecure: - description: |- - Insecure allows connecting to a non-TLS HTTP container registry. - This field is only taken into account if the .spec.type field is set to 'oci'. - type: boolean - interval: - description: |- - Interval at which the HelmRepository URL is checked for updates. - This interval is approximate and may be subject to jitter to ensure - efficient use of resources. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - passCredentials: - description: |- - PassCredentials allows the credentials from the SecretRef to be passed - on to a host that does not match the host as defined in URL. - This may be required if the host of the advertised chart URLs in the - index differ from the defined URL. - Enabling this should be done with caution, as it can potentially result - in credentials getting stolen in a MITM-attack. - type: boolean - provider: - default: generic - description: |- - Provider used for authentication, can be 'aws', 'azure', 'gcp' or 'generic'. - This field is optional, and only taken into account if the .spec.type field is set to 'oci'. - When not specified, defaults to 'generic'. - enum: - - generic - - aws - - azure - - gcp - type: string - secretRef: - description: |- - SecretRef specifies the Secret containing authentication credentials - for the HelmRepository. - For HTTP/S basic auth the secret must contain 'username' and 'password' - fields. - Support for TLS auth using the 'certFile' and 'keyFile', and/or 'caFile' - keys is deprecated. Please use `.spec.certSecretRef` instead. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - suspend: - description: |- - Suspend tells the controller to suspend the reconciliation of this - HelmRepository. - type: boolean - timeout: - description: |- - Timeout is used for the index fetch operation for an HTTPS helm repository, - and for remote OCI Repository operations like pulling for an OCI helm - chart by the associated HelmChart. - Its default value is 60s. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ - type: string - type: - description: |- - Type of the HelmRepository. - When this field is set to "oci", the URL field value must be prefixed with "oci://". - enum: - - default - - oci - type: string - url: - description: |- - URL of the Helm repository, a valid URL contains at least a protocol and - host. - pattern: ^(http|https|oci)://.*$ - type: string - required: - - url - type: object - status: - default: - observedGeneration: -1 - description: HelmRepositoryStatus records the observed state of the HelmRepository. - properties: - artifact: - description: Artifact represents the last successful HelmRepository - reconciliation. - properties: - digest: - description: Digest is the digest of the file in the form of ':'. - pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ - type: string - lastUpdateTime: - description: |- - LastUpdateTime is the timestamp corresponding to the last update of the - Artifact. - format: date-time - type: string - metadata: - additionalProperties: - type: string - description: Metadata holds upstream information such as OCI annotations. - type: object - path: - description: |- - Path is the relative file path of the Artifact. It can be used to locate - the file in the root of the Artifact storage on the local file system of - the controller managing the Source. - type: string - revision: - description: |- - Revision is a human-readable identifier traceable in the origin source - system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. - type: string - size: - description: Size is the number of bytes in the file. - format: int64 - type: integer - url: - description: |- - URL is the HTTP address of the Artifact as exposed by the controller - managing the Source. It can be used to retrieve the Artifact for - consumption, e.g. by another controller applying the Artifact contents. - type: string - required: - - lastUpdateTime - - path - - revision - - url - type: object - conditions: - description: Conditions holds the conditions for the HelmRepository. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - lastHandledReconcileAt: - description: |- - LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value - can be detected. - type: string - observedGeneration: - description: |- - ObservedGeneration is the last observed generation of the HelmRepository - object. - format: int64 - type: integer - url: - description: |- - URL is the dynamic fetch link for the latest Artifact. - It is provided on a "best effort" basis, and using the precise - HelmRepositoryStatus.Artifact data is recommended. - type: string - type: object - type: object - served: true - storage: false - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.15.0 - labels: - app.kubernetes.io/component: source-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.3.0 - name: ocirepositories.source.toolkit.fluxcd.io -spec: - group: source.toolkit.fluxcd.io - names: - kind: OCIRepository - listKind: OCIRepositoryList - plural: ocirepositories - shortNames: - - ocirepo - singular: ocirepository - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .spec.url - name: URL - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1beta2 - schema: - openAPIV3Schema: - description: OCIRepository is the Schema for the ocirepositories API - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: OCIRepositorySpec defines the desired state of OCIRepository - properties: - certSecretRef: - description: |- - CertSecretRef can be given the name of a Secret containing - either or both of - - - - a PEM-encoded client certificate (`tls.crt`) and private - key (`tls.key`); - - a PEM-encoded CA certificate (`ca.crt`) - - - and whichever are supplied, will be used for connecting to the - registry. The client cert and key are useful if you are - authenticating with a certificate; the CA cert is useful if - you are using a self-signed server certificate. The Secret must - be of type `Opaque` or `kubernetes.io/tls`. - - - Note: Support for the `caFile`, `certFile` and `keyFile` keys have - been deprecated. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - ignore: - description: |- - Ignore overrides the set of excluded patterns in the .sourceignore format - (which is the same as .gitignore). If not provided, a default will be used, - consult the documentation for your version to find out what those are. - type: string - insecure: - description: Insecure allows connecting to a non-TLS HTTP container - registry. - type: boolean - interval: - description: |- - Interval at which the OCIRepository URL is checked for updates. - This interval is approximate and may be subject to jitter to ensure - efficient use of resources. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - layerSelector: - description: |- - LayerSelector specifies which layer should be extracted from the OCI artifact. - When not specified, the first layer found in the artifact is selected. - properties: - mediaType: - description: |- - MediaType specifies the OCI media type of the layer - which should be extracted from the OCI Artifact. The - first layer matching this type is selected. - type: string - operation: - description: |- - Operation specifies how the selected layer should be processed. - By default, the layer compressed content is extracted to storage. - When the operation is set to 'copy', the layer compressed content - is persisted to storage as it is. - enum: - - extract - - copy - type: string - type: object - provider: - default: generic - description: |- - The provider used for authentication, can be 'aws', 'azure', 'gcp' or 'generic'. - When not specified, defaults to 'generic'. - enum: - - generic - - aws - - azure - - gcp - type: string - ref: - description: |- - The OCI reference to pull and monitor for changes, - defaults to the latest tag. - properties: - digest: - description: |- - Digest is the image digest to pull, takes precedence over SemVer. - The value should be in the format 'sha256:'. - type: string - semver: - description: |- - SemVer is the range of tags to pull selecting the latest within - the range, takes precedence over Tag. - type: string - semverFilter: - description: SemverFilter is a regex pattern to filter the tags - within the SemVer range. - type: string - tag: - description: Tag is the image tag to pull, defaults to latest. - type: string - type: object - secretRef: - description: |- - SecretRef contains the secret name containing the registry login - credentials to resolve image metadata. - The secret must be of type kubernetes.io/dockerconfigjson. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - serviceAccountName: - description: |- - ServiceAccountName is the name of the Kubernetes ServiceAccount used to authenticate - the image pull if the service account has attached pull secrets. For more information: - https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#add-imagepullsecrets-to-a-service-account - type: string - suspend: - description: This flag tells the controller to suspend the reconciliation - of this source. - type: boolean - timeout: - default: 60s - description: The timeout for remote OCI Repository operations like - pulling, defaults to 60s. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ - type: string - url: - description: |- - URL is a reference to an OCI artifact repository hosted - on a remote container registry. - pattern: ^oci://.*$ - type: string - verify: - description: |- - Verify contains the secret name containing the trusted public keys - used to verify the signature and specifies which provider to use to check - whether OCI image is authentic. - properties: - matchOIDCIdentity: - description: |- - MatchOIDCIdentity specifies the identity matching criteria to use - while verifying an OCI artifact which was signed using Cosign keyless - signing. The artifact's identity is deemed to be verified if any of the - specified matchers match against the identity. - items: - description: |- - OIDCIdentityMatch specifies options for verifying the certificate identity, - i.e. the issuer and the subject of the certificate. - properties: - issuer: - description: |- - Issuer specifies the regex pattern to match against to verify - the OIDC issuer in the Fulcio certificate. The pattern must be a - valid Go regular expression. - type: string - subject: - description: |- - Subject specifies the regex pattern to match against to verify - the identity subject in the Fulcio certificate. The pattern must - be a valid Go regular expression. - type: string - required: - - issuer - - subject - type: object - type: array - provider: - default: cosign - description: Provider specifies the technology used to sign the - OCI Artifact. - enum: - - cosign - - notation - type: string - secretRef: - description: |- - SecretRef specifies the Kubernetes Secret containing the - trusted public keys. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - required: - - provider - type: object - required: - - interval - - url - type: object - status: - default: - observedGeneration: -1 - description: OCIRepositoryStatus defines the observed state of OCIRepository - properties: - artifact: - description: Artifact represents the output of the last successful - OCI Repository sync. - properties: - digest: - description: Digest is the digest of the file in the form of ':'. - pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ - type: string - lastUpdateTime: - description: |- - LastUpdateTime is the timestamp corresponding to the last update of the - Artifact. - format: date-time - type: string - metadata: - additionalProperties: - type: string - description: Metadata holds upstream information such as OCI annotations. - type: object - path: - description: |- - Path is the relative file path of the Artifact. It can be used to locate - the file in the root of the Artifact storage on the local file system of - the controller managing the Source. - type: string - revision: - description: |- - Revision is a human-readable identifier traceable in the origin source - system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. - type: string - size: - description: Size is the number of bytes in the file. - format: int64 - type: integer - url: - description: |- - URL is the HTTP address of the Artifact as exposed by the controller - managing the Source. It can be used to retrieve the Artifact for - consumption, e.g. by another controller applying the Artifact contents. - type: string - required: - - lastUpdateTime - - path - - revision - - url - type: object - conditions: - description: Conditions holds the conditions for the OCIRepository. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - contentConfigChecksum: - description: |- - ContentConfigChecksum is a checksum of all the configurations related to - the content of the source artifact: - - .spec.ignore - - .spec.layerSelector - observed in .status.observedGeneration version of the object. This can - be used to determine if the content configuration has changed and the - artifact needs to be rebuilt. - It has the format of `:`, for example: `sha256:`. - - - Deprecated: Replaced with explicit fields for observed artifact content - config in the status. - type: string - lastHandledReconcileAt: - description: |- - LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value - can be detected. - type: string - observedGeneration: - description: ObservedGeneration is the last observed generation. - format: int64 - type: integer - observedIgnore: - description: |- - ObservedIgnore is the observed exclusion patterns used for constructing - the source artifact. - type: string - observedLayerSelector: - description: |- - ObservedLayerSelector is the observed layer selector used for constructing - the source artifact. - properties: - mediaType: - description: |- - MediaType specifies the OCI media type of the layer - which should be extracted from the OCI Artifact. The - first layer matching this type is selected. - type: string - operation: - description: |- - Operation specifies how the selected layer should be processed. - By default, the layer compressed content is extracted to storage. - When the operation is set to 'copy', the layer compressed content - is persisted to storage as it is. - enum: - - extract - - copy - type: string - type: object - url: - description: URL is the download link for the artifact output of the - last OCI Repository sync. - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - labels: - app.kubernetes.io/component: source-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.3.0 - name: source-controller - namespace: flux-system ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app.kubernetes.io/component: source-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.3.0 - control-plane: controller - name: source-controller - namespace: flux-system -spec: - ports: - - name: http - port: 80 - protocol: TCP - targetPort: http - selector: - app: source-controller - type: ClusterIP ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app.kubernetes.io/component: source-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.3.0 - control-plane: controller - name: source-controller - namespace: flux-system -spec: - replicas: 1 - selector: - matchLabels: - app: source-controller - strategy: - type: Recreate - template: - metadata: - annotations: - prometheus.io/port: "8080" - prometheus.io/scrape: "true" - labels: - app: source-controller - spec: - containers: - - args: - - --events-addr=http://notification-controller.flux-system.svc.cluster.local./ - - --watch-all-namespaces=true - - --log-level=info - - --log-encoding=json - - --enable-leader-election - - --storage-path=/data - - --storage-adv-addr=source-controller.$(RUNTIME_NAMESPACE).svc.cluster.local. - env: - - name: RUNTIME_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: TUF_ROOT - value: /tmp/.sigstore - - name: GOMAXPROCS - valueFrom: - resourceFieldRef: - containerName: manager - resource: limits.cpu - - name: GOMEMLIMIT - valueFrom: - resourceFieldRef: - containerName: manager - resource: limits.memory - image: ghcr.io/fluxcd/source-controller:v1.3.0 - imagePullPolicy: IfNotPresent - livenessProbe: - httpGet: - path: /healthz - port: healthz - name: manager - ports: - - containerPort: 9090 - name: http - protocol: TCP - - containerPort: 8080 - name: http-prom - protocol: TCP - - containerPort: 9440 - name: healthz - protocol: TCP - readinessProbe: - httpGet: - path: / - port: http - resources: - limits: - cpu: 1000m - memory: 1Gi - requests: - cpu: 50m - memory: 64Mi - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - runAsNonRoot: true - seccompProfile: - type: RuntimeDefault - volumeMounts: - - mountPath: /data - name: data - - mountPath: /tmp - name: tmp - nodeSelector: - kubernetes.io/os: linux - priorityClassName: system-cluster-critical - securityContext: - fsGroup: 1337 - serviceAccountName: source-controller - terminationGracePeriodSeconds: 10 - volumes: - - emptyDir: {} - name: data - - emptyDir: {} - name: tmp ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.15.0 - labels: - app.kubernetes.io/component: kustomize-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.3.0 - name: kustomizations.kustomize.toolkit.fluxcd.io -spec: - group: kustomize.toolkit.fluxcd.io - names: - kind: Kustomization - listKind: KustomizationList - plural: kustomizations - shortNames: - - ks - singular: kustomization - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - name: v1 - schema: - openAPIV3Schema: - description: Kustomization is the Schema for the kustomizations API. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: |- - KustomizationSpec defines the configuration to calculate the desired state - from a Source using Kustomize. - properties: - commonMetadata: - description: |- - CommonMetadata specifies the common labels and annotations that are - applied to all resources. Any existing label or annotation will be - overridden if its key matches a common one. - properties: - annotations: - additionalProperties: - type: string - description: Annotations to be added to the object's metadata. - type: object - labels: - additionalProperties: - type: string - description: Labels to be added to the object's metadata. - type: object - type: object - components: - description: Components specifies relative paths to specifications - of other Components. - items: - type: string - type: array - decryption: - description: Decrypt Kubernetes secrets before applying them on the - cluster. - properties: - provider: - description: Provider is the name of the decryption engine. - enum: - - sops - type: string - secretRef: - description: The secret name containing the private OpenPGP keys - used for decryption. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - required: - - provider - type: object - dependsOn: - description: |- - DependsOn may contain a meta.NamespacedObjectReference slice - with references to Kustomization resources that must be ready before this - Kustomization can be reconciled. - items: - description: |- - NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource object in any - namespace. - properties: - name: - description: Name of the referent. - type: string - namespace: - description: Namespace of the referent, when not specified it - acts as LocalObjectReference. - type: string - required: - - name - type: object - type: array - force: - default: false - description: |- - Force instructs the controller to recreate resources - when patching fails due to an immutable field change. - type: boolean - healthChecks: - description: A list of resources to be included in the health assessment. - items: - description: |- - NamespacedObjectKindReference contains enough information to locate the typed referenced Kubernetes resource object - in any namespace. - properties: - apiVersion: - description: API version of the referent, if not specified the - Kubernetes preferred version will be used. - type: string - kind: - description: Kind of the referent. - type: string - name: - description: Name of the referent. - type: string - namespace: - description: Namespace of the referent, when not specified it - acts as LocalObjectReference. - type: string - required: - - kind - - name - type: object - type: array - images: - description: |- - Images is a list of (image name, new name, new tag or digest) - for changing image names, tags or digests. This can also be achieved with a - patch, but this operator is simpler to specify. - items: - description: Image contains an image name, a new name, a new tag - or digest, which will replace the original name and tag. - properties: - digest: - description: |- - Digest is the value used to replace the original image tag. - If digest is present NewTag value is ignored. - type: string - name: - description: Name is a tag-less image name. - type: string - newName: - description: NewName is the value used to replace the original - name. - type: string - newTag: - description: NewTag is the value used to replace the original - tag. - type: string - required: - - name - type: object - type: array - interval: - description: |- - The interval at which to reconcile the Kustomization. - This interval is approximate and may be subject to jitter to ensure - efficient use of resources. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - kubeConfig: - description: |- - The KubeConfig for reconciling the Kustomization on a remote cluster. - When used in combination with KustomizationSpec.ServiceAccountName, - forces the controller to act on behalf of that Service Account at the - target cluster. - If the --default-service-account flag is set, its value will be used as - a controller level fallback for when KustomizationSpec.ServiceAccountName - is empty. - properties: - secretRef: - description: |- - SecretRef holds the name of a secret that contains a key with - the kubeconfig file as the value. If no key is set, the key will default - to 'value'. - It is recommended that the kubeconfig is self-contained, and the secret - is regularly updated if credentials such as a cloud-access-token expire. - Cloud specific `cmd-path` auth helpers will not function without adding - binaries and credentials to the Pod that is responsible for reconciling - Kubernetes resources. - properties: - key: - description: Key in the Secret, when not specified an implementation-specific - default key is used. - type: string - name: - description: Name of the Secret. - type: string - required: - - name - type: object - required: - - secretRef - type: object - namePrefix: - description: NamePrefix will prefix the names of all managed resources. - maxLength: 200 - minLength: 1 - type: string - nameSuffix: - description: NameSuffix will suffix the names of all managed resources. - maxLength: 200 - minLength: 1 - type: string - patches: - description: |- - Strategic merge and JSON patches, defined as inline YAML objects, - capable of targeting objects based on kind, label and annotation selectors. - items: - description: |- - Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should - be applied to. - properties: - patch: - description: |- - Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with - an array of operation objects. - type: string - target: - description: Target points to the resources that the patch document - should be applied to. - properties: - annotationSelector: - description: |- - AnnotationSelector is a string that follows the label selection expression - https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource annotations. - type: string - group: - description: |- - Group is the API group to select resources from. - Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - kind: - description: |- - Kind of the API Group to select resources from. - Together with Group and Version it is capable of unambiguously - identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - labelSelector: - description: |- - LabelSelector is a string that follows the label selection expression - https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource labels. - type: string - name: - description: Name to match resources with. - type: string - namespace: - description: Namespace to select resources from. - type: string - version: - description: |- - Version of the API Group to select resources from. - Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - type: object - required: - - patch - type: object - type: array - path: - description: |- - Path to the directory containing the kustomization.yaml file, or the - set of plain YAMLs a kustomization.yaml should be generated for. - Defaults to 'None', which translates to the root path of the SourceRef. - type: string - postBuild: - description: |- - PostBuild describes which actions to perform on the YAML manifest - generated by building the kustomize overlay. - properties: - substitute: - additionalProperties: - type: string - description: |- - Substitute holds a map of key/value pairs. - The variables defined in your YAML manifests that match any of the keys - defined in the map will be substituted with the set value. - Includes support for bash string replacement functions - e.g. ${var:=default}, ${var:position} and ${var/substring/replacement}. - type: object - substituteFrom: - description: |- - SubstituteFrom holds references to ConfigMaps and Secrets containing - the variables and their values to be substituted in the YAML manifests. - The ConfigMap and the Secret data keys represent the var names, and they - must match the vars declared in the manifests for the substitution to - happen. - items: - description: |- - SubstituteReference contains a reference to a resource containing - the variables name and value. - properties: - kind: - description: Kind of the values referent, valid values are - ('Secret', 'ConfigMap'). - enum: - - Secret - - ConfigMap - type: string - name: - description: |- - Name of the values referent. Should reside in the same namespace as the - referring resource. - maxLength: 253 - minLength: 1 - type: string - optional: - default: false - description: |- - Optional indicates whether the referenced resource must exist, or whether to - tolerate its absence. If true and the referenced resource is absent, proceed - as if the resource was present but empty, without any variables defined. - type: boolean - required: - - kind - - name - type: object - type: array - type: object - prune: - description: Prune enables garbage collection. - type: boolean - retryInterval: - description: |- - The interval at which to retry a previously failed reconciliation. - When not specified, the controller uses the KustomizationSpec.Interval - value to retry failures. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - serviceAccountName: - description: |- - The name of the Kubernetes service account to impersonate - when reconciling this Kustomization. - type: string - sourceRef: - description: Reference of the source where the kustomization file - is. - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: Kind of the referent. - enum: - - OCIRepository - - GitRepository - - Bucket - type: string - name: - description: Name of the referent. - type: string - namespace: - description: |- - Namespace of the referent, defaults to the namespace of the Kubernetes - resource object that contains the reference. - type: string - required: - - kind - - name - type: object - suspend: - description: |- - This flag tells the controller to suspend subsequent kustomize executions, - it does not apply to already started executions. Defaults to false. - type: boolean - targetNamespace: - description: |- - TargetNamespace sets or overrides the namespace in the - kustomization.yaml file. - maxLength: 63 - minLength: 1 - type: string - timeout: - description: |- - Timeout for validation, apply and health checking operations. - Defaults to 'Interval' duration. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - wait: - description: |- - Wait instructs the controller to check the health of all the reconciled - resources. When enabled, the HealthChecks are ignored. Defaults to false. - type: boolean - required: - - interval - - prune - - sourceRef - type: object - status: - default: - observedGeneration: -1 - description: KustomizationStatus defines the observed state of a kustomization. - properties: - conditions: - items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - inventory: - description: |- - Inventory contains the list of Kubernetes resource object references that - have been successfully applied. - properties: - entries: - description: Entries of Kubernetes resource object references. - items: - description: ResourceRef contains the information necessary - to locate a resource within a cluster. - properties: - id: - description: |- - ID is the string representation of the Kubernetes resource object's metadata, - in the format '___'. - type: string - v: - description: Version is the API version of the Kubernetes - resource object's kind. - type: string - required: - - id - - v - type: object - type: array - required: - - entries - type: object - lastAppliedRevision: - description: |- - The last successfully applied revision. - Equals the Revision of the applied Artifact from the referenced Source. - type: string - lastAttemptedRevision: - description: LastAttemptedRevision is the revision of the last reconciliation - attempt. - type: string - lastHandledReconcileAt: - description: |- - LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value - can be detected. - type: string - observedGeneration: - description: ObservedGeneration is the last reconciled generation. - format: int64 - type: integer - type: object - type: object - served: true - storage: true - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - deprecated: true - deprecationWarning: v1beta1 Kustomization is deprecated, upgrade to v1 - name: v1beta1 - schema: - openAPIV3Schema: - description: Kustomization is the Schema for the kustomizations API. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: KustomizationSpec defines the desired state of a kustomization. - properties: - decryption: - description: Decrypt Kubernetes secrets before applying them on the - cluster. - properties: - provider: - description: Provider is the name of the decryption engine. - enum: - - sops - type: string - secretRef: - description: The secret name containing the private OpenPGP keys - used for decryption. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - required: - - provider - type: object - dependsOn: - description: |- - DependsOn may contain a meta.NamespacedObjectReference slice - with references to Kustomization resources that must be ready before this - Kustomization can be reconciled. - items: - description: |- - NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource object in any - namespace. - properties: - name: - description: Name of the referent. - type: string - namespace: - description: Namespace of the referent, when not specified it - acts as LocalObjectReference. - type: string - required: - - name - type: object - type: array - force: - default: false - description: |- - Force instructs the controller to recreate resources - when patching fails due to an immutable field change. - type: boolean - healthChecks: - description: A list of resources to be included in the health assessment. - items: - description: |- - NamespacedObjectKindReference contains enough information to locate the typed referenced Kubernetes resource object - in any namespace. - properties: - apiVersion: - description: API version of the referent, if not specified the - Kubernetes preferred version will be used. - type: string - kind: - description: Kind of the referent. - type: string - name: - description: Name of the referent. - type: string - namespace: - description: Namespace of the referent, when not specified it - acts as LocalObjectReference. - type: string - required: - - kind - - name - type: object - type: array - images: - description: |- - Images is a list of (image name, new name, new tag or digest) - for changing image names, tags or digests. This can also be achieved with a - patch, but this operator is simpler to specify. - items: - description: Image contains an image name, a new name, a new tag - or digest, which will replace the original name and tag. - properties: - digest: - description: |- - Digest is the value used to replace the original image tag. - If digest is present NewTag value is ignored. - type: string - name: - description: Name is a tag-less image name. - type: string - newName: - description: NewName is the value used to replace the original - name. - type: string - newTag: - description: NewTag is the value used to replace the original - tag. - type: string - required: - - name - type: object - type: array - interval: - description: The interval at which to reconcile the Kustomization. - type: string - kubeConfig: - description: |- - The KubeConfig for reconciling the Kustomization on a remote cluster. - When specified, KubeConfig takes precedence over ServiceAccountName. - properties: - secretRef: - description: |- - SecretRef holds the name to a secret that contains a 'value' key with - the kubeconfig file as the value. It must be in the same namespace as - the Kustomization. - It is recommended that the kubeconfig is self-contained, and the secret - is regularly updated if credentials such as a cloud-access-token expire. - Cloud specific `cmd-path` auth helpers will not function without adding - binaries and credentials to the Pod that is responsible for reconciling - the Kustomization. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - type: object - patches: - description: |- - Strategic merge and JSON patches, defined as inline YAML objects, - capable of targeting objects based on kind, label and annotation selectors. - items: - description: |- - Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should - be applied to. - properties: - patch: - description: |- - Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with - an array of operation objects. - type: string - target: - description: Target points to the resources that the patch document - should be applied to. - properties: - annotationSelector: - description: |- - AnnotationSelector is a string that follows the label selection expression - https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource annotations. - type: string - group: - description: |- - Group is the API group to select resources from. - Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - kind: - description: |- - Kind of the API Group to select resources from. - Together with Group and Version it is capable of unambiguously - identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - labelSelector: - description: |- - LabelSelector is a string that follows the label selection expression - https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource labels. - type: string - name: - description: Name to match resources with. - type: string - namespace: - description: Namespace to select resources from. - type: string - version: - description: |- - Version of the API Group to select resources from. - Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - type: object - required: - - patch - type: object - type: array - patchesJson6902: - description: JSON 6902 patches, defined as inline YAML objects. - items: - description: JSON6902Patch contains a JSON6902 patch and the target - the patch should be applied to. - properties: - patch: - description: Patch contains the JSON6902 patch document with - an array of operation objects. - items: - description: |- - JSON6902 is a JSON6902 operation object. - https://datatracker.ietf.org/doc/html/rfc6902#section-4 - properties: - from: - description: |- - From contains a JSON-pointer value that references a location within the target document where the operation is - performed. The meaning of the value depends on the value of Op, and is NOT taken into account by all operations. - type: string - op: - description: |- - Op indicates the operation to perform. Its value MUST be one of "add", "remove", "replace", "move", "copy", or - "test". - https://datatracker.ietf.org/doc/html/rfc6902#section-4 - enum: - - test - - remove - - add - - replace - - move - - copy - type: string - path: - description: |- - Path contains the JSON-pointer value that references a location within the target document where the operation - is performed. The meaning of the value depends on the value of Op. - type: string - value: - description: |- - Value contains a valid JSON structure. The meaning of the value depends on the value of Op, and is NOT taken into - account by all operations. - x-kubernetes-preserve-unknown-fields: true - required: - - op - - path - type: object - type: array - target: - description: Target points to the resources that the patch document - should be applied to. - properties: - annotationSelector: - description: |- - AnnotationSelector is a string that follows the label selection expression - https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource annotations. - type: string - group: - description: |- - Group is the API group to select resources from. - Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - kind: - description: |- - Kind of the API Group to select resources from. - Together with Group and Version it is capable of unambiguously - identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - labelSelector: - description: |- - LabelSelector is a string that follows the label selection expression - https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource labels. - type: string - name: - description: Name to match resources with. - type: string - namespace: - description: Namespace to select resources from. - type: string - version: - description: |- - Version of the API Group to select resources from. - Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - type: object - required: - - patch - - target - type: object - type: array - patchesStrategicMerge: - description: Strategic merge patches, defined as inline YAML objects. - items: - x-kubernetes-preserve-unknown-fields: true - type: array - path: - description: |- - Path to the directory containing the kustomization.yaml file, or the - set of plain YAMLs a kustomization.yaml should be generated for. - Defaults to 'None', which translates to the root path of the SourceRef. - type: string - postBuild: - description: |- - PostBuild describes which actions to perform on the YAML manifest - generated by building the kustomize overlay. - properties: - substitute: - additionalProperties: - type: string - description: |- - Substitute holds a map of key/value pairs. - The variables defined in your YAML manifests - that match any of the keys defined in the map - will be substituted with the set value. - Includes support for bash string replacement functions - e.g. ${var:=default}, ${var:position} and ${var/substring/replacement}. - type: object - substituteFrom: - description: |- - SubstituteFrom holds references to ConfigMaps and Secrets containing - the variables and their values to be substituted in the YAML manifests. - The ConfigMap and the Secret data keys represent the var names and they - must match the vars declared in the manifests for the substitution to happen. - items: - description: |- - SubstituteReference contains a reference to a resource containing - the variables name and value. - properties: - kind: - description: Kind of the values referent, valid values are - ('Secret', 'ConfigMap'). - enum: - - Secret - - ConfigMap - type: string - name: - description: |- - Name of the values referent. Should reside in the same namespace as the - referring resource. - maxLength: 253 - minLength: 1 - type: string - required: - - kind - - name - type: object - type: array - type: object - prune: - description: Prune enables garbage collection. - type: boolean - retryInterval: - description: |- - The interval at which to retry a previously failed reconciliation. - When not specified, the controller uses the KustomizationSpec.Interval - value to retry failures. - type: string - serviceAccountName: - description: |- - The name of the Kubernetes service account to impersonate - when reconciling this Kustomization. - type: string - sourceRef: - description: Reference of the source where the kustomization file - is. - properties: - apiVersion: - description: API version of the referent - type: string - kind: - description: Kind of the referent - enum: - - GitRepository - - Bucket - type: string - name: - description: Name of the referent - type: string - namespace: - description: Namespace of the referent, defaults to the Kustomization - namespace - type: string - required: - - kind - - name - type: object - suspend: - description: |- - This flag tells the controller to suspend subsequent kustomize executions, - it does not apply to already started executions. Defaults to false. - type: boolean - targetNamespace: - description: |- - TargetNamespace sets or overrides the namespace in the - kustomization.yaml file. - maxLength: 63 - minLength: 1 - type: string - timeout: - description: |- - Timeout for validation, apply and health checking operations. - Defaults to 'Interval' duration. - type: string - validation: - description: |- - Validate the Kubernetes objects before applying them on the cluster. - The validation strategy can be 'client' (local dry-run), 'server' - (APIServer dry-run) or 'none'. - When 'Force' is 'true', validation will fallback to 'client' if set to - 'server' because server-side validation is not supported in this scenario. - enum: - - none - - client - - server - type: string - required: - - interval - - prune - - sourceRef - type: object - status: - default: - observedGeneration: -1 - description: KustomizationStatus defines the observed state of a kustomization. - properties: - conditions: - items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - lastAppliedRevision: - description: |- - The last successfully applied revision. - The revision format for Git sources is /. - type: string - lastAttemptedRevision: - description: LastAttemptedRevision is the revision of the last reconciliation - attempt. - type: string - lastHandledReconcileAt: - description: |- - LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value - can be detected. - type: string - observedGeneration: - description: ObservedGeneration is the last reconciled generation. - format: int64 - type: integer - snapshot: - description: The last successfully applied revision metadata. - properties: - checksum: - description: The manifests sha1 checksum. - type: string - entries: - description: A list of Kubernetes kinds grouped by namespace. - items: - description: |- - Snapshot holds the metadata of namespaced - Kubernetes objects - properties: - kinds: - additionalProperties: - type: string - description: The list of Kubernetes kinds. - type: object - namespace: - description: The namespace of this entry. - type: string - required: - - kinds - type: object - type: array - required: - - checksum - - entries - type: object - type: object - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - deprecated: true - deprecationWarning: v1beta2 Kustomization is deprecated, upgrade to v1 - name: v1beta2 - schema: - openAPIV3Schema: - description: Kustomization is the Schema for the kustomizations API. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: KustomizationSpec defines the configuration to calculate - the desired state from a Source using Kustomize. - properties: - commonMetadata: - description: |- - CommonMetadata specifies the common labels and annotations that are applied to all resources. - Any existing label or annotation will be overridden if its key matches a common one. - properties: - annotations: - additionalProperties: - type: string - description: Annotations to be added to the object's metadata. - type: object - labels: - additionalProperties: - type: string - description: Labels to be added to the object's metadata. - type: object - type: object - components: - description: Components specifies relative paths to specifications - of other Components. - items: - type: string - type: array - decryption: - description: Decrypt Kubernetes secrets before applying them on the - cluster. - properties: - provider: - description: Provider is the name of the decryption engine. - enum: - - sops - type: string - secretRef: - description: The secret name containing the private OpenPGP keys - used for decryption. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - required: - - provider - type: object - dependsOn: - description: |- - DependsOn may contain a meta.NamespacedObjectReference slice - with references to Kustomization resources that must be ready before this - Kustomization can be reconciled. - items: - description: |- - NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource object in any - namespace. - properties: - name: - description: Name of the referent. - type: string - namespace: - description: Namespace of the referent, when not specified it - acts as LocalObjectReference. - type: string - required: - - name - type: object - type: array - force: - default: false - description: |- - Force instructs the controller to recreate resources - when patching fails due to an immutable field change. - type: boolean - healthChecks: - description: A list of resources to be included in the health assessment. - items: - description: |- - NamespacedObjectKindReference contains enough information to locate the typed referenced Kubernetes resource object - in any namespace. - properties: - apiVersion: - description: API version of the referent, if not specified the - Kubernetes preferred version will be used. - type: string - kind: - description: Kind of the referent. - type: string - name: - description: Name of the referent. - type: string - namespace: - description: Namespace of the referent, when not specified it - acts as LocalObjectReference. - type: string - required: - - kind - - name - type: object - type: array - images: - description: |- - Images is a list of (image name, new name, new tag or digest) - for changing image names, tags or digests. This can also be achieved with a - patch, but this operator is simpler to specify. - items: - description: Image contains an image name, a new name, a new tag - or digest, which will replace the original name and tag. - properties: - digest: - description: |- - Digest is the value used to replace the original image tag. - If digest is present NewTag value is ignored. - type: string - name: - description: Name is a tag-less image name. - type: string - newName: - description: NewName is the value used to replace the original - name. - type: string - newTag: - description: NewTag is the value used to replace the original - tag. - type: string - required: - - name - type: object - type: array - interval: - description: The interval at which to reconcile the Kustomization. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - kubeConfig: - description: |- - The KubeConfig for reconciling the Kustomization on a remote cluster. - When used in combination with KustomizationSpec.ServiceAccountName, - forces the controller to act on behalf of that Service Account at the - target cluster. - If the --default-service-account flag is set, its value will be used as - a controller level fallback for when KustomizationSpec.ServiceAccountName - is empty. - properties: - secretRef: - description: |- - SecretRef holds the name of a secret that contains a key with - the kubeconfig file as the value. If no key is set, the key will default - to 'value'. - It is recommended that the kubeconfig is self-contained, and the secret - is regularly updated if credentials such as a cloud-access-token expire. - Cloud specific `cmd-path` auth helpers will not function without adding - binaries and credentials to the Pod that is responsible for reconciling - Kubernetes resources. - properties: - key: - description: Key in the Secret, when not specified an implementation-specific - default key is used. - type: string - name: - description: Name of the Secret. - type: string - required: - - name - type: object - required: - - secretRef - type: object - patches: - description: |- - Strategic merge and JSON patches, defined as inline YAML objects, - capable of targeting objects based on kind, label and annotation selectors. - items: - description: |- - Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should - be applied to. - properties: - patch: - description: |- - Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with - an array of operation objects. - type: string - target: - description: Target points to the resources that the patch document - should be applied to. - properties: - annotationSelector: - description: |- - AnnotationSelector is a string that follows the label selection expression - https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource annotations. - type: string - group: - description: |- - Group is the API group to select resources from. - Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - kind: - description: |- - Kind of the API Group to select resources from. - Together with Group and Version it is capable of unambiguously - identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - labelSelector: - description: |- - LabelSelector is a string that follows the label selection expression - https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource labels. - type: string - name: - description: Name to match resources with. - type: string - namespace: - description: Namespace to select resources from. - type: string - version: - description: |- - Version of the API Group to select resources from. - Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - type: object - required: - - patch - type: object - type: array - patchesJson6902: - description: |- - JSON 6902 patches, defined as inline YAML objects. - Deprecated: Use Patches instead. - items: - description: JSON6902Patch contains a JSON6902 patch and the target - the patch should be applied to. - properties: - patch: - description: Patch contains the JSON6902 patch document with - an array of operation objects. - items: - description: |- - JSON6902 is a JSON6902 operation object. - https://datatracker.ietf.org/doc/html/rfc6902#section-4 - properties: - from: - description: |- - From contains a JSON-pointer value that references a location within the target document where the operation is - performed. The meaning of the value depends on the value of Op, and is NOT taken into account by all operations. - type: string - op: - description: |- - Op indicates the operation to perform. Its value MUST be one of "add", "remove", "replace", "move", "copy", or - "test". - https://datatracker.ietf.org/doc/html/rfc6902#section-4 - enum: - - test - - remove - - add - - replace - - move - - copy - type: string - path: - description: |- - Path contains the JSON-pointer value that references a location within the target document where the operation - is performed. The meaning of the value depends on the value of Op. - type: string - value: - description: |- - Value contains a valid JSON structure. The meaning of the value depends on the value of Op, and is NOT taken into - account by all operations. - x-kubernetes-preserve-unknown-fields: true - required: - - op - - path - type: object - type: array - target: - description: Target points to the resources that the patch document - should be applied to. - properties: - annotationSelector: - description: |- - AnnotationSelector is a string that follows the label selection expression - https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource annotations. - type: string - group: - description: |- - Group is the API group to select resources from. - Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - kind: - description: |- - Kind of the API Group to select resources from. - Together with Group and Version it is capable of unambiguously - identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - labelSelector: - description: |- - LabelSelector is a string that follows the label selection expression - https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource labels. - type: string - name: - description: Name to match resources with. - type: string - namespace: - description: Namespace to select resources from. - type: string - version: - description: |- - Version of the API Group to select resources from. - Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - type: object - required: - - patch - - target - type: object - type: array - patchesStrategicMerge: - description: |- - Strategic merge patches, defined as inline YAML objects. - Deprecated: Use Patches instead. - items: - x-kubernetes-preserve-unknown-fields: true - type: array - path: - description: |- - Path to the directory containing the kustomization.yaml file, or the - set of plain YAMLs a kustomization.yaml should be generated for. - Defaults to 'None', which translates to the root path of the SourceRef. - type: string - postBuild: - description: |- - PostBuild describes which actions to perform on the YAML manifest - generated by building the kustomize overlay. - properties: - substitute: - additionalProperties: - type: string - description: |- - Substitute holds a map of key/value pairs. - The variables defined in your YAML manifests - that match any of the keys defined in the map - will be substituted with the set value. - Includes support for bash string replacement functions - e.g. ${var:=default}, ${var:position} and ${var/substring/replacement}. - type: object - substituteFrom: - description: |- - SubstituteFrom holds references to ConfigMaps and Secrets containing - the variables and their values to be substituted in the YAML manifests. - The ConfigMap and the Secret data keys represent the var names and they - must match the vars declared in the manifests for the substitution to happen. - items: - description: |- - SubstituteReference contains a reference to a resource containing - the variables name and value. - properties: - kind: - description: Kind of the values referent, valid values are - ('Secret', 'ConfigMap'). - enum: - - Secret - - ConfigMap - type: string - name: - description: |- - Name of the values referent. Should reside in the same namespace as the - referring resource. - maxLength: 253 - minLength: 1 - type: string - optional: - default: false - description: |- - Optional indicates whether the referenced resource must exist, or whether to - tolerate its absence. If true and the referenced resource is absent, proceed - as if the resource was present but empty, without any variables defined. - type: boolean - required: - - kind - - name - type: object - type: array - type: object - prune: - description: Prune enables garbage collection. - type: boolean - retryInterval: - description: |- - The interval at which to retry a previously failed reconciliation. - When not specified, the controller uses the KustomizationSpec.Interval - value to retry failures. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - serviceAccountName: - description: |- - The name of the Kubernetes service account to impersonate - when reconciling this Kustomization. - type: string - sourceRef: - description: Reference of the source where the kustomization file - is. - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: Kind of the referent. - enum: - - OCIRepository - - GitRepository - - Bucket - type: string - name: - description: Name of the referent. - type: string - namespace: - description: Namespace of the referent, defaults to the namespace - of the Kubernetes resource object that contains the reference. - type: string - required: - - kind - - name - type: object - suspend: - description: |- - This flag tells the controller to suspend subsequent kustomize executions, - it does not apply to already started executions. Defaults to false. - type: boolean - targetNamespace: - description: |- - TargetNamespace sets or overrides the namespace in the - kustomization.yaml file. - maxLength: 63 - minLength: 1 - type: string - timeout: - description: |- - Timeout for validation, apply and health checking operations. - Defaults to 'Interval' duration. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - validation: - description: 'Deprecated: Not used in v1beta2.' - enum: - - none - - client - - server - type: string - wait: - description: |- - Wait instructs the controller to check the health of all the reconciled resources. - When enabled, the HealthChecks are ignored. Defaults to false. - type: boolean - required: - - interval - - prune - - sourceRef - type: object - status: - default: - observedGeneration: -1 - description: KustomizationStatus defines the observed state of a kustomization. - properties: - conditions: - items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - inventory: - description: Inventory contains the list of Kubernetes resource object - references that have been successfully applied. - properties: - entries: - description: Entries of Kubernetes resource object references. - items: - description: ResourceRef contains the information necessary - to locate a resource within a cluster. - properties: - id: - description: |- - ID is the string representation of the Kubernetes resource object's metadata, - in the format '___'. - type: string - v: - description: Version is the API version of the Kubernetes - resource object's kind. - type: string - required: - - id - - v - type: object - type: array - required: - - entries - type: object - lastAppliedRevision: - description: |- - The last successfully applied revision. - Equals the Revision of the applied Artifact from the referenced Source. - type: string - lastAttemptedRevision: - description: LastAttemptedRevision is the revision of the last reconciliation - attempt. - type: string - lastHandledReconcileAt: - description: |- - LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value - can be detected. - type: string - observedGeneration: - description: ObservedGeneration is the last reconciled generation. - format: int64 - type: integer - type: object - type: object - served: true - storage: false - subresources: - status: {} ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - labels: - app.kubernetes.io/component: kustomize-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.3.0 - name: kustomize-controller - namespace: flux-system ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app.kubernetes.io/component: kustomize-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.3.0 - control-plane: controller - name: kustomize-controller - namespace: flux-system -spec: - replicas: 1 - selector: - matchLabels: - app: kustomize-controller - template: - metadata: - annotations: - prometheus.io/port: "8080" - prometheus.io/scrape: "true" - labels: - app: kustomize-controller - spec: - containers: - - args: - - --events-addr=http://notification-controller.flux-system.svc.cluster.local./ - - --watch-all-namespaces=true - - --log-level=info - - --log-encoding=json - - --enable-leader-election - env: - - name: RUNTIME_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: GOMAXPROCS - valueFrom: - resourceFieldRef: - containerName: manager - resource: limits.cpu - - name: GOMEMLIMIT - valueFrom: - resourceFieldRef: - containerName: manager - resource: limits.memory - image: ghcr.io/fluxcd/kustomize-controller:v1.3.0 - imagePullPolicy: IfNotPresent - livenessProbe: - httpGet: - path: /healthz - port: healthz - name: manager - ports: - - containerPort: 8080 - name: http-prom - protocol: TCP - - containerPort: 9440 - name: healthz - protocol: TCP - readinessProbe: - httpGet: - path: /readyz - port: healthz - resources: - limits: - cpu: 1000m - memory: 1Gi - requests: - cpu: 100m - memory: 64Mi - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - runAsNonRoot: true - seccompProfile: - type: RuntimeDefault - volumeMounts: - - mountPath: /tmp - name: temp - nodeSelector: - kubernetes.io/os: linux - priorityClassName: system-cluster-critical - securityContext: - fsGroup: 1337 - serviceAccountName: kustomize-controller - terminationGracePeriodSeconds: 60 - volumes: - - emptyDir: {} - name: temp ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.15.0 - labels: - app.kubernetes.io/component: helm-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.3.0 - name: helmreleases.helm.toolkit.fluxcd.io -spec: - group: helm.toolkit.fluxcd.io - names: - kind: HelmRelease - listKind: HelmReleaseList - plural: helmreleases - shortNames: - - hr - singular: helmrelease - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - name: v2 - schema: - openAPIV3Schema: - description: HelmRelease is the Schema for the helmreleases API - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: HelmReleaseSpec defines the desired state of a Helm release. - properties: - chart: - description: |- - Chart defines the template of the v1.HelmChart that should be created - for this HelmRelease. - properties: - metadata: - description: ObjectMeta holds the template for metadata like labels - and annotations. - properties: - annotations: - additionalProperties: - type: string - description: |- - Annotations is an unstructured key value map stored with a resource that may be - set by external tools to store and retrieve arbitrary metadata. They are not - queryable and should be preserved when modifying objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ - type: object - labels: - additionalProperties: - type: string - description: |- - Map of string keys and values that can be used to organize and categorize - (scope and select) objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ - type: object - type: object - spec: - description: Spec holds the template for the v1.HelmChartSpec - for this HelmRelease. - properties: - chart: - description: The name or path the Helm chart is available - at in the SourceRef. - maxLength: 2048 - minLength: 1 - type: string - ignoreMissingValuesFiles: - description: IgnoreMissingValuesFiles controls whether to - silently ignore missing values files rather than failing. - type: boolean - interval: - description: |- - Interval at which to check the v1.Source for updates. Defaults to - 'HelmReleaseSpec.Interval'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - reconcileStrategy: - default: ChartVersion - description: |- - Determines what enables the creation of a new artifact. Valid values are - ('ChartVersion', 'Revision'). - See the documentation of the values for an explanation on their behavior. - Defaults to ChartVersion when omitted. - enum: - - ChartVersion - - Revision - type: string - sourceRef: - description: The name and namespace of the v1.Source the chart - is available at. - properties: - apiVersion: - description: APIVersion of the referent. - type: string - kind: - description: Kind of the referent. - enum: - - HelmRepository - - GitRepository - - Bucket - type: string - name: - description: Name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: Namespace of the referent. - maxLength: 63 - minLength: 1 - type: string - required: - - name - type: object - valuesFiles: - description: |- - Alternative list of values files to use as the chart values (values.yaml - is not included by default), expected to be a relative path in the SourceRef. - Values files are merged in the order of this list with the last file overriding - the first. Ignored when omitted. - items: - type: string - type: array - verify: - description: |- - Verify contains the secret name containing the trusted public keys - used to verify the signature and specifies which provider to use to check - whether OCI image is authentic. - This field is only supported for OCI sources. - Chart dependencies, which are not bundled in the umbrella chart artifact, - are not verified. - properties: - provider: - default: cosign - description: Provider specifies the technology used to - sign the OCI Helm chart. - enum: - - cosign - - notation - type: string - secretRef: - description: |- - SecretRef specifies the Kubernetes Secret containing the - trusted public keys. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - required: - - provider - type: object - version: - default: '*' - description: |- - Version semver expression, ignored for charts from v1.GitRepository and - v1beta2.Bucket sources. Defaults to latest when omitted. - type: string - required: - - chart - - sourceRef - type: object - required: - - spec - type: object - chartRef: - description: |- - ChartRef holds a reference to a source controller resource containing the - Helm chart artifact. - properties: - apiVersion: - description: APIVersion of the referent. - type: string - kind: - description: Kind of the referent. - enum: - - OCIRepository - - HelmChart - type: string - name: - description: Name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: |- - Namespace of the referent, defaults to the namespace of the Kubernetes - resource object that contains the reference. - maxLength: 63 - minLength: 1 - type: string - required: - - kind - - name - type: object - dependsOn: - description: |- - DependsOn may contain a meta.NamespacedObjectReference slice with - references to HelmRelease resources that must be ready before this HelmRelease - can be reconciled. - items: - description: |- - NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource object in any - namespace. - properties: - name: - description: Name of the referent. - type: string - namespace: - description: Namespace of the referent, when not specified it - acts as LocalObjectReference. - type: string - required: - - name - type: object - type: array - driftDetection: - description: |- - DriftDetection holds the configuration for detecting and handling - differences between the manifest in the Helm storage and the resources - currently existing in the cluster. - properties: - ignore: - description: |- - Ignore contains a list of rules for specifying which changes to ignore - during diffing. - items: - description: |- - IgnoreRule defines a rule to selectively disregard specific changes during - the drift detection process. - properties: - paths: - description: |- - Paths is a list of JSON Pointer (RFC 6901) paths to be excluded from - consideration in a Kubernetes object. - items: - type: string - type: array - target: - description: |- - Target is a selector for specifying Kubernetes objects to which this - rule applies. - If Target is not set, the Paths will be ignored for all Kubernetes - objects within the manifest of the Helm release. - properties: - annotationSelector: - description: |- - AnnotationSelector is a string that follows the label selection expression - https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource annotations. - type: string - group: - description: |- - Group is the API group to select resources from. - Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - kind: - description: |- - Kind of the API Group to select resources from. - Together with Group and Version it is capable of unambiguously - identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - labelSelector: - description: |- - LabelSelector is a string that follows the label selection expression - https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource labels. - type: string - name: - description: Name to match resources with. - type: string - namespace: - description: Namespace to select resources from. - type: string - version: - description: |- - Version of the API Group to select resources from. - Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - type: object - required: - - paths - type: object - type: array - mode: - description: |- - Mode defines how differences should be handled between the Helm manifest - and the manifest currently applied to the cluster. - If not explicitly set, it defaults to DiffModeDisabled. - enum: - - enabled - - warn - - disabled - type: string - type: object - install: - description: Install holds the configuration for Helm install actions - for this HelmRelease. - properties: - crds: - description: |- - CRDs upgrade CRDs from the Helm Chart's crds directory according - to the CRD upgrade policy provided here. Valid values are `Skip`, - `Create` or `CreateReplace`. Default is `Create` and if omitted - CRDs are installed but not updated. - - - Skip: do neither install nor replace (update) any CRDs. - - - Create: new CRDs are created, existing CRDs are neither updated nor deleted. - - - CreateReplace: new CRDs are created, existing CRDs are updated (replaced) - but not deleted. - - - By default, CRDs are applied (installed) during Helm install action. - With this option users can opt in to CRD replace existing CRDs on Helm - install actions, which is not (yet) natively supported by Helm. - https://helm.sh/docs/chart_best_practices/custom_resource_definitions. - enum: - - Skip - - Create - - CreateReplace - type: string - createNamespace: - description: |- - CreateNamespace tells the Helm install action to create the - HelmReleaseSpec.TargetNamespace if it does not exist yet. - On uninstall, the namespace will not be garbage collected. - type: boolean - disableHooks: - description: DisableHooks prevents hooks from running during the - Helm install action. - type: boolean - disableOpenAPIValidation: - description: |- - DisableOpenAPIValidation prevents the Helm install action from validating - rendered templates against the Kubernetes OpenAPI Schema. - type: boolean - disableWait: - description: |- - DisableWait disables the waiting for resources to be ready after a Helm - install has been performed. - type: boolean - disableWaitForJobs: - description: |- - DisableWaitForJobs disables waiting for jobs to complete after a Helm - install has been performed. - type: boolean - remediation: - description: |- - Remediation holds the remediation configuration for when the Helm install - action for the HelmRelease fails. The default is to not perform any action. - properties: - ignoreTestFailures: - description: |- - IgnoreTestFailures tells the controller to skip remediation when the Helm - tests are run after an install action but fail. Defaults to - 'Test.IgnoreFailures'. - type: boolean - remediateLastFailure: - description: |- - RemediateLastFailure tells the controller to remediate the last failure, when - no retries remain. Defaults to 'false'. - type: boolean - retries: - description: |- - Retries is the number of retries that should be attempted on failures before - bailing. Remediation, using an uninstall, is performed between each attempt. - Defaults to '0', a negative integer equals to unlimited retries. - type: integer - type: object - replace: - description: |- - Replace tells the Helm install action to re-use the 'ReleaseName', but only - if that name is a deleted release which remains in the history. - type: boolean - skipCRDs: - description: |- - SkipCRDs tells the Helm install action to not install any CRDs. By default, - CRDs are installed if not already present. - - - Deprecated use CRD policy (`crds`) attribute with value `Skip` instead. - type: boolean - timeout: - description: |- - Timeout is the time to wait for any individual Kubernetes operation (like - Jobs for hooks) during the performance of a Helm install action. Defaults to - 'HelmReleaseSpec.Timeout'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - type: object - interval: - description: Interval at which to reconcile the Helm release. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - kubeConfig: - description: |- - KubeConfig for reconciling the HelmRelease on a remote cluster. - When used in combination with HelmReleaseSpec.ServiceAccountName, - forces the controller to act on behalf of that Service Account at the - target cluster. - If the --default-service-account flag is set, its value will be used as - a controller level fallback for when HelmReleaseSpec.ServiceAccountName - is empty. - properties: - secretRef: - description: |- - SecretRef holds the name of a secret that contains a key with - the kubeconfig file as the value. If no key is set, the key will default - to 'value'. - It is recommended that the kubeconfig is self-contained, and the secret - is regularly updated if credentials such as a cloud-access-token expire. - Cloud specific `cmd-path` auth helpers will not function without adding - binaries and credentials to the Pod that is responsible for reconciling - Kubernetes resources. - properties: - key: - description: Key in the Secret, when not specified an implementation-specific - default key is used. - type: string - name: - description: Name of the Secret. - type: string - required: - - name - type: object - required: - - secretRef - type: object - maxHistory: - description: |- - MaxHistory is the number of revisions saved by Helm for this HelmRelease. - Use '0' for an unlimited number of revisions; defaults to '5'. - type: integer - persistentClient: - description: |- - PersistentClient tells the controller to use a persistent Kubernetes - client for this release. When enabled, the client will be reused for the - duration of the reconciliation, instead of being created and destroyed - for each (step of a) Helm action. - - - This can improve performance, but may cause issues with some Helm charts - that for example do create Custom Resource Definitions during installation - outside Helm's CRD lifecycle hooks, which are then not observed to be - available by e.g. post-install hooks. - - - If not set, it defaults to true. - type: boolean - postRenderers: - description: |- - PostRenderers holds an array of Helm PostRenderers, which will be applied in order - of their definition. - items: - description: PostRenderer contains a Helm PostRenderer specification. - properties: - kustomize: - description: Kustomization to apply as PostRenderer. - properties: - images: - description: |- - Images is a list of (image name, new name, new tag or digest) - for changing image names, tags or digests. This can also be achieved with a - patch, but this operator is simpler to specify. - items: - description: Image contains an image name, a new name, - a new tag or digest, which will replace the original - name and tag. - properties: - digest: - description: |- - Digest is the value used to replace the original image tag. - If digest is present NewTag value is ignored. - type: string - name: - description: Name is a tag-less image name. - type: string - newName: - description: NewName is the value used to replace - the original name. - type: string - newTag: - description: NewTag is the value used to replace the - original tag. - type: string - required: - - name - type: object - type: array - patches: - description: |- - Strategic merge and JSON patches, defined as inline YAML objects, - capable of targeting objects based on kind, label and annotation selectors. - items: - description: |- - Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should - be applied to. - properties: - patch: - description: |- - Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with - an array of operation objects. - type: string - target: - description: Target points to the resources that the - patch document should be applied to. - properties: - annotationSelector: - description: |- - AnnotationSelector is a string that follows the label selection expression - https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource annotations. - type: string - group: - description: |- - Group is the API group to select resources from. - Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - kind: - description: |- - Kind of the API Group to select resources from. - Together with Group and Version it is capable of unambiguously - identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - labelSelector: - description: |- - LabelSelector is a string that follows the label selection expression - https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource labels. - type: string - name: - description: Name to match resources with. - type: string - namespace: - description: Namespace to select resources from. - type: string - version: - description: |- - Version of the API Group to select resources from. - Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - type: object - required: - - patch - type: object - type: array - type: object - type: object - type: array - releaseName: - description: |- - ReleaseName used for the Helm release. Defaults to a composition of - '[TargetNamespace-]Name'. - maxLength: 53 - minLength: 1 - type: string - rollback: - description: Rollback holds the configuration for Helm rollback actions - for this HelmRelease. - properties: - cleanupOnFail: - description: |- - CleanupOnFail allows deletion of new resources created during the Helm - rollback action when it fails. - type: boolean - disableHooks: - description: DisableHooks prevents hooks from running during the - Helm rollback action. - type: boolean - disableWait: - description: |- - DisableWait disables the waiting for resources to be ready after a Helm - rollback has been performed. - type: boolean - disableWaitForJobs: - description: |- - DisableWaitForJobs disables waiting for jobs to complete after a Helm - rollback has been performed. - type: boolean - force: - description: Force forces resource updates through a replacement - strategy. - type: boolean - recreate: - description: Recreate performs pod restarts for the resource if - applicable. - type: boolean - timeout: - description: |- - Timeout is the time to wait for any individual Kubernetes operation (like - Jobs for hooks) during the performance of a Helm rollback action. Defaults to - 'HelmReleaseSpec.Timeout'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - type: object - serviceAccountName: - description: |- - The name of the Kubernetes service account to impersonate - when reconciling this HelmRelease. - maxLength: 253 - minLength: 1 - type: string - storageNamespace: - description: |- - StorageNamespace used for the Helm storage. - Defaults to the namespace of the HelmRelease. - maxLength: 63 - minLength: 1 - type: string - suspend: - description: |- - Suspend tells the controller to suspend reconciliation for this HelmRelease, - it does not apply to already started reconciliations. Defaults to false. - type: boolean - targetNamespace: - description: |- - TargetNamespace to target when performing operations for the HelmRelease. - Defaults to the namespace of the HelmRelease. - maxLength: 63 - minLength: 1 - type: string - test: - description: Test holds the configuration for Helm test actions for - this HelmRelease. - properties: - enable: - description: |- - Enable enables Helm test actions for this HelmRelease after an Helm install - or upgrade action has been performed. - type: boolean - filters: - description: Filters is a list of tests to run or exclude from - running. - items: - description: Filter holds the configuration for individual Helm - test filters. - properties: - exclude: - description: Exclude specifies whether the named test should - be excluded. - type: boolean - name: - description: Name is the name of the test. - maxLength: 253 - minLength: 1 - type: string - required: - - name - type: object - type: array - ignoreFailures: - description: |- - IgnoreFailures tells the controller to skip remediation when the Helm tests - are run but fail. Can be overwritten for tests run after install or upgrade - actions in 'Install.IgnoreTestFailures' and 'Upgrade.IgnoreTestFailures'. - type: boolean - timeout: - description: |- - Timeout is the time to wait for any individual Kubernetes operation during - the performance of a Helm test action. Defaults to 'HelmReleaseSpec.Timeout'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - type: object - timeout: - description: |- - Timeout is the time to wait for any individual Kubernetes operation (like Jobs - for hooks) during the performance of a Helm action. Defaults to '5m0s'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - uninstall: - description: Uninstall holds the configuration for Helm uninstall - actions for this HelmRelease. - properties: - deletionPropagation: - default: background - description: |- - DeletionPropagation specifies the deletion propagation policy when - a Helm uninstall is performed. - enum: - - background - - foreground - - orphan - type: string - disableHooks: - description: DisableHooks prevents hooks from running during the - Helm rollback action. - type: boolean - disableWait: - description: |- - DisableWait disables waiting for all the resources to be deleted after - a Helm uninstall is performed. - type: boolean - keepHistory: - description: |- - KeepHistory tells Helm to remove all associated resources and mark the - release as deleted, but retain the release history. - type: boolean - timeout: - description: |- - Timeout is the time to wait for any individual Kubernetes operation (like - Jobs for hooks) during the performance of a Helm uninstall action. Defaults - to 'HelmReleaseSpec.Timeout'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - type: object - upgrade: - description: Upgrade holds the configuration for Helm upgrade actions - for this HelmRelease. - properties: - cleanupOnFail: - description: |- - CleanupOnFail allows deletion of new resources created during the Helm - upgrade action when it fails. - type: boolean - crds: - description: |- - CRDs upgrade CRDs from the Helm Chart's crds directory according - to the CRD upgrade policy provided here. Valid values are `Skip`, - `Create` or `CreateReplace`. Default is `Skip` and if omitted - CRDs are neither installed nor upgraded. - - - Skip: do neither install nor replace (update) any CRDs. - - - Create: new CRDs are created, existing CRDs are neither updated nor deleted. - - - CreateReplace: new CRDs are created, existing CRDs are updated (replaced) - but not deleted. - - - By default, CRDs are not applied during Helm upgrade action. With this - option users can opt-in to CRD upgrade, which is not (yet) natively supported by Helm. - https://helm.sh/docs/chart_best_practices/custom_resource_definitions. - enum: - - Skip - - Create - - CreateReplace - type: string - disableHooks: - description: DisableHooks prevents hooks from running during the - Helm upgrade action. - type: boolean - disableOpenAPIValidation: - description: |- - DisableOpenAPIValidation prevents the Helm upgrade action from validating - rendered templates against the Kubernetes OpenAPI Schema. - type: boolean - disableWait: - description: |- - DisableWait disables the waiting for resources to be ready after a Helm - upgrade has been performed. - type: boolean - disableWaitForJobs: - description: |- - DisableWaitForJobs disables waiting for jobs to complete after a Helm - upgrade has been performed. - type: boolean - force: - description: Force forces resource updates through a replacement - strategy. - type: boolean - preserveValues: - description: |- - PreserveValues will make Helm reuse the last release's values and merge in - overrides from 'Values'. Setting this flag makes the HelmRelease - non-declarative. - type: boolean - remediation: - description: |- - Remediation holds the remediation configuration for when the Helm upgrade - action for the HelmRelease fails. The default is to not perform any action. - properties: - ignoreTestFailures: - description: |- - IgnoreTestFailures tells the controller to skip remediation when the Helm - tests are run after an upgrade action but fail. - Defaults to 'Test.IgnoreFailures'. - type: boolean - remediateLastFailure: - description: |- - RemediateLastFailure tells the controller to remediate the last failure, when - no retries remain. Defaults to 'false' unless 'Retries' is greater than 0. - type: boolean - retries: - description: |- - Retries is the number of retries that should be attempted on failures before - bailing. Remediation, using 'Strategy', is performed between each attempt. - Defaults to '0', a negative integer equals to unlimited retries. - type: integer - strategy: - description: Strategy to use for failure remediation. Defaults - to 'rollback'. - enum: - - rollback - - uninstall - type: string - type: object - timeout: - description: |- - Timeout is the time to wait for any individual Kubernetes operation (like - Jobs for hooks) during the performance of a Helm upgrade action. Defaults to - 'HelmReleaseSpec.Timeout'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - type: object - values: - description: Values holds the values for this Helm release. - x-kubernetes-preserve-unknown-fields: true - valuesFrom: - description: |- - ValuesFrom holds references to resources containing Helm values for this HelmRelease, - and information about how they should be merged. - items: - description: |- - ValuesReference contains a reference to a resource containing Helm values, - and optionally the key they can be found at. - properties: - kind: - description: Kind of the values referent, valid values are ('Secret', - 'ConfigMap'). - enum: - - Secret - - ConfigMap - type: string - name: - description: |- - Name of the values referent. Should reside in the same namespace as the - referring resource. - maxLength: 253 - minLength: 1 - type: string - optional: - description: |- - Optional marks this ValuesReference as optional. When set, a not found error - for the values reference is ignored, but any ValuesKey, TargetPath or - transient error will still result in a reconciliation failure. - type: boolean - targetPath: - description: |- - TargetPath is the YAML dot notation path the value should be merged at. When - set, the ValuesKey is expected to be a single flat value. Defaults to 'None', - which results in the values getting merged at the root. - maxLength: 250 - pattern: ^([a-zA-Z0-9_\-.\\\/]|\[[0-9]{1,5}\])+$ - type: string - valuesKey: - description: |- - ValuesKey is the data key where the values.yaml or a specific value can be - found at. Defaults to 'values.yaml'. - maxLength: 253 - pattern: ^[\-._a-zA-Z0-9]+$ - type: string - required: - - kind - - name - type: object - type: array - required: - - interval - type: object - x-kubernetes-validations: - - message: either chart or chartRef must be set - rule: (has(self.chart) && !has(self.chartRef)) || (!has(self.chart) - && has(self.chartRef)) - status: - default: - observedGeneration: -1 - description: HelmReleaseStatus defines the observed state of a HelmRelease. - properties: - conditions: - description: Conditions holds the conditions for the HelmRelease. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - failures: - description: |- - Failures is the reconciliation failure count against the latest desired - state. It is reset after a successful reconciliation. - format: int64 - type: integer - helmChart: - description: |- - HelmChart is the namespaced name of the HelmChart resource created by - the controller for the HelmRelease. - type: string - history: - description: |- - History holds the history of Helm releases performed for this HelmRelease - up to the last successfully completed release. - items: - description: |- - Snapshot captures a point-in-time copy of the status information for a Helm release, - as managed by the controller. - properties: - apiVersion: - description: |- - APIVersion is the API version of the Snapshot. - Provisional: when the calculation method of the Digest field is changed, - this field will be used to distinguish between the old and new methods. - type: string - appVersion: - description: AppVersion is the chart app version of the release - object in storage. - type: string - chartName: - description: ChartName is the chart name of the release object - in storage. - type: string - chartVersion: - description: |- - ChartVersion is the chart version of the release object in - storage. - type: string - configDigest: - description: |- - ConfigDigest is the checksum of the config (better known as - "values") of the release object in storage. - It has the format of `:`. - type: string - deleted: - description: Deleted is when the release was deleted. - format: date-time - type: string - digest: - description: |- - Digest is the checksum of the release object in storage. - It has the format of `:`. - type: string - firstDeployed: - description: FirstDeployed is when the release was first deployed. - format: date-time - type: string - lastDeployed: - description: LastDeployed is when the release was last deployed. - format: date-time - type: string - name: - description: Name is the name of the release. - type: string - namespace: - description: Namespace is the namespace the release is deployed - to. - type: string - ociDigest: - description: OCIDigest is the digest of the OCI artifact associated - with the release. - type: string - status: - description: Status is the current state of the release. - type: string - testHooks: - additionalProperties: - description: |- - TestHookStatus holds the status information for a test hook as observed - to be run by the controller. - properties: - lastCompleted: - description: LastCompleted is the time the test hook last - completed. - format: date-time - type: string - lastStarted: - description: LastStarted is the time the test hook was - last started. - format: date-time - type: string - phase: - description: Phase the test hook was observed to be in. - type: string - type: object - description: |- - TestHooks is the list of test hooks for the release as observed to be - run by the controller. - type: object - version: - description: Version is the version of the release object in - storage. - type: integer - required: - - chartName - - chartVersion - - configDigest - - digest - - firstDeployed - - lastDeployed - - name - - namespace - - status - - version - type: object - type: array - installFailures: - description: |- - InstallFailures is the install failure count against the latest desired - state. It is reset after a successful reconciliation. - format: int64 - type: integer - lastAttemptedConfigDigest: - description: |- - LastAttemptedConfigDigest is the digest for the config (better known as - "values") of the last reconciliation attempt. - type: string - lastAttemptedGeneration: - description: |- - LastAttemptedGeneration is the last generation the controller attempted - to reconcile. - format: int64 - type: integer - lastAttemptedReleaseAction: - description: |- - LastAttemptedReleaseAction is the last release action performed for this - HelmRelease. It is used to determine the active remediation strategy. - enum: - - install - - upgrade - type: string - lastAttemptedRevision: - description: |- - LastAttemptedRevision is the Source revision of the last reconciliation - attempt. For OCIRepository sources, the 12 first characters of the digest are - appended to the chart version e.g. "1.2.3+1234567890ab". - type: string - lastAttemptedRevisionDigest: - description: |- - LastAttemptedRevisionDigest is the digest of the last reconciliation attempt. - This is only set for OCIRepository sources. - type: string - lastAttemptedValuesChecksum: - description: |- - LastAttemptedValuesChecksum is the SHA1 checksum for the values of the last - reconciliation attempt. - Deprecated: Use LastAttemptedConfigDigest instead. - type: string - lastHandledForceAt: - description: |- - LastHandledForceAt holds the value of the most recent force request - value, so a change of the annotation value can be detected. - type: string - lastHandledReconcileAt: - description: |- - LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value - can be detected. - type: string - lastHandledResetAt: - description: |- - LastHandledResetAt holds the value of the most recent reset request - value, so a change of the annotation value can be detected. - type: string - lastReleaseRevision: - description: |- - LastReleaseRevision is the revision of the last successful Helm release. - Deprecated: Use History instead. - type: integer - observedGeneration: - description: ObservedGeneration is the last observed generation. - format: int64 - type: integer - observedPostRenderersDigest: - description: |- - ObservedPostRenderersDigest is the digest for the post-renderers of - the last successful reconciliation attempt. - type: string - storageNamespace: - description: |- - StorageNamespace is the namespace of the Helm release storage for the - current release. - maxLength: 63 - minLength: 1 - type: string - upgradeFailures: - description: |- - UpgradeFailures is the upgrade failure count against the latest desired - state. It is reset after a successful reconciliation. - format: int64 - type: integer - type: object - type: object - served: true - storage: true - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - deprecated: true - deprecationWarning: v2beta1 HelmRelease is deprecated, upgrade to v2 - name: v2beta1 - schema: - openAPIV3Schema: - description: HelmRelease is the Schema for the helmreleases API - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: HelmReleaseSpec defines the desired state of a Helm release. - properties: - chart: - description: |- - Chart defines the template of the v1beta2.HelmChart that should be created - for this HelmRelease. - properties: - metadata: - description: ObjectMeta holds the template for metadata like labels - and annotations. - properties: - annotations: - additionalProperties: - type: string - description: |- - Annotations is an unstructured key value map stored with a resource that may be - set by external tools to store and retrieve arbitrary metadata. They are not - queryable and should be preserved when modifying objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ - type: object - labels: - additionalProperties: - type: string - description: |- - Map of string keys and values that can be used to organize and categorize - (scope and select) objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ - type: object - type: object - spec: - description: Spec holds the template for the v1beta2.HelmChartSpec - for this HelmRelease. - properties: - chart: - description: The name or path the Helm chart is available - at in the SourceRef. - type: string - interval: - description: |- - Interval at which to check the v1beta2.Source for updates. Defaults to - 'HelmReleaseSpec.Interval'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - reconcileStrategy: - default: ChartVersion - description: |- - Determines what enables the creation of a new artifact. Valid values are - ('ChartVersion', 'Revision'). - See the documentation of the values for an explanation on their behavior. - Defaults to ChartVersion when omitted. - enum: - - ChartVersion - - Revision - type: string - sourceRef: - description: The name and namespace of the v1beta2.Source - the chart is available at. - properties: - apiVersion: - description: APIVersion of the referent. - type: string - kind: - description: Kind of the referent. - enum: - - HelmRepository - - GitRepository - - Bucket - type: string - name: - description: Name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: Namespace of the referent. - maxLength: 63 - minLength: 1 - type: string - required: - - name - type: object - valuesFile: - description: |- - Alternative values file to use as the default chart values, expected to - be a relative path in the SourceRef. Deprecated in favor of ValuesFiles, - for backwards compatibility the file defined here is merged before the - ValuesFiles items. Ignored when omitted. - type: string - valuesFiles: - description: |- - Alternative list of values files to use as the chart values (values.yaml - is not included by default), expected to be a relative path in the SourceRef. - Values files are merged in the order of this list with the last file overriding - the first. Ignored when omitted. - items: - type: string - type: array - verify: - description: |- - Verify contains the secret name containing the trusted public keys - used to verify the signature and specifies which provider to use to check - whether OCI image is authentic. - This field is only supported for OCI sources. - Chart dependencies, which are not bundled in the umbrella chart artifact, are not verified. - properties: - provider: - default: cosign - description: Provider specifies the technology used to - sign the OCI Helm chart. - enum: - - cosign - type: string - secretRef: - description: |- - SecretRef specifies the Kubernetes Secret containing the - trusted public keys. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - required: - - provider - type: object - version: - default: '*' - description: |- - Version semver expression, ignored for charts from v1beta2.GitRepository and - v1beta2.Bucket sources. Defaults to latest when omitted. - type: string - required: - - chart - - sourceRef - type: object - required: - - spec - type: object - chartRef: - description: |- - ChartRef holds a reference to a source controller resource containing the - Helm chart artifact. - - - Note: this field is provisional to the v2 API, and not actively used - by v2beta1 HelmReleases. - properties: - apiVersion: - description: APIVersion of the referent. - type: string - kind: - description: Kind of the referent. - enum: - - OCIRepository - - HelmChart - type: string - name: - description: Name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: |- - Namespace of the referent, defaults to the namespace of the Kubernetes - resource object that contains the reference. - maxLength: 63 - minLength: 1 - type: string - required: - - kind - - name - type: object - dependsOn: - description: |- - DependsOn may contain a meta.NamespacedObjectReference slice with - references to HelmRelease resources that must be ready before this HelmRelease - can be reconciled. - items: - description: |- - NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource object in any - namespace. - properties: - name: - description: Name of the referent. - type: string - namespace: - description: Namespace of the referent, when not specified it - acts as LocalObjectReference. - type: string - required: - - name - type: object - type: array - driftDetection: - description: |- - DriftDetection holds the configuration for detecting and handling - differences between the manifest in the Helm storage and the resources - currently existing in the cluster. - - - Note: this field is provisional to the v2beta2 API, and not actively used - by v2beta1 HelmReleases. - properties: - ignore: - description: |- - Ignore contains a list of rules for specifying which changes to ignore - during diffing. - items: - description: |- - IgnoreRule defines a rule to selectively disregard specific changes during - the drift detection process. - properties: - paths: - description: |- - Paths is a list of JSON Pointer (RFC 6901) paths to be excluded from - consideration in a Kubernetes object. - items: - type: string - type: array - target: - description: |- - Target is a selector for specifying Kubernetes objects to which this - rule applies. - If Target is not set, the Paths will be ignored for all Kubernetes - objects within the manifest of the Helm release. - properties: - annotationSelector: - description: |- - AnnotationSelector is a string that follows the label selection expression - https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource annotations. - type: string - group: - description: |- - Group is the API group to select resources from. - Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - kind: - description: |- - Kind of the API Group to select resources from. - Together with Group and Version it is capable of unambiguously - identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - labelSelector: - description: |- - LabelSelector is a string that follows the label selection expression - https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource labels. - type: string - name: - description: Name to match resources with. - type: string - namespace: - description: Namespace to select resources from. - type: string - version: - description: |- - Version of the API Group to select resources from. - Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - type: object - required: - - paths - type: object - type: array - mode: - description: |- - Mode defines how differences should be handled between the Helm manifest - and the manifest currently applied to the cluster. - If not explicitly set, it defaults to DiffModeDisabled. - enum: - - enabled - - warn - - disabled - type: string - type: object - install: - description: Install holds the configuration for Helm install actions - for this HelmRelease. - properties: - crds: - description: |- - CRDs upgrade CRDs from the Helm Chart's crds directory according - to the CRD upgrade policy provided here. Valid values are `Skip`, - `Create` or `CreateReplace`. Default is `Create` and if omitted - CRDs are installed but not updated. - - - Skip: do neither install nor replace (update) any CRDs. - - - Create: new CRDs are created, existing CRDs are neither updated nor deleted. - - - CreateReplace: new CRDs are created, existing CRDs are updated (replaced) - but not deleted. - - - By default, CRDs are applied (installed) during Helm install action. - With this option users can opt-in to CRD replace existing CRDs on Helm - install actions, which is not (yet) natively supported by Helm. - https://helm.sh/docs/chart_best_practices/custom_resource_definitions. - enum: - - Skip - - Create - - CreateReplace - type: string - createNamespace: - description: |- - CreateNamespace tells the Helm install action to create the - HelmReleaseSpec.TargetNamespace if it does not exist yet. - On uninstall, the namespace will not be garbage collected. - type: boolean - disableHooks: - description: DisableHooks prevents hooks from running during the - Helm install action. - type: boolean - disableOpenAPIValidation: - description: |- - DisableOpenAPIValidation prevents the Helm install action from validating - rendered templates against the Kubernetes OpenAPI Schema. - type: boolean - disableWait: - description: |- - DisableWait disables the waiting for resources to be ready after a Helm - install has been performed. - type: boolean - disableWaitForJobs: - description: |- - DisableWaitForJobs disables waiting for jobs to complete after a Helm - install has been performed. - type: boolean - remediation: - description: |- - Remediation holds the remediation configuration for when the Helm install - action for the HelmRelease fails. The default is to not perform any action. - properties: - ignoreTestFailures: - description: |- - IgnoreTestFailures tells the controller to skip remediation when the Helm - tests are run after an install action but fail. Defaults to - 'Test.IgnoreFailures'. - type: boolean - remediateLastFailure: - description: |- - RemediateLastFailure tells the controller to remediate the last failure, when - no retries remain. Defaults to 'false'. - type: boolean - retries: - description: |- - Retries is the number of retries that should be attempted on failures before - bailing. Remediation, using an uninstall, is performed between each attempt. - Defaults to '0', a negative integer equals to unlimited retries. - type: integer - type: object - replace: - description: |- - Replace tells the Helm install action to re-use the 'ReleaseName', but only - if that name is a deleted release which remains in the history. - type: boolean - skipCRDs: - description: |- - SkipCRDs tells the Helm install action to not install any CRDs. By default, - CRDs are installed if not already present. - - - Deprecated use CRD policy (`crds`) attribute with value `Skip` instead. - type: boolean - timeout: - description: |- - Timeout is the time to wait for any individual Kubernetes operation (like - Jobs for hooks) during the performance of a Helm install action. Defaults to - 'HelmReleaseSpec.Timeout'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - type: object - interval: - description: |- - Interval at which to reconcile the Helm release. - This interval is approximate and may be subject to jitter to ensure - efficient use of resources. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - kubeConfig: - description: |- - KubeConfig for reconciling the HelmRelease on a remote cluster. - When used in combination with HelmReleaseSpec.ServiceAccountName, - forces the controller to act on behalf of that Service Account at the - target cluster. - If the --default-service-account flag is set, its value will be used as - a controller level fallback for when HelmReleaseSpec.ServiceAccountName - is empty. - properties: - secretRef: - description: |- - SecretRef holds the name of a secret that contains a key with - the kubeconfig file as the value. If no key is set, the key will default - to 'value'. - It is recommended that the kubeconfig is self-contained, and the secret - is regularly updated if credentials such as a cloud-access-token expire. - Cloud specific `cmd-path` auth helpers will not function without adding - binaries and credentials to the Pod that is responsible for reconciling - Kubernetes resources. - properties: - key: - description: Key in the Secret, when not specified an implementation-specific - default key is used. - type: string - name: - description: Name of the Secret. - type: string - required: - - name - type: object - required: - - secretRef - type: object - maxHistory: - description: |- - MaxHistory is the number of revisions saved by Helm for this HelmRelease. - Use '0' for an unlimited number of revisions; defaults to '10'. - type: integer - persistentClient: - description: |- - PersistentClient tells the controller to use a persistent Kubernetes - client for this release. When enabled, the client will be reused for the - duration of the reconciliation, instead of being created and destroyed - for each (step of a) Helm action. - - - This can improve performance, but may cause issues with some Helm charts - that for example do create Custom Resource Definitions during installation - outside Helm's CRD lifecycle hooks, which are then not observed to be - available by e.g. post-install hooks. - - - If not set, it defaults to true. - type: boolean - postRenderers: - description: |- - PostRenderers holds an array of Helm PostRenderers, which will be applied in order - of their definition. - items: - description: PostRenderer contains a Helm PostRenderer specification. - properties: - kustomize: - description: Kustomization to apply as PostRenderer. - properties: - images: - description: |- - Images is a list of (image name, new name, new tag or digest) - for changing image names, tags or digests. This can also be achieved with a - patch, but this operator is simpler to specify. - items: - description: Image contains an image name, a new name, - a new tag or digest, which will replace the original - name and tag. - properties: - digest: - description: |- - Digest is the value used to replace the original image tag. - If digest is present NewTag value is ignored. - type: string - name: - description: Name is a tag-less image name. - type: string - newName: - description: NewName is the value used to replace - the original name. - type: string - newTag: - description: NewTag is the value used to replace the - original tag. - type: string - required: - - name - type: object - type: array - patches: - description: |- - Strategic merge and JSON patches, defined as inline YAML objects, - capable of targeting objects based on kind, label and annotation selectors. - items: - description: |- - Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should - be applied to. - properties: - patch: - description: |- - Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with - an array of operation objects. - type: string - target: - description: Target points to the resources that the - patch document should be applied to. - properties: - annotationSelector: - description: |- - AnnotationSelector is a string that follows the label selection expression - https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource annotations. - type: string - group: - description: |- - Group is the API group to select resources from. - Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - kind: - description: |- - Kind of the API Group to select resources from. - Together with Group and Version it is capable of unambiguously - identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - labelSelector: - description: |- - LabelSelector is a string that follows the label selection expression - https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource labels. - type: string - name: - description: Name to match resources with. - type: string - namespace: - description: Namespace to select resources from. - type: string - version: - description: |- - Version of the API Group to select resources from. - Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - type: object - required: - - patch - type: object - type: array - patchesJson6902: - description: JSON 6902 patches, defined as inline YAML objects. - items: - description: JSON6902Patch contains a JSON6902 patch and - the target the patch should be applied to. - properties: - patch: - description: Patch contains the JSON6902 patch document - with an array of operation objects. - items: - description: |- - JSON6902 is a JSON6902 operation object. - https://datatracker.ietf.org/doc/html/rfc6902#section-4 - properties: - from: - description: |- - From contains a JSON-pointer value that references a location within the target document where the operation is - performed. The meaning of the value depends on the value of Op, and is NOT taken into account by all operations. - type: string - op: - description: |- - Op indicates the operation to perform. Its value MUST be one of "add", "remove", "replace", "move", "copy", or - "test". - https://datatracker.ietf.org/doc/html/rfc6902#section-4 - enum: - - test - - remove - - add - - replace - - move - - copy - type: string - path: - description: |- - Path contains the JSON-pointer value that references a location within the target document where the operation - is performed. The meaning of the value depends on the value of Op. - type: string - value: - description: |- - Value contains a valid JSON structure. The meaning of the value depends on the value of Op, and is NOT taken into - account by all operations. - x-kubernetes-preserve-unknown-fields: true - required: - - op - - path - type: object - type: array - target: - description: Target points to the resources that the - patch document should be applied to. - properties: - annotationSelector: - description: |- - AnnotationSelector is a string that follows the label selection expression - https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource annotations. - type: string - group: - description: |- - Group is the API group to select resources from. - Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - kind: - description: |- - Kind of the API Group to select resources from. - Together with Group and Version it is capable of unambiguously - identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - labelSelector: - description: |- - LabelSelector is a string that follows the label selection expression - https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource labels. - type: string - name: - description: Name to match resources with. - type: string - namespace: - description: Namespace to select resources from. - type: string - version: - description: |- - Version of the API Group to select resources from. - Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - type: object - required: - - patch - - target - type: object - type: array - patchesStrategicMerge: - description: Strategic merge patches, defined as inline - YAML objects. - items: - x-kubernetes-preserve-unknown-fields: true - type: array - type: object - type: object - type: array - releaseName: - description: |- - ReleaseName used for the Helm release. Defaults to a composition of - '[TargetNamespace-]Name'. - maxLength: 53 - minLength: 1 - type: string - rollback: - description: Rollback holds the configuration for Helm rollback actions - for this HelmRelease. - properties: - cleanupOnFail: - description: |- - CleanupOnFail allows deletion of new resources created during the Helm - rollback action when it fails. - type: boolean - disableHooks: - description: DisableHooks prevents hooks from running during the - Helm rollback action. - type: boolean - disableWait: - description: |- - DisableWait disables the waiting for resources to be ready after a Helm - rollback has been performed. - type: boolean - disableWaitForJobs: - description: |- - DisableWaitForJobs disables waiting for jobs to complete after a Helm - rollback has been performed. - type: boolean - force: - description: Force forces resource updates through a replacement - strategy. - type: boolean - recreate: - description: Recreate performs pod restarts for the resource if - applicable. - type: boolean - timeout: - description: |- - Timeout is the time to wait for any individual Kubernetes operation (like - Jobs for hooks) during the performance of a Helm rollback action. Defaults to - 'HelmReleaseSpec.Timeout'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - type: object - serviceAccountName: - description: |- - The name of the Kubernetes service account to impersonate - when reconciling this HelmRelease. - type: string - storageNamespace: - description: |- - StorageNamespace used for the Helm storage. - Defaults to the namespace of the HelmRelease. - maxLength: 63 - minLength: 1 - type: string - suspend: - description: |- - Suspend tells the controller to suspend reconciliation for this HelmRelease, - it does not apply to already started reconciliations. Defaults to false. - type: boolean - targetNamespace: - description: |- - TargetNamespace to target when performing operations for the HelmRelease. - Defaults to the namespace of the HelmRelease. - maxLength: 63 - minLength: 1 - type: string - test: - description: Test holds the configuration for Helm test actions for - this HelmRelease. - properties: - enable: - description: |- - Enable enables Helm test actions for this HelmRelease after an Helm install - or upgrade action has been performed. - type: boolean - ignoreFailures: - description: |- - IgnoreFailures tells the controller to skip remediation when the Helm tests - are run but fail. Can be overwritten for tests run after install or upgrade - actions in 'Install.IgnoreTestFailures' and 'Upgrade.IgnoreTestFailures'. - type: boolean - timeout: - description: |- - Timeout is the time to wait for any individual Kubernetes operation during - the performance of a Helm test action. Defaults to 'HelmReleaseSpec.Timeout'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - type: object - timeout: - description: |- - Timeout is the time to wait for any individual Kubernetes operation (like Jobs - for hooks) during the performance of a Helm action. Defaults to '5m0s'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - uninstall: - description: Uninstall holds the configuration for Helm uninstall - actions for this HelmRelease. - properties: - deletionPropagation: - default: background - description: |- - DeletionPropagation specifies the deletion propagation policy when - a Helm uninstall is performed. - enum: - - background - - foreground - - orphan - type: string - disableHooks: - description: DisableHooks prevents hooks from running during the - Helm rollback action. - type: boolean - disableWait: - description: |- - DisableWait disables waiting for all the resources to be deleted after - a Helm uninstall is performed. - type: boolean - keepHistory: - description: |- - KeepHistory tells Helm to remove all associated resources and mark the - release as deleted, but retain the release history. - type: boolean - timeout: - description: |- - Timeout is the time to wait for any individual Kubernetes operation (like - Jobs for hooks) during the performance of a Helm uninstall action. Defaults - to 'HelmReleaseSpec.Timeout'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - type: object - upgrade: - description: Upgrade holds the configuration for Helm upgrade actions - for this HelmRelease. - properties: - cleanupOnFail: - description: |- - CleanupOnFail allows deletion of new resources created during the Helm - upgrade action when it fails. - type: boolean - crds: - description: |- - CRDs upgrade CRDs from the Helm Chart's crds directory according - to the CRD upgrade policy provided here. Valid values are `Skip`, - `Create` or `CreateReplace`. Default is `Skip` and if omitted - CRDs are neither installed nor upgraded. - - - Skip: do neither install nor replace (update) any CRDs. - - - Create: new CRDs are created, existing CRDs are neither updated nor deleted. - - - CreateReplace: new CRDs are created, existing CRDs are updated (replaced) - but not deleted. - - - By default, CRDs are not applied during Helm upgrade action. With this - option users can opt-in to CRD upgrade, which is not (yet) natively supported by Helm. - https://helm.sh/docs/chart_best_practices/custom_resource_definitions. - enum: - - Skip - - Create - - CreateReplace - type: string - disableHooks: - description: DisableHooks prevents hooks from running during the - Helm upgrade action. - type: boolean - disableOpenAPIValidation: - description: |- - DisableOpenAPIValidation prevents the Helm upgrade action from validating - rendered templates against the Kubernetes OpenAPI Schema. - type: boolean - disableWait: - description: |- - DisableWait disables the waiting for resources to be ready after a Helm - upgrade has been performed. - type: boolean - disableWaitForJobs: - description: |- - DisableWaitForJobs disables waiting for jobs to complete after a Helm - upgrade has been performed. - type: boolean - force: - description: Force forces resource updates through a replacement - strategy. - type: boolean - preserveValues: - description: |- - PreserveValues will make Helm reuse the last release's values and merge in - overrides from 'Values'. Setting this flag makes the HelmRelease - non-declarative. - type: boolean - remediation: - description: |- - Remediation holds the remediation configuration for when the Helm upgrade - action for the HelmRelease fails. The default is to not perform any action. - properties: - ignoreTestFailures: - description: |- - IgnoreTestFailures tells the controller to skip remediation when the Helm - tests are run after an upgrade action but fail. - Defaults to 'Test.IgnoreFailures'. - type: boolean - remediateLastFailure: - description: |- - RemediateLastFailure tells the controller to remediate the last failure, when - no retries remain. Defaults to 'false' unless 'Retries' is greater than 0. - type: boolean - retries: - description: |- - Retries is the number of retries that should be attempted on failures before - bailing. Remediation, using 'Strategy', is performed between each attempt. - Defaults to '0', a negative integer equals to unlimited retries. - type: integer - strategy: - description: Strategy to use for failure remediation. Defaults - to 'rollback'. - enum: - - rollback - - uninstall - type: string - type: object - timeout: - description: |- - Timeout is the time to wait for any individual Kubernetes operation (like - Jobs for hooks) during the performance of a Helm upgrade action. Defaults to - 'HelmReleaseSpec.Timeout'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - type: object - values: - description: Values holds the values for this Helm release. - x-kubernetes-preserve-unknown-fields: true - valuesFrom: - description: |- - ValuesFrom holds references to resources containing Helm values for this HelmRelease, - and information about how they should be merged. - items: - description: |- - ValuesReference contains a reference to a resource containing Helm values, - and optionally the key they can be found at. - properties: - kind: - description: Kind of the values referent, valid values are ('Secret', - 'ConfigMap'). - enum: - - Secret - - ConfigMap - type: string - name: - description: |- - Name of the values referent. Should reside in the same namespace as the - referring resource. - maxLength: 253 - minLength: 1 - type: string - optional: - description: |- - Optional marks this ValuesReference as optional. When set, a not found error - for the values reference is ignored, but any ValuesKey, TargetPath or - transient error will still result in a reconciliation failure. - type: boolean - targetPath: - description: |- - TargetPath is the YAML dot notation path the value should be merged at. When - set, the ValuesKey is expected to be a single flat value. Defaults to 'None', - which results in the values getting merged at the root. - maxLength: 250 - pattern: ^([a-zA-Z0-9_\-.\\\/]|\[[0-9]{1,5}\])+$ - type: string - valuesKey: - description: |- - ValuesKey is the data key where the values.yaml or a specific value can be - found at. Defaults to 'values.yaml'. - When set, must be a valid Data Key, consisting of alphanumeric characters, - '-', '_' or '.'. - maxLength: 253 - pattern: ^[\-._a-zA-Z0-9]+$ - type: string - required: - - kind - - name - type: object - type: array - required: - - interval - type: object - status: - default: - observedGeneration: -1 - description: HelmReleaseStatus defines the observed state of a HelmRelease. - properties: - conditions: - description: Conditions holds the conditions for the HelmRelease. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - failures: - description: |- - Failures is the reconciliation failure count against the latest desired - state. It is reset after a successful reconciliation. - format: int64 - type: integer - helmChart: - description: |- - HelmChart is the namespaced name of the HelmChart resource created by - the controller for the HelmRelease. - type: string - history: - description: |- - History holds the history of Helm releases performed for this HelmRelease - up to the last successfully completed release. - - - Note: this field is provisional to the v2beta2 API, and not actively used - by v2beta1 HelmReleases. - items: - description: |- - Snapshot captures a point-in-time copy of the status information for a Helm release, - as managed by the controller. - properties: - apiVersion: - description: |- - APIVersion is the API version of the Snapshot. - Provisional: when the calculation method of the Digest field is changed, - this field will be used to distinguish between the old and new methods. - type: string - appVersion: - description: AppVersion is the chart app version of the release - object in storage. - type: string - chartName: - description: ChartName is the chart name of the release object - in storage. - type: string - chartVersion: - description: |- - ChartVersion is the chart version of the release object in - storage. - type: string - configDigest: - description: |- - ConfigDigest is the checksum of the config (better known as - "values") of the release object in storage. - It has the format of `:`. - type: string - deleted: - description: Deleted is when the release was deleted. - format: date-time - type: string - digest: - description: |- - Digest is the checksum of the release object in storage. - It has the format of `:`. - type: string - firstDeployed: - description: FirstDeployed is when the release was first deployed. - format: date-time - type: string - lastDeployed: - description: LastDeployed is when the release was last deployed. - format: date-time - type: string - name: - description: Name is the name of the release. - type: string - namespace: - description: Namespace is the namespace the release is deployed - to. - type: string - ociDigest: - description: OCIDigest is the digest of the OCI artifact associated - with the release. - type: string - status: - description: Status is the current state of the release. - type: string - testHooks: - additionalProperties: - description: |- - TestHookStatus holds the status information for a test hook as observed - to be run by the controller. - properties: - lastCompleted: - description: LastCompleted is the time the test hook last - completed. - format: date-time - type: string - lastStarted: - description: LastStarted is the time the test hook was - last started. - format: date-time - type: string - phase: - description: Phase the test hook was observed to be in. - type: string - type: object - description: |- - TestHooks is the list of test hooks for the release as observed to be - run by the controller. - type: object - version: - description: Version is the version of the release object in - storage. - type: integer - required: - - chartName - - chartVersion - - configDigest - - digest - - firstDeployed - - lastDeployed - - name - - namespace - - status - - version - type: object - type: array - installFailures: - description: |- - InstallFailures is the install failure count against the latest desired - state. It is reset after a successful reconciliation. - format: int64 - type: integer - lastAppliedRevision: - description: LastAppliedRevision is the revision of the last successfully - applied source. - type: string - lastAttemptedConfigDigest: - description: |- - LastAttemptedConfigDigest is the digest for the config (better known as - "values") of the last reconciliation attempt. - - - Note: this field is provisional to the v2beta2 API, and not actively used - by v2beta1 HelmReleases. - type: string - lastAttemptedGeneration: - description: |- - LastAttemptedGeneration is the last generation the controller attempted - to reconcile. - - - Note: this field is provisional to the v2beta2 API, and not actively used - by v2beta1 HelmReleases. - format: int64 - type: integer - lastAttemptedReleaseAction: - description: |- - LastAttemptedReleaseAction is the last release action performed for this - HelmRelease. It is used to determine the active remediation strategy. - - - Note: this field is provisional to the v2beta2 API, and not actively used - by v2beta1 HelmReleases. - type: string - lastAttemptedRevision: - description: LastAttemptedRevision is the revision of the last reconciliation - attempt. - type: string - lastAttemptedValuesChecksum: - description: |- - LastAttemptedValuesChecksum is the SHA1 checksum of the values of the last - reconciliation attempt. - type: string - lastHandledForceAt: - description: |- - LastHandledForceAt holds the value of the most recent force request - value, so a change of the annotation value can be detected. - - - Note: this field is provisional to the v2beta2 API, and not actively used - by v2beta1 HelmReleases. - type: string - lastHandledReconcileAt: - description: |- - LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value - can be detected. - type: string - lastHandledResetAt: - description: |- - LastHandledResetAt holds the value of the most recent reset request - value, so a change of the annotation value can be detected. - - - Note: this field is provisional to the v2beta2 API, and not actively used - by v2beta1 HelmReleases. - type: string - lastReleaseRevision: - description: LastReleaseRevision is the revision of the last successful - Helm release. - type: integer - observedGeneration: - description: ObservedGeneration is the last observed generation. - format: int64 - type: integer - observedPostRenderersDigest: - description: |- - ObservedPostRenderersDigest is the digest for the post-renderers of - the last successful reconciliation attempt. - type: string - storageNamespace: - description: |- - StorageNamespace is the namespace of the Helm release storage for the - current release. - - - Note: this field is provisional to the v2beta2 API, and not actively used - by v2beta1 HelmReleases. - type: string - upgradeFailures: - description: |- - UpgradeFailures is the upgrade failure count against the latest desired - state. It is reset after a successful reconciliation. - format: int64 - type: integer - type: object - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - deprecated: true - deprecationWarning: v2beta2 HelmRelease is deprecated, upgrade to v2 - name: v2beta2 - schema: - openAPIV3Schema: - description: HelmRelease is the Schema for the helmreleases API - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: HelmReleaseSpec defines the desired state of a Helm release. - properties: - chart: - description: |- - Chart defines the template of the v1beta2.HelmChart that should be created - for this HelmRelease. - properties: - metadata: - description: ObjectMeta holds the template for metadata like labels - and annotations. - properties: - annotations: - additionalProperties: - type: string - description: |- - Annotations is an unstructured key value map stored with a resource that may be - set by external tools to store and retrieve arbitrary metadata. They are not - queryable and should be preserved when modifying objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ - type: object - labels: - additionalProperties: - type: string - description: |- - Map of string keys and values that can be used to organize and categorize - (scope and select) objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ - type: object - type: object - spec: - description: Spec holds the template for the v1beta2.HelmChartSpec - for this HelmRelease. - properties: - chart: - description: The name or path the Helm chart is available - at in the SourceRef. - maxLength: 2048 - minLength: 1 - type: string - ignoreMissingValuesFiles: - description: IgnoreMissingValuesFiles controls whether to - silently ignore missing values files rather than failing. - type: boolean - interval: - description: |- - Interval at which to check the v1.Source for updates. Defaults to - 'HelmReleaseSpec.Interval'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - reconcileStrategy: - default: ChartVersion - description: |- - Determines what enables the creation of a new artifact. Valid values are - ('ChartVersion', 'Revision'). - See the documentation of the values for an explanation on their behavior. - Defaults to ChartVersion when omitted. - enum: - - ChartVersion - - Revision - type: string - sourceRef: - description: The name and namespace of the v1.Source the chart - is available at. - properties: - apiVersion: - description: APIVersion of the referent. - type: string - kind: - description: Kind of the referent. - enum: - - HelmRepository - - GitRepository - - Bucket - type: string - name: - description: Name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: Namespace of the referent. - maxLength: 63 - minLength: 1 - type: string - required: - - name - type: object - valuesFile: - description: |- - Alternative values file to use as the default chart values, expected to - be a relative path in the SourceRef. Deprecated in favor of ValuesFiles, - for backwards compatibility the file defined here is merged before the - ValuesFiles items. Ignored when omitted. - type: string - valuesFiles: - description: |- - Alternative list of values files to use as the chart values (values.yaml - is not included by default), expected to be a relative path in the SourceRef. - Values files are merged in the order of this list with the last file overriding - the first. Ignored when omitted. - items: - type: string - type: array - verify: - description: |- - Verify contains the secret name containing the trusted public keys - used to verify the signature and specifies which provider to use to check - whether OCI image is authentic. - This field is only supported for OCI sources. - Chart dependencies, which are not bundled in the umbrella chart artifact, - are not verified. - properties: - provider: - default: cosign - description: Provider specifies the technology used to - sign the OCI Helm chart. - enum: - - cosign - - notation - type: string - secretRef: - description: |- - SecretRef specifies the Kubernetes Secret containing the - trusted public keys. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - required: - - provider - type: object - version: - default: '*' - description: |- - Version semver expression, ignored for charts from v1beta2.GitRepository and - v1beta2.Bucket sources. Defaults to latest when omitted. - type: string - required: - - chart - - sourceRef - type: object - required: - - spec - type: object - chartRef: - description: |- - ChartRef holds a reference to a source controller resource containing the - Helm chart artifact. - - - Note: this field is provisional to the v2 API, and not actively used - by v2beta2 HelmReleases. - properties: - apiVersion: - description: APIVersion of the referent. - type: string - kind: - description: Kind of the referent. - enum: - - OCIRepository - - HelmChart - type: string - name: - description: Name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: |- - Namespace of the referent, defaults to the namespace of the Kubernetes - resource object that contains the reference. - maxLength: 63 - minLength: 1 - type: string - required: - - kind - - name - type: object - dependsOn: - description: |- - DependsOn may contain a meta.NamespacedObjectReference slice with - references to HelmRelease resources that must be ready before this HelmRelease - can be reconciled. - items: - description: |- - NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource object in any - namespace. - properties: - name: - description: Name of the referent. - type: string - namespace: - description: Namespace of the referent, when not specified it - acts as LocalObjectReference. - type: string - required: - - name - type: object - type: array - driftDetection: - description: |- - DriftDetection holds the configuration for detecting and handling - differences between the manifest in the Helm storage and the resources - currently existing in the cluster. - properties: - ignore: - description: |- - Ignore contains a list of rules for specifying which changes to ignore - during diffing. - items: - description: |- - IgnoreRule defines a rule to selectively disregard specific changes during - the drift detection process. - properties: - paths: - description: |- - Paths is a list of JSON Pointer (RFC 6901) paths to be excluded from - consideration in a Kubernetes object. - items: - type: string - type: array - target: - description: |- - Target is a selector for specifying Kubernetes objects to which this - rule applies. - If Target is not set, the Paths will be ignored for all Kubernetes - objects within the manifest of the Helm release. - properties: - annotationSelector: - description: |- - AnnotationSelector is a string that follows the label selection expression - https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource annotations. - type: string - group: - description: |- - Group is the API group to select resources from. - Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - kind: - description: |- - Kind of the API Group to select resources from. - Together with Group and Version it is capable of unambiguously - identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - labelSelector: - description: |- - LabelSelector is a string that follows the label selection expression - https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource labels. - type: string - name: - description: Name to match resources with. - type: string - namespace: - description: Namespace to select resources from. - type: string - version: - description: |- - Version of the API Group to select resources from. - Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - type: object - required: - - paths - type: object - type: array - mode: - description: |- - Mode defines how differences should be handled between the Helm manifest - and the manifest currently applied to the cluster. - If not explicitly set, it defaults to DiffModeDisabled. - enum: - - enabled - - warn - - disabled - type: string - type: object - install: - description: Install holds the configuration for Helm install actions - for this HelmRelease. - properties: - crds: - description: |- - CRDs upgrade CRDs from the Helm Chart's crds directory according - to the CRD upgrade policy provided here. Valid values are `Skip`, - `Create` or `CreateReplace`. Default is `Create` and if omitted - CRDs are installed but not updated. - - - Skip: do neither install nor replace (update) any CRDs. - - - Create: new CRDs are created, existing CRDs are neither updated nor deleted. - - - CreateReplace: new CRDs are created, existing CRDs are updated (replaced) - but not deleted. - - - By default, CRDs are applied (installed) during Helm install action. - With this option users can opt in to CRD replace existing CRDs on Helm - install actions, which is not (yet) natively supported by Helm. - https://helm.sh/docs/chart_best_practices/custom_resource_definitions. - enum: - - Skip - - Create - - CreateReplace - type: string - createNamespace: - description: |- - CreateNamespace tells the Helm install action to create the - HelmReleaseSpec.TargetNamespace if it does not exist yet. - On uninstall, the namespace will not be garbage collected. - type: boolean - disableHooks: - description: DisableHooks prevents hooks from running during the - Helm install action. - type: boolean - disableOpenAPIValidation: - description: |- - DisableOpenAPIValidation prevents the Helm install action from validating - rendered templates against the Kubernetes OpenAPI Schema. - type: boolean - disableWait: - description: |- - DisableWait disables the waiting for resources to be ready after a Helm - install has been performed. - type: boolean - disableWaitForJobs: - description: |- - DisableWaitForJobs disables waiting for jobs to complete after a Helm - install has been performed. - type: boolean - remediation: - description: |- - Remediation holds the remediation configuration for when the Helm install - action for the HelmRelease fails. The default is to not perform any action. - properties: - ignoreTestFailures: - description: |- - IgnoreTestFailures tells the controller to skip remediation when the Helm - tests are run after an install action but fail. Defaults to - 'Test.IgnoreFailures'. - type: boolean - remediateLastFailure: - description: |- - RemediateLastFailure tells the controller to remediate the last failure, when - no retries remain. Defaults to 'false'. - type: boolean - retries: - description: |- - Retries is the number of retries that should be attempted on failures before - bailing. Remediation, using an uninstall, is performed between each attempt. - Defaults to '0', a negative integer equals to unlimited retries. - type: integer - type: object - replace: - description: |- - Replace tells the Helm install action to re-use the 'ReleaseName', but only - if that name is a deleted release which remains in the history. - type: boolean - skipCRDs: - description: |- - SkipCRDs tells the Helm install action to not install any CRDs. By default, - CRDs are installed if not already present. - - - Deprecated use CRD policy (`crds`) attribute with value `Skip` instead. - type: boolean - timeout: - description: |- - Timeout is the time to wait for any individual Kubernetes operation (like - Jobs for hooks) during the performance of a Helm install action. Defaults to - 'HelmReleaseSpec.Timeout'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - type: object - interval: - description: Interval at which to reconcile the Helm release. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - kubeConfig: - description: |- - KubeConfig for reconciling the HelmRelease on a remote cluster. - When used in combination with HelmReleaseSpec.ServiceAccountName, - forces the controller to act on behalf of that Service Account at the - target cluster. - If the --default-service-account flag is set, its value will be used as - a controller level fallback for when HelmReleaseSpec.ServiceAccountName - is empty. - properties: - secretRef: - description: |- - SecretRef holds the name of a secret that contains a key with - the kubeconfig file as the value. If no key is set, the key will default - to 'value'. - It is recommended that the kubeconfig is self-contained, and the secret - is regularly updated if credentials such as a cloud-access-token expire. - Cloud specific `cmd-path` auth helpers will not function without adding - binaries and credentials to the Pod that is responsible for reconciling - Kubernetes resources. - properties: - key: - description: Key in the Secret, when not specified an implementation-specific - default key is used. - type: string - name: - description: Name of the Secret. - type: string - required: - - name - type: object - required: - - secretRef - type: object - maxHistory: - description: |- - MaxHistory is the number of revisions saved by Helm for this HelmRelease. - Use '0' for an unlimited number of revisions; defaults to '5'. - type: integer - persistentClient: - description: |- - PersistentClient tells the controller to use a persistent Kubernetes - client for this release. When enabled, the client will be reused for the - duration of the reconciliation, instead of being created and destroyed - for each (step of a) Helm action. - - - This can improve performance, but may cause issues with some Helm charts - that for example do create Custom Resource Definitions during installation - outside Helm's CRD lifecycle hooks, which are then not observed to be - available by e.g. post-install hooks. - - - If not set, it defaults to true. - type: boolean - postRenderers: - description: |- - PostRenderers holds an array of Helm PostRenderers, which will be applied in order - of their definition. - items: - description: PostRenderer contains a Helm PostRenderer specification. - properties: - kustomize: - description: Kustomization to apply as PostRenderer. - properties: - images: - description: |- - Images is a list of (image name, new name, new tag or digest) - for changing image names, tags or digests. This can also be achieved with a - patch, but this operator is simpler to specify. - items: - description: Image contains an image name, a new name, - a new tag or digest, which will replace the original - name and tag. - properties: - digest: - description: |- - Digest is the value used to replace the original image tag. - If digest is present NewTag value is ignored. - type: string - name: - description: Name is a tag-less image name. - type: string - newName: - description: NewName is the value used to replace - the original name. - type: string - newTag: - description: NewTag is the value used to replace the - original tag. - type: string - required: - - name - type: object - type: array - patches: - description: |- - Strategic merge and JSON patches, defined as inline YAML objects, - capable of targeting objects based on kind, label and annotation selectors. - items: - description: |- - Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should - be applied to. - properties: - patch: - description: |- - Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with - an array of operation objects. - type: string - target: - description: Target points to the resources that the - patch document should be applied to. - properties: - annotationSelector: - description: |- - AnnotationSelector is a string that follows the label selection expression - https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource annotations. - type: string - group: - description: |- - Group is the API group to select resources from. - Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - kind: - description: |- - Kind of the API Group to select resources from. - Together with Group and Version it is capable of unambiguously - identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - labelSelector: - description: |- - LabelSelector is a string that follows the label selection expression - https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource labels. - type: string - name: - description: Name to match resources with. - type: string - namespace: - description: Namespace to select resources from. - type: string - version: - description: |- - Version of the API Group to select resources from. - Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - type: object - required: - - patch - type: object - type: array - patchesJson6902: - description: |- - JSON 6902 patches, defined as inline YAML objects. - Deprecated: use Patches instead. - items: - description: JSON6902Patch contains a JSON6902 patch and - the target the patch should be applied to. - properties: - patch: - description: Patch contains the JSON6902 patch document - with an array of operation objects. - items: - description: |- - JSON6902 is a JSON6902 operation object. - https://datatracker.ietf.org/doc/html/rfc6902#section-4 - properties: - from: - description: |- - From contains a JSON-pointer value that references a location within the target document where the operation is - performed. The meaning of the value depends on the value of Op, and is NOT taken into account by all operations. - type: string - op: - description: |- - Op indicates the operation to perform. Its value MUST be one of "add", "remove", "replace", "move", "copy", or - "test". - https://datatracker.ietf.org/doc/html/rfc6902#section-4 - enum: - - test - - remove - - add - - replace - - move - - copy - type: string - path: - description: |- - Path contains the JSON-pointer value that references a location within the target document where the operation - is performed. The meaning of the value depends on the value of Op. - type: string - value: - description: |- - Value contains a valid JSON structure. The meaning of the value depends on the value of Op, and is NOT taken into - account by all operations. - x-kubernetes-preserve-unknown-fields: true - required: - - op - - path - type: object - type: array - target: - description: Target points to the resources that the - patch document should be applied to. - properties: - annotationSelector: - description: |- - AnnotationSelector is a string that follows the label selection expression - https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource annotations. - type: string - group: - description: |- - Group is the API group to select resources from. - Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - kind: - description: |- - Kind of the API Group to select resources from. - Together with Group and Version it is capable of unambiguously - identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - labelSelector: - description: |- - LabelSelector is a string that follows the label selection expression - https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource labels. - type: string - name: - description: Name to match resources with. - type: string - namespace: - description: Namespace to select resources from. - type: string - version: - description: |- - Version of the API Group to select resources from. - Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. - https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - type: object - required: - - patch - - target - type: object - type: array - patchesStrategicMerge: - description: |- - Strategic merge patches, defined as inline YAML objects. - Deprecated: use Patches instead. - items: - x-kubernetes-preserve-unknown-fields: true - type: array - type: object - type: object - type: array - releaseName: - description: |- - ReleaseName used for the Helm release. Defaults to a composition of - '[TargetNamespace-]Name'. - maxLength: 53 - minLength: 1 - type: string - rollback: - description: Rollback holds the configuration for Helm rollback actions - for this HelmRelease. - properties: - cleanupOnFail: - description: |- - CleanupOnFail allows deletion of new resources created during the Helm - rollback action when it fails. - type: boolean - disableHooks: - description: DisableHooks prevents hooks from running during the - Helm rollback action. - type: boolean - disableWait: - description: |- - DisableWait disables the waiting for resources to be ready after a Helm - rollback has been performed. - type: boolean - disableWaitForJobs: - description: |- - DisableWaitForJobs disables waiting for jobs to complete after a Helm - rollback has been performed. - type: boolean - force: - description: Force forces resource updates through a replacement - strategy. - type: boolean - recreate: - description: Recreate performs pod restarts for the resource if - applicable. - type: boolean - timeout: - description: |- - Timeout is the time to wait for any individual Kubernetes operation (like - Jobs for hooks) during the performance of a Helm rollback action. Defaults to - 'HelmReleaseSpec.Timeout'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - type: object - serviceAccountName: - description: |- - The name of the Kubernetes service account to impersonate - when reconciling this HelmRelease. - maxLength: 253 - minLength: 1 - type: string - storageNamespace: - description: |- - StorageNamespace used for the Helm storage. - Defaults to the namespace of the HelmRelease. - maxLength: 63 - minLength: 1 - type: string - suspend: - description: |- - Suspend tells the controller to suspend reconciliation for this HelmRelease, - it does not apply to already started reconciliations. Defaults to false. - type: boolean - targetNamespace: - description: |- - TargetNamespace to target when performing operations for the HelmRelease. - Defaults to the namespace of the HelmRelease. - maxLength: 63 - minLength: 1 - type: string - test: - description: Test holds the configuration for Helm test actions for - this HelmRelease. - properties: - enable: - description: |- - Enable enables Helm test actions for this HelmRelease after an Helm install - or upgrade action has been performed. - type: boolean - filters: - description: Filters is a list of tests to run or exclude from - running. - items: - description: Filter holds the configuration for individual Helm - test filters. - properties: - exclude: - description: Exclude specifies whether the named test should - be excluded. - type: boolean - name: - description: Name is the name of the test. - maxLength: 253 - minLength: 1 - type: string - required: - - name - type: object - type: array - ignoreFailures: - description: |- - IgnoreFailures tells the controller to skip remediation when the Helm tests - are run but fail. Can be overwritten for tests run after install or upgrade - actions in 'Install.IgnoreTestFailures' and 'Upgrade.IgnoreTestFailures'. - type: boolean - timeout: - description: |- - Timeout is the time to wait for any individual Kubernetes operation during - the performance of a Helm test action. Defaults to 'HelmReleaseSpec.Timeout'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - type: object - timeout: - description: |- - Timeout is the time to wait for any individual Kubernetes operation (like Jobs - for hooks) during the performance of a Helm action. Defaults to '5m0s'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - uninstall: - description: Uninstall holds the configuration for Helm uninstall - actions for this HelmRelease. - properties: - deletionPropagation: - default: background - description: |- - DeletionPropagation specifies the deletion propagation policy when - a Helm uninstall is performed. - enum: - - background - - foreground - - orphan - type: string - disableHooks: - description: DisableHooks prevents hooks from running during the - Helm rollback action. - type: boolean - disableWait: - description: |- - DisableWait disables waiting for all the resources to be deleted after - a Helm uninstall is performed. - type: boolean - keepHistory: - description: |- - KeepHistory tells Helm to remove all associated resources and mark the - release as deleted, but retain the release history. - type: boolean - timeout: - description: |- - Timeout is the time to wait for any individual Kubernetes operation (like - Jobs for hooks) during the performance of a Helm uninstall action. Defaults - to 'HelmReleaseSpec.Timeout'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - type: object - upgrade: - description: Upgrade holds the configuration for Helm upgrade actions - for this HelmRelease. - properties: - cleanupOnFail: - description: |- - CleanupOnFail allows deletion of new resources created during the Helm - upgrade action when it fails. - type: boolean - crds: - description: |- - CRDs upgrade CRDs from the Helm Chart's crds directory according - to the CRD upgrade policy provided here. Valid values are `Skip`, - `Create` or `CreateReplace`. Default is `Skip` and if omitted - CRDs are neither installed nor upgraded. - - - Skip: do neither install nor replace (update) any CRDs. - - - Create: new CRDs are created, existing CRDs are neither updated nor deleted. - - - CreateReplace: new CRDs are created, existing CRDs are updated (replaced) - but not deleted. - - - By default, CRDs are not applied during Helm upgrade action. With this - option users can opt-in to CRD upgrade, which is not (yet) natively supported by Helm. - https://helm.sh/docs/chart_best_practices/custom_resource_definitions. - enum: - - Skip - - Create - - CreateReplace - type: string - disableHooks: - description: DisableHooks prevents hooks from running during the - Helm upgrade action. - type: boolean - disableOpenAPIValidation: - description: |- - DisableOpenAPIValidation prevents the Helm upgrade action from validating - rendered templates against the Kubernetes OpenAPI Schema. - type: boolean - disableWait: - description: |- - DisableWait disables the waiting for resources to be ready after a Helm - upgrade has been performed. - type: boolean - disableWaitForJobs: - description: |- - DisableWaitForJobs disables waiting for jobs to complete after a Helm - upgrade has been performed. - type: boolean - force: - description: Force forces resource updates through a replacement - strategy. - type: boolean - preserveValues: - description: |- - PreserveValues will make Helm reuse the last release's values and merge in - overrides from 'Values'. Setting this flag makes the HelmRelease - non-declarative. - type: boolean - remediation: - description: |- - Remediation holds the remediation configuration for when the Helm upgrade - action for the HelmRelease fails. The default is to not perform any action. - properties: - ignoreTestFailures: - description: |- - IgnoreTestFailures tells the controller to skip remediation when the Helm - tests are run after an upgrade action but fail. - Defaults to 'Test.IgnoreFailures'. - type: boolean - remediateLastFailure: - description: |- - RemediateLastFailure tells the controller to remediate the last failure, when - no retries remain. Defaults to 'false' unless 'Retries' is greater than 0. - type: boolean - retries: - description: |- - Retries is the number of retries that should be attempted on failures before - bailing. Remediation, using 'Strategy', is performed between each attempt. - Defaults to '0', a negative integer equals to unlimited retries. - type: integer - strategy: - description: Strategy to use for failure remediation. Defaults - to 'rollback'. - enum: - - rollback - - uninstall - type: string - type: object - timeout: - description: |- - Timeout is the time to wait for any individual Kubernetes operation (like - Jobs for hooks) during the performance of a Helm upgrade action. Defaults to - 'HelmReleaseSpec.Timeout'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - type: object - values: - description: Values holds the values for this Helm release. - x-kubernetes-preserve-unknown-fields: true - valuesFrom: - description: |- - ValuesFrom holds references to resources containing Helm values for this HelmRelease, - and information about how they should be merged. - items: - description: |- - ValuesReference contains a reference to a resource containing Helm values, - and optionally the key they can be found at. - properties: - kind: - description: Kind of the values referent, valid values are ('Secret', - 'ConfigMap'). - enum: - - Secret - - ConfigMap - type: string - name: - description: |- - Name of the values referent. Should reside in the same namespace as the - referring resource. - maxLength: 253 - minLength: 1 - type: string - optional: - description: |- - Optional marks this ValuesReference as optional. When set, a not found error - for the values reference is ignored, but any ValuesKey, TargetPath or - transient error will still result in a reconciliation failure. - type: boolean - targetPath: - description: |- - TargetPath is the YAML dot notation path the value should be merged at. When - set, the ValuesKey is expected to be a single flat value. Defaults to 'None', - which results in the values getting merged at the root. - maxLength: 250 - pattern: ^([a-zA-Z0-9_\-.\\\/]|\[[0-9]{1,5}\])+$ - type: string - valuesKey: - description: |- - ValuesKey is the data key where the values.yaml or a specific value can be - found at. Defaults to 'values.yaml'. - maxLength: 253 - pattern: ^[\-._a-zA-Z0-9]+$ - type: string - required: - - kind - - name - type: object - type: array - required: - - interval - type: object - x-kubernetes-validations: - - message: either chart or chartRef must be set - rule: (has(self.chart) && !has(self.chartRef)) || (!has(self.chart) - && has(self.chartRef)) - status: - default: - observedGeneration: -1 - description: HelmReleaseStatus defines the observed state of a HelmRelease. - properties: - conditions: - description: Conditions holds the conditions for the HelmRelease. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - failures: - description: |- - Failures is the reconciliation failure count against the latest desired - state. It is reset after a successful reconciliation. - format: int64 - type: integer - helmChart: - description: |- - HelmChart is the namespaced name of the HelmChart resource created by - the controller for the HelmRelease. - type: string - history: - description: |- - History holds the history of Helm releases performed for this HelmRelease - up to the last successfully completed release. - items: - description: |- - Snapshot captures a point-in-time copy of the status information for a Helm release, - as managed by the controller. - properties: - apiVersion: - description: |- - APIVersion is the API version of the Snapshot. - Provisional: when the calculation method of the Digest field is changed, - this field will be used to distinguish between the old and new methods. - type: string - appVersion: - description: AppVersion is the chart app version of the release - object in storage. - type: string - chartName: - description: ChartName is the chart name of the release object - in storage. - type: string - chartVersion: - description: |- - ChartVersion is the chart version of the release object in - storage. - type: string - configDigest: - description: |- - ConfigDigest is the checksum of the config (better known as - "values") of the release object in storage. - It has the format of `:`. - type: string - deleted: - description: Deleted is when the release was deleted. - format: date-time - type: string - digest: - description: |- - Digest is the checksum of the release object in storage. - It has the format of `:`. - type: string - firstDeployed: - description: FirstDeployed is when the release was first deployed. - format: date-time - type: string - lastDeployed: - description: LastDeployed is when the release was last deployed. - format: date-time - type: string - name: - description: Name is the name of the release. - type: string - namespace: - description: Namespace is the namespace the release is deployed - to. - type: string - ociDigest: - description: OCIDigest is the digest of the OCI artifact associated - with the release. - type: string - status: - description: Status is the current state of the release. - type: string - testHooks: - additionalProperties: - description: |- - TestHookStatus holds the status information for a test hook as observed - to be run by the controller. - properties: - lastCompleted: - description: LastCompleted is the time the test hook last - completed. - format: date-time - type: string - lastStarted: - description: LastStarted is the time the test hook was - last started. - format: date-time - type: string - phase: - description: Phase the test hook was observed to be in. - type: string - type: object - description: |- - TestHooks is the list of test hooks for the release as observed to be - run by the controller. - type: object - version: - description: Version is the version of the release object in - storage. - type: integer - required: - - chartName - - chartVersion - - configDigest - - digest - - firstDeployed - - lastDeployed - - name - - namespace - - status - - version - type: object - type: array - installFailures: - description: |- - InstallFailures is the install failure count against the latest desired - state. It is reset after a successful reconciliation. - format: int64 - type: integer - lastAppliedRevision: - description: |- - LastAppliedRevision is the revision of the last successfully applied - source. - Deprecated: the revision can now be found in the History. - type: string - lastAttemptedConfigDigest: - description: |- - LastAttemptedConfigDigest is the digest for the config (better known as - "values") of the last reconciliation attempt. - type: string - lastAttemptedGeneration: - description: |- - LastAttemptedGeneration is the last generation the controller attempted - to reconcile. - format: int64 - type: integer - lastAttemptedReleaseAction: - description: |- - LastAttemptedReleaseAction is the last release action performed for this - HelmRelease. It is used to determine the active remediation strategy. - enum: - - install - - upgrade - type: string - lastAttemptedRevision: - description: |- - LastAttemptedRevision is the Source revision of the last reconciliation - attempt. For OCIRepository sources, the 12 first characters of the digest are - appended to the chart version e.g. "1.2.3+1234567890ab". - type: string - lastAttemptedRevisionDigest: - description: |- - LastAttemptedRevisionDigest is the digest of the last reconciliation attempt. - This is only set for OCIRepository sources. - type: string - lastAttemptedValuesChecksum: - description: |- - LastAttemptedValuesChecksum is the SHA1 checksum for the values of the last - reconciliation attempt. - Deprecated: Use LastAttemptedConfigDigest instead. - type: string - lastHandledForceAt: - description: |- - LastHandledForceAt holds the value of the most recent force request - value, so a change of the annotation value can be detected. - type: string - lastHandledReconcileAt: - description: |- - LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value - can be detected. - type: string - lastHandledResetAt: - description: |- - LastHandledResetAt holds the value of the most recent reset request - value, so a change of the annotation value can be detected. - type: string - lastReleaseRevision: - description: |- - LastReleaseRevision is the revision of the last successful Helm release. - Deprecated: Use History instead. - type: integer - observedGeneration: - description: ObservedGeneration is the last observed generation. - format: int64 - type: integer - observedPostRenderersDigest: - description: |- - ObservedPostRenderersDigest is the digest for the post-renderers of - the last successful reconciliation attempt. - type: string - storageNamespace: - description: |- - StorageNamespace is the namespace of the Helm release storage for the - current release. - maxLength: 63 - minLength: 1 - type: string - upgradeFailures: - description: |- - UpgradeFailures is the upgrade failure count against the latest desired - state. It is reset after a successful reconciliation. - format: int64 - type: integer - type: object - type: object - served: true - storage: false - subresources: - status: {} ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - labels: - app.kubernetes.io/component: helm-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.3.0 - name: helm-controller - namespace: flux-system ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app.kubernetes.io/component: helm-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.3.0 - control-plane: controller - name: helm-controller - namespace: flux-system -spec: - replicas: 1 - selector: - matchLabels: - app: helm-controller - template: - metadata: - annotations: - prometheus.io/port: "8080" - prometheus.io/scrape: "true" - labels: - app: helm-controller - spec: - containers: - - args: - - --events-addr=http://notification-controller.flux-system.svc.cluster.local./ - - --watch-all-namespaces=true - - --log-level=info - - --log-encoding=json - - --enable-leader-election - env: - - name: RUNTIME_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: GOMAXPROCS - valueFrom: - resourceFieldRef: - containerName: manager - resource: limits.cpu - - name: GOMEMLIMIT - valueFrom: - resourceFieldRef: - containerName: manager - resource: limits.memory - image: ghcr.io/fluxcd/helm-controller:v1.0.1 - imagePullPolicy: IfNotPresent - livenessProbe: - httpGet: - path: /healthz - port: healthz - name: manager - ports: - - containerPort: 8080 - name: http-prom - protocol: TCP - - containerPort: 9440 - name: healthz - protocol: TCP - readinessProbe: - httpGet: - path: /readyz - port: healthz - resources: - limits: - cpu: 1000m - memory: 1Gi - requests: - cpu: 100m - memory: 64Mi - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - runAsNonRoot: true - seccompProfile: - type: RuntimeDefault - volumeMounts: - - mountPath: /tmp - name: temp - nodeSelector: - kubernetes.io/os: linux - priorityClassName: system-cluster-critical - securityContext: - fsGroup: 1337 - serviceAccountName: helm-controller - terminationGracePeriodSeconds: 600 - volumes: - - emptyDir: {} - name: temp ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.15.0 - labels: - app.kubernetes.io/component: notification-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.3.0 - name: alerts.notification.toolkit.fluxcd.io -spec: - group: notification.toolkit.fluxcd.io - names: - kind: Alert - listKind: AlertList - plural: alerts - singular: alert - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - deprecated: true - deprecationWarning: v1beta1 Alert is deprecated, upgrade to v1beta3 - name: v1beta1 - schema: - openAPIV3Schema: - description: Alert is the Schema for the alerts API - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: AlertSpec defines an alerting rule for events involving a - list of objects - properties: - eventSeverity: - default: info - description: |- - Filter events based on severity, defaults to ('info'). - If set to 'info' no events will be filtered. - enum: - - info - - error - type: string - eventSources: - description: Filter events based on the involved objects. - items: - description: |- - CrossNamespaceObjectReference contains enough information to let you locate the - typed referenced object at cluster level - properties: - apiVersion: - description: API version of the referent - type: string - kind: - description: Kind of the referent - enum: - - Bucket - - GitRepository - - Kustomization - - HelmRelease - - HelmChart - - HelmRepository - - ImageRepository - - ImagePolicy - - ImageUpdateAutomation - - OCIRepository - type: string - matchLabels: - additionalProperties: - type: string - description: |- - MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - name: - description: Name of the referent - maxLength: 53 - minLength: 1 - type: string - namespace: - description: Namespace of the referent - maxLength: 53 - minLength: 1 - type: string - required: - - name - type: object - type: array - exclusionList: - description: A list of Golang regular expressions to be used for excluding - messages. - items: - type: string - type: array - providerRef: - description: Send events using this provider. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - summary: - description: Short description of the impact and affected cluster. - type: string - suspend: - description: |- - This flag tells the controller to suspend subsequent events dispatching. - Defaults to false. - type: boolean - required: - - eventSources - - providerRef - type: object - status: - default: - observedGeneration: -1 - description: AlertStatus defines the observed state of Alert - properties: - conditions: - items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - observedGeneration: - description: ObservedGeneration is the last observed generation. - format: int64 - type: integer - type: object - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - deprecated: true - deprecationWarning: v1beta2 Alert is deprecated, upgrade to v1beta3 - name: v1beta2 - schema: - openAPIV3Schema: - description: Alert is the Schema for the alerts API - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: AlertSpec defines an alerting rule for events involving a - list of objects. - properties: - eventMetadata: - additionalProperties: - type: string - description: |- - EventMetadata is an optional field for adding metadata to events dispatched by the - controller. This can be used for enhancing the context of the event. If a field - would override one already present on the original event as generated by the emitter, - then the override doesn't happen, i.e. the original value is preserved, and an info - log is printed. - type: object - eventSeverity: - default: info - description: |- - EventSeverity specifies how to filter events based on severity. - If set to 'info' no events will be filtered. - enum: - - info - - error - type: string - eventSources: - description: |- - EventSources specifies how to filter events based - on the involved object kind, name and namespace. - items: - description: |- - CrossNamespaceObjectReference contains enough information to let you locate the - typed referenced object at cluster level - properties: - apiVersion: - description: API version of the referent - type: string - kind: - description: Kind of the referent - enum: - - Bucket - - GitRepository - - Kustomization - - HelmRelease - - HelmChart - - HelmRepository - - ImageRepository - - ImagePolicy - - ImageUpdateAutomation - - OCIRepository - type: string - matchLabels: - additionalProperties: - type: string - description: |- - MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - MatchLabels requires the name to be set to `*`. - type: object - name: - description: |- - Name of the referent - If multiple resources are targeted `*` may be set. - maxLength: 53 - minLength: 1 - type: string - namespace: - description: Namespace of the referent - maxLength: 53 - minLength: 1 - type: string - required: - - kind - - name - type: object - type: array - exclusionList: - description: |- - ExclusionList specifies a list of Golang regular expressions - to be used for excluding messages. - items: - type: string - type: array - inclusionList: - description: |- - InclusionList specifies a list of Golang regular expressions - to be used for including messages. - items: - type: string - type: array - providerRef: - description: ProviderRef specifies which Provider this Alert should - use. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - summary: - description: Summary holds a short description of the impact and affected - cluster. - maxLength: 255 - type: string - suspend: - description: |- - Suspend tells the controller to suspend subsequent - events handling for this Alert. - type: boolean - required: - - eventSources - - providerRef - type: object - status: - default: - observedGeneration: -1 - description: AlertStatus defines the observed state of the Alert. - properties: - conditions: - description: Conditions holds the conditions for the Alert. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - lastHandledReconcileAt: - description: |- - LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value - can be detected. - type: string - observedGeneration: - description: ObservedGeneration is the last observed generation. - format: int64 - type: integer - type: object - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1beta3 - schema: - openAPIV3Schema: - description: Alert is the Schema for the alerts API - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: AlertSpec defines an alerting rule for events involving a - list of objects. - properties: - eventMetadata: - additionalProperties: - type: string - description: |- - EventMetadata is an optional field for adding metadata to events dispatched by the - controller. This can be used for enhancing the context of the event. If a field - would override one already present on the original event as generated by the emitter, - then the override doesn't happen, i.e. the original value is preserved, and an info - log is printed. - type: object - eventSeverity: - default: info - description: |- - EventSeverity specifies how to filter events based on severity. - If set to 'info' no events will be filtered. - enum: - - info - - error - type: string - eventSources: - description: |- - EventSources specifies how to filter events based - on the involved object kind, name and namespace. - items: - description: |- - CrossNamespaceObjectReference contains enough information to let you locate the - typed referenced object at cluster level - properties: - apiVersion: - description: API version of the referent - type: string - kind: - description: Kind of the referent - enum: - - Bucket - - GitRepository - - Kustomization - - HelmRelease - - HelmChart - - HelmRepository - - ImageRepository - - ImagePolicy - - ImageUpdateAutomation - - OCIRepository - type: string - matchLabels: - additionalProperties: - type: string - description: |- - MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - MatchLabels requires the name to be set to `*`. - type: object - name: - description: |- - Name of the referent - If multiple resources are targeted `*` may be set. - maxLength: 53 - minLength: 1 - type: string - namespace: - description: Namespace of the referent - maxLength: 53 - minLength: 1 - type: string - required: - - kind - - name - type: object - type: array - exclusionList: - description: |- - ExclusionList specifies a list of Golang regular expressions - to be used for excluding messages. - items: - type: string - type: array - inclusionList: - description: |- - InclusionList specifies a list of Golang regular expressions - to be used for including messages. - items: - type: string - type: array - providerRef: - description: ProviderRef specifies which Provider this Alert should - use. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - summary: - description: Summary holds a short description of the impact and affected - cluster. - maxLength: 255 - type: string - suspend: - description: |- - Suspend tells the controller to suspend subsequent - events handling for this Alert. - type: boolean - required: - - eventSources - - providerRef - type: object - type: object - served: true - storage: true - subresources: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.15.0 - labels: - app.kubernetes.io/component: notification-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.3.0 - name: providers.notification.toolkit.fluxcd.io -spec: - group: notification.toolkit.fluxcd.io - names: - kind: Provider - listKind: ProviderList - plural: providers - singular: provider - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - deprecated: true - deprecationWarning: v1beta1 Provider is deprecated, upgrade to v1beta3 - name: v1beta1 - schema: - openAPIV3Schema: - description: Provider is the Schema for the providers API - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: ProviderSpec defines the desired state of Provider - properties: - address: - description: HTTP/S webhook address of this provider - pattern: ^(http|https):// - type: string - certSecretRef: - description: |- - CertSecretRef can be given the name of a secret containing - a PEM-encoded CA certificate (`caFile`) - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - channel: - description: Alert channel for this provider - type: string - proxy: - description: HTTP/S address of the proxy - pattern: ^(http|https):// - type: string - secretRef: - description: |- - Secret reference containing the provider webhook URL - using "address" as data key - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - suspend: - description: |- - This flag tells the controller to suspend subsequent events handling. - Defaults to false. - type: boolean - timeout: - description: Timeout for sending alerts to the provider. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ - type: string - type: - description: Type of provider - enum: - - slack - - discord - - msteams - - rocket - - generic - - generic-hmac - - github - - gitlab - - bitbucket - - azuredevops - - googlechat - - webex - - sentry - - azureeventhub - - telegram - - lark - - matrix - - opsgenie - - alertmanager - - grafana - - githubdispatch - type: string - username: - description: Bot username for this provider - type: string - required: - - type - type: object - status: - default: - observedGeneration: -1 - description: ProviderStatus defines the observed state of Provider - properties: - conditions: - items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - observedGeneration: - description: ObservedGeneration is the last reconciled generation. - format: int64 - type: integer - type: object - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - deprecated: true - deprecationWarning: v1beta2 Provider is deprecated, upgrade to v1beta3 - name: v1beta2 - schema: - openAPIV3Schema: - description: Provider is the Schema for the providers API. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: ProviderSpec defines the desired state of the Provider. - properties: - address: - description: |- - Address specifies the endpoint, in a generic sense, to where alerts are sent. - What kind of endpoint depends on the specific Provider type being used. - For the generic Provider, for example, this is an HTTP/S address. - For other Provider types this could be a project ID or a namespace. - maxLength: 2048 - type: string - certSecretRef: - description: |- - CertSecretRef specifies the Secret containing - a PEM-encoded CA certificate (in the `ca.crt` key). - - - Note: Support for the `caFile` key has - been deprecated. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - channel: - description: Channel specifies the destination channel where events - should be posted. - maxLength: 2048 - type: string - interval: - description: Interval at which to reconcile the Provider with its - Secret references. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - proxy: - description: Proxy the HTTP/S address of the proxy server. - maxLength: 2048 - pattern: ^(http|https)://.*$ - type: string - secretRef: - description: |- - SecretRef specifies the Secret containing the authentication - credentials for this Provider. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - suspend: - description: |- - Suspend tells the controller to suspend subsequent - events handling for this Provider. - type: boolean - timeout: - description: Timeout for sending alerts to the Provider. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ - type: string - type: - description: Type specifies which Provider implementation to use. - enum: - - slack - - discord - - msteams - - rocket - - generic - - generic-hmac - - github - - gitlab - - gitea - - bitbucketserver - - bitbucket - - azuredevops - - googlechat - - googlepubsub - - webex - - sentry - - azureeventhub - - telegram - - lark - - matrix - - opsgenie - - alertmanager - - grafana - - githubdispatch - - pagerduty - - datadog - type: string - username: - description: Username specifies the name under which events are posted. - maxLength: 2048 - type: string - required: - - type - type: object - status: - default: - observedGeneration: -1 - description: ProviderStatus defines the observed state of the Provider. - properties: - conditions: - description: Conditions holds the conditions for the Provider. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - lastHandledReconcileAt: - description: |- - LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value - can be detected. - type: string - observedGeneration: - description: ObservedGeneration is the last reconciled generation. - format: int64 - type: integer - type: object - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1beta3 - schema: - openAPIV3Schema: - description: Provider is the Schema for the providers API - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: ProviderSpec defines the desired state of the Provider. - properties: - address: - description: |- - Address specifies the endpoint, in a generic sense, to where alerts are sent. - What kind of endpoint depends on the specific Provider type being used. - For the generic Provider, for example, this is an HTTP/S address. - For other Provider types this could be a project ID or a namespace. - maxLength: 2048 - type: string - certSecretRef: - description: |- - CertSecretRef specifies the Secret containing - a PEM-encoded CA certificate (in the `ca.crt` key). - - - Note: Support for the `caFile` key has - been deprecated. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - channel: - description: Channel specifies the destination channel where events - should be posted. - maxLength: 2048 - type: string - interval: - description: |- - Interval at which to reconcile the Provider with its Secret references. - Deprecated and not used in v1beta3. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - proxy: - description: Proxy the HTTP/S address of the proxy server. - maxLength: 2048 - pattern: ^(http|https)://.*$ - type: string - secretRef: - description: |- - SecretRef specifies the Secret containing the authentication - credentials for this Provider. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - suspend: - description: |- - Suspend tells the controller to suspend subsequent - events handling for this Provider. - type: boolean - timeout: - description: Timeout for sending alerts to the Provider. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ - type: string - type: - description: Type specifies which Provider implementation to use. - enum: - - slack - - discord - - msteams - - rocket - - generic - - generic-hmac - - github - - gitlab - - gitea - - bitbucketserver - - bitbucket - - azuredevops - - googlechat - - googlepubsub - - webex - - sentry - - azureeventhub - - telegram - - lark - - matrix - - opsgenie - - alertmanager - - grafana - - githubdispatch - - pagerduty - - datadog - - nats - type: string - username: - description: Username specifies the name under which events are posted. - maxLength: 2048 - type: string - required: - - type - type: object - type: object - served: true - storage: true - subresources: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.15.0 - labels: - app.kubernetes.io/component: notification-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.3.0 - name: receivers.notification.toolkit.fluxcd.io -spec: - group: notification.toolkit.fluxcd.io - names: - kind: Receiver - listKind: ReceiverList - plural: receivers - singular: receiver - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - name: v1 - schema: - openAPIV3Schema: - description: Receiver is the Schema for the receivers API. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: ReceiverSpec defines the desired state of the Receiver. - properties: - events: - description: |- - Events specifies the list of event types to handle, - e.g. 'push' for GitHub or 'Push Hook' for GitLab. - items: - type: string - type: array - interval: - default: 10m - description: Interval at which to reconcile the Receiver with its - Secret references. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - resources: - description: A list of resources to be notified about changes. - items: - description: |- - CrossNamespaceObjectReference contains enough information to let you locate the - typed referenced object at cluster level - properties: - apiVersion: - description: API version of the referent - type: string - kind: - description: Kind of the referent - enum: - - Bucket - - GitRepository - - Kustomization - - HelmRelease - - HelmChart - - HelmRepository - - ImageRepository - - ImagePolicy - - ImageUpdateAutomation - - OCIRepository - type: string - matchLabels: - additionalProperties: - type: string - description: |- - MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - MatchLabels requires the name to be set to `*`. - type: object - name: - description: |- - Name of the referent - If multiple resources are targeted `*` may be set. - maxLength: 53 - minLength: 1 - type: string - namespace: - description: Namespace of the referent - maxLength: 53 - minLength: 1 - type: string - required: - - kind - - name - type: object - type: array - secretRef: - description: |- - SecretRef specifies the Secret containing the token used - to validate the payload authenticity. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - suspend: - description: |- - Suspend tells the controller to suspend subsequent - events handling for this receiver. - type: boolean - type: - description: |- - Type of webhook sender, used to determine - the validation procedure and payload deserialization. - enum: - - generic - - generic-hmac - - github - - gitlab - - bitbucket - - harbor - - dockerhub - - quay - - gcr - - nexus - - acr - - cdevents - type: string - required: - - resources - - secretRef - - type - type: object - status: - default: - observedGeneration: -1 - description: ReceiverStatus defines the observed state of the Receiver. - properties: - conditions: - description: Conditions holds the conditions for the Receiver. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - lastHandledReconcileAt: - description: |- - LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value - can be detected. - type: string - observedGeneration: - description: ObservedGeneration is the last observed generation of - the Receiver object. - format: int64 - type: integer - webhookPath: - description: |- - WebhookPath is the generated incoming webhook address in the format - of '/hook/sha256sum(token+name+namespace)'. - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - deprecated: true - deprecationWarning: v1beta1 Receiver is deprecated, upgrade to v1 - name: v1beta1 - schema: - openAPIV3Schema: - description: Receiver is the Schema for the receivers API - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: ReceiverSpec defines the desired state of Receiver - properties: - events: - description: |- - A list of events to handle, - e.g. 'push' for GitHub or 'Push Hook' for GitLab. - items: - type: string - type: array - resources: - description: A list of resources to be notified about changes. - items: - description: |- - CrossNamespaceObjectReference contains enough information to let you locate the - typed referenced object at cluster level - properties: - apiVersion: - description: API version of the referent - type: string - kind: - description: Kind of the referent - enum: - - Bucket - - GitRepository - - Kustomization - - HelmRelease - - HelmChart - - HelmRepository - - ImageRepository - - ImagePolicy - - ImageUpdateAutomation - - OCIRepository - type: string - matchLabels: - additionalProperties: - type: string - description: |- - MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - name: - description: Name of the referent - maxLength: 53 - minLength: 1 - type: string - namespace: - description: Namespace of the referent - maxLength: 53 - minLength: 1 - type: string - required: - - name - type: object - type: array - secretRef: - description: |- - Secret reference containing the token used - to validate the payload authenticity - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - suspend: - description: |- - This flag tells the controller to suspend subsequent events handling. - Defaults to false. - type: boolean - type: - description: |- - Type of webhook sender, used to determine - the validation procedure and payload deserialization. - enum: - - generic - - generic-hmac - - github - - gitlab - - bitbucket - - harbor - - dockerhub - - quay - - gcr - - nexus - - acr - type: string - required: - - resources - - type - type: object - status: - default: - observedGeneration: -1 - description: ReceiverStatus defines the observed state of Receiver - properties: - conditions: - items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - observedGeneration: - description: ObservedGeneration is the last observed generation. - format: int64 - type: integer - url: - description: |- - Generated webhook URL in the format - of '/hook/sha256sum(token+name+namespace)'. - type: string - type: object - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - deprecated: true - deprecationWarning: v1beta2 Receiver is deprecated, upgrade to v1 - name: v1beta2 - schema: - openAPIV3Schema: - description: Receiver is the Schema for the receivers API. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: ReceiverSpec defines the desired state of the Receiver. - properties: - events: - description: |- - Events specifies the list of event types to handle, - e.g. 'push' for GitHub or 'Push Hook' for GitLab. - items: - type: string - type: array - interval: - description: Interval at which to reconcile the Receiver with its - Secret references. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - resources: - description: A list of resources to be notified about changes. - items: - description: |- - CrossNamespaceObjectReference contains enough information to let you locate the - typed referenced object at cluster level - properties: - apiVersion: - description: API version of the referent - type: string - kind: - description: Kind of the referent - enum: - - Bucket - - GitRepository - - Kustomization - - HelmRelease - - HelmChart - - HelmRepository - - ImageRepository - - ImagePolicy - - ImageUpdateAutomation - - OCIRepository - type: string - matchLabels: - additionalProperties: - type: string - description: |- - MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - MatchLabels requires the name to be set to `*`. - type: object - name: - description: |- - Name of the referent - If multiple resources are targeted `*` may be set. - maxLength: 53 - minLength: 1 - type: string - namespace: - description: Namespace of the referent - maxLength: 53 - minLength: 1 - type: string - required: - - kind - - name - type: object - type: array - secretRef: - description: |- - SecretRef specifies the Secret containing the token used - to validate the payload authenticity. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - suspend: - description: |- - Suspend tells the controller to suspend subsequent - events handling for this receiver. - type: boolean - type: - description: |- - Type of webhook sender, used to determine - the validation procedure and payload deserialization. - enum: - - generic - - generic-hmac - - github - - gitlab - - bitbucket - - harbor - - dockerhub - - quay - - gcr - - nexus - - acr - type: string - required: - - resources - - type - type: object - status: - default: - observedGeneration: -1 - description: ReceiverStatus defines the observed state of the Receiver. - properties: - conditions: - description: Conditions holds the conditions for the Receiver. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - lastHandledReconcileAt: - description: |- - LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value - can be detected. - type: string - observedGeneration: - description: ObservedGeneration is the last observed generation of - the Receiver object. - format: int64 - type: integer - url: - description: |- - URL is the generated incoming webhook address in the format - of '/hook/sha256sum(token+name+namespace)'. - Deprecated: Replaced by WebhookPath. - type: string - webhookPath: - description: |- - WebhookPath is the generated incoming webhook address in the format - of '/hook/sha256sum(token+name+namespace)'. - type: string - type: object - type: object - served: true - storage: false - subresources: - status: {} ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - labels: - app.kubernetes.io/component: notification-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.3.0 - name: notification-controller - namespace: flux-system ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app.kubernetes.io/component: notification-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.3.0 - control-plane: controller - name: notification-controller - namespace: flux-system -spec: - ports: - - name: http - port: 80 - protocol: TCP - targetPort: http - selector: - app: notification-controller - type: ClusterIP ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app.kubernetes.io/component: notification-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.3.0 - control-plane: controller - name: webhook-receiver - namespace: flux-system -spec: - ports: - - name: http - port: 80 - protocol: TCP - targetPort: http-webhook - selector: - app: notification-controller - type: ClusterIP ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app.kubernetes.io/component: notification-controller - app.kubernetes.io/instance: flux-system - app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v2.3.0 - control-plane: controller - name: notification-controller - namespace: flux-system -spec: - replicas: 1 - selector: - matchLabels: - app: notification-controller - template: - metadata: - annotations: - prometheus.io/port: "8080" - prometheus.io/scrape: "true" - labels: - app: notification-controller - spec: - containers: - - args: - - --watch-all-namespaces=true - - --log-level=info - - --log-encoding=json - - --enable-leader-election - env: - - name: RUNTIME_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: GOMAXPROCS - valueFrom: - resourceFieldRef: - containerName: manager - resource: limits.cpu - - name: GOMEMLIMIT - valueFrom: - resourceFieldRef: - containerName: manager - resource: limits.memory - image: ghcr.io/fluxcd/notification-controller:v1.3.0 - imagePullPolicy: IfNotPresent - livenessProbe: - httpGet: - path: /healthz - port: healthz - name: manager - ports: - - containerPort: 9090 - name: http - protocol: TCP - - containerPort: 9292 - name: http-webhook - protocol: TCP - - containerPort: 8080 - name: http-prom - protocol: TCP - - containerPort: 9440 - name: healthz - protocol: TCP - readinessProbe: - httpGet: - path: /readyz - port: healthz - resources: - limits: - cpu: 1000m - memory: 1Gi - requests: - cpu: 100m - memory: 64Mi - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - runAsNonRoot: true - seccompProfile: - type: RuntimeDefault - volumeMounts: - - mountPath: /tmp - name: temp - nodeSelector: - kubernetes.io/os: linux - securityContext: - fsGroup: 1337 - serviceAccountName: notification-controller - terminationGracePeriodSeconds: 10 - volumes: - - emptyDir: {} - name: temp diff --git a/flux/clusters/staging/flux-system/gotk-sync.yaml b/flux/clusters/staging/flux-system/gotk-sync.yaml deleted file mode 100644 index 3965b81..0000000 --- a/flux/clusters/staging/flux-system/gotk-sync.yaml +++ /dev/null @@ -1,27 +0,0 @@ -# This manifest was generated by flux. DO NOT EDIT. ---- -apiVersion: source.toolkit.fluxcd.io/v1 -kind: GitRepository -metadata: - name: flux-system - namespace: flux-system -spec: - interval: 1m0s - ref: - branch: main - secretRef: - name: flux-system - url: ssh://git@gitea.futureporn.net:2222/futureporn/fp ---- -apiVersion: kustomize.toolkit.fluxcd.io/v1 -kind: Kustomization -metadata: - name: flux-system - namespace: flux-system -spec: - interval: 10m0s - path: ./flux/clusters/staging - prune: true - sourceRef: - kind: GitRepository - name: flux-system diff --git a/flux/clusters/staging/flux-system/kustomization.yaml b/flux/clusters/staging/flux-system/kustomization.yaml deleted file mode 100644 index 3842229..0000000 --- a/flux/clusters/staging/flux-system/kustomization.yaml +++ /dev/null @@ -1,5 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: -- gotk-components.yaml -- gotk-sync.yaml diff --git a/flux/clusters/staging/infrastructure.yaml b/flux/clusters/staging/infrastructure.yaml deleted file mode 100644 index 32d9a8b..0000000 --- a/flux/clusters/staging/infrastructure.yaml +++ /dev/null @@ -1,56 +0,0 @@ ---- -apiVersion: kustomize.toolkit.fluxcd.io/v1 -kind: Kustomization -metadata: - name: infra-controllers - namespace: flux-system -spec: - interval: 1h - retryInterval: 1m - timeout: 5m - sourceRef: - kind: GitRepository - name: flux-system - path: ./flux/infrastructure/controllers - prune: true - wait: true - ---- -apiVersion: kustomize.toolkit.fluxcd.io/v1 -kind: Kustomization -metadata: - name: infra-configs - namespace: flux-system -spec: - dependsOn: - - name: infra-controllers - interval: 1h - retryInterval: 1m - timeout: 5m - sourceRef: - kind: GitRepository - name: flux-system - path: ./flux/infrastructure/configs - prune: true - patches: - - patch: | - - op: replace - path: /spec/acme/server - value: https://acme-staging-v02.api.letsencrypt.org/directory - target: - kind: ClusterIssuer - name: letsencrypt - - patch: | - - op: replace - path: /metadata/name - value: letsencrypt-staging - target: - kind: ClusterIssuer - name: letsencrypt - - patch: | - - op: replace - path: /spec/acme/privateKeySecretRef/name - value: letsencrypt-staging - target: - kind: ClusterIssuer - name: letsencrypt \ No newline at end of file diff --git a/flux/infrastructure/configs/cluster-issuers.yaml b/flux/infrastructure/configs/cluster-issuers.yaml deleted file mode 100644 index cc25cac..0000000 --- a/flux/infrastructure/configs/cluster-issuers.yaml +++ /dev/null @@ -1,31 +0,0 @@ -## Example values are replaced using environment-specific Kuztomization patches - ---- -apiVersion: cert-manager.io/v1 -kind: ClusterIssuer -metadata: - name: letsencrypt - annotations: - meta.helm.sh/release-name: fp - meta.helm.sh/release-namespace: futureporn - labels: - app.kubernetes.io/managed-by: Helm -spec: - acme: - # Replace the email address with your own contact email - email: cj@futureporn.net - server: https://example.com - privateKeySecretRef: - name: letsencrypt - solvers: - - dns01: - webhook: - groupName: acme.exoscale.com - solverName: exoscale - config: - apiKeyRef: - name: exoscale - key: apiKey - apiSecretRef: - name: exoscale - key: apiSecret \ No newline at end of file diff --git a/flux/infrastructure/configs/kustomization.yaml b/flux/infrastructure/configs/kustomization.yaml deleted file mode 100644 index de1ebfa..0000000 --- a/flux/infrastructure/configs/kustomization.yaml +++ /dev/null @@ -1,4 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: - - cluster-issuers.yaml diff --git a/flux/infrastructure/controllers/cert-manager.yaml b/flux/infrastructure/controllers/cert-manager.yaml deleted file mode 100644 index 096e981..0000000 --- a/flux/infrastructure/controllers/cert-manager.yaml +++ /dev/null @@ -1,36 +0,0 @@ ---- -apiVersion: v1 -kind: Namespace -metadata: - name: cert-manager - ---- -apiVersion: source.toolkit.fluxcd.io/v1 -kind: HelmRepository -metadata: - name: cert-manager - namespace: cert-manager -spec: - interval: 24h - url: https://charts.jetstack.io - ---- -apiVersion: helm.toolkit.fluxcd.io/v2 -kind: HelmRelease -metadata: - name: cert-manager - namespace: cert-manager -spec: - interval: 30m - chart: - spec: - chart: cert-manager - version: "1.x" - sourceRef: - kind: HelmRepository - name: cert-manager - namespace: cert-manager - interval: 12h - values: - installCRDs: true - diff --git a/flux/infrastructure/controllers/grafana-k8s-dashboards.yaml b/flux/infrastructure/controllers/grafana-k8s-dashboards.yaml deleted file mode 100644 index b9d2046..0000000 --- a/flux/infrastructure/controllers/grafana-k8s-dashboards.yaml +++ /dev/null @@ -1,21313 +0,0 @@ -apiVersion: v1 -data: - k8s-addons-prometheus.json: |- - { - "__inputs": [ - { - "name": "DS_PROMETHEUS", - "label": "Prometheus", - "description": "", - "type": "datasource", - "pluginId": "prometheus", - "pluginName": "Prometheus" - } - ], - "__elements": [], - "__requires": [ - { - "type": "grafana", - "id": "grafana", - "name": "Grafana", - "version": "8.5.0" - }, - { - "type": "datasource", - "id": "prometheus", - "name": "Prometheus", - "version": "5.0.0" - }, - { - "type": "panel", - "id": "timeseries", - "name": "Time series", - "version": "" - }, - { - "type": "panel", - "id": "stat", - "name": "Stat", - "version": "" - }, - { - "type": "panel", - "id": "table", - "name": "Table", - "version": "" - } - ], - "annotations": { - "list": [ - { - "builtIn": 1, - "datasource": { - "type": "datasource", - "uid": "grafana" - }, - "enable": true, - "hide": true, - "iconColor": "rgba(0, 211, 255, 1)", - "name": "Annotations & Alerts", - "target": { - "limit": 100, - "matchAny": false, - "tags": [], - "type": "dashboard" - }, - "type": "dashboard" - } - ] - }, - "description": "This is a modern 'Prometheus' dashboard for your Kubernetes cluster(s). Made for kube-prometheus-stack and take advantage of the latest Grafana features. GitHub repository: https://github.com/dotdc/grafana-dashboards-kubernetes", - "editable": true, - "fiscalYearStartMonth": 0, - "graphTooltip": 1, - "links": [], - "liveNow": false, - "panels": [ - { - "collapsed": false, - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "gridPos": { - "h": 1, - "w": 24, - "x": 0, - "y": 0 - }, - "id": 89, - "panels": [], - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "refId": "A" - } - ], - "title": "Information", - "type": "row" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "mappings": [], - "noValue": "?", - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "orange", - "value": null - } - ] - } - }, - "overrides": [] - }, - "gridPos": { - "h": 4, - "w": 6, - "x": 0, - "y": 1 - }, - "id": 78, - "options": { - "colorMode": "value", - "graphMode": "none", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "last" - ], - "fields": "", - "values": false - }, - "text": {}, - "textMode": "name" - }, - "pluginVersion": "10.0.1", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": false, - "expr": "prometheus_build_info{pod=~\"$pod\", cluster=~\"$cluster\"}", - "instant": true, - "interval": "", - "legendFormat": "{{ version }}", - "range": false, - "refId": "A" - } - ], - "title": "Prometheus version", - "type": "stat" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "mappings": [], - "noValue": "0", - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 1 - } - ] - } - }, - "overrides": [] - }, - "gridPos": { - "h": 4, - "w": 6, - "x": 6, - "y": 1 - }, - "id": 92, - "options": { - "colorMode": "value", - "graphMode": "none", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "last" - ], - "fields": "", - "values": false - }, - "text": {}, - "textMode": "value" - }, - "pluginVersion": "10.0.1", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": false, - "expr": "up{pod=~\"$pod\", cluster=~\"$cluster\"} < 1", - "instant": true, - "interval": "", - "legendFormat": "__auto", - "range": false, - "refId": "A" - } - ], - "title": "Instance Down", - "type": "stat" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "mappings": [], - "noValue": "0", - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "text", - "value": null - } - ] - } - }, - "overrides": [] - }, - "gridPos": { - "h": 4, - "w": 6, - "x": 12, - "y": 1 - }, - "id": 72, - "options": { - "colorMode": "value", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { - "calcs": [], - "fields": "", - "values": false - }, - "text": {}, - "textMode": "value" - }, - "pluginVersion": "10.0.1", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "expr": "sum(prometheus_tsdb_head_series{pod=~\"$pod\", cluster=~\"$cluster\"}) by (pod)", - "interval": "", - "legendFormat": "__auto", - "range": true, - "refId": "A" - } - ], - "title": "TSDB Head Series", - "type": "stat" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "mappings": [], - "noValue": "0", - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "blue", - "value": null - } - ] - } - }, - "overrides": [] - }, - "gridPos": { - "h": 4, - "w": 6, - "x": 18, - "y": 1 - }, - "id": 94, - "options": { - "colorMode": "value", - "graphMode": "none", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "last" - ], - "fields": "", - "values": false - }, - "text": {}, - "textMode": "value" - }, - "pluginVersion": "10.0.1", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": false, - "expr": "sum(prometheus_sd_discovered_targets{pod=~\"$pod\", cluster=~\"$cluster\"}) by (pod)", - "instant": true, - "interval": "", - "legendFormat": "__auto", - "range": false, - "refId": "A" - } - ], - "title": "Discovered Targets", - "type": "stat" - }, - { - "collapsed": false, - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "gridPos": { - "h": 1, - "w": 24, - "x": 0, - "y": 5 - }, - "id": 64, - "panels": [], - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "refId": "A" - } - ], - "title": "Prometheus", - "type": "row" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "smooth", - "lineStyle": { - "fill": "solid" - }, - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - } - ] - }, - "unit": "short" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 6 - }, - "id": 93, - "options": { - "legend": { - "calcs": [ - "min", - "max", - "mean" - ], - "displayMode": "list", - "placement": "right", - "showLegend": false - }, - "tooltip": { - "mode": "multi", - "sort": "desc" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "up{pod=~\"$pod\", cluster=~\"$cluster\"}", - "interval": "", - "legendFormat": "{{ pod }}", - "range": true, - "refId": "A" - } - ], - "title": "Liveness by pod", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "smooth", - "lineStyle": { - "fill": "solid" - }, - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - } - ] - }, - "unit": "short" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 6 - }, - "id": 96, - "options": { - "legend": { - "calcs": [ - "min", - "max", - "mean" - ], - "displayMode": "list", - "placement": "right", - "showLegend": false - }, - "tooltip": { - "mode": "multi", - "sort": "desc" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(prometheus_config_last_reload_successful{pod=~\"$pod\", cluster=~\"$cluster\"}) by (pod)", - "interval": "", - "legendFormat": "{{ pod }}", - "range": true, - "refId": "A" - } - ], - "title": "Config - Last Successful Reload by pod", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "smooth", - "lineStyle": { - "fill": "solid" - }, - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "short" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 14 - }, - "id": 74, - "options": { - "legend": { - "calcs": [ - "min", - "max", - "mean" - ], - "displayMode": "list", - "placement": "right", - "showLegend": false - }, - "tooltip": { - "mode": "multi", - "sort": "desc" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(rate(prometheus_target_scrapes_exceeded_body_size_limit_total{pod=~\"$pod\", cluster=~\"$cluster\"}[$__rate_interval])) by (pod)", - "interval": "", - "legendFormat": "{{ pod }} - Exceeded body size limit", - "range": true, - "refId": "A" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "expr": "sum(rate(prometheus_target_scrapes_exceeded_sample_limit_total{pod=~\"$pod\", cluster=~\"$cluster\"}[$__rate_interval])) by (pod)", - "hide": false, - "legendFormat": "{{ pod }} - Exceeded sample limit", - "range": true, - "refId": "B" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "expr": "sum(rate(prometheus_target_scrapes_sample_duplicate_timestamp_total{pod=~\"$pod\", cluster=~\"$cluster\"}[$__rate_interval])) by (pod)", - "hide": false, - "legendFormat": "{{ pod }} - Duplicate timestamp", - "range": true, - "refId": "C" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "expr": "sum(rate(prometheus_target_scrapes_sample_out_of_bounds_total{pod=~\"$pod\", cluster=~\"$cluster\"}[$__rate_interval])) by (pod)", - "hide": false, - "legendFormat": "{{ pod }} - Sample out of bounds", - "range": true, - "refId": "D" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "expr": "sum(rate(prometheus_target_scrapes_sample_out_of_order_total{pod=~\"$pod\", cluster=~\"$cluster\"}[$__rate_interval])) by (pod)", - "hide": false, - "legendFormat": "{{ pod }} - Sample out of order", - "range": true, - "refId": "E" - } - ], - "title": "Target Scrapes Errors by pod", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "smooth", - "lineStyle": { - "fill": "solid" - }, - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "short" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 14 - }, - "id": 84, - "options": { - "legend": { - "calcs": [ - "min", - "max", - "mean" - ], - "displayMode": "list", - "placement": "right", - "showLegend": false - }, - "tooltip": { - "mode": "multi", - "sort": "desc" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(prometheus_sd_discovered_targets{pod=~\"$pod\", cluster=~\"$cluster\"}) by (pod)", - "interval": "", - "legendFormat": "{{ pod }}", - "range": true, - "refId": "A" - } - ], - "title": "Number of Targets by pod", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "smooth", - "lineStyle": { - "fill": "solid" - }, - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "ms" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 22 - }, - "id": 75, - "options": { - "legend": { - "calcs": [ - "min", - "max", - "mean" - ], - "displayMode": "list", - "placement": "right", - "showLegend": false - }, - "tooltip": { - "mode": "multi", - "sort": "desc" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(rate(prometheus_target_sync_length_seconds_sum{pod=~\"$pod\", cluster=~\"$cluster\"}[$__rate_interval])) by (pod, scrape_job) * 1000", - "interval": "", - "legendFormat": "{{ pod }} - {{ scrape_job }}", - "range": true, - "refId": "A" - } - ], - "title": "Target Sync by pod, scrape_job", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "smooth", - "lineStyle": { - "fill": "solid" - }, - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "s" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 22 - }, - "id": 85, - "options": { - "legend": { - "calcs": [ - "min", - "max", - "mean" - ], - "displayMode": "list", - "placement": "right", - "showLegend": false - }, - "tooltip": { - "mode": "multi", - "sort": "desc" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "round(sum(rate(prometheus_target_interval_length_seconds_sum{pod=~\"$pod\", cluster=~\"$cluster\"}[$__rate_interval]) / rate(prometheus_target_interval_length_seconds_count{pod=~\"$pod\", cluster=~\"$cluster\"}[$__rate_interval])) by (pod))", - "interval": "", - "legendFormat": "{{ pod }}", - "range": true, - "refId": "A" - } - ], - "title": "Average Scrape Interval by pod", - "type": "timeseries" - }, - { - "collapsed": false, - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "gridPos": { - "h": 1, - "w": 24, - "x": 0, - "y": 30 - }, - "id": 98, - "panels": [], - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "refId": "A" - } - ], - "title": "Prometheus TSDB / Query Engine", - "type": "row" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "smooth", - "lineStyle": { - "fill": "solid" - }, - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "short" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 31 - }, - "id": 59, - "options": { - "legend": { - "calcs": [ - "min", - "max", - "mean" - ], - "displayMode": "list", - "placement": "right", - "showLegend": false - }, - "tooltip": { - "mode": "multi", - "sort": "desc" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(prometheus_tsdb_head_series{pod=~\"$pod\", cluster=~\"$cluster\"}) by (pod)", - "interval": "", - "legendFormat": "{{ pod }} - Head Series", - "range": true, - "refId": "A" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "expr": "sum(prometheus_tsdb_head_chunks{pod=~\"$pod\", cluster=~\"$cluster\"}) by (pod)", - "hide": false, - "legendFormat": "{{ pod }} - Head Chunks", - "range": true, - "refId": "B" - } - ], - "title": "TSDB Head Series & Chunks by pod", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "smooth", - "lineStyle": { - "fill": "solid" - }, - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "short" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 31 - }, - "id": 60, - "options": { - "legend": { - "calcs": [ - "min", - "max", - "mean" - ], - "displayMode": "list", - "placement": "right", - "showLegend": false - }, - "tooltip": { - "mode": "multi", - "sort": "desc" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(rate(prometheus_tsdb_head_samples_appended_total{pod=~\"$pod\", cluster=~\"$cluster\"}[$__rate_interval])) by (pod)", - "interval": "", - "legendFormat": "{{ pod }}", - "range": true, - "refId": "A" - } - ], - "title": "TSDB Head samples appended - rate by pod", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "smooth", - "lineStyle": { - "fill": "solid" - }, - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "short" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 39 - }, - "id": 101, - "options": { - "legend": { - "calcs": [ - "min", - "max", - "mean" - ], - "displayMode": "list", - "placement": "right", - "showLegend": false - }, - "tooltip": { - "mode": "multi", - "sort": "desc" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(prometheus_tsdb_blocks_loaded{pod=~\"$pod\", cluster=~\"$cluster\"}) by (pod)", - "interval": "", - "legendFormat": "{{ pod }} - Head Series", - "range": true, - "refId": "A" - } - ], - "title": "TSDB Blocks Loaded by pod", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "smooth", - "lineStyle": { - "fill": "solid" - }, - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "short" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 39 - }, - "id": 102, - "options": { - "legend": { - "calcs": [ - "min", - "max", - "mean" - ], - "displayMode": "list", - "placement": "right", - "showLegend": false - }, - "tooltip": { - "mode": "multi", - "sort": "desc" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(rate(prometheus_tsdb_compactions_total{pod=~\"$pod\", cluster=~\"$cluster\"}[$__rate_interval])) by (pod)", - "interval": "", - "legendFormat": "{{ pod }} - Total Compactions", - "range": true, - "refId": "A" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "expr": "sum(rate(prometheus_tsdb_compactions_triggered_total{pod=~\"$pod\", cluster=~\"$cluster\"}[$__rate_interval])) by (pod)", - "hide": false, - "legendFormat": "{{ pod }} - Triggered Compactions", - "range": true, - "refId": "B" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "expr": "sum(rate(prometheus_tsdb_compactions_skipped_total{pod=~\"$pod\", cluster=~\"$cluster\"}[$__rate_interval])) by (pod)", - "hide": false, - "legendFormat": "{{ pod }} - Skipped Compactions", - "range": true, - "refId": "C" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "expr": "sum(rate(prometheus_tsdb_compactions_failed_total{pod=~\"$pod\", cluster=~\"$cluster\"}[$__rate_interval])) by (pod)", - "hide": false, - "legendFormat": "{{ pod }} - Failed Compactions", - "range": true, - "refId": "D" - } - ], - "title": "TSDB Rate of Compactions by pod", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "smooth", - "lineStyle": { - "fill": "solid" - }, - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "short" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 47 - }, - "id": 90, - "options": { - "legend": { - "calcs": [ - "min", - "max", - "mean" - ], - "displayMode": "list", - "placement": "right", - "showLegend": false - }, - "tooltip": { - "mode": "multi", - "sort": "desc" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(rate(prometheus_tsdb_reloads_failures_total{pod=~\"$pod\", cluster=~\"$cluster\"}[$__rate_interval])) by (pod)", - "interval": "", - "legendFormat": "{{ pod }}", - "range": true, - "refId": "A" - } - ], - "title": "TSDB Reload Failures by pod", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "smooth", - "lineStyle": { - "fill": "solid" - }, - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "short" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 47 - }, - "id": 95, - "options": { - "legend": { - "calcs": [ - "min", - "max", - "mean" - ], - "displayMode": "list", - "placement": "right", - "showLegend": false - }, - "tooltip": { - "mode": "multi", - "sort": "desc" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(rate(prometheus_tsdb_head_series_created_total{pod=~\"$pod\", cluster=~\"$cluster\"}[$__rate_interval])) by (pod)", - "interval": "", - "legendFormat": "{{ pod }} - Created series", - "range": true, - "refId": "A" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "expr": "sum(rate(prometheus_tsdb_head_series_removed_total{pod=~\"$pod\", cluster=~\"$cluster\"}[$__rate_interval])) by (pod)", - "hide": false, - "legendFormat": "{{ pod }} - Deleted series", - "range": true, - "refId": "B" - } - ], - "title": "TSDB Created & Deleted series by pod", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "smooth", - "lineStyle": { - "fill": "solid" - }, - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 55 - }, - "id": 73, - "options": { - "legend": { - "calcs": [ - "min", - "max", - "mean" - ], - "displayMode": "list", - "placement": "right", - "showLegend": false - }, - "tooltip": { - "mode": "multi", - "sort": "desc" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(rate(prometheus_engine_query_duration_seconds_count{pod=~\"$pod\", slice=\"inner_eval\", cluster=~\"$cluster\"}[$__rate_interval])) by (pod)", - "interval": "", - "legendFormat": "{{ pod }}", - "range": true, - "refId": "A" - } - ], - "title": "Engine Query Count by pod", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "smooth", - "lineStyle": { - "fill": "solid" - }, - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "ms" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 55 - }, - "id": 86, - "options": { - "legend": { - "calcs": [ - "min", - "max", - "mean" - ], - "displayMode": "list", - "placement": "right", - "showLegend": false - }, - "tooltip": { - "mode": "multi", - "sort": "desc" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "max(prometheus_engine_query_duration_seconds{pod=~\"$pod\", cluster=~\"$cluster\"}) by (pod, slice) * 1000", - "interval": "", - "legendFormat": "{{ pod }} - {{ slice }}", - "range": true, - "refId": "A" - } - ], - "title": "Engine Query Duration by pod, slice", - "type": "timeseries" - }, - { - "collapsed": false, - "datasource": { - "type": "datasource", - "uid": "grafana" - }, - "gridPos": { - "h": 1, - "w": 24, - "x": 0, - "y": 63 - }, - "id": 47, - "panels": [], - "targets": [ - { - "datasource": { - "type": "datasource", - "uid": "grafana" - }, - "refId": "A" - } - ], - "title": "Resources", - "type": "row" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "CPU Cores", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": true, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "decimals": 4, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "none" - }, - "overrides": [ - { - "matcher": { - "id": "byName", - "options": "limit" - }, - "properties": [ - { - "id": "color", - "value": { - "fixedColor": "#F2495C", - "mode": "fixed" - } - }, - { - "id": "custom.fillOpacity", - "value": 0 - } - ] - } - ] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 64 - }, - "id": 29, - "options": { - "legend": { - "calcs": [ - "min", - "max", - "mean" - ], - "displayMode": "table", - "placement": "right", - "showLegend": false - }, - "tooltip": { - "mode": "multi", - "sort": "desc" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(rate(container_cpu_usage_seconds_total{pod=~\"$pod\", image!=\"\", container!=\"\", cluster=~\"$cluster\"}[$__rate_interval])) by (pod, container)", - "interval": "$resolution", - "legendFormat": "{{ pod }} - {{ container }}", - "range": true, - "refId": "A" - } - ], - "title": "CPU Usage by pod, container", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "Bytes", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "smooth", - "lineStyle": { - "fill": "solid" - }, - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": true, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "decimals": 2, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "bytes" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 64 - }, - "id": 51, - "options": { - "legend": { - "calcs": [ - "min", - "max", - "mean" - ], - "displayMode": "table", - "placement": "right", - "showLegend": false - }, - "tooltip": { - "mode": "multi", - "sort": "desc" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(container_memory_working_set_bytes{pod=~\"$pod\", image!=\"\", container!=\"\", cluster=~\"$cluster\"}) by (pod, container)", - "interval": "", - "legendFormat": "{{ pod }} - {{ container }}", - "range": true, - "refId": "A" - } - ], - "title": "Memory Usage by container", - "type": "timeseries" - }, - { - "collapsed": false, - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "gridPos": { - "h": 1, - "w": 24, - "x": 0, - "y": 72 - }, - "id": 66, - "panels": [], - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "refId": "A" - } - ], - "title": "Storage", - "type": "row" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "smooth", - "lineStyle": { - "fill": "solid" - }, - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": true, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "percentunit" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 73 - }, - "id": 62, - "options": { - "legend": { - "calcs": [ - "min", - "max", - "mean" - ], - "displayMode": "table", - "placement": "right", - "showLegend": true - }, - "tooltip": { - "mode": "multi", - "sort": "desc" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(kubelet_volume_stats_used_bytes{persistentvolumeclaim=~\".*prom.*\", cluster=~\"$cluster\"}) by (persistentvolumeclaim) / sum(kubelet_volume_stats_capacity_bytes{persistentvolumeclaim=~\".*prom.*\", cluster=~\"$cluster\"}) by (persistentvolumeclaim)", - "interval": "", - "legendFormat": "{{ persistentvolumeclaim }}", - "range": true, - "refId": "A" - } - ], - "title": "Persistent Volumes - Capacity and usage in %", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "smooth", - "lineStyle": { - "fill": "solid" - }, - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": true, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "bytes" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 73 - }, - "id": 87, - "options": { - "legend": { - "calcs": [ - "min", - "max", - "mean" - ], - "displayMode": "table", - "placement": "right", - "showLegend": true - }, - "tooltip": { - "mode": "multi", - "sort": "desc" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(kubelet_volume_stats_used_bytes{persistentvolumeclaim=~\".*prom.*\", cluster=~\"$cluster\"}) by (persistentvolumeclaim)", - "interval": "", - "legendFormat": "{{ persistentvolumeclaim }} - Used", - "range": true, - "refId": "A" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(kubelet_volume_stats_capacity_bytes{persistentvolumeclaim=~\".*prom.*\", cluster=~\"$cluster\"}) by (persistentvolumeclaim)", - "hide": false, - "legendFormat": "{{ persistentvolumeclaim }} - Capacity", - "range": true, - "refId": "B" - } - ], - "title": "Persistent Volumes - Capacity and usage in bytes", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": true, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "links": [], - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "percentunit" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 81 - }, - "id": 68, - "links": [], - "options": { - "legend": { - "calcs": [], - "displayMode": "table", - "placement": "right", - "showLegend": true - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "8.3.4", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "1 - sum(kubelet_volume_stats_inodes_used{persistentvolumeclaim=~\".*prom.*\", cluster=~\"$cluster\"}) by (persistentvolumeclaim) / sum(kubelet_volume_stats_inodes{persistentvolumeclaim=~\".*prom.*\", cluster=~\"$cluster\"}) by (persistentvolumeclaim)", - "format": "time_series", - "interval": "", - "intervalFactor": 1, - "legendFormat": "{{ persistentvolumeclaim }}", - "range": true, - "refId": "A", - "step": 240 - } - ], - "title": "Persistent Volumes - Inodes", - "type": "timeseries" - }, - { - "collapsed": false, - "datasource": { - "type": "datasource", - "uid": "grafana" - }, - "gridPos": { - "h": 1, - "w": 24, - "x": 0, - "y": 89 - }, - "id": 45, - "panels": [], - "targets": [ - { - "datasource": { - "type": "datasource", - "uid": "grafana" - }, - "refId": "A" - } - ], - "title": "Network", - "type": "row" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": true, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "bytes" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 90 - }, - "id": 31, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": false - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(rate(container_network_receive_bytes_total{pod=~\"$pod\", cluster=~\"$cluster\"}[$__rate_interval])) by (pod)", - "interval": "$resolution", - "legendFormat": "{{ pod }} - Received", - "range": true, - "refId": "A" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "- sum(rate(container_network_transmit_bytes_total{pod=~\"$pod\", cluster=~\"$cluster\"}[$__rate_interval])) by (pod)", - "interval": "$resolution", - "legendFormat": "{{ pod }} - Transmitted", - "range": true, - "refId": "B" - } - ], - "title": "Network - Bandwidth by pod", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": true, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "pps" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 90 - }, - "id": 34, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": false - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(rate(container_network_receive_packets_total{pod=~\"$pod\", cluster=~\"$cluster\"}[$__rate_interval])) by (pod)", - "interval": "$resolution", - "legendFormat": "{{ pod }} - Received", - "range": true, - "refId": "A" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "- sum(rate(container_network_transmit_packets_total{pod=~\"$pod\", cluster=~\"$cluster\"}[$__rate_interval])) by (pod)", - "interval": "$resolution", - "legendFormat": "{{ pod }} - Transmitted", - "range": true, - "refId": "B" - } - ], - "title": "Network - Packets rate by pod", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": true, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "pps" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 98 - }, - "id": 36, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": false - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(rate(container_network_receive_packets_dropped_total{pod=~\"$pod\", cluster=~\"$cluster\"}[$__rate_interval])) by (pod)", - "interval": "$resolution", - "legendFormat": "{{ pod }} - Received", - "range": true, - "refId": "A" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "- sum(rate(container_network_transmit_packets_dropped_total{pod=~\"$pod\", cluster=~\"$cluster\"}[$__rate_interval])) by (pod)", - "interval": "$resolution", - "legendFormat": "{{ pod }} - Transmitted", - "range": true, - "refId": "B" - } - ], - "title": "Network - Packets Dropped by pod", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": true, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "pps" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 98 - }, - "id": 37, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": false - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(rate(container_network_receive_errors_total{pod=~\"$pod\", cluster=~\"$cluster\"}[$__rate_interval])) by (pod)", - "interval": "$resolution", - "legendFormat": "{{ pod }} - Received", - "range": true, - "refId": "A" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "- sum(rate(container_network_transmit_errors_total{pod=~\"$pod\", cluster=~\"$cluster\"}[$__rate_interval])) by (pod)", - "interval": "$resolution", - "legendFormat": "{{ pod }} - Transmitted", - "range": true, - "refId": "B" - } - ], - "title": "Network - Errors by pod", - "type": "timeseries" - } - ], - "refresh": "30s", - "revision": 1, - "schemaVersion": 38, - "style": "dark", - "tags": [ - "Kubernetes", - "Prometheus" - ], - "templating": { - "list": [ - { - "current": { - "selected": true, - "text": "Prometheus", - "value": "Prometheus" - }, - "hide": 0, - "includeAll": false, - "multi": false, - "name": "datasource", - "options": [], - "query": "prometheus", - "queryValue": "", - "refresh": 1, - "regex": "", - "skipUrlSync": false, - "type": "datasource" - }, - { - "current": { - "isNone": true, - "selected": false, - "text": "None", - "value": "" - }, - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "definition": "label_values(kube_node_info,cluster)", - "hide": 0, - "includeAll": false, - "multi": false, - "name": "cluster", - "options": [], - "query": { - "qryType": 1, - "query": "label_values(kube_node_info,cluster)", - "refId": "PrometheusVariableQueryEditor-VariableQuery" - }, - "refresh": 1, - "regex": "", - "skipUrlSync": false, - "sort": 1, - "type": "query" - }, - { - "current": { - "selected": false, - "text": "All", - "value": "$__all" - }, - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "definition": "label_values(prometheus_build_info{cluster=\"$cluster\"}, pod)", - "hide": 0, - "includeAll": true, - "multi": false, - "name": "pod", - "options": [], - "query": { - "query": "label_values(prometheus_build_info{cluster=\"$cluster\"}, pod)", - "refId": "StandardVariableQuery" - }, - "refresh": 2, - "regex": "", - "skipUrlSync": false, - "sort": 1, - "tagValuesQuery": "", - "tagsQuery": "", - "type": "query", - "useTags": false - }, - { - "current": { - "selected": false, - "text": "30s", - "value": "30s" - }, - "hide": 0, - "includeAll": false, - "multi": false, - "name": "resolution", - "options": [ - { - "selected": false, - "text": "1s", - "value": "1s" - }, - { - "selected": false, - "text": "15s", - "value": "15s" - }, - { - "selected": true, - "text": "30s", - "value": "30s" - }, - { - "selected": false, - "text": "1m", - "value": "1m" - }, - { - "selected": false, - "text": "3m", - "value": "3m" - }, - { - "selected": false, - "text": "5m", - "value": "5m" - } - ], - "query": "1s, 15s, 30s, 1m, 3m, 5m", - "queryValue": "", - "skipUrlSync": false, - "type": "custom" - } - ] - }, - "time": { - "from": "now-15m", - "to": "now" - }, - "timepicker": {}, - "timezone": "", - "title": "Prometheus", - "uid": "k8s_addons_prometheus", - "version": 3, - "weekStart": "" - } -kind: ConfigMap -metadata: - annotations: - grafana_folder: Kubernetes - labels: - grafana_dashboard: "1" - name: dashboards-k8s-addons-prometheus - namespace: futureporn ---- -apiVersion: v1 -data: - k8s-addons-trivy-operator.json: | - { - "__inputs": [ - { - "name": "DS_PROMETHEUS", - "label": "Prometheus", - "description": "", - "type": "datasource", - "pluginId": "prometheus", - "pluginName": "Prometheus" - } - ], - "__elements": [], - "__requires": [ - { - "type": "grafana", - "id": "grafana", - "name": "Grafana", - "version": "8.5.0" - }, - { - "type": "datasource", - "id": "prometheus", - "name": "Prometheus", - "version": "5.0.0" - }, - { - "type": "panel", - "id": "timeseries", - "name": "Time series", - "version": "" - }, - { - "type": "panel", - "id": "stat", - "name": "Stat", - "version": "" - }, - { - "type": "panel", - "id": "table", - "name": "Table", - "version": "" - } - ], - "annotations": { - "list": [ - { - "builtIn": 1, - "datasource": { - "type": "datasource", - "uid": "grafana" - }, - "enable": true, - "hide": true, - "iconColor": "rgba(0, 211, 255, 1)", - "name": "Annotations & Alerts", - "target": { - "limit": 100, - "matchAny": false, - "tags": [], - "type": "dashboard" - }, - "type": "dashboard" - } - ] - }, - "description": "This is a modern dashboard for the Trivy Operator from Aqua Security. Made to take advantage of the latest Grafana features. GitHub repository: https://github.com/dotdc/grafana-dashboards-kubernetes", - "editable": true, - "fiscalYearStartMonth": 0, - "graphTooltip": 1, - "links": [], - "liveNow": false, - "panels": [ - { - "collapsed": false, - "datasource": { - "type": "datasource", - "uid": "grafana" - }, - "gridPos": { - "h": 1, - "w": 24, - "x": 0, - "y": 0 - }, - "id": 43, - "panels": [], - "title": "Vulnerabilities", - "type": "row" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 1 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 4, - "w": 4, - "x": 0, - "y": 1 - }, - "id": 51, - "options": { - "colorMode": "value", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "last" - ], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "9.3.8", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": false, - "expr": "sum(trivy_image_vulnerabilities{severity=\"Critical\", namespace=~\"$namespace\", cluster=~\"$cluster\"})", - "instant": true, - "interval": "$resolution", - "legendFormat": "__auto", - "refId": "A" - } - ], - "title": "CRITICAL", - "type": "stat" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "orange", - "value": 1 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 4, - "w": 4, - "x": 4, - "y": 1 - }, - "id": 50, - "options": { - "colorMode": "value", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "last" - ], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "9.3.8", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": false, - "expr": "sum(trivy_image_vulnerabilities{severity=\"High\", namespace=~\"$namespace\", cluster=~\"$cluster\"})", - "instant": true, - "interval": "$resolution", - "legendFormat": "__auto", - "refId": "A" - } - ], - "title": "HIGH", - "type": "stat" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "yellow", - "value": 1 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 4, - "w": 4, - "x": 8, - "y": 1 - }, - "id": 49, - "options": { - "colorMode": "value", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "last" - ], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "9.3.8", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": false, - "expr": "sum(trivy_image_vulnerabilities{severity=\"Medium\", namespace=~\"$namespace\", cluster=~\"$cluster\"})", - "instant": true, - "interval": "$resolution", - "legendFormat": "__auto", - "refId": "A" - } - ], - "title": "MEDIUM", - "type": "stat" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "blue", - "value": 1 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 4, - "w": 4, - "x": 12, - "y": 1 - }, - "id": 60, - "options": { - "colorMode": "value", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "last" - ], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "9.3.8", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": false, - "expr": "sum(trivy_image_vulnerabilities{severity=\"Low\", namespace=~\"$namespace\", cluster=~\"$cluster\"})", - "instant": true, - "interval": "$resolution", - "legendFormat": "__auto", - "refId": "A" - } - ], - "title": "LOW", - "type": "stat" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "purple", - "value": 1 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 4, - "w": 4, - "x": 16, - "y": 1 - }, - "id": 52, - "options": { - "colorMode": "value", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "last" - ], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "9.3.8", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": false, - "expr": "sum(trivy_image_vulnerabilities{severity=\"Unknown\", namespace=~\"$namespace\", cluster=~\"$cluster\"})", - "instant": true, - "interval": "$resolution", - "legendFormat": "__auto", - "refId": "A" - } - ], - "title": "UNKNOWN", - "type": "stat" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "text", - "value": 1 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 4, - "w": 4, - "x": 20, - "y": 1 - }, - "id": 39, - "options": { - "colorMode": "value", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "last" - ], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "9.3.8", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": false, - "expr": "sum(trivy_image_vulnerabilities{namespace=~\"$namespace\", cluster=~\"$cluster\"})", - "instant": true, - "interval": "$resolution", - "legendFormat": "__auto", - "refId": "A" - } - ], - "title": "TOTAL", - "type": "stat" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 15, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "linear", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "blue", - "value": 1 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 5 - }, - "id": 58, - "options": { - "legend": { - "calcs": [], - "displayMode": "table", - "placement": "right", - "showLegend": true - }, - "tooltip": { - "mode": "single", - "sort": "none" - } - }, - "pluginVersion": "8.5.0", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": false, - "expr": "sum(trivy_image_vulnerabilities{cluster=~\"$cluster\"}) by (namespace)", - "instant": false, - "interval": "$resolution", - "legendFormat": "{{namespace}}", - "range": true, - "refId": "A" - } - ], - "title": "Total vulnerabilities by namespaces", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 15, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "linear", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "blue", - "value": 1 - } - ] - }, - "unit": "none" - }, - "overrides": [ - { - "matcher": { - "id": "byName", - "options": "Critical" - }, - "properties": [ - { - "id": "color", - "value": { - "fixedColor": "red", - "mode": "fixed" - } - } - ] - }, - { - "matcher": { - "id": "byName", - "options": "High" - }, - "properties": [ - { - "id": "color", - "value": { - "fixedColor": "orange", - "mode": "fixed" - } - } - ] - }, - { - "matcher": { - "id": "byName", - "options": "Medium" - }, - "properties": [ - { - "id": "color", - "value": { - "fixedColor": "yellow", - "mode": "fixed" - } - } - ] - }, - { - "matcher": { - "id": "byName", - "options": "Low" - }, - "properties": [ - { - "id": "color", - "value": { - "fixedColor": "blue", - "mode": "fixed" - } - } - ] - }, - { - "matcher": { - "id": "byName", - "options": "Unknown" - }, - "properties": [ - { - "id": "color", - "value": { - "fixedColor": "purple", - "mode": "fixed" - } - } - ] - } - ] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 5 - }, - "id": 61, - "options": { - "legend": { - "calcs": [], - "displayMode": "table", - "placement": "right", - "showLegend": true - }, - "tooltip": { - "mode": "multi", - "sort": "desc" - } - }, - "pluginVersion": "8.5.0", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": false, - "expr": "sum(trivy_image_vulnerabilities{cluster=~\"$cluster\"}) by (severity)", - "instant": false, - "interval": "$resolution", - "legendFormat": "__auto", - "range": true, - "refId": "A" - } - ], - "title": "Total vulnerabilities by severity", - "type": "timeseries" - }, - { - "collapsed": false, - "gridPos": { - "h": 1, - "w": 24, - "x": 0, - "y": 13 - }, - "id": 85, - "panels": [], - "title": "Vulnerability Details", - "type": "row" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "description": "", - "fieldConfig": { - "defaults": { - "custom": { - "align": "auto", - "displayMode": "auto", - "filterable": true, - "inspect": false - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "orange", - "value": 80 - } - ] - } - }, - "overrides": [ - { - "matcher": { - "id": "byName", - "options": "severity" - }, - "properties": [ - { - "id": "mappings", - "value": [ - { - "options": { - "Critical": { - "color": "red", - "index": 0 - }, - "High": { - "color": "orange", - "index": 1 - }, - "Low": { - "color": "blue", - "index": 3 - }, - "Medium": { - "color": "yellow", - "index": 2 - }, - "Unknown": { - "color": "purple", - "index": 4 - } - }, - "type": "value" - } - ] - }, - { - "id": "custom.displayMode", - "value": "color-text" - } - ] - } - ] - }, - "gridPos": { - "h": 12, - "w": 24, - "x": 0, - "y": 14 - }, - "id": 83, - "options": { - "footer": { - "enablePagination": true, - "fields": [ - "Value" - ], - "reducer": [ - "sum" - ], - "show": false - }, - "showHeader": true, - "sortBy": [] - }, - "pluginVersion": "9.3.8", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": false, - "expr": "sum(trivy_image_vulnerabilities{namespace=~\"$namespace\", cluster=~\"$cluster\"}) by (namespace, image_registry, image_repository, image_tag, severity) > 0", - "format": "table", - "instant": false, - "legendFormat": "__auto", - "range": true, - "refId": "A" - } - ], - "title": "Vulnerability count per image and severity in $namespace namespace(s)", - "transformations": [ - { - "id": "organize", - "options": { - "excludeByName": { - "Time": true, - "Value": false - }, - "indexByName": { - "Time": 0, - "Value": 6, - "image_registry": 2, - "image_repository": 3, - "image_tag": 4, - "namespace": 1, - "severity": 5 - }, - "renameByName": { - "Value": "Nb of vulnerabilities", - "image_registry": "Image Registry", - "image_repository": "Image Repository", - "image_tag": "Image Tag", - "namespace": "Namespace", - "severity": "Severity" - } - } - }, - { - "id": "groupBy", - "options": { - "fields": { - "All values": { - "aggregations": [], - "operation": "groupby" - }, - "Count": { - "aggregations": [], - "operation": "groupby" - }, - "Image Registry": { - "aggregations": [], - "operation": "groupby" - }, - "Image Repository": { - "aggregations": [], - "operation": "groupby" - }, - "Image Tag": { - "aggregations": [], - "operation": "groupby" - }, - "Namespace": { - "aggregations": [], - "operation": "groupby" - }, - "Nb of vulnerabilities": { - "aggregations": [], - "operation": "groupby" - }, - "Severity": { - "aggregations": [], - "operation": "groupby" - }, - "Value": { - "aggregations": [], - "operation": "groupby" - }, - "image_registry": { - "aggregations": [], - "operation": "groupby" - }, - "image_repository": { - "aggregations": [], - "operation": "groupby" - }, - "image_tag": { - "aggregations": [], - "operation": "groupby" - }, - "namespace": { - "aggregations": [], - "operation": "groupby" - }, - "severity": { - "aggregations": [], - "operation": "groupby" - } - } - } - } - ], - "type": "table" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "description": "Require operator.metricsVulnIdEnabled: true", - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "custom": { - "align": "auto", - "displayMode": "auto", - "filterable": true, - "inspect": false - }, - "links": [], - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "blue", - "value": 1 - } - ] - }, - "unit": "none" - }, - "overrides": [ - { - "matcher": { - "id": "byName", - "options": "severity" - }, - "properties": [ - { - "id": "mappings", - "value": [ - { - "options": { - "Critical": { - "color": "red", - "index": 0 - }, - "High": { - "color": "orange", - "index": 1 - }, - "Low": { - "color": "blue", - "index": 3 - }, - "Medium": { - "color": "yellow", - "index": 2 - }, - "Unknown": { - "color": "purple", - "index": 4 - } - }, - "type": "value" - } - ] - }, - { - "id": "custom.displayMode", - "value": "color-text" - } - ] - }, - { - "matcher": { - "id": "byName", - "options": "vuln_id" - }, - "properties": [ - { - "id": "links", - "value": [ - { - "targetBlank": true, - "title": "https://nvd.nist.gov/vuln/detail/${__value.text}", - "url": "https://nvd.nist.gov/vuln/detail/${__value.text}" - } - ] - } - ] - } - ] - }, - "gridPos": { - "h": 12, - "w": 24, - "x": 0, - "y": 26 - }, - "id": 78, - "options": { - "footer": { - "enablePagination": true, - "fields": "", - "reducer": [ - "sum" - ], - "show": false - }, - "showHeader": true, - "sortBy": [] - }, - "pluginVersion": "9.3.8", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": false, - "expr": "sum(trivy_vulnerability_id{vuln_id=~\"CVE.*\", namespace=~\"$namespace\", cluster=~\"$cluster\"}) by (namespace, image_registry, image_repository, image_tag, vuln_id, severity)", - "format": "table", - "instant": false, - "interval": "$resolution", - "legendFormat": "__auto", - "range": true, - "refId": "A" - } - ], - "title": "Detaillled CVE vulnerabilities in $namespace namespace(s)", - "transformations": [ - { - "id": "organize", - "options": { - "excludeByName": { - "Time": true, - "Value": true, - "__name__": true, - "container": true, - "endpoint": true, - "instance": true, - "job": true, - "namespace": false, - "service": true - }, - "indexByName": { - "Time": 0, - "Value": 7, - "image_registry": 2, - "image_repository": 3, - "image_tag": 4, - "namespace": 1, - "severity": 6, - "vuln_id": 5 - }, - "renameByName": { - "image_namespace": "namespace", - "image_registry": "Image Registry", - "image_repository": "Image Repository", - "image_tag": "Image Tag", - "namespace": "Namespace", - "severity": "Severity", - "vuln_id": "Vulnerability", - "vulnerability_id": "" - } - } - }, - { - "id": "groupBy", - "options": { - "fields": { - "Image Registry": { - "aggregations": [], - "operation": "groupby" - }, - "Image Repository": { - "aggregations": [], - "operation": "groupby" - }, - "Image Tag": { - "aggregations": [], - "operation": "groupby" - }, - "Namespace": { - "aggregations": [], - "operation": "groupby" - }, - "Severity": { - "aggregations": [], - "operation": "groupby" - }, - "Value": { - "aggregations": [ - "lastNotNull" - ] - }, - "Vulnerability": { - "aggregations": [], - "operation": "groupby" - }, - "image_namespace": { - "aggregations": [], - "operation": "groupby" - }, - "namespace": { - "aggregations": [], - "operation": "groupby" - }, - "severity": { - "aggregations": [], - "operation": "groupby" - }, - "vuln_id": { - "aggregations": [], - "operation": "groupby" - }, - "vulnerability_id": { - "aggregations": [], - "operation": "groupby" - } - } - } - } - ], - "type": "table" - }, - { - "collapsed": false, - "datasource": { - "type": "datasource", - "uid": "grafana" - }, - "gridPos": { - "h": 1, - "w": 24, - "x": 0, - "y": 38 - }, - "id": 47, - "panels": [], - "title": "Config Audit Reports", - "type": "row" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 1 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 4, - "w": 4, - "x": 0, - "y": 39 - }, - "id": 56, - "options": { - "colorMode": "value", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "last" - ], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "9.3.8", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": false, - "expr": "sum(trivy_resource_configaudits{severity=\"Critical\", namespace=~\"$namespace\", cluster=~\"$cluster\"})", - "instant": true, - "interval": "$resolution", - "legendFormat": "__auto", - "refId": "A" - } - ], - "title": "CRITICAL", - "type": "stat" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "orange", - "value": 1 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 4, - "w": 4, - "x": 4, - "y": 39 - }, - "id": 55, - "options": { - "colorMode": "value", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "last" - ], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "9.3.8", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": false, - "expr": "sum(trivy_resource_configaudits{severity=\"High\", namespace=~\"$namespace\", cluster=~\"$cluster\"})", - "instant": true, - "interval": "$resolution", - "legendFormat": "__auto", - "refId": "A" - } - ], - "title": "HIGH", - "type": "stat" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "yellow", - "value": 1 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 4, - "w": 4, - "x": 8, - "y": 39 - }, - "id": 54, - "options": { - "colorMode": "value", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "last" - ], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "9.3.8", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": false, - "expr": "sum(trivy_resource_configaudits{severity=\"Medium\", namespace=~\"$namespace\", cluster=~\"$cluster\"})", - "instant": true, - "interval": "$resolution", - "legendFormat": "__auto", - "refId": "A" - } - ], - "title": "MEDIUM", - "type": "stat" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "blue", - "value": 1 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 4, - "w": 4, - "x": 12, - "y": 39 - }, - "id": 53, - "options": { - "colorMode": "value", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "last" - ], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "9.3.8", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": false, - "expr": "sum(trivy_resource_configaudits{severity=\"Low\", namespace=~\"$namespace\", cluster=~\"$cluster\"})", - "instant": true, - "interval": "$resolution", - "legendFormat": "__auto", - "refId": "A" - } - ], - "title": "LOW", - "type": "stat" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "text", - "value": 1 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 4, - "w": 4, - "x": 16, - "y": 39 - }, - "id": 65, - "options": { - "colorMode": "value", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "last" - ], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "9.3.8", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": false, - "expr": "sum(trivy_resource_configaudits{namespace=~\"$namespace\", cluster=~\"$cluster\"})", - "instant": true, - "interval": "$resolution", - "legendFormat": "__auto", - "refId": "A" - } - ], - "title": "TOTAL", - "type": "stat" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 15, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "linear", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "blue", - "value": 1 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 43 - }, - "id": 62, - "options": { - "legend": { - "calcs": [], - "displayMode": "table", - "placement": "right", - "showLegend": true - }, - "tooltip": { - "mode": "single", - "sort": "none" - } - }, - "pluginVersion": "8.5.0", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": false, - "expr": "sum(trivy_resource_configaudits{cluster=~\"$cluster\"}) by (namespace)", - "instant": false, - "interval": "$resolution", - "legendFormat": "__auto", - "range": true, - "refId": "A" - } - ], - "title": "Total config audit report by namespaces", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 15, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "linear", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "blue", - "value": 1 - } - ] - }, - "unit": "none" - }, - "overrides": [ - { - "matcher": { - "id": "byName", - "options": "Critical" - }, - "properties": [ - { - "id": "color", - "value": { - "fixedColor": "red", - "mode": "fixed" - } - } - ] - }, - { - "matcher": { - "id": "byName", - "options": "High" - }, - "properties": [ - { - "id": "color", - "value": { - "fixedColor": "orange", - "mode": "fixed" - } - } - ] - }, - { - "matcher": { - "id": "byName", - "options": "Medium" - }, - "properties": [ - { - "id": "color", - "value": { - "fixedColor": "yellow", - "mode": "fixed" - } - } - ] - }, - { - "matcher": { - "id": "byName", - "options": "Low" - }, - "properties": [ - { - "id": "color", - "value": { - "fixedColor": "blue", - "mode": "fixed" - } - } - ] - } - ] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 43 - }, - "id": 63, - "options": { - "legend": { - "calcs": [], - "displayMode": "table", - "placement": "right", - "showLegend": true - }, - "tooltip": { - "mode": "multi", - "sort": "desc" - } - }, - "pluginVersion": "8.5.0", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": false, - "expr": "sum(trivy_resource_configaudits{cluster=~\"$cluster\"}) by (severity)", - "instant": false, - "interval": "$resolution", - "legendFormat": "__auto", - "range": true, - "refId": "A" - } - ], - "title": "Total config audit report by severity", - "type": "timeseries" - }, - { - "collapsed": false, - "gridPos": { - "h": 1, - "w": 24, - "x": 0, - "y": 51 - }, - "id": 68, - "panels": [], - "title": "RBAC Assessments", - "type": "row" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 1 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 4, - "w": 4, - "x": 0, - "y": 52 - }, - "id": 72, - "options": { - "colorMode": "value", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "last" - ], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "9.3.8", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": false, - "expr": "sum(trivy_role_rbacassessments{severity=\"Critical\", namespace=~\"$namespace\", cluster=~\"$cluster\"})", - "instant": true, - "interval": "$resolution", - "legendFormat": "__auto", - "refId": "A" - } - ], - "title": "CRITICAL", - "type": "stat" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "orange", - "value": 1 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 4, - "w": 4, - "x": 4, - "y": 52 - }, - "id": 71, - "options": { - "colorMode": "value", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "last" - ], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "9.3.8", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": false, - "expr": "sum(trivy_role_rbacassessments{severity=\"High\", namespace=~\"$namespace\", cluster=~\"$cluster\"})", - "instant": true, - "interval": "$resolution", - "legendFormat": "__auto", - "refId": "A" - } - ], - "title": "HIGH", - "type": "stat" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "yellow", - "value": 1 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 4, - "w": 4, - "x": 8, - "y": 52 - }, - "id": 70, - "options": { - "colorMode": "value", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "last" - ], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "9.3.8", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": false, - "expr": "sum(trivy_role_rbacassessments{severity=\"Medium\", namespace=~\"$namespace\", cluster=~\"$cluster\"})", - "instant": true, - "interval": "$resolution", - "legendFormat": "__auto", - "refId": "A" - } - ], - "title": "MEDIUM", - "type": "stat" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "blue", - "value": 1 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 4, - "w": 4, - "x": 12, - "y": 52 - }, - "id": 69, - "options": { - "colorMode": "value", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "last" - ], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "9.3.8", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": false, - "expr": "sum(trivy_role_rbacassessments{severity=\"Low\", namespace=~\"$namespace\", cluster=~\"$cluster\"})", - "instant": true, - "interval": "$resolution", - "legendFormat": "__auto", - "refId": "A" - } - ], - "title": "LOW", - "type": "stat" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "text", - "value": 1 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 4, - "w": 4, - "x": 16, - "y": 52 - }, - "id": 73, - "options": { - "colorMode": "value", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "last" - ], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "9.3.8", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": false, - "expr": "sum(trivy_role_rbacassessments{namespace=~\"$namespace\", cluster=~\"$cluster\"})", - "instant": true, - "interval": "$resolution", - "legendFormat": "__auto", - "refId": "A" - } - ], - "title": "TOTAL", - "type": "stat" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 15, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "linear", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "blue", - "value": 1 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 56 - }, - "id": 74, - "options": { - "legend": { - "calcs": [], - "displayMode": "table", - "placement": "right", - "showLegend": true - }, - "tooltip": { - "mode": "single", - "sort": "none" - } - }, - "pluginVersion": "8.5.0", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": false, - "expr": "sum(trivy_role_rbacassessments{cluster=~\"$cluster\"}) by (namespace)", - "instant": false, - "interval": "$resolution", - "legendFormat": "__auto", - "range": true, - "refId": "A" - } - ], - "title": "Total RBAC Assessments by namespaces", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 15, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "linear", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "blue", - "value": 1 - } - ] - }, - "unit": "none" - }, - "overrides": [ - { - "matcher": { - "id": "byName", - "options": "Critical" - }, - "properties": [ - { - "id": "color", - "value": { - "fixedColor": "red", - "mode": "fixed" - } - } - ] - }, - { - "matcher": { - "id": "byName", - "options": "High" - }, - "properties": [ - { - "id": "color", - "value": { - "fixedColor": "orange", - "mode": "fixed" - } - } - ] - }, - { - "matcher": { - "id": "byName", - "options": "Medium" - }, - "properties": [ - { - "id": "color", - "value": { - "fixedColor": "yellow", - "mode": "fixed" - } - } - ] - }, - { - "matcher": { - "id": "byName", - "options": "Low" - }, - "properties": [ - { - "id": "color", - "value": { - "fixedColor": "blue", - "mode": "fixed" - } - } - ] - } - ] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 56 - }, - "id": 75, - "options": { - "legend": { - "calcs": [], - "displayMode": "table", - "placement": "right", - "showLegend": true - }, - "tooltip": { - "mode": "multi", - "sort": "desc" - } - }, - "pluginVersion": "8.5.0", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": false, - "expr": "sum(trivy_role_rbacassessments{cluster=~\"$cluster\"}) by (severity)", - "instant": false, - "interval": "$resolution", - "legendFormat": "__auto", - "range": true, - "refId": "A" - } - ], - "title": "Total RBAC Assessments by severity", - "type": "timeseries" - }, - { - "collapsed": false, - "gridPos": { - "h": 1, - "w": 24, - "x": 0, - "y": 64 - }, - "id": 81, - "panels": [], - "title": "Exposed Secrets", - "type": "row" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 15, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "linear", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "blue", - "value": 1 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 24, - "x": 0, - "y": 65 - }, - "id": 76, - "options": { - "legend": { - "calcs": [], - "displayMode": "table", - "placement": "right", - "showLegend": true - }, - "tooltip": { - "mode": "single", - "sort": "none" - } - }, - "pluginVersion": "8.5.0", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": false, - "expr": "sum(trivy_image_exposedsecrets{cluster=~\"$cluster\"}) by (namespace)", - "instant": false, - "interval": "$resolution", - "legendFormat": "__auto", - "range": true, - "refId": "A" - } - ], - "title": "Total Exposed Secrets by namespaces", - "type": "timeseries" - } - ], - "refresh": "30s", - "schemaVersion": 37, - "style": "dark", - "tags": [ - "Prometheus", - "Addons", - "Trivy", - "Trivy-operator" - ], - "templating": { - "list": [ - { - "current": { - "selected": false, - "text": "Prometheus", - "value": "Prometheus" - }, - "hide": 0, - "includeAll": false, - "multi": false, - "name": "datasource", - "options": [], - "query": "prometheus", - "queryValue": "", - "refresh": 1, - "regex": "", - "skipUrlSync": false, - "type": "datasource" - }, - { - "current": { - "isNone": true, - "selected": false, - "text": "None", - "value": "" - }, - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "definition": "label_values(kube_node_info,cluster)", - "hide": 0, - "includeAll": false, - "multi": false, - "name": "cluster", - "options": [], - "query": { - "qryType": 1, - "query": "label_values(kube_node_info,cluster)", - "refId": "PrometheusVariableQueryEditor-VariableQuery" - }, - "refresh": 1, - "regex": "", - "skipUrlSync": false, - "sort": 1, - "type": "query" - }, - { - "current": { - "selected": true, - "text": [ - "All" - ], - "value": [ - "$__all" - ] - }, - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "definition": "label_values(kube_pod_info{cluster=\"$cluster\"}, namespace)", - "hide": 0, - "includeAll": true, - "multi": true, - "name": "namespace", - "options": [], - "query": { - "query": "label_values(kube_pod_info{cluster=\"$cluster\"}, namespace)", - "refId": "StandardVariableQuery" - }, - "refresh": 1, - "regex": "", - "skipUrlSync": false, - "sort": 1, - "type": "query" - }, - { - "current": { - "selected": true, - "text": "30s", - "value": "30s" - }, - "hide": 0, - "includeAll": false, - "multi": false, - "name": "resolution", - "options": [ - { - "selected": false, - "text": "1s", - "value": "1s" - }, - { - "selected": false, - "text": "15s", - "value": "15s" - }, - { - "selected": true, - "text": "30s", - "value": "30s" - }, - { - "selected": false, - "text": "1m", - "value": "1m" - }, - { - "selected": false, - "text": "3m", - "value": "3m" - }, - { - "selected": false, - "text": "5m", - "value": "5m" - } - ], - "query": "1s, 15s, 30s, 1m, 3m, 5m", - "queryValue": "", - "skipUrlSync": false, - "type": "custom" - } - ] - }, - "time": { - "from": "now-1h", - "to": "now" - }, - "timepicker": {}, - "timezone": "", - "title": "Trivy Operator - Vulnerabilities", - "uid": "security_trivy_operator", - "version": 12, - "weekStart": "" - } -kind: ConfigMap -metadata: - annotations: - grafana_folder: Kubernetes - labels: - grafana_dashboard: "1" - name: dashboards-k8s-addons-trivy-operator - namespace: futureporn ---- -apiVersion: v1 -data: - k8s-system-api-server.json: | - { - "__inputs": [ - { - "name": "DS_PROMETHEUS", - "label": "Prometheus", - "description": "", - "type": "datasource", - "pluginId": "prometheus", - "pluginName": "Prometheus" - } - ], - "__elements": [], - "__requires": [ - { - "type": "grafana", - "id": "grafana", - "name": "Grafana", - "version": "8.4.4" - }, - { - "type": "datasource", - "id": "prometheus", - "name": "Prometheus", - "version": "5.0.0" - }, - { - "type": "panel", - "id": "timeseries", - "name": "Time series", - "version": "" - }, - { - "type": "panel", - "id": "stat", - "name": "Stat", - "version": "" - } - ], - "annotations": { - "list": [ - { - "builtIn": 1, - "datasource": { - "type": "datasource", - "uid": "grafana" - }, - "enable": true, - "hide": true, - "iconColor": "rgba(0, 211, 255, 1)", - "name": "Annotations & Alerts", - "target": { - "limit": 100, - "matchAny": false, - "tags": [], - "type": "dashboard" - }, - "type": "dashboard" - } - ] - }, - "description": "This is a modern API Server dashboard for your Kubernetes cluster(s). Made for kube-prometheus-stack and take advantage of the latest Grafana features. GitHub repository: https://github.com/dotdc/grafana-dashboards-kubernetes", - "editable": true, - "fiscalYearStartMonth": 0, - "graphTooltip": 1, - "links": [], - "liveNow": false, - "panels": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "mappings": [ - { - "options": { - "0": { - "text": "DOWN" - }, - "1": { - "text": "UP" - } - }, - "type": "value" - } - ], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "red", - "value": null - }, - { - "color": "green", - "value": 1 - } - ] - } - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 0 - }, - "id": 42, - "options": { - "colorMode": "background", - "graphMode": "none", - "justifyMode": "auto", - "orientation": "horizontal", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "textMode": "value_and_name" - }, - "pluginVersion": "10.0.1", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "exemplar": true, - "expr": "up{job=\"apiserver\", cluster=~\"$cluster\"}", - "interval": "", - "legendFormat": "{{ instance }}", - "refId": "A" - } - ], - "title": "API Server - Health Status", - "type": "stat" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "custom": { - "align": "auto", - "cellOptions": { - "type": "auto" - }, - "inspect": false - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - } - }, - "overrides": [ - { - "matcher": { - "id": "byName", - "options": "__name__" - }, - "properties": [ - { - "id": "custom.width", - "value": 188 - } - ] - } - ] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 0 - }, - "id": 60, - "options": { - "cellHeight": "sm", - "footer": { - "countRows": false, - "fields": "", - "reducer": [ - "sum" - ], - "show": false - }, - "showHeader": true, - "sortBy": [ - { - "desc": false, - "displayName": "removed_release" - } - ] - }, - "pluginVersion": "10.0.1", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "exemplar": true, - "expr": "apiserver_requested_deprecated_apis{cluster=~\"$cluster\"}", - "interval": "", - "legendFormat": "", - "refId": "A" - } - ], - "title": "Deprecated Kubernetes Resources", - "transformations": [ - { - "id": "labelsToFields", - "options": { - "keepLabels": [ - "group", - "job", - "removed_release", - "resource", - "version", - "name" - ], - "mode": "columns" - } - }, - { - "id": "merge", - "options": {} - }, - { - "id": "organize", - "options": { - "excludeByName": { - "Time": true, - "Value": true, - "job": true - }, - "indexByName": { - "Time": 6, - "Value": 7, - "group": 1, - "job": 5, - "namespace": 0, - "removed_release": 4, - "resource": 3, - "version": 2 - }, - "renameByName": {} - } - }, - { - "id": "groupBy", - "options": { - "fields": { - "group": { - "aggregations": [ - "lastNotNull" - ], - "operation": "groupby" - }, - "job": { - "aggregations": [], - "operation": "groupby" - }, - "namespace": { - "aggregations": [ - "lastNotNull" - ], - "operation": "groupby" - }, - "removed_release": { - "aggregations": [], - "operation": "groupby" - }, - "resource": { - "aggregations": [ - "lastNotNull" - ], - "operation": "groupby" - }, - "version": { - "aggregations": [], - "operation": "groupby" - } - } - } - } - ], - "type": "table" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "short" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 8 - }, - "id": 38, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": true - }, - "tooltip": { - "mode": "multi", - "sort": "desc" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "exemplar": true, - "expr": "sum by (code) (rate(apiserver_request_total{cluster=~\"$cluster\"}[$__rate_interval]))", - "interval": "$resolution", - "legendFormat": "{{ code }}", - "refId": "A" - } - ], - "title": "API Server - HTTP Requests by code", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "short" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 8 - }, - "id": 39, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": true - }, - "tooltip": { - "mode": "multi", - "sort": "desc" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "exemplar": true, - "expr": "sum by (verb) (rate(apiserver_request_total{cluster=~\"$cluster\"}[$__rate_interval]))", - "interval": "$resolution", - "legendFormat": "{{ verb}}", - "refId": "A" - } - ], - "title": "API Server - HTTP Requests by verb", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "ms" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 16 - }, - "id": 53, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": true - }, - "tooltip": { - "mode": "single", - "sort": "none" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "exemplar": true, - "expr": "sum(rate(apiserver_request_duration_seconds_sum{job=\"apiserver\", cluster=~\"$cluster\"}[$__rate_interval])) by (instance)\n/\nsum(rate(apiserver_request_duration_seconds_count{job=\"apiserver\", cluster=~\"$cluster\"}[$__rate_interval])) by (instance)", - "interval": "$resolution", - "legendFormat": "{{ instance }}", - "refId": "A" - } - ], - "title": "API Server - HTTP Requests Latency by instance", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "ms" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 16 - }, - "id": 54, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": true - }, - "tooltip": { - "mode": "multi", - "sort": "desc" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "exemplar": true, - "expr": "sum(rate(apiserver_request_duration_seconds_sum{job=\"apiserver\", cluster=~\"$cluster\"}[$__rate_interval])) by (verb)\n/\nsum(rate(apiserver_request_duration_seconds_count{job=\"apiserver\", cluster=~\"$cluster\"}[$__rate_interval])) by (verb)", - "interval": "$resolution", - "legendFormat": "{{ verb }}", - "refId": "A" - } - ], - "title": "API Server - HTTP Requests Latency by verb", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "short" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 24 - }, - "id": 50, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": true - }, - "tooltip": { - "mode": "single", - "sort": "none" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "exemplar": true, - "expr": "sum by(instance) (rate(apiserver_request_total{code=~\"5..\", job=\"apiserver\", cluster=~\"$cluster\"}[$__rate_interval]))\n / sum by(instance) (rate(apiserver_request_total{job=\"apiserver\", cluster=~\"$cluster\"}[$__rate_interval]))", - "interval": "$resolution", - "legendFormat": "{{ instance }}", - "refId": "A" - } - ], - "title": "API Server - Errors by Instance", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "short" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 24 - }, - "id": 51, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": true - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "exemplar": true, - "expr": "sum by(verb) (rate(apiserver_request_total{code=~\"5..\",job=\"apiserver\", cluster=~\"$cluster\"}[$__rate_interval]))\n / sum by(verb) (rate(apiserver_request_total{job=\"apiserver\", cluster=~\"$cluster\"}[$__rate_interval]))", - "interval": "$resolution", - "legendFormat": "{{ verb }}", - "refId": "A" - } - ], - "title": "API Server - Errors by verb", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "normal" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "short" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 32 - }, - "id": 40, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": true - }, - "tooltip": { - "mode": "single", - "sort": "none" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "exemplar": true, - "expr": "sum(rate(apiserver_request_total{cluster=~\"$cluster\"}[$__rate_interval])) by (instance)", - "interval": "$resolution", - "legendFormat": "{{ instance }}", - "refId": "A" - } - ], - "title": "API Server - Stacked HTTP Requests by instance", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "short" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 32 - }, - "id": 56, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": true - }, - "tooltip": { - "mode": "single", - "sort": "none" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "exemplar": true, - "expr": "sum(rate(workqueue_depth{job=\"apiserver\", cluster=~\"$cluster\"}[$__rate_interval])) by (instance)", - "interval": "$resolution", - "legendFormat": "{{ instance }}", - "refId": "A" - } - ], - "title": "API Server - Work Queue by instance", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "decimals": 2, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "percentunit" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 40 - }, - "id": 47, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": true - }, - "tooltip": { - "mode": "single", - "sort": "none" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "exemplar": true, - "expr": "rate(process_cpu_seconds_total{job=\"apiserver\", cluster=~\"$cluster\"}[$__rate_interval])", - "interval": "$resolution", - "legendFormat": "{{ instance }}", - "refId": "A" - } - ], - "title": "API Server - CPU Usage by instance", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "bytes" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 40 - }, - "id": 48, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": true - }, - "tooltip": { - "mode": "single", - "sort": "none" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "exemplar": true, - "expr": "process_resident_memory_bytes{job=\"apiserver\", cluster=~\"$cluster\"}", - "interval": "$resolution", - "legendFormat": "{{ instance }}", - "refId": "A" - } - ], - "title": "API Server - Memory Usage by instance", - "type": "timeseries" - } - ], - "refresh": "30s", - "schemaVersion": 38, - "style": "dark", - "tags": [ - "Kubernetes", - "Prometheus" - ], - "templating": { - "list": [ - { - "current": { - "selected": false, - "text": "Prometheus", - "value": "Prometheus" - }, - "hide": 0, - "includeAll": false, - "label": "", - "multi": false, - "name": "datasource", - "options": [], - "query": "prometheus", - "queryValue": "", - "refresh": 1, - "regex": "", - "skipUrlSync": false, - "type": "datasource" - }, - { - "current": { - "isNone": true, - "selected": false, - "text": "None", - "value": "" - }, - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "definition": "label_values(kube_node_info,cluster)", - "hide": 0, - "includeAll": false, - "multi": false, - "name": "cluster", - "options": [], - "query": { - "qryType": 1, - "query": "label_values(kube_node_info,cluster)", - "refId": "PrometheusVariableQueryEditor-VariableQuery" - }, - "refresh": 1, - "regex": "", - "skipUrlSync": false, - "sort": 1, - "type": "query" - }, - { - "current": { - "selected": true, - "text": "30s", - "value": "30s" - }, - "hide": 0, - "includeAll": false, - "multi": false, - "name": "resolution", - "options": [ - { - "selected": false, - "text": "1s", - "value": "1s" - }, - { - "selected": false, - "text": "15s", - "value": "15s" - }, - { - "selected": true, - "text": "30s", - "value": "30s" - }, - { - "selected": false, - "text": "1m", - "value": "1m" - }, - { - "selected": false, - "text": "3m", - "value": "3m" - }, - { - "selected": false, - "text": "5m", - "value": "5m" - } - ], - "query": "1s, 15s, 30s, 1m, 3m, 5m", - "queryValue": "", - "skipUrlSync": false, - "type": "custom" - } - ] - }, - "time": { - "from": "now-1h", - "to": "now" - }, - "timepicker": {}, - "timezone": "", - "title": "Kubernetes / System / API Server", - "uid": "k8s_system_apisrv", - "version": 16, - "weekStart": "" - } -kind: ConfigMap -metadata: - annotations: - grafana_folder: Kubernetes - labels: - grafana_dashboard: "1" - name: dashboards-k8s-system-api-server - namespace: futureporn ---- -apiVersion: v1 -data: - k8s-system-coredns.json: | - { - "__inputs": [ - { - "name": "DS_PROMETHEUS", - "label": "Prometheus", - "description": "", - "type": "datasource", - "pluginId": "prometheus", - "pluginName": "Prometheus" - } - ], - "__elements": [], - "__requires": [ - { - "type": "grafana", - "id": "grafana", - "name": "Grafana", - "version": "8.4.4" - }, - { - "type": "datasource", - "id": "prometheus", - "name": "Prometheus", - "version": "5.0.0" - }, - { - "type": "panel", - "id": "timeseries", - "name": "Time series", - "version": "" - }, - { - "type": "panel", - "id": "stat", - "name": "Stat", - "version": "" - } - ], - "annotations": { - "list": [ - { - "builtIn": 1, - "datasource": { - "type": "datasource", - "uid": "grafana" - }, - "enable": true, - "hide": true, - "iconColor": "rgba(0, 211, 255, 1)", - "name": "Annotations & Alerts", - "target": { - "limit": 100, - "matchAny": false, - "tags": [], - "type": "dashboard" - }, - "type": "dashboard" - } - ] - }, - "description": "This is a modern CoreDNS dashboard for your Kubernetes cluster(s). Made for kube-prometheus-stack and take advantage of the latest Grafana features. GitHub repository: https://github.com/dotdc/grafana-dashboards-kubernetes", - "editable": true, - "fiscalYearStartMonth": 0, - "graphTooltip": 1, - "links": [], - "liveNow": false, - "panels": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "mappings": [ - { - "options": { - "0": { - "text": "DOWN" - }, - "1": { - "text": "UP" - } - }, - "type": "value" - } - ], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "red", - "value": null - }, - { - "color": "green", - "value": 1 - } - ] - } - }, - "overrides": [] - }, - "gridPos": { - "h": 3, - "w": 24, - "x": 0, - "y": 0 - }, - "id": 25, - "options": { - "colorMode": "background", - "graphMode": "none", - "justifyMode": "auto", - "orientation": "vertical", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "showPercentChange": false, - "textMode": "value_and_name", - "wideLayout": true - }, - "pluginVersion": "10.4.1", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "exemplar": true, - "expr": "up{job=~\"$job\", instance=~\"$instance\", cluster=~\"$cluster\"}", - "interval": "", - "legendFormat": "{{ instance }}", - "refId": "A" - } - ], - "title": "CoreDNS - Health Status", - "type": "stat" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "decimals": 2, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "percentunit" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 3 - }, - "id": 19, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": true - }, - "tooltip": { - "mode": "single", - "sort": "none" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "exemplar": true, - "expr": "rate(process_cpu_seconds_total{job=~\"$job\", instance=~\"$instance\", cluster=~\"$cluster\"}[$__rate_interval])", - "interval": "$resolution", - "legendFormat": "{{ instance }}", - "refId": "A" - } - ], - "title": "CoreDNS - CPU Usage by instance", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "bytes" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 3 - }, - "id": 21, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": true - }, - "tooltip": { - "mode": "single", - "sort": "none" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "exemplar": true, - "expr": "process_resident_memory_bytes{job=~\"$job\", instance=~\"$instance\", cluster=~\"$cluster\"}", - "interval": "", - "legendFormat": "{{ instance }}", - "refId": "A" - } - ], - "title": "CoreDNS - Memory Usage by instance", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "short" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 11 - }, - "id": 9, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": false - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "exemplar": true, - "expr": "sum(rate(coredns_dns_requests_total{instance=~\"$instance\",proto=\"$protocol\", cluster=~\"$cluster\"}[$__rate_interval]))", - "interval": "$resolution", - "legendFormat": "total $protocol requests", - "refId": "A" - } - ], - "title": "CoreDNS - Total DNS Requests ($protocol)", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "bytes" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 11 - }, - "id": 7, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": false - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "exemplar": true, - "expr": "sum(rate(coredns_dns_request_size_bytes_sum{instance=~\"$instance\",proto=\"$protocol\", cluster=~\"$cluster\"}[$__rate_interval])) by (proto) / sum(rate(coredns_dns_request_size_bytes_count{instance=~\"$instance\",proto=\"$protocol\", cluster=~\"$cluster\"}[$__rate_interval])) by (proto)", - "interval": "$resolution", - "legendFormat": "average $protocol packet size", - "refId": "A" - } - ], - "title": "CoreDNS - Average Packet Size ($protocol)", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "short" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 19 - }, - "id": 2, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": true - }, - "tooltip": { - "mode": "multi", - "sort": "desc" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "exemplar": true, - "expr": "sum(rate(coredns_dns_requests_total{instance=~\"$instance\", cluster=~\"$cluster\"}[$__rate_interval])) by (type)", - "interval": "$resolution", - "legendFormat": "{{ type }}", - "refId": "A" - } - ], - "title": "CoreDNS - Requests by type", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "short" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 19 - }, - "id": 4, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": true - }, - "tooltip": { - "mode": "multi", - "sort": "desc" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "exemplar": true, - "expr": "sum(rate(coredns_dns_responses_total{instance=~\"$instance\", cluster=~\"$cluster\"}[$__rate_interval])) by (rcode)", - "interval": "$resolution", - "legendFormat": "{{ rcode }}", - "refId": "A" - } - ], - "title": "CoreDNS - Requests by return code", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "short" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 27 - }, - "id": 23, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": false - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "exemplar": true, - "expr": "sum(rate(coredns_forward_requests_total{cluster=~\"$cluster\"}[$__rate_interval]))", - "interval": "$resolution", - "legendFormat": "total forward requests", - "refId": "A" - } - ], - "title": "CoreDNS - Total Forward Requests", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "short" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 27 - }, - "id": 13, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": true - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "exemplar": true, - "expr": "sum(rate(coredns_forward_responses_total{rcode=~\"SERVFAIL|REFUSED\", cluster=~\"$cluster\"}[$__rate_interval])) by (rcode)", - "interval": "$resolution", - "legendFormat": "{{ rcode }}", - "refId": "A" - } - ], - "title": "CoreDNS - DNS Errors", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "short" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 35 - }, - "id": 17, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": true - }, - "tooltip": { - "mode": "multi", - "sort": "desc" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "exemplar": true, - "expr": "sum(rate(coredns_cache_hits_total{instance=~\"$instance\", cluster=~\"$cluster\"}[$__rate_interval])) by (type)", - "interval": "$resolution", - "legendFormat": "{{ type }}", - "refId": "A" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "exemplar": true, - "expr": "sum(rate(coredns_cache_misses_total{instance=~\"$instance\", cluster=~\"$cluster\"}[$__rate_interval])) by (type)", - "interval": "$resolution", - "legendFormat": "misses", - "refId": "B" - } - ], - "title": "CoreDNS - Cache Hits / Misses", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "bytes" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 35 - }, - "id": 15, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": true - }, - "tooltip": { - "mode": "multi", - "sort": "desc" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "exemplar": true, - "expr": "sum(coredns_cache_entries{cluster=~\"$cluster\"}) by (type)", - "interval": "", - "legendFormat": "{{ type }}", - "refId": "A" - } - ], - "title": "CoreDNS - Cache Size", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "custom": { - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "scaleDistribution": { - "type": "linear" - } - } - }, - "overrides": [] - }, - "gridPos": { - "h": 10, - "w": 12, - "x": 0, - "y": 43 - }, - "id": 27, - "options": { - "calculate": false, - "cellGap": 1, - "color": { - "exponent": 0.5, - "fill": "dark-orange", - "mode": "scheme", - "reverse": false, - "scale": "exponential", - "scheme": "RdYlBu", - "steps": 64 - }, - "exemplars": { - "color": "rgba(255,0,255,0.7)" - }, - "filterValues": { - "le": 1e-9 - }, - "legend": { - "show": true - }, - "rowsFrame": { - "layout": "auto" - }, - "tooltip": { - "mode": "single", - "showColorScale": false, - "yHistogram": false - }, - "yAxis": { - "axisPlacement": "left", - "reverse": false, - "unit": "s" - } - }, - "pluginVersion": "10.4.1", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "expr": "sum(increase(coredns_dns_request_duration_seconds_bucket{instance=~\"$instance\", cluster=~\"$cluster\"}[$__rate_interval])) by (le)", - "format": "heatmap", - "legendFormat": "{{le}}", - "range": true, - "refId": "A" - } - ], - "title": "CoreDNS - DNS request duration", - "type": "heatmap" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "custom": { - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "scaleDistribution": { - "type": "linear" - } - } - }, - "overrides": [] - }, - "gridPos": { - "h": 10, - "w": 12, - "x": 12, - "y": 43 - }, - "id": 28, - "options": { - "calculate": false, - "cellGap": 1, - "color": { - "exponent": 0.5, - "fill": "dark-orange", - "mode": "scheme", - "reverse": false, - "scale": "exponential", - "scheme": "RdYlBu", - "steps": 64 - }, - "exemplars": { - "color": "rgba(255,0,255,0.7)" - }, - "filterValues": { - "le": 1e-9 - }, - "legend": { - "show": true - }, - "rowsFrame": { - "layout": "auto" - }, - "tooltip": { - "mode": "single", - "showColorScale": false, - "yHistogram": false - }, - "yAxis": { - "axisPlacement": "left", - "reverse": false, - "unit": "decbytes" - } - }, - "pluginVersion": "10.4.1", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "expr": "sum(increase(coredns_dns_request_size_bytes_bucket{instance=~\"$instance\", le!=\"0\", cluster=~\"$cluster\"}[$__rate_interval])) by (le)", - "format": "heatmap", - "legendFormat": "{{le}}", - "range": true, - "refId": "A" - } - ], - "title": "CoreDNS - DNS request size", - "type": "heatmap" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "custom": { - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "scaleDistribution": { - "type": "linear" - } - } - }, - "overrides": [] - }, - "gridPos": { - "h": 10, - "w": 12, - "x": 0, - "y": 53 - }, - "id": 29, - "options": { - "calculate": false, - "cellGap": 1, - "color": { - "exponent": 0.5, - "fill": "dark-orange", - "mode": "scheme", - "reverse": false, - "scale": "exponential", - "scheme": "RdYlBu", - "steps": 64 - }, - "exemplars": { - "color": "rgba(255,0,255,0.7)" - }, - "filterValues": { - "le": 1e-9 - }, - "legend": { - "show": true - }, - "rowsFrame": { - "layout": "auto" - }, - "tooltip": { - "mode": "single", - "showColorScale": false, - "yHistogram": false - }, - "yAxis": { - "axisPlacement": "left", - "reverse": false, - "unit": "decbytes" - } - }, - "pluginVersion": "10.4.1", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "expr": "sum(increase(coredns_dns_response_size_bytes_bucket{instance=~\"$instance\", le!=\"0\", cluster=~\"$cluster\"}[$__rate_interval])) by (le)", - "format": "heatmap", - "legendFormat": "{{le}}", - "range": true, - "refId": "A" - } - ], - "title": "CoreDNS - DNS response size", - "type": "heatmap" - } - ], - "refresh": "30s", - "schemaVersion": 39, - "tags": [ - "Kubernetes", - "Prometheus" - ], - "templating": { - "list": [ - { - "current": { - "selected": false, - "text": "Prometheus", - "value": "Prometheus" - }, - "hide": 0, - "includeAll": false, - "multi": false, - "name": "datasource", - "options": [], - "query": "prometheus", - "queryValue": "", - "refresh": 1, - "regex": "", - "skipUrlSync": false, - "type": "datasource" - }, - { - "current": { - "isNone": true, - "selected": false, - "text": "None", - "value": "" - }, - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "definition": "label_values(kube_node_info,cluster)", - "hide": 0, - "includeAll": false, - "multi": false, - "name": "cluster", - "options": [], - "query": { - "qryType": 1, - "query": "label_values(kube_node_info,cluster)", - "refId": "PrometheusVariableQueryEditor-VariableQuery" - }, - "refresh": 1, - "regex": "", - "skipUrlSync": false, - "sort": 1, - "type": "query" - }, - { - "current": { - "selected": false, - "text": "All", - "value": "$__all" - }, - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "definition": "label_values(up{job=\"$job\", cluster=\"$cluster\"},instance)", - "hide": 0, - "includeAll": true, - "label": "", - "multi": false, - "name": "instance", - "options": [], - "query": { - "qryType": 1, - "query": "label_values(up{job=\"$job\", cluster=\"$cluster\"},instance)", - "refId": "PrometheusVariableQueryEditor-VariableQuery" - }, - "refresh": 1, - "regex": "", - "skipUrlSync": false, - "sort": 1, - "tagValuesQuery": "", - "tagsQuery": "", - "type": "query", - "useTags": false - }, - { - "allValue": "udp,tcp", - "current": { - "selected": false, - "text": "udp", - "value": "udp" - }, - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "definition": "label_values(coredns_dns_requests_total{cluster=\"$cluster\"}, proto)", - "hide": 0, - "includeAll": false, - "label": "", - "multi": false, - "name": "protocol", - "options": [], - "query": { - "query": "label_values(coredns_dns_requests_total{cluster=\"$cluster\"}, proto)", - "refId": "StandardVariableQuery" - }, - "refresh": 1, - "regex": "", - "skipUrlSync": false, - "sort": 1, - "tagValuesQuery": "", - "tagsQuery": "", - "type": "query", - "useTags": false - }, - { - "current": { - "selected": false, - "text": "30s", - "value": "30s" - }, - "hide": 0, - "includeAll": false, - "multi": false, - "name": "resolution", - "options": [ - { - "selected": false, - "text": "1s", - "value": "1s" - }, - { - "selected": false, - "text": "15s", - "value": "15s" - }, - { - "selected": true, - "text": "30s", - "value": "30s" - }, - { - "selected": false, - "text": "1m", - "value": "1m" - }, - { - "selected": false, - "text": "3m", - "value": "3m" - }, - { - "selected": false, - "text": "5m", - "value": "5m" - } - ], - "query": "1s, 15s, 30s, 1m, 3m, 5m", - "queryValue": "", - "skipUrlSync": false, - "type": "custom" - }, - { - "current": { - "selected": true, - "text": [ - "coredns" - ], - "value": [ - "coredns" - ] - }, - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "definition": "label_values(coredns_build_info{cluster=\"$cluster\"},job)", - "hide": 0, - "includeAll": false, - "multi": true, - "name": "job", - "options": [], - "query": { - "qryType": 1, - "query": "label_values(coredns_build_info{cluster=\"$cluster\"},job)", - "refId": "PrometheusVariableQueryEditor-VariableQuery" - }, - "refresh": 1, - "regex": "", - "skipUrlSync": false, - "sort": 1, - "type": "query" - } - ] - }, - "time": { - "from": "now-1h", - "to": "now" - }, - "timepicker": {}, - "timezone": "", - "title": "Kubernetes / System / CoreDNS", - "uid": "k8s_system_coredns", - "version": 18, - "weekStart": "" - } -kind: ConfigMap -metadata: - annotations: - grafana_folder: Kubernetes - labels: - grafana_dashboard: "1" - name: dashboards-k8s-system-coredns - namespace: futureporn ---- -apiVersion: v1 -data: - k8s-views-global.json: | - { - "__inputs": [ - { - "name": "DS_PROMETHEUS", - "label": "Prometheus", - "description": "", - "type": "datasource", - "pluginId": "prometheus", - "pluginName": "Prometheus" - } - ], - "__elements": {}, - "__requires": [ - { - "type": "panel", - "id": "bargauge", - "name": "Bar gauge", - "version": "" - }, - { - "type": "grafana", - "id": "grafana", - "name": "Grafana", - "version": "10.3.1" - }, - { - "type": "datasource", - "id": "prometheus", - "name": "Prometheus", - "version": "1.0.0" - }, - { - "type": "panel", - "id": "stat", - "name": "Stat", - "version": "" - }, - { - "type": "panel", - "id": "timeseries", - "name": "Time series", - "version": "" - } - ], - "annotations": { - "list": [ - { - "builtIn": 1, - "datasource": { - "type": "datasource", - "uid": "grafana" - }, - "enable": true, - "hide": true, - "iconColor": "rgba(0, 211, 255, 1)", - "name": "Annotations & Alerts", - "target": { - "limit": 100, - "matchAny": false, - "tags": [], - "type": "dashboard" - }, - "type": "dashboard" - } - ] - }, - "description": "This is a modern 'Global View' dashboard for your Kubernetes cluster(s). Made for kube-prometheus-stack and take advantage of the latest Grafana features. GitHub repository: https://github.com/dotdc/grafana-dashboards-kubernetes", - "editable": true, - "fiscalYearStartMonth": 0, - "graphTooltip": 1, - "links": [], - "liveNow": false, - "panels": [ - { - "collapsed": false, - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "gridPos": { - "h": 1, - "w": 24, - "x": 0, - "y": 0 - }, - "id": 67, - "panels": [], - "title": "Overview", - "type": "row" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "continuous-GrYlRd" - }, - "mappings": [], - "max": 1, - "min": 0, - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "percentunit" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 6, - "x": 0, - "y": 1 - }, - "id": 77, - "options": { - "displayMode": "lcd", - "maxVizHeight": 300, - "minVizHeight": 10, - "minVizWidth": 0, - "namePlacement": "auto", - "orientation": "horizontal", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "showUnfilled": true, - "sizing": "auto", - "valueMode": "color" - }, - "pluginVersion": "10.4.0", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "avg(sum by (instance, cpu) (rate(node_cpu_seconds_total{mode!~\"idle|iowait|steal\", cluster=\"$cluster\", job=\"$job\"}[$__rate_interval])))", - "interval": "", - "legendFormat": "Real Linux", - "range": true, - "refId": "Real Linux" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "avg(sum by (core) (rate(windows_cpu_time_total{mode!=\"idle\", cluster=\"$cluster\"}[$__rate_interval])))", - "hide": false, - "interval": "", - "legendFormat": "Real Windows", - "range": true, - "refId": "Real Windows" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "expr": "sum(kube_pod_container_resource_requests{resource=\"cpu\", cluster=\"$cluster\"}) / sum(machine_cpu_cores{cluster=\"$cluster\"})", - "hide": false, - "legendFormat": "Requests", - "range": true, - "refId": "Requests" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "expr": "sum(kube_pod_container_resource_limits{resource=\"cpu\", cluster=\"$cluster\"}) / sum(machine_cpu_cores{cluster=\"$cluster\"})", - "hide": false, - "legendFormat": "Limits", - "range": true, - "refId": "Limits" - } - ], - "title": "Global CPU Usage", - "transformations": [ - { - "id": "calculateField", - "options": { - "alias": "Real", - "mode": "reduceRow", - "reduce": { - "include": [ - "Real Linux", - "Real Windows" - ], - "reducer": "mean" - } - } - }, - { - "id": "organize", - "options": { - "excludeByName": { - "Real Linux": true, - "Real Windows": true, - "Time": true - }, - "indexByName": { - "Limits": 5, - "Real": 1, - "Real Linux": 2, - "Real Windows": 3, - "Requests": 4, - "Time": 0 - }, - "renameByName": {} - } - } - ], - "type": "bargauge" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "continuous-GrYlRd" - }, - "decimals": 2, - "mappings": [], - "max": 1, - "min": 0, - "thresholds": { - "mode": "percentage", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "percentunit" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 6, - "x": 6, - "y": 1 - }, - "id": 78, - "options": { - "displayMode": "lcd", - "maxVizHeight": 300, - "minVizHeight": 10, - "minVizWidth": 0, - "namePlacement": "auto", - "orientation": "horizontal", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "showUnfilled": true, - "sizing": "auto", - "text": {}, - "valueMode": "color" - }, - "pluginVersion": "10.4.0", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(node_memory_MemTotal_bytes{cluster=\"$cluster\", job=\"$job\"} - node_memory_MemAvailable_bytes{cluster=\"$cluster\", job=\"$job\"}) / sum(node_memory_MemTotal_bytes{cluster=\"$cluster\", job=\"$job\"})", - "hide": false, - "interval": "", - "legendFormat": "Real Linux", - "range": true, - "refId": "Real Linux" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(windows_memory_available_bytes{cluster=\"$cluster\"} + windows_memory_cache_bytes{cluster=\"$cluster\"}) / sum(windows_os_visible_memory_bytes{cluster=\"$cluster\"})", - "interval": "", - "legendFormat": "Real Windows", - "range": true, - "refId": "Real Windows" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "expr": "sum(kube_pod_container_resource_requests{resource=\"memory\", cluster=\"$cluster\"}) / sum(machine_memory_bytes{cluster=\"$cluster\"})", - "hide": false, - "legendFormat": "Requests", - "range": true, - "refId": "Requests" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "expr": "sum(kube_pod_container_resource_limits{resource=\"memory\", cluster=\"$cluster\"}) / sum(machine_memory_bytes{cluster=\"$cluster\"})", - "hide": false, - "legendFormat": "Limits", - "range": true, - "refId": "Limits" - } - ], - "title": "Global RAM Usage", - "transformations": [ - { - "id": "calculateField", - "options": { - "alias": "Real", - "mode": "reduceRow", - "reduce": { - "include": [ - "Real Linux", - "Real Windows" - ], - "reducer": "mean" - } - } - }, - { - "id": "organize", - "options": { - "excludeByName": { - "Real Linux": true, - "Real Windows": true, - "Time": true - }, - "includeByName": {}, - "indexByName": { - "Limits": 5, - "Real": 3, - "Real Linux": 1, - "Real Windows": 2, - "Requests": 4, - "Time": 0 - }, - "renameByName": {} - } - } - ], - "type": "bargauge" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "mappings": [], - "noValue": "0", - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "blue", - "value": null - } - ] - } - }, - "overrides": [] - }, - "gridPos": { - "h": 4, - "w": 2, - "x": 12, - "y": 1 - }, - "id": 63, - "options": { - "colorMode": "value", - "graphMode": "none", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "last" - ], - "fields": "", - "values": false - }, - "showPercentChange": false, - "text": {}, - "textMode": "value", - "wideLayout": true - }, - "pluginVersion": "10.4.0", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "count(count by (node) (kube_node_info{cluster=\"$cluster\"}))", - "interval": "", - "legendFormat": "", - "range": true, - "refId": "A" - } - ], - "title": "Nodes", - "type": "stat" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "short" - }, - "overrides": [] - }, - "gridPos": { - "h": 12, - "w": 10, - "x": 14, - "y": 1 - }, - "id": 52, - "options": { - "legend": { - "calcs": [ - "min", - "max", - "mean" - ], - "displayMode": "table", - "placement": "right", - "showLegend": true, - "sortBy": "Max", - "sortDesc": true - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "exemplar": true, - "expr": "sum(kube_namespace_labels{cluster=\"$cluster\"})", - "interval": "", - "legendFormat": "Namespaces", - "refId": "A" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "expr": "sum(kube_pod_container_status_running{cluster=\"$cluster\"})", - "interval": "", - "legendFormat": "Running Containers", - "refId": "B" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "expr": "sum(kube_pod_status_phase{phase=\"Running\", cluster=\"$cluster\"})", - "interval": "", - "legendFormat": "Running Pods", - "refId": "O" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "expr": "sum(kube_service_info{cluster=\"$cluster\"})", - "interval": "", - "legendFormat": "Services", - "refId": "C" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "expr": "sum(kube_endpoint_info{cluster=\"$cluster\"})", - "interval": "", - "legendFormat": "Endpoints", - "refId": "D" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "expr": "sum(kube_ingress_info{cluster=\"$cluster\"})", - "interval": "", - "legendFormat": "Ingresses", - "refId": "E" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "expr": "sum(kube_deployment_labels{cluster=\"$cluster\"})", - "interval": "", - "legendFormat": "Deployments", - "refId": "F" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "expr": "sum(kube_statefulset_labels{cluster=\"$cluster\"})", - "interval": "", - "legendFormat": "Statefulsets", - "refId": "G" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "expr": "sum(kube_daemonset_labels{cluster=\"$cluster\"})", - "interval": "", - "legendFormat": "Daemonsets", - "refId": "H" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "expr": "sum(kube_persistentvolumeclaim_info{cluster=\"$cluster\"})", - "interval": "", - "legendFormat": "Persistent Volume Claims", - "refId": "I" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "expr": "sum(kube_hpa_labels{cluster=\"$cluster\"})", - "interval": "", - "legendFormat": "Horizontal Pod Autoscalers", - "refId": "J" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "expr": "sum(kube_configmap_info{cluster=\"$cluster\"})", - "interval": "", - "legendFormat": "Configmaps", - "refId": "K" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "expr": "sum(kube_secret_info{cluster=\"$cluster\"})", - "interval": "", - "legendFormat": "Secrets", - "refId": "L" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "expr": "sum(kube_networkpolicy_labels{cluster=\"$cluster\"})", - "interval": "", - "legendFormat": "Network Policies", - "refId": "M" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "exemplar": true, - "expr": "count(count by (node) (kube_node_info{cluster=\"$cluster\"}))", - "hide": false, - "interval": "", - "legendFormat": "Nodes", - "refId": "N" - } - ], - "title": "Kubernetes Resource Count", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "mappings": [], - "noValue": "0", - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "blue", - "value": null - } - ] - } - }, - "overrides": [] - }, - "gridPos": { - "h": 4, - "w": 2, - "x": 12, - "y": 5 - }, - "id": 59, - "options": { - "colorMode": "value", - "graphMode": "none", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "last" - ], - "fields": "", - "values": false - }, - "showPercentChange": false, - "text": {}, - "textMode": "value", - "wideLayout": true - }, - "pluginVersion": "10.4.0", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "expr": "count(kube_namespace_created{cluster=\"$cluster\"})", - "interval": "", - "legendFormat": "", - "refId": "A" - } - ], - "title": "Namespaces", - "type": "stat" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "mappings": [], - "noValue": "0", - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "rgb(255, 255, 255)", - "value": null - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 4, - "w": 6, - "x": 0, - "y": 9 - }, - "id": 37, - "options": { - "colorMode": "none", - "graphMode": "none", - "justifyMode": "center", - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "showPercentChange": false, - "text": {}, - "textMode": "auto", - "wideLayout": true - }, - "pluginVersion": "10.4.0", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(rate(node_cpu_seconds_total{mode!~\"idle|iowait|steal\", cluster=\"$cluster\", job=\"$job\"}[$__rate_interval]))", - "interval": "", - "legendFormat": "Real Linux", - "range": true, - "refId": "Real Linux" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(rate(windows_cpu_time_total{mode!=\"idle\", cluster=\"$cluster\"}[$__rate_interval]))", - "hide": false, - "interval": "", - "legendFormat": "Real Windows", - "range": true, - "refId": "Real Windows" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "expr": "sum(kube_pod_container_resource_requests{resource=\"cpu\", cluster=\"$cluster\"})", - "hide": false, - "legendFormat": "Requests", - "range": true, - "refId": "Requests" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "expr": "sum(kube_pod_container_resource_limits{resource=\"cpu\", cluster=\"$cluster\"})", - "hide": false, - "legendFormat": "Limits", - "range": true, - "refId": "Limits" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "expr": "sum(machine_cpu_cores{cluster=\"$cluster\"})", - "hide": false, - "legendFormat": "Total", - "range": true, - "refId": "Total" - } - ], - "title": "CPU Usage", - "transformations": [ - { - "id": "calculateField", - "options": { - "alias": "Real", - "mode": "reduceRow", - "reduce": { - "include": [ - "Real Linux", - "Real Windows" - ], - "reducer": "sum" - } - } - }, - { - "id": "organize", - "options": { - "excludeByName": { - "Real Linux": true, - "Real Windows": true, - "Time": true, - "Total Linux": true, - "Total Windows": true - }, - "indexByName": { - "Limits": 5, - "Real": 3, - "Real Linux": 1, - "Real Windows": 2, - "Requests": 4, - "Time": 0, - "Total": 8, - "Total Linux": 6, - "Total Windows": 7 - }, - "renameByName": {} - } - } - ], - "type": "stat" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "mappings": [], - "noValue": "0", - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "rgb(255, 255, 255)", - "value": null - } - ] - }, - "unit": "bytes" - }, - "overrides": [] - }, - "gridPos": { - "h": 4, - "w": 6, - "x": 6, - "y": 9 - }, - "id": 39, - "options": { - "colorMode": "none", - "graphMode": "none", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "showPercentChange": false, - "text": {}, - "textMode": "auto", - "wideLayout": true - }, - "pluginVersion": "10.4.0", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(node_memory_MemTotal_bytes{cluster=\"$cluster\", job=\"$job\"} - node_memory_MemAvailable_bytes{cluster=\"$cluster\", job=\"$job\"})", - "interval": "", - "legendFormat": "Real Linux", - "range": true, - "refId": "Real Linux" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(windows_os_visible_memory_bytes{cluster=\"$cluster\"} - windows_memory_available_bytes{cluster=\"$cluster\"} - windows_memory_cache_bytes{cluster=\"$cluster\"})", - "hide": false, - "interval": "", - "legendFormat": "Real Windows", - "range": true, - "refId": "Real Windows" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "expr": "sum(kube_pod_container_resource_requests{resource=\"memory\", cluster=\"$cluster\"})", - "hide": false, - "legendFormat": "Requests", - "range": true, - "refId": "Requests" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "expr": "sum(kube_pod_container_resource_limits{resource=\"memory\", cluster=\"$cluster\"})", - "hide": false, - "legendFormat": "Limits", - "range": true, - "refId": "Limits" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "expr": "sum(machine_memory_bytes{cluster=\"$cluster\"})", - "hide": false, - "legendFormat": "Total", - "range": true, - "refId": "Total" - } - ], - "title": "RAM Usage", - "transformations": [ - { - "id": "calculateField", - "options": { - "alias": "Real", - "mode": "reduceRow", - "reduce": { - "include": [ - "Real Linux", - "Real Windows" - ], - "reducer": "mean" - } - } - }, - { - "id": "organize", - "options": { - "excludeByName": { - "Real Linux": true, - "Real Windows": true, - "Time": true - }, - "includeByName": {}, - "indexByName": { - "Limits": 5, - "Real": 3, - "Real Linux": 1, - "Real Windows": 2, - "Requests": 4, - "Time": 0, - "Total": 6 - }, - "renameByName": {} - } - } - ], - "type": "stat" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "mappings": [], - "noValue": "0", - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "blue", - "value": null - } - ] - } - }, - "overrides": [] - }, - "gridPos": { - "h": 4, - "w": 2, - "x": 12, - "y": 9 - }, - "id": 62, - "options": { - "colorMode": "value", - "graphMode": "none", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "last" - ], - "fields": "", - "values": false - }, - "showPercentChange": false, - "text": {}, - "textMode": "value", - "wideLayout": true - }, - "pluginVersion": "10.4.0", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "expr": "sum(kube_pod_status_phase{phase=\"Running\", cluster=\"$cluster\"})", - "interval": "", - "legendFormat": "", - "refId": "A" - } - ], - "title": "Running Pods", - "type": "stat" - }, - { - "collapsed": false, - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "gridPos": { - "h": 1, - "w": 24, - "x": 0, - "y": 13 - }, - "id": 71, - "panels": [], - "title": "Resources", - "type": "row" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "continuous-GrYlRd", - "seriesBy": "last" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "CPU %", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "scheme", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineStyle": { - "fill": "solid" - }, - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "decimals": 2, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "yellow", - "value": 0.5 - }, - { - "color": "red", - "value": 0.7 - } - ] - }, - "unit": "percentunit" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 14 - }, - "id": 72, - "options": { - "legend": { - "calcs": [], - "displayMode": "hidden", - "placement": "right", - "showLegend": false - }, - "tooltip": { - "mode": "single", - "sort": "none" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "avg(sum by (instance, cpu) (rate(node_cpu_seconds_total{mode!~\"idle|iowait|steal\", cluster=\"$cluster\", job=\"$job\"}[$__rate_interval])))", - "interval": "$resolution", - "legendFormat": "Linux", - "range": true, - "refId": "Linux" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "1 - avg(rate(windows_cpu_time_total{cluster=\"$cluster\",mode=\"idle\"}[$__rate_interval]))", - "hide": false, - "interval": "$resolution", - "legendFormat": "Windows", - "range": true, - "refId": "Windows" - } - ], - "title": "Cluster CPU Utilization", - "transformations": [ - { - "id": "calculateField", - "options": { - "alias": "CPU usage in %", - "mode": "reduceRow", - "reduce": { - "reducer": "mean" - }, - "replaceFields": true - } - } - ], - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "continuous-GrYlRd" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "MEMORY", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "scheme", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "#EAB839", - "value": 0.5 - }, - { - "color": "red", - "value": 0.7 - } - ] - }, - "unit": "percentunit" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 14 - }, - "id": 55, - "options": { - "legend": { - "calcs": [ - "mean", - "lastNotNull", - "max", - "min" - ], - "displayMode": "hidden", - "placement": "right", - "showLegend": false - }, - "tooltip": { - "mode": "single", - "sort": "none" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(node_memory_MemTotal_bytes{cluster=\"$cluster\", job=\"$job\"} - node_memory_MemAvailable_bytes{cluster=\"$cluster\", job=\"$job\"}) / sum(node_memory_MemTotal_bytes{cluster=\"$cluster\", job=\"$job\"})", - "interval": "$resolution", - "legendFormat": "Linux", - "range": true, - "refId": "Linux" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(windows_os_visible_memory_bytes{cluster=\"$cluster\"} - windows_memory_available_bytes{cluster=\"$cluster\"}) / sum(windows_os_visible_memory_bytes{cluster=\"$cluster\"})", - "hide": false, - "interval": "$resolution", - "legendFormat": "Windows", - "range": true, - "refId": "Windows" - } - ], - "title": "Cluster Memory Utilization", - "transformations": [ - { - "id": "calculateField", - "options": { - "alias": "Memory usage in %", - "mode": "reduceRow", - "reduce": { - "reducer": "mean" - }, - "replaceFields": true - } - } - ], - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "CPU CORES", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineStyle": { - "fill": "solid" - }, - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "decimals": 2, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 22 - }, - "id": 46, - "options": { - "legend": { - "calcs": [ - "min", - "max", - "mean" - ], - "displayMode": "table", - "placement": "right", - "showLegend": true, - "sortBy": "Max", - "sortDesc": true - }, - "tooltip": { - "mode": "single", - "sort": "none" - } - }, - "pluginVersion": "10.4.0", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(rate(container_cpu_usage_seconds_total{image!=\"\", cluster=\"$cluster\"}[$__rate_interval])) by (namespace)\n+ on (namespace)\n(sum(rate(windows_container_cpu_usage_seconds_total{container_id!=\"\", cluster=\"$cluster\"}[$__rate_interval]) * on (container_id) group_left (container, pod, namespace) max by ( container, container_id, pod, namespace) (kube_pod_container_info{container_id!=\"\", cluster=\"$cluster\"}) OR kube_namespace_created{cluster=\"$cluster\"} * 0) by (namespace))", - "format": "time_series", - "hide": false, - "interval": "$resolution", - "legendFormat": "{{ namespace }}", - "range": true, - "refId": "A" - } - ], - "title": "CPU Utilization by namespace", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "bytes" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 22 - }, - "id": 50, - "options": { - "legend": { - "calcs": [ - "min", - "max", - "mean" - ], - "displayMode": "table", - "placement": "right", - "showLegend": true, - "sortBy": "Max", - "sortDesc": true - }, - "tooltip": { - "mode": "single", - "sort": "none" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(container_memory_working_set_bytes{image!=\"\", cluster=\"$cluster\"}) by (namespace)\n+ on (namespace)\n(sum(windows_container_memory_usage_commit_bytes{container_id!=\"\", cluster=\"$cluster\"} * on (container_id) group_left (container, pod, namespace) max by ( container, container_id, pod, namespace) (kube_pod_container_info{container_id!=\"\", cluster=\"$cluster\"}) OR kube_namespace_created{cluster=\"$cluster\"} * 0) by (namespace))", - "interval": "$resolution", - "legendFormat": "{{ namespace }}", - "range": true, - "refId": "A" - } - ], - "title": "Memory Utilization by namespace", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "CPU %", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "decimals": 2, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "percentunit" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 30 - }, - "id": 54, - "options": { - "legend": { - "calcs": [ - "min", - "max", - "mean" - ], - "displayMode": "table", - "placement": "right", - "showLegend": true, - "sortBy": "Max", - "sortDesc": true - }, - "tooltip": { - "mode": "single", - "sort": "none" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "avg(sum by (instance, cpu) (rate(node_cpu_seconds_total{mode!~\"idle|iowait|steal\", cluster=\"$cluster\", job=\"$job\"}[$__rate_interval]))) by (instance)", - "interval": "$resolution", - "legendFormat": "{{ node }}", - "range": true, - "refId": "Linux" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "avg(sum by (instance,core) (rate(windows_cpu_time_total{mode!=\"idle\", cluster=\"$cluster\"}[$__rate_interval]))) by (instance)", - "hide": false, - "interval": "$resolution", - "legendFormat": "{{ node }}", - "range": true, - "refId": "Windows" - } - ], - "title": "CPU Utilization by instance", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "MEMORY", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "bytes" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 30 - }, - "id": 73, - "options": { - "legend": { - "calcs": [ - "min", - "max", - "mean" - ], - "displayMode": "table", - "placement": "right", - "showLegend": true, - "sortBy": "Max", - "sortDesc": true - }, - "tooltip": { - "mode": "single", - "sort": "none" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(node_memory_MemTotal_bytes{cluster=\"$cluster\", job=\"$job\"} - node_memory_MemAvailable_bytes{cluster=\"$cluster\", job=\"$job\"}) by (instance)", - "hide": false, - "interval": "$resolution", - "legendFormat": "{{ instance }}", - "range": true, - "refId": "Linux" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(windows_os_visible_memory_bytes{cluster=\"$cluster\"} - windows_memory_available_bytes{cluster=\"$cluster\"}) by (instance)", - "hide": false, - "interval": "$resolution", - "legendFormat": "{{ instance }}", - "range": true, - "refId": "Windows" - } - ], - "title": "Memory Utilization by instance", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "description": "No data is generally a good thing here.", - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "SECONDS", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineStyle": { - "fill": "solid" - }, - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "decimals": 2, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "s" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 38 - }, - "id": 82, - "options": { - "legend": { - "calcs": [ - "min", - "max", - "mean" - ], - "displayMode": "table", - "placement": "right", - "showLegend": true, - "sortBy": "Max", - "sortDesc": true - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(rate(container_cpu_cfs_throttled_seconds_total{image!=\"\", cluster=\"$cluster\"}[$__rate_interval])) by (namespace) > 0", - "interval": "$resolution", - "legendFormat": "{{ namespace }}", - "range": true, - "refId": "A" - } - ], - "title": "CPU Throttled seconds by namespace", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "description": "No data is generally a good thing here.", - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "NB", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineStyle": { - "fill": "solid" - }, - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "decimals": 2, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 38 - }, - "id": 83, - "options": { - "legend": { - "calcs": [ - "min", - "max", - "mean" - ], - "displayMode": "table", - "placement": "right", - "showLegend": true, - "sortBy": "Max", - "sortDesc": true - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(rate(node_cpu_core_throttles_total{cluster=\"$cluster\", job=\"$job\"}[$__rate_interval])) by (instance)", - "interval": "$resolution", - "legendFormat": "{{ instance }}", - "range": true, - "refId": "A" - } - ], - "title": "CPU Core Throttled by instance", - "type": "timeseries" - }, - { - "collapsed": false, - "gridPos": { - "h": 1, - "w": 24, - "x": 0, - "y": 46 - }, - "id": 86, - "panels": [], - "title": "Kubernetes", - "type": "row" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "short" - }, - "overrides": [] - }, - "gridPos": { - "h": 9, - "w": 12, - "x": 0, - "y": 47 - }, - "id": 84, - "options": { - "legend": { - "calcs": [ - "min", - "max", - "mean" - ], - "displayMode": "table", - "placement": "right", - "showLegend": true, - "sortBy": "Max", - "sortDesc": true - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(kube_pod_status_qos_class{cluster=\"$cluster\"}) by (qos_class)", - "interval": "", - "legendFormat": "{{ qos_class }} pods", - "range": true, - "refId": "A" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "expr": "sum(kube_pod_info{cluster=\"$cluster\"})", - "hide": false, - "legendFormat": "Total pods", - "range": true, - "refId": "B" - } - ], - "title": "Kubernetes Pods QoS classes", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "short" - }, - "overrides": [] - }, - "gridPos": { - "h": 9, - "w": 12, - "x": 12, - "y": 47 - }, - "id": 85, - "options": { - "legend": { - "calcs": [ - "min", - "max", - "mean" - ], - "displayMode": "table", - "placement": "right", - "showLegend": true, - "sortBy": "Max", - "sortDesc": true - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(kube_pod_status_reason{cluster=\"$cluster\"}) by (reason)", - "interval": "", - "legendFormat": "{{ reason }}", - "range": true, - "refId": "A" - } - ], - "title": "Kubernetes Pods Status Reason", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "description": "No data is generally a good thing here.", - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "points", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "short" - }, - "overrides": [] - }, - "gridPos": { - "h": 9, - "w": 12, - "x": 0, - "y": 56 - }, - "id": 87, - "options": { - "legend": { - "calcs": [ - "min", - "max", - "mean" - ], - "displayMode": "table", - "placement": "right", - "showLegend": true, - "sortBy": "Max", - "sortDesc": true - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(increase(container_oom_events_total{cluster=\"$cluster\"}[$__rate_interval])) by (namespace) > 0", - "interval": "", - "legendFormat": "{{ namespace }}", - "range": true, - "refId": "A" - } - ], - "title": "OOM Events by namespace", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "description": "No data is generally a good thing here.", - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "points", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "short" - }, - "overrides": [] - }, - "gridPos": { - "h": 9, - "w": 12, - "x": 12, - "y": 56 - }, - "id": 88, - "options": { - "legend": { - "calcs": [ - "min", - "max", - "mean" - ], - "displayMode": "table", - "placement": "right", - "showLegend": true, - "sortBy": "Max", - "sortDesc": true - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(increase(kube_pod_container_status_restarts_total{cluster=\"$cluster\"}[$__rate_interval])) by (namespace) > 0", - "interval": "", - "legendFormat": "{{ namespace }}", - "range": true, - "refId": "A" - } - ], - "title": "Container Restarts by namespace", - "type": "timeseries" - }, - { - "collapsed": false, - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "gridPos": { - "h": 1, - "w": 24, - "x": 0, - "y": 65 - }, - "id": 69, - "panels": [], - "title": "Network", - "type": "row" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "description": "Dropped noisy virtual devices for readability.", - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "BANDWIDTH", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "bytes" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 66 - }, - "id": 44, - "options": { - "legend": { - "calcs": [], - "displayMode": "hidden", - "placement": "bottom", - "showLegend": false - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(rate(node_network_receive_bytes_total{device!~\"(veth|azv|lxc).*\", cluster=\"$cluster\", job=\"$job\"}[$__rate_interval])) by (device)", - "interval": "$resolution", - "legendFormat": "Received : {{ device }}", - "range": true, - "refId": "Linux Received" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "- sum(rate(node_network_transmit_bytes_total{device!~\"(veth|azv|lxc).*\", cluster=\"$cluster\", job=\"$job\"}[$__rate_interval])) by (device)", - "interval": "$resolution", - "legendFormat": "Transmitted : {{ device }}", - "range": true, - "refId": "Linux Transmitted" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(rate(windows_net_bytes_received_total{cluster=\"$cluster\"}[$__rate_interval])) by (nic)", - "hide": false, - "interval": "$resolution", - "legendFormat": "Received : {{ nic }}", - "range": true, - "refId": "Windows Received" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "- sum(rate(windows_net_bytes_sent_total{cluster=\"$cluster\"}[$__rate_interval])) by (nic)", - "hide": false, - "interval": "$resolution", - "legendFormat": "Transmitted : {{ device }}", - "range": true, - "refId": "Windows Transmitted" - } - ], - "title": "Global Network Utilization by device", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "DROPPED PACKETS", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 66 - }, - "id": 53, - "options": { - "legend": { - "calcs": [], - "displayMode": "hidden", - "placement": "bottom", - "showLegend": false - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(rate(node_network_receive_drop_total{cluster=\"$cluster\", job=\"$job\"}[$__rate_interval]))", - "interval": "$resolution", - "legendFormat": "Linux Packets dropped (receive)", - "range": true, - "refId": "Linux Packets dropped (receive)" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "- sum(rate(node_network_transmit_drop_total{cluster=\"$cluster\", job=\"$job\"}[$__rate_interval]))", - "interval": "$resolution", - "legendFormat": "Linux Packets dropped (transmit)", - "range": true, - "refId": "Linux Packets dropped (transmit)" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(rate(windows_net_packets_received_discarded_total{cluster=\"$cluster\"}[$__rate_interval]))", - "hide": false, - "interval": "$resolution", - "legendFormat": "Windows Packets dropped (receive)", - "range": true, - "refId": "Windows Packets dropped (receive)" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "- sum(rate(windows_net_packets_outbound_discarded_total{cluster=\"$cluster\"}[$__rate_interval]))", - "hide": false, - "interval": "$resolution", - "legendFormat": "Windows Packets dropped (transmit)", - "range": true, - "refId": "Windows Packets dropped (transmit)" - } - ], - "title": "Network Saturation - Packets dropped", - "transformations": [ - { - "id": "calculateField", - "options": { - "alias": "Packets dropped (receive)", - "mode": "reduceRow", - "reduce": { - "include": [ - "Linux Packets dropped (receive)", - "Windows Packets dropped (receive)" - ], - "reducer": "mean" - } - } - }, - { - "id": "calculateField", - "options": { - "alias": "Packets dropped (transmit)", - "mode": "reduceRow", - "reduce": { - "include": [ - "Linux Packets dropped (transmit)", - "Windows Packets dropped (transmit)" - ], - "reducer": "mean" - } - } - }, - { - "id": "organize", - "options": { - "excludeByName": { - "Linux Packets dropped (receive)": true, - "Linux Packets dropped (transmit)": true, - "Time": false, - "Windows Packets dropped (receive)": true, - "Windows Packets dropped (transmit)": true - }, - "includeByName": {}, - "indexByName": {}, - "renameByName": {} - } - } - ], - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "BANDWIDTH", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "bytes" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 74 - }, - "id": 79, - "options": { - "legend": { - "calcs": [], - "displayMode": "hidden", - "placement": "bottom", - "showLegend": false - }, - "tooltip": { - "mode": "multi", - "sort": "desc" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(rate(container_network_receive_bytes_total{cluster=\"$cluster\"}[$__rate_interval])) by (namespace)\n+ on (namespace)\n(sum(rate(windows_container_network_receive_bytes_total{container_id!=\"\", cluster=\"$cluster\"}[$__rate_interval]) * on (container_id) group_left (container, pod, namespace) max by ( container, container_id, pod, namespace) (kube_pod_container_info{container_id!=\"\", cluster=\"$cluster\"}) OR kube_namespace_created{cluster=\"$cluster\"} * 0) by (namespace))", - "interval": "$resolution", - "legendFormat": "Received : {{ namespace }}", - "range": true, - "refId": "A" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "expr": "- (sum(rate(container_network_transmit_bytes_total{cluster=\"$cluster\"}[$__rate_interval])) by (namespace)\n+ on (namespace)\n(sum(rate(windows_container_network_transmit_bytes_total{container_id!=\"\", cluster=\"$cluster\"}[$__rate_interval]) * on (container_id) group_left (container, pod, namespace) max by ( container, container_id, pod, namespace) (kube_pod_container_info{container_id!=\"\", cluster=\"$cluster\"}) OR kube_namespace_created{cluster=\"$cluster\"} * 0) by (namespace)))", - "hide": false, - "interval": "$resolution", - "legendFormat": "Transmitted : {{ namespace }}", - "range": true, - "refId": "B" - } - ], - "title": "Network Received by namespace", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "BANDWIDTH", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "bytes" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 74 - }, - "id": 80, - "options": { - "legend": { - "calcs": [], - "displayMode": "hidden", - "placement": "bottom", - "showLegend": false - }, - "tooltip": { - "mode": "multi", - "sort": "desc" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(rate(node_network_receive_bytes_total{cluster=\"$cluster\", job=\"$job\"}[$__rate_interval])) by (instance)", - "interval": "$resolution", - "legendFormat": "Received bytes in {{ instance }}", - "range": true, - "refId": "Linux Received bytes" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "expr": "- sum(rate(node_network_transmit_bytes_total{cluster=\"$cluster\", job=\"$job\"}[$__rate_interval])) by (instance)", - "hide": false, - "interval": "$resolution", - "legendFormat": "Transmitted bytes in {{ instance }}", - "range": true, - "refId": "Linux Transmitted bytes" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(rate(windows_net_bytes_received_total{cluster=\"$cluster\"}[$__rate_interval])) by (instance)", - "hide": false, - "interval": "$resolution", - "legendFormat": "Received bytes in {{ instance }}", - "range": true, - "refId": "Windows Received bytes" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "expr": "- sum(rate(windows_net_bytes_sent_total{cluster=\"$cluster\"}[$__rate_interval])) by (instance)", - "hide": false, - "interval": "$resolution", - "legendFormat": "Transmitted bytes in {{ instance }}", - "range": true, - "refId": "Windows Transmitted bytes" - } - ], - "title": "Total Network Received (with all virtual devices) by instance", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "description": "Dropped noisy virtual devices for readability.", - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "BANDWIDTH", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "bytes" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 82 - }, - "id": 56, - "options": { - "legend": { - "calcs": [], - "displayMode": "hidden", - "placement": "bottom", - "showLegend": false - }, - "tooltip": { - "mode": "multi", - "sort": "desc" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(rate(node_network_receive_bytes_total{device!~\"(veth|azv|lxc|lo).*\", cluster=\"$cluster\", job=\"$job\"}[$__rate_interval])) by (instance)", - "interval": "$resolution", - "legendFormat": "Received bytes in {{ instance }}", - "range": true, - "refId": "A" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "expr": "- sum(rate(node_network_transmit_bytes_total{device!~\"(veth|azv|lxc|lo).*\", cluster=\"$cluster\", job=\"$job\"}[$__rate_interval])) by (instance)", - "hide": false, - "interval": "$resolution", - "legendFormat": "Transmitted bytes in {{ instance }}", - "range": true, - "refId": "B" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(rate(windows_net_bytes_received_total{nic!~\".*Virtual.*\",cluster=\"$cluster\"}[$__rate_interval])) by (instance)", - "hide": false, - "interval": "$resolution", - "legendFormat": "Received bytes in {{ instance }}", - "range": true, - "refId": "C" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "- sum(rate(windows_net_bytes_sent_total{nic!~\".*Virtual.*\",cluster=\"$cluster\"}[$__rate_interval])) by (instance)", - "hide": false, - "interval": "$resolution", - "legendFormat": "Transmitted bytes in {{ instance }}", - "range": true, - "refId": "D" - } - ], - "title": "Network Received (without loopback) by instance", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "description": "Dropped noisy virtual devices for readability.", - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "BANDWIDTH", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "bytes" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 82 - }, - "id": 81, - "options": { - "legend": { - "calcs": [], - "displayMode": "hidden", - "placement": "bottom", - "showLegend": false - }, - "tooltip": { - "mode": "multi", - "sort": "desc" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(rate(node_network_receive_bytes_total{device=\"lo\", cluster=\"$cluster\", job=\"$job\"}[$__rate_interval])) by (instance)", - "interval": "$resolution", - "legendFormat": "Received bytes in {{ instance }}", - "range": true, - "refId": "A" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "expr": "- sum(rate(node_network_transmit_bytes_total{device=\"lo\", cluster=\"$cluster\", job=\"$job\"}[$__rate_interval])) by (instance)", - "hide": false, - "interval": "$resolution", - "legendFormat": "Transmitted bytes in {{ instance }}", - "range": true, - "refId": "B" - } - ], - "title": "Network Received (loopback only) by instance", - "type": "timeseries" - } - ], - "refresh": "30s", - "schemaVersion": 39, - "tags": [ - "Kubernetes", - "Prometheus" - ], - "templating": { - "list": [ - { - "current": { - "selected": false, - "text": "", - "value": "" - }, - "hide": 0, - "includeAll": false, - "multi": false, - "name": "datasource", - "options": [], - "query": "prometheus", - "queryValue": "", - "refresh": 1, - "regex": "", - "skipUrlSync": false, - "type": "datasource" - }, - { - "current": {}, - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "definition": "label_values(kube_node_info,cluster)", - "hide": 0, - "includeAll": false, - "multi": false, - "name": "cluster", - "options": [], - "query": { - "qryType": 1, - "query": "label_values(kube_node_info,cluster)", - "refId": "PrometheusVariableQueryEditor-VariableQuery" - }, - "refresh": 1, - "regex": "", - "skipUrlSync": false, - "sort": 1, - "type": "query" - }, - { - "current": { - "selected": false, - "text": "30s", - "value": "30s" - }, - "hide": 0, - "includeAll": false, - "multi": false, - "name": "resolution", - "options": [ - { - "selected": false, - "text": "1s", - "value": "1s" - }, - { - "selected": false, - "text": "15s", - "value": "15s" - }, - { - "selected": true, - "text": "30s", - "value": "30s" - }, - { - "selected": false, - "text": "1m", - "value": "1m" - }, - { - "selected": false, - "text": "3m", - "value": "3m" - }, - { - "selected": false, - "text": "5m", - "value": "5m" - } - ], - "query": "1s, 15s, 30s, 1m, 3m, 5m", - "queryValue": "", - "skipUrlSync": false, - "type": "custom" - }, - { - "current": { - "selected": false, - "text": "", - "value": "" - }, - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "definition": "label_values(node_cpu_seconds_total{cluster=\"$cluster\"},job)", - "hide": 0, - "includeAll": false, - "multi": true, - "name": "job", - "options": [], - "query": { - "qryType": 1, - "query": "label_values(node_cpu_seconds_total{cluster=\"$cluster\"},job)", - "refId": "PrometheusVariableQueryEditor-VariableQuery" - }, - "refresh": 1, - "regex": "", - "skipUrlSync": false, - "sort": 1, - "type": "query" - } - ] - }, - "time": { - "from": "now-1h", - "to": "now" - }, - "timepicker": {}, - "timezone": "", - "title": "Kubernetes / Views / Global", - "uid": "k8s_views_global", - "version": 39, - "weekStart": "" - } -kind: ConfigMap -metadata: - annotations: - grafana_folder: Kubernetes - labels: - grafana_dashboard: "1" - name: dashboards-k8s-views-global - namespace: futureporn ---- -apiVersion: v1 -data: - k8s-views-namespaces.json: | - { - "__inputs": [ - { - "name": "DS_PROMETHEUS", - "label": "Prometheus", - "description": "", - "type": "datasource", - "pluginId": "prometheus", - "pluginName": "Prometheus" - } - ], - "__elements": {}, - "__requires": [ - { - "type": "panel", - "id": "gauge", - "name": "Gauge", - "version": "" - }, - { - "type": "grafana", - "id": "grafana", - "name": "Grafana", - "version": "10.3.1" - }, - { - "type": "datasource", - "id": "prometheus", - "name": "Prometheus", - "version": "1.0.0" - }, - { - "type": "panel", - "id": "stat", - "name": "Stat", - "version": "" - }, - { - "type": "panel", - "id": "timeseries", - "name": "Time series", - "version": "" - } - ], - "annotations": { - "list": [ - { - "builtIn": 1, - "datasource": { - "type": "datasource", - "uid": "grafana" - }, - "enable": true, - "hide": true, - "iconColor": "rgba(0, 211, 255, 1)", - "name": "Annotations & Alerts", - "target": { - "limit": 100, - "matchAny": false, - "tags": [], - "type": "dashboard" - }, - "type": "dashboard" - } - ] - }, - "description": "This is a modern 'Namespaces View' dashboard for your Kubernetes cluster(s). Made for kube-prometheus-stack and take advantage of the latest Grafana features. GitHub repository: https://github.com/dotdc/grafana-dashboards-kubernetes", - "editable": true, - "fiscalYearStartMonth": 0, - "graphTooltip": 1, - "links": [], - "liveNow": false, - "panels": [ - { - "collapsed": false, - "datasource": { - "type": "datasource", - "uid": "grafana" - }, - "gridPos": { - "h": 1, - "w": 24, - "x": 0, - "y": 0 - }, - "id": 38, - "panels": [], - "title": "Overview", - "type": "row" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "decimals": 2, - "mappings": [], - "max": 1, - "min": 0, - "thresholds": { - "mode": "percentage", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "orange", - "value": 50 - }, - { - "color": "red", - "value": 70 - } - ] - }, - "unit": "percentunit", - "unitScale": true - }, - "overrides": [] - }, - "gridPos": { - "h": 7, - "w": 6, - "x": 0, - "y": 1 - }, - "id": 46, - "options": { - "minVizHeight": 75, - "minVizWidth": 75, - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "showThresholdLabels": false, - "showThresholdMarkers": true, - "sizing": "auto", - "text": {} - }, - "pluginVersion": "10.3.1", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": false, - "expr": "sum(rate(container_cpu_usage_seconds_total{namespace=~\"$namespace\", image!=\"\", cluster=\"$cluster\"}[$__rate_interval])) / sum(machine_cpu_cores{cluster=\"$cluster\"})", - "instant": true, - "interval": "", - "legendFormat": "", - "range": false, - "refId": "A" - } - ], - "title": "Namespace(s) usage on total cluster CPU in %", - "type": "gauge" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "decimals": 2, - "mappings": [], - "max": 1, - "min": 0, - "thresholds": { - "mode": "percentage", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "orange", - "value": 50 - }, - { - "color": "red", - "value": 70 - } - ] - }, - "unit": "percentunit", - "unitScale": true - }, - "overrides": [] - }, - "gridPos": { - "h": 7, - "w": 6, - "x": 6, - "y": 1 - }, - "id": 48, - "options": { - "minVizHeight": 75, - "minVizWidth": 75, - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "showThresholdLabels": false, - "showThresholdMarkers": true, - "sizing": "auto", - "text": {} - }, - "pluginVersion": "10.3.1", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "exemplar": true, - "expr": "sum(container_memory_working_set_bytes{namespace=~\"$namespace\", image!=\"\", cluster=\"$cluster\"}) / sum(machine_memory_bytes{cluster=\"$cluster\"})", - "interval": "", - "legendFormat": "", - "refId": "A" - } - ], - "title": "Namespace(s) usage on total cluster RAM in %", - "type": "gauge" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "short", - "unitScale": true - }, - "overrides": [] - }, - "gridPos": { - "h": 11, - "w": 12, - "x": 12, - "y": 1 - }, - "id": 32, - "options": { - "legend": { - "calcs": [ - "min", - "max", - "mean" - ], - "displayMode": "table", - "placement": "right", - "showLegend": true, - "sortBy": "Max", - "sortDesc": true - }, - "tooltip": { - "mode": "multi", - "sort": "desc" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "expr": "sum(kube_pod_info{namespace=~\"$namespace\", cluster=\"$cluster\"})", - "interval": "", - "legendFormat": "Running Pods", - "refId": "A" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "expr": "sum(kube_service_info{namespace=~\"$namespace\", cluster=\"$cluster\"})", - "interval": "", - "legendFormat": "Services", - "refId": "B" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "expr": "sum(kube_ingress_info{namespace=~\"$namespace\", cluster=\"$cluster\"})", - "interval": "", - "legendFormat": "Ingresses", - "refId": "C" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "expr": "sum(kube_deployment_labels{namespace=~\"$namespace\", cluster=\"$cluster\"})", - "interval": "", - "legendFormat": "Deployments", - "refId": "D" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "expr": "sum(kube_statefulset_labels{namespace=~\"$namespace\", cluster=\"$cluster\"})", - "interval": "", - "legendFormat": "Statefulsets", - "refId": "E" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "expr": "sum(kube_daemonset_labels{namespace=~\"$namespace\", cluster=\"$cluster\"})", - "interval": "", - "legendFormat": "Daemonsets", - "refId": "F" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "expr": "sum(kube_persistentvolumeclaim_info{namespace=~\"$namespace\", cluster=\"$cluster\"})", - "interval": "", - "legendFormat": "Persistent Volume Claims", - "refId": "G" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "expr": "sum(kube_hpa_labels{namespace=~\"$namespace\", cluster=\"$cluster\"})", - "interval": "", - "legendFormat": "Horizontal Pod Autoscalers", - "refId": "H" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "expr": "sum(kube_configmap_info{namespace=~\"$namespace\", cluster=\"$cluster\"})", - "interval": "", - "legendFormat": "Configmaps", - "refId": "I" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "expr": "sum(kube_secret_info{namespace=~\"$namespace\", cluster=\"$cluster\"})", - "interval": "", - "legendFormat": "Secrets", - "refId": "J" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "expr": "sum(kube_networkpolicy_labels{namespace=~\"$namespace\", cluster=\"$cluster\"})", - "interval": "", - "legendFormat": "Network Policies", - "refId": "K" - } - ], - "title": "Kubernetes Resource Count", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "mappings": [], - "noValue": "0", - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "rgb(255, 255, 255)", - "value": null - } - ] - }, - "unit": "none", - "unitScale": true - }, - "overrides": [] - }, - "gridPos": { - "h": 4, - "w": 6, - "x": 0, - "y": 8 - }, - "id": 62, - "options": { - "colorMode": "none", - "graphMode": "none", - "justifyMode": "center", - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "showPercentChange": false, - "text": {}, - "textMode": "auto", - "wideLayout": true - }, - "pluginVersion": "10.3.1", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(rate(container_cpu_usage_seconds_total{namespace=~\"$namespace\", image!=\"\", cluster=\"$cluster\"}[$__rate_interval]))", - "interval": "", - "legendFormat": "Real", - "range": true, - "refId": "A" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "expr": "sum(kube_pod_container_resource_requests{namespace=~\"$namespace\", resource=\"cpu\", cluster=\"$cluster\"})", - "hide": false, - "legendFormat": "Requests", - "range": true, - "refId": "B" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "expr": "sum(kube_pod_container_resource_limits{namespace=~\"$namespace\", resource=\"cpu\", cluster=\"$cluster\"})", - "hide": false, - "legendFormat": "Limits", - "range": true, - "refId": "C" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "expr": "sum(machine_cpu_cores{cluster=\"$cluster\"})", - "hide": false, - "legendFormat": "Cluster Total", - "range": true, - "refId": "D" - } - ], - "title": "Namespace(s) CPU Usage in cores", - "type": "stat" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "mappings": [], - "noValue": "0", - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "rgb(255, 255, 255)", - "value": null - } - ] - }, - "unit": "bytes", - "unitScale": true - }, - "overrides": [] - }, - "gridPos": { - "h": 4, - "w": 6, - "x": 6, - "y": 8 - }, - "id": 64, - "options": { - "colorMode": "none", - "graphMode": "none", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "showPercentChange": false, - "text": {}, - "textMode": "auto", - "wideLayout": true - }, - "pluginVersion": "10.3.1", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(container_memory_working_set_bytes{namespace=~\"$namespace\", image!=\"\", cluster=\"$cluster\"})", - "interval": "", - "legendFormat": "Real", - "range": true, - "refId": "A" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "expr": "sum(kube_pod_container_resource_requests{namespace=~\"$namespace\", resource=\"memory\", cluster=\"$cluster\"})", - "hide": false, - "legendFormat": "Requests", - "range": true, - "refId": "B" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "expr": "sum(kube_pod_container_resource_limits{namespace=~\"$namespace\", resource=\"memory\", cluster=\"$cluster\"})", - "hide": false, - "legendFormat": "Limits", - "range": true, - "refId": "C" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "expr": "sum(machine_memory_bytes{cluster=\"$cluster\"})", - "hide": false, - "legendFormat": "Cluster Total", - "range": true, - "refId": "D" - } - ], - "title": "Namespace(s) RAM Usage in bytes", - "type": "stat" - }, - { - "collapsed": false, - "datasource": { - "type": "datasource", - "uid": "grafana" - }, - "gridPos": { - "h": 1, - "w": 24, - "x": 0, - "y": 12 - }, - "id": 40, - "panels": [], - "title": "Resources", - "type": "row" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "CPU CORES", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "none", - "unitScale": true - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 13 - }, - "id": 29, - "options": { - "legend": { - "calcs": [], - "displayMode": "table", - "placement": "right", - "showLegend": true - }, - "tooltip": { - "mode": "single", - "sort": "none" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(rate(container_cpu_usage_seconds_total{namespace=~\"$namespace\", image!=\"\", pod=~\"${created_by}.*\", cluster=\"$cluster\"}[$__rate_interval])) by (pod)", - "interval": "$resolution", - "legendFormat": "{{ pod }}", - "range": true, - "refId": "A" - } - ], - "title": "CPU usage by Pod", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "bytes", - "unitScale": true - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 13 - }, - "id": 30, - "options": { - "legend": { - "calcs": [], - "displayMode": "table", - "placement": "right", - "showLegend": true - }, - "tooltip": { - "mode": "single", - "sort": "none" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(container_memory_working_set_bytes{namespace=~\"$namespace\", image!=\"\", pod=~\"${created_by}.*\", cluster=\"$cluster\"}) by (pod)", - "interval": "$resolution", - "legendFormat": "{{ pod }}", - "range": true, - "refId": "A" - } - ], - "title": "Memory usage by Pod", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "description": "", - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "SECONDS", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineStyle": { - "fill": "solid" - }, - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "decimals": 2, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green" - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "s" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 21 - }, - "id": 68, - "options": { - "legend": { - "calcs": [ - "min", - "max", - "mean" - ], - "displayMode": "table", - "placement": "right", - "showLegend": true, - "sortBy": "Max", - "sortDesc": true - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(rate(container_cpu_cfs_throttled_seconds_total{namespace=~\"$namespace\", image!=\"\", pod=~\"${created_by}.*\", cluster=\"$cluster\"}[$__rate_interval])) by (pod) > 0", - "interval": "$resolution", - "legendFormat": "{{ pod }}", - "range": true, - "refId": "A" - } - ], - "title": "CPU Throttled seconds by pod", - "type": "timeseries" - }, - { - "collapsed": false, - "gridPos": { - "h": 1, - "w": 24, - "x": 0, - "y": 29 - }, - "id": 73, - "panels": [], - "title": "Kubernetes", - "type": "row" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green" - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "short" - }, - "overrides": [] - }, - "gridPos": { - "h": 9, - "w": 12, - "x": 0, - "y": 30 - }, - "id": 70, - "options": { - "legend": { - "calcs": [ - "min", - "max", - "mean" - ], - "displayMode": "table", - "placement": "right", - "showLegend": true, - "sortBy": "Max", - "sortDesc": true - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(kube_pod_status_qos_class{namespace=~\"$namespace\", cluster=\"$cluster\"}) by (qos_class)", - "interval": "", - "legendFormat": "{{ qos_class }} pods", - "range": true, - "refId": "A" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "expr": "sum(kube_pod_info{namespace=~\"$namespace\", cluster=\"$cluster\"})", - "hide": false, - "legendFormat": "Total pods", - "range": true, - "refId": "B" - } - ], - "title": "Kubernetes Pods QoS classes", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green" - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "short" - }, - "overrides": [] - }, - "gridPos": { - "h": 9, - "w": 12, - "x": 12, - "y": 30 - }, - "id": 72, - "options": { - "legend": { - "calcs": [ - "min", - "max", - "mean" - ], - "displayMode": "table", - "placement": "right", - "showLegend": true, - "sortBy": "Max", - "sortDesc": true - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(kube_pod_status_reason{cluster=\"$cluster\"}) by (reason)", - "interval": "", - "legendFormat": "{{ reason }}", - "range": true, - "refId": "A" - } - ], - "title": "Kubernetes Pods Status Reason", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "description": "No data is generally a good thing here.", - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "points", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green" - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "short" - }, - "overrides": [] - }, - "gridPos": { - "h": 9, - "w": 12, - "x": 0, - "y": 39 - }, - "id": 74, - "options": { - "legend": { - "calcs": [ - "min", - "max", - "mean" - ], - "displayMode": "table", - "placement": "right", - "showLegend": true, - "sortBy": "Max", - "sortDesc": true - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(increase(container_oom_events_total{namespace=~\"${namespace}\", cluster=\"$cluster\"}[$__rate_interval])) by (namespace, pod) > 0", - "interval": "", - "legendFormat": "namespace: {{ namespace }} - pod: {{ pod }}", - "range": true, - "refId": "A" - } - ], - "title": "OOM Events by namespace, pod", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "description": "No data is generally a good thing here.", - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "points", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green" - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "short" - }, - "overrides": [] - }, - "gridPos": { - "h": 9, - "w": 12, - "x": 12, - "y": 39 - }, - "id": 75, - "options": { - "legend": { - "calcs": [ - "min", - "max", - "mean" - ], - "displayMode": "table", - "placement": "right", - "showLegend": true, - "sortBy": "Max", - "sortDesc": true - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(increase(kube_pod_container_status_restarts_total{namespace=~\"${namespace}\", cluster=\"$cluster\"}[$__rate_interval])) by (namespace, pod) > 0", - "interval": "", - "legendFormat": "namespace: {{ namespace }} - pod: {{ pod }}", - "range": true, - "refId": "A" - } - ], - "title": "Container Restarts by namespace, pod", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "decimals": 0, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green" - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 48 - }, - "id": 5, - "options": { - "legend": { - "calcs": [], - "displayMode": "table", - "placement": "right", - "showLegend": true - }, - "tooltip": { - "mode": "multi", - "sort": "desc" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "expr": "sum(kube_pod_container_status_ready{namespace=~\"$namespace\", pod=~\"${created_by}.*\", cluster=\"$cluster\"})", - "interval": "", - "legendFormat": "Ready", - "range": true, - "refId": "A" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "expr": "sum(kube_pod_container_status_running{namespace=~\"$namespace\", pod=~\"${created_by}.*\", cluster=\"$cluster\"})", - "interval": "", - "legendFormat": "Running", - "range": true, - "refId": "B" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "expr": "sum(kube_pod_container_status_waiting{namespace=~\"$namespace\", cluster=\"$cluster\"})", - "interval": "", - "legendFormat": "Waiting", - "refId": "C" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "expr": "sum(kube_pod_container_status_restarts_total{namespace=~\"$namespace\", cluster=\"$cluster\"})", - "interval": "", - "legendFormat": "Restarts Total", - "refId": "D" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "expr": "sum(kube_pod_container_status_terminated{namespace=~\"$namespace\", cluster=\"$cluster\"})", - "interval": "", - "legendFormat": "Terminated", - "refId": "E" - } - ], - "title": "Nb of pods by state", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "decimals": 0, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green" - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 48 - }, - "id": 2, - "options": { - "legend": { - "calcs": [], - "displayMode": "hidden", - "placement": "right", - "showLegend": false - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "expr": "sum(kube_pod_container_info{namespace=~\"$namespace\", pod=~\"${created_by}.*\", cluster=\"$cluster\"}) by (pod)", - "interval": "", - "legendFormat": "{{ pod }}", - "range": true, - "refId": "A" - } - ], - "title": "Nb of containers by pod", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green" - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "short" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 56 - }, - "id": 7, - "options": { - "legend": { - "calcs": [], - "displayMode": "table", - "placement": "right", - "showLegend": false - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(kube_deployment_status_replicas_available{namespace=~\"$namespace\", cluster=\"$cluster\"}) by (deployment)", - "interval": "", - "legendFormat": "{{ deployment }}", - "range": true, - "refId": "A" - } - ], - "title": "Replicas available by deployment", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green" - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "short" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 56 - }, - "id": 8, - "options": { - "legend": { - "calcs": [], - "displayMode": "table", - "placement": "right", - "showLegend": false - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "expr": "sum(kube_deployment_status_replicas_unavailable{namespace=~\"$namespace\", pod=~\"${created_by}.*\", cluster=\"$cluster\"}) by (deployment)", - "interval": "", - "legendFormat": "{{ deployment }}", - "range": true, - "refId": "A" - } - ], - "title": "Replicas unavailable by deployment", - "type": "timeseries" - }, - { - "collapsed": false, - "datasource": { - "type": "datasource", - "uid": "grafana" - }, - "gridPos": { - "h": 1, - "w": 24, - "x": 0, - "y": 64 - }, - "id": 42, - "panels": [], - "title": "Kubernetes Storage", - "type": "row" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "decimals": 2, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green" - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "percentunit" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 65 - }, - "id": 65, - "options": { - "legend": { - "calcs": [], - "displayMode": "table", - "placement": "right", - "showLegend": false - }, - "tooltip": { - "mode": "multi", - "sort": "desc" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "exemplar": true, - "expr": "sum(kubelet_volume_stats_used_bytes{namespace=~\"$namespace\", cluster=\"$cluster\"}) by (persistentvolumeclaim) / sum(kubelet_volume_stats_capacity_bytes{namespace=~\"$namespace\", cluster=\"$cluster\"}) by (persistentvolumeclaim)", - "interval": "", - "legendFormat": "{{ persistentvolumeclaim }}", - "refId": "A" - } - ], - "title": "Persistent Volumes - Capacity and usage in %", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "decimals": 2, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green" - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "bytes" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 65 - }, - "id": 66, - "options": { - "legend": { - "calcs": [], - "displayMode": "table", - "placement": "right", - "showLegend": false - }, - "tooltip": { - "mode": "multi", - "sort": "desc" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "exemplar": true, - "expr": "sum(kubelet_volume_stats_used_bytes{namespace=~\"$namespace\", cluster=\"$cluster\"}) by (persistentvolumeclaim)", - "interval": "", - "legendFormat": "{{ persistentvolumeclaim }} - Used", - "refId": "A" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "exemplar": true, - "expr": "sum(kubelet_volume_stats_capacity_bytes{namespace=~\"$namespace\", cluster=\"$cluster\"}) by (persistentvolumeclaim)", - "hide": false, - "interval": "", - "legendFormat": "{{ persistentvolumeclaim }} - Capacity", - "refId": "B" - } - ], - "title": "Persistent Volumes - Capacity and usage in bytes", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "decimals": 2, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green" - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "percentunit" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 73 - }, - "id": 27, - "options": { - "legend": { - "calcs": [], - "displayMode": "table", - "placement": "right", - "showLegend": false - }, - "tooltip": { - "mode": "multi", - "sort": "desc" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "exemplar": true, - "expr": "1 - sum(kubelet_volume_stats_inodes_used{namespace=~\"$namespace\", cluster=\"$cluster\"}) by (persistentvolumeclaim) / sum(kubelet_volume_stats_inodes{namespace=~\"$namespace\", cluster=\"$cluster\"}) by (persistentvolumeclaim)", - "interval": "", - "legendFormat": "{{ persistentvolumeclaim }}", - "refId": "A" - } - ], - "title": "Persistent Volumes - Inodes", - "type": "timeseries" - } - ], - "refresh": "30s", - "schemaVersion": 39, - "tags": [ - "Kubernetes", - "Prometheus" - ], - "templating": { - "list": [ - { - "current": {}, - "hide": 0, - "includeAll": false, - "multi": false, - "name": "datasource", - "options": [], - "query": "prometheus", - "queryValue": "", - "refresh": 1, - "regex": "", - "skipUrlSync": false, - "type": "datasource" - }, - { - "current": {}, - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "definition": "label_values(kube_node_info,cluster)", - "hide": 0, - "includeAll": false, - "multi": false, - "name": "cluster", - "options": [], - "query": { - "qryType": 1, - "query": "label_values(kube_node_info,cluster)", - "refId": "PrometheusVariableQueryEditor-VariableQuery" - }, - "refresh": 1, - "regex": "", - "skipUrlSync": false, - "sort": 1, - "type": "query" - }, - { - "current": {}, - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "definition": "label_values(kube_pod_info{cluster=\"$cluster\"}, namespace)", - "hide": 0, - "includeAll": true, - "multi": true, - "name": "namespace", - "options": [], - "query": { - "query": "label_values(kube_pod_info{cluster=\"$cluster\"}, namespace)", - "refId": "StandardVariableQuery" - }, - "refresh": 1, - "regex": "", - "skipUrlSync": false, - "sort": 1, - "tagValuesQuery": "", - "tagsQuery": "", - "type": "query", - "useTags": false - }, - { - "current": { - "selected": false, - "text": "30s", - "value": "30s" - }, - "hide": 0, - "includeAll": false, - "multi": false, - "name": "resolution", - "options": [ - { - "selected": false, - "text": "1s", - "value": "1s" - }, - { - "selected": false, - "text": "15s", - "value": "15s" - }, - { - "selected": true, - "text": "30s", - "value": "30s" - }, - { - "selected": false, - "text": "1m", - "value": "1m" - }, - { - "selected": false, - "text": "3m", - "value": "3m" - }, - { - "selected": false, - "text": "5m", - "value": "5m" - } - ], - "query": "1s, 15s, 30s, 1m, 3m, 5m", - "queryValue": "", - "skipUrlSync": false, - "type": "custom" - }, - { - "current": {}, - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "definition": "label_values(kube_pod_info{namespace=~\"$namespace\", container!=\"\", cluster=\"$cluster\"},created_by_name)", - "description": "Can be used to filter on a specific deployment, statefulset or deamonset (only relevant panels).", - "hide": 0, - "includeAll": true, - "multi": true, - "name": "created_by", - "options": [], - "query": { - "query": "label_values(kube_pod_info{namespace=~\"$namespace\", container!=\"\", cluster=\"$cluster\"},created_by_name)", - "refId": "PrometheusVariableQueryEditor-VariableQuery" - }, - "refresh": 2, - "regex": "", - "skipUrlSync": false, - "sort": 1, - "type": "query" - } - ] - }, - "time": { - "from": "now-1h", - "to": "now" - }, - "timepicker": {}, - "timezone": "", - "title": "Kubernetes / Views / Namespaces", - "uid": "k8s_views_ns", - "version": 34, - "weekStart": "" - } -kind: ConfigMap -metadata: - annotations: - grafana_folder: Kubernetes - labels: - grafana_dashboard: "1" - name: dashboards-k8s-views-namespaces - namespace: futureporn ---- -apiVersion: v1 -data: - k8s-views-nodes.json: | - { - "__inputs": [ - { - "name": "DS_PROMETHEUS", - "label": "Prometheus", - "description": "", - "type": "datasource", - "pluginId": "prometheus", - "pluginName": "Prometheus" - } - ], - "__elements": {}, - "__requires": [ - { - "type": "panel", - "id": "gauge", - "name": "Gauge", - "version": "" - }, - { - "type": "grafana", - "id": "grafana", - "name": "Grafana", - "version": "10.3.1" - }, - { - "type": "datasource", - "id": "prometheus", - "name": "Prometheus", - "version": "1.0.0" - }, - { - "type": "panel", - "id": "stat", - "name": "Stat", - "version": "" - }, - { - "type": "panel", - "id": "table", - "name": "Table", - "version": "" - }, - { - "type": "panel", - "id": "timeseries", - "name": "Time series", - "version": "" - } - ], - "annotations": { - "list": [ - { - "builtIn": 1, - "datasource": { - "type": "datasource", - "uid": "grafana" - }, - "enable": true, - "hide": true, - "iconColor": "rgba(0, 211, 255, 1)", - "name": "Annotations & Alerts", - "target": { - "limit": 100, - "matchAny": false, - "tags": [], - "type": "dashboard" - }, - "type": "dashboard" - } - ] - }, - "description": "This is a modern 'Nodes View' dashboard for your Kubernetes cluster(s). Made for kube-prometheus-stack and take advantage of the latest Grafana features. GitHub repository: https://github.com/dotdc/grafana-dashboards-kubernetes", - "editable": true, - "fiscalYearStartMonth": 0, - "graphTooltip": 1, - "links": [], - "liveNow": false, - "panels": [ - { - "collapsed": false, - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "gridPos": { - "h": 1, - "w": 24, - "x": 0, - "y": 0 - }, - "id": 40, - "panels": [], - "title": "Overview", - "type": "row" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "decimals": 2, - "mappings": [], - "max": 1, - "min": 0, - "thresholds": { - "mode": "percentage", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "orange", - "value": 50 - }, - { - "color": "red", - "value": 70 - } - ] - }, - "unit": "percentunit", - "unitScale": true - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 4, - "x": 0, - "y": 1 - }, - "id": 7, - "options": { - "minVizHeight": 75, - "minVizWidth": 75, - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "showThresholdLabels": false, - "showThresholdMarkers": true, - "sizing": "auto", - "text": {} - }, - "pluginVersion": "10.3.1", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "exemplar": false, - "expr": "avg(sum by (cpu) (rate(node_cpu_seconds_total{mode!~\"idle|iowait|steal\", instance=\"$instance\", cluster=\"$cluster\"}[$__rate_interval])))", - "instant": true, - "interval": "$resolution", - "legendFormat": "", - "refId": "A" - } - ], - "title": "CPU Usage", - "type": "gauge" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "decimals": 2, - "mappings": [], - "max": 1, - "min": 0, - "thresholds": { - "mode": "percentage", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "orange", - "value": 50 - }, - { - "color": "red", - "value": 70 - } - ] - }, - "unit": "percentunit", - "unitScale": true - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 4, - "x": 4, - "y": 1 - }, - "id": 13, - "options": { - "minVizHeight": 75, - "minVizWidth": 75, - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "showThresholdLabels": false, - "showThresholdMarkers": true, - "sizing": "auto", - "text": {} - }, - "pluginVersion": "10.3.1", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "exemplar": false, - "expr": "sum(node_memory_MemTotal_bytes{instance=\"$instance\", cluster=\"$cluster\"} - node_memory_MemAvailable_bytes{instance=\"$instance\", cluster=\"$cluster\"}) / sum(node_memory_MemTotal_bytes{instance=\"$instance\", cluster=\"$cluster\"})", - "instant": true, - "interval": "$resolution", - "legendFormat": "", - "refId": "A" - } - ], - "title": "RAM Usage", - "type": "gauge" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "mappings": [], - "noValue": "0", - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "blue", - "value": null - } - ] - }, - "unitScale": true - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 4, - "x": 8, - "y": 1 - }, - "id": 24, - "options": { - "colorMode": "value", - "graphMode": "none", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "showPercentChange": false, - "text": {}, - "textMode": "value", - "wideLayout": true - }, - "pluginVersion": "10.3.1", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "exemplar": true, - "expr": "sum(kube_pod_info{node=\"$node\", cluster=\"$cluster\"})", - "interval": "", - "legendFormat": "", - "refId": "A" - } - ], - "title": "Pods on node", - "type": "stat" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "custom": { - "align": "auto", - "cellOptions": { - "type": "auto" - }, - "inspect": false - }, - "links": [ - { - "targetBlank": true, - "title": "Pod details", - "url": "/d/k8s_views_pods/kubernetes-views-pods?${datasource:queryparam}&var-namespace=${__data.fields.namespace}&var-pod=${__data.fields.pod}&${resolution:queryparam}&${__url_time_range}" - } - ], - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unitScale": true - }, - "overrides": [ - { - "matcher": { - "id": "byName", - "options": "pod" - }, - "properties": [ - { - "id": "custom.width", - "value": 416 - } - ] - }, - { - "matcher": { - "id": "byName", - "options": "priority_class" - }, - "properties": [ - { - "id": "custom.width", - "value": 176 - } - ] - }, - { - "matcher": { - "id": "byName", - "options": "pod_ip" - }, - "properties": [ - { - "id": "custom.width", - "value": 157 - } - ] - }, - { - "matcher": { - "id": "byName", - "options": "created_by_kind" - }, - "properties": [ - { - "id": "custom.width", - "value": 205 - } - ] - }, - { - "matcher": { - "id": "byName", - "options": "namespace" - }, - "properties": [ - { - "id": "custom.width", - "value": 263 - } - ] - } - ] - }, - "gridPos": { - "h": 11, - "w": 12, - "x": 12, - "y": 1 - }, - "id": 5, - "options": { - "cellHeight": "sm", - "footer": { - "countRows": false, - "fields": "", - "reducer": [ - "sum" - ], - "show": false - }, - "showHeader": true, - "sortBy": [] - }, - "pluginVersion": "10.3.1", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "exemplar": true, - "expr": "kube_pod_info{node=\"$node\", cluster=\"$cluster\"}", - "format": "table", - "interval": "", - "legendFormat": "", - "refId": "A" - } - ], - "title": "List of pods on node ($node)", - "transformations": [ - { - "id": "organize", - "options": { - "excludeByName": { - "Time": true, - "Value": true, - "__name__": true, - "container": true, - "created_by_kind": false, - "created_by_name": true, - "endpoint": true, - "env": true, - "host_ip": true, - "host_network": true, - "instance": true, - "job": true, - "node": true, - "project": true, - "prometheus_replica": true, - "service": true, - "uid": true - }, - "indexByName": { - "Time": 6, - "Value": 20, - "__name__": 7, - "container": 8, - "created_by_kind": 2, - "created_by_name": 9, - "endpoint": 10, - "env": 11, - "host_ip": 5, - "host_network": 12, - "instance": 13, - "job": 14, - "namespace": 1, - "node": 15, - "pod": 0, - "pod_ip": 3, - "priority_class": 4, - "project": 16, - "prometheus_replica": 17, - "service": 18, - "uid": 19 - }, - "renameByName": {} - } - }, - { - "id": "groupBy", - "options": { - "fields": { - "created_by_kind": { - "aggregations": [], - "operation": "groupby" - }, - "host_ip": { - "aggregations": [], - "operation": "groupby" - }, - "namespace": { - "aggregations": [ - "last" - ], - "operation": "groupby" - }, - "pod": { - "aggregations": [], - "operation": "groupby" - }, - "pod_ip": { - "aggregations": [], - "operation": "groupby" - }, - "priority_class": { - "aggregations": [], - "operation": "groupby" - } - } - } - } - ], - "type": "table" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "decimals": 3, - "mappings": [], - "noValue": "0", - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "rgb(255, 255, 255)", - "value": null - } - ] - }, - "unit": "none", - "unitScale": true - }, - "overrides": [] - }, - "gridPos": { - "h": 3, - "w": 2, - "x": 0, - "y": 9 - }, - "id": 9, - "options": { - "colorMode": "none", - "graphMode": "none", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "showPercentChange": false, - "text": {}, - "textMode": "auto", - "wideLayout": true - }, - "pluginVersion": "10.3.1", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "exemplar": false, - "expr": "sum(rate(node_cpu_seconds_total{mode!~\"idle|iowait|steal\", instance=\"$instance\", cluster=\"$cluster\"}[$__rate_interval]))", - "instant": true, - "interval": "$resolution", - "legendFormat": "", - "refId": "A" - } - ], - "title": "CPU Used", - "type": "stat" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "mappings": [], - "noValue": "0", - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "rgb(255, 255, 255)", - "value": null - } - ] - }, - "unit": "none", - "unitScale": true - }, - "overrides": [] - }, - "gridPos": { - "h": 3, - "w": 2, - "x": 2, - "y": 9 - }, - "id": 11, - "options": { - "colorMode": "none", - "graphMode": "none", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "showPercentChange": false, - "text": {}, - "textMode": "auto", - "wideLayout": true - }, - "pluginVersion": "10.3.1", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "exemplar": true, - "expr": "sum(machine_cpu_cores{node=\"$node\", cluster=\"$cluster\"})", - "interval": "$resolution", - "legendFormat": "", - "refId": "A" - } - ], - "title": "CPU Total", - "type": "stat" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "mappings": [], - "noValue": "0", - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "rgb(255, 255, 255)", - "value": null - } - ] - }, - "unit": "bytes", - "unitScale": true - }, - "overrides": [] - }, - "gridPos": { - "h": 3, - "w": 2, - "x": 4, - "y": 9 - }, - "id": 15, - "options": { - "colorMode": "none", - "graphMode": "none", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "showPercentChange": false, - "text": {}, - "textMode": "auto", - "wideLayout": true - }, - "pluginVersion": "10.3.1", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "exemplar": false, - "expr": "sum(node_memory_MemTotal_bytes{instance=\"$instance\", cluster=\"$cluster\"} - node_memory_MemAvailable_bytes{instance=\"$instance\", cluster=\"$cluster\"})", - "instant": true, - "interval": "", - "legendFormat": "", - "refId": "A" - } - ], - "title": "RAM Used", - "type": "stat" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "mappings": [], - "noValue": "0", - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "rgb(255, 255, 255)", - "value": null - } - ] - }, - "unit": "bytes", - "unitScale": true - }, - "overrides": [] - }, - "gridPos": { - "h": 3, - "w": 2, - "x": 6, - "y": 9 - }, - "id": 17, - "options": { - "colorMode": "none", - "graphMode": "none", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "showPercentChange": false, - "text": {}, - "textMode": "auto", - "wideLayout": true - }, - "pluginVersion": "10.3.1", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "exemplar": true, - "expr": "machine_memory_bytes{node=\"$node\", cluster=\"$cluster\"}", - "instant": false, - "interval": "", - "legendFormat": "", - "refId": "A" - } - ], - "title": "RAM Total", - "type": "stat" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "mappings": [], - "noValue": "0", - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "#EAB839", - "value": 25228800 - }, - { - "color": "red", - "value": 31536000 - } - ] - }, - "unit": "s", - "unitScale": true - }, - "overrides": [] - }, - "gridPos": { - "h": 3, - "w": 4, - "x": 8, - "y": 9 - }, - "id": 18, - "options": { - "colorMode": "value", - "graphMode": "none", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "showPercentChange": false, - "text": {}, - "textMode": "auto", - "wideLayout": true - }, - "pluginVersion": "10.3.1", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "exemplar": true, - "expr": "node_time_seconds{instance=\"$instance\", cluster=\"$cluster\"} - node_boot_time_seconds{instance=\"$instance\", cluster=\"$cluster\"}", - "instant": false, - "interval": "", - "legendFormat": "", - "refId": "A" - } - ], - "title": "uptime", - "type": "stat" - }, - { - "collapsed": false, - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "gridPos": { - "h": 1, - "w": 24, - "x": 0, - "y": 12 - }, - "id": 38, - "panels": [], - "title": "Resources", - "type": "row" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineStyle": { - "fill": "solid" - }, - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "max": 100, - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "percent", - "unitScale": true - }, - "overrides": [] - }, - "gridPos": { - "h": 9, - "w": 12, - "x": 0, - "y": 13 - }, - "id": 2, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": true - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "exemplar": true, - "expr": "avg(rate(node_cpu_seconds_total{instance=\"$instance\", cluster=\"$cluster\"}[$__rate_interval]) * 100) by (mode)", - "hide": false, - "instant": false, - "interval": "$resolution", - "legendFormat": "{{ mode }}", - "refId": "A" - } - ], - "title": "CPU Usage", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineStyle": { - "fill": "solid" - }, - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "bytes", - "unitScale": true - }, - "overrides": [] - }, - "gridPos": { - "h": 9, - "w": 12, - "x": 12, - "y": 13 - }, - "id": 3, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "right", - "showLegend": true - }, - "tooltip": { - "mode": "multi", - "sort": "desc" - } - }, - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "exemplar": true, - "expr": "node_memory_MemTotal_bytes{instance=\"$instance\", cluster=\"$cluster\"} - node_memory_MemFree_bytes{instance=\"$instance\", cluster=\"$cluster\"} - (node_memory_Cached_bytes{instance=\"$instance\", cluster=\"$cluster\"} + node_memory_Buffers_bytes{instance=\"$instance\", cluster=\"$cluster\"})", - "instant": false, - "interval": "$resolution", - "legendFormat": "RAM Used", - "refId": "A" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "exemplar": true, - "expr": "node_memory_MemTotal_bytes{instance=\"$instance\", cluster=\"$cluster\"}", - "hide": false, - "interval": "$resolution", - "legendFormat": "RAM Total", - "refId": "B" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "exemplar": true, - "expr": "node_memory_Cached_bytes{instance=\"$instance\", cluster=\"$cluster\"}", - "hide": false, - "interval": "$resolution", - "legendFormat": "RAM Cache", - "refId": "C" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "exemplar": true, - "expr": "node_memory_Buffers_bytes{instance=\"$instance\", cluster=\"$cluster\"}", - "hide": false, - "interval": "$resolution", - "legendFormat": "RAM Buffer", - "refId": "D" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "exemplar": true, - "expr": "node_memory_MemFree_bytes{instance=\"$instance\", cluster=\"$cluster\"}", - "hide": false, - "interval": "$resolution", - "legendFormat": "RAM Free", - "refId": "E" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "exemplar": true, - "expr": "node_memory_SwapTotal_bytes{instance=\"$instance\", cluster=\"$cluster\"} - node_memory_SwapFree_bytes{instance=\"$instance\", cluster=\"$cluster\"}", - "hide": false, - "interval": "$resolution", - "legendFormat": "SWAP Used", - "refId": "F" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "exemplar": true, - "expr": "node_memory_SwapTotal_bytes{instance=\"$instance\", cluster=\"$cluster\"}", - "hide": false, - "interval": "$resolution", - "legendFormat": "SWAP Total", - "refId": "G" - } - ], - "title": "Memory Usage", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "CPU Cores", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green" - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 22 - }, - "id": 26, - "options": { - "legend": { - "calcs": [], - "displayMode": "table", - "placement": "right", - "showLegend": true - }, - "tooltip": { - "mode": "single", - "sort": "none" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "exemplar": true, - "expr": "sum(rate(container_cpu_usage_seconds_total{node=\"$node\", image!=\"\", cluster=\"$cluster\"}[$__rate_interval])) by (pod)", - "interval": "$resolution", - "legendFormat": "{{ pod }}", - "refId": "A" - } - ], - "title": "CPU usage by Pod", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green" - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "bytes" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 22 - }, - "id": 28, - "options": { - "legend": { - "calcs": [], - "displayMode": "table", - "placement": "right", - "showLegend": true - }, - "tooltip": { - "mode": "single", - "sort": "none" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "exemplar": true, - "expr": "sum(container_memory_working_set_bytes{node=\"$node\", image!=\"\", cluster=\"$cluster\"}) by (pod)", - "interval": "$resolution", - "legendFormat": "{{ pod }}", - "refId": "A" - } - ], - "title": "Memory usage by Pod", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "description": "Number of times a CPU core has been throttled on an instance.", - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "CPU CORES", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineStyle": { - "fill": "solid" - }, - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "decimals": 2, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green" - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 30 - }, - "id": 66, - "options": { - "legend": { - "calcs": [ - "min", - "max", - "mean" - ], - "displayMode": "table", - "placement": "right", - "showLegend": true, - "sortBy": "Max", - "sortDesc": true - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(rate(node_cpu_core_throttles_total{instance=\"$instance\", cluster=\"$cluster\"}[$__rate_interval]))", - "interval": "$resolution", - "legendFormat": "Nb of cpu core throttles", - "range": true, - "refId": "A" - } - ], - "title": "Number of CPU Core Throttled", - "type": "timeseries" - }, - { - "collapsed": false, - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "gridPos": { - "h": 1, - "w": 24, - "x": 0, - "y": 38 - }, - "id": 44, - "panels": [], - "title": "System", - "type": "row" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineStyle": { - "fill": "solid" - }, - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green" - }, - { - "color": "red", - "value": 80 - } - ] - } - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 39 - }, - "id": 48, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": true - }, - "tooltip": { - "mode": "multi", - "sort": "desc" - } - }, - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "node_load1{instance=\"$instance\", cluster=\"$cluster\"}", - "interval": "$resolution", - "legendFormat": "1m", - "range": true, - "refId": "A" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "node_load5{instance=\"$instance\", cluster=\"$cluster\"}", - "hide": false, - "interval": "$resolution", - "legendFormat": "5m", - "range": true, - "refId": "B" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "node_load15{instance=\"$instance\", cluster=\"$cluster\"}", - "hide": false, - "interval": "$resolution", - "legendFormat": "15m", - "range": true, - "refId": "C" - } - ], - "title": "System Load", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green" - }, - { - "color": "red", - "value": 80 - } - ] - } - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 39 - }, - "id": 46, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": true - }, - "tooltip": { - "mode": "multi", - "sort": "desc" - } - }, - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "rate(node_context_switches_total{instance=\"$instance\", cluster=\"$cluster\"}[$__rate_interval])", - "interval": "$resolution", - "intervalFactor": 1, - "legendFormat": "Context switches", - "range": true, - "refId": "A" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "rate(node_intr_total{instance=\"$instance\", cluster=\"$cluster\"}[$__rate_interval])", - "hide": false, - "interval": "$resolution", - "legendFormat": "Interrupts", - "range": true, - "refId": "B" - } - ], - "title": "Context Switches & Interrupts", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineStyle": { - "fill": "solid" - }, - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green" - }, - { - "color": "red", - "value": 80 - } - ] - } - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 47 - }, - "id": 49, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": true - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "node_filefd_maximum{instance=\"$instance\", cluster=\"$cluster\"}", - "instant": false, - "interval": "$resolution", - "legendFormat": "Maximum file descriptors", - "refId": "A" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "node_filefd_allocated{instance=\"$instance\", cluster=\"$cluster\"}", - "hide": false, - "instant": false, - "interval": "$resolution", - "legendFormat": "Allocated file descriptors", - "refId": "B" - } - ], - "title": "File Descriptors", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineStyle": { - "fill": "solid" - }, - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green" - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "s" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 47 - }, - "id": 50, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": true - }, - "tooltip": { - "mode": "multi", - "sort": "desc" - } - }, - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "node_timex_estimated_error_seconds{instance=\"$instance\", cluster=\"$cluster\"}", - "instant": false, - "interval": "$resolution", - "intervalFactor": 1, - "legendFormat": "Estimated error in seconds", - "refId": "A" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "node_timex_maxerror_seconds{instance=\"$instance\", cluster=\"$cluster\"}", - "hide": false, - "interval": "$resolution", - "intervalFactor": 1, - "legendFormat": "Maximum error in seconds", - "range": true, - "refId": "B" - } - ], - "title": "Time Sync", - "type": "timeseries" - }, - { - "collapsed": false, - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "gridPos": { - "h": 1, - "w": 24, - "x": 0, - "y": 55 - }, - "id": 36, - "panels": [], - "title": "Network", - "type": "row" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "BANDWIDTH", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "linear", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green" - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "bytes" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 56 - }, - "id": 20, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": false - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(rate(node_network_receive_bytes_total{instance=\"$instance\", cluster=\"$cluster\"}[$__rate_interval]))", - "interval": "$resolution", - "legendFormat": "In", - "range": true, - "refId": "A" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "- sum(rate(node_network_transmit_bytes_total{instance=\"$instance\", cluster=\"$cluster\"}[$__rate_interval]))", - "interval": "$resolution", - "legendFormat": "Out", - "range": true, - "refId": "B" - } - ], - "title": "Network usage (bytes)", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green" - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 56 - }, - "id": 61, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": false - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "exemplar": true, - "expr": "sum(rate(node_network_receive_errs_total{instance=\"$instance\", cluster=\"$cluster\"}[$__rate_interval]))", - "interval": "$resolution", - "legendFormat": "In", - "refId": "A" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "- sum(rate(node_network_transmit_errs_total{instance=\"$instance\", cluster=\"$cluster\"}[$__rate_interval]))", - "interval": "$resolution", - "legendFormat": "Out", - "range": true, - "refId": "B" - } - ], - "title": "Network errors", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green" - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "pps" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 64 - }, - "id": 62, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": false - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(rate(node_network_receive_packets_total{instance=\"$instance\", cluster=\"$cluster\"}[$__rate_interval]))", - "interval": "$resolution", - "legendFormat": "In", - "range": true, - "refId": "A" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "- sum(rate(node_network_transmit_packets_total{instance=\"$instance\", cluster=\"$cluster\"}[$__rate_interval]))", - "interval": "$resolution", - "legendFormat": "Out", - "range": true, - "refId": "B" - } - ], - "title": "Network usage (packet/s)", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green" - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 64 - }, - "id": 64, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": false - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "exemplar": true, - "expr": "sum(rate(node_network_receive_drop_total{instance=\"$instance\", cluster=\"$cluster\"}[$__rate_interval]))", - "hide": false, - "interval": "$resolution", - "legendFormat": "In", - "refId": "A" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "exemplar": true, - "expr": "- sum(rate(node_network_transmit_drop_total{instance=\"$instance\", cluster=\"$cluster\"}[$__rate_interval]))", - "hide": false, - "interval": "$resolution", - "legendFormat": "Out", - "refId": "B" - } - ], - "title": "Network total drops", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green" - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 72 - }, - "id": 60, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": false - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "node_netstat_Tcp_CurrEstab{instance=\"$instance\", cluster=\"$cluster\"}", - "instant": false, - "interval": "$resolution", - "legendFormat": "TCP Currently Established", - "refId": "A" - } - ], - "title": "TCP Currently Established", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green" - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "none" - }, - "overrides": [ - { - "matcher": { - "id": "byName", - "options": "NF Conntrack limit" - }, - "properties": [ - { - "id": "color", - "value": { - "fixedColor": "red", - "mode": "fixed" - } - } - ] - } - ] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 72 - }, - "id": 63, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": false - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "node_nf_conntrack_entries{instance=\"$instance\", cluster=\"$cluster\"}", - "instant": false, - "interval": "$resolution", - "legendFormat": "NF Conntrack entries", - "refId": "A" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "node_nf_conntrack_entries_limit{instance=\"$instance\", cluster=\"$cluster\"}", - "hide": false, - "interval": "$resolution", - "legendFormat": "NF Conntrack limit", - "range": true, - "refId": "B" - } - ], - "title": "NF Conntrack", - "type": "timeseries" - }, - { - "collapsed": false, - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "gridPos": { - "h": 1, - "w": 24, - "x": 0, - "y": 80 - }, - "id": 54, - "panels": [], - "title": "Kubernetes Storage", - "type": "row" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "decimals": 2, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green" - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "percentunit" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 81 - }, - "id": 30, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "right", - "showLegend": false - }, - "tooltip": { - "mode": "multi", - "sort": "desc" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(kubelet_volume_stats_used_bytes{node=\"$node\", cluster=\"$cluster\"}) by (persistentvolumeclaim) / sum(kubelet_volume_stats_capacity_bytes{node=\"$node\", cluster=\"$cluster\"}) by (persistentvolumeclaim)", - "interval": "$resolution", - "legendFormat": "{{ persistentvolumeclaim }}", - "range": true, - "refId": "A" - } - ], - "title": "Persistent Volumes - Usage in %", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "continuous-GrYlRd" - }, - "custom": { - "align": "auto", - "cellOptions": { - "type": "auto" - }, - "filterable": false, - "inspect": false - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green" - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "bytes" - }, - "overrides": [ - { - "matcher": { - "id": "byName", - "options": "Used" - }, - "properties": [ - { - "id": "custom.width", - "value": 146 - } - ] - }, - { - "matcher": { - "id": "byName", - "options": "Total" - }, - "properties": [ - { - "id": "custom.width", - "value": 167 - } - ] - } - ] - }, - "gridPos": { - "h": 16, - "w": 12, - "x": 12, - "y": 81 - }, - "id": 34, - "options": { - "cellHeight": "sm", - "footer": { - "countRows": false, - "fields": "", - "reducer": [ - "sum" - ], - "show": false - }, - "showHeader": true, - "sortBy": [] - }, - "pluginVersion": "10.2.2", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "exemplar": true, - "expr": "sum(kubelet_volume_stats_used_bytes{node=\"$node\", cluster=\"$cluster\"}) by (persistentvolumeclaim)", - "format": "table", - "hide": false, - "interval": "", - "legendFormat": "", - "refId": "A" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "exemplar": true, - "expr": "sum(kubelet_volume_stats_capacity_bytes{node=\"$node\", cluster=\"$cluster\"}) by (persistentvolumeclaim)", - "format": "table", - "hide": false, - "interval": "", - "legendFormat": "", - "refId": "B" - } - ], - "title": "Persistent Volumes - Usage in GB", - "transformations": [ - { - "id": "groupBy", - "options": { - "fields": { - "Value": { - "aggregations": [ - "lastNotNull" - ], - "operation": "aggregate" - }, - "Value #A": { - "aggregations": [ - "lastNotNull" - ], - "operation": "aggregate" - }, - "Value #B": { - "aggregations": [ - "lastNotNull" - ], - "operation": "aggregate" - }, - "persistentvolumeclaim": { - "aggregations": [], - "operation": "groupby" - } - } - } - }, - { - "id": "seriesToColumns", - "options": { - "byField": "persistentvolumeclaim" - } - }, - { - "id": "organize", - "options": { - "excludeByName": {}, - "indexByName": {}, - "renameByName": { - "Value #A (lastNotNull)": "Used", - "Value #B (lastNotNull)": "Total", - "persistentvolumeclaim": "Persistent Volume Claim" - } - } - } - ], - "type": "table" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "decimals": 2, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green" - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "percent" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 89 - }, - "id": 32, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": false - }, - "tooltip": { - "mode": "multi", - "sort": "desc" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(kubelet_volume_stats_inodes_used{node=\"$node\", cluster=\"$cluster\"}) by (persistentvolumeclaim) / sum(kubelet_volume_stats_inodes{node=\"$node\", cluster=\"$cluster\"}) by (persistentvolumeclaim) * 100", - "interval": "$resolution", - "legendFormat": "{{ persistentvolumeclaim }}", - "range": true, - "refId": "A" - } - ], - "title": "Persistent Volumes - Inodes", - "type": "timeseries" - }, - { - "collapsed": false, - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "gridPos": { - "h": 1, - "w": 24, - "x": 0, - "y": 97 - }, - "id": 42, - "panels": [], - "title": "Node Storage", - "type": "row" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "decimals": 2, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green" - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "percent" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 98 - }, - "id": 33, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "right", - "showLegend": false - }, - "tooltip": { - "mode": "multi", - "sort": "desc" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "100 - ((node_filesystem_avail_bytes{instance=\"$instance\", cluster=\"$cluster\"} * 100) / node_filesystem_size_bytes{instance=\"$instance\", cluster=\"$cluster\"})", - "hide": false, - "interval": "$resolution", - "legendFormat": "{{ mountpoint }}", - "range": true, - "refId": "A" - } - ], - "title": "FS usage in %", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "decimals": 2, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green" - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "percent" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 98 - }, - "id": 59, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "right", - "showLegend": false - }, - "tooltip": { - "mode": "multi", - "sort": "desc" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "100 - (node_filesystem_files_free{instance=\"$instance\", cluster=\"$cluster\"} / node_filesystem_files{instance=\"$instance\", cluster=\"$cluster\"} * 100)", - "hide": false, - "interval": "$resolution", - "legendFormat": "{{ mountpoint }}", - "range": true, - "refId": "A" - } - ], - "title": "FS inode usage in %", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "decimals": 2, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green" - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "bytes" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 106 - }, - "id": 52, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "right", - "showLegend": false - }, - "tooltip": { - "mode": "multi", - "sort": "desc" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "rate(node_disk_read_bytes_total{instance=\"$instance\", cluster=\"$cluster\"}[$__rate_interval])", - "interval": "$resolution", - "legendFormat": "{{device}}", - "range": true, - "refId": "A" - } - ], - "title": "Reads by disk (bytes)", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "decimals": 2, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green" - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "bytes" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 106 - }, - "id": 57, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "right", - "showLegend": false - }, - "tooltip": { - "mode": "multi", - "sort": "desc" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "rate(node_disk_written_bytes_total{instance=\"$instance\", cluster=\"$cluster\"}[$__rate_interval])", - "hide": false, - "interval": "$resolution", - "legendFormat": "{{device}}", - "range": true, - "refId": "A" - } - ], - "title": "Writes by disk (bytes)", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "decimals": 2, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green" - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "read/s" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 114 - }, - "id": 51, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "right", - "showLegend": false - }, - "tooltip": { - "mode": "multi", - "sort": "desc" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "rate(node_disk_reads_completed_total{instance=\"$instance\", cluster=\"$cluster\"}[$__rate_interval])", - "interval": "$resolution", - "legendFormat": "{{device}}", - "range": true, - "refId": "A" - } - ], - "title": "Completed reads by disk", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "decimals": 2, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green" - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "write/s" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 114 - }, - "id": 56, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "right", - "showLegend": false - }, - "tooltip": { - "mode": "multi", - "sort": "desc" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "rate(node_disk_writes_completed_total{instance=\"$instance\", cluster=\"$cluster\"}[$__rate_interval])", - "hide": false, - "interval": "$resolution", - "legendFormat": "{{device}}", - "range": true, - "refId": "A" - } - ], - "title": "Completed writes by disk", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "decimals": 2, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green" - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "io/s" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 122 - }, - "id": 58, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "right", - "showLegend": false - }, - "tooltip": { - "mode": "multi", - "sort": "desc" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "rate(node_disk_io_now{instance=\"$instance\", cluster=\"$cluster\"}[$__rate_interval]) ", - "interval": "$resolution", - "legendFormat": "{{device}}", - "range": true, - "refId": "A" - } - ], - "title": "Disk(s) io/s", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "decimals": 2, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green" - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 122 - }, - "id": 55, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "right", - "showLegend": false - }, - "tooltip": { - "mode": "multi", - "sort": "desc" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(node_filesystem_device_error{instance=\"$instance\", cluster=\"$cluster\"}) by (mountpoint)", - "interval": "$resolution", - "legendFormat": "{{ mountpoint }}", - "range": true, - "refId": "A" - } - ], - "title": "FS - Device Errors", - "type": "timeseries" - } - ], - "refresh": "30s", - "schemaVersion": 39, - "tags": [ - "Kubernetes", - "Prometheus" - ], - "templating": { - "list": [ - { - "current": {}, - "hide": 0, - "includeAll": false, - "multi": false, - "name": "datasource", - "options": [], - "query": "prometheus", - "queryValue": "", - "refresh": 1, - "regex": "", - "skipUrlSync": false, - "type": "datasource" - }, - { - "current": {}, - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "definition": "label_values(kube_node_info,cluster)", - "hide": 0, - "includeAll": false, - "multi": false, - "name": "cluster", - "options": [], - "query": { - "qryType": 1, - "query": "label_values(kube_node_info,cluster)", - "refId": "PrometheusVariableQueryEditor-VariableQuery" - }, - "refresh": 1, - "regex": "", - "skipUrlSync": false, - "sort": 1, - "type": "query" - }, - { - "current": { - "selected": false, - "text": "30s", - "value": "30s" - }, - "hide": 0, - "includeAll": false, - "multi": false, - "name": "resolution", - "options": [ - { - "selected": false, - "text": "1s", - "value": "1s" - }, - { - "selected": false, - "text": "15s", - "value": "15s" - }, - { - "selected": true, - "text": "30s", - "value": "30s" - }, - { - "selected": false, - "text": "1m", - "value": "1m" - }, - { - "selected": false, - "text": "3m", - "value": "3m" - }, - { - "selected": false, - "text": "5m", - "value": "5m" - } - ], - "query": "1s, 15s, 30s, 1m, 3m, 5m", - "queryValue": "", - "skipUrlSync": false, - "type": "custom" - }, - { - "current": {}, - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "definition": "label_values(kube_node_info{cluster=\"$cluster\"}, node)", - "hide": 0, - "includeAll": false, - "multi": false, - "name": "node", - "options": [], - "query": { - "query": "label_values(kube_node_info{cluster=\"$cluster\"}, node)", - "refId": "StandardVariableQuery" - }, - "refresh": 2, - "regex": "", - "skipUrlSync": false, - "sort": 1, - "type": "query" - }, - { - "current": {}, - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "definition": "label_values(node_uname_info{nodename=~\"(?i:($node))\"}, instance)", - "hide": 2, - "includeAll": false, - "multi": false, - "name": "instance", - "options": [], - "query": { - "query": "label_values(node_uname_info{nodename=~\"(?i:($node))\"}, instance)", - "refId": "StandardVariableQuery" - }, - "refresh": 2, - "regex": "", - "skipUrlSync": false, - "sort": 1, - "type": "query" - } - ] - }, - "time": { - "from": "now-1h", - "to": "now" - }, - "timepicker": {}, - "timezone": "", - "title": "Kubernetes / Views / Nodes", - "uid": "k8s_views_nodes", - "version": 29, - "weekStart": "" - } -kind: ConfigMap -metadata: - annotations: - grafana_folder: Kubernetes - labels: - grafana_dashboard: "1" - name: dashboards-k8s-views-nodes - namespace: futureporn ---- -apiVersion: v1 -data: - k8s-views-pods.json: | - { - "__inputs": [ - { - "name": "DS_PROMETHEUS", - "label": "Prometheus", - "description": "", - "type": "datasource", - "pluginId": "prometheus", - "pluginName": "Prometheus" - } - ], - "__elements": [], - "__requires": [ - { - "type": "grafana", - "id": "grafana", - "name": "Grafana", - "version": "8.3.4" - }, - { - "type": "datasource", - "id": "prometheus", - "name": "Prometheus", - "version": "5.0.0" - }, - { - "type": "panel", - "id": "timeseries", - "name": "Time series", - "version": "" - }, - { - "type": "panel", - "id": "stat", - "name": "Stat", - "version": "" - }, - { - "type": "panel", - "id": "gauge", - "name": "Gauge", - "version": "" - }, - { - "type": "panel", - "id": "table", - "name": "Table", - "version": "" - } - ], - "annotations": { - "list": [ - { - "builtIn": 1, - "datasource": { - "type": "datasource", - "uid": "grafana" - }, - "enable": true, - "hide": true, - "iconColor": "rgba(0, 211, 255, 1)", - "name": "Annotations & Alerts", - "target": { - "limit": 100, - "matchAny": false, - "tags": [], - "type": "dashboard" - }, - "type": "dashboard" - } - ] - }, - "description": "This is a modern 'Pods View' dashboard for your Kubernetes cluster(s). Made for kube-prometheus-stack and take advantage of the latest Grafana features. GitHub repository: https://github.com/dotdc/grafana-dashboards-kubernetes", - "editable": true, - "fiscalYearStartMonth": 0, - "graphTooltip": 1, - "links": [], - "liveNow": false, - "panels": [ - { - "collapsed": false, - "datasource": { - "type": "datasource", - "uid": "grafana" - }, - "gridPos": { - "h": 1, - "w": 24, - "x": 0, - "y": 0 - }, - "id": 43, - "panels": [], - "targets": [ - { - "datasource": { - "type": "datasource", - "uid": "grafana" - }, - "refId": "A" - } - ], - "title": "Information", - "type": "row" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "description": "Panel only works when a single pod is selected.", - "fieldConfig": { - "defaults": { - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "rgb(255, 255, 255)", - "value": null - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 2, - "w": 12, - "x": 0, - "y": 1 - }, - "id": 2, - "options": { - "colorMode": "none", - "graphMode": "none", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "mean" - ], - "fields": "", - "values": false - }, - "showPercentChange": false, - "textMode": "name", - "wideLayout": true - }, - "pluginVersion": "10.4.1", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": false, - "expr": "kube_pod_info{namespace=\"$namespace\", pod=\"$pod\", cluster=\"$cluster\"}", - "instant": true, - "interval": "", - "legendFormat": "{{ created_by_kind }}: {{ created_by_name }}", - "refId": "A" - } - ], - "title": "Created by", - "type": "stat" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "description": "Panel only works when a single pod is selected.", - "fieldConfig": { - "defaults": { - "links": [ - { - "title": "", - "url": "/d/k8s_views_nodes/kubernetes-views-nodes?var-datasource=${datasource}&var-node=${__data.fields.node}" - } - ], - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "rgb(255, 255, 255)", - "value": null - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 2, - "w": 6, - "x": 12, - "y": 1 - }, - "id": 33, - "options": { - "colorMode": "none", - "graphMode": "none", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "mean" - ], - "fields": "", - "values": false - }, - "showPercentChange": false, - "textMode": "name", - "wideLayout": true - }, - "pluginVersion": "10.4.1", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": false, - "expr": "kube_pod_info{namespace=\"$namespace\", pod=\"$pod\", cluster=\"$cluster\"}", - "instant": true, - "interval": "", - "legendFormat": "{{ node }}", - "refId": "A" - } - ], - "title": "Running on", - "type": "stat" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "description": "Panel only works when a single pod is selected.", - "fieldConfig": { - "defaults": { - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "rgb(255, 255, 255)", - "value": null - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 2, - "w": 6, - "x": 18, - "y": 1 - }, - "id": 41, - "options": { - "colorMode": "none", - "graphMode": "none", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "mean" - ], - "fields": "", - "values": false - }, - "showPercentChange": false, - "textMode": "name", - "wideLayout": true - }, - "pluginVersion": "10.4.1", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": false, - "expr": "kube_pod_info{namespace=\"$namespace\", pod=\"$pod\", cluster=\"$cluster\"}", - "instant": true, - "interval": "", - "legendFormat": "{{ pod_ip }}", - "refId": "A" - } - ], - "title": "Pod IP", - "type": "stat" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "description": "Panel only works when a single pod is selected.", - "fieldConfig": { - "defaults": { - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "rgb(255, 255, 255)", - "value": null - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 2, - "w": 5, - "x": 0, - "y": 3 - }, - "id": 52, - "options": { - "colorMode": "none", - "graphMode": "none", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "mean" - ], - "fields": "", - "values": false - }, - "showPercentChange": false, - "textMode": "name", - "wideLayout": true - }, - "pluginVersion": "10.4.1", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": false, - "expr": "kube_pod_info{namespace=\"$namespace\", pod=\"$pod\", priority_class!=\"\", cluster=\"$cluster\"}", - "format": "time_series", - "instant": true, - "interval": "", - "legendFormat": "{{ priority_class }}", - "range": false, - "refId": "A" - } - ], - "title": "Priority Class", - "type": "stat" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "description": "Panel only works when a single pod is selected.", - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - } - ] - }, - "unit": "none" - }, - "overrides": [ - { - "matcher": { - "id": "byName", - "options": "Burstable" - }, - "properties": [ - { - "id": "color", - "value": { - "fixedColor": "red", - "mode": "fixed" - } - } - ] - }, - { - "matcher": { - "id": "byName", - "options": "BestEffort" - }, - "properties": [ - { - "id": "color", - "value": { - "fixedColor": "orange", - "mode": "fixed" - } - } - ] - } - ] - }, - "gridPos": { - "h": 2, - "w": 7, - "x": 5, - "y": 3 - }, - "id": 53, - "options": { - "colorMode": "value", - "graphMode": "none", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { - "calcs": [], - "fields": "", - "values": false - }, - "showPercentChange": false, - "textMode": "name", - "wideLayout": true - }, - "pluginVersion": "10.4.1", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": false, - "expr": "kube_pod_status_qos_class{namespace=\"$namespace\", pod=\"$pod\", cluster=\"$cluster\"} > 0", - "instant": true, - "interval": "", - "legendFormat": "{{ qos_class }}", - "refId": "A" - } - ], - "title": "QOS Class", - "type": "stat" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "description": "Panel only works when a single pod is selected.", - "fieldConfig": { - "defaults": { - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "text", - "value": null - }, - { - "color": "red", - "value": 1 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 2, - "w": 6, - "x": 12, - "y": 3 - }, - "id": 56, - "options": { - "colorMode": "value", - "graphMode": "none", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { - "calcs": [], - "fields": "", - "values": false - }, - "showPercentChange": false, - "textMode": "name", - "wideLayout": true - }, - "pluginVersion": "10.4.1", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": false, - "expr": "kube_pod_container_status_last_terminated_reason{namespace=\"$namespace\", pod=\"$pod\", cluster=\"$cluster\"}", - "instant": true, - "interval": "", - "legendFormat": "{{ reason }}", - "refId": "A" - } - ], - "title": "Last Terminated Reason", - "type": "stat" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "description": "Panel only works when a single pod is selected.", - "fieldConfig": { - "defaults": { - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "text", - "value": null - }, - { - "color": "red", - "value": 1 - }, - { - "color": "#EAB839", - "value": 2 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 2, - "w": 6, - "x": 18, - "y": 3 - }, - "id": 57, - "options": { - "colorMode": "value", - "graphMode": "none", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { - "calcs": [], - "fields": "", - "values": true - }, - "showPercentChange": false, - "textMode": "value", - "wideLayout": true - }, - "pluginVersion": "10.4.1", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": false, - "expr": "kube_pod_container_status_last_terminated_exitcode{namespace=\"$namespace\", pod=\"$pod\", cluster=\"$cluster\"}", - "instant": true, - "interval": "", - "legendFormat": "__auto", - "range": false, - "refId": "A" - } - ], - "title": "Last Terminated Exit Code", - "type": "stat" - }, - { - "collapsed": false, - "datasource": { - "type": "datasource", - "uid": "grafana" - }, - "gridPos": { - "h": 1, - "w": 24, - "x": 0, - "y": 5 - }, - "id": 47, - "panels": [], - "targets": [ - { - "datasource": { - "type": "datasource", - "uid": "grafana" - }, - "refId": "A" - } - ], - "title": "Resources", - "type": "row" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "fixedColor": "blue", - "mode": "fixed" - }, - "decimals": 2, - "mappings": [], - "max": 1, - "min": 0, - "thresholds": { - "mode": "percentage", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "#EAB839", - "value": 60 - }, - { - "color": "red", - "value": 75 - } - ] - }, - "unit": "percentunit" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 3, - "x": 0, - "y": 6 - }, - "id": 39, - "options": { - "minVizHeight": 75, - "minVizWidth": 75, - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "last" - ], - "fields": "", - "values": false - }, - "showThresholdLabels": false, - "showThresholdMarkers": true, - "sizing": "auto" - }, - "pluginVersion": "10.4.1", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": false, - "expr": "sum(rate(container_cpu_usage_seconds_total{namespace=\"$namespace\", pod=~\"$pod\", image!=\"\", cluster=\"$cluster\"}[$__rate_interval])) / sum(kube_pod_container_resource_requests{namespace=\"$namespace\", pod=~\"$pod\", resource=\"cpu\", job=~\"$job\", cluster=\"$cluster\"})", - "instant": true, - "interval": "$resolution", - "legendFormat": "Requests", - "refId": "A" - } - ], - "title": "Total pod CPU Requests usage", - "type": "gauge" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "decimals": 2, - "mappings": [], - "max": 1, - "min": 0, - "thresholds": { - "mode": "percentage", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "#EAB839", - "value": 60 - }, - { - "color": "red", - "value": 75 - } - ] - }, - "unit": "percentunit" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 3, - "x": 3, - "y": 6 - }, - "id": 48, - "options": { - "minVizHeight": 75, - "minVizWidth": 75, - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "last" - ], - "fields": "", - "values": false - }, - "showThresholdLabels": false, - "showThresholdMarkers": true, - "sizing": "auto" - }, - "pluginVersion": "10.4.1", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": false, - "expr": "sum(rate(container_cpu_usage_seconds_total{namespace=\"$namespace\", pod=~\"$pod\", image!=\"\", cluster=\"$cluster\"}[$__rate_interval])) / sum(kube_pod_container_resource_limits{namespace=\"$namespace\", pod=~\"$pod\", resource=\"cpu\", job=~\"$job\", cluster=\"$cluster\"})", - "instant": true, - "interval": "$resolution", - "legendFormat": "Limits", - "refId": "A" - } - ], - "title": "Total pod CPU Limits usage", - "type": "gauge" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "fixedColor": "blue", - "mode": "fixed" - }, - "decimals": 2, - "mappings": [], - "max": 1, - "min": 0, - "thresholds": { - "mode": "percentage", - "steps": [ - { - "color": "blue", - "value": null - }, - { - "color": "#EAB839", - "value": 80 - }, - { - "color": "red", - "value": 99 - } - ] - }, - "unit": "percentunit" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 3, - "x": 6, - "y": 6 - }, - "id": 40, - "options": { - "minVizHeight": 75, - "minVizWidth": 75, - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "last" - ], - "fields": "", - "values": false - }, - "showThresholdLabels": false, - "showThresholdMarkers": true, - "sizing": "auto" - }, - "pluginVersion": "10.4.1", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": false, - "expr": "sum(container_memory_working_set_bytes{namespace=\"$namespace\", pod=~\"$pod\", image!=\"\", cluster=\"$cluster\"}) / sum(kube_pod_container_resource_requests{namespace=\"$namespace\", pod=~\"$pod\", resource=\"memory\", job=~\"$job\", cluster=\"$cluster\"})", - "instant": true, - "interval": "$resolution", - "legendFormat": "Requests", - "refId": "A" - } - ], - "title": "Total pod RAM Requests usage", - "type": "gauge" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "decimals": 2, - "mappings": [], - "max": 1, - "min": 0, - "thresholds": { - "mode": "percentage", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "#EAB839", - "value": 60 - }, - { - "color": "red", - "value": 75 - } - ] - }, - "unit": "percentunit" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 3, - "x": 9, - "y": 6 - }, - "id": 49, - "options": { - "minVizHeight": 75, - "minVizWidth": 75, - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "last" - ], - "fields": "", - "values": false - }, - "showThresholdLabels": false, - "showThresholdMarkers": true, - "sizing": "auto" - }, - "pluginVersion": "10.4.1", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": false, - "expr": "sum(container_memory_working_set_bytes{namespace=\"$namespace\", pod=~\"$pod\", image!=\"\", cluster=\"$cluster\"}) / sum(kube_pod_container_resource_limits{namespace=\"$namespace\", pod=~\"$pod\", resource=\"memory\", job=~\"$job\", cluster=\"$cluster\"}) ", - "instant": true, - "interval": "$resolution", - "legendFormat": "Limits", - "refId": "B" - } - ], - "title": "Total pod RAM Limits usage", - "type": "gauge" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "custom": { - "align": "auto", - "cellOptions": { - "type": "auto" - }, - "filterable": false, - "inspect": false, - "minWidth": 100 - }, - "decimals": 4, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "blue", - "value": null - } - ] - }, - "unit": "none" - }, - "overrides": [ - { - "matcher": { - "id": "byName", - "options": "Memory Requests" - }, - "properties": [ - { - "id": "unit", - "value": "bytes" - }, - { - "id": "decimals", - "value": 2 - } - ] - }, - { - "matcher": { - "id": "byName", - "options": "Memory Limits" - }, - "properties": [ - { - "id": "unit", - "value": "bytes" - }, - { - "id": "decimals", - "value": 2 - } - ] - }, - { - "matcher": { - "id": "byName", - "options": "Memory Used" - }, - "properties": [ - { - "id": "unit", - "value": "bytes" - }, - { - "id": "decimals", - "value": 2 - } - ] - } - ] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 6 - }, - "id": 38, - "options": { - "cellHeight": "sm", - "footer": { - "countRows": false, - "fields": "", - "reducer": [ - "sum" - ], - "show": false - }, - "showHeader": true, - "sortBy": [] - }, - "pluginVersion": "10.4.1", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": false, - "expr": "sum(kube_pod_container_resource_requests{namespace=\"$namespace\", pod=~\"$pod\", resource=\"cpu\", job=~\"$job\", cluster=\"$cluster\"}) by (container)", - "format": "table", - "instant": true, - "interval": "", - "intervalFactor": 1, - "legendFormat": "", - "refId": "A" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": false, - "expr": "sum(kube_pod_container_resource_limits{namespace=\"$namespace\", pod=~\"$pod\", resource=\"cpu\", job=~\"$job\", cluster=\"$cluster\"}) by (container)", - "format": "table", - "instant": true, - "interval": "", - "intervalFactor": 1, - "legendFormat": "", - "refId": "B" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": false, - "expr": "sum(kube_pod_container_resource_requests{namespace=\"$namespace\", pod=~\"$pod\", resource=\"memory\", job=~\"$job\", cluster=\"$cluster\"}) by (container)", - "format": "table", - "instant": true, - "interval": "", - "legendFormat": "", - "refId": "C" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": false, - "expr": "sum(kube_pod_container_resource_limits{namespace=\"$namespace\", pod=~\"$pod\", resource=\"memory\", job=~\"$job\", cluster=\"$cluster\"}) by (container)", - "format": "table", - "instant": true, - "interval": "", - "legendFormat": "", - "refId": "D" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": false, - "expr": "sum(rate(container_cpu_usage_seconds_total{namespace=\"$namespace\", pod=~\"$pod\", image!=\"\", container!=\"\", cluster=\"$cluster\"}[$__rate_interval])) by (container)", - "format": "table", - "hide": false, - "instant": true, - "legendFormat": "__auto", - "range": false, - "refId": "E" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": false, - "expr": "sum(container_memory_working_set_bytes{namespace=\"$namespace\", pod=~\"$pod\", image!=\"\", container!=\"\", cluster=\"$cluster\"}) by (container)", - "format": "table", - "hide": false, - "instant": true, - "range": false, - "refId": "F" - } - ], - "title": "Resources by container", - "transformations": [ - { - "id": "seriesToColumns", - "options": { - "byField": "container" - } - }, - { - "id": "organize", - "options": { - "excludeByName": { - "Time": true, - "Time 1": true, - "Time 2": true, - "Time 4": true, - "__name__": true, - "__name__ 1": true, - "__name__ 2": true, - "__name__ 3": true, - "__name__ 4": true, - "container": false, - "endpoint": true, - "endpoint 2": true, - "endpoint 3": true, - "endpoint 4": true, - "instance": true, - "instance 2": true, - "instance 3": true, - "instance 4": true, - "job": true, - "job 2": true, - "job 3": true, - "job 4": true, - "namespace": true, - "namespace 2": true, - "namespace 3": true, - "namespace 4": true, - "node": true, - "node 2": true, - "node 3": true, - "node 4": true, - "pod": true, - "pod 2": true, - "pod 3": true, - "pod 4": true, - "resource 1": true, - "resource 2": true, - "resource 3": true, - "resource 4": true, - "service": true, - "service 2": true, - "service 3": true, - "service 4": true, - "uid 1": true, - "uid 2": true, - "uid 3": true, - "uid 4": true, - "unit 1": true, - "unit 2": true, - "unit 3": true, - "unit 4": true - }, - "indexByName": { - "Time 1": 7, - "Time 2": 8, - "Time 3": 9, - "Time 4": 10, - "Time 5": 11, - "Time 6": 12, - "Value #A": 2, - "Value #B": 3, - "Value #C": 5, - "Value #D": 6, - "Value #E": 1, - "Value #F": 4, - "container": 0 - }, - "renameByName": { - "Value #A": "CPU Requests", - "Value #B": "CPU Limits", - "Value #C": "Memory Requests", - "Value #D": "Memory Limits", - "Value #E": "CPU Used", - "Value #F": "Memory Used", - "container": "Container" - } - } - } - ], - "type": "table" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "Percent", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "area" - } - }, - "mappings": [], - "max": 1, - "min": 0, - "thresholds": { - "mode": "percentage", - "steps": [ - { - "color": "red", - "value": null - }, - { - "color": "yellow", - "value": 20 - }, - { - "color": "green", - "value": 30 - }, - { - "color": "yellow", - "value": 70 - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "percentunit" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 14 - }, - "id": 50, - "options": { - "legend": { - "calcs": [], - "displayMode": "table", - "placement": "right", - "showLegend": true - }, - "tooltip": { - "mode": "multi", - "sort": "desc" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(rate(container_cpu_usage_seconds_total{namespace=\"$namespace\", pod=~\"$pod\", image!=\"\", cluster=\"$cluster\"}[$__rate_interval])) by (container) / sum(kube_pod_container_resource_requests{namespace=\"$namespace\", pod=~\"$pod\", resource=\"cpu\", job=~\"$job\", cluster=\"$cluster\"}) by (container)", - "interval": "$resolution", - "legendFormat": "{{ container }} REQUESTS", - "range": true, - "refId": "A" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "expr": "sum(rate(container_cpu_usage_seconds_total{namespace=\"$namespace\", pod=~\"$pod\", image!=\"\", cluster=\"$cluster\"}[$__rate_interval])) by (container) / sum(kube_pod_container_resource_limits{namespace=\"$namespace\", pod=~\"$pod\", resource=\"cpu\", job=~\"$job\", cluster=\"$cluster\"}) by (container)", - "hide": false, - "legendFormat": "{{ container }} LIMITS", - "range": true, - "refId": "B" - } - ], - "title": "CPU Usage / Requests & Limits by container", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "fixedColor": "blue", - "mode": "thresholds" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "Percent", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineStyle": { - "fill": "solid" - }, - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "area" - } - }, - "mappings": [], - "max": 1, - "min": 0, - "thresholds": { - "mode": "percentage", - "steps": [ - { - "color": "red", - "value": null - }, - { - "color": "yellow", - "value": 20 - }, - { - "color": "green", - "value": 30 - }, - { - "color": "#EAB839", - "value": 70 - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "percentunit" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 14 - }, - "id": 30, - "options": { - "legend": { - "calcs": [], - "displayMode": "table", - "placement": "right", - "showLegend": true - }, - "tooltip": { - "mode": "multi", - "sort": "desc" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(container_memory_working_set_bytes{namespace=\"$namespace\", pod=~\"$pod\", image!=\"\", cluster=\"$cluster\"}) by (container) / sum(kube_pod_container_resource_requests{namespace=\"$namespace\", pod=~\"$pod\", resource=\"memory\", job=~\"$job\", cluster=\"$cluster\"}) by (container)", - "interval": "", - "legendFormat": "{{ container }} REQUESTS", - "range": true, - "refId": "A" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "expr": "sum(container_memory_working_set_bytes{namespace=\"$namespace\", pod=~\"$pod\", image!=\"\", cluster=\"$cluster\"}) by (container) / sum(kube_pod_container_resource_limits{namespace=\"$namespace\", pod=~\"$pod\", resource=\"memory\", job=~\"$job\", cluster=\"$cluster\"}) by (container)", - "hide": false, - "legendFormat": "{{ container }} LIMITS", - "range": true, - "refId": "B" - } - ], - "title": "Memory Usage / Requests & Limits by container", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "CPU Cores", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "decimals": 4, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "none" - }, - "overrides": [ - { - "matcher": { - "id": "byName", - "options": "limit" - }, - "properties": [ - { - "id": "color", - "value": { - "fixedColor": "#F2495C", - "mode": "fixed" - } - }, - { - "id": "custom.fillOpacity", - "value": 0 - } - ] - } - ] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 22 - }, - "id": 29, - "options": { - "legend": { - "calcs": [ - "min", - "max", - "mean" - ], - "displayMode": "table", - "placement": "right", - "showLegend": true - }, - "tooltip": { - "mode": "multi", - "sort": "desc" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(rate(container_cpu_usage_seconds_total{namespace=\"$namespace\", pod=~\"$pod\", image!=\"\", container!=\"\", cluster=\"$cluster\"}[$__rate_interval])) by (container)", - "interval": "$resolution", - "legendFormat": "{{ container }}", - "range": true, - "refId": "A" - } - ], - "title": "CPU Usage by container", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "Bytes", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineStyle": { - "fill": "solid" - }, - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "decimals": 2, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "bytes" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 22 - }, - "id": 51, - "options": { - "legend": { - "calcs": [ - "min", - "max", - "mean" - ], - "displayMode": "table", - "placement": "right", - "showLegend": true - }, - "tooltip": { - "mode": "multi", - "sort": "desc" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(container_memory_working_set_bytes{namespace=\"$namespace\", pod=~\"$pod\", image!=\"\", container!=\"\", cluster=\"$cluster\"}) by (container)", - "interval": "", - "legendFormat": "{{ container }}", - "range": true, - "refId": "A" - } - ], - "title": "Memory Usage by container", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "description": "", - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "SECONDS", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineStyle": { - "fill": "solid" - }, - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "decimals": 2, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "s" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 30 - }, - "id": 59, - "options": { - "legend": { - "calcs": [ - "min", - "max", - "mean" - ], - "displayMode": "table", - "placement": "right", - "showLegend": true, - "sortBy": "Max", - "sortDesc": true - }, - "tooltip": { - "mode": "single", - "sort": "none" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(rate(container_cpu_cfs_throttled_seconds_total{namespace=~\"$namespace\", pod=~\"$pod\", image!=\"\", container!=\"\", cluster=\"$cluster\"}[$__rate_interval])) by (container)", - "interval": "$resolution", - "legendFormat": "{{ container }}", - "range": true, - "refId": "A" - } - ], - "title": "CPU Throttled seconds by container", - "type": "timeseries" - }, - { - "collapsed": false, - "gridPos": { - "h": 1, - "w": 24, - "x": 0, - "y": 38 - }, - "id": 62, - "panels": [], - "title": "Kubernetes", - "type": "row" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "fixedColor": "blue", - "mode": "thresholds" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "Percent", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineStyle": { - "fill": "solid" - }, - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "area" - } - }, - "mappings": [], - "max": 1, - "min": 0, - "thresholds": { - "mode": "percentage", - "steps": [ - { - "color": "red", - "value": null - }, - { - "color": "yellow", - "value": 20 - }, - { - "color": "green", - "value": 30 - }, - { - "color": "#EAB839", - "value": 70 - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 39 - }, - "id": 60, - "options": { - "legend": { - "calcs": [], - "displayMode": "table", - "placement": "right", - "showLegend": true - }, - "tooltip": { - "mode": "multi", - "sort": "desc" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(increase(container_oom_events_total{namespace=\"${namespace}\", pod=\"${pod}\", container!=\"\", cluster=\"$cluster\"}[$__rate_interval])) by (container)", - "interval": "", - "legendFormat": "{{ container }}", - "range": true, - "refId": "A" - } - ], - "title": "OOM Events by container", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "fixedColor": "blue", - "mode": "thresholds" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "Percent", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineStyle": { - "fill": "solid" - }, - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "area" - } - }, - "mappings": [], - "max": 1, - "min": 0, - "thresholds": { - "mode": "percentage", - "steps": [ - { - "color": "red", - "value": null - }, - { - "color": "yellow", - "value": 20 - }, - { - "color": "green", - "value": 30 - }, - { - "color": "#EAB839", - "value": 70 - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 39 - }, - "id": 61, - "options": { - "legend": { - "calcs": [], - "displayMode": "table", - "placement": "right", - "showLegend": true - }, - "tooltip": { - "mode": "multi", - "sort": "desc" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(increase(kube_pod_container_status_restarts_total{namespace=~\"${namespace}\", pod=\"${pod}\", container!=\"\", job=~\"$job\", cluster=\"$cluster\"}[$__rate_interval])) by (container)", - "interval": "", - "legendFormat": "{{ container }}", - "range": true, - "refId": "A" - } - ], - "title": "Container Restarts by container", - "type": "timeseries" - }, - { - "collapsed": false, - "datasource": { - "type": "datasource", - "uid": "grafana" - }, - "gridPos": { - "h": 1, - "w": 24, - "x": 0, - "y": 47 - }, - "id": 45, - "panels": [], - "targets": [ - { - "datasource": { - "type": "datasource", - "uid": "grafana" - }, - "refId": "A" - } - ], - "title": "Network", - "type": "row" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "bytes" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 48 - }, - "id": 31, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": true - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "exemplar": true, - "expr": "sum(rate(container_network_receive_bytes_total{namespace=\"$namespace\", pod=~\"$pod\", cluster=\"$cluster\"}[$__rate_interval]))", - "interval": "$resolution", - "legendFormat": "Received", - "refId": "A" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "exemplar": true, - "expr": "- sum(rate(container_network_transmit_bytes_total{namespace=\"$namespace\", pod=~\"$pod\", cluster=\"$cluster\"}[$__rate_interval]))", - "interval": "$resolution", - "legendFormat": "Transmitted", - "refId": "B" - } - ], - "title": "Network - Bandwidth", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "pps" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 48 - }, - "id": 34, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": true - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "exemplar": true, - "expr": "sum(rate(container_network_receive_packets_total{namespace=\"$namespace\", pod=~\"$pod\", cluster=\"$cluster\"}[$__rate_interval]))", - "interval": "$resolution", - "legendFormat": "Received", - "refId": "A" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "exemplar": true, - "expr": "- sum(rate(container_network_transmit_packets_total{namespace=\"$namespace\", pod=~\"$pod\", cluster=\"$cluster\"}[$__rate_interval]))", - "interval": "$resolution", - "legendFormat": "Transmitted", - "refId": "B" - } - ], - "title": "Network - Packets Rate", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "pps" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 56 - }, - "id": 36, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": true - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "exemplar": true, - "expr": "sum(rate(container_network_receive_packets_dropped_total{namespace=\"$namespace\", pod=~\"$pod\", cluster=\"$cluster\"}[$__rate_interval]))", - "interval": "$resolution", - "legendFormat": "Received", - "refId": "A" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "exemplar": true, - "expr": "- sum(rate(container_network_transmit_packets_dropped_total{namespace=\"$namespace\", pod=~\"$pod\", cluster=\"$cluster\"}[$__rate_interval]))", - "interval": "$resolution", - "legendFormat": "Transmitted", - "refId": "B" - } - ], - "title": "Network - Packets Dropped", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 25, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "smooth", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "pps" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 56 - }, - "id": 37, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": true - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "8.3.3", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "exemplar": true, - "expr": "sum(rate(container_network_receive_errors_total{namespace=\"$namespace\", pod=~\"$pod\", cluster=\"$cluster\"}[$__rate_interval]))", - "interval": "$resolution", - "legendFormat": "Received", - "refId": "A" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "exemplar": true, - "expr": "- sum(rate(container_network_transmit_errors_total{namespace=\"$namespace\", pod=~\"$pod\", cluster=\"$cluster\"}[$__rate_interval]))", - "interval": "$resolution", - "legendFormat": "Transmitted", - "refId": "B" - } - ], - "title": "Network - Errors", - "type": "timeseries" - } - ], - "refresh": "30s", - "schemaVersion": 39, - "tags": [ - "Kubernetes", - "Prometheus" - ], - "templating": { - "list": [ - { - "current": { - "selected": false, - "text": "", - "value": "" - }, - "hide": 0, - "includeAll": false, - "multi": false, - "name": "datasource", - "options": [], - "query": "prometheus", - "queryValue": "", - "refresh": 1, - "regex": "", - "skipUrlSync": false, - "type": "datasource" - }, - { - "current": { - "isNone": true, - "selected": false, - "text": "None", - "value": "" - }, - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "definition": "label_values(kube_node_info,cluster)", - "hide": 0, - "includeAll": false, - "multi": false, - "name": "cluster", - "options": [], - "query": { - "qryType": 1, - "query": "label_values(kube_node_info,cluster)", - "refId": "PrometheusVariableQueryEditor-VariableQuery" - }, - "refresh": 1, - "regex": "", - "skipUrlSync": false, - "sort": 1, - "type": "query" - }, - { - "current": { - "selected": false, - "text": "monitoring", - "value": "monitoring" - }, - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "definition": "label_values(kube_pod_info{cluster=\"$cluster\"}, namespace)", - "hide": 0, - "includeAll": false, - "multi": false, - "name": "namespace", - "options": [], - "query": { - "query": "label_values(kube_pod_info{cluster=\"$cluster\"}, namespace)", - "refId": "Prometheus-namespace-Variable-Query" - }, - "refresh": 1, - "regex": "", - "skipUrlSync": false, - "sort": 1, - "tagValuesQuery": "", - "tagsQuery": "", - "type": "query", - "useTags": false - }, - { - "current": { - "selected": false, - "text": "", - "value": "" - }, - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "definition": "label_values(kube_pod_info{namespace=\"$namespace\", cluster=\"$cluster\"}, pod)", - "hide": 0, - "includeAll": true, - "multi": true, - "name": "pod", - "options": [], - "query": { - "query": "label_values(kube_pod_info{namespace=\"$namespace\", cluster=\"$cluster\"}, pod)", - "refId": "Prometheus-pod-Variable-Query" - }, - "refresh": 2, - "regex": "", - "skipUrlSync": false, - "sort": 1, - "tagValuesQuery": "", - "tagsQuery": "", - "type": "query", - "useTags": false - }, - { - "current": { - "selected": false, - "text": "30s", - "value": "30s" - }, - "hide": 0, - "includeAll": false, - "multi": false, - "name": "resolution", - "options": [ - { - "selected": false, - "text": "1s", - "value": "1s" - }, - { - "selected": false, - "text": "15s", - "value": "15s" - }, - { - "selected": true, - "text": "30s", - "value": "30s" - }, - { - "selected": false, - "text": "1m", - "value": "1m" - }, - { - "selected": false, - "text": "3m", - "value": "3m" - }, - { - "selected": false, - "text": "5m", - "value": "5m" - } - ], - "query": "1s, 15s, 30s, 1m, 3m, 5m", - "queryValue": "", - "skipUrlSync": false, - "type": "custom" - }, - { - "current": { - "selected": false, - "text": "kube-state-metrics", - "value": "kube-state-metrics" - }, - "datasource": { - "type": "prometheus", - "uid": "${datasource}" - }, - "definition": "label_values(kube_pod_info{namespace=\"$namespace\", cluster=\"$cluster\"},job)", - "hide": 0, - "includeAll": false, - "multi": true, - "name": "job", - "options": [], - "query": { - "qryType": 1, - "query": "label_values(kube_pod_info{namespace=\"$namespace\", cluster=\"$cluster\"},job)", - "refId": "PrometheusVariableQueryEditor-VariableQuery" - }, - "refresh": 1, - "regex": "", - "skipUrlSync": false, - "sort": 1, - "type": "query" - } - ] - }, - "time": { - "from": "now-1h", - "to": "now" - }, - "timepicker": {}, - "timezone": "", - "title": "Kubernetes / Views / Pods", - "uid": "k8s_views_pods", - "version": 28, - "weekStart": "" - } -kind: ConfigMap -metadata: - annotations: - grafana_folder: Kubernetes - labels: - grafana_dashboard: "1" - name: dashboards-k8s-views-pods - namespace: futureporn diff --git a/flux/infrastructure/controllers/ingress-nginx.yaml b/flux/infrastructure/controllers/ingress-nginx.yaml deleted file mode 100644 index 60d386f..0000000 --- a/flux/infrastructure/controllers/ingress-nginx.yaml +++ /dev/null @@ -1,32 +0,0 @@ ---- -apiVersion: source.toolkit.fluxcd.io/v1beta2 -kind: HelmRepository -metadata: - name: ingress-nginx - namespace: futureporn -spec: - interval: 24h - url: https://kubernetes.github.io/ingress-nginx ---- -apiVersion: helm.toolkit.fluxcd.io/v2 -kind: HelmRelease -metadata: - name: ingress-nginx - namespace: futureporn -spec: - interval: 30m - chart: - spec: - chart: ingress-nginx - version: "*" - sourceRef: - kind: HelmRepository - name: ingress-nginx - namespace: futureporn - interval: 12h - values: - controller: - service: - type: "LoadBalancer" - admissionWebhooks: - enabled: false diff --git a/flux/infrastructure/controllers/kube-prometheus-stack.yaml b/flux/infrastructure/controllers/kube-prometheus-stack.yaml deleted file mode 100644 index 0b11276..0000000 --- a/flux/infrastructure/controllers/kube-prometheus-stack.yaml +++ /dev/null @@ -1,56 +0,0 @@ - - ---- -apiVersion: source.toolkit.fluxcd.io/v1 -kind: HelmRepository -metadata: - name: prometheus-community - namespace: futureporn -spec: - interval: 24h - url: https://prometheus-community.github.io/helm-charts - ---- -apiVersion: helm.toolkit.fluxcd.io/v2 -kind: HelmRelease -metadata: - name: prometheus - namespace: futureporn -spec: - interval: 30m - chart: - spec: - chart: kube-prometheus-stack - version: "60.3.0" - sourceRef: - kind: HelmRepository - name: prometheus-community - namespace: futureporn - interval: 12h - values: - prometheus: - prometheusSpec: - storageSpec: - volumeClaimTemplate: - spec: - storageClassName: vultr-block-storage-hdd - resources: - requests: - storage: 40Gi - grafana: - service: - - annotations: - - admin: - existingSecret: grafana - sidecar: - dashboards: - enabled: true - defaultFolderName: "General" - label: grafana_dashboard - labelValue: "1" - folderAnnotation: grafana_folder - searchNamespace: ALL - provider: - foldersFromFilesStructure: true diff --git a/flux/infrastructure/controllers/kustomization.yaml b/flux/infrastructure/controllers/kustomization.yaml deleted file mode 100644 index 4437653..0000000 --- a/flux/infrastructure/controllers/kustomization.yaml +++ /dev/null @@ -1,8 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: - # - external-dns.yaml - - cert-manager.yaml - - ingress-nginx.yaml - - grafana-k8s-dashboards.yaml - - kube-prometheus-stack.yaml \ No newline at end of file diff --git a/package.json b/package.json index 511125b..a9138c4 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "futureporn", - "version": "1.0.3", + "version": "2.0.0", "description": "", "main": "index.js", "scripts": { diff --git a/packages/fetchers/README.md b/packages/fetchers/README.md deleted file mode 100644 index 85cc7df..0000000 --- a/packages/fetchers/README.md +++ /dev/null @@ -1,5 +0,0 @@ -# @futureporn/fetchers - -`fetch()` wrappers for getting/setting values in our database. - -distinct from @futureporn/scout which is fetching data from external sources. \ No newline at end of file diff --git a/packages/fetchers/package.json b/packages/fetchers/package.json deleted file mode 100644 index 33a0b29..0000000 --- a/packages/fetchers/package.json +++ /dev/null @@ -1,26 +0,0 @@ -{ - "name": "@futureporn/fetchers", - "type": "module", - "version": "1.0.0", - "description": "", - "main": "index.js", - "scripts": { - "test": "echo \"Error: no test specified\" && exit 0" - }, - "exports": { - "./*.ts": "./src/*.ts" - }, - "keywords": [], - "author": "", - "license": "Unlicense", - "dependencies": { - "@futureporn/types": "workspace:^", - "@types/qs": "^6.9.15", - "date-fns": "^3.6.0", - "qs": "^6.13.0" - }, - "devDependencies": { - "@types/chai": "^4.3.19", - "chai": "^5.1.1" - } -} diff --git a/packages/fetchers/pnpm-lock.yaml b/packages/fetchers/pnpm-lock.yaml deleted file mode 100644 index 41d8269..0000000 --- a/packages/fetchers/pnpm-lock.yaml +++ /dev/null @@ -1,221 +0,0 @@ -lockfileVersion: '9.0' - -settings: - autoInstallPeers: true - excludeLinksFromLockfile: false - -importers: - - .: - dependencies: - '@futureporn/types': - specifier: workspace:^ - version: link:../types - '@types/qs': - specifier: ^6.9.15 - version: 6.9.15 - date-fns: - specifier: ^3.6.0 - version: 3.6.0 - qs: - specifier: ^6.13.0 - version: 6.13.0 - devDependencies: - '@types/chai': - specifier: ^4.3.19 - version: 4.3.19 - chai: - specifier: ^5.1.1 - version: 5.1.1 - -packages: - - '@types/chai@4.3.19': - resolution: {integrity: sha512-2hHHvQBVE2FiSK4eN0Br6snX9MtolHaTo/batnLjlGRhoQzlCL61iVpxoqO7SfFyOw+P/pwv+0zNHzKoGWz9Cw==} - - '@types/qs@6.9.15': - resolution: {integrity: sha512-uXHQKES6DQKKCLh441Xv/dwxOq1TVS3JPUMlEqoEglvlhR6Mxnlew/Xq/LRVHpLyk7iK3zODe1qYHIMltO7XGg==} - - assertion-error@2.0.1: - resolution: {integrity: sha512-Izi8RQcffqCeNVgFigKli1ssklIbpHnCYc6AknXGYoB6grJqyeby7jv12JUQgmTAnIDnbck1uxksT4dzN3PWBA==} - engines: {node: '>=12'} - - call-bind@1.0.7: - resolution: {integrity: sha512-GHTSNSYICQ7scH7sZ+M2rFopRoLh8t2bLSW6BbgrtLsahOIB5iyAVJf9GjWK3cYTDaMj4XdBpM1cA6pIS0Kv2w==} - engines: {node: '>= 0.4'} - - chai@5.1.1: - resolution: {integrity: sha512-pT1ZgP8rPNqUgieVaEY+ryQr6Q4HXNg8Ei9UnLUrjN4IA7dvQC5JB+/kxVcPNDHyBcc/26CXPkbNzq3qwrOEKA==} - engines: {node: '>=12'} - - check-error@2.1.1: - resolution: {integrity: sha512-OAlb+T7V4Op9OwdkjmguYRqncdlx5JiofwOAUkmTF+jNdHwzTaTs4sRAGpzLF3oOz5xAyDGrPgeIDFQmDOTiJw==} - engines: {node: '>= 16'} - - date-fns@3.6.0: - resolution: {integrity: sha512-fRHTG8g/Gif+kSh50gaGEdToemgfj74aRX3swtiouboip5JDLAyDE9F11nHMIcvOaXeOC6D7SpNhi7uFyB7Uww==} - - deep-eql@5.0.2: - resolution: {integrity: sha512-h5k/5U50IJJFpzfL6nO9jaaumfjO/f2NjK/oYB2Djzm4p9L+3T9qWpZqZ2hAbLPuuYq9wrU08WQyBTL5GbPk5Q==} - engines: {node: '>=6'} - - define-data-property@1.1.4: - resolution: {integrity: sha512-rBMvIzlpA8v6E+SJZoo++HAYqsLrkg7MSfIinMPFhmkorw7X+dOXVJQs+QT69zGkzMyfDnIMN2Wid1+NbL3T+A==} - engines: {node: '>= 0.4'} - - es-define-property@1.0.0: - resolution: {integrity: sha512-jxayLKShrEqqzJ0eumQbVhTYQM27CfT1T35+gCgDFoL82JLsXqTJ76zv6A0YLOgEnLUMvLzsDsGIrl8NFpT2gQ==} - engines: {node: '>= 0.4'} - - es-errors@1.3.0: - resolution: {integrity: sha512-Zf5H2Kxt2xjTvbJvP2ZWLEICxA6j+hAmMzIlypy4xcBg1vKVnx89Wy0GbS+kf5cwCVFFzdCFh2XSCFNULS6csw==} - engines: {node: '>= 0.4'} - - function-bind@1.1.2: - resolution: {integrity: sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA==} - - get-func-name@2.0.2: - resolution: {integrity: sha512-8vXOvuE167CtIc3OyItco7N/dpRtBbYOsPsXCz7X/PMnlGjYjSGuZJgM1Y7mmew7BKf9BqvLX2tnOVy1BBUsxQ==} - - get-intrinsic@1.2.4: - resolution: {integrity: sha512-5uYhsJH8VJBTv7oslg4BznJYhDoRI6waYCxMmCdnTrcCrHA/fCFKoTFz2JKKE0HdDFUF7/oQuhzumXJK7paBRQ==} - engines: {node: '>= 0.4'} - - gopd@1.0.1: - resolution: {integrity: sha512-d65bNlIadxvpb/A2abVdlqKqV563juRnZ1Wtk6s1sIR8uNsXR70xqIzVqxVf1eTqDunwT2MkczEeaezCKTZhwA==} - - has-property-descriptors@1.0.2: - resolution: {integrity: sha512-55JNKuIW+vq4Ke1BjOTjM2YctQIvCT7GFzHwmfZPGo5wnrgkid0YQtnAleFSqumZm4az3n2BS+erby5ipJdgrg==} - - has-proto@1.0.3: - resolution: {integrity: sha512-SJ1amZAJUiZS+PhsVLf5tGydlaVB8EdFpaSO4gmiUKUOxk8qzn5AIy4ZeJUmh22znIdk/uMAUT2pl3FxzVUH+Q==} - engines: {node: '>= 0.4'} - - has-symbols@1.0.3: - resolution: {integrity: sha512-l3LCuF6MgDNwTDKkdYGEihYjt5pRPbEg46rtlmnSPlUbgmB8LOIrKJbYYFBSbnPaJexMKtiPO8hmeRjRz2Td+A==} - engines: {node: '>= 0.4'} - - hasown@2.0.2: - resolution: {integrity: sha512-0hJU9SCPvmMzIBdZFqNPXWa6dqh7WdH0cII9y+CyS8rG3nL48Bclra9HmKhVVUHyPWNH5Y7xDwAB7bfgSjkUMQ==} - engines: {node: '>= 0.4'} - - loupe@3.1.1: - resolution: {integrity: sha512-edNu/8D5MKVfGVFRhFf8aAxiTM6Wumfz5XsaatSxlD3w4R1d/WEKUTydCdPGbl9K7QG/Ca3GnDV2sIKIpXRQcw==} - - object-inspect@1.13.2: - resolution: {integrity: sha512-IRZSRuzJiynemAXPYtPe5BoI/RESNYR7TYm50MC5Mqbd3Jmw5y790sErYw3V6SryFJD64b74qQQs9wn5Bg/k3g==} - engines: {node: '>= 0.4'} - - pathval@2.0.0: - resolution: {integrity: sha512-vE7JKRyES09KiunauX7nd2Q9/L7lhok4smP9RZTDeD4MVs72Dp2qNFVz39Nz5a0FVEW0BJR6C0DYrq6unoziZA==} - engines: {node: '>= 14.16'} - - qs@6.13.0: - resolution: {integrity: sha512-+38qI9SOr8tfZ4QmJNplMUxqjbe7LKvvZgWdExBOmd+egZTtjLB67Gu0HRX3u/XOq7UU2Nx6nsjvS16Z9uwfpg==} - engines: {node: '>=0.6'} - - set-function-length@1.2.2: - resolution: {integrity: sha512-pgRc4hJ4/sNjWCSS9AmnS40x3bNMDTknHgL5UaMBTMyJnU90EgWh1Rz+MC9eFu4BuN/UwZjKQuY/1v3rM7HMfg==} - engines: {node: '>= 0.4'} - - side-channel@1.0.6: - resolution: {integrity: sha512-fDW/EZ6Q9RiO8eFG8Hj+7u/oW+XrPTIChwCOM2+th2A6OblDtYYIpve9m+KvI9Z4C9qSEXlaGR6bTEYHReuglA==} - engines: {node: '>= 0.4'} - -snapshots: - - '@types/chai@4.3.19': {} - - '@types/qs@6.9.15': {} - - assertion-error@2.0.1: {} - - call-bind@1.0.7: - dependencies: - es-define-property: 1.0.0 - es-errors: 1.3.0 - function-bind: 1.1.2 - get-intrinsic: 1.2.4 - set-function-length: 1.2.2 - - chai@5.1.1: - dependencies: - assertion-error: 2.0.1 - check-error: 2.1.1 - deep-eql: 5.0.2 - loupe: 3.1.1 - pathval: 2.0.0 - - check-error@2.1.1: {} - - date-fns@3.6.0: {} - - deep-eql@5.0.2: {} - - define-data-property@1.1.4: - dependencies: - es-define-property: 1.0.0 - es-errors: 1.3.0 - gopd: 1.0.1 - - es-define-property@1.0.0: - dependencies: - get-intrinsic: 1.2.4 - - es-errors@1.3.0: {} - - function-bind@1.1.2: {} - - get-func-name@2.0.2: {} - - get-intrinsic@1.2.4: - dependencies: - es-errors: 1.3.0 - function-bind: 1.1.2 - has-proto: 1.0.3 - has-symbols: 1.0.3 - hasown: 2.0.2 - - gopd@1.0.1: - dependencies: - get-intrinsic: 1.2.4 - - has-property-descriptors@1.0.2: - dependencies: - es-define-property: 1.0.0 - - has-proto@1.0.3: {} - - has-symbols@1.0.3: {} - - hasown@2.0.2: - dependencies: - function-bind: 1.1.2 - - loupe@3.1.1: - dependencies: - get-func-name: 2.0.2 - - object-inspect@1.13.2: {} - - pathval@2.0.0: {} - - qs@6.13.0: - dependencies: - side-channel: 1.0.6 - - set-function-length@1.2.2: - dependencies: - define-data-property: 1.1.4 - es-errors: 1.3.0 - function-bind: 1.1.2 - get-intrinsic: 1.2.4 - gopd: 1.0.1 - has-property-descriptors: 1.0.2 - - side-channel@1.0.6: - dependencies: - call-bind: 1.0.7 - es-errors: 1.3.0 - get-intrinsic: 1.2.4 - object-inspect: 1.13.2 diff --git a/packages/fetchers/src/config.ts b/packages/fetchers/src/config.ts deleted file mode 100644 index 3052853..0000000 --- a/packages/fetchers/src/config.ts +++ /dev/null @@ -1,27 +0,0 @@ -const requiredEnvVars = [ - 'POSTGREST_URL', - 'AUTOMATION_USER_JWT', - 'SCOUT_URL', -] as const; - -const getEnvVar = (key: typeof requiredEnvVars[number]): string => { - const value = process.env[key]; - if (!value) { - throw new Error(`Missing ${key} env var`); - } - return value; -}; - -export interface Config { - postgrestUrl: string; - automationUserJwt: string; - scoutUrl: string; -} - - -export const configs: Config = { - scoutUrl: getEnvVar('SCOUT_URL'), - postgrestUrl: getEnvVar('POSTGREST_URL'), - automationUserJwt: getEnvVar('AUTOMATION_USER_JWT') -} - diff --git a/packages/fetchers/src/createRecording.ts b/packages/fetchers/src/createRecording.ts deleted file mode 100644 index 6c8a7a6..0000000 --- a/packages/fetchers/src/createRecording.ts +++ /dev/null @@ -1,29 +0,0 @@ -import { configs } from "./config.ts"; - - -export default async function createRecording({ url, discordMessageId, date }: { url: string, discordMessageId?: string, date: Date }) { - if (!url) throw new Error('createRecording requires {string} url'); - const payload = { - url, - discord_message_id: discordMessageId, - date: date.toISOString() - } - const res = await fetch(`${configs.postgrestUrl}/recordings`, { - method: 'POST', - headers: { - 'Content-Type': 'application/json', - 'Accept': 'application/json', - 'Prefer': 'return=representation', - 'Authorization': `Bearer ${configs.automationUserJwt}` - }, - body: JSON.stringify(payload) - }) - if (!res.ok) { - const body = await res.text() - const msg = `Failed to create Recording. status=${res.status}, statusText=${res.statusText}, body=${body}` - console.error(msg) - throw new Error(msg); - } - const data = await res.json() as { id: string } - return data.id -} diff --git a/packages/fetchers/src/createS3File.ts b/packages/fetchers/src/createS3File.ts deleted file mode 100644 index 11c34ca..0000000 --- a/packages/fetchers/src/createS3File.ts +++ /dev/null @@ -1,31 +0,0 @@ -import { configs } from "./config.ts" -import type { S3FileRecord, S3FileResponse } from '@futureporn/types' - -export default async function createS3File(s3File?: S3FileRecord): Promise { - if (!s3File) throw new Error(`first argument passed to createS3File must be a {S3Record}`); - console.log(s3File) - const url = `${configs.postgrestUrl}/s3_files` - const payload: any = { - s3_id: s3File.s3_id, - s3_key: s3File.s3_key, - } - const fetchOptions = { - method: 'POST', - headers: { - 'Authorization': `Bearer ${configs.automationUserJwt}`, - 'Content-Type': 'application/json', - 'Accept': 'application/json', - 'Prefer': 'return=representation' - }, - body: JSON.stringify(payload) - } - const res = await fetch (url, fetchOptions) - if (!res.ok) { - const body = await res.json() - throw new Error(`Problem during createS3File. res.status=${res.status}, res.statusText=${res.statusText}, body=${JSON.stringify(body)}`) - } - const json = await res.json() as S3FileResponse[] - const s3FileRes = json[0] - if (!s3FileRes) return null - else return s3FileRes -} \ No newline at end of file diff --git a/packages/fetchers/src/createSegment.ts b/packages/fetchers/src/createSegment.ts deleted file mode 100644 index f21116e..0000000 --- a/packages/fetchers/src/createSegment.ts +++ /dev/null @@ -1,30 +0,0 @@ -import { SegmentResponse } from '@futureporn/types'; -import { configs } from './config.ts' -import querystring from 'node:querystring' - -export default async function createSegment(s3_key: string, vod_id: string): Promise { - if (!s3_key) throw new Error('getSegments requires {string} s3_key as first arg'); - const segmentPayload = { - s3_key, - vod_id - } - const res = await fetch(`${configs.postgrestUrl}/segments?select=*,vod:vods(*,recordings(*))`, { - method: 'POST', - headers: { - 'Content-Type': 'application/json', - 'Accept': 'application/json', - 'Prefer': 'return=representation', - 'Authorization': `Bearer ${configs.automationUserJwt}` - }, - body: JSON.stringify(segmentPayload) - }) - if (!res.ok) { - const body = await res.text() - const msg = `failed to create Segment. status=${res.status}, statusText=${res.statusText}, body=${body}` - console.error(msg) - throw new Error(msg); - } - const data = await res.json() as SegmentResponse[] - if (!data[0]) throw new Error('failed to createSegment! body[0] was missing.'); - return data[0] -} diff --git a/packages/fetchers/src/createSegmentsVodLink.ts b/packages/fetchers/src/createSegmentsVodLink.ts deleted file mode 100644 index bff6ece..0000000 --- a/packages/fetchers/src/createSegmentsVodLink.ts +++ /dev/null @@ -1,36 +0,0 @@ -// import type { Helpers } from 'graphile-worker' -import { configs } from './config.ts' -import querystring from 'node:querystring' - -export default async function createSegmentsVodLink(vod_id: string, segment_id: string): Promise { - console.info(`createSegmentsVodLink with vod_id=${vod_id}, segment_id=${segment_id}`) - if (!vod_id) throw new Error('createSegmentsVodLink requires {string} vod_id as first arg'); - if (!segment_id) throw new Error('createSegmentsVodLink requires {string} segment_id as second arg'); - const segmentVodLinkPayload = { - vod_id, - segment_id - } - const res = await fetch(`${configs.postgrestUrl}/segments_vod_links`, { - method: 'POST', - headers: { - 'Content-Type': 'application/json', - 'Accept': 'application/json', - 'Prefer': 'return=headers-only', - 'Authorization': `Bearer ${configs.automationUserJwt}`, - }, - body: JSON.stringify(segmentVodLinkPayload) - }) - if (!res.ok) { - const body = await res.text() - throw new Error(`failed to create SegmentsVodLink. status=${res.status}, statusText=${res.statusText}, body=${body}`); - } - const location = res.headers.get('location') - if (!location) throw new Error(`failed to get location header in response from postgrest`); - const parsedQuery = querystring.parse(location) - const segmentsId = parsedQuery['/segments_vod_links?id'] - if (!segmentsId) throw new Error('segments_vod_links?id was undefined which is unexpected'); - if (Array.isArray(segmentsId)) throw new Error('segments_vod_links was an array which is unexpected'); - const id = segmentsId.split('.').at(-1) - if (!id) throw new Error('failed to get id '); - return id -} diff --git a/packages/fetchers/src/createStreamInDatabase.ts b/packages/fetchers/src/createStreamInDatabase.ts deleted file mode 100644 index c9e692f..0000000 --- a/packages/fetchers/src/createStreamInDatabase.ts +++ /dev/null @@ -1,30 +0,0 @@ -import { configs } from './config.ts' - -export default async function createStreamInDatabase(url: string, discordMessageId: string): Promise { - const streamPayload = { - url, - status: 'pending_recording', - discord_message_id: discordMessageId, - date: new Date().toISOString() - } - const res = await fetch(`${configs.postgrestUrl}/streams`, { - method: 'POST', - headers: { - 'Content-Type': 'application/json', - 'Prefer': 'return=headers-only', - 'Authorization': `Bearer ${configs.automationUserJwt}`, - }, - body: JSON.stringify(streamPayload) - }) - if (!res.ok) { - const status = res.status - const statusText = res.statusText - const body = await res.text() - const msg = `Failed to create stream in database. status=${status}, statusText=${statusText}, body=${body}` - console.error(msg) - throw new Error(msg) - } - const id = res.headers.get('location')?.split('.').at(-1) - if (!id) throw new Error('id could not be parsed from location header'); - return id -} \ No newline at end of file diff --git a/packages/fetchers/src/createVod.ts b/packages/fetchers/src/createVod.ts deleted file mode 100644 index 7eb039d..0000000 --- a/packages/fetchers/src/createVod.ts +++ /dev/null @@ -1,27 +0,0 @@ -import { configs } from "./config.ts" -import type { VodResponse, VodRecord } from '@futureporn/types' - -export default async function createVod(vodPartial?: Partial): Promise { - if (!vodPartial) console.warn(`createVod() was called with no vodPartial as argument. It's recommended to supply this argument with key/values stream_id, date, and vtuber`); - if (!vodPartial?.date) throw new Error('createVod requires argument vodPartial.date'); - const url = `${configs.postgrestUrl}/vods` - const fetchOptions = { - method: 'POST', - headers: { - 'Authorization': `Bearer ${configs.automationUserJwt}`, - 'Content-Type': 'application/json', - 'Accept': 'application/json', - 'Prefer': 'return=representation' - }, - body: JSON.stringify(vodPartial) - } - const res = await fetch (url, fetchOptions) - if (!res.ok) { - const body = await res.json() - throw new Error(`Problem during createVod. res.status=${res.status}, res.statusText=${res.statusText}, body=${JSON.stringify(body)}`) - } - const json = await res.json() as VodResponse[] - const vod = json[0] - if (!vod) return null - else return vod -} \ No newline at end of file diff --git a/packages/fetchers/src/findOrCreateStream.ts b/packages/fetchers/src/findOrCreateStream.ts deleted file mode 100644 index c37163c..0000000 --- a/packages/fetchers/src/findOrCreateStream.ts +++ /dev/null @@ -1,83 +0,0 @@ -import { configs } from "./config.ts" -import type { StreamResponse, VodRecord } from "@futureporn/types" -import { sub } from 'date-fns' - -export async function findStream(vtuberId: string, lteDate: Date, gteDate: Date): Promise { - const fetchUrl = `${configs.postgrestUrl}/streams?select=id&vtuber=eq.${vtuberId}&date=gte.${gteDate.toISOString()}&date=lte.${lteDate.toISOString()}` - const fetchOptions = { - method: 'GET', - headers: { - 'Content-Type': 'application/json', - 'Accept': 'application/json', - 'Prefer': 'return=representation' - } - } - const res = await fetch(fetchUrl, fetchOptions) - if (!res.ok) { - const body = await res.text() - const msg = `findStream fetch failed. status=${res.status}, statusText=${res.statusText}, body=${body}` - console.error(msg) - throw new Error(msg) - } - const json = await res.json() as StreamResponse[] - if (!json || !json[0]) return null - return json[0].id -} - -export async function createStream(): Promise { - const payload = { - - } - const fetchUrl = `${configs.postgrestUrl}/streams?select=id` - const fetchOptions = { - method: 'POST', - headers: { - 'Content-Type': 'application/json', - 'Accept': 'application/json', - 'Prefer': 'return=representation', - 'Authorization': `Bearer ${configs.automationUserJwt}`, - }, - body: JSON.stringify(payload) - } - const res = await fetch(fetchUrl, fetchOptions) - if (!res.ok) { - const body = await res.text() - const msg = `createStream fetch failed. status=${res.status}, statusText=${res.statusText}, body=${body}` - console.error(msg) - throw new Error(msg) - } - const json = await res.json() as StreamResponse[] - if (!json || !json[0]) return null - return json[0].id -} - - -/** - * Find or create a stream in the database. - * - * We use the vtuberId and the date to find a stream taking place within the last n minutes. - * - * The stream date range that we accept is inclusive between date and (date-minutes) - * - * This is useful for eliminating duplicates, since a stream can be created by more than one input. - * - * - manual - * - email - * - twitter - * - */ -export default async function findOrCreateStream({ vtuberId, date, minutes = 15 }: { vtuberId: string, date: Date, minutes?: number }): Promise { - console.info(`findOrCreateStream with vtuberId=${vtuberId}, date=${new Date(date).toISOString()}, minutes=${minutes}`) - if (!vtuberId) throw new Error(`findOrCreateStream requires vruberId passed in the options argument.`); - if (!date) throw new Error(`findOrCreateStream requires date passed in the options argument.`); - const gteDate = sub(date, { minutes }) - const lteDate = date - const foundStream = await findStream(vtuberId, lteDate, gteDate) - if (!foundStream) { - return createStream() - } else { - return foundStream - } - -} - diff --git a/packages/fetchers/src/findOrCreateVtuber.spec.ts b/packages/fetchers/src/findOrCreateVtuber.spec.ts deleted file mode 100644 index 65f410a..0000000 --- a/packages/fetchers/src/findOrCreateVtuber.spec.ts +++ /dev/null @@ -1,20 +0,0 @@ -import findOrCreateVtuber from "./findOrCreateVtuber.ts" -import { expect } from 'chai' - -// These tests are meant to run in docker via gitea-actions -// or https://github.com/nektos/act - -describe('integration', function () { - this.beforeAll(function () { - // set up db - // seed db - // set env - }) - describe('findOrCreateVtuber', function () { - xit('should find projektmelody when given url=https://chaturbate.com/projektmelody', async function () { - const url = 'https://chaturbate.com/projektmelody' - const vtuber = await findOrCreateVtuber({ url }, { prefer: 'return=representation' }) - expect(vtuber).to.have.property('slug', 'projektmelody') - }) - }) -}) \ No newline at end of file diff --git a/packages/fetchers/src/findOrCreateVtuber.ts b/packages/fetchers/src/findOrCreateVtuber.ts deleted file mode 100644 index cda4742..0000000 --- a/packages/fetchers/src/findOrCreateVtuber.ts +++ /dev/null @@ -1,111 +0,0 @@ -import { configs } from "./config.ts" -import type { VtuberRecord, VtuberResponse } from "@futureporn/types" -import qs from 'qs' - -interface vTuberSearchQuery { - url: string; - name: string; -} - -interface vTuberSearchOptions { - prefer: string; -} - -const columns = [ - 'chaturbate', - 'twitter', - 'patreon', - 'twitch', - 'tiktok', - 'onlyfans', - 'youtube', - 'fansly', - 'pornhub' -]; - -// @see https://bobbyhadz.com/blog/javascript-remove-trailing-slash-from-string -function removeTrailingSlash(url: string) { - return url.replace(/\/+$/, ''); -} - -function buildUrlSearchOrTemplate(columns: string[], url: string): string { - return `(${columns.map(column => `${column}.ilike.*${url}*`).join(',')})`; -} - - -async function findVtuber(query: Partial, options?: Partial): Promise { - const { url, name } = query - const queryOptions: any = {} - // When url argument exists, we try searching against the vtuber's platform urls - if (url) queryOptions.or = buildUrlSearchOrTemplate(columns, removeTrailingSlash(url)); - if (!url && !name) throw new Error(`findVtuber requires url or name passed in an object as argument.`); - const fetchUrl = `${configs.postgrestUrl}/vtubers?${qs.stringify(queryOptions, { encode: false })}` - console.info(fetchUrl) - const fetchOptions = { - method: 'GET', - headers: { - 'Content-Type': 'application/json', - 'Accept': 'application/json', - 'Prefer': 'return=representation', - 'Authorization': `Bearer ${configs.automationUserJwt}`, - } - } - const res = await fetch(fetchUrl, fetchOptions) - if (!res.ok) { - const msg = `request failed. status=${res.status}, statusText=${res.statusText}` - console.error(msg) - throw new Error(msg) - } - const json = await res.json() as VtuberResponse[] - // console.info(`vtuber results as follows.`) - // console.info(json) - return json?.at(0)?.id || null -} - -async function createVtuber(vtuber: Partial): Promise { - const createVtuberPayload = vtuber - const fetchUrl = `${configs.postgrestUrl}/vtubers` - const fetchOptions = { - method: 'POST', - headers: { - 'Content-Type': 'application/json', - 'Accept': 'application/json', - 'Prefer': 'return=representation', - 'Authorization': `Bearer ${configs.automationUserJwt}` - }, - body: JSON.stringify(createVtuberPayload) - } - const res = await fetch(fetchUrl, fetchOptions) - if (!res.ok) { - const body = await res.text() - const msg = `createVtuber fetch failed. status=${res.status}, statusText=${res.statusText}, body=${body}` - console.error(msg) - throw new Error(msg) - } - const json = await res.json() as VtuberResponse[] - // console.info(`createVtuber with vtuber as follows`) - // console.info(vtuber) - // console.info(json) - const vtuberData = json[0] - if (!vtuberData) throw new Error('failed to createVtuber') - return vtuberData.id -} - - -export default async function findOrCreateVtuber(query: Partial, options?: Partial): Promise { - if (!query) throw new Error(`findOrCreateVtuber requires an object as argument`); - const { url, name } = query - if (!url) throw new Error('findOrCreateVtuber was missing url which is required'); - console.info(`findOrCreateVtuber. url=${url}, name=${name}`) - new URL(url) // validate URL, throw if invalid - - const foundVtuber = await findVtuber(query) - if (!foundVtuber) { - console.info(`Failed to find vtuber, so we create one.`) - const vtuber = await fetch(`${configs.scoutUrl}/vtuber/data?url=${url}`).then((res): Promise => res.json() as any) - return createVtuber(vtuber) - } else { - return foundVtuber - } - -} \ No newline at end of file diff --git a/packages/fetchers/src/findVod.ts b/packages/fetchers/src/findVod.ts deleted file mode 100644 index c50a99f..0000000 --- a/packages/fetchers/src/findVod.ts +++ /dev/null @@ -1,25 +0,0 @@ -import type { VodResponse } from "@futureporn/types"; -import { configs } from "./config.ts"; - -export default async function findVod({ vod_id, discord_message_id }: { vod_id?: string, discord_message_id?: string }): Promise { - const fetchUrl = (!!vod_id) - ? `${configs.postgrestUrl}/vods?id=eq.${vod_id}&select=*,segments(bytes,updated_at,created_at,s3_key)` - : `${configs.postgrestUrl}/vods?discord_message_id=eq.${discord_message_id}&select=*,segments(bytes,updated_at,created_at)` - console.info(fetchUrl) - const fetchOptions = { - method: 'GET', - headers: { - 'Content-Type': 'application/json', - 'Accept': 'application/json', - 'Prefer': 'return=representation' - } - } - const res = await fetch(fetchUrl, fetchOptions) - if (!res.ok) { - const msg = `request failed. status=${res.status}, statusText=${res.statusText}` - console.error(msg) - throw new Error(msg) - } - const json = await res.json() as VodResponse[] - return json?.at(0) || null -} \ No newline at end of file diff --git a/packages/fetchers/src/getPlaylistUrl.ts b/packages/fetchers/src/getPlaylistUrl.ts deleted file mode 100644 index 77be74d..0000000 --- a/packages/fetchers/src/getPlaylistUrl.ts +++ /dev/null @@ -1,23 +0,0 @@ -import { configs } from './config.ts' -import { type GenericApiResponse } from '@futureporn/types' - -export default async function getPlaylistUrl (url: string): Promise { - if (!url) throw new Error(`getPlaylistUrl requires a url, but it was undefined.`); - - const res = await fetch(`${configs.scoutUrl}/ytdlp/playlist-url?url=${url}`) - if (!res.ok) { - const body = await res.text() - console.error(`failed to getPlaylistUrl res.status=${res.status}, res.statusText=${res.statusText}, body=${body}`) - return { - error: 'PlaylistFailedError', - detail: `failed to getPlaylistUrl. res.status=${res.status}, res.statusText=${res.statusText}, body=${body}`, - data: null, - message: 'something went wrong wile fetching data from @futureporn/scout' - } - } else { - const payload = await res.json() as any - console.log(`>>>>>> getPlaylistUrl data=${payload.data}, error=${payload.error} got a data payload as follows.`) - console.log(payload) - return payload - } -} \ No newline at end of file diff --git a/packages/fetchers/src/getRecording.ts b/packages/fetchers/src/getRecording.ts deleted file mode 100644 index 045e391..0000000 --- a/packages/fetchers/src/getRecording.ts +++ /dev/null @@ -1,45 +0,0 @@ -import type { RecordingResponse } from "@futureporn/types"; -import { configs } from "./config.ts"; - -export default async function getRecording(recordingId: string): Promise { - if (!recordingId) throw new Error(`getRecording requires recordingId param, but it was missing.`); - const fetchUrl = `${configs.postgrestUrl}/recordings?id=eq.${recordingId}` - const fetchOptions = { - method: 'GET', - headers: { - 'Content-Type': 'application/json', - 'Accept': 'application/json', - 'Prefer': 'return=representation' - } - } - const res = await fetch(fetchUrl, fetchOptions) - if (!res.ok) { - const msg = `request failed. status=${res.status}, statusText=${res.statusText}` - console.error(msg) - throw new Error(msg) - } - const json = await res.json() as RecordingResponse[] - return json?.at(0) || null -} - - -export async function getRecordingRelatedToVod(vodId: string): Promise { - if (!vodId) throw new Error(`getRecordingRelatedToVod requires vodId param, but it was missing.`); - const fetchUrl = `${configs.postgrestUrl}/recordings?select=*,vods!inner(id)&vods.id=eq.${vodId}` - const fetchOptions = { - method: 'GET', - headers: { - 'Content-Type': 'application/json', - 'Accept': 'application/json', - 'Prefer': 'return=representation' - } - } - const res = await fetch(fetchUrl, fetchOptions) - if (!res.ok) { - const msg = `request failed. status=${res.status}, statusText=${res.statusText}` - console.error(msg) - throw new Error(msg) - } - const json = await res.json() as RecordingResponse[] - return json?.at(0) || null -} \ No newline at end of file diff --git a/packages/fetchers/src/getSegmentsFromDatabase.ts b/packages/fetchers/src/getSegmentsFromDatabase.ts deleted file mode 100644 index 40527fb..0000000 --- a/packages/fetchers/src/getSegmentsFromDatabase.ts +++ /dev/null @@ -1,37 +0,0 @@ -import { configs } from './config.ts' -import querystring from 'node:querystring' - -export default async function getSegmentsFromDatabase(s3_key: string): Promise { - if (!s3_key) throw new Error('getSegments requires {string} s3_key as first arg'); - const segmentPayload = { - s3_key - } - console.info(`Creating segment with s3_key=${s3_key}. payload as follows`) - console.info(JSON.stringify(segmentPayload)) - const res = await fetch(`${configs.postgrestUrl}/segments`, { - method: 'POST', - headers: { - 'Content-Type': 'application/json', - 'Accept': 'application/json', - 'Prefer': 'return=headers-only', - 'Authorization': `Bearer ${configs.automationUserJwt}` - }, - body: JSON.stringify(segmentPayload) - }) - if (!res.ok) { - const body = await res.text() - const msg = `failed to create Segment. status=${res.status}, statusText=${res.statusText}, body=${body}` - console.error(msg) - throw new Error(msg); - } - const location = res.headers.get('location') - if (!location) throw new Error(`failed to get location header in response from postgrest`); - const parsedQuery = querystring.parse(location) - const segmentsId = parsedQuery['/segments?id'] - if (!segmentsId) throw new Error('segmentsId was undefined which is unexpected'); - if (Array.isArray(segmentsId)) throw new Error('segmentsId was an array which is unexpected'); - const id = segmentsId.split('.').at(-1) - if (!id) throw new Error('failed to get id '); - return parseInt(id) -} - diff --git a/packages/fetchers/src/getStreamFromDatabase.ts b/packages/fetchers/src/getStreamFromDatabase.ts deleted file mode 100644 index 0ca39fe..0000000 --- a/packages/fetchers/src/getStreamFromDatabase.ts +++ /dev/null @@ -1,35 +0,0 @@ -import { configs } from "./config.ts" -import type { StreamResponse } from '@futureporn/types' - - -export default async function getStreamFromDatabase(messageId: string): Promise { - - const pgRequestUrl = `${configs.postgrestUrl}/streams?discord_message_id=eq.${messageId}` - console.info(`pgRequestUrl=${pgRequestUrl}`) - const requestOptions = { - method: 'GET', - headers: { - 'Authorization': `Bearer ${configs.automationUserJwt}`, - 'Content-Type': 'application/json', - 'Accept': 'application/json', - 'Prefer': 'return=representation' - } - } - try { - const res = await fetch (pgRequestUrl, requestOptions) - if (!res.ok) { - const body = await res.json() - console.error(body) - throw new Error(`Problem during getStreamFromDatabase. res.status=${res.status}, res.statusText=${res.statusText}`) - } - console.info(`we got an OK response. let's look at the json.`) - const json = await res.json() as StreamResponse[] - console.info(json) - const stream = json[0] - if (!stream) return null - else return stream - } catch (e) { - console.error(e) - throw e - } -} \ No newline at end of file diff --git a/packages/fetchers/src/getStreamIdFromMessage.ts b/packages/fetchers/src/getStreamIdFromMessage.ts deleted file mode 100644 index 678fb16..0000000 --- a/packages/fetchers/src/getStreamIdFromMessage.ts +++ /dev/null @@ -1,9 +0,0 @@ -import { type Interaction } from "discordeno" -import { isCuid } from '@paralleldrive/cuid2'; - -export default function getStreamIdFromMessage(interaction: Interaction): string|null { - const embeds = interaction.message?.embeds - const streamId = embeds?.at(0)?.title?.split(' ').at(1) - if (!streamId || !isCuid(streamId) || streamId === 'undefined') return null - else return streamId -} diff --git a/packages/fetchers/src/getUrlFromMessage.ts b/packages/fetchers/src/getUrlFromMessage.ts deleted file mode 100644 index 2b487b1..0000000 --- a/packages/fetchers/src/getUrlFromMessage.ts +++ /dev/null @@ -1,36 +0,0 @@ -import { type Interaction } from "discordeno" -import { configs } from "./config.ts" -import { type Stream } from "@futureporn/types" -import { logger } from "@discordeno/bot" - - -export default async function getUrlFromMessage(interaction: Interaction): Promise { - const messageId = interaction.message?.id - - const pgRequestUrl = `${configs.postgrestUrl}/streams?discord_message_id=eq.${messageId}` - logger.info(`pgRequestUrl=${pgRequestUrl}`) - const requestOptions = { - method: 'GET', - headers: { - 'Authorization': `Bearer ${configs.automationUserJwt}`, - 'Content-Type': 'application/json', - 'Prefer': 'return=representation' - } - } - try { - const res = await fetch (pgRequestUrl, requestOptions) - if (!res.ok) { - const body = await res.json() - logger.error(body) - throw new Error(`Problem during getUrlFromMessage. res.status=${res.status}, res.statusText=${res.statusText}`) - } - const json = await res.json() as Stream[] - const stream = json[0] - const url = stream?.url - if (!url) return null - else return url - } catch (e) { - logger.error(e) - throw e - } -} \ No newline at end of file diff --git a/packages/fetchers/src/getVod.ts b/packages/fetchers/src/getVod.ts deleted file mode 100644 index a1b06a3..0000000 --- a/packages/fetchers/src/getVod.ts +++ /dev/null @@ -1,23 +0,0 @@ -import { configs } from "./config" -import type { VodResponse } from "@futureporn/types" - -export default async function getVod(vodId: string): Promise { - const url = `${configs.postgrestUrl}/vods?select=*,segments(*),recording:recordings(is_aborted)&id=eq.${vodId}` - try { - const res = await fetch(url) - if (!res.ok) { - throw new Error(`failed fetching getVod ${vodId}. status=${res.status}, statusText=${res.statusText}`) - } - const body = await res.json() as VodResponse[] - if (!body[0]) throw new Error('body[0] was expected to be Vod data, but it was either null or undefined.'); - return body[0]; - } catch (e) { - console.error(`encountered an error during getVod()`) - if (e instanceof Error) { - console.error(e.message) - } else { - console.error(JSON.stringify(e)) - } - return null - } -} \ No newline at end of file diff --git a/packages/fetchers/src/patchRecording.ts b/packages/fetchers/src/patchRecording.ts deleted file mode 100644 index 8bc2f08..0000000 --- a/packages/fetchers/src/patchRecording.ts +++ /dev/null @@ -1,28 +0,0 @@ -import type { RecordingRecord } from "@futureporn/types"; -import { configs } from "./config.ts"; - -export default async function patchRecording(recordingId: string, payload: Partial): Promise { - const url = `${configs.postgrestUrl}/recordings?id=eq.${recordingId}` - const fetchOptions = { - method: 'PATCH', - headers: { - 'Authorization': `Bearer ${configs.automationUserJwt}`, - 'Content-Type': 'application/json', - 'Prefer': 'return=headers-only' - }, - body: JSON.stringify(payload) - } - try { - const res = await fetch(url, fetchOptions) - if (!res.ok) { - const body = await res.json() - console.error(body) - throw new Error(`Problem during patchRecording. res.status=${res.status}, res.statusText=${res.statusText}`) - } - return - } catch (e) { - console.error(e) - throw e - } -} - diff --git a/packages/fetchers/src/patchVod.ts b/packages/fetchers/src/patchVod.ts deleted file mode 100644 index a6a7d76..0000000 --- a/packages/fetchers/src/patchVod.ts +++ /dev/null @@ -1,28 +0,0 @@ -import type { StreamRecord } from "@futureporn/types"; -import { configs } from "./config.ts"; - -export default async function patchVod(stream_id: string, payload: Partial): Promise { - const url = `${configs.postgrestUrl}/vods?id=eq.${stream_id}` - const fetchOptions = { - method: 'PATCH', - headers: { - 'Authorization': `Bearer ${configs.automationUserJwt}`, - 'Content-Type': 'application/json', - 'Prefer': 'return=headers-only' - }, - body: JSON.stringify(payload) - } - try { - const res = await fetch(url, fetchOptions) - if (!res.ok) { - const body = await res.json() - console.error(body) - throw new Error(`Problem during patchVod. res.status=${res.status}, res.statusText=${res.statusText}`) - } - return - } catch (e) { - console.error(e) - throw e - } -} - diff --git a/packages/fetchers/src/patchVodInDatabase.ts b/packages/fetchers/src/patchVodInDatabase.ts deleted file mode 100644 index 2f47b55..0000000 --- a/packages/fetchers/src/patchVodInDatabase.ts +++ /dev/null @@ -1,23 +0,0 @@ -import type { VodRecord } from "@futureporn/types"; -import { configs } from "./config.ts"; - - -export default async function patchVodInDatabase(vod_id: string, payload: Partial): Promise { - const url = `${configs.postgrestUrl}/vods?id=eq.${vod_id}` - const fetchOptions = { - method: 'PATCH', - headers: { - 'Authorization': `Bearer ${configs.automationUserJwt}`, - 'Content-Type': 'application/json', - 'Prefer': 'return=headers-only' - }, - body: JSON.stringify(payload) - } - const res = await fetch(url, fetchOptions) - if (!res.ok) { - const body = await res.json() - throw new Error(`Problem during patchVodInDatabase. res.status=${res.status}, res.statusText=${res.statusText}`) - } - return -} - diff --git a/packages/fetchers/src/updateSegmentInDatabase.ts b/packages/fetchers/src/updateSegmentInDatabase.ts deleted file mode 100644 index 5473ae2..0000000 --- a/packages/fetchers/src/updateSegmentInDatabase.ts +++ /dev/null @@ -1,52 +0,0 @@ -import type { SegmentResponse } from '@futureporn/types' -import { configs } from './config.ts' - - -/** - * updateSegmentInDatabase - * - * updates the segment in the database with the new filesize - * - * resolves with the updated segment and the is_recording_aborted column of the related vod - */ -export default async function updateSegmentInDatabase({ - segment_id, - bytes, - bytes_uploaded, -}: { - segment_id: string, - bytes: number, - bytes_uploaded: number, -}): Promise { - - const payload: any = { - bytes, - bytes_uploaded - } - - const fetchUrl =`${configs.postgrestUrl}/segments?id=eq.${segment_id}&select=vod:vods(recording:recordings(is_aborted))` - // console.info(`updateSegmentInDatabase > fetchUrl=${fetchUrl}`) - const res = await fetch(fetchUrl, { - method: 'PATCH', - headers: { - 'Content-Type': 'application/json', - 'Accept': 'application/json', - 'Prefer': 'return=representation', - 'Authorization': `Bearer ${configs.automationUserJwt}` - }, - body: JSON.stringify(payload) - }) - if (!res.ok) { - const body = await res.text() - const msg = `failed to updateSegmentInDatabase. status=${res.status}, statusText=${res.statusText}, body=${body}` - console.error(msg) - throw new Error(msg); - } - // console.info(`response was OK~`) - const body = await res.json() as SegmentResponse[]; - if (!body[0]) throw new Error(`failed to get a segment that matched segment_id=${segment_id}`); - const bod = body[0] - // console.info('the following was the response from PATCH-ing /segments') - // console.info(JSON.stringify(bod)) - return bod -} \ No newline at end of file diff --git a/packages/infra/README.md b/packages/infra/README.md deleted file mode 100644 index bd0b75a..0000000 --- a/packages/infra/README.md +++ /dev/null @@ -1,3 +0,0 @@ -# infra - -This module contains scripts that help with miscellaneous infrastructure tasks like cleaning up unused resources on Vultr Kubernetes Engine. diff --git a/packages/infra/package.json b/packages/infra/package.json deleted file mode 100644 index ca3589b..0000000 --- a/packages/infra/package.json +++ /dev/null @@ -1,16 +0,0 @@ -{ - "name": "infra", - "type": "module", - "version": "1.0.0", - "description": "", - "keywords": [], - "author": "", - "license": "Unlicense", - "scripts": { - "clean": "rm -rf dist", - "superclean": "rm -rf node_modules && rm -rf pnpm-lock.yaml && rm -rf dist" - }, - "dependencies": { - "dotenv": "^16.4.5" - } -} diff --git a/packages/infra/pnpm-lock.yaml b/packages/infra/pnpm-lock.yaml deleted file mode 100644 index 28a12ba..0000000 --- a/packages/infra/pnpm-lock.yaml +++ /dev/null @@ -1,23 +0,0 @@ -lockfileVersion: '9.0' - -settings: - autoInstallPeers: true - excludeLinksFromLockfile: false - -importers: - - .: - dependencies: - dotenv: - specifier: ^16.4.5 - version: 16.4.5 - -packages: - - dotenv@16.4.5: - resolution: {integrity: sha512-ZmdL2rui+eB2YwhsWzjInR8LldtZHGDoQ1ugH85ppHKwpUHL7j7rN0Ti9NCnGiQbhaZ11FpR+7ao1dNsmduNUg==} - engines: {node: '>=12'} - -snapshots: - - dotenv@16.4.5: {} diff --git a/packages/infra/vultr-delete-orphaned-resources.js b/packages/infra/vultr-delete-orphaned-resources.js deleted file mode 100755 index 4c8fb1b..0000000 --- a/packages/infra/vultr-delete-orphaned-resources.js +++ /dev/null @@ -1,84 +0,0 @@ -#!/usr/bin/env node - -import dotenv from 'dotenv' -import { join } from 'node:path' -dotenv.config({ path: join(import.meta.dirname, '../../.env') }) - -const apiV2Base = 'https://api.vultr.com/v2' - - -if (!process.env.VULTR_API_KEY) throw new Error('VULTR_API_KEY is missing in env'); - - - -async function deleteOrphanedLoadBalancers() { - console.log('getting load balancers') - const loadBalancersRes = await fetch(`${apiV2Base}/load-balancers`, { - method: 'GET', - headers: { - 'authorization': `Bearer ${process.env.VULTR_API_KEY}` - } - }) - const loadBalancerJson = await loadBalancersRes.json() - const orphanedLoadBalancers = loadBalancerJson.load_balancers.filter((lb) => (lb.instances.length === 0)) - console.log(`found ${orphanedLoadBalancers.length} orphaned load balancers.`) - // console.log('waiting 1 second') - await new Promise((resolve) => { setTimeout(resolve, 1000) }) - - for (const lb of orphanedLoadBalancers) { - console.log(`deleting load balancer ${lb.id}`) - - const deleteLoadBalancerRes = await fetch(`https://api.vultr.com/v2/load-balancers/${lb.id}`, { - method: 'DELETE', - headers: { - 'Authorization': `Bearer ${process.env.VULTR_API_KEY}` - } - }) - - // console.log('waiting 1 second') - await new Promise((resolve) => { setTimeout(resolve, 1000) }) - } -} - - -async function deleteOrphanedBlockStorage() { - console.log('getting block storage') - - const blocksRes = await fetch(`${apiV2Base}/blocks`, { - method: 'GET', - headers: { - 'authorization': `Bearer ${process.env.VULTR_API_KEY}` - } - }) - const blocksJson = await blocksRes.json() - - const orphanedBlocks = blocksJson.blocks.filter((b) => b.attached_to_instance === '') - console.log(`found ${orphanedBlocks.length} orphaned block storages`) - - console.log('waiting 1 second') - await new Promise((resolve) => { setTimeout(resolve, 1000) }) - for (const block of orphanedBlocks) { - console.log(`deleting block ${block.id}`) - - const deleteBlocksRes = await fetch(`${apiV2Base}/blocks/${block.id}`, { - method: 'DELETE', - headers: { - 'Authorization': `Bearer ${process.env.VULTR_API_KEY}` - } - }) - - console.log('waiting 1 second') - await new Promise((resolve) => { setTimeout(resolve, 1000) }) - - } - - -} - - -async function main() { - await deleteOrphanedLoadBalancers() - await deleteOrphanedBlockStorage() -} - -main() diff --git a/packages/storage/.mocharc.json b/packages/storage/.mocharc.json deleted file mode 100644 index 9c05d8d..0000000 --- a/packages/storage/.mocharc.json +++ /dev/null @@ -1,3 +0,0 @@ -{ - "loader": "ts-node/esm" -} \ No newline at end of file diff --git a/packages/storage/package.json b/packages/storage/package.json deleted file mode 100644 index 4f6ae1f..0000000 --- a/packages/storage/package.json +++ /dev/null @@ -1,26 +0,0 @@ -{ - "name": "@futureporn/storage", - "type": "module", - "version": "1.0.0", - "description": "", - "main": "index.js", - "exports": { - "./*.ts": "./src/*.ts" - }, - "scripts": { - "test": "echo \"Warn: no test specified\" && exit 0", - "clean": "rm -rf dist", - "superclean": "rm -rf node_modules && rm -rf pnpm-lock.yaml && rm -rf dist" - }, - "keywords": [], - "author": "@CJ_Clippy", - "license": "Unlicense", - "dependencies": { - "@aws-sdk/client-s3": "3.637.0", - "@aws-sdk/lib-storage": "^3.637.0", - "@futureporn/types": "workspace:^", - "@paralleldrive/cuid2": "^2.2.2", - "@types/node": "^22.5.2", - "dotenv": "^16.4.5" - } -} diff --git a/packages/storage/pnpm-lock.yaml b/packages/storage/pnpm-lock.yaml deleted file mode 100644 index 1e264c2..0000000 --- a/packages/storage/pnpm-lock.yaml +++ /dev/null @@ -1,1362 +0,0 @@ -lockfileVersion: '9.0' - -settings: - autoInstallPeers: true - excludeLinksFromLockfile: false - -importers: - - .: - dependencies: - '@aws-sdk/client-s3': - specifier: 3.637.0 - version: 3.637.0 - '@aws-sdk/lib-storage': - specifier: ^3.637.0 - version: 3.637.0(@aws-sdk/client-s3@3.637.0) - '@futureporn/types': - specifier: workspace:^ - version: link:../types - '@paralleldrive/cuid2': - specifier: ^2.2.2 - version: 2.2.2 - '@types/node': - specifier: ^22.5.2 - version: 22.5.2 - dotenv: - specifier: ^16.4.5 - version: 16.4.5 - -packages: - - '@aws-crypto/crc32@5.2.0': - resolution: {integrity: sha512-nLbCWqQNgUiwwtFsen1AdzAtvuLRsQS8rYgMuxCrdKf9kOssamGLuPwyTY9wyYblNr9+1XM8v6zoDTPPSIeANg==} - engines: {node: '>=16.0.0'} - - '@aws-crypto/crc32c@5.2.0': - resolution: {integrity: sha512-+iWb8qaHLYKrNvGRbiYRHSdKRWhto5XlZUEBwDjYNf+ly5SVYG6zEoYIdxvf5R3zyeP16w4PLBn3rH1xc74Rag==} - - '@aws-crypto/sha1-browser@5.2.0': - resolution: {integrity: sha512-OH6lveCFfcDjX4dbAvCFSYUjJZjDr/3XJ3xHtjn3Oj5b9RjojQo8npoLeA/bNwkOkrSQ0wgrHzXk4tDRxGKJeg==} - - '@aws-crypto/sha256-browser@5.2.0': - resolution: {integrity: sha512-AXfN/lGotSQwu6HNcEsIASo7kWXZ5HYWvfOmSNKDsEqC4OashTp8alTmaz+F7TC2L083SFv5RdB+qU3Vs1kZqw==} - - '@aws-crypto/sha256-js@5.2.0': - resolution: {integrity: sha512-FFQQyu7edu4ufvIZ+OadFpHHOt+eSTBaYaki44c+akjg7qZg9oOQeLlk77F6tSYqjDAFClrHJk9tMf0HdVyOvA==} - engines: {node: '>=16.0.0'} - - '@aws-crypto/supports-web-crypto@5.2.0': - resolution: {integrity: sha512-iAvUotm021kM33eCdNfwIN//F77/IADDSs58i+MDaOqFrVjZo9bAal0NK7HurRuWLLpF1iLX7gbWrjHjeo+YFg==} - - '@aws-crypto/util@5.2.0': - resolution: {integrity: sha512-4RkU9EsI6ZpBve5fseQlGNUWKMa1RLPQ1dnjnQoe07ldfIzcsGb5hC5W0Dm7u423KWzawlrpbjXBrXCEv9zazQ==} - - '@aws-sdk/client-s3@3.637.0': - resolution: {integrity: sha512-y6UC94fsMvhKbf0dzfnjVP1HePeGjplfcYfilZU1COIJLyTkMcUv4XcT4I407CGIrvgEafONHkiC09ygqUauNA==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/client-sso-oidc@3.637.0': - resolution: {integrity: sha512-27bHALN6Qb6m6KZmPvRieJ/QRlj1lyac/GT2Rn5kJpre8Mpp+yxrtvp3h9PjNBty4lCeFEENfY4dGNSozBuBcw==} - engines: {node: '>=16.0.0'} - peerDependencies: - '@aws-sdk/client-sts': ^3.637.0 - - '@aws-sdk/client-sso@3.637.0': - resolution: {integrity: sha512-+KjLvgX5yJYROWo3TQuwBJlHCY0zz9PsLuEolmXQn0BVK1L/m9GteZHtd+rEdAoDGBpE0Xqjy1oz5+SmtsaRUw==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/client-sts@3.637.0': - resolution: {integrity: sha512-xUi7x4qDubtA8QREtlblPuAcn91GS/09YVEY/RwU7xCY0aqGuFwgszAANlha4OUIqva8oVj2WO4gJuG+iaSnhw==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/core@3.635.0': - resolution: {integrity: sha512-i1x/E/sgA+liUE1XJ7rj1dhyXpAKO1UKFUcTTHXok2ARjWTvszHnSXMOsB77aPbmn0fUp1JTx2kHUAZ1LVt5Bg==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/credential-provider-env@3.620.1': - resolution: {integrity: sha512-ExuILJ2qLW5ZO+rgkNRj0xiAipKT16Rk77buvPP8csR7kkCflT/gXTyzRe/uzIiETTxM7tr8xuO9MP/DQXqkfg==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/credential-provider-http@3.635.0': - resolution: {integrity: sha512-iJyRgEjOCQlBMXqtwPLIKYc7Bsc6nqjrZybdMDenPDa+kmLg7xh8LxHsu9088e+2/wtLicE34FsJJIfzu3L82g==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/credential-provider-ini@3.637.0': - resolution: {integrity: sha512-h+PFCWfZ0Q3Dx84SppET/TFpcQHmxFW8/oV9ArEvMilw4EBN+IlxgbL0CnHwjHW64szcmrM0mbebjEfHf4FXmw==} - engines: {node: '>=16.0.0'} - peerDependencies: - '@aws-sdk/client-sts': ^3.637.0 - - '@aws-sdk/credential-provider-node@3.637.0': - resolution: {integrity: sha512-yoEhoxJJfs7sPVQ6Is939BDQJZpZCoUgKr/ySse4YKOZ24t4VqgHA6+wV7rYh+7IW24Rd91UTvEzSuHYTlxlNA==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/credential-provider-process@3.620.1': - resolution: {integrity: sha512-hWqFMidqLAkaV9G460+1at6qa9vySbjQKKc04p59OT7lZ5cO5VH5S4aI05e+m4j364MBROjjk2ugNvfNf/8ILg==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/credential-provider-sso@3.637.0': - resolution: {integrity: sha512-Mvz+h+e62/tl+dVikLafhv+qkZJ9RUb8l2YN/LeKMWkxQylPT83CPk9aimVhCV89zth1zpREArl97+3xsfgQvA==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/credential-provider-web-identity@3.621.0': - resolution: {integrity: sha512-w7ASSyfNvcx7+bYGep3VBgC3K6vEdLmlpjT7nSIHxxQf+WSdvy+HynwJosrpZax0sK5q0D1Jpn/5q+r5lwwW6w==} - engines: {node: '>=16.0.0'} - peerDependencies: - '@aws-sdk/client-sts': ^3.621.0 - - '@aws-sdk/lib-storage@3.637.0': - resolution: {integrity: sha512-HiNGOP4a1QrCWwO1joKw4mCp19nLXoF9K52PislBaYDI35IlHC3DP6MeOg5zmElwtL1GtEHFBy5olfPWPsLyLg==} - engines: {node: '>=16.0.0'} - peerDependencies: - '@aws-sdk/client-s3': ^3.637.0 - - '@aws-sdk/middleware-bucket-endpoint@3.620.0': - resolution: {integrity: sha512-eGLL0W6L3HDb3OACyetZYOWpHJ+gLo0TehQKeQyy2G8vTYXqNTeqYhuI6up9HVjBzU9eQiULVQETmgQs7TFaRg==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/middleware-expect-continue@3.620.0': - resolution: {integrity: sha512-QXeRFMLfyQ31nAHLbiTLtk0oHzG9QLMaof5jIfqcUwnOkO8YnQdeqzakrg1Alpy/VQ7aqzIi8qypkBe2KXZz0A==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/middleware-flexible-checksums@3.620.0': - resolution: {integrity: sha512-ftz+NW7qka2sVuwnnO1IzBku5ccP+s5qZGeRTPgrKB7OzRW85gthvIo1vQR2w+OwHFk7WJbbhhWwbCbktnP4UA==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/middleware-host-header@3.620.0': - resolution: {integrity: sha512-VMtPEZwqYrII/oUkffYsNWY9PZ9xpNJpMgmyU0rlDQ25O1c0Hk3fJmZRe6pEkAJ0omD7kLrqGl1DUjQVxpd/Rg==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/middleware-location-constraint@3.609.0': - resolution: {integrity: sha512-xzsdoTkszGVqGVPjUmgoP7TORiByLueMHieI1fhQL888WPdqctwAx3ES6d/bA9Q/i8jnc6hs+Fjhy8UvBTkE9A==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/middleware-logger@3.609.0': - resolution: {integrity: sha512-S62U2dy4jMDhDFDK5gZ4VxFdWzCtLzwbYyFZx2uvPYTECkepLUfzLic2BHg2Qvtu4QjX+oGE3P/7fwaGIsGNuQ==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/middleware-recursion-detection@3.620.0': - resolution: {integrity: sha512-nh91S7aGK3e/o1ck64sA/CyoFw+gAYj2BDOnoNa6ouyCrVJED96ZXWbhye/fz9SgmNUZR2g7GdVpiLpMKZoI5w==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/middleware-sdk-s3@3.635.0': - resolution: {integrity: sha512-RLdYJPEV4JL/7NBoFUs7VlP90X++5FlJdxHz0DzCjmiD3qCviKy+Cym3qg1gBgHwucs5XisuClxDrGokhAdTQw==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/middleware-ssec@3.609.0': - resolution: {integrity: sha512-GZSD1s7+JswWOTamVap79QiDaIV7byJFssBW68GYjyRS5EBjNfwA/8s+6uE6g39R3ojyTbYOmvcANoZEhSULXg==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/middleware-user-agent@3.637.0': - resolution: {integrity: sha512-EYo0NE9/da/OY8STDsK2LvM4kNa79DBsf4YVtaG4P5pZ615IeFsD8xOHZeuJmUrSMlVQ8ywPRX7WMucUybsKug==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/region-config-resolver@3.614.0': - resolution: {integrity: sha512-vDCeMXvic/LU0KFIUjpC3RiSTIkkvESsEfbVHiHH0YINfl8HnEqR5rj+L8+phsCeVg2+LmYwYxd5NRz4PHxt5g==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/signature-v4-multi-region@3.635.0': - resolution: {integrity: sha512-J6QY4/invOkpogCHjSaDON1hF03viPpOnsrzVuCvJMmclS/iG62R4EY0wq1alYll0YmSdmKlpJwHMWwGtqK63Q==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/token-providers@3.614.0': - resolution: {integrity: sha512-okItqyY6L9IHdxqs+Z116y5/nda7rHxLvROxtAJdLavWTYDydxrZstImNgGWTeVdmc0xX2gJCI77UYUTQWnhRw==} - engines: {node: '>=16.0.0'} - peerDependencies: - '@aws-sdk/client-sso-oidc': ^3.614.0 - - '@aws-sdk/types@3.609.0': - resolution: {integrity: sha512-+Tqnh9w0h2LcrUsdXyT1F8mNhXz+tVYBtP19LpeEGntmvHwa2XzvLUCWpoIAIVsHp5+HdB2X9Sn0KAtmbFXc2Q==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/util-arn-parser@3.568.0': - resolution: {integrity: sha512-XUKJWWo+KOB7fbnPP0+g/o5Ulku/X53t7i/h+sPHr5xxYTJJ9CYnbToo95mzxe7xWvkLrsNtJ8L+MnNn9INs2w==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/util-endpoints@3.637.0': - resolution: {integrity: sha512-pAqOKUHeVWHEXXDIp/qoMk/6jyxIb6GGjnK1/f8dKHtKIEs4tKsnnL563gceEvdad53OPXIt86uoevCcCzmBnw==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/util-locate-window@3.568.0': - resolution: {integrity: sha512-3nh4TINkXYr+H41QaPelCceEB2FXP3fxp93YZXB/kqJvX0U9j0N0Uk45gvsjmEPzG8XxkPEeLIfT2I1M7A6Lig==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/util-user-agent-browser@3.609.0': - resolution: {integrity: sha512-fojPU+mNahzQ0YHYBsx0ZIhmMA96H+ZIZ665ObU9tl+SGdbLneVZVikGve+NmHTQwHzwkFsZYYnVKAkreJLAtA==} - - '@aws-sdk/util-user-agent-node@3.614.0': - resolution: {integrity: sha512-15ElZT88peoHnq5TEoEtZwoXTXRxNrk60TZNdpl/TUBJ5oNJ9Dqb5Z4ryb8ofN6nm9aFf59GVAerFDz8iUoHBA==} - engines: {node: '>=16.0.0'} - peerDependencies: - aws-crt: '>=1.0.0' - peerDependenciesMeta: - aws-crt: - optional: true - - '@aws-sdk/xml-builder@3.609.0': - resolution: {integrity: sha512-l9XxNcA4HX98rwCC2/KoiWcmEiRfZe4G+mYwDbCFT87JIMj6GBhLDkAzr/W8KAaA2IDr8Vc6J8fZPgVulxxfMA==} - engines: {node: '>=16.0.0'} - - '@noble/hashes@1.5.0': - resolution: {integrity: sha512-1j6kQFb7QRru7eKN3ZDvRcP13rugwdxZqCjbiAVZfIJwgj2A65UmT4TgARXGlXgnRkORLTDTrO19ZErt7+QXgA==} - engines: {node: ^14.21.3 || >=16} - - '@paralleldrive/cuid2@2.2.2': - resolution: {integrity: sha512-ZOBkgDwEdoYVlSeRbYYXs0S9MejQofiVYoTbKzy/6GQa39/q5tQU2IX46+shYnUkpEl3wc+J6wRlar7r2EK2xA==} - - '@smithy/abort-controller@3.1.1': - resolution: {integrity: sha512-MBJBiidoe+0cTFhyxT8g+9g7CeVccLM0IOKKUMCNQ1CNMJ/eIfoo0RTfVrXOONEI1UCN1W+zkiHSbzUNE9dZtQ==} - engines: {node: '>=16.0.0'} - - '@smithy/chunked-blob-reader-native@3.0.0': - resolution: {integrity: sha512-VDkpCYW+peSuM4zJip5WDfqvg2Mo/e8yxOv3VF1m11y7B8KKMKVFtmZWDe36Fvk8rGuWrPZHHXZ7rR7uM5yWyg==} - - '@smithy/chunked-blob-reader@3.0.0': - resolution: {integrity: sha512-sbnURCwjF0gSToGlsBiAmd1lRCmSn72nu9axfJu5lIx6RUEgHu6GwTMbqCdhQSi0Pumcm5vFxsi9XWXb2mTaoA==} - - '@smithy/config-resolver@3.0.5': - resolution: {integrity: sha512-SkW5LxfkSI1bUC74OtfBbdz+grQXYiPYolyu8VfpLIjEoN/sHVBlLeGXMQ1vX4ejkgfv6sxVbQJ32yF2cl1veA==} - engines: {node: '>=16.0.0'} - - '@smithy/core@2.4.0': - resolution: {integrity: sha512-cHXq+FneIF/KJbt4q4pjN186+Jf4ZB0ZOqEaZMBhT79srEyGDDBV31NqBRBjazz8ppQ1bJbDJMY9ba5wKFV36w==} - engines: {node: '>=16.0.0'} - - '@smithy/credential-provider-imds@3.2.0': - resolution: {integrity: sha512-0SCIzgd8LYZ9EJxUjLXBmEKSZR/P/w6l7Rz/pab9culE/RWuqelAKGJvn5qUOl8BgX8Yj5HWM50A5hiB/RzsgA==} - engines: {node: '>=16.0.0'} - - '@smithy/eventstream-codec@3.1.2': - resolution: {integrity: sha512-0mBcu49JWt4MXhrhRAlxASNy0IjDRFU+aWNDRal9OtUJvJNiwDuyKMUONSOjLjSCeGwZaE0wOErdqULer8r7yw==} - - '@smithy/eventstream-serde-browser@3.0.6': - resolution: {integrity: sha512-2hM54UWQUOrki4BtsUI1WzmD13/SeaqT/AB3EUJKbcver/WgKNaiJ5y5F5XXuVe6UekffVzuUDrBZVAA3AWRpQ==} - engines: {node: '>=16.0.0'} - - '@smithy/eventstream-serde-config-resolver@3.0.3': - resolution: {integrity: sha512-NVTYjOuYpGfrN/VbRQgn31x73KDLfCXCsFdad8DiIc3IcdxL+dYA9zEQPyOP7Fy2QL8CPy2WE4WCUD+ZsLNfaQ==} - engines: {node: '>=16.0.0'} - - '@smithy/eventstream-serde-node@3.0.5': - resolution: {integrity: sha512-+upXvnHNyZP095s11jF5dhGw/Ihzqwl5G+/KtMnoQOpdfC3B5HYCcDVG9EmgkhJMXJlM64PyN5gjJl0uXFQehQ==} - engines: {node: '>=16.0.0'} - - '@smithy/eventstream-serde-universal@3.0.5': - resolution: {integrity: sha512-5u/nXbyoh1s4QxrvNre9V6vfyoLWuiVvvd5TlZjGThIikc3G+uNiG9uOTCWweSRjv1asdDIWK7nOmN7le4RYHQ==} - engines: {node: '>=16.0.0'} - - '@smithy/fetch-http-handler@3.2.4': - resolution: {integrity: sha512-kBprh5Gs5h7ug4nBWZi1FZthdqSM+T7zMmsZxx0IBvWUn7dK3diz2SHn7Bs4dQGFDk8plDv375gzenDoNwrXjg==} - - '@smithy/hash-blob-browser@3.1.2': - resolution: {integrity: sha512-hAbfqN2UbISltakCC2TP0kx4LqXBttEv2MqSPE98gVuDFMf05lU+TpC41QtqGP3Ff5A3GwZMPfKnEy0VmEUpmg==} - - '@smithy/hash-node@3.0.3': - resolution: {integrity: sha512-2ctBXpPMG+B3BtWSGNnKELJ7SH9e4TNefJS0cd2eSkOOROeBnnVBnAy9LtJ8tY4vUEoe55N4CNPxzbWvR39iBw==} - engines: {node: '>=16.0.0'} - - '@smithy/hash-stream-node@3.1.2': - resolution: {integrity: sha512-PBgDMeEdDzi6JxKwbfBtwQG9eT9cVwsf0dZzLXoJF4sHKHs5HEo/3lJWpn6jibfJwT34I1EBXpBnZE8AxAft6g==} - engines: {node: '>=16.0.0'} - - '@smithy/invalid-dependency@3.0.3': - resolution: {integrity: sha512-ID1eL/zpDULmHJbflb864k72/SNOZCADRc9i7Exq3RUNJw6raWUSlFEQ+3PX3EYs++bTxZB2dE9mEHTQLv61tw==} - - '@smithy/is-array-buffer@2.2.0': - resolution: {integrity: sha512-GGP3O9QFD24uGeAXYUjwSTXARoqpZykHadOmA8G5vfJPK0/DC67qa//0qvqrJzL1xc8WQWX7/yc7fwudjPHPhA==} - engines: {node: '>=14.0.0'} - - '@smithy/is-array-buffer@3.0.0': - resolution: {integrity: sha512-+Fsu6Q6C4RSJiy81Y8eApjEB5gVtM+oFKTffg+jSuwtvomJJrhUJBu2zS8wjXSgH/g1MKEWrzyChTBe6clb5FQ==} - engines: {node: '>=16.0.0'} - - '@smithy/md5-js@3.0.3': - resolution: {integrity: sha512-O/SAkGVwpWmelpj/8yDtsaVe6sINHLB1q8YE/+ZQbDxIw3SRLbTZuRaI10K12sVoENdnHqzPp5i3/H+BcZ3m3Q==} - - '@smithy/middleware-content-length@3.0.5': - resolution: {integrity: sha512-ILEzC2eyxx6ncej3zZSwMpB5RJ0zuqH7eMptxC4KN3f+v9bqT8ohssKbhNR78k/2tWW+KS5Spw+tbPF4Ejyqvw==} - engines: {node: '>=16.0.0'} - - '@smithy/middleware-endpoint@3.1.0': - resolution: {integrity: sha512-5y5aiKCEwg9TDPB4yFE7H6tYvGFf1OJHNczeY10/EFF8Ir8jZbNntQJxMWNfeQjC1mxPsaQ6mR9cvQbf+0YeMw==} - engines: {node: '>=16.0.0'} - - '@smithy/middleware-retry@3.0.15': - resolution: {integrity: sha512-iTMedvNt1ApdvkaoE8aSDuwaoc+BhvHqttbA/FO4Ty+y/S5hW6Ci/CTScG7vam4RYJWZxdTElc3MEfHRVH6cgQ==} - engines: {node: '>=16.0.0'} - - '@smithy/middleware-serde@3.0.3': - resolution: {integrity: sha512-puUbyJQBcg9eSErFXjKNiGILJGtiqmuuNKEYNYfUD57fUl4i9+mfmThtQhvFXU0hCVG0iEJhvQUipUf+/SsFdA==} - engines: {node: '>=16.0.0'} - - '@smithy/middleware-stack@3.0.3': - resolution: {integrity: sha512-r4klY9nFudB0r9UdSMaGSyjyQK5adUyPnQN/ZM6M75phTxOdnc/AhpvGD1fQUvgmqjQEBGCwpnPbDm8pH5PapA==} - engines: {node: '>=16.0.0'} - - '@smithy/node-config-provider@3.1.4': - resolution: {integrity: sha512-YvnElQy8HR4vDcAjoy7Xkx9YT8xZP4cBXcbJSgm/kxmiQu08DwUwj8rkGnyoJTpfl/3xYHH+d8zE+eHqoDCSdQ==} - engines: {node: '>=16.0.0'} - - '@smithy/node-http-handler@3.1.4': - resolution: {integrity: sha512-+UmxgixgOr/yLsUxcEKGH0fMNVteJFGkmRltYFHnBMlogyFdpzn2CwqWmxOrfJELhV34v0WSlaqG1UtE1uXlJg==} - engines: {node: '>=16.0.0'} - - '@smithy/property-provider@3.1.3': - resolution: {integrity: sha512-zahyOVR9Q4PEoguJ/NrFP4O7SMAfYO1HLhB18M+q+Z4KFd4V2obiMnlVoUFzFLSPeVt1POyNWneHHrZaTMoc/g==} - engines: {node: '>=16.0.0'} - - '@smithy/protocol-http@4.1.0': - resolution: {integrity: sha512-dPVoHYQ2wcHooGXg3LQisa1hH0e4y0pAddPMeeUPipI1tEOqL6A4N0/G7abeq+K8wrwSgjk4C0wnD1XZpJm5aA==} - engines: {node: '>=16.0.0'} - - '@smithy/querystring-builder@3.0.3': - resolution: {integrity: sha512-vyWckeUeesFKzCDaRwWLUA1Xym9McaA6XpFfAK5qI9DKJ4M33ooQGqvM4J+LalH4u/Dq9nFiC8U6Qn1qi0+9zw==} - engines: {node: '>=16.0.0'} - - '@smithy/querystring-parser@3.0.3': - resolution: {integrity: sha512-zahM1lQv2YjmznnfQsWbYojFe55l0SLG/988brlLv1i8z3dubloLF+75ATRsqPBboUXsW6I9CPGE5rQgLfY0vQ==} - engines: {node: '>=16.0.0'} - - '@smithy/service-error-classification@3.0.3': - resolution: {integrity: sha512-Jn39sSl8cim/VlkLsUhRFq/dKDnRUFlfRkvhOJaUbLBXUsLRLNf9WaxDv/z9BjuQ3A6k/qE8af1lsqcwm7+DaQ==} - engines: {node: '>=16.0.0'} - - '@smithy/shared-ini-file-loader@3.1.4': - resolution: {integrity: sha512-qMxS4hBGB8FY2GQqshcRUy1K6k8aBWP5vwm8qKkCT3A9K2dawUwOIJfqh9Yste/Bl0J2lzosVyrXDj68kLcHXQ==} - engines: {node: '>=16.0.0'} - - '@smithy/signature-v4@4.1.0': - resolution: {integrity: sha512-aRryp2XNZeRcOtuJoxjydO6QTaVhxx/vjaR+gx7ZjaFgrgPRyZ3HCTbfwqYj6ZWEBHkCSUfcaymKPURaByukag==} - engines: {node: '>=16.0.0'} - - '@smithy/smithy-client@3.2.0': - resolution: {integrity: sha512-pDbtxs8WOhJLJSeaF/eAbPgXg4VVYFlRcL/zoNYA5WbG3wBL06CHtBSg53ppkttDpAJ/hdiede+xApip1CwSLw==} - engines: {node: '>=16.0.0'} - - '@smithy/types@3.3.0': - resolution: {integrity: sha512-IxvBBCTFDHbVoK7zIxqA1ZOdc4QfM5HM7rGleCuHi7L1wnKv5Pn69xXJQ9hgxH60ZVygH9/JG0jRgtUncE3QUA==} - engines: {node: '>=16.0.0'} - - '@smithy/url-parser@3.0.3': - resolution: {integrity: sha512-pw3VtZtX2rg+s6HMs6/+u9+hu6oY6U7IohGhVNnjbgKy86wcIsSZwgHrFR+t67Uyxvp4Xz3p3kGXXIpTNisq8A==} - - '@smithy/util-base64@3.0.0': - resolution: {integrity: sha512-Kxvoh5Qtt0CDsfajiZOCpJxgtPHXOKwmM+Zy4waD43UoEMA+qPxxa98aE/7ZhdnBFZFXMOiBR5xbcaMhLtznQQ==} - engines: {node: '>=16.0.0'} - - '@smithy/util-body-length-browser@3.0.0': - resolution: {integrity: sha512-cbjJs2A1mLYmqmyVl80uoLTJhAcfzMOyPgjwAYusWKMdLeNtzmMz9YxNl3/jRLoxSS3wkqkf0jwNdtXWtyEBaQ==} - - '@smithy/util-body-length-node@3.0.0': - resolution: {integrity: sha512-Tj7pZ4bUloNUP6PzwhN7K386tmSmEET9QtQg0TgdNOnxhZvCssHji+oZTUIuzxECRfG8rdm2PMw2WCFs6eIYkA==} - engines: {node: '>=16.0.0'} - - '@smithy/util-buffer-from@2.2.0': - resolution: {integrity: sha512-IJdWBbTcMQ6DA0gdNhh/BwrLkDR+ADW5Kr1aZmd4k3DIF6ezMV4R2NIAmT08wQJ3yUK82thHWmC/TnK/wpMMIA==} - engines: {node: '>=14.0.0'} - - '@smithy/util-buffer-from@3.0.0': - resolution: {integrity: sha512-aEOHCgq5RWFbP+UDPvPot26EJHjOC+bRgse5A8V3FSShqd5E5UN4qc7zkwsvJPPAVsf73QwYcHN1/gt/rtLwQA==} - engines: {node: '>=16.0.0'} - - '@smithy/util-config-provider@3.0.0': - resolution: {integrity: sha512-pbjk4s0fwq3Di/ANL+rCvJMKM5bzAQdE5S/6RL5NXgMExFAi6UgQMPOm5yPaIWPpr+EOXKXRonJ3FoxKf4mCJQ==} - engines: {node: '>=16.0.0'} - - '@smithy/util-defaults-mode-browser@3.0.15': - resolution: {integrity: sha512-FZ4Psa3vjp8kOXcd3HJOiDPBCWtiilLl57r0cnNtq/Ga9RSDrM5ERL6xt+tO43+2af6Pn5Yp92x2n5vPuduNfg==} - engines: {node: '>= 10.0.0'} - - '@smithy/util-defaults-mode-node@3.0.15': - resolution: {integrity: sha512-KSyAAx2q6d0t6f/S4XB2+3+6aQacm3aLMhs9aLMqn18uYGUepbdssfogW5JQZpc6lXNBnp0tEnR5e9CEKmEd7A==} - engines: {node: '>= 10.0.0'} - - '@smithy/util-endpoints@2.0.5': - resolution: {integrity: sha512-ReQP0BWihIE68OAblC/WQmDD40Gx+QY1Ez8mTdFMXpmjfxSyz2fVQu3A4zXRfQU9sZXtewk3GmhfOHswvX+eNg==} - engines: {node: '>=16.0.0'} - - '@smithy/util-hex-encoding@3.0.0': - resolution: {integrity: sha512-eFndh1WEK5YMUYvy3lPlVmYY/fZcQE1D8oSf41Id2vCeIkKJXPcYDCZD+4+xViI6b1XSd7tE+s5AmXzz5ilabQ==} - engines: {node: '>=16.0.0'} - - '@smithy/util-middleware@3.0.3': - resolution: {integrity: sha512-l+StyYYK/eO3DlVPbU+4Bi06Jjal+PFLSMmlWM1BEwyLxZ3aKkf1ROnoIakfaA7mC6uw3ny7JBkau4Yc+5zfWw==} - engines: {node: '>=16.0.0'} - - '@smithy/util-retry@3.0.3': - resolution: {integrity: sha512-AFw+hjpbtVApzpNDhbjNG5NA3kyoMs7vx0gsgmlJF4s+yz1Zlepde7J58zpIRIsdjc+emhpAITxA88qLkPF26w==} - engines: {node: '>=16.0.0'} - - '@smithy/util-stream@3.1.3': - resolution: {integrity: sha512-FIv/bRhIlAxC0U7xM1BCnF2aDRPq0UaelqBHkM2lsCp26mcBbgI0tCVTv+jGdsQLUmAMybua/bjDsSu8RQHbmw==} - engines: {node: '>=16.0.0'} - - '@smithy/util-uri-escape@3.0.0': - resolution: {integrity: sha512-LqR7qYLgZTD7nWLBecUi4aqolw8Mhza9ArpNEQ881MJJIU2sE5iHCK6TdyqqzcDLy0OPe10IY4T8ctVdtynubg==} - engines: {node: '>=16.0.0'} - - '@smithy/util-utf8@2.3.0': - resolution: {integrity: sha512-R8Rdn8Hy72KKcebgLiv8jQcQkXoLMOGGv5uI1/k0l+snqkOzQ1R0ChUBCxWMlBsFMekWjq0wRudIweFs7sKT5A==} - engines: {node: '>=14.0.0'} - - '@smithy/util-utf8@3.0.0': - resolution: {integrity: sha512-rUeT12bxFnplYDe815GXbq/oixEGHfRFFtcTF3YdDi/JaENIM6aSYYLJydG83UNzLXeRI5K8abYd/8Sp/QM0kA==} - engines: {node: '>=16.0.0'} - - '@smithy/util-waiter@3.1.2': - resolution: {integrity: sha512-4pP0EV3iTsexDx+8PPGAKCQpd/6hsQBaQhqWzU4hqKPHN5epPsxKbvUTIiYIHTxaKt6/kEaqPBpu/ufvfbrRzw==} - engines: {node: '>=16.0.0'} - - '@types/node@22.5.2': - resolution: {integrity: sha512-acJsPTEqYqulZS/Yp/S3GgeE6GZ0qYODUR8aVr/DkhHQ8l9nd4j5x1/ZJy9/gHrRlFMqkO6i0I3E27Alu4jjPg==} - - base64-js@1.5.1: - resolution: {integrity: sha512-AKpaYlHn8t4SVbOHCy+b5+KKgvR4vrsD8vbvrbiQJps7fKDTkjkDry6ji0rUJjC0kzbNePLwzxq8iypo41qeWA==} - - bowser@2.11.0: - resolution: {integrity: sha512-AlcaJBi/pqqJBIQ8U9Mcpc9i8Aqxn88Skv5d+xBX006BY5u8N3mGLHa5Lgppa7L/HfwgwLgZ6NYs+Ag6uUmJRA==} - - buffer@5.6.0: - resolution: {integrity: sha512-/gDYp/UtU0eA1ys8bOs9J6a+E/KWIY+DZ+Q2WESNUA0jFRsJOc0SNUO6xJ5SGA1xueg3NL65W6s+NY5l9cunuw==} - - dotenv@16.4.5: - resolution: {integrity: sha512-ZmdL2rui+eB2YwhsWzjInR8LldtZHGDoQ1ugH85ppHKwpUHL7j7rN0Ti9NCnGiQbhaZ11FpR+7ao1dNsmduNUg==} - engines: {node: '>=12'} - - events@3.3.0: - resolution: {integrity: sha512-mQw+2fkQbALzQ7V0MY0IqdnXNOeTtP4r0lN9z7AAawCXgqea7bDii20AYrIBrFd/Hx0M2Ocz6S111CaFkUcb0Q==} - engines: {node: '>=0.8.x'} - - fast-xml-parser@4.4.1: - resolution: {integrity: sha512-xkjOecfnKGkSsOwtZ5Pz7Us/T6mrbPQrq0nh+aCO5V9nk5NLWmasAHumTKjiPJPWANe+kAZ84Jc8ooJkzZ88Sw==} - hasBin: true - - ieee754@1.2.1: - resolution: {integrity: sha512-dcyqhDvX1C46lXZcVqCpK+FtMRQVdIMN6/Df5js2zouUsqG7I6sFxitIC+7KYK29KdXOLHdu9zL4sFnoVQnqaA==} - - inherits@2.0.4: - resolution: {integrity: sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==} - - readable-stream@3.6.2: - resolution: {integrity: sha512-9u/sniCrY3D5WdsERHzHE4G2YCXqoG5FTHUiCC4SIbr6XcLZBY05ya9EKjYek9O5xOAwjGq+1JdGBAS7Q9ScoA==} - engines: {node: '>= 6'} - - safe-buffer@5.2.1: - resolution: {integrity: sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ==} - - stream-browserify@3.0.0: - resolution: {integrity: sha512-H73RAHsVBapbim0tU2JwwOiXUj+fikfiaoYAKHF3VJfA0pe2BCzkhAHBlLG6REzE+2WNZcxOXjK7lkso+9euLA==} - - string_decoder@1.3.0: - resolution: {integrity: sha512-hkRX8U1WjJFd8LsDJ2yQ/wWWxaopEsABU1XfkM8A+j0+85JAGppt16cr1Whg6KIbb4okU6Mql6BOj+uup/wKeA==} - - strnum@1.0.5: - resolution: {integrity: sha512-J8bbNyKKXl5qYcR36TIO8W3mVGVHrmmxsd5PAItGkmyzwJvybiw2IVq5nqd0i4LSNSkB/sx9VHllbfFdr9k1JA==} - - tslib@2.7.0: - resolution: {integrity: sha512-gLXCKdN1/j47AiHiOkJN69hJmcbGTHI0ImLmbYLHykhgeN0jVGola9yVjFgzCUklsZQMW55o+dW7IXv3RCXDzA==} - - undici-types@6.19.8: - resolution: {integrity: sha512-ve2KP6f/JnbPBFyobGHuerC9g1FYGn/F8n1LWTwNxCEzd6IfqTwUQcNXgEtmmQ6DlRrC1hrSrBnCZPokRrDHjw==} - - util-deprecate@1.0.2: - resolution: {integrity: sha512-EPD5q1uXyFxJpCrLnCc1nHnq3gOa6DZBocAIiI2TaSCA7VCJ1UJDMagCzIkXNsUYfD1daK//LTEQ8xiIbrHtcw==} - - uuid@9.0.1: - resolution: {integrity: sha512-b+1eJOlsR9K8HJpow9Ok3fiWOWSIcIzXodvv0rQjVoOVNpWMpxf1wZNpt4y9h10odCNrqnYp1OBzRktckBe3sA==} - hasBin: true - -snapshots: - - '@aws-crypto/crc32@5.2.0': - dependencies: - '@aws-crypto/util': 5.2.0 - '@aws-sdk/types': 3.609.0 - tslib: 2.7.0 - - '@aws-crypto/crc32c@5.2.0': - dependencies: - '@aws-crypto/util': 5.2.0 - '@aws-sdk/types': 3.609.0 - tslib: 2.7.0 - - '@aws-crypto/sha1-browser@5.2.0': - dependencies: - '@aws-crypto/supports-web-crypto': 5.2.0 - '@aws-crypto/util': 5.2.0 - '@aws-sdk/types': 3.609.0 - '@aws-sdk/util-locate-window': 3.568.0 - '@smithy/util-utf8': 2.3.0 - tslib: 2.7.0 - - '@aws-crypto/sha256-browser@5.2.0': - dependencies: - '@aws-crypto/sha256-js': 5.2.0 - '@aws-crypto/supports-web-crypto': 5.2.0 - '@aws-crypto/util': 5.2.0 - '@aws-sdk/types': 3.609.0 - '@aws-sdk/util-locate-window': 3.568.0 - '@smithy/util-utf8': 2.3.0 - tslib: 2.7.0 - - '@aws-crypto/sha256-js@5.2.0': - dependencies: - '@aws-crypto/util': 5.2.0 - '@aws-sdk/types': 3.609.0 - tslib: 2.7.0 - - '@aws-crypto/supports-web-crypto@5.2.0': - dependencies: - tslib: 2.7.0 - - '@aws-crypto/util@5.2.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/util-utf8': 2.3.0 - tslib: 2.7.0 - - '@aws-sdk/client-s3@3.637.0': - dependencies: - '@aws-crypto/sha1-browser': 5.2.0 - '@aws-crypto/sha256-browser': 5.2.0 - '@aws-crypto/sha256-js': 5.2.0 - '@aws-sdk/client-sso-oidc': 3.637.0(@aws-sdk/client-sts@3.637.0) - '@aws-sdk/client-sts': 3.637.0 - '@aws-sdk/core': 3.635.0 - '@aws-sdk/credential-provider-node': 3.637.0(@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0))(@aws-sdk/client-sts@3.637.0) - '@aws-sdk/middleware-bucket-endpoint': 3.620.0 - '@aws-sdk/middleware-expect-continue': 3.620.0 - '@aws-sdk/middleware-flexible-checksums': 3.620.0 - '@aws-sdk/middleware-host-header': 3.620.0 - '@aws-sdk/middleware-location-constraint': 3.609.0 - '@aws-sdk/middleware-logger': 3.609.0 - '@aws-sdk/middleware-recursion-detection': 3.620.0 - '@aws-sdk/middleware-sdk-s3': 3.635.0 - '@aws-sdk/middleware-ssec': 3.609.0 - '@aws-sdk/middleware-user-agent': 3.637.0 - '@aws-sdk/region-config-resolver': 3.614.0 - '@aws-sdk/signature-v4-multi-region': 3.635.0 - '@aws-sdk/types': 3.609.0 - '@aws-sdk/util-endpoints': 3.637.0 - '@aws-sdk/util-user-agent-browser': 3.609.0 - '@aws-sdk/util-user-agent-node': 3.614.0 - '@aws-sdk/xml-builder': 3.609.0 - '@smithy/config-resolver': 3.0.5 - '@smithy/core': 2.4.0 - '@smithy/eventstream-serde-browser': 3.0.6 - '@smithy/eventstream-serde-config-resolver': 3.0.3 - '@smithy/eventstream-serde-node': 3.0.5 - '@smithy/fetch-http-handler': 3.2.4 - '@smithy/hash-blob-browser': 3.1.2 - '@smithy/hash-node': 3.0.3 - '@smithy/hash-stream-node': 3.1.2 - '@smithy/invalid-dependency': 3.0.3 - '@smithy/md5-js': 3.0.3 - '@smithy/middleware-content-length': 3.0.5 - '@smithy/middleware-endpoint': 3.1.0 - '@smithy/middleware-retry': 3.0.15 - '@smithy/middleware-serde': 3.0.3 - '@smithy/middleware-stack': 3.0.3 - '@smithy/node-config-provider': 3.1.4 - '@smithy/node-http-handler': 3.1.4 - '@smithy/protocol-http': 4.1.0 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - '@smithy/url-parser': 3.0.3 - '@smithy/util-base64': 3.0.0 - '@smithy/util-body-length-browser': 3.0.0 - '@smithy/util-body-length-node': 3.0.0 - '@smithy/util-defaults-mode-browser': 3.0.15 - '@smithy/util-defaults-mode-node': 3.0.15 - '@smithy/util-endpoints': 2.0.5 - '@smithy/util-middleware': 3.0.3 - '@smithy/util-retry': 3.0.3 - '@smithy/util-stream': 3.1.3 - '@smithy/util-utf8': 3.0.0 - '@smithy/util-waiter': 3.1.2 - tslib: 2.7.0 - transitivePeerDependencies: - - aws-crt - - '@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0)': - dependencies: - '@aws-crypto/sha256-browser': 5.2.0 - '@aws-crypto/sha256-js': 5.2.0 - '@aws-sdk/client-sts': 3.637.0 - '@aws-sdk/core': 3.635.0 - '@aws-sdk/credential-provider-node': 3.637.0(@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0))(@aws-sdk/client-sts@3.637.0) - '@aws-sdk/middleware-host-header': 3.620.0 - '@aws-sdk/middleware-logger': 3.609.0 - '@aws-sdk/middleware-recursion-detection': 3.620.0 - '@aws-sdk/middleware-user-agent': 3.637.0 - '@aws-sdk/region-config-resolver': 3.614.0 - '@aws-sdk/types': 3.609.0 - '@aws-sdk/util-endpoints': 3.637.0 - '@aws-sdk/util-user-agent-browser': 3.609.0 - '@aws-sdk/util-user-agent-node': 3.614.0 - '@smithy/config-resolver': 3.0.5 - '@smithy/core': 2.4.0 - '@smithy/fetch-http-handler': 3.2.4 - '@smithy/hash-node': 3.0.3 - '@smithy/invalid-dependency': 3.0.3 - '@smithy/middleware-content-length': 3.0.5 - '@smithy/middleware-endpoint': 3.1.0 - '@smithy/middleware-retry': 3.0.15 - '@smithy/middleware-serde': 3.0.3 - '@smithy/middleware-stack': 3.0.3 - '@smithy/node-config-provider': 3.1.4 - '@smithy/node-http-handler': 3.1.4 - '@smithy/protocol-http': 4.1.0 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - '@smithy/url-parser': 3.0.3 - '@smithy/util-base64': 3.0.0 - '@smithy/util-body-length-browser': 3.0.0 - '@smithy/util-body-length-node': 3.0.0 - '@smithy/util-defaults-mode-browser': 3.0.15 - '@smithy/util-defaults-mode-node': 3.0.15 - '@smithy/util-endpoints': 2.0.5 - '@smithy/util-middleware': 3.0.3 - '@smithy/util-retry': 3.0.3 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - transitivePeerDependencies: - - aws-crt - - '@aws-sdk/client-sso@3.637.0': - dependencies: - '@aws-crypto/sha256-browser': 5.2.0 - '@aws-crypto/sha256-js': 5.2.0 - '@aws-sdk/core': 3.635.0 - '@aws-sdk/middleware-host-header': 3.620.0 - '@aws-sdk/middleware-logger': 3.609.0 - '@aws-sdk/middleware-recursion-detection': 3.620.0 - '@aws-sdk/middleware-user-agent': 3.637.0 - '@aws-sdk/region-config-resolver': 3.614.0 - '@aws-sdk/types': 3.609.0 - '@aws-sdk/util-endpoints': 3.637.0 - '@aws-sdk/util-user-agent-browser': 3.609.0 - '@aws-sdk/util-user-agent-node': 3.614.0 - '@smithy/config-resolver': 3.0.5 - '@smithy/core': 2.4.0 - '@smithy/fetch-http-handler': 3.2.4 - '@smithy/hash-node': 3.0.3 - '@smithy/invalid-dependency': 3.0.3 - '@smithy/middleware-content-length': 3.0.5 - '@smithy/middleware-endpoint': 3.1.0 - '@smithy/middleware-retry': 3.0.15 - '@smithy/middleware-serde': 3.0.3 - '@smithy/middleware-stack': 3.0.3 - '@smithy/node-config-provider': 3.1.4 - '@smithy/node-http-handler': 3.1.4 - '@smithy/protocol-http': 4.1.0 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - '@smithy/url-parser': 3.0.3 - '@smithy/util-base64': 3.0.0 - '@smithy/util-body-length-browser': 3.0.0 - '@smithy/util-body-length-node': 3.0.0 - '@smithy/util-defaults-mode-browser': 3.0.15 - '@smithy/util-defaults-mode-node': 3.0.15 - '@smithy/util-endpoints': 2.0.5 - '@smithy/util-middleware': 3.0.3 - '@smithy/util-retry': 3.0.3 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - transitivePeerDependencies: - - aws-crt - - '@aws-sdk/client-sts@3.637.0': - dependencies: - '@aws-crypto/sha256-browser': 5.2.0 - '@aws-crypto/sha256-js': 5.2.0 - '@aws-sdk/client-sso-oidc': 3.637.0(@aws-sdk/client-sts@3.637.0) - '@aws-sdk/core': 3.635.0 - '@aws-sdk/credential-provider-node': 3.637.0(@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0))(@aws-sdk/client-sts@3.637.0) - '@aws-sdk/middleware-host-header': 3.620.0 - '@aws-sdk/middleware-logger': 3.609.0 - '@aws-sdk/middleware-recursion-detection': 3.620.0 - '@aws-sdk/middleware-user-agent': 3.637.0 - '@aws-sdk/region-config-resolver': 3.614.0 - '@aws-sdk/types': 3.609.0 - '@aws-sdk/util-endpoints': 3.637.0 - '@aws-sdk/util-user-agent-browser': 3.609.0 - '@aws-sdk/util-user-agent-node': 3.614.0 - '@smithy/config-resolver': 3.0.5 - '@smithy/core': 2.4.0 - '@smithy/fetch-http-handler': 3.2.4 - '@smithy/hash-node': 3.0.3 - '@smithy/invalid-dependency': 3.0.3 - '@smithy/middleware-content-length': 3.0.5 - '@smithy/middleware-endpoint': 3.1.0 - '@smithy/middleware-retry': 3.0.15 - '@smithy/middleware-serde': 3.0.3 - '@smithy/middleware-stack': 3.0.3 - '@smithy/node-config-provider': 3.1.4 - '@smithy/node-http-handler': 3.1.4 - '@smithy/protocol-http': 4.1.0 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - '@smithy/url-parser': 3.0.3 - '@smithy/util-base64': 3.0.0 - '@smithy/util-body-length-browser': 3.0.0 - '@smithy/util-body-length-node': 3.0.0 - '@smithy/util-defaults-mode-browser': 3.0.15 - '@smithy/util-defaults-mode-node': 3.0.15 - '@smithy/util-endpoints': 2.0.5 - '@smithy/util-middleware': 3.0.3 - '@smithy/util-retry': 3.0.3 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - transitivePeerDependencies: - - aws-crt - - '@aws-sdk/core@3.635.0': - dependencies: - '@smithy/core': 2.4.0 - '@smithy/node-config-provider': 3.1.4 - '@smithy/property-provider': 3.1.3 - '@smithy/protocol-http': 4.1.0 - '@smithy/signature-v4': 4.1.0 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - '@smithy/util-middleware': 3.0.3 - fast-xml-parser: 4.4.1 - tslib: 2.7.0 - - '@aws-sdk/credential-provider-env@3.620.1': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/property-provider': 3.1.3 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/credential-provider-http@3.635.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/fetch-http-handler': 3.2.4 - '@smithy/node-http-handler': 3.1.4 - '@smithy/property-provider': 3.1.3 - '@smithy/protocol-http': 4.1.0 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - '@smithy/util-stream': 3.1.3 - tslib: 2.7.0 - - '@aws-sdk/credential-provider-ini@3.637.0(@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0))(@aws-sdk/client-sts@3.637.0)': - dependencies: - '@aws-sdk/client-sts': 3.637.0 - '@aws-sdk/credential-provider-env': 3.620.1 - '@aws-sdk/credential-provider-http': 3.635.0 - '@aws-sdk/credential-provider-process': 3.620.1 - '@aws-sdk/credential-provider-sso': 3.637.0(@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0)) - '@aws-sdk/credential-provider-web-identity': 3.621.0(@aws-sdk/client-sts@3.637.0) - '@aws-sdk/types': 3.609.0 - '@smithy/credential-provider-imds': 3.2.0 - '@smithy/property-provider': 3.1.3 - '@smithy/shared-ini-file-loader': 3.1.4 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - transitivePeerDependencies: - - '@aws-sdk/client-sso-oidc' - - aws-crt - - '@aws-sdk/credential-provider-node@3.637.0(@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0))(@aws-sdk/client-sts@3.637.0)': - dependencies: - '@aws-sdk/credential-provider-env': 3.620.1 - '@aws-sdk/credential-provider-http': 3.635.0 - '@aws-sdk/credential-provider-ini': 3.637.0(@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0))(@aws-sdk/client-sts@3.637.0) - '@aws-sdk/credential-provider-process': 3.620.1 - '@aws-sdk/credential-provider-sso': 3.637.0(@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0)) - '@aws-sdk/credential-provider-web-identity': 3.621.0(@aws-sdk/client-sts@3.637.0) - '@aws-sdk/types': 3.609.0 - '@smithy/credential-provider-imds': 3.2.0 - '@smithy/property-provider': 3.1.3 - '@smithy/shared-ini-file-loader': 3.1.4 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - transitivePeerDependencies: - - '@aws-sdk/client-sso-oidc' - - '@aws-sdk/client-sts' - - aws-crt - - '@aws-sdk/credential-provider-process@3.620.1': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/property-provider': 3.1.3 - '@smithy/shared-ini-file-loader': 3.1.4 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/credential-provider-sso@3.637.0(@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0))': - dependencies: - '@aws-sdk/client-sso': 3.637.0 - '@aws-sdk/token-providers': 3.614.0(@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0)) - '@aws-sdk/types': 3.609.0 - '@smithy/property-provider': 3.1.3 - '@smithy/shared-ini-file-loader': 3.1.4 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - transitivePeerDependencies: - - '@aws-sdk/client-sso-oidc' - - aws-crt - - '@aws-sdk/credential-provider-web-identity@3.621.0(@aws-sdk/client-sts@3.637.0)': - dependencies: - '@aws-sdk/client-sts': 3.637.0 - '@aws-sdk/types': 3.609.0 - '@smithy/property-provider': 3.1.3 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/lib-storage@3.637.0(@aws-sdk/client-s3@3.637.0)': - dependencies: - '@aws-sdk/client-s3': 3.637.0 - '@smithy/abort-controller': 3.1.1 - '@smithy/middleware-endpoint': 3.1.0 - '@smithy/smithy-client': 3.2.0 - buffer: 5.6.0 - events: 3.3.0 - stream-browserify: 3.0.0 - tslib: 2.7.0 - - '@aws-sdk/middleware-bucket-endpoint@3.620.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@aws-sdk/util-arn-parser': 3.568.0 - '@smithy/node-config-provider': 3.1.4 - '@smithy/protocol-http': 4.1.0 - '@smithy/types': 3.3.0 - '@smithy/util-config-provider': 3.0.0 - tslib: 2.7.0 - - '@aws-sdk/middleware-expect-continue@3.620.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/protocol-http': 4.1.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/middleware-flexible-checksums@3.620.0': - dependencies: - '@aws-crypto/crc32': 5.2.0 - '@aws-crypto/crc32c': 5.2.0 - '@aws-sdk/types': 3.609.0 - '@smithy/is-array-buffer': 3.0.0 - '@smithy/protocol-http': 4.1.0 - '@smithy/types': 3.3.0 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - - '@aws-sdk/middleware-host-header@3.620.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/protocol-http': 4.1.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/middleware-location-constraint@3.609.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/middleware-logger@3.609.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/middleware-recursion-detection@3.620.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/protocol-http': 4.1.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/middleware-sdk-s3@3.635.0': - dependencies: - '@aws-sdk/core': 3.635.0 - '@aws-sdk/types': 3.609.0 - '@aws-sdk/util-arn-parser': 3.568.0 - '@smithy/core': 2.4.0 - '@smithy/node-config-provider': 3.1.4 - '@smithy/protocol-http': 4.1.0 - '@smithy/signature-v4': 4.1.0 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - '@smithy/util-config-provider': 3.0.0 - '@smithy/util-middleware': 3.0.3 - '@smithy/util-stream': 3.1.3 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - - '@aws-sdk/middleware-ssec@3.609.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/middleware-user-agent@3.637.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@aws-sdk/util-endpoints': 3.637.0 - '@smithy/protocol-http': 4.1.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/region-config-resolver@3.614.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/node-config-provider': 3.1.4 - '@smithy/types': 3.3.0 - '@smithy/util-config-provider': 3.0.0 - '@smithy/util-middleware': 3.0.3 - tslib: 2.7.0 - - '@aws-sdk/signature-v4-multi-region@3.635.0': - dependencies: - '@aws-sdk/middleware-sdk-s3': 3.635.0 - '@aws-sdk/types': 3.609.0 - '@smithy/protocol-http': 4.1.0 - '@smithy/signature-v4': 4.1.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/token-providers@3.614.0(@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0))': - dependencies: - '@aws-sdk/client-sso-oidc': 3.637.0(@aws-sdk/client-sts@3.637.0) - '@aws-sdk/types': 3.609.0 - '@smithy/property-provider': 3.1.3 - '@smithy/shared-ini-file-loader': 3.1.4 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/types@3.609.0': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/util-arn-parser@3.568.0': - dependencies: - tslib: 2.7.0 - - '@aws-sdk/util-endpoints@3.637.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/types': 3.3.0 - '@smithy/util-endpoints': 2.0.5 - tslib: 2.7.0 - - '@aws-sdk/util-locate-window@3.568.0': - dependencies: - tslib: 2.7.0 - - '@aws-sdk/util-user-agent-browser@3.609.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/types': 3.3.0 - bowser: 2.11.0 - tslib: 2.7.0 - - '@aws-sdk/util-user-agent-node@3.614.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/node-config-provider': 3.1.4 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/xml-builder@3.609.0': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@noble/hashes@1.5.0': {} - - '@paralleldrive/cuid2@2.2.2': - dependencies: - '@noble/hashes': 1.5.0 - - '@smithy/abort-controller@3.1.1': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/chunked-blob-reader-native@3.0.0': - dependencies: - '@smithy/util-base64': 3.0.0 - tslib: 2.7.0 - - '@smithy/chunked-blob-reader@3.0.0': - dependencies: - tslib: 2.7.0 - - '@smithy/config-resolver@3.0.5': - dependencies: - '@smithy/node-config-provider': 3.1.4 - '@smithy/types': 3.3.0 - '@smithy/util-config-provider': 3.0.0 - '@smithy/util-middleware': 3.0.3 - tslib: 2.7.0 - - '@smithy/core@2.4.0': - dependencies: - '@smithy/middleware-endpoint': 3.1.0 - '@smithy/middleware-retry': 3.0.15 - '@smithy/middleware-serde': 3.0.3 - '@smithy/protocol-http': 4.1.0 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - '@smithy/util-body-length-browser': 3.0.0 - '@smithy/util-middleware': 3.0.3 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - - '@smithy/credential-provider-imds@3.2.0': - dependencies: - '@smithy/node-config-provider': 3.1.4 - '@smithy/property-provider': 3.1.3 - '@smithy/types': 3.3.0 - '@smithy/url-parser': 3.0.3 - tslib: 2.7.0 - - '@smithy/eventstream-codec@3.1.2': - dependencies: - '@aws-crypto/crc32': 5.2.0 - '@smithy/types': 3.3.0 - '@smithy/util-hex-encoding': 3.0.0 - tslib: 2.7.0 - - '@smithy/eventstream-serde-browser@3.0.6': - dependencies: - '@smithy/eventstream-serde-universal': 3.0.5 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/eventstream-serde-config-resolver@3.0.3': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/eventstream-serde-node@3.0.5': - dependencies: - '@smithy/eventstream-serde-universal': 3.0.5 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/eventstream-serde-universal@3.0.5': - dependencies: - '@smithy/eventstream-codec': 3.1.2 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/fetch-http-handler@3.2.4': - dependencies: - '@smithy/protocol-http': 4.1.0 - '@smithy/querystring-builder': 3.0.3 - '@smithy/types': 3.3.0 - '@smithy/util-base64': 3.0.0 - tslib: 2.7.0 - - '@smithy/hash-blob-browser@3.1.2': - dependencies: - '@smithy/chunked-blob-reader': 3.0.0 - '@smithy/chunked-blob-reader-native': 3.0.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/hash-node@3.0.3': - dependencies: - '@smithy/types': 3.3.0 - '@smithy/util-buffer-from': 3.0.0 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - - '@smithy/hash-stream-node@3.1.2': - dependencies: - '@smithy/types': 3.3.0 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - - '@smithy/invalid-dependency@3.0.3': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/is-array-buffer@2.2.0': - dependencies: - tslib: 2.7.0 - - '@smithy/is-array-buffer@3.0.0': - dependencies: - tslib: 2.7.0 - - '@smithy/md5-js@3.0.3': - dependencies: - '@smithy/types': 3.3.0 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - - '@smithy/middleware-content-length@3.0.5': - dependencies: - '@smithy/protocol-http': 4.1.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/middleware-endpoint@3.1.0': - dependencies: - '@smithy/middleware-serde': 3.0.3 - '@smithy/node-config-provider': 3.1.4 - '@smithy/shared-ini-file-loader': 3.1.4 - '@smithy/types': 3.3.0 - '@smithy/url-parser': 3.0.3 - '@smithy/util-middleware': 3.0.3 - tslib: 2.7.0 - - '@smithy/middleware-retry@3.0.15': - dependencies: - '@smithy/node-config-provider': 3.1.4 - '@smithy/protocol-http': 4.1.0 - '@smithy/service-error-classification': 3.0.3 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - '@smithy/util-middleware': 3.0.3 - '@smithy/util-retry': 3.0.3 - tslib: 2.7.0 - uuid: 9.0.1 - - '@smithy/middleware-serde@3.0.3': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/middleware-stack@3.0.3': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/node-config-provider@3.1.4': - dependencies: - '@smithy/property-provider': 3.1.3 - '@smithy/shared-ini-file-loader': 3.1.4 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/node-http-handler@3.1.4': - dependencies: - '@smithy/abort-controller': 3.1.1 - '@smithy/protocol-http': 4.1.0 - '@smithy/querystring-builder': 3.0.3 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/property-provider@3.1.3': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/protocol-http@4.1.0': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/querystring-builder@3.0.3': - dependencies: - '@smithy/types': 3.3.0 - '@smithy/util-uri-escape': 3.0.0 - tslib: 2.7.0 - - '@smithy/querystring-parser@3.0.3': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/service-error-classification@3.0.3': - dependencies: - '@smithy/types': 3.3.0 - - '@smithy/shared-ini-file-loader@3.1.4': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/signature-v4@4.1.0': - dependencies: - '@smithy/is-array-buffer': 3.0.0 - '@smithy/protocol-http': 4.1.0 - '@smithy/types': 3.3.0 - '@smithy/util-hex-encoding': 3.0.0 - '@smithy/util-middleware': 3.0.3 - '@smithy/util-uri-escape': 3.0.0 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - - '@smithy/smithy-client@3.2.0': - dependencies: - '@smithy/middleware-endpoint': 3.1.0 - '@smithy/middleware-stack': 3.0.3 - '@smithy/protocol-http': 4.1.0 - '@smithy/types': 3.3.0 - '@smithy/util-stream': 3.1.3 - tslib: 2.7.0 - - '@smithy/types@3.3.0': - dependencies: - tslib: 2.7.0 - - '@smithy/url-parser@3.0.3': - dependencies: - '@smithy/querystring-parser': 3.0.3 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/util-base64@3.0.0': - dependencies: - '@smithy/util-buffer-from': 3.0.0 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - - '@smithy/util-body-length-browser@3.0.0': - dependencies: - tslib: 2.7.0 - - '@smithy/util-body-length-node@3.0.0': - dependencies: - tslib: 2.7.0 - - '@smithy/util-buffer-from@2.2.0': - dependencies: - '@smithy/is-array-buffer': 2.2.0 - tslib: 2.7.0 - - '@smithy/util-buffer-from@3.0.0': - dependencies: - '@smithy/is-array-buffer': 3.0.0 - tslib: 2.7.0 - - '@smithy/util-config-provider@3.0.0': - dependencies: - tslib: 2.7.0 - - '@smithy/util-defaults-mode-browser@3.0.15': - dependencies: - '@smithy/property-provider': 3.1.3 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - bowser: 2.11.0 - tslib: 2.7.0 - - '@smithy/util-defaults-mode-node@3.0.15': - dependencies: - '@smithy/config-resolver': 3.0.5 - '@smithy/credential-provider-imds': 3.2.0 - '@smithy/node-config-provider': 3.1.4 - '@smithy/property-provider': 3.1.3 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/util-endpoints@2.0.5': - dependencies: - '@smithy/node-config-provider': 3.1.4 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/util-hex-encoding@3.0.0': - dependencies: - tslib: 2.7.0 - - '@smithy/util-middleware@3.0.3': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/util-retry@3.0.3': - dependencies: - '@smithy/service-error-classification': 3.0.3 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/util-stream@3.1.3': - dependencies: - '@smithy/fetch-http-handler': 3.2.4 - '@smithy/node-http-handler': 3.1.4 - '@smithy/types': 3.3.0 - '@smithy/util-base64': 3.0.0 - '@smithy/util-buffer-from': 3.0.0 - '@smithy/util-hex-encoding': 3.0.0 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - - '@smithy/util-uri-escape@3.0.0': - dependencies: - tslib: 2.7.0 - - '@smithy/util-utf8@2.3.0': - dependencies: - '@smithy/util-buffer-from': 2.2.0 - tslib: 2.7.0 - - '@smithy/util-utf8@3.0.0': - dependencies: - '@smithy/util-buffer-from': 3.0.0 - tslib: 2.7.0 - - '@smithy/util-waiter@3.1.2': - dependencies: - '@smithy/abort-controller': 3.1.1 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@types/node@22.5.2': - dependencies: - undici-types: 6.19.8 - - base64-js@1.5.1: {} - - bowser@2.11.0: {} - - buffer@5.6.0: - dependencies: - base64-js: 1.5.1 - ieee754: 1.2.1 - - dotenv@16.4.5: {} - - events@3.3.0: {} - - fast-xml-parser@4.4.1: - dependencies: - strnum: 1.0.5 - - ieee754@1.2.1: {} - - inherits@2.0.4: {} - - readable-stream@3.6.2: - dependencies: - inherits: 2.0.4 - string_decoder: 1.3.0 - util-deprecate: 1.0.2 - - safe-buffer@5.2.1: {} - - stream-browserify@3.0.0: - dependencies: - inherits: 2.0.4 - readable-stream: 3.6.2 - - string_decoder@1.3.0: - dependencies: - safe-buffer: 5.2.1 - - strnum@1.0.5: {} - - tslib@2.7.0: {} - - undici-types@6.19.8: {} - - util-deprecate@1.0.2: {} - - uuid@9.0.1: {} diff --git a/packages/storage/src/mux.ts b/packages/storage/src/mux.ts deleted file mode 100644 index e69de29..0000000 diff --git a/packages/storage/src/s3.spec.ts b/packages/storage/src/s3.spec.ts deleted file mode 100644 index dfce1cd..0000000 --- a/packages/storage/src/s3.spec.ts +++ /dev/null @@ -1,19 +0,0 @@ -import { describe } from 'mocha' -import { expect } from 'chai'; -import { uploadFile } from './s3.js' -import path from 'node:path' - -describe('s3', function () { - this.timeout(1000*30) - describe('uploadFile', function () { - it('should upload a file to specified bucket and return the storage data', async function () { - const data = await uploadFile(path.join(import.meta.dirname, './fixtures/sample.webp')) - expect(data).to.have.property('VersionId') - expect(data).to.have.property('ETag') - expect(data).to.have.property('Bucket') - expect(data).to.have.property('Key') - expect(data).to.have.property('Location') - expect(data).to.have.property('$metadata') - }) - }) -}) \ No newline at end of file diff --git a/packages/storage/src/s3.ts b/packages/storage/src/s3.ts deleted file mode 100644 index f3d67cc..0000000 --- a/packages/storage/src/s3.ts +++ /dev/null @@ -1,106 +0,0 @@ -import { S3Client, GetObjectCommand, type S3ClientConfig } from "@aws-sdk/client-s3"; -import { Upload } from "@aws-sdk/lib-storage"; -import type { S3FileResponse, S3FileRecord, StreamResponse } from '@futureporn/types'; -import { createId } from '@paralleldrive/cuid2'; -import { basename } from 'node:path'; -import fs, { createWriteStream, createReadStream } from 'node:fs'; -import { type Readable, pipeline } from "node:stream"; -import { tmpdir } from "node:os"; -import { join } from "node:path"; -import { promisify } from "node:util"; - -export interface S3FileArgs { - filePath: string; - s3BucketName: string; - s3AccessKeyId: string; - s3SecretAccessKey: string; - s3Region: string; - s3Endpoint: string; -} - -export const s3CdnMap = new Map([ - ['futureporn', 'https://futureporn-b2.b-cdn.net'], - ['fp-usc-dev', 'https://fp-usc-dev.b-cdn.net'], -]) - -function assertArguments(args: any): asserts args is S3FileArgs { - if (typeof args!== "object" ||!args) throw new Error("invalid S3FileArgs"); - if (!args.filePath) throw new Error('filePath was missing from args'); - if (typeof args.filePath!== 'string') throw new Error('filePath must be a string'); - if (!args.s3BucketName) throw new Error('s3BucketName was missing from args'); - if (typeof args.s3BucketName!== 'string') throw new Error('s3BucketName must be a string'); - if (!args.s3AccessKeyId) throw new Error('s3AccessKeyId was missing from args'); - if (typeof args.s3AccessKeyId!== 'string') throw new Error('s3AccessKeyId must be a string'); - if (!args.s3SecretAccessKey) throw new Error('s3SecretAccessKey was missing from args'); - if (typeof args.s3SecretAccessKey!== 'string') throw new Error('s3SecretAccessKey must be a string'); - if (!args.s3Region) throw new Error('s3Region was missing from args'); - if (typeof args.s3Region!== 'string') throw new Error('s3Region must be a string'); - if (!args.s3Endpoint) throw new Error('s3Endpoint was missing from args'); - if (typeof args.s3Endpoint!== 'string') throw new Error('s3Endpoint must be a string'); -} - -export function getCdnUrl(bucket: string, key: string): string { - if (!bucket) throw new Error('getCdnUrl() first arg (bucket name) was missing'); - if (!bucket) throw new Error('getCdnUrl() second arg (key) was missing'); - return `${s3CdnMap.get(bucket)}/${key}` -} - -// export async function downloadFile(args: S3FileArgs) { -// assertArguments(args) -// const { filePath, s3AccessKeyId, s3SecretAccessKey, s3BucketName, s3Endpoint, s3Region } = args -// // throw new Error('@todo') -// const download = S3Client -// } - - -export async function downloadFile (client: S3Client, bucket: string, s3_key: string): Promise { - console.log(`downloadS3File with s3File s3_key=${s3_key}, bucket=${bucket}`) - const getObjectCommand = new GetObjectCommand({ Bucket: bucket, Key: s3_key }) - const response = await client.send(getObjectCommand) - if (!response) throw new Error(`failed to receive a response while calling S3 GetObjectCommand (within downloadS3File)`); - if (!response.Body) throw new Error('S3 GetObjectCommand response did not have a Body (within downloadS3File)'); - const readStream = response.Body as Readable - const outputFilePath = join(tmpdir(), s3_key) - const writeStream = createWriteStream(outputFilePath) - const pipelinePromise = promisify(pipeline) - await pipelinePromise(readStream, writeStream) - return outputFilePath -} - -export async function uploadFile(args: unknown) { - assertArguments(args) - const { filePath, s3AccessKeyId, s3SecretAccessKey, s3BucketName, s3Endpoint, s3Region } = args; - const options: S3ClientConfig = { - endpoint: s3Endpoint, - region: s3Region, - credentials: { - accessKeyId: s3AccessKeyId, - secretAccessKey: s3SecretAccessKey, - }, - } - const client = new S3Client(options); - const key = `${createId()}-${basename(filePath)}` - const target = { - Bucket: s3BucketName, - Key: key, - Body: fs.createReadStream(filePath), - }; - - // greets https://stackoverflow.com/a/70159394/1004931 - try { - const parallelUploads3 = new Upload({ - client: client, - queueSize: 4, // optional concurrency configuration - leavePartsOnError: false, // optional manually handle dropped parts - params: target, - }); - - const res = await parallelUploads3.done(); - return res; - } catch (e) { - console.error(`while uploading a file to s3, we encountered an error`); - if (e instanceof Error) { - throw new Error(e.message); - } - } -} \ No newline at end of file diff --git a/packages/storage/tsconfig.json b/packages/storage/tsconfig.json deleted file mode 100644 index fdf87c5..0000000 --- a/packages/storage/tsconfig.json +++ /dev/null @@ -1,29 +0,0 @@ -{ - "compilerOptions": { - "noEmit": true, - "esModuleInterop": true, - "skipLibCheck": true, - "target": "es2022", - "allowJs": true, - "resolveJsonModule": true, - "moduleDetection": "force", - "isolatedModules": true, - // Enable strict type checking so you can catch bugs early - "strict": true, - "noUncheckedIndexedAccess": true, - "noImplicitOverride": true, - // Transpile our TypeScript code to JavaScript - "module": "NodeNext", - "outDir": "dist", - "lib": [ - "es2022" - ] - }, - // Include the necessary files for your project - "include": [ - "**/*.ts", - ], - "exclude": [ - "node_modules" - ] - } \ No newline at end of file diff --git a/packages/types/.eslintignore b/packages/types/.eslintignore deleted file mode 100644 index 53c37a1..0000000 --- a/packages/types/.eslintignore +++ /dev/null @@ -1 +0,0 @@ -dist \ No newline at end of file diff --git a/packages/types/.gitignore b/packages/types/.gitignore deleted file mode 100644 index 53c37a1..0000000 --- a/packages/types/.gitignore +++ /dev/null @@ -1 +0,0 @@ -dist \ No newline at end of file diff --git a/packages/types/package.json b/packages/types/package.json deleted file mode 100644 index 4ee827d..0000000 --- a/packages/types/package.json +++ /dev/null @@ -1,18 +0,0 @@ -{ - "name": "@futureporn/types", - "type": "module", - "version": "1.0.0", - "description": "", - "scripts": { - "test": "echo \"Warn: no test specified\" && exit 0", - "clean": "rm -rf dist", - "superclean": "rm -rf node_modules && rm -rf pnpm-lock.yaml && rm -rf dist" - }, - "main": "src/index.ts", - "keywords": [], - "author": "", - "license": "Unlicense", - "devDependencies": { - "typescript": "^5.5.4" - } -} diff --git a/packages/types/pnpm-lock.yaml b/packages/types/pnpm-lock.yaml deleted file mode 100644 index 2a0c411..0000000 --- a/packages/types/pnpm-lock.yaml +++ /dev/null @@ -1,24 +0,0 @@ -lockfileVersion: '9.0' - -settings: - autoInstallPeers: true - excludeLinksFromLockfile: false - -importers: - - .: - devDependencies: - typescript: - specifier: ^5.5.4 - version: 5.5.4 - -packages: - - typescript@5.5.4: - resolution: {integrity: sha512-Mtq29sKDAEYP7aljRgtPOpTvOfbwRWlS6dPRzwjdE+C0R4brX/GUyhHSecbHMFLNBLcJIPt9nl9yG5TZ1weH+Q==} - engines: {node: '>=14.17'} - hasBin: true - -snapshots: - - typescript@5.5.4: {} diff --git a/packages/types/src/index.ts b/packages/types/src/index.ts deleted file mode 100644 index d07db7a..0000000 --- a/packages/types/src/index.ts +++ /dev/null @@ -1,449 +0,0 @@ - - -export type PlatformNotificationType = 'email' | 'manual' | 'twitter' -export type ArchiveStatus = 'good' | 'issue' | 'missing' -export type RecordingState = 'recording' | 'stalled' | 'aborted' | 'failed' | 'finished' -export type ProcessingState = 'processing' -export type WaitingState = 'pending_recording' -export type Status = Partial - - -export interface IPatron { - username: string; - vanityLink?: string; -} - -// @see https://www.baeldung.com/rest-api-error-handling-best-practices -export interface GenericApiResponse { - error: string|null; - data: any; - message: string; - detail?: string; - help?: string; -} - -export interface S3FileRecord { - s3_key: string; - s3_id?: string; - bucket: string; -} - -export interface S3FileResponse { - s3_key: string; - s3_id?: string; - bucket: string; - created_at?: Date; - updated_at?: Date; -} - -export interface VtuberResponse { - id: string; -} - -export interface VtuberDataScrape { - display_name: string; - slug: string; - chaturbate_id?: string; - chaturbate?: string; - fansly_id?: string; - fansly?: string; -} - -export interface ScoutResponse { - error: boolean; - message: string; - data: any; -} - -export interface ChaturbateRoomSummary { - url: string; - name: string; -} - -export interface ChaturbateRoom { - name: string; - username: string; - room_subject: string; - tags: string[]; - is_new: boolean; - num_users: number; - num_followers: number; - current_show: string; - location?: string; - country?: string; - spoken_languages?: string; - display_name?: string; - birthday?: string; - is_hd: boolean; - age: number; - seconds_online: number; - image_url: string; - image_url_360x270: string; - chat_room_url_revshare: string; - iframe_embed_revshare: string; - chat_room_url: string; - iframe_embed: string; - slug: string; - } - -export interface VtuberRecord { - id: string; - display_name: string; - chaturbate: string; - twitter: string; - patreon: string; - twitch: string; - tiktok: string; - onlyfans: string; - youtube: string; - linktree: string; - carrd: string; - fansly: string; - pornhub: string; - discord: string; - reddit: string; - throne: string; - instagram: string; - facebook: string; - merch: string; - slug: string; - image: string; - theme_color: string; - image_blur: string; - fansly_id: string; - chaturbate_id: string; - twitter_id: string; -} - -export interface VodRecord { - id: string; - stream: StreamRecord; - stream_id: string; - created_at: string; - updated_at: string; - published_at?: string; - title?: string; - date: string; - mux_asset: MuxAssetRecord; - thumbnail?: string; - vtuber: string; - ipfs_cid?: string; - torrent?: string; - announce_title?: string; - announce_url?: string; - note?: string; - url: string; - discord_message_id: string; - s3_file: string; - recording_id: string; -} - -export interface TagRecord { - id: string -} - -export interface Timestamp { - id: string -} - -export interface User { - id: string -} - -export interface RecordingResponse { - id: string; - url: string; - date: string; - discord_interaction_id: string; - is_aborted: boolean; - vod_id: string; -} - -export interface VodResponse { - id: string; - stream: StreamResponse; - stream_id: string; - created_at: string; - updated_at: string; - published_at?: string; - title?: string; - date: string; - mux_asset: MuxAssetRecord; - thumbnail?: S3FileResponse; - vtuber: VtuberRecord; - tags?: TagRecord[]; - timestamps?: Timestamp[]; - ipfs_cid?: string; - s3_file?: S3FileResponse; - torrent?: string; - announce_title?: string; - announce_url?: string; - uploader?: User; - note?: string; - url: string; - segments?: SegmentResponse[]; - recording: RecordingRecord; - status: Status; - discord_message_id: string; -} - - -export interface StreamRecord { - id: string; - url: string; - platform_notification_type: PlatformNotificationType; - discord_message_id: string; - date: Date; - created_at: Date; - updated_at: Date; - vtuber: string; - tweet: string; - vods?: VodRecord[]; - archive_status: ArchiveStatus; - is_chaturbate_stream: Boolean; - is_fansly_stream: Boolean; - status: Status; - segments?: SegmentResponse[] -} - -export interface StreamResponse { - id: string; - url: string; - platform_notification_type: PlatformNotificationType; - discord_message_id: string; - date: Date; - created_at: Date; - updated_at: Date; - vtuber: string; - tweet: string; - vods?: VodResponse[]; - archive_status: ArchiveStatus; - is_chaturbate_stream: Boolean; - is_fansly_stream: Boolean; - is_recording_aborted: Boolean; - status: Status; - segments?: SegmentResponse[] -} - -export interface RecordingRecord { - id: number; - file_size: number; - discord_message_id: string; - is_aborted: boolean; - vod_id: string; - updated_at: Date; - created_at: Date; -} - - -export interface SegmentResponse { - id: string; - s3_key: string; - s3_id: string; - bytes: number; - bytes_uploaded: number; - checksum: string; - vod?: VodResponse; - created_at: string; - updated_at: string; -} - - - -export interface MuxAssetRecord { - id: number; - playback_id: string; - asset_id: string; -} - - -export interface IMuxAsset { - id: number; - playback_id: string; - asset_id: string; -} - -export interface IPagination { - page: number; - pageSize: number; - pageCount: number; - total: number; -} - -export interface IMuxAssetResponse { - data: IMuxAsset; - meta: IMeta; -} - -export interface IMeta { - pagination: IPagination; -} - - - -export interface IPlatformNotification { - id: number; - source: string; - platform: string; - date: string; - date_2: string; - vtuber: number; -} - -export interface IPlatformNotificationResponse { - data: IPlatformNotification; - meta: IMeta; - error?: any; -} - - -export interface ITimestamp { - id: number; - time: number; -} - -export interface ITag { - id: number; - name: string; -} - -export interface IS3File { - id: number; - url: string; - key: string; - uploadId: string; - cdn_url: string; -} -export interface IS3FileResponse { - data: IS3File; - meta: IMeta; -} - -export interface IVod { - id: number; - stream?: IStream; - published_at?: string; - uuid: string; - title?: string; - duration?: number; - date: string; - date_2: string; - mux_asset: IMuxAsset; - thumbnail?: IS3File; - vtuber: IVtuber; - s3_file: IS3File; - tag_vod_relations: ITagVodRelation[]; - timestamps: ITimestamp[]; - ipfs_cid: string; - announce_title: string; - announce_url: string; - uploader: IUserResponse; - note: string; -} - - - -export interface IUser { - id: number; - username: string; - vanityLink?: string; - image: string; -} - -export interface IUserResponse { -data: IUser; -meta: IMeta; -} - - -export interface ITagVodRelation { - id: number; - tag: ITag | IToyTag - vod: IVod; - creator_id: number; - created_at: string; -} - - -export interface IToyTag extends ITag { - toy: IToy; -} - - -export interface IToy { - id: number; - tags: ITag[]; - linkTag: ITag[]; - make: string; - model: string; - aspectRatio: string; - image2: string; - -} - - -interface IToysListProps { - toys: IToy[]; - page: number; - pageSize: number; -} - - - -export interface IStream { - id: number; - date: string; - date_2: string; - archive_status: ArchiveStatus; - vods: IVod[]; - uuid: string; - vtuber: IVtuber; - is_chaturbate_stream: boolean; - is_fansly_stream: boolean; - platform_notifications: IPlatformNotification[]; -} - - - -export interface IVtuber { - id: number; - slug: string; - display_name: string; - chaturbate?: string; - twitter?: string; - patreon?: string; - twitch?: string; - tiktok?: string; - onlyfans?: string; - youtube?: string; - linktree?: string; - carrd?: string; - fansly?: string; - pornhub?: string; - discord?: string; - reddit?: string; - throne?: string; - instagram?: string; - facebook?: string; - merch?: string; - vods: IVod[]; - description_1: string; - description_2?: string; - image: string; - image_blur?: string; - theme_color: string; - fansly_id?: string; - chaturbate_id?: string; - twitter_id?: string; -} - -export type NotificationData = { - isMatch: boolean; - url?: string; - platform?: string; - channel?: string; - displayName?: string; - date?: string; - userId?: string | null; - avatar?: string; -}; diff --git a/packages/types/tsconfig.json b/packages/types/tsconfig.json deleted file mode 100644 index a0928d2..0000000 --- a/packages/types/tsconfig.json +++ /dev/null @@ -1,36 +0,0 @@ -{ - "compilerOptions": { - // Base Options recommended for all projects - "esModuleInterop": true, - "skipLibCheck": true, - "target": "es2022", - "allowJs": false, - "resolveJsonModule": true, - "moduleDetection": "force", - "isolatedModules": true, - "verbatimModuleSyntax": true, - // Enable strict type checking so you can catch bugs early - "strict": true, - "noUncheckedIndexedAccess": true, - "noImplicitOverride": true, - // Transpile our TypeScript code to JavaScript - "module": "NodeNext", - "lib": [ - "es2022" - ], - "noImplicitAny": true, - "noImplicitThis": true, - "strictFunctionTypes": true, - "strictNullChecks": true, - "types": [], - "noEmit": true, - "forceConsistentCasingInFileNames": true - }, - // Include the necessary files for your project - "files": [ - "src/index.ts", - ], - "exclude": [ - "node_modules" - ] -} \ No newline at end of file diff --git a/packages/utils/src/image.spec.ts b/packages/utils/src/image.spec.ts index c5ec5f7..0ae64b1 100644 --- a/packages/utils/src/image.spec.ts +++ b/packages/utils/src/image.spec.ts @@ -30,7 +30,7 @@ describe('image', function () { describe('getStoryboard', function () { this.timeout(1000*60*15) it('should accept a URL and return a path to image on disk', async function () { - const url = 'http://38.242.193.246:8081/projektmelody-chaturbate-2025-01-09.mp4' + const url = 'http://38.242.193.246:8081/projektmelody-chaturbate-2025-01-11.mp4' const imagePath = await getStoryboard(url) expect(imagePath).to.match(/\.png/) }) diff --git a/scripts/build-test.sh b/scripts/build-test.sh deleted file mode 100755 index 3cd0be6..0000000 --- a/scripts/build-test.sh +++ /dev/null @@ -1,21 +0,0 @@ -#!/bin/bash - -postgres_pod_name=postgresql-primary-0 - -if [ -z $POSTGRES_PASSWORD ]; then - echo "POSTGRES_PASSWORD was missing in env. Are you executing this script via Tilt? (that is the intended method)" - exit 5 -fi - -kubectl -n futureporn exec "${postgres_pod_name}" -- env PGPASSWORD=${POSTGRES_PASSWORD} psql -U postgres -d futureporn --command " -SELECT graphile_worker.add_job( - 'combine_video_segments', - payload := json_build_object( - 's3_manifest', json_build_array( - json_build_object('id', '4_z7d53875ff1c32a1983d30b18_f118989ca296359da_d20240809_m205858_c000_v0001408_t0033_u01723237138038', 'key', 'mock-stream0.mp4'), - json_build_object('id', '4_z7d53875ff1c32a1983d30b18_f107c0649cef835e4_d20240809_m205859_c000_v0001406_t0016_u01723237139170', 'key', 'mock-stream1.mp4'), - json_build_object('id', '4_z7d53875ff1c32a1983d30b18_f10651c62f4ca1b2f_d20240809_m205900_c000_v0001076_t0022_u01723237140217', 'key', 'mock-stream2.mp4') - ) - ), - max_attempts := 3 -);" diff --git a/scripts/capture-integration.sh b/scripts/capture-integration.sh deleted file mode 100755 index f7fe5ae..0000000 --- a/scripts/capture-integration.sh +++ /dev/null @@ -1,25 +0,0 @@ -#!/bin/bash - -if [ -z "${AUTOMATION_USER_JWT}" ]; then - echo "Error: AUTOMATION_USER_JWT variable is not defined." - exit 1 -fi - -# get a random room -response=$(curl -sL --fail GET http://localhost:8134/chaturbate/random-room) -exitcode=$? -url=$(echo $response | jq -r '.url') -if [[ $exitcode -ne 0 || -z "$response" || -z "$url" ]]; then - echo "failed to get random room. exitcode=${exitcode}, response=${response}, url=${url}" - exit $exitcode -fi -echo "Random online chaturbate room url=${url}" - - - -# create a recording -curl -sL -H "Authorization: Bearer ${AUTOMATION_USER_JWT}" \ - -H "Content-Type: application/json" \ - -d '{"url": "'"${url}"'"}' \ - http://localhost:9000/recordings -echo "recording created" \ No newline at end of file diff --git a/scripts/drupal-init-wrapper.sh b/scripts/drupal-init-wrapper.sh deleted file mode 100755 index dd4c9f7..0000000 --- a/scripts/drupal-init-wrapper.sh +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/bash - - -namespace=futureporn -pod_name=$(kubectl --namespace futureporn get pods -l app.kubernetes.io/name=drupal -o custom-columns=":metadata.name" --no-headers) - -kubectl -n "${namespace}" cp ./scripts/drupal-init.sh "${pod_name}:/tmp/drupal-init.sh" -kubectl -n "${namespace}" exec "${pod_name}" -- bash -c "/tmp/drupal-init.sh" diff --git a/scripts/drupal-init.sh b/scripts/drupal-init.sh deleted file mode 100755 index e6bfc1e..0000000 --- a/scripts/drupal-init.sh +++ /dev/null @@ -1,24 +0,0 @@ - -#!/bin/bash - -# maybe https://www.drupal.org/project/extlink -# maybe https://www.drupal.org/project/seckit -# maybe https://www.drupal.org/project/slick -# maybe https://www.drupal.org/project/fontawesome - -cd /opt/bitnami/drupal -composer require \ - 'drupal/bulma:^1.0' \ - 'drupal/file_uploader_uppy:^1.0' \ - 'drupal/backup_migrate:^5.0' \ - 'drupal/cdn:^4.1' \ - 'drupal/s3fs:^3.6' \ - 'drupal/video:^3.0' \ - 'league/commonmark ^1.0' \ - 'drupal/markdown:^3.0' \ - 'drupal/color_field:^3.0' \ - 'drupal/pathauto:^1.13' \ - 'drupal/extlink:^2.0' -drush updatedb -drush theme:install bulma -drush pm:install -y file_uploader_uppy backup_migrate cdn cdn_ui s3fs video markdown diff --git a/scripts/flux-bootstrap.sh b/scripts/flux-bootstrap.sh deleted file mode 100755 index bfe9b2a..0000000 --- a/scripts/flux-bootstrap.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/bash - -if [ -z "${ENV}" ]; then \ - echo "Error: ENV variable is not defined. Please set to one of development|staging|production"; exit 1; \ -fi - -if [ "${ENV}" == "development" ]; then \ - echo "Flux is not used in development environment. Skipping." - exit 0 -fi - -# flux bootstrap git \ -# --kubeconfig /home/cj/.kube/vke.yaml \ -# --url=https://gitea.futureporn.net/futureporn/fp.git \ -# --branch=main \ -# --username=cj_clippy \ -# --token-auth=true \ -# --path=clusters/production - -## --silent avoids the [Yes|no] prompt -flux bootstrap git \ - --silent \ - --url="ssh://git@gitea.futureporn.net:2222/futureporn/fp" \ - --branch=main \ - --path="flux/clusters/$ENV" \ - --private-key-file=/home/cj/.ssh/fp-flux \ No newline at end of file diff --git a/scripts/k8s-metrics.sh b/scripts/k8s-metrics.sh deleted file mode 100755 index 49f1219..0000000 --- a/scripts/k8s-metrics.sh +++ /dev/null @@ -1,12 +0,0 @@ -#!/bin/bash - -if [ -z "${ENV}" ]; then \ - echo "Error: ENV variable is not defined. Please set to one of development|staging|production"; exit 1; \ -fi - -if [ "${ENV}" == "development" ]; then \ - echo "k8s metrics are not used in development environment. Skipping." - exit 0 -fi - -kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml \ No newline at end of file diff --git a/scripts/k8s-namespaces.sh b/scripts/k8s-namespaces.sh deleted file mode 100755 index 0bf56ef..0000000 --- a/scripts/k8s-namespaces.sh +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/bash - -kubectl create namespace cert-manager -kubectl create namespace futureporn -kubectl create namespace velero - -exit 0 # important to keep the Makefile chain going even if namespaces already existed and kubectl returned non-zero \ No newline at end of file diff --git a/scripts/k8s-secrets.sh b/scripts/k8s-secrets.sh deleted file mode 100755 index ec2ad7a..0000000 --- a/scripts/k8s-secrets.sh +++ /dev/null @@ -1,210 +0,0 @@ -#!/bin/bash - - -## @todo switch to infisical -# ns=futureporn -# kubectl --namespace $ns delete secret universal-auth-credentials --ignore-not-found -# kubectl --namespace $ns create secret generic universal-auth-credentials \ -# --from-literal=clientSecret="${INFISICAL_CLIENT_SECRET}" \ -# --from-literal=clientId="${INFISICAL_CLIENT_ID}" -# echo "@todo remove all the unused secrets" -# exit 256 - -CLOUD_DATA=$(echo -e "[default]\naws_access_key_id: $VELERO_S3_KEY_ID\naws_secret_access_key: $VELERO_S3_ACCESS_KEY" | base64 -w 0) -kubectl --namespace=velero delete secret velero --ignore-not-found -## we do this so helm can adopt our pre-made secret @see https://github.com/helm/helm/pull/7649 -cat </dev/null || true)" != 'true' ]; then - docker run \ - -d --restart=always -p "127.0.0.1:${reg_port}:5000" --network bridge --name "${reg_name}" \ - registry:2 -fi - -# 2. Create kind cluster with containerd registry config dir enabled -# TODO: kind will eventually enable this by default and this patch will -# be unnecessary. -# -# See: -# https://github.com/kubernetes-sigs/kind/issues/2875 -# https://github.com/containerd/containerd/blob/main/docs/cri/config.md#registry-configuration -# See: https://github.com/containerd/containerd/blob/main/docs/hosts.md -cat <=6.9.0'} - - '@babel/helper-validator-identifier@7.24.7': - resolution: {integrity: sha512-rR+PBcQ1SMQDDyF6X0wxtG8QyLCgUB0eRAGguqRLfkCA87l7yAP7ehq8SNj96OOGTO8OBV70KhuFYcIkHXOg0w==} - engines: {node: '>=6.9.0'} - - '@babel/highlight@7.24.7': - resolution: {integrity: sha512-EStJpq4OuY8xYfhGVXngigBJRWxftKX9ksiGDnmlY3o7B/V7KIAc9X4oiK87uPJSc/vs5L869bem5fhZa8caZw==} - engines: {node: '>=6.9.0'} - - '@cspotcode/source-map-support@0.8.1': - resolution: {integrity: sha512-IchNf6dN4tHoMFIn/7OE8LWZ19Y6q/67Bmf6vnGREv8RSbBVb9LPJxEcnwrcwX6ixSvaiGoomAUvu4YSxXrVgw==} - engines: {node: '>=12'} - - '@discordeno/bot@19.0.0-next.b1bfe94': - resolution: {integrity: sha512-ZaPDaPM6tuxpRZCyuNB2rzqz2WYHH20IQdutu87jffW2dV26D3Nw8SJCE1LNdXdu9akes3VMXolkNsLJ5MW2Hw==} - - '@discordeno/bot@19.0.0-next.b3a8c86': - resolution: {integrity: sha512-Jm7sEmxR0MyK3kwe8CVHDQfAXpbkkPLER2nGuS2nn2e/0AXQKCCgJRMNmorJ+ZzcSw+slrw4hHkVZMBv7JML9Q==} - - '@discordeno/gateway@19.0.0-next.b1bfe94': - resolution: {integrity: sha512-rNkcCua4Inx8NkuCjbuRBAAg+AIg1qYb24Fq6/Y2+1s+iO0VSQ/ZK8PRNbI2gSpAtAbfndvxA9kyU1ggwwLjNw==} - - '@discordeno/gateway@19.0.0-next.b3a8c86': - resolution: {integrity: sha512-FGQvHcJFCyC4WCdgvRo3vAMoyvDpTkbHN4DZlEDNhN6uBMsWsd1xbjWPsJTdWGVUvHQd4+5HOv44wPhO02jytg==} - - '@discordeno/rest@19.0.0-next.b1bfe94': - resolution: {integrity: sha512-lLeP3hmMM0GFsO+VA3f9EKOwfIo1HvG1hudtlC1Er6BFWgArpz0/VizHbOyOr5SzZuzrQyfcBJJfEhC+48TsRg==} - - '@discordeno/rest@19.0.0-next.b3a8c86': - resolution: {integrity: sha512-nhhHSzibxOwxFAckgcuU8nGj+AGo3IRb1qiCcTE4gQStjqmV3ZewoVRzaRGgoY4t5ld5oeDODplXY5tloobkiw==} - - '@discordeno/types@19.0.0-next.b1bfe94': - resolution: {integrity: sha512-X1MmdPFMyzjxFEANEPrrBjdJDJBAz4RTa1vpVlMp46C3dPqTwjMwijaPhPgPnFiSwt01lJ8WaFDpMvfqOwpQNg==} - - '@discordeno/types@19.0.0-next.b3a8c86': - resolution: {integrity: sha512-1uUOpfBN3a8zDYOyL61qvWhG+NL4KMjcun7XFg7CB6wjGubUv4Uc2QXKG7SkSfNmtYzxetrrx1kyoSxkbEHLOw==} - - '@discordeno/utils@19.0.0-next.b1bfe94': - resolution: {integrity: sha512-Y+j3G83vCVXiNSEQlFR9WWJ6GZhvBmIfFjb03zFcmHa20nHExILJJBEyDpS+ptziEyF7jB+2hNw5I/SKn8Zm2w==} - - '@discordeno/utils@19.0.0-next.b3a8c86': - resolution: {integrity: sha512-W4SDymUvevihQZry9hB4lzCUNSz5QwqAzdT+3VKswjARgmQQnOjZdJ1w9rX/xoMB5FgS8Vhk6er4ABULIwPi6g==} - - '@esbuild/aix-ppc64@0.23.1': - resolution: {integrity: sha512-6VhYk1diRqrhBAqpJEdjASR/+WVRtfjpqKuNw11cLiaWpAT/Uu+nokB+UJnevzy/P9C/ty6AOe0dwueMrGh/iQ==} - engines: {node: '>=18'} - cpu: [ppc64] - os: [aix] - - '@esbuild/android-arm64@0.23.1': - resolution: {integrity: sha512-xw50ipykXcLstLeWH7WRdQuysJqejuAGPd30vd1i5zSyKK3WE+ijzHmLKxdiCMtH1pHz78rOg0BKSYOSB/2Khw==} - engines: {node: '>=18'} - cpu: [arm64] - os: [android] - - '@esbuild/android-arm@0.23.1': - resolution: {integrity: sha512-uz6/tEy2IFm9RYOyvKl88zdzZfwEfKZmnX9Cj1BHjeSGNuGLuMD1kR8y5bteYmwqKm1tj8m4cb/aKEorr6fHWQ==} - engines: {node: '>=18'} - cpu: [arm] - os: [android] - - '@esbuild/android-x64@0.23.1': - resolution: {integrity: sha512-nlN9B69St9BwUoB+jkyU090bru8L0NA3yFvAd7k8dNsVH8bi9a8cUAUSEcEEgTp2z3dbEDGJGfP6VUnkQnlReg==} - engines: {node: '>=18'} - cpu: [x64] - os: [android] - - '@esbuild/darwin-arm64@0.23.1': - resolution: {integrity: sha512-YsS2e3Wtgnw7Wq53XXBLcV6JhRsEq8hkfg91ESVadIrzr9wO6jJDMZnCQbHm1Guc5t/CdDiFSSfWP58FNuvT3Q==} - engines: {node: '>=18'} - cpu: [arm64] - os: [darwin] - - '@esbuild/darwin-x64@0.23.1': - resolution: {integrity: sha512-aClqdgTDVPSEGgoCS8QDG37Gu8yc9lTHNAQlsztQ6ENetKEO//b8y31MMu2ZaPbn4kVsIABzVLXYLhCGekGDqw==} - engines: {node: '>=18'} - cpu: [x64] - os: [darwin] - - '@esbuild/freebsd-arm64@0.23.1': - resolution: {integrity: sha512-h1k6yS8/pN/NHlMl5+v4XPfikhJulk4G+tKGFIOwURBSFzE8bixw1ebjluLOjfwtLqY0kewfjLSrO6tN2MgIhA==} - engines: {node: '>=18'} - cpu: [arm64] - os: [freebsd] - - '@esbuild/freebsd-x64@0.23.1': - resolution: {integrity: sha512-lK1eJeyk1ZX8UklqFd/3A60UuZ/6UVfGT2LuGo3Wp4/z7eRTRYY+0xOu2kpClP+vMTi9wKOfXi2vjUpO1Ro76g==} - engines: {node: '>=18'} - cpu: [x64] - os: [freebsd] - - '@esbuild/linux-arm64@0.23.1': - resolution: {integrity: sha512-/93bf2yxencYDnItMYV/v116zff6UyTjo4EtEQjUBeGiVpMmffDNUyD9UN2zV+V3LRV3/on4xdZ26NKzn6754g==} - engines: {node: '>=18'} - cpu: [arm64] - os: [linux] - - '@esbuild/linux-arm@0.23.1': - resolution: {integrity: sha512-CXXkzgn+dXAPs3WBwE+Kvnrf4WECwBdfjfeYHpMeVxWE0EceB6vhWGShs6wi0IYEqMSIzdOF1XjQ/Mkm5d7ZdQ==} - engines: {node: '>=18'} - cpu: [arm] - os: [linux] - - '@esbuild/linux-ia32@0.23.1': - resolution: {integrity: sha512-VTN4EuOHwXEkXzX5nTvVY4s7E/Krz7COC8xkftbbKRYAl96vPiUssGkeMELQMOnLOJ8k3BY1+ZY52tttZnHcXQ==} - engines: {node: '>=18'} - cpu: [ia32] - os: [linux] - - '@esbuild/linux-loong64@0.23.1': - resolution: {integrity: sha512-Vx09LzEoBa5zDnieH8LSMRToj7ir/Jeq0Gu6qJ/1GcBq9GkfoEAoXvLiW1U9J1qE/Y/Oyaq33w5p2ZWrNNHNEw==} - engines: {node: '>=18'} - cpu: [loong64] - os: [linux] - - '@esbuild/linux-mips64el@0.23.1': - resolution: {integrity: sha512-nrFzzMQ7W4WRLNUOU5dlWAqa6yVeI0P78WKGUo7lg2HShq/yx+UYkeNSE0SSfSure0SqgnsxPvmAUu/vu0E+3Q==} - engines: {node: '>=18'} - cpu: [mips64el] - os: [linux] - - '@esbuild/linux-ppc64@0.23.1': - resolution: {integrity: sha512-dKN8fgVqd0vUIjxuJI6P/9SSSe/mB9rvA98CSH2sJnlZ/OCZWO1DJvxj8jvKTfYUdGfcq2dDxoKaC6bHuTlgcw==} - engines: {node: '>=18'} - cpu: [ppc64] - os: [linux] - - '@esbuild/linux-riscv64@0.23.1': - resolution: {integrity: sha512-5AV4Pzp80fhHL83JM6LoA6pTQVWgB1HovMBsLQ9OZWLDqVY8MVobBXNSmAJi//Csh6tcY7e7Lny2Hg1tElMjIA==} - engines: {node: '>=18'} - cpu: [riscv64] - os: [linux] - - '@esbuild/linux-s390x@0.23.1': - resolution: {integrity: sha512-9ygs73tuFCe6f6m/Tb+9LtYxWR4c9yg7zjt2cYkjDbDpV/xVn+68cQxMXCjUpYwEkze2RcU/rMnfIXNRFmSoDw==} - engines: {node: '>=18'} - cpu: [s390x] - os: [linux] - - '@esbuild/linux-x64@0.23.1': - resolution: {integrity: sha512-EV6+ovTsEXCPAp58g2dD68LxoP/wK5pRvgy0J/HxPGB009omFPv3Yet0HiaqvrIrgPTBuC6wCH1LTOY91EO5hQ==} - engines: {node: '>=18'} - cpu: [x64] - os: [linux] - - '@esbuild/netbsd-x64@0.23.1': - resolution: {integrity: sha512-aevEkCNu7KlPRpYLjwmdcuNz6bDFiE7Z8XC4CPqExjTvrHugh28QzUXVOZtiYghciKUacNktqxdpymplil1beA==} - engines: {node: '>=18'} - cpu: [x64] - os: [netbsd] - - '@esbuild/openbsd-arm64@0.23.1': - resolution: {integrity: sha512-3x37szhLexNA4bXhLrCC/LImN/YtWis6WXr1VESlfVtVeoFJBRINPJ3f0a/6LV8zpikqoUg4hyXw0sFBt5Cr+Q==} - engines: {node: '>=18'} - cpu: [arm64] - os: [openbsd] - - '@esbuild/openbsd-x64@0.23.1': - resolution: {integrity: sha512-aY2gMmKmPhxfU+0EdnN+XNtGbjfQgwZj43k8G3fyrDM/UdZww6xrWxmDkuz2eCZchqVeABjV5BpildOrUbBTqA==} - engines: {node: '>=18'} - cpu: [x64] - os: [openbsd] - - '@esbuild/sunos-x64@0.23.1': - resolution: {integrity: sha512-RBRT2gqEl0IKQABT4XTj78tpk9v7ehp+mazn2HbUeZl1YMdaGAQqhapjGTCe7uw7y0frDi4gS0uHzhvpFuI1sA==} - engines: {node: '>=18'} - cpu: [x64] - os: [sunos] - - '@esbuild/win32-arm64@0.23.1': - resolution: {integrity: sha512-4O+gPR5rEBe2FpKOVyiJ7wNDPA8nGzDuJ6gN4okSA1gEOYZ67N8JPk58tkWtdtPeLz7lBnY6I5L3jdsr3S+A6A==} - engines: {node: '>=18'} - cpu: [arm64] - os: [win32] - - '@esbuild/win32-ia32@0.23.1': - resolution: {integrity: sha512-BcaL0Vn6QwCwre3Y717nVHZbAa4UBEigzFm6VdsVdT/MbZ38xoj1X9HPkZhbmaBGUD1W8vxAfffbDe8bA6AKnQ==} - engines: {node: '>=18'} - cpu: [ia32] - os: [win32] - - '@esbuild/win32-x64@0.23.1': - resolution: {integrity: sha512-BHpFFeslkWrXWyUPnbKm+xYYVYruCinGcftSBaa8zoF9hZO4BcSCFUvHVTtzpIY6YzUnYtuEhZ+C9iEXjxnasg==} - engines: {node: '>=18'} - cpu: [x64] - os: [win32] - - '@graphile/logger@0.2.0': - resolution: {integrity: sha512-jjcWBokl9eb1gVJ85QmoaQ73CQ52xAaOCF29ukRbYNl6lY+ts0ErTaDYOBlejcbUs2OpaiqYLO5uDhyLFzWw4w==} - - '@jridgewell/resolve-uri@3.1.2': - resolution: {integrity: sha512-bRISgCIjP20/tbWSPWMEi54QVPRZExkuD9lJL+UIxUKtwVJA8wW1Trb1jMs1RFXo1CBTNZ/5hpC9QvmKWdopKw==} - engines: {node: '>=6.0.0'} - - '@jridgewell/sourcemap-codec@1.5.0': - resolution: {integrity: sha512-gv3ZRaISU3fjPAgNsriBRqGWQL6quFx04YMPW/zD8XMLsU32mhCCbfbO6KZFLjvYpCZ8zyDEgqsgf+PwPaM7GQ==} - - '@jridgewell/trace-mapping@0.3.9': - resolution: {integrity: sha512-3Belt6tdc8bPgAtbcmdtNJlirVoTmEb5e2gC94PnkwEW9jI6CAHUeoG85tjWP5WquqfavoMtMwiG4P926ZKKuQ==} - - '@noble/hashes@1.5.0': - resolution: {integrity: sha512-1j6kQFb7QRru7eKN3ZDvRcP13rugwdxZqCjbiAVZfIJwgj2A65UmT4TgARXGlXgnRkORLTDTrO19ZErt7+QXgA==} - engines: {node: ^14.21.3 || >=16} - - '@paralleldrive/cuid2@2.2.2': - resolution: {integrity: sha512-ZOBkgDwEdoYVlSeRbYYXs0S9MejQofiVYoTbKzy/6GQa39/q5tQU2IX46+shYnUkpEl3wc+J6wRlar7r2EK2xA==} - - '@tsconfig/node10@1.0.11': - resolution: {integrity: sha512-DcRjDCujK/kCk/cUe8Xz8ZSpm8mS3mNNpta+jGCA6USEDfktlNvm1+IuZ9eTcDbNk41BHwpHHeW+N1lKCz4zOw==} - - '@tsconfig/node12@1.0.11': - resolution: {integrity: sha512-cqefuRsh12pWyGsIoBKJA9luFu3mRxCA+ORZvA4ktLSzIuCUtWVxGIuXigEwO5/ywWFMZ2QEGKWvkZG1zDMTag==} - - '@tsconfig/node14@1.0.3': - resolution: {integrity: sha512-ysT8mhdixWK6Hw3i1V2AeRqZ5WfXg1G43mqoYlM2nc6388Fq5jcXyr5mRsqViLx/GJYdoL0bfXD8nmF+Zn/Iow==} - - '@tsconfig/node16@1.0.4': - resolution: {integrity: sha512-vxhUy4J8lyeyinH7Azl1pdd43GJhZH/tP2weN8TntQblOY+A0XbT8DJk1/oCPuOOyg/Ja757rG0CgHcWC8OfMA==} - - '@types/chai@4.3.19': - resolution: {integrity: sha512-2hHHvQBVE2FiSK4eN0Br6snX9MtolHaTo/batnLjlGRhoQzlCL61iVpxoqO7SfFyOw+P/pwv+0zNHzKoGWz9Cw==} - - '@types/debug@4.1.12': - resolution: {integrity: sha512-vIChWdVG3LG1SMxEvI/AK+FWJthlrqlTu7fbrlywTkkaONwk/UAGaULXRlf8vkzFBLVm0zkMdCquhL5aOjhXPQ==} - - '@types/interpret@1.1.3': - resolution: {integrity: sha512-uBaBhj/BhilG58r64mtDb/BEdH51HIQLgP5bmWzc5qCtFMja8dCk/IOJmk36j0lbi9QHwI6sbtUNGuqXdKCAtQ==} - - '@types/mocha@10.0.7': - resolution: {integrity: sha512-GN8yJ1mNTcFcah/wKEFIJckJx9iJLoMSzWcfRRuxz/Jk+U6KQNnml+etbtxFK8lPjzOw3zp4Ha/kjSst9fsHYw==} - - '@types/ms@0.7.34': - resolution: {integrity: sha512-nG96G3Wp6acyAgJqGasjODb+acrI7KltPiRxzHPXnP3NgI28bpQDRv53olbqGXbfcgF5aiiHmO3xpwEpS5Ld9g==} - - '@types/node@20.16.3': - resolution: {integrity: sha512-/wdGiWRkMOm53gAsSyFMXFZHbVg7C6CbkrzHNpaHoYfsUWPg7m6ZRKtvQjgvQ9i8WT540a3ydRlRQbxjY30XxQ==} - - '@types/node@22.5.2': - resolution: {integrity: sha512-acJsPTEqYqulZS/Yp/S3GgeE6GZ0qYODUR8aVr/DkhHQ8l9nd4j5x1/ZJy9/gHrRlFMqkO6i0I3E27Alu4jjPg==} - - '@types/pg@8.11.8': - resolution: {integrity: sha512-IqpCf8/569txXN/HoP5i1LjXfKZWL76Yr2R77xgeIICUbAYHeoaEZFhYHo2uDftecLWrTJUq63JvQu8q3lnDyA==} - - '@types/qs@6.9.15': - resolution: {integrity: sha512-uXHQKES6DQKKCLh441Xv/dwxOq1TVS3JPUMlEqoEglvlhR6Mxnlew/Xq/LRVHpLyk7iK3zODe1qYHIMltO7XGg==} - - '@types/retry@0.12.2': - resolution: {integrity: sha512-XISRgDJ2Tc5q4TRqvgJtzsRkFYNJzZrhTdtMoGVBttwzzQJkPnS3WWTFc7kuDRoPtPakl+T+OfdEUjYJj7Jbow==} - - '@types/semver@7.5.8': - resolution: {integrity: sha512-I8EUhyrgfLrcTkzV3TSsGyl1tSuPrEDzr0yd5m90UgNxQkyDXULk3b6MlQqTCpZpNtWe1K0hzclnZkTcLBe2UQ==} - - acorn-walk@8.3.3: - resolution: {integrity: sha512-MxXdReSRhGO7VlFe1bRG/oI7/mdLV9B9JJT0N8vZOhF7gFRR5l3M8W9G8JxmKV+JC5mGqJ0QvqfSOLsCPa4nUw==} - engines: {node: '>=0.4.0'} - - acorn@8.12.1: - resolution: {integrity: sha512-tcpGyI9zbizT9JbV6oYE477V6mTlXvvi0T0G3SNIYE2apm/G5huBa1+K89VGeovbg+jycCrfhl3ADxErOuO6Jg==} - engines: {node: '>=0.4.0'} - hasBin: true - - ansi-colors@4.1.3: - resolution: {integrity: sha512-/6w/C21Pm1A7aZitlI5Ni/2J6FFQN8i1Cvz3kHABAAbw93v/NlvKdVOqz7CCWz/3iv/JplRSEEZ83XION15ovw==} - engines: {node: '>=6'} - - ansi-regex@5.0.1: - resolution: {integrity: sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==} - engines: {node: '>=8'} - - ansi-styles@3.2.1: - resolution: {integrity: sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==} - engines: {node: '>=4'} - - ansi-styles@4.3.0: - resolution: {integrity: sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==} - engines: {node: '>=8'} - - anymatch@3.1.3: - resolution: {integrity: sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw==} - engines: {node: '>= 8'} - - arg@4.1.3: - resolution: {integrity: sha512-58S9QDqG0Xx27YwPSt9fJxivjYl432YCwfDMfZ+71RAqUrZef7LrKQZ3LHLOwCS4FLNBplP533Zx895SeOCHvA==} - - argparse@2.0.1: - resolution: {integrity: sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==} - - assertion-error@2.0.1: - resolution: {integrity: sha512-Izi8RQcffqCeNVgFigKli1ssklIbpHnCYc6AknXGYoB6grJqyeby7jv12JUQgmTAnIDnbck1uxksT4dzN3PWBA==} - engines: {node: '>=12'} - - balanced-match@1.0.2: - resolution: {integrity: sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==} - - binary-extensions@2.3.0: - resolution: {integrity: sha512-Ceh+7ox5qe7LJuLHoY0feh3pHuUDHAcRUeyL2VYghZwfpkNIy/+8Ocg0a3UuSoYzavmylwuLWQOf3hl0jjMMIw==} - engines: {node: '>=8'} - - brace-expansion@1.1.11: - resolution: {integrity: sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==} - - brace-expansion@2.0.1: - resolution: {integrity: sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==} - - braces@3.0.3: - resolution: {integrity: sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==} - engines: {node: '>=8'} - - browser-stdout@1.3.1: - resolution: {integrity: sha512-qhAVI1+Av2X7qelOfAIYwXONood6XlZE/fXaBSmW/T5SzLAmCgzi+eiWE7fUvbHaeNBQH13UftjpXxsfLkMpgw==} - - call-bind@1.0.7: - resolution: {integrity: sha512-GHTSNSYICQ7scH7sZ+M2rFopRoLh8t2bLSW6BbgrtLsahOIB5iyAVJf9GjWK3cYTDaMj4XdBpM1cA6pIS0Kv2w==} - engines: {node: '>= 0.4'} - - callsites@3.1.0: - resolution: {integrity: sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==} - engines: {node: '>=6'} - - camelcase@6.3.0: - resolution: {integrity: sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==} - engines: {node: '>=10'} - - chai@5.1.1: - resolution: {integrity: sha512-pT1ZgP8rPNqUgieVaEY+ryQr6Q4HXNg8Ei9UnLUrjN4IA7dvQC5JB+/kxVcPNDHyBcc/26CXPkbNzq3qwrOEKA==} - engines: {node: '>=12'} - - chalk@2.4.2: - resolution: {integrity: sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==} - engines: {node: '>=4'} - - chalk@4.1.2: - resolution: {integrity: sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==} - engines: {node: '>=10'} - - check-error@2.1.1: - resolution: {integrity: sha512-OAlb+T7V4Op9OwdkjmguYRqncdlx5JiofwOAUkmTF+jNdHwzTaTs4sRAGpzLF3oOz5xAyDGrPgeIDFQmDOTiJw==} - engines: {node: '>= 16'} - - chokidar@3.6.0: - resolution: {integrity: sha512-7VT13fmjotKpGipCW9JEQAusEPE+Ei8nl6/g4FBAmIm0GOOLMua9NDDo/DWp0ZAxCr3cPq5ZpBqmPAQgDda2Pw==} - engines: {node: '>= 8.10.0'} - - cliui@7.0.4: - resolution: {integrity: sha512-OcRE68cOsVMXp1Yvonl/fzkQOyjLSu/8bhPDfQt0e0/Eb283TKP20Fs2MqoPsr9SwA595rRCA+QMzYc9nBP+JQ==} - - cliui@8.0.1: - resolution: {integrity: sha512-BSeNnyus75C4//NQ9gQt1/csTXyo/8Sb+afLAkzAptFuMsod9HFokGNudZpi/oQV73hnVK+sR+5PVRMd+Dr7YQ==} - engines: {node: '>=12'} - - color-convert@1.9.3: - resolution: {integrity: sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==} - - color-convert@2.0.1: - resolution: {integrity: sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==} - engines: {node: '>=7.0.0'} - - color-name@1.1.3: - resolution: {integrity: sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==} - - color-name@1.1.4: - resolution: {integrity: sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==} - - commander@12.1.0: - resolution: {integrity: sha512-Vw8qHK3bZM9y/P10u3Vib8o/DdkvA2OtPtZvD871QKjy74Wj1WSKFILMPRPSdUSx5RFK1arlJzEtA4PkFgnbuA==} - engines: {node: '>=18'} - - concat-map@0.0.1: - resolution: {integrity: sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==} - - cosmiconfig@8.3.6: - resolution: {integrity: sha512-kcZ6+W5QzcJ3P1Mt+83OUv/oHFqZHIx8DuxG6eZ5RGMERoLqp4BuGjhHLYGK+Kf5XVkQvqBSmAy/nGWN3qDgEA==} - engines: {node: '>=14'} - peerDependencies: - typescript: '>=4.9.5' - peerDependenciesMeta: - typescript: - optional: true - - create-require@1.1.1: - resolution: {integrity: sha512-dcKFX3jn0MpIaXjisoRvexIJVEKzaq7z2rZKxf+MSr9TkdmHmsU4m2lcLojrj/FHl8mk5VxMmYA+ftRkP/3oKQ==} - - data-uri-to-buffer@4.0.1: - resolution: {integrity: sha512-0R9ikRb668HB7QDxT1vkpuUBtqc53YyAwMwGeUFKRojY/NWKvdZ+9UYtRfGmhqNbRkTSVpMbmyhXipFFv2cb/A==} - engines: {node: '>= 12'} - - date-fns@3.6.0: - resolution: {integrity: sha512-fRHTG8g/Gif+kSh50gaGEdToemgfj74aRX3swtiouboip5JDLAyDE9F11nHMIcvOaXeOC6D7SpNhi7uFyB7Uww==} - - dd-cache-proxy@2.1.2: - resolution: {integrity: sha512-mdu5mIW3d4tyQPH1CakAsjbw7ScYrFBdN+tEs6ChHJLU0NTj5LlKpU6Dx4ymGUALweylruxclcrW/5rr5wbNUg==} - peerDependencies: - '@discordeno/bot': 19.0.0-next.352887c - - debug@4.3.6: - resolution: {integrity: sha512-O/09Bd4Z1fBrU4VzkhFqVgpPzaGbw6Sm9FEkBT1A/YBXQFGuuSxa1dN2nxgxS34JmKXqYx8CZAwEVoJFImUXIg==} - engines: {node: '>=6.0'} - peerDependencies: - supports-color: '*' - peerDependenciesMeta: - supports-color: - optional: true - - decamelize@4.0.0: - resolution: {integrity: sha512-9iE1PgSik9HeIIw2JO94IidnE3eBoQrFJ3w7sFuzSX4DpmZ3v5sZpUiV5Swcf6mQEF+Y0ru8Neo+p+nyh2J+hQ==} - engines: {node: '>=10'} - - deep-eql@5.0.2: - resolution: {integrity: sha512-h5k/5U50IJJFpzfL6nO9jaaumfjO/f2NjK/oYB2Djzm4p9L+3T9qWpZqZ2hAbLPuuYq9wrU08WQyBTL5GbPk5Q==} - engines: {node: '>=6'} - - define-data-property@1.1.4: - resolution: {integrity: sha512-rBMvIzlpA8v6E+SJZoo++HAYqsLrkg7MSfIinMPFhmkorw7X+dOXVJQs+QT69zGkzMyfDnIMN2Wid1+NbL3T+A==} - engines: {node: '>= 0.4'} - - diff@4.0.2: - resolution: {integrity: sha512-58lmxKSA4BNyLz+HHMUzlOEpg09FV+ev6ZMe3vJihgdxzgcwZ8VoEEPmALCZG9LmqfVoNMMKpttIYTVG6uDY7A==} - engines: {node: '>=0.3.1'} - - diff@5.2.0: - resolution: {integrity: sha512-uIFDxqpRZGZ6ThOk84hEfqWoHx2devRFvpTZcTHur85vImfaxUbTW9Ryh4CpCuDnToOP1CEtXKIgytHBPVff5A==} - engines: {node: '>=0.3.1'} - - discordeno@19.0.0-next.b3a8c86: - resolution: {integrity: sha512-n0IF5nlP5ECPaNsBHpuvmqgmV4AFlNr7DmbTNRX5jnh01b5z6YvSMmzAT1Um3YAIb/JI3krvJjg6+C1Mxy2AEA==} - hasBin: true - - dotenv@16.4.5: - resolution: {integrity: sha512-ZmdL2rui+eB2YwhsWzjInR8LldtZHGDoQ1ugH85ppHKwpUHL7j7rN0Ti9NCnGiQbhaZ11FpR+7ao1dNsmduNUg==} - engines: {node: '>=12'} - - emoji-regex@8.0.0: - resolution: {integrity: sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==} - - error-ex@1.3.2: - resolution: {integrity: sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==} - - es-define-property@1.0.0: - resolution: {integrity: sha512-jxayLKShrEqqzJ0eumQbVhTYQM27CfT1T35+gCgDFoL82JLsXqTJ76zv6A0YLOgEnLUMvLzsDsGIrl8NFpT2gQ==} - engines: {node: '>= 0.4'} - - es-errors@1.3.0: - resolution: {integrity: sha512-Zf5H2Kxt2xjTvbJvP2ZWLEICxA6j+hAmMzIlypy4xcBg1vKVnx89Wy0GbS+kf5cwCVFFzdCFh2XSCFNULS6csw==} - engines: {node: '>= 0.4'} - - esbuild@0.23.1: - resolution: {integrity: sha512-VVNz/9Sa0bs5SELtn3f7qhJCDPCF5oMEl5cO9/SSinpE9hbPVvxbd572HH5AKiP7WD8INO53GgfDDhRjkylHEg==} - engines: {node: '>=18'} - hasBin: true - - escalade@3.2.0: - resolution: {integrity: sha512-WUj2qlxaQtO4g6Pq5c29GTcWGDyd8itL8zTlipgECz3JesAiiOKotd8JU6otB3PACgG6xkJUyVhboMS+bje/jA==} - engines: {node: '>=6'} - - escape-string-regexp@1.0.5: - resolution: {integrity: sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==} - engines: {node: '>=0.8.0'} - - escape-string-regexp@4.0.0: - resolution: {integrity: sha512-TtpcNJ3XAzx3Gq8sWRzJaVajRs0uVxA2YAkdb1jm2YkPz4G6egUFAyA3n5vtEIZefPk5Wa4UXbKuS5fKkJWdgA==} - engines: {node: '>=10'} - - fetch-blob@3.2.0: - resolution: {integrity: sha512-7yAQpD2UMJzLi1Dqv7qFYnPbaPx7ZfFK6PiIxQ4PfkGPyNyl2Ugx+a/umUonmKqjhM4DnfbMvdX6otXq83soQQ==} - engines: {node: ^12.20 || >= 14.13} - - fill-range@7.1.1: - resolution: {integrity: sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==} - engines: {node: '>=8'} - - find-up@5.0.0: - resolution: {integrity: sha512-78/PXT1wlLLDgTzDs7sjq9hzz0vXD+zn+7wypEe4fXQxCmdmqfGsEPQxmiCSQI3ajFV91bVSsvNtrJRiW6nGng==} - engines: {node: '>=10'} - - find-up@7.0.0: - resolution: {integrity: sha512-YyZM99iHrqLKjmt4LJDj58KI+fYyufRLBSYcqycxf//KpBk9FoewoGX0450m9nB44qrZnovzC2oeP5hUibxc/g==} - engines: {node: '>=18'} - - flat@5.0.2: - resolution: {integrity: sha512-b6suED+5/3rTpUBdG1gupIl8MPFCAMA0QXwmljLhvCUKcUvdE4gWky9zpuGCcXHOsz4J9wPGNWq6OKpmIzz3hQ==} - hasBin: true - - formdata-polyfill@4.0.10: - resolution: {integrity: sha512-buewHzMvYL29jdeQTVILecSaZKnt/RJWjoZCF5OW60Z67/GmSLBkOFM7qh1PI3zFNtJbaZL5eQu1vLfazOwj4g==} - engines: {node: '>=12.20.0'} - - fs.realpath@1.0.0: - resolution: {integrity: sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==} - - fsevents@2.3.3: - resolution: {integrity: sha512-5xoDfX+fL7faATnagmWPpbFtwh/R77WmMMqqHGS65C3vvB0YHrgF+B1YmZ3441tMj5n63k0212XNoJwzlhffQw==} - engines: {node: ^8.16.0 || ^10.6.0 || >=11.0.0} - os: [darwin] - - function-bind@1.1.2: - resolution: {integrity: sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA==} - - get-caller-file@2.0.5: - resolution: {integrity: sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==} - engines: {node: 6.* || 8.* || >= 10.*} - - get-func-name@2.0.2: - resolution: {integrity: sha512-8vXOvuE167CtIc3OyItco7N/dpRtBbYOsPsXCz7X/PMnlGjYjSGuZJgM1Y7mmew7BKf9BqvLX2tnOVy1BBUsxQ==} - - get-intrinsic@1.2.4: - resolution: {integrity: sha512-5uYhsJH8VJBTv7oslg4BznJYhDoRI6waYCxMmCdnTrcCrHA/fCFKoTFz2JKKE0HdDFUF7/oQuhzumXJK7paBRQ==} - engines: {node: '>= 0.4'} - - get-tsconfig@4.8.0: - resolution: {integrity: sha512-Pgba6TExTZ0FJAn1qkJAjIeKoDJ3CsI2ChuLohJnZl/tTU8MVrq3b+2t5UOPfRa4RMsorClBjJALkJUMjG1PAw==} - - glob-parent@5.1.2: - resolution: {integrity: sha512-AOIgSQCepiJYwP3ARnGx+5VnTu2HBYdzbGP45eLw1vr3zB3vZLeyed1sC9hnbcOc9/SrMyM5RPQrkGz4aS9Zow==} - engines: {node: '>= 6'} - - glob@8.1.0: - resolution: {integrity: sha512-r8hpEjiQEYlF2QU0df3dS+nxxSIreXQS1qRhMJM0Q5NDdR386C7jb7Hwwod8Fgiuex+k0GFjgft18yvxm5XoCQ==} - engines: {node: '>=12'} - deprecated: Glob versions prior to v9 are no longer supported - - gopd@1.0.1: - resolution: {integrity: sha512-d65bNlIadxvpb/A2abVdlqKqV563juRnZ1Wtk6s1sIR8uNsXR70xqIzVqxVf1eTqDunwT2MkczEeaezCKTZhwA==} - - graphile-config@0.0.1-beta.9: - resolution: {integrity: sha512-7vNxXZ24OAgXxDKXYi9JtgWPMuNbBL3057Yf32Ux+/rVP4+EePgySCc+NNnn0tORi8qwqVreN8bdWqGIcSwNXg==} - engines: {node: '>=16'} - - graphile-worker@0.16.6: - resolution: {integrity: sha512-e7gGYDmGqzju2l83MpzX8vNG/lOtVJiSzI3eZpAFubSxh/cxs7sRrRGBGjzBP1kNG0H+c95etPpNRNlH65PYhw==} - engines: {node: '>=14.0.0'} - hasBin: true - - has-flag@3.0.0: - resolution: {integrity: sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==} - engines: {node: '>=4'} - - has-flag@4.0.0: - resolution: {integrity: sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==} - engines: {node: '>=8'} - - has-property-descriptors@1.0.2: - resolution: {integrity: sha512-55JNKuIW+vq4Ke1BjOTjM2YctQIvCT7GFzHwmfZPGo5wnrgkid0YQtnAleFSqumZm4az3n2BS+erby5ipJdgrg==} - - has-proto@1.0.3: - resolution: {integrity: sha512-SJ1amZAJUiZS+PhsVLf5tGydlaVB8EdFpaSO4gmiUKUOxk8qzn5AIy4ZeJUmh22znIdk/uMAUT2pl3FxzVUH+Q==} - engines: {node: '>= 0.4'} - - has-symbols@1.0.3: - resolution: {integrity: sha512-l3LCuF6MgDNwTDKkdYGEihYjt5pRPbEg46rtlmnSPlUbgmB8LOIrKJbYYFBSbnPaJexMKtiPO8hmeRjRz2Td+A==} - engines: {node: '>= 0.4'} - - hasown@2.0.2: - resolution: {integrity: sha512-0hJU9SCPvmMzIBdZFqNPXWa6dqh7WdH0cII9y+CyS8rG3nL48Bclra9HmKhVVUHyPWNH5Y7xDwAB7bfgSjkUMQ==} - engines: {node: '>= 0.4'} - - he@1.2.0: - resolution: {integrity: sha512-F/1DnUGPopORZi0ni+CvrCgHQ5FyEAHRLSApuYWMmrbSwoN2Mn/7k+Gl38gJnR7yyDZk6WLXwiGod1JOWNDKGw==} - hasBin: true - - ignore-by-default@1.0.1: - resolution: {integrity: sha512-Ius2VYcGNk7T90CppJqcIkS5ooHUZyIQK+ClZfMfMNFEF9VSE73Fq+906u/CWu92x4gzZMWOwfFYckPObzdEbA==} - - import-fresh@3.3.0: - resolution: {integrity: sha512-veYYhQa+D1QBKznvhUHxb8faxlrwUnxseDAbAp457E0wLNio2bOSKnjYDhMj+YiAq61xrMGhQk9iXVk5FzgQMw==} - engines: {node: '>=6'} - - inflight@1.0.6: - resolution: {integrity: sha512-k92I/b08q4wvFscXCLvqfsHCrjrF7yiXsQuIVvVE7N82W3+aqpzuUdBbfhWcy/FZR3/4IgflMgKLOsvPDrGCJA==} - deprecated: This module is not supported, and leaks memory. Do not use it. Check out lru-cache if you want a good and tested way to coalesce async requests by a key value, which is much more comprehensive and powerful. - - inherits@2.0.4: - resolution: {integrity: sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==} - - interpret@3.1.1: - resolution: {integrity: sha512-6xwYfHbajpoF0xLW+iwLkhwgvLoZDfjYfoFNu8ftMoXINzwuymNLd9u/KmwtdT2GbR+/Cz66otEGEVVUHX9QLQ==} - engines: {node: '>=10.13.0'} - - is-arrayish@0.2.1: - resolution: {integrity: sha512-zz06S8t0ozoDXMG+ube26zeCTNXcKIPJZJi8hBrF4idCLms4CG9QtK7qBl1boi5ODzFpjswb5JPmHCbMpjaYzg==} - - is-binary-path@2.1.0: - resolution: {integrity: sha512-ZMERYes6pDydyuGidse7OsHxtbI7WVeUEozgR/g7rd0xUimYNlvZRE/K2MgZTjWy725IfelLeVcEM97mmtRGXw==} - engines: {node: '>=8'} - - is-extglob@2.1.1: - resolution: {integrity: sha512-SbKbANkN603Vi4jEZv49LeVJMn4yGwsbzZworEoyEiutsN3nJYdbO36zfhGJ6QEDpOZIFkDtnq5JRxmvl3jsoQ==} - engines: {node: '>=0.10.0'} - - is-fullwidth-code-point@3.0.0: - resolution: {integrity: sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==} - engines: {node: '>=8'} - - is-glob@4.0.3: - resolution: {integrity: sha512-xelSayHH36ZgE7ZWhli7pW34hNbNl8Ojv5KVmkJD4hBdD3th8Tfk9vYasLM+mXWOZhFkgZfxhLSnrwRr4elSSg==} - engines: {node: '>=0.10.0'} - - is-network-error@1.1.0: - resolution: {integrity: sha512-tUdRRAnhT+OtCZR/LxZelH/C7QtjtFrTu5tXCA8pl55eTUElUHT+GPYV8MBMBvea/j+NxQqVt3LbWMRir7Gx9g==} - engines: {node: '>=16'} - - is-number@7.0.0: - resolution: {integrity: sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==} - engines: {node: '>=0.12.0'} - - is-plain-obj@2.1.0: - resolution: {integrity: sha512-YWnfyRwxL/+SsrWYfOpUtz5b3YD+nyfkHvjbcanzk8zgyO4ASD67uVMRt8k5bM4lLMDnXfriRhOpemw+NfT1eA==} - engines: {node: '>=8'} - - is-unicode-supported@0.1.0: - resolution: {integrity: sha512-knxG2q4UC3u8stRGyAVJCOdxFmv5DZiRcdlIaAQXAbSfJya+OhopNotLQrstBhququ4ZpuKbDc/8S6mgXgPFPw==} - engines: {node: '>=10'} - - js-tokens@4.0.0: - resolution: {integrity: sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==} - - js-yaml@4.1.0: - resolution: {integrity: sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA==} - hasBin: true - - json-parse-even-better-errors@2.3.1: - resolution: {integrity: sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==} - - json5@2.2.3: - resolution: {integrity: sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==} - engines: {node: '>=6'} - hasBin: true - - lines-and-columns@1.2.4: - resolution: {integrity: sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg==} - - locate-path@6.0.0: - resolution: {integrity: sha512-iPZK6eYjbxRu3uB4/WZ3EsEIMJFMqAoopl3R+zuq0UjcAm/MO6KCweDgPfP3elTztoKP3KtnVHxTn2NHBSDVUw==} - engines: {node: '>=10'} - - locate-path@7.2.0: - resolution: {integrity: sha512-gvVijfZvn7R+2qyPX8mAuKcFGDf6Nc61GdvGafQsHL0sBIxfKzA+usWn4GFC/bk+QdwPUD4kWFJLhElipq+0VA==} - engines: {node: ^12.20.0 || ^14.13.1 || >=16.0.0} - - log-symbols@4.1.0: - resolution: {integrity: sha512-8XPvpAA8uyhfteu8pIvQxpJZ7SYYdpUivZpGy6sFsBuKRY/7rQGavedeB8aK+Zkyq6upMFVL/9AW6vOYzfRyLg==} - engines: {node: '>=10'} - - loupe@3.1.1: - resolution: {integrity: sha512-edNu/8D5MKVfGVFRhFf8aAxiTM6Wumfz5XsaatSxlD3w4R1d/WEKUTydCdPGbl9K7QG/Ca3GnDV2sIKIpXRQcw==} - - make-error@1.3.6: - resolution: {integrity: sha512-s8UhlNe7vPKomQhC1qFelMokr/Sc3AgNbso3n74mVPA5LTZwkB9NlXf4XPamLxJE8h0gh73rM94xvwRT2CVInw==} - - minimatch@3.1.2: - resolution: {integrity: sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==} - - minimatch@5.1.6: - resolution: {integrity: sha512-lKwV/1brpG6mBUFHtb7NUmtABCb2WZZmm2wNiOA5hAb8VdCS4B3dtMWyvcoViccwAW/COERjXLt0zP1zXUN26g==} - engines: {node: '>=10'} - - mocha@10.7.3: - resolution: {integrity: sha512-uQWxAu44wwiACGqjbPYmjo7Lg8sFrS3dQe7PP2FQI+woptP4vZXSMcfMyFL/e1yFEeEpV4RtyTpZROOKmxis+A==} - engines: {node: '>= 14.0.0'} - hasBin: true - - ms@2.1.2: - resolution: {integrity: sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==} - - ms@2.1.3: - resolution: {integrity: sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==} - - node-domexception@1.0.0: - resolution: {integrity: sha512-/jKZoMpw0F8GRwl4/eLROPA3cfcXtLApP0QzLmUT/HuPCZWyB7IY9ZrMeKw2O/nFIqPQB3PVM9aYm0F312AXDQ==} - engines: {node: '>=10.5.0'} - - node-fetch@3.3.2: - resolution: {integrity: sha512-dRB78srN/l6gqWulah9SrxeYnxeddIG30+GOqK/9OlLVyLg3HPnr6SqOWTWOXKRwC2eGYCkZ59NNuSgvSrpgOA==} - engines: {node: ^12.20.0 || ^14.13.1 || >=16.0.0} - - nodemon@3.1.4: - resolution: {integrity: sha512-wjPBbFhtpJwmIeY2yP7QF+UKzPfltVGtfce1g/bB15/8vCGZj8uxD62b/b9M9/WVgme0NZudpownKN+c0plXlQ==} - engines: {node: '>=10'} - hasBin: true - - normalize-path@3.0.0: - resolution: {integrity: sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==} - engines: {node: '>=0.10.0'} - - object-inspect@1.13.2: - resolution: {integrity: sha512-IRZSRuzJiynemAXPYtPe5BoI/RESNYR7TYm50MC5Mqbd3Jmw5y790sErYw3V6SryFJD64b74qQQs9wn5Bg/k3g==} - engines: {node: '>= 0.4'} - - obuf@1.1.2: - resolution: {integrity: sha512-PX1wu0AmAdPqOL1mWhqmlOd8kOIZQwGZw6rh7uby9fTc5lhaOWFLX3I6R1hrF9k3zUY40e6igsLGkDXK92LJNg==} - - once@1.4.0: - resolution: {integrity: sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==} - - p-limit@3.1.0: - resolution: {integrity: sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==} - engines: {node: '>=10'} - - p-limit@4.0.0: - resolution: {integrity: sha512-5b0R4txpzjPWVw/cXXUResoD4hb6U/x9BH08L7nw+GN1sezDzPdxeRvpc9c433fZhBan/wusjbCsqwqm4EIBIQ==} - engines: {node: ^12.20.0 || ^14.13.1 || >=16.0.0} - - p-locate@5.0.0: - resolution: {integrity: sha512-LaNjtRWUBY++zB5nE/NwcaoMylSPk+S+ZHNB1TzdbMJMny6dynpAGt7X/tl/QYq3TIeE6nxHppbo2LGymrG5Pw==} - engines: {node: '>=10'} - - p-locate@6.0.0: - resolution: {integrity: sha512-wPrq66Llhl7/4AGC6I+cqxT07LhXvWL08LNXz1fENOw0Ap4sRZZ/gZpTTJ5jpurzzzfS2W/Ge9BY3LgLjCShcw==} - engines: {node: ^12.20.0 || ^14.13.1 || >=16.0.0} - - p-retry@6.2.0: - resolution: {integrity: sha512-JA6nkq6hKyWLLasXQXUrO4z8BUZGUt/LjlJxx8Gb2+2ntodU/SS63YZ8b0LUTbQ8ZB9iwOfhEPhg4ykKnn2KsA==} - engines: {node: '>=16.17'} - - parent-module@1.0.1: - resolution: {integrity: sha512-GQ2EWRpQV8/o+Aw8YqtfZZPfNRWZYkbidE9k5rpl/hC3vtHHBfGm2Ifi6qWV+coDGkrUKZAxE3Lot5kcsRlh+g==} - engines: {node: '>=6'} - - parse-json@5.2.0: - resolution: {integrity: sha512-ayCKvm/phCGxOkYRSCM82iDwct8/EonSEgCSxWxD7ve6jHggsFl4fZVQBPRNgQoKiuV/odhFrGzQXZwbifC8Rg==} - engines: {node: '>=8'} - - path-exists@4.0.0: - resolution: {integrity: sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==} - engines: {node: '>=8'} - - path-exists@5.0.0: - resolution: {integrity: sha512-RjhtfwJOxzcFmNOi6ltcbcu4Iu+FL3zEj83dk4kAS+fVpTxXLO1b38RvJgT/0QwvV/L3aY9TAnyv0EOqW4GoMQ==} - engines: {node: ^12.20.0 || ^14.13.1 || >=16.0.0} - - path-type@4.0.0: - resolution: {integrity: sha512-gDKb8aZMDeD/tZWs9P6+q0J9Mwkdl6xMV8TjnGP3qJVJ06bdMgkbBlLU8IdfOsIsFz2BW1rNVT3XuNEl8zPAvw==} - engines: {node: '>=8'} - - pathval@2.0.0: - resolution: {integrity: sha512-vE7JKRyES09KiunauX7nd2Q9/L7lhok4smP9RZTDeD4MVs72Dp2qNFVz39Nz5a0FVEW0BJR6C0DYrq6unoziZA==} - engines: {node: '>= 14.16'} - - pg-cloudflare@1.1.1: - resolution: {integrity: sha512-xWPagP/4B6BgFO+EKz3JONXv3YDgvkbVrGw2mTo3D6tVDQRh1e7cqVGvyR3BE+eQgAvx1XhW/iEASj4/jCWl3Q==} - - pg-connection-string@2.6.4: - resolution: {integrity: sha512-v+Z7W/0EO707aNMaAEfiGnGL9sxxumwLl2fJvCQtMn9Fxsg+lPpPkdcyBSv/KFgpGdYkMfn+EI1Or2EHjpgLCA==} - - pg-int8@1.0.1: - resolution: {integrity: sha512-WCtabS6t3c8SkpDBUlb1kjOs7l66xsGdKpIPZsg4wR+B3+u9UAum2odSsF9tnvxg80h4ZxLWMy4pRjOsFIqQpw==} - engines: {node: '>=4.0.0'} - - pg-numeric@1.0.2: - resolution: {integrity: sha512-BM/Thnrw5jm2kKLE5uJkXqqExRUY/toLHda65XgFTBTFYZyopbKjBe29Ii3RbkvlsMoFwD+tHeGaCjjv0gHlyw==} - engines: {node: '>=4'} - - pg-pool@3.6.2: - resolution: {integrity: sha512-Htjbg8BlwXqSBQ9V8Vjtc+vzf/6fVUuak/3/XXKA9oxZprwW3IMDQTGHP+KDmVL7rtd+R1QjbnCFPuTHm3G4hg==} - peerDependencies: - pg: '>=8.0' - - pg-protocol@1.6.1: - resolution: {integrity: sha512-jPIlvgoD63hrEuihvIg+tJhoGjUsLPn6poJY9N5CnlPd91c2T18T/9zBtLxZSb1EhYxBRoZJtzScCaWlYLtktg==} - - pg-types@2.2.0: - resolution: {integrity: sha512-qTAAlrEsl8s4OiEQY69wDvcMIdQN6wdz5ojQiOy6YRMuynxenON0O5oCpJI6lshc6scgAY8qvJ2On/p+CXY0GA==} - engines: {node: '>=4'} - - pg-types@4.0.2: - resolution: {integrity: sha512-cRL3JpS3lKMGsKaWndugWQoLOCoP+Cic8oseVcbr0qhPzYD5DWXK+RZ9LY9wxRf7RQia4SCwQlXk0q6FCPrVng==} - engines: {node: '>=10'} - - pg@8.12.0: - resolution: {integrity: sha512-A+LHUSnwnxrnL/tZ+OLfqR1SxLN3c/pgDztZ47Rpbsd4jUytsTtwQo/TLPRzPJMp/1pbhYVhH9cuSZLAajNfjQ==} - engines: {node: '>= 8.0.0'} - peerDependencies: - pg-native: '>=3.0.1' - peerDependenciesMeta: - pg-native: - optional: true - - pgpass@1.0.5: - resolution: {integrity: sha512-FdW9r/jQZhSeohs1Z3sI1yxFQNFvMcnmfuj4WBMUTxOrAyLMaTcE1aAMBiTlbMNaXvBCQuVi0R7hd8udDSP7ug==} - - picocolors@1.1.0: - resolution: {integrity: sha512-TQ92mBOW0l3LeMeyLV6mzy/kWr8lkd/hp3mTg7wYK7zJhuBStmGMBG0BdeDZS/dZx1IukaX6Bk11zcln25o1Aw==} - - picomatch@2.3.1: - resolution: {integrity: sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==} - engines: {node: '>=8.6'} - - postgres-array@2.0.0: - resolution: {integrity: sha512-VpZrUqU5A69eQyW2c5CA1jtLecCsN2U/bD6VilrFDWq5+5UIEVO7nazS3TEcHf1zuPYO/sqGvUvW62g86RXZuA==} - engines: {node: '>=4'} - - postgres-array@3.0.2: - resolution: {integrity: sha512-6faShkdFugNQCLwucjPcY5ARoW1SlbnrZjmGl0IrrqewpvxvhSLHimCVzqeuULCbG0fQv7Dtk1yDbG3xv7Veog==} - engines: {node: '>=12'} - - postgres-bytea@1.0.0: - resolution: {integrity: sha512-xy3pmLuQqRBZBXDULy7KbaitYqLcmxigw14Q5sj8QBVLqEwXfeybIKVWiqAXTlcvdvb0+xkOtDbfQMOf4lST1w==} - engines: {node: '>=0.10.0'} - - postgres-bytea@3.0.0: - resolution: {integrity: sha512-CNd4jim9RFPkObHSjVHlVrxoVQXz7quwNFpz7RY1okNNme49+sVyiTvTRobiLV548Hx/hb1BG+iE7h9493WzFw==} - engines: {node: '>= 6'} - - postgres-date@1.0.7: - resolution: {integrity: sha512-suDmjLVQg78nMK2UZ454hAG+OAW+HQPZ6n++TNDUX+L0+uUlLywnoxJKDou51Zm+zTCjrCl0Nq6J9C5hP9vK/Q==} - engines: {node: '>=0.10.0'} - - postgres-date@2.1.0: - resolution: {integrity: sha512-K7Juri8gtgXVcDfZttFKVmhglp7epKb1K4pgrkLxehjqkrgPhfG6OO8LHLkfaqkbpjNRnra018XwAr1yQFWGcA==} - engines: {node: '>=12'} - - postgres-interval@1.2.0: - resolution: {integrity: sha512-9ZhXKM/rw350N1ovuWHbGxnGh/SNJ4cnxHiM0rxE4VN41wsg8P8zWn9hv/buK00RP4WvlOyr/RBDiptyxVbkZQ==} - engines: {node: '>=0.10.0'} - - postgres-interval@3.0.0: - resolution: {integrity: sha512-BSNDnbyZCXSxgA+1f5UU2GmwhoI0aU5yMxRGO8CdFEcY2BQF9xm/7MqKnYoM1nJDk8nONNWDk9WeSmePFhQdlw==} - engines: {node: '>=12'} - - postgres-range@1.1.4: - resolution: {integrity: sha512-i/hbxIE9803Alj/6ytL7UHQxRvZkI9O4Sy+J3HGc4F4oo/2eQAjTSNJ0bfxyse3bH0nuVesCk+3IRLaMtG3H6w==} - - pretty-bytes@6.1.1: - resolution: {integrity: sha512-mQUvGU6aUFQ+rNvTIAcZuWGRT9a6f6Yrg9bHs4ImKF+HZCEK+plBvnAZYSIQztknZF2qnzNtr6F8s0+IuptdlQ==} - engines: {node: ^14.13.1 || >=16.0.0} - - pstree.remy@1.1.8: - resolution: {integrity: sha512-77DZwxQmxKnu3aR542U+X8FypNzbfJ+C5XQDk3uWjWxn6151aIMGthWYRXTqT1E5oJvg+ljaa2OJi+VfvCOQ8w==} - - qs@6.13.0: - resolution: {integrity: sha512-+38qI9SOr8tfZ4QmJNplMUxqjbe7LKvvZgWdExBOmd+egZTtjLB67Gu0HRX3u/XOq7UU2Nx6nsjvS16Z9uwfpg==} - engines: {node: '>=0.6'} - - randombytes@2.1.0: - resolution: {integrity: sha512-vYl3iOX+4CKUWuxGi9Ukhie6fsqXqS9FE2Zaic4tNFD2N2QQaXOMFbuKK4QmDHC0JO6B1Zp41J0LpT0oR68amQ==} - - rate-limiter-flexible@5.0.3: - resolution: {integrity: sha512-lWx2y8NBVlTOLPyqs+6y7dxfEpT6YFqKy3MzWbCy95sTTOhOuxufP2QvRyOHpfXpB9OUJPbVLybw3z3AVAS5fA==} - - readdirp@3.6.0: - resolution: {integrity: sha512-hOS089on8RduqdbhvQ5Z37A0ESjsqz6qnRcffsMU3495FuTdqSm+7bhJ29JvIOsBDEEnan5DPu9t3To9VRlMzA==} - engines: {node: '>=8.10.0'} - - require-directory@2.1.1: - resolution: {integrity: sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==} - engines: {node: '>=0.10.0'} - - resolve-from@4.0.0: - resolution: {integrity: sha512-pb/MYmXstAkysRFx8piNI1tGFNQIFA3vkE3Gq4EuA1dF6gHp/+vgZqsCGJapvy8N3Q+4o7FwvquPJcnZ7RYy4g==} - engines: {node: '>=4'} - - resolve-pkg-maps@1.0.0: - resolution: {integrity: sha512-seS2Tj26TBVOC2NIc2rOe2y2ZO7efxITtLZcGSOnHHNOQ7CkiUBfw0Iw2ck6xkIhPwLhKNLS8BO+hEpngQlqzw==} - - retry@0.13.1: - resolution: {integrity: sha512-XQBQ3I8W1Cge0Seh+6gjj03LbmRFWuoszgK9ooCpwYIrhhoO80pfq4cUkU5DkknwfOfFteRwlZ56PYOGYyFWdg==} - engines: {node: '>= 4'} - - safe-buffer@5.2.1: - resolution: {integrity: sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ==} - - semver@7.6.3: - resolution: {integrity: sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==} - engines: {node: '>=10'} - hasBin: true - - serialize-javascript@6.0.2: - resolution: {integrity: sha512-Saa1xPByTTq2gdeFZYLLo+RFE35NHZkAbqZeWNd3BpzppeVisAqpDjcp8dyf6uIvEqJRd46jemmyA4iFIeVk8g==} - - set-function-length@1.2.2: - resolution: {integrity: sha512-pgRc4hJ4/sNjWCSS9AmnS40x3bNMDTknHgL5UaMBTMyJnU90EgWh1Rz+MC9eFu4BuN/UwZjKQuY/1v3rM7HMfg==} - engines: {node: '>= 0.4'} - - side-channel@1.0.6: - resolution: {integrity: sha512-fDW/EZ6Q9RiO8eFG8Hj+7u/oW+XrPTIChwCOM2+th2A6OblDtYYIpve9m+KvI9Z4C9qSEXlaGR6bTEYHReuglA==} - engines: {node: '>= 0.4'} - - simple-update-notifier@2.0.0: - resolution: {integrity: sha512-a2B9Y0KlNXl9u/vsW6sTIu9vGEpfKu2wRV6l1H3XEas/0gUIzGzBoP/IouTcUQbm9JWZLH3COxyn03TYlFax6w==} - engines: {node: '>=10'} - - split2@4.2.0: - resolution: {integrity: sha512-UcjcJOWknrNkF6PLX83qcHM6KHgVKNkV62Y8a5uYDVv9ydGQVwAHMKqHdJje1VTWpljG0WYpCDhrCdAOYH4TWg==} - engines: {node: '>= 10.x'} - - string-width@4.2.3: - resolution: {integrity: sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==} - engines: {node: '>=8'} - - strip-ansi@6.0.1: - resolution: {integrity: sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==} - engines: {node: '>=8'} - - strip-json-comments@3.1.1: - resolution: {integrity: sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==} - engines: {node: '>=8'} - - supports-color@5.5.0: - resolution: {integrity: sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==} - engines: {node: '>=4'} - - supports-color@7.2.0: - resolution: {integrity: sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==} - engines: {node: '>=8'} - - supports-color@8.1.1: - resolution: {integrity: sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==} - engines: {node: '>=10'} - - to-regex-range@5.0.1: - resolution: {integrity: sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==} - engines: {node: '>=8.0'} - - touch@3.1.1: - resolution: {integrity: sha512-r0eojU4bI8MnHr8c5bNo7lJDdI2qXlWWJk6a9EAFG7vbhTjElYhBVS3/miuE0uOuoLdb8Mc/rVfsmm6eo5o9GA==} - hasBin: true - - ts-node@10.9.2: - resolution: {integrity: sha512-f0FFpIdcHgn8zcPSbf1dRevwt047YMnaiJM3u2w2RewrB+fob/zePZcrOyQoLMMO7aBIddLcQIEK5dYjkLnGrQ==} - hasBin: true - peerDependencies: - '@swc/core': '>=1.2.50' - '@swc/wasm': '>=1.2.50' - '@types/node': '*' - typescript: '>=2.7' - peerDependenciesMeta: - '@swc/core': - optional: true - '@swc/wasm': - optional: true - - tslib@2.7.0: - resolution: {integrity: sha512-gLXCKdN1/j47AiHiOkJN69hJmcbGTHI0ImLmbYLHykhgeN0jVGola9yVjFgzCUklsZQMW55o+dW7IXv3RCXDzA==} - - tsx@4.19.0: - resolution: {integrity: sha512-bV30kM7bsLZKZIOCHeMNVMJ32/LuJzLVajkQI/qf92J2Qr08ueLQvW00PUZGiuLPP760UINwupgUj8qrSCPUKg==} - engines: {node: '>=18.0.0'} - hasBin: true - - typescript@5.5.4: - resolution: {integrity: sha512-Mtq29sKDAEYP7aljRgtPOpTvOfbwRWlS6dPRzwjdE+C0R4brX/GUyhHSecbHMFLNBLcJIPt9nl9yG5TZ1weH+Q==} - engines: {node: '>=14.17'} - hasBin: true - - undefsafe@2.0.5: - resolution: {integrity: sha512-WxONCrssBM8TSPRqN5EmsjVrsv4A8X12J4ArBiiayv3DyyG3ZlIg6yysuuSYdZsVz3TKcTg2fd//Ujd4CHV1iA==} - - undici-types@6.19.8: - resolution: {integrity: sha512-ve2KP6f/JnbPBFyobGHuerC9g1FYGn/F8n1LWTwNxCEzd6IfqTwUQcNXgEtmmQ6DlRrC1hrSrBnCZPokRrDHjw==} - - unicorn-magic@0.1.0: - resolution: {integrity: sha512-lRfVq8fE8gz6QMBuDM6a+LO3IAzTi05H6gCVaUpir2E1Rwpo4ZUog45KpNXKC/Mn3Yb9UDuHumeFTo9iV/D9FQ==} - engines: {node: '>=18'} - - v8-compile-cache-lib@3.0.1: - resolution: {integrity: sha512-wa7YjyUGfNZngI/vtK0UHAN+lgDCxBPCylVXGp0zu59Fz5aiGtNXaq3DhIov063MorB+VfufLh3JlF2KdTK3xg==} - - web-streams-polyfill@3.3.3: - resolution: {integrity: sha512-d2JWLCivmZYTSIoge9MsgFCZrt571BikcWGYkjC1khllbTeDlGqZ2D8vD8E/lJa8WGWbb7Plm8/XJYV7IJHZZw==} - engines: {node: '>= 8'} - - workerpool@6.5.1: - resolution: {integrity: sha512-Fs4dNYcsdpYSAfVxhnl1L5zTksjvOJxtC5hzMNl+1t9B8hTJTdKDyZ5ju7ztgPy+ft9tBFXoOlDNiOT9WUXZlA==} - - wrap-ansi@7.0.0: - resolution: {integrity: sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==} - engines: {node: '>=10'} - - wrappy@1.0.2: - resolution: {integrity: sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==} - - ws@8.18.0: - resolution: {integrity: sha512-8VbfWfHLbbwu3+N6OKsOMpBdT4kXPDDB9cJk2bJ6mh9ucxdlnNvH1e+roYkKmN9Nxw2yjz7VzeO9oOz2zJ04Pw==} - engines: {node: '>=10.0.0'} - peerDependencies: - bufferutil: ^4.0.1 - utf-8-validate: '>=5.0.2' - peerDependenciesMeta: - bufferutil: - optional: true - utf-8-validate: - optional: true - - xtend@4.0.2: - resolution: {integrity: sha512-LKYU1iAXJXUgAXn9URjiu+MWhyUXHsvfp7mcuYm9dSUKK0/CjtrUwFAxD82/mCWbtLsGjFIad0wIsod4zrTAEQ==} - engines: {node: '>=0.4'} - - y18n@5.0.8: - resolution: {integrity: sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==} - engines: {node: '>=10'} - - yargs-parser@20.2.9: - resolution: {integrity: sha512-y11nGElTIV+CT3Zv9t7VKl+Q3hTQoT9a1Qzezhhl6Rp21gJ/IVTW7Z3y9EWXhuUBC2Shnf+DX0antecpAwSP8w==} - engines: {node: '>=10'} - - yargs-parser@21.1.1: - resolution: {integrity: sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw==} - engines: {node: '>=12'} - - yargs-unparser@2.0.0: - resolution: {integrity: sha512-7pRTIA9Qc1caZ0bZ6RYRGbHJthJWuakf+WmHK0rVeLkNrrGhfoabBNdue6kdINI6r4if7ocq9aD/n7xwKOdzOA==} - engines: {node: '>=10'} - - yargs@16.2.0: - resolution: {integrity: sha512-D1mvvtDG0L5ft/jGWkLpG1+m0eQxOfaBvTNELraWj22wSVUMWxZUvYgJYcKh6jGGIkJFhH4IZPQhR4TKpc8mBw==} - engines: {node: '>=10'} - - yargs@17.7.2: - resolution: {integrity: sha512-7dSzzRQ++CKnNI/krKnYRV7JKKPUXMEh61soaHKg9mrWEhzFWhFnxPxGl+69cD1Ou63C13NUPCnmIcrvqCuM6w==} - engines: {node: '>=12'} - - yn@3.1.1: - resolution: {integrity: sha512-Ux4ygGWsu2c7isFWe8Yu1YluJmqVhxqK2cLXNQA5AcC3QfbGNpM7fu0Y8b/z16pXLnFxZYvWhd3fhBY9DLmC6Q==} - engines: {node: '>=6'} - - yocto-queue@0.1.0: - resolution: {integrity: sha512-rVksvsnNCdJ/ohGc6xgPwyN8eheCxsiLM8mxuE/t/mOVqJewPuO1miLpTHQiRgTKCLexL4MeAFVagts7HmNZ2Q==} - engines: {node: '>=10'} - - yocto-queue@1.1.1: - resolution: {integrity: sha512-b4JR1PFR10y1mKjhHY9LaGo6tmrgjit7hxVIeAmyMw3jegXR4dhYqLaQF5zMXZxY7tLpMyJeLjr1C4rLmkVe8g==} - engines: {node: '>=12.20'} - -snapshots: - - '@babel/code-frame@7.24.7': - dependencies: - '@babel/highlight': 7.24.7 - picocolors: 1.1.0 - - '@babel/helper-validator-identifier@7.24.7': {} - - '@babel/highlight@7.24.7': - dependencies: - '@babel/helper-validator-identifier': 7.24.7 - chalk: 2.4.2 - js-tokens: 4.0.0 - picocolors: 1.1.0 - - '@cspotcode/source-map-support@0.8.1': - dependencies: - '@jridgewell/trace-mapping': 0.3.9 - - '@discordeno/bot@19.0.0-next.b1bfe94': - dependencies: - '@discordeno/gateway': 19.0.0-next.b1bfe94 - '@discordeno/rest': 19.0.0-next.b1bfe94 - '@discordeno/types': 19.0.0-next.b1bfe94 - '@discordeno/utils': 19.0.0-next.b1bfe94 - transitivePeerDependencies: - - bufferutil - - utf-8-validate - - '@discordeno/bot@19.0.0-next.b3a8c86': - dependencies: - '@discordeno/gateway': 19.0.0-next.b3a8c86 - '@discordeno/rest': 19.0.0-next.b3a8c86 - '@discordeno/types': 19.0.0-next.b3a8c86 - '@discordeno/utils': 19.0.0-next.b3a8c86 - transitivePeerDependencies: - - bufferutil - - utf-8-validate - - '@discordeno/gateway@19.0.0-next.b1bfe94': - dependencies: - '@discordeno/types': 19.0.0-next.b1bfe94 - '@discordeno/utils': 19.0.0-next.b1bfe94 - ws: 8.18.0 - transitivePeerDependencies: - - bufferutil - - utf-8-validate - - '@discordeno/gateway@19.0.0-next.b3a8c86': - dependencies: - '@discordeno/types': 19.0.0-next.b3a8c86 - '@discordeno/utils': 19.0.0-next.b3a8c86 - ws: 8.18.0 - transitivePeerDependencies: - - bufferutil - - utf-8-validate - - '@discordeno/rest@19.0.0-next.b1bfe94': - dependencies: - '@discordeno/types': 19.0.0-next.b1bfe94 - '@discordeno/utils': 19.0.0-next.b1bfe94 - - '@discordeno/rest@19.0.0-next.b3a8c86': - dependencies: - '@discordeno/types': 19.0.0-next.b3a8c86 - '@discordeno/utils': 19.0.0-next.b3a8c86 - - '@discordeno/types@19.0.0-next.b1bfe94': {} - - '@discordeno/types@19.0.0-next.b3a8c86': {} - - '@discordeno/utils@19.0.0-next.b1bfe94': - dependencies: - '@discordeno/types': 19.0.0-next.b1bfe94 - - '@discordeno/utils@19.0.0-next.b3a8c86': - dependencies: - '@discordeno/types': 19.0.0-next.b3a8c86 - - '@esbuild/aix-ppc64@0.23.1': - optional: true - - '@esbuild/android-arm64@0.23.1': - optional: true - - '@esbuild/android-arm@0.23.1': - optional: true - - '@esbuild/android-x64@0.23.1': - optional: true - - '@esbuild/darwin-arm64@0.23.1': - optional: true - - '@esbuild/darwin-x64@0.23.1': - optional: true - - '@esbuild/freebsd-arm64@0.23.1': - optional: true - - '@esbuild/freebsd-x64@0.23.1': - optional: true - - '@esbuild/linux-arm64@0.23.1': - optional: true - - '@esbuild/linux-arm@0.23.1': - optional: true - - '@esbuild/linux-ia32@0.23.1': - optional: true - - '@esbuild/linux-loong64@0.23.1': - optional: true - - '@esbuild/linux-mips64el@0.23.1': - optional: true - - '@esbuild/linux-ppc64@0.23.1': - optional: true - - '@esbuild/linux-riscv64@0.23.1': - optional: true - - '@esbuild/linux-s390x@0.23.1': - optional: true - - '@esbuild/linux-x64@0.23.1': - optional: true - - '@esbuild/netbsd-x64@0.23.1': - optional: true - - '@esbuild/openbsd-arm64@0.23.1': - optional: true - - '@esbuild/openbsd-x64@0.23.1': - optional: true - - '@esbuild/sunos-x64@0.23.1': - optional: true - - '@esbuild/win32-arm64@0.23.1': - optional: true - - '@esbuild/win32-ia32@0.23.1': - optional: true - - '@esbuild/win32-x64@0.23.1': - optional: true - - '@graphile/logger@0.2.0': {} - - '@jridgewell/resolve-uri@3.1.2': {} - - '@jridgewell/sourcemap-codec@1.5.0': {} - - '@jridgewell/trace-mapping@0.3.9': - dependencies: - '@jridgewell/resolve-uri': 3.1.2 - '@jridgewell/sourcemap-codec': 1.5.0 - - '@noble/hashes@1.5.0': {} - - '@paralleldrive/cuid2@2.2.2': - dependencies: - '@noble/hashes': 1.5.0 - - '@tsconfig/node10@1.0.11': {} - - '@tsconfig/node12@1.0.11': {} - - '@tsconfig/node14@1.0.3': {} - - '@tsconfig/node16@1.0.4': {} - - '@types/chai@4.3.19': {} - - '@types/debug@4.1.12': - dependencies: - '@types/ms': 0.7.34 - - '@types/interpret@1.1.3': - dependencies: - '@types/node': 22.5.2 - - '@types/mocha@10.0.7': {} - - '@types/ms@0.7.34': {} - - '@types/node@20.16.3': - dependencies: - undici-types: 6.19.8 - - '@types/node@22.5.2': - dependencies: - undici-types: 6.19.8 - - '@types/pg@8.11.8': - dependencies: - '@types/node': 22.5.2 - pg-protocol: 1.6.1 - pg-types: 4.0.2 - - '@types/qs@6.9.15': {} - - '@types/retry@0.12.2': {} - - '@types/semver@7.5.8': {} - - acorn-walk@8.3.3: - dependencies: - acorn: 8.12.1 - - acorn@8.12.1: {} - - ansi-colors@4.1.3: {} - - ansi-regex@5.0.1: {} - - ansi-styles@3.2.1: - dependencies: - color-convert: 1.9.3 - - ansi-styles@4.3.0: - dependencies: - color-convert: 2.0.1 - - anymatch@3.1.3: - dependencies: - normalize-path: 3.0.0 - picomatch: 2.3.1 - - arg@4.1.3: {} - - argparse@2.0.1: {} - - assertion-error@2.0.1: {} - - balanced-match@1.0.2: {} - - binary-extensions@2.3.0: {} - - brace-expansion@1.1.11: - dependencies: - balanced-match: 1.0.2 - concat-map: 0.0.1 - - brace-expansion@2.0.1: - dependencies: - balanced-match: 1.0.2 - - braces@3.0.3: - dependencies: - fill-range: 7.1.1 - - browser-stdout@1.3.1: {} - - call-bind@1.0.7: - dependencies: - es-define-property: 1.0.0 - es-errors: 1.3.0 - function-bind: 1.1.2 - get-intrinsic: 1.2.4 - set-function-length: 1.2.2 - - callsites@3.1.0: {} - - camelcase@6.3.0: {} - - chai@5.1.1: - dependencies: - assertion-error: 2.0.1 - check-error: 2.1.1 - deep-eql: 5.0.2 - loupe: 3.1.1 - pathval: 2.0.0 - - chalk@2.4.2: - dependencies: - ansi-styles: 3.2.1 - escape-string-regexp: 1.0.5 - supports-color: 5.5.0 - - chalk@4.1.2: - dependencies: - ansi-styles: 4.3.0 - supports-color: 7.2.0 - - check-error@2.1.1: {} - - chokidar@3.6.0: - dependencies: - anymatch: 3.1.3 - braces: 3.0.3 - glob-parent: 5.1.2 - is-binary-path: 2.1.0 - is-glob: 4.0.3 - normalize-path: 3.0.0 - readdirp: 3.6.0 - optionalDependencies: - fsevents: 2.3.3 - - cliui@7.0.4: - dependencies: - string-width: 4.2.3 - strip-ansi: 6.0.1 - wrap-ansi: 7.0.0 - - cliui@8.0.1: - dependencies: - string-width: 4.2.3 - strip-ansi: 6.0.1 - wrap-ansi: 7.0.0 - - color-convert@1.9.3: - dependencies: - color-name: 1.1.3 - - color-convert@2.0.1: - dependencies: - color-name: 1.1.4 - - color-name@1.1.3: {} - - color-name@1.1.4: {} - - commander@12.1.0: {} - - concat-map@0.0.1: {} - - cosmiconfig@8.3.6(typescript@5.5.4): - dependencies: - import-fresh: 3.3.0 - js-yaml: 4.1.0 - parse-json: 5.2.0 - path-type: 4.0.0 - optionalDependencies: - typescript: 5.5.4 - - create-require@1.1.1: {} - - data-uri-to-buffer@4.0.1: {} - - date-fns@3.6.0: {} - - dd-cache-proxy@2.1.2(@discordeno/bot@19.0.0-next.b1bfe94): - dependencies: - '@discordeno/bot': 19.0.0-next.b1bfe94 - - debug@4.3.6: - dependencies: - ms: 2.1.2 - - debug@4.3.6(supports-color@5.5.0): - dependencies: - ms: 2.1.2 - optionalDependencies: - supports-color: 5.5.0 - - debug@4.3.6(supports-color@8.1.1): - dependencies: - ms: 2.1.2 - optionalDependencies: - supports-color: 8.1.1 - - decamelize@4.0.0: {} - - deep-eql@5.0.2: {} - - define-data-property@1.1.4: - dependencies: - es-define-property: 1.0.0 - es-errors: 1.3.0 - gopd: 1.0.1 - - diff@4.0.2: {} - - diff@5.2.0: {} - - discordeno@19.0.0-next.b3a8c86: - dependencies: - '@discordeno/bot': 19.0.0-next.b3a8c86 - '@discordeno/gateway': 19.0.0-next.b3a8c86 - '@discordeno/rest': 19.0.0-next.b3a8c86 - '@discordeno/types': 19.0.0-next.b3a8c86 - '@discordeno/utils': 19.0.0-next.b3a8c86 - commander: 12.1.0 - find-up: 7.0.0 - typescript: 5.5.4 - transitivePeerDependencies: - - bufferutil - - utf-8-validate - - dotenv@16.4.5: {} - - emoji-regex@8.0.0: {} - - error-ex@1.3.2: - dependencies: - is-arrayish: 0.2.1 - - es-define-property@1.0.0: - dependencies: - get-intrinsic: 1.2.4 - - es-errors@1.3.0: {} - - esbuild@0.23.1: - optionalDependencies: - '@esbuild/aix-ppc64': 0.23.1 - '@esbuild/android-arm': 0.23.1 - '@esbuild/android-arm64': 0.23.1 - '@esbuild/android-x64': 0.23.1 - '@esbuild/darwin-arm64': 0.23.1 - '@esbuild/darwin-x64': 0.23.1 - '@esbuild/freebsd-arm64': 0.23.1 - '@esbuild/freebsd-x64': 0.23.1 - '@esbuild/linux-arm': 0.23.1 - '@esbuild/linux-arm64': 0.23.1 - '@esbuild/linux-ia32': 0.23.1 - '@esbuild/linux-loong64': 0.23.1 - '@esbuild/linux-mips64el': 0.23.1 - '@esbuild/linux-ppc64': 0.23.1 - '@esbuild/linux-riscv64': 0.23.1 - '@esbuild/linux-s390x': 0.23.1 - '@esbuild/linux-x64': 0.23.1 - '@esbuild/netbsd-x64': 0.23.1 - '@esbuild/openbsd-arm64': 0.23.1 - '@esbuild/openbsd-x64': 0.23.1 - '@esbuild/sunos-x64': 0.23.1 - '@esbuild/win32-arm64': 0.23.1 - '@esbuild/win32-ia32': 0.23.1 - '@esbuild/win32-x64': 0.23.1 - - escalade@3.2.0: {} - - escape-string-regexp@1.0.5: {} - - escape-string-regexp@4.0.0: {} - - fetch-blob@3.2.0: - dependencies: - node-domexception: 1.0.0 - web-streams-polyfill: 3.3.3 - - fill-range@7.1.1: - dependencies: - to-regex-range: 5.0.1 - - find-up@5.0.0: - dependencies: - locate-path: 6.0.0 - path-exists: 4.0.0 - - find-up@7.0.0: - dependencies: - locate-path: 7.2.0 - path-exists: 5.0.0 - unicorn-magic: 0.1.0 - - flat@5.0.2: {} - - formdata-polyfill@4.0.10: - dependencies: - fetch-blob: 3.2.0 - - fs.realpath@1.0.0: {} - - fsevents@2.3.3: - optional: true - - function-bind@1.1.2: {} - - get-caller-file@2.0.5: {} - - get-func-name@2.0.2: {} - - get-intrinsic@1.2.4: - dependencies: - es-errors: 1.3.0 - function-bind: 1.1.2 - has-proto: 1.0.3 - has-symbols: 1.0.3 - hasown: 2.0.2 - - get-tsconfig@4.8.0: - dependencies: - resolve-pkg-maps: 1.0.0 - - glob-parent@5.1.2: - dependencies: - is-glob: 4.0.3 - - glob@8.1.0: - dependencies: - fs.realpath: 1.0.0 - inflight: 1.0.6 - inherits: 2.0.4 - minimatch: 5.1.6 - once: 1.4.0 - - gopd@1.0.1: - dependencies: - get-intrinsic: 1.2.4 - - graphile-config@0.0.1-beta.9: - dependencies: - '@types/interpret': 1.1.3 - '@types/node': 20.16.3 - '@types/semver': 7.5.8 - chalk: 4.1.2 - debug: 4.3.6 - interpret: 3.1.1 - semver: 7.6.3 - tslib: 2.7.0 - yargs: 17.7.2 - transitivePeerDependencies: - - supports-color - - graphile-worker@0.16.6(typescript@5.5.4): - dependencies: - '@graphile/logger': 0.2.0 - '@types/debug': 4.1.12 - '@types/pg': 8.11.8 - cosmiconfig: 8.3.6(typescript@5.5.4) - graphile-config: 0.0.1-beta.9 - json5: 2.2.3 - pg: 8.12.0 - tslib: 2.7.0 - yargs: 17.7.2 - transitivePeerDependencies: - - pg-native - - supports-color - - typescript - - has-flag@3.0.0: {} - - has-flag@4.0.0: {} - - has-property-descriptors@1.0.2: - dependencies: - es-define-property: 1.0.0 - - has-proto@1.0.3: {} - - has-symbols@1.0.3: {} - - hasown@2.0.2: - dependencies: - function-bind: 1.1.2 - - he@1.2.0: {} - - ignore-by-default@1.0.1: {} - - import-fresh@3.3.0: - dependencies: - parent-module: 1.0.1 - resolve-from: 4.0.0 - - inflight@1.0.6: - dependencies: - once: 1.4.0 - wrappy: 1.0.2 - - inherits@2.0.4: {} - - interpret@3.1.1: {} - - is-arrayish@0.2.1: {} - - is-binary-path@2.1.0: - dependencies: - binary-extensions: 2.3.0 - - is-extglob@2.1.1: {} - - is-fullwidth-code-point@3.0.0: {} - - is-glob@4.0.3: - dependencies: - is-extglob: 2.1.1 - - is-network-error@1.1.0: {} - - is-number@7.0.0: {} - - is-plain-obj@2.1.0: {} - - is-unicode-supported@0.1.0: {} - - js-tokens@4.0.0: {} - - js-yaml@4.1.0: - dependencies: - argparse: 2.0.1 - - json-parse-even-better-errors@2.3.1: {} - - json5@2.2.3: {} - - lines-and-columns@1.2.4: {} - - locate-path@6.0.0: - dependencies: - p-locate: 5.0.0 - - locate-path@7.2.0: - dependencies: - p-locate: 6.0.0 - - log-symbols@4.1.0: - dependencies: - chalk: 4.1.2 - is-unicode-supported: 0.1.0 - - loupe@3.1.1: - dependencies: - get-func-name: 2.0.2 - - make-error@1.3.6: {} - - minimatch@3.1.2: - dependencies: - brace-expansion: 1.1.11 - - minimatch@5.1.6: - dependencies: - brace-expansion: 2.0.1 - - mocha@10.7.3: - dependencies: - ansi-colors: 4.1.3 - browser-stdout: 1.3.1 - chokidar: 3.6.0 - debug: 4.3.6(supports-color@8.1.1) - diff: 5.2.0 - escape-string-regexp: 4.0.0 - find-up: 5.0.0 - glob: 8.1.0 - he: 1.2.0 - js-yaml: 4.1.0 - log-symbols: 4.1.0 - minimatch: 5.1.6 - ms: 2.1.3 - serialize-javascript: 6.0.2 - strip-json-comments: 3.1.1 - supports-color: 8.1.1 - workerpool: 6.5.1 - yargs: 16.2.0 - yargs-parser: 20.2.9 - yargs-unparser: 2.0.0 - - ms@2.1.2: {} - - ms@2.1.3: {} - - node-domexception@1.0.0: {} - - node-fetch@3.3.2: - dependencies: - data-uri-to-buffer: 4.0.1 - fetch-blob: 3.2.0 - formdata-polyfill: 4.0.10 - - nodemon@3.1.4: - dependencies: - chokidar: 3.6.0 - debug: 4.3.6(supports-color@5.5.0) - ignore-by-default: 1.0.1 - minimatch: 3.1.2 - pstree.remy: 1.1.8 - semver: 7.6.3 - simple-update-notifier: 2.0.0 - supports-color: 5.5.0 - touch: 3.1.1 - undefsafe: 2.0.5 - - normalize-path@3.0.0: {} - - object-inspect@1.13.2: {} - - obuf@1.1.2: {} - - once@1.4.0: - dependencies: - wrappy: 1.0.2 - - p-limit@3.1.0: - dependencies: - yocto-queue: 0.1.0 - - p-limit@4.0.0: - dependencies: - yocto-queue: 1.1.1 - - p-locate@5.0.0: - dependencies: - p-limit: 3.1.0 - - p-locate@6.0.0: - dependencies: - p-limit: 4.0.0 - - p-retry@6.2.0: - dependencies: - '@types/retry': 0.12.2 - is-network-error: 1.1.0 - retry: 0.13.1 - - parent-module@1.0.1: - dependencies: - callsites: 3.1.0 - - parse-json@5.2.0: - dependencies: - '@babel/code-frame': 7.24.7 - error-ex: 1.3.2 - json-parse-even-better-errors: 2.3.1 - lines-and-columns: 1.2.4 - - path-exists@4.0.0: {} - - path-exists@5.0.0: {} - - path-type@4.0.0: {} - - pathval@2.0.0: {} - - pg-cloudflare@1.1.1: - optional: true - - pg-connection-string@2.6.4: {} - - pg-int8@1.0.1: {} - - pg-numeric@1.0.2: {} - - pg-pool@3.6.2(pg@8.12.0): - dependencies: - pg: 8.12.0 - - pg-protocol@1.6.1: {} - - pg-types@2.2.0: - dependencies: - pg-int8: 1.0.1 - postgres-array: 2.0.0 - postgres-bytea: 1.0.0 - postgres-date: 1.0.7 - postgres-interval: 1.2.0 - - pg-types@4.0.2: - dependencies: - pg-int8: 1.0.1 - pg-numeric: 1.0.2 - postgres-array: 3.0.2 - postgres-bytea: 3.0.0 - postgres-date: 2.1.0 - postgres-interval: 3.0.0 - postgres-range: 1.1.4 - - pg@8.12.0: - dependencies: - pg-connection-string: 2.6.4 - pg-pool: 3.6.2(pg@8.12.0) - pg-protocol: 1.6.1 - pg-types: 2.2.0 - pgpass: 1.0.5 - optionalDependencies: - pg-cloudflare: 1.1.1 - - pgpass@1.0.5: - dependencies: - split2: 4.2.0 - - picocolors@1.1.0: {} - - picomatch@2.3.1: {} - - postgres-array@2.0.0: {} - - postgres-array@3.0.2: {} - - postgres-bytea@1.0.0: {} - - postgres-bytea@3.0.0: - dependencies: - obuf: 1.1.2 - - postgres-date@1.0.7: {} - - postgres-date@2.1.0: {} - - postgres-interval@1.2.0: - dependencies: - xtend: 4.0.2 - - postgres-interval@3.0.0: {} - - postgres-range@1.1.4: {} - - pretty-bytes@6.1.1: {} - - pstree.remy@1.1.8: {} - - qs@6.13.0: - dependencies: - side-channel: 1.0.6 - - randombytes@2.1.0: - dependencies: - safe-buffer: 5.2.1 - - rate-limiter-flexible@5.0.3: {} - - readdirp@3.6.0: - dependencies: - picomatch: 2.3.1 - - require-directory@2.1.1: {} - - resolve-from@4.0.0: {} - - resolve-pkg-maps@1.0.0: {} - - retry@0.13.1: {} - - safe-buffer@5.2.1: {} - - semver@7.6.3: {} - - serialize-javascript@6.0.2: - dependencies: - randombytes: 2.1.0 - - set-function-length@1.2.2: - dependencies: - define-data-property: 1.1.4 - es-errors: 1.3.0 - function-bind: 1.1.2 - get-intrinsic: 1.2.4 - gopd: 1.0.1 - has-property-descriptors: 1.0.2 - - side-channel@1.0.6: - dependencies: - call-bind: 1.0.7 - es-errors: 1.3.0 - get-intrinsic: 1.2.4 - object-inspect: 1.13.2 - - simple-update-notifier@2.0.0: - dependencies: - semver: 7.6.3 - - split2@4.2.0: {} - - string-width@4.2.3: - dependencies: - emoji-regex: 8.0.0 - is-fullwidth-code-point: 3.0.0 - strip-ansi: 6.0.1 - - strip-ansi@6.0.1: - dependencies: - ansi-regex: 5.0.1 - - strip-json-comments@3.1.1: {} - - supports-color@5.5.0: - dependencies: - has-flag: 3.0.0 - - supports-color@7.2.0: - dependencies: - has-flag: 4.0.0 - - supports-color@8.1.1: - dependencies: - has-flag: 4.0.0 - - to-regex-range@5.0.1: - dependencies: - is-number: 7.0.0 - - touch@3.1.1: {} - - ts-node@10.9.2(@types/node@22.5.2)(typescript@5.5.4): - dependencies: - '@cspotcode/source-map-support': 0.8.1 - '@tsconfig/node10': 1.0.11 - '@tsconfig/node12': 1.0.11 - '@tsconfig/node14': 1.0.3 - '@tsconfig/node16': 1.0.4 - '@types/node': 22.5.2 - acorn: 8.12.1 - acorn-walk: 8.3.3 - arg: 4.1.3 - create-require: 1.1.1 - diff: 4.0.2 - make-error: 1.3.6 - typescript: 5.5.4 - v8-compile-cache-lib: 3.0.1 - yn: 3.1.1 - - tslib@2.7.0: {} - - tsx@4.19.0: - dependencies: - esbuild: 0.23.1 - get-tsconfig: 4.8.0 - optionalDependencies: - fsevents: 2.3.3 - - typescript@5.5.4: {} - - undefsafe@2.0.5: {} - - undici-types@6.19.8: {} - - unicorn-magic@0.1.0: {} - - v8-compile-cache-lib@3.0.1: {} - - web-streams-polyfill@3.3.3: {} - - workerpool@6.5.1: {} - - wrap-ansi@7.0.0: - dependencies: - ansi-styles: 4.3.0 - string-width: 4.2.3 - strip-ansi: 6.0.1 - - wrappy@1.0.2: {} - - ws@8.18.0: {} - - xtend@4.0.2: {} - - y18n@5.0.8: {} - - yargs-parser@20.2.9: {} - - yargs-parser@21.1.1: {} - - yargs-unparser@2.0.0: - dependencies: - camelcase: 6.3.0 - decamelize: 4.0.0 - flat: 5.0.2 - is-plain-obj: 2.1.0 - - yargs@16.2.0: - dependencies: - cliui: 7.0.4 - escalade: 3.2.0 - get-caller-file: 2.0.5 - require-directory: 2.1.1 - string-width: 4.2.3 - y18n: 5.0.8 - yargs-parser: 20.2.9 - - yargs@17.7.2: - dependencies: - cliui: 8.0.1 - escalade: 3.2.0 - get-caller-file: 2.0.5 - require-directory: 2.1.1 - string-width: 4.2.3 - y18n: 5.0.8 - yargs-parser: 21.1.1 - - yn@3.1.1: {} - - yocto-queue@0.1.0: {} - - yocto-queue@1.1.1: {} diff --git a/services/bot/src/bot.ts b/services/bot/src/bot.ts deleted file mode 100644 index 445684c..0000000 --- a/services/bot/src/bot.ts +++ /dev/null @@ -1,57 +0,0 @@ -import { createBot, createGatewayManager, createRestManager, Intents, type Bot } from '@discordeno/bot' -import { createProxyCache, } from 'dd-cache-proxy'; -import { configs } from './config.ts' - -export const bot = createProxyCache( - createBot({ - token: configs.token, - intents: Intents.Guilds | Intents.GuildMessages, - rest: createRestManager({ token: configs.token, applicationId: configs.discordApplicationId }), - gateway: createGatewayManager({ token: configs.token }) - }), - { - desiredProps: { - guilds: ['id', 'name', 'roles'], - roles: ['id', 'guildId', 'permissions'], - }, - cacheInMemory: { - guilds: true, - roles: true, - default: false, - }, - }, -) - -// Setup desired properties -bot.transformers.desiredProperties.interaction.id = true -bot.transformers.desiredProperties.interaction.type = true -bot.transformers.desiredProperties.interaction.data = true -bot.transformers.desiredProperties.interaction.token = true -bot.transformers.desiredProperties.interaction.guildId = true -bot.transformers.desiredProperties.interaction.member = true -bot.transformers.desiredProperties.interaction.message = true -bot.transformers.desiredProperties.interaction.user = true -bot.transformers.desiredProperties.interaction.channelId = true - -bot.transformers.desiredProperties.message.activity = true -bot.transformers.desiredProperties.message.id = true -bot.transformers.desiredProperties.message.referencedMessage = true - -bot.transformers.desiredProperties.guild.id = true -bot.transformers.desiredProperties.guild.name = true -bot.transformers.desiredProperties.guild.roles = true - -bot.transformers.desiredProperties.role.id = true -bot.transformers.desiredProperties.role.guildId = true -bot.transformers.desiredProperties.role.permissions = true - -bot.transformers.desiredProperties.member.id = true -bot.transformers.desiredProperties.member.roles = true - -bot.transformers.desiredProperties.channel.id = true - -bot.transformers.desiredProperties.user.id = true -bot.transformers.desiredProperties.user.username = true -bot.transformers.desiredProperties.user.discriminator = true - - diff --git a/services/bot/src/collector.ts b/services/bot/src/collector.ts deleted file mode 100644 index fd25474..0000000 --- a/services/bot/src/collector.ts +++ /dev/null @@ -1,14 +0,0 @@ -import { EventEmitter } from 'node:events' -import type { Interaction } from '@discordeno/bot' - -export class ItemCollector extends EventEmitter { - onItem(callback: (item: Interaction) => unknown): void { - this.on('item', callback) - } - - collect(item: Interaction): void { - this.emit('item', item) - } -} - -export default ItemCollector \ No newline at end of file diff --git a/services/bot/src/commands.ts b/services/bot/src/commands.ts deleted file mode 100644 index 54fe19c..0000000 --- a/services/bot/src/commands.ts +++ /dev/null @@ -1,22 +0,0 @@ -// @see https://github.com/discordeno/discordeno/blob/main/examples/advanced/src/commands.ts - -import { type ApplicationCommandOption, type ApplicationCommandTypes, Collection, type Interaction } from '@discordeno/bot' - -export const commands = new Collection() - -export function createCommand(command: Command): void { - commands.set(command.name, command) -} - -export interface Command { - /** The name of this command. */ - name: string - /** What does this command do? */ - description: string - /** The type of command this is. */ - type: ApplicationCommandTypes - /** The options for this command */ - options?: ApplicationCommandOption[] - /** This will be executed when the command is run. */ - execute: (interaction: Interaction, options: Record) => unknown -} \ No newline at end of file diff --git a/services/bot/src/commands/cancel.ts b/services/bot/src/commands/cancel.ts deleted file mode 100644 index bd5faeb..0000000 --- a/services/bot/src/commands/cancel.ts +++ /dev/null @@ -1,53 +0,0 @@ - -import { ApplicationCommandTypes, type Interaction } from '@discordeno/bot' -import type { Status } from '@futureporn/types' -import { createCommand } from '../commands.ts' -import { bot } from '../bot.ts' -import { configs } from '../config.ts' -import { rbacAllow } from '../middlewares/rbac.ts' - -createCommand({ - name: 'cancel', - description: 'Cancel a recording', - type: ApplicationCommandTypes.ChatInput, - async execute(interaction: Interaction) { - bot.logger.info(`cancel command is executing now.`) - const message = interaction.message - if (!message) return bot.logger.error('interaction.message was missing'); - if (!message.id) return bot.logger.error(`interaction.message.id was missing`); - - const url = `${configs.postgrestUrl}/recordings?discord_message_id=eq.${message.id}`; - const options = { - method: 'PATCH', - headers: { - 'Content-Type': 'application/json', - 'Accept': 'application/json', - 'Prefer': 'return=representation', - 'Authorization': `Bearer ${configs.automationUserJwt}` - }, - body: JSON.stringify({ - is_aborted: true, - status: 'aborted' as Status - }) - }; - - let vodId: string; - try { - await rbacAllow(['admin', 'moderator', 'testAdmin'], interaction) - const response = await fetch(url, options); - - bot.logger.info(`response.ok=${response.ok}`) - const data: any = await response.json(); - vodId = data?.at(0).id - bot.logger.info(interaction.user); - interaction.respond(`<@${interaction.user.id}> cancelled recording on VOD ${vodId}`, { isPrivate: false }) - bot.logger.info(`Cancel command successfully ran on message.id=${message.id}`) - - } catch (error) { - bot.logger.error('error encountered while cancelling job') - bot.logger.error(error); - } - - - }, -}) diff --git a/services/bot/src/commands/donger.ts b/services/bot/src/commands/donger.ts deleted file mode 100644 index d342f60..0000000 --- a/services/bot/src/commands/donger.ts +++ /dev/null @@ -1,49 +0,0 @@ - -import { ApplicationCommandTypes, type Interaction } from '@discordeno/bot' -import { createCommand } from '../commands.ts' - - - -const dongers: string[] = [ - '( ͡ᵔ ͜ʖ ͡ᵔ )', - '¯\_(ツ)_/¯', - '(๑>ᴗ<๑)', - '(̿▀̿ ̿Ĺ̯̿̿▀̿ ̿)', - '( ͡° ͜ʖ ͡°)', - '٩(͡๏̯͡๏)۶', - 'ლ(´◉❥◉`ლ)', - '( ゚Д゚)', - 'ԅ( ͒ ۝ ͒ )ᕤ', - '( ͡ᵔ ͜ʖ ͡°)', - '( ͠° ͟ʖ ͡°)╭∩╮', - '༼ つ ❦౪❦ ༽つ', - '( ͡↑ ͜ʖ ͡↑)', - '(ভ_ ভ) ރ // ┊ \\', - 'ヽ(⌐□益□)ノ', - '༼ つ ◕‿◕ ༽つ', - 'ヽ(⚆෴⚆)ノ', - '(つ .•́ _ʖ •̀.)つ', - '༼⌐■ل͟■༽', - '┬─┬ノ( ͡° ͜ʖ ͡°ノ)', - '༼⁰o⁰;༽꒳ᵒ꒳ᵎᵎᵎ', - '( -_・) ▄︻̷̿┻̿═━一', - '【 º ᗜ º 】', - 'ᕦ(✧╭╮✧)ᕥ', - '┗( T﹏T )┛', - '(Φ ᆺ Φ)', - '(TдT)', - '☞(◉▽◉)☞' -]; - -createCommand({ - name: 'donger', - description: 'Get a free donger!', - type: ApplicationCommandTypes.ChatInput, - async execute(interaction: Interaction) { - const selectedDonger = dongers[Math.floor(Math.random()*dongers.length)] - console.log(`selectedDonger=${selectedDonger}`) - await interaction.respond({ - content: selectedDonger - }) - }, -}) \ No newline at end of file diff --git a/services/bot/src/commands/ping.ts b/services/bot/src/commands/ping.ts deleted file mode 100644 index bf448a5..0000000 --- a/services/bot/src/commands/ping.ts +++ /dev/null @@ -1,13 +0,0 @@ -import { ApplicationCommandTypes, createEmbeds, snowflakeToTimestamp, type Interaction } from '@discordeno/bot' -import { createCommand } from '../commands.ts' - -createCommand({ - name: 'ping', - description: 'See if the bot latency is okay', - type: ApplicationCommandTypes.ChatInput, - async execute(interaction: Interaction) { - const ping = Date.now() - snowflakeToTimestamp(interaction.id) - const embeds = createEmbeds().setTitle(`The bot ping is ${ping}ms`) - await interaction.respond({ embeds }) - }, -}) \ No newline at end of file diff --git a/services/bot/src/commands/process.ts b/services/bot/src/commands/process.ts deleted file mode 100644 index 6f16237..0000000 --- a/services/bot/src/commands/process.ts +++ /dev/null @@ -1,31 +0,0 @@ - -import { ApplicationCommandTypes, logger, type Interaction } from '@discordeno/bot' -import { createCommand } from '../commands.ts' -import getStreamFromDatabase from '@futureporn/fetchers/getStreamFromDatabase.ts' -import patchVod from '@futureporn/fetchers/patchVod.ts' -import { quickAddJob, type WorkerUtilsOptions } from 'graphile-worker' -import { configs } from '../config.ts' -import findVod from '@futureporn/fetchers/findVod.ts' - -function throwErr(msg: string) { - logger.error(msg) - throw new Error(msg) -} - -createCommand({ - name: 'process', - description: 'Process a vod for publishing', - type: ApplicationCommandTypes.ChatInput, - async execute(interaction: Interaction) { - const discord_message_id = String(interaction?.message?.id) - logger.info(`process command begins.`) - if (!discord_message_id) return throwErr('failed to get discord message id'); - const vod = await findVod({ discord_message_id }) - if (!vod) return throwErr('failed to get vod while finding vod to process'); - const options: WorkerUtilsOptions = { connectionString: configs.connectionString } - logger.info(`now we will quickAddJob process_video`) - await quickAddJob(options, 'process_video', { vod_id: vod.id }) - logger.info(`now we will patchVodInDatabase`) - await patchVod(vod.id, { status: 'processing' }) - }, -}) diff --git a/services/bot/src/commands/record.ts b/services/bot/src/commands/record.ts deleted file mode 100644 index 90e8b72..0000000 --- a/services/bot/src/commands/record.ts +++ /dev/null @@ -1,148 +0,0 @@ -import { - type Interaction, - type InteractionCallbackData, - ApplicationCommandOptionTypes, - ApplicationCommandTypes, - EmbedsBuilder, - logger, -} from '@discordeno/bot' -import { rbacAllow } from '../middlewares/rbac.ts' -import { createCommand } from '../commands.ts' -import { configs } from '../config.ts' -import type { StreamResponse } from '@futureporn/types' -import createVod from '@futureporn/fetchers/createVod.ts' -import findOrCreateVtuber from '@futureporn/fetchers/findOrCreateVtuber.ts' -import findOrCreateStream from '@futureporn/fetchers/findOrCreateStream.ts' -import createRecording from '@futureporn/fetchers/createRecording.ts' - - -/** - * - * Get the livestream URL from the pre-existing discord message. IDK why we do this - */ -async function getUrlFromMessage(interaction: Interaction): Promise { - const messageId = interaction.message?.id - - const pgRequestUrl = `${configs.postgrestUrl}/vods?discord_message_id=eq.${messageId}` - logger.info(`pgRequestUrl=${pgRequestUrl}`) - const requestOptions = { - method: 'GET', - headers: { - 'Authorization': `Bearer ${configs.automationUserJwt}`, - 'Content-Type': 'application/json', - 'Prefer': 'return=representation' - } - } - try { - const res = await fetch (pgRequestUrl, requestOptions) - if (!res.ok) { - const body = await res.json() - logger.error(body) - throw new Error(`Problem during getUrlFromMessage. res.status=${res.status}, res.statusText=${res.statusText}`) - } - const json = await res.json() as StreamResponse[] - const vod = json[0] - const url = vod?.url - if (!url) return null - else return url - } catch (e) { - logger.error(e) - throw e - } - - -} - -async function getUrlFromData(interaction: Interaction): Promise { - if (!interaction) throw new Error('interaction arg passed to getOptions was missing'); - const url = (interaction.data?.options?.find(o => o.name === 'url'))?.value - if (!url) return null; - return String(url) -} - - -createCommand({ - name: 'record', - description: 'Record a livestream.', - type: ApplicationCommandTypes.ChatInput, - options: [ - { - name: 'url', - description: 'URL of the livestream', - type: ApplicationCommandOptionTypes.String - }, - ], - async execute(interaction: Interaction) { - // logger.info('record command is running now`)') - // logger.info(interaction) - await interaction.defer() - - - try { - // logger.info('we are at the top of the record command. start of the try{} block. we are about to run rbacAllow.') - await rbacAllow(['admin', 'patron', 'moderator', 'testAdmin'], interaction) - // The url can come from one of two places. - // interaction.data.options, or interaction.message?.embeds - let url - url = await getUrlFromData(interaction) - logger.info(`getUrlFromData url=${url}`) - if (!url) { - url = await getUrlFromMessage(interaction) - logger.info(`getUrlFromMessage url=${url}`) - } - - logger.info(`url=${url}`) - if (!url) throw new Error('Neither the interaction data nor the message embed contained a URL.'); - - - // respond to the interaction and get a message ID which we will then add to the database Record - const embeds = new EmbedsBuilder() - .setTitle(`VOD ⋅`) - .setDescription('Waiting for a worker to start the job.') - .setFields([ - { name: 'Status', value: 'Pending', inline: true }, - { name: 'URL', value: url, inline: true } - ]) - .setColor('#808080') - - const response: InteractionCallbackData = { embeds } - const message = await interaction.edit(response) - - if (!message?.id) { - const msg = `message.id was empty, ruh roh raggy` - console.error(msg) - throw new Error(msg) - } - - const discord_message_id = message.id.toString() - const discordMessageId = discord_message_id - const date = new Date() - - await createRecording({ url, discordMessageId, date }) - - } catch (e) { - const message = `Record failed due to the following error.\n${e}` - logger.error(message) - // acknowledged interactions cannot be responded to. Instead, the message gets sent as a followup, which is a public message. - // we want the message to be ephemeral/isPrivate, so we send our own message flagged as ephemeral. - // Nevermind, the following flagged message doesn't really work because I don't think regular messages can be ephemeral. (only interaction responses can be ephemeral) - // - // if (interaction.acknowledged) { - // const messageOptions: CreateMessageOptions = { - // content: message, - // flags: MessageFlags.Ephemeral - // } - logger.info(`User ${interaction.user.username} (${interaction.user.id})`) - // const dmChannel = await bot.rest.getDmChannel() - // logger.info(`dmChannel as follows`) - // logger.info(dmChannel) - // await bot.rest.sendMessage(dmChannel.id, messageOptions) - // } else { - await interaction.edit(message) - // } - - } - - - } -}) \ No newline at end of file diff --git a/services/bot/src/commands/yeah.ts b/services/bot/src/commands/yeah.ts deleted file mode 100644 index 5555aee..0000000 --- a/services/bot/src/commands/yeah.ts +++ /dev/null @@ -1,20 +0,0 @@ - -import { ApplicationCommandTypes, type Interaction } from '@discordeno/bot' -import { createCommand } from '../commands.ts' -import { bot } from '../bot.ts' - - - -createCommand({ - name: 'yeah', - description: 'Yeah! a message', - type: ApplicationCommandTypes.ChatInput, - async execute(interaction: Interaction) { - // interaction.message.id - const message = interaction.message - if (!message) return bot.logger.error('interaction.message was missing'); - if (!message.id) return bot.logger.error(`interaction.message.id was missing`); - interaction.respond('https://futureporn-b2.b-cdn.net/yeah_nobg.png', { isPrivate: true }) - bot.logger.info(`Yeah! command successfully ran with message.id=${message.id}`) - }, -}) diff --git a/services/bot/src/config.ts b/services/bot/src/config.ts deleted file mode 100644 index 9db60d5..0000000 --- a/services/bot/src/config.ts +++ /dev/null @@ -1,47 +0,0 @@ -import 'dotenv/config' - -const requiredEnvVars = [ - 'HTTP_PROXY', - 'WORKER_CONNECTION_STRING', - 'POSTGREST_URL', - 'DISCORD_TOKEN', - 'DISCORD_CHANNEL_ID', - 'DISCORD_GUILD_ID', - 'DISCORD_APPLICATION_ID', - 'AUTOMATION_USER_JWT', - 'SCOUT_URL' -] as const; - -const getEnvVar = (key: typeof requiredEnvVars[number]): string => { - const value = process.env[key]; - if (!value) { - throw new Error(`Missing ${key} env var`); - } - return value; -}; - -export interface Config { - postgrestUrl: string; - httpProxy: string; - token: string; - automationUserJwt: string; - discordGuildId: string; - discordChannelId: string; - connectionString: string; - discordApplicationId: string; - scoutUrl: string; -} - - -export const configs: Config = { - scoutUrl: getEnvVar('SCOUT_URL'), - connectionString: getEnvVar('WORKER_CONNECTION_STRING'), - httpProxy: getEnvVar('HTTP_PROXY'), - postgrestUrl: getEnvVar('POSTGREST_URL'), - token: getEnvVar('DISCORD_TOKEN'), - automationUserJwt: getEnvVar('AUTOMATION_USER_JWT'), - discordGuildId: getEnvVar('DISCORD_GUILD_ID'), - discordChannelId: getEnvVar('DISCORD_CHANNEL_ID'), - discordApplicationId: getEnvVar('DISCORD_APPLICATION_ID'), -} - diff --git a/services/bot/src/events/interactionCreate.ts b/services/bot/src/events/interactionCreate.ts deleted file mode 100644 index 2d0cbf7..0000000 --- a/services/bot/src/events/interactionCreate.ts +++ /dev/null @@ -1,51 +0,0 @@ -import { InteractionTypes, commandOptionsParser, type Interaction } from '@discordeno/bot' -import { bot } from '../bot.ts' -import { commands, type Command } from '../commands.ts' -import ItemCollector from '../collector.ts' - -export const collectors = new Set() - -const execCommand = async function execCommand(command: Command, interaction: Interaction) { - const options = commandOptionsParser(interaction) - - try { - await command.execute(interaction, options) - } catch (error) { - bot.logger.error(`There was an error running the ${command.name} command.`) - bot.logger.error(error) - } -} - -const handleApplicationCommand = async function handleApplicationCommand (interaction: Interaction) { - - if (!interaction.data) return - const command = commands.get(interaction.data.name) - - if (!command) { - bot.logger.error(`Command ${interaction.data.name} not found`) - return - } - - execCommand(command, interaction) - -} - -const handleMessageComponent = async function handleMessageComponent (interaction: Interaction) { - if (!interaction.data) return - if (!interaction.data.customId) return - const command = commands.get(interaction.data.customId) - if (!command) return bot.logger.error(`Command customId=${interaction.data.customId} not found`); - execCommand(command, interaction) -} - -bot.events.interactionCreate = async (interaction: Interaction) => { - - if (interaction.type === InteractionTypes.ApplicationCommand) { - await handleApplicationCommand(interaction) - } else if (interaction.type === InteractionTypes.MessageComponent) { - await handleMessageComponent(interaction) - } else { - bot.logger.info(`received interaction of type=${interaction.type}`) - } - -} \ No newline at end of file diff --git a/services/bot/src/events/ready.ts b/services/bot/src/events/ready.ts deleted file mode 100644 index 2f42fde..0000000 --- a/services/bot/src/events/ready.ts +++ /dev/null @@ -1,20 +0,0 @@ - - -import { ActivityTypes } from '@discordeno/bot' -import { bot } from '../bot.ts' - -bot.events.ready = async ({ shardId }) => { - - await bot.gateway.editShardStatus(shardId, { - status: 'online', - activities: [ - { - name: 'chat', - type: ActivityTypes.Watching, - timestamps: { - start: Date.now(), - }, - }, - ], - }) -} \ No newline at end of file diff --git a/services/bot/src/index.ts b/services/bot/src/index.ts deleted file mode 100644 index 742dbd7..0000000 --- a/services/bot/src/index.ts +++ /dev/null @@ -1,63 +0,0 @@ - -import { type WorkerUtils, type RunnerOptions, run } from 'graphile-worker' -import { bot } from './bot.ts' -import type { Interaction } from '@discordeno/bot' -import { importDirectory } from './utils/loader.ts' -import { join, dirname } from 'node:path' -import { fileURLToPath } from 'url' -import { configs } from './config.ts' -import { updateApplicationCommands } from './utils/update-commands.ts' - - -const __dirname = dirname(fileURLToPath(import.meta.url)); - - -export interface ExecuteArguments { - interaction: Interaction; - workerUtils: WorkerUtils; -} - - -async function setupGraphileWorker() { - const preset: GraphileConfig.Preset = { - worker: { - connectionString: configs.connectionString, - concurrentJobs: 3, - fileExtensions: [".js", ".ts"], - taskDirectory: join(__dirname, 'tasks') - }, - }; - const runnerOptions: RunnerOptions = { - preset - } - const runner = await run(runnerOptions) - if (!runner) throw new Error('failed to initialize graphile worker'); - await runner.promise -} - - - -async function setupBot() { - bot.logger.info('Starting @futureporn/bot.') - bot.logger.info('Loading commands...') - await importDirectory(join(__dirname, './commands')) - bot.logger.info('Loading events...') - await importDirectory(join(__dirname, './events')) - await bot.start() -} - - -async function main() { - console.log('setting up bot') - await setupBot() - console.log('setting up graphile worker') - await setupGraphileWorker() // this needs to run after setupBot() has run - console.log('updating discord application commands') - await updateApplicationCommands() // this needs to run after importDirectory() has run -} - -main().catch((e) => { - console.error("error during main() function") - console.error(e) - process.exit(3) -}) diff --git a/services/bot/src/middlewares/rbac.ts b/services/bot/src/middlewares/rbac.ts deleted file mode 100644 index 1802bf7..0000000 --- a/services/bot/src/middlewares/rbac.ts +++ /dev/null @@ -1,28 +0,0 @@ -import type { Interaction } from "@discordeno/bot"; -import { logger } from "discordeno"; - - -const roleMap = new Map([ - ['patron', BigInt('1084677850180882555')], - ['admin', BigInt('1084928253699039282')], - ['moderator', BigInt('1084935803324612729')], - ['testAdmin', BigInt('1275625364382552169')] -]); - -export async function rbacAllow (roleNames: string[], interaction: Interaction) { - const roleIds = roleNames.map((role) => roleMap.get(role)).filter((roleId): roleId is bigint => roleId !== undefined); - - if (!interaction.member?.roles || interaction.member.roles.length < 1 ) { - throw new Error(`User has no roles.`) - } - logger.info(`rbacAllow ${roleNames.join(',')} begin! the user responsible for the interaction has the following roles-- ${interaction.member.roles.join(',')}`) - - const hasRequiredRole = roleIds.some(roleId => interaction.member!.roles.includes(roleId)); - - if (!hasRequiredRole) { - throw new Error(`User lacks the role to run this command. One of the following roles is required: ${roleNames.join(', ')}`) - } - - logger.info(`rbacAllow ${roleNames.join(',')} success!`) - return -} \ No newline at end of file diff --git a/services/bot/src/register-commands.ts b/services/bot/src/register-commands.ts deleted file mode 100644 index 170d514..0000000 --- a/services/bot/src/register-commands.ts +++ /dev/null @@ -1,7 +0,0 @@ -import 'dotenv/config' - -import { bot } from './bot.js' -import { updateApplicationCommands } from './utils/update-commands.ts' - -bot.logger.info('Updating commands...') -await updateApplicationCommands() \ No newline at end of file diff --git a/services/bot/src/tasks/README.md b/services/bot/src/tasks/README.md deleted file mode 100644 index 2dba732..0000000 --- a/services/bot/src/tasks/README.md +++ /dev/null @@ -1,30 +0,0 @@ -Task names uses underscores because graphile_worker expects them to be that way because graphile_worker interfaces with Postgresql which uses lowercase and numberscores. - -here are some administrative functions for clearing all tasks. Also see https://worker.graphile.org/docs/admin-functions - -(search tags, for easily finding this file by content) -administrative tasks -clear all -delete all -jobs -addJob() - -## Add job via SQL - -```sql -SELECT graphile_worker.add_job('process_stream_recording', max_attempts := 3); -``` - -## complete/cancel a job via SQL - -```sql -SELECT * FROM graphile_worker.complete_jobs(ARRAY[7, 99, 38674, ...]); -``` - -## cancel all jobs - -```sql -SELECT * FROM graphile_worker.complete_jobs( - ARRAY(SELECT id FROM graphile_worker.jobs) -); -``` \ No newline at end of file diff --git a/services/bot/src/tasks/restart_failed_recordings.ts b/services/bot/src/tasks/restart_failed_recordings.ts deleted file mode 100644 index 7ef9c2e..0000000 --- a/services/bot/src/tasks/restart_failed_recordings.ts +++ /dev/null @@ -1,85 +0,0 @@ -import type { Task, Helpers } from "graphile-worker" -import { sub } from 'date-fns' -import type { RecordingRecord } from "@futureporn/types" -import qs from 'qs' -import fetch from 'node-fetch' -import { configs } from '../config.ts' - -interface Payload { - idle_minutes: number; -} - -function assertPayload(payload: any): asserts payload is Payload { - if (typeof payload !== "object" || !payload) throw new Error("invalid payload"); - if (!payload.idle_minutes) throw new Error('idle_minutes was missing from payload'); - if (typeof payload.idle_minutes !== 'number') throw new Error('idle_minutes must be a number'); -} - -export const restart_failed_recordings: Task = async function (payload: unknown, helpers: Helpers) { - assertPayload(payload) - const { idle_minutes } = payload - helpers.logger.info(`restart_failed_recordings has begun. Expring 'recording' and 'pending' records that haven't been updated in ${idle_minutes} minutes.`) - - const url = 'http://postgrest.futureporn.svc.cluster.local:9000/records' - let records: RecordingRecord[] = [] - - try { - // 1. identify failed /records - // Any record that was updated earlier than n minute ago AND is in 'pending' or 'recording' state is marked as stalled. - const timestamp = sub(new Date(), { minutes: idle_minutes }).toISOString() - const queryOptions = { - updated_at: `lt.${timestamp}`, - or: '(recording_state.eq.pending,recording_state.eq.recording)' - } - const updatePayload = { - updated_at: new Date().toISOString(), - recording_state: 'stalled' - } - helpers.logger.info(JSON.stringify(updatePayload)) - const query = qs.stringify(queryOptions) - const res = await fetch (`${url}?${query}`, { - method: 'PATCH', - headers: { - 'Content-Type': 'application/json', - 'Authorization': `Bearer ${configs.automationUserJwt}`, - 'Prefer': 'return=headers-only' - }, - body: JSON.stringify(updatePayload) - }) - if (!res.ok) { - const body = await res.text() - helpers.logger.info(JSON.stringify(res.headers)) - helpers.logger.error(`Response code was not 200. status=${res.status}, statusText=${res.statusText}`) - helpers.logger.error(body) - return; - } - - const body = await res.text() - helpers.logger.info('body as follows') - helpers.logger.info(body) - - // const data = await res.json() as RecordingRecord[] - - // if (data.length < 1) return; - // records = data - - } catch (e: any) { - if (e instanceof Error) { - helpers.logger.error(`hi there we encountered an error while fetching /records`) - helpers.logger.error(e.message) - } else { - helpers.logger.error(e) - } - - } - - // // 2. identify and update - // for (const record of records) { - // const res = await fetch(`${url}?`) - // } - - - // // 3. done -} - -export default restart_failed_recordings \ No newline at end of file diff --git a/services/bot/src/tasks/update_discord_message.ts b/services/bot/src/tasks/update_discord_message.ts deleted file mode 100644 index e463354..0000000 --- a/services/bot/src/tasks/update_discord_message.ts +++ /dev/null @@ -1,226 +0,0 @@ -import 'dotenv/config' -import type { Status, SegmentResponse, VodResponse } from '@futureporn/types' -import { type Task, type Helpers } from 'graphile-worker' -import { intervalToDuration, formatDuration } from 'date-fns' -import prettyBytes from 'pretty-bytes' -import { - EmbedsBuilder, - ButtonStyles, - type ActionRow, - MessageComponentTypes, - type ButtonComponent, - type EditMessage, -} from '@discordeno/bot' -import { bot } from '../bot.ts' -import { configs } from '../config.ts' -import findVod from '@futureporn/fetchers/findVod.ts' - -const yeahEmojiId = BigInt('1253191939461873756') - - -interface Payload { - vod_id: string; -} - - - -function assertPayload(payload: any): asserts payload is Payload { - if (typeof payload !== "object" || !payload) throw new Error("invalid payload"); - if (!payload.vod_id) throw new Error(`vod_id was absent in the payload`); - if (typeof payload.vod_id !== 'string') throw new Error(`vod_id was not a string`); -} - - - - -async function editDiscordMessage({ helpers, vod }: { vod: VodResponse, helpers: Helpers }) { - // bot.logger.info(`editDiscordmessage with vod status=${vod.status} `) - // bot.logger.info(vod) - const discordMessageId = vod.discord_message_id - if (!discordMessageId) throw new Error(`discordMessageId was missing!`); - if (typeof discordMessageId !== 'string') throw new Error(`discordMessageId was not a string!`); - - const channelId = BigInt(configs.discordChannelId) - - const updatedMessage: EditMessage = { - embeds: getEmbeds(vod, helpers), - components: getButtonRow(vod.status) - } - bot.helpers.editMessage(channelId, discordMessageId, updatedMessage) -} - - - - -/** - * update_discord_message is the task where we edit a previously sent discord message to display - * the most up-to-date status information from the database - * - * Sometimes the update is changing the state, one of Pending|Recording|Aborted|Ended. - * Sometimes the update is adding a thumbnail image to the message - */ -export const update_discord_message: Task = async function (payload, helpers: Helpers) { - try { - assertPayload(payload) - const { vod_id } = payload - const vodId = vod_id - - const vod = await findVod({ vod_id: vodId }) - if (!vod) throw new Error('failed to get vod from database'); - // helpers.logger.info(`update_discord_message got the following vod`) - // helpers.logger.info(JSON.stringify(vod, null, 2)) - await editDiscordMessage({ helpers, vod }) - } catch (e) { - helpers.logger.error(`caught an error during update_discord_message. e=${e}`) - } -} - - - -function getEmbeds(vod: VodResponse, helpers: Helpers) { - const vodId = vod.id - const url = vod.url - const segments = vod?.segments - const status = vod.status || 'unknown' - bot.logger.info(`getEmbeds with vodId=${vodId}, status=${vod.status}, segments.length=${segments?.length}`) - const embeds = new EmbedsBuilder() - .setTitle(`VOD ${vodId}`) - .setFields([ - { name: 'Status', value: status.charAt(0).toUpperCase()+status.slice(1), inline: true }, - // { name: 'Filesize', value: prettyBytes(fileSize), inline: true }, // filesize isn't on stream. filesize is on segment. keeping for reference. @todo - { name: 'URL', value: url, inline: false }, - { name: 'CDN2', value: '@todo', inline: false }, - ]) - if (status === 'pending_recording') { - embeds - .setDescription("Waiting for a worker to accept the job.") - .setColor(2326507) - } else if (status === 'recording') { - embeds - .setDescription('The vod is being recorded.') - .setColor(392960) - } else if (status === 'aborted') { - embeds - .setDescription("The recording was stopped by the user.") - .setColor(8289651) - } else if (status === 'finished') { - embeds - .setDescription("The recording has ended nominally.") - .setColor(10855845) - } else if (status === 'failed') { - embeds - .setDescription("The recording has ended abnorminally.") - .setColor(8289651) - } else if (status === 'processing') { - embeds - .setDescription("The recording is being prepared for publishing.") - .setColor(392960) - } else if (status === 'stalled') { - embeds - .setDescription("We have not received a progress update recently.") - .setColor(8289651) - } else { - embeds - .setDescription(`The recording is in an unknown state? (streamStatus=${status} this is a bug.)`) - .setColor(10855845) - } - - // Add an Embed for segments - if (segments) { - const getDuration = (s: SegmentResponse) => formatDuration(intervalToDuration({ start: s.created_at, end: s.updated_at })) - embeds.newEmbed() - .setTitle(`Segments`) - .setFields( - (segments.length === 0) - ? ([{ value: 'There are no segments', name: '', inline: false }]) - : segments.sort((a, b) => new Date(a.created_at).getTime() - new Date(b.created_at).getTime()).map((s, i) => ( - { - name: `Segment ${i+1}`, - value: `${getDuration(s)} (${prettyBytes(s.bytes)}) (${s.s3_key})`, - inline: false - } - ))) - } - - // Add an embed for S3 files - - // Add an Embed for processing tasks - if (status === 'processing') { - const tasks = [ - { name: 'combine_video_segments', complete: false }, - { name: 'generate_thumbnail', complete: false }, - { name: 'queue_moderator_review', complete: false }, - { name: 'create_mux_asset', complete: false }, - { name: 'create_torrent', complete: false }, - ] - embeds.newEmbed() - .setTitle('Processing Tasks') - .setDescription(tasks.map((task) => `* ${task.complete ? '🗹' : '☐'} ${task.name}`).join('\n')) } - - - return embeds -} - - - -function getButtonRow(streamStatus: Status): ActionRow[] { - const components: ButtonComponent[] = [] - - const yeahButton: ButtonComponent = { - type: MessageComponentTypes.Button, - customId: 'yeah', - label: "Yeah!", - emoji: { - id: yeahEmojiId - }, - style: ButtonStyles.Success - } - const processButton: ButtonComponent = { - type: MessageComponentTypes.Button, - customId: 'process', - label: 'Process Recording', - style: ButtonStyles.Success - } - const cancelButton: ButtonComponent = { - type: MessageComponentTypes.Button, - customId: 'cancel', - label: 'Cancel', - style: ButtonStyles.Danger - } - - const retryButton: ButtonComponent = { - type: MessageComponentTypes.Button, - customId: 'record', - label: 'Retry Recording', - style: ButtonStyles.Secondary - } - - - if (streamStatus === 'pending_recording' || streamStatus === 'recording') { - components.push(cancelButton) - components.push(yeahButton) - } else if (streamStatus === 'aborted') { - components.push(retryButton) - components.push(processButton) // @todo this is only for testing. normally the process button is hidden if the stream was aborted. - } else if (streamStatus === 'finished') { - components.push(processButton) - } else if (streamStatus === 'processing') { - // @todo redo this section which is only this way for testing - components.push(retryButton) - components.push(processButton) - } else { - components.push(retryButton) - components.push(processButton) - } - - - const actionRow: ActionRow = { - type: MessageComponentTypes.ActionRow, - components: components as [ButtonComponent] - } - - return [actionRow] -} - - -export default update_discord_message \ No newline at end of file diff --git a/services/bot/src/tasks/update_vod_statuses.test.ts b/services/bot/src/tasks/update_vod_statuses.test.ts deleted file mode 100644 index 4dc70c2..0000000 --- a/services/bot/src/tasks/update_vod_statuses.test.ts +++ /dev/null @@ -1,11 +0,0 @@ -import { updateStalledVods } from "./update_vod_statuses.ts" - -describe('update_vod_statuses', function () { - describe('updateStalledVods', function () { - describe('integration', function () { - xit("Should fetch a list of VODs that haven't been updated in the past 2 minutes", function () { - // const - }) - }) - }) -}) \ No newline at end of file diff --git a/services/bot/src/tasks/update_vod_statuses.ts b/services/bot/src/tasks/update_vod_statuses.ts deleted file mode 100644 index f8022a9..0000000 --- a/services/bot/src/tasks/update_vod_statuses.ts +++ /dev/null @@ -1,127 +0,0 @@ -import type { Task, Helpers } from "graphile-worker" -import { sub } from 'date-fns' -import type { Status } from "@futureporn/types" -import qs from 'qs' -import fetch from 'node-fetch' -import { configs } from '../config.ts' - -interface Payload { - stalled_minutes: number; - finished_minutes: number; -} - -function assertPayload(payload: any): asserts payload is Payload { - if (typeof payload !== "object" || !payload) throw new Error("invalid payload"); - if (!payload.stalled_minutes) throw new Error(`stalled_minutes was absent in the payload`); - if (!payload.finished_minutes) throw new Error(`finished_minutes was absent in the payload`); - if (typeof payload.stalled_minutes !== 'number') throw new Error(`stalled_minutes parameter was not a number`); - if (typeof payload.finished_minutes !== 'number') throw new Error(`finished_minutes parameter was not a number`); -} - -export async function updateFinishedVods({ - helpers, - finished_minutes, - url -}: { - helpers: Helpers, - finished_minutes: number, - url: string -}) { - helpers.logger.info(`updateFinishedVods with finished_minutes=${finished_minutes}, url=${url}`) - - // 1. identify and update stalled /vods - // Any vods that was updated earlier than n minute ago AND is in 'pending_recording' or 'recording' state is marked as stalled. - const timestamp = sub(new Date(), { minutes: finished_minutes }).toISOString() - const queryOptions = { - updated_at: `lt.${timestamp}`, - or: '(status.eq.pending_recording,status.eq.recording)' - } - const updatePayload = { - updated_at: new Date().toISOString(), - status: 'stalled' as Status - } - // helpers.logger.info(JSON.stringify(updatePayload)) - const query = qs.stringify(queryOptions) - const res = await fetch (`${url}?${query}`, { - method: 'PATCH', - headers: { - 'Content-Type': 'application/json', - 'Authorization': `Bearer ${configs.automationUserJwt}`, - 'Prefer': 'return=headers-only' - }, - body: JSON.stringify(updatePayload) - }) - if (!res.ok) { - const body = await res.text() - helpers.logger.info(JSON.stringify(res.headers)) - helpers.logger.error(`Response code was not 200. status=${res.status}, statusText=${res.statusText}`) - helpers.logger.error(body) - return; - } -} - -export async function updateStalledVods({ - helpers, - url, - stalled_minutes = 1, -}: { - helpers: Helpers, - url: string, - stalled_minutes: number, -}) { - // Identify and update stalled vods - // note: we are checking /vods update_at which gets updated whenever a /segments gets updated (thanks to postgres trigger functions) - const stalledTimestamp = sub(new Date(), { minutes: stalled_minutes }).toISOString(); - const stalledQueryOptions = { - 'select': 'status,id', - 'updated_at': `lt.${stalledTimestamp}`, - 'or': '(status.eq.pending_recording,status.eq.recording)', - }; - const stalledUpdatePayload = { - status: 'stalled', - }; - - const stalledQuery = qs.stringify(stalledQueryOptions, { encode: false }); - const stalledFetchUrl = `${url}?${stalledQuery}`; - helpers.logger.info(`updateStalledVods with stalledFetchUrl=${stalledFetchUrl}, stalled_minutes=${stalled_minutes}, url=${url}`); - const stalledOptions = { - method: 'PATCH', - headers: { - 'Content-Type': 'application/json', - 'Authorization': `Bearer ${configs.automationUserJwt}`, - 'Prefer': 'return=headers-only', - }, - body: JSON.stringify(stalledUpdatePayload), - }; - const stalledRes = await fetch(stalledFetchUrl, stalledOptions); - if (!stalledRes.ok) { - const stalledBody = await stalledRes.text(); - helpers.logger.info(JSON.stringify(stalledRes.headers)); - helpers.logger.error(`Stalled response code was not 200. status=${stalledRes.status}, statusText=${stalledRes.statusText}`); - helpers.logger.error(stalledBody); - return; - } - // const stalledResHeaders = stalledRes.headers.get('') - // console.log(stalledRes) - // console.log(stalledResBody) -} - -export const update_vod_statuses: Task = async function (payload: unknown, helpers: Helpers) { - assertPayload(payload) - const { stalled_minutes, finished_minutes } = payload - helpers.logger.info(` & & update_vod_statuses has begun.`) - const url = 'http://postgrest.futureporn.svc.cluster.local:9000/vods' - try { - await updateStalledVods({ helpers, url, stalled_minutes }) - await updateFinishedVods({ helpers, url, finished_minutes }) - } catch (e: any) { - if (e instanceof Error) { - helpers.logger.error(`hi there we encountered an error while fetching /vods`) - helpers.logger.error(e.message) - } else { - helpers.logger.error(e) - } - } -} - -export default update_vod_statuses \ No newline at end of file diff --git a/services/bot/src/utils/loader.ts b/services/bot/src/utils/loader.ts deleted file mode 100644 index 3926b45..0000000 --- a/services/bot/src/utils/loader.ts +++ /dev/null @@ -1,23 +0,0 @@ -// @see https://github.com/discordeno/discordeno/blob/main/examples/advanced/src/utils/loader.ts - -import { readdir } from 'node:fs/promises' -import { logger } from '@discordeno/bot' -import { join } from 'node:path' - -export async function importDirectory(folder: string): Promise { - const files = await readdir(folder, { recursive: true }) - - // bot.logger.info(files) - for (const filename of files) { - if (!filename.endsWith('.js') && !filename.endsWith('.ts')) continue - logger.info(`loading ${filename}`) - - // Using `file://` and `process.cwd()` to avoid weird issues with relative paths and/or Windows - // await import(`file://${process.cwd()}/${folder}/${filename}`).catch((x) => - await import(join(folder, filename)).catch((x) => - // console.error(x) - logger.error(`cannot import ${filename} for reason: ${x}`) - // logger.fatal(`Cannot import file (${folder}/${filename}) for reason: ${x}`), - ) - } -} \ No newline at end of file diff --git a/services/bot/src/utils/update-commands.ts b/services/bot/src/utils/update-commands.ts deleted file mode 100644 index 06e1429..0000000 --- a/services/bot/src/utils/update-commands.ts +++ /dev/null @@ -1,8 +0,0 @@ -import { bot } from '../bot.ts' -import { commands } from '../commands.ts' - -export async function updateApplicationCommands(): Promise { - bot.logger.info(`updating application commands. commands=${commands.array()}`) - console.log(commands) - await bot.helpers.upsertGlobalApplicationCommands(commands.array()) -} \ No newline at end of file diff --git a/services/bot/tsconfig.json b/services/bot/tsconfig.json deleted file mode 100644 index fbafd15..0000000 --- a/services/bot/tsconfig.json +++ /dev/null @@ -1,32 +0,0 @@ -{ - "compilerOptions": { - // Base Options recommended for all projects - "esModuleInterop": true, - "skipLibCheck": true, - "target": "es2022", - "allowJs": true, - "noEmit": true, - "allowImportingTsExtensions": true, - "resolveJsonModule": true, - "moduleDetection": "force", - "isolatedModules": true, - "verbatimModuleSyntax": true, - // Enable strict type checking so you can catch bugs early - "strict": true, - "noUncheckedIndexedAccess": true, - "noImplicitOverride": true, - // Transpile our TypeScript code to JavaScript - "module": "NodeNext", - "outDir": "dist", - "lib": [ - "es2022" - ] - }, - // Include the necessary files for your project - "include": [ - "**/*.ts" -, "src/events/interactionCreate.ts.old", "../../packages/fetchers/createStreamInDatabase.ts", "../../packages/fetchers/createVod.ts", "../../packages/fetchers/findOrCreateStream.ts", "../../packages/fetchers/findOrCreateVtuber.spec.ts", "../../packages/fetchers/findOrCreateVtuber.ts", "../../packages/fetchers/findVod.ts", "../../packages/fetchers/getStreamFromDatabase.ts", "../../packages/fetchers/getStreamIdFromMessage.ts", "../../packages/fetchers/getUrlFromMessage.ts", "../../packages/fetchers/patchVod.ts" ], - "exclude": [ - "node_modules" - ] -} \ No newline at end of file diff --git a/services/bright/config/dev.exs b/services/bright/config/dev.exs index 866fd54..9405361 100644 --- a/services/bright/config/dev.exs +++ b/services/bright/config/dev.exs @@ -16,7 +16,7 @@ config :bright, Bright.Repo, config :bright, BrightWeb.Endpoint, # Binding to loopback ipv4 address prevents access from other machines. # Change to `ip: {0, 0, 0, 0}` to allow access from other machines. - http: [ip: {0, 0, 0, 0}, port: "#{System.get_env("PORT")}"], + http: [ip: {0, 0, 0, 0}, port: "#{System.get_env("PORT") || 4000}"], check_origin: false, code_reloader: true, debug_errors: true, diff --git a/services/bright/lib/bright/jobs/create_hls_playlist.ex b/services/bright/lib/bright/jobs/create_hls_playlist.ex index a960851..8b859e2 100644 --- a/services/bright/lib/bright/jobs/create_hls_playlist.ex +++ b/services/bright/lib/bright/jobs/create_hls_playlist.ex @@ -26,6 +26,7 @@ defmodule Bright.Jobs.CreateHlsPlaylist do {:ok, package_job_id} <- start_package(transcode_job_id), {:ok, asset_id} <- poll_job_completion(package_job_id) do update_vod_with_playlist_url(vod, package_job_id) + Logger.info("HLS playlist created and updated for VOD ID #{vod_id}") else {:error, reason} -> diff --git a/services/bright/lib/bright/platforms/platform.ex b/services/bright/lib/bright/platforms/platform.ex index dcc915f..d39237b 100644 --- a/services/bright/lib/bright/platforms/platform.ex +++ b/services/bright/lib/bright/platforms/platform.ex @@ -7,8 +7,6 @@ defmodule Bright.Platforms.Platform do field :url, :string field :icon, :string - many_to_many :streams, Bright.Streams.Stream, join_through: "streams_platforms" - timestamps(type: :utc_datetime) end @@ -19,12 +17,3 @@ defmodule Bright.Platforms.Platform do |> validate_required([:name, :url, :icon]) end end - - - -defimpl Phoenix.HTML.Safe, for: Bright.Platforms.Platform do - def to_iodata(platform) do - # platform.icon - platform.name - end -end diff --git a/services/bright/lib/bright_web/components/core_components.ex b/services/bright/lib/bright_web/components/core_components.ex index 7f11275..ca2d3de 100644 --- a/services/bright/lib/bright_web/components/core_components.ex +++ b/services/bright/lib/bright_web/components/core_components.ex @@ -115,7 +115,7 @@ defmodule BrightWeb.CoreComponents do phx-click={JS.push("lv:clear-flash", value: %{key: @kind}) |> hide("##{@id}")} role="alert" class={[ - "notification", + "mb-5 notification", @kind == :info && "is-success", @kind == :error && "is-danger" ]} diff --git a/services/bright/lib/bright_web/components/layouts/root.html.heex b/services/bright/lib/bright_web/components/layouts/root.html.heex index 72c95c8..9c4a422 100644 --- a/services/bright/lib/bright_web/components/layouts/root.html.heex +++ b/services/bright/lib/bright_web/components/layouts/root.html.heex @@ -20,50 +20,8 @@ %> - -
    - <%= if @current_platform do %> -
  • - {@current_platform.email} -
    • -
  • - <.link - href={~p"/platforms/settings"} - class="text-[0.8125rem] leading-6 text-zinc-900 font-semibold hover:text-zinc-700" - > - Settings - -
    • -
  • - <.link - href={~p"/platforms/log_out"} - method="delete" - class="text-[0.8125rem] leading-6 text-zinc-900 font-semibold hover:text-zinc-700" - > - Log out - -
    • - <% else %> -
  • - <.link - href={~p"/platforms/register"} - class="text-[0.8125rem] leading-6 text-zinc-900 font-semibold hover:text-zinc-700" - > - Register - -
    • -
  • - <.link - href={~p"/platforms/log_in"} - class="text-[0.8125rem] leading-6 text-zinc-900 font-semibold hover:text-zinc-700" - > - Log in - -
    • - <% end %> -
<%= @inner_content %> diff --git a/services/bright/lib/bright_web/components/navigation_components.ex b/services/bright/lib/bright_web/components/navigation_components.ex index 8a72aca..8fc2a1a 100644 --- a/services/bright/lib/bright_web/components/navigation_components.ex +++ b/services/bright/lib/bright_web/components/navigation_components.ex @@ -61,6 +61,12 @@ defmodule BrightWeb.NavigationComponents do Streams Archive + <.link + href={~p"/vods"} + class="navbar-item"> + Vods + + <.link href={~p"/vtubers"} class="navbar-item"> @@ -80,7 +86,7 @@ defmodule BrightWeb.NavigationComponents do Tags - <.link + -
+
""" diff --git a/services/bright/lib/bright_web/controllers/page_controller.ex b/services/bright/lib/bright_web/controllers/page_controller.ex index 12a72e3..e95330a 100644 --- a/services/bright/lib/bright_web/controllers/page_controller.ex +++ b/services/bright/lib/bright_web/controllers/page_controller.ex @@ -8,8 +8,6 @@ defmodule BrightWeb.PageController do # send_resp(conn, 201, "") conn - |> put_flash(:info, "You are beautiful!") - |> put_flash(:error, "Test error!") |> put_status(202) |> render(:home, layout: false) # redirect(conn, to: ~p"/redirect_test") @@ -24,6 +22,11 @@ defmodule BrightWeb.PageController do render(conn, :api, layout: false) end + def health(conn, _params) do + data = %{message: "OK", status: "success"} + json(conn, data) + end + def redirect_test(conn, _params) do render(conn, :home, layout: false) end diff --git a/services/bright/lib/bright_web/controllers/page_html/about.html.heex b/services/bright/lib/bright_web/controllers/page_html/about.html.heex index b3884c3..5fdd3a3 100644 --- a/services/bright/lib/bright_web/controllers/page_html/about.html.heex +++ b/services/bright/lib/bright_web/controllers/page_html/about.html.heex @@ -2,7 +2,23 @@ <.navbar /> -
-

About

-

@todo

+
+ +
+

About

+ +

Welcome to Futureporn, a platform built by fans, for fans, dedicated to preserving the moments that matter in the world of live streaming. It all started with a simple need: capturing ProjektMelody's streams on Chaturbate. Chaturbate doesn’t save VODs, and sometimes we missed the magic. Other times, creators like ProjektMelody faced unnecessary de-platforming for simply being unique. We wanted to create a space where this content could endure, unshaken by the tides of censorship or fleeting platforms.

+
+ +
+

Our Mission

+

FuturePorn is more than an archive; it's a movement. We aim to document who streamed, when they streamed, and celebrate the creativity and passion of our favorite H-streamers. We're building a community-driven platform to ensure that these moments withstand the test of time.

+
+ +
+

Our Vision

+

Imagine a world where you can revisit your favorite streams, sync interactive toys with VOD playback, and relive the excitement as it happened. FuturePorn isn’t just about preserving memories; it’s about innovating how we connect with the content and creators we love.

+

Join us as we redefine archiving and fandom, ensuring that no stream is ever lost again. Together, we can create a platform that stands as a testament to creativity, individuality, and the fans who make it all possible.

+
+
diff --git a/services/bright/lib/bright_web/controllers/page_html/home.html.heex b/services/bright/lib/bright_web/controllers/page_html/home.html.heex index 5af5234..04ae375 100644 --- a/services/bright/lib/bright_web/controllers/page_html/home.html.heex +++ b/services/bright/lib/bright_web/controllers/page_html/home.html.heex @@ -15,44 +15,18 @@
-

Latest VODs

- <%= for number <- 1..10 do %> - - <%= number %> - <%= number * number %> - - <% end %> + + +

This is a pre-alpha test of Futureporn version 2.0

+

Work is in progress, check back each week for updates.

+ + Streams Archive +
-
- -
- - - - Hello {@current_uuid} - - Archive - - <.back navigate={~p"/posts"}>Back -
diff --git a/services/bright/lib/bright_web/controllers/platform_html/index.html.heex b/services/bright/lib/bright_web/controllers/platform_html/index.html.heex index 3d643c4..790c6dc 100644 --- a/services/bright/lib/bright_web/controllers/platform_html/index.html.heex +++ b/services/bright/lib/bright_web/controllers/platform_html/index.html.heex @@ -10,7 +10,7 @@ <.table id="platforms" rows={@platforms} row_click={&JS.navigate(~p"/platforms/#{&1}")}> <:col :let={platform} label="Name">{platform.name} <:col :let={platform} label="Url">{platform.url} - <:col :let={platform} label="Icon">{raw(platform.icon)} + <:col :let={platform} label="Icon">{raw platform.icon} <:action :let={platform}>
<.link navigate={~p"/platforms/#{platform}"}>Show diff --git a/services/bright/lib/bright_web/controllers/platform_html/show.html.heex b/services/bright/lib/bright_web/controllers/platform_html/show.html.heex index c94efa7..4066f62 100644 --- a/services/bright/lib/bright_web/controllers/platform_html/show.html.heex +++ b/services/bright/lib/bright_web/controllers/platform_html/show.html.heex @@ -11,7 +11,7 @@ <.list> <:item title="Name">{@platform.name} <:item title="Url">{@platform.url} - <:item title="Icon">{raw(@platform.icon)} + <:item title="Icon">{raw @platform.icon} <.back navigate={~p"/platforms"}>Back to platforms diff --git a/services/bright/lib/bright_web/controllers/platform_session_controller.ex b/services/bright/lib/bright_web/controllers/platform_session_controller.ex deleted file mode 100644 index a2a9b59..0000000 --- a/services/bright/lib/bright_web/controllers/platform_session_controller.ex +++ /dev/null @@ -1,42 +0,0 @@ -defmodule BrightWeb.PlatformSessionController do - use BrightWeb, :controller - - alias Bright.Platforms - alias BrightWeb.PlatformAuth - - def create(conn, %{"_action" => "registered"} = params) do - create(conn, params, "Account created successfully!") - end - - def create(conn, %{"_action" => "password_updated"} = params) do - conn - |> put_session(:platform_return_to, ~p"/platforms/settings") - |> create(params, "Password updated successfully!") - end - - def create(conn, params) do - create(conn, params, "Welcome back!") - end - - defp create(conn, %{"platform" => platform_params}, info) do - %{"email" => email, "password" => password} = platform_params - - if platform = Platforms.get_platform_by_email_and_password(email, password) do - conn - |> put_flash(:info, info) - |> PlatformAuth.log_in_platform(platform, platform_params) - else - # In order to prevent user enumeration attacks, don't disclose whether the email is registered. - conn - |> put_flash(:error, "Invalid email or password") - |> put_flash(:email, String.slice(email, 0, 160)) - |> redirect(to: ~p"/platforms/log_in") - end - end - - def delete(conn, _params) do - conn - |> put_flash(:info, "Logged out successfully.") - |> PlatformAuth.log_out_platform() - end -end diff --git a/services/bright/lib/bright_web/controllers/vtuber_html/vtuber_form.html.heex b/services/bright/lib/bright_web/controllers/vtuber_html/vtuber_form.html.heex index 65a1e82..30c72e8 100644 --- a/services/bright/lib/bright_web/controllers/vtuber_html/vtuber_form.html.heex +++ b/services/bright/lib/bright_web/controllers/vtuber_html/vtuber_form.html.heex @@ -3,11 +3,10 @@ Oops, something went wrong! Please check the errors below. - <.input field={f[:slug]} type="text" label="Slug" /> <.input field={f[:display_name]} type="text" label="Display Name" /> + <.input field={f[:slug]} type="text" label="Slug" /> <.input field={f[:image]} type="text" label="Image URL" /> <.input field={f[:theme_color]} type="color" label="Theme Color" /> - <.input field={f[:chaturbate]} type="text" label="Chaturbate" /> <.input field={f[:twitter]} type="text" label="Twitter" /> <.input field={f[:patreon]} type="text" label="Patreon" /> diff --git a/services/bright/lib/bright_web/live/platform_confirmation_instructions_live.ex b/services/bright/lib/bright_web/live/platform_confirmation_instructions_live.ex deleted file mode 100644 index 780c42a..0000000 --- a/services/bright/lib/bright_web/live/platform_confirmation_instructions_live.ex +++ /dev/null @@ -1,51 +0,0 @@ -defmodule BrightWeb.PlatformConfirmationInstructionsLive do - use BrightWeb, :live_view - - alias Bright.Platforms - - def render(assigns) do - ~H""" -
- <.header class="text-center"> - No confirmation instructions received? - <:subtitle>We'll send a new confirmation link to your inbox - - - <.simple_form for={@form} id="resend_confirmation_form" phx-submit="send_instructions"> - <.input field={@form[:email]} type="email" placeholder="Email" required /> - <:actions> - <.button phx-disable-with="Sending..." class="w-full"> - Resend confirmation instructions - - - - -

- <.link href={~p"/platforms/register"}>Register - | <.link href={~p"/platforms/log_in"}>Log in -

-
- """ - end - - def mount(_params, _session, socket) do - {:ok, assign(socket, form: to_form(%{}, as: "platform"))} - end - - def handle_event("send_instructions", %{"platform" => %{"email" => email}}, socket) do - if platform = Platforms.get_platform_by_email(email) do - Platforms.deliver_platform_confirmation_instructions( - platform, - &url(~p"/platforms/confirm/#{&1}") - ) - end - - info = - "If your email is in our system and it has not been confirmed yet, you will receive an email with instructions shortly." - - {:noreply, - socket - |> put_flash(:info, info) - |> redirect(to: ~p"/")} - end -end diff --git a/services/bright/lib/bright_web/live/platform_confirmation_live.ex b/services/bright/lib/bright_web/live/platform_confirmation_live.ex deleted file mode 100644 index 1dfaec4..0000000 --- a/services/bright/lib/bright_web/live/platform_confirmation_live.ex +++ /dev/null @@ -1,58 +0,0 @@ -defmodule BrightWeb.PlatformConfirmationLive do - use BrightWeb, :live_view - - alias Bright.Platforms - - def render(%{live_action: :edit} = assigns) do - ~H""" -
- <.header class="text-center">Confirm Account - - <.simple_form for={@form} id="confirmation_form" phx-submit="confirm_account"> - - <:actions> - <.button phx-disable-with="Confirming..." class="w-full">Confirm my account - - - -

- <.link href={~p"/platforms/register"}>Register - | <.link href={~p"/platforms/log_in"}>Log in -

-
- """ - end - - def mount(%{"token" => token}, _session, socket) do - form = to_form(%{"token" => token}, as: "platform") - {:ok, assign(socket, form: form), temporary_assigns: [form: nil]} - end - - # Do not log in the platform after confirmation to avoid a - # leaked token giving the platform access to the account. - def handle_event("confirm_account", %{"platform" => %{"token" => token}}, socket) do - case Platforms.confirm_platform(token) do - {:ok, _} -> - {:noreply, - socket - |> put_flash(:info, "Platform confirmed successfully.") - |> redirect(to: ~p"/")} - - :error -> - # If there is a current platform and the account was already confirmed, - # then odds are that the confirmation link was already visited, either - # by some automation or by the platform themselves, so we redirect without - # a warning message. - case socket.assigns do - %{current_platform: %{confirmed_at: confirmed_at}} when not is_nil(confirmed_at) -> - {:noreply, redirect(socket, to: ~p"/")} - - %{} -> - {:noreply, - socket - |> put_flash(:error, "Platform confirmation link is invalid or it has expired.") - |> redirect(to: ~p"/")} - end - end - end -end diff --git a/services/bright/lib/bright_web/live/platform_forgot_password_live.ex b/services/bright/lib/bright_web/live/platform_forgot_password_live.ex deleted file mode 100644 index 99402d4..0000000 --- a/services/bright/lib/bright_web/live/platform_forgot_password_live.ex +++ /dev/null @@ -1,50 +0,0 @@ -defmodule BrightWeb.PlatformForgotPasswordLive do - use BrightWeb, :live_view - - alias Bright.Platforms - - def render(assigns) do - ~H""" -
- <.header class="text-center"> - Forgot your password? - <:subtitle>We'll send a password reset link to your inbox - - - <.simple_form for={@form} id="reset_password_form" phx-submit="send_email"> - <.input field={@form[:email]} type="email" placeholder="Email" required /> - <:actions> - <.button phx-disable-with="Sending..." class="w-full"> - Send password reset instructions - - - -

- <.link href={~p"/platforms/register"}>Register - | <.link href={~p"/platforms/log_in"}>Log in -

-
- """ - end - - def mount(_params, _session, socket) do - {:ok, assign(socket, form: to_form(%{}, as: "platform"))} - end - - def handle_event("send_email", %{"platform" => %{"email" => email}}, socket) do - if platform = Platforms.get_platform_by_email(email) do - Platforms.deliver_platform_reset_password_instructions( - platform, - &url(~p"/platforms/reset_password/#{&1}") - ) - end - - info = - "If your email is in our system, you will receive instructions to reset your password shortly." - - {:noreply, - socket - |> put_flash(:info, info) - |> redirect(to: ~p"/")} - end -end diff --git a/services/bright/lib/bright_web/live/platform_login_live.ex b/services/bright/lib/bright_web/live/platform_login_live.ex deleted file mode 100644 index af55de9..0000000 --- a/services/bright/lib/bright_web/live/platform_login_live.ex +++ /dev/null @@ -1,43 +0,0 @@ -defmodule BrightWeb.PlatformLoginLive do - use BrightWeb, :live_view - - def render(assigns) do - ~H""" -
- <.header class="text-center"> - Log in to account - <:subtitle> - Don't have an account? - <.link navigate={~p"/platforms/register"} class="font-semibold text-brand hover:underline"> - Sign up - - for an account now. - - - - <.simple_form for={@form} id="login_form" action={~p"/platforms/log_in"} phx-update="ignore"> - <.input field={@form[:email]} type="email" label="Email" required /> - <.input field={@form[:password]} type="password" label="Password" required /> - - <:actions> - <.input field={@form[:remember_me]} type="checkbox" label="Keep me logged in" /> - <.link href={~p"/platforms/reset_password"} class="text-sm font-semibold"> - Forgot your password? - - - <:actions> - <.button phx-disable-with="Logging in..." class="w-full"> - Log in - - - -
- """ - end - - def mount(_params, _session, socket) do - email = Phoenix.Flash.get(socket.assigns.flash, :email) - form = to_form(%{"email" => email}, as: "platform") - {:ok, assign(socket, form: form), temporary_assigns: [form: form]} - end -end diff --git a/services/bright/lib/bright_web/live/platform_registration_live.ex b/services/bright/lib/bright_web/live/platform_registration_live.ex deleted file mode 100644 index 591e36b..0000000 --- a/services/bright/lib/bright_web/live/platform_registration_live.ex +++ /dev/null @@ -1,87 +0,0 @@ -defmodule BrightWeb.PlatformRegistrationLive do - use BrightWeb, :live_view - - alias Bright.Platforms - alias Bright.Platforms.Platform - - def render(assigns) do - ~H""" -
- <.header class="text-center"> - Register for an account - <:subtitle> - Already registered? - <.link navigate={~p"/platforms/log_in"} class="font-semibold text-brand hover:underline"> - Log in - - to your account now. - - - - <.simple_form - for={@form} - id="registration_form" - phx-submit="save" - phx-change="validate" - phx-trigger-action={@trigger_submit} - action={~p"/platforms/log_in?_action=registered"} - method="post" - > - <.error :if={@check_errors}> - Oops, something went wrong! Please check the errors below. - - - <.input field={@form[:email]} type="email" label="Email" required /> - <.input field={@form[:password]} type="password" label="Password" required /> - - <:actions> - <.button phx-disable-with="Creating account..." class="w-full">Create an account - - -
- """ - end - - def mount(_params, _session, socket) do - changeset = Platforms.change_platform_registration(%Platform{}) - - socket = - socket - |> assign(trigger_submit: false, check_errors: false) - |> assign_form(changeset) - - {:ok, socket, temporary_assigns: [form: nil]} - end - - def handle_event("save", %{"platform" => platform_params}, socket) do - case Platforms.register_platform(platform_params) do - {:ok, platform} -> - {:ok, _} = - Platforms.deliver_platform_confirmation_instructions( - platform, - &url(~p"/platforms/confirm/#{&1}") - ) - - changeset = Platforms.change_platform_registration(platform) - {:noreply, socket |> assign(trigger_submit: true) |> assign_form(changeset)} - - {:error, %Ecto.Changeset{} = changeset} -> - {:noreply, socket |> assign(check_errors: true) |> assign_form(changeset)} - end - end - - def handle_event("validate", %{"platform" => platform_params}, socket) do - changeset = Platforms.change_platform_registration(%Platform{}, platform_params) - {:noreply, assign_form(socket, Map.put(changeset, :action, :validate))} - end - - defp assign_form(socket, %Ecto.Changeset{} = changeset) do - form = to_form(changeset, as: "platform") - - if changeset.valid? do - assign(socket, form: form, check_errors: false) - else - assign(socket, form: form) - end - end -end diff --git a/services/bright/lib/bright_web/live/platform_reset_password_live.ex b/services/bright/lib/bright_web/live/platform_reset_password_live.ex deleted file mode 100644 index 7bce43e..0000000 --- a/services/bright/lib/bright_web/live/platform_reset_password_live.ex +++ /dev/null @@ -1,89 +0,0 @@ -defmodule BrightWeb.PlatformResetPasswordLive do - use BrightWeb, :live_view - - alias Bright.Platforms - - def render(assigns) do - ~H""" -
- <.header class="text-center">Reset Password - - <.simple_form - for={@form} - id="reset_password_form" - phx-submit="reset_password" - phx-change="validate" - > - <.error :if={@form.errors != []}> - Oops, something went wrong! Please check the errors below. - - - <.input field={@form[:password]} type="password" label="New password" required /> - <.input - field={@form[:password_confirmation]} - type="password" - label="Confirm new password" - required - /> - <:actions> - <.button phx-disable-with="Resetting..." class="w-full">Reset Password - - - -

- <.link href={~p"/platforms/register"}>Register - | <.link href={~p"/platforms/log_in"}>Log in -

-
- """ - end - - def mount(params, _session, socket) do - socket = assign_platform_and_token(socket, params) - - form_source = - case socket.assigns do - %{platform: platform} -> - Platforms.change_platform_password(platform) - - _ -> - %{} - end - - {:ok, assign_form(socket, form_source), temporary_assigns: [form: nil]} - end - - # Do not log in the platform after reset password to avoid a - # leaked token giving the platform access to the account. - def handle_event("reset_password", %{"platform" => platform_params}, socket) do - case Platforms.reset_platform_password(socket.assigns.platform, platform_params) do - {:ok, _} -> - {:noreply, - socket - |> put_flash(:info, "Password reset successfully.") - |> redirect(to: ~p"/platforms/log_in")} - - {:error, changeset} -> - {:noreply, assign_form(socket, Map.put(changeset, :action, :insert))} - end - end - - def handle_event("validate", %{"platform" => platform_params}, socket) do - changeset = Platforms.change_platform_password(socket.assigns.platform, platform_params) - {:noreply, assign_form(socket, Map.put(changeset, :action, :validate))} - end - - defp assign_platform_and_token(socket, %{"token" => token}) do - if platform = Platforms.get_platform_by_reset_password_token(token) do - assign(socket, platform: platform, token: token) - else - socket - |> put_flash(:error, "Reset password link is invalid or it has expired.") - |> redirect(to: ~p"/") - end - end - - defp assign_form(socket, %{} = source) do - assign(socket, :form, to_form(source, as: "platform")) - end -end diff --git a/services/bright/lib/bright_web/live/platform_settings_live.ex b/services/bright/lib/bright_web/live/platform_settings_live.ex deleted file mode 100644 index d1fa883..0000000 --- a/services/bright/lib/bright_web/live/platform_settings_live.ex +++ /dev/null @@ -1,167 +0,0 @@ -defmodule BrightWeb.PlatformSettingsLive do - use BrightWeb, :live_view - - alias Bright.Platforms - - def render(assigns) do - ~H""" - <.header class="text-center"> - Account Settings - <:subtitle>Manage your account email address and password settings - - -
-
- <.simple_form - for={@email_form} - id="email_form" - phx-submit="update_email" - phx-change="validate_email" - > - <.input field={@email_form[:email]} type="email" label="Email" required /> - <.input - field={@email_form[:current_password]} - name="current_password" - id="current_password_for_email" - type="password" - label="Current password" - value={@email_form_current_password} - required - /> - <:actions> - <.button phx-disable-with="Changing...">Change Email - - -
-
- <.simple_form - for={@password_form} - id="password_form" - action={~p"/platforms/log_in?_action=password_updated"} - method="post" - phx-change="validate_password" - phx-submit="update_password" - phx-trigger-action={@trigger_submit} - > - - <.input field={@password_form[:password]} type="password" label="New password" required /> - <.input - field={@password_form[:password_confirmation]} - type="password" - label="Confirm new password" - /> - <.input - field={@password_form[:current_password]} - name="current_password" - type="password" - label="Current password" - id="current_password_for_password" - value={@current_password} - required - /> - <:actions> - <.button phx-disable-with="Changing...">Change Password - - -
-
- """ - end - - def mount(%{"token" => token}, _session, socket) do - socket = - case Platforms.update_platform_email(socket.assigns.current_platform, token) do - :ok -> - put_flash(socket, :info, "Email changed successfully.") - - :error -> - put_flash(socket, :error, "Email change link is invalid or it has expired.") - end - - {:ok, push_navigate(socket, to: ~p"/platforms/settings")} - end - - def mount(_params, _session, socket) do - platform = socket.assigns.current_platform - email_changeset = Platforms.change_platform_email(platform) - password_changeset = Platforms.change_platform_password(platform) - - socket = - socket - |> assign(:current_password, nil) - |> assign(:email_form_current_password, nil) - |> assign(:current_email, platform.email) - |> assign(:email_form, to_form(email_changeset)) - |> assign(:password_form, to_form(password_changeset)) - |> assign(:trigger_submit, false) - - {:ok, socket} - end - - def handle_event("validate_email", params, socket) do - %{"current_password" => password, "platform" => platform_params} = params - - email_form = - socket.assigns.current_platform - |> Platforms.change_platform_email(platform_params) - |> Map.put(:action, :validate) - |> to_form() - - {:noreply, assign(socket, email_form: email_form, email_form_current_password: password)} - end - - def handle_event("update_email", params, socket) do - %{"current_password" => password, "platform" => platform_params} = params - platform = socket.assigns.current_platform - - case Platforms.apply_platform_email(platform, password, platform_params) do - {:ok, applied_platform} -> - Platforms.deliver_platform_update_email_instructions( - applied_platform, - platform.email, - &url(~p"/platforms/settings/confirm_email/#{&1}") - ) - - info = "A link to confirm your email change has been sent to the new address." - {:noreply, socket |> put_flash(:info, info) |> assign(email_form_current_password: nil)} - - {:error, changeset} -> - {:noreply, assign(socket, :email_form, to_form(Map.put(changeset, :action, :insert)))} - end - end - - def handle_event("validate_password", params, socket) do - %{"current_password" => password, "platform" => platform_params} = params - - password_form = - socket.assigns.current_platform - |> Platforms.change_platform_password(platform_params) - |> Map.put(:action, :validate) - |> to_form() - - {:noreply, assign(socket, password_form: password_form, current_password: password)} - end - - def handle_event("update_password", params, socket) do - %{"current_password" => password, "platform" => platform_params} = params - platform = socket.assigns.current_platform - - case Platforms.update_platform_password(platform, password, platform_params) do - {:ok, platform} -> - password_form = - platform - |> Platforms.change_platform_password(platform_params) - |> to_form() - - {:noreply, assign(socket, trigger_submit: true, password_form: password_form)} - - {:error, changeset} -> - {:noreply, assign(socket, password_form: to_form(changeset))} - end - end -end diff --git a/services/bright/lib/bright_web/router.ex b/services/bright/lib/bright_web/router.ex index 7cae201..c991da5 100644 --- a/services/bright/lib/bright_web/router.ex +++ b/services/bright/lib/bright_web/router.ex @@ -1,8 +1,7 @@ defmodule BrightWeb.Router do use BrightWeb, :router - import BrightWeb.PlatformAuth - alias Bright.ShoppingCart + pipeline :browser do plug :accepts, ["html", "json"] @@ -11,14 +10,9 @@ defmodule BrightWeb.Router do plug :put_root_layout, html: {BrightWeb.Layouts, :root} plug :protect_from_forgery plug :put_secure_browser_headers - plug :fetch_current_platform - plug :fetch_current_user - plug :fetch_current_cart end - pipeline :auth do - # plug :ensure_authenticated - end + defp fetch_current_user(conn, _) do @@ -32,29 +26,20 @@ defmodule BrightWeb.Router do end end - defp fetch_current_cart(conn, _opts) do - if cart = ShoppingCart.get_cart_by_user_uuid(conn.assigns.current_uuid) do - assign(conn, :cart, cart) - else - {:ok, new_cart} = ShoppingCart.create_cart(conn.assigns.current_uuid) - assign(conn, :cart, new_cart) - end - end + pipeline :api do plug :accepts, ["json"] end scope "/" do - pipe_through [:browser, :auth] + pipe_through [:browser] - get "/posts/new", PostController, :new - post "/posts", PostController, :create - - get "/streams/new", StreamController, :new - post "/streams", StreamController, :create + # get "/streams/new", StreamController, :new + # post "/streams", StreamController, :create end + scope "/", BrightWeb do pipe_through :browser @@ -64,16 +49,16 @@ defmodule BrightWeb.Router do get "/patrons", PatronController, :index get "/about", PageController, :about get "/api", PageController, :api + get "/up", PageController, :health - resources "/cart_items", CartItemController, only: [:create, :delete] - get "/cart", CartController, :show - put "/cart", CartController, :update resources "/orders", OrderController, only: [:create, :show] resources "/archive", StreamController get "/streams", StreamController, :index - get "/stream", StreamController, :show + get "/streams/:id", StreamController, :show + get "/streams/new", StreamController, :new + post "/streams", StreamController, :create resources "/vods", VodController @@ -83,6 +68,8 @@ defmodule BrightWeb.Router do end + + # resources "/users", UserController resources "/tags", TagController @@ -128,39 +115,11 @@ defmodule BrightWeb.Router do ## Authentication routes - scope "/", BrightWeb do - pipe_through [:browser, :redirect_if_platform_is_authenticated] - - live_session :redirect_if_platform_is_authenticated, - on_mount: [{BrightWeb.PlatformAuth, :redirect_if_platform_is_authenticated}] do - live "/platforms/register", PlatformRegistrationLive, :new - live "/platforms/log_in", PlatformLoginLive, :new - live "/platforms/reset_password", PlatformForgotPasswordLive, :new - live "/platforms/reset_password/:token", PlatformResetPasswordLive, :edit - end - - post "/platforms/log_in", PlatformSessionController, :create - end - - scope "/", BrightWeb do - pipe_through [:browser, :require_authenticated_platform] - - live_session :require_authenticated_platform, - on_mount: [{BrightWeb.PlatformAuth, :ensure_authenticated}] do - live "/platforms/settings", PlatformSettingsLive, :edit - live "/platforms/settings/confirm_email/:token", PlatformSettingsLive, :confirm_email - end - end - scope "/", BrightWeb do pipe_through [:browser] - delete "/platforms/log_out", PlatformSessionController, :delete - - live_session :current_platform, - on_mount: [{BrightWeb.PlatformAuth, :mount_current_platform}] do - live "/platforms/confirm/:token", PlatformConfirmationLive, :edit - live "/platforms/confirm", PlatformConfirmationInstructionsLive, :new - end end + + + end diff --git a/services/bright/mix.exs b/services/bright/mix.exs index 2660234..0efccb2 100644 --- a/services/bright/mix.exs +++ b/services/bright/mix.exs @@ -56,12 +56,6 @@ defmodule Bright.MixProject do {:oban, "~> 2.17"}, {:mox, "~> 0.5.0", only: :test}, {:httpoison, "~> 2.0"} - # {:superstreamer_player, - # github: "superstreamerapp/superstreamer", - # app: false, - # compile: false, - # sparse: "packages/player" - # } ] end diff --git a/services/bright/mix.lock b/services/bright/mix.lock index 7deac38..cdfd8b7 100644 --- a/services/bright/mix.lock +++ b/services/bright/mix.lock @@ -1,14 +1,17 @@ %{ "bandit": {:hex, :bandit, "1.6.1", "9e01b93d72ddc21d8c576a704949e86ee6cde7d11270a1d3073787876527a48f", [:mix], [{:hpax, "~> 1.0", [hex: :hpax, repo: "hexpm", optional: false]}, {:plug, "~> 1.14", [hex: :plug, repo: "hexpm", optional: false]}, {:telemetry, "~> 0.4 or ~> 1.0", [hex: :telemetry, repo: "hexpm", optional: false]}, {:thousand_island, "~> 1.0", [hex: :thousand_island, repo: "hexpm", optional: false]}, {:websock, "~> 0.5", [hex: :websock, repo: "hexpm", optional: false]}], "hexpm", "5a904bf010ea24b67979835e0507688e31ac873d4ffc8ed0e5413e8d77455031"}, + "bcrypt_elixir": {:hex, :bcrypt_elixir, "3.2.0", "feab711974beba4cb348147170346fe097eea2e840db4e012a145e180ed4ab75", [:make, :mix], [{:comeonin, "~> 5.3", [hex: :comeonin, repo: "hexpm", optional: false]}, {:elixir_make, "~> 0.6", [hex: :elixir_make, repo: "hexpm", optional: false]}], "hexpm", "563e92a6c77d667b19c5f4ba17ab6d440a085696bdf4c68b9b0f5b30bc5422b8"}, "bulma": {:hex, :bulma, "1.0.2", "50dfffe8d28b0bd527418560223b407f9e80e990e187e1653b17eff818f8fcbe", [:mix], [], "hexpm", "27745727ff7f451d140a2438c0ca4448bc8ca73e0a6d2d4f24e1b5b9ced8a774"}, "castore": {:hex, :castore, "1.0.10", "43bbeeac820f16c89f79721af1b3e092399b3a1ecc8df1a472738fd853574911", [:mix], [], "hexpm", "1b0b7ea14d889d9ea21202c43a4fa015eb913021cb535e8ed91946f4b77a8848"}, "certifi": {:hex, :certifi, "2.12.0", "2d1cca2ec95f59643862af91f001478c9863c2ac9cb6e2f89780bfd8de987329", [:rebar3], [], "hexpm", "ee68d85df22e554040cdb4be100f33873ac6051387baf6a8f6ce82272340ff1c"}, + "comeonin": {:hex, :comeonin, "5.5.0", "364d00df52545c44a139bad919d7eacb55abf39e86565878e17cebb787977368", [:mix], [], "hexpm", "6287fc3ba0aad34883cbe3f7949fc1d1e738e5ccdce77165bc99490aa69f47fb"}, "dart_sass": {:hex, :dart_sass, "0.7.0", "7979e056cb74fd6843e1c72db763cffc7726a9192a657735b7d24c0d9c26a1ce", [:mix], [{:castore, ">= 0.0.0", [hex: :castore, repo: "hexpm", optional: false]}], "hexpm", "4a8e70bca41aa00846398abdf5ad8a64d7907a0f7bf40145cd2e40d5971629f2"}, "db_connection": {:hex, :db_connection, "2.7.0", "b99faa9291bb09892c7da373bb82cba59aefa9b36300f6145c5f201c7adf48ec", [:mix], [{:telemetry, "~> 0.4 or ~> 1.0", [hex: :telemetry, repo: "hexpm", optional: false]}], "hexpm", "dcf08f31b2701f857dfc787fbad78223d61a32204f217f15e881dd93e4bdd3ff"}, "decimal": {:hex, :decimal, "2.3.0", "3ad6255aa77b4a3c4f818171b12d237500e63525c2fd056699967a3e7ea20f62", [:mix], [], "hexpm", "a4d66355cb29cb47c3cf30e71329e58361cfcb37c34235ef3bf1d7bf3773aeac"}, "dns_cluster": {:hex, :dns_cluster, "0.1.3", "0bc20a2c88ed6cc494f2964075c359f8c2d00e1bf25518a6a6c7fd277c9b0c66", [:mix], [], "hexpm", "46cb7c4a1b3e52c7ad4cbe33ca5079fbde4840dedeafca2baf77996c2da1bc33"}, "ecto": {:hex, :ecto, "3.12.5", "4a312960ce612e17337e7cefcf9be45b95a3be6b36b6f94dfb3d8c361d631866", [:mix], [{:decimal, "~> 2.0", [hex: :decimal, repo: "hexpm", optional: false]}, {:jason, "~> 1.0", [hex: :jason, repo: "hexpm", optional: true]}, {:telemetry, "~> 0.4 or ~> 1.0", [hex: :telemetry, repo: "hexpm", optional: false]}], "hexpm", "6eb18e80bef8bb57e17f5a7f068a1719fbda384d40fc37acb8eb8aeca493b6ea"}, "ecto_sql": {:hex, :ecto_sql, "3.12.1", "c0d0d60e85d9ff4631f12bafa454bc392ce8b9ec83531a412c12a0d415a3a4d0", [:mix], [{:db_connection, "~> 2.4.1 or ~> 2.5", [hex: :db_connection, repo: "hexpm", optional: false]}, {:ecto, "~> 3.12", [hex: :ecto, repo: "hexpm", optional: false]}, {:myxql, "~> 0.7", [hex: :myxql, repo: "hexpm", optional: true]}, {:postgrex, "~> 0.19 or ~> 1.0", [hex: :postgrex, repo: "hexpm", optional: true]}, {:tds, "~> 2.1.1 or ~> 2.2", [hex: :tds, repo: "hexpm", optional: true]}, {:telemetry, "~> 0.4.0 or ~> 1.0", [hex: :telemetry, repo: "hexpm", optional: false]}], "hexpm", "aff5b958a899762c5f09028c847569f7dfb9cc9d63bdb8133bff8a5546de6bf5"}, + "elixir_make": {:hex, :elixir_make, "0.9.0", "6484b3cd8c0cee58f09f05ecaf1a140a8c97670671a6a0e7ab4dc326c3109726", [:mix], [], "hexpm", "db23d4fd8b757462ad02f8aa73431a426fe6671c80b200d9710caf3d1dd0ffdb"}, "esbuild": {:hex, :esbuild, "0.8.2", "5f379dfa383ef482b738e7771daf238b2d1cfb0222bef9d3b20d4c8f06c7a7ac", [:mix], [{:castore, ">= 0.0.0", [hex: :castore, repo: "hexpm", optional: false]}, {:jason, "~> 1.4", [hex: :jason, repo: "hexpm", optional: false]}], "hexpm", "558a8a08ed78eb820efbfda1de196569d8bfa9b51e8371a1934fbb31345feda7"}, "expo": {:hex, :expo, "1.1.0", "f7b9ed7fb5745ebe1eeedf3d6f29226c5dd52897ac67c0f8af62a07e661e5c75", [:mix], [], "hexpm", "fbadf93f4700fb44c331362177bdca9eeb8097e8b0ef525c9cc501cb9917c960"}, "file_system": {:hex, :file_system, "1.0.1", "79e8ceaddb0416f8b8cd02a0127bdbababe7bf4a23d2a395b983c1f8b3f73edd", [:mix], [], "hexpm", "4414d1f38863ddf9120720cd976fce5bdde8e91d8283353f0e31850fa89feb9e"}, diff --git a/services/bright/priv/repo/migrations/20250109070300_create_platforms_auth_tables.exs b/services/bright/priv/repo/migrations/20250109070300_create_platforms_auth_tables.exs deleted file mode 100644 index 97c54c1..0000000 --- a/services/bright/priv/repo/migrations/20250109070300_create_platforms_auth_tables.exs +++ /dev/null @@ -1,29 +0,0 @@ -defmodule Bright.Repo.Migrations.CreatePlatformsAuthTables do - use Ecto.Migration - - def change do - execute "CREATE EXTENSION IF NOT EXISTS citext", "" - - create table(:platforms) do - add :email, :citext, null: false - add :hashed_password, :string, null: false - add :confirmed_at, :utc_datetime - - timestamps(type: :utc_datetime) - end - - create unique_index(:platforms, [:email]) - - create table(:platforms_tokens) do - add :platform_id, references(:platforms, on_delete: :delete_all), null: false - add :token, :binary, null: false - add :context, :string, null: false - add :sent_to, :string - - timestamps(type: :utc_datetime, updated_at: false) - end - - create index(:platforms_tokens, [:platform_id]) - create unique_index(:platforms_tokens, [:context, :token]) - end -end diff --git a/services/bright/test/bright/platforms_test.exs b/services/bright/test/bright/platforms_test.exs index 28b2ccc..a6fc77f 100644 --- a/services/bright/test/bright/platforms_test.exs +++ b/services/bright/test/bright/platforms_test.exs @@ -3,58 +3,6 @@ defmodule Bright.PlatformsTest do alias Bright.Platforms - describe "platforms" do - alias Bright.Platforms.Platform - - import Bright.PlatformsFixtures - - @invalid_attrs %{} - - test "list_platforms/0 returns all platforms" do - platform = platform_fixture() - assert Platforms.list_platforms() == [platform] - end - - test "get_platform!/1 returns the platform with given id" do - platform = platform_fixture() - assert Platforms.get_platform!(platform.id) == platform - end - - test "create_platform/1 with valid data creates a platform" do - valid_attrs = %{} - - assert {:ok, %Platform{} = platform} = Platforms.create_platform(valid_attrs) - end - - test "create_platform/1 with invalid data returns error changeset" do - assert {:error, %Ecto.Changeset{}} = Platforms.create_platform(@invalid_attrs) - end - - test "update_platform/2 with valid data updates the platform" do - platform = platform_fixture() - update_attrs = %{} - - assert {:ok, %Platform{} = platform} = Platforms.update_platform(platform, update_attrs) - end - - test "update_platform/2 with invalid data returns error changeset" do - platform = platform_fixture() - assert {:error, %Ecto.Changeset{}} = Platforms.update_platform(platform, @invalid_attrs) - assert platform == Platforms.get_platform!(platform.id) - end - - test "delete_platform/1 deletes the platform" do - platform = platform_fixture() - assert {:ok, %Platform{}} = Platforms.delete_platform(platform) - assert_raise Ecto.NoResultsError, fn -> Platforms.get_platform!(platform.id) end - end - - test "change_platform/1 returns a platform changeset" do - platform = platform_fixture() - assert %Ecto.Changeset{} = Platforms.change_platform(platform) - end - end - describe "platforms" do alias Bright.Platforms.Platform @@ -73,12 +21,12 @@ defmodule Bright.PlatformsTest do end test "create_platform/1 with valid data creates a platform" do - valid_attrs = %{name: "some name", url: "some url", icon: "some icon"} + valid_attrs = %{name: "some name", url: true, icon: ""} assert {:ok, %Platform{} = platform} = Platforms.create_platform(valid_attrs) assert platform.name == "some name" - assert platform.url == "some url" - assert platform.icon == "some icon" + assert platform.url == true + assert platform.icon == "" end test "create_platform/1 with invalid data returns error changeset" do @@ -87,12 +35,12 @@ defmodule Bright.PlatformsTest do test "update_platform/2 with valid data updates the platform" do platform = platform_fixture() - update_attrs = %{name: "some updated name", url: "some updated url", icon: "some updated icon"} + update_attrs = %{name: "some updated name", url: false, icon: "blah"} assert {:ok, %Platform{} = platform} = Platforms.update_platform(platform, update_attrs) assert platform.name == "some updated name" - assert platform.url == "some updated url" - assert platform.icon == "some updated icon" + assert platform.url == false + assert platform.icon == "blah" end test "update_platform/2 with invalid data returns error changeset" do @@ -112,507 +60,4 @@ defmodule Bright.PlatformsTest do assert %Ecto.Changeset{} = Platforms.change_platform(platform) end end - - import Bright.PlatformsFixtures - alias Bright.Platforms.{Platform, PlatformToken} - - describe "get_platform_by_email/1" do - test "does not return the platform if the email does not exist" do - refute Platforms.get_platform_by_email("unknown@example.com") - end - - test "returns the platform if the email exists" do - %{id: id} = platform = platform_fixture() - assert %Platform{id: ^id} = Platforms.get_platform_by_email(platform.email) - end - end - - describe "get_platform_by_email_and_password/2" do - test "does not return the platform if the email does not exist" do - refute Platforms.get_platform_by_email_and_password("unknown@example.com", "hello world!") - end - - test "does not return the platform if the password is not valid" do - platform = platform_fixture() - refute Platforms.get_platform_by_email_and_password(platform.email, "invalid") - end - - test "returns the platform if the email and password are valid" do - %{id: id} = platform = platform_fixture() - - assert %Platform{id: ^id} = - Platforms.get_platform_by_email_and_password(platform.email, valid_platform_password()) - end - end - - describe "get_platform!/1" do - test "raises if id is invalid" do - assert_raise Ecto.NoResultsError, fn -> - Platforms.get_platform!(-1) - end - end - - test "returns the platform with the given id" do - %{id: id} = platform = platform_fixture() - assert %Platform{id: ^id} = Platforms.get_platform!(platform.id) - end - end - - describe "register_platform/1" do - test "requires email and password to be set" do - {:error, changeset} = Platforms.register_platform(%{}) - - assert %{ - password: ["can't be blank"], - email: ["can't be blank"] - } = errors_on(changeset) - end - - test "validates email and password when given" do - {:error, changeset} = Platforms.register_platform(%{email: "not valid", password: "not valid"}) - - assert %{ - email: ["must have the @ sign and no spaces"], - password: ["should be at least 12 character(s)"] - } = errors_on(changeset) - end - - test "validates maximum values for email and password for security" do - too_long = String.duplicate("db", 100) - {:error, changeset} = Platforms.register_platform(%{email: too_long, password: too_long}) - assert "should be at most 160 character(s)" in errors_on(changeset).email - assert "should be at most 72 character(s)" in errors_on(changeset).password - end - - test "validates email uniqueness" do - %{email: email} = platform_fixture() - {:error, changeset} = Platforms.register_platform(%{email: email}) - assert "has already been taken" in errors_on(changeset).email - - # Now try with the upper cased email too, to check that email case is ignored. - {:error, changeset} = Platforms.register_platform(%{email: String.upcase(email)}) - assert "has already been taken" in errors_on(changeset).email - end - - test "registers platforms with a hashed password" do - email = unique_platform_email() - {:ok, platform} = Platforms.register_platform(valid_platform_attributes(email: email)) - assert platform.email == email - assert is_binary(platform.hashed_password) - assert is_nil(platform.confirmed_at) - assert is_nil(platform.password) - end - end - - describe "change_platform_registration/2" do - test "returns a changeset" do - assert %Ecto.Changeset{} = changeset = Platforms.change_platform_registration(%Platform{}) - assert changeset.required == [:password, :email] - end - - test "allows fields to be set" do - email = unique_platform_email() - password = valid_platform_password() - - changeset = - Platforms.change_platform_registration( - %Platform{}, - valid_platform_attributes(email: email, password: password) - ) - - assert changeset.valid? - assert get_change(changeset, :email) == email - assert get_change(changeset, :password) == password - assert is_nil(get_change(changeset, :hashed_password)) - end - end - - describe "change_platform_email/2" do - test "returns a platform changeset" do - assert %Ecto.Changeset{} = changeset = Platforms.change_platform_email(%Platform{}) - assert changeset.required == [:email] - end - end - - describe "apply_platform_email/3" do - setup do - %{platform: platform_fixture()} - end - - test "requires email to change", %{platform: platform} do - {:error, changeset} = Platforms.apply_platform_email(platform, valid_platform_password(), %{}) - assert %{email: ["did not change"]} = errors_on(changeset) - end - - test "validates email", %{platform: platform} do - {:error, changeset} = - Platforms.apply_platform_email(platform, valid_platform_password(), %{email: "not valid"}) - - assert %{email: ["must have the @ sign and no spaces"]} = errors_on(changeset) - end - - test "validates maximum value for email for security", %{platform: platform} do - too_long = String.duplicate("db", 100) - - {:error, changeset} = - Platforms.apply_platform_email(platform, valid_platform_password(), %{email: too_long}) - - assert "should be at most 160 character(s)" in errors_on(changeset).email - end - - test "validates email uniqueness", %{platform: platform} do - %{email: email} = platform_fixture() - password = valid_platform_password() - - {:error, changeset} = Platforms.apply_platform_email(platform, password, %{email: email}) - - assert "has already been taken" in errors_on(changeset).email - end - - test "validates current password", %{platform: platform} do - {:error, changeset} = - Platforms.apply_platform_email(platform, "invalid", %{email: unique_platform_email()}) - - assert %{current_password: ["is not valid"]} = errors_on(changeset) - end - - test "applies the email without persisting it", %{platform: platform} do - email = unique_platform_email() - {:ok, platform} = Platforms.apply_platform_email(platform, valid_platform_password(), %{email: email}) - assert platform.email == email - assert Platforms.get_platform!(platform.id).email != email - end - end - - describe "deliver_platform_update_email_instructions/3" do - setup do - %{platform: platform_fixture()} - end - - test "sends token through notification", %{platform: platform} do - token = - extract_platform_token(fn url -> - Platforms.deliver_platform_update_email_instructions(platform, "current@example.com", url) - end) - - {:ok, token} = Base.url_decode64(token, padding: false) - assert platform_token = Repo.get_by(PlatformToken, token: :crypto.hash(:sha256, token)) - assert platform_token.platform_id == platform.id - assert platform_token.sent_to == platform.email - assert platform_token.context == "change:current@example.com" - end - end - - describe "update_platform_email/2" do - setup do - platform = platform_fixture() - email = unique_platform_email() - - token = - extract_platform_token(fn url -> - Platforms.deliver_platform_update_email_instructions(%{platform | email: email}, platform.email, url) - end) - - %{platform: platform, token: token, email: email} - end - - test "updates the email with a valid token", %{platform: platform, token: token, email: email} do - assert Platforms.update_platform_email(platform, token) == :ok - changed_platform = Repo.get!(Platform, platform.id) - assert changed_platform.email != platform.email - assert changed_platform.email == email - assert changed_platform.confirmed_at - assert changed_platform.confirmed_at != platform.confirmed_at - refute Repo.get_by(PlatformToken, platform_id: platform.id) - end - - test "does not update email with invalid token", %{platform: platform} do - assert Platforms.update_platform_email(platform, "oops") == :error - assert Repo.get!(Platform, platform.id).email == platform.email - assert Repo.get_by(PlatformToken, platform_id: platform.id) - end - - test "does not update email if platform email changed", %{platform: platform, token: token} do - assert Platforms.update_platform_email(%{platform | email: "current@example.com"}, token) == :error - assert Repo.get!(Platform, platform.id).email == platform.email - assert Repo.get_by(PlatformToken, platform_id: platform.id) - end - - test "does not update email if token expired", %{platform: platform, token: token} do - {1, nil} = Repo.update_all(PlatformToken, set: [inserted_at: ~N[2020-01-01 00:00:00]]) - assert Platforms.update_platform_email(platform, token) == :error - assert Repo.get!(Platform, platform.id).email == platform.email - assert Repo.get_by(PlatformToken, platform_id: platform.id) - end - end - - describe "change_platform_password/2" do - test "returns a platform changeset" do - assert %Ecto.Changeset{} = changeset = Platforms.change_platform_password(%Platform{}) - assert changeset.required == [:password] - end - - test "allows fields to be set" do - changeset = - Platforms.change_platform_password(%Platform{}, %{ - "password" => "new valid password" - }) - - assert changeset.valid? - assert get_change(changeset, :password) == "new valid password" - assert is_nil(get_change(changeset, :hashed_password)) - end - end - - describe "update_platform_password/3" do - setup do - %{platform: platform_fixture()} - end - - test "validates password", %{platform: platform} do - {:error, changeset} = - Platforms.update_platform_password(platform, valid_platform_password(), %{ - password: "not valid", - password_confirmation: "another" - }) - - assert %{ - password: ["should be at least 12 character(s)"], - password_confirmation: ["does not match password"] - } = errors_on(changeset) - end - - test "validates maximum values for password for security", %{platform: platform} do - too_long = String.duplicate("db", 100) - - {:error, changeset} = - Platforms.update_platform_password(platform, valid_platform_password(), %{password: too_long}) - - assert "should be at most 72 character(s)" in errors_on(changeset).password - end - - test "validates current password", %{platform: platform} do - {:error, changeset} = - Platforms.update_platform_password(platform, "invalid", %{password: valid_platform_password()}) - - assert %{current_password: ["is not valid"]} = errors_on(changeset) - end - - test "updates the password", %{platform: platform} do - {:ok, platform} = - Platforms.update_platform_password(platform, valid_platform_password(), %{ - password: "new valid password" - }) - - assert is_nil(platform.password) - assert Platforms.get_platform_by_email_and_password(platform.email, "new valid password") - end - - test "deletes all tokens for the given platform", %{platform: platform} do - _ = Platforms.generate_platform_session_token(platform) - - {:ok, _} = - Platforms.update_platform_password(platform, valid_platform_password(), %{ - password: "new valid password" - }) - - refute Repo.get_by(PlatformToken, platform_id: platform.id) - end - end - - describe "generate_platform_session_token/1" do - setup do - %{platform: platform_fixture()} - end - - test "generates a token", %{platform: platform} do - token = Platforms.generate_platform_session_token(platform) - assert platform_token = Repo.get_by(PlatformToken, token: token) - assert platform_token.context == "session" - - # Creating the same token for another platform should fail - assert_raise Ecto.ConstraintError, fn -> - Repo.insert!(%PlatformToken{ - token: platform_token.token, - platform_id: platform_fixture().id, - context: "session" - }) - end - end - end - - describe "get_platform_by_session_token/1" do - setup do - platform = platform_fixture() - token = Platforms.generate_platform_session_token(platform) - %{platform: platform, token: token} - end - - test "returns platform by token", %{platform: platform, token: token} do - assert session_platform = Platforms.get_platform_by_session_token(token) - assert session_platform.id == platform.id - end - - test "does not return platform for invalid token" do - refute Platforms.get_platform_by_session_token("oops") - end - - test "does not return platform for expired token", %{token: token} do - {1, nil} = Repo.update_all(PlatformToken, set: [inserted_at: ~N[2020-01-01 00:00:00]]) - refute Platforms.get_platform_by_session_token(token) - end - end - - describe "delete_platform_session_token/1" do - test "deletes the token" do - platform = platform_fixture() - token = Platforms.generate_platform_session_token(platform) - assert Platforms.delete_platform_session_token(token) == :ok - refute Platforms.get_platform_by_session_token(token) - end - end - - describe "deliver_platform_confirmation_instructions/2" do - setup do - %{platform: platform_fixture()} - end - - test "sends token through notification", %{platform: platform} do - token = - extract_platform_token(fn url -> - Platforms.deliver_platform_confirmation_instructions(platform, url) - end) - - {:ok, token} = Base.url_decode64(token, padding: false) - assert platform_token = Repo.get_by(PlatformToken, token: :crypto.hash(:sha256, token)) - assert platform_token.platform_id == platform.id - assert platform_token.sent_to == platform.email - assert platform_token.context == "confirm" - end - end - - describe "confirm_platform/1" do - setup do - platform = platform_fixture() - - token = - extract_platform_token(fn url -> - Platforms.deliver_platform_confirmation_instructions(platform, url) - end) - - %{platform: platform, token: token} - end - - test "confirms the email with a valid token", %{platform: platform, token: token} do - assert {:ok, confirmed_platform} = Platforms.confirm_platform(token) - assert confirmed_platform.confirmed_at - assert confirmed_platform.confirmed_at != platform.confirmed_at - assert Repo.get!(Platform, platform.id).confirmed_at - refute Repo.get_by(PlatformToken, platform_id: platform.id) - end - - test "does not confirm with invalid token", %{platform: platform} do - assert Platforms.confirm_platform("oops") == :error - refute Repo.get!(Platform, platform.id).confirmed_at - assert Repo.get_by(PlatformToken, platform_id: platform.id) - end - - test "does not confirm email if token expired", %{platform: platform, token: token} do - {1, nil} = Repo.update_all(PlatformToken, set: [inserted_at: ~N[2020-01-01 00:00:00]]) - assert Platforms.confirm_platform(token) == :error - refute Repo.get!(Platform, platform.id).confirmed_at - assert Repo.get_by(PlatformToken, platform_id: platform.id) - end - end - - describe "deliver_platform_reset_password_instructions/2" do - setup do - %{platform: platform_fixture()} - end - - test "sends token through notification", %{platform: platform} do - token = - extract_platform_token(fn url -> - Platforms.deliver_platform_reset_password_instructions(platform, url) - end) - - {:ok, token} = Base.url_decode64(token, padding: false) - assert platform_token = Repo.get_by(PlatformToken, token: :crypto.hash(:sha256, token)) - assert platform_token.platform_id == platform.id - assert platform_token.sent_to == platform.email - assert platform_token.context == "reset_password" - end - end - - describe "get_platform_by_reset_password_token/1" do - setup do - platform = platform_fixture() - - token = - extract_platform_token(fn url -> - Platforms.deliver_platform_reset_password_instructions(platform, url) - end) - - %{platform: platform, token: token} - end - - test "returns the platform with valid token", %{platform: %{id: id}, token: token} do - assert %Platform{id: ^id} = Platforms.get_platform_by_reset_password_token(token) - assert Repo.get_by(PlatformToken, platform_id: id) - end - - test "does not return the platform with invalid token", %{platform: platform} do - refute Platforms.get_platform_by_reset_password_token("oops") - assert Repo.get_by(PlatformToken, platform_id: platform.id) - end - - test "does not return the platform if token expired", %{platform: platform, token: token} do - {1, nil} = Repo.update_all(PlatformToken, set: [inserted_at: ~N[2020-01-01 00:00:00]]) - refute Platforms.get_platform_by_reset_password_token(token) - assert Repo.get_by(PlatformToken, platform_id: platform.id) - end - end - - describe "reset_platform_password/2" do - setup do - %{platform: platform_fixture()} - end - - test "validates password", %{platform: platform} do - {:error, changeset} = - Platforms.reset_platform_password(platform, %{ - password: "not valid", - password_confirmation: "another" - }) - - assert %{ - password: ["should be at least 12 character(s)"], - password_confirmation: ["does not match password"] - } = errors_on(changeset) - end - - test "validates maximum values for password for security", %{platform: platform} do - too_long = String.duplicate("db", 100) - {:error, changeset} = Platforms.reset_platform_password(platform, %{password: too_long}) - assert "should be at most 72 character(s)" in errors_on(changeset).password - end - - test "updates the password", %{platform: platform} do - {:ok, updated_platform} = Platforms.reset_platform_password(platform, %{password: "new valid password"}) - assert is_nil(updated_platform.password) - assert Platforms.get_platform_by_email_and_password(platform.email, "new valid password") - end - - test "deletes all tokens for the given platform", %{platform: platform} do - _ = Platforms.generate_platform_session_token(platform) - {:ok, _} = Platforms.reset_platform_password(platform, %{password: "new valid password"}) - refute Repo.get_by(PlatformToken, platform_id: platform.id) - end - end - - describe "inspect/2 for the Platform module" do - test "does not include password" do - refute inspect(%Platform{password: "123456"}) =~ "password: \"123456\"" - end - end end diff --git a/services/bright/test/bright_web/live/platform_confirmation_instructions_live_test.exs b/services/bright/test/bright_web/live/platform_confirmation_instructions_live_test.exs deleted file mode 100644 index 6f7df7c..0000000 --- a/services/bright/test/bright_web/live/platform_confirmation_instructions_live_test.exs +++ /dev/null @@ -1,67 +0,0 @@ -defmodule BrightWeb.PlatformConfirmationInstructionsLiveTest do - use BrightWeb.ConnCase, async: true - - import Phoenix.LiveViewTest - import Bright.PlatformsFixtures - - alias Bright.Platforms - alias Bright.Repo - - setup do - %{platform: platform_fixture()} - end - - describe "Resend confirmation" do - test "renders the resend confirmation page", %{conn: conn} do - {:ok, _lv, html} = live(conn, ~p"/platforms/confirm") - assert html =~ "Resend confirmation instructions" - end - - test "sends a new confirmation token", %{conn: conn, platform: platform} do - {:ok, lv, _html} = live(conn, ~p"/platforms/confirm") - - {:ok, conn} = - lv - |> form("#resend_confirmation_form", platform: %{email: platform.email}) - |> render_submit() - |> follow_redirect(conn, ~p"/") - - assert Phoenix.Flash.get(conn.assigns.flash, :info) =~ - "If your email is in our system" - - assert Repo.get_by!(Platforms.PlatformToken, platform_id: platform.id).context == "confirm" - end - - test "does not send confirmation token if platform is confirmed", %{conn: conn, platform: platform} do - Repo.update!(Platforms.Platform.confirm_changeset(platform)) - - {:ok, lv, _html} = live(conn, ~p"/platforms/confirm") - - {:ok, conn} = - lv - |> form("#resend_confirmation_form", platform: %{email: platform.email}) - |> render_submit() - |> follow_redirect(conn, ~p"/") - - assert Phoenix.Flash.get(conn.assigns.flash, :info) =~ - "If your email is in our system" - - refute Repo.get_by(Platforms.PlatformToken, platform_id: platform.id) - end - - test "does not send confirmation token if email is invalid", %{conn: conn} do - {:ok, lv, _html} = live(conn, ~p"/platforms/confirm") - - {:ok, conn} = - lv - |> form("#resend_confirmation_form", platform: %{email: "unknown@example.com"}) - |> render_submit() - |> follow_redirect(conn, ~p"/") - - assert Phoenix.Flash.get(conn.assigns.flash, :info) =~ - "If your email is in our system" - - assert Repo.all(Platforms.PlatformToken) == [] - end - end -end diff --git a/services/bright/test/bright_web/live/platform_confirmation_live_test.exs b/services/bright/test/bright_web/live/platform_confirmation_live_test.exs deleted file mode 100644 index f58f27a..0000000 --- a/services/bright/test/bright_web/live/platform_confirmation_live_test.exs +++ /dev/null @@ -1,89 +0,0 @@ -defmodule BrightWeb.PlatformConfirmationLiveTest do - use BrightWeb.ConnCase, async: true - - import Phoenix.LiveViewTest - import Bright.PlatformsFixtures - - alias Bright.Platforms - alias Bright.Repo - - setup do - %{platform: platform_fixture()} - end - - describe "Confirm platform" do - test "renders confirmation page", %{conn: conn} do - {:ok, _lv, html} = live(conn, ~p"/platforms/confirm/some-token") - assert html =~ "Confirm Account" - end - - test "confirms the given token once", %{conn: conn, platform: platform} do - token = - extract_platform_token(fn url -> - Platforms.deliver_platform_confirmation_instructions(platform, url) - end) - - {:ok, lv, _html} = live(conn, ~p"/platforms/confirm/#{token}") - - result = - lv - |> form("#confirmation_form") - |> render_submit() - |> follow_redirect(conn, "/") - - assert {:ok, conn} = result - - assert Phoenix.Flash.get(conn.assigns.flash, :info) =~ - "Platform confirmed successfully" - - assert Platforms.get_platform!(platform.id).confirmed_at - refute get_session(conn, :platform_token) - assert Repo.all(Platforms.PlatformToken) == [] - - # when not logged in - {:ok, lv, _html} = live(conn, ~p"/platforms/confirm/#{token}") - - result = - lv - |> form("#confirmation_form") - |> render_submit() - |> follow_redirect(conn, "/") - - assert {:ok, conn} = result - - assert Phoenix.Flash.get(conn.assigns.flash, :error) =~ - "Platform confirmation link is invalid or it has expired" - - # when logged in - conn = - build_conn() - |> log_in_platform(platform) - - {:ok, lv, _html} = live(conn, ~p"/platforms/confirm/#{token}") - - result = - lv - |> form("#confirmation_form") - |> render_submit() - |> follow_redirect(conn, "/") - - assert {:ok, conn} = result - refute Phoenix.Flash.get(conn.assigns.flash, :error) - end - - test "does not confirm email with invalid token", %{conn: conn, platform: platform} do - {:ok, lv, _html} = live(conn, ~p"/platforms/confirm/invalid-token") - - {:ok, conn} = - lv - |> form("#confirmation_form") - |> render_submit() - |> follow_redirect(conn, ~p"/") - - assert Phoenix.Flash.get(conn.assigns.flash, :error) =~ - "Platform confirmation link is invalid or it has expired" - - refute Platforms.get_platform!(platform.id).confirmed_at - end - end -end diff --git a/services/bright/test/bright_web/live/platform_forgot_password_live_test.exs b/services/bright/test/bright_web/live/platform_forgot_password_live_test.exs deleted file mode 100644 index bbcb069..0000000 --- a/services/bright/test/bright_web/live/platform_forgot_password_live_test.exs +++ /dev/null @@ -1,63 +0,0 @@ -defmodule BrightWeb.PlatformForgotPasswordLiveTest do - use BrightWeb.ConnCase, async: true - - import Phoenix.LiveViewTest - import Bright.PlatformsFixtures - - alias Bright.Platforms - alias Bright.Repo - - describe "Forgot password page" do - test "renders email page", %{conn: conn} do - {:ok, lv, html} = live(conn, ~p"/platforms/reset_password") - - assert html =~ "Forgot your password?" - assert has_element?(lv, ~s|a[href="#{~p"/platforms/register"}"]|, "Register") - assert has_element?(lv, ~s|a[href="#{~p"/platforms/log_in"}"]|, "Log in") - end - - test "redirects if already logged in", %{conn: conn} do - result = - conn - |> log_in_platform(platform_fixture()) - |> live(~p"/platforms/reset_password") - |> follow_redirect(conn, ~p"/") - - assert {:ok, _conn} = result - end - end - - describe "Reset link" do - setup do - %{platform: platform_fixture()} - end - - test "sends a new reset password token", %{conn: conn, platform: platform} do - {:ok, lv, _html} = live(conn, ~p"/platforms/reset_password") - - {:ok, conn} = - lv - |> form("#reset_password_form", platform: %{"email" => platform.email}) - |> render_submit() - |> follow_redirect(conn, "/") - - assert Phoenix.Flash.get(conn.assigns.flash, :info) =~ "If your email is in our system" - - assert Repo.get_by!(Platforms.PlatformToken, platform_id: platform.id).context == - "reset_password" - end - - test "does not send reset password token if email is invalid", %{conn: conn} do - {:ok, lv, _html} = live(conn, ~p"/platforms/reset_password") - - {:ok, conn} = - lv - |> form("#reset_password_form", platform: %{"email" => "unknown@example.com"}) - |> render_submit() - |> follow_redirect(conn, "/") - - assert Phoenix.Flash.get(conn.assigns.flash, :info) =~ "If your email is in our system" - assert Repo.all(Platforms.PlatformToken) == [] - end - end -end diff --git a/services/bright/test/bright_web/live/platform_login_live_test.exs b/services/bright/test/bright_web/live/platform_login_live_test.exs deleted file mode 100644 index 0aaa7d7..0000000 --- a/services/bright/test/bright_web/live/platform_login_live_test.exs +++ /dev/null @@ -1,87 +0,0 @@ -defmodule BrightWeb.PlatformLoginLiveTest do - use BrightWeb.ConnCase, async: true - - import Phoenix.LiveViewTest - import Bright.PlatformsFixtures - - describe "Log in page" do - test "renders log in page", %{conn: conn} do - {:ok, _lv, html} = live(conn, ~p"/platforms/log_in") - - assert html =~ "Log in" - assert html =~ "Register" - assert html =~ "Forgot your password?" - end - - test "redirects if already logged in", %{conn: conn} do - result = - conn - |> log_in_platform(platform_fixture()) - |> live(~p"/platforms/log_in") - |> follow_redirect(conn, "/") - - assert {:ok, _conn} = result - end - end - - describe "platform login" do - test "redirects if platform login with valid credentials", %{conn: conn} do - password = "123456789abcd" - platform = platform_fixture(%{password: password}) - - {:ok, lv, _html} = live(conn, ~p"/platforms/log_in") - - form = - form(lv, "#login_form", platform: %{email: platform.email, password: password, remember_me: true}) - - conn = submit_form(form, conn) - - assert redirected_to(conn) == ~p"/" - end - - test "redirects to login page with a flash error if there are no valid credentials", %{ - conn: conn - } do - {:ok, lv, _html} = live(conn, ~p"/platforms/log_in") - - form = - form(lv, "#login_form", - platform: %{email: "test@email.com", password: "123456", remember_me: true} - ) - - conn = submit_form(form, conn) - - assert Phoenix.Flash.get(conn.assigns.flash, :error) == "Invalid email or password" - - assert redirected_to(conn) == "/platforms/log_in" - end - end - - describe "login navigation" do - test "redirects to registration page when the Register button is clicked", %{conn: conn} do - {:ok, lv, _html} = live(conn, ~p"/platforms/log_in") - - {:ok, _login_live, login_html} = - lv - |> element(~s|main a:fl-contains("Sign up")|) - |> render_click() - |> follow_redirect(conn, ~p"/platforms/register") - - assert login_html =~ "Register" - end - - test "redirects to forgot password page when the Forgot Password button is clicked", %{ - conn: conn - } do - {:ok, lv, _html} = live(conn, ~p"/platforms/log_in") - - {:ok, conn} = - lv - |> element(~s|main a:fl-contains("Forgot your password?")|) - |> render_click() - |> follow_redirect(conn, ~p"/platforms/reset_password") - - assert conn.resp_body =~ "Forgot your password?" - end - end -end diff --git a/services/bright/test/bright_web/live/platform_registration_live_test.exs b/services/bright/test/bright_web/live/platform_registration_live_test.exs deleted file mode 100644 index 9a6e82c..0000000 --- a/services/bright/test/bright_web/live/platform_registration_live_test.exs +++ /dev/null @@ -1,87 +0,0 @@ -defmodule BrightWeb.PlatformRegistrationLiveTest do - use BrightWeb.ConnCase, async: true - - import Phoenix.LiveViewTest - import Bright.PlatformsFixtures - - describe "Registration page" do - test "renders registration page", %{conn: conn} do - {:ok, _lv, html} = live(conn, ~p"/platforms/register") - - assert html =~ "Register" - assert html =~ "Log in" - end - - test "redirects if already logged in", %{conn: conn} do - result = - conn - |> log_in_platform(platform_fixture()) - |> live(~p"/platforms/register") - |> follow_redirect(conn, "/") - - assert {:ok, _conn} = result - end - - test "renders errors for invalid data", %{conn: conn} do - {:ok, lv, _html} = live(conn, ~p"/platforms/register") - - result = - lv - |> element("#registration_form") - |> render_change(platform: %{"email" => "with spaces", "password" => "too short"}) - - assert result =~ "Register" - assert result =~ "must have the @ sign and no spaces" - assert result =~ "should be at least 12 character" - end - end - - describe "register platform" do - test "creates account and logs the platform in", %{conn: conn} do - {:ok, lv, _html} = live(conn, ~p"/platforms/register") - - email = unique_platform_email() - form = form(lv, "#registration_form", platform: valid_platform_attributes(email: email)) - render_submit(form) - conn = follow_trigger_action(form, conn) - - assert redirected_to(conn) == ~p"/" - - # Now do a logged in request and assert on the menu - conn = get(conn, "/") - response = html_response(conn, 200) - assert response =~ email - assert response =~ "Settings" - assert response =~ "Log out" - end - - test "renders errors for duplicated email", %{conn: conn} do - {:ok, lv, _html} = live(conn, ~p"/platforms/register") - - platform = platform_fixture(%{email: "test@email.com"}) - - result = - lv - |> form("#registration_form", - platform: %{"email" => platform.email, "password" => "valid_password"} - ) - |> render_submit() - - assert result =~ "has already been taken" - end - end - - describe "registration navigation" do - test "redirects to login page when the Log in button is clicked", %{conn: conn} do - {:ok, lv, _html} = live(conn, ~p"/platforms/register") - - {:ok, _login_live, login_html} = - lv - |> element(~s|main a:fl-contains("Log in")|) - |> render_click() - |> follow_redirect(conn, ~p"/platforms/log_in") - - assert login_html =~ "Log in" - end - end -end diff --git a/services/bright/test/bright_web/live/platform_reset_password_live_test.exs b/services/bright/test/bright_web/live/platform_reset_password_live_test.exs deleted file mode 100644 index f10ea66..0000000 --- a/services/bright/test/bright_web/live/platform_reset_password_live_test.exs +++ /dev/null @@ -1,118 +0,0 @@ -defmodule BrightWeb.PlatformResetPasswordLiveTest do - use BrightWeb.ConnCase, async: true - - import Phoenix.LiveViewTest - import Bright.PlatformsFixtures - - alias Bright.Platforms - - setup do - platform = platform_fixture() - - token = - extract_platform_token(fn url -> - Platforms.deliver_platform_reset_password_instructions(platform, url) - end) - - %{token: token, platform: platform} - end - - describe "Reset password page" do - test "renders reset password with valid token", %{conn: conn, token: token} do - {:ok, _lv, html} = live(conn, ~p"/platforms/reset_password/#{token}") - - assert html =~ "Reset Password" - end - - test "does not render reset password with invalid token", %{conn: conn} do - {:error, {:redirect, to}} = live(conn, ~p"/platforms/reset_password/invalid") - - assert to == %{ - flash: %{"error" => "Reset password link is invalid or it has expired."}, - to: ~p"/" - } - end - - test "renders errors for invalid data", %{conn: conn, token: token} do - {:ok, lv, _html} = live(conn, ~p"/platforms/reset_password/#{token}") - - result = - lv - |> element("#reset_password_form") - |> render_change( - platform: %{"password" => "secret12", "password_confirmation" => "secret123456"} - ) - - assert result =~ "should be at least 12 character" - assert result =~ "does not match password" - end - end - - describe "Reset Password" do - test "resets password once", %{conn: conn, token: token, platform: platform} do - {:ok, lv, _html} = live(conn, ~p"/platforms/reset_password/#{token}") - - {:ok, conn} = - lv - |> form("#reset_password_form", - platform: %{ - "password" => "new valid password", - "password_confirmation" => "new valid password" - } - ) - |> render_submit() - |> follow_redirect(conn, ~p"/platforms/log_in") - - refute get_session(conn, :platform_token) - assert Phoenix.Flash.get(conn.assigns.flash, :info) =~ "Password reset successfully" - assert Platforms.get_platform_by_email_and_password(platform.email, "new valid password") - end - - test "does not reset password on invalid data", %{conn: conn, token: token} do - {:ok, lv, _html} = live(conn, ~p"/platforms/reset_password/#{token}") - - result = - lv - |> form("#reset_password_form", - platform: %{ - "password" => "too short", - "password_confirmation" => "does not match" - } - ) - |> render_submit() - - assert result =~ "Reset Password" - assert result =~ "should be at least 12 character(s)" - assert result =~ "does not match password" - end - end - - describe "Reset password navigation" do - test "redirects to login page when the Log in button is clicked", %{conn: conn, token: token} do - {:ok, lv, _html} = live(conn, ~p"/platforms/reset_password/#{token}") - - {:ok, conn} = - lv - |> element(~s|main a:fl-contains("Log in")|) - |> render_click() - |> follow_redirect(conn, ~p"/platforms/log_in") - - assert conn.resp_body =~ "Log in" - end - - test "redirects to registration page when the Register button is clicked", %{ - conn: conn, - token: token - } do - {:ok, lv, _html} = live(conn, ~p"/platforms/reset_password/#{token}") - - {:ok, conn} = - lv - |> element(~s|main a:fl-contains("Register")|) - |> render_click() - |> follow_redirect(conn, ~p"/platforms/register") - - assert conn.resp_body =~ "Register" - end - end -end diff --git a/services/bright/test/bright_web/live/platform_settings_live_test.exs b/services/bright/test/bright_web/live/platform_settings_live_test.exs deleted file mode 100644 index d7e7853..0000000 --- a/services/bright/test/bright_web/live/platform_settings_live_test.exs +++ /dev/null @@ -1,210 +0,0 @@ -defmodule BrightWeb.PlatformSettingsLiveTest do - use BrightWeb.ConnCase, async: true - - alias Bright.Platforms - import Phoenix.LiveViewTest - import Bright.PlatformsFixtures - - describe "Settings page" do - test "renders settings page", %{conn: conn} do - {:ok, _lv, html} = - conn - |> log_in_platform(platform_fixture()) - |> live(~p"/platforms/settings") - - assert html =~ "Change Email" - assert html =~ "Change Password" - end - - test "redirects if platform is not logged in", %{conn: conn} do - assert {:error, redirect} = live(conn, ~p"/platforms/settings") - - assert {:redirect, %{to: path, flash: flash}} = redirect - assert path == ~p"/platforms/log_in" - assert %{"error" => "You must log in to access this page."} = flash - end - end - - describe "update email form" do - setup %{conn: conn} do - password = valid_platform_password() - platform = platform_fixture(%{password: password}) - %{conn: log_in_platform(conn, platform), platform: platform, password: password} - end - - test "updates the platform email", %{conn: conn, password: password, platform: platform} do - new_email = unique_platform_email() - - {:ok, lv, _html} = live(conn, ~p"/platforms/settings") - - result = - lv - |> form("#email_form", %{ - "current_password" => password, - "platform" => %{"email" => new_email} - }) - |> render_submit() - - assert result =~ "A link to confirm your email" - assert Platforms.get_platform_by_email(platform.email) - end - - test "renders errors with invalid data (phx-change)", %{conn: conn} do - {:ok, lv, _html} = live(conn, ~p"/platforms/settings") - - result = - lv - |> element("#email_form") - |> render_change(%{ - "action" => "update_email", - "current_password" => "invalid", - "platform" => %{"email" => "with spaces"} - }) - - assert result =~ "Change Email" - assert result =~ "must have the @ sign and no spaces" - end - - test "renders errors with invalid data (phx-submit)", %{conn: conn, platform: platform} do - {:ok, lv, _html} = live(conn, ~p"/platforms/settings") - - result = - lv - |> form("#email_form", %{ - "current_password" => "invalid", - "platform" => %{"email" => platform.email} - }) - |> render_submit() - - assert result =~ "Change Email" - assert result =~ "did not change" - assert result =~ "is not valid" - end - end - - describe "update password form" do - setup %{conn: conn} do - password = valid_platform_password() - platform = platform_fixture(%{password: password}) - %{conn: log_in_platform(conn, platform), platform: platform, password: password} - end - - test "updates the platform password", %{conn: conn, platform: platform, password: password} do - new_password = valid_platform_password() - - {:ok, lv, _html} = live(conn, ~p"/platforms/settings") - - form = - form(lv, "#password_form", %{ - "current_password" => password, - "platform" => %{ - "email" => platform.email, - "password" => new_password, - "password_confirmation" => new_password - } - }) - - render_submit(form) - - new_password_conn = follow_trigger_action(form, conn) - - assert redirected_to(new_password_conn) == ~p"/platforms/settings" - - assert get_session(new_password_conn, :platform_token) != get_session(conn, :platform_token) - - assert Phoenix.Flash.get(new_password_conn.assigns.flash, :info) =~ - "Password updated successfully" - - assert Platforms.get_platform_by_email_and_password(platform.email, new_password) - end - - test "renders errors with invalid data (phx-change)", %{conn: conn} do - {:ok, lv, _html} = live(conn, ~p"/platforms/settings") - - result = - lv - |> element("#password_form") - |> render_change(%{ - "current_password" => "invalid", - "platform" => %{ - "password" => "too short", - "password_confirmation" => "does not match" - } - }) - - assert result =~ "Change Password" - assert result =~ "should be at least 12 character(s)" - assert result =~ "does not match password" - end - - test "renders errors with invalid data (phx-submit)", %{conn: conn} do - {:ok, lv, _html} = live(conn, ~p"/platforms/settings") - - result = - lv - |> form("#password_form", %{ - "current_password" => "invalid", - "platform" => %{ - "password" => "too short", - "password_confirmation" => "does not match" - } - }) - |> render_submit() - - assert result =~ "Change Password" - assert result =~ "should be at least 12 character(s)" - assert result =~ "does not match password" - assert result =~ "is not valid" - end - end - - describe "confirm email" do - setup %{conn: conn} do - platform = platform_fixture() - email = unique_platform_email() - - token = - extract_platform_token(fn url -> - Platforms.deliver_platform_update_email_instructions(%{platform | email: email}, platform.email, url) - end) - - %{conn: log_in_platform(conn, platform), token: token, email: email, platform: platform} - end - - test "updates the platform email once", %{conn: conn, platform: platform, token: token, email: email} do - {:error, redirect} = live(conn, ~p"/platforms/settings/confirm_email/#{token}") - - assert {:live_redirect, %{to: path, flash: flash}} = redirect - assert path == ~p"/platforms/settings" - assert %{"info" => message} = flash - assert message == "Email changed successfully." - refute Platforms.get_platform_by_email(platform.email) - assert Platforms.get_platform_by_email(email) - - # use confirm token again - {:error, redirect} = live(conn, ~p"/platforms/settings/confirm_email/#{token}") - assert {:live_redirect, %{to: path, flash: flash}} = redirect - assert path == ~p"/platforms/settings" - assert %{"error" => message} = flash - assert message == "Email change link is invalid or it has expired." - end - - test "does not update email with invalid token", %{conn: conn, platform: platform} do - {:error, redirect} = live(conn, ~p"/platforms/settings/confirm_email/oops") - assert {:live_redirect, %{to: path, flash: flash}} = redirect - assert path == ~p"/platforms/settings" - assert %{"error" => message} = flash - assert message == "Email change link is invalid or it has expired." - assert Platforms.get_platform_by_email(platform.email) - end - - test "redirects if platform is not logged in", %{token: token} do - conn = build_conn() - {:error, redirect} = live(conn, ~p"/platforms/settings/confirm_email/#{token}") - assert {:redirect, %{to: path, flash: flash}} = redirect - assert path == ~p"/platforms/log_in" - assert %{"error" => message} = flash - assert message == "You must log in to access this page." - end - end -end diff --git a/services/bright/test/bright_web/platform_auth_test.exs b/services/bright/test/bright_web/platform_auth_test.exs deleted file mode 100644 index d041a63..0000000 --- a/services/bright/test/bright_web/platform_auth_test.exs +++ /dev/null @@ -1,272 +0,0 @@ -defmodule BrightWeb.PlatformAuthTest do - use BrightWeb.ConnCase, async: true - - alias Phoenix.LiveView - alias Bright.Platforms - alias BrightWeb.PlatformAuth - import Bright.PlatformsFixtures - - @remember_me_cookie "_bright_web_platform_remember_me" - - setup %{conn: conn} do - conn = - conn - |> Map.replace!(:secret_key_base, BrightWeb.Endpoint.config(:secret_key_base)) - |> init_test_session(%{}) - - %{platform: platform_fixture(), conn: conn} - end - - describe "log_in_platform/3" do - test "stores the platform token in the session", %{conn: conn, platform: platform} do - conn = PlatformAuth.log_in_platform(conn, platform) - assert token = get_session(conn, :platform_token) - assert get_session(conn, :live_socket_id) == "platforms_sessions:#{Base.url_encode64(token)}" - assert redirected_to(conn) == ~p"/" - assert Platforms.get_platform_by_session_token(token) - end - - test "clears everything previously stored in the session", %{conn: conn, platform: platform} do - conn = conn |> put_session(:to_be_removed, "value") |> PlatformAuth.log_in_platform(platform) - refute get_session(conn, :to_be_removed) - end - - test "redirects to the configured path", %{conn: conn, platform: platform} do - conn = conn |> put_session(:platform_return_to, "/hello") |> PlatformAuth.log_in_platform(platform) - assert redirected_to(conn) == "/hello" - end - - test "writes a cookie if remember_me is configured", %{conn: conn, platform: platform} do - conn = conn |> fetch_cookies() |> PlatformAuth.log_in_platform(platform, %{"remember_me" => "true"}) - assert get_session(conn, :platform_token) == conn.cookies[@remember_me_cookie] - - assert %{value: signed_token, max_age: max_age} = conn.resp_cookies[@remember_me_cookie] - assert signed_token != get_session(conn, :platform_token) - assert max_age == 5_184_000 - end - end - - describe "logout_platform/1" do - test "erases session and cookies", %{conn: conn, platform: platform} do - platform_token = Platforms.generate_platform_session_token(platform) - - conn = - conn - |> put_session(:platform_token, platform_token) - |> put_req_cookie(@remember_me_cookie, platform_token) - |> fetch_cookies() - |> PlatformAuth.log_out_platform() - - refute get_session(conn, :platform_token) - refute conn.cookies[@remember_me_cookie] - assert %{max_age: 0} = conn.resp_cookies[@remember_me_cookie] - assert redirected_to(conn) == ~p"/" - refute Platforms.get_platform_by_session_token(platform_token) - end - - test "broadcasts to the given live_socket_id", %{conn: conn} do - live_socket_id = "platforms_sessions:abcdef-token" - BrightWeb.Endpoint.subscribe(live_socket_id) - - conn - |> put_session(:live_socket_id, live_socket_id) - |> PlatformAuth.log_out_platform() - - assert_receive %Phoenix.Socket.Broadcast{event: "disconnect", topic: ^live_socket_id} - end - - test "works even if platform is already logged out", %{conn: conn} do - conn = conn |> fetch_cookies() |> PlatformAuth.log_out_platform() - refute get_session(conn, :platform_token) - assert %{max_age: 0} = conn.resp_cookies[@remember_me_cookie] - assert redirected_to(conn) == ~p"/" - end - end - - describe "fetch_current_platform/2" do - test "authenticates platform from session", %{conn: conn, platform: platform} do - platform_token = Platforms.generate_platform_session_token(platform) - conn = conn |> put_session(:platform_token, platform_token) |> PlatformAuth.fetch_current_platform([]) - assert conn.assigns.current_platform.id == platform.id - end - - test "authenticates platform from cookies", %{conn: conn, platform: platform} do - logged_in_conn = - conn |> fetch_cookies() |> PlatformAuth.log_in_platform(platform, %{"remember_me" => "true"}) - - platform_token = logged_in_conn.cookies[@remember_me_cookie] - %{value: signed_token} = logged_in_conn.resp_cookies[@remember_me_cookie] - - conn = - conn - |> put_req_cookie(@remember_me_cookie, signed_token) - |> PlatformAuth.fetch_current_platform([]) - - assert conn.assigns.current_platform.id == platform.id - assert get_session(conn, :platform_token) == platform_token - - assert get_session(conn, :live_socket_id) == - "platforms_sessions:#{Base.url_encode64(platform_token)}" - end - - test "does not authenticate if data is missing", %{conn: conn, platform: platform} do - _ = Platforms.generate_platform_session_token(platform) - conn = PlatformAuth.fetch_current_platform(conn, []) - refute get_session(conn, :platform_token) - refute conn.assigns.current_platform - end - end - - describe "on_mount :mount_current_platform" do - test "assigns current_platform based on a valid platform_token", %{conn: conn, platform: platform} do - platform_token = Platforms.generate_platform_session_token(platform) - session = conn |> put_session(:platform_token, platform_token) |> get_session() - - {:cont, updated_socket} = - PlatformAuth.on_mount(:mount_current_platform, %{}, session, %LiveView.Socket{}) - - assert updated_socket.assigns.current_platform.id == platform.id - end - - test "assigns nil to current_platform assign if there isn't a valid platform_token", %{conn: conn} do - platform_token = "invalid_token" - session = conn |> put_session(:platform_token, platform_token) |> get_session() - - {:cont, updated_socket} = - PlatformAuth.on_mount(:mount_current_platform, %{}, session, %LiveView.Socket{}) - - assert updated_socket.assigns.current_platform == nil - end - - test "assigns nil to current_platform assign if there isn't a platform_token", %{conn: conn} do - session = conn |> get_session() - - {:cont, updated_socket} = - PlatformAuth.on_mount(:mount_current_platform, %{}, session, %LiveView.Socket{}) - - assert updated_socket.assigns.current_platform == nil - end - end - - describe "on_mount :ensure_authenticated" do - test "authenticates current_platform based on a valid platform_token", %{conn: conn, platform: platform} do - platform_token = Platforms.generate_platform_session_token(platform) - session = conn |> put_session(:platform_token, platform_token) |> get_session() - - {:cont, updated_socket} = - PlatformAuth.on_mount(:ensure_authenticated, %{}, session, %LiveView.Socket{}) - - assert updated_socket.assigns.current_platform.id == platform.id - end - - test "redirects to login page if there isn't a valid platform_token", %{conn: conn} do - platform_token = "invalid_token" - session = conn |> put_session(:platform_token, platform_token) |> get_session() - - socket = %LiveView.Socket{ - endpoint: BrightWeb.Endpoint, - assigns: %{__changed__: %{}, flash: %{}} - } - - {:halt, updated_socket} = PlatformAuth.on_mount(:ensure_authenticated, %{}, session, socket) - assert updated_socket.assigns.current_platform == nil - end - - test "redirects to login page if there isn't a platform_token", %{conn: conn} do - session = conn |> get_session() - - socket = %LiveView.Socket{ - endpoint: BrightWeb.Endpoint, - assigns: %{__changed__: %{}, flash: %{}} - } - - {:halt, updated_socket} = PlatformAuth.on_mount(:ensure_authenticated, %{}, session, socket) - assert updated_socket.assigns.current_platform == nil - end - end - - describe "on_mount :redirect_if_platform_is_authenticated" do - test "redirects if there is an authenticated platform ", %{conn: conn, platform: platform} do - platform_token = Platforms.generate_platform_session_token(platform) - session = conn |> put_session(:platform_token, platform_token) |> get_session() - - assert {:halt, _updated_socket} = - PlatformAuth.on_mount( - :redirect_if_platform_is_authenticated, - %{}, - session, - %LiveView.Socket{} - ) - end - - test "doesn't redirect if there is no authenticated platform", %{conn: conn} do - session = conn |> get_session() - - assert {:cont, _updated_socket} = - PlatformAuth.on_mount( - :redirect_if_platform_is_authenticated, - %{}, - session, - %LiveView.Socket{} - ) - end - end - - describe "redirect_if_platform_is_authenticated/2" do - test "redirects if platform is authenticated", %{conn: conn, platform: platform} do - conn = conn |> assign(:current_platform, platform) |> PlatformAuth.redirect_if_platform_is_authenticated([]) - assert conn.halted - assert redirected_to(conn) == ~p"/" - end - - test "does not redirect if platform is not authenticated", %{conn: conn} do - conn = PlatformAuth.redirect_if_platform_is_authenticated(conn, []) - refute conn.halted - refute conn.status - end - end - - describe "require_authenticated_platform/2" do - test "redirects if platform is not authenticated", %{conn: conn} do - conn = conn |> fetch_flash() |> PlatformAuth.require_authenticated_platform([]) - assert conn.halted - - assert redirected_to(conn) == ~p"/platforms/log_in" - - assert Phoenix.Flash.get(conn.assigns.flash, :error) == - "You must log in to access this page." - end - - test "stores the path to redirect to on GET", %{conn: conn} do - halted_conn = - %{conn | path_info: ["foo"], query_string: ""} - |> fetch_flash() - |> PlatformAuth.require_authenticated_platform([]) - - assert halted_conn.halted - assert get_session(halted_conn, :platform_return_to) == "/foo" - - halted_conn = - %{conn | path_info: ["foo"], query_string: "bar=baz"} - |> fetch_flash() - |> PlatformAuth.require_authenticated_platform([]) - - assert halted_conn.halted - assert get_session(halted_conn, :platform_return_to) == "/foo?bar=baz" - - halted_conn = - %{conn | path_info: ["foo"], query_string: "bar", method: "POST"} - |> fetch_flash() - |> PlatformAuth.require_authenticated_platform([]) - - assert halted_conn.halted - refute get_session(halted_conn, :platform_return_to) - end - - test "does not redirect if platform is authenticated", %{conn: conn, platform: platform} do - conn = conn |> assign(:current_platform, platform) |> PlatformAuth.require_authenticated_platform([]) - refute conn.halted - refute conn.status - end - end -end diff --git a/services/capture/.gitignore b/services/capture/.gitignore deleted file mode 100644 index c4273d6..0000000 --- a/services/capture/.gitignore +++ /dev/null @@ -1,153 +0,0 @@ -.pnp.* -.yarn/* -!.yarn/patches -!.yarn/plugins -!.yarn/releases -!.yarn/sdks -!.yarn/versions - - -# Created by https://www.toptal.com/developers/gitignore/api/node -# Edit at https://www.toptal.com/developers/gitignore?templates=node - -### Node ### -# Logs -logs -*.log -npm-debug.log* -yarn-debug.log* -yarn-error.log* -lerna-debug.log* -.pnpm-debug.log* - -# Diagnostic reports (https://nodejs.org/api/report.html) -report.[0-9]*.[0-9]*.[0-9]*.[0-9]*.json - -# Runtime data -pids -*.pid -*.seed -*.pid.lock - -# Directory for instrumented libs generated by jscoverage/JSCover -lib-cov - -# Coverage directory used by tools like istanbul -coverage -*.lcov - -# nyc test coverage -.nyc_output - -# Grunt intermediate storage (https://gruntjs.com/creating-plugins#storing-task-files) -.grunt - -# Bower dependency directory (https://bower.io/) -bower_components - -# node-waf configuration -.lock-wscript - -# Compiled binary addons (https://nodejs.org/api/addons.html) -build/Release - -# Dependency directories -node_modules/ -jspm_packages/ - -# Snowpack dependency directory (https://snowpack.dev/) -web_modules/ - -# TypeScript cache -*.tsbuildinfo - -# Optional npm cache directory -.npm - -# Optional eslint cache -.eslintcache - -# Optional stylelint cache -.stylelintcache - -# Microbundle cache -.rpt2_cache/ -.rts2_cache_cjs/ -.rts2_cache_es/ -.rts2_cache_umd/ - -# Optional REPL history -.node_repl_history - -# Output of 'npm pack' -*.tgz - -# Yarn Integrity file -.yarn-integrity - -# dotenv environment variable files -.env -.env.development.local -.env.test.local -.env.production.local -.env.local - -# parcel-bundler cache (https://parceljs.org/) -.cache -.parcel-cache - -# Next.js build output -.next -out - -# Nuxt.js build / generate output -.nuxt -dist - -# Gatsby files -.cache/ -# Comment in the public line in if your project uses Gatsby and not Next.js -# https://nextjs.org/blog/next-9-1#public-directory-support -# public - -# vuepress build output -.vuepress/dist - -# vuepress v2.x temp and cache directory -.temp - -# Docusaurus cache and generated files -.docusaurus - -# Serverless directories -.serverless/ - -# FuseBox cache -.fusebox/ - -# DynamoDB Local files -.dynamodb/ - -# TernJS port file -.tern-port - -# Stores VSCode versions used for testing VSCode extensions -.vscode-test - -# yarn v2 -.yarn/cache -.yarn/unplugged -.yarn/build-state.yml -.yarn/install-state.gz -.pnp.* - -### Node Patch ### -# Serverless Webpack directories -.webpack/ - -# Optional stylelint cache - -# SvelteKit build / generate output -.svelte-kit - -# End of https://www.toptal.com/developers/gitignore/api/node diff --git a/services/capture/.mocharc.json b/services/capture/.mocharc.json deleted file mode 100644 index a169700..0000000 --- a/services/capture/.mocharc.json +++ /dev/null @@ -1,6 +0,0 @@ -{ - "$schema": "https://json.schemastore.org/mocharc.json", - "extensions": ["ts"], - "spec": "./src/**/*.spec.ts", - "require": "tsx" -} \ No newline at end of file diff --git a/services/capture/README.md b/services/capture/README.md deleted file mode 100644 index f423bc9..0000000 --- a/services/capture/README.md +++ /dev/null @@ -1,48 +0,0 @@ -# @futureporn/capture - -Cloud based wrapper around yt-dlp - -There are two components in this package. api and worker. - -## API components - -API container serves a REST API. Use this API to start/stop recordings. The API component doesn't actually record, it just queues the record task which a worker then picks up. When run in k8s, this container is meant to have 1 replication. - -## Worker components - -Worker container runs a Graphile Worker which listens for specific tasks related to recording. This container is meant to have 1 or more replications. - -## Issues - -* [ ] Initial Capture worker UI updates are too slow; the worker begins work without notifying the admin. -* [ ] Too much RAM usage! Array buffer size just keeps growing until OOMKilled while the upload is in progress. - -## Misc dev notes - -### idea for taking snapshots of stream in progress - -https://ofarukcaki.medium.com/producing-real-time-video-with-node-js-and-ffmpeg-a59ac27461a1 - -### youtube-dl end of stream output - -The end-of-stream output from yt-dlp when recording CB looks like this - -``` -[https @ 0x5646887f1580] Opening 'https://edge11-lax.live.mmcdn.com/live-hls/amlst:hotfallingdevil-sd-fdf87e5b6c880e52d38e8c94f8ebf8728c980a91d56fb4ace13748ba59012336_trns_h264/chunklist_w881713853_b5128000_t64RlBTOjMwLjA=.m3u8' for reading -[hls @ 0x564687dd0980] Skip ('#EXT-X-VERSION:4') -[hls @ 0x564687dd0980] Skip ('#EXT-X-DISCONTINUITY-SEQUENCE:0') -[hls @ 0x564687dd0980] Skip ('#EXT-X-PROGRAM-DATE-TIME:2023-01-31T17:48:45.947+00:00') -[https @ 0x5646880bf880] Opening 'https://edge11-lax.live.mmcdn.com/live-hls/amlst:hotfallingdevil-sd-fdf87e5b6c880e52d38e8c94f8ebf8728c980a91d56fb4ace13748ba59012336_trns_h264/media_w881713853_b5128000_t64RlBTOjMwLjA=_18912.ts' for reading -[https @ 0x564688097d00] Opening 'https://edge11-lax.live.mmcdn.com/live-hls/amlst:hotfallingdevil-sd-fdf87e5b6c880e52d38e8c94f8ebf8728c980a91d56fb4ace13748ba59012336_trns_h264/media_w881713853_b5128000_t64RlBTOjMwLjA=_18913.ts' for reading -[https @ 0x5646887f1580] Opening 'https://edge11-lax.live.mmcdn.com/live-hls/amlst:hotfallingdevil-sd-fdf87e5b6c880e52d38e8c94f8ebf8728c980a91d56fb4ace13748ba59012336_trns_h264/chunklist_w881713853_b5128000_t64RlBTOjMwLjA=.m3u8' for reading -[https @ 0x5646886e8580] HTTP error 403 Forbidden -[hls @ 0x564687dd0980] keepalive request failed for 'https://edge11-lax.live.mmcdn.com/live-hls/amlst:hotfallingdevil-sd-fdf87e5b6c880e52d38e8c94f8ebf8728c980a91d56fb4ace13748ba59012336_trns_h264/chunklist_w881713853_b5128000_t64RlBTOjMwLjA=.m3u8' with error: 'Server returned 403 Forbidden (access denied)' when parsing playlist -[https @ 0x5646886ccfc0] HTTP error 403 Forbidden -[hls @ 0x564687dd0980] Failed to reload playlist 0 -[https @ 0x5646886bf680] HTTP error 403 Forbidden -[hls @ 0x564687dd0980] Failed to reload playlist 0 -frame= 5355 fps= 31 q=-1.0 Lsize= 71404kB time=00:02:58.50 bitrate=3277.0kbits/s speed=1.02x -video:68484kB audio:2790kB subtitle:0kB other streams:0kB global headers:0kB muxing overhead: 0.181873% -[ffmpeg] Downloaded 73117881 bytes -[download] 100% of 69.73MiB in 02:57 -``` \ No newline at end of file diff --git a/services/capture/package.json b/services/capture/package.json deleted file mode 100644 index df096d4..0000000 --- a/services/capture/package.json +++ /dev/null @@ -1,87 +0,0 @@ -{ - "name": "@futureporn/capture", - "type": "module", - "version": "0.3.5", - "license": "Unlicense", - "private": true, - "packageManager": "pnpm@9.6.0", - "scripts": { - "start": "node dist/index.js", - "build": "tsup", - "test": "mocha", - "integration": "FUTUREPORN_WORKDIR=/home/cj/Downloads mocha ./integration/**/*.test.js", - "dev": "pnpm run dev.nodemon # yes this is crazy to have nodemon execute tsx, but it's the only way I have found to get live reloading in TS/ESM/docker with Graphile Worker's way of loading tasks", - "dev.tsx": "tsx ./src/index.ts", - "dev.nodemon": "nodemon --ext ts --exec \"pnpm run dev.tsx\"", - "dev.node": "node --no-warnings=ExperimentalWarning --loader ts-node/esm src/index.ts", - "clean": "rm -rf dist", - "superclean": "rm -rf node_modules && rm -rf pnpm-lock.yaml && rm -rf dist" - }, - "dependencies": { - "@aws-sdk/client-s3": "^3.637.0", - "@aws-sdk/lib-storage": "^3.637.0", - "@aws-sdk/types": "^3.609.0", - "@futureporn/fetchers": "workspace:^", - "@futureporn/types": "workspace:^", - "@futureporn/utils": "workspace:^", - "@paralleldrive/cuid2": "^2.2.2", - "@types/chai": "^4.3.19", - "@types/chai-as-promised": "^8.0.0", - "@types/fluent-ffmpeg": "^2.1.26", - "@types/mocha": "^10.0.7", - "@types/qs": "^6.9.15", - "date-fns": "^3.6.0", - "discord.js": "^14.16.1", - "diskusage": "^1.2.0", - "dotenv": "^16.4.5", - "execa": "^9.3.1", - "exponential-backoff": "^3.1.1", - "fastify": "^4.28.1", - "fastify-plugin": "^4.5.1", - "fastq": "^1.17.1", - "faye": "^1.4.0", - "faye-websocket": "^0.11.4", - "fluent-ffmpeg": "^2.1.3", - "graphile-config": "0.0.1-beta.9", - "graphile-worker": "^0.16.6", - "https": "^1.0.0", - "ioredis": "^5.4.1", - "minimatch": "^10.0.1", - "nanoid": "^5.0.7", - "p-retry": "^6.2.0", - "pg-boss": "^10.1.1", - "pino-pretty": "^11.2.2", - "postgres": "^3.4.4", - "qs": "^6.13.0", - "rxjs": "^7.8.1", - "sql": "^0.78.0", - "winston": "^3.14.2", - "youtube-dl-wrap": "github:insanity54/youtube-dl-wrap" - }, - "devDependencies": { - "@smithy/util-stream": "^3.1.3", - "@types/node": "^22.5.2", - "@types/sinon": "^17.0.3", - "@types/sinon-chai": "^3.2.12", - "aws-sdk": "^2.1687.0", - "aws-sdk-client-mock": "^4.0.1", - "aws-sdk-mock": "^6.1.1", - "chai": "^5.1.1", - "chai-as-promised": "^8.0.0", - "cheerio": "1.0.0", - "mocha": "^10.7.3", - "multiformats": "^13.2.2", - "node-abort-controller": "^3.1.1", - "node-fetch": "^3.3.2", - "nodemon": "^3.1.4", - "pretty-bytes": "^6.1.1", - "s3": "link:aws-sdk/clients/s3", - "sinon": "^18.0.0", - "sinon-chai": "^4.0.0", - "sinon-test": "^3.1.6", - "ts-node": "^10.9.2", - "tsup": "^8.2.4", - "tsx": "^4.19.0", - "typescript": "^5.5.4" - } -} diff --git a/services/capture/pnpm-lock.yaml b/services/capture/pnpm-lock.yaml deleted file mode 100644 index 8ca66dc..0000000 --- a/services/capture/pnpm-lock.yaml +++ /dev/null @@ -1,5836 +0,0 @@ -lockfileVersion: '9.0' - -settings: - autoInstallPeers: true - excludeLinksFromLockfile: false - -importers: - - .: - dependencies: - '@aws-sdk/client-s3': - specifier: ^3.637.0 - version: 3.637.0 - '@aws-sdk/lib-storage': - specifier: ^3.637.0 - version: 3.637.0(@aws-sdk/client-s3@3.637.0) - '@aws-sdk/types': - specifier: ^3.609.0 - version: 3.609.0 - '@futureporn/fetchers': - specifier: workspace:^ - version: link:../../packages/fetchers - '@futureporn/types': - specifier: workspace:^ - version: link:../../packages/types - '@futureporn/utils': - specifier: workspace:^ - version: link:../../packages/utils - '@paralleldrive/cuid2': - specifier: ^2.2.2 - version: 2.2.2 - '@types/chai': - specifier: ^4.3.19 - version: 4.3.19 - '@types/chai-as-promised': - specifier: ^8.0.0 - version: 8.0.0 - '@types/fluent-ffmpeg': - specifier: ^2.1.26 - version: 2.1.26 - '@types/mocha': - specifier: ^10.0.7 - version: 10.0.7 - '@types/qs': - specifier: ^6.9.15 - version: 6.9.15 - date-fns: - specifier: ^3.6.0 - version: 3.6.0 - discord.js: - specifier: ^14.16.1 - version: 14.16.1 - diskusage: - specifier: ^1.2.0 - version: 1.2.0 - dotenv: - specifier: ^16.4.5 - version: 16.4.5 - execa: - specifier: ^9.3.1 - version: 9.3.1 - exponential-backoff: - specifier: ^3.1.1 - version: 3.1.1 - fastify: - specifier: ^4.28.1 - version: 4.28.1 - fastify-plugin: - specifier: ^4.5.1 - version: 4.5.1 - fastq: - specifier: ^1.17.1 - version: 1.17.1 - faye: - specifier: ^1.4.0 - version: 1.4.0 - faye-websocket: - specifier: ^0.11.4 - version: 0.11.4 - fluent-ffmpeg: - specifier: ^2.1.3 - version: 2.1.3 - graphile-config: - specifier: 0.0.1-beta.9 - version: 0.0.1-beta.9 - graphile-worker: - specifier: ^0.16.6 - version: 0.16.6(typescript@5.5.4) - https: - specifier: ^1.0.0 - version: 1.0.0 - ioredis: - specifier: ^5.4.1 - version: 5.4.1 - minimatch: - specifier: ^10.0.1 - version: 10.0.1 - nanoid: - specifier: ^5.0.7 - version: 5.0.7 - p-retry: - specifier: ^6.2.0 - version: 6.2.0 - pg-boss: - specifier: ^10.1.1 - version: 10.1.1 - pino-pretty: - specifier: ^11.2.2 - version: 11.2.2 - postgres: - specifier: ^3.4.4 - version: 3.4.4 - qs: - specifier: ^6.13.0 - version: 6.13.0 - rxjs: - specifier: ^7.8.1 - version: 7.8.1 - sql: - specifier: ^0.78.0 - version: 0.78.0 - winston: - specifier: ^3.14.2 - version: 3.14.2 - youtube-dl-wrap: - specifier: github:insanity54/youtube-dl-wrap - version: https://codeload.github.com/insanity54/youtube-dl-wrap/tar.gz/b47e9388063b4ef516624112ef59b7d11f7775d9 - devDependencies: - '@smithy/util-stream': - specifier: ^3.1.3 - version: 3.1.3 - '@types/node': - specifier: ^22.5.2 - version: 22.5.2 - '@types/sinon': - specifier: ^17.0.3 - version: 17.0.3 - '@types/sinon-chai': - specifier: ^3.2.12 - version: 3.2.12 - aws-sdk: - specifier: ^2.1687.0 - version: 2.1687.0 - aws-sdk-client-mock: - specifier: ^4.0.1 - version: 4.0.1 - aws-sdk-mock: - specifier: ^6.1.1 - version: 6.1.1 - chai: - specifier: ^5.1.1 - version: 5.1.1 - chai-as-promised: - specifier: ^8.0.0 - version: 8.0.0(chai@5.1.1) - cheerio: - specifier: 1.0.0 - version: 1.0.0 - mocha: - specifier: ^10.7.3 - version: 10.7.3 - multiformats: - specifier: ^13.2.2 - version: 13.2.2 - node-abort-controller: - specifier: ^3.1.1 - version: 3.1.1 - node-fetch: - specifier: ^3.3.2 - version: 3.3.2 - nodemon: - specifier: ^3.1.4 - version: 3.1.4 - pretty-bytes: - specifier: ^6.1.1 - version: 6.1.1 - s3: - specifier: link:aws-sdk/clients/s3 - version: link:aws-sdk/clients/s3 - sinon: - specifier: ^18.0.0 - version: 18.0.0 - sinon-chai: - specifier: ^4.0.0 - version: 4.0.0(chai@5.1.1)(sinon@18.0.0) - sinon-test: - specifier: ^3.1.6 - version: 3.1.6(sinon@18.0.0) - ts-node: - specifier: ^10.9.2 - version: 10.9.2(@types/node@22.5.2)(typescript@5.5.4) - tsup: - specifier: ^8.2.4 - version: 8.2.4(tsx@4.19.0)(typescript@5.5.4) - tsx: - specifier: ^4.19.0 - version: 4.19.0 - typescript: - specifier: ^5.5.4 - version: 5.5.4 - -packages: - - '@aws-crypto/crc32@5.2.0': - resolution: {integrity: sha512-nLbCWqQNgUiwwtFsen1AdzAtvuLRsQS8rYgMuxCrdKf9kOssamGLuPwyTY9wyYblNr9+1XM8v6zoDTPPSIeANg==} - engines: {node: '>=16.0.0'} - - '@aws-crypto/crc32c@5.2.0': - resolution: {integrity: sha512-+iWb8qaHLYKrNvGRbiYRHSdKRWhto5XlZUEBwDjYNf+ly5SVYG6zEoYIdxvf5R3zyeP16w4PLBn3rH1xc74Rag==} - - '@aws-crypto/sha1-browser@5.2.0': - resolution: {integrity: sha512-OH6lveCFfcDjX4dbAvCFSYUjJZjDr/3XJ3xHtjn3Oj5b9RjojQo8npoLeA/bNwkOkrSQ0wgrHzXk4tDRxGKJeg==} - - '@aws-crypto/sha256-browser@5.2.0': - resolution: {integrity: sha512-AXfN/lGotSQwu6HNcEsIASo7kWXZ5HYWvfOmSNKDsEqC4OashTp8alTmaz+F7TC2L083SFv5RdB+qU3Vs1kZqw==} - - '@aws-crypto/sha256-js@5.2.0': - resolution: {integrity: sha512-FFQQyu7edu4ufvIZ+OadFpHHOt+eSTBaYaki44c+akjg7qZg9oOQeLlk77F6tSYqjDAFClrHJk9tMf0HdVyOvA==} - engines: {node: '>=16.0.0'} - - '@aws-crypto/supports-web-crypto@5.2.0': - resolution: {integrity: sha512-iAvUotm021kM33eCdNfwIN//F77/IADDSs58i+MDaOqFrVjZo9bAal0NK7HurRuWLLpF1iLX7gbWrjHjeo+YFg==} - - '@aws-crypto/util@5.2.0': - resolution: {integrity: sha512-4RkU9EsI6ZpBve5fseQlGNUWKMa1RLPQ1dnjnQoe07ldfIzcsGb5hC5W0Dm7u423KWzawlrpbjXBrXCEv9zazQ==} - - '@aws-sdk/client-s3@3.637.0': - resolution: {integrity: sha512-y6UC94fsMvhKbf0dzfnjVP1HePeGjplfcYfilZU1COIJLyTkMcUv4XcT4I407CGIrvgEafONHkiC09ygqUauNA==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/client-sso-oidc@3.637.0': - resolution: {integrity: sha512-27bHALN6Qb6m6KZmPvRieJ/QRlj1lyac/GT2Rn5kJpre8Mpp+yxrtvp3h9PjNBty4lCeFEENfY4dGNSozBuBcw==} - engines: {node: '>=16.0.0'} - peerDependencies: - '@aws-sdk/client-sts': ^3.637.0 - - '@aws-sdk/client-sso@3.637.0': - resolution: {integrity: sha512-+KjLvgX5yJYROWo3TQuwBJlHCY0zz9PsLuEolmXQn0BVK1L/m9GteZHtd+rEdAoDGBpE0Xqjy1oz5+SmtsaRUw==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/client-sts@3.637.0': - resolution: {integrity: sha512-xUi7x4qDubtA8QREtlblPuAcn91GS/09YVEY/RwU7xCY0aqGuFwgszAANlha4OUIqva8oVj2WO4gJuG+iaSnhw==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/core@3.635.0': - resolution: {integrity: sha512-i1x/E/sgA+liUE1XJ7rj1dhyXpAKO1UKFUcTTHXok2ARjWTvszHnSXMOsB77aPbmn0fUp1JTx2kHUAZ1LVt5Bg==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/credential-provider-env@3.620.1': - resolution: {integrity: sha512-ExuILJ2qLW5ZO+rgkNRj0xiAipKT16Rk77buvPP8csR7kkCflT/gXTyzRe/uzIiETTxM7tr8xuO9MP/DQXqkfg==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/credential-provider-http@3.635.0': - resolution: {integrity: sha512-iJyRgEjOCQlBMXqtwPLIKYc7Bsc6nqjrZybdMDenPDa+kmLg7xh8LxHsu9088e+2/wtLicE34FsJJIfzu3L82g==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/credential-provider-ini@3.637.0': - resolution: {integrity: sha512-h+PFCWfZ0Q3Dx84SppET/TFpcQHmxFW8/oV9ArEvMilw4EBN+IlxgbL0CnHwjHW64szcmrM0mbebjEfHf4FXmw==} - engines: {node: '>=16.0.0'} - peerDependencies: - '@aws-sdk/client-sts': ^3.637.0 - - '@aws-sdk/credential-provider-node@3.637.0': - resolution: {integrity: sha512-yoEhoxJJfs7sPVQ6Is939BDQJZpZCoUgKr/ySse4YKOZ24t4VqgHA6+wV7rYh+7IW24Rd91UTvEzSuHYTlxlNA==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/credential-provider-process@3.620.1': - resolution: {integrity: sha512-hWqFMidqLAkaV9G460+1at6qa9vySbjQKKc04p59OT7lZ5cO5VH5S4aI05e+m4j364MBROjjk2ugNvfNf/8ILg==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/credential-provider-sso@3.637.0': - resolution: {integrity: sha512-Mvz+h+e62/tl+dVikLafhv+qkZJ9RUb8l2YN/LeKMWkxQylPT83CPk9aimVhCV89zth1zpREArl97+3xsfgQvA==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/credential-provider-web-identity@3.621.0': - resolution: {integrity: sha512-w7ASSyfNvcx7+bYGep3VBgC3K6vEdLmlpjT7nSIHxxQf+WSdvy+HynwJosrpZax0sK5q0D1Jpn/5q+r5lwwW6w==} - engines: {node: '>=16.0.0'} - peerDependencies: - '@aws-sdk/client-sts': ^3.621.0 - - '@aws-sdk/lib-storage@3.637.0': - resolution: {integrity: sha512-HiNGOP4a1QrCWwO1joKw4mCp19nLXoF9K52PislBaYDI35IlHC3DP6MeOg5zmElwtL1GtEHFBy5olfPWPsLyLg==} - engines: {node: '>=16.0.0'} - peerDependencies: - '@aws-sdk/client-s3': ^3.637.0 - - '@aws-sdk/middleware-bucket-endpoint@3.620.0': - resolution: {integrity: sha512-eGLL0W6L3HDb3OACyetZYOWpHJ+gLo0TehQKeQyy2G8vTYXqNTeqYhuI6up9HVjBzU9eQiULVQETmgQs7TFaRg==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/middleware-expect-continue@3.620.0': - resolution: {integrity: sha512-QXeRFMLfyQ31nAHLbiTLtk0oHzG9QLMaof5jIfqcUwnOkO8YnQdeqzakrg1Alpy/VQ7aqzIi8qypkBe2KXZz0A==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/middleware-flexible-checksums@3.620.0': - resolution: {integrity: sha512-ftz+NW7qka2sVuwnnO1IzBku5ccP+s5qZGeRTPgrKB7OzRW85gthvIo1vQR2w+OwHFk7WJbbhhWwbCbktnP4UA==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/middleware-host-header@3.620.0': - resolution: {integrity: sha512-VMtPEZwqYrII/oUkffYsNWY9PZ9xpNJpMgmyU0rlDQ25O1c0Hk3fJmZRe6pEkAJ0omD7kLrqGl1DUjQVxpd/Rg==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/middleware-location-constraint@3.609.0': - resolution: {integrity: sha512-xzsdoTkszGVqGVPjUmgoP7TORiByLueMHieI1fhQL888WPdqctwAx3ES6d/bA9Q/i8jnc6hs+Fjhy8UvBTkE9A==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/middleware-logger@3.609.0': - resolution: {integrity: sha512-S62U2dy4jMDhDFDK5gZ4VxFdWzCtLzwbYyFZx2uvPYTECkepLUfzLic2BHg2Qvtu4QjX+oGE3P/7fwaGIsGNuQ==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/middleware-recursion-detection@3.620.0': - resolution: {integrity: sha512-nh91S7aGK3e/o1ck64sA/CyoFw+gAYj2BDOnoNa6ouyCrVJED96ZXWbhye/fz9SgmNUZR2g7GdVpiLpMKZoI5w==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/middleware-sdk-s3@3.635.0': - resolution: {integrity: sha512-RLdYJPEV4JL/7NBoFUs7VlP90X++5FlJdxHz0DzCjmiD3qCviKy+Cym3qg1gBgHwucs5XisuClxDrGokhAdTQw==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/middleware-ssec@3.609.0': - resolution: {integrity: sha512-GZSD1s7+JswWOTamVap79QiDaIV7byJFssBW68GYjyRS5EBjNfwA/8s+6uE6g39R3ojyTbYOmvcANoZEhSULXg==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/middleware-user-agent@3.637.0': - resolution: {integrity: sha512-EYo0NE9/da/OY8STDsK2LvM4kNa79DBsf4YVtaG4P5pZ615IeFsD8xOHZeuJmUrSMlVQ8ywPRX7WMucUybsKug==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/region-config-resolver@3.614.0': - resolution: {integrity: sha512-vDCeMXvic/LU0KFIUjpC3RiSTIkkvESsEfbVHiHH0YINfl8HnEqR5rj+L8+phsCeVg2+LmYwYxd5NRz4PHxt5g==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/signature-v4-multi-region@3.635.0': - resolution: {integrity: sha512-J6QY4/invOkpogCHjSaDON1hF03viPpOnsrzVuCvJMmclS/iG62R4EY0wq1alYll0YmSdmKlpJwHMWwGtqK63Q==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/token-providers@3.614.0': - resolution: {integrity: sha512-okItqyY6L9IHdxqs+Z116y5/nda7rHxLvROxtAJdLavWTYDydxrZstImNgGWTeVdmc0xX2gJCI77UYUTQWnhRw==} - engines: {node: '>=16.0.0'} - peerDependencies: - '@aws-sdk/client-sso-oidc': ^3.614.0 - - '@aws-sdk/types@3.609.0': - resolution: {integrity: sha512-+Tqnh9w0h2LcrUsdXyT1F8mNhXz+tVYBtP19LpeEGntmvHwa2XzvLUCWpoIAIVsHp5+HdB2X9Sn0KAtmbFXc2Q==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/util-arn-parser@3.568.0': - resolution: {integrity: sha512-XUKJWWo+KOB7fbnPP0+g/o5Ulku/X53t7i/h+sPHr5xxYTJJ9CYnbToo95mzxe7xWvkLrsNtJ8L+MnNn9INs2w==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/util-endpoints@3.637.0': - resolution: {integrity: sha512-pAqOKUHeVWHEXXDIp/qoMk/6jyxIb6GGjnK1/f8dKHtKIEs4tKsnnL563gceEvdad53OPXIt86uoevCcCzmBnw==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/util-locate-window@3.568.0': - resolution: {integrity: sha512-3nh4TINkXYr+H41QaPelCceEB2FXP3fxp93YZXB/kqJvX0U9j0N0Uk45gvsjmEPzG8XxkPEeLIfT2I1M7A6Lig==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/util-user-agent-browser@3.609.0': - resolution: {integrity: sha512-fojPU+mNahzQ0YHYBsx0ZIhmMA96H+ZIZ665ObU9tl+SGdbLneVZVikGve+NmHTQwHzwkFsZYYnVKAkreJLAtA==} - - '@aws-sdk/util-user-agent-node@3.614.0': - resolution: {integrity: sha512-15ElZT88peoHnq5TEoEtZwoXTXRxNrk60TZNdpl/TUBJ5oNJ9Dqb5Z4ryb8ofN6nm9aFf59GVAerFDz8iUoHBA==} - engines: {node: '>=16.0.0'} - peerDependencies: - aws-crt: '>=1.0.0' - peerDependenciesMeta: - aws-crt: - optional: true - - '@aws-sdk/xml-builder@3.609.0': - resolution: {integrity: sha512-l9XxNcA4HX98rwCC2/KoiWcmEiRfZe4G+mYwDbCFT87JIMj6GBhLDkAzr/W8KAaA2IDr8Vc6J8fZPgVulxxfMA==} - engines: {node: '>=16.0.0'} - - '@babel/code-frame@7.24.7': - resolution: {integrity: sha512-BcYH1CVJBO9tvyIZ2jVeXgSIMvGZ2FDRvDdOIVQyuklNKSsx+eppDEBq/g47Ayw+RqNFE+URvOShmf+f/qwAlA==} - engines: {node: '>=6.9.0'} - - '@babel/helper-validator-identifier@7.24.7': - resolution: {integrity: sha512-rR+PBcQ1SMQDDyF6X0wxtG8QyLCgUB0eRAGguqRLfkCA87l7yAP7ehq8SNj96OOGTO8OBV70KhuFYcIkHXOg0w==} - engines: {node: '>=6.9.0'} - - '@babel/highlight@7.24.7': - resolution: {integrity: sha512-EStJpq4OuY8xYfhGVXngigBJRWxftKX9ksiGDnmlY3o7B/V7KIAc9X4oiK87uPJSc/vs5L869bem5fhZa8caZw==} - engines: {node: '>=6.9.0'} - - '@colors/colors@1.6.0': - resolution: {integrity: sha512-Ir+AOibqzrIsL6ajt3Rz3LskB7OiMVHqltZmspbW/TJuTVuyOMirVqAkjfY6JISiLHgyNqicAC8AyHHGzNd/dA==} - engines: {node: '>=0.1.90'} - - '@cspotcode/source-map-support@0.8.1': - resolution: {integrity: sha512-IchNf6dN4tHoMFIn/7OE8LWZ19Y6q/67Bmf6vnGREv8RSbBVb9LPJxEcnwrcwX6ixSvaiGoomAUvu4YSxXrVgw==} - engines: {node: '>=12'} - - '@dabh/diagnostics@2.0.3': - resolution: {integrity: sha512-hrlQOIi7hAfzsMqlGSFyVucrx38O+j6wiGOf//H2ecvIEqYN4ADBSS2iLMh5UFyDunCNniUIPk/q3riFv45xRA==} - - '@discordjs/builders@1.9.0': - resolution: {integrity: sha512-0zx8DePNVvQibh5ly5kCEei5wtPBIUbSoE9n+91Rlladz4tgtFbJ36PZMxxZrTEOQ7AHMZ/b0crT/0fCy6FTKg==} - engines: {node: '>=18'} - - '@discordjs/collection@1.5.3': - resolution: {integrity: sha512-SVb428OMd3WO1paV3rm6tSjM4wC+Kecaa1EUGX7vc6/fddvw/6lg90z4QtCqm21zvVe92vMMDt9+DkIvjXImQQ==} - engines: {node: '>=16.11.0'} - - '@discordjs/collection@2.1.1': - resolution: {integrity: sha512-LiSusze9Tc7qF03sLCujF5iZp7K+vRNEDBZ86FT9aQAv3vxMLihUvKvpsCWiQ2DJq1tVckopKm1rxomgNUc9hg==} - engines: {node: '>=18'} - - '@discordjs/formatters@0.5.0': - resolution: {integrity: sha512-98b3i+Y19RFq1Xke4NkVY46x8KjJQjldHUuEbCqMvp1F5Iq9HgnGpu91jOi/Ufazhty32eRsKnnzS8n4c+L93g==} - engines: {node: '>=18'} - - '@discordjs/rest@2.4.0': - resolution: {integrity: sha512-Xb2irDqNcq+O8F0/k/NaDp7+t091p+acb51iA4bCKfIn+WFWd6HrNvcsSbMMxIR9NjcMZS6NReTKygqiQN+ntw==} - engines: {node: '>=18'} - - '@discordjs/util@1.1.1': - resolution: {integrity: sha512-eddz6UnOBEB1oITPinyrB2Pttej49M9FZQY8NxgEvc3tq6ZICZ19m70RsmzRdDHk80O9NoYN/25AqJl8vPVf/g==} - engines: {node: '>=18'} - - '@discordjs/ws@1.1.1': - resolution: {integrity: sha512-PZ+vLpxGCRtmr2RMkqh8Zp+BenUaJqlS6xhgWKEZcgC/vfHLEzpHtKkB0sl3nZWpwtcKk6YWy+pU3okL2I97FA==} - engines: {node: '>=16.11.0'} - - '@esbuild/aix-ppc64@0.23.1': - resolution: {integrity: sha512-6VhYk1diRqrhBAqpJEdjASR/+WVRtfjpqKuNw11cLiaWpAT/Uu+nokB+UJnevzy/P9C/ty6AOe0dwueMrGh/iQ==} - engines: {node: '>=18'} - cpu: [ppc64] - os: [aix] - - '@esbuild/android-arm64@0.23.1': - resolution: {integrity: sha512-xw50ipykXcLstLeWH7WRdQuysJqejuAGPd30vd1i5zSyKK3WE+ijzHmLKxdiCMtH1pHz78rOg0BKSYOSB/2Khw==} - engines: {node: '>=18'} - cpu: [arm64] - os: [android] - - '@esbuild/android-arm@0.23.1': - resolution: {integrity: sha512-uz6/tEy2IFm9RYOyvKl88zdzZfwEfKZmnX9Cj1BHjeSGNuGLuMD1kR8y5bteYmwqKm1tj8m4cb/aKEorr6fHWQ==} - engines: {node: '>=18'} - cpu: [arm] - os: [android] - - '@esbuild/android-x64@0.23.1': - resolution: {integrity: sha512-nlN9B69St9BwUoB+jkyU090bru8L0NA3yFvAd7k8dNsVH8bi9a8cUAUSEcEEgTp2z3dbEDGJGfP6VUnkQnlReg==} - engines: {node: '>=18'} - cpu: [x64] - os: [android] - - '@esbuild/darwin-arm64@0.23.1': - resolution: {integrity: sha512-YsS2e3Wtgnw7Wq53XXBLcV6JhRsEq8hkfg91ESVadIrzr9wO6jJDMZnCQbHm1Guc5t/CdDiFSSfWP58FNuvT3Q==} - engines: {node: '>=18'} - cpu: [arm64] - os: [darwin] - - '@esbuild/darwin-x64@0.23.1': - resolution: {integrity: sha512-aClqdgTDVPSEGgoCS8QDG37Gu8yc9lTHNAQlsztQ6ENetKEO//b8y31MMu2ZaPbn4kVsIABzVLXYLhCGekGDqw==} - engines: {node: '>=18'} - cpu: [x64] - os: [darwin] - - '@esbuild/freebsd-arm64@0.23.1': - resolution: {integrity: sha512-h1k6yS8/pN/NHlMl5+v4XPfikhJulk4G+tKGFIOwURBSFzE8bixw1ebjluLOjfwtLqY0kewfjLSrO6tN2MgIhA==} - engines: {node: '>=18'} - cpu: [arm64] - os: [freebsd] - - '@esbuild/freebsd-x64@0.23.1': - resolution: {integrity: sha512-lK1eJeyk1ZX8UklqFd/3A60UuZ/6UVfGT2LuGo3Wp4/z7eRTRYY+0xOu2kpClP+vMTi9wKOfXi2vjUpO1Ro76g==} - engines: {node: '>=18'} - cpu: [x64] - os: [freebsd] - - '@esbuild/linux-arm64@0.23.1': - resolution: {integrity: sha512-/93bf2yxencYDnItMYV/v116zff6UyTjo4EtEQjUBeGiVpMmffDNUyD9UN2zV+V3LRV3/on4xdZ26NKzn6754g==} - engines: {node: '>=18'} - cpu: [arm64] - os: [linux] - - '@esbuild/linux-arm@0.23.1': - resolution: {integrity: sha512-CXXkzgn+dXAPs3WBwE+Kvnrf4WECwBdfjfeYHpMeVxWE0EceB6vhWGShs6wi0IYEqMSIzdOF1XjQ/Mkm5d7ZdQ==} - engines: {node: '>=18'} - cpu: [arm] - os: [linux] - - '@esbuild/linux-ia32@0.23.1': - resolution: {integrity: sha512-VTN4EuOHwXEkXzX5nTvVY4s7E/Krz7COC8xkftbbKRYAl96vPiUssGkeMELQMOnLOJ8k3BY1+ZY52tttZnHcXQ==} - engines: {node: '>=18'} - cpu: [ia32] - os: [linux] - - '@esbuild/linux-loong64@0.23.1': - resolution: {integrity: sha512-Vx09LzEoBa5zDnieH8LSMRToj7ir/Jeq0Gu6qJ/1GcBq9GkfoEAoXvLiW1U9J1qE/Y/Oyaq33w5p2ZWrNNHNEw==} - engines: {node: '>=18'} - cpu: [loong64] - os: [linux] - - '@esbuild/linux-mips64el@0.23.1': - resolution: {integrity: sha512-nrFzzMQ7W4WRLNUOU5dlWAqa6yVeI0P78WKGUo7lg2HShq/yx+UYkeNSE0SSfSure0SqgnsxPvmAUu/vu0E+3Q==} - engines: {node: '>=18'} - cpu: [mips64el] - os: [linux] - - '@esbuild/linux-ppc64@0.23.1': - resolution: {integrity: sha512-dKN8fgVqd0vUIjxuJI6P/9SSSe/mB9rvA98CSH2sJnlZ/OCZWO1DJvxj8jvKTfYUdGfcq2dDxoKaC6bHuTlgcw==} - engines: {node: '>=18'} - cpu: [ppc64] - os: [linux] - - '@esbuild/linux-riscv64@0.23.1': - resolution: {integrity: sha512-5AV4Pzp80fhHL83JM6LoA6pTQVWgB1HovMBsLQ9OZWLDqVY8MVobBXNSmAJi//Csh6tcY7e7Lny2Hg1tElMjIA==} - engines: {node: '>=18'} - cpu: [riscv64] - os: [linux] - - '@esbuild/linux-s390x@0.23.1': - resolution: {integrity: sha512-9ygs73tuFCe6f6m/Tb+9LtYxWR4c9yg7zjt2cYkjDbDpV/xVn+68cQxMXCjUpYwEkze2RcU/rMnfIXNRFmSoDw==} - engines: {node: '>=18'} - cpu: [s390x] - os: [linux] - - '@esbuild/linux-x64@0.23.1': - resolution: {integrity: sha512-EV6+ovTsEXCPAp58g2dD68LxoP/wK5pRvgy0J/HxPGB009omFPv3Yet0HiaqvrIrgPTBuC6wCH1LTOY91EO5hQ==} - engines: {node: '>=18'} - cpu: [x64] - os: [linux] - - '@esbuild/netbsd-x64@0.23.1': - resolution: {integrity: sha512-aevEkCNu7KlPRpYLjwmdcuNz6bDFiE7Z8XC4CPqExjTvrHugh28QzUXVOZtiYghciKUacNktqxdpymplil1beA==} - engines: {node: '>=18'} - cpu: [x64] - os: [netbsd] - - '@esbuild/openbsd-arm64@0.23.1': - resolution: {integrity: sha512-3x37szhLexNA4bXhLrCC/LImN/YtWis6WXr1VESlfVtVeoFJBRINPJ3f0a/6LV8zpikqoUg4hyXw0sFBt5Cr+Q==} - engines: {node: '>=18'} - cpu: [arm64] - os: [openbsd] - - '@esbuild/openbsd-x64@0.23.1': - resolution: {integrity: sha512-aY2gMmKmPhxfU+0EdnN+XNtGbjfQgwZj43k8G3fyrDM/UdZww6xrWxmDkuz2eCZchqVeABjV5BpildOrUbBTqA==} - engines: {node: '>=18'} - cpu: [x64] - os: [openbsd] - - '@esbuild/sunos-x64@0.23.1': - resolution: {integrity: sha512-RBRT2gqEl0IKQABT4XTj78tpk9v7ehp+mazn2HbUeZl1YMdaGAQqhapjGTCe7uw7y0frDi4gS0uHzhvpFuI1sA==} - engines: {node: '>=18'} - cpu: [x64] - os: [sunos] - - '@esbuild/win32-arm64@0.23.1': - resolution: {integrity: sha512-4O+gPR5rEBe2FpKOVyiJ7wNDPA8nGzDuJ6gN4okSA1gEOYZ67N8JPk58tkWtdtPeLz7lBnY6I5L3jdsr3S+A6A==} - engines: {node: '>=18'} - cpu: [arm64] - os: [win32] - - '@esbuild/win32-ia32@0.23.1': - resolution: {integrity: sha512-BcaL0Vn6QwCwre3Y717nVHZbAa4UBEigzFm6VdsVdT/MbZ38xoj1X9HPkZhbmaBGUD1W8vxAfffbDe8bA6AKnQ==} - engines: {node: '>=18'} - cpu: [ia32] - os: [win32] - - '@esbuild/win32-x64@0.23.1': - resolution: {integrity: sha512-BHpFFeslkWrXWyUPnbKm+xYYVYruCinGcftSBaa8zoF9hZO4BcSCFUvHVTtzpIY6YzUnYtuEhZ+C9iEXjxnasg==} - engines: {node: '>=18'} - cpu: [x64] - os: [win32] - - '@fastify/ajv-compiler@3.6.0': - resolution: {integrity: sha512-LwdXQJjmMD+GwLOkP7TVC68qa+pSSogeWWmznRJ/coyTcfe9qA05AHFSe1eZFwK6q+xVRpChnvFUkf1iYaSZsQ==} - - '@fastify/error@3.4.1': - resolution: {integrity: sha512-wWSvph+29GR783IhmvdwWnN4bUxTD01Vm5Xad4i7i1VuAOItLvbPAb69sb0IQ2N57yprvhNIwAP5B6xfKTmjmQ==} - - '@fastify/fast-json-stringify-compiler@4.3.0': - resolution: {integrity: sha512-aZAXGYo6m22Fk1zZzEUKBvut/CIIQe/BapEORnxiD5Qr0kPHqqI69NtEMCme74h+at72sPhbkb4ZrLd1W3KRLA==} - - '@fastify/merge-json-schemas@0.1.1': - resolution: {integrity: sha512-fERDVz7topgNjtXsJTTW1JKLy0rhuLRcquYqNR9rF7OcVpCa2OVW49ZPDIhaRRCaUuvVxI+N416xUoF76HNSXA==} - - '@graphile/logger@0.2.0': - resolution: {integrity: sha512-jjcWBokl9eb1gVJ85QmoaQ73CQ52xAaOCF29ukRbYNl6lY+ts0ErTaDYOBlejcbUs2OpaiqYLO5uDhyLFzWw4w==} - - '@ioredis/commands@1.2.0': - resolution: {integrity: sha512-Sx1pU8EM64o2BrqNpEO1CNLtKQwyhuXuqyfH7oGKCk+1a33d2r5saW8zNwm3j6BTExtjrv2BxTgzzkMwts6vGg==} - - '@isaacs/cliui@8.0.2': - resolution: {integrity: sha512-O8jcjabXaleOG9DQ0+ARXWZBTfnP4WNAqzuiJK7ll44AmxGKv/J2M4TPjxjY3znBCfvBXFzucm1twdyFybFqEA==} - engines: {node: '>=12'} - - '@jridgewell/gen-mapping@0.3.5': - resolution: {integrity: sha512-IzL8ZoEDIBRWEzlCcRhOaCupYyN5gdIK+Q6fbFdPDg6HqX6jpkItn7DFIpW9LQzXG6Df9sA7+OKnq0qlz/GaQg==} - engines: {node: '>=6.0.0'} - - '@jridgewell/resolve-uri@3.1.2': - resolution: {integrity: sha512-bRISgCIjP20/tbWSPWMEi54QVPRZExkuD9lJL+UIxUKtwVJA8wW1Trb1jMs1RFXo1CBTNZ/5hpC9QvmKWdopKw==} - engines: {node: '>=6.0.0'} - - '@jridgewell/set-array@1.2.1': - resolution: {integrity: sha512-R8gLRTZeyp03ymzP/6Lil/28tGeGEzhx1q2k703KGWRAI1VdvPIXdG70VJc2pAMw3NA6JKL5hhFu1sJX0Mnn/A==} - engines: {node: '>=6.0.0'} - - '@jridgewell/sourcemap-codec@1.5.0': - resolution: {integrity: sha512-gv3ZRaISU3fjPAgNsriBRqGWQL6quFx04YMPW/zD8XMLsU32mhCCbfbO6KZFLjvYpCZ8zyDEgqsgf+PwPaM7GQ==} - - '@jridgewell/trace-mapping@0.3.25': - resolution: {integrity: sha512-vNk6aEwybGtawWmy/PzwnGDOjCkLWSD2wqvjGGAgOAwCGWySYXfYoxt00IJkTF+8Lb57DwOb3Aa0o9CApepiYQ==} - - '@jridgewell/trace-mapping@0.3.9': - resolution: {integrity: sha512-3Belt6tdc8bPgAtbcmdtNJlirVoTmEb5e2gC94PnkwEW9jI6CAHUeoG85tjWP5WquqfavoMtMwiG4P926ZKKuQ==} - - '@noble/hashes@1.5.0': - resolution: {integrity: sha512-1j6kQFb7QRru7eKN3ZDvRcP13rugwdxZqCjbiAVZfIJwgj2A65UmT4TgARXGlXgnRkORLTDTrO19ZErt7+QXgA==} - engines: {node: ^14.21.3 || >=16} - - '@nodelib/fs.scandir@2.1.5': - resolution: {integrity: sha512-vq24Bq3ym5HEQm2NKCr3yXDwjc7vTsEThRDnkp2DK9p1uqLR+DHurm/NOTo0KG7HYHU7eppKZj3MyqYuMBf62g==} - engines: {node: '>= 8'} - - '@nodelib/fs.stat@2.0.5': - resolution: {integrity: sha512-RkhPPp2zrqDAQA/2jNhnztcPAlv64XdhIp7a7454A5ovI7Bukxgt7MX7udwAu3zg1DcpPU0rz3VV1SeaqvY4+A==} - engines: {node: '>= 8'} - - '@nodelib/fs.walk@1.2.8': - resolution: {integrity: sha512-oGB+UxlgWcgQkgwo8GcEGwemoTFt3FIO9ababBmaGwXIoBKZ+GTy0pP185beGg7Llih/NSHSV2XAs1lnznocSg==} - engines: {node: '>= 8'} - - '@paralleldrive/cuid2@2.2.2': - resolution: {integrity: sha512-ZOBkgDwEdoYVlSeRbYYXs0S9MejQofiVYoTbKzy/6GQa39/q5tQU2IX46+shYnUkpEl3wc+J6wRlar7r2EK2xA==} - - '@pkgjs/parseargs@0.11.0': - resolution: {integrity: sha512-+1VkjdD0QBLPodGrJUeqarH8VAIvQODIbwh9XpP5Syisf7YoQgsJKPNFoqqLQlu+VQ/tVSshMR6loPMn8U+dPg==} - engines: {node: '>=14'} - - '@rollup/rollup-android-arm-eabi@4.21.2': - resolution: {integrity: sha512-fSuPrt0ZO8uXeS+xP3b+yYTCBUd05MoSp2N/MFOgjhhUhMmchXlpTQrTpI8T+YAwAQuK7MafsCOxW7VrPMrJcg==} - cpu: [arm] - os: [android] - - '@rollup/rollup-android-arm64@4.21.2': - resolution: {integrity: sha512-xGU5ZQmPlsjQS6tzTTGwMsnKUtu0WVbl0hYpTPauvbRAnmIvpInhJtgjj3mcuJpEiuUw4v1s4BimkdfDWlh7gA==} - cpu: [arm64] - os: [android] - - '@rollup/rollup-darwin-arm64@4.21.2': - resolution: {integrity: sha512-99AhQ3/ZMxU7jw34Sq8brzXqWH/bMnf7ZVhvLk9QU2cOepbQSVTns6qoErJmSiAvU3InRqC2RRZ5ovh1KN0d0Q==} - cpu: [arm64] - os: [darwin] - - '@rollup/rollup-darwin-x64@4.21.2': - resolution: {integrity: sha512-ZbRaUvw2iN/y37x6dY50D8m2BnDbBjlnMPotDi/qITMJ4sIxNY33HArjikDyakhSv0+ybdUxhWxE6kTI4oX26w==} - cpu: [x64] - os: [darwin] - - '@rollup/rollup-linux-arm-gnueabihf@4.21.2': - resolution: {integrity: sha512-ztRJJMiE8nnU1YFcdbd9BcH6bGWG1z+jP+IPW2oDUAPxPjo9dverIOyXz76m6IPA6udEL12reYeLojzW2cYL7w==} - cpu: [arm] - os: [linux] - - '@rollup/rollup-linux-arm-musleabihf@4.21.2': - resolution: {integrity: sha512-flOcGHDZajGKYpLV0JNc0VFH361M7rnV1ee+NTeC/BQQ1/0pllYcFmxpagltANYt8FYf9+kL6RSk80Ziwyhr7w==} - cpu: [arm] - os: [linux] - - '@rollup/rollup-linux-arm64-gnu@4.21.2': - resolution: {integrity: sha512-69CF19Kp3TdMopyteO/LJbWufOzqqXzkrv4L2sP8kfMaAQ6iwky7NoXTp7bD6/irKgknDKM0P9E/1l5XxVQAhw==} - cpu: [arm64] - os: [linux] - - '@rollup/rollup-linux-arm64-musl@4.21.2': - resolution: {integrity: sha512-48pD/fJkTiHAZTnZwR0VzHrao70/4MlzJrq0ZsILjLW/Ab/1XlVUStYyGt7tdyIiVSlGZbnliqmult/QGA2O2w==} - cpu: [arm64] - os: [linux] - - '@rollup/rollup-linux-powerpc64le-gnu@4.21.2': - resolution: {integrity: sha512-cZdyuInj0ofc7mAQpKcPR2a2iu4YM4FQfuUzCVA2u4HI95lCwzjoPtdWjdpDKyHxI0UO82bLDoOaLfpZ/wviyQ==} - cpu: [ppc64] - os: [linux] - - '@rollup/rollup-linux-riscv64-gnu@4.21.2': - resolution: {integrity: sha512-RL56JMT6NwQ0lXIQmMIWr1SW28z4E4pOhRRNqwWZeXpRlykRIlEpSWdsgNWJbYBEWD84eocjSGDu/XxbYeCmwg==} - cpu: [riscv64] - os: [linux] - - '@rollup/rollup-linux-s390x-gnu@4.21.2': - resolution: {integrity: sha512-PMxkrWS9z38bCr3rWvDFVGD6sFeZJw4iQlhrup7ReGmfn7Oukrr/zweLhYX6v2/8J6Cep9IEA/SmjXjCmSbrMQ==} - cpu: [s390x] - os: [linux] - - '@rollup/rollup-linux-x64-gnu@4.21.2': - resolution: {integrity: sha512-B90tYAUoLhU22olrafY3JQCFLnT3NglazdwkHyxNDYF/zAxJt5fJUB/yBoWFoIQ7SQj+KLe3iL4BhOMa9fzgpw==} - cpu: [x64] - os: [linux] - - '@rollup/rollup-linux-x64-musl@4.21.2': - resolution: {integrity: sha512-7twFizNXudESmC9oneLGIUmoHiiLppz/Xs5uJQ4ShvE6234K0VB1/aJYU3f/4g7PhssLGKBVCC37uRkkOi8wjg==} - cpu: [x64] - os: [linux] - - '@rollup/rollup-win32-arm64-msvc@4.21.2': - resolution: {integrity: sha512-9rRero0E7qTeYf6+rFh3AErTNU1VCQg2mn7CQcI44vNUWM9Ze7MSRS/9RFuSsox+vstRt97+x3sOhEey024FRQ==} - cpu: [arm64] - os: [win32] - - '@rollup/rollup-win32-ia32-msvc@4.21.2': - resolution: {integrity: sha512-5rA4vjlqgrpbFVVHX3qkrCo/fZTj1q0Xxpg+Z7yIo3J2AilW7t2+n6Q8Jrx+4MrYpAnjttTYF8rr7bP46BPzRw==} - cpu: [ia32] - os: [win32] - - '@rollup/rollup-win32-x64-msvc@4.21.2': - resolution: {integrity: sha512-6UUxd0+SKomjdzuAcp+HAmxw1FlGBnl1v2yEPSabtx4lBfdXHDVsW7+lQkgz9cNFJGY3AWR7+V8P5BqkD9L9nA==} - cpu: [x64] - os: [win32] - - '@sapphire/async-queue@1.5.3': - resolution: {integrity: sha512-x7zadcfJGxFka1Q3f8gCts1F0xMwCKbZweM85xECGI0hBTeIZJGGCrHgLggihBoprlQ/hBmDR5LKfIPqnmHM3w==} - engines: {node: '>=v14.0.0', npm: '>=7.0.0'} - - '@sapphire/shapeshift@4.0.0': - resolution: {integrity: sha512-d9dUmWVA7MMiKobL3VpLF8P2aeanRTu6ypG2OIaEv/ZHH/SUQ2iHOVyi5wAPjQ+HmnMuL0whK9ez8I/raWbtIg==} - engines: {node: '>=v16'} - - '@sapphire/snowflake@3.5.3': - resolution: {integrity: sha512-jjmJywLAFoWeBi1W7994zZyiNWPIiqRRNAmSERxyg93xRGzNYvGjlZ0gR6x0F4gPRi2+0O6S71kOZYyr3cxaIQ==} - engines: {node: '>=v14.0.0', npm: '>=7.0.0'} - - '@sec-ant/readable-stream@0.4.1': - resolution: {integrity: sha512-831qok9r2t8AlxLko40y2ebgSDhenenCatLVeW/uBtnHPyhHOvG0C7TvfgecV+wHzIm5KUICgzmVpWS+IMEAeg==} - - '@sindresorhus/merge-streams@4.0.0': - resolution: {integrity: sha512-tlqY9xq5ukxTUZBmoOp+m61cqwQD5pHJtFY3Mn8CA8ps6yghLH/Hw8UPdqg4OLmFW3IFlcXnQNmo/dh8HzXYIQ==} - engines: {node: '>=18'} - - '@sinonjs/commons@2.0.0': - resolution: {integrity: sha512-uLa0j859mMrg2slwQYdO/AkrOfmH+X6LTVmNTS9CqexuE2IvVORIkSpJLqePAbEnKJ77aMmCwr1NUZ57120Xcg==} - - '@sinonjs/commons@3.0.1': - resolution: {integrity: sha512-K3mCHKQ9sVh8o1C9cxkwxaOmXoAMlDxC1mYyHrjqOWEcBjYr76t96zL2zlj5dUGZ3HSw240X1qgH3Mjf1yJWpQ==} - - '@sinonjs/fake-timers@10.3.0': - resolution: {integrity: sha512-V4BG07kuYSUkTCSBHG8G8TNhM+F19jXFWnQtzj+we8DrkpSBCee9Z3Ms8yiGer/dlmhe35/Xdgyo3/0rQKg7YA==} - - '@sinonjs/fake-timers@11.3.1': - resolution: {integrity: sha512-EVJO7nW5M/F5Tur0Rf2z/QoMo+1Ia963RiMtapiQrEWvY0iBUvADo8Beegwjpnle5BHkyHuoxSTW3jF43H1XRA==} - - '@sinonjs/samsam@8.0.0': - resolution: {integrity: sha512-Bp8KUVlLp8ibJZrnvq2foVhP0IVX2CIprMJPK0vqGqgrDa0OHVKeZyBykqskkrdxV6yKBPmGasO8LVjAKR3Gew==} - - '@sinonjs/text-encoding@0.7.3': - resolution: {integrity: sha512-DE427ROAphMQzU4ENbliGYrBSYPXF+TtLg9S8vzeA+OF4ZKzoDdzfL8sxuMUGS/lgRhM6j1URSk9ghf7Xo1tyA==} - - '@smithy/abort-controller@3.1.1': - resolution: {integrity: sha512-MBJBiidoe+0cTFhyxT8g+9g7CeVccLM0IOKKUMCNQ1CNMJ/eIfoo0RTfVrXOONEI1UCN1W+zkiHSbzUNE9dZtQ==} - engines: {node: '>=16.0.0'} - - '@smithy/chunked-blob-reader-native@3.0.0': - resolution: {integrity: sha512-VDkpCYW+peSuM4zJip5WDfqvg2Mo/e8yxOv3VF1m11y7B8KKMKVFtmZWDe36Fvk8rGuWrPZHHXZ7rR7uM5yWyg==} - - '@smithy/chunked-blob-reader@3.0.0': - resolution: {integrity: sha512-sbnURCwjF0gSToGlsBiAmd1lRCmSn72nu9axfJu5lIx6RUEgHu6GwTMbqCdhQSi0Pumcm5vFxsi9XWXb2mTaoA==} - - '@smithy/config-resolver@3.0.5': - resolution: {integrity: sha512-SkW5LxfkSI1bUC74OtfBbdz+grQXYiPYolyu8VfpLIjEoN/sHVBlLeGXMQ1vX4ejkgfv6sxVbQJ32yF2cl1veA==} - engines: {node: '>=16.0.0'} - - '@smithy/core@2.4.0': - resolution: {integrity: sha512-cHXq+FneIF/KJbt4q4pjN186+Jf4ZB0ZOqEaZMBhT79srEyGDDBV31NqBRBjazz8ppQ1bJbDJMY9ba5wKFV36w==} - engines: {node: '>=16.0.0'} - - '@smithy/credential-provider-imds@3.2.0': - resolution: {integrity: sha512-0SCIzgd8LYZ9EJxUjLXBmEKSZR/P/w6l7Rz/pab9culE/RWuqelAKGJvn5qUOl8BgX8Yj5HWM50A5hiB/RzsgA==} - engines: {node: '>=16.0.0'} - - '@smithy/eventstream-codec@3.1.2': - resolution: {integrity: sha512-0mBcu49JWt4MXhrhRAlxASNy0IjDRFU+aWNDRal9OtUJvJNiwDuyKMUONSOjLjSCeGwZaE0wOErdqULer8r7yw==} - - '@smithy/eventstream-serde-browser@3.0.6': - resolution: {integrity: sha512-2hM54UWQUOrki4BtsUI1WzmD13/SeaqT/AB3EUJKbcver/WgKNaiJ5y5F5XXuVe6UekffVzuUDrBZVAA3AWRpQ==} - engines: {node: '>=16.0.0'} - - '@smithy/eventstream-serde-config-resolver@3.0.3': - resolution: {integrity: sha512-NVTYjOuYpGfrN/VbRQgn31x73KDLfCXCsFdad8DiIc3IcdxL+dYA9zEQPyOP7Fy2QL8CPy2WE4WCUD+ZsLNfaQ==} - engines: {node: '>=16.0.0'} - - '@smithy/eventstream-serde-node@3.0.5': - resolution: {integrity: sha512-+upXvnHNyZP095s11jF5dhGw/Ihzqwl5G+/KtMnoQOpdfC3B5HYCcDVG9EmgkhJMXJlM64PyN5gjJl0uXFQehQ==} - engines: {node: '>=16.0.0'} - - '@smithy/eventstream-serde-universal@3.0.5': - resolution: {integrity: sha512-5u/nXbyoh1s4QxrvNre9V6vfyoLWuiVvvd5TlZjGThIikc3G+uNiG9uOTCWweSRjv1asdDIWK7nOmN7le4RYHQ==} - engines: {node: '>=16.0.0'} - - '@smithy/fetch-http-handler@3.2.4': - resolution: {integrity: sha512-kBprh5Gs5h7ug4nBWZi1FZthdqSM+T7zMmsZxx0IBvWUn7dK3diz2SHn7Bs4dQGFDk8plDv375gzenDoNwrXjg==} - - '@smithy/hash-blob-browser@3.1.2': - resolution: {integrity: sha512-hAbfqN2UbISltakCC2TP0kx4LqXBttEv2MqSPE98gVuDFMf05lU+TpC41QtqGP3Ff5A3GwZMPfKnEy0VmEUpmg==} - - '@smithy/hash-node@3.0.3': - resolution: {integrity: sha512-2ctBXpPMG+B3BtWSGNnKELJ7SH9e4TNefJS0cd2eSkOOROeBnnVBnAy9LtJ8tY4vUEoe55N4CNPxzbWvR39iBw==} - engines: {node: '>=16.0.0'} - - '@smithy/hash-stream-node@3.1.2': - resolution: {integrity: sha512-PBgDMeEdDzi6JxKwbfBtwQG9eT9cVwsf0dZzLXoJF4sHKHs5HEo/3lJWpn6jibfJwT34I1EBXpBnZE8AxAft6g==} - engines: {node: '>=16.0.0'} - - '@smithy/invalid-dependency@3.0.3': - resolution: {integrity: sha512-ID1eL/zpDULmHJbflb864k72/SNOZCADRc9i7Exq3RUNJw6raWUSlFEQ+3PX3EYs++bTxZB2dE9mEHTQLv61tw==} - - '@smithy/is-array-buffer@2.2.0': - resolution: {integrity: sha512-GGP3O9QFD24uGeAXYUjwSTXARoqpZykHadOmA8G5vfJPK0/DC67qa//0qvqrJzL1xc8WQWX7/yc7fwudjPHPhA==} - engines: {node: '>=14.0.0'} - - '@smithy/is-array-buffer@3.0.0': - resolution: {integrity: sha512-+Fsu6Q6C4RSJiy81Y8eApjEB5gVtM+oFKTffg+jSuwtvomJJrhUJBu2zS8wjXSgH/g1MKEWrzyChTBe6clb5FQ==} - engines: {node: '>=16.0.0'} - - '@smithy/md5-js@3.0.3': - resolution: {integrity: sha512-O/SAkGVwpWmelpj/8yDtsaVe6sINHLB1q8YE/+ZQbDxIw3SRLbTZuRaI10K12sVoENdnHqzPp5i3/H+BcZ3m3Q==} - - '@smithy/middleware-content-length@3.0.5': - resolution: {integrity: sha512-ILEzC2eyxx6ncej3zZSwMpB5RJ0zuqH7eMptxC4KN3f+v9bqT8ohssKbhNR78k/2tWW+KS5Spw+tbPF4Ejyqvw==} - engines: {node: '>=16.0.0'} - - '@smithy/middleware-endpoint@3.1.0': - resolution: {integrity: sha512-5y5aiKCEwg9TDPB4yFE7H6tYvGFf1OJHNczeY10/EFF8Ir8jZbNntQJxMWNfeQjC1mxPsaQ6mR9cvQbf+0YeMw==} - engines: {node: '>=16.0.0'} - - '@smithy/middleware-retry@3.0.15': - resolution: {integrity: sha512-iTMedvNt1ApdvkaoE8aSDuwaoc+BhvHqttbA/FO4Ty+y/S5hW6Ci/CTScG7vam4RYJWZxdTElc3MEfHRVH6cgQ==} - engines: {node: '>=16.0.0'} - - '@smithy/middleware-serde@3.0.3': - resolution: {integrity: sha512-puUbyJQBcg9eSErFXjKNiGILJGtiqmuuNKEYNYfUD57fUl4i9+mfmThtQhvFXU0hCVG0iEJhvQUipUf+/SsFdA==} - engines: {node: '>=16.0.0'} - - '@smithy/middleware-stack@3.0.3': - resolution: {integrity: sha512-r4klY9nFudB0r9UdSMaGSyjyQK5adUyPnQN/ZM6M75phTxOdnc/AhpvGD1fQUvgmqjQEBGCwpnPbDm8pH5PapA==} - engines: {node: '>=16.0.0'} - - '@smithy/node-config-provider@3.1.4': - resolution: {integrity: sha512-YvnElQy8HR4vDcAjoy7Xkx9YT8xZP4cBXcbJSgm/kxmiQu08DwUwj8rkGnyoJTpfl/3xYHH+d8zE+eHqoDCSdQ==} - engines: {node: '>=16.0.0'} - - '@smithy/node-http-handler@3.1.4': - resolution: {integrity: sha512-+UmxgixgOr/yLsUxcEKGH0fMNVteJFGkmRltYFHnBMlogyFdpzn2CwqWmxOrfJELhV34v0WSlaqG1UtE1uXlJg==} - engines: {node: '>=16.0.0'} - - '@smithy/property-provider@3.1.3': - resolution: {integrity: sha512-zahyOVR9Q4PEoguJ/NrFP4O7SMAfYO1HLhB18M+q+Z4KFd4V2obiMnlVoUFzFLSPeVt1POyNWneHHrZaTMoc/g==} - engines: {node: '>=16.0.0'} - - '@smithy/protocol-http@4.1.0': - resolution: {integrity: sha512-dPVoHYQ2wcHooGXg3LQisa1hH0e4y0pAddPMeeUPipI1tEOqL6A4N0/G7abeq+K8wrwSgjk4C0wnD1XZpJm5aA==} - engines: {node: '>=16.0.0'} - - '@smithy/querystring-builder@3.0.3': - resolution: {integrity: sha512-vyWckeUeesFKzCDaRwWLUA1Xym9McaA6XpFfAK5qI9DKJ4M33ooQGqvM4J+LalH4u/Dq9nFiC8U6Qn1qi0+9zw==} - engines: {node: '>=16.0.0'} - - '@smithy/querystring-parser@3.0.3': - resolution: {integrity: sha512-zahM1lQv2YjmznnfQsWbYojFe55l0SLG/988brlLv1i8z3dubloLF+75ATRsqPBboUXsW6I9CPGE5rQgLfY0vQ==} - engines: {node: '>=16.0.0'} - - '@smithy/service-error-classification@3.0.3': - resolution: {integrity: sha512-Jn39sSl8cim/VlkLsUhRFq/dKDnRUFlfRkvhOJaUbLBXUsLRLNf9WaxDv/z9BjuQ3A6k/qE8af1lsqcwm7+DaQ==} - engines: {node: '>=16.0.0'} - - '@smithy/shared-ini-file-loader@3.1.4': - resolution: {integrity: sha512-qMxS4hBGB8FY2GQqshcRUy1K6k8aBWP5vwm8qKkCT3A9K2dawUwOIJfqh9Yste/Bl0J2lzosVyrXDj68kLcHXQ==} - engines: {node: '>=16.0.0'} - - '@smithy/signature-v4@4.1.0': - resolution: {integrity: sha512-aRryp2XNZeRcOtuJoxjydO6QTaVhxx/vjaR+gx7ZjaFgrgPRyZ3HCTbfwqYj6ZWEBHkCSUfcaymKPURaByukag==} - engines: {node: '>=16.0.0'} - - '@smithy/smithy-client@3.2.0': - resolution: {integrity: sha512-pDbtxs8WOhJLJSeaF/eAbPgXg4VVYFlRcL/zoNYA5WbG3wBL06CHtBSg53ppkttDpAJ/hdiede+xApip1CwSLw==} - engines: {node: '>=16.0.0'} - - '@smithy/types@3.3.0': - resolution: {integrity: sha512-IxvBBCTFDHbVoK7zIxqA1ZOdc4QfM5HM7rGleCuHi7L1wnKv5Pn69xXJQ9hgxH60ZVygH9/JG0jRgtUncE3QUA==} - engines: {node: '>=16.0.0'} - - '@smithy/url-parser@3.0.3': - resolution: {integrity: sha512-pw3VtZtX2rg+s6HMs6/+u9+hu6oY6U7IohGhVNnjbgKy86wcIsSZwgHrFR+t67Uyxvp4Xz3p3kGXXIpTNisq8A==} - - '@smithy/util-base64@3.0.0': - resolution: {integrity: sha512-Kxvoh5Qtt0CDsfajiZOCpJxgtPHXOKwmM+Zy4waD43UoEMA+qPxxa98aE/7ZhdnBFZFXMOiBR5xbcaMhLtznQQ==} - engines: {node: '>=16.0.0'} - - '@smithy/util-body-length-browser@3.0.0': - resolution: {integrity: sha512-cbjJs2A1mLYmqmyVl80uoLTJhAcfzMOyPgjwAYusWKMdLeNtzmMz9YxNl3/jRLoxSS3wkqkf0jwNdtXWtyEBaQ==} - - '@smithy/util-body-length-node@3.0.0': - resolution: {integrity: sha512-Tj7pZ4bUloNUP6PzwhN7K386tmSmEET9QtQg0TgdNOnxhZvCssHji+oZTUIuzxECRfG8rdm2PMw2WCFs6eIYkA==} - engines: {node: '>=16.0.0'} - - '@smithy/util-buffer-from@2.2.0': - resolution: {integrity: sha512-IJdWBbTcMQ6DA0gdNhh/BwrLkDR+ADW5Kr1aZmd4k3DIF6ezMV4R2NIAmT08wQJ3yUK82thHWmC/TnK/wpMMIA==} - engines: {node: '>=14.0.0'} - - '@smithy/util-buffer-from@3.0.0': - resolution: {integrity: sha512-aEOHCgq5RWFbP+UDPvPot26EJHjOC+bRgse5A8V3FSShqd5E5UN4qc7zkwsvJPPAVsf73QwYcHN1/gt/rtLwQA==} - engines: {node: '>=16.0.0'} - - '@smithy/util-config-provider@3.0.0': - resolution: {integrity: sha512-pbjk4s0fwq3Di/ANL+rCvJMKM5bzAQdE5S/6RL5NXgMExFAi6UgQMPOm5yPaIWPpr+EOXKXRonJ3FoxKf4mCJQ==} - engines: {node: '>=16.0.0'} - - '@smithy/util-defaults-mode-browser@3.0.15': - resolution: {integrity: sha512-FZ4Psa3vjp8kOXcd3HJOiDPBCWtiilLl57r0cnNtq/Ga9RSDrM5ERL6xt+tO43+2af6Pn5Yp92x2n5vPuduNfg==} - engines: {node: '>= 10.0.0'} - - '@smithy/util-defaults-mode-node@3.0.15': - resolution: {integrity: sha512-KSyAAx2q6d0t6f/S4XB2+3+6aQacm3aLMhs9aLMqn18uYGUepbdssfogW5JQZpc6lXNBnp0tEnR5e9CEKmEd7A==} - engines: {node: '>= 10.0.0'} - - '@smithy/util-endpoints@2.0.5': - resolution: {integrity: sha512-ReQP0BWihIE68OAblC/WQmDD40Gx+QY1Ez8mTdFMXpmjfxSyz2fVQu3A4zXRfQU9sZXtewk3GmhfOHswvX+eNg==} - engines: {node: '>=16.0.0'} - - '@smithy/util-hex-encoding@3.0.0': - resolution: {integrity: sha512-eFndh1WEK5YMUYvy3lPlVmYY/fZcQE1D8oSf41Id2vCeIkKJXPcYDCZD+4+xViI6b1XSd7tE+s5AmXzz5ilabQ==} - engines: {node: '>=16.0.0'} - - '@smithy/util-middleware@3.0.3': - resolution: {integrity: sha512-l+StyYYK/eO3DlVPbU+4Bi06Jjal+PFLSMmlWM1BEwyLxZ3aKkf1ROnoIakfaA7mC6uw3ny7JBkau4Yc+5zfWw==} - engines: {node: '>=16.0.0'} - - '@smithy/util-retry@3.0.3': - resolution: {integrity: sha512-AFw+hjpbtVApzpNDhbjNG5NA3kyoMs7vx0gsgmlJF4s+yz1Zlepde7J58zpIRIsdjc+emhpAITxA88qLkPF26w==} - engines: {node: '>=16.0.0'} - - '@smithy/util-stream@3.1.3': - resolution: {integrity: sha512-FIv/bRhIlAxC0U7xM1BCnF2aDRPq0UaelqBHkM2lsCp26mcBbgI0tCVTv+jGdsQLUmAMybua/bjDsSu8RQHbmw==} - engines: {node: '>=16.0.0'} - - '@smithy/util-uri-escape@3.0.0': - resolution: {integrity: sha512-LqR7qYLgZTD7nWLBecUi4aqolw8Mhza9ArpNEQ881MJJIU2sE5iHCK6TdyqqzcDLy0OPe10IY4T8ctVdtynubg==} - engines: {node: '>=16.0.0'} - - '@smithy/util-utf8@2.3.0': - resolution: {integrity: sha512-R8Rdn8Hy72KKcebgLiv8jQcQkXoLMOGGv5uI1/k0l+snqkOzQ1R0ChUBCxWMlBsFMekWjq0wRudIweFs7sKT5A==} - engines: {node: '>=14.0.0'} - - '@smithy/util-utf8@3.0.0': - resolution: {integrity: sha512-rUeT12bxFnplYDe815GXbq/oixEGHfRFFtcTF3YdDi/JaENIM6aSYYLJydG83UNzLXeRI5K8abYd/8Sp/QM0kA==} - engines: {node: '>=16.0.0'} - - '@smithy/util-waiter@3.1.2': - resolution: {integrity: sha512-4pP0EV3iTsexDx+8PPGAKCQpd/6hsQBaQhqWzU4hqKPHN5epPsxKbvUTIiYIHTxaKt6/kEaqPBpu/ufvfbrRzw==} - engines: {node: '>=16.0.0'} - - '@tsconfig/node10@1.0.11': - resolution: {integrity: sha512-DcRjDCujK/kCk/cUe8Xz8ZSpm8mS3mNNpta+jGCA6USEDfktlNvm1+IuZ9eTcDbNk41BHwpHHeW+N1lKCz4zOw==} - - '@tsconfig/node12@1.0.11': - resolution: {integrity: sha512-cqefuRsh12pWyGsIoBKJA9luFu3mRxCA+ORZvA4ktLSzIuCUtWVxGIuXigEwO5/ywWFMZ2QEGKWvkZG1zDMTag==} - - '@tsconfig/node14@1.0.3': - resolution: {integrity: sha512-ysT8mhdixWK6Hw3i1V2AeRqZ5WfXg1G43mqoYlM2nc6388Fq5jcXyr5mRsqViLx/GJYdoL0bfXD8nmF+Zn/Iow==} - - '@tsconfig/node16@1.0.4': - resolution: {integrity: sha512-vxhUy4J8lyeyinH7Azl1pdd43GJhZH/tP2weN8TntQblOY+A0XbT8DJk1/oCPuOOyg/Ja757rG0CgHcWC8OfMA==} - - '@types/chai-as-promised@8.0.0': - resolution: {integrity: sha512-YbYaXFqJwSABp9OXQTVrPPmstZgNjkRieWVd/xAl5Yc/e5+F44bXLeQggpvm0sjsS1bg+2Y5cwU+rquwwD2dXA==} - - '@types/chai@4.3.19': - resolution: {integrity: sha512-2hHHvQBVE2FiSK4eN0Br6snX9MtolHaTo/batnLjlGRhoQzlCL61iVpxoqO7SfFyOw+P/pwv+0zNHzKoGWz9Cw==} - - '@types/debug@4.1.12': - resolution: {integrity: sha512-vIChWdVG3LG1SMxEvI/AK+FWJthlrqlTu7fbrlywTkkaONwk/UAGaULXRlf8vkzFBLVm0zkMdCquhL5aOjhXPQ==} - - '@types/estree@1.0.5': - resolution: {integrity: sha512-/kYRxGDLWzHOB7q+wtSUQlFrtcdUccpfy+X+9iMBpHK8QLLhx2wIPYuS5DYtR9Wa/YlZAbIovy7qVdB1Aq6Lyw==} - - '@types/fluent-ffmpeg@2.1.26': - resolution: {integrity: sha512-0JVF3wdQG+pN0ImwWD0bNgJiKF2OHg/7CDBHw5UIbRTvlnkgGHK6V5doE54ltvhud4o31/dEiHm23CAlxFiUQg==} - - '@types/interpret@1.1.3': - resolution: {integrity: sha512-uBaBhj/BhilG58r64mtDb/BEdH51HIQLgP5bmWzc5qCtFMja8dCk/IOJmk36j0lbi9QHwI6sbtUNGuqXdKCAtQ==} - - '@types/mocha@10.0.7': - resolution: {integrity: sha512-GN8yJ1mNTcFcah/wKEFIJckJx9iJLoMSzWcfRRuxz/Jk+U6KQNnml+etbtxFK8lPjzOw3zp4Ha/kjSst9fsHYw==} - - '@types/ms@0.7.34': - resolution: {integrity: sha512-nG96G3Wp6acyAgJqGasjODb+acrI7KltPiRxzHPXnP3NgI28bpQDRv53olbqGXbfcgF5aiiHmO3xpwEpS5Ld9g==} - - '@types/node@20.16.3': - resolution: {integrity: sha512-/wdGiWRkMOm53gAsSyFMXFZHbVg7C6CbkrzHNpaHoYfsUWPg7m6ZRKtvQjgvQ9i8WT540a3ydRlRQbxjY30XxQ==} - - '@types/node@22.5.2': - resolution: {integrity: sha512-acJsPTEqYqulZS/Yp/S3GgeE6GZ0qYODUR8aVr/DkhHQ8l9nd4j5x1/ZJy9/gHrRlFMqkO6i0I3E27Alu4jjPg==} - - '@types/pg@8.11.8': - resolution: {integrity: sha512-IqpCf8/569txXN/HoP5i1LjXfKZWL76Yr2R77xgeIICUbAYHeoaEZFhYHo2uDftecLWrTJUq63JvQu8q3lnDyA==} - - '@types/qs@6.9.15': - resolution: {integrity: sha512-uXHQKES6DQKKCLh441Xv/dwxOq1TVS3JPUMlEqoEglvlhR6Mxnlew/Xq/LRVHpLyk7iK3zODe1qYHIMltO7XGg==} - - '@types/retry@0.12.2': - resolution: {integrity: sha512-XISRgDJ2Tc5q4TRqvgJtzsRkFYNJzZrhTdtMoGVBttwzzQJkPnS3WWTFc7kuDRoPtPakl+T+OfdEUjYJj7Jbow==} - - '@types/semver@7.5.8': - resolution: {integrity: sha512-I8EUhyrgfLrcTkzV3TSsGyl1tSuPrEDzr0yd5m90UgNxQkyDXULk3b6MlQqTCpZpNtWe1K0hzclnZkTcLBe2UQ==} - - '@types/sinon-chai@3.2.12': - resolution: {integrity: sha512-9y0Gflk3b0+NhQZ/oxGtaAJDvRywCa5sIyaVnounqLvmf93yBF4EgIRspePtkMs3Tr844nCclYMlcCNmLCvjuQ==} - - '@types/sinon@10.0.20': - resolution: {integrity: sha512-2APKKruFNCAZgx3daAyACGzWuJ028VVCUDk6o2rw/Z4PXT0ogwdV4KUegW0MwVs0Zu59auPXbbuBJHF12Sx1Eg==} - - '@types/sinon@17.0.3': - resolution: {integrity: sha512-j3uovdn8ewky9kRBG19bOwaZbexJu/XjtkHyjvUgt4xfPFz18dcORIMqnYh66Fx3Powhcr85NT5+er3+oViapw==} - - '@types/sinonjs__fake-timers@8.1.5': - resolution: {integrity: sha512-mQkU2jY8jJEF7YHjHvsQO8+3ughTL1mcnn96igfhONmR+fUPSKIkefQYpSe8bsly2Ep7oQbn/6VG5/9/0qcArQ==} - - '@types/triple-beam@1.3.5': - resolution: {integrity: sha512-6WaYesThRMCl19iryMYP7/x2OVgCtbIVflDGFpWnb9irXI3UjYE4AzmYuiUKY1AJstGijoY+MgUszMgRxIYTYw==} - - '@types/ws@8.5.12': - resolution: {integrity: sha512-3tPRkv1EtkDpzlgyKyI8pGsGZAGPEaXeu0DOj5DI25Ja91bdAYddYHbADRYVrZMRbfW+1l5YwXVDKohDJNQxkQ==} - - '@vladfrangu/async_event_emitter@2.4.6': - resolution: {integrity: sha512-RaI5qZo6D2CVS6sTHFKg1v5Ohq/+Bo2LZ5gzUEwZ/WkHhwtGTCB/sVLw8ijOkAUxasZ+WshN/Rzj4ywsABJ5ZA==} - engines: {node: '>=v14.0.0', npm: '>=7.0.0'} - - abort-controller@3.0.0: - resolution: {integrity: sha512-h8lQ8tacZYnR3vNQTgibj+tODHI5/+l06Au2Pcriv/Gmet0eaj4TwWH41sO9wnHDiQsEj19q0drzdWdeAHtweg==} - engines: {node: '>=6.5'} - - abstract-logging@2.0.1: - resolution: {integrity: sha512-2BjRTZxTPvheOvGbBslFSYOUkr+SjPtOnrLP33f+VIWLzezQpZcqVg7ja3L4dBXmzzgwT+a029jRx5PCi3JuiA==} - - acorn-walk@8.3.3: - resolution: {integrity: sha512-MxXdReSRhGO7VlFe1bRG/oI7/mdLV9B9JJT0N8vZOhF7gFRR5l3M8W9G8JxmKV+JC5mGqJ0QvqfSOLsCPa4nUw==} - engines: {node: '>=0.4.0'} - - acorn@8.12.1: - resolution: {integrity: sha512-tcpGyI9zbizT9JbV6oYE477V6mTlXvvi0T0G3SNIYE2apm/G5huBa1+K89VGeovbg+jycCrfhl3ADxErOuO6Jg==} - engines: {node: '>=0.4.0'} - hasBin: true - - ajv-formats@2.1.1: - resolution: {integrity: sha512-Wx0Kx52hxE7C18hkMEggYlEifqWZtYaRgouJor+WMdPnQyEK13vgEWyVNup7SoeeoLMsr4kf5h6dOW11I15MUA==} - peerDependencies: - ajv: ^8.0.0 - peerDependenciesMeta: - ajv: - optional: true - - ajv-formats@3.0.1: - resolution: {integrity: sha512-8iUql50EUR+uUcdRQ3HDqa6EVyo3docL8g5WJ3FNcWmu62IbkGUue/pEyLBW8VGKKucTPgqeks4fIU1DA4yowQ==} - peerDependencies: - ajv: ^8.0.0 - peerDependenciesMeta: - ajv: - optional: true - - ajv@8.17.1: - resolution: {integrity: sha512-B/gBuNg5SiMTrPkC+A2+cW0RszwxYmn6VYxB/inlBStS5nx6xHIt/ehKRhIMhqusl7a8LjQoZnjCs5vhwxOQ1g==} - - ansi-colors@4.1.3: - resolution: {integrity: sha512-/6w/C21Pm1A7aZitlI5Ni/2J6FFQN8i1Cvz3kHABAAbw93v/NlvKdVOqz7CCWz/3iv/JplRSEEZ83XION15ovw==} - engines: {node: '>=6'} - - ansi-regex@5.0.1: - resolution: {integrity: sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==} - engines: {node: '>=8'} - - ansi-regex@6.0.1: - resolution: {integrity: sha512-n5M855fKb2SsfMIiFFoVrABHJC8QtHwVx+mHWP3QcEqBHYienj5dHSgjbxtC0WEZXYt4wcD6zrQElDPhFuZgfA==} - engines: {node: '>=12'} - - ansi-styles@3.2.1: - resolution: {integrity: sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==} - engines: {node: '>=4'} - - ansi-styles@4.3.0: - resolution: {integrity: sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==} - engines: {node: '>=8'} - - ansi-styles@6.2.1: - resolution: {integrity: sha512-bN798gFfQX+viw3R7yrGWRqnrN2oRkEkUjjl4JNn4E8GxxbjtG3FbrEIIY3l8/hrwUwIeCZvi4QuOTP4MErVug==} - engines: {node: '>=12'} - - any-promise@1.3.0: - resolution: {integrity: sha512-7UvmKalWRt1wgjL1RrGxoSJW/0QZFIegpeGvZG9kjp8vrRu55XTHbwnqq2GpXm9uLbcuhxm3IqX9OB4MZR1b2A==} - - anymatch@3.1.3: - resolution: {integrity: sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw==} - engines: {node: '>= 8'} - - arg@4.1.3: - resolution: {integrity: sha512-58S9QDqG0Xx27YwPSt9fJxivjYl432YCwfDMfZ+71RAqUrZef7LrKQZ3LHLOwCS4FLNBplP533Zx895SeOCHvA==} - - argparse@2.0.1: - resolution: {integrity: sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==} - - array-union@2.1.0: - resolution: {integrity: sha512-HGyxoOTYUyCM6stUe6EJgnd4EoewAI7zMdfqO+kGjnlZmBDz/cR5pf8r/cR4Wq60sL/p0IkcjUEEPwS3GFrIyw==} - engines: {node: '>=8'} - - asap@2.0.6: - resolution: {integrity: sha512-BSHWgDSAiKs50o2Re8ppvp3seVHXSRM44cdSsT9FfNEUUZLOGWVCsiWaRPWM1Znn+mqZ1OfVZ3z3DWEzSp7hRA==} - - assertion-error@2.0.1: - resolution: {integrity: sha512-Izi8RQcffqCeNVgFigKli1ssklIbpHnCYc6AknXGYoB6grJqyeby7jv12JUQgmTAnIDnbck1uxksT4dzN3PWBA==} - engines: {node: '>=12'} - - async@0.2.10: - resolution: {integrity: sha512-eAkdoKxU6/LkKDBzLpT+t6Ff5EtfSF4wx1WfJiPEEV7WNLnDaRXk0oVysiEPm262roaachGexwUv94WhSgN5TQ==} - - async@3.2.6: - resolution: {integrity: sha512-htCUDlxyyCLMgaM3xXg0C0LW2xqfuQ6p05pCEIsXuyQ+a1koYKTuBMzRNwmybfLgvJDMd0r1LTn4+E0Ti6C2AA==} - - atomic-sleep@1.0.0: - resolution: {integrity: sha512-kNOjDqAh7px0XWNI+4QbzoiR/nTkHAWNud2uvnJquD1/x5a7EQZMJT0AczqK0Qn67oY/TTQ1LbUKajZpp3I9tQ==} - engines: {node: '>=8.0.0'} - - available-typed-arrays@1.0.7: - resolution: {integrity: sha512-wvUjBtSGN7+7SjNpq/9M2Tg350UZD3q62IFZLbRAR1bSMlCo1ZaeW+BJ+D090e4hIIZLBcTDWe4Mh4jvUDajzQ==} - engines: {node: '>= 0.4'} - - avvio@8.4.0: - resolution: {integrity: sha512-CDSwaxINFy59iNwhYnkvALBwZiTydGkOecZyPkqBpABYR1KqGEsET0VOOYDwtleZSUIdeY36DC2bSZ24CO1igA==} - - aws-sdk-client-mock@4.0.1: - resolution: {integrity: sha512-yD2mmgy73Xce097G5hIpr1k7j50qzvJ49/+6osGZiCyk4m6cwhb+2x7kKFY1gEMwTzaS8+m8fXv9SB29SkRYyQ==} - - aws-sdk-mock@6.1.1: - resolution: {integrity: sha512-WqGodclZDv5tZmoC/1A4V4c4hSwageOoy90cJisrkdLUq/1jEhulajkNL4UkmD9Nc6zhQuLD6WXIbB/ROM+K2A==} - engines: {node: '>=18.0.0'} - - aws-sdk@2.1687.0: - resolution: {integrity: sha512-Pk7RbIxJ8yDmFJRKzaapiUsAvz5cTPKCz7soomU+lASx1jvO29Z9KAPB6KJR22m7rDDMO/HNNN9OJRzfdvh7xQ==} - engines: {node: '>= 10.0.0'} - - balanced-match@1.0.2: - resolution: {integrity: sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==} - - base64-js@1.5.1: - resolution: {integrity: sha512-AKpaYlHn8t4SVbOHCy+b5+KKgvR4vrsD8vbvrbiQJps7fKDTkjkDry6ji0rUJjC0kzbNePLwzxq8iypo41qeWA==} - - binary-extensions@2.3.0: - resolution: {integrity: sha512-Ceh+7ox5qe7LJuLHoY0feh3pHuUDHAcRUeyL2VYghZwfpkNIy/+8Ocg0a3UuSoYzavmylwuLWQOf3hl0jjMMIw==} - engines: {node: '>=8'} - - boolbase@1.0.0: - resolution: {integrity: sha512-JZOSA7Mo9sNGB8+UjSgzdLtokWAky1zbztM3WRLCbZ70/3cTANmQmOdR7y2g+J0e2WXywy1yS468tY+IruqEww==} - - bowser@2.11.0: - resolution: {integrity: sha512-AlcaJBi/pqqJBIQ8U9Mcpc9i8Aqxn88Skv5d+xBX006BY5u8N3mGLHa5Lgppa7L/HfwgwLgZ6NYs+Ag6uUmJRA==} - - brace-expansion@1.1.11: - resolution: {integrity: sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==} - - brace-expansion@2.0.1: - resolution: {integrity: sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==} - - braces@3.0.3: - resolution: {integrity: sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==} - engines: {node: '>=8'} - - browser-stdout@1.3.1: - resolution: {integrity: sha512-qhAVI1+Av2X7qelOfAIYwXONood6XlZE/fXaBSmW/T5SzLAmCgzi+eiWE7fUvbHaeNBQH13UftjpXxsfLkMpgw==} - - buffer@4.9.2: - resolution: {integrity: sha512-xq+q3SRMOxGivLhBNaUdC64hDTQwejJ+H0T/NB1XMtTVEwNTrfFF3gAxiyW0Bu/xWEGhjVKgUcMhCrUy2+uCWg==} - - buffer@5.6.0: - resolution: {integrity: sha512-/gDYp/UtU0eA1ys8bOs9J6a+E/KWIY+DZ+Q2WESNUA0jFRsJOc0SNUO6xJ5SGA1xueg3NL65W6s+NY5l9cunuw==} - - buffer@6.0.3: - resolution: {integrity: sha512-FTiCpNxtwiZZHEZbcbTIcZjERVICn9yq/pDFkTl95/AxzD1naBctN7YO68riM/gLSDY7sdrMby8hofADYuuqOA==} - - bundle-require@5.0.0: - resolution: {integrity: sha512-GuziW3fSSmopcx4KRymQEJVbZUfqlCqcq7dvs6TYwKRZiegK/2buMxQTPs6MGlNv50wms1699qYO54R8XfRX4w==} - engines: {node: ^12.20.0 || ^14.13.1 || >=16.0.0} - peerDependencies: - esbuild: '>=0.18' - - cac@6.7.14: - resolution: {integrity: sha512-b6Ilus+c3RrdDk+JhLKUAQfzzgLEPy6wcXqS7f/xe1EETvsDP6GORG7SFuOs6cID5YkqchW/LXZbX5bc8j7ZcQ==} - engines: {node: '>=8'} - - call-bind@1.0.7: - resolution: {integrity: sha512-GHTSNSYICQ7scH7sZ+M2rFopRoLh8t2bLSW6BbgrtLsahOIB5iyAVJf9GjWK3cYTDaMj4XdBpM1cA6pIS0Kv2w==} - engines: {node: '>= 0.4'} - - callsites@3.1.0: - resolution: {integrity: sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==} - engines: {node: '>=6'} - - camelcase@6.3.0: - resolution: {integrity: sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==} - engines: {node: '>=10'} - - chai-as-promised@8.0.0: - resolution: {integrity: sha512-sMsGXTrS3FunP/wbqh/KxM8Kj/aLPXQGkNtvE5wPfSToq8wkkvBpTZo1LIiEVmC4BwkKpag+l5h/20lBMk6nUg==} - peerDependencies: - chai: '>= 2.1.2 < 6' - - chai@5.1.1: - resolution: {integrity: sha512-pT1ZgP8rPNqUgieVaEY+ryQr6Q4HXNg8Ei9UnLUrjN4IA7dvQC5JB+/kxVcPNDHyBcc/26CXPkbNzq3qwrOEKA==} - engines: {node: '>=12'} - - chalk@2.4.2: - resolution: {integrity: sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==} - engines: {node: '>=4'} - - chalk@4.1.2: - resolution: {integrity: sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==} - engines: {node: '>=10'} - - check-error@2.1.1: - resolution: {integrity: sha512-OAlb+T7V4Op9OwdkjmguYRqncdlx5JiofwOAUkmTF+jNdHwzTaTs4sRAGpzLF3oOz5xAyDGrPgeIDFQmDOTiJw==} - engines: {node: '>= 16'} - - cheerio-select@2.1.0: - resolution: {integrity: sha512-9v9kG0LvzrlcungtnJtpGNxY+fzECQKhK4EGJX2vByejiMX84MFNQw4UxPJl3bFbTMw+Dfs37XaIkCwTZfLh4g==} - - cheerio@1.0.0: - resolution: {integrity: sha512-quS9HgjQpdaXOvsZz82Oz7uxtXiy6UIsIQcpBj7HRw2M63Skasm9qlDocAM7jNuaxdhpPU7c4kJN+gA5MCu4ww==} - engines: {node: '>=18.17'} - - chokidar@3.6.0: - resolution: {integrity: sha512-7VT13fmjotKpGipCW9JEQAusEPE+Ei8nl6/g4FBAmIm0GOOLMua9NDDo/DWp0ZAxCr3cPq5ZpBqmPAQgDda2Pw==} - engines: {node: '>= 8.10.0'} - - cliui@7.0.4: - resolution: {integrity: sha512-OcRE68cOsVMXp1Yvonl/fzkQOyjLSu/8bhPDfQt0e0/Eb283TKP20Fs2MqoPsr9SwA595rRCA+QMzYc9nBP+JQ==} - - cliui@8.0.1: - resolution: {integrity: sha512-BSeNnyus75C4//NQ9gQt1/csTXyo/8Sb+afLAkzAptFuMsod9HFokGNudZpi/oQV73hnVK+sR+5PVRMd+Dr7YQ==} - engines: {node: '>=12'} - - cluster-key-slot@1.1.2: - resolution: {integrity: sha512-RMr0FhtfXemyinomL4hrWcYJxmX6deFdCxpJzhDttxgO1+bcCnkk+9drydLVDmAMG7NE6aN/fl4F7ucU/90gAA==} - engines: {node: '>=0.10.0'} - - color-convert@1.9.3: - resolution: {integrity: sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==} - - color-convert@2.0.1: - resolution: {integrity: sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==} - engines: {node: '>=7.0.0'} - - color-name@1.1.3: - resolution: {integrity: sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==} - - color-name@1.1.4: - resolution: {integrity: sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==} - - color-string@1.9.1: - resolution: {integrity: sha512-shrVawQFojnZv6xM40anx4CkoDP+fZsw/ZerEMsW/pyzsRbElpsL/DBVW7q3ExxwusdNXI3lXpuhEZkzs8p5Eg==} - - color@3.2.1: - resolution: {integrity: sha512-aBl7dZI9ENN6fUGC7mWpMTPNHmWUSNan9tuWN6ahh5ZLNk9baLJOnSMlrQkHcrfFgz2/RigjUVAjdx36VcemKA==} - - colorette@2.0.20: - resolution: {integrity: sha512-IfEDxwoWIjkeXL1eXcDiow4UbKjhLdq6/EuSVR9GMN7KVH3r9gQ83e73hsz1Nd1T3ijd5xv1wcWRYO+D6kCI2w==} - - colorspace@1.1.4: - resolution: {integrity: sha512-BgvKJiuVu1igBUF2kEjRCZXol6wiiGbY5ipL/oVPwm0BL9sIpMIzM8IK7vwuxIIzOXMV3Ey5w+vxhm0rR/TN8w==} - - commander@4.1.1: - resolution: {integrity: sha512-NOKm8xhkzAjzFx8B2v5OAHT+u5pRQc2UCa2Vq9jYL/31o2wi9mxBA7LIFs3sV5VSC49z6pEhfbMULvShKj26WA==} - engines: {node: '>= 6'} - - concat-map@0.0.1: - resolution: {integrity: sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==} - - consola@3.2.3: - resolution: {integrity: sha512-I5qxpzLv+sJhTVEoLYNcTW+bThDCPsit0vLNKShZx6rLtpilNpmmeTPaeqJb9ZE9dV3DGaeby6Vuhrw38WjeyQ==} - engines: {node: ^14.18.0 || >=16.10.0} - - cookie@0.6.0: - resolution: {integrity: sha512-U71cyTamuh1CRNCfpGY6to28lxvNwPG4Guz/EVjgf3Jmzv0vlDp1atT9eS5dDjMYHucpHbWns6Lwf3BKz6svdw==} - engines: {node: '>= 0.6'} - - cosmiconfig@8.3.6: - resolution: {integrity: sha512-kcZ6+W5QzcJ3P1Mt+83OUv/oHFqZHIx8DuxG6eZ5RGMERoLqp4BuGjhHLYGK+Kf5XVkQvqBSmAy/nGWN3qDgEA==} - engines: {node: '>=14'} - peerDependencies: - typescript: '>=4.9.5' - peerDependenciesMeta: - typescript: - optional: true - - create-require@1.1.1: - resolution: {integrity: sha512-dcKFX3jn0MpIaXjisoRvexIJVEKzaq7z2rZKxf+MSr9TkdmHmsU4m2lcLojrj/FHl8mk5VxMmYA+ftRkP/3oKQ==} - - cron-parser@4.9.0: - resolution: {integrity: sha512-p0SaNjrHOnQeR8/VnfGbmg9te2kfyYSQ7Sc/j/6DtPL3JQvKxmjO9TSjNFpujqV3vEYYBvNNvXSxzyksBWAx1Q==} - engines: {node: '>=12.0.0'} - - cross-spawn@7.0.3: - resolution: {integrity: sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==} - engines: {node: '>= 8'} - - csprng@0.1.2: - resolution: {integrity: sha512-D3WAbvvgUVIqSxUfdvLeGjuotsB32bvfVPd+AaaTWMtyUeC9zgCnw5xs94no89yFLVsafvY9dMZEhTwsY/ZecA==} - engines: {node: '>=0.6.0'} - - css-select@5.1.0: - resolution: {integrity: sha512-nwoRF1rvRRnnCqqY7updORDsuqKzqYJ28+oSMaJMMgOauh3fvwHqMS7EZpIPqK8GL+g9mKxF1vP/ZjSeNjEVHg==} - - css-what@6.1.0: - resolution: {integrity: sha512-HTUrgRJ7r4dsZKU6GjmpfRK1O76h97Z8MfS1G0FozR+oF2kG6Vfe8JE6zwrkbxigziPHinCJ+gCPjA9EaBDtRw==} - engines: {node: '>= 6'} - - data-uri-to-buffer@4.0.1: - resolution: {integrity: sha512-0R9ikRb668HB7QDxT1vkpuUBtqc53YyAwMwGeUFKRojY/NWKvdZ+9UYtRfGmhqNbRkTSVpMbmyhXipFFv2cb/A==} - engines: {node: '>= 12'} - - date-fns@3.6.0: - resolution: {integrity: sha512-fRHTG8g/Gif+kSh50gaGEdToemgfj74aRX3swtiouboip5JDLAyDE9F11nHMIcvOaXeOC6D7SpNhi7uFyB7Uww==} - - dateformat@4.6.3: - resolution: {integrity: sha512-2P0p0pFGzHS5EMnhdxQi7aJN+iMheud0UhG4dlE1DLAlvL8JHjJJTX/CSm4JXwV0Ka5nGk3zC5mcb5bUQUxxMA==} - - debug@4.3.6: - resolution: {integrity: sha512-O/09Bd4Z1fBrU4VzkhFqVgpPzaGbw6Sm9FEkBT1A/YBXQFGuuSxa1dN2nxgxS34JmKXqYx8CZAwEVoJFImUXIg==} - engines: {node: '>=6.0'} - peerDependencies: - supports-color: '*' - peerDependenciesMeta: - supports-color: - optional: true - - decamelize@4.0.0: - resolution: {integrity: sha512-9iE1PgSik9HeIIw2JO94IidnE3eBoQrFJ3w7sFuzSX4DpmZ3v5sZpUiV5Swcf6mQEF+Y0ru8Neo+p+nyh2J+hQ==} - engines: {node: '>=10'} - - deep-eql@5.0.2: - resolution: {integrity: sha512-h5k/5U50IJJFpzfL6nO9jaaumfjO/f2NjK/oYB2Djzm4p9L+3T9qWpZqZ2hAbLPuuYq9wrU08WQyBTL5GbPk5Q==} - engines: {node: '>=6'} - - define-data-property@1.1.4: - resolution: {integrity: sha512-rBMvIzlpA8v6E+SJZoo++HAYqsLrkg7MSfIinMPFhmkorw7X+dOXVJQs+QT69zGkzMyfDnIMN2Wid1+NbL3T+A==} - engines: {node: '>= 0.4'} - - denque@2.1.0: - resolution: {integrity: sha512-HVQE3AAb/pxF8fQAoiqpvg9i3evqug3hoiwakOyZAwJm+6vZehbkYXZ0l4JxS+I3QxM97v5aaRNhj8v5oBhekw==} - engines: {node: '>=0.10'} - - diff@4.0.2: - resolution: {integrity: sha512-58lmxKSA4BNyLz+HHMUzlOEpg09FV+ev6ZMe3vJihgdxzgcwZ8VoEEPmALCZG9LmqfVoNMMKpttIYTVG6uDY7A==} - engines: {node: '>=0.3.1'} - - diff@5.2.0: - resolution: {integrity: sha512-uIFDxqpRZGZ6ThOk84hEfqWoHx2devRFvpTZcTHur85vImfaxUbTW9Ryh4CpCuDnToOP1CEtXKIgytHBPVff5A==} - engines: {node: '>=0.3.1'} - - dir-glob@3.0.1: - resolution: {integrity: sha512-WkrWp9GR4KXfKGYzOLmTuGVi1UWFfws377n9cc55/tb6DuqyF6pcQ5AbiHEshaDpY9v6oaSr2XCDidGmMwdzIA==} - engines: {node: '>=8'} - - discord-api-types@0.37.83: - resolution: {integrity: sha512-urGGYeWtWNYMKnYlZnOnDHm8fVRffQs3U0SpE8RHeiuLKb/u92APS8HoQnPTFbnXmY1vVnXjXO4dOxcAn3J+DA==} - - discord-api-types@0.37.97: - resolution: {integrity: sha512-No1BXPcVkyVD4ZVmbNgDKaBoqgeQ+FJpzZ8wqHkfmBnTZig1FcH3iPPersiK1TUIAzgClh2IvOuVUYfcWLQAOA==} - - discord.js@14.16.1: - resolution: {integrity: sha512-/diX4shp3q1F3EySGQbQl10el+KIpffLSOJdtM35gGV7zw2ED7rKbASKJT7UIR9L/lTd0KtNenZ/h739TN7diA==} - engines: {node: '>=18'} - - diskusage@1.2.0: - resolution: {integrity: sha512-2u3OG3xuf5MFyzc4MctNRUKjjwK+UkovRYdD2ed/NZNZPrt0lqHnLKxGhlFVvAb4/oufIgQG3nWgwmeTbHOvXA==} - - dom-serializer@2.0.0: - resolution: {integrity: sha512-wIkAryiqt/nV5EQKqQpo3SToSOV9J0DnbJqwK7Wv/Trc92zIAYZ4FlMu+JPFW1DfGFt81ZTCGgDEabffXeLyJg==} - - domelementtype@2.3.0: - resolution: {integrity: sha512-OLETBj6w0OsagBwdXnPdN0cnMfF9opN69co+7ZrbfPGrdpPVNBUj02spi6B1N7wChLQiPn4CSH/zJvXw56gmHw==} - - domhandler@5.0.3: - resolution: {integrity: sha512-cgwlv/1iFQiFnU96XXgROh8xTeetsnJiDsTc7TYCLFd9+/WNkIqPTxiM/8pSd8VIrhXGTf1Ny1q1hquVqDJB5w==} - engines: {node: '>= 4'} - - domutils@3.1.0: - resolution: {integrity: sha512-H78uMmQtI2AhgDJjWeQmHwJJ2bLPD3GMmO7Zja/ZZh84wkm+4ut+IUnUdRa8uCGX88DiVx1j6FRe1XfxEgjEZA==} - - dotenv@16.4.5: - resolution: {integrity: sha512-ZmdL2rui+eB2YwhsWzjInR8LldtZHGDoQ1ugH85ppHKwpUHL7j7rN0Ti9NCnGiQbhaZ11FpR+7ao1dNsmduNUg==} - engines: {node: '>=12'} - - eastasianwidth@0.2.0: - resolution: {integrity: sha512-I88TYZWc9XiYHRQ4/3c5rjjfgkjhLyW2luGIheGERbNQ6OY7yTybanSpDXZa8y7VUP9YmDcYa+eyq4ca7iLqWA==} - - emoji-regex@8.0.0: - resolution: {integrity: sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==} - - emoji-regex@9.2.2: - resolution: {integrity: sha512-L18DaJsXSUk2+42pv8mLs5jJT2hqFkFE4j21wOmgbUqsZ2hL72NsUU785g9RXgo3s0ZNgVl42TiHp3ZtOv/Vyg==} - - enabled@2.0.0: - resolution: {integrity: sha512-AKrN98kuwOzMIdAizXGI86UFBoo26CL21UM763y1h/GMSJ4/OHU9k2YlsmBpyScFo/wbLzWQJBMCW4+IO3/+OQ==} - - encoding-sniffer@0.2.0: - resolution: {integrity: sha512-ju7Wq1kg04I3HtiYIOrUrdfdDvkyO9s5XM8QAj/bN61Yo/Vb4vgJxy5vi4Yxk01gWHbrofpPtpxM8bKger9jhg==} - - end-of-stream@1.4.4: - resolution: {integrity: sha512-+uw1inIHVPQoaVuHzRyXd21icM+cnt4CzD5rW+NC1wjOUSTOs+Te7FOv7AhN7vS9x/oIyhLP5PR1H+phQAHu5Q==} - - entities@4.5.0: - resolution: {integrity: sha512-V0hjH4dGPh9Ao5p0MoRY6BVqtwCjhz6vI5LT8AJ55H+4g9/4vbHx1I54fS0XuclLhDHArPQCiMjDxjaL8fPxhw==} - engines: {node: '>=0.12'} - - error-ex@1.3.2: - resolution: {integrity: sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==} - - es-define-property@1.0.0: - resolution: {integrity: sha512-jxayLKShrEqqzJ0eumQbVhTYQM27CfT1T35+gCgDFoL82JLsXqTJ76zv6A0YLOgEnLUMvLzsDsGIrl8NFpT2gQ==} - engines: {node: '>= 0.4'} - - es-errors@1.3.0: - resolution: {integrity: sha512-Zf5H2Kxt2xjTvbJvP2ZWLEICxA6j+hAmMzIlypy4xcBg1vKVnx89Wy0GbS+kf5cwCVFFzdCFh2XSCFNULS6csw==} - engines: {node: '>= 0.4'} - - es6-promise@4.2.8: - resolution: {integrity: sha512-HJDGx5daxeIvxdBxvG2cb9g4tEvwIk3i8+nhX0yGrYmZUzbkdg8QbDevheDB8gd0//uPj4c1EQua8Q+MViT0/w==} - - esbuild@0.23.1: - resolution: {integrity: sha512-VVNz/9Sa0bs5SELtn3f7qhJCDPCF5oMEl5cO9/SSinpE9hbPVvxbd572HH5AKiP7WD8INO53GgfDDhRjkylHEg==} - engines: {node: '>=18'} - hasBin: true - - escalade@3.2.0: - resolution: {integrity: sha512-WUj2qlxaQtO4g6Pq5c29GTcWGDyd8itL8zTlipgECz3JesAiiOKotd8JU6otB3PACgG6xkJUyVhboMS+bje/jA==} - engines: {node: '>=6'} - - escape-string-regexp@1.0.5: - resolution: {integrity: sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==} - engines: {node: '>=0.8.0'} - - escape-string-regexp@4.0.0: - resolution: {integrity: sha512-TtpcNJ3XAzx3Gq8sWRzJaVajRs0uVxA2YAkdb1jm2YkPz4G6egUFAyA3n5vtEIZefPk5Wa4UXbKuS5fKkJWdgA==} - engines: {node: '>=10'} - - event-target-shim@5.0.1: - resolution: {integrity: sha512-i/2XbnSz/uxRCU6+NdVJgKWDTM427+MqYbkQzD321DuCQJUqOuJKIA0IM2+W2xtYHdKOmZ4dR6fExsd4SXL+WQ==} - engines: {node: '>=6'} - - events@1.1.1: - resolution: {integrity: sha512-kEcvvCBByWXGnZy6JUlgAp2gBIUjfCAV6P6TgT1/aaQKcmuAEC4OZTV1I4EWQLz2gxZw76atuVyvHhTxvi0Flw==} - engines: {node: '>=0.4.x'} - - events@3.3.0: - resolution: {integrity: sha512-mQw+2fkQbALzQ7V0MY0IqdnXNOeTtP4r0lN9z7AAawCXgqea7bDii20AYrIBrFd/Hx0M2Ocz6S111CaFkUcb0Q==} - engines: {node: '>=0.8.x'} - - execa@5.1.1: - resolution: {integrity: sha512-8uSpZZocAZRBAPIEINJj3Lo9HyGitllczc27Eh5YYojjMFMn8yHMDMaUHE2Jqfq05D/wucwI4JGURyXt1vchyg==} - engines: {node: '>=10'} - - execa@9.3.1: - resolution: {integrity: sha512-gdhefCCNy/8tpH/2+ajP9IQc14vXchNdd0weyzSJEFURhRMGncQ+zKFxwjAufIewPEJm9BPOaJnvg2UtlH2gPQ==} - engines: {node: ^18.19.0 || >=20.5.0} - - exponential-backoff@3.1.1: - resolution: {integrity: sha512-dX7e/LHVJ6W3DE1MHWi9S1EYzDESENfLrYohG2G++ovZrYOkm4Knwa0mc1cn84xJOR4KEU0WSchhLbd0UklbHw==} - - fast-content-type-parse@1.1.0: - resolution: {integrity: sha512-fBHHqSTFLVnR61C+gltJuE5GkVQMV0S2nqUO8TJ+5Z3qAKG8vAx4FKai1s5jq/inV1+sREynIWSuQ6HgoSXpDQ==} - - fast-copy@3.0.2: - resolution: {integrity: sha512-dl0O9Vhju8IrcLndv2eU4ldt1ftXMqqfgN4H1cpmGV7P6jeB9FwpN9a2c8DPGE1Ys88rNUJVYDHq73CGAGOPfQ==} - - fast-decode-uri-component@1.0.1: - resolution: {integrity: sha512-WKgKWg5eUxvRZGwW8FvfbaH7AXSh2cL+3j5fMGzUMCxWBJ3dV3a7Wz8y2f/uQ0e3B6WmodD3oS54jTQ9HVTIIg==} - - fast-deep-equal@3.1.3: - resolution: {integrity: sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q==} - - fast-glob@3.3.2: - resolution: {integrity: sha512-oX2ruAFQwf/Orj8m737Y5adxDQO0LAB7/S5MnxCdTNDd4p6BsyIVsv9JQsATbTSq8KHRpLwIHbVlUNatxd+1Ow==} - engines: {node: '>=8.6.0'} - - fast-json-stringify@5.16.1: - resolution: {integrity: sha512-KAdnLvy1yu/XrRtP+LJnxbBGrhN+xXu+gt3EUvZhYGKCr3lFHq/7UFJHHFgmJKoqlh6B40bZLEv7w46B0mqn1g==} - - fast-querystring@1.1.2: - resolution: {integrity: sha512-g6KuKWmFXc0fID8WWH0jit4g0AGBoJhCkJMb1RmbsSEUNvQ+ZC8D6CUZ+GtF8nMzSPXnhiePyyqqipzNNEnHjg==} - - fast-redact@3.5.0: - resolution: {integrity: sha512-dwsoQlS7h9hMeYUq1W++23NDcBLV4KqONnITDV9DjfS3q1SgDGVrBdvvTLUotWtPSD7asWDV9/CmsZPy8Hf70A==} - engines: {node: '>=6'} - - fast-safe-stringify@2.1.1: - resolution: {integrity: sha512-W+KJc2dmILlPplD/H4K9l9LcAHAfPtP6BY84uVLXQ6Evcz9Lcg33Y2z1IVblT6xdY54PXYVHEv+0Wpq8Io6zkA==} - - fast-uri@2.4.0: - resolution: {integrity: sha512-ypuAmmMKInk5q7XcepxlnUWDLWv4GFtaJqAzWKqn62IpQ3pejtr5dTVbt3vwqVaMKmkNR55sTT+CqUKIaT21BA==} - - fast-uri@3.0.1: - resolution: {integrity: sha512-MWipKbbYiYI0UC7cl8m/i/IWTqfC8YXsqjzybjddLsFjStroQzsHXkc73JutMvBiXmOvapk+axIl79ig5t55Bw==} - - fast-xml-parser@4.4.1: - resolution: {integrity: sha512-xkjOecfnKGkSsOwtZ5Pz7Us/T6mrbPQrq0nh+aCO5V9nk5NLWmasAHumTKjiPJPWANe+kAZ84Jc8ooJkzZ88Sw==} - hasBin: true - - fastify-plugin@4.5.1: - resolution: {integrity: sha512-stRHYGeuqpEZTL1Ef0Ovr2ltazUT9g844X5z/zEBFLG8RYlpDiOCIG+ATvYEp+/zmc7sN29mcIMp8gvYplYPIQ==} - - fastify@4.28.1: - resolution: {integrity: sha512-kFWUtpNr4i7t5vY2EJPCN2KgMVpuqfU4NjnJNCgiNB900oiDeYqaNDRcAfeBbOF5hGixixxcKnOU4KN9z6QncQ==} - - fastq@1.17.1: - resolution: {integrity: sha512-sRVD3lWVIXWg6By68ZN7vho9a1pQcN/WBFaAAsDDFzlJjvoGx0P8z7V1t72grFJfJhu3YPZBuu25f7Kaw2jN1w==} - - faye-websocket@0.11.4: - resolution: {integrity: sha512-CzbClwlXAuiRQAlUyfqPgvPoNKTckTPGfwZV4ZdAhVcP2lh9KUxJg2b5GkE7XbjKQ3YJnQ9z6D9ntLAlB+tP8g==} - engines: {node: '>=0.8.0'} - - faye@1.4.0: - resolution: {integrity: sha512-kRrIg4be8VNYhycS2PY//hpBJSzZPr/DBbcy9VWelhZMW3KhyLkQR0HL0k0MNpmVoNFF4EdfMFkNAWjTP65g6w==} - engines: {node: '>=0.8.0'} - - fecha@4.2.3: - resolution: {integrity: sha512-OP2IUU6HeYKJi3i0z4A19kHMQoLVs4Hc+DPqqxI2h/DPZHTm/vjsfC6P0b4jCMy14XizLBqvndQ+UilD7707Jw==} - - fetch-blob@3.2.0: - resolution: {integrity: sha512-7yAQpD2UMJzLi1Dqv7qFYnPbaPx7ZfFK6PiIxQ4PfkGPyNyl2Ugx+a/umUonmKqjhM4DnfbMvdX6otXq83soQQ==} - engines: {node: ^12.20 || >= 14.13} - - figures@6.1.0: - resolution: {integrity: sha512-d+l3qxjSesT4V7v2fh+QnmFnUWv9lSpjarhShNTgBOfA0ttejbQUAlHLitbjkoRiDulW0OPoQPYIGhIC8ohejg==} - engines: {node: '>=18'} - - fill-range@7.1.1: - resolution: {integrity: sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==} - engines: {node: '>=8'} - - find-my-way@8.2.0: - resolution: {integrity: sha512-HdWXgFYc6b1BJcOBDBwjqWuHJj1WYiqrxSh25qtU4DabpMFdj/gSunNBQb83t+8Zt67D7CXEzJWTkxaShMTMOA==} - engines: {node: '>=14'} - - find-up@5.0.0: - resolution: {integrity: sha512-78/PXT1wlLLDgTzDs7sjq9hzz0vXD+zn+7wypEe4fXQxCmdmqfGsEPQxmiCSQI3ajFV91bVSsvNtrJRiW6nGng==} - engines: {node: '>=10'} - - flat@5.0.2: - resolution: {integrity: sha512-b6suED+5/3rTpUBdG1gupIl8MPFCAMA0QXwmljLhvCUKcUvdE4gWky9zpuGCcXHOsz4J9wPGNWq6OKpmIzz3hQ==} - hasBin: true - - fluent-ffmpeg@2.1.3: - resolution: {integrity: sha512-Be3narBNt2s6bsaqP6Jzq91heDgOEaDCJAXcE3qcma/EJBSy5FB4cvO31XBInuAuKBx8Kptf8dkhjK0IOru39Q==} - engines: {node: '>=18'} - - fn.name@1.1.0: - resolution: {integrity: sha512-GRnmB5gPyJpAhTQdSZTSp9uaPSvl09KoYcMQtsB9rQoOmzs9dH6ffeccH+Z+cv6P68Hu5bC6JjRh4Ah/mHSNRw==} - - for-each@0.3.3: - resolution: {integrity: sha512-jqYfLp7mo9vIyQf8ykW2v7A+2N4QjeCeI5+Dz9XraiO1ign81wjiH7Fb9vSOWvQfNtmSa4H2RoQTrrXivdUZmw==} - - foreground-child@3.3.0: - resolution: {integrity: sha512-Ld2g8rrAyMYFXBhEqMz8ZAHBi4J4uS1i/CxGMDnjyFWddMXLVcDp051DZfu+t7+ab7Wv6SMqpWmyFIj5UbfFvg==} - engines: {node: '>=14'} - - formdata-polyfill@4.0.10: - resolution: {integrity: sha512-buewHzMvYL29jdeQTVILecSaZKnt/RJWjoZCF5OW60Z67/GmSLBkOFM7qh1PI3zFNtJbaZL5eQu1vLfazOwj4g==} - engines: {node: '>=12.20.0'} - - forwarded@0.2.0: - resolution: {integrity: sha512-buRG0fpBtRHSTCOASe6hD258tEubFoRLb4ZNA6NxMVHNw2gOcwHo9wyablzMzOA5z9xA9L1KNjk/Nt6MT9aYow==} - engines: {node: '>= 0.6'} - - fs.realpath@1.0.0: - resolution: {integrity: sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==} - - fsevents@2.3.3: - resolution: {integrity: sha512-5xoDfX+fL7faATnagmWPpbFtwh/R77WmMMqqHGS65C3vvB0YHrgF+B1YmZ3441tMj5n63k0212XNoJwzlhffQw==} - engines: {node: ^8.16.0 || ^10.6.0 || >=11.0.0} - os: [darwin] - - function-bind@1.1.2: - resolution: {integrity: sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA==} - - get-caller-file@2.0.5: - resolution: {integrity: sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==} - engines: {node: 6.* || 8.* || >= 10.*} - - get-func-name@2.0.2: - resolution: {integrity: sha512-8vXOvuE167CtIc3OyItco7N/dpRtBbYOsPsXCz7X/PMnlGjYjSGuZJgM1Y7mmew7BKf9BqvLX2tnOVy1BBUsxQ==} - - get-intrinsic@1.2.4: - resolution: {integrity: sha512-5uYhsJH8VJBTv7oslg4BznJYhDoRI6waYCxMmCdnTrcCrHA/fCFKoTFz2JKKE0HdDFUF7/oQuhzumXJK7paBRQ==} - engines: {node: '>= 0.4'} - - get-stream@6.0.1: - resolution: {integrity: sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg==} - engines: {node: '>=10'} - - get-stream@9.0.1: - resolution: {integrity: sha512-kVCxPF3vQM/N0B1PmoqVUqgHP+EeVjmZSQn+1oCRPxd2P21P2F19lIgbR3HBosbB1PUhOAoctJnfEn2GbN2eZA==} - engines: {node: '>=18'} - - get-tsconfig@4.8.0: - resolution: {integrity: sha512-Pgba6TExTZ0FJAn1qkJAjIeKoDJ3CsI2ChuLohJnZl/tTU8MVrq3b+2t5UOPfRa4RMsorClBjJALkJUMjG1PAw==} - - glob-parent@5.1.2: - resolution: {integrity: sha512-AOIgSQCepiJYwP3ARnGx+5VnTu2HBYdzbGP45eLw1vr3zB3vZLeyed1sC9hnbcOc9/SrMyM5RPQrkGz4aS9Zow==} - engines: {node: '>= 6'} - - glob@10.4.5: - resolution: {integrity: sha512-7Bv8RF0k6xjo7d4A/PxYLbUCfb6c+Vpd2/mB2yRDlew7Jb5hEXiCD9ibfO7wpk8i4sevK6DFny9h7EYbM3/sHg==} - hasBin: true - - glob@8.1.0: - resolution: {integrity: sha512-r8hpEjiQEYlF2QU0df3dS+nxxSIreXQS1qRhMJM0Q5NDdR386C7jb7Hwwod8Fgiuex+k0GFjgft18yvxm5XoCQ==} - engines: {node: '>=12'} - deprecated: Glob versions prior to v9 are no longer supported - - globby@11.1.0: - resolution: {integrity: sha512-jhIXaOzy1sb8IyocaruWSn1TjmnBVs8Ayhcy83rmxNJ8q2uWKCAj3CnJY+KpGSXCueAPc0i05kVvVKtP1t9S3g==} - engines: {node: '>=10'} - - gopd@1.0.1: - resolution: {integrity: sha512-d65bNlIadxvpb/A2abVdlqKqV563juRnZ1Wtk6s1sIR8uNsXR70xqIzVqxVf1eTqDunwT2MkczEeaezCKTZhwA==} - - graphile-config@0.0.1-beta.9: - resolution: {integrity: sha512-7vNxXZ24OAgXxDKXYi9JtgWPMuNbBL3057Yf32Ux+/rVP4+EePgySCc+NNnn0tORi8qwqVreN8bdWqGIcSwNXg==} - engines: {node: '>=16'} - - graphile-worker@0.16.6: - resolution: {integrity: sha512-e7gGYDmGqzju2l83MpzX8vNG/lOtVJiSzI3eZpAFubSxh/cxs7sRrRGBGjzBP1kNG0H+c95etPpNRNlH65PYhw==} - engines: {node: '>=14.0.0'} - hasBin: true - - has-flag@3.0.0: - resolution: {integrity: sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==} - engines: {node: '>=4'} - - has-flag@4.0.0: - resolution: {integrity: sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==} - engines: {node: '>=8'} - - has-property-descriptors@1.0.2: - resolution: {integrity: sha512-55JNKuIW+vq4Ke1BjOTjM2YctQIvCT7GFzHwmfZPGo5wnrgkid0YQtnAleFSqumZm4az3n2BS+erby5ipJdgrg==} - - has-proto@1.0.3: - resolution: {integrity: sha512-SJ1amZAJUiZS+PhsVLf5tGydlaVB8EdFpaSO4gmiUKUOxk8qzn5AIy4ZeJUmh22znIdk/uMAUT2pl3FxzVUH+Q==} - engines: {node: '>= 0.4'} - - has-symbols@1.0.3: - resolution: {integrity: sha512-l3LCuF6MgDNwTDKkdYGEihYjt5pRPbEg46rtlmnSPlUbgmB8LOIrKJbYYFBSbnPaJexMKtiPO8hmeRjRz2Td+A==} - engines: {node: '>= 0.4'} - - has-tostringtag@1.0.2: - resolution: {integrity: sha512-NqADB8VjPFLM2V0VvHUewwwsw0ZWBaIdgo+ieHtK3hasLz4qeCRjYcqfB6AQrBggRKppKF8L52/VqdVsO47Dlw==} - engines: {node: '>= 0.4'} - - hasown@2.0.2: - resolution: {integrity: sha512-0hJU9SCPvmMzIBdZFqNPXWa6dqh7WdH0cII9y+CyS8rG3nL48Bclra9HmKhVVUHyPWNH5Y7xDwAB7bfgSjkUMQ==} - engines: {node: '>= 0.4'} - - he@1.2.0: - resolution: {integrity: sha512-F/1DnUGPopORZi0ni+CvrCgHQ5FyEAHRLSApuYWMmrbSwoN2Mn/7k+Gl38gJnR7yyDZk6WLXwiGod1JOWNDKGw==} - hasBin: true - - help-me@5.0.0: - resolution: {integrity: sha512-7xgomUX6ADmcYzFik0HzAxh/73YlKR9bmFzf51CZwR+b6YtzU2m0u49hQCqV6SvlqIqsaxovfwdvbnsw3b/zpg==} - - htmlparser2@9.1.0: - resolution: {integrity: sha512-5zfg6mHUoaer/97TxnGpxmbR7zJtPwIYFMZ/H5ucTlPZhKvtum05yiPK3Mgai3a0DyVxv7qYqoweaEd2nrYQzQ==} - - http-parser-js@0.5.8: - resolution: {integrity: sha512-SGeBX54F94Wgu5RH3X5jsDtf4eHyRogWX1XGT3b4HuW3tQPM4AaBzoUji/4AAJNXCEOWZ5O0DgZmJw1947gD5Q==} - - https@1.0.0: - resolution: {integrity: sha512-4EC57ddXrkaF0x83Oj8sM6SLQHAWXw90Skqu2M4AEWENZ3F02dFJE/GARA8igO79tcgYqGrD7ae4f5L3um2lgg==} - - human-signals@2.1.0: - resolution: {integrity: sha512-B4FFZ6q/T2jhhksgkbEW3HBvWIfDW85snkQgawt07S7J5QXTk6BkNV+0yAeZrM5QpMAdYlocGoljn0sJ/WQkFw==} - engines: {node: '>=10.17.0'} - - human-signals@8.0.0: - resolution: {integrity: sha512-/1/GPCpDUCCYwlERiYjxoczfP0zfvZMU/OWgQPMya9AbAE24vseigFdhAMObpc8Q4lc/kjutPfUddDYyAmejnA==} - engines: {node: '>=18.18.0'} - - iconv-lite@0.6.3: - resolution: {integrity: sha512-4fCk79wshMdzMp2rH06qWrJE4iolqLhCUH+OiuIgU++RB0+94NlDL81atO7GX55uUKueo0txHNtvEyI6D7WdMw==} - engines: {node: '>=0.10.0'} - - ieee754@1.1.13: - resolution: {integrity: sha512-4vf7I2LYV/HaWerSo3XmlMkp5eZ83i+/CDluXi/IGTs/O1sejBNhTtnxzmRZfvOUqj7lZjqHkeTvpgSFDlWZTg==} - - ieee754@1.2.1: - resolution: {integrity: sha512-dcyqhDvX1C46lXZcVqCpK+FtMRQVdIMN6/Df5js2zouUsqG7I6sFxitIC+7KYK29KdXOLHdu9zL4sFnoVQnqaA==} - - ignore-by-default@1.0.1: - resolution: {integrity: sha512-Ius2VYcGNk7T90CppJqcIkS5ooHUZyIQK+ClZfMfMNFEF9VSE73Fq+906u/CWu92x4gzZMWOwfFYckPObzdEbA==} - - ignore@5.3.2: - resolution: {integrity: sha512-hsBTNUqQTDwkWtcdYI2i06Y/nUBEsNEDJKjWdigLvegy8kDuJAS8uRlpkkcQpyEXL0Z/pjDy5HBmMjRCJ2gq+g==} - engines: {node: '>= 4'} - - import-fresh@3.3.0: - resolution: {integrity: sha512-veYYhQa+D1QBKznvhUHxb8faxlrwUnxseDAbAp457E0wLNio2bOSKnjYDhMj+YiAq61xrMGhQk9iXVk5FzgQMw==} - engines: {node: '>=6'} - - inflight@1.0.6: - resolution: {integrity: sha512-k92I/b08q4wvFscXCLvqfsHCrjrF7yiXsQuIVvVE7N82W3+aqpzuUdBbfhWcy/FZR3/4IgflMgKLOsvPDrGCJA==} - deprecated: This module is not supported, and leaks memory. Do not use it. Check out lru-cache if you want a good and tested way to coalesce async requests by a key value, which is much more comprehensive and powerful. - - inherits@2.0.4: - resolution: {integrity: sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==} - - interpret@3.1.1: - resolution: {integrity: sha512-6xwYfHbajpoF0xLW+iwLkhwgvLoZDfjYfoFNu8ftMoXINzwuymNLd9u/KmwtdT2GbR+/Cz66otEGEVVUHX9QLQ==} - engines: {node: '>=10.13.0'} - - ioredis@5.4.1: - resolution: {integrity: sha512-2YZsvl7jopIa1gaePkeMtd9rAcSjOOjPtpcLlOeusyO+XH2SK5ZcT+UCrElPP+WVIInh2TzeI4XW9ENaSLVVHA==} - engines: {node: '>=12.22.0'} - - ipaddr.js@1.9.1: - resolution: {integrity: sha512-0KI/607xoxSToH7GjN1FfSbLoU0+btTicjsQSWQlh/hZykN8KpmMf7uYwPW3R+akZ6R/w18ZlXSHBYXiYUPO3g==} - engines: {node: '>= 0.10'} - - is-arguments@1.1.1: - resolution: {integrity: sha512-8Q7EARjzEnKpt/PCD7e1cgUS0a6X8u5tdSiMqXhojOdoV9TsMsiO+9VLC5vAmO8N7/GmXn7yjR8qnA6bVAEzfA==} - engines: {node: '>= 0.4'} - - is-arrayish@0.2.1: - resolution: {integrity: sha512-zz06S8t0ozoDXMG+ube26zeCTNXcKIPJZJi8hBrF4idCLms4CG9QtK7qBl1boi5ODzFpjswb5JPmHCbMpjaYzg==} - - is-arrayish@0.3.2: - resolution: {integrity: sha512-eVRqCvVlZbuw3GrM63ovNSNAeA1K16kaR/LRY/92w0zxQ5/1YzwblUX652i4Xs9RwAGjW9d9y6X88t8OaAJfWQ==} - - is-binary-path@2.1.0: - resolution: {integrity: sha512-ZMERYes6pDydyuGidse7OsHxtbI7WVeUEozgR/g7rd0xUimYNlvZRE/K2MgZTjWy725IfelLeVcEM97mmtRGXw==} - engines: {node: '>=8'} - - is-callable@1.2.7: - resolution: {integrity: sha512-1BC0BVFhS/p0qtw6enp8e+8OD0UrK0oFLztSjNzhcKA3WDuJxxAPXzPuPtKkjEY9UUoEWlX/8fgKeu2S8i9JTA==} - engines: {node: '>= 0.4'} - - is-extglob@2.1.1: - resolution: {integrity: sha512-SbKbANkN603Vi4jEZv49LeVJMn4yGwsbzZworEoyEiutsN3nJYdbO36zfhGJ6QEDpOZIFkDtnq5JRxmvl3jsoQ==} - engines: {node: '>=0.10.0'} - - is-fullwidth-code-point@3.0.0: - resolution: {integrity: sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==} - engines: {node: '>=8'} - - is-generator-function@1.0.10: - resolution: {integrity: sha512-jsEjy9l3yiXEQ+PsXdmBwEPcOxaXWLspKdplFUVI9vq1iZgIekeC0L167qeu86czQaxed3q/Uzuw0swL0irL8A==} - engines: {node: '>= 0.4'} - - is-glob@4.0.3: - resolution: {integrity: sha512-xelSayHH36ZgE7ZWhli7pW34hNbNl8Ojv5KVmkJD4hBdD3th8Tfk9vYasLM+mXWOZhFkgZfxhLSnrwRr4elSSg==} - engines: {node: '>=0.10.0'} - - is-network-error@1.1.0: - resolution: {integrity: sha512-tUdRRAnhT+OtCZR/LxZelH/C7QtjtFrTu5tXCA8pl55eTUElUHT+GPYV8MBMBvea/j+NxQqVt3LbWMRir7Gx9g==} - engines: {node: '>=16'} - - is-number@7.0.0: - resolution: {integrity: sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==} - engines: {node: '>=0.12.0'} - - is-plain-obj@2.1.0: - resolution: {integrity: sha512-YWnfyRwxL/+SsrWYfOpUtz5b3YD+nyfkHvjbcanzk8zgyO4ASD67uVMRt8k5bM4lLMDnXfriRhOpemw+NfT1eA==} - engines: {node: '>=8'} - - is-plain-obj@4.1.0: - resolution: {integrity: sha512-+Pgi+vMuUNkJyExiMBt5IlFoMyKnr5zhJ4Uspz58WOhBF5QoIZkFyNHIbBAtHwzVAgk5RtndVNsDRN61/mmDqg==} - engines: {node: '>=12'} - - is-stream@2.0.1: - resolution: {integrity: sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg==} - engines: {node: '>=8'} - - is-stream@4.0.1: - resolution: {integrity: sha512-Dnz92NInDqYckGEUJv689RbRiTSEHCQ7wOVeALbkOz999YpqT46yMRIGtSNl2iCL1waAZSx40+h59NV/EwzV/A==} - engines: {node: '>=18'} - - is-typed-array@1.1.13: - resolution: {integrity: sha512-uZ25/bUAlUY5fR4OKT4rZQEBrzQWYV9ZJYGGsUmEJ6thodVJ1HX64ePQ6Z0qPWP+m+Uq6e9UugrE38jeYsDSMw==} - engines: {node: '>= 0.4'} - - is-unicode-supported@0.1.0: - resolution: {integrity: sha512-knxG2q4UC3u8stRGyAVJCOdxFmv5DZiRcdlIaAQXAbSfJya+OhopNotLQrstBhququ4ZpuKbDc/8S6mgXgPFPw==} - engines: {node: '>=10'} - - is-unicode-supported@2.0.0: - resolution: {integrity: sha512-FRdAyx5lusK1iHG0TWpVtk9+1i+GjrzRffhDg4ovQ7mcidMQ6mj+MhKPmvh7Xwyv5gIS06ns49CA7Sqg7lC22Q==} - engines: {node: '>=18'} - - isarray@1.0.0: - resolution: {integrity: sha512-VLghIWNM6ELQzo7zwmcg0NmTVyWKYjvIeM83yjp0wRDTmUnrM678fQbcKBo6n2CJEF0szoG//ytg+TKla89ALQ==} - - isexe@2.0.0: - resolution: {integrity: sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==} - - jackspeak@3.4.3: - resolution: {integrity: sha512-OGlZQpz2yfahA/Rd1Y8Cd9SIEsqvXkLVoSw/cgwhnhFMDbsQFeZYoJJ7bIZBS9BcamUW96asq/npPWugM+RQBw==} - - jmespath@0.16.0: - resolution: {integrity: sha512-9FzQjJ7MATs1tSpnco1K6ayiYE3figslrXA72G2HQ/n76RzvYlofyi5QM+iX4YRs/pu3yzxlVQSST23+dMDknw==} - engines: {node: '>= 0.6.0'} - - joycon@3.1.1: - resolution: {integrity: sha512-34wB/Y7MW7bzjKRjUKTa46I2Z7eV62Rkhva+KkopW7Qvv/OSWBqvkSY7vusOPrNuZcUG3tApvdVgNB8POj3SPw==} - engines: {node: '>=10'} - - js-tokens@4.0.0: - resolution: {integrity: sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==} - - js-yaml@4.1.0: - resolution: {integrity: sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA==} - hasBin: true - - json-parse-even-better-errors@2.3.1: - resolution: {integrity: sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==} - - json-schema-ref-resolver@1.0.1: - resolution: {integrity: sha512-EJAj1pgHc1hxF6vo2Z3s69fMjO1INq6eGHXZ8Z6wCQeldCuwxGK9Sxf4/cScGn3FZubCVUehfWtcDM/PLteCQw==} - - json-schema-traverse@1.0.0: - resolution: {integrity: sha512-NM8/P9n3XjXhIZn1lLhkFaACTOURQXjWhV4BA/RnOv8xvgqtqpAX9IO4mRQxSx1Rlo4tqzeqb0sOlruaOy3dug==} - - json5@2.2.3: - resolution: {integrity: sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==} - engines: {node: '>=6'} - hasBin: true - - just-extend@6.2.0: - resolution: {integrity: sha512-cYofQu2Xpom82S6qD778jBDpwvvy39s1l/hrYij2u9AMdQcGRpaBu6kY4mVhuno5kJVi1DAz4aiphA2WI1/OAw==} - - kuler@2.0.0: - resolution: {integrity: sha512-Xq9nH7KlWZmXAtodXDDRE7vs6DU1gTU8zYDHDiWLSip45Egwq3plLHzPn27NgvzL2r1LMPC1vdqh98sQxtqj4A==} - - light-my-request@5.13.0: - resolution: {integrity: sha512-9IjUN9ZyCS9pTG+KqTDEQo68Sui2lHsYBrfMyVUTTZ3XhH8PMZq7xO94Kr+eP9dhi/kcKsx4N41p2IXEBil1pQ==} - - lilconfig@3.1.2: - resolution: {integrity: sha512-eop+wDAvpItUys0FWkHIKeC9ybYrTGbU41U5K7+bttZZeohvnY7M9dZ5kB21GNWiFT2q1OoPTvncPCgSOVO5ow==} - engines: {node: '>=14'} - - lines-and-columns@1.2.4: - resolution: {integrity: sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg==} - - load-tsconfig@0.2.5: - resolution: {integrity: sha512-IXO6OCs9yg8tMKzfPZ1YmheJbZCiEsnBdcB03l0OcfK9prKnJb96siuHCr5Fl37/yo9DnKU+TLpxzTUspw9shg==} - engines: {node: ^12.20.0 || ^14.13.1 || >=16.0.0} - - locate-path@6.0.0: - resolution: {integrity: sha512-iPZK6eYjbxRu3uB4/WZ3EsEIMJFMqAoopl3R+zuq0UjcAm/MO6KCweDgPfP3elTztoKP3KtnVHxTn2NHBSDVUw==} - engines: {node: '>=10'} - - lodash.defaults@4.2.0: - resolution: {integrity: sha512-qjxPLHd3r5DnsdGacqOMU6pb/avJzdh9tFX2ymgoZE27BmjXrNy/y4LoaiTeAb+O3gL8AfpJGtqfX/ae2leYYQ==} - - lodash.get@4.4.2: - resolution: {integrity: sha512-z+Uw/vLuy6gQe8cfaFWD7p0wVv8fJl3mbzXh33RS+0oW2wvUqiRXiQ69gLWSLpgB5/6sU+r6BlQR0MBILadqTQ==} - - lodash.isarguments@3.1.0: - resolution: {integrity: sha512-chi4NHZlZqZD18a0imDHnZPrDeBbTtVN7GXMwuGdRH9qotxAjYs3aVLKc7zNOG9eddR5Ksd8rvFEBc9SsggPpg==} - - lodash.snakecase@4.1.1: - resolution: {integrity: sha512-QZ1d4xoBHYUeuouhEq3lk3Uq7ldgyFXGBhg04+oRLnIz8o9T65Eh+8YdroUwn846zchkA9yDsDl5CVVaV2nqYw==} - - lodash.sortby@4.7.0: - resolution: {integrity: sha512-HDWXG8isMntAyRF5vZ7xKuEvOhT4AhlRt/3czTSjvGUxjYCBVRQY48ViDHyfYz9VIoBkW4TMGQNapx+l3RUwdA==} - - lodash@4.1.0: - resolution: {integrity: sha512-B9sgtKUlz0xe7lkYb80BcOpwwJJw5iOiz4HkBDzF0+i5nJLiwfBnL08m7bBkCOPBfi+0aqvrJDMdZDfAvs8vYg==} - - lodash@4.17.21: - resolution: {integrity: sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==} - - log-symbols@4.1.0: - resolution: {integrity: sha512-8XPvpAA8uyhfteu8pIvQxpJZ7SYYdpUivZpGy6sFsBuKRY/7rQGavedeB8aK+Zkyq6upMFVL/9AW6vOYzfRyLg==} - engines: {node: '>=10'} - - logform@2.6.1: - resolution: {integrity: sha512-CdaO738xRapbKIMVn2m4F6KTj4j7ooJ8POVnebSgKo3KBz5axNXRAL7ZdRjIV6NOr2Uf4vjtRkxrFETOioCqSA==} - engines: {node: '>= 12.0.0'} - - loupe@3.1.1: - resolution: {integrity: sha512-edNu/8D5MKVfGVFRhFf8aAxiTM6Wumfz5XsaatSxlD3w4R1d/WEKUTydCdPGbl9K7QG/Ca3GnDV2sIKIpXRQcw==} - - lru-cache@10.4.3: - resolution: {integrity: sha512-JNAzZcXrCt42VGLuYz0zfAzDfAvJWW6AfYlDBQyDV5DClI2m5sAmK+OIO7s59XfsRsWHp02jAJrRadPRGTt6SQ==} - - luxon@3.5.0: - resolution: {integrity: sha512-rh+Zjr6DNfUYR3bPwJEnuwDdqMbxZW7LOQfUN4B54+Cl+0o5zaU9RJ6bcidfDtC1cWCZXQ+nvX8bf6bAji37QQ==} - engines: {node: '>=12'} - - magic-bytes.js@1.10.0: - resolution: {integrity: sha512-/k20Lg2q8LE5xiaaSkMXk4sfvI+9EGEykFS4b0CHHGWqDYU0bGUFSwchNOMA56D7TCs9GwVTkqe9als1/ns8UQ==} - - make-error@1.3.6: - resolution: {integrity: sha512-s8UhlNe7vPKomQhC1qFelMokr/Sc3AgNbso3n74mVPA5LTZwkB9NlXf4XPamLxJE8h0gh73rM94xvwRT2CVInw==} - - merge-stream@2.0.0: - resolution: {integrity: sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==} - - merge2@1.4.1: - resolution: {integrity: sha512-8q7VEgMJW4J8tcfVPy8g09NcQwZdbwFEqhe/WZkoIzjn/3TGDwtOCYtXGxA3O8tPzpczCCDgv+P2P5y00ZJOOg==} - engines: {node: '>= 8'} - - micromatch@4.0.8: - resolution: {integrity: sha512-PXwfBhYu0hBCPw8Dn0E+WDYb7af3dSLVWKi3HGv84IdF4TyFoC0ysxFd0Goxw7nSv4T/PzEJQxsYsEiFCKo2BA==} - engines: {node: '>=8.6'} - - mimic-fn@2.1.0: - resolution: {integrity: sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==} - engines: {node: '>=6'} - - minimatch@10.0.1: - resolution: {integrity: sha512-ethXTt3SGGR+95gudmqJ1eNhRO7eGEGIgYA9vnPatK4/etz2MEVDno5GMCibdMTuBMyElzIlgxMna3K94XDIDQ==} - engines: {node: 20 || >=22} - - minimatch@3.1.2: - resolution: {integrity: sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==} - - minimatch@5.1.6: - resolution: {integrity: sha512-lKwV/1brpG6mBUFHtb7NUmtABCb2WZZmm2wNiOA5hAb8VdCS4B3dtMWyvcoViccwAW/COERjXLt0zP1zXUN26g==} - engines: {node: '>=10'} - - minimatch@9.0.5: - resolution: {integrity: sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow==} - engines: {node: '>=16 || 14 >=14.17'} - - minimist@1.2.8: - resolution: {integrity: sha512-2yyAR8qBkN3YuheJanUpWC5U3bb5osDywNB8RzDVlDwDHbocAJveqqj1u8+SVD7jkWT4yvsHCpWqqWqAxb0zCA==} - - minipass@7.1.2: - resolution: {integrity: sha512-qOOzS1cBTWYF4BH8fVePDBOO9iptMnGUEZwNc/cMWnTV2nVLZ7VoNWEPHkYczZA0pdoA7dl6e7FL659nX9S2aw==} - engines: {node: '>=16 || 14 >=14.17'} - - mocha@10.7.3: - resolution: {integrity: sha512-uQWxAu44wwiACGqjbPYmjo7Lg8sFrS3dQe7PP2FQI+woptP4vZXSMcfMyFL/e1yFEeEpV4RtyTpZROOKmxis+A==} - engines: {node: '>= 14.0.0'} - hasBin: true - - ms@2.1.2: - resolution: {integrity: sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==} - - ms@2.1.3: - resolution: {integrity: sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==} - - multiformats@13.2.2: - resolution: {integrity: sha512-RWI+nyf0q64vyOxL8LbKtjJMki0sogRL/8axvklNtiTM0iFCVtHwME9w6+0P1/v4dQvsIg8A45oT3ka1t/M/+A==} - - mz@2.7.0: - resolution: {integrity: sha512-z81GNO7nnYMEhrGh9LeymoE4+Yr0Wn5McHIZMK5cfQCl+NDX08sCZgUc9/6MHni9IWuFLm1Z3HTCXu2z9fN62Q==} - - nan@2.20.0: - resolution: {integrity: sha512-bk3gXBZDGILuuo/6sKtr0DQmSThYHLtNCdSdXk9YkxD/jK6X2vmCyyXBBxyqZ4XcnzTyYEAThfX3DCEnLf6igw==} - - nanoid@5.0.7: - resolution: {integrity: sha512-oLxFY2gd2IqnjcYyOXD8XGCftpGtZP2AbHbOkthDkvRywH5ayNtPVy9YlOPcHckXzbLTCHpkb7FB+yuxKV13pQ==} - engines: {node: ^18 || >=20} - hasBin: true - - neotraverse@0.6.18: - resolution: {integrity: sha512-Z4SmBUweYa09+o6pG+eASabEpP6QkQ70yHj351pQoEXIs8uHbaU2DWVmzBANKgflPa47A50PtB2+NgRpQvr7vA==} - engines: {node: '>= 10'} - - nise@5.1.9: - resolution: {integrity: sha512-qOnoujW4SV6e40dYxJOb3uvuoPHtmLzIk4TFo+j0jPJoC+5Z9xja5qH5JZobEPsa8+YYphMrOSwnrshEhG2qww==} - - nise@6.0.0: - resolution: {integrity: sha512-K8ePqo9BFvN31HXwEtTNGzgrPpmvgciDsFz8aztFjt4LqKO/JeFD8tBOeuDiCMXrIl/m1YvfH8auSpxfaD09wg==} - - node-abort-controller@3.1.1: - resolution: {integrity: sha512-AGK2yQKIjRuqnc6VkX2Xj5d+QW8xZ87pa1UK6yA6ouUyuxfHuMP6umE5QK7UmTeOAymo+Zx1Fxiuw9rVx8taHQ==} - - node-domexception@1.0.0: - resolution: {integrity: sha512-/jKZoMpw0F8GRwl4/eLROPA3cfcXtLApP0QzLmUT/HuPCZWyB7IY9ZrMeKw2O/nFIqPQB3PVM9aYm0F312AXDQ==} - engines: {node: '>=10.5.0'} - - node-fetch@3.3.2: - resolution: {integrity: sha512-dRB78srN/l6gqWulah9SrxeYnxeddIG30+GOqK/9OlLVyLg3HPnr6SqOWTWOXKRwC2eGYCkZ59NNuSgvSrpgOA==} - engines: {node: ^12.20.0 || ^14.13.1 || >=16.0.0} - - nodemon@3.1.4: - resolution: {integrity: sha512-wjPBbFhtpJwmIeY2yP7QF+UKzPfltVGtfce1g/bB15/8vCGZj8uxD62b/b9M9/WVgme0NZudpownKN+c0plXlQ==} - engines: {node: '>=10'} - hasBin: true - - normalize-path@3.0.0: - resolution: {integrity: sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==} - engines: {node: '>=0.10.0'} - - npm-run-path@4.0.1: - resolution: {integrity: sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw==} - engines: {node: '>=8'} - - npm-run-path@5.3.0: - resolution: {integrity: sha512-ppwTtiJZq0O/ai0z7yfudtBpWIoxM8yE6nHi1X47eFR2EWORqfbu6CnPlNsjeN683eT0qG6H/Pyf9fCcvjnnnQ==} - engines: {node: ^12.20.0 || ^14.13.1 || >=16.0.0} - - nth-check@2.1.1: - resolution: {integrity: sha512-lqjrjmaOoAnWfMmBPL+XNnynZh2+swxiX3WUE0s4yEHI6m+AwrK2UZOimIRl3X/4QctVqS8AiZjFqyOGrMXb/w==} - - object-assign@4.1.1: - resolution: {integrity: sha512-rJgTQnkUnH1sFw8yT6VSU3zD3sWmu6sZhIseY8VX+GRu3P6F7Fu+JNDoXfklElbLJSnc3FUQHVe4cU5hj+BcUg==} - engines: {node: '>=0.10.0'} - - object-inspect@1.13.2: - resolution: {integrity: sha512-IRZSRuzJiynemAXPYtPe5BoI/RESNYR7TYm50MC5Mqbd3Jmw5y790sErYw3V6SryFJD64b74qQQs9wn5Bg/k3g==} - engines: {node: '>= 0.4'} - - obuf@1.1.2: - resolution: {integrity: sha512-PX1wu0AmAdPqOL1mWhqmlOd8kOIZQwGZw6rh7uby9fTc5lhaOWFLX3I6R1hrF9k3zUY40e6igsLGkDXK92LJNg==} - - on-exit-leak-free@2.1.2: - resolution: {integrity: sha512-0eJJY6hXLGf1udHwfNftBqH+g73EU4B504nZeKpz1sYRKafAghwxEJunB2O7rDZkL4PGfsMVnTXZ2EjibbqcsA==} - engines: {node: '>=14.0.0'} - - once@1.4.0: - resolution: {integrity: sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==} - - one-time@1.0.0: - resolution: {integrity: sha512-5DXOiRKwuSEcQ/l0kGCF6Q3jcADFv5tSmRaJck/OqkVFcOzutB134KRSfF0xDrL39MNnqxbHBbUUcjZIhTgb2g==} - - onetime@5.1.2: - resolution: {integrity: sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==} - engines: {node: '>=6'} - - p-limit@3.1.0: - resolution: {integrity: sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==} - engines: {node: '>=10'} - - p-locate@5.0.0: - resolution: {integrity: sha512-LaNjtRWUBY++zB5nE/NwcaoMylSPk+S+ZHNB1TzdbMJMny6dynpAGt7X/tl/QYq3TIeE6nxHppbo2LGymrG5Pw==} - engines: {node: '>=10'} - - p-retry@6.2.0: - resolution: {integrity: sha512-JA6nkq6hKyWLLasXQXUrO4z8BUZGUt/LjlJxx8Gb2+2ntodU/SS63YZ8b0LUTbQ8ZB9iwOfhEPhg4ykKnn2KsA==} - engines: {node: '>=16.17'} - - package-json-from-dist@1.0.0: - resolution: {integrity: sha512-dATvCeZN/8wQsGywez1mzHtTlP22H8OEfPrVMLNr4/eGa+ijtLn/6M5f0dY8UKNrC2O9UCU6SSoG3qRKnt7STw==} - - parent-module@1.0.1: - resolution: {integrity: sha512-GQ2EWRpQV8/o+Aw8YqtfZZPfNRWZYkbidE9k5rpl/hC3vtHHBfGm2Ifi6qWV+coDGkrUKZAxE3Lot5kcsRlh+g==} - engines: {node: '>=6'} - - parse-json@5.2.0: - resolution: {integrity: sha512-ayCKvm/phCGxOkYRSCM82iDwct8/EonSEgCSxWxD7ve6jHggsFl4fZVQBPRNgQoKiuV/odhFrGzQXZwbifC8Rg==} - engines: {node: '>=8'} - - parse-ms@4.0.0: - resolution: {integrity: sha512-TXfryirbmq34y8QBwgqCVLi+8oA3oWx2eAnSn62ITyEhEYaWRlVZ2DvMM9eZbMs/RfxPu/PK/aBLyGj4IrqMHw==} - engines: {node: '>=18'} - - parse5-htmlparser2-tree-adapter@7.0.0: - resolution: {integrity: sha512-B77tOZrqqfUfnVcOrUvfdLbz4pu4RopLD/4vmu3HUPswwTA8OH0EMW9BlWR2B0RCoiZRAHEUu7IxeP1Pd1UU+g==} - - parse5-parser-stream@7.1.2: - resolution: {integrity: sha512-JyeQc9iwFLn5TbvvqACIF/VXG6abODeB3Fwmv/TGdLk2LfbWkaySGY72at4+Ty7EkPZj854u4CrICqNk2qIbow==} - - parse5@7.1.2: - resolution: {integrity: sha512-Czj1WaSVpaoj0wbhMzLmWD69anp2WH7FXMB9n1Sy8/ZFF9jolSQVMu1Ij5WIyGmcBmhk7EOndpO4mIpihVqAXw==} - - path-exists@4.0.0: - resolution: {integrity: sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==} - engines: {node: '>=8'} - - path-key@3.1.1: - resolution: {integrity: sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==} - engines: {node: '>=8'} - - path-key@4.0.0: - resolution: {integrity: sha512-haREypq7xkM7ErfgIyA0z+Bj4AGKlMSdlQE2jvJo6huWD1EdkKYV+G/T4nq0YEF2vgTT8kqMFKo1uHn950r4SQ==} - engines: {node: '>=12'} - - path-scurry@1.11.1: - resolution: {integrity: sha512-Xa4Nw17FS9ApQFJ9umLiJS4orGjm7ZzwUrwamcGQuHSzDyth9boKDaycYdDcZDuqYATXw4HFXgaqWTctW/v1HA==} - engines: {node: '>=16 || 14 >=14.18'} - - path-to-regexp@6.2.2: - resolution: {integrity: sha512-GQX3SSMokngb36+whdpRXE+3f9V8UzyAorlYvOGx87ufGHehNTn5lCxrKtLyZ4Yl/wEKnNnr98ZzOwwDZV5ogw==} - - path-type@4.0.0: - resolution: {integrity: sha512-gDKb8aZMDeD/tZWs9P6+q0J9Mwkdl6xMV8TjnGP3qJVJ06bdMgkbBlLU8IdfOsIsFz2BW1rNVT3XuNEl8zPAvw==} - engines: {node: '>=8'} - - pathval@2.0.0: - resolution: {integrity: sha512-vE7JKRyES09KiunauX7nd2Q9/L7lhok4smP9RZTDeD4MVs72Dp2qNFVz39Nz5a0FVEW0BJR6C0DYrq6unoziZA==} - engines: {node: '>= 14.16'} - - pg-boss@10.1.1: - resolution: {integrity: sha512-2t7gz5nEUYFabj8czWWFRUSyPDQ5t+K/EF5l9Q5lHn2iwyPPKgIfwK+8LKgRfyHRUePTDQhogsGcwOlNczfZ5Q==} - engines: {node: '>=20'} - - pg-cloudflare@1.1.1: - resolution: {integrity: sha512-xWPagP/4B6BgFO+EKz3JONXv3YDgvkbVrGw2mTo3D6tVDQRh1e7cqVGvyR3BE+eQgAvx1XhW/iEASj4/jCWl3Q==} - - pg-connection-string@2.6.4: - resolution: {integrity: sha512-v+Z7W/0EO707aNMaAEfiGnGL9sxxumwLl2fJvCQtMn9Fxsg+lPpPkdcyBSv/KFgpGdYkMfn+EI1Or2EHjpgLCA==} - - pg-int8@1.0.1: - resolution: {integrity: sha512-WCtabS6t3c8SkpDBUlb1kjOs7l66xsGdKpIPZsg4wR+B3+u9UAum2odSsF9tnvxg80h4ZxLWMy4pRjOsFIqQpw==} - engines: {node: '>=4.0.0'} - - pg-numeric@1.0.2: - resolution: {integrity: sha512-BM/Thnrw5jm2kKLE5uJkXqqExRUY/toLHda65XgFTBTFYZyopbKjBe29Ii3RbkvlsMoFwD+tHeGaCjjv0gHlyw==} - engines: {node: '>=4'} - - pg-pool@3.6.2: - resolution: {integrity: sha512-Htjbg8BlwXqSBQ9V8Vjtc+vzf/6fVUuak/3/XXKA9oxZprwW3IMDQTGHP+KDmVL7rtd+R1QjbnCFPuTHm3G4hg==} - peerDependencies: - pg: '>=8.0' - - pg-protocol@1.6.1: - resolution: {integrity: sha512-jPIlvgoD63hrEuihvIg+tJhoGjUsLPn6poJY9N5CnlPd91c2T18T/9zBtLxZSb1EhYxBRoZJtzScCaWlYLtktg==} - - pg-types@2.2.0: - resolution: {integrity: sha512-qTAAlrEsl8s4OiEQY69wDvcMIdQN6wdz5ojQiOy6YRMuynxenON0O5oCpJI6lshc6scgAY8qvJ2On/p+CXY0GA==} - engines: {node: '>=4'} - - pg-types@4.0.2: - resolution: {integrity: sha512-cRL3JpS3lKMGsKaWndugWQoLOCoP+Cic8oseVcbr0qhPzYD5DWXK+RZ9LY9wxRf7RQia4SCwQlXk0q6FCPrVng==} - engines: {node: '>=10'} - - pg@8.12.0: - resolution: {integrity: sha512-A+LHUSnwnxrnL/tZ+OLfqR1SxLN3c/pgDztZ47Rpbsd4jUytsTtwQo/TLPRzPJMp/1pbhYVhH9cuSZLAajNfjQ==} - engines: {node: '>= 8.0.0'} - peerDependencies: - pg-native: '>=3.0.1' - peerDependenciesMeta: - pg-native: - optional: true - - pgpass@1.0.5: - resolution: {integrity: sha512-FdW9r/jQZhSeohs1Z3sI1yxFQNFvMcnmfuj4WBMUTxOrAyLMaTcE1aAMBiTlbMNaXvBCQuVi0R7hd8udDSP7ug==} - - picocolors@1.1.0: - resolution: {integrity: sha512-TQ92mBOW0l3LeMeyLV6mzy/kWr8lkd/hp3mTg7wYK7zJhuBStmGMBG0BdeDZS/dZx1IukaX6Bk11zcln25o1Aw==} - - picomatch@2.3.1: - resolution: {integrity: sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==} - engines: {node: '>=8.6'} - - pino-abstract-transport@1.2.0: - resolution: {integrity: sha512-Guhh8EZfPCfH+PMXAb6rKOjGQEoy0xlAIn+irODG5kgfYV+BQ0rGYYWTIel3P5mmyXqkYkPmdIkywsn6QKUR1Q==} - - pino-pretty@11.2.2: - resolution: {integrity: sha512-2FnyGir8nAJAqD3srROdrF1J5BIcMT4nwj7hHSc60El6Uxlym00UbCCd8pYIterstVBFlMyF1yFV8XdGIPbj4A==} - hasBin: true - - pino-std-serializers@7.0.0: - resolution: {integrity: sha512-e906FRY0+tV27iq4juKzSYPbUj2do2X2JX4EzSca1631EB2QJQUqGbDuERal7LCtOpxl6x3+nvo9NPZcmjkiFA==} - - pino@9.4.0: - resolution: {integrity: sha512-nbkQb5+9YPhQRz/BeQmrWpEknAaqjpAqRK8NwJpmrX/JHu7JuZC5G1CeAwJDJfGes4h+YihC6in3Q2nGb+Y09w==} - hasBin: true - - pirates@4.0.6: - resolution: {integrity: sha512-saLsH7WeYYPiD25LDuLRRY/i+6HaPYr6G1OUlN39otzkSTxKnubR9RTxS3/Kk50s1g2JTgFwWQDQyplC5/SHZg==} - engines: {node: '>= 6'} - - possible-typed-array-names@1.0.0: - resolution: {integrity: sha512-d7Uw+eZoloe0EHDIYoe+bQ5WXnGMOpmiZFTuMWCwpjzzkL2nTjcKiAk4hh8TjnGye2TwWOk3UXucZ+3rbmBa8Q==} - engines: {node: '>= 0.4'} - - postcss-load-config@6.0.1: - resolution: {integrity: sha512-oPtTM4oerL+UXmx+93ytZVN82RrlY/wPUV8IeDxFrzIjXOLF1pN+EmKPLbubvKHT2HC20xXsCAH2Z+CKV6Oz/g==} - engines: {node: '>= 18'} - peerDependencies: - jiti: '>=1.21.0' - postcss: '>=8.0.9' - tsx: ^4.8.1 - yaml: ^2.4.2 - peerDependenciesMeta: - jiti: - optional: true - postcss: - optional: true - tsx: - optional: true - yaml: - optional: true - - postgres-array@2.0.0: - resolution: {integrity: sha512-VpZrUqU5A69eQyW2c5CA1jtLecCsN2U/bD6VilrFDWq5+5UIEVO7nazS3TEcHf1zuPYO/sqGvUvW62g86RXZuA==} - engines: {node: '>=4'} - - postgres-array@3.0.2: - resolution: {integrity: sha512-6faShkdFugNQCLwucjPcY5ARoW1SlbnrZjmGl0IrrqewpvxvhSLHimCVzqeuULCbG0fQv7Dtk1yDbG3xv7Veog==} - engines: {node: '>=12'} - - postgres-bytea@1.0.0: - resolution: {integrity: sha512-xy3pmLuQqRBZBXDULy7KbaitYqLcmxigw14Q5sj8QBVLqEwXfeybIKVWiqAXTlcvdvb0+xkOtDbfQMOf4lST1w==} - engines: {node: '>=0.10.0'} - - postgres-bytea@3.0.0: - resolution: {integrity: sha512-CNd4jim9RFPkObHSjVHlVrxoVQXz7quwNFpz7RY1okNNme49+sVyiTvTRobiLV548Hx/hb1BG+iE7h9493WzFw==} - engines: {node: '>= 6'} - - postgres-date@1.0.7: - resolution: {integrity: sha512-suDmjLVQg78nMK2UZ454hAG+OAW+HQPZ6n++TNDUX+L0+uUlLywnoxJKDou51Zm+zTCjrCl0Nq6J9C5hP9vK/Q==} - engines: {node: '>=0.10.0'} - - postgres-date@2.1.0: - resolution: {integrity: sha512-K7Juri8gtgXVcDfZttFKVmhglp7epKb1K4pgrkLxehjqkrgPhfG6OO8LHLkfaqkbpjNRnra018XwAr1yQFWGcA==} - engines: {node: '>=12'} - - postgres-interval@1.2.0: - resolution: {integrity: sha512-9ZhXKM/rw350N1ovuWHbGxnGh/SNJ4cnxHiM0rxE4VN41wsg8P8zWn9hv/buK00RP4WvlOyr/RBDiptyxVbkZQ==} - engines: {node: '>=0.10.0'} - - postgres-interval@3.0.0: - resolution: {integrity: sha512-BSNDnbyZCXSxgA+1f5UU2GmwhoI0aU5yMxRGO8CdFEcY2BQF9xm/7MqKnYoM1nJDk8nONNWDk9WeSmePFhQdlw==} - engines: {node: '>=12'} - - postgres-range@1.1.4: - resolution: {integrity: sha512-i/hbxIE9803Alj/6ytL7UHQxRvZkI9O4Sy+J3HGc4F4oo/2eQAjTSNJ0bfxyse3bH0nuVesCk+3IRLaMtG3H6w==} - - postgres@3.4.4: - resolution: {integrity: sha512-IbyN+9KslkqcXa8AO9fxpk97PA4pzewvpi2B3Dwy9u4zpV32QicaEdgmF3eSQUzdRk7ttDHQejNgAEr4XoeH4A==} - engines: {node: '>=12'} - - pretty-bytes@6.1.1: - resolution: {integrity: sha512-mQUvGU6aUFQ+rNvTIAcZuWGRT9a6f6Yrg9bHs4ImKF+HZCEK+plBvnAZYSIQztknZF2qnzNtr6F8s0+IuptdlQ==} - engines: {node: ^14.13.1 || >=16.0.0} - - pretty-ms@9.1.0: - resolution: {integrity: sha512-o1piW0n3tgKIKCwk2vpM/vOV13zjJzvP37Ioze54YlTHE06m4tjEbzg9WsKkvTuyYln2DHjo5pY4qrZGI0otpw==} - engines: {node: '>=18'} - - process-warning@3.0.0: - resolution: {integrity: sha512-mqn0kFRl0EoqhnL0GQ0veqFHyIN1yig9RHh/InzORTUiZHFRAur+aMtRkELNwGs9aNwKS6tg/An4NYBPGwvtzQ==} - - process-warning@4.0.0: - resolution: {integrity: sha512-/MyYDxttz7DfGMMHiysAsFE4qF+pQYAA8ziO/3NcRVrQ5fSk+Mns4QZA/oRPFzvcqNoVJXQNWNAsdwBXLUkQKw==} - - process@0.11.10: - resolution: {integrity: sha512-cdGef/drWFoydD1JsMzuFf8100nZl+GT+yacc2bEced5f9Rjk4z+WtFUTBu9PhOi9j/jfmBPu0mMEY4wIdAF8A==} - engines: {node: '>= 0.6.0'} - - proxy-addr@2.0.7: - resolution: {integrity: sha512-llQsMLSUDUPT44jdrU/O37qlnifitDP+ZwrmmZcoSKyLKvtZxpyV0n2/bD/N4tBAAZ/gJEdZU7KMraoK1+XYAg==} - engines: {node: '>= 0.10'} - - psl@1.9.0: - resolution: {integrity: sha512-E/ZsdU4HLs/68gYzgGTkMicWTLPdAftJLfJFlLUAAKZGkStNU72sZjT66SnMDVOfOWY/YAoiD7Jxa9iHvngcag==} - - pstree.remy@1.1.8: - resolution: {integrity: sha512-77DZwxQmxKnu3aR542U+X8FypNzbfJ+C5XQDk3uWjWxn6151aIMGthWYRXTqT1E5oJvg+ljaa2OJi+VfvCOQ8w==} - - pump@3.0.0: - resolution: {integrity: sha512-LwZy+p3SFs1Pytd/jYct4wpv49HiYCqd9Rlc5ZVdk0V+8Yzv6jR5Blk3TRmPL1ft69TxP0IMZGJ+WPFU2BFhww==} - - punycode@1.3.2: - resolution: {integrity: sha512-RofWgt/7fL5wP1Y7fxE7/EmTLzQVnB0ycyibJ0OOHIlJqTNzglYFxVwETOcIoJqJmpDXJ9xImDv+Fq34F/d4Dw==} - - punycode@2.3.1: - resolution: {integrity: sha512-vYt7UD1U9Wg6138shLtLOvdAu+8DsC/ilFtEVHcH+wydcSpNE20AfSOduf6MkRFahL5FY7X1oU7nKVZFtfq8Fg==} - engines: {node: '>=6'} - - qs@6.13.0: - resolution: {integrity: sha512-+38qI9SOr8tfZ4QmJNplMUxqjbe7LKvvZgWdExBOmd+egZTtjLB67Gu0HRX3u/XOq7UU2Nx6nsjvS16Z9uwfpg==} - engines: {node: '>=0.6'} - - querystring@0.2.0: - resolution: {integrity: sha512-X/xY82scca2tau62i9mDyU9K+I+djTMUsvwf7xnUX5GLvVzgJybOJf4Y6o9Zx3oJK/LSXg5tTZBjwzqVPaPO2g==} - engines: {node: '>=0.4.x'} - deprecated: The querystring API is considered Legacy. new code should use the URLSearchParams API instead. - - querystringify@2.2.0: - resolution: {integrity: sha512-FIqgj2EUvTa7R50u0rGsyTftzjYmv/a3hO345bZNrqabNqjtgiDMgmo4mkUjd+nzU5oF3dClKqFIPUKybUyqoQ==} - - queue-microtask@1.2.3: - resolution: {integrity: sha512-NuaNSa6flKT5JaSYQzJok04JzTL1CA6aGhv5rfLW3PgqA+M2ChpZQnAC8h8i4ZFkBS8X5RqkDBHA7r4hej3K9A==} - - quick-format-unescaped@4.0.4: - resolution: {integrity: sha512-tYC1Q1hgyRuHgloV/YXs2w15unPVh8qfu/qCTfhTYamaw7fyhumKa2yGpdSo87vY32rIclj+4fWYQXUMs9EHvg==} - - randombytes@2.1.0: - resolution: {integrity: sha512-vYl3iOX+4CKUWuxGi9Ukhie6fsqXqS9FE2Zaic4tNFD2N2QQaXOMFbuKK4QmDHC0JO6B1Zp41J0LpT0oR68amQ==} - - readable-stream@3.6.2: - resolution: {integrity: sha512-9u/sniCrY3D5WdsERHzHE4G2YCXqoG5FTHUiCC4SIbr6XcLZBY05ya9EKjYek9O5xOAwjGq+1JdGBAS7Q9ScoA==} - engines: {node: '>= 6'} - - readable-stream@4.5.2: - resolution: {integrity: sha512-yjavECdqeZ3GLXNgRXgeQEdz9fvDDkNKyHnbHRFtOr7/LcfgBcmct7t/ET+HaCTqfh06OzoAxrkN/IfjJBVe+g==} - engines: {node: ^12.22.0 || ^14.17.0 || >=16.0.0} - - readdirp@3.6.0: - resolution: {integrity: sha512-hOS089on8RduqdbhvQ5Z37A0ESjsqz6qnRcffsMU3495FuTdqSm+7bhJ29JvIOsBDEEnan5DPu9t3To9VRlMzA==} - engines: {node: '>=8.10.0'} - - real-require@0.2.0: - resolution: {integrity: sha512-57frrGM/OCTLqLOAh0mhVA9VBMHd+9U7Zb2THMGdBUoZVOtGbJzjxsYGDJ3A9AYYCP4hn6y1TVbaOfzWtm5GFg==} - engines: {node: '>= 12.13.0'} - - redis-errors@1.2.0: - resolution: {integrity: sha512-1qny3OExCf0UvUV/5wpYKf2YwPcOqXzkwKKSmKHiE6ZMQs5heeE/c8eXK+PNllPvmjgAbfnsbpkGZWy8cBpn9w==} - engines: {node: '>=4'} - - redis-parser@3.0.0: - resolution: {integrity: sha512-DJnGAeenTdpMEH6uAJRK/uiyEIH9WVsUmoLwzudwGJUwZPp80PDBWPHXSAGNPwNvIXAbe7MSUB1zQFugFml66A==} - engines: {node: '>=4'} - - require-directory@2.1.1: - resolution: {integrity: sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==} - engines: {node: '>=0.10.0'} - - require-from-string@2.0.2: - resolution: {integrity: sha512-Xf0nWe6RseziFMu+Ap9biiUbmplq6S9/p+7w7YXP/JBHhrUDDUhwa+vANyubuqfZWTveU//DYVGsDG7RKL/vEw==} - engines: {node: '>=0.10.0'} - - requires-port@1.0.0: - resolution: {integrity: sha512-KigOCHcocU3XODJxsu8i/j8T9tzT4adHiecwORRQ0ZZFcp7ahwXuRU1m+yuO90C5ZUyGeGfocHDI14M3L3yDAQ==} - - resolve-from@4.0.0: - resolution: {integrity: sha512-pb/MYmXstAkysRFx8piNI1tGFNQIFA3vkE3Gq4EuA1dF6gHp/+vgZqsCGJapvy8N3Q+4o7FwvquPJcnZ7RYy4g==} - engines: {node: '>=4'} - - resolve-from@5.0.0: - resolution: {integrity: sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==} - engines: {node: '>=8'} - - resolve-pkg-maps@1.0.0: - resolution: {integrity: sha512-seS2Tj26TBVOC2NIc2rOe2y2ZO7efxITtLZcGSOnHHNOQ7CkiUBfw0Iw2ck6xkIhPwLhKNLS8BO+hEpngQlqzw==} - - ret@0.4.3: - resolution: {integrity: sha512-0f4Memo5QP7WQyUEAYUO3esD/XjOc3Zjjg5CPsAq1p8sIu0XPeMbHJemKA0BO7tV0X7+A0FoEpbmHXWxPyD3wQ==} - engines: {node: '>=10'} - - retry@0.13.1: - resolution: {integrity: sha512-XQBQ3I8W1Cge0Seh+6gjj03LbmRFWuoszgK9ooCpwYIrhhoO80pfq4cUkU5DkknwfOfFteRwlZ56PYOGYyFWdg==} - engines: {node: '>= 4'} - - reusify@1.0.4: - resolution: {integrity: sha512-U9nH88a3fc/ekCF1l0/UP1IosiuIjyTh7hBvXVMHYgVcfGvt897Xguj2UOLDeI5BG2m7/uwyaLVT6fbtCwTyzw==} - engines: {iojs: '>=1.0.0', node: '>=0.10.0'} - - rfdc@1.4.1: - resolution: {integrity: sha512-q1b3N5QkRUWUl7iyylaaj3kOpIT0N2i9MqIEQXP73GVsN9cw3fdx8X63cEmWhJGi2PPCF23Ijp7ktmd39rawIA==} - - rollup@4.21.2: - resolution: {integrity: sha512-e3TapAgYf9xjdLvKQCkQTnbTKd4a6jwlpQSJJFokHGaX2IVjoEqkIIhiQfqsi0cdwlOD+tQGuOd5AJkc5RngBw==} - engines: {node: '>=18.0.0', npm: '>=8.0.0'} - hasBin: true - - run-parallel@1.2.0: - resolution: {integrity: sha512-5l4VyZR86LZ/lDxZTR6jqL8AFE2S0IFLMP26AbjsLVADxHdhB/c0GUsH+y39UfCi3dzz8OlQuPmnaJOMoDHQBA==} - - rxjs@7.8.1: - resolution: {integrity: sha512-AA3TVj+0A2iuIoQkWEK/tqFjBq2j+6PO6Y0zJcvzLAFhEFIO3HL0vls9hWLncZbAAbK0mar7oZ4V079I/qPMxg==} - - safe-buffer@5.2.1: - resolution: {integrity: sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ==} - - safe-regex2@3.1.0: - resolution: {integrity: sha512-RAAZAGbap2kBfbVhvmnTFv73NWLMvDGOITFYTZBAaY8eR+Ir4ef7Up/e7amo+y1+AH+3PtLkrt9mvcTsG9LXug==} - - safe-stable-stringify@2.5.0: - resolution: {integrity: sha512-b3rppTKm9T+PsVCBEOUR46GWI7fdOs00VKZ1+9c1EWDaDMvjQc6tUwuFyIprgGgTcWoVHSKrU8H31ZHA2e0RHA==} - engines: {node: '>=10'} - - safer-buffer@2.1.2: - resolution: {integrity: sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==} - - sax@1.2.1: - resolution: {integrity: sha512-8I2a3LovHTOpm7NV5yOyO8IHqgVsfK4+UuySrXU8YXkSRX7k6hCV9b3HrkKCr3nMpgj+0bmocaJJWpvp1oc7ZA==} - - secure-json-parse@2.7.0: - resolution: {integrity: sha512-6aU+Rwsezw7VR8/nyvKTx8QpWH9FrcYiXXlqC4z5d5XQBDRqtbfsRjnwGyqbi3gddNtWHuEk9OANUotL26qKUw==} - - semver@7.6.3: - resolution: {integrity: sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==} - engines: {node: '>=10'} - hasBin: true - - sequin@0.1.1: - resolution: {integrity: sha512-hJWMZRwP75ocoBM+1/YaCsvS0j5MTPeBHJkS2/wruehl9xwtX30HlDF1Gt6UZ8HHHY8SJa2/IL+jo+JJCd59rA==} - engines: {node: '>=0.4.0'} - - serialize-error@8.1.0: - resolution: {integrity: sha512-3NnuWfM6vBYoy5gZFvHiYsVbafvI9vZv/+jlIigFn4oP4zjNPK3LhcY0xSCgeb1a5L8jO71Mit9LlNoi2UfDDQ==} - engines: {node: '>=10'} - - serialize-javascript@6.0.2: - resolution: {integrity: sha512-Saa1xPByTTq2gdeFZYLLo+RFE35NHZkAbqZeWNd3BpzppeVisAqpDjcp8dyf6uIvEqJRd46jemmyA4iFIeVk8g==} - - set-cookie-parser@2.7.0: - resolution: {integrity: sha512-lXLOiqpkUumhRdFF3k1osNXCy9akgx/dyPZ5p8qAg9seJzXr5ZrlqZuWIMuY6ejOsVLE6flJ5/h3lsn57fQ/PQ==} - - set-function-length@1.2.2: - resolution: {integrity: sha512-pgRc4hJ4/sNjWCSS9AmnS40x3bNMDTknHgL5UaMBTMyJnU90EgWh1Rz+MC9eFu4BuN/UwZjKQuY/1v3rM7HMfg==} - engines: {node: '>= 0.4'} - - shebang-command@2.0.0: - resolution: {integrity: sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==} - engines: {node: '>=8'} - - shebang-regex@3.0.0: - resolution: {integrity: sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==} - engines: {node: '>=8'} - - side-channel@1.0.6: - resolution: {integrity: sha512-fDW/EZ6Q9RiO8eFG8Hj+7u/oW+XrPTIChwCOM2+th2A6OblDtYYIpve9m+KvI9Z4C9qSEXlaGR6bTEYHReuglA==} - engines: {node: '>= 0.4'} - - signal-exit@3.0.7: - resolution: {integrity: sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==} - - signal-exit@4.1.0: - resolution: {integrity: sha512-bzyZ1e88w9O1iNJbKnOlvYTrWPDl46O1bG0D3XInv+9tkPrxrN8jUUTiFlDkkmKWgn1M6CfIA13SuGqOa9Korw==} - engines: {node: '>=14'} - - simple-swizzle@0.2.2: - resolution: {integrity: sha512-JA//kQgZtbuY83m+xT+tXJkmJncGMTFT+C+g2h2R9uxkYIrE2yy9sgmcLhCnw57/WSD+Eh3J97FPEDFnbXnDUg==} - - simple-update-notifier@2.0.0: - resolution: {integrity: sha512-a2B9Y0KlNXl9u/vsW6sTIu9vGEpfKu2wRV6l1H3XEas/0gUIzGzBoP/IouTcUQbm9JWZLH3COxyn03TYlFax6w==} - engines: {node: '>=10'} - - sinon-chai@4.0.0: - resolution: {integrity: sha512-cWqO7O2I4XfJDWyWElAQ9D/dtdh5Mo0RHndsfiiYyjWnlPzBJdIvjCVURO4EjyYaC3BjV+ISNXCfTXPXTEIEWA==} - peerDependencies: - chai: ^5.0.0 - sinon: '>=4.0.0' - - sinon-test@3.1.6: - resolution: {integrity: sha512-3jBJGf61sS2EN3M+YuIiIbeutKrubP6SFolceTcJrubG+4s+zq3rey/y0huSEwU2ECKOcyCs7EkzANnwqHWPjA==} - peerDependencies: - sinon: '>= 2.x' - - sinon@16.1.3: - resolution: {integrity: sha512-mjnWWeyxcAf9nC0bXcPmiDut+oE8HYridTNzBbF98AYVLmWwGRp2ISEpyhYflG1ifILT+eNn3BmKUJPxjXUPlA==} - - sinon@18.0.0: - resolution: {integrity: sha512-+dXDXzD1sBO6HlmZDd7mXZCR/y5ECiEiGCBSGuFD/kZ0bDTofPYc6JaeGmPSF+1j1MejGUWkORbYOLDyvqCWpA==} - - slash@3.0.0: - resolution: {integrity: sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==} - engines: {node: '>=8'} - - sliced@0.0.5: - resolution: {integrity: sha512-9bYT917D6H3+q8GlQBJmLVz3bc4OeVGfZ2BB12wvLnluTGfG6/8UdOUbKJDW1EEx9SZMDbjnatkau5/XcUeyOw==} - - sonic-boom@4.1.0: - resolution: {integrity: sha512-NGipjjRicyJJ03rPiZCJYjwlsuP2d1/5QUviozRXC7S3WdVWNK5e3Ojieb9CCyfhq2UC+3+SRd9nG3I2lPRvUw==} - - source-map@0.8.0-beta.0: - resolution: {integrity: sha512-2ymg6oRBpebeZi9UUNsgQ89bhx01TcTkmNTGnNO88imTmbSgy4nfujrgVEFKWpMTEGA11EDkTt7mqObTPdigIA==} - engines: {node: '>= 8'} - - split2@4.2.0: - resolution: {integrity: sha512-UcjcJOWknrNkF6PLX83qcHM6KHgVKNkV62Y8a5uYDVv9ydGQVwAHMKqHdJje1VTWpljG0WYpCDhrCdAOYH4TWg==} - engines: {node: '>= 10.x'} - - sql@0.78.0: - resolution: {integrity: sha512-+If27aF3UQxmnuF5JgTJKd/X6TiELa1f58Zo5TX9ULbPnqs1fBDODwwbtU0WwM5H3lSiwx2En4m2lB1rCoIhvQ==} - - stack-trace@0.0.10: - resolution: {integrity: sha512-KGzahc7puUKkzyMt+IqAep+TVNbKP+k2Lmwhub39m1AsTSkaDutx56aDCo+HLDzf/D26BIHTJWNiTG1KAJiQCg==} - - standard-as-callback@2.1.0: - resolution: {integrity: sha512-qoRRSyROncaz1z0mvYqIE4lCd9p2R90i6GxW3uZv5ucSu8tU7B5HXUP1gG8pVZsYNVaXjk8ClXHPttLyxAL48A==} - - stream-browserify@3.0.0: - resolution: {integrity: sha512-H73RAHsVBapbim0tU2JwwOiXUj+fikfiaoYAKHF3VJfA0pe2BCzkhAHBlLG6REzE+2WNZcxOXjK7lkso+9euLA==} - - string-width@4.2.3: - resolution: {integrity: sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==} - engines: {node: '>=8'} - - string-width@5.1.2: - resolution: {integrity: sha512-HnLOCR3vjcY8beoNLtcjZ5/nxn2afmME6lhrDrebokqMap+XbeW8n9TXpPDOqdGK5qcI3oT0GKTW6wC7EMiVqA==} - engines: {node: '>=12'} - - string_decoder@1.3.0: - resolution: {integrity: sha512-hkRX8U1WjJFd8LsDJ2yQ/wWWxaopEsABU1XfkM8A+j0+85JAGppt16cr1Whg6KIbb4okU6Mql6BOj+uup/wKeA==} - - strip-ansi@6.0.1: - resolution: {integrity: sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==} - engines: {node: '>=8'} - - strip-ansi@7.1.0: - resolution: {integrity: sha512-iq6eVVI64nQQTRYq2KtEg2d2uU7LElhTJwsH4YzIHZshxlgZms/wIc4VoDQTlG/IvVIrBKG06CrZnp0qv7hkcQ==} - engines: {node: '>=12'} - - strip-final-newline@2.0.0: - resolution: {integrity: sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA==} - engines: {node: '>=6'} - - strip-final-newline@4.0.0: - resolution: {integrity: sha512-aulFJcD6YK8V1G7iRB5tigAP4TsHBZZrOV8pjV++zdUwmeV8uzbY7yn6h9MswN62adStNZFuCIx4haBnRuMDaw==} - engines: {node: '>=18'} - - strip-json-comments@3.1.1: - resolution: {integrity: sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==} - engines: {node: '>=8'} - - strnum@1.0.5: - resolution: {integrity: sha512-J8bbNyKKXl5qYcR36TIO8W3mVGVHrmmxsd5PAItGkmyzwJvybiw2IVq5nqd0i4LSNSkB/sx9VHllbfFdr9k1JA==} - - sucrase@3.35.0: - resolution: {integrity: sha512-8EbVDiu9iN/nESwxeSxDKe0dunta1GOlHufmSSXxMD2z2/tMZpDMpvXQGsc+ajGo8y2uYUmixaSRUc/QPoQ0GA==} - engines: {node: '>=16 || 14 >=14.17'} - hasBin: true - - supports-color@5.5.0: - resolution: {integrity: sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==} - engines: {node: '>=4'} - - supports-color@7.2.0: - resolution: {integrity: sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==} - engines: {node: '>=8'} - - supports-color@8.1.1: - resolution: {integrity: sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==} - engines: {node: '>=10'} - - text-hex@1.0.0: - resolution: {integrity: sha512-uuVGNWzgJ4yhRaNSiubPY7OjISw4sw4E5Uv0wbjp+OzcbmVU/rsT8ujgcXJhn9ypzsgr5vlzpPqP+MBBKcGvbg==} - - thenify-all@1.6.0: - resolution: {integrity: sha512-RNxQH/qI8/t3thXJDwcstUO4zeqo64+Uy/+sNVRBx4Xn2OX+OZ9oP+iJnNFqplFra2ZUVeKCSa2oVWi3T4uVmA==} - engines: {node: '>=0.8'} - - thenify@3.3.1: - resolution: {integrity: sha512-RVZSIV5IG10Hk3enotrhvz0T9em6cyHBLkH/YAZuKqd8hRkKhSfCGIcP2KUY0EPxndzANBmNllzWPwak+bheSw==} - - thread-stream@3.1.0: - resolution: {integrity: sha512-OqyPZ9u96VohAyMfJykzmivOrY2wfMSf3C5TtFJVgN+Hm6aj+voFhlK+kZEIv2FBh1X6Xp3DlnCOfEQ3B2J86A==} - - to-regex-range@5.0.1: - resolution: {integrity: sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==} - engines: {node: '>=8.0'} - - toad-cache@3.7.0: - resolution: {integrity: sha512-/m8M+2BJUpoJdgAHoG+baCwBT+tf2VraSfkBgl0Y00qIWt41DJ8R5B8nsEw0I58YwF5IZH6z24/2TobDKnqSWw==} - engines: {node: '>=12'} - - touch@3.1.1: - resolution: {integrity: sha512-r0eojU4bI8MnHr8c5bNo7lJDdI2qXlWWJk6a9EAFG7vbhTjElYhBVS3/miuE0uOuoLdb8Mc/rVfsmm6eo5o9GA==} - hasBin: true - - tough-cookie@4.1.4: - resolution: {integrity: sha512-Loo5UUvLD9ScZ6jh8beX1T6sO1w2/MpCRpEP7V280GKMVUQ0Jzar2U3UJPsrdbziLEMMhu3Ujnq//rhiFuIeag==} - engines: {node: '>=6'} - - tr46@1.0.1: - resolution: {integrity: sha512-dTpowEjclQ7Kgx5SdBkqRzVhERQXov8/l9Ft9dVM9fmg0W0KQSVaXX9T4i6twCPNtYiZM53lpSSUAwJbFPOHxA==} - - tree-kill@1.2.2: - resolution: {integrity: sha512-L0Orpi8qGpRG//Nd+H90vFB+3iHnue1zSSGmNOOCh1GLJ7rUKVwV2HvijphGQS2UmhUZewS9VgvxYIdgr+fG1A==} - hasBin: true - - triple-beam@1.4.1: - resolution: {integrity: sha512-aZbgViZrg1QNcG+LULa7nhZpJTZSLm/mXnHXnbAbjmN5aSa0y7V+wvv6+4WaBtpISJzThKy+PIPxc1Nq1EJ9mg==} - engines: {node: '>= 14.0.0'} - - ts-interface-checker@0.1.13: - resolution: {integrity: sha512-Y/arvbn+rrz3JCKl9C4kVNfTfSm2/mEp5FSz5EsZSANGPSlQrpRI5M4PKF+mJnE52jOO90PnPSc3Ur3bTQw0gA==} - - ts-mixer@6.0.4: - resolution: {integrity: sha512-ufKpbmrugz5Aou4wcr5Wc1UUFWOLhq+Fm6qa6P0w0K5Qw2yhaUoiWszhCVuNQyNwrlGiscHOmqYoAox1PtvgjA==} - - ts-node@10.9.2: - resolution: {integrity: sha512-f0FFpIdcHgn8zcPSbf1dRevwt047YMnaiJM3u2w2RewrB+fob/zePZcrOyQoLMMO7aBIddLcQIEK5dYjkLnGrQ==} - hasBin: true - peerDependencies: - '@swc/core': '>=1.2.50' - '@swc/wasm': '>=1.2.50' - '@types/node': '*' - typescript: '>=2.7' - peerDependenciesMeta: - '@swc/core': - optional: true - '@swc/wasm': - optional: true - - tslib@2.7.0: - resolution: {integrity: sha512-gLXCKdN1/j47AiHiOkJN69hJmcbGTHI0ImLmbYLHykhgeN0jVGola9yVjFgzCUklsZQMW55o+dW7IXv3RCXDzA==} - - tsup@8.2.4: - resolution: {integrity: sha512-akpCPePnBnC/CXgRrcy72ZSntgIEUa1jN0oJbbvpALWKNOz1B7aM+UVDWGRGIO/T/PZugAESWDJUAb5FD48o8Q==} - engines: {node: '>=18'} - hasBin: true - peerDependencies: - '@microsoft/api-extractor': ^7.36.0 - '@swc/core': ^1 - postcss: ^8.4.12 - typescript: '>=4.5.0' - peerDependenciesMeta: - '@microsoft/api-extractor': - optional: true - '@swc/core': - optional: true - postcss: - optional: true - typescript: - optional: true - - tsx@4.19.0: - resolution: {integrity: sha512-bV30kM7bsLZKZIOCHeMNVMJ32/LuJzLVajkQI/qf92J2Qr08ueLQvW00PUZGiuLPP760UINwupgUj8qrSCPUKg==} - engines: {node: '>=18.0.0'} - hasBin: true - - tunnel-agent@0.6.0: - resolution: {integrity: sha512-McnNiV1l8RYeY8tBgEpuodCC1mLUdbSN+CYBL7kJsJNInOP8UjDDEwdk6Mw60vdLLrr5NHKZhMAOSrR2NZuQ+w==} - - type-detect@4.0.8: - resolution: {integrity: sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==} - engines: {node: '>=4'} - - type-detect@4.1.0: - resolution: {integrity: sha512-Acylog8/luQ8L7il+geoSxhEkazvkslg7PSNKOX59mbB9cOveP5aq9h74Y7YU8yDpJwetzQQrfIwtf4Wp4LKcw==} - engines: {node: '>=4'} - - type-fest@0.20.2: - resolution: {integrity: sha512-Ne+eE4r0/iWnpAxD852z3A+N0Bt5RN//NjJwRd2VFHEmrywxf5vsZlh4R6lixl6B+wz/8d+maTSAkN1FIkI3LQ==} - engines: {node: '>=10'} - - typescript@5.5.4: - resolution: {integrity: sha512-Mtq29sKDAEYP7aljRgtPOpTvOfbwRWlS6dPRzwjdE+C0R4brX/GUyhHSecbHMFLNBLcJIPt9nl9yG5TZ1weH+Q==} - engines: {node: '>=14.17'} - hasBin: true - - undefsafe@2.0.5: - resolution: {integrity: sha512-WxONCrssBM8TSPRqN5EmsjVrsv4A8X12J4ArBiiayv3DyyG3ZlIg6yysuuSYdZsVz3TKcTg2fd//Ujd4CHV1iA==} - - undici-types@6.19.8: - resolution: {integrity: sha512-ve2KP6f/JnbPBFyobGHuerC9g1FYGn/F8n1LWTwNxCEzd6IfqTwUQcNXgEtmmQ6DlRrC1hrSrBnCZPokRrDHjw==} - - undici@6.19.8: - resolution: {integrity: sha512-U8uCCl2x9TK3WANvmBavymRzxbfFYG+tAu+fgx3zxQy3qdagQqBLwJVrdyO1TBfUXvfKveMKJZhpvUYoOjM+4g==} - engines: {node: '>=18.17'} - - universalify@0.2.0: - resolution: {integrity: sha512-CJ1QgKmNg3CwvAv/kOFmtnEN05f0D/cn9QntgNOQlQF9dgvVTHj3t+8JPdjqawCHk7V/KA+fbUqzZ9XWhcqPUg==} - engines: {node: '>= 4.0.0'} - - url-parse@1.5.10: - resolution: {integrity: sha512-WypcfiRhfeUP9vvF0j6rw0J3hrWrw6iZv3+22h6iRMJ/8z1Tj6XfLP4DsUix5MhMPnXpiHDoKyoZ/bdCkwBCiQ==} - - url@0.10.3: - resolution: {integrity: sha512-hzSUW2q06EqL1gKM/a+obYHLIO6ct2hwPuviqTTOcfFVc61UbfJ2Q32+uGL/HCPxKqrdGB5QUwIe7UqlDgwsOQ==} - - util-deprecate@1.0.2: - resolution: {integrity: sha512-EPD5q1uXyFxJpCrLnCc1nHnq3gOa6DZBocAIiI2TaSCA7VCJ1UJDMagCzIkXNsUYfD1daK//LTEQ8xiIbrHtcw==} - - util@0.12.5: - resolution: {integrity: sha512-kZf/K6hEIrWHI6XqOFUiiMa+79wE/D8Q+NCNAWclkyg3b4d2k7s0QGepNjiABc+aR3N1PAyHL7p6UcLY6LmrnA==} - - uuid@8.0.0: - resolution: {integrity: sha512-jOXGuXZAWdsTH7eZLtyXMqUb9EcWMGZNbL9YcGBJl4MH4nrxHmZJhEHvyLFrkxo+28uLb/NYRcStH48fnD0Vzw==} - hasBin: true - - uuid@9.0.1: - resolution: {integrity: sha512-b+1eJOlsR9K8HJpow9Ok3fiWOWSIcIzXodvv0rQjVoOVNpWMpxf1wZNpt4y9h10odCNrqnYp1OBzRktckBe3sA==} - hasBin: true - - v8-compile-cache-lib@3.0.1: - resolution: {integrity: sha512-wa7YjyUGfNZngI/vtK0UHAN+lgDCxBPCylVXGp0zu59Fz5aiGtNXaq3DhIov063MorB+VfufLh3JlF2KdTK3xg==} - - web-streams-polyfill@3.3.3: - resolution: {integrity: sha512-d2JWLCivmZYTSIoge9MsgFCZrt571BikcWGYkjC1khllbTeDlGqZ2D8vD8E/lJa8WGWbb7Plm8/XJYV7IJHZZw==} - engines: {node: '>= 8'} - - webidl-conversions@4.0.2: - resolution: {integrity: sha512-YQ+BmxuTgd6UXZW3+ICGfyqRyHXVlD5GtQr5+qjiNW7bF0cqrzX500HVXPBOvgXb5YnzDd+h0zqyv61KUD7+Sg==} - - websocket-driver@0.7.4: - resolution: {integrity: sha512-b17KeDIQVjvb0ssuSDF2cYXSg2iztliJ4B9WdsuB6J952qCPKmnVq4DyW5motImXHDC1cBT/1UezrJVsKw5zjg==} - engines: {node: '>=0.8.0'} - - websocket-extensions@0.1.4: - resolution: {integrity: sha512-OqedPIGOfsDlo31UNwYbCFMSaO9m9G/0faIHj5/dZFDMFqPTcx6UwqyOy3COEaEOg/9VsGIpdqn62W5KhoKSpg==} - engines: {node: '>=0.8.0'} - - whatwg-encoding@3.1.1: - resolution: {integrity: sha512-6qN4hJdMwfYBtE3YBTTHhoeuUrDBPZmbQaxWAqSALV/MeEnR5z1xd8UKud2RAkFoPkmB+hli1TZSnyi84xz1vQ==} - engines: {node: '>=18'} - - whatwg-mimetype@4.0.0: - resolution: {integrity: sha512-QaKxh0eNIi2mE9p2vEdzfagOKHCcj1pJ56EEHGQOVxp8r9/iszLUUV7v89x9O1p/T+NlTM5W7jW6+cz4Fq1YVg==} - engines: {node: '>=18'} - - whatwg-url@7.1.0: - resolution: {integrity: sha512-WUu7Rg1DroM7oQvGWfOiAK21n74Gg+T4elXEQYkOhtyLeWiJFoOGLXPKI/9gzIie9CtwVLm8wtw6YJdKyxSjeg==} - - which-typed-array@1.1.15: - resolution: {integrity: sha512-oV0jmFtUky6CXfkqehVvBP/LSWJ2sy4vWMioiENyJLePrBO/yKyV9OyJySfAKosh+RYkIl5zJCNZ8/4JncrpdA==} - engines: {node: '>= 0.4'} - - which@1.3.1: - resolution: {integrity: sha512-HxJdYWq1MTIQbJ3nw0cqssHoTNU267KlrDuGZ1WYlxDStUtKUhOaJmh112/TZmHxxUfuJqPXSOm7tDyas0OSIQ==} - hasBin: true - - which@2.0.2: - resolution: {integrity: sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==} - engines: {node: '>= 8'} - hasBin: true - - winston-transport@4.7.1: - resolution: {integrity: sha512-wQCXXVgfv/wUPOfb2x0ruxzwkcZfxcktz6JIMUaPLmcNhO4bZTwA/WtDWK74xV3F2dKu8YadrFv0qhwYjVEwhA==} - engines: {node: '>= 12.0.0'} - - winston@3.14.2: - resolution: {integrity: sha512-CO8cdpBB2yqzEf8v895L+GNKYJiEq8eKlHU38af3snQBQ+sdAIUepjMSguOIJC7ICbzm0ZI+Af2If4vIJrtmOg==} - engines: {node: '>= 12.0.0'} - - workerpool@6.5.1: - resolution: {integrity: sha512-Fs4dNYcsdpYSAfVxhnl1L5zTksjvOJxtC5hzMNl+1t9B8hTJTdKDyZ5ju7ztgPy+ft9tBFXoOlDNiOT9WUXZlA==} - - wrap-ansi@7.0.0: - resolution: {integrity: sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==} - engines: {node: '>=10'} - - wrap-ansi@8.1.0: - resolution: {integrity: sha512-si7QWI6zUMq56bESFvagtmzMdGOtoxfR+Sez11Mobfc7tm+VkUckk9bW2UeffTGVUbOksxmSw0AA2gs8g71NCQ==} - engines: {node: '>=12'} - - wrappy@1.0.2: - resolution: {integrity: sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==} - - ws@8.18.0: - resolution: {integrity: sha512-8VbfWfHLbbwu3+N6OKsOMpBdT4kXPDDB9cJk2bJ6mh9ucxdlnNvH1e+roYkKmN9Nxw2yjz7VzeO9oOz2zJ04Pw==} - engines: {node: '>=10.0.0'} - peerDependencies: - bufferutil: ^4.0.1 - utf-8-validate: '>=5.0.2' - peerDependenciesMeta: - bufferutil: - optional: true - utf-8-validate: - optional: true - - xml2js@0.6.2: - resolution: {integrity: sha512-T4rieHaC1EXcES0Kxxj4JWgaUQHDk+qwHcYOCFHfiwKz7tOVPLq7Hjq9dM1WCMhylqMEfP7hMcOIChvotiZegA==} - engines: {node: '>=4.0.0'} - - xmlbuilder@11.0.1: - resolution: {integrity: sha512-fDlsI/kFEx7gLvbecc0/ohLG50fugQp8ryHzMTuW9vSa1GJ0XYWKnhsUx7oie3G98+r56aTQIUB4kht42R3JvA==} - engines: {node: '>=4.0'} - - xtend@4.0.2: - resolution: {integrity: sha512-LKYU1iAXJXUgAXn9URjiu+MWhyUXHsvfp7mcuYm9dSUKK0/CjtrUwFAxD82/mCWbtLsGjFIad0wIsod4zrTAEQ==} - engines: {node: '>=0.4'} - - y18n@5.0.8: - resolution: {integrity: sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==} - engines: {node: '>=10'} - - yargs-parser@20.2.9: - resolution: {integrity: sha512-y11nGElTIV+CT3Zv9t7VKl+Q3hTQoT9a1Qzezhhl6Rp21gJ/IVTW7Z3y9EWXhuUBC2Shnf+DX0antecpAwSP8w==} - engines: {node: '>=10'} - - yargs-parser@21.1.1: - resolution: {integrity: sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw==} - engines: {node: '>=12'} - - yargs-unparser@2.0.0: - resolution: {integrity: sha512-7pRTIA9Qc1caZ0bZ6RYRGbHJthJWuakf+WmHK0rVeLkNrrGhfoabBNdue6kdINI6r4if7ocq9aD/n7xwKOdzOA==} - engines: {node: '>=10'} - - yargs@16.2.0: - resolution: {integrity: sha512-D1mvvtDG0L5ft/jGWkLpG1+m0eQxOfaBvTNELraWj22wSVUMWxZUvYgJYcKh6jGGIkJFhH4IZPQhR4TKpc8mBw==} - engines: {node: '>=10'} - - yargs@17.7.2: - resolution: {integrity: sha512-7dSzzRQ++CKnNI/krKnYRV7JKKPUXMEh61soaHKg9mrWEhzFWhFnxPxGl+69cD1Ou63C13NUPCnmIcrvqCuM6w==} - engines: {node: '>=12'} - - yn@3.1.1: - resolution: {integrity: sha512-Ux4ygGWsu2c7isFWe8Yu1YluJmqVhxqK2cLXNQA5AcC3QfbGNpM7fu0Y8b/z16pXLnFxZYvWhd3fhBY9DLmC6Q==} - engines: {node: '>=6'} - - yocto-queue@0.1.0: - resolution: {integrity: sha512-rVksvsnNCdJ/ohGc6xgPwyN8eheCxsiLM8mxuE/t/mOVqJewPuO1miLpTHQiRgTKCLexL4MeAFVagts7HmNZ2Q==} - engines: {node: '>=10'} - - yoctocolors@2.1.1: - resolution: {integrity: sha512-GQHQqAopRhwU8Kt1DDM8NjibDXHC8eoh1erhGAJPEyveY9qqVeXvVikNKrDz69sHowPMorbPUrH/mx8c50eiBQ==} - engines: {node: '>=18'} - - youtube-dl-wrap@https://codeload.github.com/insanity54/youtube-dl-wrap/tar.gz/b47e9388063b4ef516624112ef59b7d11f7775d9: - resolution: {tarball: https://codeload.github.com/insanity54/youtube-dl-wrap/tar.gz/b47e9388063b4ef516624112ef59b7d11f7775d9} - version: 2.1.1 - -snapshots: - - '@aws-crypto/crc32@5.2.0': - dependencies: - '@aws-crypto/util': 5.2.0 - '@aws-sdk/types': 3.609.0 - tslib: 2.7.0 - - '@aws-crypto/crc32c@5.2.0': - dependencies: - '@aws-crypto/util': 5.2.0 - '@aws-sdk/types': 3.609.0 - tslib: 2.7.0 - - '@aws-crypto/sha1-browser@5.2.0': - dependencies: - '@aws-crypto/supports-web-crypto': 5.2.0 - '@aws-crypto/util': 5.2.0 - '@aws-sdk/types': 3.609.0 - '@aws-sdk/util-locate-window': 3.568.0 - '@smithy/util-utf8': 2.3.0 - tslib: 2.7.0 - - '@aws-crypto/sha256-browser@5.2.0': - dependencies: - '@aws-crypto/sha256-js': 5.2.0 - '@aws-crypto/supports-web-crypto': 5.2.0 - '@aws-crypto/util': 5.2.0 - '@aws-sdk/types': 3.609.0 - '@aws-sdk/util-locate-window': 3.568.0 - '@smithy/util-utf8': 2.3.0 - tslib: 2.7.0 - - '@aws-crypto/sha256-js@5.2.0': - dependencies: - '@aws-crypto/util': 5.2.0 - '@aws-sdk/types': 3.609.0 - tslib: 2.7.0 - - '@aws-crypto/supports-web-crypto@5.2.0': - dependencies: - tslib: 2.7.0 - - '@aws-crypto/util@5.2.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/util-utf8': 2.3.0 - tslib: 2.7.0 - - '@aws-sdk/client-s3@3.637.0': - dependencies: - '@aws-crypto/sha1-browser': 5.2.0 - '@aws-crypto/sha256-browser': 5.2.0 - '@aws-crypto/sha256-js': 5.2.0 - '@aws-sdk/client-sso-oidc': 3.637.0(@aws-sdk/client-sts@3.637.0) - '@aws-sdk/client-sts': 3.637.0 - '@aws-sdk/core': 3.635.0 - '@aws-sdk/credential-provider-node': 3.637.0(@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0))(@aws-sdk/client-sts@3.637.0) - '@aws-sdk/middleware-bucket-endpoint': 3.620.0 - '@aws-sdk/middleware-expect-continue': 3.620.0 - '@aws-sdk/middleware-flexible-checksums': 3.620.0 - '@aws-sdk/middleware-host-header': 3.620.0 - '@aws-sdk/middleware-location-constraint': 3.609.0 - '@aws-sdk/middleware-logger': 3.609.0 - '@aws-sdk/middleware-recursion-detection': 3.620.0 - '@aws-sdk/middleware-sdk-s3': 3.635.0 - '@aws-sdk/middleware-ssec': 3.609.0 - '@aws-sdk/middleware-user-agent': 3.637.0 - '@aws-sdk/region-config-resolver': 3.614.0 - '@aws-sdk/signature-v4-multi-region': 3.635.0 - '@aws-sdk/types': 3.609.0 - '@aws-sdk/util-endpoints': 3.637.0 - '@aws-sdk/util-user-agent-browser': 3.609.0 - '@aws-sdk/util-user-agent-node': 3.614.0 - '@aws-sdk/xml-builder': 3.609.0 - '@smithy/config-resolver': 3.0.5 - '@smithy/core': 2.4.0 - '@smithy/eventstream-serde-browser': 3.0.6 - '@smithy/eventstream-serde-config-resolver': 3.0.3 - '@smithy/eventstream-serde-node': 3.0.5 - '@smithy/fetch-http-handler': 3.2.4 - '@smithy/hash-blob-browser': 3.1.2 - '@smithy/hash-node': 3.0.3 - '@smithy/hash-stream-node': 3.1.2 - '@smithy/invalid-dependency': 3.0.3 - '@smithy/md5-js': 3.0.3 - '@smithy/middleware-content-length': 3.0.5 - '@smithy/middleware-endpoint': 3.1.0 - '@smithy/middleware-retry': 3.0.15 - '@smithy/middleware-serde': 3.0.3 - '@smithy/middleware-stack': 3.0.3 - '@smithy/node-config-provider': 3.1.4 - '@smithy/node-http-handler': 3.1.4 - '@smithy/protocol-http': 4.1.0 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - '@smithy/url-parser': 3.0.3 - '@smithy/util-base64': 3.0.0 - '@smithy/util-body-length-browser': 3.0.0 - '@smithy/util-body-length-node': 3.0.0 - '@smithy/util-defaults-mode-browser': 3.0.15 - '@smithy/util-defaults-mode-node': 3.0.15 - '@smithy/util-endpoints': 2.0.5 - '@smithy/util-middleware': 3.0.3 - '@smithy/util-retry': 3.0.3 - '@smithy/util-stream': 3.1.3 - '@smithy/util-utf8': 3.0.0 - '@smithy/util-waiter': 3.1.2 - tslib: 2.7.0 - transitivePeerDependencies: - - aws-crt - - '@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0)': - dependencies: - '@aws-crypto/sha256-browser': 5.2.0 - '@aws-crypto/sha256-js': 5.2.0 - '@aws-sdk/client-sts': 3.637.0 - '@aws-sdk/core': 3.635.0 - '@aws-sdk/credential-provider-node': 3.637.0(@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0))(@aws-sdk/client-sts@3.637.0) - '@aws-sdk/middleware-host-header': 3.620.0 - '@aws-sdk/middleware-logger': 3.609.0 - '@aws-sdk/middleware-recursion-detection': 3.620.0 - '@aws-sdk/middleware-user-agent': 3.637.0 - '@aws-sdk/region-config-resolver': 3.614.0 - '@aws-sdk/types': 3.609.0 - '@aws-sdk/util-endpoints': 3.637.0 - '@aws-sdk/util-user-agent-browser': 3.609.0 - '@aws-sdk/util-user-agent-node': 3.614.0 - '@smithy/config-resolver': 3.0.5 - '@smithy/core': 2.4.0 - '@smithy/fetch-http-handler': 3.2.4 - '@smithy/hash-node': 3.0.3 - '@smithy/invalid-dependency': 3.0.3 - '@smithy/middleware-content-length': 3.0.5 - '@smithy/middleware-endpoint': 3.1.0 - '@smithy/middleware-retry': 3.0.15 - '@smithy/middleware-serde': 3.0.3 - '@smithy/middleware-stack': 3.0.3 - '@smithy/node-config-provider': 3.1.4 - '@smithy/node-http-handler': 3.1.4 - '@smithy/protocol-http': 4.1.0 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - '@smithy/url-parser': 3.0.3 - '@smithy/util-base64': 3.0.0 - '@smithy/util-body-length-browser': 3.0.0 - '@smithy/util-body-length-node': 3.0.0 - '@smithy/util-defaults-mode-browser': 3.0.15 - '@smithy/util-defaults-mode-node': 3.0.15 - '@smithy/util-endpoints': 2.0.5 - '@smithy/util-middleware': 3.0.3 - '@smithy/util-retry': 3.0.3 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - transitivePeerDependencies: - - aws-crt - - '@aws-sdk/client-sso@3.637.0': - dependencies: - '@aws-crypto/sha256-browser': 5.2.0 - '@aws-crypto/sha256-js': 5.2.0 - '@aws-sdk/core': 3.635.0 - '@aws-sdk/middleware-host-header': 3.620.0 - '@aws-sdk/middleware-logger': 3.609.0 - '@aws-sdk/middleware-recursion-detection': 3.620.0 - '@aws-sdk/middleware-user-agent': 3.637.0 - '@aws-sdk/region-config-resolver': 3.614.0 - '@aws-sdk/types': 3.609.0 - '@aws-sdk/util-endpoints': 3.637.0 - '@aws-sdk/util-user-agent-browser': 3.609.0 - '@aws-sdk/util-user-agent-node': 3.614.0 - '@smithy/config-resolver': 3.0.5 - '@smithy/core': 2.4.0 - '@smithy/fetch-http-handler': 3.2.4 - '@smithy/hash-node': 3.0.3 - '@smithy/invalid-dependency': 3.0.3 - '@smithy/middleware-content-length': 3.0.5 - '@smithy/middleware-endpoint': 3.1.0 - '@smithy/middleware-retry': 3.0.15 - '@smithy/middleware-serde': 3.0.3 - '@smithy/middleware-stack': 3.0.3 - '@smithy/node-config-provider': 3.1.4 - '@smithy/node-http-handler': 3.1.4 - '@smithy/protocol-http': 4.1.0 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - '@smithy/url-parser': 3.0.3 - '@smithy/util-base64': 3.0.0 - '@smithy/util-body-length-browser': 3.0.0 - '@smithy/util-body-length-node': 3.0.0 - '@smithy/util-defaults-mode-browser': 3.0.15 - '@smithy/util-defaults-mode-node': 3.0.15 - '@smithy/util-endpoints': 2.0.5 - '@smithy/util-middleware': 3.0.3 - '@smithy/util-retry': 3.0.3 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - transitivePeerDependencies: - - aws-crt - - '@aws-sdk/client-sts@3.637.0': - dependencies: - '@aws-crypto/sha256-browser': 5.2.0 - '@aws-crypto/sha256-js': 5.2.0 - '@aws-sdk/client-sso-oidc': 3.637.0(@aws-sdk/client-sts@3.637.0) - '@aws-sdk/core': 3.635.0 - '@aws-sdk/credential-provider-node': 3.637.0(@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0))(@aws-sdk/client-sts@3.637.0) - '@aws-sdk/middleware-host-header': 3.620.0 - '@aws-sdk/middleware-logger': 3.609.0 - '@aws-sdk/middleware-recursion-detection': 3.620.0 - '@aws-sdk/middleware-user-agent': 3.637.0 - '@aws-sdk/region-config-resolver': 3.614.0 - '@aws-sdk/types': 3.609.0 - '@aws-sdk/util-endpoints': 3.637.0 - '@aws-sdk/util-user-agent-browser': 3.609.0 - '@aws-sdk/util-user-agent-node': 3.614.0 - '@smithy/config-resolver': 3.0.5 - '@smithy/core': 2.4.0 - '@smithy/fetch-http-handler': 3.2.4 - '@smithy/hash-node': 3.0.3 - '@smithy/invalid-dependency': 3.0.3 - '@smithy/middleware-content-length': 3.0.5 - '@smithy/middleware-endpoint': 3.1.0 - '@smithy/middleware-retry': 3.0.15 - '@smithy/middleware-serde': 3.0.3 - '@smithy/middleware-stack': 3.0.3 - '@smithy/node-config-provider': 3.1.4 - '@smithy/node-http-handler': 3.1.4 - '@smithy/protocol-http': 4.1.0 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - '@smithy/url-parser': 3.0.3 - '@smithy/util-base64': 3.0.0 - '@smithy/util-body-length-browser': 3.0.0 - '@smithy/util-body-length-node': 3.0.0 - '@smithy/util-defaults-mode-browser': 3.0.15 - '@smithy/util-defaults-mode-node': 3.0.15 - '@smithy/util-endpoints': 2.0.5 - '@smithy/util-middleware': 3.0.3 - '@smithy/util-retry': 3.0.3 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - transitivePeerDependencies: - - aws-crt - - '@aws-sdk/core@3.635.0': - dependencies: - '@smithy/core': 2.4.0 - '@smithy/node-config-provider': 3.1.4 - '@smithy/property-provider': 3.1.3 - '@smithy/protocol-http': 4.1.0 - '@smithy/signature-v4': 4.1.0 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - '@smithy/util-middleware': 3.0.3 - fast-xml-parser: 4.4.1 - tslib: 2.7.0 - - '@aws-sdk/credential-provider-env@3.620.1': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/property-provider': 3.1.3 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/credential-provider-http@3.635.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/fetch-http-handler': 3.2.4 - '@smithy/node-http-handler': 3.1.4 - '@smithy/property-provider': 3.1.3 - '@smithy/protocol-http': 4.1.0 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - '@smithy/util-stream': 3.1.3 - tslib: 2.7.0 - - '@aws-sdk/credential-provider-ini@3.637.0(@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0))(@aws-sdk/client-sts@3.637.0)': - dependencies: - '@aws-sdk/client-sts': 3.637.0 - '@aws-sdk/credential-provider-env': 3.620.1 - '@aws-sdk/credential-provider-http': 3.635.0 - '@aws-sdk/credential-provider-process': 3.620.1 - '@aws-sdk/credential-provider-sso': 3.637.0(@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0)) - '@aws-sdk/credential-provider-web-identity': 3.621.0(@aws-sdk/client-sts@3.637.0) - '@aws-sdk/types': 3.609.0 - '@smithy/credential-provider-imds': 3.2.0 - '@smithy/property-provider': 3.1.3 - '@smithy/shared-ini-file-loader': 3.1.4 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - transitivePeerDependencies: - - '@aws-sdk/client-sso-oidc' - - aws-crt - - '@aws-sdk/credential-provider-node@3.637.0(@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0))(@aws-sdk/client-sts@3.637.0)': - dependencies: - '@aws-sdk/credential-provider-env': 3.620.1 - '@aws-sdk/credential-provider-http': 3.635.0 - '@aws-sdk/credential-provider-ini': 3.637.0(@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0))(@aws-sdk/client-sts@3.637.0) - '@aws-sdk/credential-provider-process': 3.620.1 - '@aws-sdk/credential-provider-sso': 3.637.0(@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0)) - '@aws-sdk/credential-provider-web-identity': 3.621.0(@aws-sdk/client-sts@3.637.0) - '@aws-sdk/types': 3.609.0 - '@smithy/credential-provider-imds': 3.2.0 - '@smithy/property-provider': 3.1.3 - '@smithy/shared-ini-file-loader': 3.1.4 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - transitivePeerDependencies: - - '@aws-sdk/client-sso-oidc' - - '@aws-sdk/client-sts' - - aws-crt - - '@aws-sdk/credential-provider-process@3.620.1': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/property-provider': 3.1.3 - '@smithy/shared-ini-file-loader': 3.1.4 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/credential-provider-sso@3.637.0(@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0))': - dependencies: - '@aws-sdk/client-sso': 3.637.0 - '@aws-sdk/token-providers': 3.614.0(@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0)) - '@aws-sdk/types': 3.609.0 - '@smithy/property-provider': 3.1.3 - '@smithy/shared-ini-file-loader': 3.1.4 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - transitivePeerDependencies: - - '@aws-sdk/client-sso-oidc' - - aws-crt - - '@aws-sdk/credential-provider-web-identity@3.621.0(@aws-sdk/client-sts@3.637.0)': - dependencies: - '@aws-sdk/client-sts': 3.637.0 - '@aws-sdk/types': 3.609.0 - '@smithy/property-provider': 3.1.3 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/lib-storage@3.637.0(@aws-sdk/client-s3@3.637.0)': - dependencies: - '@aws-sdk/client-s3': 3.637.0 - '@smithy/abort-controller': 3.1.1 - '@smithy/middleware-endpoint': 3.1.0 - '@smithy/smithy-client': 3.2.0 - buffer: 5.6.0 - events: 3.3.0 - stream-browserify: 3.0.0 - tslib: 2.7.0 - - '@aws-sdk/middleware-bucket-endpoint@3.620.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@aws-sdk/util-arn-parser': 3.568.0 - '@smithy/node-config-provider': 3.1.4 - '@smithy/protocol-http': 4.1.0 - '@smithy/types': 3.3.0 - '@smithy/util-config-provider': 3.0.0 - tslib: 2.7.0 - - '@aws-sdk/middleware-expect-continue@3.620.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/protocol-http': 4.1.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/middleware-flexible-checksums@3.620.0': - dependencies: - '@aws-crypto/crc32': 5.2.0 - '@aws-crypto/crc32c': 5.2.0 - '@aws-sdk/types': 3.609.0 - '@smithy/is-array-buffer': 3.0.0 - '@smithy/protocol-http': 4.1.0 - '@smithy/types': 3.3.0 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - - '@aws-sdk/middleware-host-header@3.620.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/protocol-http': 4.1.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/middleware-location-constraint@3.609.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/middleware-logger@3.609.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/middleware-recursion-detection@3.620.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/protocol-http': 4.1.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/middleware-sdk-s3@3.635.0': - dependencies: - '@aws-sdk/core': 3.635.0 - '@aws-sdk/types': 3.609.0 - '@aws-sdk/util-arn-parser': 3.568.0 - '@smithy/core': 2.4.0 - '@smithy/node-config-provider': 3.1.4 - '@smithy/protocol-http': 4.1.0 - '@smithy/signature-v4': 4.1.0 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - '@smithy/util-config-provider': 3.0.0 - '@smithy/util-middleware': 3.0.3 - '@smithy/util-stream': 3.1.3 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - - '@aws-sdk/middleware-ssec@3.609.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/middleware-user-agent@3.637.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@aws-sdk/util-endpoints': 3.637.0 - '@smithy/protocol-http': 4.1.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/region-config-resolver@3.614.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/node-config-provider': 3.1.4 - '@smithy/types': 3.3.0 - '@smithy/util-config-provider': 3.0.0 - '@smithy/util-middleware': 3.0.3 - tslib: 2.7.0 - - '@aws-sdk/signature-v4-multi-region@3.635.0': - dependencies: - '@aws-sdk/middleware-sdk-s3': 3.635.0 - '@aws-sdk/types': 3.609.0 - '@smithy/protocol-http': 4.1.0 - '@smithy/signature-v4': 4.1.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/token-providers@3.614.0(@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0))': - dependencies: - '@aws-sdk/client-sso-oidc': 3.637.0(@aws-sdk/client-sts@3.637.0) - '@aws-sdk/types': 3.609.0 - '@smithy/property-provider': 3.1.3 - '@smithy/shared-ini-file-loader': 3.1.4 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/types@3.609.0': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/util-arn-parser@3.568.0': - dependencies: - tslib: 2.7.0 - - '@aws-sdk/util-endpoints@3.637.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/types': 3.3.0 - '@smithy/util-endpoints': 2.0.5 - tslib: 2.7.0 - - '@aws-sdk/util-locate-window@3.568.0': - dependencies: - tslib: 2.7.0 - - '@aws-sdk/util-user-agent-browser@3.609.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/types': 3.3.0 - bowser: 2.11.0 - tslib: 2.7.0 - - '@aws-sdk/util-user-agent-node@3.614.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/node-config-provider': 3.1.4 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/xml-builder@3.609.0': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@babel/code-frame@7.24.7': - dependencies: - '@babel/highlight': 7.24.7 - picocolors: 1.1.0 - - '@babel/helper-validator-identifier@7.24.7': {} - - '@babel/highlight@7.24.7': - dependencies: - '@babel/helper-validator-identifier': 7.24.7 - chalk: 2.4.2 - js-tokens: 4.0.0 - picocolors: 1.1.0 - - '@colors/colors@1.6.0': {} - - '@cspotcode/source-map-support@0.8.1': - dependencies: - '@jridgewell/trace-mapping': 0.3.9 - - '@dabh/diagnostics@2.0.3': - dependencies: - colorspace: 1.1.4 - enabled: 2.0.0 - kuler: 2.0.0 - - '@discordjs/builders@1.9.0': - dependencies: - '@discordjs/formatters': 0.5.0 - '@discordjs/util': 1.1.1 - '@sapphire/shapeshift': 4.0.0 - discord-api-types: 0.37.97 - fast-deep-equal: 3.1.3 - ts-mixer: 6.0.4 - tslib: 2.7.0 - - '@discordjs/collection@1.5.3': {} - - '@discordjs/collection@2.1.1': {} - - '@discordjs/formatters@0.5.0': - dependencies: - discord-api-types: 0.37.97 - - '@discordjs/rest@2.4.0': - dependencies: - '@discordjs/collection': 2.1.1 - '@discordjs/util': 1.1.1 - '@sapphire/async-queue': 1.5.3 - '@sapphire/snowflake': 3.5.3 - '@vladfrangu/async_event_emitter': 2.4.6 - discord-api-types: 0.37.97 - magic-bytes.js: 1.10.0 - tslib: 2.7.0 - undici: 6.19.8 - - '@discordjs/util@1.1.1': {} - - '@discordjs/ws@1.1.1': - dependencies: - '@discordjs/collection': 2.1.1 - '@discordjs/rest': 2.4.0 - '@discordjs/util': 1.1.1 - '@sapphire/async-queue': 1.5.3 - '@types/ws': 8.5.12 - '@vladfrangu/async_event_emitter': 2.4.6 - discord-api-types: 0.37.83 - tslib: 2.7.0 - ws: 8.18.0 - transitivePeerDependencies: - - bufferutil - - utf-8-validate - - '@esbuild/aix-ppc64@0.23.1': - optional: true - - '@esbuild/android-arm64@0.23.1': - optional: true - - '@esbuild/android-arm@0.23.1': - optional: true - - '@esbuild/android-x64@0.23.1': - optional: true - - '@esbuild/darwin-arm64@0.23.1': - optional: true - - '@esbuild/darwin-x64@0.23.1': - optional: true - - '@esbuild/freebsd-arm64@0.23.1': - optional: true - - '@esbuild/freebsd-x64@0.23.1': - optional: true - - '@esbuild/linux-arm64@0.23.1': - optional: true - - '@esbuild/linux-arm@0.23.1': - optional: true - - '@esbuild/linux-ia32@0.23.1': - optional: true - - '@esbuild/linux-loong64@0.23.1': - optional: true - - '@esbuild/linux-mips64el@0.23.1': - optional: true - - '@esbuild/linux-ppc64@0.23.1': - optional: true - - '@esbuild/linux-riscv64@0.23.1': - optional: true - - '@esbuild/linux-s390x@0.23.1': - optional: true - - '@esbuild/linux-x64@0.23.1': - optional: true - - '@esbuild/netbsd-x64@0.23.1': - optional: true - - '@esbuild/openbsd-arm64@0.23.1': - optional: true - - '@esbuild/openbsd-x64@0.23.1': - optional: true - - '@esbuild/sunos-x64@0.23.1': - optional: true - - '@esbuild/win32-arm64@0.23.1': - optional: true - - '@esbuild/win32-ia32@0.23.1': - optional: true - - '@esbuild/win32-x64@0.23.1': - optional: true - - '@fastify/ajv-compiler@3.6.0': - dependencies: - ajv: 8.17.1 - ajv-formats: 2.1.1(ajv@8.17.1) - fast-uri: 2.4.0 - - '@fastify/error@3.4.1': {} - - '@fastify/fast-json-stringify-compiler@4.3.0': - dependencies: - fast-json-stringify: 5.16.1 - - '@fastify/merge-json-schemas@0.1.1': - dependencies: - fast-deep-equal: 3.1.3 - - '@graphile/logger@0.2.0': {} - - '@ioredis/commands@1.2.0': {} - - '@isaacs/cliui@8.0.2': - dependencies: - string-width: 5.1.2 - string-width-cjs: string-width@4.2.3 - strip-ansi: 7.1.0 - strip-ansi-cjs: strip-ansi@6.0.1 - wrap-ansi: 8.1.0 - wrap-ansi-cjs: wrap-ansi@7.0.0 - - '@jridgewell/gen-mapping@0.3.5': - dependencies: - '@jridgewell/set-array': 1.2.1 - '@jridgewell/sourcemap-codec': 1.5.0 - '@jridgewell/trace-mapping': 0.3.25 - - '@jridgewell/resolve-uri@3.1.2': {} - - '@jridgewell/set-array@1.2.1': {} - - '@jridgewell/sourcemap-codec@1.5.0': {} - - '@jridgewell/trace-mapping@0.3.25': - dependencies: - '@jridgewell/resolve-uri': 3.1.2 - '@jridgewell/sourcemap-codec': 1.5.0 - - '@jridgewell/trace-mapping@0.3.9': - dependencies: - '@jridgewell/resolve-uri': 3.1.2 - '@jridgewell/sourcemap-codec': 1.5.0 - - '@noble/hashes@1.5.0': {} - - '@nodelib/fs.scandir@2.1.5': - dependencies: - '@nodelib/fs.stat': 2.0.5 - run-parallel: 1.2.0 - - '@nodelib/fs.stat@2.0.5': {} - - '@nodelib/fs.walk@1.2.8': - dependencies: - '@nodelib/fs.scandir': 2.1.5 - fastq: 1.17.1 - - '@paralleldrive/cuid2@2.2.2': - dependencies: - '@noble/hashes': 1.5.0 - - '@pkgjs/parseargs@0.11.0': - optional: true - - '@rollup/rollup-android-arm-eabi@4.21.2': - optional: true - - '@rollup/rollup-android-arm64@4.21.2': - optional: true - - '@rollup/rollup-darwin-arm64@4.21.2': - optional: true - - '@rollup/rollup-darwin-x64@4.21.2': - optional: true - - '@rollup/rollup-linux-arm-gnueabihf@4.21.2': - optional: true - - '@rollup/rollup-linux-arm-musleabihf@4.21.2': - optional: true - - '@rollup/rollup-linux-arm64-gnu@4.21.2': - optional: true - - '@rollup/rollup-linux-arm64-musl@4.21.2': - optional: true - - '@rollup/rollup-linux-powerpc64le-gnu@4.21.2': - optional: true - - '@rollup/rollup-linux-riscv64-gnu@4.21.2': - optional: true - - '@rollup/rollup-linux-s390x-gnu@4.21.2': - optional: true - - '@rollup/rollup-linux-x64-gnu@4.21.2': - optional: true - - '@rollup/rollup-linux-x64-musl@4.21.2': - optional: true - - '@rollup/rollup-win32-arm64-msvc@4.21.2': - optional: true - - '@rollup/rollup-win32-ia32-msvc@4.21.2': - optional: true - - '@rollup/rollup-win32-x64-msvc@4.21.2': - optional: true - - '@sapphire/async-queue@1.5.3': {} - - '@sapphire/shapeshift@4.0.0': - dependencies: - fast-deep-equal: 3.1.3 - lodash: 4.17.21 - - '@sapphire/snowflake@3.5.3': {} - - '@sec-ant/readable-stream@0.4.1': {} - - '@sindresorhus/merge-streams@4.0.0': {} - - '@sinonjs/commons@2.0.0': - dependencies: - type-detect: 4.0.8 - - '@sinonjs/commons@3.0.1': - dependencies: - type-detect: 4.0.8 - - '@sinonjs/fake-timers@10.3.0': - dependencies: - '@sinonjs/commons': 3.0.1 - - '@sinonjs/fake-timers@11.3.1': - dependencies: - '@sinonjs/commons': 3.0.1 - - '@sinonjs/samsam@8.0.0': - dependencies: - '@sinonjs/commons': 2.0.0 - lodash.get: 4.4.2 - type-detect: 4.1.0 - - '@sinonjs/text-encoding@0.7.3': {} - - '@smithy/abort-controller@3.1.1': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/chunked-blob-reader-native@3.0.0': - dependencies: - '@smithy/util-base64': 3.0.0 - tslib: 2.7.0 - - '@smithy/chunked-blob-reader@3.0.0': - dependencies: - tslib: 2.7.0 - - '@smithy/config-resolver@3.0.5': - dependencies: - '@smithy/node-config-provider': 3.1.4 - '@smithy/types': 3.3.0 - '@smithy/util-config-provider': 3.0.0 - '@smithy/util-middleware': 3.0.3 - tslib: 2.7.0 - - '@smithy/core@2.4.0': - dependencies: - '@smithy/middleware-endpoint': 3.1.0 - '@smithy/middleware-retry': 3.0.15 - '@smithy/middleware-serde': 3.0.3 - '@smithy/protocol-http': 4.1.0 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - '@smithy/util-body-length-browser': 3.0.0 - '@smithy/util-middleware': 3.0.3 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - - '@smithy/credential-provider-imds@3.2.0': - dependencies: - '@smithy/node-config-provider': 3.1.4 - '@smithy/property-provider': 3.1.3 - '@smithy/types': 3.3.0 - '@smithy/url-parser': 3.0.3 - tslib: 2.7.0 - - '@smithy/eventstream-codec@3.1.2': - dependencies: - '@aws-crypto/crc32': 5.2.0 - '@smithy/types': 3.3.0 - '@smithy/util-hex-encoding': 3.0.0 - tslib: 2.7.0 - - '@smithy/eventstream-serde-browser@3.0.6': - dependencies: - '@smithy/eventstream-serde-universal': 3.0.5 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/eventstream-serde-config-resolver@3.0.3': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/eventstream-serde-node@3.0.5': - dependencies: - '@smithy/eventstream-serde-universal': 3.0.5 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/eventstream-serde-universal@3.0.5': - dependencies: - '@smithy/eventstream-codec': 3.1.2 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/fetch-http-handler@3.2.4': - dependencies: - '@smithy/protocol-http': 4.1.0 - '@smithy/querystring-builder': 3.0.3 - '@smithy/types': 3.3.0 - '@smithy/util-base64': 3.0.0 - tslib: 2.7.0 - - '@smithy/hash-blob-browser@3.1.2': - dependencies: - '@smithy/chunked-blob-reader': 3.0.0 - '@smithy/chunked-blob-reader-native': 3.0.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/hash-node@3.0.3': - dependencies: - '@smithy/types': 3.3.0 - '@smithy/util-buffer-from': 3.0.0 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - - '@smithy/hash-stream-node@3.1.2': - dependencies: - '@smithy/types': 3.3.0 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - - '@smithy/invalid-dependency@3.0.3': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/is-array-buffer@2.2.0': - dependencies: - tslib: 2.7.0 - - '@smithy/is-array-buffer@3.0.0': - dependencies: - tslib: 2.7.0 - - '@smithy/md5-js@3.0.3': - dependencies: - '@smithy/types': 3.3.0 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - - '@smithy/middleware-content-length@3.0.5': - dependencies: - '@smithy/protocol-http': 4.1.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/middleware-endpoint@3.1.0': - dependencies: - '@smithy/middleware-serde': 3.0.3 - '@smithy/node-config-provider': 3.1.4 - '@smithy/shared-ini-file-loader': 3.1.4 - '@smithy/types': 3.3.0 - '@smithy/url-parser': 3.0.3 - '@smithy/util-middleware': 3.0.3 - tslib: 2.7.0 - - '@smithy/middleware-retry@3.0.15': - dependencies: - '@smithy/node-config-provider': 3.1.4 - '@smithy/protocol-http': 4.1.0 - '@smithy/service-error-classification': 3.0.3 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - '@smithy/util-middleware': 3.0.3 - '@smithy/util-retry': 3.0.3 - tslib: 2.7.0 - uuid: 9.0.1 - - '@smithy/middleware-serde@3.0.3': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/middleware-stack@3.0.3': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/node-config-provider@3.1.4': - dependencies: - '@smithy/property-provider': 3.1.3 - '@smithy/shared-ini-file-loader': 3.1.4 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/node-http-handler@3.1.4': - dependencies: - '@smithy/abort-controller': 3.1.1 - '@smithy/protocol-http': 4.1.0 - '@smithy/querystring-builder': 3.0.3 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/property-provider@3.1.3': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/protocol-http@4.1.0': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/querystring-builder@3.0.3': - dependencies: - '@smithy/types': 3.3.0 - '@smithy/util-uri-escape': 3.0.0 - tslib: 2.7.0 - - '@smithy/querystring-parser@3.0.3': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/service-error-classification@3.0.3': - dependencies: - '@smithy/types': 3.3.0 - - '@smithy/shared-ini-file-loader@3.1.4': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/signature-v4@4.1.0': - dependencies: - '@smithy/is-array-buffer': 3.0.0 - '@smithy/protocol-http': 4.1.0 - '@smithy/types': 3.3.0 - '@smithy/util-hex-encoding': 3.0.0 - '@smithy/util-middleware': 3.0.3 - '@smithy/util-uri-escape': 3.0.0 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - - '@smithy/smithy-client@3.2.0': - dependencies: - '@smithy/middleware-endpoint': 3.1.0 - '@smithy/middleware-stack': 3.0.3 - '@smithy/protocol-http': 4.1.0 - '@smithy/types': 3.3.0 - '@smithy/util-stream': 3.1.3 - tslib: 2.7.0 - - '@smithy/types@3.3.0': - dependencies: - tslib: 2.7.0 - - '@smithy/url-parser@3.0.3': - dependencies: - '@smithy/querystring-parser': 3.0.3 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/util-base64@3.0.0': - dependencies: - '@smithy/util-buffer-from': 3.0.0 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - - '@smithy/util-body-length-browser@3.0.0': - dependencies: - tslib: 2.7.0 - - '@smithy/util-body-length-node@3.0.0': - dependencies: - tslib: 2.7.0 - - '@smithy/util-buffer-from@2.2.0': - dependencies: - '@smithy/is-array-buffer': 2.2.0 - tslib: 2.7.0 - - '@smithy/util-buffer-from@3.0.0': - dependencies: - '@smithy/is-array-buffer': 3.0.0 - tslib: 2.7.0 - - '@smithy/util-config-provider@3.0.0': - dependencies: - tslib: 2.7.0 - - '@smithy/util-defaults-mode-browser@3.0.15': - dependencies: - '@smithy/property-provider': 3.1.3 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - bowser: 2.11.0 - tslib: 2.7.0 - - '@smithy/util-defaults-mode-node@3.0.15': - dependencies: - '@smithy/config-resolver': 3.0.5 - '@smithy/credential-provider-imds': 3.2.0 - '@smithy/node-config-provider': 3.1.4 - '@smithy/property-provider': 3.1.3 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/util-endpoints@2.0.5': - dependencies: - '@smithy/node-config-provider': 3.1.4 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/util-hex-encoding@3.0.0': - dependencies: - tslib: 2.7.0 - - '@smithy/util-middleware@3.0.3': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/util-retry@3.0.3': - dependencies: - '@smithy/service-error-classification': 3.0.3 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/util-stream@3.1.3': - dependencies: - '@smithy/fetch-http-handler': 3.2.4 - '@smithy/node-http-handler': 3.1.4 - '@smithy/types': 3.3.0 - '@smithy/util-base64': 3.0.0 - '@smithy/util-buffer-from': 3.0.0 - '@smithy/util-hex-encoding': 3.0.0 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - - '@smithy/util-uri-escape@3.0.0': - dependencies: - tslib: 2.7.0 - - '@smithy/util-utf8@2.3.0': - dependencies: - '@smithy/util-buffer-from': 2.2.0 - tslib: 2.7.0 - - '@smithy/util-utf8@3.0.0': - dependencies: - '@smithy/util-buffer-from': 3.0.0 - tslib: 2.7.0 - - '@smithy/util-waiter@3.1.2': - dependencies: - '@smithy/abort-controller': 3.1.1 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@tsconfig/node10@1.0.11': {} - - '@tsconfig/node12@1.0.11': {} - - '@tsconfig/node14@1.0.3': {} - - '@tsconfig/node16@1.0.4': {} - - '@types/chai-as-promised@8.0.0': - dependencies: - '@types/chai': 4.3.19 - - '@types/chai@4.3.19': {} - - '@types/debug@4.1.12': - dependencies: - '@types/ms': 0.7.34 - - '@types/estree@1.0.5': {} - - '@types/fluent-ffmpeg@2.1.26': - dependencies: - '@types/node': 22.5.2 - - '@types/interpret@1.1.3': - dependencies: - '@types/node': 22.5.2 - - '@types/mocha@10.0.7': {} - - '@types/ms@0.7.34': {} - - '@types/node@20.16.3': - dependencies: - undici-types: 6.19.8 - - '@types/node@22.5.2': - dependencies: - undici-types: 6.19.8 - - '@types/pg@8.11.8': - dependencies: - '@types/node': 22.5.2 - pg-protocol: 1.6.1 - pg-types: 4.0.2 - - '@types/qs@6.9.15': {} - - '@types/retry@0.12.2': {} - - '@types/semver@7.5.8': {} - - '@types/sinon-chai@3.2.12': - dependencies: - '@types/chai': 4.3.19 - '@types/sinon': 17.0.3 - - '@types/sinon@10.0.20': - dependencies: - '@types/sinonjs__fake-timers': 8.1.5 - - '@types/sinon@17.0.3': - dependencies: - '@types/sinonjs__fake-timers': 8.1.5 - - '@types/sinonjs__fake-timers@8.1.5': {} - - '@types/triple-beam@1.3.5': {} - - '@types/ws@8.5.12': - dependencies: - '@types/node': 22.5.2 - - '@vladfrangu/async_event_emitter@2.4.6': {} - - abort-controller@3.0.0: - dependencies: - event-target-shim: 5.0.1 - - abstract-logging@2.0.1: {} - - acorn-walk@8.3.3: - dependencies: - acorn: 8.12.1 - - acorn@8.12.1: {} - - ajv-formats@2.1.1(ajv@8.17.1): - optionalDependencies: - ajv: 8.17.1 - - ajv-formats@3.0.1(ajv@8.17.1): - optionalDependencies: - ajv: 8.17.1 - - ajv@8.17.1: - dependencies: - fast-deep-equal: 3.1.3 - fast-uri: 3.0.1 - json-schema-traverse: 1.0.0 - require-from-string: 2.0.2 - - ansi-colors@4.1.3: {} - - ansi-regex@5.0.1: {} - - ansi-regex@6.0.1: {} - - ansi-styles@3.2.1: - dependencies: - color-convert: 1.9.3 - - ansi-styles@4.3.0: - dependencies: - color-convert: 2.0.1 - - ansi-styles@6.2.1: {} - - any-promise@1.3.0: {} - - anymatch@3.1.3: - dependencies: - normalize-path: 3.0.0 - picomatch: 2.3.1 - - arg@4.1.3: {} - - argparse@2.0.1: {} - - array-union@2.1.0: {} - - asap@2.0.6: {} - - assertion-error@2.0.1: {} - - async@0.2.10: {} - - async@3.2.6: {} - - atomic-sleep@1.0.0: {} - - available-typed-arrays@1.0.7: - dependencies: - possible-typed-array-names: 1.0.0 - - avvio@8.4.0: - dependencies: - '@fastify/error': 3.4.1 - fastq: 1.17.1 - - aws-sdk-client-mock@4.0.1: - dependencies: - '@types/sinon': 10.0.20 - sinon: 16.1.3 - tslib: 2.7.0 - - aws-sdk-mock@6.1.1: - dependencies: - aws-sdk: 2.1687.0 - neotraverse: 0.6.18 - sinon: 18.0.0 - - aws-sdk@2.1687.0: - dependencies: - buffer: 4.9.2 - events: 1.1.1 - ieee754: 1.1.13 - jmespath: 0.16.0 - querystring: 0.2.0 - sax: 1.2.1 - url: 0.10.3 - util: 0.12.5 - uuid: 8.0.0 - xml2js: 0.6.2 - - balanced-match@1.0.2: {} - - base64-js@1.5.1: {} - - binary-extensions@2.3.0: {} - - boolbase@1.0.0: {} - - bowser@2.11.0: {} - - brace-expansion@1.1.11: - dependencies: - balanced-match: 1.0.2 - concat-map: 0.0.1 - - brace-expansion@2.0.1: - dependencies: - balanced-match: 1.0.2 - - braces@3.0.3: - dependencies: - fill-range: 7.1.1 - - browser-stdout@1.3.1: {} - - buffer@4.9.2: - dependencies: - base64-js: 1.5.1 - ieee754: 1.1.13 - isarray: 1.0.0 - - buffer@5.6.0: - dependencies: - base64-js: 1.5.1 - ieee754: 1.2.1 - - buffer@6.0.3: - dependencies: - base64-js: 1.5.1 - ieee754: 1.2.1 - - bundle-require@5.0.0(esbuild@0.23.1): - dependencies: - esbuild: 0.23.1 - load-tsconfig: 0.2.5 - - cac@6.7.14: {} - - call-bind@1.0.7: - dependencies: - es-define-property: 1.0.0 - es-errors: 1.3.0 - function-bind: 1.1.2 - get-intrinsic: 1.2.4 - set-function-length: 1.2.2 - - callsites@3.1.0: {} - - camelcase@6.3.0: {} - - chai-as-promised@8.0.0(chai@5.1.1): - dependencies: - chai: 5.1.1 - check-error: 2.1.1 - - chai@5.1.1: - dependencies: - assertion-error: 2.0.1 - check-error: 2.1.1 - deep-eql: 5.0.2 - loupe: 3.1.1 - pathval: 2.0.0 - - chalk@2.4.2: - dependencies: - ansi-styles: 3.2.1 - escape-string-regexp: 1.0.5 - supports-color: 5.5.0 - - chalk@4.1.2: - dependencies: - ansi-styles: 4.3.0 - supports-color: 7.2.0 - - check-error@2.1.1: {} - - cheerio-select@2.1.0: - dependencies: - boolbase: 1.0.0 - css-select: 5.1.0 - css-what: 6.1.0 - domelementtype: 2.3.0 - domhandler: 5.0.3 - domutils: 3.1.0 - - cheerio@1.0.0: - dependencies: - cheerio-select: 2.1.0 - dom-serializer: 2.0.0 - domhandler: 5.0.3 - domutils: 3.1.0 - encoding-sniffer: 0.2.0 - htmlparser2: 9.1.0 - parse5: 7.1.2 - parse5-htmlparser2-tree-adapter: 7.0.0 - parse5-parser-stream: 7.1.2 - undici: 6.19.8 - whatwg-mimetype: 4.0.0 - - chokidar@3.6.0: - dependencies: - anymatch: 3.1.3 - braces: 3.0.3 - glob-parent: 5.1.2 - is-binary-path: 2.1.0 - is-glob: 4.0.3 - normalize-path: 3.0.0 - readdirp: 3.6.0 - optionalDependencies: - fsevents: 2.3.3 - - cliui@7.0.4: - dependencies: - string-width: 4.2.3 - strip-ansi: 6.0.1 - wrap-ansi: 7.0.0 - - cliui@8.0.1: - dependencies: - string-width: 4.2.3 - strip-ansi: 6.0.1 - wrap-ansi: 7.0.0 - - cluster-key-slot@1.1.2: {} - - color-convert@1.9.3: - dependencies: - color-name: 1.1.3 - - color-convert@2.0.1: - dependencies: - color-name: 1.1.4 - - color-name@1.1.3: {} - - color-name@1.1.4: {} - - color-string@1.9.1: - dependencies: - color-name: 1.1.4 - simple-swizzle: 0.2.2 - - color@3.2.1: - dependencies: - color-convert: 1.9.3 - color-string: 1.9.1 - - colorette@2.0.20: {} - - colorspace@1.1.4: - dependencies: - color: 3.2.1 - text-hex: 1.0.0 - - commander@4.1.1: {} - - concat-map@0.0.1: {} - - consola@3.2.3: {} - - cookie@0.6.0: {} - - cosmiconfig@8.3.6(typescript@5.5.4): - dependencies: - import-fresh: 3.3.0 - js-yaml: 4.1.0 - parse-json: 5.2.0 - path-type: 4.0.0 - optionalDependencies: - typescript: 5.5.4 - - create-require@1.1.1: {} - - cron-parser@4.9.0: - dependencies: - luxon: 3.5.0 - - cross-spawn@7.0.3: - dependencies: - path-key: 3.1.1 - shebang-command: 2.0.0 - which: 2.0.2 - - csprng@0.1.2: - dependencies: - sequin: 0.1.1 - - css-select@5.1.0: - dependencies: - boolbase: 1.0.0 - css-what: 6.1.0 - domhandler: 5.0.3 - domutils: 3.1.0 - nth-check: 2.1.1 - - css-what@6.1.0: {} - - data-uri-to-buffer@4.0.1: {} - - date-fns@3.6.0: {} - - dateformat@4.6.3: {} - - debug@4.3.6: - dependencies: - ms: 2.1.2 - - debug@4.3.6(supports-color@5.5.0): - dependencies: - ms: 2.1.2 - optionalDependencies: - supports-color: 5.5.0 - - debug@4.3.6(supports-color@8.1.1): - dependencies: - ms: 2.1.2 - optionalDependencies: - supports-color: 8.1.1 - - decamelize@4.0.0: {} - - deep-eql@5.0.2: {} - - define-data-property@1.1.4: - dependencies: - es-define-property: 1.0.0 - es-errors: 1.3.0 - gopd: 1.0.1 - - denque@2.1.0: {} - - diff@4.0.2: {} - - diff@5.2.0: {} - - dir-glob@3.0.1: - dependencies: - path-type: 4.0.0 - - discord-api-types@0.37.83: {} - - discord-api-types@0.37.97: {} - - discord.js@14.16.1: - dependencies: - '@discordjs/builders': 1.9.0 - '@discordjs/collection': 1.5.3 - '@discordjs/formatters': 0.5.0 - '@discordjs/rest': 2.4.0 - '@discordjs/util': 1.1.1 - '@discordjs/ws': 1.1.1 - '@sapphire/snowflake': 3.5.3 - discord-api-types: 0.37.97 - fast-deep-equal: 3.1.3 - lodash.snakecase: 4.1.1 - tslib: 2.7.0 - undici: 6.19.8 - transitivePeerDependencies: - - bufferutil - - utf-8-validate - - diskusage@1.2.0: - dependencies: - es6-promise: 4.2.8 - nan: 2.20.0 - - dom-serializer@2.0.0: - dependencies: - domelementtype: 2.3.0 - domhandler: 5.0.3 - entities: 4.5.0 - - domelementtype@2.3.0: {} - - domhandler@5.0.3: - dependencies: - domelementtype: 2.3.0 - - domutils@3.1.0: - dependencies: - dom-serializer: 2.0.0 - domelementtype: 2.3.0 - domhandler: 5.0.3 - - dotenv@16.4.5: {} - - eastasianwidth@0.2.0: {} - - emoji-regex@8.0.0: {} - - emoji-regex@9.2.2: {} - - enabled@2.0.0: {} - - encoding-sniffer@0.2.0: - dependencies: - iconv-lite: 0.6.3 - whatwg-encoding: 3.1.1 - - end-of-stream@1.4.4: - dependencies: - once: 1.4.0 - - entities@4.5.0: {} - - error-ex@1.3.2: - dependencies: - is-arrayish: 0.2.1 - - es-define-property@1.0.0: - dependencies: - get-intrinsic: 1.2.4 - - es-errors@1.3.0: {} - - es6-promise@4.2.8: {} - - esbuild@0.23.1: - optionalDependencies: - '@esbuild/aix-ppc64': 0.23.1 - '@esbuild/android-arm': 0.23.1 - '@esbuild/android-arm64': 0.23.1 - '@esbuild/android-x64': 0.23.1 - '@esbuild/darwin-arm64': 0.23.1 - '@esbuild/darwin-x64': 0.23.1 - '@esbuild/freebsd-arm64': 0.23.1 - '@esbuild/freebsd-x64': 0.23.1 - '@esbuild/linux-arm': 0.23.1 - '@esbuild/linux-arm64': 0.23.1 - '@esbuild/linux-ia32': 0.23.1 - '@esbuild/linux-loong64': 0.23.1 - '@esbuild/linux-mips64el': 0.23.1 - '@esbuild/linux-ppc64': 0.23.1 - '@esbuild/linux-riscv64': 0.23.1 - '@esbuild/linux-s390x': 0.23.1 - '@esbuild/linux-x64': 0.23.1 - '@esbuild/netbsd-x64': 0.23.1 - '@esbuild/openbsd-arm64': 0.23.1 - '@esbuild/openbsd-x64': 0.23.1 - '@esbuild/sunos-x64': 0.23.1 - '@esbuild/win32-arm64': 0.23.1 - '@esbuild/win32-ia32': 0.23.1 - '@esbuild/win32-x64': 0.23.1 - - escalade@3.2.0: {} - - escape-string-regexp@1.0.5: {} - - escape-string-regexp@4.0.0: {} - - event-target-shim@5.0.1: {} - - events@1.1.1: {} - - events@3.3.0: {} - - execa@5.1.1: - dependencies: - cross-spawn: 7.0.3 - get-stream: 6.0.1 - human-signals: 2.1.0 - is-stream: 2.0.1 - merge-stream: 2.0.0 - npm-run-path: 4.0.1 - onetime: 5.1.2 - signal-exit: 3.0.7 - strip-final-newline: 2.0.0 - - execa@9.3.1: - dependencies: - '@sindresorhus/merge-streams': 4.0.0 - cross-spawn: 7.0.3 - figures: 6.1.0 - get-stream: 9.0.1 - human-signals: 8.0.0 - is-plain-obj: 4.1.0 - is-stream: 4.0.1 - npm-run-path: 5.3.0 - pretty-ms: 9.1.0 - signal-exit: 4.1.0 - strip-final-newline: 4.0.0 - yoctocolors: 2.1.1 - - exponential-backoff@3.1.1: {} - - fast-content-type-parse@1.1.0: {} - - fast-copy@3.0.2: {} - - fast-decode-uri-component@1.0.1: {} - - fast-deep-equal@3.1.3: {} - - fast-glob@3.3.2: - dependencies: - '@nodelib/fs.stat': 2.0.5 - '@nodelib/fs.walk': 1.2.8 - glob-parent: 5.1.2 - merge2: 1.4.1 - micromatch: 4.0.8 - - fast-json-stringify@5.16.1: - dependencies: - '@fastify/merge-json-schemas': 0.1.1 - ajv: 8.17.1 - ajv-formats: 3.0.1(ajv@8.17.1) - fast-deep-equal: 3.1.3 - fast-uri: 2.4.0 - json-schema-ref-resolver: 1.0.1 - rfdc: 1.4.1 - - fast-querystring@1.1.2: - dependencies: - fast-decode-uri-component: 1.0.1 - - fast-redact@3.5.0: {} - - fast-safe-stringify@2.1.1: {} - - fast-uri@2.4.0: {} - - fast-uri@3.0.1: {} - - fast-xml-parser@4.4.1: - dependencies: - strnum: 1.0.5 - - fastify-plugin@4.5.1: {} - - fastify@4.28.1: - dependencies: - '@fastify/ajv-compiler': 3.6.0 - '@fastify/error': 3.4.1 - '@fastify/fast-json-stringify-compiler': 4.3.0 - abstract-logging: 2.0.1 - avvio: 8.4.0 - fast-content-type-parse: 1.1.0 - fast-json-stringify: 5.16.1 - find-my-way: 8.2.0 - light-my-request: 5.13.0 - pino: 9.4.0 - process-warning: 3.0.0 - proxy-addr: 2.0.7 - rfdc: 1.4.1 - secure-json-parse: 2.7.0 - semver: 7.6.3 - toad-cache: 3.7.0 - - fastq@1.17.1: - dependencies: - reusify: 1.0.4 - - faye-websocket@0.11.4: - dependencies: - websocket-driver: 0.7.4 - - faye@1.4.0: - dependencies: - asap: 2.0.6 - csprng: 0.1.2 - faye-websocket: 0.11.4 - safe-buffer: 5.2.1 - tough-cookie: 4.1.4 - tunnel-agent: 0.6.0 - - fecha@4.2.3: {} - - fetch-blob@3.2.0: - dependencies: - node-domexception: 1.0.0 - web-streams-polyfill: 3.3.3 - - figures@6.1.0: - dependencies: - is-unicode-supported: 2.0.0 - - fill-range@7.1.1: - dependencies: - to-regex-range: 5.0.1 - - find-my-way@8.2.0: - dependencies: - fast-deep-equal: 3.1.3 - fast-querystring: 1.1.2 - safe-regex2: 3.1.0 - - find-up@5.0.0: - dependencies: - locate-path: 6.0.0 - path-exists: 4.0.0 - - flat@5.0.2: {} - - fluent-ffmpeg@2.1.3: - dependencies: - async: 0.2.10 - which: 1.3.1 - - fn.name@1.1.0: {} - - for-each@0.3.3: - dependencies: - is-callable: 1.2.7 - - foreground-child@3.3.0: - dependencies: - cross-spawn: 7.0.3 - signal-exit: 4.1.0 - - formdata-polyfill@4.0.10: - dependencies: - fetch-blob: 3.2.0 - - forwarded@0.2.0: {} - - fs.realpath@1.0.0: {} - - fsevents@2.3.3: - optional: true - - function-bind@1.1.2: {} - - get-caller-file@2.0.5: {} - - get-func-name@2.0.2: {} - - get-intrinsic@1.2.4: - dependencies: - es-errors: 1.3.0 - function-bind: 1.1.2 - has-proto: 1.0.3 - has-symbols: 1.0.3 - hasown: 2.0.2 - - get-stream@6.0.1: {} - - get-stream@9.0.1: - dependencies: - '@sec-ant/readable-stream': 0.4.1 - is-stream: 4.0.1 - - get-tsconfig@4.8.0: - dependencies: - resolve-pkg-maps: 1.0.0 - - glob-parent@5.1.2: - dependencies: - is-glob: 4.0.3 - - glob@10.4.5: - dependencies: - foreground-child: 3.3.0 - jackspeak: 3.4.3 - minimatch: 9.0.5 - minipass: 7.1.2 - package-json-from-dist: 1.0.0 - path-scurry: 1.11.1 - - glob@8.1.0: - dependencies: - fs.realpath: 1.0.0 - inflight: 1.0.6 - inherits: 2.0.4 - minimatch: 5.1.6 - once: 1.4.0 - - globby@11.1.0: - dependencies: - array-union: 2.1.0 - dir-glob: 3.0.1 - fast-glob: 3.3.2 - ignore: 5.3.2 - merge2: 1.4.1 - slash: 3.0.0 - - gopd@1.0.1: - dependencies: - get-intrinsic: 1.2.4 - - graphile-config@0.0.1-beta.9: - dependencies: - '@types/interpret': 1.1.3 - '@types/node': 20.16.3 - '@types/semver': 7.5.8 - chalk: 4.1.2 - debug: 4.3.6 - interpret: 3.1.1 - semver: 7.6.3 - tslib: 2.7.0 - yargs: 17.7.2 - transitivePeerDependencies: - - supports-color - - graphile-worker@0.16.6(typescript@5.5.4): - dependencies: - '@graphile/logger': 0.2.0 - '@types/debug': 4.1.12 - '@types/pg': 8.11.8 - cosmiconfig: 8.3.6(typescript@5.5.4) - graphile-config: 0.0.1-beta.9 - json5: 2.2.3 - pg: 8.12.0 - tslib: 2.7.0 - yargs: 17.7.2 - transitivePeerDependencies: - - pg-native - - supports-color - - typescript - - has-flag@3.0.0: {} - - has-flag@4.0.0: {} - - has-property-descriptors@1.0.2: - dependencies: - es-define-property: 1.0.0 - - has-proto@1.0.3: {} - - has-symbols@1.0.3: {} - - has-tostringtag@1.0.2: - dependencies: - has-symbols: 1.0.3 - - hasown@2.0.2: - dependencies: - function-bind: 1.1.2 - - he@1.2.0: {} - - help-me@5.0.0: {} - - htmlparser2@9.1.0: - dependencies: - domelementtype: 2.3.0 - domhandler: 5.0.3 - domutils: 3.1.0 - entities: 4.5.0 - - http-parser-js@0.5.8: {} - - https@1.0.0: {} - - human-signals@2.1.0: {} - - human-signals@8.0.0: {} - - iconv-lite@0.6.3: - dependencies: - safer-buffer: 2.1.2 - - ieee754@1.1.13: {} - - ieee754@1.2.1: {} - - ignore-by-default@1.0.1: {} - - ignore@5.3.2: {} - - import-fresh@3.3.0: - dependencies: - parent-module: 1.0.1 - resolve-from: 4.0.0 - - inflight@1.0.6: - dependencies: - once: 1.4.0 - wrappy: 1.0.2 - - inherits@2.0.4: {} - - interpret@3.1.1: {} - - ioredis@5.4.1: - dependencies: - '@ioredis/commands': 1.2.0 - cluster-key-slot: 1.1.2 - debug: 4.3.6 - denque: 2.1.0 - lodash.defaults: 4.2.0 - lodash.isarguments: 3.1.0 - redis-errors: 1.2.0 - redis-parser: 3.0.0 - standard-as-callback: 2.1.0 - transitivePeerDependencies: - - supports-color - - ipaddr.js@1.9.1: {} - - is-arguments@1.1.1: - dependencies: - call-bind: 1.0.7 - has-tostringtag: 1.0.2 - - is-arrayish@0.2.1: {} - - is-arrayish@0.3.2: {} - - is-binary-path@2.1.0: - dependencies: - binary-extensions: 2.3.0 - - is-callable@1.2.7: {} - - is-extglob@2.1.1: {} - - is-fullwidth-code-point@3.0.0: {} - - is-generator-function@1.0.10: - dependencies: - has-tostringtag: 1.0.2 - - is-glob@4.0.3: - dependencies: - is-extglob: 2.1.1 - - is-network-error@1.1.0: {} - - is-number@7.0.0: {} - - is-plain-obj@2.1.0: {} - - is-plain-obj@4.1.0: {} - - is-stream@2.0.1: {} - - is-stream@4.0.1: {} - - is-typed-array@1.1.13: - dependencies: - which-typed-array: 1.1.15 - - is-unicode-supported@0.1.0: {} - - is-unicode-supported@2.0.0: {} - - isarray@1.0.0: {} - - isexe@2.0.0: {} - - jackspeak@3.4.3: - dependencies: - '@isaacs/cliui': 8.0.2 - optionalDependencies: - '@pkgjs/parseargs': 0.11.0 - - jmespath@0.16.0: {} - - joycon@3.1.1: {} - - js-tokens@4.0.0: {} - - js-yaml@4.1.0: - dependencies: - argparse: 2.0.1 - - json-parse-even-better-errors@2.3.1: {} - - json-schema-ref-resolver@1.0.1: - dependencies: - fast-deep-equal: 3.1.3 - - json-schema-traverse@1.0.0: {} - - json5@2.2.3: {} - - just-extend@6.2.0: {} - - kuler@2.0.0: {} - - light-my-request@5.13.0: - dependencies: - cookie: 0.6.0 - process-warning: 3.0.0 - set-cookie-parser: 2.7.0 - - lilconfig@3.1.2: {} - - lines-and-columns@1.2.4: {} - - load-tsconfig@0.2.5: {} - - locate-path@6.0.0: - dependencies: - p-locate: 5.0.0 - - lodash.defaults@4.2.0: {} - - lodash.get@4.4.2: {} - - lodash.isarguments@3.1.0: {} - - lodash.snakecase@4.1.1: {} - - lodash.sortby@4.7.0: {} - - lodash@4.1.0: {} - - lodash@4.17.21: {} - - log-symbols@4.1.0: - dependencies: - chalk: 4.1.2 - is-unicode-supported: 0.1.0 - - logform@2.6.1: - dependencies: - '@colors/colors': 1.6.0 - '@types/triple-beam': 1.3.5 - fecha: 4.2.3 - ms: 2.1.3 - safe-stable-stringify: 2.5.0 - triple-beam: 1.4.1 - - loupe@3.1.1: - dependencies: - get-func-name: 2.0.2 - - lru-cache@10.4.3: {} - - luxon@3.5.0: {} - - magic-bytes.js@1.10.0: {} - - make-error@1.3.6: {} - - merge-stream@2.0.0: {} - - merge2@1.4.1: {} - - micromatch@4.0.8: - dependencies: - braces: 3.0.3 - picomatch: 2.3.1 - - mimic-fn@2.1.0: {} - - minimatch@10.0.1: - dependencies: - brace-expansion: 2.0.1 - - minimatch@3.1.2: - dependencies: - brace-expansion: 1.1.11 - - minimatch@5.1.6: - dependencies: - brace-expansion: 2.0.1 - - minimatch@9.0.5: - dependencies: - brace-expansion: 2.0.1 - - minimist@1.2.8: {} - - minipass@7.1.2: {} - - mocha@10.7.3: - dependencies: - ansi-colors: 4.1.3 - browser-stdout: 1.3.1 - chokidar: 3.6.0 - debug: 4.3.6(supports-color@8.1.1) - diff: 5.2.0 - escape-string-regexp: 4.0.0 - find-up: 5.0.0 - glob: 8.1.0 - he: 1.2.0 - js-yaml: 4.1.0 - log-symbols: 4.1.0 - minimatch: 5.1.6 - ms: 2.1.3 - serialize-javascript: 6.0.2 - strip-json-comments: 3.1.1 - supports-color: 8.1.1 - workerpool: 6.5.1 - yargs: 16.2.0 - yargs-parser: 20.2.9 - yargs-unparser: 2.0.0 - - ms@2.1.2: {} - - ms@2.1.3: {} - - multiformats@13.2.2: {} - - mz@2.7.0: - dependencies: - any-promise: 1.3.0 - object-assign: 4.1.1 - thenify-all: 1.6.0 - - nan@2.20.0: {} - - nanoid@5.0.7: {} - - neotraverse@0.6.18: {} - - nise@5.1.9: - dependencies: - '@sinonjs/commons': 3.0.1 - '@sinonjs/fake-timers': 11.3.1 - '@sinonjs/text-encoding': 0.7.3 - just-extend: 6.2.0 - path-to-regexp: 6.2.2 - - nise@6.0.0: - dependencies: - '@sinonjs/commons': 3.0.1 - '@sinonjs/fake-timers': 11.3.1 - '@sinonjs/text-encoding': 0.7.3 - just-extend: 6.2.0 - path-to-regexp: 6.2.2 - - node-abort-controller@3.1.1: {} - - node-domexception@1.0.0: {} - - node-fetch@3.3.2: - dependencies: - data-uri-to-buffer: 4.0.1 - fetch-blob: 3.2.0 - formdata-polyfill: 4.0.10 - - nodemon@3.1.4: - dependencies: - chokidar: 3.6.0 - debug: 4.3.6(supports-color@5.5.0) - ignore-by-default: 1.0.1 - minimatch: 3.1.2 - pstree.remy: 1.1.8 - semver: 7.6.3 - simple-update-notifier: 2.0.0 - supports-color: 5.5.0 - touch: 3.1.1 - undefsafe: 2.0.5 - - normalize-path@3.0.0: {} - - npm-run-path@4.0.1: - dependencies: - path-key: 3.1.1 - - npm-run-path@5.3.0: - dependencies: - path-key: 4.0.0 - - nth-check@2.1.1: - dependencies: - boolbase: 1.0.0 - - object-assign@4.1.1: {} - - object-inspect@1.13.2: {} - - obuf@1.1.2: {} - - on-exit-leak-free@2.1.2: {} - - once@1.4.0: - dependencies: - wrappy: 1.0.2 - - one-time@1.0.0: - dependencies: - fn.name: 1.1.0 - - onetime@5.1.2: - dependencies: - mimic-fn: 2.1.0 - - p-limit@3.1.0: - dependencies: - yocto-queue: 0.1.0 - - p-locate@5.0.0: - dependencies: - p-limit: 3.1.0 - - p-retry@6.2.0: - dependencies: - '@types/retry': 0.12.2 - is-network-error: 1.1.0 - retry: 0.13.1 - - package-json-from-dist@1.0.0: {} - - parent-module@1.0.1: - dependencies: - callsites: 3.1.0 - - parse-json@5.2.0: - dependencies: - '@babel/code-frame': 7.24.7 - error-ex: 1.3.2 - json-parse-even-better-errors: 2.3.1 - lines-and-columns: 1.2.4 - - parse-ms@4.0.0: {} - - parse5-htmlparser2-tree-adapter@7.0.0: - dependencies: - domhandler: 5.0.3 - parse5: 7.1.2 - - parse5-parser-stream@7.1.2: - dependencies: - parse5: 7.1.2 - - parse5@7.1.2: - dependencies: - entities: 4.5.0 - - path-exists@4.0.0: {} - - path-key@3.1.1: {} - - path-key@4.0.0: {} - - path-scurry@1.11.1: - dependencies: - lru-cache: 10.4.3 - minipass: 7.1.2 - - path-to-regexp@6.2.2: {} - - path-type@4.0.0: {} - - pathval@2.0.0: {} - - pg-boss@10.1.1: - dependencies: - cron-parser: 4.9.0 - pg: 8.12.0 - serialize-error: 8.1.0 - transitivePeerDependencies: - - pg-native - - pg-cloudflare@1.1.1: - optional: true - - pg-connection-string@2.6.4: {} - - pg-int8@1.0.1: {} - - pg-numeric@1.0.2: {} - - pg-pool@3.6.2(pg@8.12.0): - dependencies: - pg: 8.12.0 - - pg-protocol@1.6.1: {} - - pg-types@2.2.0: - dependencies: - pg-int8: 1.0.1 - postgres-array: 2.0.0 - postgres-bytea: 1.0.0 - postgres-date: 1.0.7 - postgres-interval: 1.2.0 - - pg-types@4.0.2: - dependencies: - pg-int8: 1.0.1 - pg-numeric: 1.0.2 - postgres-array: 3.0.2 - postgres-bytea: 3.0.0 - postgres-date: 2.1.0 - postgres-interval: 3.0.0 - postgres-range: 1.1.4 - - pg@8.12.0: - dependencies: - pg-connection-string: 2.6.4 - pg-pool: 3.6.2(pg@8.12.0) - pg-protocol: 1.6.1 - pg-types: 2.2.0 - pgpass: 1.0.5 - optionalDependencies: - pg-cloudflare: 1.1.1 - - pgpass@1.0.5: - dependencies: - split2: 4.2.0 - - picocolors@1.1.0: {} - - picomatch@2.3.1: {} - - pino-abstract-transport@1.2.0: - dependencies: - readable-stream: 4.5.2 - split2: 4.2.0 - - pino-pretty@11.2.2: - dependencies: - colorette: 2.0.20 - dateformat: 4.6.3 - fast-copy: 3.0.2 - fast-safe-stringify: 2.1.1 - help-me: 5.0.0 - joycon: 3.1.1 - minimist: 1.2.8 - on-exit-leak-free: 2.1.2 - pino-abstract-transport: 1.2.0 - pump: 3.0.0 - readable-stream: 4.5.2 - secure-json-parse: 2.7.0 - sonic-boom: 4.1.0 - strip-json-comments: 3.1.1 - - pino-std-serializers@7.0.0: {} - - pino@9.4.0: - dependencies: - atomic-sleep: 1.0.0 - fast-redact: 3.5.0 - on-exit-leak-free: 2.1.2 - pino-abstract-transport: 1.2.0 - pino-std-serializers: 7.0.0 - process-warning: 4.0.0 - quick-format-unescaped: 4.0.4 - real-require: 0.2.0 - safe-stable-stringify: 2.5.0 - sonic-boom: 4.1.0 - thread-stream: 3.1.0 - - pirates@4.0.6: {} - - possible-typed-array-names@1.0.0: {} - - postcss-load-config@6.0.1(tsx@4.19.0): - dependencies: - lilconfig: 3.1.2 - optionalDependencies: - tsx: 4.19.0 - - postgres-array@2.0.0: {} - - postgres-array@3.0.2: {} - - postgres-bytea@1.0.0: {} - - postgres-bytea@3.0.0: - dependencies: - obuf: 1.1.2 - - postgres-date@1.0.7: {} - - postgres-date@2.1.0: {} - - postgres-interval@1.2.0: - dependencies: - xtend: 4.0.2 - - postgres-interval@3.0.0: {} - - postgres-range@1.1.4: {} - - postgres@3.4.4: {} - - pretty-bytes@6.1.1: {} - - pretty-ms@9.1.0: - dependencies: - parse-ms: 4.0.0 - - process-warning@3.0.0: {} - - process-warning@4.0.0: {} - - process@0.11.10: {} - - proxy-addr@2.0.7: - dependencies: - forwarded: 0.2.0 - ipaddr.js: 1.9.1 - - psl@1.9.0: {} - - pstree.remy@1.1.8: {} - - pump@3.0.0: - dependencies: - end-of-stream: 1.4.4 - once: 1.4.0 - - punycode@1.3.2: {} - - punycode@2.3.1: {} - - qs@6.13.0: - dependencies: - side-channel: 1.0.6 - - querystring@0.2.0: {} - - querystringify@2.2.0: {} - - queue-microtask@1.2.3: {} - - quick-format-unescaped@4.0.4: {} - - randombytes@2.1.0: - dependencies: - safe-buffer: 5.2.1 - - readable-stream@3.6.2: - dependencies: - inherits: 2.0.4 - string_decoder: 1.3.0 - util-deprecate: 1.0.2 - - readable-stream@4.5.2: - dependencies: - abort-controller: 3.0.0 - buffer: 6.0.3 - events: 3.3.0 - process: 0.11.10 - string_decoder: 1.3.0 - - readdirp@3.6.0: - dependencies: - picomatch: 2.3.1 - - real-require@0.2.0: {} - - redis-errors@1.2.0: {} - - redis-parser@3.0.0: - dependencies: - redis-errors: 1.2.0 - - require-directory@2.1.1: {} - - require-from-string@2.0.2: {} - - requires-port@1.0.0: {} - - resolve-from@4.0.0: {} - - resolve-from@5.0.0: {} - - resolve-pkg-maps@1.0.0: {} - - ret@0.4.3: {} - - retry@0.13.1: {} - - reusify@1.0.4: {} - - rfdc@1.4.1: {} - - rollup@4.21.2: - dependencies: - '@types/estree': 1.0.5 - optionalDependencies: - '@rollup/rollup-android-arm-eabi': 4.21.2 - '@rollup/rollup-android-arm64': 4.21.2 - '@rollup/rollup-darwin-arm64': 4.21.2 - '@rollup/rollup-darwin-x64': 4.21.2 - '@rollup/rollup-linux-arm-gnueabihf': 4.21.2 - '@rollup/rollup-linux-arm-musleabihf': 4.21.2 - '@rollup/rollup-linux-arm64-gnu': 4.21.2 - '@rollup/rollup-linux-arm64-musl': 4.21.2 - '@rollup/rollup-linux-powerpc64le-gnu': 4.21.2 - '@rollup/rollup-linux-riscv64-gnu': 4.21.2 - '@rollup/rollup-linux-s390x-gnu': 4.21.2 - '@rollup/rollup-linux-x64-gnu': 4.21.2 - '@rollup/rollup-linux-x64-musl': 4.21.2 - '@rollup/rollup-win32-arm64-msvc': 4.21.2 - '@rollup/rollup-win32-ia32-msvc': 4.21.2 - '@rollup/rollup-win32-x64-msvc': 4.21.2 - fsevents: 2.3.3 - - run-parallel@1.2.0: - dependencies: - queue-microtask: 1.2.3 - - rxjs@7.8.1: - dependencies: - tslib: 2.7.0 - - safe-buffer@5.2.1: {} - - safe-regex2@3.1.0: - dependencies: - ret: 0.4.3 - - safe-stable-stringify@2.5.0: {} - - safer-buffer@2.1.2: {} - - sax@1.2.1: {} - - secure-json-parse@2.7.0: {} - - semver@7.6.3: {} - - sequin@0.1.1: {} - - serialize-error@8.1.0: - dependencies: - type-fest: 0.20.2 - - serialize-javascript@6.0.2: - dependencies: - randombytes: 2.1.0 - - set-cookie-parser@2.7.0: {} - - set-function-length@1.2.2: - dependencies: - define-data-property: 1.1.4 - es-errors: 1.3.0 - function-bind: 1.1.2 - get-intrinsic: 1.2.4 - gopd: 1.0.1 - has-property-descriptors: 1.0.2 - - shebang-command@2.0.0: - dependencies: - shebang-regex: 3.0.0 - - shebang-regex@3.0.0: {} - - side-channel@1.0.6: - dependencies: - call-bind: 1.0.7 - es-errors: 1.3.0 - get-intrinsic: 1.2.4 - object-inspect: 1.13.2 - - signal-exit@3.0.7: {} - - signal-exit@4.1.0: {} - - simple-swizzle@0.2.2: - dependencies: - is-arrayish: 0.3.2 - - simple-update-notifier@2.0.0: - dependencies: - semver: 7.6.3 - - sinon-chai@4.0.0(chai@5.1.1)(sinon@18.0.0): - dependencies: - chai: 5.1.1 - sinon: 18.0.0 - - sinon-test@3.1.6(sinon@18.0.0): - dependencies: - sinon: 18.0.0 - - sinon@16.1.3: - dependencies: - '@sinonjs/commons': 3.0.1 - '@sinonjs/fake-timers': 10.3.0 - '@sinonjs/samsam': 8.0.0 - diff: 5.2.0 - nise: 5.1.9 - supports-color: 7.2.0 - - sinon@18.0.0: - dependencies: - '@sinonjs/commons': 3.0.1 - '@sinonjs/fake-timers': 11.3.1 - '@sinonjs/samsam': 8.0.0 - diff: 5.2.0 - nise: 6.0.0 - supports-color: 7.2.0 - - slash@3.0.0: {} - - sliced@0.0.5: {} - - sonic-boom@4.1.0: - dependencies: - atomic-sleep: 1.0.0 - - source-map@0.8.0-beta.0: - dependencies: - whatwg-url: 7.1.0 - - split2@4.2.0: {} - - sql@0.78.0: - dependencies: - lodash: 4.1.0 - sliced: 0.0.5 - - stack-trace@0.0.10: {} - - standard-as-callback@2.1.0: {} - - stream-browserify@3.0.0: - dependencies: - inherits: 2.0.4 - readable-stream: 3.6.2 - - string-width@4.2.3: - dependencies: - emoji-regex: 8.0.0 - is-fullwidth-code-point: 3.0.0 - strip-ansi: 6.0.1 - - string-width@5.1.2: - dependencies: - eastasianwidth: 0.2.0 - emoji-regex: 9.2.2 - strip-ansi: 7.1.0 - - string_decoder@1.3.0: - dependencies: - safe-buffer: 5.2.1 - - strip-ansi@6.0.1: - dependencies: - ansi-regex: 5.0.1 - - strip-ansi@7.1.0: - dependencies: - ansi-regex: 6.0.1 - - strip-final-newline@2.0.0: {} - - strip-final-newline@4.0.0: {} - - strip-json-comments@3.1.1: {} - - strnum@1.0.5: {} - - sucrase@3.35.0: - dependencies: - '@jridgewell/gen-mapping': 0.3.5 - commander: 4.1.1 - glob: 10.4.5 - lines-and-columns: 1.2.4 - mz: 2.7.0 - pirates: 4.0.6 - ts-interface-checker: 0.1.13 - - supports-color@5.5.0: - dependencies: - has-flag: 3.0.0 - - supports-color@7.2.0: - dependencies: - has-flag: 4.0.0 - - supports-color@8.1.1: - dependencies: - has-flag: 4.0.0 - - text-hex@1.0.0: {} - - thenify-all@1.6.0: - dependencies: - thenify: 3.3.1 - - thenify@3.3.1: - dependencies: - any-promise: 1.3.0 - - thread-stream@3.1.0: - dependencies: - real-require: 0.2.0 - - to-regex-range@5.0.1: - dependencies: - is-number: 7.0.0 - - toad-cache@3.7.0: {} - - touch@3.1.1: {} - - tough-cookie@4.1.4: - dependencies: - psl: 1.9.0 - punycode: 2.3.1 - universalify: 0.2.0 - url-parse: 1.5.10 - - tr46@1.0.1: - dependencies: - punycode: 2.3.1 - - tree-kill@1.2.2: {} - - triple-beam@1.4.1: {} - - ts-interface-checker@0.1.13: {} - - ts-mixer@6.0.4: {} - - ts-node@10.9.2(@types/node@22.5.2)(typescript@5.5.4): - dependencies: - '@cspotcode/source-map-support': 0.8.1 - '@tsconfig/node10': 1.0.11 - '@tsconfig/node12': 1.0.11 - '@tsconfig/node14': 1.0.3 - '@tsconfig/node16': 1.0.4 - '@types/node': 22.5.2 - acorn: 8.12.1 - acorn-walk: 8.3.3 - arg: 4.1.3 - create-require: 1.1.1 - diff: 4.0.2 - make-error: 1.3.6 - typescript: 5.5.4 - v8-compile-cache-lib: 3.0.1 - yn: 3.1.1 - - tslib@2.7.0: {} - - tsup@8.2.4(tsx@4.19.0)(typescript@5.5.4): - dependencies: - bundle-require: 5.0.0(esbuild@0.23.1) - cac: 6.7.14 - chokidar: 3.6.0 - consola: 3.2.3 - debug: 4.3.6 - esbuild: 0.23.1 - execa: 5.1.1 - globby: 11.1.0 - joycon: 3.1.1 - picocolors: 1.1.0 - postcss-load-config: 6.0.1(tsx@4.19.0) - resolve-from: 5.0.0 - rollup: 4.21.2 - source-map: 0.8.0-beta.0 - sucrase: 3.35.0 - tree-kill: 1.2.2 - optionalDependencies: - typescript: 5.5.4 - transitivePeerDependencies: - - jiti - - supports-color - - tsx - - yaml - - tsx@4.19.0: - dependencies: - esbuild: 0.23.1 - get-tsconfig: 4.8.0 - optionalDependencies: - fsevents: 2.3.3 - - tunnel-agent@0.6.0: - dependencies: - safe-buffer: 5.2.1 - - type-detect@4.0.8: {} - - type-detect@4.1.0: {} - - type-fest@0.20.2: {} - - typescript@5.5.4: {} - - undefsafe@2.0.5: {} - - undici-types@6.19.8: {} - - undici@6.19.8: {} - - universalify@0.2.0: {} - - url-parse@1.5.10: - dependencies: - querystringify: 2.2.0 - requires-port: 1.0.0 - - url@0.10.3: - dependencies: - punycode: 1.3.2 - querystring: 0.2.0 - - util-deprecate@1.0.2: {} - - util@0.12.5: - dependencies: - inherits: 2.0.4 - is-arguments: 1.1.1 - is-generator-function: 1.0.10 - is-typed-array: 1.1.13 - which-typed-array: 1.1.15 - - uuid@8.0.0: {} - - uuid@9.0.1: {} - - v8-compile-cache-lib@3.0.1: {} - - web-streams-polyfill@3.3.3: {} - - webidl-conversions@4.0.2: {} - - websocket-driver@0.7.4: - dependencies: - http-parser-js: 0.5.8 - safe-buffer: 5.2.1 - websocket-extensions: 0.1.4 - - websocket-extensions@0.1.4: {} - - whatwg-encoding@3.1.1: - dependencies: - iconv-lite: 0.6.3 - - whatwg-mimetype@4.0.0: {} - - whatwg-url@7.1.0: - dependencies: - lodash.sortby: 4.7.0 - tr46: 1.0.1 - webidl-conversions: 4.0.2 - - which-typed-array@1.1.15: - dependencies: - available-typed-arrays: 1.0.7 - call-bind: 1.0.7 - for-each: 0.3.3 - gopd: 1.0.1 - has-tostringtag: 1.0.2 - - which@1.3.1: - dependencies: - isexe: 2.0.0 - - which@2.0.2: - dependencies: - isexe: 2.0.0 - - winston-transport@4.7.1: - dependencies: - logform: 2.6.1 - readable-stream: 3.6.2 - triple-beam: 1.4.1 - - winston@3.14.2: - dependencies: - '@colors/colors': 1.6.0 - '@dabh/diagnostics': 2.0.3 - async: 3.2.6 - is-stream: 2.0.1 - logform: 2.6.1 - one-time: 1.0.0 - readable-stream: 3.6.2 - safe-stable-stringify: 2.5.0 - stack-trace: 0.0.10 - triple-beam: 1.4.1 - winston-transport: 4.7.1 - - workerpool@6.5.1: {} - - wrap-ansi@7.0.0: - dependencies: - ansi-styles: 4.3.0 - string-width: 4.2.3 - strip-ansi: 6.0.1 - - wrap-ansi@8.1.0: - dependencies: - ansi-styles: 6.2.1 - string-width: 5.1.2 - strip-ansi: 7.1.0 - - wrappy@1.0.2: {} - - ws@8.18.0: {} - - xml2js@0.6.2: - dependencies: - sax: 1.2.1 - xmlbuilder: 11.0.1 - - xmlbuilder@11.0.1: {} - - xtend@4.0.2: {} - - y18n@5.0.8: {} - - yargs-parser@20.2.9: {} - - yargs-parser@21.1.1: {} - - yargs-unparser@2.0.0: - dependencies: - camelcase: 6.3.0 - decamelize: 4.0.0 - flat: 5.0.2 - is-plain-obj: 2.1.0 - - yargs@16.2.0: - dependencies: - cliui: 7.0.4 - escalade: 3.2.0 - get-caller-file: 2.0.5 - require-directory: 2.1.1 - string-width: 4.2.3 - y18n: 5.0.8 - yargs-parser: 20.2.9 - - yargs@17.7.2: - dependencies: - cliui: 8.0.1 - escalade: 3.2.0 - get-caller-file: 2.0.5 - require-directory: 2.1.1 - string-width: 4.2.3 - y18n: 5.0.8 - yargs-parser: 21.1.1 - - yn@3.1.1: {} - - yocto-queue@0.1.0: {} - - yoctocolors@2.1.1: {} - - youtube-dl-wrap@https://codeload.github.com/insanity54/youtube-dl-wrap/tar.gz/b47e9388063b4ef516624112ef59b7d11f7775d9: {} diff --git a/services/capture/src/Capture.js b/services/capture/src/Capture.js deleted file mode 100644 index c0f9c80..0000000 --- a/services/capture/src/Capture.js +++ /dev/null @@ -1,121 +0,0 @@ - -import Voddo from './Voddo.js' - - -export default class Capture { - - constructor(opts) { - this.date = opts?.date - this.sql = opts.sql - this.ipfs = opts.ipfs - this.idleTimeout = opts.idleTimeout || 1000*60*15 - this.video = opts.video - this.voddo = opts.voddo - this.workerId = opts.workerId - return this - } - - - /** - * upload VOD to ipfs - * - * @return {Promise} - * @resolves {String} cid - */ - async upload (filename) { - const cid = await this.ipfs.upload(filename) - return cid - } - - - - /** - * save Vod data to db - */ - async save (cid, timestamp) { - console.log({ level: 'debug', message: `saving ${cid} \n w/ captureDate ${timestamp}` }) - this.date = timestamp - return await this.sql`INSERT INTO vod ( "videoSrcHash", "captureDate" ) values (${cid}, ${timestamp}) returning *` - } - - - /** - * advertise the vod segment(s) we captured. - * futureporn/commander uses this data to elect one worker to upload the VOD - */ - async advertise () { - const segments = await this.voddo.getRecordedSegments() - const streams = Voddo.groupStreamSegments(segments) - const workerId = this.workerId - logger.log({ level: 'debug', message: `Advertising our VOD streams(s) ${JSON.stringify({segments, streams, workerId})}` }) - this.sql.notify('capture/vod/advertisement', JSON.stringify({segments, streams, workerId})) - } - - - listen () { - this.sql.listen('scout/stream/stop', (data) => { - logger.log({ level: 'debug', message: 'Scout said the stream has stopped. I will advertise the vod segment(s) I have.' }) - this.advertise() - }) - - this.sql.listen('commander/vod/election', async (data) => { - if (data.workerId === this.workerId) { - logger.log({ level: 'debug', message: 'Commander elected me to process/upload' }) - this.process(await this.voddo.getFilenames()) - } else { - logger.log({ level: 'debug', message: `Commander elected ${data.workerId} to process/upload their vod segment(s)` }) - } - }) - - return this - } - - - /** - * process video(s) after end of stream - * - * @param {String[]} filenames - * @returns {void} - */ - async process (filenames) { - this.date = filenames[0].timestamp - - logger.log({ level: 'debug', message: 'concatenation in progress...' }) - const file = await this.video.concat(filenames) - - logger.log({ level: 'debug', message: `uploading ${file}` }) - const cid = await this.ipfs.upload(file) - - logger.log({ level: 'debug', message: 'db save in progress' }) - await this.save(cid, this.date) - - } - - - - /** - * download a livestream - * - * - initializes Voddo - * - invokes this.process() as side effect - * - * @return {void} - */ - async download () { - this.voddo.on('start', (data) => { - logger.log({ level: 'debug', message: 'voddo started' }) - logger.log({ level: 'debug', message: data }) - this.sql.notify('capture/file', JSON.stringify(data)) - }) - this.voddo.on('stop', (report) => { - logger.log({ level: 'debug', message: `Got a stop event from Voddo` }) - }) - logger.log({ level: 'debug', message: 'starting voddo' }) - this.voddo.start() - } - -} - - - - diff --git a/services/capture/src/Capture.spec.js b/services/capture/src/Capture.spec.js deleted file mode 100644 index 6b71bfa..0000000 --- a/services/capture/src/Capture.spec.js +++ /dev/null @@ -1,147 +0,0 @@ - -import Video from './Video.js' -import Capture from './Capture.js' -import Ipfs from './Ipfs.js' -import chai, { expect } from 'chai' -import { dirname } from 'path'; -import { fileURLToPath } from 'url'; -import path from 'node:path' -import sinon from 'sinon' -import sinonChai from 'sinon-chai' -import { CID } from 'multiformats/cid' -import Voddo from './Voddo.js' -import EventEmitter from 'node:events' -import postgres from 'postgres' - -chai.use(sinonChai) - -const Timer = setTimeout(()=>{},0).constructor -const fixtureDate = 1581117660000 -const cidFixture = 'bafybeid3mg5lzrvnmpfi5ftwhiupp7i5bgkmdo7dnlwrvklbv33telrrry' -const __dirname = dirname(fileURLToPath(import.meta.url)); - -describe('Capture', function () { - - let clock - - const sandbox = sinon.createSandbox() - - beforeEach(() => { - - clock = sandbox.useFakeTimers({ - toFake: ["setTimeout", "setInterval"], - shouldAdvanceTime: false - }); - - // // const sql = postgres({ - // // idle_timeout: 1 - // // }) - - // let pgStub = (opts) => { - // let sql = (args) => {} - // return sql - // } - const sqlRaw = postgres() - const sql = sandbox.stub(sqlRaw) - // sql.listen.resolves(fixtureDate) - // sql.notify.resolves(92834) - // sinon.stub(postgres, 'notify') - // sinon.createStubInstance(postgres) - // sql - // .withArgs('INSERT INTO vod ( videoSrcHash, captureDate ) values (bafybeid3mg5lzrvnmpfi5ftwhiupp7i5bgkmdo7dnlwrvklbv33telrrry, 1581117660000) returning *') - // .resolves({ msg: 'idk' }) - // sinon.stub(sql, 'notify').returns() - - - - - // const ipfs = sandbox.createStubInstance(Ipfs) - // ipfs.upload.withArgs('/tmp/mycoolfile.mp4').resolves(cidFixture) - // capture = new Capture({ - // sql, - // ipfs, - // video, - // voddo - // }) - // sandbox.stub(capture, 'process').resolves() - }) - - afterEach(() => { - sandbox.restore() - clock.restore() - }) - - - - describe('upload', function () { - it('should upload a video to ipfs', async function () { - - const sqlRaw = postgres() - const sql = sandbox.stub(sqlRaw) - - const video = sandbox.stub() - const voddo = sandbox.createStubInstance(Voddo) - voddo.on.callThrough() - voddo.emit.callThrough() - voddo.listeners.callThrough() - voddo.listenerCount.callThrough() - - - voddo.start.callsFake(() => { - voddo.emit('start', { file: '/tmp/burrito.mp4', timestamp: 1 }) - }) - - const ipfs = sandbox.createStubInstance(Ipfs) - ipfs.upload.withArgs('/tmp/mycoolfile.mp4').resolves(cidFixture) - const capture = new Capture({ - sql, - ipfs, - video, - voddo - }) - - const cid = await capture.upload('/tmp/mycoolfile.mp4') - expect(() => CID.parse(cid), `The IPFS CID '${cid}' is invalid.`).to.not.throw() - expect(capture.ipfs.upload).calledOnce - }) - }) - describe('save', function () { - it('should save to db', async function () { - - const sqlRaw = postgres() - const sql = sandbox.stub(sqlRaw) - - const video = sandbox.stub() - const voddo = sandbox.createStubInstance(Voddo) - voddo.on.callThrough() - voddo.emit.callThrough() - voddo.listeners.callThrough() - voddo.listenerCount.callThrough() - - - voddo.start.callsFake(() => { - voddo.emit('start', { file: '/tmp/burrito.mp4', timestamp: 1 }) - }) - - const ipfs = sandbox.createStubInstance(Ipfs) - ipfs.upload.withArgs('/tmp/mycoolfile.mp4').resolves(cidFixture) - const capture = new Capture({ - sql, - ipfs, - video, - voddo - }) - - // I can't stub sql`` because of that template string override so i'm just stubbing capture.save - // I think this is an evergreen test ¯\_(ツ)_/¯ - sandbox.stub(capture, 'save').resolves([ - { id: 1, cid: cidFixture, captureDate: fixtureDate } - ]) - const vod = await capture.save(cidFixture, fixtureDate) - }) - }) - - - - -}) \ No newline at end of file diff --git a/services/capture/src/Ipfs.js b/services/capture/src/Ipfs.js deleted file mode 100644 index 7d20638..0000000 --- a/services/capture/src/Ipfs.js +++ /dev/null @@ -1,57 +0,0 @@ - -import {execa} from 'execa' -import {loggerFactory} from 'common/logger' - -const logger = loggerFactory({ - service: 'futureporn/capture' -}) - -export default class Ipfs { - constructor(opts) { - this.multiaddr = opts?.IPFS_CLUSTER_HTTP_API_MULTIADDR - this.username = opts?.IPFS_CLUSTER_HTTP_API_USERNAME - this.password = opts?.IPFS_CLUSTER_HTTP_API_PASSWORD - this.ctlExecutable = opts?.ctlExecutable || '/usr/local/bin/ipfs-cluster-ctl' - this.ipfsExecutable = opts?.ipfsExecutable || '/usr/local/bin/ipfs' - } - getArgs () { - let args = [ - '--no-check-certificate', - '--host', this.multiaddr, - '--basic-auth', `${this.username}:${this.password}` - ] - return args - } - async upload (filename, expiryDuration = false) { - try { - let args = getArgs() - - args = args.concat([ - 'add', - '--quieter', - '--cid-version', 1 - ]) - - if (expiryDuration) { - args = args.concat(['--expire-in', expiryDuration]) - } - - args.push(filename) - - const { stdout } = await execa(this.ctlExecutable, args) - return stdout - } catch (e) { - logger.log({ level: 'error', message: 'Error while adding file to ipfs' }) - logger.log({ level: 'error', message: e }) - } - } - async hash (filename) { - try { - const { stdout } = await execa(this.ipfsExecutable, ['add', '--quiet', '--cid-version=1', '--only-hash', filename]) - return stdout - } catch (e) { - logger.log({ level: 'error', message: 'Error while hashing file' }) - logger.log({ level: 'error', message: e }) - } - } -} \ No newline at end of file diff --git a/services/capture/src/Record.spec.ts b/services/capture/src/Record.spec.ts deleted file mode 100644 index dc0aab5..0000000 --- a/services/capture/src/Record.spec.ts +++ /dev/null @@ -1,97 +0,0 @@ -import Record, { UploadStreamClosedError } from "./Record.js" -import * as chai from 'chai' -import { ChildProcess, spawn } from "child_process" -import { createReadStream, readFileSync, ReadStream } from "fs" -import AWSMock from 'aws-sdk-mock' -import sinon from 'sinon'; -import sinonChai from 'sinon-chai'; -import { PutObjectCommand, PutObjectCommandInput, S3Client, CreateMultipartUploadCommand, UploadPartCommand, UploadPartCommandInput } from "@aws-sdk/client-s3" -import { join, dirname } from "path" -import { fileURLToPath } from "url" -import { S3 } from 'aws-sdk'; -import { HeadObjectOutput } from 'aws-sdk/clients/s3'; -import { Readable } from 'stream'; -import { mockClient } from 'aws-sdk-client-mock'; -import { sdkStreamMixin } from '@smithy/util-stream' -import chaiAsPromised from 'chai-as-promised' -chai.use(chaiAsPromised) -const expect = chai.expect - -// "pay no attention to that man behind the curtain" - -// export function getObjectReadStream(s3Client: S3, Bucket: string, Key: string): Readable { -// return s3Client.getObject({ Bucket, Key }).createReadStream(); -// } - -// export async function waitForObjectExists( -// s3Client: S3Client, -// Bucket: string, -// Key: string -// ): Promise { -// return s3Client.waitFor('objectExists', { Bucket, Key }).promise(); -// } -const __dirname = dirname(fileURLToPath(import.meta.url)); - - - -const testStreamDir = '/tmp/record-test-stream.m3u8' - -describe('Record', function () { - // mocking @aws-sdk/lib-storage Upload() has some nuances. - // @see https://github.com/m-radzikowski/aws-sdk-client-mock?tab=readme-ov-file#lib-storage-upload - - - it('should accept a {ReadStream} as input', async function () { - const inputStream = createReadStream(join(__dirname, './fixtures/mock-stream0.mp4')) // 192627 bytes - const s3ClientMock = mockClient(S3Client) - s3ClientMock.on(CreateMultipartUploadCommand).resolves({UploadId: '1'}); - s3ClientMock.on(UploadPartCommand).resolves({ETag: '1'}); - const s3Client = new S3Client({ region: 'us-west-000' }) - const jobId = 'test-job-1234' - const record = new Record({ inputStream, s3Client, bucket: 'test', jobId }) - await record.start() - expect(record).to.have.property('counter', 192627) - expect(record).to.have.property('bucket', 'test') - }) - - xit('should be abortable', async function () { - const inputStream = createReadStream(join(__dirname, './fixtures/mock-stream0.mp4')) // 192627 bytes - const s3ClientMock = mockClient(S3Client) - const s3Client = new S3Client({ region: 'us-west-000' }) - s3ClientMock.on(CreateMultipartUploadCommand).resolves({UploadId: '1'}); - s3ClientMock.on(UploadPartCommand).resolves({ETag: '1'}); - const jobId = 'test-job-3456' - const record = new Record({ inputStream, s3Client, jobId, bucket: 'test' }) - await record.start() - expect(record).to.have.property('abortController') - await record.abort() - }) - - xit('should throw if the upload stream closes before the download stream closes', async function () { - - const s3Mock = mockClient(S3Client) - // const inputStream = createReadStream(join(__dirname, './fixtures/mock-stream0.mp4')) - const inputStream = createReadStream('/dev/random') // forever random - // const s3Client = new S3Client({ region: 'us-west-000' }) - // s3ClientMock.on() - s3Mock.on(PutObjectCommand).resolvesOnce({}).resolvesOnce({}).rejects({}) - const s3 = new S3Client({ region: 'us-west-000' }) - - return expect(s3.send(new PutObjectCommand({ Body: inputStream, Bucket: 'taco', Key: 'my-cool-taco.mp4' }))).to.be.rejectedWith(UploadStreamClosedError) - - }) - - xit('should restart if a EPIPE is encountered', async function () { - // @todo IDK how to implement this. - const inputStream = createReadStream(join(__dirname, './fixtures/mock-stream0.mp4')) - const s3ClientMock = mockClient(S3Client) - s3ClientMock.on(CreateMultipartUploadCommand).resolves({UploadId: '1'}) - s3ClientMock.on(UploadPartCommand).rejectsOnce({cause: 'simulated network interruption'}).resolves({ ETag: '1' }) // this rejection is probably not specific enough to simulate EPIPE - const s3Client = new S3Client({ region: 'us-west-000' }) - const record = new Record({ inputStream, s3Client, channel: 'coolguy_69', bucket: 'test' }) - await record.start() - expect(record).to.have.property('counter', 192627) - }) - - -}) \ No newline at end of file diff --git a/services/capture/src/Record.ts b/services/capture/src/Record.ts deleted file mode 100644 index b6df091..0000000 --- a/services/capture/src/Record.ts +++ /dev/null @@ -1,269 +0,0 @@ -import { spawn } from 'child_process'; -import { PassThrough, pipeline, Readable } from 'stream'; -import EventEmitter from 'events'; -import { Upload } from "@aws-sdk/lib-storage"; -import { CompleteMultipartUploadCommand, S3Client } from "@aws-sdk/client-s3"; -import 'dotenv/config' -import { promisify } from 'util'; - -// @see https://nodejs.org/api/events.html#capture-rejections-of-promises -EventEmitter.captureRejections = true; - -const pipelinePromise = promisify(pipeline) -const ua0 = 'Mozilla/5.0 (X11; Linux x86_64; rv:105.0) Gecko/20100101 Firefox/105.0' - -export class UploadStreamClosedError extends Error { - constructor(message: string) { - super(message) - Object.setPrototypeOf(this, UploadStreamClosedError.prototype) - } -} - -export interface RecordArgs { - filename?: string; - s3Client: S3Client; - bucket: string; - date?: string; - inputStream: Readable; - jobId: string; - abortSignal: AbortSignal; - onProgress: (fileSize: number) => void; -} - -interface MakeS3ClientOptions { - accessKeyId: string; - secretAccessKey: string; - region: string; - endpoint: string -} - -interface getFFmpegOptions { - url: string; -} - -export default class Record { - private s3Client: S3Client; - private uploadStream: PassThrough; - inputStream: Readable; - counter: number; - bucket: string; - keyName: string; - datestamp: string; - filename?: string; - jobId: string; - date?: string; - abortSignal: AbortSignal; - onProgress: Function; - upload?: Upload; - - constructor({ inputStream, s3Client, bucket, jobId, abortSignal, onProgress }: RecordArgs) { - if (!inputStream) throw new Error('Record constructor was missing inputStream.'); - if (!bucket) throw new Error('Record constructor was missing bucket.'); - if (!jobId) throw new Error('Record constructer was missing jobId!'); - if (!s3Client) throw new Error('Record constructer was missing s3Client'); - if (!abortSignal) throw new Error('Record constructer was missing abortSignal'); - this.inputStream = inputStream - this.onProgress = onProgress - this.s3Client = s3Client - this.bucket = bucket - this.jobId = jobId - this.counter = 0 - this.datestamp = new Date().toISOString() - this.keyName = `${this.datestamp}-${jobId}.ts` - this.uploadStream = new PassThrough() - this.abortSignal = abortSignal - this.abortSignal.addEventListener("abort", this.abortEventListener.bind(this)) - this.upload - } - - - - static makeS3Client({ - accessKeyId, - secretAccessKey, - region, - endpoint - }: MakeS3ClientOptions): S3Client { - const client = new S3Client({ - endpoint, - region, - credentials: { - accessKeyId, - secretAccessKey - } - }) - return client - } - - static getFFmpegStream({ url }: getFFmpegOptions): Readable { - console.log(`getFFmpegStream using url=${url}`) - const ffmpegProc = spawn('ffmpeg', [ - '-headers', `"User-Agent: ${ua0}"`, - '-i', url, - '-c:v', 'copy', - '-c:a', 'copy', - '-movflags', 'faststart', - '-y', - '-f', 'mpegts', - '-loglevel', 'quiet', - 'pipe:1' - ], { - // ignoring stderr is important because if not, ffmpeg will fill that buffer and node will hang - stdio: ['pipe', 'pipe', 'ignore'] - }) - return ffmpegProc.stdout - } - - - - abortEventListener() { - console.log(`abortEventListener has been invoked. this.abortSignal is as follows`) - console.log(this.abortSignal) - console.log(JSON.stringify(this.abortSignal, null, 2)) - const reason = this.abortSignal.reason - console.log(`aborted the stream download with reason=${reason}`) - this.inputStream.destroy(new Error(reason)) - } - - async uploadToS3() { - const target = { - Bucket: this.bucket, - Key: this.keyName, - Body: this.uploadStream - } - - // greets https://stackoverflow.com/a/70159394/1004931 - try { - this.upload = new Upload({ - client: this.s3Client, - partSize: 1024 * 1024 * 5, - queueSize: 1, - leavePartsOnError: false, - params: target, - }); - - this.upload.on("httpUploadProgress", (progress) => { - if (progress?.loaded) { - // console.log(progress) - if (this.onProgress) this.onProgress(this.counter); - // console.log(`uploaded ${progress.loaded} bytes (${prettyBytes(progress.loaded)})`); - } else { - console.log(`httpUploadProgress ${JSON.stringify(progress, null, 2)}`) - } - }); - - console.log(`Uploading to bucket=${this.bucket}. Waiting for parallelUploads3 to finish...`) - // @todo there is a problem that results in COMPLETE LOSS OF SEGMENT DATA. - // when the download stream closes before the upload stream, I think the upload stream gets cut off. - // this means the upload isn't allowed to save and that means no data whatsoever gets put to S3. - // is that right? IDK what's happening, but we don't get any segment data on S3 at all?? - // Ok I just checked the Backblaze dashboard and we are uploading. Backblaze says the bytes are at 0 but - // it also shows a partial upload of 550MB which matches what capture-worker is showing has been captured so far. - // So I think what is happening is the upload is happening, but it's not finishing. - // It looks like the finish is only allowed to happen under completely normal circumstances. - // However, the segment upload may fail in production, and we need to let the upload finish even then. - // - // I think I need to call CompleteMultipartUpload. https://docs.aws.amazon.com/AmazonS3/latest/API/API_CompleteMultipartUpload.html - // Yes, that's right. Apparently parallelUploads3.done() returns a Promise which will resolve to CompleteMultipartUploadCommandOutput. - // But because of the catch, that promise will never resolve? - // What happens to an in-progress Promise when an error is thrown? - - // await this.upload.done(); - // console.log('Upload is complete.') - // return this.uploadStream - - - } catch (e) { - // if we got an abort error, e.name is not AbortError as expected. Instead, e.name is Error. - // so in order to catch AbortError, we don't even look there. instead, we check if our abortcontroller was aborted. - // in other words, `(e.name === 'AbortError')` will never be true. - if (this.abortSignal.aborted) { - console.error('While uploading, the upload was aborted.') - setTimeout(async () => { - await this.upload?.abort() - }, 1000) - // if (this.upload) { - // const command = new CompleteMultipartUploadCommand() - // } - return; - } - - if (e instanceof Error) { - console.error(`We were uploading a file to S3 but then we encountered an exception!`) - console.error(e) - throw e - } else { - throw new Error(`error of some sort ${JSON.stringify(e, null, 2)}`) - } - } - } - - - - async start() { - - - - // streams setup - - this.uploadStream.on('data', (data) => { - this.counter += data.length - }) - this.uploadStream.on('close', () => { - // if uploadStream closes before inputStream, throw an error. - if (!this.inputStream.closed) { - const msg = 'upload stream closed before download stream, which suggests the S3 upload failed.' - console.error(msg) - throw new UploadStreamClosedError(msg); - } else { - console.log('upload stream has closed. In this instance it is OK since the input stream is also closed.') - } - }) - this.uploadStream.on('error', (e) => { - console.error('there was an error on the uploadStream. error as follows') - console.error(e) - }) - - // input stream event handlers - this.inputStream.on('close', () => { - console.log('[!!!] input stream has closed.') - }) - this.inputStream.on('error', (e) => { - console.error('there was an error on the inputStream. error as follows') - console.error(e) - }) - this.inputStream.on('drain', () => { - console.info('[vvv] drain on inputStream.') - }) - - - // pipe the ffmpeg stream to the S3 upload stream - // this has the effect of uploading the stream to S3 at the same time we're recording it. - console.log(`>>> awaiting pipeline promise`) - const streamPromise = pipelinePromise( - this.inputStream, - this.uploadStream - ) - - this.uploadToS3() - await Promise.all([streamPromise, this.upload?.done()]) - - // console.log('awaiting uploadToS3()...') - // await this.uploadToS3() - // console.log('uploadToS3() is complete.') - - console.log(`streamPromise completed with jobId=${this.jobId}, keyName=${this.keyName}`) - - return { - jobId: this.jobId, - keyName: this.keyName - } - } - - async stop() { - throw new Error('@todo please implement') - } -} - - - diff --git a/services/capture/src/RecordNextGeneration.spec.ts b/services/capture/src/RecordNextGeneration.spec.ts deleted file mode 100644 index 8aed063..0000000 --- a/services/capture/src/RecordNextGeneration.spec.ts +++ /dev/null @@ -1,15 +0,0 @@ -import RecordNextGeneration from './RecordNextGeneration.ts' -import getVod from '@futureporn/fetchers/getVod.ts' -import createVod from '@futureporn/fetchers/createVod.ts' - -describe('RecordNextGeneration', function () { - describe('integration', function () { - it('should stream to S3', async function () { - this.timeout(30000) - const cv = await createVod() - if (!cv) throw new Error('failed to get vod from createVod()'); - const recordNG = new RecordNextGeneration({ url: 'https://futureporn-b2.b-cdn.net/projektmelody-chaturbate-2024-06-15.mp4', vodId: cv.id }) - const uv = await getVod(cv.id) - }) - }) -}) \ No newline at end of file diff --git a/services/capture/src/RecordNextGeneration.ts b/services/capture/src/RecordNextGeneration.ts deleted file mode 100644 index d9380bb..0000000 --- a/services/capture/src/RecordNextGeneration.ts +++ /dev/null @@ -1,570 +0,0 @@ -/** - * RecordNextGeneration.ts - */ - -import { VodResponse } from "@futureporn/types" -import { PassThrough, Readable, type Writable } from "stream" -import { join } from 'node:path' -import { ua0 } from '@futureporn/utils/name.ts' -import { ChildProcessByStdio, spawn } from 'child_process' -import { pipeline } from "stream/promises" -import { configs } from "./config" -import { nanoid } from 'nanoid' -import { Upload, type Progress } from "@aws-sdk/lib-storage" -import { S3Client } from '@aws-sdk/client-s3' -import prettyBytes from "pretty-bytes" -import updateSegmentInDatabase from "@futureporn/fetchers/updateSegmentInDatabase.ts" -import { getRecordingRelatedToVod } from "@futureporn/fetchers/getRecording.ts" -import createSegment from "@futureporn/fetchers/createSegment.ts" -import { createReadStream, createWriteStream } from "fs" -import pRetry from 'p-retry' -import { type SegmentResponse } from '@futureporn/types' -import getPlaylistUrl from "@futureporn/fetchers/getPlaylistUrl.ts" -import { isBefore, isAfter, sub } from 'date-fns' -import { setTimeout } from 'node:timers/promises'; -import { - RoomOfflineError, - PlaylistFailedError, - AdminAbortedError, - ExhaustedRetriesError, -} from '@futureporn/utils/error.ts' - -export interface RecordNextGenerationArguments { - vodId: string; - url: string; -} - - - - - -/** - * # RecordNextGeneration - * - * The function which records VODs in a Futureporn specific, fault-tolerant way. - * - * ## Issues/TODO list - * - * @done [x] onProgress stops firing - * @done [x] OOMKilled seen via development environment - * @todo [ ] undefined behavior during CB private shows - * @todo [ ] does not handle CB Hidden Camera ticket shows - * @done [x] Upload segments in a way that does not interrupt downloading new segments. - * There is an issue where a segment download ends, and the segment upload immediately begins. - * At first glance this looks like good behavior, but what is happening during the segment upload is that the livestream - * is continuing, but we aren't recording it anymore. We are using Backblaze, thus uploads are slow. - * We miss a lot of the stream because the upload takes many minutes. - * Instead of this behavior of immediately uploading after a segment download completes, we should upload once the livestream is finished, - * OR we should upload while concurrently downloading the next segment. - * @done [x] Move retrying from the {Task} `record` context to the class `RecordNextGeneration` context. - * There is an issue where the `record` task needs to retry after a temporary failure, but it cannot because there aren't any available workers. - * The solution is to not exit the `record` task at all, and instead keep the `record` task running, but suspended while a exponential backoff timer elapses. - * This way, the worker stays focused on the recording and retries until the stream has been offline for n minutes, at which point `record` is complete. - * @done [x] Abort process results in corrupted .ts files that ffmpeg/vlc/kdenlive cannot read. Granted, aborted vods are those which are NOT desirable to save, so maybe we ignore this issue? - * @done [x] RecordNextGeneration gives up immediately in response to RoomOffline. It must retry until 5 minutes have elapsed. - * @done [x] .bytes and .bytes_uploaded do not match at the end of the upload. .bytes_uploaded is curiously larger than .bytes! - * @todo [ ] Two jobs can occur concurrently (technically env var WORKER_CONCURRENCY allows for >1 so this isn't a bug) - * I set it to 1. Now we just need to test that only 1 job can happen at a time. - * - * ``` - * updateSegmentBytes() Segment 0 -- segment.id=2bf39450-2911-4f26-aca6-41cf092fd5e6 .bytes=6017952380 .bytes_uploaded=4571791360 .s3_key=MufqGsVF2hY6sAtN5rmrX.ts .vod.id=cbc80caf-73e5-41e5-8bbb-2d03ca234aca -updateSegmentBytes() Segment 0 -- segment.id=2bf39450-2911-4f26-aca6-41cf092fd5e6 .bytes=6017952380 .bytes_uploaded=4592762880 .s3_key=MufqGsVF2hY6sAtN5rmrX.ts .vod.id=cbc80caf-73e5-41e5-8bbb-2d03ca234aca -updateSegmentBytes() Segment 0 -- segment.id=2bf39450-2911-4f26-aca6-41cf092fd5e6 .bytes=6017952380 .bytes_uploaded=4613734400 .s3_key=MufqGsVF2hY6sAtN5rmrX.ts .vod.id=cbc80caf-73e5-41e5-8bbb-2d03ca234aca -updateSegmentBytes() Segment 0 -- segment.id=2bf39450-2911-4f26-aca6-41cf092fd5e6 .bytes=6017952380 .bytes_uploaded=4624220160 .s3_key=MufqGsVF2hY6sAtN5rmrX.ts .vod.id=cbc80caf-73e5-41e5-8bbb-2d03ca234aca -updateSegmentBytes() Segment 0 -- segment.id=2bf39450-2911-4f26-aca6-41cf092fd5e6 .bytes=6017952380 .bytes_uploaded=4645191680 .s3_key=MufqGsVF2hY6sAtN5rmrX.ts .vod.id=cbc80caf-73e5-41e5-8bbb-2d03ca234aca -during startProgressReports(), we encountered the following error. -TypeError: fetch failed - at node:internal/deps/undici/undici:13178:13 - at process.processTicksAndRejections (node:internal/process/task_queues:95:5) - at async updateSegmentInDatabase (/app/packages/fetchers/src/updateSegmentInDatabase.ts:29:15) - at async RecordNextGeneration.updateSegmentBytes (/app/services/capture/src/RecordNextGeneration.ts:342:21) - at async RecordNextGeneration.updateDatabaseRecords (/app/services/capture/src/RecordNextGeneration.ts:326:5) - at async Timeout._onTimeout (/app/services/capture/src/RecordNextGeneration.ts:352:9) { - [cause]: Error: getaddrinfo EAI_AGAIN postgrest.futureporn.svc.cluster.local - at GetAddrInfoReqWrap.onlookupall [as oncomplete] (node:dns:120:26) { - errno: -3001, - code: 'EAI_AGAIN', - syscall: 'getaddrinfo', - hostname: 'postgrest.futureporn.svc.cluster.local' - } -} -``` - * - * - */ -export default class RecordNextGeneration { - - public vodId: string; - public url: string; - public s3Key?: string; - public s3Bucket?: string; - public s3Client?: S3Client; - public tmpDiskPath?: string; - private vod?: VodResponse | null; - private downloadStream?: Readable; - private downloadProcess?: ChildProcessByStdio; - private uploadStream?: PassThrough; - private uploadInstance?: Upload; - private diskStream?: Writable; - private uploadCounter: number; - private downloadCounter: number; - private databaseUpdateTimer?: NodeJS.Timeout; - private updateTimeout: number; - private abortController: AbortController; - private segments: SegmentResponse[]; - private retries: number; - - - - constructor({ vodId, url }: RecordNextGenerationArguments) { - this.vodId = vodId - this.url = url - this.uploadCounter = 0 - this.downloadCounter = 0 - this.updateTimeout = 30*1000 - this.abortController = new AbortController() - this.abortController.signal.addEventListener("abort", this.abortEventListener.bind(this)) - this.retries = 0 - this.segments = [] - - } - - async withRetry(fn: any, retries = 3) { - return pRetry(fn, { - onFailedAttempt: (e) => { - console.error(`Error during attempt:`, e); - }, - retries - }); - } - - abortEventListener() { - console.log(`abortEventListener has been invoked. this.abortSignal is as follows`) - console.log(this.abortController.signal) - // console.log(JSON.stringify(this.abortController.signal, null, 2)) - // const reason = this.abortController.signal.reason - if (this.downloadProcess) { - // console.log(`aborted the stream process with reason=${reason}`) - // we want to send SIGINT to ffmpeg rather than forcefully destroying the stream. - // this prevents the downloaded .ts file from being corrupted. - // this.downloadStream.destroy(new AdminAbortedError()) - this.downloadProcess.kill('SIGINT'); - if (this.downloadStream) { - this.downloadStream.emit('error', new AdminAbortedError()); - } - } else { - console.warn(`downloadProcess does not exist. Perhaps it has already been aborted?`) - } - } - - - // getMultipartUpload({ - // client, - // bucket, - // key, - // body, - // }: { - // client: S3Client, - // bucket: string, - // key: string, - // body: Readable, - // }) { - // const params = { - // Bucket: bucket, - // Key: key, - // Body: body - // } - // const upload = new Upload({ - // client, - // partSize: 1024 * 1024 * 5, - // queueSize: 1, - // // @see https://github.com/aws/aws-sdk-js-v3/issues/2311 - // // tl;dr: the variable name, 'leavePartsOnError' is not representative of the behavior. - // // It should instead be interpreted as, 'throwOnPartsError' - // leavePartsOnError: true, - // params - // }) - - // /** - // * aws client docs recommend against using async onProgress handlers. - // * therefore, I'm only setting this.uploadCounter inside the syncronous handler and we call async updateSegmentInDatabase() elsewhere. - // */ - // const onProgress = (progress: Progress) => { - // if (progress?.loaded) { - // console.log(`Upload progress! ${progress.loaded} bytes loaded (${prettyBytes(progress.loaded)}).`) - // this.reportMemoryUsage() - // this.uploadCounter = progress.loaded - // } - // } - // upload.on("httpUploadProgress", onProgress); - - // return upload - // } - - - // @todo there is a problem that results in COMPLETE LOSS OF SEGMENT DATA. - // when the download stream closes before the upload stream, I think the upload stream gets cut off. - // this means the upload isn't allowed to save and that means no data whatsoever gets put to S3. - // is that right? IDK what's happening, but we don't get any segment data on S3 at all?? - // Ok I just checked the Backblaze dashboard and we are uploading. Backblaze says the bytes are at 0 but - // it also shows a partial upload of 550MB which matches what capture-worker is showing has been captured so far. - // So I think what is happening is the upload is happening, but it's not finishing. - // It looks like the finish is only allowed to happen under completely normal circumstances. - // However, the segment upload may fail in production, and we need to let the upload finish even then. - // - // I think I need to call CompleteMultipartUpload. https://docs.aws.amazon.com/AmazonS3/latest/API/API_CompleteMultipartUpload.html - // Yes, that's right. Apparently parallelUploads3.done() returns a Promise which will resolve to CompleteMultipartUploadCommandOutput. - // But because of the catch, that promise will never resolve? - // What happens to an in-progress Promise when an error is thrown? - // - // maybe @see https://github.com/aws/aws-sdk-js-v3/issues/2694 - - - static getDiskStream(s3Key?: string) { - const tmpDiskPath = join(configs.cacheDir, s3Key || `${nanoid()}.ts`) - console.log(`getDiskStream() tmpDiskPath=${tmpDiskPath}`) - return createWriteStream(tmpDiskPath, { encoding: 'utf-8' }) - } - - static getFFmpeg({ playlistUrl }: { playlistUrl: string }): ChildProcessByStdio { - console.log(`getFFmpegStream using playlistUrl=${playlistUrl}`) - const ffmpegProc = spawn('ffmpeg', [ - '-headers', `"User-Agent: ${ua0}"`, - '-i', playlistUrl, - '-c:v', 'copy', - '-c:a', 'copy', - '-movflags', 'faststart', - '-y', - '-f', 'mpegts', - '-loglevel', 'quiet', - 'pipe:1' - ], { - // ignoring stderr is important because if not, ffmpeg will fill that buffer and node will hang - stdio: ['pipe', 'pipe', 'ignore'] - }) - return ffmpegProc - } - - - - onUploadProgress(segment: SegmentResponse, progress: Progress) { - // console.log('onUploadProgress() running now. progress as follows') - // console.log(progress) - // find the matching segment and update it's bytes_uploaded - const matchingSegment = this.segments.find((s) => s.id === segment.id) - if (progress?.loaded && matchingSegment) { - matchingSegment.bytes_uploaded = progress.loaded - this.reportMemoryUsage() - } - } - - - formatMemoryStats(stats: NodeJS.MemoryUsage): Record { - const formattedStats: Record = {}; - for (const key of Object.keys(stats) as Array) { - const value = stats[key]; - formattedStats[key] = `${value} (${prettyBytes(value)})`; - } - return formattedStats; - } - - reportMemoryUsage() { - const mem = process.memoryUsage() - if (mem.rss > 256000000) console.warn(`High memory usage! ${JSON.stringify(this.formatMemoryStats(mem))}`); - } - - - getS3Client() { - const clientOptions: any = { - endpoint: configs.s3Endpoint, - region: configs.s3Region, - credentials: { - accessKeyId: configs.s3AccessKeyId, - secretAccessKey: configs.s3SecretAccessKey, - }, - } - this.s3Client = new S3Client(clientOptions) - this.s3Bucket = configs.s3UscBucket - - - if (!this.s3Client) throw new Error('getS3Client() failed to get S3Client'); - if (!this.s3Bucket) throw new Error('getS3Client() failed to get s3Bucket'); - - return this.s3Client - } - - getNames() { - const s3Key = `${nanoid()}.ts` - const tmpDiskPath = join(configs.cacheDir, s3Key) - console.log(`tmpDiskPath=${tmpDiskPath}`) - return { tmpDiskPath, s3Key } - } - - - static async _dl(url: string, s3Key: string) { - const { data, error } = (await getPlaylistUrl(url)) - if (!data) throw new PlaylistFailedError(); - if (error) { - if (error === 'PlaylistFailedError') throw new PlaylistFailedError(); - if (error === 'RoomOfflineError') throw new RoomOfflineError(); - } - console.log(`_dl playlistUrl=${data.playlistUrl}`) - const ffmpegProcess = RecordNextGeneration.getFFmpeg({ playlistUrl: data.playlistUrl }) - const ffmpegStream = ffmpegProcess.stdout - const diskStream = RecordNextGeneration.getDiskStream(s3Key) - const streamPipeline = pipeline(ffmpegStream, diskStream) - return { - pipeline: streamPipeline, - ffmpegStream, - ffmpegProcess, - diskStream, - } - } - - static async _ul(client: S3Client, diskPath: string, key: string) { - const diskStream = createReadStream(diskPath) - - const params = { - Bucket: configs.s3UscBucket, - Key: key, - Body: diskStream - } - const uploadInstance = new Upload({ - client, - partSize: 1024 * 1024 * 10, - queueSize: 1, - // @see https://github.com/aws/aws-sdk-js-v3/issues/2311 - // tl;dr: the variable name, 'leavePartsOnError' is not representative of the behavior. - // It should instead be interpreted as, 'throwOnPartsError' - leavePartsOnError: true, - params - }) - - return { - uploadInstance, - diskStream, - } - } - - - async updateDatabaseRecords() { - await this.updateSegmentBytes() - await this.checkForAborted() - } - - async checkForAborted() { - const recording = await getRecordingRelatedToVod(this.vodId) - if (!recording) throw new Error(`failed to get recording related to vodId=${this.vodId}`); - if (recording.is_aborted) { - this.abortController.abort() - } - } - - async updateSegmentBytes() { - for (const [index, segment] of this.segments.entries()) { - if (segment.id) { - console.log(`updateSegmentBytes() Segment ${index} -- segment.id=${segment.id} .bytes=${segment.bytes} .bytes_uploaded=${segment.bytes_uploaded} .s3_key=${segment.s3_key} .vod.id=${segment?.vod?.id}`) - const seg = await updateSegmentInDatabase({ segment_id: segment.id, bytes: segment.bytes, bytes_uploaded: segment.bytes_uploaded }) - let matchingSegment = this.segments.find((s) => s.id === seg.id) - if (matchingSegment) matchingSegment = seg // update the locally cached segment so update_at is accurate (used during isTryingDownload()) - } - } - } - - startProgressReports() { - this.databaseUpdateTimer = setInterval(async () => { - try { - await this.updateDatabaseRecords() - } catch (e) { - console.error(`during startProgressReports(), we encountered the following error.`) - console.error(e) - } - }, this.updateTimeout) - } - - stopProgressReports() { - clearInterval(this.databaseUpdateTimer) - } - - /** - * isTryingDownload - * - * There are always more tries unless the stream has been offline for greater than 5 minutes. - */ - isTryingDownload() { - - const isSegmentPresent = (!!this.segments && this.segments?.length > 0) - // console.log(`isTryingDownload() this.segments=${this.segments}, this.segments.length=${this.segments?.length}, isSegmentPresent=${isSegmentPresent} `); - if (!isSegmentPresent) return true; - const latestSegment = this.segments.at(-1) - const hasUpdatedTimestamp = latestSegment?.updated_at - if (!hasUpdatedTimestamp) throw new Error('latestSegment does not have an updated_at property'); - const fiveMinsAgo = sub(new Date(), { minutes: 5 }) - const lastUpdatedAt = latestSegment.updated_at - console.log(`isTryingDownload fiveMinsAgo=${fiveMinsAgo.toISOString()}, lastUpdatedAt=${lastUpdatedAt}`) - return isAfter(lastUpdatedAt, fiveMinsAgo) - } - - - - /** - * done() - * - * Repeatedly download segments until there is no more stream. - * Stream is considered no-more once it has been offline for >5 minutes. - * When downloading is done, upload segments to S3. - * - * input: stream URL, such as 'https://chaturbate.com/projektmelody' - * ouptut: list of S3Files, such as [{ key: 'example1.ts' }, { key: 'example2.ts' }] - */ - async done() { - this.startProgressReports(); - try { - console.log(`>> downloadSegments() begin.`) - await this.downloadSegments(); - console.log(`>> downloadsSegments() finished. ${this.segments.length} downloaded.`) - console.log(`waiting 30 seconds for downloadSegments() to close ffmpeg ...`) // @todo potential speed optimization is to proceed as soon as file is done being written to - await setTimeout(30*1000) - console.log(`>> uploadSegments() begin.`) - await this.uploadSegments(); - console.log(`>> uploadSegments() finished.`) - } catch (e) { - console.error(`An error was encountered during done() function. This should not happen under nominal scenarios. This may be a bug; please investigate.`) - throw e - } finally { - this.stopProgressReports(); - } - } - - /** - * downloadSegment - * - * Download a single segment. - * * Creates segment in the database - * * Pushes the segment to this.segments - */ - async downloadSegment() { - const s3_key = `${nanoid()}.ts` - const segment = await createSegment(s3_key, this.vodId) - if (!segment.id) { - throw new Error(`Failed to createSegment(). segment.id was missing.`); - } - console.log(`New segment created. @see http://localhost:9000/segments?id=eq.${segment.id}&select=*,vod:vods(*,recordings(*))`) - this.segments.push(segment) - const { pipeline, ffmpegStream, ffmpegProcess } = (await RecordNextGeneration._dl(this.url, s3_key)) - if (this.downloadStream) throw new Error(`If you see this error, there is a bug in your code. downloadSegment() tried to use this.downloadStream but it was already being used by some other part of the code. Please refactor so this.downloadStream is not used by more than one function at any given time.`); - this.downloadStream = ffmpegStream - this.downloadProcess = ffmpegProcess - console.log(`setting downloadProcess as follows. ${ffmpegProcess}`) - ffmpegStream.on('data', (data) => { - let mySegment = this.segments.find((s) => s.id === segment.id) - if (mySegment) { - mySegment.bytes += data.length; - } - }) - await pipeline - delete this.downloadStream // cleanup so another iteration can use - } - - /** - * downloadSegments - * - * Fault-tolerant segment downloader. - * * Creates segments in the database. - * * Handles common errors - * * Retries until the stream has been offline for >5 minutes. - * * Recursively called - */ - async downloadSegments(): Promise { - try { - while (this.isTryingDownload()) { - // Backoff timer, in case of followup segments. - // if most recent segment was created greater than 1 minute ago, there is no timer. (immediate retry) - // else the retry timer is 30 seconds (wait before retrying) - const mostRecentSegmentCreationTimestamp = this.segments.at(-1)?.created_at - if (mostRecentSegmentCreationTimestamp) { - const thirtySecondsAgo = sub(new Date(), { seconds: 30 }) - const mostRecentSegmentCreation = new Date(mostRecentSegmentCreationTimestamp) - const isMostRecentSegmentCreatedGreaterThanOneMinuteAgo = isBefore(mostRecentSegmentCreation, thirtySecondsAgo) - if (isMostRecentSegmentCreatedGreaterThanOneMinuteAgo) console.log(`Waiting 30 seconds before next downloadSegment().`); - await setTimeout((isMostRecentSegmentCreatedGreaterThanOneMinuteAgo) ? 1000*30 : 0) - } - await this.downloadSegment() - } - } catch (e) { - if (e instanceof Error && e.name === 'RoomOfflineError') { - // If the room is offline, then we want to retry immediately. - // We do this because the offline room might be a temporary situation. - // e.g. streamer's computer bluescreened and they're coming back after they reboot. - // If the room has been offline for >5 minutes, then we consider the stream concluded and we return. - console.warn('Room is offline! ~~ lets try again, if appropriate.') - console.log(`isTryingDownload()=${this.isTryingDownload()}`) - if (this.isTryingDownload()) { - return this.downloadSegments() - } else { - return - } - - } else if (e instanceof Error && e.name === 'PlaylistFailedError') { - console.error(`sometimes @futureporn/scout fails to get the playlist URL. We want to immediately try again.`) - return this.downloadSegments() - - } else if (e instanceof Error && e.name === 'AdminAbortedError') { - // An admin aborted the recording which means we don't want to retry recording. - // we return which causes the 'record' Task to be marked as successful. - console.log(`Clear as day, that is an AdminAbortedError! ❤️`) - return - - } else if (e instanceof Error && e.name === 'DownloadFailedError') { - console.error(`We encountered a DownloadFailedError. I'm unsure why this happens. I guess we will retry.`) - return this.downloadSegments() - } - } - } - - /** - * uploadSegments - * - * Fault-tolerant segment uploader. - * * Uploads local segment files to S3 - * * Handles common errors - * * Retries each segment up to 9 times - */ - async uploadSegments() { - try { - for (const segment of this.segments.filter((s) => s.bytes > 0)) { - await this.uploadSegment(segment) - } - } catch (e) { - console.error('error during uploadSegments(). error as follows.') - console.error(e) - throw e - } - } - - async uploadSegment(segment: SegmentResponse) { - const diskPath = join(configs.cacheDir, segment.s3_key) - const key = segment.s3_key - const client = this.getS3Client() - - await pRetry(async (attemptCount: number) => { - console.log(`uploadSegment() attempt ${attemptCount}`) - if (!this.s3Client) throw new Error('S3Client') - const { uploadInstance } = (await RecordNextGeneration._ul(client, diskPath, key)) - uploadInstance.on('httpUploadProgress', (progress: Progress) => this.onUploadProgress(segment, progress)) - return uploadInstance.done() - }, { - onFailedAttempt: (e) => { - console.error(`failed to uploadSegment() with the following error. Retrying with ${e.retriesLeft} retries left.`) - console.error(e) - }, - retries: 9 - }) - - const matchingSegment = this.segments.find((s) => s.id === segment.id) - if (matchingSegment?.bytes_uploaded && matchingSegment?.bytes) { - matchingSegment.bytes_uploaded = matchingSegment.bytes - } - - } -} diff --git a/services/capture/src/Video.js b/services/capture/src/Video.js deleted file mode 100644 index 253ae28..0000000 --- a/services/capture/src/Video.js +++ /dev/null @@ -1,68 +0,0 @@ - -import { execa } from 'execa' -import { tmpdir } from 'os' -import path from 'node:path' -import fs from 'node:fs' -import os from 'node:os' - -export class VideoConcatError extends Error { - constructor (msg) { - super(msg || 'Failed to concatenate video') - this.name = 'VideoConcatError' - } -} - - - -export default class Video { - constructor (opts) { - if (typeof opts.filePaths === 'undefined') throw new Error('Video must be called with opts.filePaths'); - if (typeof opts.cwd === 'undefined') throw new Error('Video must be called with opts.cwd'); - this.filePaths = opts.filePaths - this.cwd = opts.cwd - this.room = opts.room || 'projektmelody' - this.execa = opts.execa || execa - } - - - - getFilesTxt () { - return this.filePaths - .sort((a, b) => a.timestamp - b.timestamp) - .map((d) => `file '${d.file}'`) - .join('\n') - .concat('\n') - } - - - getFilesFile () { - const p = path.join(this.cwd, 'files.txt') - fs.writeFileSync( - p, - this.getFilesTxt(this.filePaths), - { encoding: 'utf-8' } - ) - return p - } - - async concat () { - const target = path.join(this.cwd, `${this.room}-chaturbate-${new Date().valueOf()}.mp4`) - - const { exitCode, killed, stdout, stderr } = await this.execa('ffmpeg', [ - '-y', - '-f', 'concat', - '-safe', '0', - '-i', this.getFilesFile(this.filePaths), - '-c', 'copy', - target - ], { - cwd: this.cwd - }); - - if (exitCode !== 0 || killed !== false) { - throw new VideoConcatError(`exitCode:${exitCode}, killed:${killed}, stdout:${stdout}, stderr:${stderr}`); - } - - return target - } -} diff --git a/services/capture/src/Video.spec.js b/services/capture/src/Video.spec.js deleted file mode 100644 index 8b54db8..0000000 --- a/services/capture/src/Video.spec.js +++ /dev/null @@ -1,86 +0,0 @@ - -import 'dotenv/config' -import Video from './Video.js' -import { dirname } from 'path'; -import { fileURLToPath } from 'url'; -import path from 'node:path' -import os from 'node:os' -import fs from 'node:fs' -import sinon from 'sinon' -import sinonChai from 'sinon-chai' -import chai, { expect } from 'chai' - -chai.use(sinonChai); - -const __dirname = dirname(fileURLToPath(import.meta.url)); - - - -const dataFixture = [ - { - timestamp: 1, - file: 'mock-stream0.mp4' - }, { - timestamp: 2, - file: 'mock-stream1.mp4' - }, { - timestamp: 3, - file: 'mock-stream2.mp4' - } -] - -describe('Video', function () { - - let video - - before(() => { - // copy files to /tmp so we dont clutter the fixtures dir - // and simulate cwd being process.env.FUTUREPORN_TMP - dataFixture.forEach((d) => { - fs.copyFileSync( - path.join(__dirname, 'fixtures', d.file), - path.join(os.tmpdir(), d.file) - ) - }) - }) - - - - beforeEach(() => { - video = new Video({ - cwd: os.tmpdir(), - filePaths: dataFixture, - execa: sinon.fake.resolves({ exitCode: 0, killed: false, stdout: "i am so horni rn", stderr: null }) - }) - }) - - afterEach(function() { - console.log('>> sinon.restore! (afterEach)') - sinon.restore(); - }) - - - describe('getFilesTxt', function () { - it('should generate contents suitable for input to `ffmpeg -f concat`', function () { - const txt = video.getFilesTxt() - expect(txt).to.deep.equal("file 'mock-stream0.mp4'\nfile 'mock-stream1.mp4'\nfile 'mock-stream2.mp4'\n") - }) - }) - - describe('concat', function () { - it('should join multiple videos into one', async function () { - const file = await video.concat() - expect(typeof file === 'string').to.be.true - expect(video.execa).calledOnce - expect(file).to.match(/\.mp4$/) - }) - }) - - describe('getFilesFile', function () { - it('should create a files.txt and return the path', async function () { - const file = await video.getFilesFile() - expect(typeof file === 'string').to.be.true - expect(file).to.equal(path.join(os.tmpdir(), 'files.txt')) - }) - }) -}) \ No newline at end of file diff --git a/services/capture/src/Voddo.js b/services/capture/src/Voddo.js deleted file mode 100644 index 6e1a75e..0000000 --- a/services/capture/src/Voddo.js +++ /dev/null @@ -1,243 +0,0 @@ -import 'dotenv/config' -import YoutubeDlWrap from "youtube-dl-wrap"; -import { EventEmitter } from 'node:events'; -import { AbortController } from "node-abort-controller"; -import { readdir, stat } from 'node:fs/promises'; -import { join } from 'node:path' -import ffmpeg from 'fluent-ffmpeg' -import { loggerFactory } from 'common/logger' - -const logger = loggerFactory({ - service: 'futureporn/capture' -}) -const defaultStats = {segments:[],lastUpdatedAt:null} - -export default class Voddo extends EventEmitter { - constructor(opts) { - super() - this.courtesyTimer = setTimeout(() => {}, 0); - this.retryCount = 0; - this.url = opts.url; - this.format = opts.format || 'best'; - this.cwd = opts.cwd; - this.ytdlee; // event emitter for ytdlwrap - this.stats = Object.assign({}, defaultStats); - this.abortController = new AbortController(); - this.ytdl = opts.ytdl || new YoutubeDlWrap(); - if (process.env.YOUTUBE_DL_BINARY) this.ytdl.setBinaryPath(process.env.YOUTUBE_DL_BINARY); - } - - static async getVideoLength (filePath) { - return new Promise((resolve, reject) => { - ffmpeg.ffprobe(filePath, function(err, metadata) { - if (err) reject(err) - resolve(Math.floor(metadata.format.duration*1000)) - }); - }) - } - - // greets ChatGPT - static groupStreamSegments(segments, threshold = 1000*60*60) { - segments.sort((a, b) => a.startTime - b.startTime); - const streams = []; - let currentStream = []; - - for (let i = 0; i < segments.length; i++) { - const currentSegment = segments[i]; - const previousSegment = currentStream[currentStream.length - 1]; - - if (!previousSegment || currentSegment.startTime - previousSegment.endTime <= threshold) { - currentStream.push(currentSegment); - } else { - streams.push(currentStream); - currentStream = [currentSegment]; - } - } - - streams.push(currentStream); - return streams; - } - - - - - - - - /** - * getRecordedStreams - * - * get the metadata of the videos captured - */ - async getRecordedSegments() { - let f = [] - const files = await readdir(this.cwd).then((raw) => raw.filter((f) => /\.mp4$/.test(f) )) - for (const file of files) { - const filePath = join(this.cwd, file) - const s = await stat(filePath) - const videoDuration = await Voddo.getVideoLength(filePath) - const startTime = parseInt(s.ctimeMs) - const endTime = startTime+videoDuration - const size = s.size - f.push({ - startTime, - endTime, - file, - size - }) - } - this.stats.segments = f - - - return this.stats.segments - } - - isDownloading() { - // if there are event emitter listeners for the progress event, - // we are probably downloading. - return ( - this.ytdlee?.listeners('progress').length !== undefined - ) - } - - delayedStart() { - // only for testing - this.retryCount = 500 - this.courtesyTimer = this.getCourtesyTimer(() => this.download()) - } - - - start() { - // if download is in progress, do nothing - if (this.isDownloading()) { - logger.log({ level: 'debug', message: 'Doing nothing because a download is in progress.' }) - return; - } - - // if download is not in progress, start download immediately - // reset the retryCount so the backoff timer resets to 1s between attempts - this.retryCount = 0 - clearTimeout(this.courtesyTimer) - - // create new abort controller - //this.abortController = new AbortController() // @todo do i need this? Can't I reuse the existing this.abortController? - - this.download() - } - - stop() { - logger.log({ level: 'info', message: 'Received stop(). Stopping.' }) - clearTimeout(this.courtesyTimer) - this.abortController.abort() - } - - /** generate a report **/ - getReport(errorMessage) { - let report = {} - report.stats = Object.assign({}, this.stats) - report.error = errorMessage - report.reason = (() => { - if (errorMessage) return 'error'; - else if (this.abortController.signal.aborted) return 'aborted'; - else return 'close'; - })() - // clear stats to prepare for next run - this.stats = Object.assign({}, defaultStats) - return report - } - - emitReport(report) { - logger.log({ level: 'debug', message: 'EMITTING REPORT' }) - this.emit('stop', report) - } - - getCourtesyTimer(callback) { - // 600000ms = 10m - const waitTime = Math.min(600000, (Math.pow(2, this.retryCount) * 1000)); - this.retryCount += 1; - logger.log({ level: 'debug', message: `courtesyWait for ${waitTime/1000} seconds. (retryCount: ${this.retryCount})` }) - return setTimeout(callback, waitTime) - } - - download() { - const handleProgress = (progress) => { - logger.log({ level: 'debug', message:` [*] progress event` }) - this.stats.lastUpdatedAt = Date.now(), - this.stats.totalSize = progress.totalSize - } - - const handleError = (error) => { - if (error?.message !== undefined && error.message.includes('Room is currently offline')) { - logger.log({ level: 'debug', message: 'Handled an expected \'Room is offline\' error' }) - - } else { - logger.log({ level: 'error', message: 'ytdl error' }) - logger.log({ level: 'error', message: error.message }) - } - this.ytdlee.off('progress', handleProgress) - this.ytdlee.off('handleYtdlEvent', handleYtdlEvent) - - // restart the download after the courtesyTimeout - this.courtesyTimer = this.getCourtesyTimer(() => this.download()) - this.emitReport(this.getReport(error.message)) - } - - - const handleYtdlEvent = (type, data) => { - logger.log({ level: 'debug', message: `handleYtdlEvent type: ${type}, data: ${data}` }) - logger.log({ level: 'debug', message: `handleYtdlEvent type: ${type}, data: ${data}` }) - if (type === 'download' && data.includes('Destination:')) { - let filePath = /Destination:\s(.*)$/.exec(data)[1] - logger.log({ level: 'debug', message: `Destination file detected: ${filePath}` }) - let datum = { file: filePath, timestamp: new Date().valueOf() } - let segments = this.stats.segments - segments.push(datum) && segments.length > 64 && segments.shift(); // limit the size of the segments array - this.emit('start', datum) - } else if (type === 'ffmpeg' && data.includes('bytes')) { - const bytes = /(\d*)\sbytes/.exec(data)[1] - logger.log({ level: 'debug', message: `ffmpeg reports ${bytes}`}) - let mostRecentFile = this.stats.segments[this.stats.segments.length-1] - mostRecentFile['size'] = bytes - logger.log({ level: 'debug', message: mostRecentFile }) - } - } - - const handleClose = () => { - logger.log({ level: 'debug', message: 'got a close event. handling!' }); - - this.ytdlee.off('progress', handleProgress) - this.ytdlee.off('handleYtdlEvent', handleYtdlEvent) - - // restart Voddo only if the close was not due to stop() - if (!this.abortController.signal.aborted) { - // restart the download after the courtesyTimeout - this.courtesyTimer = this.getCourtesyTimer(() => this.download()) - } - - this.emitReport(this.getReport()) - } - - logger.log({ level: 'debug', message: `Downloading url:${this.url} format:${this.format}` }) - logger.log({ level: 'debug', message: JSON.stringify(this.ytdl) }) - - // sanity check. ensure cwd exists - stat(this.cwd, (err) => { - if (err) logger.log({ level: 'error', message: `Error while getting cwd stats of ${this.cwd} Does it exist?` }) - }) - - this.ytdlee = this.ytdl.exec( - [this.url, '-f', this.format], - { - cwd: this.cwd - }, - this.abortController.signal - ); - this.ytdlee.on('progress', handleProgress); - this.ytdlee.on('youtubeDlEvent', handleYtdlEvent); - this.ytdlee.once('error', handleError); - this.ytdlee.once('close', handleClose); - } - - - -} \ No newline at end of file diff --git a/services/capture/src/Voddo.spec.js b/services/capture/src/Voddo.spec.js deleted file mode 100644 index 155925c..0000000 --- a/services/capture/src/Voddo.spec.js +++ /dev/null @@ -1,490 +0,0 @@ -import 'dotenv/config' -import Voddo from './Voddo.js' -import chai, { expect } from 'chai' -import sinon from 'sinon' -import YoutubeDlWrap from 'youtube-dl-wrap' -import { - AbortController -} from "node-abort-controller"; -import { - EventEmitter -} from 'events' -import debugFactory from 'debug' -import { join, dirname } from 'path'; -import { fileURLToPath } from 'url'; -import sinonChai from 'sinon-chai' -import sinonTest from "sinon-test"; - -chai.use(sinonChai); - -const test = sinonTest(sinon, { - toFake: ["setTimeout", "setInterval"], - shouldAdvanceTime: false -}); -const debug = debugFactory('voddo') -const __dirname = dirname(fileURLToPath(import.meta.url)); - - - - - -describe('Voddo', function() { - - - describe('groupStreamSegments', function () { - it('should separate two stream data objects', function () { - const fixture = [{ - "startTime": 1675386000000, - "file": "projektmelody 2023-02-02 17_00-projektmelody.mp4", - "size": 550799038, - "endTime": 1675391400000, - }, { - "startTime": 1675391405000, - "file": "projektmelody 2023-02-02 18_30-projektmelody.mp4", - "size": 6556534941, - "endTime": 1675396800000 - }, { - "startTime": 1675368000000, - "file": "projektmelody 2023-02-02 12_00-projektmelody.mp4", - "size": 6556534941, - "endTime": 1675378800000 - }] - - const streams = Voddo.groupStreamSegments(fixture) - expect(streams).to.deep.equal([ - [ - { - "startTime": 1675368000000, - "file": "projektmelody 2023-02-02 12_00-projektmelody.mp4", - "size": 6556534941, - "endTime": 1675378800000 - } - ], - [ - { - "startTime": 1675386000000, - "file": "projektmelody 2023-02-02 17_00-projektmelody.mp4", - "size": 550799038, - "endTime": 1675391400000, - }, { - "startTime": 1675391405000, - "file": "projektmelody 2023-02-02 18_30-projektmelody.mp4", - "size": 6556534941, - "endTime": 1675396800000 - } - ] - ]) - }) - }) - - - // let clock; - - // beforeEach(function() { - // clock = sinon.useFakeTimers({ - // toFake: ["setTimeout", "setInterval"], - // shouldAdvanceTime: false - // }); - // }) - - // afterEach(() => { - // sinon.restore() - // }) - - - - // Something faulty with Voddo or sinon or mocha, not sure. - // When running by itself, test succeeds. When running with 'should start and stop stream download', - // voddo.stats gets set to whatever that test sets it to. So bizarre, it's like the same Voddo class instance - // exists in two different tests even though they are named differently. - // Even though they are not in global scope. Even though each was called with `new Voddo(...)` - // Doesn't matter if I wrap both in sinon-test. Same leaky problem. - // Doesn't matter if I sinon.restore() afterEach. Same leaky problem. - // Doesn't matter if I manually set up a sinon sandbox. Same leaky problem. - // Fuck event emitters. I love their utility but I don't know how the fuck they are supposed to be tested. - // Solution might just call for a rewrite of Voddo, or perhaps deleting Voddo in favor of Capture - // For now, I'm moving forward because Voddo works even though this test does not. - describe('getRecordedSegments', function() { - xit('should populate it\'s log if log is empty', async function () { - const voddo = new Voddo({ - url: 'https://example.com', - cwd: join(__dirname, 'fixtures') - }) - const streams = await voddo.getRecordedSegments() - console.log(streams) - expect(streams.length).to.equal(3) - expect(streams[0]).to.have.property('startTime') - expect(streams[0]).to.have.property('file') - expect(streams[0]).to.have.property('size') - }) - xit('should use Voddo\'s stats history to get filenames of only the most recent stream', async function() { - const sb = sinon.createSandbox() - const viddo = new Voddo({ - url: 'https://example.com', - cwd: '~/Downloads' - }) - sb.stub(viddo, 'stats').value({ - segments: [{ - startTime: 1674147647000, - size: 192627, - file: 'projektmelody 2023-01-19 17_00-projektmelody.mp4' - }, { - startTime: 1674151247000, - size: 192627, - file: 'projektmelody 2023-01-19 18_00-projektmelody.mp4' - }, { - startTime: 1674154847000, - size: 192627, - file: 'projektmelody 2023-01-19 19_00-projektmelody.mp4' - }, { - file: 'projektmelody 2023-01-20 20_10-projektmelody.mp4', - size: 192627, - startTime: 1674245400000, - }, { - file: 'projektmelody 2023-01-20 21_10-projektmelody.mp4', - size: 192627, - startTime: 1674249000000, - }, { - file: 'projektmelody 2023-01-20 22_10-projektmelody.mp4', - size: 192627, - startTime: 1674252600000, - }] - }) - - const filenames = await viddo.getRecordedSegments() - sb.restore() - expect(filenames).to.have.lengthOf(3) - expect(filenames).to.deep.equal([{ - file: 'projektmelody 2023-01-20 20_10-projektmelody.mp4', - size: 192627, - startTime: 1674245400000, - }, { - file: 'projektmelody 2023-01-20 21_10-projektmelody.mp4', - size: 192627, - startTime: 1674249000000, - }, { - file: 'projektmelody 2023-01-20 22_10-projektmelody.mp4', - size: 192627, - startTime: 1674252600000, - }]) - }) - }) - - - xit('should keep a log of the files downloaded', function(done) { - const ee = new EventEmitter() - - - const ytdl = sinon.createStubInstance(YoutubeDlWrap) - ytdl.exec.returns(ee) - - - const times = [ - 1000, // start - 1000 * 60 * 60 * 1, // stop - 1000 * 60 * 60 * 1 + 1, // start - 1000 * 60 * 60 * 2, // stop - 1000 * 60 * 60 * 3 + 1, // start - 1000 * 60 * 60 * 4 // stop - ] - - clock.setTimeout(() => { - ee.emit('youtubeDlEvent', 'download', ' Destination: projektmelody 2023-01-18 21_10-projektmelody.mp4') - }, times[0]) - - clock.setTimeout(() => { - ee.emit('close') - }, times[1]) - - clock.setTimeout(() => { - ee.emit('youtubeDlEvent', 'download', ' Destination: projektmelody 2023-01-18 22_10-projektmelody.mp4') - }, times[2]) - - clock.setTimeout(() => { - ee.emit('close') - }, times[3]) - - clock.setTimeout(() => { - ee.emit('youtubeDlEvent', 'download', ' Destination: projektmelody 2023-01-18 23_10-projektmelody.mp4') - }, times[4]) - - clock.setTimeout(() => { - ee.emit('close') - }, times[5]) - - - let url = `https://chaturbate.com/projektmelody` - let cwd = process.env.FUTUREPORN_WORKDIR || '/tmp' - const voddo = new Voddo({ - url: url, - format: 'best', - cwd: cwd, - ytdl - }) - - voddo.once('start', (data) => { - expect(data).to.have.property('file') - expect(data).to.have.property('timestamp') - - voddo.once('start', (data) => { - expect(data).to.have.property('file') - expect(data).to.have.property('timestamp') - - voddo.once('start', (data) => { - expect(data).to.have.property('file') - expect(data).to.have.property('timestamp') - - voddo.once('stop', function(report) { - debug(report) - expect(report).to.have.property('stats') - expect(report.stats).to.have.property('files') - expect(report.stats.files).to.have.lengthOf(3) - debug(report.stats.files) - expect(report.stats.files[0]).to.include({ - file: 'projektmelody 2023-01-18 21_10-projektmelody.mp4' - }) - - expect(ytdl.exec).calledThrice - - console.log('>>WE ARE DONE') - expect(this.clock.countTimers()).to.equal(0) - done() - }) - clock.tick(times[5]) // stop - - }) - clock.tick(times[3]) // stop - clock.tick(times[4]) // start - - }) - clock.tick(times[1]) // stop - clock.tick(times[2]) // start - - }) - - - voddo.start() - expect(ytdl.exec).calledOnce - - clock.tick(times[0]) - - - - - }) - - xit('should keep a log of the files downloaded', function(done) { - this.timeout(5000) - // https://github.com/insanity54/futureporn/issues/13 - const ytdlStub = sinon.createStubInstance(YoutubeDlWrap) - ytdlStub.exec - .onCall(0) - .callsFake(function(args, opts, aborter) { - let ee = new EventEmitter() - clock.setTimeout(() => { - ee.emit('youtubeDlEvent', 'download', ' Destination: projektmelody 2023-01-18 21_10-projektmelody.mp4') - }, 50) - clock.setTimeout(() => { - ee.emit('close') - }, 100) - return ee - }) - .onCall(1) - .callsFake(function(args, opts, aborter) { - let ee = new EventEmitter() - clock.setTimeout(() => { - ee.emit('youtubeDlEvent', 'download', ' Destination: projektmelody 2023-01-18 22_10-projektmelody.mp4') - }, 50) - clock.setTimeout(() => { - ee.emit('close') - }, 100) - return ee - }) - .onCall(2) - .callsFake(function(args, opts, aborter) { - let ee = new EventEmitter() - clock.setTimeout(() => { - ee.emit('youtubeDlEvent', 'download', ' Destination: projektmelody 2023-01-18 23_10-projektmelody.mp4') - }, 50) - clock.setTimeout(() => { - ee.emit('close') - }, 100) - return ee - }) - let url = `https://chaturbate.com/projektmelody` - let cwd = process.env.FUTUREPORN_WORKDIR || '/tmp' - - const voddo = new Voddo({ - url: url, - format: 'best', - cwd: cwd, - ytdl: ytdlStub - }) - - // expect(clock.countTimers()).to.equal(0) - voddo.once('start', function(data) { - expect(data).to.have.property('file') - expect(data).to.have.property('timestamp') - - clock.next() - clock.next() - voddo.once('start', function(data) { - expect(data).to.have.property('file') - expect(data).to.have.property('timestamp') - - voddo.once('start', function(data) { - debug('fake start?') - expect(data).to.have.property('file') - expect(data).to.have.property('timestamp') - - voddo.once('stop', function(report) { - debug(report) - expect(report).to.have.property('stats') - expect(report.stats).to.have.property('files') - expect(report.stats.files).to.have.lengthOf(3) - debug(report.stats.files) - expect(report.stats.files[0]).to.include({ - file: 'projektmelody 2023-01-18 21_10-projektmelody.mp4' - }) - - sinon.assert.calledThrice(ytdlStub.exec) - expect(this.clock.countTimers()).to.equal(0) - done() - }) - - - }) - }) - }) - - voddo.start() - }) - - - it('should start and stop stream download', test(function(done) { - - const sandbox = this - - const ee = new EventEmitter() - - const ytdl = this.createStubInstance(YoutubeDlWrap); - ytdl.exec.returns(ee) - - - const url = 'https://chaturbate.com/projektmelody' - const format = 'best' - const cwd = '/tmp' - const v = new Voddo({ - url, - format, - cwd, - ytdl - }) - console.log(v.stats) - - v.once('stop', function(data) { - console.log('ffffff') - console.log(this) - expect(this.abortController.signal.aborted, 'abortController did not abort').to.be.true - expect(sandbox.clock.countTimers()).to.equal(0) - done() - }) - v.once('start', function(data) { - console.log('STARRRRRT') - expect(data).to.have.property('file') - expect(data).to.have.property('timestamp') - expect(this).to.have.property('abortController') - console.log('ey cool, voddo started') - }) - v.start() - - const times = [ - 500, - 1000, - 2000 - ] - - this.clock.setTimeout(() => { - ee.emit('youtubeDlEvent', 'download', ' Destination: projektmelody 2023-01-18 21_10-projektmelody.mp4') - }, times[0]) - - this.clock.setTimeout(() => { - v.stop() - }, times[1]) - - this.clock.setTimeout(() => { - ee.emit('close') - }, times[2]) - - this.clock.tick(times[0]) // start - this.clock.tick(times[1]) // stop - this.clock.tick(times[2]) // close - - })) - - - xit('should retry when a stream closes', function(done) { - - const ytdlStub = sinon.createStubInstance(YoutubeDlWrap); - ytdlStub.exec - .onCall(0) - .callsFake(function(args, opts, aborter) { - debug(' [test] callsFake 0') - let ee = new EventEmitter() - setTimeout(() => { - console.log('should retry when a stream closes -- emission') - ee.emit('youtubeDlEvent', 'download', ' Destination: projektmelody 2023-01-17 19_39-projektmelody.mp4') - }, 100) - setTimeout(() => { - console.log('should retry when a stream closes -- emission') - // this simulates youtube-dl closing - // (NOT Voddo closing) - ee.emit('close') - }, 550) - return ee - }) - .onCall(1) - .callsFake(function(args, opts, aborter) { - debug(' [test] callsFake 1') - let ee = new EventEmitter() - setTimeout(() => { - ee.emit('youtubeDlEvent', 'download', ' Destination: projektmelody 2023-01-17 19_45-projektmelody.mp4') - }, 100) - return ee - }) - let url = `https://chaturbate.com/projektmelody` - let cwd = process.env.FUTUREPORN_WORKDIR || '/tmp' - let abortController = new AbortController() - - const voddo = new Voddo({ - url: url, - format: 'best', - cwd: cwd, - ytdl: ytdlStub - }) - - voddo.once('start', function(data) { - debug(' [test] voddo <<<<<-----') - expect(data).to.have.property('file') - expect(data).to.have.property('timestamp') - - voddo.once('start', function(data) { - debug(' [test] restarted after dl close! (expected) <<<<<-----') - - sinon.assert.calledTwice(ytdlStub.exec) - expect(this.clock.countTimers()).to.equal(0) - done() - }) - }) - - voddo.start() - - clock.next() - clock.next() - clock.next() - clock.next() - clock.next() - - }) - -}) \ No newline at end of file diff --git a/services/capture/src/app.spec.ts b/services/capture/src/app.spec.ts deleted file mode 100644 index 2efd5f5..0000000 --- a/services/capture/src/app.spec.ts +++ /dev/null @@ -1,89 +0,0 @@ -'use strict' - -import { build } from './app.ts' -import { use, expect } from "chai" -import sinonChai from 'sinon-chai' -use(sinonChai) - -describe('app', function () { - const app = build({}, 'postgres://') - describe('/', function () { - it('GET', async function () { - - const response = await app.inject({ - method: 'GET', - url: '/' - }) - expect(response.statusCode).to.equal(200) - expect(JSON.parse(response.body)).to.have.property('version') - }) - }) - xdescribe('/api/records', function () { - it('GET -- list the records', async function () { - const response = await app.inject({ - method: 'GET', - url: '/api/records' - }) - expect(response.statusCode).to.equal(200) - const body = JSON.parse(response.body) - expect(body).to.have.property('data') - expect(body.data).to.be.an.instanceof(Array); - }) - it('DELETE -- delete all records', async function () { - const response = await app.inject({ - method: 'DELETE', - url: '/api/records' - }) - expect(response.statusCode).to.equal(200) - const body = JSON.parse(response.body) - expect(body).to.have.property('data') - expect(body.data).to.be.lengthOf(0); - }) - }) - describe('/api/record', function () { - describe('POST', function () { - it('should create', async function () { - let url = 'https://example.com/my-cool-stream' - const response = await app.inject({ - method: 'POST', - url: '/api/record', - body: { - url - } - }) - expect(response.statusCode).to.equal(200) - const body = JSON.parse(response.body) - expect(body).to.have.property('id') - expect(body).to.have.property('url', url) - }) - it('should return 400 if url is missing', async function () { - const response = await app.inject({ - method: 'POST', - url: '/api/record', - }) - expect(response.statusCode).to.equal(400) - }) - }) - xit('GET -- list a record', async function () { - const response = await app.inject({ - method: 'GET', - url: '/api/record' - }) - expect(response.statusCode).to.equal(200) - expect(JSON.parse(response.body)).to.have.property('id') - expect(JSON.parse(response.body)).to.have.property('sourceUrl') - expect(JSON.parse(response.body)).to.have.property('fileSize') - expect(JSON.parse(response.body)).to.have.property('outputUrl') - }) - it('DELETE -- delete a record', async function () { - const response = await app.inject({ - method: 'DELETE', - url: '/api/record' - }) - expect(response.statusCode).to.equal(200) - expect(JSON.parse(response.body)).to.have.property('id') - }) - }) - - -}) diff --git a/services/capture/src/app.ts b/services/capture/src/app.ts deleted file mode 100644 index 6b9d043..0000000 --- a/services/capture/src/app.ts +++ /dev/null @@ -1,59 +0,0 @@ -'use strict' - -import fastify, { type FastifyRequest } from 'fastify' -import { getPackageVersion } from '@futureporn/utils/file.ts' -import fastifyGraphileWorkerPlugin, { type ExtendedFastifyInstance } from './fastify-graphile-worker-plugin.ts' -import { join, dirname } from 'node:path' -import { fileURLToPath } from 'node:url' - -const __dirname = dirname(fileURLToPath(import.meta.url)); - -const version = getPackageVersion(join(__dirname, '../package.json')) -interface RecordBodyType { - url: string; - discordMessageId: string; -} -interface MessageBodyType { - state: 'pending' | 'recording' | 'aborted' | 'ended'; - discordMessageId: string; -} - -const build = function (opts: Record={}, connectionString: string) { - const app: ExtendedFastifyInstance = fastify(opts) - app.register(fastifyGraphileWorkerPlugin, { connectionString }) - - app.get('/', async function (request, reply) { - return { app: '@futureporn/capture', version } - }) - app.put('/api/message', async function (request: FastifyRequest<{ Body: MessageBodyType }>, reply) { - const { state, discordMessageId } = request.body - if (app?.graphile) { - const jobId = await app.graphile.addJob('update_discord_message', { - discordMessageId, - state - }, { maxAttempts: 3 }) - } else { - console.error('app.graphile was missing') - } - }) - app.post('/api/record', async function (request: FastifyRequest<{ Body: RecordBodyType }>, reply) { - const { url, discordMessageId } = request.body - console.log(`POST /api/record with url=${url}`) - - if (app?.graphile) { - const jobId = await app.graphile.addJob('start_recording', { - url, - discordMessageId - }, { maxAttempts: 3 }) - return { jobId } - } else { - console.error(`app.graphile was missing! Is the graphile worker plugin registered to the fastify instance?`) - } - return { 'idk': true } - }) - return app -} - -export { - build -} \ No newline at end of file diff --git a/services/capture/src/blah.ts b/services/capture/src/blah.ts deleted file mode 100644 index 8ea3b26..0000000 --- a/services/capture/src/blah.ts +++ /dev/null @@ -1,31 +0,0 @@ -import PgBoss from 'pg-boss'; - -async function readme() { - const boss = new PgBoss('postgres://william:mysecretpassword@localhost:5435/william'); - - boss.on('error', (error: Error) => console.error(error)); - - await boss.start(); - - const queue = 'some-queue'; - - let jobId = await boss.send(queue, { param1: 'foo' }) - - console.log(`created job in queue ${queue}: ${jobId}`); - - await boss.work(queue, someAsyncJobHandler); -} - -async function someAsyncJobHandler(job: any) { - console.log(`job ${job.id} received with data:`); - console.log(JSON.stringify(job.data)); - - await new Promise((resolve, reject) => { - console.log('waiting 3s') - setTimeout(() => { - resolve(job.data) - }, 3000) - }); -} - -readme() \ No newline at end of file diff --git a/services/capture/src/cb.js b/services/capture/src/cb.js deleted file mode 100644 index 3195731..0000000 --- a/services/capture/src/cb.js +++ /dev/null @@ -1,18 +0,0 @@ -import { load } from 'cheerio' -import fetch from 'node-fetch' -import scrapingFetch from '@futureporn/scout/scrapingFetch.ts' - -export async function getRandomRoom () { - const res = await scrapingFetch('https://chaturbate.com/') - const body = await res.text() - const $ = load(body) - let roomsRaw = $('a[data-room]') - let rooms = [] - $(roomsRaw).each((_, e) => { - rooms.push($(e).attr('href')) - }) - - // greets https://stackoverflow.com/a/4435017/1004931 - var randomIndex = Math.floor(Math.random() * rooms.length); - return rooms[randomIndex].replaceAll('/', '') -} \ No newline at end of file diff --git a/services/capture/src/config.ts b/services/capture/src/config.ts deleted file mode 100644 index f8a1fb5..0000000 --- a/services/capture/src/config.ts +++ /dev/null @@ -1,49 +0,0 @@ -import 'dotenv/config' - -const requiredEnvVars = [ - 'SCOUT_URL', - 'S3_ACCESS_KEY_ID', - 'S3_SECRET_ACCESS_KEY', - 'S3_REGION', - 'S3_ENDPOINT', - 'S3_USC_BUCKET', - 'POSTGREST_URL', - 'AUTOMATION_USER_JWT', - 'CACHE_DIR', - 'WORKER_CONCURRENCY', -] as const; - -const getEnvVar = (key: typeof requiredEnvVars[number]): string => { - const value = process.env[key]; - if (!value) { - throw new Error(`Missing ${key} env var`); - } - return value; -}; - -export interface Config { - scoutUrl: string; - postgrestUrl: string; - automationUserJwt: string; - s3AccessKeyId: string; - s3SecretAccessKey: string; - s3Region: string; - s3UscBucket: string; - s3Endpoint: string; - cacheDir: string; - workerConcurrency: number; -} - - -export const configs: Config = { - scoutUrl: getEnvVar('SCOUT_URL'), - postgrestUrl: getEnvVar('POSTGREST_URL'), - automationUserJwt: getEnvVar('AUTOMATION_USER_JWT'), - s3AccessKeyId: getEnvVar('S3_ACCESS_KEY_ID'), - s3SecretAccessKey: getEnvVar('S3_SECRET_ACCESS_KEY'), - s3Region: getEnvVar('S3_REGION'), - s3UscBucket: getEnvVar('S3_USC_BUCKET'), - s3Endpoint: getEnvVar('S3_ENDPOINT'), - cacheDir: getEnvVar('CACHE_DIR'), - workerConcurrency: parseInt(getEnvVar('WORKER_CONCURRENCY')), -} \ No newline at end of file diff --git a/services/capture/src/disk.js b/services/capture/src/disk.js deleted file mode 100644 index 2d18c5b..0000000 --- a/services/capture/src/disk.js +++ /dev/null @@ -1,33 +0,0 @@ -import disk from 'diskusage'; - - -export function verifyStorage (appContext) { - const mountPath = appContext.env.FUTUREPORN_WORKDIR - disk.check(mountPath, (err, info) => { - if (err) { - appContext.logger.log({ level: 'error', message: `Error retrieving disk usage for ${mountPath}: ${err}` }); - return; - } - - const totalSize = info.total; - const availableSize = info.available; - const freeSize = info.free; - - appContext.logger.log({ 'level': 'info', message: `${mountPath} Disk Usage:` }); - appContext.logger.log({ 'level': 'info', message: `Total: ${bytesToSize(totalSize)}` }); - appContext.logger.log({ 'level': 'info', message: `Free: ${bytesToSize(freeSize)}` }); - appContext.logger.log({ 'level': 'info', message: `Available: ${bytesToSize(availableSize)}` }); - - if (availableSize < 85899345920) appContext.logger.log({ 'level': 'warn', message: `⚠️ Available disk is getting low! ${bytesToSize(availableSize)}` }); - else if (availableSize < 42949672960) appContext.logger.log({ 'level': 'error', message: `⚠️☠️ AVAILABLE DISK IS TOO LOW! ${bytesToSize(availableSize)}` }); - }); -} - - -// Helper function to convert bytes to human-readable format -export function bytesToSize(bytes) { - const sizes = ['Bytes', 'KB', 'MB', 'GB', 'TB']; - if (bytes === 0) return '0 Bytes'; - const i = Math.floor(Math.log2(bytes) / 10); - return `${(bytes / Math.pow(1024, i)).toFixed(2)} ${sizes[i]}`; -} \ No newline at end of file diff --git a/services/capture/src/fastify-graphile-worker-plugin.ts b/services/capture/src/fastify-graphile-worker-plugin.ts deleted file mode 100644 index 4f9b608..0000000 --- a/services/capture/src/fastify-graphile-worker-plugin.ts +++ /dev/null @@ -1,22 +0,0 @@ -import { type FastifyInstance } from 'fastify' -import fp from 'fastify-plugin' -import { type WorkerUtils, makeWorkerUtils } from 'graphile-worker' - -type Options = { - connectionString: string; -} - - -export interface ExtendedFastifyInstance extends FastifyInstance { - graphile?: WorkerUtils -} - -async function graphileWorkerPlugin (fastify: ExtendedFastifyInstance, opts: Options) { - if (!fastify.graphile) { - if (!opts.connectionString) throw new Error('graphileWorkerPlugin requires connectionString passed in options argument, but it was missing'); - const workerUtils = await makeWorkerUtils({ connectionString: opts.connectionString }) - fastify.decorate('graphile', workerUtils) - } -} - -export default fp(graphileWorkerPlugin) \ No newline at end of file diff --git a/services/capture/src/fastify-pgboss-plugin.ts b/services/capture/src/fastify-pgboss-plugin.ts deleted file mode 100644 index 983e2c9..0000000 --- a/services/capture/src/fastify-pgboss-plugin.ts +++ /dev/null @@ -1,23 +0,0 @@ -import { type FastifyInstance } from 'fastify' -import fp from 'fastify-plugin' -import PgBoss from 'pg-boss' - -type Options = { - boss: PgBoss; -} - - -export interface ExtendedFastifyInstance extends FastifyInstance { - boss?: PgBoss -} - -async function pgbossPlugin (fastify: ExtendedFastifyInstance, opts: Options) { - - if (!fastify.boss) { - if (!opts.boss) throw new Error('pgbossPlugin requires boss passed in options argument, but it was missing'); - const boss = opts.boss - fastify.decorate('boss', boss) - } -} - -export default fp(pgbossPlugin) \ No newline at end of file diff --git a/services/capture/src/fixtures/just-a-text-file.txt b/services/capture/src/fixtures/just-a-text-file.txt deleted file mode 100644 index e69de29..0000000 diff --git a/services/capture/src/fixtures/mime.types b/services/capture/src/fixtures/mime.types deleted file mode 100644 index a8dbef1..0000000 --- a/services/capture/src/fixtures/mime.types +++ /dev/null @@ -1,2 +0,0 @@ -application/vnd.apple.mpegurl mp4 -text/x-abc abc \ No newline at end of file diff --git a/services/capture/src/fixtures/mock-stream0.mp4 b/services/capture/src/fixtures/mock-stream0.mp4 deleted file mode 100644 index d857323..0000000 Binary files a/services/capture/src/fixtures/mock-stream0.mp4 and /dev/null differ diff --git a/services/capture/src/fixtures/mock-stream1.mp4 b/services/capture/src/fixtures/mock-stream1.mp4 deleted file mode 100644 index 86a7548..0000000 Binary files a/services/capture/src/fixtures/mock-stream1.mp4 and /dev/null differ diff --git a/services/capture/src/fixtures/mock-stream2.mp4 b/services/capture/src/fixtures/mock-stream2.mp4 deleted file mode 100644 index 0e9dc7f..0000000 Binary files a/services/capture/src/fixtures/mock-stream2.mp4 and /dev/null differ diff --git a/services/capture/src/fixtures/my.abc b/services/capture/src/fixtures/my.abc deleted file mode 100644 index 1f6cac0..0000000 --- a/services/capture/src/fixtures/my.abc +++ /dev/null @@ -1 +0,0 @@ -asdfaslfk;sdf \ No newline at end of file diff --git a/services/capture/src/index.ts b/services/capture/src/index.ts deleted file mode 100644 index 7ff0112..0000000 --- a/services/capture/src/index.ts +++ /dev/null @@ -1,114 +0,0 @@ - -'use strict' - -import { build } from './app.ts' -import 'dotenv/config' -import { configs } from './config.ts' -import { makeWorkerUtils, type WorkerUtils, Runner, RunnerOptions, run as graphileRun } from 'graphile-worker' -import { join, dirname } from 'node:path'; -import { fileURLToPath } from 'url'; -import { getPackageVersion } from '@futureporn/utils/file.ts'; -import type { GraphileConfig } from "graphile-config"; -import type {} from "graphile-worker"; - -const __dirname = dirname(fileURLToPath(import.meta.url)); -const version = getPackageVersion(join(__dirname, '../package.json')) - -if (!process.env.FUNCTION) throw new Error(`FUNCTION env var was missing. FUNCTION env var must be either 'api' or 'worker'.`); -if (!process.env.WORKER_CONNECTION_STRING) throw new Error(`WORKER_CONNECTION_STRING env var was missing`); -const connectionString = process.env.WORKER_CONNECTION_STRING! -const preset: GraphileConfig.Preset = { - worker: { - connectionString: process.env.WORKER_CONNECTION_STRING, - concurrentJobs: configs.workerConcurrency, - fileExtensions: [".js", ".ts"], - }, -}; - - - - -async function doRunApi() { - if (!process.env.PORT) throw new Error('PORT is missing in env'); - console.log(`api FUNCTION listening on PORT ${process.env.PORT}`) - const PORT = parseInt(process.env.PORT!) - - const fastifyOpts = { - logger: { - level: 'info', - transport: { - target: 'pino-pretty' - } - } - } - - const server = build(fastifyOpts, connectionString) - - server.listen({ port: PORT }, (err) => { - if (err) { - server.log.error(err) - process.exit(1) - } - }) -} - -async function doRunWorker(workerUtils: WorkerUtils) { - - let workerIds: string[] = [] - - const runnerOptions: RunnerOptions = { - preset, - concurrency: configs.workerConcurrency, - taskDirectory: join(__dirname, 'tasks'), - } - - - - const runner = await graphileRun(runnerOptions) - if (!runner) throw new Error('failed to initialize graphile worker'); - - /** - * This is likely only relevant during development. - * if nodemon restarts us, we need to unlock the graphile-worker job so it gets retried immediately by another worker. - * - */ - runner.events.on('worker:create', ({ worker }) => { - // There is no way to get workerIds on demand when the SIGUSR2 comes in, so we log the IDs ahead of time. - workerIds.push(worker.workerId) - }) - process.on('SIGUSR2', async () => { - console.warn(`SIGUSR2 detected! ulocking ${workerIds.length} workers, workerIds=${workerIds}`) - await workerUtils.forceUnlockWorkers(workerIds) - process.kill(process.pid, 'SIGTERM'); - }) - runner.events.on("pool:gracefulShutdown", async ({ workerPool, message }) => { - const workerIds = workerPool._workers.map((w) => w.workerId) - console.warn(`gracefulShutdown detected. releasing job locks on ${workerIds.length} workers, workerIds=${workerIds}, message=${message}`); - await workerUtils.forceUnlockWorkers(workerIds) - }); - - - await runner.promise -} - - -async function main() { - - const workerUtils = await makeWorkerUtils({ connectionString }) - await workerUtils.migrate() - - console.log(`@futureporn/capture version ${version} (FUNCTION=${process.env.FUNCTION})`) - if (process.env.FUNCTION === 'api') { - doRunApi() - } else if (process.env.FUNCTION === 'worker') { - doRunWorker(workerUtils) - } else { - throw new Error('process.env.FUNCTION must be either api or worker. got '+process.env.FUNCTION) - } -} - -main().catch((err) => { - console.error('there was an error!') - console.error(err); - process.exit(874); -}); diff --git a/services/capture/src/integration/Capture.spec.js b/services/capture/src/integration/Capture.spec.js deleted file mode 100644 index a946d53..0000000 --- a/services/capture/src/integration/Capture.spec.js +++ /dev/null @@ -1,123 +0,0 @@ -import 'dotenv/config' -import chai, { expect } from 'chai' -import sinon from 'sinon' -import sinonChai from 'sinon-chai' -import { CID } from 'multiformats/cid' -import EventEmitter from 'node:events' -import { fileURLToPath } from 'url'; -import path from 'node:path' -import postgres from 'postgres' -import Capture from '../src/Capture.js' -import Voddo from '../src/Voddo.js' -import Video from '../src/Video.js' - -chai.use(sinonChai) - -if (typeof process.env.POSTGRES_PASSWORD === 'undefined') throw new Error('missing POSTGRES_PASSWORD'); -if (typeof process.env.POSTGRES_USERNAME === 'undefined') throw new Error('missing POSTGRES_USERNAME'); - - -const cidFixture = 'bafybeid3mg5lzrvnmpfi5ftwhiupp7i5bgkmdo7dnlwrvklbv33telrrry' -const inputFixture = 'projektmelody 3021-10-16 06-16.mp4' -const outputFixture = 'projektmelody-chaturbate-30211016T000000Z.mp4' -const timestampFixture = 33191316900000 - -describe('Capture integration', function () { - - let clock - - beforeEach(() => { - clock = sinon.useFakeTimers({ - toFake: ["setTimeout", "setInterval"], - shouldAdvanceTime: false - }); - }) - - afterEach(() => { - sinon.restore() - clock.restore() - }) - - it('end of stream behavior', async function() { - const ipfsClusterUpload = sinon.mock() - .withExactArgs(outputFixture) - .resolves(cidFixture) - - const sql = postgres({ - username: process.env.POSTGRES_USERNAME, - password: process.env.POSTGRES_PASSWORD, - host: process.env.POSTGRES_HOST, - database: 'futureporn', - idle_timeout: 1 - }) - - - const voddo = sinon.createStubInstance(Voddo) - voddo.on.callThrough() - voddo.off.callThrough() - voddo.emit.callThrough() - voddo.listeners.callThrough() - voddo.listenerCount.callThrough() - voddo.getFilenames.returns([{ - timestamp: timestampFixture, - filename: inputFixture - }]) - - const video = sinon.createStubInstance(Video) - video.concat.resolves(outputFixture) - - const capture = new Capture({ - voddo, - sql, - ipfsClusterUpload, - video - }) - - capture.download() - voddo.emit('stop', { - reason: 'close', - stats: { - filenames: [ - inputFixture - ] - } - }) - - clock.next() // actionTimer elapse - - - expect(clock.countTimers()).to.equal(0) - clock.restore() - - // gotta wait to verify otherwise verification - // occurs before ipfsClusterUpload has a chance - // to be invoked. - // - // (not sure why) - // - // maybe we're waiting for the - // concat promise to resolve? - - await Promise.resolve(() => { - expect(ipfsClusterUpload).calledOnce - }) - - // Capture.save is called as a side effect - // of Capture.process - // which is called as a side effect of Capture.download - // so we have to wait for it to complete - // this is not ideal because there is potential - // to not wait long enough - await new Promise((resolve) => { - setTimeout(resolve, 1000) - }) - - const rows = await sql`SELECT "videoSrcHash" FROM vod WHERE "videoSrcHash" = ${cidFixture}` - - expect(rows[0]).to.exist - expect(rows[0]).to.have.property('videoSrcHash', cidFixture) - - - - }) -}) \ No newline at end of file diff --git a/services/capture/src/integration/Ipfs.spec.js b/services/capture/src/integration/Ipfs.spec.js deleted file mode 100644 index 0b23477..0000000 --- a/services/capture/src/integration/Ipfs.spec.js +++ /dev/null @@ -1,18 +0,0 @@ - -import Ipfs from '../src/Ipfs.js' -import { expect } from 'chai' -import path, { dirname } from 'path'; -import { fileURLToPath } from 'url'; -const __dirname = dirname(fileURLToPath(import.meta.url)); - -const ipfsExecutable = '/home/chris/.local/bin/ipfs' - -describe('Ipfs', function() { - describe('hash', function () { - it('should hash a file and return the v1 CID', async function () { - const ipfs = new Ipfs({ ipfsExecutable }) - const cid = await ipfs.hash(path.join(__dirname, '../test/fixtures/mock-stream0.mp4')) - expect(cid).to.equal('bafkreihfbftehabfrakhr6tmbx72inewwpayw6cypwgm6lbhbf7mxm7wni') - }) - }) -}) \ No newline at end of file diff --git a/services/capture/src/integration/Voddo.spec.js b/services/capture/src/integration/Voddo.spec.js deleted file mode 100644 index 7cc3742..0000000 --- a/services/capture/src/integration/Voddo.spec.js +++ /dev/null @@ -1,62 +0,0 @@ -import 'dotenv/config' -import Voddo from '../src/Voddo.js' -import { - expect -} from 'chai' -import sinon from 'sinon' -import YoutubeDlWrap from 'youtube-dl-wrap' -import { - EventEmitter -} from 'events' -import { getRandomRoom } from '../src/cb.js' -import path, { dirname } from 'path'; -import { fileURLToPath } from 'url'; -const __dirname = dirname(fileURLToPath(import.meta.url)); - - -describe('voddo', function() { - - - describe('getVideoLength', function () { - it('should return the video length in ms', async function () { - const fixtureFile = path.join(__dirname, '..', 'test', 'fixtures', 'mock-stream0.mp4') - const length = await Voddo.getVideoLength(fixtureFile) - expect(length).to.equal(3819) - }) - }) - - it('aborted stream', function(done) { - this.timeout(10000) - - getRandomRoom().then((room) => { - console.log(room) - const abortController = new AbortController() - - const url = `https://chaturbate.com/${room}` - const format = 'best' - const cwd = '/tmp' - const voddo = new Voddo({ - url, - format, - cwd - }) - - - voddo.once('stop', function(data) { - console.log('f in chat') - expect(voddo.stats.files[0]).to.have.property('size') - done() - }) - - voddo.start() - - setTimeout(() => { - voddo.stop() - }, 5000) - }) - - - }) - - -}) \ No newline at end of file diff --git a/services/capture/src/integration/record.spec.js b/services/capture/src/integration/record.spec.js deleted file mode 100644 index 4a625f4..0000000 --- a/services/capture/src/integration/record.spec.js +++ /dev/null @@ -1,35 +0,0 @@ -import { record, assertDependencyDirectory } from '../record.js' -import { getRandomRoom } from '../cb.js' -import path from 'node:path' -import os from 'node:os' -import { execa } from 'execa' - -describe('record', function() { - it('should record a file to disk', async function () { - this.timeout(1000*60) - const roomName = await getRandomRoom() - console.log(`roomName:${roomName}`) - const appContext = { - env: { - FUTUREPORN_WORKDIR: os.tmpdir(), - DOWNLOADER_UA: "Mozilla/5.0 (X11; Linux x86_64; rv:105.0) Gecko/20100101 Firefox/105.0" - }, - logger: { - log: (msg) => { console.log(JSON.stringify(msg)) } - } - } - console.log(appContext) - const { stdout } = await execa('yt-dlp', ['-g', `https://chaturbate.com/${roomName}`]) - const playlistUrl = stdout.trim() - console.log(`playlistUrl:${playlistUrl}`) - assertDependencyDirectory(appContext) - const ffmpegProc = record(appContext, playlistUrl, roomName) - // console.log(ffmpegProc) - return new Promise((resolve) => { - setTimeout(() => { - ffmpegProc.kill('SIGINT') - resolve() - }, 1000*10) - }) - }) -}) \ No newline at end of file diff --git a/services/capture/src/integration/video.spec.js b/services/capture/src/integration/video.spec.js deleted file mode 100644 index b3b7f3f..0000000 --- a/services/capture/src/integration/video.spec.js +++ /dev/null @@ -1,33 +0,0 @@ - -import 'dotenv/config' -import Video from '../src/Video.js' -import { expect } from 'chai' -import { dirname } from 'path'; -import { fileURLToPath } from 'url'; -import path from 'node:path' - -const __dirname = dirname(fileURLToPath(import.meta.url)); - -const dataFixture = [ - { - timestamp: 1, - file: 'mock-stream0.mp4' - }, { - timestamp: 2, - file: 'mock-stream1.mp4' - }, { - timestamp: 3, - file: 'mock-stream2.mp4' - } -] - -xdescribe('video', function () { - describe('concat', function () { - it('should combine several videos into one', async function() { - const cwd = path.join(__dirname, './fixtures') - const outputFile = await concat(dataFixture, { - cwd - }) - }) - }) -}) \ No newline at end of file diff --git a/services/capture/src/logger.js b/services/capture/src/logger.js deleted file mode 100644 index 84c387f..0000000 --- a/services/capture/src/logger.js +++ /dev/null @@ -1,25 +0,0 @@ -import winston from 'winston' - -export const loggerFactory = (options) => { - const mergedOptions = Object.assign({}, { - level: 'info', - defaultMeta: { service: 'futureporn' }, - format: winston.format.timestamp() - }, options) - const logger = winston.createLogger(mergedOptions); - - if (process.env.NODE_ENV !== 'production') { - logger.add(new winston.transports.Console({ - level: 'debug', - format: winston.format.simple() - })) - } else { - logger.add(new winston.transports.Console({ - level: 'info', - format: winston.format.json() - })) - } - - return logger -} - diff --git a/services/capture/src/poc-lite.js b/services/capture/src/poc-lite.js deleted file mode 100644 index 6bcef30..0000000 --- a/services/capture/src/poc-lite.js +++ /dev/null @@ -1,25 +0,0 @@ -import { createWriteStream } from 'node:fs' -import ffmpeg from 'fluent-ffmpeg' - -// test stream from https://ottverse.com/free-hls-m3u8-test-urls/ -const playlistUrl = 'https://demo.unified-streaming.com/k8s/features/stable/video/tears-of-steel/tears-of-steel.ism/.m3u8' -const fileOutputStream = createWriteStream('/tmp/test-stream.ts') - -ffmpeg() - .input(playlistUrl) - .audioCodec('copy') - .videoCodec('copy') - .addOutputOptions('-movflags faststart') - .output(fileOutputStream) - .format('mpegts') - .on('end', () => { - console.log('Finished'); - }) - .on('error', (err, stdout, stderr) => { - console.error(`there was an error`); - console.error(err); - console.error(stdout); - console.error(stderr); - throw new Error(err.message); - }) - .run(); diff --git a/services/capture/src/poc-s3-alt.ts b/services/capture/src/poc-s3-alt.ts deleted file mode 100644 index e4b1a21..0000000 --- a/services/capture/src/poc-s3-alt.ts +++ /dev/null @@ -1,135 +0,0 @@ -import { PassThrough, pipeline, Readable } from "stream"; -import { type Progress, Upload } from "@aws-sdk/lib-storage"; -import { S3Client } from "@aws-sdk/client-s3"; -import { createReadStream, createWriteStream } from 'fs'; -import { createId } from '@paralleldrive/cuid2'; -import prettyBytes from 'pretty-bytes'; -import dotenv from 'dotenv' -dotenv.config({ - path: '../../.env.development' -}) - -if (!process.env.S3_BUCKET_NAME) throw new Error('S3_BUCKET_NAME missing in env'); -if (!process.env.S3_BUCKET_KEY_ID) throw new Error('S3_BUCKET_KEY_ID missing in env'); -if (!process.env.S3_BUCKET_APPLICATION_KEY) throw new Error('S3_BUCKET_APPLICATION_KEY missing in env'); - -async function uploadStream(client: S3Client, stream: NodeJS.ReadableStream, keyName: string) { - // const pass = new PassThrough() - // Create a stream to the S3 bucket. We use this stream to upload the livestream to Backblaze S3 service - console.log(`keyName=${keyName}`) - const target = { - Bucket: process.env.S3_BUCKET_NAME!, - Key: keyName, - Body: new Readable().wrap(stream) - } - console.log(target) - // greets https://stackoverflow.com/a/70159394/1004931 - try { - const parallelUploads3 = new Upload({ - client: client, - partSize: 1024 * 1024 * 5, - // tags: [...], // optional tags - queueSize: 1, // optional concurrency configuration - leavePartsOnError: false, // optional manually handle dropped parts - params: target, - }); - - - parallelUploads3.on("httpUploadProgress", (progress) => { - if (progress?.loaded) { - console.log(`loaded ${progress.loaded} bytes (${prettyBytes(progress.loaded)})`); - } else { - console.log(`httpUploadProgress ${JSON.stringify(progress, null, 2)}`) - } - }); - - const res = await parallelUploads3.done(); - return res - - } catch (e) { - if (e instanceof Error) { - console.error(`while uploading a file to s3, we encountered an error`) - throw new Error(e.message); - } else { - throw new Error(`error of some sort ${JSON.stringify(e, null, 2)}`) - } - } -} - -async function main() { - try { - const client = new S3Client({ - endpoint: 'https://s3.us-west-000.backblazeb2.com', - region: 'us-west-000', - credentials: { - accessKeyId: process.env.S3_BUCKET_KEY_ID!, - secretAccessKey: process.env.S3_BUCKET_APPLICATION_KEY! - } - }); - - - - // let debugCounter = 0 - // let uploadStream = new PassThrough() - // uploadStream.on('data', (data) => { - // debugCounter += data.length - // console.log(`[data] uploadStream. ${debugCounter} aggregated bytes (${prettyBytes(debugCounter)}).`) - // }) - // uploadStream.on('drain', () => { - // console.log('[drain] uploadStream') - // }) - // uploadStream.on('close', () => { - // console.log(`[close] uploadStream closed`) - // }) - // uploadStream.on('error', (err) => { - // console.error('[error] uploadStream had an error as follows') - // console.error(err) - // }) - // uploadStream.on('exit', (code) => { - // console.log(`[exit] uploadStream exited with code ${code}`) - // }) - // uploadStream.on('disconnect', () => { - // console.log('[disconnect] uploadStream disconnected') - // }) - // uploadStream.on('message', (msg) => { - // console.log('[message] uploadStream sent a message as follows') - // console.log(msg) - // }) - - - - const fileStream = createReadStream('/home/cj/Downloads/stream-23894234.ts') - const datestamp = new Date().toISOString() - const keyName = `${datestamp}-stream3-chaturbate-${createId()}.ts` - await uploadStream(client, fileStream, keyName) - - // // we set up a pipeline which has an readable stream (ffmpeg), a transform stream (debug), and a writable stream (s3 Upload) - // pipeline( - // fileStream, - // uploadStream, - // (err) => { - // if (err) { - // console.error(`pipeline errored.`) - // console.error(err) - // } else { - // console.log('pipeline succeeded.') - // } - // } - // ) - - - - } catch (e) { - if (e instanceof Error) { - console.error(`Eyy lookat me, I'm a big nastry try/catch block and I did my jorb!`) - console.error(e) - } else { - console.error('err or some sort') - console.error(e) - } - } - -} -main() - - diff --git a/services/capture/src/poc-s3.ts b/services/capture/src/poc-s3.ts deleted file mode 100644 index ea592b2..0000000 --- a/services/capture/src/poc-s3.ts +++ /dev/null @@ -1,122 +0,0 @@ -import { PassThrough, pipeline, Readable } from "stream"; -import { Upload } from "@aws-sdk/lib-storage"; -import { S3Client } from "@aws-sdk/client-s3"; -import { createReadStream } from 'fs'; -import { createId } from '@paralleldrive/cuid2'; -import prettyBytes from 'pretty-bytes'; -import dotenv from 'dotenv' -dotenv.config({ - path: '../../.env.development' -}) - -if (!process.env.S3_BUCKET_NAME) throw new Error('S3_BUCKET_NAME missing in env'); -if (!process.env.S3_BUCKET_KEY_ID) throw new Error('S3_BUCKET_KEY_ID missing in env'); -if (!process.env.S3_BUCKET_APPLICATION_KEY) throw new Error('S3_BUCKET_APPLICATION_KEY missing in env'); - -function makeProgressTicker(counter: number) { - const ticker = setInterval(() => { - console.log(`[progress] ${counter} bytes (aggregate) (${prettyBytes(counter)}) have passed through the pipeline.`) - }, 1000 * 30) - return ticker -} - -function makeS3Client() { - const client = new S3Client({ - endpoint: 'https://s3.us-west-000.backblazeb2.com', - region: 'us-west-000', - credentials: { - accessKeyId: process.env.S3_BUCKET_KEY_ID!, - secretAccessKey: process.env.S3_BUCKET_APPLICATION_KEY! - } - }) - return client -} - - -async function uploadToS3({ client, uploadStream, keyName }: { client: S3Client, uploadStream: NodeJS.ReadableStream, keyName: string }) { - - const target = { - Bucket: process.env.S3_BUCKET_NAME!, - Key: keyName, - Body: new Readable().wrap(uploadStream) - } - - // greets https://stackoverflow.com/a/70159394/1004931 - try { - const parallelUploads3 = new Upload({ - client: client, - partSize: 1024 * 1024 * 5, - queueSize: 1, - leavePartsOnError: false, - params: target, - }); - - - parallelUploads3.on("httpUploadProgress", (progress) => { - console.log(progress) - if (progress?.loaded) { - console.log(`loaded ${progress.loaded} bytes (${prettyBytes(progress.loaded)})`); - } else { - console.log(`httpUploadProgress ${JSON.stringify(progress, null, 2)}`) - } - }); - - await parallelUploads3.done(); - - } catch (e) { - if (e instanceof Error) { - console.error(`while uploading a file to s3, we encountered an error`) - throw new Error(e.message); - } else { - throw new Error(`error of some sort ${JSON.stringify(e, null, 2)}`) - } - } -} - -async function main() { - - let counter = 0 - const client = makeS3Client() - const ticker = makeProgressTicker(counter) - const datestamp = new Date().toISOString() - const keyName = `${datestamp}-stream3-chaturbate-${createId()}.ts` - console.log(`Uploading ${keyName} to S3`) - - /** - * setup the streams which process the data - */ - const ffmpegStream = createReadStream('/home/cj/Downloads/stream-23894234.ts') - const uploadStream = new PassThrough() - - // update the progress ticker data - uploadStream.on('data', (data) => { - counter += data.length - }) - - /** - * we set up a pipeline which has an readable stream (ffmpeg), a transform stream (debug), and a writable stream (s3 Upload) - */ - pipeline( - ffmpegStream, - uploadStream, - (err) => { - if (err) { - console.error(`pipeline errored.`) - console.error(err) - } else { - console.log('pipeline succeeded.') - } - } - ) - - - await uploadToS3({client, uploadStream, keyName }) - clearInterval(ticker) - - -} - - -main() - - diff --git a/services/capture/src/poc.ts b/services/capture/src/poc.ts deleted file mode 100644 index e59242f..0000000 --- a/services/capture/src/poc.ts +++ /dev/null @@ -1,177 +0,0 @@ -/** - * - * @todo if we have the ffmpeg stream send an end event, does the ffmpegStream close? - * so far, we have observed the end of a CB stream, and the uploadStream is what shows as closed. - * It would be better to have the ffmpeg stream do the closing, amirite? or does it even matter? - * Here's what the console.log shows when the CB stream ended while we were not using { end: true } on the ffmpeg stream - * - * - * [data] uploadStream. 118018880 aggregated bytes (118 MB). - [data] uploadStream. 118067384 aggregated bytes (118 MB). - [data] uploadStream. 118101224 aggregated bytes (118 MB). - [data] uploadStream. 118119648 aggregated bytes (118 MB). - [close] uploadStream closed - pipeline succeeded. - */ - - - -import { getRandomRoom } from '@futureporn/scout/cb.js' -import { ua0 } from "@futureporn/scout/ua.js"; -import { spawn } from "child_process"; -import { PassThrough, pipeline } from "stream"; -import { Upload } from "@aws-sdk/lib-storage"; -import { S3Client } from "@aws-sdk/client-s3"; -import { createId } from '@paralleldrive/cuid2'; -import prettyBytes from 'pretty-bytes'; -import dotenv from 'dotenv' -dotenv.config({ - path: '../../.env.development' -}) - -if (!process.env.S3_BUCKET_NAME) throw new Error('S3_BUCKET_NAME missing in env'); -if (!process.env.S3_ACCESS_KEY_ID) throw new Error('S3_ACCESS_KEY_ID missing in env'); -if (!process.env.S3_SECRET_ACCESS_KEY) throw new Error('S3_SECRET_ACCESS_KEY missing in env'); - -async function main() { - const client = new S3Client({ - endpoint: 'https://s3.us-west-000.backblazeb2.com', - region: 'us-west-000', - credentials: { - accessKeyId: process.env.S3_ACCESS_KEY_ID!, - secretAccessKey: process.env.S3_SECRET_ACCESS_KEY! - } - }); - - - const randomRoom = await getRandomRoom() - console.log(`randomRoom=${randomRoom.name}`) - - const playlistUrl: string = await new Promise((resolve, reject) => { - - // get the m3u8 playlist for the livestream - const ytdlp = spawn('yt-dlp', [ '-g', randomRoom.url ]) - let output = '' - ytdlp.on('error', (err) => { - console.error(err) - }) - ytdlp.once('exit', (code) => { - console.log(`code=${code}`) - if (code !== 0) reject(`yt-dlp exited with code ${code}. stderr as follows ${JSON.stringify(ytdlp.stderr, null, 2)}`); - resolve(output) - }) - ytdlp.stderr.on('data', (data) => { - console.error('stderr data as follows') - console.error(data.toString()) - }) - ytdlp.stdout.on('data', (data) => { - output = data - }) - - }) - console.log(`playlistUrl=${playlistUrl}`) - if (!playlistUrl) throw new Error(`failed to get playlistUrl from yt-dlp -g ${randomRoom.url}`); - - let debugCounter = 0 - // let ffmpegLogStream = createWriteStream('/tmp/ffmpeg-log.txt') - let uploadStream = new PassThrough() - uploadStream.on('data', (data) => { - debugCounter += data.length - if (debugCounter % (1 * 1024 * 1024) < 1024) { - console.log(`Received ${debugCounter} bytes (${prettyBytes(debugCounter)}) [${debugCounter % (1*1024*1024)}]`); - } - }) - // uploadStream.on('drain', () => { - // console.log('[drain] uploadStream') - // }) - uploadStream.on('close', () => { - console.log(`[close] uploadStream closed`) - }) - uploadStream.on('error', (err) => { - console.error('[error] uploadStream had an error as follows') - console.error(err) - }) - uploadStream.on('exit', (code) => { - console.log(`[exit] uploadStream exited with code ${code}`) - }) - uploadStream.on('disconnect', () => { - console.log('[disconnect] uploadStream disconnected') - }) - uploadStream.on('message', (msg) => { - console.log('[message] uploadStream sent a message as follows') - console.log(msg) - }) - - - const datestamp = new Date().toISOString() - - - - const ffmpegProc = spawn('ffmpeg', [ - '-headers', `"User-Agent: ${ua0}"`, - '-i', playlistUrl, - '-c:v', 'copy', - '-c:a', 'copy', - '-movflags', 'faststart', - '-y', - '-f', 'mpegts', - '-loglevel', 'quiet', - 'pipe:1' - ], { - // ignoring stderr is important because if not, ffmpeg will fill that buffer and node will hang - stdio: ['pipe', 'pipe', 'ignore'] - }) - - console.log('the following is the ffmpegProc.stdout') - console.log(ffmpegProc.stdout.constructor.name) - - // we set up a pipeline which has an readable stream (ffmpeg), a transform stream (debug), and a writable stream (s3 Upload) - pipeline( - ffmpegProc.stdout, - uploadStream, - (err) => { - if (err) { - console.error(`pipeline errored.`) - console.error(err) - } else { - console.log('pipeline succeeded.') - } - } - ) - - // Create a stream to the S3 bucket. We use this stream to upload the livestream to Backblaze S3 service - const keyName = `${datestamp}-${randomRoom.name}-chaturbate-${createId()}.ts` - console.log(`keyName=${keyName}`) - const target = { - Bucket: process.env.S3_BUCKET_NAME, - Key: keyName, - Body: uploadStream - } - // greets https://stackoverflow.com/a/70159394/1004931 - try { - const parallelUploads3 = new Upload({ - client: client, - //tags: [...], // optional tags - queueSize: 4, // optional concurrency configuration - leavePartsOnError: false, // optional manually handle dropped parts - params: target, - }); - - await parallelUploads3.done(); - - } catch (e) { - if (e instanceof Error) { - console.error(`while uploading a file to s3, we encountered an error`) - throw new Error(e.message); - } else { - throw new Error(`error of some sort ${JSON.stringify(e, null, 2)}`) - } - } - - - - -} -main() - - diff --git a/services/capture/src/record.js.old b/services/capture/src/record.js.old deleted file mode 100644 index 5c799eb..0000000 --- a/services/capture/src/record.js.old +++ /dev/null @@ -1,117 +0,0 @@ -import { join } from 'path'; -import { spawn } from 'child_process'; -import fs from 'node:fs'; - -export const getFilename = (appContext, roomName) => { - const name = `${roomName}_${new Date().toISOString()}.ts` - return join(appContext.env.FUTUREPORN_WORKDIR, 'recordings', name); -} - - -export const assertDirectory = (directoryPath) => { - if (fs.statSync(directoryPath, { throwIfNoEntry: false }) === undefined) fs.mkdirSync(directoryPath); -} - -export const checkFFmpeg = async (appContext) => { - return new Promise((resolve, reject) => { - const childProcess = spawn('ffmpeg', ['-version']); - - childProcess.on('error', (err) => { - appContext.logger.log({ - level: 'error', - message: `ffmpeg -version failed, which likely means ffmpeg is not installed or not on $PATH`, - }); - throw new Error('ffmpeg is missing') - }); - - childProcess.on('exit', (code) => { - if (code !== 0) reject(`'ffmpeg -version' exited with code ${code}`) - if (code === 0) { - appContext.logger.log({ level: 'info', message: `ffmpeg PRESENT.` }); - resolve() - } - }); - }) -}; - -export const assertDependencyDirectory = (appContext) => { - // Extract the directory path from the filename - const directoryPath = join(appContext.env.FUTUREPORN_WORKDIR, 'recordings'); - console.log(`asserting ${directoryPath} exists`) - - // Check if the directory exists, and create it if it doesn't - if (!fs.existsSync(directoryPath)) { - fs.mkdirSync(directoryPath, { recursive: true }); - console.log(`Created directory: ${directoryPath}`); - } -} - -export const record = async (appContext, playlistUrl, roomName) => { - if (appContext === undefined) throw new Error('appContext undef'); - if (playlistUrl === undefined) throw new Error('playlistUrl undef'); - if (roomName === undefined) throw new Error('roomName undef'); - - const filename = getFilename(appContext, roomName); - console.log(`downloading to ${filename}`) - - // example: `ffmpeg -headers "User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:105.0) Gecko/20100101 Firefox/105.0" - // -i ${chunkPlaylist} - // -c:v copy - // -c:a copy - // -movflags faststart - // -y - // -f mpegts - // ./my-recording.ts` - const ffmpegProcess = spawn('ffmpeg', [ - '-headers', `"User-Agent: ${appContext.env.DOWNLOADER_UA}"`, - '-i', playlistUrl, - '-c:v', 'copy', - '-c:a', 'copy', - '-movflags', 'faststart', - '-y', - '-f', 'mpegts', - filename - ], { - stdio: 'inherit' - }); - - - - return new Promise((resolve, reject) => { - ffmpegProcess.once('exit', (code) => { - resolve(code) - }) - }) - - // ffmpegProcess.on('data', (data) => { - // console.log(data.toString()); - // }); - - - // Optional: Handle other events such as 'error', 'close', etc. - // @todo this needs to be handled outside this function - // otherwise this function is not testable - // ffmpegProcess.on('exit', (code, signal) => { - // // Retry the download using exponential backoff if the process exits for any reason - // console.log(`ffmpeg exited with code ${code} and signal ${signal}`) - // retryDownload(appContext, playlistUrl, roomName); - // }); - - // return ffmpegProcess; -} - - -const calculateExponentialBackoffDelay = (attemptNumber) => { - return Math.pow(2, attemptNumber) * 1000; -}; - -const retryDownload = (appContext, playlistUrl, roomName, attemptNumber = 1, maxAttempts = 3) => { - const delay = calculateExponentialBackoffDelay(attemptNumber); - - appContext.logger.log({ level: 'debug', message: `Retrying download in ${delay / 1000} seconds...` }); - - setTimeout(() => { - console.log('Retrying download...'); - record(appContext, playlistUrl, roomName, attemptNumber + 1); - }, delay); -}; diff --git a/services/capture/src/s3.ts b/services/capture/src/s3.ts deleted file mode 100644 index e649b76..0000000 --- a/services/capture/src/s3.ts +++ /dev/null @@ -1,90 +0,0 @@ -import { S3Client, HeadObjectCommand } from "@aws-sdk/client-s3" -import { Upload } from "@aws-sdk/lib-storage" -import { basename } from 'node:path' -import fs from 'node:fs' - -if (!process.env.S3_BUCKET_NAME) throw new Error('S3_BUCKET_NAME was undefined in env'); -if (!process.env.S3_BUCKET_KEY_ID) throw new Error('S3_BUCKET_KEY_ID was undefined in env'); -if (!process.env.S3_BUCKET_APPLICATION_KEY) throw new Error('S3_BUCKET_APPLICATION_KEY was undefined in env'); - - - -export async function uploadFile(filePath: string) { - if (!filePath) throw new Error("first argument, 'filePath' is undefined"); - - const fileName = basename(filePath) - let isFileAlreadyUploaded = false - - - const client = new S3Client({ - endpoint: 'https://s3.us-west-000.backblazeb2.com', - region: 'us-west-000', - credentials: { - accessKeyId: process.env.S3_BUCKET_KEY_ID!, - secretAccessKey: process.env.S3_BUCKET_APPLICATION_KEY! - } - }); - - // try { - // console.log(`> Checking to see if ${fileName} exists in the S3 bucket`) - // const input = { - // "Bucket": process.env.S3_BUCKET_NAME, - // "Key": fileName - // }; - - // const command = new HeadObjectCommand(input); - // const response = await client.send(command); - - // if (response.ContentLength && response.ContentLength > 0) isFileAlreadyUploaded = true; - - // // console.log('does this following file exist?') - - // return { Key: fileName } - // } catch (e) { - // console.log(`> failed to get ${fileName} which means it probably doesnt exist in the bucket`) - // console.log(e) - // } - - - console.log('> Uploading file') - - const target = { - Bucket: process.env.S3_BUCKET_NAME, - Key: fileName, - Body: fs.createReadStream(filePath) - } - - // greets https://stackoverflow.com/a/70159394/1004931 - try { - const parallelUploads3 = new Upload({ - client: client, - //tags: [...], // optional tags - queueSize: 4, // optional concurrency configuration - leavePartsOnError: false, // optional manually handle dropped parts - params: target, - }); - - // parallelUploads3.on("httpUploadProgress", (progress) => { - // console.log(progress); - // }); - - const res = await parallelUploads3.done(); - return res - - } catch (e) { - if (e instanceof Error) { - console.error(`while uploading a file to s3, we encountered an error`) - throw new Error(e.message); - } else { - throw new Error(`error of some sort ${JSON.stringify(e, null, 2)}`) - } - } - - - - -} - - - - diff --git a/services/capture/src/sample.ts b/services/capture/src/sample.ts deleted file mode 100644 index 3028cee..0000000 --- a/services/capture/src/sample.ts +++ /dev/null @@ -1,28 +0,0 @@ -import { setInterval, setTimeout } from 'node:timers/promises'; - -async function task() { - console.log('Task is running:', new Date().toISOString()); - await setTimeout(1000); // Simulating async work with 1 second delay - console.log('Task completed:', new Date().toISOString()); -} - -async function main() { - console.log('Main function started'); - - // Run the async function on an interval - (async () => { - for await (const _ of setInterval(5000)) { // 5 seconds interval - task(); // Running async task without waiting for it to complete - } - })(); - - // Non-blocking logic in the main function with a for loop - for (let i = 1; i <= 5; i++) { - console.log(`Main function loop iteration ${i}`); - await setTimeout(2000); // Simulate async work (non-blocking) with 2 seconds delay - } - - console.log('Main function loop completed'); -} - -main(); diff --git a/services/capture/src/server.ts.old b/services/capture/src/server.ts.old deleted file mode 100755 index a2c9f4c..0000000 --- a/services/capture/src/server.ts.old +++ /dev/null @@ -1,154 +0,0 @@ -#!/usr/bin/env node - -// import Capture from './src/Capture.js' -// import Video from './src/Video.js' - -import dotenv from 'dotenv' -dotenv.config() -import { createId } from '@paralleldrive/cuid2' -import os from 'os' -import fs from 'node:fs' -import { loggerFactory } from "./logger.js" -import { verifyStorage } from './disk.js' -import { record, assertDependencyDirectory, checkFFmpeg } from './record.js' -import fastq from 'fastq' -import pRetry from 'p-retry'; -import Fastify from 'fastify'; - - - -// Create a map to store the work queues -const workQueues = new Map(); - - - -async function captureTask (args, cb) { - const { appContext, playlistUrl, roomName } = args; - - try { - const downloadStream = async () => { - const rc = await record(appContext, playlistUrl, roomName) - if (rc !== 0) throw new Error('ffmpeg exited irregularly (return code was other than zero)') - } - await pRetry(downloadStream, { - retries: 3, - onFailedAttempt: error => { - appContext.logger.log({ level: 'error', message: `downloadStream attempt ${error.attemptNumber} failed. There are ${error.retriesLeft} retries left.` }); - }, - }) - } catch (e) { - // we can get here if all retries are exhausted. - // this could be that the stream is over, the playlistUrl might be different, etc. - // we might have queued tasks so we don't want to crash. - appContext.logger.log({ level: 'error', message: `downloadStream exhausted all retries.` }) - appContext.logger.log({ level: 'error', message: e }) - } - - verifyStorage(appContext) - - appContext.logger.log({ level: 'info', message: 'Capture task complete'}) - cb(null, null) -} - -/** - * - * Fastify is used to facilitate Docker health checks - * - */ -async function initFastify(appContext) { - appContext.fastify = Fastify({ - logger: true - }) - - // Declare a route - appContext.fastify.get('/health', function (_, reply) { - reply.send({ message: 'futureporn-capture sneed' }); - }) - - // Run the server! - appContext.fastify.listen({ port: appContext.env.PORT }, function (err, address) { - if (err) { - appContext.fastify.log.error(err) - process.exit(1) - } - }) -} - -async function init () { - - const appEnv = new Array( - 'FUTUREPORN_WORKDIR', - 'DOWNLOADER_UA', - 'PORT' - ) - - const logger = loggerFactory({ - service: 'futureporn/capture' - }) - - - const appContext = { - env: appEnv.reduce((acc, ev) => { - if (typeof process.env[ev] === 'undefined') throw new Error(`${ev} is undefined in env`); - acc[ev] = process.env[ev]; - return acc; - }, {}), - logger, - pkg: JSON.parse(fs.readFileSync('./package.json', { encoding: 'utf-8'})), - workerId: `${os.hostname}-${createId()}`, - }; - - await initFastify(appContext); - - assertDependencyDirectory(appContext) - await checkFFmpeg(appContext) - verifyStorage(appContext) - - return appContext -} - - -async function main () { - - const appContext = await init() - - - - appContext.logger.log({ level: 'info', message: `capture version: ${appContext.pkg.version}` }) - appContext.logger.log({ level: 'info', message: `my capture directory is ${appContext.env.FUTUREPORN_WORKDIR}` }) - - - // connect to realtime server - appContext.pubsub.subscribe('/signals', (message) => { - appContext.logger.log({ level: 'debug', message: JSON.stringify(message) }) - - if ( - (message?.signal === 'start') && - (message?.room) && - (message?.url.startsWith('https://')) - ) { - - const roomName = message.room; - const playlistUrl = message.url; - - // Check if a work queue for the room already exists, otherwise create a new one - if (!workQueues.has(roomName)) { - workQueues.set(roomName, fastq(captureTask, 1)); - } - - - // Push the task to the corresponding work queue - workQueues.get(roomName).push({ appContext, playlistUrl, roomName }); - } - - }) - - - -} - -main() - - - - diff --git a/services/capture/src/tasks/record.ts b/services/capture/src/tasks/record.ts deleted file mode 100644 index 3c5c47b..0000000 --- a/services/capture/src/tasks/record.ts +++ /dev/null @@ -1,73 +0,0 @@ - - -import { Helpers, type Task } from 'graphile-worker' -import RecordNextGeneration from '../RecordNextGeneration.ts' -import createVod from '@futureporn/fetchers/createVod.ts' -import findOrCreateStream from '@futureporn/fetchers/findOrCreateStream.ts' -import findOrCreateVtuber from '@futureporn/fetchers/findOrCreateVtuber.ts' -import getRecording from '@futureporn/fetchers/getRecording.ts' -import patchRecording from '@futureporn/fetchers/patchRecording.ts' - - -interface Payload { - recording_id: string; - // url: string; - // discord_message_id?: string; - // vod_id?: string; - // date?: string; -} - - - -function assertPayload(payload: any): asserts payload is Payload { - if (typeof payload !== "object" || !payload) throw new Error("invalid payload"); - if (typeof payload.recording_id !== "string") throw new Error("invalid recording_id"); -} - -async function assertVod(payload: Payload) { - - let { recording_id } = payload - const recording = await getRecording(recording_id) - if (!recording) throw new Error(`failed to getRecording id=${recording_id}`); - let { url, vod_id, date } = recording - if (vod_id) return { vodId: vod_id }; - if (!date) date = new Date().toISOString(); - - const vtuberId = await findOrCreateVtuber({ url }) - const streamId = await findOrCreateStream({ vtuberId, date: new Date(date) }) - if (!streamId) throw new Error(`failed to find or create a Stream in database`); - const vod = await createVod({ stream_id: streamId, vtuber: vtuberId, url, date, recording_id }) - if (!vod) throw new Error('failed to createVod. please try again.') - - return { vodId: vod.id } -} - - - - - -export const record: Task = async function (payload: unknown, helpers: Helpers) { - - - assertPayload(payload) - const { recording_id: recordingId } = payload - const recording = await getRecording(recordingId) - if (!recording) throw new Error(`failed to getRecording() ${recordingId}`); - const { url } = recording - const { vodId } = await assertVod(payload) - // await patchRecording(recording.id, { vod_id: vodId }) - - /** - * RecordNextGeneration handles errors for us and re-throws ones that should fail the Task. - * We intentionally do not use a try/catch block here. - */ - const recordNG = new RecordNextGeneration({ url, vodId }) - await recordNG.done() - - - - return; -} - - -export default record \ No newline at end of file diff --git a/services/capture/tsconfig.json b/services/capture/tsconfig.json deleted file mode 100644 index e93bad7..0000000 --- a/services/capture/tsconfig.json +++ /dev/null @@ -1,32 +0,0 @@ -{ - "compilerOptions": { - // Base Options recommended for all projects - "allowImportingTsExtensions": true, - "noEmit": true, // tsup does the emissions - "esModuleInterop": true, - "skipLibCheck": true, - "target": "ESNext", - "allowJs": true, - "moduleResolution": "Bundler", - "resolveJsonModule": true, - "moduleDetection": "force", - "isolatedModules": true, - // Enable strict type checking so you can catch bugs early - "strict": true, - "noUncheckedIndexedAccess": true, - "noImplicitOverride": true, - // Transpile our TypeScript code to JavaScript - "module": "ESNext", - "outDir": "dist", - "lib": [ - "ESNext" - ] - }, - // Include the necessary files for your project - "include": [ - "src/**/*.ts" -, "../bot/src/tasks/restart_failed_recordings.ts" ], - "exclude": [ - "node_modules" - ] -} \ No newline at end of file diff --git a/services/capture/tsup.config.ts b/services/capture/tsup.config.ts deleted file mode 100644 index ed5ff52..0000000 --- a/services/capture/tsup.config.ts +++ /dev/null @@ -1,30 +0,0 @@ -import { defineConfig } from "tsup"; -import { exec } from 'child_process'; - -export default defineConfig({ - entry: [ - "src/index.ts", - "src/tasks/**.ts" - ], - format: ["esm"], - target: "node20", - clean: true, - sourcemap: true, - /** - * These packages are using the internal packages approach, so it needs to - * be transpiled / bundled together with the deployed code. - */ - noExternal: [ - "@futureporn/utils", - "@futureporn/scout", - "@futureporn/types", - ], - /** - * We do not use tsup for generating d.ts files because it can not generate type - * the definition maps required for go-to-definition to work in our IDE. We - * use tsc for that. - */ - onSuccess: async () => { - exec('tsc --emitDeclarationOnly'); - }, -}); \ No newline at end of file diff --git a/services/factory/.mocharc.json b/services/factory/.mocharc.json deleted file mode 100644 index 8c76e02..0000000 --- a/services/factory/.mocharc.json +++ /dev/null @@ -1,6 +0,0 @@ -{ - "$schema": "https://json.schemastore.org/mocharc.json", - "extensions": ["ts"], - "spec": "./src/**/*.spec.ts", - "require": "tsx" -} \ No newline at end of file diff --git a/services/factory/README.md b/services/factory/README.md deleted file mode 100644 index a0f4bc7..0000000 --- a/services/factory/README.md +++ /dev/null @@ -1,17 +0,0 @@ -# @futureporn/factory - -Factory takes raw materials (video segments) and produces an end product (encoded video, thumbnail) - -factory has a big disk and lots of RAM in order to do transcoding tasks - - - -## 240p encodes - - ffmpeg -i ./pmel-cb-2023-03-04.mp4 -vf scale=-2:240 -b:v 368k -b:a 45k ./projektmelody-chaturbatep2023-03-04_240p.mp4 - - -## potential helpful tools - -* https://github.com/superstreamerapp/superstreamer -* https://github.com/StreamPot/StreamPot diff --git a/services/factory/crontab b/services/factory/crontab deleted file mode 100644 index 79439f5..0000000 --- a/services/factory/crontab +++ /dev/null @@ -1,17 +0,0 @@ -# @see https://worker.graphile.org/docs/cron -# -# ┌───────────── UTC minute (0 - 59) -# │ ┌───────────── UTC hour (0 - 23) -# │ │ ┌───────────── UTC day of the month (1 - 31) -# │ │ │ ┌───────────── UTC month (1 - 12) -# │ │ │ │ ┌───────────── UTC day of the week (0 - 6) (Sunday to Saturday) -# │ │ │ │ │ ┌───────────── task (identifier) to schedule -# │ │ │ │ │ │ ┌────────── optional scheduling options -# │ │ │ │ │ │ │ ┌────── optional payload to merge -# │ │ │ │ │ │ │ │ -# │ │ │ │ │ │ │ │ -# * * * * * task ?opts {payload} - - -## every n minutes, we update the patrons table to contain patron names who have opted-in to the Website Shoutout perk -*/1 * * * * synchronize_patrons_list ?max=1 \ No newline at end of file diff --git a/services/factory/package.json b/services/factory/package.json deleted file mode 100644 index 8a3c195..0000000 --- a/services/factory/package.json +++ /dev/null @@ -1,47 +0,0 @@ -{ - "name": "@futureporn/factory", - "type": "module", - "version": "2.0.0", - "description": "", - "main": "src/index.ts", - "scripts": { - "test": "mocha", - "dev": "pnpm run dev.nodemon # yes this is crazy to have nodemon execute tsx, but it's the only way I have found to get live reloading in TS/ESM/docker with Graphile Worker's way of loading tasks", - "dev.tsx": "tsx ./src/index.ts", - "dev.nodemon": "nodemon --verbose --exitcrash --ext ts --exec \"pnpm run dev.tsx\"", - "dev.node": "node --no-warnings=ExperimentalWarning --loader ts-node/esm src/index.ts" - }, - "keywords": [ - "transcode", - "transcoding", - "process", - "processing", - "build", - "factory" - ], - "author": "@cj_clippy", - "license": "Unlicense", - "dependencies": { - "@aws-sdk/client-s3": "^3.637.0", - "@aws-sdk/lib-storage": "^3.637.0", - "@futureporn/fetchers": "workspace:^", - "@futureporn/storage": "workspace:^", - "@futureporn/utils": "workspace:^", - "@paralleldrive/cuid2": "^2.2.2", - "@types/chai": "^4.3.19", - "@types/mocha": "^10.0.7", - "@types/node": "^22.5.2", - "chai": "^5.1.1", - "dotenv": "^16.4.5", - "graphile-config": "0.0.1-beta.9", - "graphile-worker": "^0.16.6", - "p-retry": "^6.2.0" - }, - "devDependencies": { - "@futureporn/types": "workspace:^", - "mocha": "^10.7.3", - "nodemon": "^3.1.4", - "ts-node": "^10.9.2", - "tsx": "^4.19.0" - } -} diff --git a/services/factory/pnpm-lock.yaml b/services/factory/pnpm-lock.yaml deleted file mode 100644 index 4117d98..0000000 --- a/services/factory/pnpm-lock.yaml +++ /dev/null @@ -1,2974 +0,0 @@ -lockfileVersion: '9.0' - -settings: - autoInstallPeers: true - excludeLinksFromLockfile: false - -importers: - - .: - dependencies: - '@aws-sdk/client-s3': - specifier: ^3.637.0 - version: 3.637.0 - '@aws-sdk/lib-storage': - specifier: ^3.637.0 - version: 3.637.0(@aws-sdk/client-s3@3.637.0) - '@futureporn/fetchers': - specifier: workspace:^ - version: link:../../packages/fetchers - '@futureporn/storage': - specifier: workspace:^ - version: link:../../packages/storage - '@futureporn/utils': - specifier: workspace:^ - version: link:../../packages/utils - '@paralleldrive/cuid2': - specifier: ^2.2.2 - version: 2.2.2 - '@types/chai': - specifier: ^4.3.19 - version: 4.3.20 - '@types/mocha': - specifier: ^10.0.7 - version: 10.0.9 - '@types/node': - specifier: ^22.5.2 - version: 22.5.2 - chai: - specifier: ^5.1.1 - version: 5.1.2 - dotenv: - specifier: ^16.4.5 - version: 16.4.5 - graphile-config: - specifier: 0.0.1-beta.9 - version: 0.0.1-beta.9 - graphile-worker: - specifier: ^0.16.6 - version: 0.16.6(typescript@5.5.4) - p-retry: - specifier: ^6.2.0 - version: 6.2.0 - devDependencies: - '@futureporn/types': - specifier: workspace:^ - version: link:../../packages/types - mocha: - specifier: ^10.7.3 - version: 10.7.3 - nodemon: - specifier: ^3.1.4 - version: 3.1.4 - ts-node: - specifier: ^10.9.2 - version: 10.9.2(@types/node@22.5.2)(typescript@5.5.4) - tsx: - specifier: ^4.19.0 - version: 4.19.0 - -packages: - - '@aws-crypto/crc32@5.2.0': - resolution: {integrity: sha512-nLbCWqQNgUiwwtFsen1AdzAtvuLRsQS8rYgMuxCrdKf9kOssamGLuPwyTY9wyYblNr9+1XM8v6zoDTPPSIeANg==} - engines: {node: '>=16.0.0'} - - '@aws-crypto/crc32c@5.2.0': - resolution: {integrity: sha512-+iWb8qaHLYKrNvGRbiYRHSdKRWhto5XlZUEBwDjYNf+ly5SVYG6zEoYIdxvf5R3zyeP16w4PLBn3rH1xc74Rag==} - - '@aws-crypto/sha1-browser@5.2.0': - resolution: {integrity: sha512-OH6lveCFfcDjX4dbAvCFSYUjJZjDr/3XJ3xHtjn3Oj5b9RjojQo8npoLeA/bNwkOkrSQ0wgrHzXk4tDRxGKJeg==} - - '@aws-crypto/sha256-browser@5.2.0': - resolution: {integrity: sha512-AXfN/lGotSQwu6HNcEsIASo7kWXZ5HYWvfOmSNKDsEqC4OashTp8alTmaz+F7TC2L083SFv5RdB+qU3Vs1kZqw==} - - '@aws-crypto/sha256-js@5.2.0': - resolution: {integrity: sha512-FFQQyu7edu4ufvIZ+OadFpHHOt+eSTBaYaki44c+akjg7qZg9oOQeLlk77F6tSYqjDAFClrHJk9tMf0HdVyOvA==} - engines: {node: '>=16.0.0'} - - '@aws-crypto/supports-web-crypto@5.2.0': - resolution: {integrity: sha512-iAvUotm021kM33eCdNfwIN//F77/IADDSs58i+MDaOqFrVjZo9bAal0NK7HurRuWLLpF1iLX7gbWrjHjeo+YFg==} - - '@aws-crypto/util@5.2.0': - resolution: {integrity: sha512-4RkU9EsI6ZpBve5fseQlGNUWKMa1RLPQ1dnjnQoe07ldfIzcsGb5hC5W0Dm7u423KWzawlrpbjXBrXCEv9zazQ==} - - '@aws-sdk/client-s3@3.637.0': - resolution: {integrity: sha512-y6UC94fsMvhKbf0dzfnjVP1HePeGjplfcYfilZU1COIJLyTkMcUv4XcT4I407CGIrvgEafONHkiC09ygqUauNA==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/client-sso-oidc@3.637.0': - resolution: {integrity: sha512-27bHALN6Qb6m6KZmPvRieJ/QRlj1lyac/GT2Rn5kJpre8Mpp+yxrtvp3h9PjNBty4lCeFEENfY4dGNSozBuBcw==} - engines: {node: '>=16.0.0'} - peerDependencies: - '@aws-sdk/client-sts': ^3.637.0 - - '@aws-sdk/client-sso@3.637.0': - resolution: {integrity: sha512-+KjLvgX5yJYROWo3TQuwBJlHCY0zz9PsLuEolmXQn0BVK1L/m9GteZHtd+rEdAoDGBpE0Xqjy1oz5+SmtsaRUw==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/client-sts@3.637.0': - resolution: {integrity: sha512-xUi7x4qDubtA8QREtlblPuAcn91GS/09YVEY/RwU7xCY0aqGuFwgszAANlha4OUIqva8oVj2WO4gJuG+iaSnhw==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/core@3.635.0': - resolution: {integrity: sha512-i1x/E/sgA+liUE1XJ7rj1dhyXpAKO1UKFUcTTHXok2ARjWTvszHnSXMOsB77aPbmn0fUp1JTx2kHUAZ1LVt5Bg==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/credential-provider-env@3.620.1': - resolution: {integrity: sha512-ExuILJ2qLW5ZO+rgkNRj0xiAipKT16Rk77buvPP8csR7kkCflT/gXTyzRe/uzIiETTxM7tr8xuO9MP/DQXqkfg==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/credential-provider-http@3.635.0': - resolution: {integrity: sha512-iJyRgEjOCQlBMXqtwPLIKYc7Bsc6nqjrZybdMDenPDa+kmLg7xh8LxHsu9088e+2/wtLicE34FsJJIfzu3L82g==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/credential-provider-ini@3.637.0': - resolution: {integrity: sha512-h+PFCWfZ0Q3Dx84SppET/TFpcQHmxFW8/oV9ArEvMilw4EBN+IlxgbL0CnHwjHW64szcmrM0mbebjEfHf4FXmw==} - engines: {node: '>=16.0.0'} - peerDependencies: - '@aws-sdk/client-sts': ^3.637.0 - - '@aws-sdk/credential-provider-node@3.637.0': - resolution: {integrity: sha512-yoEhoxJJfs7sPVQ6Is939BDQJZpZCoUgKr/ySse4YKOZ24t4VqgHA6+wV7rYh+7IW24Rd91UTvEzSuHYTlxlNA==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/credential-provider-process@3.620.1': - resolution: {integrity: sha512-hWqFMidqLAkaV9G460+1at6qa9vySbjQKKc04p59OT7lZ5cO5VH5S4aI05e+m4j364MBROjjk2ugNvfNf/8ILg==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/credential-provider-sso@3.637.0': - resolution: {integrity: sha512-Mvz+h+e62/tl+dVikLafhv+qkZJ9RUb8l2YN/LeKMWkxQylPT83CPk9aimVhCV89zth1zpREArl97+3xsfgQvA==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/credential-provider-web-identity@3.621.0': - resolution: {integrity: sha512-w7ASSyfNvcx7+bYGep3VBgC3K6vEdLmlpjT7nSIHxxQf+WSdvy+HynwJosrpZax0sK5q0D1Jpn/5q+r5lwwW6w==} - engines: {node: '>=16.0.0'} - peerDependencies: - '@aws-sdk/client-sts': ^3.621.0 - - '@aws-sdk/lib-storage@3.637.0': - resolution: {integrity: sha512-HiNGOP4a1QrCWwO1joKw4mCp19nLXoF9K52PislBaYDI35IlHC3DP6MeOg5zmElwtL1GtEHFBy5olfPWPsLyLg==} - engines: {node: '>=16.0.0'} - peerDependencies: - '@aws-sdk/client-s3': ^3.637.0 - - '@aws-sdk/middleware-bucket-endpoint@3.620.0': - resolution: {integrity: sha512-eGLL0W6L3HDb3OACyetZYOWpHJ+gLo0TehQKeQyy2G8vTYXqNTeqYhuI6up9HVjBzU9eQiULVQETmgQs7TFaRg==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/middleware-expect-continue@3.620.0': - resolution: {integrity: sha512-QXeRFMLfyQ31nAHLbiTLtk0oHzG9QLMaof5jIfqcUwnOkO8YnQdeqzakrg1Alpy/VQ7aqzIi8qypkBe2KXZz0A==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/middleware-flexible-checksums@3.620.0': - resolution: {integrity: sha512-ftz+NW7qka2sVuwnnO1IzBku5ccP+s5qZGeRTPgrKB7OzRW85gthvIo1vQR2w+OwHFk7WJbbhhWwbCbktnP4UA==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/middleware-host-header@3.620.0': - resolution: {integrity: sha512-VMtPEZwqYrII/oUkffYsNWY9PZ9xpNJpMgmyU0rlDQ25O1c0Hk3fJmZRe6pEkAJ0omD7kLrqGl1DUjQVxpd/Rg==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/middleware-location-constraint@3.609.0': - resolution: {integrity: sha512-xzsdoTkszGVqGVPjUmgoP7TORiByLueMHieI1fhQL888WPdqctwAx3ES6d/bA9Q/i8jnc6hs+Fjhy8UvBTkE9A==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/middleware-logger@3.609.0': - resolution: {integrity: sha512-S62U2dy4jMDhDFDK5gZ4VxFdWzCtLzwbYyFZx2uvPYTECkepLUfzLic2BHg2Qvtu4QjX+oGE3P/7fwaGIsGNuQ==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/middleware-recursion-detection@3.620.0': - resolution: {integrity: sha512-nh91S7aGK3e/o1ck64sA/CyoFw+gAYj2BDOnoNa6ouyCrVJED96ZXWbhye/fz9SgmNUZR2g7GdVpiLpMKZoI5w==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/middleware-sdk-s3@3.635.0': - resolution: {integrity: sha512-RLdYJPEV4JL/7NBoFUs7VlP90X++5FlJdxHz0DzCjmiD3qCviKy+Cym3qg1gBgHwucs5XisuClxDrGokhAdTQw==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/middleware-ssec@3.609.0': - resolution: {integrity: sha512-GZSD1s7+JswWOTamVap79QiDaIV7byJFssBW68GYjyRS5EBjNfwA/8s+6uE6g39R3ojyTbYOmvcANoZEhSULXg==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/middleware-user-agent@3.637.0': - resolution: {integrity: sha512-EYo0NE9/da/OY8STDsK2LvM4kNa79DBsf4YVtaG4P5pZ615IeFsD8xOHZeuJmUrSMlVQ8ywPRX7WMucUybsKug==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/region-config-resolver@3.614.0': - resolution: {integrity: sha512-vDCeMXvic/LU0KFIUjpC3RiSTIkkvESsEfbVHiHH0YINfl8HnEqR5rj+L8+phsCeVg2+LmYwYxd5NRz4PHxt5g==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/signature-v4-multi-region@3.635.0': - resolution: {integrity: sha512-J6QY4/invOkpogCHjSaDON1hF03viPpOnsrzVuCvJMmclS/iG62R4EY0wq1alYll0YmSdmKlpJwHMWwGtqK63Q==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/token-providers@3.614.0': - resolution: {integrity: sha512-okItqyY6L9IHdxqs+Z116y5/nda7rHxLvROxtAJdLavWTYDydxrZstImNgGWTeVdmc0xX2gJCI77UYUTQWnhRw==} - engines: {node: '>=16.0.0'} - peerDependencies: - '@aws-sdk/client-sso-oidc': ^3.614.0 - - '@aws-sdk/types@3.609.0': - resolution: {integrity: sha512-+Tqnh9w0h2LcrUsdXyT1F8mNhXz+tVYBtP19LpeEGntmvHwa2XzvLUCWpoIAIVsHp5+HdB2X9Sn0KAtmbFXc2Q==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/util-arn-parser@3.568.0': - resolution: {integrity: sha512-XUKJWWo+KOB7fbnPP0+g/o5Ulku/X53t7i/h+sPHr5xxYTJJ9CYnbToo95mzxe7xWvkLrsNtJ8L+MnNn9INs2w==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/util-endpoints@3.637.0': - resolution: {integrity: sha512-pAqOKUHeVWHEXXDIp/qoMk/6jyxIb6GGjnK1/f8dKHtKIEs4tKsnnL563gceEvdad53OPXIt86uoevCcCzmBnw==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/util-locate-window@3.568.0': - resolution: {integrity: sha512-3nh4TINkXYr+H41QaPelCceEB2FXP3fxp93YZXB/kqJvX0U9j0N0Uk45gvsjmEPzG8XxkPEeLIfT2I1M7A6Lig==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/util-user-agent-browser@3.609.0': - resolution: {integrity: sha512-fojPU+mNahzQ0YHYBsx0ZIhmMA96H+ZIZ665ObU9tl+SGdbLneVZVikGve+NmHTQwHzwkFsZYYnVKAkreJLAtA==} - - '@aws-sdk/util-user-agent-node@3.614.0': - resolution: {integrity: sha512-15ElZT88peoHnq5TEoEtZwoXTXRxNrk60TZNdpl/TUBJ5oNJ9Dqb5Z4ryb8ofN6nm9aFf59GVAerFDz8iUoHBA==} - engines: {node: '>=16.0.0'} - peerDependencies: - aws-crt: '>=1.0.0' - peerDependenciesMeta: - aws-crt: - optional: true - - '@aws-sdk/xml-builder@3.609.0': - resolution: {integrity: sha512-l9XxNcA4HX98rwCC2/KoiWcmEiRfZe4G+mYwDbCFT87JIMj6GBhLDkAzr/W8KAaA2IDr8Vc6J8fZPgVulxxfMA==} - engines: {node: '>=16.0.0'} - - '@babel/code-frame@7.24.7': - resolution: {integrity: sha512-BcYH1CVJBO9tvyIZ2jVeXgSIMvGZ2FDRvDdOIVQyuklNKSsx+eppDEBq/g47Ayw+RqNFE+URvOShmf+f/qwAlA==} - engines: {node: '>=6.9.0'} - - '@babel/helper-validator-identifier@7.24.7': - resolution: {integrity: sha512-rR+PBcQ1SMQDDyF6X0wxtG8QyLCgUB0eRAGguqRLfkCA87l7yAP7ehq8SNj96OOGTO8OBV70KhuFYcIkHXOg0w==} - engines: {node: '>=6.9.0'} - - '@babel/highlight@7.24.7': - resolution: {integrity: sha512-EStJpq4OuY8xYfhGVXngigBJRWxftKX9ksiGDnmlY3o7B/V7KIAc9X4oiK87uPJSc/vs5L869bem5fhZa8caZw==} - engines: {node: '>=6.9.0'} - - '@cspotcode/source-map-support@0.8.1': - resolution: {integrity: sha512-IchNf6dN4tHoMFIn/7OE8LWZ19Y6q/67Bmf6vnGREv8RSbBVb9LPJxEcnwrcwX6ixSvaiGoomAUvu4YSxXrVgw==} - engines: {node: '>=12'} - - '@esbuild/aix-ppc64@0.23.1': - resolution: {integrity: sha512-6VhYk1diRqrhBAqpJEdjASR/+WVRtfjpqKuNw11cLiaWpAT/Uu+nokB+UJnevzy/P9C/ty6AOe0dwueMrGh/iQ==} - engines: {node: '>=18'} - cpu: [ppc64] - os: [aix] - - '@esbuild/android-arm64@0.23.1': - resolution: {integrity: sha512-xw50ipykXcLstLeWH7WRdQuysJqejuAGPd30vd1i5zSyKK3WE+ijzHmLKxdiCMtH1pHz78rOg0BKSYOSB/2Khw==} - engines: {node: '>=18'} - cpu: [arm64] - os: [android] - - '@esbuild/android-arm@0.23.1': - resolution: {integrity: sha512-uz6/tEy2IFm9RYOyvKl88zdzZfwEfKZmnX9Cj1BHjeSGNuGLuMD1kR8y5bteYmwqKm1tj8m4cb/aKEorr6fHWQ==} - engines: {node: '>=18'} - cpu: [arm] - os: [android] - - '@esbuild/android-x64@0.23.1': - resolution: {integrity: sha512-nlN9B69St9BwUoB+jkyU090bru8L0NA3yFvAd7k8dNsVH8bi9a8cUAUSEcEEgTp2z3dbEDGJGfP6VUnkQnlReg==} - engines: {node: '>=18'} - cpu: [x64] - os: [android] - - '@esbuild/darwin-arm64@0.23.1': - resolution: {integrity: sha512-YsS2e3Wtgnw7Wq53XXBLcV6JhRsEq8hkfg91ESVadIrzr9wO6jJDMZnCQbHm1Guc5t/CdDiFSSfWP58FNuvT3Q==} - engines: {node: '>=18'} - cpu: [arm64] - os: [darwin] - - '@esbuild/darwin-x64@0.23.1': - resolution: {integrity: sha512-aClqdgTDVPSEGgoCS8QDG37Gu8yc9lTHNAQlsztQ6ENetKEO//b8y31MMu2ZaPbn4kVsIABzVLXYLhCGekGDqw==} - engines: {node: '>=18'} - cpu: [x64] - os: [darwin] - - '@esbuild/freebsd-arm64@0.23.1': - resolution: {integrity: sha512-h1k6yS8/pN/NHlMl5+v4XPfikhJulk4G+tKGFIOwURBSFzE8bixw1ebjluLOjfwtLqY0kewfjLSrO6tN2MgIhA==} - engines: {node: '>=18'} - cpu: [arm64] - os: [freebsd] - - '@esbuild/freebsd-x64@0.23.1': - resolution: {integrity: sha512-lK1eJeyk1ZX8UklqFd/3A60UuZ/6UVfGT2LuGo3Wp4/z7eRTRYY+0xOu2kpClP+vMTi9wKOfXi2vjUpO1Ro76g==} - engines: {node: '>=18'} - cpu: [x64] - os: [freebsd] - - '@esbuild/linux-arm64@0.23.1': - resolution: {integrity: sha512-/93bf2yxencYDnItMYV/v116zff6UyTjo4EtEQjUBeGiVpMmffDNUyD9UN2zV+V3LRV3/on4xdZ26NKzn6754g==} - engines: {node: '>=18'} - cpu: [arm64] - os: [linux] - - '@esbuild/linux-arm@0.23.1': - resolution: {integrity: sha512-CXXkzgn+dXAPs3WBwE+Kvnrf4WECwBdfjfeYHpMeVxWE0EceB6vhWGShs6wi0IYEqMSIzdOF1XjQ/Mkm5d7ZdQ==} - engines: {node: '>=18'} - cpu: [arm] - os: [linux] - - '@esbuild/linux-ia32@0.23.1': - resolution: {integrity: sha512-VTN4EuOHwXEkXzX5nTvVY4s7E/Krz7COC8xkftbbKRYAl96vPiUssGkeMELQMOnLOJ8k3BY1+ZY52tttZnHcXQ==} - engines: {node: '>=18'} - cpu: [ia32] - os: [linux] - - '@esbuild/linux-loong64@0.23.1': - resolution: {integrity: sha512-Vx09LzEoBa5zDnieH8LSMRToj7ir/Jeq0Gu6qJ/1GcBq9GkfoEAoXvLiW1U9J1qE/Y/Oyaq33w5p2ZWrNNHNEw==} - engines: {node: '>=18'} - cpu: [loong64] - os: [linux] - - '@esbuild/linux-mips64el@0.23.1': - resolution: {integrity: sha512-nrFzzMQ7W4WRLNUOU5dlWAqa6yVeI0P78WKGUo7lg2HShq/yx+UYkeNSE0SSfSure0SqgnsxPvmAUu/vu0E+3Q==} - engines: {node: '>=18'} - cpu: [mips64el] - os: [linux] - - '@esbuild/linux-ppc64@0.23.1': - resolution: {integrity: sha512-dKN8fgVqd0vUIjxuJI6P/9SSSe/mB9rvA98CSH2sJnlZ/OCZWO1DJvxj8jvKTfYUdGfcq2dDxoKaC6bHuTlgcw==} - engines: {node: '>=18'} - cpu: [ppc64] - os: [linux] - - '@esbuild/linux-riscv64@0.23.1': - resolution: {integrity: sha512-5AV4Pzp80fhHL83JM6LoA6pTQVWgB1HovMBsLQ9OZWLDqVY8MVobBXNSmAJi//Csh6tcY7e7Lny2Hg1tElMjIA==} - engines: {node: '>=18'} - cpu: [riscv64] - os: [linux] - - '@esbuild/linux-s390x@0.23.1': - resolution: {integrity: sha512-9ygs73tuFCe6f6m/Tb+9LtYxWR4c9yg7zjt2cYkjDbDpV/xVn+68cQxMXCjUpYwEkze2RcU/rMnfIXNRFmSoDw==} - engines: {node: '>=18'} - cpu: [s390x] - os: [linux] - - '@esbuild/linux-x64@0.23.1': - resolution: {integrity: sha512-EV6+ovTsEXCPAp58g2dD68LxoP/wK5pRvgy0J/HxPGB009omFPv3Yet0HiaqvrIrgPTBuC6wCH1LTOY91EO5hQ==} - engines: {node: '>=18'} - cpu: [x64] - os: [linux] - - '@esbuild/netbsd-x64@0.23.1': - resolution: {integrity: sha512-aevEkCNu7KlPRpYLjwmdcuNz6bDFiE7Z8XC4CPqExjTvrHugh28QzUXVOZtiYghciKUacNktqxdpymplil1beA==} - engines: {node: '>=18'} - cpu: [x64] - os: [netbsd] - - '@esbuild/openbsd-arm64@0.23.1': - resolution: {integrity: sha512-3x37szhLexNA4bXhLrCC/LImN/YtWis6WXr1VESlfVtVeoFJBRINPJ3f0a/6LV8zpikqoUg4hyXw0sFBt5Cr+Q==} - engines: {node: '>=18'} - cpu: [arm64] - os: [openbsd] - - '@esbuild/openbsd-x64@0.23.1': - resolution: {integrity: sha512-aY2gMmKmPhxfU+0EdnN+XNtGbjfQgwZj43k8G3fyrDM/UdZww6xrWxmDkuz2eCZchqVeABjV5BpildOrUbBTqA==} - engines: {node: '>=18'} - cpu: [x64] - os: [openbsd] - - '@esbuild/sunos-x64@0.23.1': - resolution: {integrity: sha512-RBRT2gqEl0IKQABT4XTj78tpk9v7ehp+mazn2HbUeZl1YMdaGAQqhapjGTCe7uw7y0frDi4gS0uHzhvpFuI1sA==} - engines: {node: '>=18'} - cpu: [x64] - os: [sunos] - - '@esbuild/win32-arm64@0.23.1': - resolution: {integrity: sha512-4O+gPR5rEBe2FpKOVyiJ7wNDPA8nGzDuJ6gN4okSA1gEOYZ67N8JPk58tkWtdtPeLz7lBnY6I5L3jdsr3S+A6A==} - engines: {node: '>=18'} - cpu: [arm64] - os: [win32] - - '@esbuild/win32-ia32@0.23.1': - resolution: {integrity: sha512-BcaL0Vn6QwCwre3Y717nVHZbAa4UBEigzFm6VdsVdT/MbZ38xoj1X9HPkZhbmaBGUD1W8vxAfffbDe8bA6AKnQ==} - engines: {node: '>=18'} - cpu: [ia32] - os: [win32] - - '@esbuild/win32-x64@0.23.1': - resolution: {integrity: sha512-BHpFFeslkWrXWyUPnbKm+xYYVYruCinGcftSBaa8zoF9hZO4BcSCFUvHVTtzpIY6YzUnYtuEhZ+C9iEXjxnasg==} - engines: {node: '>=18'} - cpu: [x64] - os: [win32] - - '@graphile/logger@0.2.0': - resolution: {integrity: sha512-jjcWBokl9eb1gVJ85QmoaQ73CQ52xAaOCF29ukRbYNl6lY+ts0ErTaDYOBlejcbUs2OpaiqYLO5uDhyLFzWw4w==} - - '@jridgewell/resolve-uri@3.1.2': - resolution: {integrity: sha512-bRISgCIjP20/tbWSPWMEi54QVPRZExkuD9lJL+UIxUKtwVJA8wW1Trb1jMs1RFXo1CBTNZ/5hpC9QvmKWdopKw==} - engines: {node: '>=6.0.0'} - - '@jridgewell/sourcemap-codec@1.5.0': - resolution: {integrity: sha512-gv3ZRaISU3fjPAgNsriBRqGWQL6quFx04YMPW/zD8XMLsU32mhCCbfbO6KZFLjvYpCZ8zyDEgqsgf+PwPaM7GQ==} - - '@jridgewell/trace-mapping@0.3.9': - resolution: {integrity: sha512-3Belt6tdc8bPgAtbcmdtNJlirVoTmEb5e2gC94PnkwEW9jI6CAHUeoG85tjWP5WquqfavoMtMwiG4P926ZKKuQ==} - - '@noble/hashes@1.5.0': - resolution: {integrity: sha512-1j6kQFb7QRru7eKN3ZDvRcP13rugwdxZqCjbiAVZfIJwgj2A65UmT4TgARXGlXgnRkORLTDTrO19ZErt7+QXgA==} - engines: {node: ^14.21.3 || >=16} - - '@paralleldrive/cuid2@2.2.2': - resolution: {integrity: sha512-ZOBkgDwEdoYVlSeRbYYXs0S9MejQofiVYoTbKzy/6GQa39/q5tQU2IX46+shYnUkpEl3wc+J6wRlar7r2EK2xA==} - - '@smithy/abort-controller@3.1.1': - resolution: {integrity: sha512-MBJBiidoe+0cTFhyxT8g+9g7CeVccLM0IOKKUMCNQ1CNMJ/eIfoo0RTfVrXOONEI1UCN1W+zkiHSbzUNE9dZtQ==} - engines: {node: '>=16.0.0'} - - '@smithy/chunked-blob-reader-native@3.0.0': - resolution: {integrity: sha512-VDkpCYW+peSuM4zJip5WDfqvg2Mo/e8yxOv3VF1m11y7B8KKMKVFtmZWDe36Fvk8rGuWrPZHHXZ7rR7uM5yWyg==} - - '@smithy/chunked-blob-reader@3.0.0': - resolution: {integrity: sha512-sbnURCwjF0gSToGlsBiAmd1lRCmSn72nu9axfJu5lIx6RUEgHu6GwTMbqCdhQSi0Pumcm5vFxsi9XWXb2mTaoA==} - - '@smithy/config-resolver@3.0.5': - resolution: {integrity: sha512-SkW5LxfkSI1bUC74OtfBbdz+grQXYiPYolyu8VfpLIjEoN/sHVBlLeGXMQ1vX4ejkgfv6sxVbQJ32yF2cl1veA==} - engines: {node: '>=16.0.0'} - - '@smithy/core@2.4.0': - resolution: {integrity: sha512-cHXq+FneIF/KJbt4q4pjN186+Jf4ZB0ZOqEaZMBhT79srEyGDDBV31NqBRBjazz8ppQ1bJbDJMY9ba5wKFV36w==} - engines: {node: '>=16.0.0'} - - '@smithy/credential-provider-imds@3.2.0': - resolution: {integrity: sha512-0SCIzgd8LYZ9EJxUjLXBmEKSZR/P/w6l7Rz/pab9culE/RWuqelAKGJvn5qUOl8BgX8Yj5HWM50A5hiB/RzsgA==} - engines: {node: '>=16.0.0'} - - '@smithy/eventstream-codec@3.1.2': - resolution: {integrity: sha512-0mBcu49JWt4MXhrhRAlxASNy0IjDRFU+aWNDRal9OtUJvJNiwDuyKMUONSOjLjSCeGwZaE0wOErdqULer8r7yw==} - - '@smithy/eventstream-serde-browser@3.0.6': - resolution: {integrity: sha512-2hM54UWQUOrki4BtsUI1WzmD13/SeaqT/AB3EUJKbcver/WgKNaiJ5y5F5XXuVe6UekffVzuUDrBZVAA3AWRpQ==} - engines: {node: '>=16.0.0'} - - '@smithy/eventstream-serde-config-resolver@3.0.3': - resolution: {integrity: sha512-NVTYjOuYpGfrN/VbRQgn31x73KDLfCXCsFdad8DiIc3IcdxL+dYA9zEQPyOP7Fy2QL8CPy2WE4WCUD+ZsLNfaQ==} - engines: {node: '>=16.0.0'} - - '@smithy/eventstream-serde-node@3.0.5': - resolution: {integrity: sha512-+upXvnHNyZP095s11jF5dhGw/Ihzqwl5G+/KtMnoQOpdfC3B5HYCcDVG9EmgkhJMXJlM64PyN5gjJl0uXFQehQ==} - engines: {node: '>=16.0.0'} - - '@smithy/eventstream-serde-universal@3.0.5': - resolution: {integrity: sha512-5u/nXbyoh1s4QxrvNre9V6vfyoLWuiVvvd5TlZjGThIikc3G+uNiG9uOTCWweSRjv1asdDIWK7nOmN7le4RYHQ==} - engines: {node: '>=16.0.0'} - - '@smithy/fetch-http-handler@3.2.4': - resolution: {integrity: sha512-kBprh5Gs5h7ug4nBWZi1FZthdqSM+T7zMmsZxx0IBvWUn7dK3diz2SHn7Bs4dQGFDk8plDv375gzenDoNwrXjg==} - - '@smithy/hash-blob-browser@3.1.2': - resolution: {integrity: sha512-hAbfqN2UbISltakCC2TP0kx4LqXBttEv2MqSPE98gVuDFMf05lU+TpC41QtqGP3Ff5A3GwZMPfKnEy0VmEUpmg==} - - '@smithy/hash-node@3.0.3': - resolution: {integrity: sha512-2ctBXpPMG+B3BtWSGNnKELJ7SH9e4TNefJS0cd2eSkOOROeBnnVBnAy9LtJ8tY4vUEoe55N4CNPxzbWvR39iBw==} - engines: {node: '>=16.0.0'} - - '@smithy/hash-stream-node@3.1.2': - resolution: {integrity: sha512-PBgDMeEdDzi6JxKwbfBtwQG9eT9cVwsf0dZzLXoJF4sHKHs5HEo/3lJWpn6jibfJwT34I1EBXpBnZE8AxAft6g==} - engines: {node: '>=16.0.0'} - - '@smithy/invalid-dependency@3.0.3': - resolution: {integrity: sha512-ID1eL/zpDULmHJbflb864k72/SNOZCADRc9i7Exq3RUNJw6raWUSlFEQ+3PX3EYs++bTxZB2dE9mEHTQLv61tw==} - - '@smithy/is-array-buffer@2.2.0': - resolution: {integrity: sha512-GGP3O9QFD24uGeAXYUjwSTXARoqpZykHadOmA8G5vfJPK0/DC67qa//0qvqrJzL1xc8WQWX7/yc7fwudjPHPhA==} - engines: {node: '>=14.0.0'} - - '@smithy/is-array-buffer@3.0.0': - resolution: {integrity: sha512-+Fsu6Q6C4RSJiy81Y8eApjEB5gVtM+oFKTffg+jSuwtvomJJrhUJBu2zS8wjXSgH/g1MKEWrzyChTBe6clb5FQ==} - engines: {node: '>=16.0.0'} - - '@smithy/md5-js@3.0.3': - resolution: {integrity: sha512-O/SAkGVwpWmelpj/8yDtsaVe6sINHLB1q8YE/+ZQbDxIw3SRLbTZuRaI10K12sVoENdnHqzPp5i3/H+BcZ3m3Q==} - - '@smithy/middleware-content-length@3.0.5': - resolution: {integrity: sha512-ILEzC2eyxx6ncej3zZSwMpB5RJ0zuqH7eMptxC4KN3f+v9bqT8ohssKbhNR78k/2tWW+KS5Spw+tbPF4Ejyqvw==} - engines: {node: '>=16.0.0'} - - '@smithy/middleware-endpoint@3.1.0': - resolution: {integrity: sha512-5y5aiKCEwg9TDPB4yFE7H6tYvGFf1OJHNczeY10/EFF8Ir8jZbNntQJxMWNfeQjC1mxPsaQ6mR9cvQbf+0YeMw==} - engines: {node: '>=16.0.0'} - - '@smithy/middleware-retry@3.0.15': - resolution: {integrity: sha512-iTMedvNt1ApdvkaoE8aSDuwaoc+BhvHqttbA/FO4Ty+y/S5hW6Ci/CTScG7vam4RYJWZxdTElc3MEfHRVH6cgQ==} - engines: {node: '>=16.0.0'} - - '@smithy/middleware-serde@3.0.3': - resolution: {integrity: sha512-puUbyJQBcg9eSErFXjKNiGILJGtiqmuuNKEYNYfUD57fUl4i9+mfmThtQhvFXU0hCVG0iEJhvQUipUf+/SsFdA==} - engines: {node: '>=16.0.0'} - - '@smithy/middleware-stack@3.0.3': - resolution: {integrity: sha512-r4klY9nFudB0r9UdSMaGSyjyQK5adUyPnQN/ZM6M75phTxOdnc/AhpvGD1fQUvgmqjQEBGCwpnPbDm8pH5PapA==} - engines: {node: '>=16.0.0'} - - '@smithy/node-config-provider@3.1.4': - resolution: {integrity: sha512-YvnElQy8HR4vDcAjoy7Xkx9YT8xZP4cBXcbJSgm/kxmiQu08DwUwj8rkGnyoJTpfl/3xYHH+d8zE+eHqoDCSdQ==} - engines: {node: '>=16.0.0'} - - '@smithy/node-http-handler@3.1.4': - resolution: {integrity: sha512-+UmxgixgOr/yLsUxcEKGH0fMNVteJFGkmRltYFHnBMlogyFdpzn2CwqWmxOrfJELhV34v0WSlaqG1UtE1uXlJg==} - engines: {node: '>=16.0.0'} - - '@smithy/property-provider@3.1.3': - resolution: {integrity: sha512-zahyOVR9Q4PEoguJ/NrFP4O7SMAfYO1HLhB18M+q+Z4KFd4V2obiMnlVoUFzFLSPeVt1POyNWneHHrZaTMoc/g==} - engines: {node: '>=16.0.0'} - - '@smithy/protocol-http@4.1.0': - resolution: {integrity: sha512-dPVoHYQ2wcHooGXg3LQisa1hH0e4y0pAddPMeeUPipI1tEOqL6A4N0/G7abeq+K8wrwSgjk4C0wnD1XZpJm5aA==} - engines: {node: '>=16.0.0'} - - '@smithy/querystring-builder@3.0.3': - resolution: {integrity: sha512-vyWckeUeesFKzCDaRwWLUA1Xym9McaA6XpFfAK5qI9DKJ4M33ooQGqvM4J+LalH4u/Dq9nFiC8U6Qn1qi0+9zw==} - engines: {node: '>=16.0.0'} - - '@smithy/querystring-parser@3.0.3': - resolution: {integrity: sha512-zahM1lQv2YjmznnfQsWbYojFe55l0SLG/988brlLv1i8z3dubloLF+75ATRsqPBboUXsW6I9CPGE5rQgLfY0vQ==} - engines: {node: '>=16.0.0'} - - '@smithy/service-error-classification@3.0.3': - resolution: {integrity: sha512-Jn39sSl8cim/VlkLsUhRFq/dKDnRUFlfRkvhOJaUbLBXUsLRLNf9WaxDv/z9BjuQ3A6k/qE8af1lsqcwm7+DaQ==} - engines: {node: '>=16.0.0'} - - '@smithy/shared-ini-file-loader@3.1.4': - resolution: {integrity: sha512-qMxS4hBGB8FY2GQqshcRUy1K6k8aBWP5vwm8qKkCT3A9K2dawUwOIJfqh9Yste/Bl0J2lzosVyrXDj68kLcHXQ==} - engines: {node: '>=16.0.0'} - - '@smithy/signature-v4@4.1.0': - resolution: {integrity: sha512-aRryp2XNZeRcOtuJoxjydO6QTaVhxx/vjaR+gx7ZjaFgrgPRyZ3HCTbfwqYj6ZWEBHkCSUfcaymKPURaByukag==} - engines: {node: '>=16.0.0'} - - '@smithy/smithy-client@3.2.0': - resolution: {integrity: sha512-pDbtxs8WOhJLJSeaF/eAbPgXg4VVYFlRcL/zoNYA5WbG3wBL06CHtBSg53ppkttDpAJ/hdiede+xApip1CwSLw==} - engines: {node: '>=16.0.0'} - - '@smithy/types@3.3.0': - resolution: {integrity: sha512-IxvBBCTFDHbVoK7zIxqA1ZOdc4QfM5HM7rGleCuHi7L1wnKv5Pn69xXJQ9hgxH60ZVygH9/JG0jRgtUncE3QUA==} - engines: {node: '>=16.0.0'} - - '@smithy/url-parser@3.0.3': - resolution: {integrity: sha512-pw3VtZtX2rg+s6HMs6/+u9+hu6oY6U7IohGhVNnjbgKy86wcIsSZwgHrFR+t67Uyxvp4Xz3p3kGXXIpTNisq8A==} - - '@smithy/util-base64@3.0.0': - resolution: {integrity: sha512-Kxvoh5Qtt0CDsfajiZOCpJxgtPHXOKwmM+Zy4waD43UoEMA+qPxxa98aE/7ZhdnBFZFXMOiBR5xbcaMhLtznQQ==} - engines: {node: '>=16.0.0'} - - '@smithy/util-body-length-browser@3.0.0': - resolution: {integrity: sha512-cbjJs2A1mLYmqmyVl80uoLTJhAcfzMOyPgjwAYusWKMdLeNtzmMz9YxNl3/jRLoxSS3wkqkf0jwNdtXWtyEBaQ==} - - '@smithy/util-body-length-node@3.0.0': - resolution: {integrity: sha512-Tj7pZ4bUloNUP6PzwhN7K386tmSmEET9QtQg0TgdNOnxhZvCssHji+oZTUIuzxECRfG8rdm2PMw2WCFs6eIYkA==} - engines: {node: '>=16.0.0'} - - '@smithy/util-buffer-from@2.2.0': - resolution: {integrity: sha512-IJdWBbTcMQ6DA0gdNhh/BwrLkDR+ADW5Kr1aZmd4k3DIF6ezMV4R2NIAmT08wQJ3yUK82thHWmC/TnK/wpMMIA==} - engines: {node: '>=14.0.0'} - - '@smithy/util-buffer-from@3.0.0': - resolution: {integrity: sha512-aEOHCgq5RWFbP+UDPvPot26EJHjOC+bRgse5A8V3FSShqd5E5UN4qc7zkwsvJPPAVsf73QwYcHN1/gt/rtLwQA==} - engines: {node: '>=16.0.0'} - - '@smithy/util-config-provider@3.0.0': - resolution: {integrity: sha512-pbjk4s0fwq3Di/ANL+rCvJMKM5bzAQdE5S/6RL5NXgMExFAi6UgQMPOm5yPaIWPpr+EOXKXRonJ3FoxKf4mCJQ==} - engines: {node: '>=16.0.0'} - - '@smithy/util-defaults-mode-browser@3.0.15': - resolution: {integrity: sha512-FZ4Psa3vjp8kOXcd3HJOiDPBCWtiilLl57r0cnNtq/Ga9RSDrM5ERL6xt+tO43+2af6Pn5Yp92x2n5vPuduNfg==} - engines: {node: '>= 10.0.0'} - - '@smithy/util-defaults-mode-node@3.0.15': - resolution: {integrity: sha512-KSyAAx2q6d0t6f/S4XB2+3+6aQacm3aLMhs9aLMqn18uYGUepbdssfogW5JQZpc6lXNBnp0tEnR5e9CEKmEd7A==} - engines: {node: '>= 10.0.0'} - - '@smithy/util-endpoints@2.0.5': - resolution: {integrity: sha512-ReQP0BWihIE68OAblC/WQmDD40Gx+QY1Ez8mTdFMXpmjfxSyz2fVQu3A4zXRfQU9sZXtewk3GmhfOHswvX+eNg==} - engines: {node: '>=16.0.0'} - - '@smithy/util-hex-encoding@3.0.0': - resolution: {integrity: sha512-eFndh1WEK5YMUYvy3lPlVmYY/fZcQE1D8oSf41Id2vCeIkKJXPcYDCZD+4+xViI6b1XSd7tE+s5AmXzz5ilabQ==} - engines: {node: '>=16.0.0'} - - '@smithy/util-middleware@3.0.3': - resolution: {integrity: sha512-l+StyYYK/eO3DlVPbU+4Bi06Jjal+PFLSMmlWM1BEwyLxZ3aKkf1ROnoIakfaA7mC6uw3ny7JBkau4Yc+5zfWw==} - engines: {node: '>=16.0.0'} - - '@smithy/util-retry@3.0.3': - resolution: {integrity: sha512-AFw+hjpbtVApzpNDhbjNG5NA3kyoMs7vx0gsgmlJF4s+yz1Zlepde7J58zpIRIsdjc+emhpAITxA88qLkPF26w==} - engines: {node: '>=16.0.0'} - - '@smithy/util-stream@3.1.3': - resolution: {integrity: sha512-FIv/bRhIlAxC0U7xM1BCnF2aDRPq0UaelqBHkM2lsCp26mcBbgI0tCVTv+jGdsQLUmAMybua/bjDsSu8RQHbmw==} - engines: {node: '>=16.0.0'} - - '@smithy/util-uri-escape@3.0.0': - resolution: {integrity: sha512-LqR7qYLgZTD7nWLBecUi4aqolw8Mhza9ArpNEQ881MJJIU2sE5iHCK6TdyqqzcDLy0OPe10IY4T8ctVdtynubg==} - engines: {node: '>=16.0.0'} - - '@smithy/util-utf8@2.3.0': - resolution: {integrity: sha512-R8Rdn8Hy72KKcebgLiv8jQcQkXoLMOGGv5uI1/k0l+snqkOzQ1R0ChUBCxWMlBsFMekWjq0wRudIweFs7sKT5A==} - engines: {node: '>=14.0.0'} - - '@smithy/util-utf8@3.0.0': - resolution: {integrity: sha512-rUeT12bxFnplYDe815GXbq/oixEGHfRFFtcTF3YdDi/JaENIM6aSYYLJydG83UNzLXeRI5K8abYd/8Sp/QM0kA==} - engines: {node: '>=16.0.0'} - - '@smithy/util-waiter@3.1.2': - resolution: {integrity: sha512-4pP0EV3iTsexDx+8PPGAKCQpd/6hsQBaQhqWzU4hqKPHN5epPsxKbvUTIiYIHTxaKt6/kEaqPBpu/ufvfbrRzw==} - engines: {node: '>=16.0.0'} - - '@tsconfig/node10@1.0.11': - resolution: {integrity: sha512-DcRjDCujK/kCk/cUe8Xz8ZSpm8mS3mNNpta+jGCA6USEDfktlNvm1+IuZ9eTcDbNk41BHwpHHeW+N1lKCz4zOw==} - - '@tsconfig/node12@1.0.11': - resolution: {integrity: sha512-cqefuRsh12pWyGsIoBKJA9luFu3mRxCA+ORZvA4ktLSzIuCUtWVxGIuXigEwO5/ywWFMZ2QEGKWvkZG1zDMTag==} - - '@tsconfig/node14@1.0.3': - resolution: {integrity: sha512-ysT8mhdixWK6Hw3i1V2AeRqZ5WfXg1G43mqoYlM2nc6388Fq5jcXyr5mRsqViLx/GJYdoL0bfXD8nmF+Zn/Iow==} - - '@tsconfig/node16@1.0.4': - resolution: {integrity: sha512-vxhUy4J8lyeyinH7Azl1pdd43GJhZH/tP2weN8TntQblOY+A0XbT8DJk1/oCPuOOyg/Ja757rG0CgHcWC8OfMA==} - - '@types/chai@4.3.20': - resolution: {integrity: sha512-/pC9HAB5I/xMlc5FP77qjCnI16ChlJfW0tGa0IUcFn38VJrTV6DeZ60NU5KZBtaOZqjdpwTWohz5HU1RrhiYxQ==} - - '@types/debug@4.1.12': - resolution: {integrity: sha512-vIChWdVG3LG1SMxEvI/AK+FWJthlrqlTu7fbrlywTkkaONwk/UAGaULXRlf8vkzFBLVm0zkMdCquhL5aOjhXPQ==} - - '@types/interpret@1.1.3': - resolution: {integrity: sha512-uBaBhj/BhilG58r64mtDb/BEdH51HIQLgP5bmWzc5qCtFMja8dCk/IOJmk36j0lbi9QHwI6sbtUNGuqXdKCAtQ==} - - '@types/mocha@10.0.9': - resolution: {integrity: sha512-sicdRoWtYevwxjOHNMPTl3vSfJM6oyW8o1wXeI7uww6b6xHg8eBznQDNSGBCDJmsE8UMxP05JgZRtsKbTqt//Q==} - - '@types/ms@0.7.34': - resolution: {integrity: sha512-nG96G3Wp6acyAgJqGasjODb+acrI7KltPiRxzHPXnP3NgI28bpQDRv53olbqGXbfcgF5aiiHmO3xpwEpS5Ld9g==} - - '@types/node@20.16.3': - resolution: {integrity: sha512-/wdGiWRkMOm53gAsSyFMXFZHbVg7C6CbkrzHNpaHoYfsUWPg7m6ZRKtvQjgvQ9i8WT540a3ydRlRQbxjY30XxQ==} - - '@types/node@22.5.2': - resolution: {integrity: sha512-acJsPTEqYqulZS/Yp/S3GgeE6GZ0qYODUR8aVr/DkhHQ8l9nd4j5x1/ZJy9/gHrRlFMqkO6i0I3E27Alu4jjPg==} - - '@types/pg@8.11.8': - resolution: {integrity: sha512-IqpCf8/569txXN/HoP5i1LjXfKZWL76Yr2R77xgeIICUbAYHeoaEZFhYHo2uDftecLWrTJUq63JvQu8q3lnDyA==} - - '@types/retry@0.12.2': - resolution: {integrity: sha512-XISRgDJ2Tc5q4TRqvgJtzsRkFYNJzZrhTdtMoGVBttwzzQJkPnS3WWTFc7kuDRoPtPakl+T+OfdEUjYJj7Jbow==} - - '@types/semver@7.5.8': - resolution: {integrity: sha512-I8EUhyrgfLrcTkzV3TSsGyl1tSuPrEDzr0yd5m90UgNxQkyDXULk3b6MlQqTCpZpNtWe1K0hzclnZkTcLBe2UQ==} - - acorn-walk@8.3.3: - resolution: {integrity: sha512-MxXdReSRhGO7VlFe1bRG/oI7/mdLV9B9JJT0N8vZOhF7gFRR5l3M8W9G8JxmKV+JC5mGqJ0QvqfSOLsCPa4nUw==} - engines: {node: '>=0.4.0'} - - acorn@8.12.1: - resolution: {integrity: sha512-tcpGyI9zbizT9JbV6oYE477V6mTlXvvi0T0G3SNIYE2apm/G5huBa1+K89VGeovbg+jycCrfhl3ADxErOuO6Jg==} - engines: {node: '>=0.4.0'} - hasBin: true - - ansi-colors@4.1.3: - resolution: {integrity: sha512-/6w/C21Pm1A7aZitlI5Ni/2J6FFQN8i1Cvz3kHABAAbw93v/NlvKdVOqz7CCWz/3iv/JplRSEEZ83XION15ovw==} - engines: {node: '>=6'} - - ansi-regex@5.0.1: - resolution: {integrity: sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==} - engines: {node: '>=8'} - - ansi-styles@3.2.1: - resolution: {integrity: sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==} - engines: {node: '>=4'} - - ansi-styles@4.3.0: - resolution: {integrity: sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==} - engines: {node: '>=8'} - - anymatch@3.1.3: - resolution: {integrity: sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw==} - engines: {node: '>= 8'} - - arg@4.1.3: - resolution: {integrity: sha512-58S9QDqG0Xx27YwPSt9fJxivjYl432YCwfDMfZ+71RAqUrZef7LrKQZ3LHLOwCS4FLNBplP533Zx895SeOCHvA==} - - argparse@2.0.1: - resolution: {integrity: sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==} - - assertion-error@2.0.1: - resolution: {integrity: sha512-Izi8RQcffqCeNVgFigKli1ssklIbpHnCYc6AknXGYoB6grJqyeby7jv12JUQgmTAnIDnbck1uxksT4dzN3PWBA==} - engines: {node: '>=12'} - - balanced-match@1.0.2: - resolution: {integrity: sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==} - - base64-js@1.5.1: - resolution: {integrity: sha512-AKpaYlHn8t4SVbOHCy+b5+KKgvR4vrsD8vbvrbiQJps7fKDTkjkDry6ji0rUJjC0kzbNePLwzxq8iypo41qeWA==} - - binary-extensions@2.3.0: - resolution: {integrity: sha512-Ceh+7ox5qe7LJuLHoY0feh3pHuUDHAcRUeyL2VYghZwfpkNIy/+8Ocg0a3UuSoYzavmylwuLWQOf3hl0jjMMIw==} - engines: {node: '>=8'} - - bowser@2.11.0: - resolution: {integrity: sha512-AlcaJBi/pqqJBIQ8U9Mcpc9i8Aqxn88Skv5d+xBX006BY5u8N3mGLHa5Lgppa7L/HfwgwLgZ6NYs+Ag6uUmJRA==} - - brace-expansion@1.1.11: - resolution: {integrity: sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==} - - brace-expansion@2.0.1: - resolution: {integrity: sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==} - - braces@3.0.3: - resolution: {integrity: sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==} - engines: {node: '>=8'} - - browser-stdout@1.3.1: - resolution: {integrity: sha512-qhAVI1+Av2X7qelOfAIYwXONood6XlZE/fXaBSmW/T5SzLAmCgzi+eiWE7fUvbHaeNBQH13UftjpXxsfLkMpgw==} - - buffer@5.6.0: - resolution: {integrity: sha512-/gDYp/UtU0eA1ys8bOs9J6a+E/KWIY+DZ+Q2WESNUA0jFRsJOc0SNUO6xJ5SGA1xueg3NL65W6s+NY5l9cunuw==} - - callsites@3.1.0: - resolution: {integrity: sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==} - engines: {node: '>=6'} - - camelcase@6.3.0: - resolution: {integrity: sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==} - engines: {node: '>=10'} - - chai@5.1.2: - resolution: {integrity: sha512-aGtmf24DW6MLHHG5gCx4zaI3uBq3KRtxeVs0DjFH6Z0rDNbsvTxFASFvdj79pxjxZ8/5u3PIiN3IwEIQkiiuPw==} - engines: {node: '>=12'} - - chalk@2.4.2: - resolution: {integrity: sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==} - engines: {node: '>=4'} - - chalk@4.1.2: - resolution: {integrity: sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==} - engines: {node: '>=10'} - - check-error@2.1.1: - resolution: {integrity: sha512-OAlb+T7V4Op9OwdkjmguYRqncdlx5JiofwOAUkmTF+jNdHwzTaTs4sRAGpzLF3oOz5xAyDGrPgeIDFQmDOTiJw==} - engines: {node: '>= 16'} - - chokidar@3.6.0: - resolution: {integrity: sha512-7VT13fmjotKpGipCW9JEQAusEPE+Ei8nl6/g4FBAmIm0GOOLMua9NDDo/DWp0ZAxCr3cPq5ZpBqmPAQgDda2Pw==} - engines: {node: '>= 8.10.0'} - - cliui@7.0.4: - resolution: {integrity: sha512-OcRE68cOsVMXp1Yvonl/fzkQOyjLSu/8bhPDfQt0e0/Eb283TKP20Fs2MqoPsr9SwA595rRCA+QMzYc9nBP+JQ==} - - cliui@8.0.1: - resolution: {integrity: sha512-BSeNnyus75C4//NQ9gQt1/csTXyo/8Sb+afLAkzAptFuMsod9HFokGNudZpi/oQV73hnVK+sR+5PVRMd+Dr7YQ==} - engines: {node: '>=12'} - - color-convert@1.9.3: - resolution: {integrity: sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==} - - color-convert@2.0.1: - resolution: {integrity: sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==} - engines: {node: '>=7.0.0'} - - color-name@1.1.3: - resolution: {integrity: sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==} - - color-name@1.1.4: - resolution: {integrity: sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==} - - concat-map@0.0.1: - resolution: {integrity: sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==} - - cosmiconfig@8.3.6: - resolution: {integrity: sha512-kcZ6+W5QzcJ3P1Mt+83OUv/oHFqZHIx8DuxG6eZ5RGMERoLqp4BuGjhHLYGK+Kf5XVkQvqBSmAy/nGWN3qDgEA==} - engines: {node: '>=14'} - peerDependencies: - typescript: '>=4.9.5' - peerDependenciesMeta: - typescript: - optional: true - - create-require@1.1.1: - resolution: {integrity: sha512-dcKFX3jn0MpIaXjisoRvexIJVEKzaq7z2rZKxf+MSr9TkdmHmsU4m2lcLojrj/FHl8mk5VxMmYA+ftRkP/3oKQ==} - - debug@4.3.6: - resolution: {integrity: sha512-O/09Bd4Z1fBrU4VzkhFqVgpPzaGbw6Sm9FEkBT1A/YBXQFGuuSxa1dN2nxgxS34JmKXqYx8CZAwEVoJFImUXIg==} - engines: {node: '>=6.0'} - peerDependencies: - supports-color: '*' - peerDependenciesMeta: - supports-color: - optional: true - - decamelize@4.0.0: - resolution: {integrity: sha512-9iE1PgSik9HeIIw2JO94IidnE3eBoQrFJ3w7sFuzSX4DpmZ3v5sZpUiV5Swcf6mQEF+Y0ru8Neo+p+nyh2J+hQ==} - engines: {node: '>=10'} - - deep-eql@5.0.2: - resolution: {integrity: sha512-h5k/5U50IJJFpzfL6nO9jaaumfjO/f2NjK/oYB2Djzm4p9L+3T9qWpZqZ2hAbLPuuYq9wrU08WQyBTL5GbPk5Q==} - engines: {node: '>=6'} - - diff@4.0.2: - resolution: {integrity: sha512-58lmxKSA4BNyLz+HHMUzlOEpg09FV+ev6ZMe3vJihgdxzgcwZ8VoEEPmALCZG9LmqfVoNMMKpttIYTVG6uDY7A==} - engines: {node: '>=0.3.1'} - - diff@5.2.0: - resolution: {integrity: sha512-uIFDxqpRZGZ6ThOk84hEfqWoHx2devRFvpTZcTHur85vImfaxUbTW9Ryh4CpCuDnToOP1CEtXKIgytHBPVff5A==} - engines: {node: '>=0.3.1'} - - dotenv@16.4.5: - resolution: {integrity: sha512-ZmdL2rui+eB2YwhsWzjInR8LldtZHGDoQ1ugH85ppHKwpUHL7j7rN0Ti9NCnGiQbhaZ11FpR+7ao1dNsmduNUg==} - engines: {node: '>=12'} - - emoji-regex@8.0.0: - resolution: {integrity: sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==} - - error-ex@1.3.2: - resolution: {integrity: sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==} - - esbuild@0.23.1: - resolution: {integrity: sha512-VVNz/9Sa0bs5SELtn3f7qhJCDPCF5oMEl5cO9/SSinpE9hbPVvxbd572HH5AKiP7WD8INO53GgfDDhRjkylHEg==} - engines: {node: '>=18'} - hasBin: true - - escalade@3.2.0: - resolution: {integrity: sha512-WUj2qlxaQtO4g6Pq5c29GTcWGDyd8itL8zTlipgECz3JesAiiOKotd8JU6otB3PACgG6xkJUyVhboMS+bje/jA==} - engines: {node: '>=6'} - - escape-string-regexp@1.0.5: - resolution: {integrity: sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==} - engines: {node: '>=0.8.0'} - - escape-string-regexp@4.0.0: - resolution: {integrity: sha512-TtpcNJ3XAzx3Gq8sWRzJaVajRs0uVxA2YAkdb1jm2YkPz4G6egUFAyA3n5vtEIZefPk5Wa4UXbKuS5fKkJWdgA==} - engines: {node: '>=10'} - - events@3.3.0: - resolution: {integrity: sha512-mQw+2fkQbALzQ7V0MY0IqdnXNOeTtP4r0lN9z7AAawCXgqea7bDii20AYrIBrFd/Hx0M2Ocz6S111CaFkUcb0Q==} - engines: {node: '>=0.8.x'} - - fast-xml-parser@4.4.1: - resolution: {integrity: sha512-xkjOecfnKGkSsOwtZ5Pz7Us/T6mrbPQrq0nh+aCO5V9nk5NLWmasAHumTKjiPJPWANe+kAZ84Jc8ooJkzZ88Sw==} - hasBin: true - - fill-range@7.1.1: - resolution: {integrity: sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==} - engines: {node: '>=8'} - - find-up@5.0.0: - resolution: {integrity: sha512-78/PXT1wlLLDgTzDs7sjq9hzz0vXD+zn+7wypEe4fXQxCmdmqfGsEPQxmiCSQI3ajFV91bVSsvNtrJRiW6nGng==} - engines: {node: '>=10'} - - flat@5.0.2: - resolution: {integrity: sha512-b6suED+5/3rTpUBdG1gupIl8MPFCAMA0QXwmljLhvCUKcUvdE4gWky9zpuGCcXHOsz4J9wPGNWq6OKpmIzz3hQ==} - hasBin: true - - fs.realpath@1.0.0: - resolution: {integrity: sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==} - - fsevents@2.3.3: - resolution: {integrity: sha512-5xoDfX+fL7faATnagmWPpbFtwh/R77WmMMqqHGS65C3vvB0YHrgF+B1YmZ3441tMj5n63k0212XNoJwzlhffQw==} - engines: {node: ^8.16.0 || ^10.6.0 || >=11.0.0} - os: [darwin] - - get-caller-file@2.0.5: - resolution: {integrity: sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==} - engines: {node: 6.* || 8.* || >= 10.*} - - get-tsconfig@4.8.0: - resolution: {integrity: sha512-Pgba6TExTZ0FJAn1qkJAjIeKoDJ3CsI2ChuLohJnZl/tTU8MVrq3b+2t5UOPfRa4RMsorClBjJALkJUMjG1PAw==} - - glob-parent@5.1.2: - resolution: {integrity: sha512-AOIgSQCepiJYwP3ARnGx+5VnTu2HBYdzbGP45eLw1vr3zB3vZLeyed1sC9hnbcOc9/SrMyM5RPQrkGz4aS9Zow==} - engines: {node: '>= 6'} - - glob@8.1.0: - resolution: {integrity: sha512-r8hpEjiQEYlF2QU0df3dS+nxxSIreXQS1qRhMJM0Q5NDdR386C7jb7Hwwod8Fgiuex+k0GFjgft18yvxm5XoCQ==} - engines: {node: '>=12'} - deprecated: Glob versions prior to v9 are no longer supported - - graphile-config@0.0.1-beta.9: - resolution: {integrity: sha512-7vNxXZ24OAgXxDKXYi9JtgWPMuNbBL3057Yf32Ux+/rVP4+EePgySCc+NNnn0tORi8qwqVreN8bdWqGIcSwNXg==} - engines: {node: '>=16'} - - graphile-worker@0.16.6: - resolution: {integrity: sha512-e7gGYDmGqzju2l83MpzX8vNG/lOtVJiSzI3eZpAFubSxh/cxs7sRrRGBGjzBP1kNG0H+c95etPpNRNlH65PYhw==} - engines: {node: '>=14.0.0'} - hasBin: true - - has-flag@3.0.0: - resolution: {integrity: sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==} - engines: {node: '>=4'} - - has-flag@4.0.0: - resolution: {integrity: sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==} - engines: {node: '>=8'} - - he@1.2.0: - resolution: {integrity: sha512-F/1DnUGPopORZi0ni+CvrCgHQ5FyEAHRLSApuYWMmrbSwoN2Mn/7k+Gl38gJnR7yyDZk6WLXwiGod1JOWNDKGw==} - hasBin: true - - ieee754@1.2.1: - resolution: {integrity: sha512-dcyqhDvX1C46lXZcVqCpK+FtMRQVdIMN6/Df5js2zouUsqG7I6sFxitIC+7KYK29KdXOLHdu9zL4sFnoVQnqaA==} - - ignore-by-default@1.0.1: - resolution: {integrity: sha512-Ius2VYcGNk7T90CppJqcIkS5ooHUZyIQK+ClZfMfMNFEF9VSE73Fq+906u/CWu92x4gzZMWOwfFYckPObzdEbA==} - - import-fresh@3.3.0: - resolution: {integrity: sha512-veYYhQa+D1QBKznvhUHxb8faxlrwUnxseDAbAp457E0wLNio2bOSKnjYDhMj+YiAq61xrMGhQk9iXVk5FzgQMw==} - engines: {node: '>=6'} - - inflight@1.0.6: - resolution: {integrity: sha512-k92I/b08q4wvFscXCLvqfsHCrjrF7yiXsQuIVvVE7N82W3+aqpzuUdBbfhWcy/FZR3/4IgflMgKLOsvPDrGCJA==} - deprecated: This module is not supported, and leaks memory. Do not use it. Check out lru-cache if you want a good and tested way to coalesce async requests by a key value, which is much more comprehensive and powerful. - - inherits@2.0.4: - resolution: {integrity: sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==} - - interpret@3.1.1: - resolution: {integrity: sha512-6xwYfHbajpoF0xLW+iwLkhwgvLoZDfjYfoFNu8ftMoXINzwuymNLd9u/KmwtdT2GbR+/Cz66otEGEVVUHX9QLQ==} - engines: {node: '>=10.13.0'} - - is-arrayish@0.2.1: - resolution: {integrity: sha512-zz06S8t0ozoDXMG+ube26zeCTNXcKIPJZJi8hBrF4idCLms4CG9QtK7qBl1boi5ODzFpjswb5JPmHCbMpjaYzg==} - - is-binary-path@2.1.0: - resolution: {integrity: sha512-ZMERYes6pDydyuGidse7OsHxtbI7WVeUEozgR/g7rd0xUimYNlvZRE/K2MgZTjWy725IfelLeVcEM97mmtRGXw==} - engines: {node: '>=8'} - - is-extglob@2.1.1: - resolution: {integrity: sha512-SbKbANkN603Vi4jEZv49LeVJMn4yGwsbzZworEoyEiutsN3nJYdbO36zfhGJ6QEDpOZIFkDtnq5JRxmvl3jsoQ==} - engines: {node: '>=0.10.0'} - - is-fullwidth-code-point@3.0.0: - resolution: {integrity: sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==} - engines: {node: '>=8'} - - is-glob@4.0.3: - resolution: {integrity: sha512-xelSayHH36ZgE7ZWhli7pW34hNbNl8Ojv5KVmkJD4hBdD3th8Tfk9vYasLM+mXWOZhFkgZfxhLSnrwRr4elSSg==} - engines: {node: '>=0.10.0'} - - is-network-error@1.1.0: - resolution: {integrity: sha512-tUdRRAnhT+OtCZR/LxZelH/C7QtjtFrTu5tXCA8pl55eTUElUHT+GPYV8MBMBvea/j+NxQqVt3LbWMRir7Gx9g==} - engines: {node: '>=16'} - - is-number@7.0.0: - resolution: {integrity: sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==} - engines: {node: '>=0.12.0'} - - is-plain-obj@2.1.0: - resolution: {integrity: sha512-YWnfyRwxL/+SsrWYfOpUtz5b3YD+nyfkHvjbcanzk8zgyO4ASD67uVMRt8k5bM4lLMDnXfriRhOpemw+NfT1eA==} - engines: {node: '>=8'} - - is-unicode-supported@0.1.0: - resolution: {integrity: sha512-knxG2q4UC3u8stRGyAVJCOdxFmv5DZiRcdlIaAQXAbSfJya+OhopNotLQrstBhququ4ZpuKbDc/8S6mgXgPFPw==} - engines: {node: '>=10'} - - js-tokens@4.0.0: - resolution: {integrity: sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==} - - js-yaml@4.1.0: - resolution: {integrity: sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA==} - hasBin: true - - json-parse-even-better-errors@2.3.1: - resolution: {integrity: sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==} - - json5@2.2.3: - resolution: {integrity: sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==} - engines: {node: '>=6'} - hasBin: true - - lines-and-columns@1.2.4: - resolution: {integrity: sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg==} - - locate-path@6.0.0: - resolution: {integrity: sha512-iPZK6eYjbxRu3uB4/WZ3EsEIMJFMqAoopl3R+zuq0UjcAm/MO6KCweDgPfP3elTztoKP3KtnVHxTn2NHBSDVUw==} - engines: {node: '>=10'} - - log-symbols@4.1.0: - resolution: {integrity: sha512-8XPvpAA8uyhfteu8pIvQxpJZ7SYYdpUivZpGy6sFsBuKRY/7rQGavedeB8aK+Zkyq6upMFVL/9AW6vOYzfRyLg==} - engines: {node: '>=10'} - - loupe@3.1.2: - resolution: {integrity: sha512-23I4pFZHmAemUnz8WZXbYRSKYj801VDaNv9ETuMh7IrMc7VuVVSo+Z9iLE3ni30+U48iDWfi30d3twAXBYmnCg==} - - make-error@1.3.6: - resolution: {integrity: sha512-s8UhlNe7vPKomQhC1qFelMokr/Sc3AgNbso3n74mVPA5LTZwkB9NlXf4XPamLxJE8h0gh73rM94xvwRT2CVInw==} - - minimatch@3.1.2: - resolution: {integrity: sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==} - - minimatch@5.1.6: - resolution: {integrity: sha512-lKwV/1brpG6mBUFHtb7NUmtABCb2WZZmm2wNiOA5hAb8VdCS4B3dtMWyvcoViccwAW/COERjXLt0zP1zXUN26g==} - engines: {node: '>=10'} - - mocha@10.7.3: - resolution: {integrity: sha512-uQWxAu44wwiACGqjbPYmjo7Lg8sFrS3dQe7PP2FQI+woptP4vZXSMcfMyFL/e1yFEeEpV4RtyTpZROOKmxis+A==} - engines: {node: '>= 14.0.0'} - hasBin: true - - ms@2.1.2: - resolution: {integrity: sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==} - - ms@2.1.3: - resolution: {integrity: sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==} - - nodemon@3.1.4: - resolution: {integrity: sha512-wjPBbFhtpJwmIeY2yP7QF+UKzPfltVGtfce1g/bB15/8vCGZj8uxD62b/b9M9/WVgme0NZudpownKN+c0plXlQ==} - engines: {node: '>=10'} - hasBin: true - - normalize-path@3.0.0: - resolution: {integrity: sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==} - engines: {node: '>=0.10.0'} - - obuf@1.1.2: - resolution: {integrity: sha512-PX1wu0AmAdPqOL1mWhqmlOd8kOIZQwGZw6rh7uby9fTc5lhaOWFLX3I6R1hrF9k3zUY40e6igsLGkDXK92LJNg==} - - once@1.4.0: - resolution: {integrity: sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==} - - p-limit@3.1.0: - resolution: {integrity: sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==} - engines: {node: '>=10'} - - p-locate@5.0.0: - resolution: {integrity: sha512-LaNjtRWUBY++zB5nE/NwcaoMylSPk+S+ZHNB1TzdbMJMny6dynpAGt7X/tl/QYq3TIeE6nxHppbo2LGymrG5Pw==} - engines: {node: '>=10'} - - p-retry@6.2.0: - resolution: {integrity: sha512-JA6nkq6hKyWLLasXQXUrO4z8BUZGUt/LjlJxx8Gb2+2ntodU/SS63YZ8b0LUTbQ8ZB9iwOfhEPhg4ykKnn2KsA==} - engines: {node: '>=16.17'} - - parent-module@1.0.1: - resolution: {integrity: sha512-GQ2EWRpQV8/o+Aw8YqtfZZPfNRWZYkbidE9k5rpl/hC3vtHHBfGm2Ifi6qWV+coDGkrUKZAxE3Lot5kcsRlh+g==} - engines: {node: '>=6'} - - parse-json@5.2.0: - resolution: {integrity: sha512-ayCKvm/phCGxOkYRSCM82iDwct8/EonSEgCSxWxD7ve6jHggsFl4fZVQBPRNgQoKiuV/odhFrGzQXZwbifC8Rg==} - engines: {node: '>=8'} - - path-exists@4.0.0: - resolution: {integrity: sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==} - engines: {node: '>=8'} - - path-type@4.0.0: - resolution: {integrity: sha512-gDKb8aZMDeD/tZWs9P6+q0J9Mwkdl6xMV8TjnGP3qJVJ06bdMgkbBlLU8IdfOsIsFz2BW1rNVT3XuNEl8zPAvw==} - engines: {node: '>=8'} - - pathval@2.0.0: - resolution: {integrity: sha512-vE7JKRyES09KiunauX7nd2Q9/L7lhok4smP9RZTDeD4MVs72Dp2qNFVz39Nz5a0FVEW0BJR6C0DYrq6unoziZA==} - engines: {node: '>= 14.16'} - - pg-cloudflare@1.1.1: - resolution: {integrity: sha512-xWPagP/4B6BgFO+EKz3JONXv3YDgvkbVrGw2mTo3D6tVDQRh1e7cqVGvyR3BE+eQgAvx1XhW/iEASj4/jCWl3Q==} - - pg-connection-string@2.6.4: - resolution: {integrity: sha512-v+Z7W/0EO707aNMaAEfiGnGL9sxxumwLl2fJvCQtMn9Fxsg+lPpPkdcyBSv/KFgpGdYkMfn+EI1Or2EHjpgLCA==} - - pg-int8@1.0.1: - resolution: {integrity: sha512-WCtabS6t3c8SkpDBUlb1kjOs7l66xsGdKpIPZsg4wR+B3+u9UAum2odSsF9tnvxg80h4ZxLWMy4pRjOsFIqQpw==} - engines: {node: '>=4.0.0'} - - pg-numeric@1.0.2: - resolution: {integrity: sha512-BM/Thnrw5jm2kKLE5uJkXqqExRUY/toLHda65XgFTBTFYZyopbKjBe29Ii3RbkvlsMoFwD+tHeGaCjjv0gHlyw==} - engines: {node: '>=4'} - - pg-pool@3.6.2: - resolution: {integrity: sha512-Htjbg8BlwXqSBQ9V8Vjtc+vzf/6fVUuak/3/XXKA9oxZprwW3IMDQTGHP+KDmVL7rtd+R1QjbnCFPuTHm3G4hg==} - peerDependencies: - pg: '>=8.0' - - pg-protocol@1.6.1: - resolution: {integrity: sha512-jPIlvgoD63hrEuihvIg+tJhoGjUsLPn6poJY9N5CnlPd91c2T18T/9zBtLxZSb1EhYxBRoZJtzScCaWlYLtktg==} - - pg-types@2.2.0: - resolution: {integrity: sha512-qTAAlrEsl8s4OiEQY69wDvcMIdQN6wdz5ojQiOy6YRMuynxenON0O5oCpJI6lshc6scgAY8qvJ2On/p+CXY0GA==} - engines: {node: '>=4'} - - pg-types@4.0.2: - resolution: {integrity: sha512-cRL3JpS3lKMGsKaWndugWQoLOCoP+Cic8oseVcbr0qhPzYD5DWXK+RZ9LY9wxRf7RQia4SCwQlXk0q6FCPrVng==} - engines: {node: '>=10'} - - pg@8.12.0: - resolution: {integrity: sha512-A+LHUSnwnxrnL/tZ+OLfqR1SxLN3c/pgDztZ47Rpbsd4jUytsTtwQo/TLPRzPJMp/1pbhYVhH9cuSZLAajNfjQ==} - engines: {node: '>= 8.0.0'} - peerDependencies: - pg-native: '>=3.0.1' - peerDependenciesMeta: - pg-native: - optional: true - - pgpass@1.0.5: - resolution: {integrity: sha512-FdW9r/jQZhSeohs1Z3sI1yxFQNFvMcnmfuj4WBMUTxOrAyLMaTcE1aAMBiTlbMNaXvBCQuVi0R7hd8udDSP7ug==} - - picocolors@1.1.0: - resolution: {integrity: sha512-TQ92mBOW0l3LeMeyLV6mzy/kWr8lkd/hp3mTg7wYK7zJhuBStmGMBG0BdeDZS/dZx1IukaX6Bk11zcln25o1Aw==} - - picomatch@2.3.1: - resolution: {integrity: sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==} - engines: {node: '>=8.6'} - - postgres-array@2.0.0: - resolution: {integrity: sha512-VpZrUqU5A69eQyW2c5CA1jtLecCsN2U/bD6VilrFDWq5+5UIEVO7nazS3TEcHf1zuPYO/sqGvUvW62g86RXZuA==} - engines: {node: '>=4'} - - postgres-array@3.0.2: - resolution: {integrity: sha512-6faShkdFugNQCLwucjPcY5ARoW1SlbnrZjmGl0IrrqewpvxvhSLHimCVzqeuULCbG0fQv7Dtk1yDbG3xv7Veog==} - engines: {node: '>=12'} - - postgres-bytea@1.0.0: - resolution: {integrity: sha512-xy3pmLuQqRBZBXDULy7KbaitYqLcmxigw14Q5sj8QBVLqEwXfeybIKVWiqAXTlcvdvb0+xkOtDbfQMOf4lST1w==} - engines: {node: '>=0.10.0'} - - postgres-bytea@3.0.0: - resolution: {integrity: sha512-CNd4jim9RFPkObHSjVHlVrxoVQXz7quwNFpz7RY1okNNme49+sVyiTvTRobiLV548Hx/hb1BG+iE7h9493WzFw==} - engines: {node: '>= 6'} - - postgres-date@1.0.7: - resolution: {integrity: sha512-suDmjLVQg78nMK2UZ454hAG+OAW+HQPZ6n++TNDUX+L0+uUlLywnoxJKDou51Zm+zTCjrCl0Nq6J9C5hP9vK/Q==} - engines: {node: '>=0.10.0'} - - postgres-date@2.1.0: - resolution: {integrity: sha512-K7Juri8gtgXVcDfZttFKVmhglp7epKb1K4pgrkLxehjqkrgPhfG6OO8LHLkfaqkbpjNRnra018XwAr1yQFWGcA==} - engines: {node: '>=12'} - - postgres-interval@1.2.0: - resolution: {integrity: sha512-9ZhXKM/rw350N1ovuWHbGxnGh/SNJ4cnxHiM0rxE4VN41wsg8P8zWn9hv/buK00RP4WvlOyr/RBDiptyxVbkZQ==} - engines: {node: '>=0.10.0'} - - postgres-interval@3.0.0: - resolution: {integrity: sha512-BSNDnbyZCXSxgA+1f5UU2GmwhoI0aU5yMxRGO8CdFEcY2BQF9xm/7MqKnYoM1nJDk8nONNWDk9WeSmePFhQdlw==} - engines: {node: '>=12'} - - postgres-range@1.1.4: - resolution: {integrity: sha512-i/hbxIE9803Alj/6ytL7UHQxRvZkI9O4Sy+J3HGc4F4oo/2eQAjTSNJ0bfxyse3bH0nuVesCk+3IRLaMtG3H6w==} - - pstree.remy@1.1.8: - resolution: {integrity: sha512-77DZwxQmxKnu3aR542U+X8FypNzbfJ+C5XQDk3uWjWxn6151aIMGthWYRXTqT1E5oJvg+ljaa2OJi+VfvCOQ8w==} - - randombytes@2.1.0: - resolution: {integrity: sha512-vYl3iOX+4CKUWuxGi9Ukhie6fsqXqS9FE2Zaic4tNFD2N2QQaXOMFbuKK4QmDHC0JO6B1Zp41J0LpT0oR68amQ==} - - readable-stream@3.6.2: - resolution: {integrity: sha512-9u/sniCrY3D5WdsERHzHE4G2YCXqoG5FTHUiCC4SIbr6XcLZBY05ya9EKjYek9O5xOAwjGq+1JdGBAS7Q9ScoA==} - engines: {node: '>= 6'} - - readdirp@3.6.0: - resolution: {integrity: sha512-hOS089on8RduqdbhvQ5Z37A0ESjsqz6qnRcffsMU3495FuTdqSm+7bhJ29JvIOsBDEEnan5DPu9t3To9VRlMzA==} - engines: {node: '>=8.10.0'} - - require-directory@2.1.1: - resolution: {integrity: sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==} - engines: {node: '>=0.10.0'} - - resolve-from@4.0.0: - resolution: {integrity: sha512-pb/MYmXstAkysRFx8piNI1tGFNQIFA3vkE3Gq4EuA1dF6gHp/+vgZqsCGJapvy8N3Q+4o7FwvquPJcnZ7RYy4g==} - engines: {node: '>=4'} - - resolve-pkg-maps@1.0.0: - resolution: {integrity: sha512-seS2Tj26TBVOC2NIc2rOe2y2ZO7efxITtLZcGSOnHHNOQ7CkiUBfw0Iw2ck6xkIhPwLhKNLS8BO+hEpngQlqzw==} - - retry@0.13.1: - resolution: {integrity: sha512-XQBQ3I8W1Cge0Seh+6gjj03LbmRFWuoszgK9ooCpwYIrhhoO80pfq4cUkU5DkknwfOfFteRwlZ56PYOGYyFWdg==} - engines: {node: '>= 4'} - - safe-buffer@5.2.1: - resolution: {integrity: sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ==} - - semver@7.6.3: - resolution: {integrity: sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==} - engines: {node: '>=10'} - hasBin: true - - serialize-javascript@6.0.2: - resolution: {integrity: sha512-Saa1xPByTTq2gdeFZYLLo+RFE35NHZkAbqZeWNd3BpzppeVisAqpDjcp8dyf6uIvEqJRd46jemmyA4iFIeVk8g==} - - simple-update-notifier@2.0.0: - resolution: {integrity: sha512-a2B9Y0KlNXl9u/vsW6sTIu9vGEpfKu2wRV6l1H3XEas/0gUIzGzBoP/IouTcUQbm9JWZLH3COxyn03TYlFax6w==} - engines: {node: '>=10'} - - split2@4.2.0: - resolution: {integrity: sha512-UcjcJOWknrNkF6PLX83qcHM6KHgVKNkV62Y8a5uYDVv9ydGQVwAHMKqHdJje1VTWpljG0WYpCDhrCdAOYH4TWg==} - engines: {node: '>= 10.x'} - - stream-browserify@3.0.0: - resolution: {integrity: sha512-H73RAHsVBapbim0tU2JwwOiXUj+fikfiaoYAKHF3VJfA0pe2BCzkhAHBlLG6REzE+2WNZcxOXjK7lkso+9euLA==} - - string-width@4.2.3: - resolution: {integrity: sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==} - engines: {node: '>=8'} - - string_decoder@1.3.0: - resolution: {integrity: sha512-hkRX8U1WjJFd8LsDJ2yQ/wWWxaopEsABU1XfkM8A+j0+85JAGppt16cr1Whg6KIbb4okU6Mql6BOj+uup/wKeA==} - - strip-ansi@6.0.1: - resolution: {integrity: sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==} - engines: {node: '>=8'} - - strip-json-comments@3.1.1: - resolution: {integrity: sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==} - engines: {node: '>=8'} - - strnum@1.0.5: - resolution: {integrity: sha512-J8bbNyKKXl5qYcR36TIO8W3mVGVHrmmxsd5PAItGkmyzwJvybiw2IVq5nqd0i4LSNSkB/sx9VHllbfFdr9k1JA==} - - supports-color@5.5.0: - resolution: {integrity: sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==} - engines: {node: '>=4'} - - supports-color@7.2.0: - resolution: {integrity: sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==} - engines: {node: '>=8'} - - supports-color@8.1.1: - resolution: {integrity: sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==} - engines: {node: '>=10'} - - to-regex-range@5.0.1: - resolution: {integrity: sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==} - engines: {node: '>=8.0'} - - touch@3.1.1: - resolution: {integrity: sha512-r0eojU4bI8MnHr8c5bNo7lJDdI2qXlWWJk6a9EAFG7vbhTjElYhBVS3/miuE0uOuoLdb8Mc/rVfsmm6eo5o9GA==} - hasBin: true - - ts-node@10.9.2: - resolution: {integrity: sha512-f0FFpIdcHgn8zcPSbf1dRevwt047YMnaiJM3u2w2RewrB+fob/zePZcrOyQoLMMO7aBIddLcQIEK5dYjkLnGrQ==} - hasBin: true - peerDependencies: - '@swc/core': '>=1.2.50' - '@swc/wasm': '>=1.2.50' - '@types/node': '*' - typescript: '>=2.7' - peerDependenciesMeta: - '@swc/core': - optional: true - '@swc/wasm': - optional: true - - tslib@2.7.0: - resolution: {integrity: sha512-gLXCKdN1/j47AiHiOkJN69hJmcbGTHI0ImLmbYLHykhgeN0jVGola9yVjFgzCUklsZQMW55o+dW7IXv3RCXDzA==} - - tsx@4.19.0: - resolution: {integrity: sha512-bV30kM7bsLZKZIOCHeMNVMJ32/LuJzLVajkQI/qf92J2Qr08ueLQvW00PUZGiuLPP760UINwupgUj8qrSCPUKg==} - engines: {node: '>=18.0.0'} - hasBin: true - - typescript@5.5.4: - resolution: {integrity: sha512-Mtq29sKDAEYP7aljRgtPOpTvOfbwRWlS6dPRzwjdE+C0R4brX/GUyhHSecbHMFLNBLcJIPt9nl9yG5TZ1weH+Q==} - engines: {node: '>=14.17'} - hasBin: true - - undefsafe@2.0.5: - resolution: {integrity: sha512-WxONCrssBM8TSPRqN5EmsjVrsv4A8X12J4ArBiiayv3DyyG3ZlIg6yysuuSYdZsVz3TKcTg2fd//Ujd4CHV1iA==} - - undici-types@6.19.8: - resolution: {integrity: sha512-ve2KP6f/JnbPBFyobGHuerC9g1FYGn/F8n1LWTwNxCEzd6IfqTwUQcNXgEtmmQ6DlRrC1hrSrBnCZPokRrDHjw==} - - util-deprecate@1.0.2: - resolution: {integrity: sha512-EPD5q1uXyFxJpCrLnCc1nHnq3gOa6DZBocAIiI2TaSCA7VCJ1UJDMagCzIkXNsUYfD1daK//LTEQ8xiIbrHtcw==} - - uuid@9.0.1: - resolution: {integrity: sha512-b+1eJOlsR9K8HJpow9Ok3fiWOWSIcIzXodvv0rQjVoOVNpWMpxf1wZNpt4y9h10odCNrqnYp1OBzRktckBe3sA==} - hasBin: true - - v8-compile-cache-lib@3.0.1: - resolution: {integrity: sha512-wa7YjyUGfNZngI/vtK0UHAN+lgDCxBPCylVXGp0zu59Fz5aiGtNXaq3DhIov063MorB+VfufLh3JlF2KdTK3xg==} - - workerpool@6.5.1: - resolution: {integrity: sha512-Fs4dNYcsdpYSAfVxhnl1L5zTksjvOJxtC5hzMNl+1t9B8hTJTdKDyZ5ju7ztgPy+ft9tBFXoOlDNiOT9WUXZlA==} - - wrap-ansi@7.0.0: - resolution: {integrity: sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==} - engines: {node: '>=10'} - - wrappy@1.0.2: - resolution: {integrity: sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==} - - xtend@4.0.2: - resolution: {integrity: sha512-LKYU1iAXJXUgAXn9URjiu+MWhyUXHsvfp7mcuYm9dSUKK0/CjtrUwFAxD82/mCWbtLsGjFIad0wIsod4zrTAEQ==} - engines: {node: '>=0.4'} - - y18n@5.0.8: - resolution: {integrity: sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==} - engines: {node: '>=10'} - - yargs-parser@20.2.9: - resolution: {integrity: sha512-y11nGElTIV+CT3Zv9t7VKl+Q3hTQoT9a1Qzezhhl6Rp21gJ/IVTW7Z3y9EWXhuUBC2Shnf+DX0antecpAwSP8w==} - engines: {node: '>=10'} - - yargs-parser@21.1.1: - resolution: {integrity: sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw==} - engines: {node: '>=12'} - - yargs-unparser@2.0.0: - resolution: {integrity: sha512-7pRTIA9Qc1caZ0bZ6RYRGbHJthJWuakf+WmHK0rVeLkNrrGhfoabBNdue6kdINI6r4if7ocq9aD/n7xwKOdzOA==} - engines: {node: '>=10'} - - yargs@16.2.0: - resolution: {integrity: sha512-D1mvvtDG0L5ft/jGWkLpG1+m0eQxOfaBvTNELraWj22wSVUMWxZUvYgJYcKh6jGGIkJFhH4IZPQhR4TKpc8mBw==} - engines: {node: '>=10'} - - yargs@17.7.2: - resolution: {integrity: sha512-7dSzzRQ++CKnNI/krKnYRV7JKKPUXMEh61soaHKg9mrWEhzFWhFnxPxGl+69cD1Ou63C13NUPCnmIcrvqCuM6w==} - engines: {node: '>=12'} - - yn@3.1.1: - resolution: {integrity: sha512-Ux4ygGWsu2c7isFWe8Yu1YluJmqVhxqK2cLXNQA5AcC3QfbGNpM7fu0Y8b/z16pXLnFxZYvWhd3fhBY9DLmC6Q==} - engines: {node: '>=6'} - - yocto-queue@0.1.0: - resolution: {integrity: sha512-rVksvsnNCdJ/ohGc6xgPwyN8eheCxsiLM8mxuE/t/mOVqJewPuO1miLpTHQiRgTKCLexL4MeAFVagts7HmNZ2Q==} - engines: {node: '>=10'} - -snapshots: - - '@aws-crypto/crc32@5.2.0': - dependencies: - '@aws-crypto/util': 5.2.0 - '@aws-sdk/types': 3.609.0 - tslib: 2.7.0 - - '@aws-crypto/crc32c@5.2.0': - dependencies: - '@aws-crypto/util': 5.2.0 - '@aws-sdk/types': 3.609.0 - tslib: 2.7.0 - - '@aws-crypto/sha1-browser@5.2.0': - dependencies: - '@aws-crypto/supports-web-crypto': 5.2.0 - '@aws-crypto/util': 5.2.0 - '@aws-sdk/types': 3.609.0 - '@aws-sdk/util-locate-window': 3.568.0 - '@smithy/util-utf8': 2.3.0 - tslib: 2.7.0 - - '@aws-crypto/sha256-browser@5.2.0': - dependencies: - '@aws-crypto/sha256-js': 5.2.0 - '@aws-crypto/supports-web-crypto': 5.2.0 - '@aws-crypto/util': 5.2.0 - '@aws-sdk/types': 3.609.0 - '@aws-sdk/util-locate-window': 3.568.0 - '@smithy/util-utf8': 2.3.0 - tslib: 2.7.0 - - '@aws-crypto/sha256-js@5.2.0': - dependencies: - '@aws-crypto/util': 5.2.0 - '@aws-sdk/types': 3.609.0 - tslib: 2.7.0 - - '@aws-crypto/supports-web-crypto@5.2.0': - dependencies: - tslib: 2.7.0 - - '@aws-crypto/util@5.2.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/util-utf8': 2.3.0 - tslib: 2.7.0 - - '@aws-sdk/client-s3@3.637.0': - dependencies: - '@aws-crypto/sha1-browser': 5.2.0 - '@aws-crypto/sha256-browser': 5.2.0 - '@aws-crypto/sha256-js': 5.2.0 - '@aws-sdk/client-sso-oidc': 3.637.0(@aws-sdk/client-sts@3.637.0) - '@aws-sdk/client-sts': 3.637.0 - '@aws-sdk/core': 3.635.0 - '@aws-sdk/credential-provider-node': 3.637.0(@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0))(@aws-sdk/client-sts@3.637.0) - '@aws-sdk/middleware-bucket-endpoint': 3.620.0 - '@aws-sdk/middleware-expect-continue': 3.620.0 - '@aws-sdk/middleware-flexible-checksums': 3.620.0 - '@aws-sdk/middleware-host-header': 3.620.0 - '@aws-sdk/middleware-location-constraint': 3.609.0 - '@aws-sdk/middleware-logger': 3.609.0 - '@aws-sdk/middleware-recursion-detection': 3.620.0 - '@aws-sdk/middleware-sdk-s3': 3.635.0 - '@aws-sdk/middleware-ssec': 3.609.0 - '@aws-sdk/middleware-user-agent': 3.637.0 - '@aws-sdk/region-config-resolver': 3.614.0 - '@aws-sdk/signature-v4-multi-region': 3.635.0 - '@aws-sdk/types': 3.609.0 - '@aws-sdk/util-endpoints': 3.637.0 - '@aws-sdk/util-user-agent-browser': 3.609.0 - '@aws-sdk/util-user-agent-node': 3.614.0 - '@aws-sdk/xml-builder': 3.609.0 - '@smithy/config-resolver': 3.0.5 - '@smithy/core': 2.4.0 - '@smithy/eventstream-serde-browser': 3.0.6 - '@smithy/eventstream-serde-config-resolver': 3.0.3 - '@smithy/eventstream-serde-node': 3.0.5 - '@smithy/fetch-http-handler': 3.2.4 - '@smithy/hash-blob-browser': 3.1.2 - '@smithy/hash-node': 3.0.3 - '@smithy/hash-stream-node': 3.1.2 - '@smithy/invalid-dependency': 3.0.3 - '@smithy/md5-js': 3.0.3 - '@smithy/middleware-content-length': 3.0.5 - '@smithy/middleware-endpoint': 3.1.0 - '@smithy/middleware-retry': 3.0.15 - '@smithy/middleware-serde': 3.0.3 - '@smithy/middleware-stack': 3.0.3 - '@smithy/node-config-provider': 3.1.4 - '@smithy/node-http-handler': 3.1.4 - '@smithy/protocol-http': 4.1.0 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - '@smithy/url-parser': 3.0.3 - '@smithy/util-base64': 3.0.0 - '@smithy/util-body-length-browser': 3.0.0 - '@smithy/util-body-length-node': 3.0.0 - '@smithy/util-defaults-mode-browser': 3.0.15 - '@smithy/util-defaults-mode-node': 3.0.15 - '@smithy/util-endpoints': 2.0.5 - '@smithy/util-middleware': 3.0.3 - '@smithy/util-retry': 3.0.3 - '@smithy/util-stream': 3.1.3 - '@smithy/util-utf8': 3.0.0 - '@smithy/util-waiter': 3.1.2 - tslib: 2.7.0 - transitivePeerDependencies: - - aws-crt - - '@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0)': - dependencies: - '@aws-crypto/sha256-browser': 5.2.0 - '@aws-crypto/sha256-js': 5.2.0 - '@aws-sdk/client-sts': 3.637.0 - '@aws-sdk/core': 3.635.0 - '@aws-sdk/credential-provider-node': 3.637.0(@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0))(@aws-sdk/client-sts@3.637.0) - '@aws-sdk/middleware-host-header': 3.620.0 - '@aws-sdk/middleware-logger': 3.609.0 - '@aws-sdk/middleware-recursion-detection': 3.620.0 - '@aws-sdk/middleware-user-agent': 3.637.0 - '@aws-sdk/region-config-resolver': 3.614.0 - '@aws-sdk/types': 3.609.0 - '@aws-sdk/util-endpoints': 3.637.0 - '@aws-sdk/util-user-agent-browser': 3.609.0 - '@aws-sdk/util-user-agent-node': 3.614.0 - '@smithy/config-resolver': 3.0.5 - '@smithy/core': 2.4.0 - '@smithy/fetch-http-handler': 3.2.4 - '@smithy/hash-node': 3.0.3 - '@smithy/invalid-dependency': 3.0.3 - '@smithy/middleware-content-length': 3.0.5 - '@smithy/middleware-endpoint': 3.1.0 - '@smithy/middleware-retry': 3.0.15 - '@smithy/middleware-serde': 3.0.3 - '@smithy/middleware-stack': 3.0.3 - '@smithy/node-config-provider': 3.1.4 - '@smithy/node-http-handler': 3.1.4 - '@smithy/protocol-http': 4.1.0 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - '@smithy/url-parser': 3.0.3 - '@smithy/util-base64': 3.0.0 - '@smithy/util-body-length-browser': 3.0.0 - '@smithy/util-body-length-node': 3.0.0 - '@smithy/util-defaults-mode-browser': 3.0.15 - '@smithy/util-defaults-mode-node': 3.0.15 - '@smithy/util-endpoints': 2.0.5 - '@smithy/util-middleware': 3.0.3 - '@smithy/util-retry': 3.0.3 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - transitivePeerDependencies: - - aws-crt - - '@aws-sdk/client-sso@3.637.0': - dependencies: - '@aws-crypto/sha256-browser': 5.2.0 - '@aws-crypto/sha256-js': 5.2.0 - '@aws-sdk/core': 3.635.0 - '@aws-sdk/middleware-host-header': 3.620.0 - '@aws-sdk/middleware-logger': 3.609.0 - '@aws-sdk/middleware-recursion-detection': 3.620.0 - '@aws-sdk/middleware-user-agent': 3.637.0 - '@aws-sdk/region-config-resolver': 3.614.0 - '@aws-sdk/types': 3.609.0 - '@aws-sdk/util-endpoints': 3.637.0 - '@aws-sdk/util-user-agent-browser': 3.609.0 - '@aws-sdk/util-user-agent-node': 3.614.0 - '@smithy/config-resolver': 3.0.5 - '@smithy/core': 2.4.0 - '@smithy/fetch-http-handler': 3.2.4 - '@smithy/hash-node': 3.0.3 - '@smithy/invalid-dependency': 3.0.3 - '@smithy/middleware-content-length': 3.0.5 - '@smithy/middleware-endpoint': 3.1.0 - '@smithy/middleware-retry': 3.0.15 - '@smithy/middleware-serde': 3.0.3 - '@smithy/middleware-stack': 3.0.3 - '@smithy/node-config-provider': 3.1.4 - '@smithy/node-http-handler': 3.1.4 - '@smithy/protocol-http': 4.1.0 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - '@smithy/url-parser': 3.0.3 - '@smithy/util-base64': 3.0.0 - '@smithy/util-body-length-browser': 3.0.0 - '@smithy/util-body-length-node': 3.0.0 - '@smithy/util-defaults-mode-browser': 3.0.15 - '@smithy/util-defaults-mode-node': 3.0.15 - '@smithy/util-endpoints': 2.0.5 - '@smithy/util-middleware': 3.0.3 - '@smithy/util-retry': 3.0.3 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - transitivePeerDependencies: - - aws-crt - - '@aws-sdk/client-sts@3.637.0': - dependencies: - '@aws-crypto/sha256-browser': 5.2.0 - '@aws-crypto/sha256-js': 5.2.0 - '@aws-sdk/client-sso-oidc': 3.637.0(@aws-sdk/client-sts@3.637.0) - '@aws-sdk/core': 3.635.0 - '@aws-sdk/credential-provider-node': 3.637.0(@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0))(@aws-sdk/client-sts@3.637.0) - '@aws-sdk/middleware-host-header': 3.620.0 - '@aws-sdk/middleware-logger': 3.609.0 - '@aws-sdk/middleware-recursion-detection': 3.620.0 - '@aws-sdk/middleware-user-agent': 3.637.0 - '@aws-sdk/region-config-resolver': 3.614.0 - '@aws-sdk/types': 3.609.0 - '@aws-sdk/util-endpoints': 3.637.0 - '@aws-sdk/util-user-agent-browser': 3.609.0 - '@aws-sdk/util-user-agent-node': 3.614.0 - '@smithy/config-resolver': 3.0.5 - '@smithy/core': 2.4.0 - '@smithy/fetch-http-handler': 3.2.4 - '@smithy/hash-node': 3.0.3 - '@smithy/invalid-dependency': 3.0.3 - '@smithy/middleware-content-length': 3.0.5 - '@smithy/middleware-endpoint': 3.1.0 - '@smithy/middleware-retry': 3.0.15 - '@smithy/middleware-serde': 3.0.3 - '@smithy/middleware-stack': 3.0.3 - '@smithy/node-config-provider': 3.1.4 - '@smithy/node-http-handler': 3.1.4 - '@smithy/protocol-http': 4.1.0 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - '@smithy/url-parser': 3.0.3 - '@smithy/util-base64': 3.0.0 - '@smithy/util-body-length-browser': 3.0.0 - '@smithy/util-body-length-node': 3.0.0 - '@smithy/util-defaults-mode-browser': 3.0.15 - '@smithy/util-defaults-mode-node': 3.0.15 - '@smithy/util-endpoints': 2.0.5 - '@smithy/util-middleware': 3.0.3 - '@smithy/util-retry': 3.0.3 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - transitivePeerDependencies: - - aws-crt - - '@aws-sdk/core@3.635.0': - dependencies: - '@smithy/core': 2.4.0 - '@smithy/node-config-provider': 3.1.4 - '@smithy/property-provider': 3.1.3 - '@smithy/protocol-http': 4.1.0 - '@smithy/signature-v4': 4.1.0 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - '@smithy/util-middleware': 3.0.3 - fast-xml-parser: 4.4.1 - tslib: 2.7.0 - - '@aws-sdk/credential-provider-env@3.620.1': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/property-provider': 3.1.3 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/credential-provider-http@3.635.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/fetch-http-handler': 3.2.4 - '@smithy/node-http-handler': 3.1.4 - '@smithy/property-provider': 3.1.3 - '@smithy/protocol-http': 4.1.0 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - '@smithy/util-stream': 3.1.3 - tslib: 2.7.0 - - '@aws-sdk/credential-provider-ini@3.637.0(@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0))(@aws-sdk/client-sts@3.637.0)': - dependencies: - '@aws-sdk/client-sts': 3.637.0 - '@aws-sdk/credential-provider-env': 3.620.1 - '@aws-sdk/credential-provider-http': 3.635.0 - '@aws-sdk/credential-provider-process': 3.620.1 - '@aws-sdk/credential-provider-sso': 3.637.0(@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0)) - '@aws-sdk/credential-provider-web-identity': 3.621.0(@aws-sdk/client-sts@3.637.0) - '@aws-sdk/types': 3.609.0 - '@smithy/credential-provider-imds': 3.2.0 - '@smithy/property-provider': 3.1.3 - '@smithy/shared-ini-file-loader': 3.1.4 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - transitivePeerDependencies: - - '@aws-sdk/client-sso-oidc' - - aws-crt - - '@aws-sdk/credential-provider-node@3.637.0(@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0))(@aws-sdk/client-sts@3.637.0)': - dependencies: - '@aws-sdk/credential-provider-env': 3.620.1 - '@aws-sdk/credential-provider-http': 3.635.0 - '@aws-sdk/credential-provider-ini': 3.637.0(@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0))(@aws-sdk/client-sts@3.637.0) - '@aws-sdk/credential-provider-process': 3.620.1 - '@aws-sdk/credential-provider-sso': 3.637.0(@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0)) - '@aws-sdk/credential-provider-web-identity': 3.621.0(@aws-sdk/client-sts@3.637.0) - '@aws-sdk/types': 3.609.0 - '@smithy/credential-provider-imds': 3.2.0 - '@smithy/property-provider': 3.1.3 - '@smithy/shared-ini-file-loader': 3.1.4 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - transitivePeerDependencies: - - '@aws-sdk/client-sso-oidc' - - '@aws-sdk/client-sts' - - aws-crt - - '@aws-sdk/credential-provider-process@3.620.1': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/property-provider': 3.1.3 - '@smithy/shared-ini-file-loader': 3.1.4 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/credential-provider-sso@3.637.0(@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0))': - dependencies: - '@aws-sdk/client-sso': 3.637.0 - '@aws-sdk/token-providers': 3.614.0(@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0)) - '@aws-sdk/types': 3.609.0 - '@smithy/property-provider': 3.1.3 - '@smithy/shared-ini-file-loader': 3.1.4 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - transitivePeerDependencies: - - '@aws-sdk/client-sso-oidc' - - aws-crt - - '@aws-sdk/credential-provider-web-identity@3.621.0(@aws-sdk/client-sts@3.637.0)': - dependencies: - '@aws-sdk/client-sts': 3.637.0 - '@aws-sdk/types': 3.609.0 - '@smithy/property-provider': 3.1.3 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/lib-storage@3.637.0(@aws-sdk/client-s3@3.637.0)': - dependencies: - '@aws-sdk/client-s3': 3.637.0 - '@smithy/abort-controller': 3.1.1 - '@smithy/middleware-endpoint': 3.1.0 - '@smithy/smithy-client': 3.2.0 - buffer: 5.6.0 - events: 3.3.0 - stream-browserify: 3.0.0 - tslib: 2.7.0 - - '@aws-sdk/middleware-bucket-endpoint@3.620.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@aws-sdk/util-arn-parser': 3.568.0 - '@smithy/node-config-provider': 3.1.4 - '@smithy/protocol-http': 4.1.0 - '@smithy/types': 3.3.0 - '@smithy/util-config-provider': 3.0.0 - tslib: 2.7.0 - - '@aws-sdk/middleware-expect-continue@3.620.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/protocol-http': 4.1.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/middleware-flexible-checksums@3.620.0': - dependencies: - '@aws-crypto/crc32': 5.2.0 - '@aws-crypto/crc32c': 5.2.0 - '@aws-sdk/types': 3.609.0 - '@smithy/is-array-buffer': 3.0.0 - '@smithy/protocol-http': 4.1.0 - '@smithy/types': 3.3.0 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - - '@aws-sdk/middleware-host-header@3.620.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/protocol-http': 4.1.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/middleware-location-constraint@3.609.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/middleware-logger@3.609.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/middleware-recursion-detection@3.620.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/protocol-http': 4.1.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/middleware-sdk-s3@3.635.0': - dependencies: - '@aws-sdk/core': 3.635.0 - '@aws-sdk/types': 3.609.0 - '@aws-sdk/util-arn-parser': 3.568.0 - '@smithy/core': 2.4.0 - '@smithy/node-config-provider': 3.1.4 - '@smithy/protocol-http': 4.1.0 - '@smithy/signature-v4': 4.1.0 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - '@smithy/util-config-provider': 3.0.0 - '@smithy/util-middleware': 3.0.3 - '@smithy/util-stream': 3.1.3 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - - '@aws-sdk/middleware-ssec@3.609.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/middleware-user-agent@3.637.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@aws-sdk/util-endpoints': 3.637.0 - '@smithy/protocol-http': 4.1.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/region-config-resolver@3.614.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/node-config-provider': 3.1.4 - '@smithy/types': 3.3.0 - '@smithy/util-config-provider': 3.0.0 - '@smithy/util-middleware': 3.0.3 - tslib: 2.7.0 - - '@aws-sdk/signature-v4-multi-region@3.635.0': - dependencies: - '@aws-sdk/middleware-sdk-s3': 3.635.0 - '@aws-sdk/types': 3.609.0 - '@smithy/protocol-http': 4.1.0 - '@smithy/signature-v4': 4.1.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/token-providers@3.614.0(@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0))': - dependencies: - '@aws-sdk/client-sso-oidc': 3.637.0(@aws-sdk/client-sts@3.637.0) - '@aws-sdk/types': 3.609.0 - '@smithy/property-provider': 3.1.3 - '@smithy/shared-ini-file-loader': 3.1.4 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/types@3.609.0': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/util-arn-parser@3.568.0': - dependencies: - tslib: 2.7.0 - - '@aws-sdk/util-endpoints@3.637.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/types': 3.3.0 - '@smithy/util-endpoints': 2.0.5 - tslib: 2.7.0 - - '@aws-sdk/util-locate-window@3.568.0': - dependencies: - tslib: 2.7.0 - - '@aws-sdk/util-user-agent-browser@3.609.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/types': 3.3.0 - bowser: 2.11.0 - tslib: 2.7.0 - - '@aws-sdk/util-user-agent-node@3.614.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/node-config-provider': 3.1.4 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/xml-builder@3.609.0': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@babel/code-frame@7.24.7': - dependencies: - '@babel/highlight': 7.24.7 - picocolors: 1.1.0 - - '@babel/helper-validator-identifier@7.24.7': {} - - '@babel/highlight@7.24.7': - dependencies: - '@babel/helper-validator-identifier': 7.24.7 - chalk: 2.4.2 - js-tokens: 4.0.0 - picocolors: 1.1.0 - - '@cspotcode/source-map-support@0.8.1': - dependencies: - '@jridgewell/trace-mapping': 0.3.9 - - '@esbuild/aix-ppc64@0.23.1': - optional: true - - '@esbuild/android-arm64@0.23.1': - optional: true - - '@esbuild/android-arm@0.23.1': - optional: true - - '@esbuild/android-x64@0.23.1': - optional: true - - '@esbuild/darwin-arm64@0.23.1': - optional: true - - '@esbuild/darwin-x64@0.23.1': - optional: true - - '@esbuild/freebsd-arm64@0.23.1': - optional: true - - '@esbuild/freebsd-x64@0.23.1': - optional: true - - '@esbuild/linux-arm64@0.23.1': - optional: true - - '@esbuild/linux-arm@0.23.1': - optional: true - - '@esbuild/linux-ia32@0.23.1': - optional: true - - '@esbuild/linux-loong64@0.23.1': - optional: true - - '@esbuild/linux-mips64el@0.23.1': - optional: true - - '@esbuild/linux-ppc64@0.23.1': - optional: true - - '@esbuild/linux-riscv64@0.23.1': - optional: true - - '@esbuild/linux-s390x@0.23.1': - optional: true - - '@esbuild/linux-x64@0.23.1': - optional: true - - '@esbuild/netbsd-x64@0.23.1': - optional: true - - '@esbuild/openbsd-arm64@0.23.1': - optional: true - - '@esbuild/openbsd-x64@0.23.1': - optional: true - - '@esbuild/sunos-x64@0.23.1': - optional: true - - '@esbuild/win32-arm64@0.23.1': - optional: true - - '@esbuild/win32-ia32@0.23.1': - optional: true - - '@esbuild/win32-x64@0.23.1': - optional: true - - '@graphile/logger@0.2.0': {} - - '@jridgewell/resolve-uri@3.1.2': {} - - '@jridgewell/sourcemap-codec@1.5.0': {} - - '@jridgewell/trace-mapping@0.3.9': - dependencies: - '@jridgewell/resolve-uri': 3.1.2 - '@jridgewell/sourcemap-codec': 1.5.0 - - '@noble/hashes@1.5.0': {} - - '@paralleldrive/cuid2@2.2.2': - dependencies: - '@noble/hashes': 1.5.0 - - '@smithy/abort-controller@3.1.1': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/chunked-blob-reader-native@3.0.0': - dependencies: - '@smithy/util-base64': 3.0.0 - tslib: 2.7.0 - - '@smithy/chunked-blob-reader@3.0.0': - dependencies: - tslib: 2.7.0 - - '@smithy/config-resolver@3.0.5': - dependencies: - '@smithy/node-config-provider': 3.1.4 - '@smithy/types': 3.3.0 - '@smithy/util-config-provider': 3.0.0 - '@smithy/util-middleware': 3.0.3 - tslib: 2.7.0 - - '@smithy/core@2.4.0': - dependencies: - '@smithy/middleware-endpoint': 3.1.0 - '@smithy/middleware-retry': 3.0.15 - '@smithy/middleware-serde': 3.0.3 - '@smithy/protocol-http': 4.1.0 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - '@smithy/util-body-length-browser': 3.0.0 - '@smithy/util-middleware': 3.0.3 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - - '@smithy/credential-provider-imds@3.2.0': - dependencies: - '@smithy/node-config-provider': 3.1.4 - '@smithy/property-provider': 3.1.3 - '@smithy/types': 3.3.0 - '@smithy/url-parser': 3.0.3 - tslib: 2.7.0 - - '@smithy/eventstream-codec@3.1.2': - dependencies: - '@aws-crypto/crc32': 5.2.0 - '@smithy/types': 3.3.0 - '@smithy/util-hex-encoding': 3.0.0 - tslib: 2.7.0 - - '@smithy/eventstream-serde-browser@3.0.6': - dependencies: - '@smithy/eventstream-serde-universal': 3.0.5 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/eventstream-serde-config-resolver@3.0.3': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/eventstream-serde-node@3.0.5': - dependencies: - '@smithy/eventstream-serde-universal': 3.0.5 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/eventstream-serde-universal@3.0.5': - dependencies: - '@smithy/eventstream-codec': 3.1.2 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/fetch-http-handler@3.2.4': - dependencies: - '@smithy/protocol-http': 4.1.0 - '@smithy/querystring-builder': 3.0.3 - '@smithy/types': 3.3.0 - '@smithy/util-base64': 3.0.0 - tslib: 2.7.0 - - '@smithy/hash-blob-browser@3.1.2': - dependencies: - '@smithy/chunked-blob-reader': 3.0.0 - '@smithy/chunked-blob-reader-native': 3.0.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/hash-node@3.0.3': - dependencies: - '@smithy/types': 3.3.0 - '@smithy/util-buffer-from': 3.0.0 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - - '@smithy/hash-stream-node@3.1.2': - dependencies: - '@smithy/types': 3.3.0 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - - '@smithy/invalid-dependency@3.0.3': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/is-array-buffer@2.2.0': - dependencies: - tslib: 2.7.0 - - '@smithy/is-array-buffer@3.0.0': - dependencies: - tslib: 2.7.0 - - '@smithy/md5-js@3.0.3': - dependencies: - '@smithy/types': 3.3.0 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - - '@smithy/middleware-content-length@3.0.5': - dependencies: - '@smithy/protocol-http': 4.1.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/middleware-endpoint@3.1.0': - dependencies: - '@smithy/middleware-serde': 3.0.3 - '@smithy/node-config-provider': 3.1.4 - '@smithy/shared-ini-file-loader': 3.1.4 - '@smithy/types': 3.3.0 - '@smithy/url-parser': 3.0.3 - '@smithy/util-middleware': 3.0.3 - tslib: 2.7.0 - - '@smithy/middleware-retry@3.0.15': - dependencies: - '@smithy/node-config-provider': 3.1.4 - '@smithy/protocol-http': 4.1.0 - '@smithy/service-error-classification': 3.0.3 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - '@smithy/util-middleware': 3.0.3 - '@smithy/util-retry': 3.0.3 - tslib: 2.7.0 - uuid: 9.0.1 - - '@smithy/middleware-serde@3.0.3': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/middleware-stack@3.0.3': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/node-config-provider@3.1.4': - dependencies: - '@smithy/property-provider': 3.1.3 - '@smithy/shared-ini-file-loader': 3.1.4 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/node-http-handler@3.1.4': - dependencies: - '@smithy/abort-controller': 3.1.1 - '@smithy/protocol-http': 4.1.0 - '@smithy/querystring-builder': 3.0.3 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/property-provider@3.1.3': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/protocol-http@4.1.0': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/querystring-builder@3.0.3': - dependencies: - '@smithy/types': 3.3.0 - '@smithy/util-uri-escape': 3.0.0 - tslib: 2.7.0 - - '@smithy/querystring-parser@3.0.3': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/service-error-classification@3.0.3': - dependencies: - '@smithy/types': 3.3.0 - - '@smithy/shared-ini-file-loader@3.1.4': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/signature-v4@4.1.0': - dependencies: - '@smithy/is-array-buffer': 3.0.0 - '@smithy/protocol-http': 4.1.0 - '@smithy/types': 3.3.0 - '@smithy/util-hex-encoding': 3.0.0 - '@smithy/util-middleware': 3.0.3 - '@smithy/util-uri-escape': 3.0.0 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - - '@smithy/smithy-client@3.2.0': - dependencies: - '@smithy/middleware-endpoint': 3.1.0 - '@smithy/middleware-stack': 3.0.3 - '@smithy/protocol-http': 4.1.0 - '@smithy/types': 3.3.0 - '@smithy/util-stream': 3.1.3 - tslib: 2.7.0 - - '@smithy/types@3.3.0': - dependencies: - tslib: 2.7.0 - - '@smithy/url-parser@3.0.3': - dependencies: - '@smithy/querystring-parser': 3.0.3 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/util-base64@3.0.0': - dependencies: - '@smithy/util-buffer-from': 3.0.0 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - - '@smithy/util-body-length-browser@3.0.0': - dependencies: - tslib: 2.7.0 - - '@smithy/util-body-length-node@3.0.0': - dependencies: - tslib: 2.7.0 - - '@smithy/util-buffer-from@2.2.0': - dependencies: - '@smithy/is-array-buffer': 2.2.0 - tslib: 2.7.0 - - '@smithy/util-buffer-from@3.0.0': - dependencies: - '@smithy/is-array-buffer': 3.0.0 - tslib: 2.7.0 - - '@smithy/util-config-provider@3.0.0': - dependencies: - tslib: 2.7.0 - - '@smithy/util-defaults-mode-browser@3.0.15': - dependencies: - '@smithy/property-provider': 3.1.3 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - bowser: 2.11.0 - tslib: 2.7.0 - - '@smithy/util-defaults-mode-node@3.0.15': - dependencies: - '@smithy/config-resolver': 3.0.5 - '@smithy/credential-provider-imds': 3.2.0 - '@smithy/node-config-provider': 3.1.4 - '@smithy/property-provider': 3.1.3 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/util-endpoints@2.0.5': - dependencies: - '@smithy/node-config-provider': 3.1.4 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/util-hex-encoding@3.0.0': - dependencies: - tslib: 2.7.0 - - '@smithy/util-middleware@3.0.3': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/util-retry@3.0.3': - dependencies: - '@smithy/service-error-classification': 3.0.3 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/util-stream@3.1.3': - dependencies: - '@smithy/fetch-http-handler': 3.2.4 - '@smithy/node-http-handler': 3.1.4 - '@smithy/types': 3.3.0 - '@smithy/util-base64': 3.0.0 - '@smithy/util-buffer-from': 3.0.0 - '@smithy/util-hex-encoding': 3.0.0 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - - '@smithy/util-uri-escape@3.0.0': - dependencies: - tslib: 2.7.0 - - '@smithy/util-utf8@2.3.0': - dependencies: - '@smithy/util-buffer-from': 2.2.0 - tslib: 2.7.0 - - '@smithy/util-utf8@3.0.0': - dependencies: - '@smithy/util-buffer-from': 3.0.0 - tslib: 2.7.0 - - '@smithy/util-waiter@3.1.2': - dependencies: - '@smithy/abort-controller': 3.1.1 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@tsconfig/node10@1.0.11': {} - - '@tsconfig/node12@1.0.11': {} - - '@tsconfig/node14@1.0.3': {} - - '@tsconfig/node16@1.0.4': {} - - '@types/chai@4.3.20': {} - - '@types/debug@4.1.12': - dependencies: - '@types/ms': 0.7.34 - - '@types/interpret@1.1.3': - dependencies: - '@types/node': 22.5.2 - - '@types/mocha@10.0.9': {} - - '@types/ms@0.7.34': {} - - '@types/node@20.16.3': - dependencies: - undici-types: 6.19.8 - - '@types/node@22.5.2': - dependencies: - undici-types: 6.19.8 - - '@types/pg@8.11.8': - dependencies: - '@types/node': 22.5.2 - pg-protocol: 1.6.1 - pg-types: 4.0.2 - - '@types/retry@0.12.2': {} - - '@types/semver@7.5.8': {} - - acorn-walk@8.3.3: - dependencies: - acorn: 8.12.1 - - acorn@8.12.1: {} - - ansi-colors@4.1.3: {} - - ansi-regex@5.0.1: {} - - ansi-styles@3.2.1: - dependencies: - color-convert: 1.9.3 - - ansi-styles@4.3.0: - dependencies: - color-convert: 2.0.1 - - anymatch@3.1.3: - dependencies: - normalize-path: 3.0.0 - picomatch: 2.3.1 - - arg@4.1.3: {} - - argparse@2.0.1: {} - - assertion-error@2.0.1: {} - - balanced-match@1.0.2: {} - - base64-js@1.5.1: {} - - binary-extensions@2.3.0: {} - - bowser@2.11.0: {} - - brace-expansion@1.1.11: - dependencies: - balanced-match: 1.0.2 - concat-map: 0.0.1 - - brace-expansion@2.0.1: - dependencies: - balanced-match: 1.0.2 - - braces@3.0.3: - dependencies: - fill-range: 7.1.1 - - browser-stdout@1.3.1: {} - - buffer@5.6.0: - dependencies: - base64-js: 1.5.1 - ieee754: 1.2.1 - - callsites@3.1.0: {} - - camelcase@6.3.0: {} - - chai@5.1.2: - dependencies: - assertion-error: 2.0.1 - check-error: 2.1.1 - deep-eql: 5.0.2 - loupe: 3.1.2 - pathval: 2.0.0 - - chalk@2.4.2: - dependencies: - ansi-styles: 3.2.1 - escape-string-regexp: 1.0.5 - supports-color: 5.5.0 - - chalk@4.1.2: - dependencies: - ansi-styles: 4.3.0 - supports-color: 7.2.0 - - check-error@2.1.1: {} - - chokidar@3.6.0: - dependencies: - anymatch: 3.1.3 - braces: 3.0.3 - glob-parent: 5.1.2 - is-binary-path: 2.1.0 - is-glob: 4.0.3 - normalize-path: 3.0.0 - readdirp: 3.6.0 - optionalDependencies: - fsevents: 2.3.3 - - cliui@7.0.4: - dependencies: - string-width: 4.2.3 - strip-ansi: 6.0.1 - wrap-ansi: 7.0.0 - - cliui@8.0.1: - dependencies: - string-width: 4.2.3 - strip-ansi: 6.0.1 - wrap-ansi: 7.0.0 - - color-convert@1.9.3: - dependencies: - color-name: 1.1.3 - - color-convert@2.0.1: - dependencies: - color-name: 1.1.4 - - color-name@1.1.3: {} - - color-name@1.1.4: {} - - concat-map@0.0.1: {} - - cosmiconfig@8.3.6(typescript@5.5.4): - dependencies: - import-fresh: 3.3.0 - js-yaml: 4.1.0 - parse-json: 5.2.0 - path-type: 4.0.0 - optionalDependencies: - typescript: 5.5.4 - - create-require@1.1.1: {} - - debug@4.3.6: - dependencies: - ms: 2.1.2 - - debug@4.3.6(supports-color@5.5.0): - dependencies: - ms: 2.1.2 - optionalDependencies: - supports-color: 5.5.0 - - debug@4.3.6(supports-color@8.1.1): - dependencies: - ms: 2.1.2 - optionalDependencies: - supports-color: 8.1.1 - - decamelize@4.0.0: {} - - deep-eql@5.0.2: {} - - diff@4.0.2: {} - - diff@5.2.0: {} - - dotenv@16.4.5: {} - - emoji-regex@8.0.0: {} - - error-ex@1.3.2: - dependencies: - is-arrayish: 0.2.1 - - esbuild@0.23.1: - optionalDependencies: - '@esbuild/aix-ppc64': 0.23.1 - '@esbuild/android-arm': 0.23.1 - '@esbuild/android-arm64': 0.23.1 - '@esbuild/android-x64': 0.23.1 - '@esbuild/darwin-arm64': 0.23.1 - '@esbuild/darwin-x64': 0.23.1 - '@esbuild/freebsd-arm64': 0.23.1 - '@esbuild/freebsd-x64': 0.23.1 - '@esbuild/linux-arm': 0.23.1 - '@esbuild/linux-arm64': 0.23.1 - '@esbuild/linux-ia32': 0.23.1 - '@esbuild/linux-loong64': 0.23.1 - '@esbuild/linux-mips64el': 0.23.1 - '@esbuild/linux-ppc64': 0.23.1 - '@esbuild/linux-riscv64': 0.23.1 - '@esbuild/linux-s390x': 0.23.1 - '@esbuild/linux-x64': 0.23.1 - '@esbuild/netbsd-x64': 0.23.1 - '@esbuild/openbsd-arm64': 0.23.1 - '@esbuild/openbsd-x64': 0.23.1 - '@esbuild/sunos-x64': 0.23.1 - '@esbuild/win32-arm64': 0.23.1 - '@esbuild/win32-ia32': 0.23.1 - '@esbuild/win32-x64': 0.23.1 - - escalade@3.2.0: {} - - escape-string-regexp@1.0.5: {} - - escape-string-regexp@4.0.0: {} - - events@3.3.0: {} - - fast-xml-parser@4.4.1: - dependencies: - strnum: 1.0.5 - - fill-range@7.1.1: - dependencies: - to-regex-range: 5.0.1 - - find-up@5.0.0: - dependencies: - locate-path: 6.0.0 - path-exists: 4.0.0 - - flat@5.0.2: {} - - fs.realpath@1.0.0: {} - - fsevents@2.3.3: - optional: true - - get-caller-file@2.0.5: {} - - get-tsconfig@4.8.0: - dependencies: - resolve-pkg-maps: 1.0.0 - - glob-parent@5.1.2: - dependencies: - is-glob: 4.0.3 - - glob@8.1.0: - dependencies: - fs.realpath: 1.0.0 - inflight: 1.0.6 - inherits: 2.0.4 - minimatch: 5.1.6 - once: 1.4.0 - - graphile-config@0.0.1-beta.9: - dependencies: - '@types/interpret': 1.1.3 - '@types/node': 20.16.3 - '@types/semver': 7.5.8 - chalk: 4.1.2 - debug: 4.3.6 - interpret: 3.1.1 - semver: 7.6.3 - tslib: 2.7.0 - yargs: 17.7.2 - transitivePeerDependencies: - - supports-color - - graphile-worker@0.16.6(typescript@5.5.4): - dependencies: - '@graphile/logger': 0.2.0 - '@types/debug': 4.1.12 - '@types/pg': 8.11.8 - cosmiconfig: 8.3.6(typescript@5.5.4) - graphile-config: 0.0.1-beta.9 - json5: 2.2.3 - pg: 8.12.0 - tslib: 2.7.0 - yargs: 17.7.2 - transitivePeerDependencies: - - pg-native - - supports-color - - typescript - - has-flag@3.0.0: {} - - has-flag@4.0.0: {} - - he@1.2.0: {} - - ieee754@1.2.1: {} - - ignore-by-default@1.0.1: {} - - import-fresh@3.3.0: - dependencies: - parent-module: 1.0.1 - resolve-from: 4.0.0 - - inflight@1.0.6: - dependencies: - once: 1.4.0 - wrappy: 1.0.2 - - inherits@2.0.4: {} - - interpret@3.1.1: {} - - is-arrayish@0.2.1: {} - - is-binary-path@2.1.0: - dependencies: - binary-extensions: 2.3.0 - - is-extglob@2.1.1: {} - - is-fullwidth-code-point@3.0.0: {} - - is-glob@4.0.3: - dependencies: - is-extglob: 2.1.1 - - is-network-error@1.1.0: {} - - is-number@7.0.0: {} - - is-plain-obj@2.1.0: {} - - is-unicode-supported@0.1.0: {} - - js-tokens@4.0.0: {} - - js-yaml@4.1.0: - dependencies: - argparse: 2.0.1 - - json-parse-even-better-errors@2.3.1: {} - - json5@2.2.3: {} - - lines-and-columns@1.2.4: {} - - locate-path@6.0.0: - dependencies: - p-locate: 5.0.0 - - log-symbols@4.1.0: - dependencies: - chalk: 4.1.2 - is-unicode-supported: 0.1.0 - - loupe@3.1.2: {} - - make-error@1.3.6: {} - - minimatch@3.1.2: - dependencies: - brace-expansion: 1.1.11 - - minimatch@5.1.6: - dependencies: - brace-expansion: 2.0.1 - - mocha@10.7.3: - dependencies: - ansi-colors: 4.1.3 - browser-stdout: 1.3.1 - chokidar: 3.6.0 - debug: 4.3.6(supports-color@8.1.1) - diff: 5.2.0 - escape-string-regexp: 4.0.0 - find-up: 5.0.0 - glob: 8.1.0 - he: 1.2.0 - js-yaml: 4.1.0 - log-symbols: 4.1.0 - minimatch: 5.1.6 - ms: 2.1.3 - serialize-javascript: 6.0.2 - strip-json-comments: 3.1.1 - supports-color: 8.1.1 - workerpool: 6.5.1 - yargs: 16.2.0 - yargs-parser: 20.2.9 - yargs-unparser: 2.0.0 - - ms@2.1.2: {} - - ms@2.1.3: {} - - nodemon@3.1.4: - dependencies: - chokidar: 3.6.0 - debug: 4.3.6(supports-color@5.5.0) - ignore-by-default: 1.0.1 - minimatch: 3.1.2 - pstree.remy: 1.1.8 - semver: 7.6.3 - simple-update-notifier: 2.0.0 - supports-color: 5.5.0 - touch: 3.1.1 - undefsafe: 2.0.5 - - normalize-path@3.0.0: {} - - obuf@1.1.2: {} - - once@1.4.0: - dependencies: - wrappy: 1.0.2 - - p-limit@3.1.0: - dependencies: - yocto-queue: 0.1.0 - - p-locate@5.0.0: - dependencies: - p-limit: 3.1.0 - - p-retry@6.2.0: - dependencies: - '@types/retry': 0.12.2 - is-network-error: 1.1.0 - retry: 0.13.1 - - parent-module@1.0.1: - dependencies: - callsites: 3.1.0 - - parse-json@5.2.0: - dependencies: - '@babel/code-frame': 7.24.7 - error-ex: 1.3.2 - json-parse-even-better-errors: 2.3.1 - lines-and-columns: 1.2.4 - - path-exists@4.0.0: {} - - path-type@4.0.0: {} - - pathval@2.0.0: {} - - pg-cloudflare@1.1.1: - optional: true - - pg-connection-string@2.6.4: {} - - pg-int8@1.0.1: {} - - pg-numeric@1.0.2: {} - - pg-pool@3.6.2(pg@8.12.0): - dependencies: - pg: 8.12.0 - - pg-protocol@1.6.1: {} - - pg-types@2.2.0: - dependencies: - pg-int8: 1.0.1 - postgres-array: 2.0.0 - postgres-bytea: 1.0.0 - postgres-date: 1.0.7 - postgres-interval: 1.2.0 - - pg-types@4.0.2: - dependencies: - pg-int8: 1.0.1 - pg-numeric: 1.0.2 - postgres-array: 3.0.2 - postgres-bytea: 3.0.0 - postgres-date: 2.1.0 - postgres-interval: 3.0.0 - postgres-range: 1.1.4 - - pg@8.12.0: - dependencies: - pg-connection-string: 2.6.4 - pg-pool: 3.6.2(pg@8.12.0) - pg-protocol: 1.6.1 - pg-types: 2.2.0 - pgpass: 1.0.5 - optionalDependencies: - pg-cloudflare: 1.1.1 - - pgpass@1.0.5: - dependencies: - split2: 4.2.0 - - picocolors@1.1.0: {} - - picomatch@2.3.1: {} - - postgres-array@2.0.0: {} - - postgres-array@3.0.2: {} - - postgres-bytea@1.0.0: {} - - postgres-bytea@3.0.0: - dependencies: - obuf: 1.1.2 - - postgres-date@1.0.7: {} - - postgres-date@2.1.0: {} - - postgres-interval@1.2.0: - dependencies: - xtend: 4.0.2 - - postgres-interval@3.0.0: {} - - postgres-range@1.1.4: {} - - pstree.remy@1.1.8: {} - - randombytes@2.1.0: - dependencies: - safe-buffer: 5.2.1 - - readable-stream@3.6.2: - dependencies: - inherits: 2.0.4 - string_decoder: 1.3.0 - util-deprecate: 1.0.2 - - readdirp@3.6.0: - dependencies: - picomatch: 2.3.1 - - require-directory@2.1.1: {} - - resolve-from@4.0.0: {} - - resolve-pkg-maps@1.0.0: {} - - retry@0.13.1: {} - - safe-buffer@5.2.1: {} - - semver@7.6.3: {} - - serialize-javascript@6.0.2: - dependencies: - randombytes: 2.1.0 - - simple-update-notifier@2.0.0: - dependencies: - semver: 7.6.3 - - split2@4.2.0: {} - - stream-browserify@3.0.0: - dependencies: - inherits: 2.0.4 - readable-stream: 3.6.2 - - string-width@4.2.3: - dependencies: - emoji-regex: 8.0.0 - is-fullwidth-code-point: 3.0.0 - strip-ansi: 6.0.1 - - string_decoder@1.3.0: - dependencies: - safe-buffer: 5.2.1 - - strip-ansi@6.0.1: - dependencies: - ansi-regex: 5.0.1 - - strip-json-comments@3.1.1: {} - - strnum@1.0.5: {} - - supports-color@5.5.0: - dependencies: - has-flag: 3.0.0 - - supports-color@7.2.0: - dependencies: - has-flag: 4.0.0 - - supports-color@8.1.1: - dependencies: - has-flag: 4.0.0 - - to-regex-range@5.0.1: - dependencies: - is-number: 7.0.0 - - touch@3.1.1: {} - - ts-node@10.9.2(@types/node@22.5.2)(typescript@5.5.4): - dependencies: - '@cspotcode/source-map-support': 0.8.1 - '@tsconfig/node10': 1.0.11 - '@tsconfig/node12': 1.0.11 - '@tsconfig/node14': 1.0.3 - '@tsconfig/node16': 1.0.4 - '@types/node': 22.5.2 - acorn: 8.12.1 - acorn-walk: 8.3.3 - arg: 4.1.3 - create-require: 1.1.1 - diff: 4.0.2 - make-error: 1.3.6 - typescript: 5.5.4 - v8-compile-cache-lib: 3.0.1 - yn: 3.1.1 - - tslib@2.7.0: {} - - tsx@4.19.0: - dependencies: - esbuild: 0.23.1 - get-tsconfig: 4.8.0 - optionalDependencies: - fsevents: 2.3.3 - - typescript@5.5.4: {} - - undefsafe@2.0.5: {} - - undici-types@6.19.8: {} - - util-deprecate@1.0.2: {} - - uuid@9.0.1: {} - - v8-compile-cache-lib@3.0.1: {} - - workerpool@6.5.1: {} - - wrap-ansi@7.0.0: - dependencies: - ansi-styles: 4.3.0 - string-width: 4.2.3 - strip-ansi: 6.0.1 - - wrappy@1.0.2: {} - - xtend@4.0.2: {} - - y18n@5.0.8: {} - - yargs-parser@20.2.9: {} - - yargs-parser@21.1.1: {} - - yargs-unparser@2.0.0: - dependencies: - camelcase: 6.3.0 - decamelize: 4.0.0 - flat: 5.0.2 - is-plain-obj: 2.1.0 - - yargs@16.2.0: - dependencies: - cliui: 7.0.4 - escalade: 3.2.0 - get-caller-file: 2.0.5 - require-directory: 2.1.1 - string-width: 4.2.3 - y18n: 5.0.8 - yargs-parser: 20.2.9 - - yargs@17.7.2: - dependencies: - cliui: 8.0.1 - escalade: 3.2.0 - get-caller-file: 2.0.5 - require-directory: 2.1.1 - string-width: 4.2.3 - y18n: 5.0.8 - yargs-parser: 21.1.1 - - yn@3.1.1: {} - - yocto-queue@0.1.0: {} diff --git a/services/factory/src/config.ts b/services/factory/src/config.ts deleted file mode 100644 index a454d6c..0000000 --- a/services/factory/src/config.ts +++ /dev/null @@ -1,70 +0,0 @@ -import { config } from 'dotenv' -import { join, dirname } from 'node:path' -import { fileURLToPath } from 'node:url'; -const __dirname = dirname(fileURLToPath(import.meta.url)); -config({ path: join(__dirname, '../../../.env.development') }) - - -if (!process.env.WORKER_CONNECTION_STRING) throw new Error("WORKER_CONNECTION_STRING was missing from env"); -if (!process.env.POSTGREST_URL) throw new Error('Missing POSTGREST_URL env var'); -if (!process.env.AUTOMATION_USER_JWT) throw new Error('Missing AUTOMATION_USER_JWT env var'); -if (!process.env.S3_ACCESS_KEY_ID) throw new Error('Missing S3_ACCESS_KEY_ID env var'); -if (!process.env.S3_SECRET_ACCESS_KEY) throw new Error('Missing S3_BUCKET_APPLICATION_KEY env var'); -if (!process.env.S3_REGION) throw new Error('Missing S3_REGION env var'); -if (!process.env.S3_ENDPOINT) throw new Error('Missing S3_REGION env var'); -if (!process.env.S3_MAIN_BUCKET) throw new Error('Missing S3_BUCKET env var'); -if (!process.env.S3_USC_BUCKET) throw new Error('Missing S3_USC_BUCKET env var'); -if (!process.env.CACHE_DIR) throw new Error('Missing CACHE_DIR env var'); -if (!process.env.PATREON_CREATOR_ACCESS_TOKEN) throw new Error('Missing PATREON_CREATOR_ACCESS_TOKEN env var'); -if (!process.env.PATREON_CREATOR_REFRESH_TOKEN) throw new Error('Missing PATREON_CREATOR_REFRESH_TOKEN env var'); -if (!process.env.SUPERTOKENS_URL) throw new Error('Missing SUPERTOKENS_URL env var'); -if (!process.env.SUPERTOKENS_API_KEY) throw new Error('Missing SUPERTOKENS_API_KEY env var'); -const postgrestUrl = process.env.POSTGREST_URL! -const automationUserJwt = process.env.AUTOMATION_USER_JWT! -const connectionString = process.env.WORKER_CONNECTION_STRING! -const s3AccessKeyId = process.env.S3_ACCESS_KEY_ID! -const s3Region = process.env.S3_REGION! -const s3Endpoint = process.env.S3_ENDPOINT! -const s3SecretAccessKey = process.env.S3_SECRET_ACCESS_KEY! -const s3MainBucket = process.env.S3_MAIN_BUCKET! -const s3UscBucket = process.env.S3_USC_BUCKET! -const cacheDir = process.env.CACHE_DIR! -const patreonCreatorAccessToken = process.env.PATREON_CREATOR_ACCESS_TOKEN! -const patreonCreatorRefreshToken = process.env.PATREON_CREATOR_REFRESH_TOKEN! -const supertokensUrl = process.env.SUPERTOKENS_URL! -const supertokensApiKey = process.env.SUPERTOKENS_API_KEY! - -export interface Config { - postgrestUrl: string; - automationUserJwt: string; - connectionString: string; - s3AccessKeyId: string; - s3SecretAccessKey: string; - s3Region: string; - s3Endpoint: string; - s3UscBucket: string; - s3MainBucket: string; - cacheDir: string; - patreonCreatorAccessToken: string; - patreonCreatorRefreshToken: string; - supertokensUrl: string; - supertokensApiKey: string; -} - - -export const configs: Config = { - postgrestUrl, - automationUserJwt, - connectionString, - s3AccessKeyId, - s3SecretAccessKey, - s3Endpoint, - s3Region, - s3MainBucket, - s3UscBucket, - cacheDir, - patreonCreatorAccessToken, - patreonCreatorRefreshToken, - supertokensUrl, - supertokensApiKey, -} diff --git a/services/factory/src/index.ts b/services/factory/src/index.ts deleted file mode 100644 index e961f07..0000000 --- a/services/factory/src/index.ts +++ /dev/null @@ -1,45 +0,0 @@ - -import type { RunnerOptions } from 'graphile-worker' -import type { GraphileConfig } from "graphile-config"; -import { run } from 'graphile-worker' -import { join, dirname } from 'node:path' -import { fileURLToPath } from 'url' -import { configs } from './config.ts' - -const __dirname = dirname(fileURLToPath(import.meta.url)); - - -async function setupGraphileWorker() { - try { - const preset: GraphileConfig.Preset = { - worker: { - connectionString: configs.connectionString, - concurrentJobs: 3, - fileExtensions: [".js", ".ts"], - taskDirectory: join(__dirname, 'tasks') - }, - }; - // console.log('worker preset as follows') - // console.log(preset) - const runnerOptions: RunnerOptions = { - preset - } - - const runner = await run(runnerOptions) - if (!runner) throw new Error('failed to initialize graphile worker'); - await runner.promise - } catch (e) { - console.error('error caught during setupGraphileWorker') - console.error(e) - } -} - -async function main() { - await setupGraphileWorker() -} - -main().catch((e) => { - console.error("error during main() function") - console.error(e) - process.exit(3) -}) \ No newline at end of file diff --git a/services/factory/src/tasks/combine_video_segments.ts b/services/factory/src/tasks/combine_video_segments.ts deleted file mode 100644 index 8781c2d..0000000 --- a/services/factory/src/tasks/combine_video_segments.ts +++ /dev/null @@ -1,337 +0,0 @@ - -import { Helpers, type Task } from 'graphile-worker' -import { basename, join } from 'node:path'; -import { S3Client } from "@aws-sdk/client-s3" -import { Upload } from "@aws-sdk/lib-storage" -import { createId } from '@paralleldrive/cuid2'; -import { execFile } from 'node:child_process'; -import { configs } from '../config'; -import { PassThrough, Readable } from 'node:stream'; -import { createReadStream } from 'node:fs'; -import { stat, writeFile } from 'node:fs/promises'; -import { pipeline } from 'node:stream/promises'; -import { tmpdir } from 'node:os'; -import patchVodInDatabase from '@futureporn/fetchers/patchVodInDatabase.ts' -import { downloadFile } from '@futureporn/storage/s3.ts'; -import { S3FileRecord, SegmentResponse } from '@futureporn/types'; -import getVod from '@futureporn/fetchers/getVod.ts'; -import { type S3ClientConfig } from "@aws-sdk/client-s3"; -import pRetry, {AbortError} from 'p-retry' -import { getFileChecksum, getTmpFile } from '@futureporn/utils/file.ts'; - -interface s3ManifestEntry { - key: string; - bytes: number; -} - -interface Payload { - vod_id?: string; - s3_manifest?: S3FileRecord[]; -} - -interface S3Target { - Bucket: string; - Key: string; - Body: Readable; -} - -interface S3UploadParameters { - bucket: string; - keyName: string; - uploadStream: PassThrough; - client: S3Client; - onProgress?: Function; -} - - -function assertPayload(payload: any): asserts payload is Payload { - if (typeof payload !== "object" || !payload) throw new Error("invalid payload"); -} - -async function withRetry(fn: () => Promise, retries = 3): Promise { - return pRetry(fn, { - onFailedAttempt: (e: Error) => { - console.error(`Error during attempt:`, e); - }, - retries - }); -} - -/** - * - * generate a txt file on disk which ffmpeg's concat filter will use to concatenate files. - * example: ffmpeg -f concat -safe 0 -i ./files.txt -c copy ./projektmelody-chaturbate-2023-07-18.mp4 - * the text file is written to os.tmpdir() - * the text file contents looks like the following. - * - * file './cb-recording-part-1.mp4' - * file './cb-recording-part-2.mp4' - * file './cb-recording-part-3.mp4' - */ -const getFFmpegConcatSpecFile = async function (inputVideoFilePaths: string[]): Promise { - if (!inputVideoFilePaths) throw new Error('getFFmpegConcatSpec file requires an array of filepaths as argument, but it was undefined'); - if (inputVideoFilePaths.length < 1) throw new Error('getFFmpegConcatSpec arg0, inputVideoFilePaths was length 0 which is unsupported.'); - let lines = [] - for (const filePath of inputVideoFilePaths) { - lines.push(`file '${filePath}'`) - } - const specFilePath = join(tmpdir(), `concat-spec-${createId()}`) - await writeFile(specFilePath, lines.join('\n'), { encoding: 'utf-8' }) - return specFilePath -} - -const getFFmpegConcatenation = async function (specFilePath: string, outputPath: string) { - if (!specFilePath) throw new Error('getFFmpegStream requires specFilePath as arg'); - const execFileP = promisify(execFile) - const { stdout, stderr } = await execFileP('ffmpeg', [ - '-f', 'concat', - '-safe', '0', - '-i', specFilePath, - '-c', 'copy', - outputPath - ]) - console.log(stdout) - console.log(stderr) - return outputPath -} - -const concatVideos = async function (videoFilePaths: string[]): Promise { - console.log(`concatVideos with ${JSON.stringify(videoFilePaths)}`) - if (!videoFilePaths || videoFilePaths.length < 1 || typeof videoFilePaths[0] !== 'string') throw new Error('concatVideos requires videoFilePaths as arg, but it was undefined or not an array of strings'); - if (videoFilePaths.length === 1) { - // if there is only one video, we don't need to do anything. - return videoFilePaths[0] - } - const concatSpec = await getFFmpegConcatSpecFile(videoFilePaths) - const outputVideoPath = join(tmpdir(), `${basename(videoFilePaths[0], '.mp4')}-${createId()}.mp4`) - try { - await getFFmpegConcatenation(concatSpec, outputVideoPath) - } catch (err) { - console.error(`error encountered while concatenating video files together`) - console.error(err) - throw err - } - return outputVideoPath -} - - - - -const getS3ParallelUpload = async function ({ - filePath, - client, - s3KeyName -}: { - s3KeyName: string, - filePath: string, - client: S3Client, -}): Promise<{upload: Upload, uploadStream: PassThrough}> { - if (!filePath) throw new Error("first argument passed to uploadToS3, 'filePath' is undefined"); - - console.log(`uploading ${s3KeyName} to S3`) - - const uploadStream = new PassThrough() - const target: S3Target = { - Bucket: configs.s3UscBucket, - Key: s3KeyName, - Body: uploadStream - } - - const upload = new Upload({ - client, - partSize: 1024 * 1024 * 5, - queueSize: 1, - leavePartsOnError: false, - params: target, - }); - - - return { upload, uploadStream } -} - - -/** - * Checks if a file exists at the specified path. - */ -async function fileExists(path: string): Promise { - try { - await stat(path); - return true; - } catch { - return false; - } -} - -/** - * Validates checksum if an expected checksum is provided. - */ -async function validateChecksumIfNeeded(filePath: string, segment: SegmentResponse) { - const expectedChecksum = segment?.checksum; - if (expectedChecksum) { - const actualChecksum = await getFileChecksum(filePath, 'md5'); - if (expectedChecksum !== actualChecksum) { - throw new Error(`Downloaded segment ${segment.id} but the expected checksum ${expectedChecksum} did not match actual ${actualChecksum}.`); - } - } -} - -/** - * downloadSegment - * - * - [x] If the file is already in local cache, that file is used. - * - [x] Validates checksum to ensure file is whole - */ -async function downloadSegment(client: S3Client, segment: SegmentResponse) { - if (!segment) throw new Error('segment passed to downloadSegment was missing'); - if (!segment.s3_key) throw new Error('segment passed to downloadSegment was missing s3_key'); - - const cachePath = join(configs.cacheDir, segment.s3_key); - const isFileInCache = await fileExists(cachePath); - - // Check and return cache if available - if (isFileInCache) { - await validateChecksumIfNeeded(cachePath, segment); - return cachePath; - } - - // Download segment and validate checksum - const tmpFilePath = await withRetry(() => downloadFile(client, configs.s3UscBucket, segment.s3_key), 3); - await validateChecksumIfNeeded(tmpFilePath, segment); - - return tmpFilePath; -} - -/** - * downloadSegments - * - * Download a list of segments from S3. - - */ -async function downloadSegments(client: S3Client, segments: SegmentResponse[]) { - for (const segment of segments) { - const segmentFilePath = await downloadSegment(client, segment) - } -} - -/** - * doIntegratedCombine - * - * Integrated combine_video_segments is when the requester is giving us only a vod_id - * It's our job to inspect the vod and get it's segments and combine them - * Then upload the result to S3 and update the vod's s3_file - * - */ -async function doIntegratedCombine(helpers: Helpers, vod_id: string) { - /** - * Here we take a manifest of S3 files and we download each of them. - * Then we combine them all, preserving original order using `ffmpeg -f concat` - * Then we upload the resulting video to S3 - * Then we create records in Postgrest - * * s3_file - * * vod - * - * After the records are created, - * if we were told about a stream record that this recording belongs to, - * we edit the stream record, adding a relation to the vod we just created. - */ - - try { - - const vod = await getVod(vod_id) - if (!vod) throw new Error('doIntegratedCombine failed to get vod'); - - // * [x] Get a list of segments associated with this vod. - // * [ ] Download the segments (or pull from disk cache) - // * [ ] VALIDATE segment checksums(?) - // * [ ] Combine segments using ffmpeg - // * [ ] Upload resulting video - // * [ ] Create s3_file with resulting video information - // * [ ] Update s3_file vod record to reference s3_file - - const options: S3ClientConfig = { - endpoint: configs.s3Endpoint, - region: configs.s3Region, - credentials: { - accessKeyId: configs.s3AccessKeyId, - secretAccessKey: configs.s3SecretAccessKey - } - } - const client = new S3Client(options); - - if (!vod.segments) throw new Error('vod.segments was missing'); - const segments = vod.segments - - const localSegments = await downloadSegments(client, segments) - - const s3Manifest = s3_manifest - - - const inputVideoFilePaths = await Promise.all(s3Manifest.filter((m: S3FileRecord) => (m.bytes !== 0)).map((m) => downloadFile(client, configs.s3UscBucket, m.key))) - const concatenatedVideoFile = await concatVideos(inputVideoFilePaths) - const s3KeyName = basename(concatenatedVideoFile) - const inputStream = createReadStream(concatenatedVideoFile) - const filePath = concatenatedVideoFile - const { uploadStream, upload } = await getS3ParallelUpload({ client, s3KeyName, filePath }) - pipeline(inputStream, uploadStream) - await upload.done() - - if (!vod_id) throw new Error('vod_id was missing from payload'); - // update the vod with the s3_file of the combined video - const payload = { - s3_file: s3KeyName, - vod_id - } - await patchVodInDatabase(vod_id, payload) - - - } catch (e: any) { - helpers.logger.error('combine_video_segments failed') - if (e instanceof Error) { - helpers.logger.error(e.message) - } else { - helpers.logger.error(e) - } - throw e - } - -} - - -/** - * doSoloRequest - * - * Solo combine_video_segments is when the requester is giving us a s3_manifest - * Which is just a S3FileRecord[] - * - * It's our job to download those files and combine them, then upload the result to S3 - */ -async function doSoloCombine(helpers: Helpers, s3_manifest: S3FileRecord[]) { - const s3Manifest = s3_manifest - const inputVideoFilePaths = await Promise.all(s3Manifest.filter((m) => (m.bytes !== 0)).map((m) => downloadFile(client, configs.s3UscBucket, m.key))) -} - - -export const combine_video_segments: Task = async function (payload: unknown, helpers: Helpers) { - // helpers.logger.info('the following is the raw Task payload') - // helpers.logger.info(payload) - // helpers.logger.info(JSON.stringify(payload?.s3_manifest)) - assertPayload(payload) - const { s3_manifest, vod_id } = payload - if (!vod_id) throw new Error('combine_video_segments was called without a vod_id.'); - helpers.logger.info(`🏗️ combine_video_segments started with s3_manifest=${JSON.stringify(s3_manifest)}, vod_id=${vod_id}`) - - const isSoloRequest = (!!vod_id && !s3_manifest) - const isIntegratedRequest = (!!s3_manifest?.length && !vod_id) - - if (isSoloRequest && !isIntegratedRequest) { - await doSoloCombine(helpers, s3_manifest!) - } else if (isIntegratedRequest && !isSoloRequest) { - await doIntegratedCombine(helpers, vod_id) - } else { - throw new Error(`Ambiguous request. Use either s3_manifest or vod_id argument, not both.`); - } - -} - - -export default combine_video_segments \ No newline at end of file diff --git a/services/factory/src/tasks/generate_thumbnail.ts b/services/factory/src/tasks/generate_thumbnail.ts deleted file mode 100644 index 469dba1..0000000 --- a/services/factory/src/tasks/generate_thumbnail.ts +++ /dev/null @@ -1,92 +0,0 @@ -import type { Task, Helpers } from "graphile-worker"; -import getVod from "@futureporn/fetchers/getVod.ts"; -import { getStoryboard } from '@futureporn/utils/image.ts' -import { getCdnUrl, uploadFile, type S3FileArgs } from '@futureporn/storage/s3.ts' -import patchVodInDatabase from "@futureporn/fetchers/patchVodInDatabase.ts"; -import { configs } from "../config"; - -interface Payload { - vod_id?: string; - video_url?: string; -} - -function assertPayload(payload: any): asserts payload is Payload { - if (typeof payload !== "object" || !payload) throw new Error("invalid payload (it must be an object)"); - if (typeof payload.vod_id !== "string" && typeof payload.video_url !== "string") throw new Error("payload requires either vod_id or video_url, however both were not a string."); -} - - -async function doIntegratedRequest(vodId: string): Promise { - - const vod = await getVod(vodId) - const s3_file = vod?.s3_file - if (!s3_file) throw new Error(`vod ${vodId} was missing a s3_file.`); - - // we need to get a CDN url to the vod so we can download chunks of the file in order for Prevvy to create the storyboard image. - const cdnUrl = getCdnUrl(configs.s3MainBucket, s3_file.s3_key) - - const thumbnailCdnUrl = await getThumbnailCdnUrl(cdnUrl) - - await patchVodInDatabase(vodId, { thumbnail: thumbnailCdnUrl }) - - - -} - - -async function getThumbnailCdnUrl(videoUrl: string): Promise { - - const tmpImagePath = await getStoryboard(videoUrl) - - // we need to upload the image to S3 - const uploadArgs: S3FileArgs = { - filePath: tmpImagePath, - s3AccessKeyId: configs.s3AccessKeyId, - s3SecretAccessKey: configs.s3SecretAccessKey, - s3BucketName: configs.s3MainBucket, - s3Endpoint: configs.s3Region, - s3Region: configs.s3Region - } - - const upload = await uploadFile(uploadArgs) - if (!upload) throw new Error(`failed to upload ${tmpImagePath} to S3`); - if (!upload.Key) throw new Error(`failed to upload ${tmpImagePath} to S3 (upload.Key was missing)`); - - // we need to create a S3 file in the db - const thumbnail = getCdnUrl(configs.s3MainBucket, upload.Key) - - return thumbnail - -} - -async function doSoloRequest(videoUrl: string): Promise { - await getThumbnailCdnUrl(videoUrl) -} - - -export const generate_thumbnail: Task = async function (payload: unknown, helpers: Helpers) { - assertPayload(payload) - const { vod_id, video_url } = payload - - helpers.logger.info(`🏗️ generate_thumbnail started with vod_id=${vod_id}, video_url=${video_url}`); - - - // Determine what kind of request is being made. - // It could be one of two scenarios - // * Here is a VOD record in the database, please update it's thumbnail. (integratedRequest) - // * Here is a video URL, please give us a thumbnail URL. (soloRequest) - // - const integratedRequest = (!!vod_id && !video_url) - const soloRequest = (!!video_url && !vod_id) - - if (integratedRequest) { - await doIntegratedRequest(vod_id) - } else if (soloRequest) { - await getThumbnailCdnUrl(video_url) - } else { - throw new Error(`unsupported ambiguous request!`) - } - -} - -export default generate_thumbnail \ No newline at end of file diff --git a/services/factory/src/tasks/process_video.ts b/services/factory/src/tasks/process_video.ts deleted file mode 100644 index 1530b03..0000000 --- a/services/factory/src/tasks/process_video.ts +++ /dev/null @@ -1,72 +0,0 @@ -import type { Helpers, Task } from "graphile-worker" -import getVod from "@futureporn/fetchers/getVod.ts" - -interface Payload { - vod_id: string; -} - -function assertPayload(payload: any): asserts payload is Payload { - if (typeof payload !== "object" || !payload) throw new Error("invalid payload (it must be an object)"); - if (typeof payload.vod_id !== "string") throw new Error("payload.vod_id was not a string"); -} - - - - -/** - * - * # process_video - * - * We just recorded a livestream. Now what? - * process_video takes a /vods record and runs a bunch of processes to get it ready for publishing. - * - * The following are graphile-worker tasks which process_video is responsible for adding to the job queue. - * Some of these tasks are run conditionally based on the structure of the /vods record. - * For example, combine_video_segments is only useful on a vod recording which ended up with multiple segments. - * - * - combine_video_segments - * - remux_video - * - generate_thumbnail - * - queue_moderator_review - * - create_mux_asset - * - create_torrent - * - * Some of the above Tasks are dependent on others. generate_thumbnail and everything following it depends on combine_video_segments. - * graphile-worker doesn't have support for dependent tasks, - * thus our solution is to invoke ALL the above jobs immediately, and build those jobs to fail if pre-conditions are unmet. - * all listed jobs are also idempotent, which means if they don't need to run (previously already performed their tasks), they will exit without doing anything. - * - */ -const process_video: Task = async function (payload: unknown, helpers: Helpers) { - assertPayload(payload) - const { vod_id } = payload - helpers.logger.info(`🏗️ process_video task has begun for vod_id=${vod_id}`) - - - const vod = await getVod(vod_id) - if (!vod) throw new Error(`failed to get vod from database.`); - if (!vod.segments) throw new Error(`vod ${vod_id} fetched from database lacked any segments.`); - - const maxAttempts = 6 - const isCombinationNeeded = (vod.segments.length > 1) - if (isCombinationNeeded) { - const s3_manifest = vod.segments.map((segment) => ({ key: segment.s3_key, bytes: segment.bytes })) - helpers.logger.info(`There are ${vod.segments.length} segments; Concatenation is needed.`) - helpers.addJob('combine_video_segments', { s3_manifest, vod_id }, { maxAttempts }) - } else { - helpers.addJob('remux_video', { vod_id }, { maxAttempts }) - } - - helpers.addJob('generate_thumbnail', { vod_id }, { maxAttempts }) - // helpers.addJob('queue_moderator_review', { }) - // helpers.addJob('create_mux_asset', { }) - // helpers.addJob('create_torrent', { }) - // helpers.addJob('create_ipfs', { }) - - - - - -} - -export default process_video; diff --git a/services/factory/src/tasks/remux_video.ts b/services/factory/src/tasks/remux_video.ts deleted file mode 100644 index ac057f4..0000000 --- a/services/factory/src/tasks/remux_video.ts +++ /dev/null @@ -1,83 +0,0 @@ -import type { Helpers, Task } from "graphile-worker" -import { configs } from "../config" -import getVod from "@futureporn/fetchers/getVod.ts" -import { downloadFile, uploadFile, type S3FileArgs } from "@futureporn/storage/s3.ts" -import { remux } from '@futureporn/utils/video.ts' -import { getTmpFile } from "@futureporn/utils/file.ts" -import { basename } from "node:path" -import patchVodInDatabase from "@futureporn/fetchers/patchVodInDatabase.ts" -import { S3Client, S3ClientConfig } from "@aws-sdk/client-s3" - -interface Payload { - vod_id: string; -} - -function assertPayload(payload: any): asserts payload is Payload { - if (typeof payload !== "object" || !payload) throw new Error("invalid payload (it must be an object)"); - if (typeof payload.vod_id !== "string") throw new Error("payload.vod_id was not a string"); -} - - - - -/** - * - * # remux_video - * - * convert a .ts video file to a .mp4 video file (safely, without loss of quality) - */ -const remux_video: Task = async function (payload: unknown, helpers: Helpers) { - assertPayload(payload) - const { vod_id } = payload - helpers.logger.info(`🏗️ remux_video task has begun for vod_id=${vod_id}`) - - - const vod = await getVod(vod_id) - if (!vod) throw new Error(`failed to get vod from database.`); - if (!vod.segments) throw new Error(`vod ${vod_id} fetched from database lacked any segments.`); - if (!vod.segments.at(0)) throw new Error(`vod ${vod_id} lacked a recorded segment.`); - if (!vod.segments.at(0)?.s3_key) throw new Error(`vod ${vod_id} lacked a recorded segment s3_key name.`); - - const segmentFileName = vod.segments.at(0)!.s3_key - if (!segmentFileName.endsWith('.ts')) throw new Error(`vod ${vod_id} recording segment ${segmentFileName} did not end with .ts, which is expected.`); - - const moreThanOneSegment = (vod.segments.length > 1) - if (moreThanOneSegment) { - throw new Error(`remux_video was given vod=${vod_id} which has more than one segment. This is unsupported. (use combine_video_segments Task to combine multiple videos)`); - } - - const tmpFilePath = getTmpFile(segmentFileName) - const s3ClientConfig: S3ClientConfig = { - credentials: { - accessKeyId: configs.s3AccessKeyId, - secretAccessKey: configs.s3SecretAccessKey, - }, - endpoint: configs.s3Endpoint, - region: configs.s3Region, - } - const client = new S3Client(s3ClientConfig) - await downloadFile(client, configs.s3UscBucket, segmentFileName) - - helpers.logger.info('Remuxing the video') - const outputVideoPath = getTmpFile(`${basename(segmentFileName, '.ts')}.mp4`) - await remux(tmpFilePath, outputVideoPath) - - helpers.logger.info('Uploading the remuxed video') - const uploadArgs: S3FileArgs = { - filePath: outputVideoPath, - s3AccessKeyId: configs.s3AccessKeyId, - s3SecretAccessKey: configs.s3SecretAccessKey, - s3BucketName: configs.s3MainBucket, - s3Endpoint: configs.s3Region, - s3Region: configs.s3Region - } - const upload = await uploadFile(uploadArgs) - - helpers.logger.info('Patching the vod in the database') - await patchVodInDatabase(vod_id, { s3_file: upload?.Key }) - -} - - - -export default remux_video; diff --git a/services/factory/src/tasks/synchronize_patrons_list.ts b/services/factory/src/tasks/synchronize_patrons_list.ts deleted file mode 100644 index a6f6ee2..0000000 --- a/services/factory/src/tasks/synchronize_patrons_list.ts +++ /dev/null @@ -1,140 +0,0 @@ -import type { Task, Helpers } from "graphile-worker"; -import { configs } from '../config.ts' -import { formatPatronUsername } from "@futureporn/utils/patron.ts"; -import { PublicPatron } from "@futureporn/utils/patron.ts"; - - - -// async function fetchAllPages(url: string, headers: HeadersInit = {}): Promise { -// const responses: Patreon.APIResponse[] = []; -// let cursor: string | null = null; - -// do { -// const fetchUrl = cursor ? `${url}&page[cursor]=${cursor}` : url; -// const response = await fetch(fetchUrl, { headers }); -// const jsonResponse: Patreon.APIResponse = await response.json(); - -// responses.push(jsonResponse); -// cursor = jsonResponse.meta?.pagination?.cursors?.next || null; -// } while (cursor); - -// return responses; -// } - - -/** - * getOptInPatrons - * - * Get a list of users who have the 'patron' role and have opted-in to having their username displayed on the site - * - * @see https://app.swaggerhub.com/apis/supertokens/CDI/5.1.1#/User%20Roles%20Recipe/getRoleUsers - * - * @todo this rapid-fires 600+ fetch() requests to supertokens. Do we need to throttle this? - */ -async function getPublicPatrons(): Promise { - const allPatrons = await getPatronIds() - let publicPatrons = [] - for (const patronId of allPatrons) { - const res = await fetch(`${configs.supertokensUrl}/recipe/user/metadata?userId=${patronId}`, { - method: 'GET', - headers: { - 'rid': 'usermetadata', - 'Authorization': configs.supertokensApiKey, - 'cdi-version': '5.1', - } - }) - if (!res.ok) { - throw new Error(`failed to fetch usermetadata from supertokens. res.status=${res.status}, res.statusText=${res.statusText}`) - } - const data = await res.json() - const metadata = data.metadata - const isUsernamePublic = metadata?.isUsernamePublic - if (isUsernamePublic) { - const patron: PublicPatron = { - full_name: formatPatronUsername(metadata.first_name, metadata.last_name), - id: patronId, - link: metadata?.vanityLink - } - publicPatrons.push(patron) - } - } - return publicPatrons -} - - -/** - * getPatronIds - * - * get the UUIDs of all patrons - */ -async function getPatronIds(): Promise { - const res = await fetch(`${configs.supertokensUrl}/recipe/role/users?role=patron`, { - method: 'GET', - headers: { - 'rid': 'userroles', - 'Authorization': configs.supertokensApiKey, - 'cdi-version': '5.1' - } - }) - if (!res.ok) { - throw new Error(`failed to getPublicPatrons() with res.status=${res.status} res.statusText=${res.statusText}`) - } - const data = await res.json() - const patrons = data?.users - return patrons -} - - - - -const updatePatronsTable = async function (patronsList: PublicPatron[]): Promise { - console.log(`Syncronizing ${patronsList.length} patron name to the public db`) - // console.log(patronsList) - const res = await fetch(`${configs.postgrestUrl}/patrons`, { - method: 'POST', - headers: { - 'Authorization': `Bearer ${configs.automationUserJwt}`, - 'Prefer': 'resolution=merge-duplicates,return=representation', - 'Content-Type': 'application/json', - }, - body: JSON.stringify(patronsList) - }) - if (!res.ok) { - const body = await res.text() - throw new Error(`failed to update patrons. res.status=${res.status} res.statusText=${res.statusText} body=${body}`); - } -} - -const deleteExpiredPatrons = async function (activePatronIds: string[]): Promise { - const res = await fetch(`${configs.postgrestUrl}/patrons?id=not.in.(${activePatronIds.join(',')})`, { - method: 'DELETE', - headers: { - 'Authorization': `Bearer ${configs.automationUserJwt}`, - 'Prefer': 'return=representation', - } - }); - - if (!res.ok) { - const body = await res.text(); - throw new Error(`Failed to delete expired patrons. res.status=${res.status} res.statusText=${res.statusText} body=${body}`); - } -}; - - -const synchronize_patrons_list: Task = async function (payload: unknown, helpers: Helpers) { - try { - - const patrons = await getPublicPatrons() - await updatePatronsTable(patrons) - await deleteExpiredPatrons(patrons.map((p) => p.id)) - - } catch (e) { - helpers.logger.error('failed to synchronize_patrons_list') - helpers.logger.error(JSON.stringify(e)) - - throw e - } -} - - -export default synchronize_patrons_list; \ No newline at end of file diff --git a/services/factory/src/utils/importDirectory.ts b/services/factory/src/utils/importDirectory.ts deleted file mode 100644 index a6dc622..0000000 --- a/services/factory/src/utils/importDirectory.ts +++ /dev/null @@ -1,22 +0,0 @@ -// @see https://github.com/discordeno/discordeno/blob/main/examples/advanced/src/utils/loader.ts - -import { readdir } from 'node:fs/promises' -import { join } from 'node:path' - -export async function importDirectory(folder: string): Promise { - const files = await readdir(folder, { recursive: true }) - - // bot.logger.info(files) - for (const filename of files) { - if (!filename.endsWith('.js') && !filename.endsWith('.ts')) continue - console.log(`loading ${filename}`) - - // Using `file://` and `process.cwd()` to avoid weird issues with relative paths and/or Windows - // await import(`file://${process.cwd()}/${folder}/${filename}`).catch((x) => - await import(join(folder, filename)).catch((x) => - // console.error(x) - console.error(`cannot import ${filename} for reason: ${x}`) - // logger.fatal(`Cannot import file (${folder}/${filename}) for reason: ${x}`), - ) - } -} \ No newline at end of file diff --git a/services/factory/tsconfig.json b/services/factory/tsconfig.json deleted file mode 100644 index 3bd8fd4..0000000 --- a/services/factory/tsconfig.json +++ /dev/null @@ -1,33 +0,0 @@ -{ - "compilerOptions": { - // Base Options recommended for all projects - "allowImportingTsExtensions": true, - "noEmit": true, // tsup does the emissions - "esModuleInterop": true, - "skipLibCheck": true, - "target": "ESNext", - "allowJs": true, - "moduleResolution": "Bundler", - "resolveJsonModule": true, - "moduleDetection": "force", - "isolatedModules": true, - // Enable strict type checking so you can catch bugs early - "strict": true, - "noUncheckedIndexedAccess": true, - "noImplicitOverride": true, - // Transpile our TypeScript code to JavaScript - "module": "ESNext", - "outDir": "dist", - "lib": [ - "ESNext", - "dom" - ] - }, - // Include the necessary files for your project - "include": [ - "src/**/*.ts" - ], - "exclude": [ - "node_modules" - ] -} \ No newline at end of file diff --git a/services/mailbox/README.md b/services/mailbox/README.md deleted file mode 100644 index 6d42cb0..0000000 --- a/services/mailbox/README.md +++ /dev/null @@ -1,17 +0,0 @@ -# @futureporn/mailbox - -A daemon which connects to an IMAP e-mail account and listens for new e-mails. - -When an e-mail is received, the daemon checks to see if the e-mail is from chaturbate or fansly. - -If the e-mail is from one of the aforementioned platforms, the e-mail is parsed. - -If the e-mail is a going live notification for a streamer on said platforms, the daemon creates or updates records in Strapi. - -Creates or updates the following record types in Strapi. - -* Platform Notification -* VTuber -* Stream - -With this data, we have a log of all the lewdtuber streams that have occured. \ No newline at end of file diff --git a/services/mailbox/package.json b/services/mailbox/package.json deleted file mode 100644 index c1f0d70..0000000 --- a/services/mailbox/package.json +++ /dev/null @@ -1,43 +0,0 @@ -{ - "name": "@futureporn/mailbox", - "type": "module", - "version": "1.0.0", - "description": "", - "scripts": { - "superclean": "rm -rf node_modules && rm -rf pnpm-lock.yaml && rm -rf dist", - "start": "node dist/index.cjs", - "test": "echo \"Error: no test specified\" && exit 1", - "dev": "tsx ", - "build": "tsup" - }, - "keywords": [], - "author": "@CJ_Clippy", - "license": "Unlicense", - "devDependencies": { - "@esbuild-plugins/esm-externals": "^0.1.2", - "@futureporn/scout": "workspace:^", - "@futureporn/storage": "workspace:^", - "@futureporn/types": "workspace:^", - "@futureporn/utils": "workspace:^", - "@types/chai": "^4.3.19", - "@types/imapflow": "^1.0.19", - "@types/mailparser": "^3.4.4", - "@types/mocha": "^10.0.7", - "chai": "^5.1.1", - "mocha": "^10.7.3", - "tsup": "^8.2.4", - "typescript": "^5.5.4" - }, - "dependencies": { - "@types/node": "^22.5.2", - "@types/qs": "^6.9.15", - "cheerio": "1.0.0", - "date-fns": "^3.6.0", - "dotenv": "^16.4.5", - "fastify": "^4.28.1", - "graphile-worker": "^0.16.6", - "imapflow": "^1.0.164", - "mailparser": "^3.7.1", - "qs": "^6.13.0" - } -} diff --git a/services/mailbox/pnpm-lock.yaml b/services/mailbox/pnpm-lock.yaml deleted file mode 100644 index 4475893..0000000 --- a/services/mailbox/pnpm-lock.yaml +++ /dev/null @@ -1,3207 +0,0 @@ -lockfileVersion: '9.0' - -settings: - autoInstallPeers: true - excludeLinksFromLockfile: false - -importers: - - .: - dependencies: - '@types/node': - specifier: ^22.5.2 - version: 22.5.2 - '@types/qs': - specifier: ^6.9.15 - version: 6.9.15 - cheerio: - specifier: 1.0.0 - version: 1.0.0 - date-fns: - specifier: ^3.6.0 - version: 3.6.0 - dotenv: - specifier: ^16.4.5 - version: 16.4.5 - fastify: - specifier: ^4.28.1 - version: 4.28.1 - graphile-worker: - specifier: ^0.16.6 - version: 0.16.6(typescript@5.5.4) - imapflow: - specifier: ^1.0.164 - version: 1.0.164 - mailparser: - specifier: ^3.7.1 - version: 3.7.1 - qs: - specifier: ^6.13.0 - version: 6.13.0 - devDependencies: - '@esbuild-plugins/esm-externals': - specifier: ^0.1.2 - version: 0.1.2(esbuild@0.23.1) - '@futureporn/scout': - specifier: workspace:^ - version: link:../scout - '@futureporn/storage': - specifier: workspace:^ - version: link:../../packages/storage - '@futureporn/types': - specifier: workspace:^ - version: link:../../packages/types - '@futureporn/utils': - specifier: workspace:^ - version: link:../../packages/utils - '@types/chai': - specifier: ^4.3.19 - version: 4.3.19 - '@types/imapflow': - specifier: ^1.0.19 - version: 1.0.19 - '@types/mailparser': - specifier: ^3.4.4 - version: 3.4.4 - '@types/mocha': - specifier: ^10.0.7 - version: 10.0.7 - chai: - specifier: ^5.1.1 - version: 5.1.1 - mocha: - specifier: ^10.7.3 - version: 10.7.3 - tsup: - specifier: ^8.2.4 - version: 8.2.4(typescript@5.5.4) - typescript: - specifier: ^5.5.4 - version: 5.5.4 - -packages: - - '@babel/code-frame@7.24.7': - resolution: {integrity: sha512-BcYH1CVJBO9tvyIZ2jVeXgSIMvGZ2FDRvDdOIVQyuklNKSsx+eppDEBq/g47Ayw+RqNFE+URvOShmf+f/qwAlA==} - engines: {node: '>=6.9.0'} - - '@babel/helper-validator-identifier@7.24.7': - resolution: {integrity: sha512-rR+PBcQ1SMQDDyF6X0wxtG8QyLCgUB0eRAGguqRLfkCA87l7yAP7ehq8SNj96OOGTO8OBV70KhuFYcIkHXOg0w==} - engines: {node: '>=6.9.0'} - - '@babel/highlight@7.24.7': - resolution: {integrity: sha512-EStJpq4OuY8xYfhGVXngigBJRWxftKX9ksiGDnmlY3o7B/V7KIAc9X4oiK87uPJSc/vs5L869bem5fhZa8caZw==} - engines: {node: '>=6.9.0'} - - '@esbuild-plugins/esm-externals@0.1.2': - resolution: {integrity: sha512-Ij/xQYmzHE5yu6N2s/OFAVOtQUrS4Edpjg4hwBnN+aiQ4SryOEv7Gyr1t++PxniOFHGcvGAOORNooQ+nswzmuQ==} - peerDependencies: - esbuild: '*' - - '@esbuild/aix-ppc64@0.23.1': - resolution: {integrity: sha512-6VhYk1diRqrhBAqpJEdjASR/+WVRtfjpqKuNw11cLiaWpAT/Uu+nokB+UJnevzy/P9C/ty6AOe0dwueMrGh/iQ==} - engines: {node: '>=18'} - cpu: [ppc64] - os: [aix] - - '@esbuild/android-arm64@0.23.1': - resolution: {integrity: sha512-xw50ipykXcLstLeWH7WRdQuysJqejuAGPd30vd1i5zSyKK3WE+ijzHmLKxdiCMtH1pHz78rOg0BKSYOSB/2Khw==} - engines: {node: '>=18'} - cpu: [arm64] - os: [android] - - '@esbuild/android-arm@0.23.1': - resolution: {integrity: sha512-uz6/tEy2IFm9RYOyvKl88zdzZfwEfKZmnX9Cj1BHjeSGNuGLuMD1kR8y5bteYmwqKm1tj8m4cb/aKEorr6fHWQ==} - engines: {node: '>=18'} - cpu: [arm] - os: [android] - - '@esbuild/android-x64@0.23.1': - resolution: {integrity: sha512-nlN9B69St9BwUoB+jkyU090bru8L0NA3yFvAd7k8dNsVH8bi9a8cUAUSEcEEgTp2z3dbEDGJGfP6VUnkQnlReg==} - engines: {node: '>=18'} - cpu: [x64] - os: [android] - - '@esbuild/darwin-arm64@0.23.1': - resolution: {integrity: sha512-YsS2e3Wtgnw7Wq53XXBLcV6JhRsEq8hkfg91ESVadIrzr9wO6jJDMZnCQbHm1Guc5t/CdDiFSSfWP58FNuvT3Q==} - engines: {node: '>=18'} - cpu: [arm64] - os: [darwin] - - '@esbuild/darwin-x64@0.23.1': - resolution: {integrity: sha512-aClqdgTDVPSEGgoCS8QDG37Gu8yc9lTHNAQlsztQ6ENetKEO//b8y31MMu2ZaPbn4kVsIABzVLXYLhCGekGDqw==} - engines: {node: '>=18'} - cpu: [x64] - os: [darwin] - - '@esbuild/freebsd-arm64@0.23.1': - resolution: {integrity: sha512-h1k6yS8/pN/NHlMl5+v4XPfikhJulk4G+tKGFIOwURBSFzE8bixw1ebjluLOjfwtLqY0kewfjLSrO6tN2MgIhA==} - engines: {node: '>=18'} - cpu: [arm64] - os: [freebsd] - - '@esbuild/freebsd-x64@0.23.1': - resolution: {integrity: sha512-lK1eJeyk1ZX8UklqFd/3A60UuZ/6UVfGT2LuGo3Wp4/z7eRTRYY+0xOu2kpClP+vMTi9wKOfXi2vjUpO1Ro76g==} - engines: {node: '>=18'} - cpu: [x64] - os: [freebsd] - - '@esbuild/linux-arm64@0.23.1': - resolution: {integrity: sha512-/93bf2yxencYDnItMYV/v116zff6UyTjo4EtEQjUBeGiVpMmffDNUyD9UN2zV+V3LRV3/on4xdZ26NKzn6754g==} - engines: {node: '>=18'} - cpu: [arm64] - os: [linux] - - '@esbuild/linux-arm@0.23.1': - resolution: {integrity: sha512-CXXkzgn+dXAPs3WBwE+Kvnrf4WECwBdfjfeYHpMeVxWE0EceB6vhWGShs6wi0IYEqMSIzdOF1XjQ/Mkm5d7ZdQ==} - engines: {node: '>=18'} - cpu: [arm] - os: [linux] - - '@esbuild/linux-ia32@0.23.1': - resolution: {integrity: sha512-VTN4EuOHwXEkXzX5nTvVY4s7E/Krz7COC8xkftbbKRYAl96vPiUssGkeMELQMOnLOJ8k3BY1+ZY52tttZnHcXQ==} - engines: {node: '>=18'} - cpu: [ia32] - os: [linux] - - '@esbuild/linux-loong64@0.23.1': - resolution: {integrity: sha512-Vx09LzEoBa5zDnieH8LSMRToj7ir/Jeq0Gu6qJ/1GcBq9GkfoEAoXvLiW1U9J1qE/Y/Oyaq33w5p2ZWrNNHNEw==} - engines: {node: '>=18'} - cpu: [loong64] - os: [linux] - - '@esbuild/linux-mips64el@0.23.1': - resolution: {integrity: sha512-nrFzzMQ7W4WRLNUOU5dlWAqa6yVeI0P78WKGUo7lg2HShq/yx+UYkeNSE0SSfSure0SqgnsxPvmAUu/vu0E+3Q==} - engines: {node: '>=18'} - cpu: [mips64el] - os: [linux] - - '@esbuild/linux-ppc64@0.23.1': - resolution: {integrity: sha512-dKN8fgVqd0vUIjxuJI6P/9SSSe/mB9rvA98CSH2sJnlZ/OCZWO1DJvxj8jvKTfYUdGfcq2dDxoKaC6bHuTlgcw==} - engines: {node: '>=18'} - cpu: [ppc64] - os: [linux] - - '@esbuild/linux-riscv64@0.23.1': - resolution: {integrity: sha512-5AV4Pzp80fhHL83JM6LoA6pTQVWgB1HovMBsLQ9OZWLDqVY8MVobBXNSmAJi//Csh6tcY7e7Lny2Hg1tElMjIA==} - engines: {node: '>=18'} - cpu: [riscv64] - os: [linux] - - '@esbuild/linux-s390x@0.23.1': - resolution: {integrity: sha512-9ygs73tuFCe6f6m/Tb+9LtYxWR4c9yg7zjt2cYkjDbDpV/xVn+68cQxMXCjUpYwEkze2RcU/rMnfIXNRFmSoDw==} - engines: {node: '>=18'} - cpu: [s390x] - os: [linux] - - '@esbuild/linux-x64@0.23.1': - resolution: {integrity: sha512-EV6+ovTsEXCPAp58g2dD68LxoP/wK5pRvgy0J/HxPGB009omFPv3Yet0HiaqvrIrgPTBuC6wCH1LTOY91EO5hQ==} - engines: {node: '>=18'} - cpu: [x64] - os: [linux] - - '@esbuild/netbsd-x64@0.23.1': - resolution: {integrity: sha512-aevEkCNu7KlPRpYLjwmdcuNz6bDFiE7Z8XC4CPqExjTvrHugh28QzUXVOZtiYghciKUacNktqxdpymplil1beA==} - engines: {node: '>=18'} - cpu: [x64] - os: [netbsd] - - '@esbuild/openbsd-arm64@0.23.1': - resolution: {integrity: sha512-3x37szhLexNA4bXhLrCC/LImN/YtWis6WXr1VESlfVtVeoFJBRINPJ3f0a/6LV8zpikqoUg4hyXw0sFBt5Cr+Q==} - engines: {node: '>=18'} - cpu: [arm64] - os: [openbsd] - - '@esbuild/openbsd-x64@0.23.1': - resolution: {integrity: sha512-aY2gMmKmPhxfU+0EdnN+XNtGbjfQgwZj43k8G3fyrDM/UdZww6xrWxmDkuz2eCZchqVeABjV5BpildOrUbBTqA==} - engines: {node: '>=18'} - cpu: [x64] - os: [openbsd] - - '@esbuild/sunos-x64@0.23.1': - resolution: {integrity: sha512-RBRT2gqEl0IKQABT4XTj78tpk9v7ehp+mazn2HbUeZl1YMdaGAQqhapjGTCe7uw7y0frDi4gS0uHzhvpFuI1sA==} - engines: {node: '>=18'} - cpu: [x64] - os: [sunos] - - '@esbuild/win32-arm64@0.23.1': - resolution: {integrity: sha512-4O+gPR5rEBe2FpKOVyiJ7wNDPA8nGzDuJ6gN4okSA1gEOYZ67N8JPk58tkWtdtPeLz7lBnY6I5L3jdsr3S+A6A==} - engines: {node: '>=18'} - cpu: [arm64] - os: [win32] - - '@esbuild/win32-ia32@0.23.1': - resolution: {integrity: sha512-BcaL0Vn6QwCwre3Y717nVHZbAa4UBEigzFm6VdsVdT/MbZ38xoj1X9HPkZhbmaBGUD1W8vxAfffbDe8bA6AKnQ==} - engines: {node: '>=18'} - cpu: [ia32] - os: [win32] - - '@esbuild/win32-x64@0.23.1': - resolution: {integrity: sha512-BHpFFeslkWrXWyUPnbKm+xYYVYruCinGcftSBaa8zoF9hZO4BcSCFUvHVTtzpIY6YzUnYtuEhZ+C9iEXjxnasg==} - engines: {node: '>=18'} - cpu: [x64] - os: [win32] - - '@fastify/ajv-compiler@3.6.0': - resolution: {integrity: sha512-LwdXQJjmMD+GwLOkP7TVC68qa+pSSogeWWmznRJ/coyTcfe9qA05AHFSe1eZFwK6q+xVRpChnvFUkf1iYaSZsQ==} - - '@fastify/error@3.4.1': - resolution: {integrity: sha512-wWSvph+29GR783IhmvdwWnN4bUxTD01Vm5Xad4i7i1VuAOItLvbPAb69sb0IQ2N57yprvhNIwAP5B6xfKTmjmQ==} - - '@fastify/fast-json-stringify-compiler@4.3.0': - resolution: {integrity: sha512-aZAXGYo6m22Fk1zZzEUKBvut/CIIQe/BapEORnxiD5Qr0kPHqqI69NtEMCme74h+at72sPhbkb4ZrLd1W3KRLA==} - - '@fastify/merge-json-schemas@0.1.1': - resolution: {integrity: sha512-fERDVz7topgNjtXsJTTW1JKLy0rhuLRcquYqNR9rF7OcVpCa2OVW49ZPDIhaRRCaUuvVxI+N416xUoF76HNSXA==} - - '@graphile/logger@0.2.0': - resolution: {integrity: sha512-jjcWBokl9eb1gVJ85QmoaQ73CQ52xAaOCF29ukRbYNl6lY+ts0ErTaDYOBlejcbUs2OpaiqYLO5uDhyLFzWw4w==} - - '@isaacs/cliui@8.0.2': - resolution: {integrity: sha512-O8jcjabXaleOG9DQ0+ARXWZBTfnP4WNAqzuiJK7ll44AmxGKv/J2M4TPjxjY3znBCfvBXFzucm1twdyFybFqEA==} - engines: {node: '>=12'} - - '@jridgewell/gen-mapping@0.3.5': - resolution: {integrity: sha512-IzL8ZoEDIBRWEzlCcRhOaCupYyN5gdIK+Q6fbFdPDg6HqX6jpkItn7DFIpW9LQzXG6Df9sA7+OKnq0qlz/GaQg==} - engines: {node: '>=6.0.0'} - - '@jridgewell/resolve-uri@3.1.2': - resolution: {integrity: sha512-bRISgCIjP20/tbWSPWMEi54QVPRZExkuD9lJL+UIxUKtwVJA8wW1Trb1jMs1RFXo1CBTNZ/5hpC9QvmKWdopKw==} - engines: {node: '>=6.0.0'} - - '@jridgewell/set-array@1.2.1': - resolution: {integrity: sha512-R8gLRTZeyp03ymzP/6Lil/28tGeGEzhx1q2k703KGWRAI1VdvPIXdG70VJc2pAMw3NA6JKL5hhFu1sJX0Mnn/A==} - engines: {node: '>=6.0.0'} - - '@jridgewell/sourcemap-codec@1.5.0': - resolution: {integrity: sha512-gv3ZRaISU3fjPAgNsriBRqGWQL6quFx04YMPW/zD8XMLsU32mhCCbfbO6KZFLjvYpCZ8zyDEgqsgf+PwPaM7GQ==} - - '@jridgewell/trace-mapping@0.3.25': - resolution: {integrity: sha512-vNk6aEwybGtawWmy/PzwnGDOjCkLWSD2wqvjGGAgOAwCGWySYXfYoxt00IJkTF+8Lb57DwOb3Aa0o9CApepiYQ==} - - '@nodelib/fs.scandir@2.1.5': - resolution: {integrity: sha512-vq24Bq3ym5HEQm2NKCr3yXDwjc7vTsEThRDnkp2DK9p1uqLR+DHurm/NOTo0KG7HYHU7eppKZj3MyqYuMBf62g==} - engines: {node: '>= 8'} - - '@nodelib/fs.stat@2.0.5': - resolution: {integrity: sha512-RkhPPp2zrqDAQA/2jNhnztcPAlv64XdhIp7a7454A5ovI7Bukxgt7MX7udwAu3zg1DcpPU0rz3VV1SeaqvY4+A==} - engines: {node: '>= 8'} - - '@nodelib/fs.walk@1.2.8': - resolution: {integrity: sha512-oGB+UxlgWcgQkgwo8GcEGwemoTFt3FIO9ababBmaGwXIoBKZ+GTy0pP185beGg7Llih/NSHSV2XAs1lnznocSg==} - engines: {node: '>= 8'} - - '@pkgjs/parseargs@0.11.0': - resolution: {integrity: sha512-+1VkjdD0QBLPodGrJUeqarH8VAIvQODIbwh9XpP5Syisf7YoQgsJKPNFoqqLQlu+VQ/tVSshMR6loPMn8U+dPg==} - engines: {node: '>=14'} - - '@rollup/rollup-android-arm-eabi@4.21.2': - resolution: {integrity: sha512-fSuPrt0ZO8uXeS+xP3b+yYTCBUd05MoSp2N/MFOgjhhUhMmchXlpTQrTpI8T+YAwAQuK7MafsCOxW7VrPMrJcg==} - cpu: [arm] - os: [android] - - '@rollup/rollup-android-arm64@4.21.2': - resolution: {integrity: sha512-xGU5ZQmPlsjQS6tzTTGwMsnKUtu0WVbl0hYpTPauvbRAnmIvpInhJtgjj3mcuJpEiuUw4v1s4BimkdfDWlh7gA==} - cpu: [arm64] - os: [android] - - '@rollup/rollup-darwin-arm64@4.21.2': - resolution: {integrity: sha512-99AhQ3/ZMxU7jw34Sq8brzXqWH/bMnf7ZVhvLk9QU2cOepbQSVTns6qoErJmSiAvU3InRqC2RRZ5ovh1KN0d0Q==} - cpu: [arm64] - os: [darwin] - - '@rollup/rollup-darwin-x64@4.21.2': - resolution: {integrity: sha512-ZbRaUvw2iN/y37x6dY50D8m2BnDbBjlnMPotDi/qITMJ4sIxNY33HArjikDyakhSv0+ybdUxhWxE6kTI4oX26w==} - cpu: [x64] - os: [darwin] - - '@rollup/rollup-linux-arm-gnueabihf@4.21.2': - resolution: {integrity: sha512-ztRJJMiE8nnU1YFcdbd9BcH6bGWG1z+jP+IPW2oDUAPxPjo9dverIOyXz76m6IPA6udEL12reYeLojzW2cYL7w==} - cpu: [arm] - os: [linux] - - '@rollup/rollup-linux-arm-musleabihf@4.21.2': - resolution: {integrity: sha512-flOcGHDZajGKYpLV0JNc0VFH361M7rnV1ee+NTeC/BQQ1/0pllYcFmxpagltANYt8FYf9+kL6RSk80Ziwyhr7w==} - cpu: [arm] - os: [linux] - - '@rollup/rollup-linux-arm64-gnu@4.21.2': - resolution: {integrity: sha512-69CF19Kp3TdMopyteO/LJbWufOzqqXzkrv4L2sP8kfMaAQ6iwky7NoXTp7bD6/irKgknDKM0P9E/1l5XxVQAhw==} - cpu: [arm64] - os: [linux] - - '@rollup/rollup-linux-arm64-musl@4.21.2': - resolution: {integrity: sha512-48pD/fJkTiHAZTnZwR0VzHrao70/4MlzJrq0ZsILjLW/Ab/1XlVUStYyGt7tdyIiVSlGZbnliqmult/QGA2O2w==} - cpu: [arm64] - os: [linux] - - '@rollup/rollup-linux-powerpc64le-gnu@4.21.2': - resolution: {integrity: sha512-cZdyuInj0ofc7mAQpKcPR2a2iu4YM4FQfuUzCVA2u4HI95lCwzjoPtdWjdpDKyHxI0UO82bLDoOaLfpZ/wviyQ==} - cpu: [ppc64] - os: [linux] - - '@rollup/rollup-linux-riscv64-gnu@4.21.2': - resolution: {integrity: sha512-RL56JMT6NwQ0lXIQmMIWr1SW28z4E4pOhRRNqwWZeXpRlykRIlEpSWdsgNWJbYBEWD84eocjSGDu/XxbYeCmwg==} - cpu: [riscv64] - os: [linux] - - '@rollup/rollup-linux-s390x-gnu@4.21.2': - resolution: {integrity: sha512-PMxkrWS9z38bCr3rWvDFVGD6sFeZJw4iQlhrup7ReGmfn7Oukrr/zweLhYX6v2/8J6Cep9IEA/SmjXjCmSbrMQ==} - cpu: [s390x] - os: [linux] - - '@rollup/rollup-linux-x64-gnu@4.21.2': - resolution: {integrity: sha512-B90tYAUoLhU22olrafY3JQCFLnT3NglazdwkHyxNDYF/zAxJt5fJUB/yBoWFoIQ7SQj+KLe3iL4BhOMa9fzgpw==} - cpu: [x64] - os: [linux] - - '@rollup/rollup-linux-x64-musl@4.21.2': - resolution: {integrity: sha512-7twFizNXudESmC9oneLGIUmoHiiLppz/Xs5uJQ4ShvE6234K0VB1/aJYU3f/4g7PhssLGKBVCC37uRkkOi8wjg==} - cpu: [x64] - os: [linux] - - '@rollup/rollup-win32-arm64-msvc@4.21.2': - resolution: {integrity: sha512-9rRero0E7qTeYf6+rFh3AErTNU1VCQg2mn7CQcI44vNUWM9Ze7MSRS/9RFuSsox+vstRt97+x3sOhEey024FRQ==} - cpu: [arm64] - os: [win32] - - '@rollup/rollup-win32-ia32-msvc@4.21.2': - resolution: {integrity: sha512-5rA4vjlqgrpbFVVHX3qkrCo/fZTj1q0Xxpg+Z7yIo3J2AilW7t2+n6Q8Jrx+4MrYpAnjttTYF8rr7bP46BPzRw==} - cpu: [ia32] - os: [win32] - - '@rollup/rollup-win32-x64-msvc@4.21.2': - resolution: {integrity: sha512-6UUxd0+SKomjdzuAcp+HAmxw1FlGBnl1v2yEPSabtx4lBfdXHDVsW7+lQkgz9cNFJGY3AWR7+V8P5BqkD9L9nA==} - cpu: [x64] - os: [win32] - - '@selderee/plugin-htmlparser2@0.11.0': - resolution: {integrity: sha512-P33hHGdldxGabLFjPPpaTxVolMrzrcegejx+0GxjrIb9Zv48D8yAIA/QTDR2dFl7Uz7urX8aX6+5bCZslr+gWQ==} - - '@types/chai@4.3.19': - resolution: {integrity: sha512-2hHHvQBVE2FiSK4eN0Br6snX9MtolHaTo/batnLjlGRhoQzlCL61iVpxoqO7SfFyOw+P/pwv+0zNHzKoGWz9Cw==} - - '@types/debug@4.1.12': - resolution: {integrity: sha512-vIChWdVG3LG1SMxEvI/AK+FWJthlrqlTu7fbrlywTkkaONwk/UAGaULXRlf8vkzFBLVm0zkMdCquhL5aOjhXPQ==} - - '@types/estree@1.0.5': - resolution: {integrity: sha512-/kYRxGDLWzHOB7q+wtSUQlFrtcdUccpfy+X+9iMBpHK8QLLhx2wIPYuS5DYtR9Wa/YlZAbIovy7qVdB1Aq6Lyw==} - - '@types/imapflow@1.0.19': - resolution: {integrity: sha512-U48VZXe4XYhS3AFNI+4ougW8OXI4VaKjyF0nGXgVzIN8SPs9lh2LPNRM0HmIM+hUTw60l7MHgbQO8hsf+Q4U5w==} - - '@types/interpret@1.1.3': - resolution: {integrity: sha512-uBaBhj/BhilG58r64mtDb/BEdH51HIQLgP5bmWzc5qCtFMja8dCk/IOJmk36j0lbi9QHwI6sbtUNGuqXdKCAtQ==} - - '@types/mailparser@3.4.4': - resolution: {integrity: sha512-C6Znp2QVS25JqtuPyxj38Qh+QoFcLycdxsvcc6IZCGekhaMBzbdTXzwGzhGoYb3TfKu8IRCNV0sV1o3Od97cEQ==} - - '@types/mocha@10.0.7': - resolution: {integrity: sha512-GN8yJ1mNTcFcah/wKEFIJckJx9iJLoMSzWcfRRuxz/Jk+U6KQNnml+etbtxFK8lPjzOw3zp4Ha/kjSst9fsHYw==} - - '@types/ms@0.7.34': - resolution: {integrity: sha512-nG96G3Wp6acyAgJqGasjODb+acrI7KltPiRxzHPXnP3NgI28bpQDRv53olbqGXbfcgF5aiiHmO3xpwEpS5Ld9g==} - - '@types/node@20.16.3': - resolution: {integrity: sha512-/wdGiWRkMOm53gAsSyFMXFZHbVg7C6CbkrzHNpaHoYfsUWPg7m6ZRKtvQjgvQ9i8WT540a3ydRlRQbxjY30XxQ==} - - '@types/node@22.5.2': - resolution: {integrity: sha512-acJsPTEqYqulZS/Yp/S3GgeE6GZ0qYODUR8aVr/DkhHQ8l9nd4j5x1/ZJy9/gHrRlFMqkO6i0I3E27Alu4jjPg==} - - '@types/pg@8.11.8': - resolution: {integrity: sha512-IqpCf8/569txXN/HoP5i1LjXfKZWL76Yr2R77xgeIICUbAYHeoaEZFhYHo2uDftecLWrTJUq63JvQu8q3lnDyA==} - - '@types/qs@6.9.15': - resolution: {integrity: sha512-uXHQKES6DQKKCLh441Xv/dwxOq1TVS3JPUMlEqoEglvlhR6Mxnlew/Xq/LRVHpLyk7iK3zODe1qYHIMltO7XGg==} - - '@types/semver@7.5.8': - resolution: {integrity: sha512-I8EUhyrgfLrcTkzV3TSsGyl1tSuPrEDzr0yd5m90UgNxQkyDXULk3b6MlQqTCpZpNtWe1K0hzclnZkTcLBe2UQ==} - - abort-controller@3.0.0: - resolution: {integrity: sha512-h8lQ8tacZYnR3vNQTgibj+tODHI5/+l06Au2Pcriv/Gmet0eaj4TwWH41sO9wnHDiQsEj19q0drzdWdeAHtweg==} - engines: {node: '>=6.5'} - - abstract-logging@2.0.1: - resolution: {integrity: sha512-2BjRTZxTPvheOvGbBslFSYOUkr+SjPtOnrLP33f+VIWLzezQpZcqVg7ja3L4dBXmzzgwT+a029jRx5PCi3JuiA==} - - ajv-formats@2.1.1: - resolution: {integrity: sha512-Wx0Kx52hxE7C18hkMEggYlEifqWZtYaRgouJor+WMdPnQyEK13vgEWyVNup7SoeeoLMsr4kf5h6dOW11I15MUA==} - peerDependencies: - ajv: ^8.0.0 - peerDependenciesMeta: - ajv: - optional: true - - ajv-formats@3.0.1: - resolution: {integrity: sha512-8iUql50EUR+uUcdRQ3HDqa6EVyo3docL8g5WJ3FNcWmu62IbkGUue/pEyLBW8VGKKucTPgqeks4fIU1DA4yowQ==} - peerDependencies: - ajv: ^8.0.0 - peerDependenciesMeta: - ajv: - optional: true - - ajv@8.17.1: - resolution: {integrity: sha512-B/gBuNg5SiMTrPkC+A2+cW0RszwxYmn6VYxB/inlBStS5nx6xHIt/ehKRhIMhqusl7a8LjQoZnjCs5vhwxOQ1g==} - - ansi-colors@4.1.3: - resolution: {integrity: sha512-/6w/C21Pm1A7aZitlI5Ni/2J6FFQN8i1Cvz3kHABAAbw93v/NlvKdVOqz7CCWz/3iv/JplRSEEZ83XION15ovw==} - engines: {node: '>=6'} - - ansi-regex@5.0.1: - resolution: {integrity: sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==} - engines: {node: '>=8'} - - ansi-regex@6.0.1: - resolution: {integrity: sha512-n5M855fKb2SsfMIiFFoVrABHJC8QtHwVx+mHWP3QcEqBHYienj5dHSgjbxtC0WEZXYt4wcD6zrQElDPhFuZgfA==} - engines: {node: '>=12'} - - ansi-styles@3.2.1: - resolution: {integrity: sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==} - engines: {node: '>=4'} - - ansi-styles@4.3.0: - resolution: {integrity: sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==} - engines: {node: '>=8'} - - ansi-styles@6.2.1: - resolution: {integrity: sha512-bN798gFfQX+viw3R7yrGWRqnrN2oRkEkUjjl4JNn4E8GxxbjtG3FbrEIIY3l8/hrwUwIeCZvi4QuOTP4MErVug==} - engines: {node: '>=12'} - - any-promise@1.3.0: - resolution: {integrity: sha512-7UvmKalWRt1wgjL1RrGxoSJW/0QZFIegpeGvZG9kjp8vrRu55XTHbwnqq2GpXm9uLbcuhxm3IqX9OB4MZR1b2A==} - - anymatch@3.1.3: - resolution: {integrity: sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw==} - engines: {node: '>= 8'} - - argparse@2.0.1: - resolution: {integrity: sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==} - - array-union@2.1.0: - resolution: {integrity: sha512-HGyxoOTYUyCM6stUe6EJgnd4EoewAI7zMdfqO+kGjnlZmBDz/cR5pf8r/cR4Wq60sL/p0IkcjUEEPwS3GFrIyw==} - engines: {node: '>=8'} - - assertion-error@2.0.1: - resolution: {integrity: sha512-Izi8RQcffqCeNVgFigKli1ssklIbpHnCYc6AknXGYoB6grJqyeby7jv12JUQgmTAnIDnbck1uxksT4dzN3PWBA==} - engines: {node: '>=12'} - - atomic-sleep@1.0.0: - resolution: {integrity: sha512-kNOjDqAh7px0XWNI+4QbzoiR/nTkHAWNud2uvnJquD1/x5a7EQZMJT0AczqK0Qn67oY/TTQ1LbUKajZpp3I9tQ==} - engines: {node: '>=8.0.0'} - - avvio@8.4.0: - resolution: {integrity: sha512-CDSwaxINFy59iNwhYnkvALBwZiTydGkOecZyPkqBpABYR1KqGEsET0VOOYDwtleZSUIdeY36DC2bSZ24CO1igA==} - - balanced-match@1.0.2: - resolution: {integrity: sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==} - - base64-js@1.5.1: - resolution: {integrity: sha512-AKpaYlHn8t4SVbOHCy+b5+KKgvR4vrsD8vbvrbiQJps7fKDTkjkDry6ji0rUJjC0kzbNePLwzxq8iypo41qeWA==} - - binary-extensions@2.3.0: - resolution: {integrity: sha512-Ceh+7ox5qe7LJuLHoY0feh3pHuUDHAcRUeyL2VYghZwfpkNIy/+8Ocg0a3UuSoYzavmylwuLWQOf3hl0jjMMIw==} - engines: {node: '>=8'} - - boolbase@1.0.0: - resolution: {integrity: sha512-JZOSA7Mo9sNGB8+UjSgzdLtokWAky1zbztM3WRLCbZ70/3cTANmQmOdR7y2g+J0e2WXywy1yS468tY+IruqEww==} - - brace-expansion@2.0.1: - resolution: {integrity: sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==} - - braces@3.0.3: - resolution: {integrity: sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==} - engines: {node: '>=8'} - - browser-stdout@1.3.1: - resolution: {integrity: sha512-qhAVI1+Av2X7qelOfAIYwXONood6XlZE/fXaBSmW/T5SzLAmCgzi+eiWE7fUvbHaeNBQH13UftjpXxsfLkMpgw==} - - buffer@6.0.3: - resolution: {integrity: sha512-FTiCpNxtwiZZHEZbcbTIcZjERVICn9yq/pDFkTl95/AxzD1naBctN7YO68riM/gLSDY7sdrMby8hofADYuuqOA==} - - bundle-require@5.0.0: - resolution: {integrity: sha512-GuziW3fSSmopcx4KRymQEJVbZUfqlCqcq7dvs6TYwKRZiegK/2buMxQTPs6MGlNv50wms1699qYO54R8XfRX4w==} - engines: {node: ^12.20.0 || ^14.13.1 || >=16.0.0} - peerDependencies: - esbuild: '>=0.18' - - cac@6.7.14: - resolution: {integrity: sha512-b6Ilus+c3RrdDk+JhLKUAQfzzgLEPy6wcXqS7f/xe1EETvsDP6GORG7SFuOs6cID5YkqchW/LXZbX5bc8j7ZcQ==} - engines: {node: '>=8'} - - call-bind@1.0.7: - resolution: {integrity: sha512-GHTSNSYICQ7scH7sZ+M2rFopRoLh8t2bLSW6BbgrtLsahOIB5iyAVJf9GjWK3cYTDaMj4XdBpM1cA6pIS0Kv2w==} - engines: {node: '>= 0.4'} - - callsites@3.1.0: - resolution: {integrity: sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==} - engines: {node: '>=6'} - - camelcase@6.3.0: - resolution: {integrity: sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==} - engines: {node: '>=10'} - - chai@5.1.1: - resolution: {integrity: sha512-pT1ZgP8rPNqUgieVaEY+ryQr6Q4HXNg8Ei9UnLUrjN4IA7dvQC5JB+/kxVcPNDHyBcc/26CXPkbNzq3qwrOEKA==} - engines: {node: '>=12'} - - chalk@2.4.2: - resolution: {integrity: sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==} - engines: {node: '>=4'} - - chalk@4.1.2: - resolution: {integrity: sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==} - engines: {node: '>=10'} - - check-error@2.1.1: - resolution: {integrity: sha512-OAlb+T7V4Op9OwdkjmguYRqncdlx5JiofwOAUkmTF+jNdHwzTaTs4sRAGpzLF3oOz5xAyDGrPgeIDFQmDOTiJw==} - engines: {node: '>= 16'} - - cheerio-select@2.1.0: - resolution: {integrity: sha512-9v9kG0LvzrlcungtnJtpGNxY+fzECQKhK4EGJX2vByejiMX84MFNQw4UxPJl3bFbTMw+Dfs37XaIkCwTZfLh4g==} - - cheerio@1.0.0: - resolution: {integrity: sha512-quS9HgjQpdaXOvsZz82Oz7uxtXiy6UIsIQcpBj7HRw2M63Skasm9qlDocAM7jNuaxdhpPU7c4kJN+gA5MCu4ww==} - engines: {node: '>=18.17'} - - chokidar@3.6.0: - resolution: {integrity: sha512-7VT13fmjotKpGipCW9JEQAusEPE+Ei8nl6/g4FBAmIm0GOOLMua9NDDo/DWp0ZAxCr3cPq5ZpBqmPAQgDda2Pw==} - engines: {node: '>= 8.10.0'} - - cliui@7.0.4: - resolution: {integrity: sha512-OcRE68cOsVMXp1Yvonl/fzkQOyjLSu/8bhPDfQt0e0/Eb283TKP20Fs2MqoPsr9SwA595rRCA+QMzYc9nBP+JQ==} - - cliui@8.0.1: - resolution: {integrity: sha512-BSeNnyus75C4//NQ9gQt1/csTXyo/8Sb+afLAkzAptFuMsod9HFokGNudZpi/oQV73hnVK+sR+5PVRMd+Dr7YQ==} - engines: {node: '>=12'} - - color-convert@1.9.3: - resolution: {integrity: sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==} - - color-convert@2.0.1: - resolution: {integrity: sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==} - engines: {node: '>=7.0.0'} - - color-name@1.1.3: - resolution: {integrity: sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==} - - color-name@1.1.4: - resolution: {integrity: sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==} - - commander@4.1.1: - resolution: {integrity: sha512-NOKm8xhkzAjzFx8B2v5OAHT+u5pRQc2UCa2Vq9jYL/31o2wi9mxBA7LIFs3sV5VSC49z6pEhfbMULvShKj26WA==} - engines: {node: '>= 6'} - - consola@3.2.3: - resolution: {integrity: sha512-I5qxpzLv+sJhTVEoLYNcTW+bThDCPsit0vLNKShZx6rLtpilNpmmeTPaeqJb9ZE9dV3DGaeby6Vuhrw38WjeyQ==} - engines: {node: ^14.18.0 || >=16.10.0} - - cookie@0.6.0: - resolution: {integrity: sha512-U71cyTamuh1CRNCfpGY6to28lxvNwPG4Guz/EVjgf3Jmzv0vlDp1atT9eS5dDjMYHucpHbWns6Lwf3BKz6svdw==} - engines: {node: '>= 0.6'} - - cosmiconfig@8.3.6: - resolution: {integrity: sha512-kcZ6+W5QzcJ3P1Mt+83OUv/oHFqZHIx8DuxG6eZ5RGMERoLqp4BuGjhHLYGK+Kf5XVkQvqBSmAy/nGWN3qDgEA==} - engines: {node: '>=14'} - peerDependencies: - typescript: '>=4.9.5' - peerDependenciesMeta: - typescript: - optional: true - - cross-spawn@7.0.3: - resolution: {integrity: sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==} - engines: {node: '>= 8'} - - css-select@5.1.0: - resolution: {integrity: sha512-nwoRF1rvRRnnCqqY7updORDsuqKzqYJ28+oSMaJMMgOauh3fvwHqMS7EZpIPqK8GL+g9mKxF1vP/ZjSeNjEVHg==} - - css-what@6.1.0: - resolution: {integrity: sha512-HTUrgRJ7r4dsZKU6GjmpfRK1O76h97Z8MfS1G0FozR+oF2kG6Vfe8JE6zwrkbxigziPHinCJ+gCPjA9EaBDtRw==} - engines: {node: '>= 6'} - - date-fns@3.6.0: - resolution: {integrity: sha512-fRHTG8g/Gif+kSh50gaGEdToemgfj74aRX3swtiouboip5JDLAyDE9F11nHMIcvOaXeOC6D7SpNhi7uFyB7Uww==} - - debug@4.3.6: - resolution: {integrity: sha512-O/09Bd4Z1fBrU4VzkhFqVgpPzaGbw6Sm9FEkBT1A/YBXQFGuuSxa1dN2nxgxS34JmKXqYx8CZAwEVoJFImUXIg==} - engines: {node: '>=6.0'} - peerDependencies: - supports-color: '*' - peerDependenciesMeta: - supports-color: - optional: true - - decamelize@4.0.0: - resolution: {integrity: sha512-9iE1PgSik9HeIIw2JO94IidnE3eBoQrFJ3w7sFuzSX4DpmZ3v5sZpUiV5Swcf6mQEF+Y0ru8Neo+p+nyh2J+hQ==} - engines: {node: '>=10'} - - deep-eql@5.0.2: - resolution: {integrity: sha512-h5k/5U50IJJFpzfL6nO9jaaumfjO/f2NjK/oYB2Djzm4p9L+3T9qWpZqZ2hAbLPuuYq9wrU08WQyBTL5GbPk5Q==} - engines: {node: '>=6'} - - deepmerge@4.3.1: - resolution: {integrity: sha512-3sUqbMEc77XqpdNO7FRyRog+eW3ph+GYCbj+rK+uYyRMuwsVy0rMiVtPn+QJlKFvWP/1PYpapqYn0Me2knFn+A==} - engines: {node: '>=0.10.0'} - - define-data-property@1.1.4: - resolution: {integrity: sha512-rBMvIzlpA8v6E+SJZoo++HAYqsLrkg7MSfIinMPFhmkorw7X+dOXVJQs+QT69zGkzMyfDnIMN2Wid1+NbL3T+A==} - engines: {node: '>= 0.4'} - - diff@5.2.0: - resolution: {integrity: sha512-uIFDxqpRZGZ6ThOk84hEfqWoHx2devRFvpTZcTHur85vImfaxUbTW9Ryh4CpCuDnToOP1CEtXKIgytHBPVff5A==} - engines: {node: '>=0.3.1'} - - dir-glob@3.0.1: - resolution: {integrity: sha512-WkrWp9GR4KXfKGYzOLmTuGVi1UWFfws377n9cc55/tb6DuqyF6pcQ5AbiHEshaDpY9v6oaSr2XCDidGmMwdzIA==} - engines: {node: '>=8'} - - dom-serializer@2.0.0: - resolution: {integrity: sha512-wIkAryiqt/nV5EQKqQpo3SToSOV9J0DnbJqwK7Wv/Trc92zIAYZ4FlMu+JPFW1DfGFt81ZTCGgDEabffXeLyJg==} - - domelementtype@2.3.0: - resolution: {integrity: sha512-OLETBj6w0OsagBwdXnPdN0cnMfF9opN69co+7ZrbfPGrdpPVNBUj02spi6B1N7wChLQiPn4CSH/zJvXw56gmHw==} - - domhandler@5.0.3: - resolution: {integrity: sha512-cgwlv/1iFQiFnU96XXgROh8xTeetsnJiDsTc7TYCLFd9+/WNkIqPTxiM/8pSd8VIrhXGTf1Ny1q1hquVqDJB5w==} - engines: {node: '>= 4'} - - domutils@3.1.0: - resolution: {integrity: sha512-H78uMmQtI2AhgDJjWeQmHwJJ2bLPD3GMmO7Zja/ZZh84wkm+4ut+IUnUdRa8uCGX88DiVx1j6FRe1XfxEgjEZA==} - - dotenv@16.4.5: - resolution: {integrity: sha512-ZmdL2rui+eB2YwhsWzjInR8LldtZHGDoQ1ugH85ppHKwpUHL7j7rN0Ti9NCnGiQbhaZ11FpR+7ao1dNsmduNUg==} - engines: {node: '>=12'} - - eastasianwidth@0.2.0: - resolution: {integrity: sha512-I88TYZWc9XiYHRQ4/3c5rjjfgkjhLyW2luGIheGERbNQ6OY7yTybanSpDXZa8y7VUP9YmDcYa+eyq4ca7iLqWA==} - - emoji-regex@8.0.0: - resolution: {integrity: sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==} - - emoji-regex@9.2.2: - resolution: {integrity: sha512-L18DaJsXSUk2+42pv8mLs5jJT2hqFkFE4j21wOmgbUqsZ2hL72NsUU785g9RXgo3s0ZNgVl42TiHp3ZtOv/Vyg==} - - encoding-japanese@2.0.0: - resolution: {integrity: sha512-++P0RhebUC8MJAwJOsT93dT+5oc5oPImp1HubZpAuCZ5kTLnhuuBhKHj2jJeO/Gj93idPBWmIuQ9QWMe5rX3pQ==} - engines: {node: '>=8.10.0'} - - encoding-japanese@2.1.0: - resolution: {integrity: sha512-58XySVxUgVlBikBTbQ8WdDxBDHIdXucB16LO5PBHR8t75D54wQrNo4cg+58+R1CtJfKnsVsvt9XlteRaR8xw1w==} - engines: {node: '>=8.10.0'} - - encoding-japanese@2.2.0: - resolution: {integrity: sha512-EuJWwlHPZ1LbADuKTClvHtwbaFn4rOD+dRAbWysqEOXRc2Uui0hJInNJrsdH0c+OhJA4nrCBdSkW4DD5YxAo6A==} - engines: {node: '>=8.10.0'} - - encoding-sniffer@0.2.0: - resolution: {integrity: sha512-ju7Wq1kg04I3HtiYIOrUrdfdDvkyO9s5XM8QAj/bN61Yo/Vb4vgJxy5vi4Yxk01gWHbrofpPtpxM8bKger9jhg==} - - entities@4.5.0: - resolution: {integrity: sha512-V0hjH4dGPh9Ao5p0MoRY6BVqtwCjhz6vI5LT8AJ55H+4g9/4vbHx1I54fS0XuclLhDHArPQCiMjDxjaL8fPxhw==} - engines: {node: '>=0.12'} - - error-ex@1.3.2: - resolution: {integrity: sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==} - - es-define-property@1.0.0: - resolution: {integrity: sha512-jxayLKShrEqqzJ0eumQbVhTYQM27CfT1T35+gCgDFoL82JLsXqTJ76zv6A0YLOgEnLUMvLzsDsGIrl8NFpT2gQ==} - engines: {node: '>= 0.4'} - - es-errors@1.3.0: - resolution: {integrity: sha512-Zf5H2Kxt2xjTvbJvP2ZWLEICxA6j+hAmMzIlypy4xcBg1vKVnx89Wy0GbS+kf5cwCVFFzdCFh2XSCFNULS6csw==} - engines: {node: '>= 0.4'} - - esbuild@0.23.1: - resolution: {integrity: sha512-VVNz/9Sa0bs5SELtn3f7qhJCDPCF5oMEl5cO9/SSinpE9hbPVvxbd572HH5AKiP7WD8INO53GgfDDhRjkylHEg==} - engines: {node: '>=18'} - hasBin: true - - escalade@3.2.0: - resolution: {integrity: sha512-WUj2qlxaQtO4g6Pq5c29GTcWGDyd8itL8zTlipgECz3JesAiiOKotd8JU6otB3PACgG6xkJUyVhboMS+bje/jA==} - engines: {node: '>=6'} - - escape-string-regexp@1.0.5: - resolution: {integrity: sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==} - engines: {node: '>=0.8.0'} - - escape-string-regexp@4.0.0: - resolution: {integrity: sha512-TtpcNJ3XAzx3Gq8sWRzJaVajRs0uVxA2YAkdb1jm2YkPz4G6egUFAyA3n5vtEIZefPk5Wa4UXbKuS5fKkJWdgA==} - engines: {node: '>=10'} - - event-target-shim@5.0.1: - resolution: {integrity: sha512-i/2XbnSz/uxRCU6+NdVJgKWDTM427+MqYbkQzD321DuCQJUqOuJKIA0IM2+W2xtYHdKOmZ4dR6fExsd4SXL+WQ==} - engines: {node: '>=6'} - - events@3.3.0: - resolution: {integrity: sha512-mQw+2fkQbALzQ7V0MY0IqdnXNOeTtP4r0lN9z7AAawCXgqea7bDii20AYrIBrFd/Hx0M2Ocz6S111CaFkUcb0Q==} - engines: {node: '>=0.8.x'} - - execa@5.1.1: - resolution: {integrity: sha512-8uSpZZocAZRBAPIEINJj3Lo9HyGitllczc27Eh5YYojjMFMn8yHMDMaUHE2Jqfq05D/wucwI4JGURyXt1vchyg==} - engines: {node: '>=10'} - - fast-content-type-parse@1.1.0: - resolution: {integrity: sha512-fBHHqSTFLVnR61C+gltJuE5GkVQMV0S2nqUO8TJ+5Z3qAKG8vAx4FKai1s5jq/inV1+sREynIWSuQ6HgoSXpDQ==} - - fast-decode-uri-component@1.0.1: - resolution: {integrity: sha512-WKgKWg5eUxvRZGwW8FvfbaH7AXSh2cL+3j5fMGzUMCxWBJ3dV3a7Wz8y2f/uQ0e3B6WmodD3oS54jTQ9HVTIIg==} - - fast-deep-equal@3.1.3: - resolution: {integrity: sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q==} - - fast-glob@3.3.2: - resolution: {integrity: sha512-oX2ruAFQwf/Orj8m737Y5adxDQO0LAB7/S5MnxCdTNDd4p6BsyIVsv9JQsATbTSq8KHRpLwIHbVlUNatxd+1Ow==} - engines: {node: '>=8.6.0'} - - fast-json-stringify@5.16.1: - resolution: {integrity: sha512-KAdnLvy1yu/XrRtP+LJnxbBGrhN+xXu+gt3EUvZhYGKCr3lFHq/7UFJHHFgmJKoqlh6B40bZLEv7w46B0mqn1g==} - - fast-querystring@1.1.2: - resolution: {integrity: sha512-g6KuKWmFXc0fID8WWH0jit4g0AGBoJhCkJMb1RmbsSEUNvQ+ZC8D6CUZ+GtF8nMzSPXnhiePyyqqipzNNEnHjg==} - - fast-redact@3.5.0: - resolution: {integrity: sha512-dwsoQlS7h9hMeYUq1W++23NDcBLV4KqONnITDV9DjfS3q1SgDGVrBdvvTLUotWtPSD7asWDV9/CmsZPy8Hf70A==} - engines: {node: '>=6'} - - fast-uri@2.4.0: - resolution: {integrity: sha512-ypuAmmMKInk5q7XcepxlnUWDLWv4GFtaJqAzWKqn62IpQ3pejtr5dTVbt3vwqVaMKmkNR55sTT+CqUKIaT21BA==} - - fast-uri@3.0.1: - resolution: {integrity: sha512-MWipKbbYiYI0UC7cl8m/i/IWTqfC8YXsqjzybjddLsFjStroQzsHXkc73JutMvBiXmOvapk+axIl79ig5t55Bw==} - - fastify@4.28.1: - resolution: {integrity: sha512-kFWUtpNr4i7t5vY2EJPCN2KgMVpuqfU4NjnJNCgiNB900oiDeYqaNDRcAfeBbOF5hGixixxcKnOU4KN9z6QncQ==} - - fastq@1.17.1: - resolution: {integrity: sha512-sRVD3lWVIXWg6By68ZN7vho9a1pQcN/WBFaAAsDDFzlJjvoGx0P8z7V1t72grFJfJhu3YPZBuu25f7Kaw2jN1w==} - - fill-range@7.1.1: - resolution: {integrity: sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==} - engines: {node: '>=8'} - - find-my-way@8.2.0: - resolution: {integrity: sha512-HdWXgFYc6b1BJcOBDBwjqWuHJj1WYiqrxSh25qtU4DabpMFdj/gSunNBQb83t+8Zt67D7CXEzJWTkxaShMTMOA==} - engines: {node: '>=14'} - - find-up@5.0.0: - resolution: {integrity: sha512-78/PXT1wlLLDgTzDs7sjq9hzz0vXD+zn+7wypEe4fXQxCmdmqfGsEPQxmiCSQI3ajFV91bVSsvNtrJRiW6nGng==} - engines: {node: '>=10'} - - flat@5.0.2: - resolution: {integrity: sha512-b6suED+5/3rTpUBdG1gupIl8MPFCAMA0QXwmljLhvCUKcUvdE4gWky9zpuGCcXHOsz4J9wPGNWq6OKpmIzz3hQ==} - hasBin: true - - foreground-child@3.3.0: - resolution: {integrity: sha512-Ld2g8rrAyMYFXBhEqMz8ZAHBi4J4uS1i/CxGMDnjyFWddMXLVcDp051DZfu+t7+ab7Wv6SMqpWmyFIj5UbfFvg==} - engines: {node: '>=14'} - - forwarded@0.2.0: - resolution: {integrity: sha512-buRG0fpBtRHSTCOASe6hD258tEubFoRLb4ZNA6NxMVHNw2gOcwHo9wyablzMzOA5z9xA9L1KNjk/Nt6MT9aYow==} - engines: {node: '>= 0.6'} - - fs.realpath@1.0.0: - resolution: {integrity: sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==} - - fsevents@2.3.3: - resolution: {integrity: sha512-5xoDfX+fL7faATnagmWPpbFtwh/R77WmMMqqHGS65C3vvB0YHrgF+B1YmZ3441tMj5n63k0212XNoJwzlhffQw==} - engines: {node: ^8.16.0 || ^10.6.0 || >=11.0.0} - os: [darwin] - - function-bind@1.1.2: - resolution: {integrity: sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA==} - - get-caller-file@2.0.5: - resolution: {integrity: sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==} - engines: {node: 6.* || 8.* || >= 10.*} - - get-func-name@2.0.2: - resolution: {integrity: sha512-8vXOvuE167CtIc3OyItco7N/dpRtBbYOsPsXCz7X/PMnlGjYjSGuZJgM1Y7mmew7BKf9BqvLX2tnOVy1BBUsxQ==} - - get-intrinsic@1.2.4: - resolution: {integrity: sha512-5uYhsJH8VJBTv7oslg4BznJYhDoRI6waYCxMmCdnTrcCrHA/fCFKoTFz2JKKE0HdDFUF7/oQuhzumXJK7paBRQ==} - engines: {node: '>= 0.4'} - - get-stream@6.0.1: - resolution: {integrity: sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg==} - engines: {node: '>=10'} - - glob-parent@5.1.2: - resolution: {integrity: sha512-AOIgSQCepiJYwP3ARnGx+5VnTu2HBYdzbGP45eLw1vr3zB3vZLeyed1sC9hnbcOc9/SrMyM5RPQrkGz4aS9Zow==} - engines: {node: '>= 6'} - - glob@10.4.5: - resolution: {integrity: sha512-7Bv8RF0k6xjo7d4A/PxYLbUCfb6c+Vpd2/mB2yRDlew7Jb5hEXiCD9ibfO7wpk8i4sevK6DFny9h7EYbM3/sHg==} - hasBin: true - - glob@8.1.0: - resolution: {integrity: sha512-r8hpEjiQEYlF2QU0df3dS+nxxSIreXQS1qRhMJM0Q5NDdR386C7jb7Hwwod8Fgiuex+k0GFjgft18yvxm5XoCQ==} - engines: {node: '>=12'} - deprecated: Glob versions prior to v9 are no longer supported - - globby@11.1.0: - resolution: {integrity: sha512-jhIXaOzy1sb8IyocaruWSn1TjmnBVs8Ayhcy83rmxNJ8q2uWKCAj3CnJY+KpGSXCueAPc0i05kVvVKtP1t9S3g==} - engines: {node: '>=10'} - - gopd@1.0.1: - resolution: {integrity: sha512-d65bNlIadxvpb/A2abVdlqKqV563juRnZ1Wtk6s1sIR8uNsXR70xqIzVqxVf1eTqDunwT2MkczEeaezCKTZhwA==} - - graphile-config@0.0.1-beta.9: - resolution: {integrity: sha512-7vNxXZ24OAgXxDKXYi9JtgWPMuNbBL3057Yf32Ux+/rVP4+EePgySCc+NNnn0tORi8qwqVreN8bdWqGIcSwNXg==} - engines: {node: '>=16'} - - graphile-worker@0.16.6: - resolution: {integrity: sha512-e7gGYDmGqzju2l83MpzX8vNG/lOtVJiSzI3eZpAFubSxh/cxs7sRrRGBGjzBP1kNG0H+c95etPpNRNlH65PYhw==} - engines: {node: '>=14.0.0'} - hasBin: true - - has-flag@3.0.0: - resolution: {integrity: sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==} - engines: {node: '>=4'} - - has-flag@4.0.0: - resolution: {integrity: sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==} - engines: {node: '>=8'} - - has-property-descriptors@1.0.2: - resolution: {integrity: sha512-55JNKuIW+vq4Ke1BjOTjM2YctQIvCT7GFzHwmfZPGo5wnrgkid0YQtnAleFSqumZm4az3n2BS+erby5ipJdgrg==} - - has-proto@1.0.3: - resolution: {integrity: sha512-SJ1amZAJUiZS+PhsVLf5tGydlaVB8EdFpaSO4gmiUKUOxk8qzn5AIy4ZeJUmh22znIdk/uMAUT2pl3FxzVUH+Q==} - engines: {node: '>= 0.4'} - - has-symbols@1.0.3: - resolution: {integrity: sha512-l3LCuF6MgDNwTDKkdYGEihYjt5pRPbEg46rtlmnSPlUbgmB8LOIrKJbYYFBSbnPaJexMKtiPO8hmeRjRz2Td+A==} - engines: {node: '>= 0.4'} - - hasown@2.0.2: - resolution: {integrity: sha512-0hJU9SCPvmMzIBdZFqNPXWa6dqh7WdH0cII9y+CyS8rG3nL48Bclra9HmKhVVUHyPWNH5Y7xDwAB7bfgSjkUMQ==} - engines: {node: '>= 0.4'} - - he@1.2.0: - resolution: {integrity: sha512-F/1DnUGPopORZi0ni+CvrCgHQ5FyEAHRLSApuYWMmrbSwoN2Mn/7k+Gl38gJnR7yyDZk6WLXwiGod1JOWNDKGw==} - hasBin: true - - html-to-text@9.0.5: - resolution: {integrity: sha512-qY60FjREgVZL03vJU6IfMV4GDjGBIoOyvuFdpBDIX9yTlDw0TjxVBQp+P8NvpdIXNJvfWBTNul7fsAQJq2FNpg==} - engines: {node: '>=14'} - - htmlparser2@8.0.2: - resolution: {integrity: sha512-GYdjWKDkbRLkZ5geuHs5NY1puJ+PXwP7+fHPRz06Eirsb9ugf6d8kkXav6ADhcODhFFPMIXyxkxSuMf3D6NCFA==} - - htmlparser2@9.1.0: - resolution: {integrity: sha512-5zfg6mHUoaer/97TxnGpxmbR7zJtPwIYFMZ/H5ucTlPZhKvtum05yiPK3Mgai3a0DyVxv7qYqoweaEd2nrYQzQ==} - - human-signals@2.1.0: - resolution: {integrity: sha512-B4FFZ6q/T2jhhksgkbEW3HBvWIfDW85snkQgawt07S7J5QXTk6BkNV+0yAeZrM5QpMAdYlocGoljn0sJ/WQkFw==} - engines: {node: '>=10.17.0'} - - iconv-lite@0.6.3: - resolution: {integrity: sha512-4fCk79wshMdzMp2rH06qWrJE4iolqLhCUH+OiuIgU++RB0+94NlDL81atO7GX55uUKueo0txHNtvEyI6D7WdMw==} - engines: {node: '>=0.10.0'} - - ieee754@1.2.1: - resolution: {integrity: sha512-dcyqhDvX1C46lXZcVqCpK+FtMRQVdIMN6/Df5js2zouUsqG7I6sFxitIC+7KYK29KdXOLHdu9zL4sFnoVQnqaA==} - - ignore@5.3.2: - resolution: {integrity: sha512-hsBTNUqQTDwkWtcdYI2i06Y/nUBEsNEDJKjWdigLvegy8kDuJAS8uRlpkkcQpyEXL0Z/pjDy5HBmMjRCJ2gq+g==} - engines: {node: '>= 4'} - - imapflow@1.0.164: - resolution: {integrity: sha512-+KAmLrpqq2Q0Ts1imMP4svydfhYznlvlLHhgtTb8NiIcccZvdRNfdHVP8/RrGaw0hy0TOaluawsm/6q+TqdLPw==} - - import-fresh@3.3.0: - resolution: {integrity: sha512-veYYhQa+D1QBKznvhUHxb8faxlrwUnxseDAbAp457E0wLNio2bOSKnjYDhMj+YiAq61xrMGhQk9iXVk5FzgQMw==} - engines: {node: '>=6'} - - inflight@1.0.6: - resolution: {integrity: sha512-k92I/b08q4wvFscXCLvqfsHCrjrF7yiXsQuIVvVE7N82W3+aqpzuUdBbfhWcy/FZR3/4IgflMgKLOsvPDrGCJA==} - deprecated: This module is not supported, and leaks memory. Do not use it. Check out lru-cache if you want a good and tested way to coalesce async requests by a key value, which is much more comprehensive and powerful. - - inherits@2.0.4: - resolution: {integrity: sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==} - - interpret@3.1.1: - resolution: {integrity: sha512-6xwYfHbajpoF0xLW+iwLkhwgvLoZDfjYfoFNu8ftMoXINzwuymNLd9u/KmwtdT2GbR+/Cz66otEGEVVUHX9QLQ==} - engines: {node: '>=10.13.0'} - - ip-address@9.0.5: - resolution: {integrity: sha512-zHtQzGojZXTwZTHQqra+ETKd4Sn3vgi7uBmlPoXVWZqYvuKmtI0l/VZTjqGmJY9x88GGOaZ9+G9ES8hC4T4X8g==} - engines: {node: '>= 12'} - - ipaddr.js@1.9.1: - resolution: {integrity: sha512-0KI/607xoxSToH7GjN1FfSbLoU0+btTicjsQSWQlh/hZykN8KpmMf7uYwPW3R+akZ6R/w18ZlXSHBYXiYUPO3g==} - engines: {node: '>= 0.10'} - - is-arrayish@0.2.1: - resolution: {integrity: sha512-zz06S8t0ozoDXMG+ube26zeCTNXcKIPJZJi8hBrF4idCLms4CG9QtK7qBl1boi5ODzFpjswb5JPmHCbMpjaYzg==} - - is-binary-path@2.1.0: - resolution: {integrity: sha512-ZMERYes6pDydyuGidse7OsHxtbI7WVeUEozgR/g7rd0xUimYNlvZRE/K2MgZTjWy725IfelLeVcEM97mmtRGXw==} - engines: {node: '>=8'} - - is-extglob@2.1.1: - resolution: {integrity: sha512-SbKbANkN603Vi4jEZv49LeVJMn4yGwsbzZworEoyEiutsN3nJYdbO36zfhGJ6QEDpOZIFkDtnq5JRxmvl3jsoQ==} - engines: {node: '>=0.10.0'} - - is-fullwidth-code-point@3.0.0: - resolution: {integrity: sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==} - engines: {node: '>=8'} - - is-glob@4.0.3: - resolution: {integrity: sha512-xelSayHH36ZgE7ZWhli7pW34hNbNl8Ojv5KVmkJD4hBdD3th8Tfk9vYasLM+mXWOZhFkgZfxhLSnrwRr4elSSg==} - engines: {node: '>=0.10.0'} - - is-number@7.0.0: - resolution: {integrity: sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==} - engines: {node: '>=0.12.0'} - - is-plain-obj@2.1.0: - resolution: {integrity: sha512-YWnfyRwxL/+SsrWYfOpUtz5b3YD+nyfkHvjbcanzk8zgyO4ASD67uVMRt8k5bM4lLMDnXfriRhOpemw+NfT1eA==} - engines: {node: '>=8'} - - is-stream@2.0.1: - resolution: {integrity: sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg==} - engines: {node: '>=8'} - - is-unicode-supported@0.1.0: - resolution: {integrity: sha512-knxG2q4UC3u8stRGyAVJCOdxFmv5DZiRcdlIaAQXAbSfJya+OhopNotLQrstBhququ4ZpuKbDc/8S6mgXgPFPw==} - engines: {node: '>=10'} - - isexe@2.0.0: - resolution: {integrity: sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==} - - jackspeak@3.4.3: - resolution: {integrity: sha512-OGlZQpz2yfahA/Rd1Y8Cd9SIEsqvXkLVoSw/cgwhnhFMDbsQFeZYoJJ7bIZBS9BcamUW96asq/npPWugM+RQBw==} - - joycon@3.1.1: - resolution: {integrity: sha512-34wB/Y7MW7bzjKRjUKTa46I2Z7eV62Rkhva+KkopW7Qvv/OSWBqvkSY7vusOPrNuZcUG3tApvdVgNB8POj3SPw==} - engines: {node: '>=10'} - - js-tokens@4.0.0: - resolution: {integrity: sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==} - - js-yaml@4.1.0: - resolution: {integrity: sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA==} - hasBin: true - - jsbn@1.1.0: - resolution: {integrity: sha512-4bYVV3aAMtDTTu4+xsDYa6sy9GyJ69/amsu9sYF2zqjiEoZA5xJi3BrfX3uY+/IekIu7MwdObdbDWpoZdBv3/A==} - - json-parse-even-better-errors@2.3.1: - resolution: {integrity: sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==} - - json-schema-ref-resolver@1.0.1: - resolution: {integrity: sha512-EJAj1pgHc1hxF6vo2Z3s69fMjO1INq6eGHXZ8Z6wCQeldCuwxGK9Sxf4/cScGn3FZubCVUehfWtcDM/PLteCQw==} - - json-schema-traverse@1.0.0: - resolution: {integrity: sha512-NM8/P9n3XjXhIZn1lLhkFaACTOURQXjWhV4BA/RnOv8xvgqtqpAX9IO4mRQxSx1Rlo4tqzeqb0sOlruaOy3dug==} - - json5@2.2.3: - resolution: {integrity: sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==} - engines: {node: '>=6'} - hasBin: true - - leac@0.6.0: - resolution: {integrity: sha512-y+SqErxb8h7nE/fiEX07jsbuhrpO9lL8eca7/Y1nuWV2moNlXhyd59iDGcRf6moVyDMbmTNzL40SUyrFU/yDpg==} - - libbase64@1.2.1: - resolution: {integrity: sha512-l+nePcPbIG1fNlqMzrh68MLkX/gTxk/+vdvAb388Ssi7UuUN31MI44w4Yf33mM3Cm4xDfw48mdf3rkdHszLNew==} - - libbase64@1.3.0: - resolution: {integrity: sha512-GgOXd0Eo6phYgh0DJtjQ2tO8dc0IVINtZJeARPeiIJqge+HdsWSuaDTe8ztQ7j/cONByDZ3zeB325AHiv5O0dg==} - - libmime@5.2.0: - resolution: {integrity: sha512-X2U5Wx0YmK0rXFbk67ASMeqYIkZ6E5vY7pNWRKtnNzqjvdYYG8xtPDpCnuUEnPU9vlgNev+JoSrcaKSUaNvfsw==} - - libmime@5.3.5: - resolution: {integrity: sha512-nSlR1yRZ43L3cZCiWEw7ali3jY29Hz9CQQ96Oy+sSspYnIP5N54ucOPHqooBsXzwrX1pwn13VUE05q4WmzfaLg==} - - libqp@2.0.1: - resolution: {integrity: sha512-Ka0eC5LkF3IPNQHJmYBWljJsw0UvM6j+QdKRbWyCdTmYwvIDE6a7bCm0UkTAL/K+3KXK5qXT/ClcInU01OpdLg==} - - libqp@2.1.0: - resolution: {integrity: sha512-O6O6/fsG5jiUVbvdgT7YX3xY3uIadR6wEZ7+vy9u7PKHAlSEB6blvC1o5pHBjgsi95Uo0aiBBdkyFecj6jtb7A==} - - light-my-request@5.13.0: - resolution: {integrity: sha512-9IjUN9ZyCS9pTG+KqTDEQo68Sui2lHsYBrfMyVUTTZ3XhH8PMZq7xO94Kr+eP9dhi/kcKsx4N41p2IXEBil1pQ==} - - lilconfig@3.1.2: - resolution: {integrity: sha512-eop+wDAvpItUys0FWkHIKeC9ybYrTGbU41U5K7+bttZZeohvnY7M9dZ5kB21GNWiFT2q1OoPTvncPCgSOVO5ow==} - engines: {node: '>=14'} - - lines-and-columns@1.2.4: - resolution: {integrity: sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg==} - - linkify-it@5.0.0: - resolution: {integrity: sha512-5aHCbzQRADcdP+ATqnDuhhJ/MRIqDkZX5pyjFHRRysS8vZ5AbqGEoFIb6pYHPZ+L/OC2Lc+xT8uHVVR5CAK/wQ==} - - load-tsconfig@0.2.5: - resolution: {integrity: sha512-IXO6OCs9yg8tMKzfPZ1YmheJbZCiEsnBdcB03l0OcfK9prKnJb96siuHCr5Fl37/yo9DnKU+TLpxzTUspw9shg==} - engines: {node: ^12.20.0 || ^14.13.1 || >=16.0.0} - - locate-path@6.0.0: - resolution: {integrity: sha512-iPZK6eYjbxRu3uB4/WZ3EsEIMJFMqAoopl3R+zuq0UjcAm/MO6KCweDgPfP3elTztoKP3KtnVHxTn2NHBSDVUw==} - engines: {node: '>=10'} - - lodash.sortby@4.7.0: - resolution: {integrity: sha512-HDWXG8isMntAyRF5vZ7xKuEvOhT4AhlRt/3czTSjvGUxjYCBVRQY48ViDHyfYz9VIoBkW4TMGQNapx+l3RUwdA==} - - log-symbols@4.1.0: - resolution: {integrity: sha512-8XPvpAA8uyhfteu8pIvQxpJZ7SYYdpUivZpGy6sFsBuKRY/7rQGavedeB8aK+Zkyq6upMFVL/9AW6vOYzfRyLg==} - engines: {node: '>=10'} - - loupe@3.1.1: - resolution: {integrity: sha512-edNu/8D5MKVfGVFRhFf8aAxiTM6Wumfz5XsaatSxlD3w4R1d/WEKUTydCdPGbl9K7QG/Ca3GnDV2sIKIpXRQcw==} - - lru-cache@10.4.3: - resolution: {integrity: sha512-JNAzZcXrCt42VGLuYz0zfAzDfAvJWW6AfYlDBQyDV5DClI2m5sAmK+OIO7s59XfsRsWHp02jAJrRadPRGTt6SQ==} - - mailparser@3.7.1: - resolution: {integrity: sha512-RCnBhy5q8XtB3mXzxcAfT1huNqN93HTYYyL6XawlIKycfxM/rXPg9tXoZ7D46+SgCS1zxKzw+BayDQSvncSTTw==} - - mailsplit@5.4.0: - resolution: {integrity: sha512-wnYxX5D5qymGIPYLwnp6h8n1+6P6vz/MJn5AzGjZ8pwICWssL+CCQjWBIToOVHASmATot4ktvlLo6CyLfOXWYA==} - - merge-stream@2.0.0: - resolution: {integrity: sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==} - - merge2@1.4.1: - resolution: {integrity: sha512-8q7VEgMJW4J8tcfVPy8g09NcQwZdbwFEqhe/WZkoIzjn/3TGDwtOCYtXGxA3O8tPzpczCCDgv+P2P5y00ZJOOg==} - engines: {node: '>= 8'} - - micromatch@4.0.8: - resolution: {integrity: sha512-PXwfBhYu0hBCPw8Dn0E+WDYb7af3dSLVWKi3HGv84IdF4TyFoC0ysxFd0Goxw7nSv4T/PzEJQxsYsEiFCKo2BA==} - engines: {node: '>=8.6'} - - mimic-fn@2.1.0: - resolution: {integrity: sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==} - engines: {node: '>=6'} - - minimatch@5.1.6: - resolution: {integrity: sha512-lKwV/1brpG6mBUFHtb7NUmtABCb2WZZmm2wNiOA5hAb8VdCS4B3dtMWyvcoViccwAW/COERjXLt0zP1zXUN26g==} - engines: {node: '>=10'} - - minimatch@9.0.5: - resolution: {integrity: sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow==} - engines: {node: '>=16 || 14 >=14.17'} - - minipass@7.1.2: - resolution: {integrity: sha512-qOOzS1cBTWYF4BH8fVePDBOO9iptMnGUEZwNc/cMWnTV2nVLZ7VoNWEPHkYczZA0pdoA7dl6e7FL659nX9S2aw==} - engines: {node: '>=16 || 14 >=14.17'} - - mocha@10.7.3: - resolution: {integrity: sha512-uQWxAu44wwiACGqjbPYmjo7Lg8sFrS3dQe7PP2FQI+woptP4vZXSMcfMyFL/e1yFEeEpV4RtyTpZROOKmxis+A==} - engines: {node: '>= 14.0.0'} - hasBin: true - - ms@2.1.2: - resolution: {integrity: sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==} - - ms@2.1.3: - resolution: {integrity: sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==} - - mz@2.7.0: - resolution: {integrity: sha512-z81GNO7nnYMEhrGh9LeymoE4+Yr0Wn5McHIZMK5cfQCl+NDX08sCZgUc9/6MHni9IWuFLm1Z3HTCXu2z9fN62Q==} - - nodemailer@6.9.13: - resolution: {integrity: sha512-7o38Yogx6krdoBf3jCAqnIN4oSQFx+fMa0I7dK1D+me9kBxx12D+/33wSb+fhOCtIxvYJ+4x4IMEhmhCKfAiOA==} - engines: {node: '>=6.0.0'} - - nodemailer@6.9.14: - resolution: {integrity: sha512-Dobp/ebDKBvz91sbtRKhcznLThrKxKt97GI2FAlAyy+fk19j73Uz3sBXolVtmcXjaorivqsbbbjDY+Jkt4/bQA==} - engines: {node: '>=6.0.0'} - - normalize-path@3.0.0: - resolution: {integrity: sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==} - engines: {node: '>=0.10.0'} - - npm-run-path@4.0.1: - resolution: {integrity: sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw==} - engines: {node: '>=8'} - - nth-check@2.1.1: - resolution: {integrity: sha512-lqjrjmaOoAnWfMmBPL+XNnynZh2+swxiX3WUE0s4yEHI6m+AwrK2UZOimIRl3X/4QctVqS8AiZjFqyOGrMXb/w==} - - object-assign@4.1.1: - resolution: {integrity: sha512-rJgTQnkUnH1sFw8yT6VSU3zD3sWmu6sZhIseY8VX+GRu3P6F7Fu+JNDoXfklElbLJSnc3FUQHVe4cU5hj+BcUg==} - engines: {node: '>=0.10.0'} - - object-inspect@1.13.2: - resolution: {integrity: sha512-IRZSRuzJiynemAXPYtPe5BoI/RESNYR7TYm50MC5Mqbd3Jmw5y790sErYw3V6SryFJD64b74qQQs9wn5Bg/k3g==} - engines: {node: '>= 0.4'} - - obuf@1.1.2: - resolution: {integrity: sha512-PX1wu0AmAdPqOL1mWhqmlOd8kOIZQwGZw6rh7uby9fTc5lhaOWFLX3I6R1hrF9k3zUY40e6igsLGkDXK92LJNg==} - - on-exit-leak-free@2.1.2: - resolution: {integrity: sha512-0eJJY6hXLGf1udHwfNftBqH+g73EU4B504nZeKpz1sYRKafAghwxEJunB2O7rDZkL4PGfsMVnTXZ2EjibbqcsA==} - engines: {node: '>=14.0.0'} - - once@1.4.0: - resolution: {integrity: sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==} - - onetime@5.1.2: - resolution: {integrity: sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==} - engines: {node: '>=6'} - - p-limit@3.1.0: - resolution: {integrity: sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==} - engines: {node: '>=10'} - - p-locate@5.0.0: - resolution: {integrity: sha512-LaNjtRWUBY++zB5nE/NwcaoMylSPk+S+ZHNB1TzdbMJMny6dynpAGt7X/tl/QYq3TIeE6nxHppbo2LGymrG5Pw==} - engines: {node: '>=10'} - - package-json-from-dist@1.0.0: - resolution: {integrity: sha512-dATvCeZN/8wQsGywez1mzHtTlP22H8OEfPrVMLNr4/eGa+ijtLn/6M5f0dY8UKNrC2O9UCU6SSoG3qRKnt7STw==} - - parent-module@1.0.1: - resolution: {integrity: sha512-GQ2EWRpQV8/o+Aw8YqtfZZPfNRWZYkbidE9k5rpl/hC3vtHHBfGm2Ifi6qWV+coDGkrUKZAxE3Lot5kcsRlh+g==} - engines: {node: '>=6'} - - parse-json@5.2.0: - resolution: {integrity: sha512-ayCKvm/phCGxOkYRSCM82iDwct8/EonSEgCSxWxD7ve6jHggsFl4fZVQBPRNgQoKiuV/odhFrGzQXZwbifC8Rg==} - engines: {node: '>=8'} - - parse5-htmlparser2-tree-adapter@7.0.0: - resolution: {integrity: sha512-B77tOZrqqfUfnVcOrUvfdLbz4pu4RopLD/4vmu3HUPswwTA8OH0EMW9BlWR2B0RCoiZRAHEUu7IxeP1Pd1UU+g==} - - parse5-parser-stream@7.1.2: - resolution: {integrity: sha512-JyeQc9iwFLn5TbvvqACIF/VXG6abODeB3Fwmv/TGdLk2LfbWkaySGY72at4+Ty7EkPZj854u4CrICqNk2qIbow==} - - parse5@7.1.2: - resolution: {integrity: sha512-Czj1WaSVpaoj0wbhMzLmWD69anp2WH7FXMB9n1Sy8/ZFF9jolSQVMu1Ij5WIyGmcBmhk7EOndpO4mIpihVqAXw==} - - parseley@0.12.1: - resolution: {integrity: sha512-e6qHKe3a9HWr0oMRVDTRhKce+bRO8VGQR3NyVwcjwrbhMmFCX9KszEV35+rn4AdilFAq9VPxP/Fe1wC9Qjd2lw==} - - path-exists@4.0.0: - resolution: {integrity: sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==} - engines: {node: '>=8'} - - path-key@3.1.1: - resolution: {integrity: sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==} - engines: {node: '>=8'} - - path-scurry@1.11.1: - resolution: {integrity: sha512-Xa4Nw17FS9ApQFJ9umLiJS4orGjm7ZzwUrwamcGQuHSzDyth9boKDaycYdDcZDuqYATXw4HFXgaqWTctW/v1HA==} - engines: {node: '>=16 || 14 >=14.18'} - - path-type@4.0.0: - resolution: {integrity: sha512-gDKb8aZMDeD/tZWs9P6+q0J9Mwkdl6xMV8TjnGP3qJVJ06bdMgkbBlLU8IdfOsIsFz2BW1rNVT3XuNEl8zPAvw==} - engines: {node: '>=8'} - - pathval@2.0.0: - resolution: {integrity: sha512-vE7JKRyES09KiunauX7nd2Q9/L7lhok4smP9RZTDeD4MVs72Dp2qNFVz39Nz5a0FVEW0BJR6C0DYrq6unoziZA==} - engines: {node: '>= 14.16'} - - peberminta@0.9.0: - resolution: {integrity: sha512-XIxfHpEuSJbITd1H3EeQwpcZbTLHc+VVr8ANI9t5sit565tsI4/xK3KWTUFE2e6QiangUkh3B0jihzmGnNrRsQ==} - - pg-cloudflare@1.1.1: - resolution: {integrity: sha512-xWPagP/4B6BgFO+EKz3JONXv3YDgvkbVrGw2mTo3D6tVDQRh1e7cqVGvyR3BE+eQgAvx1XhW/iEASj4/jCWl3Q==} - - pg-connection-string@2.6.4: - resolution: {integrity: sha512-v+Z7W/0EO707aNMaAEfiGnGL9sxxumwLl2fJvCQtMn9Fxsg+lPpPkdcyBSv/KFgpGdYkMfn+EI1Or2EHjpgLCA==} - - pg-int8@1.0.1: - resolution: {integrity: sha512-WCtabS6t3c8SkpDBUlb1kjOs7l66xsGdKpIPZsg4wR+B3+u9UAum2odSsF9tnvxg80h4ZxLWMy4pRjOsFIqQpw==} - engines: {node: '>=4.0.0'} - - pg-numeric@1.0.2: - resolution: {integrity: sha512-BM/Thnrw5jm2kKLE5uJkXqqExRUY/toLHda65XgFTBTFYZyopbKjBe29Ii3RbkvlsMoFwD+tHeGaCjjv0gHlyw==} - engines: {node: '>=4'} - - pg-pool@3.6.2: - resolution: {integrity: sha512-Htjbg8BlwXqSBQ9V8Vjtc+vzf/6fVUuak/3/XXKA9oxZprwW3IMDQTGHP+KDmVL7rtd+R1QjbnCFPuTHm3G4hg==} - peerDependencies: - pg: '>=8.0' - - pg-protocol@1.6.1: - resolution: {integrity: sha512-jPIlvgoD63hrEuihvIg+tJhoGjUsLPn6poJY9N5CnlPd91c2T18T/9zBtLxZSb1EhYxBRoZJtzScCaWlYLtktg==} - - pg-types@2.2.0: - resolution: {integrity: sha512-qTAAlrEsl8s4OiEQY69wDvcMIdQN6wdz5ojQiOy6YRMuynxenON0O5oCpJI6lshc6scgAY8qvJ2On/p+CXY0GA==} - engines: {node: '>=4'} - - pg-types@4.0.2: - resolution: {integrity: sha512-cRL3JpS3lKMGsKaWndugWQoLOCoP+Cic8oseVcbr0qhPzYD5DWXK+RZ9LY9wxRf7RQia4SCwQlXk0q6FCPrVng==} - engines: {node: '>=10'} - - pg@8.12.0: - resolution: {integrity: sha512-A+LHUSnwnxrnL/tZ+OLfqR1SxLN3c/pgDztZ47Rpbsd4jUytsTtwQo/TLPRzPJMp/1pbhYVhH9cuSZLAajNfjQ==} - engines: {node: '>= 8.0.0'} - peerDependencies: - pg-native: '>=3.0.1' - peerDependenciesMeta: - pg-native: - optional: true - - pgpass@1.0.5: - resolution: {integrity: sha512-FdW9r/jQZhSeohs1Z3sI1yxFQNFvMcnmfuj4WBMUTxOrAyLMaTcE1aAMBiTlbMNaXvBCQuVi0R7hd8udDSP7ug==} - - picocolors@1.1.0: - resolution: {integrity: sha512-TQ92mBOW0l3LeMeyLV6mzy/kWr8lkd/hp3mTg7wYK7zJhuBStmGMBG0BdeDZS/dZx1IukaX6Bk11zcln25o1Aw==} - - picomatch@2.3.1: - resolution: {integrity: sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==} - engines: {node: '>=8.6'} - - pino-abstract-transport@1.2.0: - resolution: {integrity: sha512-Guhh8EZfPCfH+PMXAb6rKOjGQEoy0xlAIn+irODG5kgfYV+BQ0rGYYWTIel3P5mmyXqkYkPmdIkywsn6QKUR1Q==} - - pino-std-serializers@7.0.0: - resolution: {integrity: sha512-e906FRY0+tV27iq4juKzSYPbUj2do2X2JX4EzSca1631EB2QJQUqGbDuERal7LCtOpxl6x3+nvo9NPZcmjkiFA==} - - pino@9.2.0: - resolution: {integrity: sha512-g3/hpwfujK5a4oVbaefoJxezLzsDgLcNJeITvC6yrfwYeT9la+edCK42j5QpEQSQCZgTKapXvnQIdgZwvRaZug==} - hasBin: true - - pino@9.4.0: - resolution: {integrity: sha512-nbkQb5+9YPhQRz/BeQmrWpEknAaqjpAqRK8NwJpmrX/JHu7JuZC5G1CeAwJDJfGes4h+YihC6in3Q2nGb+Y09w==} - hasBin: true - - pirates@4.0.6: - resolution: {integrity: sha512-saLsH7WeYYPiD25LDuLRRY/i+6HaPYr6G1OUlN39otzkSTxKnubR9RTxS3/Kk50s1g2JTgFwWQDQyplC5/SHZg==} - engines: {node: '>= 6'} - - postcss-load-config@6.0.1: - resolution: {integrity: sha512-oPtTM4oerL+UXmx+93ytZVN82RrlY/wPUV8IeDxFrzIjXOLF1pN+EmKPLbubvKHT2HC20xXsCAH2Z+CKV6Oz/g==} - engines: {node: '>= 18'} - peerDependencies: - jiti: '>=1.21.0' - postcss: '>=8.0.9' - tsx: ^4.8.1 - yaml: ^2.4.2 - peerDependenciesMeta: - jiti: - optional: true - postcss: - optional: true - tsx: - optional: true - yaml: - optional: true - - postgres-array@2.0.0: - resolution: {integrity: sha512-VpZrUqU5A69eQyW2c5CA1jtLecCsN2U/bD6VilrFDWq5+5UIEVO7nazS3TEcHf1zuPYO/sqGvUvW62g86RXZuA==} - engines: {node: '>=4'} - - postgres-array@3.0.2: - resolution: {integrity: sha512-6faShkdFugNQCLwucjPcY5ARoW1SlbnrZjmGl0IrrqewpvxvhSLHimCVzqeuULCbG0fQv7Dtk1yDbG3xv7Veog==} - engines: {node: '>=12'} - - postgres-bytea@1.0.0: - resolution: {integrity: sha512-xy3pmLuQqRBZBXDULy7KbaitYqLcmxigw14Q5sj8QBVLqEwXfeybIKVWiqAXTlcvdvb0+xkOtDbfQMOf4lST1w==} - engines: {node: '>=0.10.0'} - - postgres-bytea@3.0.0: - resolution: {integrity: sha512-CNd4jim9RFPkObHSjVHlVrxoVQXz7quwNFpz7RY1okNNme49+sVyiTvTRobiLV548Hx/hb1BG+iE7h9493WzFw==} - engines: {node: '>= 6'} - - postgres-date@1.0.7: - resolution: {integrity: sha512-suDmjLVQg78nMK2UZ454hAG+OAW+HQPZ6n++TNDUX+L0+uUlLywnoxJKDou51Zm+zTCjrCl0Nq6J9C5hP9vK/Q==} - engines: {node: '>=0.10.0'} - - postgres-date@2.1.0: - resolution: {integrity: sha512-K7Juri8gtgXVcDfZttFKVmhglp7epKb1K4pgrkLxehjqkrgPhfG6OO8LHLkfaqkbpjNRnra018XwAr1yQFWGcA==} - engines: {node: '>=12'} - - postgres-interval@1.2.0: - resolution: {integrity: sha512-9ZhXKM/rw350N1ovuWHbGxnGh/SNJ4cnxHiM0rxE4VN41wsg8P8zWn9hv/buK00RP4WvlOyr/RBDiptyxVbkZQ==} - engines: {node: '>=0.10.0'} - - postgres-interval@3.0.0: - resolution: {integrity: sha512-BSNDnbyZCXSxgA+1f5UU2GmwhoI0aU5yMxRGO8CdFEcY2BQF9xm/7MqKnYoM1nJDk8nONNWDk9WeSmePFhQdlw==} - engines: {node: '>=12'} - - postgres-range@1.1.4: - resolution: {integrity: sha512-i/hbxIE9803Alj/6ytL7UHQxRvZkI9O4Sy+J3HGc4F4oo/2eQAjTSNJ0bfxyse3bH0nuVesCk+3IRLaMtG3H6w==} - - process-warning@3.0.0: - resolution: {integrity: sha512-mqn0kFRl0EoqhnL0GQ0veqFHyIN1yig9RHh/InzORTUiZHFRAur+aMtRkELNwGs9aNwKS6tg/An4NYBPGwvtzQ==} - - process-warning@4.0.0: - resolution: {integrity: sha512-/MyYDxttz7DfGMMHiysAsFE4qF+pQYAA8ziO/3NcRVrQ5fSk+Mns4QZA/oRPFzvcqNoVJXQNWNAsdwBXLUkQKw==} - - process@0.11.10: - resolution: {integrity: sha512-cdGef/drWFoydD1JsMzuFf8100nZl+GT+yacc2bEced5f9Rjk4z+WtFUTBu9PhOi9j/jfmBPu0mMEY4wIdAF8A==} - engines: {node: '>= 0.6.0'} - - proxy-addr@2.0.7: - resolution: {integrity: sha512-llQsMLSUDUPT44jdrU/O37qlnifitDP+ZwrmmZcoSKyLKvtZxpyV0n2/bD/N4tBAAZ/gJEdZU7KMraoK1+XYAg==} - engines: {node: '>= 0.10'} - - punycode.js@2.3.1: - resolution: {integrity: sha512-uxFIHU0YlHYhDQtV4R9J6a52SLx28BCjT+4ieh7IGbgwVJWO+km431c4yRlREUAsAmt/uMjQUyQHNEPf0M39CA==} - engines: {node: '>=6'} - - punycode@2.3.1: - resolution: {integrity: sha512-vYt7UD1U9Wg6138shLtLOvdAu+8DsC/ilFtEVHcH+wydcSpNE20AfSOduf6MkRFahL5FY7X1oU7nKVZFtfq8Fg==} - engines: {node: '>=6'} - - qs@6.13.0: - resolution: {integrity: sha512-+38qI9SOr8tfZ4QmJNplMUxqjbe7LKvvZgWdExBOmd+egZTtjLB67Gu0HRX3u/XOq7UU2Nx6nsjvS16Z9uwfpg==} - engines: {node: '>=0.6'} - - queue-microtask@1.2.3: - resolution: {integrity: sha512-NuaNSa6flKT5JaSYQzJok04JzTL1CA6aGhv5rfLW3PgqA+M2ChpZQnAC8h8i4ZFkBS8X5RqkDBHA7r4hej3K9A==} - - quick-format-unescaped@4.0.4: - resolution: {integrity: sha512-tYC1Q1hgyRuHgloV/YXs2w15unPVh8qfu/qCTfhTYamaw7fyhumKa2yGpdSo87vY32rIclj+4fWYQXUMs9EHvg==} - - randombytes@2.1.0: - resolution: {integrity: sha512-vYl3iOX+4CKUWuxGi9Ukhie6fsqXqS9FE2Zaic4tNFD2N2QQaXOMFbuKK4QmDHC0JO6B1Zp41J0LpT0oR68amQ==} - - readable-stream@4.5.2: - resolution: {integrity: sha512-yjavECdqeZ3GLXNgRXgeQEdz9fvDDkNKyHnbHRFtOr7/LcfgBcmct7t/ET+HaCTqfh06OzoAxrkN/IfjJBVe+g==} - engines: {node: ^12.22.0 || ^14.17.0 || >=16.0.0} - - readdirp@3.6.0: - resolution: {integrity: sha512-hOS089on8RduqdbhvQ5Z37A0ESjsqz6qnRcffsMU3495FuTdqSm+7bhJ29JvIOsBDEEnan5DPu9t3To9VRlMzA==} - engines: {node: '>=8.10.0'} - - real-require@0.2.0: - resolution: {integrity: sha512-57frrGM/OCTLqLOAh0mhVA9VBMHd+9U7Zb2THMGdBUoZVOtGbJzjxsYGDJ3A9AYYCP4hn6y1TVbaOfzWtm5GFg==} - engines: {node: '>= 12.13.0'} - - require-directory@2.1.1: - resolution: {integrity: sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==} - engines: {node: '>=0.10.0'} - - require-from-string@2.0.2: - resolution: {integrity: sha512-Xf0nWe6RseziFMu+Ap9biiUbmplq6S9/p+7w7YXP/JBHhrUDDUhwa+vANyubuqfZWTveU//DYVGsDG7RKL/vEw==} - engines: {node: '>=0.10.0'} - - resolve-from@4.0.0: - resolution: {integrity: sha512-pb/MYmXstAkysRFx8piNI1tGFNQIFA3vkE3Gq4EuA1dF6gHp/+vgZqsCGJapvy8N3Q+4o7FwvquPJcnZ7RYy4g==} - engines: {node: '>=4'} - - resolve-from@5.0.0: - resolution: {integrity: sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==} - engines: {node: '>=8'} - - ret@0.4.3: - resolution: {integrity: sha512-0f4Memo5QP7WQyUEAYUO3esD/XjOc3Zjjg5CPsAq1p8sIu0XPeMbHJemKA0BO7tV0X7+A0FoEpbmHXWxPyD3wQ==} - engines: {node: '>=10'} - - reusify@1.0.4: - resolution: {integrity: sha512-U9nH88a3fc/ekCF1l0/UP1IosiuIjyTh7hBvXVMHYgVcfGvt897Xguj2UOLDeI5BG2m7/uwyaLVT6fbtCwTyzw==} - engines: {iojs: '>=1.0.0', node: '>=0.10.0'} - - rfdc@1.4.1: - resolution: {integrity: sha512-q1b3N5QkRUWUl7iyylaaj3kOpIT0N2i9MqIEQXP73GVsN9cw3fdx8X63cEmWhJGi2PPCF23Ijp7ktmd39rawIA==} - - rollup@4.21.2: - resolution: {integrity: sha512-e3TapAgYf9xjdLvKQCkQTnbTKd4a6jwlpQSJJFokHGaX2IVjoEqkIIhiQfqsi0cdwlOD+tQGuOd5AJkc5RngBw==} - engines: {node: '>=18.0.0', npm: '>=8.0.0'} - hasBin: true - - run-parallel@1.2.0: - resolution: {integrity: sha512-5l4VyZR86LZ/lDxZTR6jqL8AFE2S0IFLMP26AbjsLVADxHdhB/c0GUsH+y39UfCi3dzz8OlQuPmnaJOMoDHQBA==} - - safe-buffer@5.2.1: - resolution: {integrity: sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ==} - - safe-regex2@3.1.0: - resolution: {integrity: sha512-RAAZAGbap2kBfbVhvmnTFv73NWLMvDGOITFYTZBAaY8eR+Ir4ef7Up/e7amo+y1+AH+3PtLkrt9mvcTsG9LXug==} - - safe-stable-stringify@2.5.0: - resolution: {integrity: sha512-b3rppTKm9T+PsVCBEOUR46GWI7fdOs00VKZ1+9c1EWDaDMvjQc6tUwuFyIprgGgTcWoVHSKrU8H31ZHA2e0RHA==} - engines: {node: '>=10'} - - safer-buffer@2.1.2: - resolution: {integrity: sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==} - - secure-json-parse@2.7.0: - resolution: {integrity: sha512-6aU+Rwsezw7VR8/nyvKTx8QpWH9FrcYiXXlqC4z5d5XQBDRqtbfsRjnwGyqbi3gddNtWHuEk9OANUotL26qKUw==} - - selderee@0.11.0: - resolution: {integrity: sha512-5TF+l7p4+OsnP8BCCvSyZiSPc4x4//p5uPwK8TCnVPJYRmU2aYKMpOXvw8zM5a5JvuuCGN1jmsMwuU2W02ukfA==} - - semver@7.6.3: - resolution: {integrity: sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==} - engines: {node: '>=10'} - hasBin: true - - serialize-javascript@6.0.2: - resolution: {integrity: sha512-Saa1xPByTTq2gdeFZYLLo+RFE35NHZkAbqZeWNd3BpzppeVisAqpDjcp8dyf6uIvEqJRd46jemmyA4iFIeVk8g==} - - set-cookie-parser@2.7.0: - resolution: {integrity: sha512-lXLOiqpkUumhRdFF3k1osNXCy9akgx/dyPZ5p8qAg9seJzXr5ZrlqZuWIMuY6ejOsVLE6flJ5/h3lsn57fQ/PQ==} - - set-function-length@1.2.2: - resolution: {integrity: sha512-pgRc4hJ4/sNjWCSS9AmnS40x3bNMDTknHgL5UaMBTMyJnU90EgWh1Rz+MC9eFu4BuN/UwZjKQuY/1v3rM7HMfg==} - engines: {node: '>= 0.4'} - - shebang-command@2.0.0: - resolution: {integrity: sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==} - engines: {node: '>=8'} - - shebang-regex@3.0.0: - resolution: {integrity: sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==} - engines: {node: '>=8'} - - side-channel@1.0.6: - resolution: {integrity: sha512-fDW/EZ6Q9RiO8eFG8Hj+7u/oW+XrPTIChwCOM2+th2A6OblDtYYIpve9m+KvI9Z4C9qSEXlaGR6bTEYHReuglA==} - engines: {node: '>= 0.4'} - - signal-exit@3.0.7: - resolution: {integrity: sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==} - - signal-exit@4.1.0: - resolution: {integrity: sha512-bzyZ1e88w9O1iNJbKnOlvYTrWPDl46O1bG0D3XInv+9tkPrxrN8jUUTiFlDkkmKWgn1M6CfIA13SuGqOa9Korw==} - engines: {node: '>=14'} - - slash@3.0.0: - resolution: {integrity: sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==} - engines: {node: '>=8'} - - smart-buffer@4.2.0: - resolution: {integrity: sha512-94hK0Hh8rPqQl2xXc3HsaBoOXKV20MToPkcXvwbISWLEs+64sBq5kFgn2kJDHb1Pry9yrP0dxrCI9RRci7RXKg==} - engines: {node: '>= 6.0.0', npm: '>= 3.0.0'} - - socks@2.8.3: - resolution: {integrity: sha512-l5x7VUUWbjVFbafGLxPWkYsHIhEvmF85tbIeFZWc8ZPtoMyybuEhL7Jye/ooC4/d48FgOjSJXgsF/AJPYCW8Zw==} - engines: {node: '>= 10.0.0', npm: '>= 3.0.0'} - - sonic-boom@4.1.0: - resolution: {integrity: sha512-NGipjjRicyJJ03rPiZCJYjwlsuP2d1/5QUviozRXC7S3WdVWNK5e3Ojieb9CCyfhq2UC+3+SRd9nG3I2lPRvUw==} - - source-map@0.8.0-beta.0: - resolution: {integrity: sha512-2ymg6oRBpebeZi9UUNsgQ89bhx01TcTkmNTGnNO88imTmbSgy4nfujrgVEFKWpMTEGA11EDkTt7mqObTPdigIA==} - engines: {node: '>= 8'} - - split2@4.2.0: - resolution: {integrity: sha512-UcjcJOWknrNkF6PLX83qcHM6KHgVKNkV62Y8a5uYDVv9ydGQVwAHMKqHdJje1VTWpljG0WYpCDhrCdAOYH4TWg==} - engines: {node: '>= 10.x'} - - sprintf-js@1.1.3: - resolution: {integrity: sha512-Oo+0REFV59/rz3gfJNKQiBlwfHaSESl1pcGyABQsnnIfWOFt6JNj5gCog2U6MLZ//IGYD+nA8nI+mTShREReaA==} - - string-width@4.2.3: - resolution: {integrity: sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==} - engines: {node: '>=8'} - - string-width@5.1.2: - resolution: {integrity: sha512-HnLOCR3vjcY8beoNLtcjZ5/nxn2afmME6lhrDrebokqMap+XbeW8n9TXpPDOqdGK5qcI3oT0GKTW6wC7EMiVqA==} - engines: {node: '>=12'} - - string_decoder@1.3.0: - resolution: {integrity: sha512-hkRX8U1WjJFd8LsDJ2yQ/wWWxaopEsABU1XfkM8A+j0+85JAGppt16cr1Whg6KIbb4okU6Mql6BOj+uup/wKeA==} - - strip-ansi@6.0.1: - resolution: {integrity: sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==} - engines: {node: '>=8'} - - strip-ansi@7.1.0: - resolution: {integrity: sha512-iq6eVVI64nQQTRYq2KtEg2d2uU7LElhTJwsH4YzIHZshxlgZms/wIc4VoDQTlG/IvVIrBKG06CrZnp0qv7hkcQ==} - engines: {node: '>=12'} - - strip-final-newline@2.0.0: - resolution: {integrity: sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA==} - engines: {node: '>=6'} - - strip-json-comments@3.1.1: - resolution: {integrity: sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==} - engines: {node: '>=8'} - - sucrase@3.35.0: - resolution: {integrity: sha512-8EbVDiu9iN/nESwxeSxDKe0dunta1GOlHufmSSXxMD2z2/tMZpDMpvXQGsc+ajGo8y2uYUmixaSRUc/QPoQ0GA==} - engines: {node: '>=16 || 14 >=14.17'} - hasBin: true - - supports-color@5.5.0: - resolution: {integrity: sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==} - engines: {node: '>=4'} - - supports-color@7.2.0: - resolution: {integrity: sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==} - engines: {node: '>=8'} - - supports-color@8.1.1: - resolution: {integrity: sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==} - engines: {node: '>=10'} - - thenify-all@1.6.0: - resolution: {integrity: sha512-RNxQH/qI8/t3thXJDwcstUO4zeqo64+Uy/+sNVRBx4Xn2OX+OZ9oP+iJnNFqplFra2ZUVeKCSa2oVWi3T4uVmA==} - engines: {node: '>=0.8'} - - thenify@3.3.1: - resolution: {integrity: sha512-RVZSIV5IG10Hk3enotrhvz0T9em6cyHBLkH/YAZuKqd8hRkKhSfCGIcP2KUY0EPxndzANBmNllzWPwak+bheSw==} - - thread-stream@3.1.0: - resolution: {integrity: sha512-OqyPZ9u96VohAyMfJykzmivOrY2wfMSf3C5TtFJVgN+Hm6aj+voFhlK+kZEIv2FBh1X6Xp3DlnCOfEQ3B2J86A==} - - tlds@1.252.0: - resolution: {integrity: sha512-GA16+8HXvqtfEnw/DTcwB0UU354QE1n3+wh08oFjr6Znl7ZLAeUgYzCcK+/CCrOyE0vnHR8/pu3XXG3vDijXpQ==} - hasBin: true - - to-regex-range@5.0.1: - resolution: {integrity: sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==} - engines: {node: '>=8.0'} - - toad-cache@3.7.0: - resolution: {integrity: sha512-/m8M+2BJUpoJdgAHoG+baCwBT+tf2VraSfkBgl0Y00qIWt41DJ8R5B8nsEw0I58YwF5IZH6z24/2TobDKnqSWw==} - engines: {node: '>=12'} - - tr46@1.0.1: - resolution: {integrity: sha512-dTpowEjclQ7Kgx5SdBkqRzVhERQXov8/l9Ft9dVM9fmg0W0KQSVaXX9T4i6twCPNtYiZM53lpSSUAwJbFPOHxA==} - - tree-kill@1.2.2: - resolution: {integrity: sha512-L0Orpi8qGpRG//Nd+H90vFB+3iHnue1zSSGmNOOCh1GLJ7rUKVwV2HvijphGQS2UmhUZewS9VgvxYIdgr+fG1A==} - hasBin: true - - ts-interface-checker@0.1.13: - resolution: {integrity: sha512-Y/arvbn+rrz3JCKl9C4kVNfTfSm2/mEp5FSz5EsZSANGPSlQrpRI5M4PKF+mJnE52jOO90PnPSc3Ur3bTQw0gA==} - - tslib@2.7.0: - resolution: {integrity: sha512-gLXCKdN1/j47AiHiOkJN69hJmcbGTHI0ImLmbYLHykhgeN0jVGola9yVjFgzCUklsZQMW55o+dW7IXv3RCXDzA==} - - tsup@8.2.4: - resolution: {integrity: sha512-akpCPePnBnC/CXgRrcy72ZSntgIEUa1jN0oJbbvpALWKNOz1B7aM+UVDWGRGIO/T/PZugAESWDJUAb5FD48o8Q==} - engines: {node: '>=18'} - hasBin: true - peerDependencies: - '@microsoft/api-extractor': ^7.36.0 - '@swc/core': ^1 - postcss: ^8.4.12 - typescript: '>=4.5.0' - peerDependenciesMeta: - '@microsoft/api-extractor': - optional: true - '@swc/core': - optional: true - postcss: - optional: true - typescript: - optional: true - - typescript@5.5.4: - resolution: {integrity: sha512-Mtq29sKDAEYP7aljRgtPOpTvOfbwRWlS6dPRzwjdE+C0R4brX/GUyhHSecbHMFLNBLcJIPt9nl9yG5TZ1weH+Q==} - engines: {node: '>=14.17'} - hasBin: true - - uc.micro@2.1.0: - resolution: {integrity: sha512-ARDJmphmdvUk6Glw7y9DQ2bFkKBHwQHLi2lsaH6PPmz/Ka9sFOBsBluozhDltWmnv9u/cF6Rt87znRTPV+yp/A==} - - undici-types@6.19.8: - resolution: {integrity: sha512-ve2KP6f/JnbPBFyobGHuerC9g1FYGn/F8n1LWTwNxCEzd6IfqTwUQcNXgEtmmQ6DlRrC1hrSrBnCZPokRrDHjw==} - - undici@6.19.8: - resolution: {integrity: sha512-U8uCCl2x9TK3WANvmBavymRzxbfFYG+tAu+fgx3zxQy3qdagQqBLwJVrdyO1TBfUXvfKveMKJZhpvUYoOjM+4g==} - engines: {node: '>=18.17'} - - webidl-conversions@4.0.2: - resolution: {integrity: sha512-YQ+BmxuTgd6UXZW3+ICGfyqRyHXVlD5GtQr5+qjiNW7bF0cqrzX500HVXPBOvgXb5YnzDd+h0zqyv61KUD7+Sg==} - - whatwg-encoding@3.1.1: - resolution: {integrity: sha512-6qN4hJdMwfYBtE3YBTTHhoeuUrDBPZmbQaxWAqSALV/MeEnR5z1xd8UKud2RAkFoPkmB+hli1TZSnyi84xz1vQ==} - engines: {node: '>=18'} - - whatwg-mimetype@4.0.0: - resolution: {integrity: sha512-QaKxh0eNIi2mE9p2vEdzfagOKHCcj1pJ56EEHGQOVxp8r9/iszLUUV7v89x9O1p/T+NlTM5W7jW6+cz4Fq1YVg==} - engines: {node: '>=18'} - - whatwg-url@7.1.0: - resolution: {integrity: sha512-WUu7Rg1DroM7oQvGWfOiAK21n74Gg+T4elXEQYkOhtyLeWiJFoOGLXPKI/9gzIie9CtwVLm8wtw6YJdKyxSjeg==} - - which@2.0.2: - resolution: {integrity: sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==} - engines: {node: '>= 8'} - hasBin: true - - workerpool@6.5.1: - resolution: {integrity: sha512-Fs4dNYcsdpYSAfVxhnl1L5zTksjvOJxtC5hzMNl+1t9B8hTJTdKDyZ5ju7ztgPy+ft9tBFXoOlDNiOT9WUXZlA==} - - wrap-ansi@7.0.0: - resolution: {integrity: sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==} - engines: {node: '>=10'} - - wrap-ansi@8.1.0: - resolution: {integrity: sha512-si7QWI6zUMq56bESFvagtmzMdGOtoxfR+Sez11Mobfc7tm+VkUckk9bW2UeffTGVUbOksxmSw0AA2gs8g71NCQ==} - engines: {node: '>=12'} - - wrappy@1.0.2: - resolution: {integrity: sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==} - - xtend@4.0.2: - resolution: {integrity: sha512-LKYU1iAXJXUgAXn9URjiu+MWhyUXHsvfp7mcuYm9dSUKK0/CjtrUwFAxD82/mCWbtLsGjFIad0wIsod4zrTAEQ==} - engines: {node: '>=0.4'} - - y18n@5.0.8: - resolution: {integrity: sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==} - engines: {node: '>=10'} - - yargs-parser@20.2.9: - resolution: {integrity: sha512-y11nGElTIV+CT3Zv9t7VKl+Q3hTQoT9a1Qzezhhl6Rp21gJ/IVTW7Z3y9EWXhuUBC2Shnf+DX0antecpAwSP8w==} - engines: {node: '>=10'} - - yargs-parser@21.1.1: - resolution: {integrity: sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw==} - engines: {node: '>=12'} - - yargs-unparser@2.0.0: - resolution: {integrity: sha512-7pRTIA9Qc1caZ0bZ6RYRGbHJthJWuakf+WmHK0rVeLkNrrGhfoabBNdue6kdINI6r4if7ocq9aD/n7xwKOdzOA==} - engines: {node: '>=10'} - - yargs@16.2.0: - resolution: {integrity: sha512-D1mvvtDG0L5ft/jGWkLpG1+m0eQxOfaBvTNELraWj22wSVUMWxZUvYgJYcKh6jGGIkJFhH4IZPQhR4TKpc8mBw==} - engines: {node: '>=10'} - - yargs@17.7.2: - resolution: {integrity: sha512-7dSzzRQ++CKnNI/krKnYRV7JKKPUXMEh61soaHKg9mrWEhzFWhFnxPxGl+69cD1Ou63C13NUPCnmIcrvqCuM6w==} - engines: {node: '>=12'} - - yocto-queue@0.1.0: - resolution: {integrity: sha512-rVksvsnNCdJ/ohGc6xgPwyN8eheCxsiLM8mxuE/t/mOVqJewPuO1miLpTHQiRgTKCLexL4MeAFVagts7HmNZ2Q==} - engines: {node: '>=10'} - -snapshots: - - '@babel/code-frame@7.24.7': - dependencies: - '@babel/highlight': 7.24.7 - picocolors: 1.1.0 - - '@babel/helper-validator-identifier@7.24.7': {} - - '@babel/highlight@7.24.7': - dependencies: - '@babel/helper-validator-identifier': 7.24.7 - chalk: 2.4.2 - js-tokens: 4.0.0 - picocolors: 1.1.0 - - '@esbuild-plugins/esm-externals@0.1.2(esbuild@0.23.1)': - dependencies: - debug: 4.3.6(supports-color@8.1.1) - esbuild: 0.23.1 - escape-string-regexp: 4.0.0 - transitivePeerDependencies: - - supports-color - - '@esbuild/aix-ppc64@0.23.1': - optional: true - - '@esbuild/android-arm64@0.23.1': - optional: true - - '@esbuild/android-arm@0.23.1': - optional: true - - '@esbuild/android-x64@0.23.1': - optional: true - - '@esbuild/darwin-arm64@0.23.1': - optional: true - - '@esbuild/darwin-x64@0.23.1': - optional: true - - '@esbuild/freebsd-arm64@0.23.1': - optional: true - - '@esbuild/freebsd-x64@0.23.1': - optional: true - - '@esbuild/linux-arm64@0.23.1': - optional: true - - '@esbuild/linux-arm@0.23.1': - optional: true - - '@esbuild/linux-ia32@0.23.1': - optional: true - - '@esbuild/linux-loong64@0.23.1': - optional: true - - '@esbuild/linux-mips64el@0.23.1': - optional: true - - '@esbuild/linux-ppc64@0.23.1': - optional: true - - '@esbuild/linux-riscv64@0.23.1': - optional: true - - '@esbuild/linux-s390x@0.23.1': - optional: true - - '@esbuild/linux-x64@0.23.1': - optional: true - - '@esbuild/netbsd-x64@0.23.1': - optional: true - - '@esbuild/openbsd-arm64@0.23.1': - optional: true - - '@esbuild/openbsd-x64@0.23.1': - optional: true - - '@esbuild/sunos-x64@0.23.1': - optional: true - - '@esbuild/win32-arm64@0.23.1': - optional: true - - '@esbuild/win32-ia32@0.23.1': - optional: true - - '@esbuild/win32-x64@0.23.1': - optional: true - - '@fastify/ajv-compiler@3.6.0': - dependencies: - ajv: 8.17.1 - ajv-formats: 2.1.1(ajv@8.17.1) - fast-uri: 2.4.0 - - '@fastify/error@3.4.1': {} - - '@fastify/fast-json-stringify-compiler@4.3.0': - dependencies: - fast-json-stringify: 5.16.1 - - '@fastify/merge-json-schemas@0.1.1': - dependencies: - fast-deep-equal: 3.1.3 - - '@graphile/logger@0.2.0': {} - - '@isaacs/cliui@8.0.2': - dependencies: - string-width: 5.1.2 - string-width-cjs: string-width@4.2.3 - strip-ansi: 7.1.0 - strip-ansi-cjs: strip-ansi@6.0.1 - wrap-ansi: 8.1.0 - wrap-ansi-cjs: wrap-ansi@7.0.0 - - '@jridgewell/gen-mapping@0.3.5': - dependencies: - '@jridgewell/set-array': 1.2.1 - '@jridgewell/sourcemap-codec': 1.5.0 - '@jridgewell/trace-mapping': 0.3.25 - - '@jridgewell/resolve-uri@3.1.2': {} - - '@jridgewell/set-array@1.2.1': {} - - '@jridgewell/sourcemap-codec@1.5.0': {} - - '@jridgewell/trace-mapping@0.3.25': - dependencies: - '@jridgewell/resolve-uri': 3.1.2 - '@jridgewell/sourcemap-codec': 1.5.0 - - '@nodelib/fs.scandir@2.1.5': - dependencies: - '@nodelib/fs.stat': 2.0.5 - run-parallel: 1.2.0 - - '@nodelib/fs.stat@2.0.5': {} - - '@nodelib/fs.walk@1.2.8': - dependencies: - '@nodelib/fs.scandir': 2.1.5 - fastq: 1.17.1 - - '@pkgjs/parseargs@0.11.0': - optional: true - - '@rollup/rollup-android-arm-eabi@4.21.2': - optional: true - - '@rollup/rollup-android-arm64@4.21.2': - optional: true - - '@rollup/rollup-darwin-arm64@4.21.2': - optional: true - - '@rollup/rollup-darwin-x64@4.21.2': - optional: true - - '@rollup/rollup-linux-arm-gnueabihf@4.21.2': - optional: true - - '@rollup/rollup-linux-arm-musleabihf@4.21.2': - optional: true - - '@rollup/rollup-linux-arm64-gnu@4.21.2': - optional: true - - '@rollup/rollup-linux-arm64-musl@4.21.2': - optional: true - - '@rollup/rollup-linux-powerpc64le-gnu@4.21.2': - optional: true - - '@rollup/rollup-linux-riscv64-gnu@4.21.2': - optional: true - - '@rollup/rollup-linux-s390x-gnu@4.21.2': - optional: true - - '@rollup/rollup-linux-x64-gnu@4.21.2': - optional: true - - '@rollup/rollup-linux-x64-musl@4.21.2': - optional: true - - '@rollup/rollup-win32-arm64-msvc@4.21.2': - optional: true - - '@rollup/rollup-win32-ia32-msvc@4.21.2': - optional: true - - '@rollup/rollup-win32-x64-msvc@4.21.2': - optional: true - - '@selderee/plugin-htmlparser2@0.11.0': - dependencies: - domhandler: 5.0.3 - selderee: 0.11.0 - - '@types/chai@4.3.19': {} - - '@types/debug@4.1.12': - dependencies: - '@types/ms': 0.7.34 - - '@types/estree@1.0.5': {} - - '@types/imapflow@1.0.19': - dependencies: - '@types/node': 22.5.2 - - '@types/interpret@1.1.3': - dependencies: - '@types/node': 22.5.2 - - '@types/mailparser@3.4.4': - dependencies: - '@types/node': 22.5.2 - iconv-lite: 0.6.3 - - '@types/mocha@10.0.7': {} - - '@types/ms@0.7.34': {} - - '@types/node@20.16.3': - dependencies: - undici-types: 6.19.8 - - '@types/node@22.5.2': - dependencies: - undici-types: 6.19.8 - - '@types/pg@8.11.8': - dependencies: - '@types/node': 22.5.2 - pg-protocol: 1.6.1 - pg-types: 4.0.2 - - '@types/qs@6.9.15': {} - - '@types/semver@7.5.8': {} - - abort-controller@3.0.0: - dependencies: - event-target-shim: 5.0.1 - - abstract-logging@2.0.1: {} - - ajv-formats@2.1.1(ajv@8.17.1): - optionalDependencies: - ajv: 8.17.1 - - ajv-formats@3.0.1(ajv@8.17.1): - optionalDependencies: - ajv: 8.17.1 - - ajv@8.17.1: - dependencies: - fast-deep-equal: 3.1.3 - fast-uri: 3.0.1 - json-schema-traverse: 1.0.0 - require-from-string: 2.0.2 - - ansi-colors@4.1.3: {} - - ansi-regex@5.0.1: {} - - ansi-regex@6.0.1: {} - - ansi-styles@3.2.1: - dependencies: - color-convert: 1.9.3 - - ansi-styles@4.3.0: - dependencies: - color-convert: 2.0.1 - - ansi-styles@6.2.1: {} - - any-promise@1.3.0: {} - - anymatch@3.1.3: - dependencies: - normalize-path: 3.0.0 - picomatch: 2.3.1 - - argparse@2.0.1: {} - - array-union@2.1.0: {} - - assertion-error@2.0.1: {} - - atomic-sleep@1.0.0: {} - - avvio@8.4.0: - dependencies: - '@fastify/error': 3.4.1 - fastq: 1.17.1 - - balanced-match@1.0.2: {} - - base64-js@1.5.1: {} - - binary-extensions@2.3.0: {} - - boolbase@1.0.0: {} - - brace-expansion@2.0.1: - dependencies: - balanced-match: 1.0.2 - - braces@3.0.3: - dependencies: - fill-range: 7.1.1 - - browser-stdout@1.3.1: {} - - buffer@6.0.3: - dependencies: - base64-js: 1.5.1 - ieee754: 1.2.1 - - bundle-require@5.0.0(esbuild@0.23.1): - dependencies: - esbuild: 0.23.1 - load-tsconfig: 0.2.5 - - cac@6.7.14: {} - - call-bind@1.0.7: - dependencies: - es-define-property: 1.0.0 - es-errors: 1.3.0 - function-bind: 1.1.2 - get-intrinsic: 1.2.4 - set-function-length: 1.2.2 - - callsites@3.1.0: {} - - camelcase@6.3.0: {} - - chai@5.1.1: - dependencies: - assertion-error: 2.0.1 - check-error: 2.1.1 - deep-eql: 5.0.2 - loupe: 3.1.1 - pathval: 2.0.0 - - chalk@2.4.2: - dependencies: - ansi-styles: 3.2.1 - escape-string-regexp: 1.0.5 - supports-color: 5.5.0 - - chalk@4.1.2: - dependencies: - ansi-styles: 4.3.0 - supports-color: 7.2.0 - - check-error@2.1.1: {} - - cheerio-select@2.1.0: - dependencies: - boolbase: 1.0.0 - css-select: 5.1.0 - css-what: 6.1.0 - domelementtype: 2.3.0 - domhandler: 5.0.3 - domutils: 3.1.0 - - cheerio@1.0.0: - dependencies: - cheerio-select: 2.1.0 - dom-serializer: 2.0.0 - domhandler: 5.0.3 - domutils: 3.1.0 - encoding-sniffer: 0.2.0 - htmlparser2: 9.1.0 - parse5: 7.1.2 - parse5-htmlparser2-tree-adapter: 7.0.0 - parse5-parser-stream: 7.1.2 - undici: 6.19.8 - whatwg-mimetype: 4.0.0 - - chokidar@3.6.0: - dependencies: - anymatch: 3.1.3 - braces: 3.0.3 - glob-parent: 5.1.2 - is-binary-path: 2.1.0 - is-glob: 4.0.3 - normalize-path: 3.0.0 - readdirp: 3.6.0 - optionalDependencies: - fsevents: 2.3.3 - - cliui@7.0.4: - dependencies: - string-width: 4.2.3 - strip-ansi: 6.0.1 - wrap-ansi: 7.0.0 - - cliui@8.0.1: - dependencies: - string-width: 4.2.3 - strip-ansi: 6.0.1 - wrap-ansi: 7.0.0 - - color-convert@1.9.3: - dependencies: - color-name: 1.1.3 - - color-convert@2.0.1: - dependencies: - color-name: 1.1.4 - - color-name@1.1.3: {} - - color-name@1.1.4: {} - - commander@4.1.1: {} - - consola@3.2.3: {} - - cookie@0.6.0: {} - - cosmiconfig@8.3.6(typescript@5.5.4): - dependencies: - import-fresh: 3.3.0 - js-yaml: 4.1.0 - parse-json: 5.2.0 - path-type: 4.0.0 - optionalDependencies: - typescript: 5.5.4 - - cross-spawn@7.0.3: - dependencies: - path-key: 3.1.1 - shebang-command: 2.0.0 - which: 2.0.2 - - css-select@5.1.0: - dependencies: - boolbase: 1.0.0 - css-what: 6.1.0 - domhandler: 5.0.3 - domutils: 3.1.0 - nth-check: 2.1.1 - - css-what@6.1.0: {} - - date-fns@3.6.0: {} - - debug@4.3.6(supports-color@8.1.1): - dependencies: - ms: 2.1.2 - optionalDependencies: - supports-color: 8.1.1 - - decamelize@4.0.0: {} - - deep-eql@5.0.2: {} - - deepmerge@4.3.1: {} - - define-data-property@1.1.4: - dependencies: - es-define-property: 1.0.0 - es-errors: 1.3.0 - gopd: 1.0.1 - - diff@5.2.0: {} - - dir-glob@3.0.1: - dependencies: - path-type: 4.0.0 - - dom-serializer@2.0.0: - dependencies: - domelementtype: 2.3.0 - domhandler: 5.0.3 - entities: 4.5.0 - - domelementtype@2.3.0: {} - - domhandler@5.0.3: - dependencies: - domelementtype: 2.3.0 - - domutils@3.1.0: - dependencies: - dom-serializer: 2.0.0 - domelementtype: 2.3.0 - domhandler: 5.0.3 - - dotenv@16.4.5: {} - - eastasianwidth@0.2.0: {} - - emoji-regex@8.0.0: {} - - emoji-regex@9.2.2: {} - - encoding-japanese@2.0.0: {} - - encoding-japanese@2.1.0: {} - - encoding-japanese@2.2.0: {} - - encoding-sniffer@0.2.0: - dependencies: - iconv-lite: 0.6.3 - whatwg-encoding: 3.1.1 - - entities@4.5.0: {} - - error-ex@1.3.2: - dependencies: - is-arrayish: 0.2.1 - - es-define-property@1.0.0: - dependencies: - get-intrinsic: 1.2.4 - - es-errors@1.3.0: {} - - esbuild@0.23.1: - optionalDependencies: - '@esbuild/aix-ppc64': 0.23.1 - '@esbuild/android-arm': 0.23.1 - '@esbuild/android-arm64': 0.23.1 - '@esbuild/android-x64': 0.23.1 - '@esbuild/darwin-arm64': 0.23.1 - '@esbuild/darwin-x64': 0.23.1 - '@esbuild/freebsd-arm64': 0.23.1 - '@esbuild/freebsd-x64': 0.23.1 - '@esbuild/linux-arm': 0.23.1 - '@esbuild/linux-arm64': 0.23.1 - '@esbuild/linux-ia32': 0.23.1 - '@esbuild/linux-loong64': 0.23.1 - '@esbuild/linux-mips64el': 0.23.1 - '@esbuild/linux-ppc64': 0.23.1 - '@esbuild/linux-riscv64': 0.23.1 - '@esbuild/linux-s390x': 0.23.1 - '@esbuild/linux-x64': 0.23.1 - '@esbuild/netbsd-x64': 0.23.1 - '@esbuild/openbsd-arm64': 0.23.1 - '@esbuild/openbsd-x64': 0.23.1 - '@esbuild/sunos-x64': 0.23.1 - '@esbuild/win32-arm64': 0.23.1 - '@esbuild/win32-ia32': 0.23.1 - '@esbuild/win32-x64': 0.23.1 - - escalade@3.2.0: {} - - escape-string-regexp@1.0.5: {} - - escape-string-regexp@4.0.0: {} - - event-target-shim@5.0.1: {} - - events@3.3.0: {} - - execa@5.1.1: - dependencies: - cross-spawn: 7.0.3 - get-stream: 6.0.1 - human-signals: 2.1.0 - is-stream: 2.0.1 - merge-stream: 2.0.0 - npm-run-path: 4.0.1 - onetime: 5.1.2 - signal-exit: 3.0.7 - strip-final-newline: 2.0.0 - - fast-content-type-parse@1.1.0: {} - - fast-decode-uri-component@1.0.1: {} - - fast-deep-equal@3.1.3: {} - - fast-glob@3.3.2: - dependencies: - '@nodelib/fs.stat': 2.0.5 - '@nodelib/fs.walk': 1.2.8 - glob-parent: 5.1.2 - merge2: 1.4.1 - micromatch: 4.0.8 - - fast-json-stringify@5.16.1: - dependencies: - '@fastify/merge-json-schemas': 0.1.1 - ajv: 8.17.1 - ajv-formats: 3.0.1(ajv@8.17.1) - fast-deep-equal: 3.1.3 - fast-uri: 2.4.0 - json-schema-ref-resolver: 1.0.1 - rfdc: 1.4.1 - - fast-querystring@1.1.2: - dependencies: - fast-decode-uri-component: 1.0.1 - - fast-redact@3.5.0: {} - - fast-uri@2.4.0: {} - - fast-uri@3.0.1: {} - - fastify@4.28.1: - dependencies: - '@fastify/ajv-compiler': 3.6.0 - '@fastify/error': 3.4.1 - '@fastify/fast-json-stringify-compiler': 4.3.0 - abstract-logging: 2.0.1 - avvio: 8.4.0 - fast-content-type-parse: 1.1.0 - fast-json-stringify: 5.16.1 - find-my-way: 8.2.0 - light-my-request: 5.13.0 - pino: 9.4.0 - process-warning: 3.0.0 - proxy-addr: 2.0.7 - rfdc: 1.4.1 - secure-json-parse: 2.7.0 - semver: 7.6.3 - toad-cache: 3.7.0 - - fastq@1.17.1: - dependencies: - reusify: 1.0.4 - - fill-range@7.1.1: - dependencies: - to-regex-range: 5.0.1 - - find-my-way@8.2.0: - dependencies: - fast-deep-equal: 3.1.3 - fast-querystring: 1.1.2 - safe-regex2: 3.1.0 - - find-up@5.0.0: - dependencies: - locate-path: 6.0.0 - path-exists: 4.0.0 - - flat@5.0.2: {} - - foreground-child@3.3.0: - dependencies: - cross-spawn: 7.0.3 - signal-exit: 4.1.0 - - forwarded@0.2.0: {} - - fs.realpath@1.0.0: {} - - fsevents@2.3.3: - optional: true - - function-bind@1.1.2: {} - - get-caller-file@2.0.5: {} - - get-func-name@2.0.2: {} - - get-intrinsic@1.2.4: - dependencies: - es-errors: 1.3.0 - function-bind: 1.1.2 - has-proto: 1.0.3 - has-symbols: 1.0.3 - hasown: 2.0.2 - - get-stream@6.0.1: {} - - glob-parent@5.1.2: - dependencies: - is-glob: 4.0.3 - - glob@10.4.5: - dependencies: - foreground-child: 3.3.0 - jackspeak: 3.4.3 - minimatch: 9.0.5 - minipass: 7.1.2 - package-json-from-dist: 1.0.0 - path-scurry: 1.11.1 - - glob@8.1.0: - dependencies: - fs.realpath: 1.0.0 - inflight: 1.0.6 - inherits: 2.0.4 - minimatch: 5.1.6 - once: 1.4.0 - - globby@11.1.0: - dependencies: - array-union: 2.1.0 - dir-glob: 3.0.1 - fast-glob: 3.3.2 - ignore: 5.3.2 - merge2: 1.4.1 - slash: 3.0.0 - - gopd@1.0.1: - dependencies: - get-intrinsic: 1.2.4 - - graphile-config@0.0.1-beta.9: - dependencies: - '@types/interpret': 1.1.3 - '@types/node': 20.16.3 - '@types/semver': 7.5.8 - chalk: 4.1.2 - debug: 4.3.6(supports-color@8.1.1) - interpret: 3.1.1 - semver: 7.6.3 - tslib: 2.7.0 - yargs: 17.7.2 - transitivePeerDependencies: - - supports-color - - graphile-worker@0.16.6(typescript@5.5.4): - dependencies: - '@graphile/logger': 0.2.0 - '@types/debug': 4.1.12 - '@types/pg': 8.11.8 - cosmiconfig: 8.3.6(typescript@5.5.4) - graphile-config: 0.0.1-beta.9 - json5: 2.2.3 - pg: 8.12.0 - tslib: 2.7.0 - yargs: 17.7.2 - transitivePeerDependencies: - - pg-native - - supports-color - - typescript - - has-flag@3.0.0: {} - - has-flag@4.0.0: {} - - has-property-descriptors@1.0.2: - dependencies: - es-define-property: 1.0.0 - - has-proto@1.0.3: {} - - has-symbols@1.0.3: {} - - hasown@2.0.2: - dependencies: - function-bind: 1.1.2 - - he@1.2.0: {} - - html-to-text@9.0.5: - dependencies: - '@selderee/plugin-htmlparser2': 0.11.0 - deepmerge: 4.3.1 - dom-serializer: 2.0.0 - htmlparser2: 8.0.2 - selderee: 0.11.0 - - htmlparser2@8.0.2: - dependencies: - domelementtype: 2.3.0 - domhandler: 5.0.3 - domutils: 3.1.0 - entities: 4.5.0 - - htmlparser2@9.1.0: - dependencies: - domelementtype: 2.3.0 - domhandler: 5.0.3 - domutils: 3.1.0 - entities: 4.5.0 - - human-signals@2.1.0: {} - - iconv-lite@0.6.3: - dependencies: - safer-buffer: 2.1.2 - - ieee754@1.2.1: {} - - ignore@5.3.2: {} - - imapflow@1.0.164: - dependencies: - encoding-japanese: 2.2.0 - iconv-lite: 0.6.3 - libbase64: 1.3.0 - libmime: 5.3.5 - libqp: 2.1.0 - mailsplit: 5.4.0 - nodemailer: 6.9.14 - pino: 9.2.0 - socks: 2.8.3 - - import-fresh@3.3.0: - dependencies: - parent-module: 1.0.1 - resolve-from: 4.0.0 - - inflight@1.0.6: - dependencies: - once: 1.4.0 - wrappy: 1.0.2 - - inherits@2.0.4: {} - - interpret@3.1.1: {} - - ip-address@9.0.5: - dependencies: - jsbn: 1.1.0 - sprintf-js: 1.1.3 - - ipaddr.js@1.9.1: {} - - is-arrayish@0.2.1: {} - - is-binary-path@2.1.0: - dependencies: - binary-extensions: 2.3.0 - - is-extglob@2.1.1: {} - - is-fullwidth-code-point@3.0.0: {} - - is-glob@4.0.3: - dependencies: - is-extglob: 2.1.1 - - is-number@7.0.0: {} - - is-plain-obj@2.1.0: {} - - is-stream@2.0.1: {} - - is-unicode-supported@0.1.0: {} - - isexe@2.0.0: {} - - jackspeak@3.4.3: - dependencies: - '@isaacs/cliui': 8.0.2 - optionalDependencies: - '@pkgjs/parseargs': 0.11.0 - - joycon@3.1.1: {} - - js-tokens@4.0.0: {} - - js-yaml@4.1.0: - dependencies: - argparse: 2.0.1 - - jsbn@1.1.0: {} - - json-parse-even-better-errors@2.3.1: {} - - json-schema-ref-resolver@1.0.1: - dependencies: - fast-deep-equal: 3.1.3 - - json-schema-traverse@1.0.0: {} - - json5@2.2.3: {} - - leac@0.6.0: {} - - libbase64@1.2.1: {} - - libbase64@1.3.0: {} - - libmime@5.2.0: - dependencies: - encoding-japanese: 2.0.0 - iconv-lite: 0.6.3 - libbase64: 1.2.1 - libqp: 2.0.1 - - libmime@5.3.5: - dependencies: - encoding-japanese: 2.1.0 - iconv-lite: 0.6.3 - libbase64: 1.3.0 - libqp: 2.1.0 - - libqp@2.0.1: {} - - libqp@2.1.0: {} - - light-my-request@5.13.0: - dependencies: - cookie: 0.6.0 - process-warning: 3.0.0 - set-cookie-parser: 2.7.0 - - lilconfig@3.1.2: {} - - lines-and-columns@1.2.4: {} - - linkify-it@5.0.0: - dependencies: - uc.micro: 2.1.0 - - load-tsconfig@0.2.5: {} - - locate-path@6.0.0: - dependencies: - p-locate: 5.0.0 - - lodash.sortby@4.7.0: {} - - log-symbols@4.1.0: - dependencies: - chalk: 4.1.2 - is-unicode-supported: 0.1.0 - - loupe@3.1.1: - dependencies: - get-func-name: 2.0.2 - - lru-cache@10.4.3: {} - - mailparser@3.7.1: - dependencies: - encoding-japanese: 2.1.0 - he: 1.2.0 - html-to-text: 9.0.5 - iconv-lite: 0.6.3 - libmime: 5.3.5 - linkify-it: 5.0.0 - mailsplit: 5.4.0 - nodemailer: 6.9.13 - punycode.js: 2.3.1 - tlds: 1.252.0 - - mailsplit@5.4.0: - dependencies: - libbase64: 1.2.1 - libmime: 5.2.0 - libqp: 2.0.1 - - merge-stream@2.0.0: {} - - merge2@1.4.1: {} - - micromatch@4.0.8: - dependencies: - braces: 3.0.3 - picomatch: 2.3.1 - - mimic-fn@2.1.0: {} - - minimatch@5.1.6: - dependencies: - brace-expansion: 2.0.1 - - minimatch@9.0.5: - dependencies: - brace-expansion: 2.0.1 - - minipass@7.1.2: {} - - mocha@10.7.3: - dependencies: - ansi-colors: 4.1.3 - browser-stdout: 1.3.1 - chokidar: 3.6.0 - debug: 4.3.6(supports-color@8.1.1) - diff: 5.2.0 - escape-string-regexp: 4.0.0 - find-up: 5.0.0 - glob: 8.1.0 - he: 1.2.0 - js-yaml: 4.1.0 - log-symbols: 4.1.0 - minimatch: 5.1.6 - ms: 2.1.3 - serialize-javascript: 6.0.2 - strip-json-comments: 3.1.1 - supports-color: 8.1.1 - workerpool: 6.5.1 - yargs: 16.2.0 - yargs-parser: 20.2.9 - yargs-unparser: 2.0.0 - - ms@2.1.2: {} - - ms@2.1.3: {} - - mz@2.7.0: - dependencies: - any-promise: 1.3.0 - object-assign: 4.1.1 - thenify-all: 1.6.0 - - nodemailer@6.9.13: {} - - nodemailer@6.9.14: {} - - normalize-path@3.0.0: {} - - npm-run-path@4.0.1: - dependencies: - path-key: 3.1.1 - - nth-check@2.1.1: - dependencies: - boolbase: 1.0.0 - - object-assign@4.1.1: {} - - object-inspect@1.13.2: {} - - obuf@1.1.2: {} - - on-exit-leak-free@2.1.2: {} - - once@1.4.0: - dependencies: - wrappy: 1.0.2 - - onetime@5.1.2: - dependencies: - mimic-fn: 2.1.0 - - p-limit@3.1.0: - dependencies: - yocto-queue: 0.1.0 - - p-locate@5.0.0: - dependencies: - p-limit: 3.1.0 - - package-json-from-dist@1.0.0: {} - - parent-module@1.0.1: - dependencies: - callsites: 3.1.0 - - parse-json@5.2.0: - dependencies: - '@babel/code-frame': 7.24.7 - error-ex: 1.3.2 - json-parse-even-better-errors: 2.3.1 - lines-and-columns: 1.2.4 - - parse5-htmlparser2-tree-adapter@7.0.0: - dependencies: - domhandler: 5.0.3 - parse5: 7.1.2 - - parse5-parser-stream@7.1.2: - dependencies: - parse5: 7.1.2 - - parse5@7.1.2: - dependencies: - entities: 4.5.0 - - parseley@0.12.1: - dependencies: - leac: 0.6.0 - peberminta: 0.9.0 - - path-exists@4.0.0: {} - - path-key@3.1.1: {} - - path-scurry@1.11.1: - dependencies: - lru-cache: 10.4.3 - minipass: 7.1.2 - - path-type@4.0.0: {} - - pathval@2.0.0: {} - - peberminta@0.9.0: {} - - pg-cloudflare@1.1.1: - optional: true - - pg-connection-string@2.6.4: {} - - pg-int8@1.0.1: {} - - pg-numeric@1.0.2: {} - - pg-pool@3.6.2(pg@8.12.0): - dependencies: - pg: 8.12.0 - - pg-protocol@1.6.1: {} - - pg-types@2.2.0: - dependencies: - pg-int8: 1.0.1 - postgres-array: 2.0.0 - postgres-bytea: 1.0.0 - postgres-date: 1.0.7 - postgres-interval: 1.2.0 - - pg-types@4.0.2: - dependencies: - pg-int8: 1.0.1 - pg-numeric: 1.0.2 - postgres-array: 3.0.2 - postgres-bytea: 3.0.0 - postgres-date: 2.1.0 - postgres-interval: 3.0.0 - postgres-range: 1.1.4 - - pg@8.12.0: - dependencies: - pg-connection-string: 2.6.4 - pg-pool: 3.6.2(pg@8.12.0) - pg-protocol: 1.6.1 - pg-types: 2.2.0 - pgpass: 1.0.5 - optionalDependencies: - pg-cloudflare: 1.1.1 - - pgpass@1.0.5: - dependencies: - split2: 4.2.0 - - picocolors@1.1.0: {} - - picomatch@2.3.1: {} - - pino-abstract-transport@1.2.0: - dependencies: - readable-stream: 4.5.2 - split2: 4.2.0 - - pino-std-serializers@7.0.0: {} - - pino@9.2.0: - dependencies: - atomic-sleep: 1.0.0 - fast-redact: 3.5.0 - on-exit-leak-free: 2.1.2 - pino-abstract-transport: 1.2.0 - pino-std-serializers: 7.0.0 - process-warning: 3.0.0 - quick-format-unescaped: 4.0.4 - real-require: 0.2.0 - safe-stable-stringify: 2.5.0 - sonic-boom: 4.1.0 - thread-stream: 3.1.0 - - pino@9.4.0: - dependencies: - atomic-sleep: 1.0.0 - fast-redact: 3.5.0 - on-exit-leak-free: 2.1.2 - pino-abstract-transport: 1.2.0 - pino-std-serializers: 7.0.0 - process-warning: 4.0.0 - quick-format-unescaped: 4.0.4 - real-require: 0.2.0 - safe-stable-stringify: 2.5.0 - sonic-boom: 4.1.0 - thread-stream: 3.1.0 - - pirates@4.0.6: {} - - postcss-load-config@6.0.1: - dependencies: - lilconfig: 3.1.2 - - postgres-array@2.0.0: {} - - postgres-array@3.0.2: {} - - postgres-bytea@1.0.0: {} - - postgres-bytea@3.0.0: - dependencies: - obuf: 1.1.2 - - postgres-date@1.0.7: {} - - postgres-date@2.1.0: {} - - postgres-interval@1.2.0: - dependencies: - xtend: 4.0.2 - - postgres-interval@3.0.0: {} - - postgres-range@1.1.4: {} - - process-warning@3.0.0: {} - - process-warning@4.0.0: {} - - process@0.11.10: {} - - proxy-addr@2.0.7: - dependencies: - forwarded: 0.2.0 - ipaddr.js: 1.9.1 - - punycode.js@2.3.1: {} - - punycode@2.3.1: {} - - qs@6.13.0: - dependencies: - side-channel: 1.0.6 - - queue-microtask@1.2.3: {} - - quick-format-unescaped@4.0.4: {} - - randombytes@2.1.0: - dependencies: - safe-buffer: 5.2.1 - - readable-stream@4.5.2: - dependencies: - abort-controller: 3.0.0 - buffer: 6.0.3 - events: 3.3.0 - process: 0.11.10 - string_decoder: 1.3.0 - - readdirp@3.6.0: - dependencies: - picomatch: 2.3.1 - - real-require@0.2.0: {} - - require-directory@2.1.1: {} - - require-from-string@2.0.2: {} - - resolve-from@4.0.0: {} - - resolve-from@5.0.0: {} - - ret@0.4.3: {} - - reusify@1.0.4: {} - - rfdc@1.4.1: {} - - rollup@4.21.2: - dependencies: - '@types/estree': 1.0.5 - optionalDependencies: - '@rollup/rollup-android-arm-eabi': 4.21.2 - '@rollup/rollup-android-arm64': 4.21.2 - '@rollup/rollup-darwin-arm64': 4.21.2 - '@rollup/rollup-darwin-x64': 4.21.2 - '@rollup/rollup-linux-arm-gnueabihf': 4.21.2 - '@rollup/rollup-linux-arm-musleabihf': 4.21.2 - '@rollup/rollup-linux-arm64-gnu': 4.21.2 - '@rollup/rollup-linux-arm64-musl': 4.21.2 - '@rollup/rollup-linux-powerpc64le-gnu': 4.21.2 - '@rollup/rollup-linux-riscv64-gnu': 4.21.2 - '@rollup/rollup-linux-s390x-gnu': 4.21.2 - '@rollup/rollup-linux-x64-gnu': 4.21.2 - '@rollup/rollup-linux-x64-musl': 4.21.2 - '@rollup/rollup-win32-arm64-msvc': 4.21.2 - '@rollup/rollup-win32-ia32-msvc': 4.21.2 - '@rollup/rollup-win32-x64-msvc': 4.21.2 - fsevents: 2.3.3 - - run-parallel@1.2.0: - dependencies: - queue-microtask: 1.2.3 - - safe-buffer@5.2.1: {} - - safe-regex2@3.1.0: - dependencies: - ret: 0.4.3 - - safe-stable-stringify@2.5.0: {} - - safer-buffer@2.1.2: {} - - secure-json-parse@2.7.0: {} - - selderee@0.11.0: - dependencies: - parseley: 0.12.1 - - semver@7.6.3: {} - - serialize-javascript@6.0.2: - dependencies: - randombytes: 2.1.0 - - set-cookie-parser@2.7.0: {} - - set-function-length@1.2.2: - dependencies: - define-data-property: 1.1.4 - es-errors: 1.3.0 - function-bind: 1.1.2 - get-intrinsic: 1.2.4 - gopd: 1.0.1 - has-property-descriptors: 1.0.2 - - shebang-command@2.0.0: - dependencies: - shebang-regex: 3.0.0 - - shebang-regex@3.0.0: {} - - side-channel@1.0.6: - dependencies: - call-bind: 1.0.7 - es-errors: 1.3.0 - get-intrinsic: 1.2.4 - object-inspect: 1.13.2 - - signal-exit@3.0.7: {} - - signal-exit@4.1.0: {} - - slash@3.0.0: {} - - smart-buffer@4.2.0: {} - - socks@2.8.3: - dependencies: - ip-address: 9.0.5 - smart-buffer: 4.2.0 - - sonic-boom@4.1.0: - dependencies: - atomic-sleep: 1.0.0 - - source-map@0.8.0-beta.0: - dependencies: - whatwg-url: 7.1.0 - - split2@4.2.0: {} - - sprintf-js@1.1.3: {} - - string-width@4.2.3: - dependencies: - emoji-regex: 8.0.0 - is-fullwidth-code-point: 3.0.0 - strip-ansi: 6.0.1 - - string-width@5.1.2: - dependencies: - eastasianwidth: 0.2.0 - emoji-regex: 9.2.2 - strip-ansi: 7.1.0 - - string_decoder@1.3.0: - dependencies: - safe-buffer: 5.2.1 - - strip-ansi@6.0.1: - dependencies: - ansi-regex: 5.0.1 - - strip-ansi@7.1.0: - dependencies: - ansi-regex: 6.0.1 - - strip-final-newline@2.0.0: {} - - strip-json-comments@3.1.1: {} - - sucrase@3.35.0: - dependencies: - '@jridgewell/gen-mapping': 0.3.5 - commander: 4.1.1 - glob: 10.4.5 - lines-and-columns: 1.2.4 - mz: 2.7.0 - pirates: 4.0.6 - ts-interface-checker: 0.1.13 - - supports-color@5.5.0: - dependencies: - has-flag: 3.0.0 - - supports-color@7.2.0: - dependencies: - has-flag: 4.0.0 - - supports-color@8.1.1: - dependencies: - has-flag: 4.0.0 - - thenify-all@1.6.0: - dependencies: - thenify: 3.3.1 - - thenify@3.3.1: - dependencies: - any-promise: 1.3.0 - - thread-stream@3.1.0: - dependencies: - real-require: 0.2.0 - - tlds@1.252.0: {} - - to-regex-range@5.0.1: - dependencies: - is-number: 7.0.0 - - toad-cache@3.7.0: {} - - tr46@1.0.1: - dependencies: - punycode: 2.3.1 - - tree-kill@1.2.2: {} - - ts-interface-checker@0.1.13: {} - - tslib@2.7.0: {} - - tsup@8.2.4(typescript@5.5.4): - dependencies: - bundle-require: 5.0.0(esbuild@0.23.1) - cac: 6.7.14 - chokidar: 3.6.0 - consola: 3.2.3 - debug: 4.3.6(supports-color@8.1.1) - esbuild: 0.23.1 - execa: 5.1.1 - globby: 11.1.0 - joycon: 3.1.1 - picocolors: 1.1.0 - postcss-load-config: 6.0.1 - resolve-from: 5.0.0 - rollup: 4.21.2 - source-map: 0.8.0-beta.0 - sucrase: 3.35.0 - tree-kill: 1.2.2 - optionalDependencies: - typescript: 5.5.4 - transitivePeerDependencies: - - jiti - - supports-color - - tsx - - yaml - - typescript@5.5.4: {} - - uc.micro@2.1.0: {} - - undici-types@6.19.8: {} - - undici@6.19.8: {} - - webidl-conversions@4.0.2: {} - - whatwg-encoding@3.1.1: - dependencies: - iconv-lite: 0.6.3 - - whatwg-mimetype@4.0.0: {} - - whatwg-url@7.1.0: - dependencies: - lodash.sortby: 4.7.0 - tr46: 1.0.1 - webidl-conversions: 4.0.2 - - which@2.0.2: - dependencies: - isexe: 2.0.0 - - workerpool@6.5.1: {} - - wrap-ansi@7.0.0: - dependencies: - ansi-styles: 4.3.0 - string-width: 4.2.3 - strip-ansi: 6.0.1 - - wrap-ansi@8.1.0: - dependencies: - ansi-styles: 6.2.1 - string-width: 5.1.2 - strip-ansi: 7.1.0 - - wrappy@1.0.2: {} - - xtend@4.0.2: {} - - y18n@5.0.8: {} - - yargs-parser@20.2.9: {} - - yargs-parser@21.1.1: {} - - yargs-unparser@2.0.0: - dependencies: - camelcase: 6.3.0 - decamelize: 4.0.0 - flat: 5.0.2 - is-plain-obj: 2.1.0 - - yargs@16.2.0: - dependencies: - cliui: 7.0.4 - escalade: 3.2.0 - get-caller-file: 2.0.5 - require-directory: 2.1.1 - string-width: 4.2.3 - y18n: 5.0.8 - yargs-parser: 20.2.9 - - yargs@17.7.2: - dependencies: - cliui: 8.0.1 - escalade: 3.2.0 - get-caller-file: 2.0.5 - require-directory: 2.1.1 - string-width: 4.2.3 - y18n: 5.0.8 - yargs-parser: 21.1.1 - - yocto-queue@0.1.0: {} diff --git a/services/mailbox/src/imap.ts b/services/mailbox/src/imap.ts deleted file mode 100644 index 7c376a4..0000000 --- a/services/mailbox/src/imap.ts +++ /dev/null @@ -1,131 +0,0 @@ - -import { ImapFlow } from 'imapflow'; -import EventEmitter from 'node:events'; -import 'dotenv/config'; - - - -if (!process.env.IMAP_SERVER) throw new Error('IMAP_SERVER is missing from env'); -if (!process.env.IMAP_PORT) throw new Error('IMAP_PORT is missing from env'); -if (!process.env.IMAP_USERNAME) throw new Error('IMAP_USERNAME is missing from env'); -if (!process.env.IMAP_PASSWORD) throw new Error('IMAP_PASSWORD is missing from env'); - -// https://stackoverflow.com/a/49428486/1004931 -function streamToString(stream: any) { - const chunks: any = []; - return new Promise((resolve, reject) => { - stream.on('data', (chunk: any) => chunks.push(Buffer.from(chunk))); - stream.on('error', (err: any) => reject(err)); - stream.on('end', () => resolve(Buffer.concat(chunks).toString('utf8'))); - }) -} - - -export class Email extends EventEmitter { - private client?: ImapFlow | null = null - - constructor() { - super() - } - - async archiveMessage(uid: any) { - if (!this.client) throw new Error('archiveMessage was called before this.client was instantiated.'); - await this.client.messageDelete(uid, { uid: true }) - } - - async connect() { - this.client = new ImapFlow({ - host: process.env.IMAP_SERVER!, - port: parseInt(process.env.IMAP_PORT!), - secure: true, - auth: { - user: process.env.IMAP_USERNAME!, - pass: process.env.IMAP_PASSWORD! - }, - logger: false - }); - - this.registerEventListeners() - await this.client.connect() - const stat = await this.getStatus() - if (stat?.messages && stat.messages > 0) { - await this.emitAllMessages() - } - } - - async reconnect() { - console.log(' RECONNECTING...') - delete this.client - await this.connect() - } - - async getStatus() { - if (!this.client) throw new Error('getStatus was called before this.client was instantiated.'); - let lock = await this.client.getMailboxLock('INBOX'); - let status; - try { - status = await this.client.status('INBOX', { messages: true }); - } finally { - lock.release() - } - return status - } - - async loadMessage(uid: any) { - if (!this.client) throw new Error('loadMessage was called before this.client was instantiated.'); - console.log(` 💾 loading message uid=${uid}`) - let lock = await this.client.getMailboxLock('INBOX') - let dl, body - try { - dl = await this.client.download(uid, undefined, { uid: true }) - body = await streamToString(dl.content) - } finally { - lock.release() - } - return body - } - - async emitAllMessages() { - if (!this.client) throw new Error('emitAllMessages was called before this.client was instantiated.'); - console.log('emitAllMessages is running') - let lock = await this.client.getMailboxLock('INBOX'); - try { - for await (let message of this.client.fetch('1:*', { envelope: true })) { - // it is tempting to call this.client.download here, but that is not possible while the mailbox is locked. - // client.download must be called outside of this lock - // commenting these out because it lags Tilt - // console.log('here is a message') - // console.log(JSON.stringify(message, null, 2)) - this.emit('message', message) - } - } finally { - lock.release(); - } - } - - registerEventListeners() { - if (!this.client) throw new Error('registerEventListeners was called before this.client was instantiated.'); - console.log(` > REGISTERING EVENT LISTENERS <`) - this.client.once('end', () => this.reconnect()) - this.client.on('exists', (evt: any) => { - console.log(`exists event! count=${evt.count} prevCount=${evt.prevCount}`) - // console.log(evt) - if (evt.path === 'INBOX') { - this.emitAllMessages() - } - }) - } - -} - - - - - - -// // Select and lock a mailbox. Throws if mailbox does not exist -// console.log('get lock') - - -// // log out and close connection -// // await client.logout(); \ No newline at end of file diff --git a/services/mailbox/src/index.ts b/services/mailbox/src/index.ts deleted file mode 100644 index e2e123c..0000000 --- a/services/mailbox/src/index.ts +++ /dev/null @@ -1,70 +0,0 @@ -'use strict' - -/** - * watches an e-mail inbox for going live notifications - */ - -import { checkEmail } from './parsers.js' -import { Email } from './imap.js' -import { makeWorkerUtils, WorkerUtils } from 'graphile-worker' -import { type NotificationData } from '@futureporn/types' -import { type FetchMessageObject } from 'imapflow' - - -if (!process.env.DATABASE_URL) throw new Error('DATABASE_URL is undefined in env'); -if (!process.env.PORT) throw new Error('PORT is undefined in env'); -const connectionString = process.env.DATABASE_URL -console.log(`process.env.DATABASE_URL=${connectionString}`) - - -async function handleMessage({ workerUtils, email, msg }: { workerUtils: WorkerUtils, email: Email, msg: FetchMessageObject }) { - try { - console.log(' ✏️ loading message') - const body = await email.loadMessage(msg.uid) as string - - console.log(' ✏️ checking e-mail') - const { isMatch, url, platform, channel, displayName, date, userId, avatar }: NotificationData = (await checkEmail(body) ) - - if (isMatch) { - console.log(' ✏️✏️ adding process_notif_email job to queue') - workerUtils.addJob('process_notif_email', { isMatch, url, platform, channel, displayName, date, userId, avatar }, { maxAttempts: 3 }) - } - - console.log(' ✏️ archiving e-mail') - await email.archiveMessage(msg.uid) - - } catch (e) { - console.error(`An error was encountered while handling the following e-mail message.\n${JSON.stringify(msg, null, 2)}\nError as follows.`) - console.error(e) - } -} - - - - -async function main() { - - - const workerUtils = await makeWorkerUtils({ - connectionString - }) - - // demonstrate that we are connected @todo remove this - workerUtils.addJob('hello', { name: 'worker' }, { maxAttempts: 3 }) - workerUtils.addJob('identify_image_color', { url: 'https://futureporn-b2.b-cdn.net/ti8ht9bgwj6k783j7hglfg8j_projektmelody-chaturbate-2024-07-18.png' }, { maxAttempts: 3 }) - - // connect to IMAP inbox and wait for new e-mails - const email = new Email() - email.once('message', (msg: FetchMessageObject) => handleMessage({ workerUtils, email, msg })) - console.log('mailbox is starting...') - await email.connect() - -} - -main().catch((err) => { - console.error(err); - process.exit(1); -}); - - - diff --git a/services/mailbox/src/parsers.spec.ts b/services/mailbox/src/parsers.spec.ts deleted file mode 100644 index faffd58..0000000 --- a/services/mailbox/src/parsers.spec.ts +++ /dev/null @@ -1,34 +0,0 @@ -'use strict' - -import { expect } from 'chai' -import { checkEmail } from './parsers.js' -import fs from 'node:fs/promises' -import path from 'node:path' -const __dirname = import.meta.dirname; - -describe('parsers', function () { - describe('checkEmail', function () { - it('should detect fansly e-mails and return channel data', async function () { - const mailBody = await fs.readFile(path.join(__dirname, './fixtures/fansly.fixture.txt'), { encoding: 'utf8' }) - const { isMatch, channel, platform, url, date, userId, avatar } = await checkEmail(mailBody) - expect(isMatch).to.equal(true, 'a Fansly heuristic was not found') - expect(platform).to.equal('fansly') - expect(channel).to.equal('SkiaObsidian') - expect(url).to.equal('https://fansly.com/SkiaObsidian') - expect(date).to.equal('2024-05-05T03:04:33.000Z') - expect(userId).to.equal('555722198917066752') - expect(avatar).to.equal('https://api.fansly.com/api/v1/account/555722198917066752/avatar') - }) - it('should detect cb e-mails and return channel data', async function () { - const mailBody = await fs.readFile(path.join(__dirname, './fixtures/chaturbate.fixture.txt'), { encoding: 'utf8' }) - const { isMatch, channel, platform, url, date, userId, avatar } = await checkEmail(mailBody) - expect(isMatch).to.equal(true, 'a CB heuristic was not found') - expect(platform).to.equal('chaturbate') - expect(channel).to.equal('skyeanette') - expect(url).to.equal('https://chaturbate.com/skyeanette') - expect(date).to.equal('2023-07-24T01:08:28.000Z') - expect(userId).to.equal(null) // this info is not in the CB e-mail - expect(avatar).to.equal(null) - }) - }) -}) \ No newline at end of file diff --git a/services/mailbox/src/parsers.ts b/services/mailbox/src/parsers.ts deleted file mode 100644 index 1eb0380..0000000 --- a/services/mailbox/src/parsers.ts +++ /dev/null @@ -1,99 +0,0 @@ - -import { simpleParser } from 'mailparser'; -import { load } from 'cheerio' -import { type NotificationData } from '@futureporn/types' - -const definitions = [ - { - platform: 'chaturbate', - selectors: { - channel: 'td[id*="onlinemessage"] a:nth-child(1)' - }, - from: 'follownotify@bk.chaturbate.com', - template: 'https://chaturbate.com/:channel' - }, - { - platform: 'fansly', - selectors: { - channel: ($: any) => $("a[href*='/live/']").attr('href').toString().split('/').at(-1), - displayName: 'div[class*="message-col"] div:nth-child(5)', - userId: ($: any) => $("img[src*='/api/v1/account/']").attr('src').toString().split('/').at(-2), - avatar: ($: any) => $("img[src*='/api/v1/account/']").attr('src').toString() - }, - from: 'no-reply@fansly.com', - template: 'https://fansly.com/:channel', - regex: /https:\/\/fansly.com\/live\/([a-zA-Z0-9_]+)/ - } -] - -function render(template: string, values: any) { - // console.log(`values=${values}`) - // console.log(values) - return template.replace(/:([a-zA-Z0-9_]+)/g, (match, key) => { - // Replace :channel with the corresponding property from the values object - return values[key] || match; - }); -} - - -/** - * checkEmail - * - * Check an e-mail for go-live notification content. - * - * { isMatch, url, platform, channel, displayName, date } - * - * @param {String} body raw mail body - * @returns {Object} result - * @returns {Boolean} result.isMatch true if e-mail contains a go-live notification - * @returns {String} result.url example: https://fansly.com/projektmelody - * @returns {String} result.platform example: fansly - * @returns {String} result.channel example: projektmelody - * @returns {String} result.displayName example: ProjektMelody - * @returns {String} result.date example: 2024-05-31T01:02:00.000Z - * @returns {String|null} result.userId Varies by platform. Some platforms don't have the userId in the e-mail, so it's null. - * fansly example: '555722198917066752' - */ -export async function checkEmail (body: string): Promise { - - const mail = await simpleParser(body) - if (!mail) throw new Error('mail object was unable to be gathered from simpleParser'); - if (!mail.from) throw new Error('mail.from was empty'); - if (!mail.from.value) throw new Error('mail.from.value was empty'); - if (!mail.from.value[0]) throw new Error('mail.from.value[0] was empty'); - if (!mail.date) throw new Error('mail.date was empty'); - if (!mail?.html) { - console.log(`mail.html was not truthy. This means the e-mail was text-only mode. This also means the e-mail is not a go-live notification.`); - return { isMatch: false } - } - - let res: Record = {} - let def: any = definitions.find((def) => def.from === mail.from!.value[0]!.address) - if (!def) return { isMatch: false, channel: undefined, platform: undefined, url: undefined }; - res.isMatch = true - - // Step 0, get values from e-mail metadata - res.platform = def.platform - res.date = new Date(mail.date).toISOString() - - // Step 1, get values using CSS selectors - const $ = load(mail.html) - for (const s in def.selectors) { - res[s] = (def.selectors[s] instanceof Object) ? def.selectors[s]($) : $(def.selectors[s]).text() - } - - // console.log(`res.url=${res.url} res.userId=${res.userId}`) - - // Step 2, get values using regex & templates - res.channel = (() => { - if (res.channel) return res.channel; - if (def.regex && res.url) return def.regex.exec(res.url).at(1); - })() - - res.userId = res.userId || undefined - res.avatar = res.avatar || undefined - - res.url = res.url || render(def.template, { channel: res.channel }) - - return res as NotificationData -} \ No newline at end of file diff --git a/services/mailbox/tsconfig.json b/services/mailbox/tsconfig.json deleted file mode 100644 index f09143d..0000000 --- a/services/mailbox/tsconfig.json +++ /dev/null @@ -1,29 +0,0 @@ -{ - "compilerOptions": { - // Base Options recommended for all projects - "esModuleInterop": true, - "skipLibCheck": true, - "target": "es2022", - "allowJs": true, - "resolveJsonModule": true, - "moduleDetection": "force", - "isolatedModules": true, - // Enable strict type checking so you can catch bugs early - "strict": true, - "noUncheckedIndexedAccess": true, - "noImplicitOverride": true, - // Transpile our TypeScript code to JavaScript - "module": "NodeNext", - "outDir": "dist", - "lib": [ - "es2022" - ] - }, - // Include the necessary files for your project - "include": [ - "**/*.ts" - ], - "exclude": [ - "node_modules" - ] -} \ No newline at end of file diff --git a/services/mailbox/tsup.config.js b/services/mailbox/tsup.config.js deleted file mode 100644 index 900d0f6..0000000 --- a/services/mailbox/tsup.config.js +++ /dev/null @@ -1,38 +0,0 @@ -import { defineConfig } from "tsup" -import { exec } from 'node:child_process' - -export default defineConfig({ - entry: [ - "src/index.ts", - "src/tasks/**.ts" - ], - /** - * lots of compatibility issues outputting to ESM. So we output to CJS to get things working. - */ - format: ["cjs"], - target: "es2022", - sourcemap: true, - /** - * The common package is using the internal packages approach, so it needs to - * be transpiled / bundled together with the deployed code. - */ - noExternal: [ - "@futureporn/utils", - "@futureporn/scout", - "@futureporn/storage", - "@futureporn/types", - ], - /** - * Do not use tsup for generating d.ts files because it can not generate type - * the definition maps required for go-to-definition to work in our IDE. We - * use tsc for that. - */ - splitting: false, - treeshake: true, - clean: true, - outDir: 'dist', // Where you want your compiled files to live - shims: true, - onSuccess: async () => { - exec('tsc --emitDeclarationOnly'); - } -}); \ No newline at end of file diff --git a/services/migrations-data/README.md b/services/migrations-data/README.md deleted file mode 100644 index 094ae89..0000000 --- a/services/migrations-data/README.md +++ /dev/null @@ -1,27 +0,0 @@ -# @futureporn/migrations-data - -Here we handle data migrations for the postgrest database. - -@see https://github.com/zakpatterson/postgres-schema-migrations - -Reminder: only write migrations that affect data. (don't write migrations that affect schema) - -## K.I.S.S. - -Keep It Stupidly Simple. - -We are keeping this module as simple as possible. This means pure JS (no typescript!) - - -## troubleshooting - -If you see the following error, graphile_worker likely hasn't had a chance to create it's functions. Make sure that a graphile_worker is running, so it can automatically create the necessary functions. - -```json -{ - "code": "42883", - "details": null, - "hint": "No function matches the given name and argument types. You might need to add explicit type casts.", - "message": "function graphile_worker.add_job(text, json, max_attempts => integer) does not exist" -} -``` \ No newline at end of file diff --git a/services/migrations-data/index.js b/services/migrations-data/index.js deleted file mode 100644 index 2b8ac31..0000000 --- a/services/migrations-data/index.js +++ /dev/null @@ -1,68 +0,0 @@ -import pg from 'pg' -import { migrate } from 'postgres-schema-migrations'; -import path, { dirname } from 'node:path'; -import { fileURLToPath } from 'url'; -import 'dotenv/config'; - -const { Client } = pg -const __dirname = dirname(fileURLToPath(import.meta.url)); - -if (!process.env.DATABASE_PASSWORD) throw new Error('DATABASE_PASSWORD is missing in env'); - -/* - * Here we set up a Foreign Data Wrapper which connects us to the old strapi database. - * From this Strapi db futureporn-old, we migrate data to futureporn database. - */ - -async function setupForeignDataWrapper(client) { - - - - // Run the SQL commands - const sql = ` - BEGIN; - - CREATE EXTENSION IF NOT EXISTS postgres_fdw; - - CREATE SERVER IF NOT EXISTS futureporn_old - FOREIGN DATA WRAPPER postgres_fdw - OPTIONS (dbname 'futureporn_old'); - - CREATE USER MAPPING IF NOT EXISTS FOR postgres - SERVER futureporn_old - OPTIONS (password_required 'true', password '${process.env.DATABASE_PASSWORD}'); - - COMMIT; - `; - - await client.query(sql); - console.log('Foreign Data Wrapper setup completed successfully.'); - -} - -async function main() { - const dbConfig = { - database: "futureporn", - user: "postgres", - password: process.env.DATABASE_PASSWORD, - host: 'postgresql-primary.futureporn.svc.cluster.local', - port: 5432, - } - const client = new Client(dbConfig) - await client.connect() - const migrateConfig = { - client, - ensureDatabaseExists: false, - defaultDatabase: 'postgres' - } - - try { - await setupForeignDataWrapper(client) - await migrate(migrateConfig, path.join(__dirname, "./migrations/"), { logger: console.log, schema: 'migrations_data' }) - } finally { - await client.end() - } -} - - -await main() \ No newline at end of file diff --git a/services/migrations-data/migrations/0001_from-strapi-to-postgrest-mk2.sql b/services/migrations-data/migrations/0001_from-strapi-to-postgrest-mk2.sql deleted file mode 100644 index af96bee..0000000 --- a/services/migrations-data/migrations/0001_from-strapi-to-postgrest-mk2.sql +++ /dev/null @@ -1,980 +0,0 @@ --- 2024-10-25 - -/** - * - * - * - * - * - * - * - * - * - * - * FOREIGN TABLES CREATION - * - * - * - * - [x] external_b2_files - * - [x] external_mux_assets - * - [x] external_streams - * - [x] external_streams_vtuber_links - * - [x] external_tag_vod_relations - * - [x] external_tag_vod_relations_tag_links - * - [x] external_tag_vod_relations_vod_links - * - [x] external_tags - * - [x] external_tags_toy_links - * - [x] external_tags_vods_links - * - [x] external_timestamps - * - [x] external_timestamps_tag_links - * - [x] external_timestamps_vod_links - * - [x] external_toys - * - [x] external_toys_link_tag_links - * - [x] external_vods - * - [x] external_vods_mux_asset_links - * - [x] external_vods_stream_links - * - [x] external_vods_video_src_b_2_links - * - [x] external_vods_vtuber_links - * - [x] external_vods_thumbnail_links - * - [x] external_vods_uploader_links - * - [x] external_vtubers - * - [x] external_vtubers_toy_links - * - [x] external_vtubers_toys_links - * - * - * - */ - -SET search_path TO 'public'; - -CREATE FOREIGN TABLE external_b2_files -( - id INT, - url CHARACTER VARYING(255), - key CHARACTER VARYING(255), - upload_id CHARACTER VARYING(255), - created_at TIMESTAMP(6) WITHOUT TIME ZONE, - updated_at TIMESTAMP(6) WITHOUT TIME ZONE, - created_by_id INT, - updated_by_id INT, - cdn_url CHARACTER VARYING(255) -) -SERVER futureporn_old -OPTIONS (table_name 'b2_files'); - - - -CREATE FOREIGN TABLE external_mux_assets -( - id INT, - playback_id CHARACTER VARYING(255), - asset_id CHARACTER VARYING(255), - created_at TIMESTAMP(6) WITHOUT TIME ZONE, - updated_at TIMESTAMP(6) WITHOUT TIME ZONE, - created_by_id INT, - updated_by_id INT -) -SERVER futureporn_old -OPTIONS (table_name 'mux_assets'); - - - -CREATE FOREIGN TABLE external_streams -( - id INT, - date_str CHARACTER VARYING(255), - date TIMESTAMP WITHOUT TIME ZONE, - created_by_id INT, - updated_by_id INT, - created_at TIMESTAMP WITHOUT TIME ZONE, - updated_at TIMESTAMP WITHOUT TIME ZONE, - cuid CHARACTER VARYING(255), - date_2 CHARACTER VARYING(255), - archive_status CHARACTER VARYING(255), - is_chaturbate_stream BOOLEAN, - is_fansly_stream BOOLEAN -) -SERVER futureporn_old -OPTIONS (table_name 'streams'); - - - -CREATE FOREIGN TABLE external_streams_vtuber_links -( - id INT, - stream_id INT, - vtuber_id INT, - stream_order DOUBLE PRECISION -) -SERVER futureporn_old -OPTIONS (table_name 'streams_vtuber_links'); - - - -CREATE FOREIGN TABLE external_tag_vod_relations -( - id INT, - votes INT, - creator_id INT, - created_at TIMESTAMP(6) WITHOUT TIME ZONE, - updated_at TIMESTAMP(6) WITHOUT TIME ZONE, - created_by_id INT, - updated_by_id INT -) -SERVER futureporn_old -OPTIONS (table_name 'tag_vod_relations'); - - - -CREATE FOREIGN TABLE external_tag_vod_relations_tag_links -( - id INT, - tag_vod_relation_id INT, - tag_id INT -) -SERVER futureporn_old -OPTIONS (table_name 'tag_vod_relations_tag_links'); - - - -CREATE FOREIGN TABLE external_tag_vod_relations_vod_links -( - id INT, - tag_vod_relation_id INT, - vod_id INT, - tag_vod_relation_order DOUBLE PRECISION -) -SERVER futureporn_old -OPTIONS (table_name 'tag_vod_relations_vod_links'); - - - -CREATE FOREIGN TABLE external_tags -( - id INT, - name CHARACTER VARYING(255), - created_at TIMESTAMP WITHOUT TIME ZONE, - updated_at TIMESTAMP WITHOUT TIME ZONE, - published_at TIMESTAMP WITHOUT TIME ZONE, - created_by_id INT, - updated_by_id INT -) -SERVER futureporn_old -OPTIONS (table_name 'tags'); - - -CREATE FOREIGN TABLE external_tags_toy_links -( - id INT, - tag_id INT, - toy_id INT, - tag_order DOUBLE PRECISION -) -SERVER futureporn_old -OPTIONS (table_name 'tags_toy_links'); - - - -CREATE FOREIGN TABLE external_tags_vods_links -( - id INT, - tag_id INT, - vod_id INT, - tag_order DOUBLE PRECISION, - vod_order DOUBLE PRECISION -) -SERVER futureporn_old -OPTIONS (table_name 'tags_vods_links'); - - - -CREATE FOREIGN TABLE external_timestamps -( - id INT, - time INT, - creator_id INT, - created_at TIMESTAMP(6) WITHOUT TIME ZONE, - updated_at TIMESTAMP(6) WITHOUT TIME ZONE, - created_by_id INT, - updated_by_id INT -) -SERVER futureporn_old -OPTIONS (table_name 'timestamps'); - - - -CREATE FOREIGN TABLE external_timestamps_tag_links -( - id INT, - timestamp_id INT, - tag_id INT -) -SERVER futureporn_old -OPTIONS (table_name 'timestamps_tag_links'); - - - -CREATE FOREIGN TABLE external_timestamps_vod_links -( - id INT, - timestamp_id INT, - vod_id INT, - timestamp_order DOUBLE PRECISION -) -SERVER futureporn_old -OPTIONS (table_name 'timestamps_vod_links'); - - -CREATE FOREIGN TABLE external_toys -( - id INT, - make CHARACTER VARYING(255), - model CHARACTER VARYING(255), - created_at TIMESTAMP WITHOUT TIME ZONE, - updated_at TIMESTAMP WITHOUT TIME ZONE, - created_by_id INT, - updated_by_id INT, - image_2 CHARACTER VARYING(255) -) -SERVER futureporn_old -OPTIONS (table_name 'toys'); - - - -CREATE FOREIGN TABLE external_toys_link_tag_links -( - id INT, - toy_id INT, - tag_id INT -) -SERVER futureporn_old -OPTIONS (table_name 'toys_link_tag_links'); - - - - - - -CREATE FOREIGN TABLE external_vods -( - id integer, - created_at timestamp without time zone, - updated_at timestamp without time zone, - published_at date, - title text, - date date NOT NULL, - date_2 timestamp without time zone, - mux_asset INT, - thumbnail INT, - vtuber INT, - ipfs_cid text, - video_src_hash CHARACTER VARYING(255), - s3_file INT, - torrent text, - announce_title text, - announce_url text, - note text, - url text, - discord_message_id text, - status text COLLATE pg_catalog."default" DEFAULT 'pending_recording'::text, - recording_id INT, - stream_id INT -) -SERVER futureporn_old -OPTIONS (table_name 'vods'); - - - -CREATE FOREIGN TABLE external_vods_mux_asset_links -( - id INT, - vod_id INT, - mux_asset_id INT -) -SERVER futureporn_old -OPTIONS (table_name 'vods_mux_asset_links'); - - - - - -CREATE FOREIGN TABLE external_vods_stream_links -( - id INT, - vod_id INT, - stream_id INT, - vod_order DOUBLE PRECISION -) -SERVER futureporn_old -OPTIONS (table_name 'vods_stream_links'); - - -CREATE FOREIGN TABLE external_vods_vtuber_links -( - id INT, - vod_id INT, - vtuber_id INT, - vod_order DOUBLE PRECISION -) -SERVER futureporn_old -OPTIONS (table_name 'vods_vtuber_links'); - - - -CREATE FOREIGN TABLE external_vods_thumbnail_links -( - id INT, - vod_id INT, - b_2_file_id INT -) -SERVER futureporn_old -OPTIONS (table_name 'vods_thumbnail_links'); - - -CREATE FOREIGN TABLE external_vods_uploader_links -( - id INT, - vod_id INT, - user_id INT -) -SERVER futureporn_old -OPTIONS (table_name 'vods_uploader_links'); - - - -CREATE FOREIGN TABLE external_vods_video_src_b_2_links -( - id INT, - vod_id INT, - b_2_file_id INT -) -SERVER futureporn_old -OPTIONS (table_name 'vods_video_src_b_2_links'); - - - -CREATE FOREIGN TABLE external_vtubers -( - id INT, - chaturbate CHARACTER VARYING(255), - twitter CHARACTER VARYING(255), - patreon CHARACTER VARYING(255), - twitch CHARACTER VARYING(255), - tiktok CHARACTER VARYING(255), - onlyfans CHARACTER VARYING(255), - youtube CHARACTER VARYING(255), - linktree CHARACTER VARYING(255), - carrd CHARACTER VARYING(255), - fansly CHARACTER VARYING(255), - pornhub CHARACTER VARYING(255), - discord CHARACTER VARYING(255), - reddit CHARACTER VARYING(255), - throne CHARACTER VARYING(255), - instagram CHARACTER VARYING(255), - facebook CHARACTER VARYING(255), - merch CHARACTER VARYING(255), - slug CHARACTER VARYING(255), - image CHARACTER VARYING(255), - description_1 TEXT, - description_2 TEXT, - created_at TIMESTAMP(6) WITHOUT TIME ZONE, - updated_at TIMESTAMP(6) WITHOUT TIME ZONE, - published_at TIMESTAMP(6) WITHOUT TIME ZONE, - created_by_id INT, - updated_by_id INT, - theme_color CHARACTER VARYING(255), - display_name CHARACTER VARYING(255), - image_blur CHARACTER VARYING(255) -) -SERVER futureporn_old -OPTIONS (table_name 'vtubers'); - - -CREATE FOREIGN TABLE external_vtubers_toy_links -( - id INT, - vtuber_id INT, - toy_id INT, - vtuber_order DOUBLE PRECISION -) -SERVER futureporn_old -OPTIONS (table_name 'vtubers_toy_links'); - - - -CREATE FOREIGN TABLE external_vtubers_toys_links -( - id INT, - vtuber_id INT, - toy_id INT, - toy_order DOUBLE PRECISION -) -SERVER futureporn_old -OPTIONS (table_name 'vtubers_toys_links'); - - - -/** - * - * - * - * - * - * - * - * Migrations - * - * - * - * - * The tables we need to copy are as follows. - * Note: this is not alphabetical on purpose, because some tables depend on others. - * - * - [x] vtubers - * - [x] tags - * - [x] b2_files - * - [x] mux_assets - * - [x] streams - * - [x] streams_vtuber_links - * - [x] vods - * - [x] toys - * - [x] tag_vod_relations - * - [x] tag_vod_relations_tag_links - * - [x] tag_vod_relations_vod_links - * - [x] tags_toy_links - * - [x] tags_vods_links - * - [x] timestamps - * - [x] timestamps_tag_links - * - [x] timestamps_vod_links - * - [x] toys_link_tag_links - * - [x] vods_mux_asset_links - * - [x] vods_stream_links - * - [x] vods_thumbnail_links - * - [x] vods_uploader_links - * - [x] vods_video_src_b_2_links - * - [x] vods_vtuber_links - * - [x] vtubers_toy_links - * - [x] vtubers_toys_links - * - * - * - */ - - -INSERT INTO api.vtubers -( - id, - display_name, - chaturbate, - twitter, - patreon, - twitch, - tiktok, - onlyfans, - youtube, - linktree, - carrd, - fansly, - pornhub, - discord, - reddit, - throne, - instagram, - facebook, - merch, - slug, - description_1, - description_2, - image, - theme_color, - image_blur, - created_at, - updated_at -) -OVERRIDING SYSTEM VALUE -SELECT - vtubers.id, - display_name, - chaturbate, - twitter, - patreon, - twitch, - tiktok, - onlyfans, - youtube, - linktree, - carrd, - fansly, - pornhub, - discord, - reddit, - throne, - instagram, - facebook, - merch, - slug, - description_1, - description_2, - image, - theme_color, - image_blur, - created_at, - updated_at -FROM public.external_vtubers AS vtubers; - - - - - - -INSERT INTO api.b2_files ( - id, - url, - key, - upload_id, - created_at, - updated_at, - created_by_id, - updated_by_id, - cdn_url -) -OVERRIDING SYSTEM VALUE -SELECT - id, - url, - key, - upload_id, - created_at, - updated_at, - created_by_id, - updated_by_id, - cdn_url -FROM public.external_b2_files; - - -INSERT INTO api.mux_assets ( - id, - asset_id, - playback_id, - created_at, - updated_at -) -OVERRIDING SYSTEM VALUE -SELECT - id, - asset_id, - playback_id, - created_at, - updated_at -FROM public.external_mux_assets; - - - -INSERT INTO api.streams ( - id, - platform_notification_type, - date, - date_2, - created_at, - updated_at, - vtuber_num, - archive_status, - is_chaturbate_stream, - is_fansly_stream -) -OVERRIDING SYSTEM VALUE -SELECT - streams.id, - NULL AS platform_notification_type, -- Modify if necessary - streams.date_2::TIMESTAMP WITH TIME ZONE AS date, - streams.date_2::TIMESTAMPTZ date_2, - streams.created_at, - streams.updated_at, - links.vtuber_id AS vtuber_num, - streams.archive_status, - streams.is_chaturbate_stream, - streams.is_fansly_stream -FROM public.external_streams AS streams -LEFT JOIN public.external_streams_vtuber_links AS links - ON streams.id = links.stream_id; - - - -INSERT INTO api.streams_vtuber_links ( - id, - stream_id, - vtuber_id, - stream_order -) -OVERRIDING SYSTEM VALUE -SELECT - id, - stream_id, - vtuber_id, - stream_order -FROM public.external_streams_vtuber_links; - - - -INSERT INTO api.vods ( - id, - created_at, - updated_at, - published_at, - title, - date, - date_2, - note, - ipfs_cid, - announce_title, - announce_url, - status -) -OVERRIDING SYSTEM VALUE -SELECT - vods.id, - vods.created_at, - vods.updated_at, - vods.published_at, - vods.title, - vods.date::TIMESTAMP WITH TIME ZONE, - vods.date_2::TIMESTAMPTZ AS date_2, - vods.note, - vods.video_src_hash AS ipfs_cid, - vods.announce_title, - vods.announce_url, - 'pending_recording' -FROM public.external_vods AS vods; - - - -INSERT INTO api.toys ( - id, - make, - model, - image, - created_at, - updated_at -) -OVERRIDING SYSTEM VALUE -SELECT - toys.id, - toys.make, - toys.model, - toys.image_2 AS image, - toys.created_at, - toys.updated_at -FROM public.external_toys AS toys; - - - -INSERT INTO api.tags ( - id, - name, - created_at, - updated_at, - created_by_id, - updated_by_id -) -OVERRIDING SYSTEM VALUE -SELECT - id, - name, - created_at, - updated_at, - created_by_id, - updated_by_id -FROM public.external_tags; - - - -INSERT INTO api.tag_vod_relations ( - id, - votes, - creator_id, - created_at, - updated_at, - created_by_id, - updated_by_id -) -SELECT - id, - votes, - creator_id, - created_at, - updated_at, - created_by_id, - updated_by_id -FROM public.external_tag_vod_relations; - - - -INSERT INTO api.tag_vod_relations_tag_links ( - id, - tag_vod_relation_id, - tag_id -) -SELECT - id, - tag_vod_relation_id, - tag_id -FROM public.external_tag_vod_relations_tag_links; - - - -INSERT INTO api.tag_vod_relations_vod_links -( - id, - tag_vod_relation_id, - vod_id, - tag_vod_relation_order -) -SELECT - id, - tag_vod_relation_id, - vod_id, - tag_vod_relation_order -FROM public.external_tag_vod_relations_vod_links; - - - -INSERT INTO api.tags_toy_links -( - id, - tag_id, - toy_id, - tag_order -) -SELECT - id, - tag_id, - toy_id, - tag_order -FROM public.external_tags_toy_links; - - - -INSERT INTO api.tags_vods_links -( - id, - tag_id, - vod_id, - tag_order, - vod_order -) -SELECT - id, - tag_id, - vod_id, - tag_order, - vod_order -FROM public.external_tags_vods_links; - - - -INSERT INTO api.timestamps -( - id, - time, - creator_id, - created_at, - updated_at, - created_by_id, - updated_by_id -) -SELECT - id, - time, - creator_id, - created_at, - updated_at, - created_by_id, - updated_by_id -FROM public.external_timestamps; - - - -INSERT INTO api.timestamps_tag_links -( - id, - timestamp_id, - tag_id -) -SELECT - id, - timestamp_id, - tag_id -FROM public.external_timestamps_tag_links; - - - -INSERT INTO api.timestamps_vod_links -( - id, - timestamp_id, - vod_id, - timestamp_order -) -SELECT - id, - timestamp_id, - vod_id, - timestamp_order -FROM public.external_timestamps_vod_links; - - - -INSERT INTO api.toys_link_tag_links -( - id, - toy_id, - tag_id -) -SELECT - id, - toy_id, - tag_id -FROM public.external_toys_link_tag_links; - - - -INSERT INTO api.vods_mux_asset_links ( - id, - vod_id, - mux_asset_id -) -SELECT - vmal.id, - vmal.vod_id, - vmal.mux_asset_id -FROM public.external_vods_mux_asset_links AS vmal; - - - -INSERT INTO api.vods_stream_links ( - id, - vod_id, - stream_id, - vod_order -) -SELECT - vsl.id, - vsl.vod_id, - vsl.stream_id, - vsl.vod_order -FROM public.external_vods_stream_links AS vsl; - - - -INSERT INTO api.vods_thumbnail_links ( - id, - vod_id, - b_2_file_id -) -SELECT - vtl.id, - vtl.vod_id, - vtl.b_2_file_id -FROM public.external_vods_thumbnail_links AS vtl; - - - -INSERT INTO api.vods_uploader_links ( - id, - vod_id, - user_id -) -SELECT - vul.id, - vul.vod_id, - vul.user_id -FROM public.external_vods_uploader_links AS vul; - - - -INSERT INTO api.vods_video_src_b_2_links ( - id, - vod_id, - b_2_file_id -) -SELECT - v.id, - v.vod_id, - v.b_2_file_id -FROM public.external_vods_video_src_b_2_links AS v; - - - -INSERT INTO api.vods_vtuber_links ( - id, - vod_id, - vtuber_id, - vod_order -) -SELECT - v.id, - v.vod_id, - v.vtuber_id, - v.vod_order -FROM public.external_vods_vtuber_links AS v; - - - -INSERT INTO api.vtubers_toy_links -( - id, - vtuber_id, - toy_id, - vtuber_order -) -SELECT - id, - vtuber_id, - toy_id, - vtuber_order -FROM public.external_vtubers_toy_links; - - -INSERT INTO api.vtubers_toys_links -( - id, - vtuber_id, - toy_id, - toy_order -) -SELECT - id, - vtuber_id, - toy_id, - toy_order -FROM public.external_vtubers_toys_links; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/services/migrations-data/migrations/0002_relate-vtubers-to-vods.sql b/services/migrations-data/migrations/0002_relate-vtubers-to-vods.sql deleted file mode 100644 index 801e0e8..0000000 --- a/services/migrations-data/migrations/0002_relate-vtubers-to-vods.sql +++ /dev/null @@ -1,17 +0,0 @@ --- 2024-11-21 - --- SELECT * FROM api.vods AS vods --- INNER JOIN api.vods_vtuber_links AS links --- ON vods.id = links.vtuber_id - --- INSERT INTO api.vods (vtuber) --- SELECT vtuber --- FROM api.vods_vtuber_links --- WHERE api.vods.id = api.vods_vtuber_links.vtuber_id; - -UPDATE api.vods -SET vtuber_id = links.vtuber_id -FROM api.vods_vtuber_links links -WHERE api.vods.id = links.vod_id; - - diff --git a/services/migrations-data/migrations/0003_relate-mux_asset_id-to-vods.sql b/services/migrations-data/migrations/0003_relate-mux_asset_id-to-vods.sql deleted file mode 100644 index c118eba..0000000 --- a/services/migrations-data/migrations/0003_relate-mux_asset_id-to-vods.sql +++ /dev/null @@ -1,9 +0,0 @@ --- 2024-11-22 - -UPDATE api.vods -SET mux_asset_id = links.mux_asset_id -FROM api.vods_mux_asset_links links -WHERE api.vods.id = links.vod_id; - - - diff --git a/services/migrations-data/migrations/0004_relate-thumbnails-to-vods.sql b/services/migrations-data/migrations/0004_relate-thumbnails-to-vods.sql deleted file mode 100644 index d812c90..0000000 --- a/services/migrations-data/migrations/0004_relate-thumbnails-to-vods.sql +++ /dev/null @@ -1,9 +0,0 @@ --- 2024-11-22 - -UPDATE api.vods -SET thumbnail_id = links.b_2_file_id -FROM api.vods_thumbnail_links links -WHERE api.vods.id = links.vod_id; - - - diff --git a/services/migrations-data/migrations/0005_rename-vtuber_num-to-vtuber_id.sql b/services/migrations-data/migrations/0005_rename-vtuber_num-to-vtuber_id.sql deleted file mode 100644 index cefe465..0000000 --- a/services/migrations-data/migrations/0005_rename-vtuber_num-to-vtuber_id.sql +++ /dev/null @@ -1,9 +0,0 @@ --- 2024-11-22 - -UPDATE api.streams -SET vtuber_id = vtuber_num -WHERE vtuber_num IS NOT NULL; - - - --- @TODO api.streams.vtuber_num is deprecated in favor of api.streams.vtuber_Id \ No newline at end of file diff --git a/services/migrations-data/migrations/0006_relate-vods-to-streams.sql b/services/migrations-data/migrations/0006_relate-vods-to-streams.sql deleted file mode 100644 index e9a7695..0000000 --- a/services/migrations-data/migrations/0006_relate-vods-to-streams.sql +++ /dev/null @@ -1,9 +0,0 @@ --- 2024-12-16 - --- Relate VODs to streams by matching the same date - --- Update existing VODs to associate them with the corresponding stream -UPDATE api.vods -SET stream_id = streams.id -FROM api.streams -WHERE vods.date = streams.date; \ No newline at end of file diff --git a/services/migrations-data/migrations/README.md b/services/migrations-data/migrations/README.md deleted file mode 100644 index 1d6b1ca..0000000 --- a/services/migrations-data/migrations/README.md +++ /dev/null @@ -1,17 +0,0 @@ -# Futureporn data migrations - -This directory is for data migrations ONLY. -For schema migrations, see ./migrations node package - - -## Usage - - $ a.migration.sh - -### Real-world Example - -Here we use dotenvx to load environment variables (specifically POSTGRES_PASSWORD is needed) and run the migration inside the postgres pod - - dotenvx run -f ./.env.development -- bash -x ./scripts/data-migrations/a.migration.sh ./scripts/data-migrations/2024-10-07-transfer-streams.sql - - diff --git a/services/migrations-data/package.json b/services/migrations-data/package.json deleted file mode 100644 index 3925948..0000000 --- a/services/migrations-data/package.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "name": "@futureporn/migrations-data", - "type": "module", - "version": "0.6.0", - "description": "", - "main": "index.js", - "scripts": { - "test": "echo \"Error: no test specified\" && exit 0", - "start": "node index.js" - }, - "packageManager": "pnpm@9.6.0", - "keywords": [], - "author": "@CJ_Clippy", - "license": "Unlicense", - "dependencies": { - "dotenv": "^16.4.5", - "pg": "8.12.0", - "postgres-schema-migrations": "^6.1.0" - } -} diff --git a/services/migrations-data/pnpm-lock.yaml b/services/migrations-data/pnpm-lock.yaml deleted file mode 100644 index 3fe9609..0000000 --- a/services/migrations-data/pnpm-lock.yaml +++ /dev/null @@ -1,186 +0,0 @@ -lockfileVersion: '9.0' - -settings: - autoInstallPeers: true - excludeLinksFromLockfile: false - -importers: - - .: - dependencies: - dotenv: - specifier: ^16.4.5 - version: 16.4.5 - pg: - specifier: 8.12.0 - version: 8.12.0 - postgres-schema-migrations: - specifier: ^6.1.0 - version: 6.1.0 - - ../..: {} - - ../../packages/fetchers: {} - - ../../packages/infra: {} - - ../../packages/storage: {} - - ../../packages/types: {} - - ../../packages/utils: {} - - ../bot: {} - - ../capture: {} - - ../factory: {} - - ../htmx: {} - - ../mailbox: {} - - ../migrations-schema: {} - - ../next: {} - - ../scout: {} - - ../strapi: {} - - ../uppy: {} - -packages: - - dotenv@16.4.5: - resolution: {integrity: sha512-ZmdL2rui+eB2YwhsWzjInR8LldtZHGDoQ1ugH85ppHKwpUHL7j7rN0Ti9NCnGiQbhaZ11FpR+7ao1dNsmduNUg==} - engines: {node: '>=12'} - - pg-cloudflare@1.1.1: - resolution: {integrity: sha512-xWPagP/4B6BgFO+EKz3JONXv3YDgvkbVrGw2mTo3D6tVDQRh1e7cqVGvyR3BE+eQgAvx1XhW/iEASj4/jCWl3Q==} - - pg-connection-string@2.6.4: - resolution: {integrity: sha512-v+Z7W/0EO707aNMaAEfiGnGL9sxxumwLl2fJvCQtMn9Fxsg+lPpPkdcyBSv/KFgpGdYkMfn+EI1Or2EHjpgLCA==} - - pg-int8@1.0.1: - resolution: {integrity: sha512-WCtabS6t3c8SkpDBUlb1kjOs7l66xsGdKpIPZsg4wR+B3+u9UAum2odSsF9tnvxg80h4ZxLWMy4pRjOsFIqQpw==} - engines: {node: '>=4.0.0'} - - pg-pool@3.6.2: - resolution: {integrity: sha512-Htjbg8BlwXqSBQ9V8Vjtc+vzf/6fVUuak/3/XXKA9oxZprwW3IMDQTGHP+KDmVL7rtd+R1QjbnCFPuTHm3G4hg==} - peerDependencies: - pg: '>=8.0' - - pg-protocol@1.6.1: - resolution: {integrity: sha512-jPIlvgoD63hrEuihvIg+tJhoGjUsLPn6poJY9N5CnlPd91c2T18T/9zBtLxZSb1EhYxBRoZJtzScCaWlYLtktg==} - - pg-types@2.2.0: - resolution: {integrity: sha512-qTAAlrEsl8s4OiEQY69wDvcMIdQN6wdz5ojQiOy6YRMuynxenON0O5oCpJI6lshc6scgAY8qvJ2On/p+CXY0GA==} - engines: {node: '>=4'} - - pg@8.12.0: - resolution: {integrity: sha512-A+LHUSnwnxrnL/tZ+OLfqR1SxLN3c/pgDztZ47Rpbsd4jUytsTtwQo/TLPRzPJMp/1pbhYVhH9cuSZLAajNfjQ==} - engines: {node: '>= 8.0.0'} - peerDependencies: - pg-native: '>=3.0.1' - peerDependenciesMeta: - pg-native: - optional: true - - pgpass@1.0.5: - resolution: {integrity: sha512-FdW9r/jQZhSeohs1Z3sI1yxFQNFvMcnmfuj4WBMUTxOrAyLMaTcE1aAMBiTlbMNaXvBCQuVi0R7hd8udDSP7ug==} - - postgres-array@2.0.0: - resolution: {integrity: sha512-VpZrUqU5A69eQyW2c5CA1jtLecCsN2U/bD6VilrFDWq5+5UIEVO7nazS3TEcHf1zuPYO/sqGvUvW62g86RXZuA==} - engines: {node: '>=4'} - - postgres-bytea@1.0.0: - resolution: {integrity: sha512-xy3pmLuQqRBZBXDULy7KbaitYqLcmxigw14Q5sj8QBVLqEwXfeybIKVWiqAXTlcvdvb0+xkOtDbfQMOf4lST1w==} - engines: {node: '>=0.10.0'} - - postgres-date@1.0.7: - resolution: {integrity: sha512-suDmjLVQg78nMK2UZ454hAG+OAW+HQPZ6n++TNDUX+L0+uUlLywnoxJKDou51Zm+zTCjrCl0Nq6J9C5hP9vK/Q==} - engines: {node: '>=0.10.0'} - - postgres-interval@1.2.0: - resolution: {integrity: sha512-9ZhXKM/rw350N1ovuWHbGxnGh/SNJ4cnxHiM0rxE4VN41wsg8P8zWn9hv/buK00RP4WvlOyr/RBDiptyxVbkZQ==} - engines: {node: '>=0.10.0'} - - postgres-schema-migrations@6.1.0: - resolution: {integrity: sha512-d1LJ+A9Lg4kAwuh91S8ozF8q3adFNJlStbpUF/sbjMTzSIzJClpmg4D6qyd9nvKt2el0rnZJjXZQ2r01Y5OpzA==} - engines: {node: '>10.17.0'} - hasBin: true - - split2@4.2.0: - resolution: {integrity: sha512-UcjcJOWknrNkF6PLX83qcHM6KHgVKNkV62Y8a5uYDVv9ydGQVwAHMKqHdJje1VTWpljG0WYpCDhrCdAOYH4TWg==} - engines: {node: '>= 10.x'} - - sql-template-strings@2.2.2: - resolution: {integrity: sha512-UXhXR2869FQaD+GMly8jAMCRZ94nU5KcrFetZfWEMd+LVVG6y0ExgHAhatEcKZ/wk8YcKPdi+hiD2wm75lq3/Q==} - engines: {node: '>=4.0.0'} - - xtend@4.0.2: - resolution: {integrity: sha512-LKYU1iAXJXUgAXn9URjiu+MWhyUXHsvfp7mcuYm9dSUKK0/CjtrUwFAxD82/mCWbtLsGjFIad0wIsod4zrTAEQ==} - engines: {node: '>=0.4'} - -snapshots: - - dotenv@16.4.5: {} - - pg-cloudflare@1.1.1: - optional: true - - pg-connection-string@2.6.4: {} - - pg-int8@1.0.1: {} - - pg-pool@3.6.2(pg@8.12.0): - dependencies: - pg: 8.12.0 - - pg-protocol@1.6.1: {} - - pg-types@2.2.0: - dependencies: - pg-int8: 1.0.1 - postgres-array: 2.0.0 - postgres-bytea: 1.0.0 - postgres-date: 1.0.7 - postgres-interval: 1.2.0 - - pg@8.12.0: - dependencies: - pg-connection-string: 2.6.4 - pg-pool: 3.6.2(pg@8.12.0) - pg-protocol: 1.6.1 - pg-types: 2.2.0 - pgpass: 1.0.5 - optionalDependencies: - pg-cloudflare: 1.1.1 - - pgpass@1.0.5: - dependencies: - split2: 4.2.0 - - postgres-array@2.0.0: {} - - postgres-bytea@1.0.0: {} - - postgres-date@1.0.7: {} - - postgres-interval@1.2.0: - dependencies: - xtend: 4.0.2 - - postgres-schema-migrations@6.1.0: - dependencies: - pg: 8.12.0 - sql-template-strings: 2.2.2 - transitivePeerDependencies: - - pg-native - - split2@4.2.0: {} - - sql-template-strings@2.2.2: {} - - xtend@4.0.2: {} diff --git a/services/migrations-schema/README.md b/services/migrations-schema/README.md deleted file mode 100644 index 4fdd8da..0000000 --- a/services/migrations-schema/README.md +++ /dev/null @@ -1,27 +0,0 @@ -# @futureporn/migrations - -Here we handle migrations for the postgrest database. - -@see https://github.com/zakpatterson/postgres-schema-migrations - -Reminder: only write migrations that affect schema. (don't write migrations that affect data) - -## K.I.S.S. - -Keep It Stupidly Simple. - -We are keeping this module as simple as possible. This means pure JS (no typescript!) - - -## troubleshooting - -If you see the following error, graphile_worker likely hasn't had a chance to create it's functions. Make sure that a graphile_worker is running, so it can automatically create the necessary functions. - -```json -{ - "code": "42883", - "details": null, - "hint": "No function matches the given name and argument types. You might need to add explicit type casts.", - "message": "function graphile_worker.add_job(text, json, max_attempts => integer) does not exist" -} -``` \ No newline at end of file diff --git a/services/migrations-schema/index.js b/services/migrations-schema/index.js deleted file mode 100644 index 435b172..0000000 --- a/services/migrations-schema/index.js +++ /dev/null @@ -1,32 +0,0 @@ -import {migrate} from 'postgres-schema-migrations' -import path, { dirname } from 'node:path' -import { fileURLToPath } from 'url'; -import 'dotenv/config' - - -const __dirname = dirname(fileURLToPath(import.meta.url)); - -if (!process.env.DATABASE_PASSWORD) throw new Error('DATABASE_PASSWORD is missing in env'); - -async function main() { - const dbConfig = { - database: "futureporn", - user: "postgres", - password: process.env.DATABASE_PASSWORD, - host: 'postgresql-primary.futureporn.svc.cluster.local', - port: 5432, - - // Default: false for backwards-compatibility - // This might change! - ensureDatabaseExists: true, - - // Default: "postgres" - // Used when checking/creating "database-name" - defaultDatabase: "postgres" - } - - await migrate(dbConfig, path.join(__dirname, "./migrations/"), { schema: 'migrations_schema', logger: console.log }) -} - - -await main() \ No newline at end of file diff --git a/services/migrations-schema/migrations/00001_create.sql b/services/migrations-schema/migrations/00001_create.sql deleted file mode 100644 index 344918c..0000000 --- a/services/migrations-schema/migrations/00001_create.sql +++ /dev/null @@ -1,26 +0,0 @@ --- api schema, which houses all the tables for api endpoints --- example: api.discord_interactions becomes accessible at localhost:9000/discord_interactions -CREATE schema api; - --- authenticator is the role which can "impersonate" other users. -CREATE ROLE authenticator LOGIN NOINHERIT NOCREATEDB NOCREATEROLE NOSUPERUSER; --- web_anon is the role assigned to anonymous web requests -CREATE ROLE web_anon NOLOGIN; - --- schema for @futureporn/capture and @futureporn/bot -CREATE TABLE api.discord_interactions ( - id int PRIMARY KEY GENERATED ALWAYS AS IDENTITY, - discord_message_id text NOT NULL, - capture_job_id text NOT NULL -); - - --- roles & permissions for our backend automation user -CREATE ROLE automation NOLOGIN; -GRANT automation TO authenticator; -GRANT usage ON SCHEMA api TO automation; -GRANT all ON api.discord_interactions TO automation; - --- role & permissions for web_anon web user -GRANT usage on schema api TO web_anon; -GRANT SELECT ON api.discord_interactions TO web_anon; diff --git a/services/migrations-schema/migrations/00002_add-records-table.sql b/services/migrations-schema/migrations/00002_add-records-table.sql deleted file mode 100644 index b9cd2e3..0000000 --- a/services/migrations-schema/migrations/00002_add-records-table.sql +++ /dev/null @@ -1,13 +0,0 @@ --- records table schema -CREATE TABLE api.records ( - id INT PRIMARY KEY GENERATED ALWAYS AS IDENTITY, - url TEXT NOT NULL, - discord_message_id TEXT NOT NULL, - recording_state TEXT NOT NULL DEFAULT 'pending', - file_size BIGINT NOT NULL DEFAULT 0, - is_aborted BOOLEAN NOT NULL DEFAULT FALSE -); - --- roles & permissions for our backend automation user -GRANT all ON api.records TO automation; -GRANT SELECT ON api.records TO web_anon; \ No newline at end of file diff --git a/services/migrations-schema/migrations/00003_create-graphile-worker-schema.sql b/services/migrations-schema/migrations/00003_create-graphile-worker-schema.sql deleted file mode 100644 index 173025a..0000000 --- a/services/migrations-schema/migrations/00003_create-graphile-worker-schema.sql +++ /dev/null @@ -1,4 +0,0 @@ -CREATE schema graphile_worker; -GRANT all ON SCHEMA graphile_worker TO postgres; -GRANT all ON SCHEMA graphile_worker TO automation; - diff --git a/services/migrations-schema/migrations/00004_create-trigger-function.sql b/services/migrations-schema/migrations/00004_create-trigger-function.sql deleted file mode 100644 index f3e42f8..0000000 --- a/services/migrations-schema/migrations/00004_create-trigger-function.sql +++ /dev/null @@ -1,29 +0,0 @@ - --- We create a function which lets Postgrest's automation user create jobs in Graphile Worker. --- Normally only the database owner, in our case `postgres`, can add jobs due to RLS in graphile_worker tables. --- Under the advice of graphile_worker author, we can use a SECURITY DEFINER wrapper function. --- @see https://worker.graphile.org/docs/sql-add-job#graphile_workeradd_job:~:text=graphile_worker.add_job(...),that%20are%20necessary.) --- @see https://discord.com/channels/489127045289476126/1179293106336694333/1179605043729670306 --- @see https://discord.com/channels/489127045289476126/498852330754801666/1067707497235873822 - - - -CREATE FUNCTION public.tg__add_job() RETURNS trigger - LANGUAGE plpgsql SECURITY DEFINER - SET search_path TO 'pg_catalog', 'public', 'pg_temp' - AS $$ - begin - PERFORM graphile_worker.add_job(tg_argv[0], json_build_object( - 'url', NEW.url, - 'record_id', NEW.id - ), max_attempts := 12); - return NEW; - end; - $$; - - -CREATE TRIGGER record - AFTER INSERT ON api.records - FOR EACH ROW - EXECUTE PROCEDURE public.tg__add_job('record'); - diff --git a/services/migrations-schema/migrations/00005_add-trigger-for-record-update.sql b/services/migrations-schema/migrations/00005_add-trigger-for-record-update.sql deleted file mode 100644 index 5880cc4..0000000 --- a/services/migrations-schema/migrations/00005_add-trigger-for-record-update.sql +++ /dev/null @@ -1,21 +0,0 @@ - -CREATE FUNCTION public.tg__update_discord_message() RETURNS trigger - LANGUAGE plpgsql SECURITY DEFINER - SET search_path TO 'pg_catalog', 'public', 'pg_temp' - AS $$ - begin - PERFORM graphile_worker.add_job('update_discord_message', json_build_object( - 'record_id', NEW.id - ), max_attempts := 3); - return NEW; - end; - $$; - - - --- when a record is updated, we add a job in graphile to update_discord_message -CREATE TRIGGER record_update - AFTER UPDATE ON api.records - FOR EACH ROW - EXECUTE PROCEDURE public.tg__update_discord_message('update_discord_message'); - diff --git a/services/migrations-schema/migrations/00006_add-updated-at-to-records.sql b/services/migrations-schema/migrations/00006_add-updated-at-to-records.sql deleted file mode 100644 index 6673808..0000000 --- a/services/migrations-schema/migrations/00006_add-updated-at-to-records.sql +++ /dev/null @@ -1,5 +0,0 @@ -ALTER TABLE IF EXISTS api.records - ADD COLUMN created_at timestamp(6) without time zone; - -ALTER TABLE IF EXISTS api.records - ADD COLUMN updated_at timestamp(6) without time zone; \ No newline at end of file diff --git a/services/migrations-schema/migrations/00007_add-default-records-timestamps.sql b/services/migrations-schema/migrations/00007_add-default-records-timestamps.sql deleted file mode 100644 index 17caebf..0000000 --- a/services/migrations-schema/migrations/00007_add-default-records-timestamps.sql +++ /dev/null @@ -1,7 +0,0 @@ -ALTER TABLE IF EXISTS api.records - ADD CONSTRAINT created_at_not_null - CHECK (created_at IS NOT NULL) NOT VALID; - -ALTER TABLE IF EXISTS api.records - ADD CONSTRAINT updated_at_not_null - CHECK (updated_at IS NOT NULL) NOT VALID; \ No newline at end of file diff --git a/services/migrations-schema/migrations/00008_add-default-records-timestamp.sql b/services/migrations-schema/migrations/00008_add-default-records-timestamp.sql deleted file mode 100644 index 1005698..0000000 --- a/services/migrations-schema/migrations/00008_add-default-records-timestamp.sql +++ /dev/null @@ -1,26 +0,0 @@ --- In the prev. migration I added a CHECK, but I forgot to add the default - - -ALTER TABLE IF EXISTS api.records - ALTER COLUMN created_at SET DEFAULT now(); - -ALTER TABLE IF EXISTS api.records - ALTER COLUMN updated_at SET DEFAULT now(); - - --- create a function which updates the row's updated_at -CREATE FUNCTION public.tg__updated_at() RETURNS trigger - LANGUAGE plpgsql - SET search_path TO 'pg_catalog', 'public', 'pg_temp' - AS $$ - BEGIN - NEW.updated_at = now(); - RETURN NEW; - END; - $$; - --- create a trigger which runs the above function when a /record is updated -CREATE TRIGGER record_updated_at - AFTER UPDATE ON api.records - FOR EACH ROW - EXECUTE PROCEDURE public.tg__updated_at(); diff --git a/services/migrations-schema/migrations/00009_add-streams-vods-vtubers.sql b/services/migrations-schema/migrations/00009_add-streams-vods-vtubers.sql deleted file mode 100644 index 134fc45..0000000 --- a/services/migrations-schema/migrations/00009_add-streams-vods-vtubers.sql +++ /dev/null @@ -1,140 +0,0 @@ - --- vtubers table -CREATE TABLE api.vtubers ( - id uuid PRIMARY KEY DEFAULT gen_random_uuid(), - display_name TEXT NOT NULL, - chaturbate TEXT, - twitter TEXT, - patreon TEXT, - twitch TEXT, - tiktok TEXT, - onlyfans TEXT, - youtube TEXT, - linktree TEXT, - carrd TEXT, - fansly TEXT, - pornhub TEXT, - discord TEXT, - reddit TEXT, - throne TEXT, - instagram TEXT, - facebook TEXT, - merch TEXT, - slug TEXT NOT NULL, - description1 TEXT, - description2 TEXT, - image TEXT NOT NULL, - theme_color VARCHAR(7) NOT NULL, - image_blur TEXT DEFAULT 'data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAABmJLR0QA/wD/AP+gvaeTAAAADUlEQVQImWMwtf//HwAEkwJzh0T9qwAAAABJRU5ErkJggg==', - fansly_id TEXT, - chaturbate_id TEXT, - twitter_id TEXT - -- F.Y.I., relations as follows - -- toys (one-to-many) - -- vods (one-to-many) - -- streams (one-to-many) -); -GRANT all ON api.vtubers TO automation; -GRANT SELECT ON api.vtubers TO web_anon; - - --- streams table -CREATE TABLE api.streams ( - id uuid PRIMARY KEY DEFAULT gen_random_uuid(), - url TEXT NOT NULL, - platform_notification_type TEXT, - date timestamp(6) without time zone, - created_at timestamp(6) without time zone, - vtuber uuid, - FOREIGN KEY (vtuber) REFERENCES api.vtubers(id), - tweet TEXT, - archive_status TEXT, - is_chaturbate_stream BOOLEAN, - is_fansly_stream BOOLEAN -); -GRANT all ON api.streams TO automation; -GRANT SELECT ON api.streams TO web_anon; - --- toys table -CREATE TABLE api.toys ( - id uuid PRIMARY KEY DEFAULT gen_random_uuid(), - -- relation. one toy to many tags - -- relation. one toy to many vtubers - make TEXT NOT NULL, - model TEXT NOT NULL, - image TEXT NOT NULL DEFAULT 'https://futureporn-b2.b-cdn.net/default-thumbnail.webp' -); -GRANT all ON api.toys TO automation; -GRANT SELECT ON api.toys TO web_anon; - - --- tags table -CREATE TABLE api.tags ( - id uuid PRIMARY KEY DEFAULT gen_random_uuid(), - name TEXT NOT NULL UNIQUE, - toy_id uuid, - FOREIGN KEY (toy_id) REFERENCES api.toys -); -GRANT all ON api.tags TO automation; -GRANT SELECT ON api.tags TO web_anon; - --- toys-tags junction table -CREATE TABLE api.toys_tags( - id uuid PRIMARY KEY DEFAULT gen_random_uuid(), - toy_id uuid, - tag_id uuid, - CONSTRAINT fk_toys FOREIGN KEY(toy_id) REFERENCES api.toys(id), - CONSTRAINT fk_tags FOREIGN KEY(tag_id) REFERENCES api.tags(id) -); -GRANT all ON api.toys_tags TO automation; -GRANT SELECT ON api.toys_tags TO web_anon; - --- tags-vods junction table --- toys-vtubers junction table -CREATE TABLE api.toys_vtubers( - id uuid PRIMARY KEY DEFAULT gen_random_uuid(), - toy_id uuid, - vtuber_id uuid, - CONSTRAINT fk_toys FOREIGN KEY(toy_id) REFERENCES api.toys(id), - CONSTRAINT fk_vtubers FOREIGN KEY(vtuber_id) REFERENCES api.vtubers(id) -); -GRANT all ON api.toys_vtubers TO automation; -GRANT SELECT ON api.toys_vtubers TO web_anon; - - - - --- vods table -CREATE TABLE api.vods ( - id uuid PRIMARY KEY DEFAULT gen_random_uuid(), - stream_id uuid NOT NULL, - FOREIGN KEY (stream_id) REFERENCES api.streams(id), - video_cid TEXT UNIQUE, - CONSTRAINT check_video_cid CHECK (video_cid ~ 'Qm[1-9A-HJ-NP-Za-km-z]{44,}|b[A-Za-z2-7]{58,}|B[A-Z2-7]{58,}|z[1-9A-HJ-NP-Za-km-z]{48,}|F[0-9A-F]{50,}'), - announce_title TEXT, - announce_url TEXT, - note TEXT, - date timestamp(6) without time zone, - spoilers TEXT, - title TEXT, - uploader uuid, - mux_asset_id TEXT, - mux_playback_id TEXT, - s3_key TEXT, - s3_id TEXT, - thumbnail TEXT -); -GRANT all ON api.vods TO automation; -GRANT SELECT ON api.vods TO web_anon; - - --- tags-vods junction table -CREATE TABLE api.tags_vods( - id uuid PRIMARY KEY DEFAULT gen_random_uuid(), - tag_id uuid, - vod_id uuid, - CONSTRAINT fk_tags FOREIGN KEY(tag_id) REFERENCES api.tags(id), - CONSTRAINT fk_vods FOREIGN KEY(vod_id) REFERENCES api.vods(id) -); -GRANT all ON api.tags_vods TO automation; -GRANT SELECT ON api.tags_vods TO web_anon; diff --git a/services/migrations-schema/migrations/00010_record-segments.sql b/services/migrations-schema/migrations/00010_record-segments.sql deleted file mode 100644 index 0e8105c..0000000 --- a/services/migrations-schema/migrations/00010_record-segments.sql +++ /dev/null @@ -1,7 +0,0 @@ --- we add the concept of segments to api.records --- implemented as a multidimensional text array, s3_segments. --- the first value is the s3 id, the second value is the s3 key --- [id, key] - -ALTER TABLE IF EXISTS api.records - ADD COLUMN s3_segments text[][]; diff --git a/services/migrations-schema/migrations/00011_use-composite-primary-keys.sql b/services/migrations-schema/migrations/00011_use-composite-primary-keys.sql deleted file mode 100644 index 025f54d..0000000 --- a/services/migrations-schema/migrations/00011_use-composite-primary-keys.sql +++ /dev/null @@ -1,28 +0,0 @@ --- we don't need s3_segments multidimential array. we're moving it's functionality to a new table -ALTER TABLE IF EXISTS api.records - DROP COLUMN s3_segments; - - - --- segments table -CREATE TABLE api.segments ( - id INT GENERATED ALWAYS AS IDENTITY PRIMARY KEY, - s3_key TEXT NOT NULL, - s3_id TEXT NOT NULL, - bytes bigint DEFAULT 0 -); -GRANT all ON api.segments TO automation; -GRANT SELECT ON api.segments TO web_anon; - - --- records-segments join table -CREATE TABLE api.records_segments( - id INT GENERATED ALWAYS AS IDENTITY, - record_id INT NOT NULL, - segment_id INT NOT NULL, - CONSTRAINT fk_record FOREIGN KEY(record_id) REFERENCES api.records(id), - CONSTRAINT fk_segment FOREIGN KEY(segment_id) REFERENCES api.segments(id), - PRIMARY KEY(id, record_id, segment_id) -); -GRANT all ON api.records_segments TO automation; -GRANT SELECT ON api.records_segments TO web_anon; diff --git a/services/migrations-schema/migrations/00012_order-records_segments.sql b/services/migrations-schema/migrations/00012_order-records_segments.sql deleted file mode 100644 index daec178..0000000 --- a/services/migrations-schema/migrations/00012_order-records_segments.sql +++ /dev/null @@ -1,2 +0,0 @@ -ALTER TABLE IF EXISTS api.records_segments - ADD COLUMN segments_order INT NOT NULL DEFAULT 0; \ No newline at end of file diff --git a/services/migrations-schema/migrations/00013_rename-segments-order.sql b/services/migrations-schema/migrations/00013_rename-segments-order.sql deleted file mode 100644 index 1f3f812..0000000 --- a/services/migrations-schema/migrations/00013_rename-segments-order.sql +++ /dev/null @@ -1,5 +0,0 @@ -ALTER TABLE IF EXISTS api.records_segments - DROP COLUMN segments_order; - -ALTER TABLE IF EXISTS api.records_segments - ADD COLUMN segment_order INT NOT NULL DEFAULT 0; \ No newline at end of file diff --git a/services/migrations-schema/migrations/00014_create-segments-stream-links.sql b/services/migrations-schema/migrations/00014_create-segments-stream-links.sql deleted file mode 100644 index a28df1f..0000000 --- a/services/migrations-schema/migrations/00014_create-segments-stream-links.sql +++ /dev/null @@ -1,2 +0,0 @@ -DROP TABLE IF EXISTS api.records CASCADE; -DROP TABLE IF EXISTS api.records_segments CASCADE; diff --git a/services/migrations-schema/migrations/00015_create-segments-stream-links-2.sql b/services/migrations-schema/migrations/00015_create-segments-stream-links-2.sql deleted file mode 100644 index c28e45b..0000000 --- a/services/migrations-schema/migrations/00015_create-segments-stream-links-2.sql +++ /dev/null @@ -1,16 +0,0 @@ --- I forgot to actually create the new table -CREATE TABLE api.segments_stream_links ( - id int PRIMARY KEY GENERATED ALWAYS AS IDENTITY, - discord_message_id text NOT NULL, - capture_job_id text NOT NULL -); - - --- roles & permissions -GRANT all ON api.segments_stream_links TO automation; -GRANT SELECT ON api.segments_stream_links TO web_anon; - - --- there is no s3_id in the segments run context so we don't need a column for it -ALTER TABLE IF EXISTS api.segments - DROP COLUMN s3_id; diff --git a/services/migrations-schema/migrations/00016_remove-unecessary-columns.sql b/services/migrations-schema/migrations/00016_remove-unecessary-columns.sql deleted file mode 100644 index 92a483f..0000000 --- a/services/migrations-schema/migrations/00016_remove-unecessary-columns.sql +++ /dev/null @@ -1,8 +0,0 @@ --- oops. bit by unfinished copy-paste - --- there is no s3_id in the segments run context so we don't need a column for it -ALTER TABLE IF EXISTS api.segments_stream_links - DROP COLUMN discord_message_id; - -ALTER TABLE IF EXISTS api.segments_stream_links - DROP COLUMN capture_job_id; \ No newline at end of file diff --git a/services/migrations-schema/migrations/00017_add-stream-status-col.sql b/services/migrations-schema/migrations/00017_add-stream-status-col.sql deleted file mode 100644 index de2d908..0000000 --- a/services/migrations-schema/migrations/00017_add-stream-status-col.sql +++ /dev/null @@ -1,5 +0,0 @@ -ALTER TABLE IF EXISTS api.streams - ADD COLUMN updated_at timestamp(6) without time zone; - -ALTER TABLE IF EXISTS api.streams - ADD COLUMN status TEXT NOT NULL; \ No newline at end of file diff --git a/services/migrations-schema/migrations/00018_add-stream-status-default.sql b/services/migrations-schema/migrations/00018_add-stream-status-default.sql deleted file mode 100644 index 15cb0b6..0000000 --- a/services/migrations-schema/migrations/00018_add-stream-status-default.sql +++ /dev/null @@ -1,5 +0,0 @@ -ALTER TABLE IF EXISTS api.streams - DROP COLUMN IF EXISTS status; - -ALTER TABLE api.streams - ADD COLUMN status TEXT NOT NULL DEFAULT 'pending_recording'; diff --git a/services/migrations-schema/migrations/00019_drop-discord-interactions.sql b/services/migrations-schema/migrations/00019_drop-discord-interactions.sql deleted file mode 100644 index cd9e1cb..0000000 --- a/services/migrations-schema/migrations/00019_drop-discord-interactions.sql +++ /dev/null @@ -1 +0,0 @@ -DROP TABLE IF EXISTS api.discord_interactions CASCADE; diff --git a/services/migrations-schema/migrations/00020_add-streams-update-trigger.sql b/services/migrations-schema/migrations/00020_add-streams-update-trigger.sql deleted file mode 100644 index 27848de..0000000 --- a/services/migrations-schema/migrations/00020_add-streams-update-trigger.sql +++ /dev/null @@ -1,38 +0,0 @@ --- delete outdated -DROP FUNCTION IF EXISTS public.tg__add_job(); - - --- We create a function which lets Postgrest's automation user create jobs in Graphile Worker. --- Normally only the database owner, in our case `postgres`, can add jobs due to RLS in graphile_worker tables. --- Under the advice of graphile_worker author, we can use a SECURITY DEFINER wrapper function. --- @see https://worker.graphile.org/docs/sql-add-job#graphile_workeradd_job:~:text=graphile_worker.add_job(...),that%20are%20necessary.) --- @see https://discord.com/channels/489127045289476126/1179293106336694333/1179605043729670306 --- @see https://discord.com/channels/489127045289476126/498852330754801666/1067707497235873822 -CREATE FUNCTION public.tg__add_record_job() RETURNS trigger - LANGUAGE plpgsql SECURITY DEFINER - SET search_path TO 'pg_catalog', 'public', 'pg_temp' - AS $$ - begin - PERFORM graphile_worker.add_job('record', json_build_object( - 'url', NEW.url, - 'stream_id', NEW.id - ), max_attempts := 12); - return NEW; - end; - $$; - - - - --- when a stream is updated, we add a job in graphile to update_discord_message -CREATE TRIGGER stream_update - AFTER UPDATE ON api.streams - FOR EACH ROW - EXECUTE PROCEDURE public.tg__update_discord_message('update_discord_message'); - --- when a stream is created, we add a 'record' job in graphile-worker -CREATE TRIGGER stream_create - AFTER INSERT ON api.streams - FOR EACH ROW - EXECUTE PROCEDURE public.tg__add_record_job('record'); - diff --git a/services/migrations-schema/migrations/00021_add-foreign-key-to-segments_stream.sql b/services/migrations-schema/migrations/00021_add-foreign-key-to-segments_stream.sql deleted file mode 100644 index d298003..0000000 --- a/services/migrations-schema/migrations/00021_add-foreign-key-to-segments_stream.sql +++ /dev/null @@ -1,9 +0,0 @@ -DROP TABLE api.segments_stream_links; - -CREATE TABLE api.segments_stream_links ( - id int GENERATED ALWAYS AS IDENTITY, - stream_id UUID NOT NULL REFERENCES api.streams(id), - segment_id INT NOT NULL REFERENCES api.segments(id), - capture_job_id text NOT NULL, - PRIMARY KEY(id, stream_id, segment_id) -); diff --git a/services/migrations-schema/migrations/00022_add-permissions-for-segments_stream_links.sql b/services/migrations-schema/migrations/00022_add-permissions-for-segments_stream_links.sql deleted file mode 100644 index a089e1b..0000000 --- a/services/migrations-schema/migrations/00022_add-permissions-for-segments_stream_links.sql +++ /dev/null @@ -1,2 +0,0 @@ -GRANT all ON api.segments_stream_links TO automation; -GRANT SELECT ON api.segments_stream_links TO web_anon; diff --git a/services/migrations-schema/migrations/00023_drop-capture_job_id-column.sql b/services/migrations-schema/migrations/00023_drop-capture_job_id-column.sql deleted file mode 100644 index 98fe03d..0000000 --- a/services/migrations-schema/migrations/00023_drop-capture_job_id-column.sql +++ /dev/null @@ -1,3 +0,0 @@ - -ALTER TABLE IF EXISTS api.segments_stream_links - DROP COLUMN IF EXISTS capture_job_id; diff --git a/services/migrations-schema/migrations/00024_add-updated_at-for-segments.sql b/services/migrations-schema/migrations/00024_add-updated_at-for-segments.sql deleted file mode 100644 index 9143a87..0000000 --- a/services/migrations-schema/migrations/00024_add-updated_at-for-segments.sql +++ /dev/null @@ -1,39 +0,0 @@ - -ALTER TABLE api.segments - ADD COLUMN created_at TIMESTAMP(6) WITHOUT TIME ZONE; - -ALTER TABLE api.segments - ADD COLUMN updated_at TIMESTAMP(6) WITHOUT TIME ZONE; - - - --- in migration 8, we already created tg__updated_at() so we don't need to create that, --- but we do need to create a function which will the row's created_at -CREATE FUNCTION public.tg__created_at() RETURNS trigger - LANGUAGE plpgsql - SET search_path TO 'pg_catalog', 'public', 'pg_temp' - AS $$ - BEGIN - NEW.created_at = now(); - RETURN NEW; - END; - $$; - --- create a trigger which runs the tg__updated_at() function when a /segment is updated -CREATE TRIGGER segment_updated_at - AFTER UPDATE ON api.segments - FOR EACH ROW - EXECUTE PROCEDURE public.tg__updated_at(); - - --- create a trigger which runs the tg__created_at() function when a /segment is created -CREATE TRIGGER segment_created_at - AFTER INSERT ON api.segments - FOR EACH ROW - EXECUTE PROCEDURE public.tg__created_at(); - --- create a trigger which runs the tg__created_at() function when a /stream is created -CREATE TRIGGER stream_created_at - AFTER INSERT ON api.streams - FOR EACH ROW - EXECUTE PROCEDURE public.tg__created_at(); diff --git a/services/migrations-schema/migrations/00025_add-is_recording_aborted-to-streams.sql b/services/migrations-schema/migrations/00025_add-is_recording_aborted-to-streams.sql deleted file mode 100644 index ce10bc3..0000000 --- a/services/migrations-schema/migrations/00025_add-is_recording_aborted-to-streams.sql +++ /dev/null @@ -1,2 +0,0 @@ -ALTER TABLE api.streams - ADD COLUMN is_recording_aborted BOOLEAN DEFAULT FALSE; diff --git a/services/migrations-schema/migrations/00026_use-moddatetime.sql b/services/migrations-schema/migrations/00026_use-moddatetime.sql deleted file mode 100644 index f2929f9..0000000 --- a/services/migrations-schema/migrations/00026_use-moddatetime.sql +++ /dev/null @@ -1,2 +0,0 @@ -CREATE EXTENSION moddatetime; - diff --git a/services/migrations-schema/migrations/00027_create-triggers-for-moddatetime.sql b/services/migrations-schema/migrations/00027_create-triggers-for-moddatetime.sql deleted file mode 100644 index 74a4eb3..0000000 --- a/services/migrations-schema/migrations/00027_create-triggers-for-moddatetime.sql +++ /dev/null @@ -1,49 +0,0 @@ - - --- now we set up the triggers - --- streams created_at -ALTER TABLE api.streams - ALTER created_at SET DEFAULT now(); - -DROP TRIGGER stream_created_at ON api.streams; - -CREATE TRIGGER stream_created_at - BEFORE INSERT ON api.streams - FOR EACH ROW - EXECUTE PROCEDURE moddatetime (created_at); - - --- streams updated_at -ALTER TABLE api.streams - ALTER updated_at SET DEFAULT now(); - -CREATE TRIGGER stream_updated_at - BEFORE UPDATE ON api.streams - FOR EACH ROW - EXECUTE PROCEDURE moddatetime (updated_at); - - --- segments created_at -ALTER TABLE api.segments - ALTER created_at SET DEFAULT now(); - -DROP TRIGGER segment_created_at ON api.segments; - -CREATE TRIGGER segment_created_at - BEFORE INSERT ON api.segments - FOR EACH ROW - EXECUTE PROCEDURE moddatetime(created_at); - - --- segments updated_at -ALTER TABLE api.segments - ALTER updated_at SET DEFAULT now(); - -DROP TRIGGER segment_updated_at ON api.segments; - -CREATE TRIGGER segment_updated_at - BEFORE UPDATE ON api.segments - FOR EACH ROW - EXECUTE PROCEDURE moddatetime(updated_at); - diff --git a/services/migrations-schema/migrations/00028_remove-moddate-on-insert.sql b/services/migrations-schema/migrations/00028_remove-moddate-on-insert.sql deleted file mode 100644 index 3cb45ac..0000000 --- a/services/migrations-schema/migrations/00028_remove-moddate-on-insert.sql +++ /dev/null @@ -1,9 +0,0 @@ --- A fix for the following error --- moddatetime: cannot process INSERT events --- --- We don't need moddatetime for INSERT events because we have column defaults set the time when the row is created. - - -DROP TRIGGER segment_created_at ON api.segments; -DROP TRIGGER stream_created_at ON api.streams; - diff --git a/services/migrations-schema/migrations/00029_add-discord-message-id.sql b/services/migrations-schema/migrations/00029_add-discord-message-id.sql deleted file mode 100644 index 7a7fb4e..0000000 --- a/services/migrations-schema/migrations/00029_add-discord-message-id.sql +++ /dev/null @@ -1,5 +0,0 @@ - --- streams needs discord_message_id for chatops -ALTER TABLE api.streams - ADD COLUMN discord_message_id TEXT; - diff --git a/services/migrations-schema/migrations/00030_update-update_discord_message.sql b/services/migrations-schema/migrations/00030_update-update_discord_message.sql deleted file mode 100644 index 835cd63..0000000 --- a/services/migrations-schema/migrations/00030_update-update_discord_message.sql +++ /dev/null @@ -1,14 +0,0 @@ --- instead of using record_id, we need to use stream_id -DROP FUNCTION public.tg__update_discord_message CASCADE; - -CREATE FUNCTION public.tg__update_discord_message() RETURNS trigger - LANGUAGE plpgsql SECURITY DEFINER - SET search_path TO 'pg_catalog', 'public', 'pg_temp' - AS $$ - begin - PERFORM graphile_worker.add_job('update_discord_message', json_build_object( - 'stream_id', NEW.id - ), max_attempts := 3); - return NEW; - end; - $$; \ No newline at end of file diff --git a/services/migrations-schema/migrations/00031_recreate-update_stream-trigger.sql b/services/migrations-schema/migrations/00031_recreate-update_stream-trigger.sql deleted file mode 100644 index ddb6957..0000000 --- a/services/migrations-schema/migrations/00031_recreate-update_stream-trigger.sql +++ /dev/null @@ -1,5 +0,0 @@ --- when a stream is updated, we add a job in graphile to update_discord_message -CREATE TRIGGER stream_update - AFTER UPDATE ON api.streams - FOR EACH ROW - EXECUTE PROCEDURE public.tg__update_discord_message('update_discord_message'); diff --git a/services/migrations-schema/migrations/00032_update-stream-when-segment-updates.sql b/services/migrations-schema/migrations/00032_update-stream-when-segment-updates.sql deleted file mode 100644 index 18578ff..0000000 --- a/services/migrations-schema/migrations/00032_update-stream-when-segment-updates.sql +++ /dev/null @@ -1,23 +0,0 @@ --- in order for discord chatops messages to be updated when a segment is updated, --- we need to have postgres update the related stream timestamp when a segment is updated. - -CREATE OR REPLACE FUNCTION update_stream_on_segment_update() -RETURNS TRIGGER AS $$ -BEGIN - UPDATE api.streams - SET updated_at = NOW() - WHERE id IN ( - SELECT stream_id - FROM segments_stream_links - WHERE segment_id = NEW.id - ); - - RETURN NEW; -END; -$$ LANGUAGE plpgsql; - - -CREATE TRIGGER trigger_update_stream - AFTER UPDATE ON api.segments - FOR EACH ROW - EXECUTE FUNCTION update_stream_on_segment_update(); diff --git a/services/migrations-schema/migrations/00033_create-vods.sql b/services/migrations-schema/migrations/00033_create-vods.sql deleted file mode 100644 index 24fa113..0000000 --- a/services/migrations-schema/migrations/00033_create-vods.sql +++ /dev/null @@ -1,46 +0,0 @@ --- create s3_files table -CREATE TABLE api.s3_files ( - id uuid PRIMARY KEY DEFAULT gen_random_uuid(), - s3_id TEXT NOT NULL, - s3_key TEXT NOT NULL, - bucket TEXT NOT NULL -); -GRANT all ON api.vods TO automation; -GRANT SELECT ON api.vods TO web_anon; - - --- create mux_assets table -CREATE TABLE api.mux_assets ( - id uuid PRIMARY KEY DEFAULT gen_random_uuid(), - asset_id TEXT NOT NULL, - playback_id TEXT NOT NULL, - created_at TIMESTAMP DEFAULT NOW(), - updated_at TIMESTAMP DEFAULT NOW() -); -GRANT all ON api.mux_assets TO automation; --- web_anon is intentionally not given privs to this table - - --- re-create vods table -DROP TABLE api.vods CASCADE; -CREATE TABLE api.vods ( - id uuid PRIMARY KEY DEFAULT gen_random_uuid(), - stream_id UUID NOT NULL REFERENCES api.streams(id), - created_at TIMESTAMP DEFAULT NOW(), - updated_at TIMESTAMP DEFAULT NOW(), - published_at DATE, - title TEXT, - date DATE NOT NULL, - mux_asset UUID REFERENCES api.mux_assets(id), - thumbnail UUID REFERENCES api.s3_files(id), - vtuber UUID REFERENCES api.vtubers(id), - ipfs_cid TEXT, - s3_file UUID REFERENCES api.s3_files(id), - torrent TEXT, - announce_title TEXT, - announce_url TEXT, - note TEXT -); -GRANT all ON api.vods TO automation; -GRANT SELECT ON api.vods TO web_anon; - diff --git a/services/migrations-schema/migrations/00034_move-segments-to-vods.sql b/services/migrations-schema/migrations/00034_move-segments-to-vods.sql deleted file mode 100644 index 39e78d4..0000000 --- a/services/migrations-schema/migrations/00034_move-segments-to-vods.sql +++ /dev/null @@ -1,24 +0,0 @@ --- segments get moved to vods -DROP TABLE api.segments_stream_links CASCADE; - - --- segments to vod, many-to-one -CREATE TABLE api.segments_vod_links ( - id int PRIMARY KEY GENERATED ALWAYS AS IDENTITY, - vod_id text NOT NULL, - segment_id text NOT NULL -); - - --- roles & permissions -GRANT all ON api.segments_vod_links TO automation; -GRANT SELECT ON api.segments_vod_links TO web_anon; - - --- establish many-to-one relationship by adding a foreign key to segments -ALTER TABLE api.segments - ADD COLUMN vod_id TEXT; - -ALTER TABLE api.segments - ADD CONSTRAINT vod_id_not_null - CHECK (vod_id IS NOT NULL) NOT VALID; diff --git a/services/migrations-schema/migrations/00035_seed-vtubers.sql b/services/migrations-schema/migrations/00035_seed-vtubers.sql deleted file mode 100644 index 1537a9d..0000000 --- a/services/migrations-schema/migrations/00035_seed-vtubers.sql +++ /dev/null @@ -1,159 +0,0 @@ --- seeding some test vtubers for dev environment -INSERT INTO api.vtubers ( - display_name, - slug, - image, - theme_color, - chaturbate, - twitter, - patreon, - twitch, - tiktok, - onlyfans, - youtube, - linktree, - carrd, - fansly, - pornhub, - discord, - reddit, - throne, - instagram, - facebook, - merch, - description1, - description2, - image_blur -) VALUES ( - 'ProjektMelody', -- display_name - 'projektmelody', -- slug - 'https://futureporn-b2.b-cdn.net/projekt-melody.jpg', -- image - '#5C23C0', -- theme_color - 'https://chaturbate.com/projektmelody', -- chaturbate - 'https://twitter.com/projektmelody', -- twitter - 'https://www.patreon.com/projektmelody', -- patreon - 'https://twitch.tv/projektmelody', -- twitch - 'https://www.tiktok.com/@realprojektmelody', -- tiktok - 'https://onlyfans.com/projektbutt', -- onlyfans - 'https://www.youtube.com/projektmelodyofficial', -- youtube - 'https://linktr.ee/projektmelody', -- linktree - NULL, -- carrd (no data provided) - 'https://fansly.com/r/scienceteam', -- fansly - 'https://www.pornhub.com/model/projekt-melody', -- pornhub - NULL, -- discord (no data provided) - 'https://www.reddit.com/r/projektmelody/', -- reddit - 'https://throne.com/realprojektmelody', -- throne - NULL, -- instagram (no data provided) - NULL, -- facebook (no data provided) - 'https://melody.vshojo.com/', -- merch - 'Also known as, ''Daddy''s little grandpa,'' ProjektMelody is the pioneering hentai cam model who embodies a unique blend of sweetness and perversion. She engages with her audience with remarkable patience and politeness, demonstrating her commitment to fostering an inclusive environment.', -- description1 - 'On her livestreams, ProjektMelody''s demeanor can range from overtly sexual to adorably reserved and self-censored. Alongside her captivating presence, she actively promotes pro-social behavior, advocates for sexual education, and emphasizes the importance of kindness.', -- description2 - 'data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAABmJLR0QA/wD/AP+gvaeTAAAADUlEQVQImWOIUT7wHwAEXQI/2aBnMAAAAABJRU5ErkJggg==' -- image_blur -); - - - - -INSERT INTO api.vtubers ( - display_name, - slug, - image, - theme_color, - chaturbate, - twitter, - patreon, - twitch, - tiktok, - onlyfans, - youtube, - linktree, - carrd, - fansly, - pornhub, - discord, - reddit, - throne, - instagram, - facebook, - merch, - description1, - description2, - image_blur -) VALUES ( - 'el_XoX', -- display_name - 'el_xox', -- slug - 'https://futureporn-b2.b-cdn.net/el_xox.jpg', -- image - '#353FFF', -- theme_color - 'https://chaturbate.com/el_xox/', -- chaturbate - 'https://twitter.com/el_XoX34', -- twitter - NULL, -- patreon (no data provided) - 'https://www.twitch.tv/el_xox', -- twitch - NULL, -- tiktok (no data provided) - NULL, -- onlyfans (no data provided) - NULL, -- youtube (no data provided) - NULL, -- linktree (no data provided) - 'https://elxox.carrd.co/', -- carrd - NULL, -- fansly (no data provided) - NULL, -- pornhub (no data provided) - NULL, -- discord (no data provided) - NULL, -- reddit (no data provided) - NULL, -- throne (no data provided) - NULL, -- instagram (no data provided) - NULL, -- facebook (no data provided) - 'https://elxox34.com/pages/limited-merch', -- merch - ' ', -- description1 (empty string) - NULL, -- description2 (no data provided) - 'data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAABmJLR0QA/wD/AP+gvaeTAAAADUlEQVQImWNgYGD4DwABBAEAfbLI3wAAAABJRU5ErkJggg==' -- image_blur -); - -INSERT INTO api.vtubers ( - display_name, - slug, - image, - theme_color, - chaturbate, - twitter, - patreon, - twitch, - tiktok, - onlyfans, - youtube, - linktree, - carrd, - fansly, - pornhub, - discord, - reddit, - throne, - instagram, - facebook, - merch, - description1, - description2, - image_blur -) VALUES ( - 'Vexruby', -- display_name - 'vexruby', -- slug - 'https://futureporn-b2.b-cdn.net/vexruby.jpg', -- image - '#f882f5', -- theme_color - 'https://chaturbate.com/vexruby', -- chaturbate - 'https://x.com/vexxxruby', -- twitter - 'https://www.patreon.com/ViRoClub', -- patreon - NULL, -- twitch (no data provided) - NULL, -- tiktok (no data provided) - NULL, -- onlyfans (no data provided) - NULL, -- youtube (no data provided) - NULL, -- linktree (no data provided) - NULL, -- carrd (no data provided) - NULL, -- fansly (no data provided) - NULL, -- pornhub (no data provided) - NULL, -- discord (no data provided) - NULL, -- reddit (no data provided) - NULL, -- throne (no data provided) - NULL, -- instagram (no data provided) - NULL, -- facebook (no data provided) - NULL, -- merch (no data provided) - ' ', -- description1 (empty string) - NULL, -- description2 (no data provided) - 'data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAABmJLR0QA/wD/AP+gvaeTAAAADUlEQVQImWMwtf//HwAEkwJzh0T9qwAAAABJRU5ErkJggg==' -- image_blur -); diff --git a/services/migrations-schema/migrations/00036_update_discord_message-use-vod_id.sql b/services/migrations-schema/migrations/00036_update_discord_message-use-vod_id.sql deleted file mode 100644 index 1adc464..0000000 --- a/services/migrations-schema/migrations/00036_update_discord_message-use-vod_id.sql +++ /dev/null @@ -1,14 +0,0 @@ --- instead of using record_id, we need to use stream_id -DROP FUNCTION public.tg__update_discord_message CASCADE; - -CREATE FUNCTION public.tg__update_discord_message() RETURNS trigger - LANGUAGE plpgsql SECURITY DEFINER - SET search_path TO 'pg_catalog', 'public', 'pg_temp' - AS $$ - begin - PERFORM graphile_worker.add_job('update_discord_message', json_build_object( - 'vod_id', NEW.id - ), max_attempts := 3); - return NEW; - end; - $$; \ No newline at end of file diff --git a/services/migrations-schema/migrations/00037_drop-oudated-streamscolumns.sql b/services/migrations-schema/migrations/00037_drop-oudated-streamscolumns.sql deleted file mode 100644 index 7c1cffe..0000000 --- a/services/migrations-schema/migrations/00037_drop-oudated-streamscolumns.sql +++ /dev/null @@ -1,16 +0,0 @@ --- we are moving url column from streams to vods -ALTER TABLE api.streams - DROP COLUMN url; - -ALTER TABLE api.vods - ADD COLUMN url TEXT; - --- remove unused things -ALTER TABLE api.streams - DROP COLUMN status; - -ALTER TABLE api.streams - DROP COLUMN is_recording_aborted; - -ALTER TABLE api.streams - DROP COLUMN discord_message_id; \ No newline at end of file diff --git a/services/migrations-schema/migrations/00038_add-vods-update-trigger.sql b/services/migrations-schema/migrations/00038_add-vods-update-trigger.sql deleted file mode 100644 index 5797a87..0000000 --- a/services/migrations-schema/migrations/00038_add-vods-update-trigger.sql +++ /dev/null @@ -1,41 +0,0 @@ --- we are moving recording functionality from streams to vods - --- delete outdated -DROP FUNCTION IF EXISTS public.tg__add_record_job CASCADE; -DROP TRIGGER IF EXISTS stream_update ON api.streams; -DROP TRIGGER IF EXISTS stream_create ON api.streams; - --- We create a function which lets Postgrest's automation user create jobs in Graphile Worker. --- Normally only the database owner, in our case `postgres`, can add jobs due to RLS in graphile_worker tables. --- Under the advice of graphile_worker author, we can use a SECURITY DEFINER wrapper function. --- @see https://worker.graphile.org/docs/sql-add-job#graphile_workeradd_job:~:text=graphile_worker.add_job(...),that%20are%20necessary.) --- @see https://discord.com/channels/489127045289476126/1179293106336694333/1179605043729670306 --- @see https://discord.com/channels/489127045289476126/498852330754801666/1067707497235873822 -CREATE FUNCTION public.tg__add_record_job() RETURNS trigger - LANGUAGE plpgsql SECURITY DEFINER - SET search_path TO 'pg_catalog', 'public', 'pg_temp' - AS $$ - begin - PERFORM graphile_worker.add_job('record', json_build_object( - 'url', NEW.url, - 'vod_id', NEW.id - ), max_attempts := 12); - return NEW; - end; - $$; - - - - --- when a vod is updated, we add a job in graphile to update_discord_message -CREATE TRIGGER vod_update - AFTER UPDATE ON api.vods - FOR EACH ROW - EXECUTE PROCEDURE public.tg__update_discord_message('update_discord_message'); - --- when a vod is created, we add a 'record' job in graphile-worker -CREATE TRIGGER vod_create - AFTER INSERT ON api.vods - FOR EACH ROW - EXECUTE PROCEDURE public.tg__add_record_job('record'); - diff --git a/services/migrations-schema/migrations/00039_create-limiter-table.sql b/services/migrations-schema/migrations/00039_create-limiter-table.sql deleted file mode 100644 index f7ec36e..0000000 --- a/services/migrations-schema/migrations/00039_create-limiter-table.sql +++ /dev/null @@ -1,7 +0,0 @@ --- schema for rate limiter (https://github.com/animir/node-rate-limiter-flexible) --- @see https://github.com/animir/node-rate-limiter-flexible/blob/661d794212441f104a6941092c28805b3bd76537/lib/RateLimiterPostgres.js#L161 -CREATE TABLE public.limiter ( - key varchar(255) PRIMARY KEY, - points integer NOT NULL DEFAULT 0, - expire bigint -); diff --git a/services/migrations-schema/migrations/00040_theme_color-is-optional.sql b/services/migrations-schema/migrations/00040_theme_color-is-optional.sql deleted file mode 100644 index d4465ae..0000000 --- a/services/migrations-schema/migrations/00040_theme_color-is-optional.sql +++ /dev/null @@ -1,9 +0,0 @@ --- theme_color, and image are made optional, because they require extra fetches. --- the intention is to have a graphile-worker populate these columns in a parallel workflow, --- rather than force the onboarding process to gather this data which increases the runtime of that process. - -ALTER TABLE IF EXISTS api.vtubers - ALTER COLUMN image DROP NOT NULL; - -ALTER TABLE IF EXISTS api.vtubers - ALTER COLUMN theme_color DROP NOT NULL; \ No newline at end of file diff --git a/services/migrations-schema/migrations/00041_add-is_recording_aborted-to-vods.sql b/services/migrations-schema/migrations/00041_add-is_recording_aborted-to-vods.sql deleted file mode 100644 index 22ad593..0000000 --- a/services/migrations-schema/migrations/00041_add-is_recording_aborted-to-vods.sql +++ /dev/null @@ -1,3 +0,0 @@ - -ALTER TABLE api.vods - ADD COLUMN is_recording_aborted BOOLEAN; \ No newline at end of file diff --git a/services/migrations-schema/migrations/00042_segments-vods-fk.sql b/services/migrations-schema/migrations/00042_segments-vods-fk.sql deleted file mode 100644 index fc1d528..0000000 --- a/services/migrations-schema/migrations/00042_segments-vods-fk.sql +++ /dev/null @@ -1,6 +0,0 @@ -ALTER TABLE api.segments - DROP COLUMN vod_id; - - -ALTER TABLE api.segments - ADD COLUMN vod_id UUID REFERENCES api.vods(id); diff --git a/services/migrations-schema/migrations/00043_update_vod_on_segment_update.sql b/services/migrations-schema/migrations/00043_update_vod_on_segment_update.sql deleted file mode 100644 index 9027379..0000000 --- a/services/migrations-schema/migrations/00043_update_vod_on_segment_update.sql +++ /dev/null @@ -1,23 +0,0 @@ -DROP FUNCTION update_stream_on_segment_update CASCADE; - - -CREATE OR REPLACE FUNCTION update_vod_on_segment_update() -RETURNS TRIGGER AS $$ -BEGIN - UPDATE api.vods - SET updated_at = NOW() - WHERE id IN ( - SELECT vod_id - FROM segments_vod_links - WHERE segment_id = NEW.id - ); - - RETURN NEW; -END; -$$ LANGUAGE plpgsql; - - -CREATE TRIGGER trigger_update_vod - AFTER UPDATE ON api.segments - FOR EACH ROW - EXECUTE FUNCTION update_vod_on_segment_update(); diff --git a/services/migrations-schema/migrations/00044_segments-uuid.sql b/services/migrations-schema/migrations/00044_segments-uuid.sql deleted file mode 100644 index dcae3d4..0000000 --- a/services/migrations-schema/migrations/00044_segments-uuid.sql +++ /dev/null @@ -1,6 +0,0 @@ - -ALTER TABLE api.segments - DROP COLUMN id; - -ALTER TABLE api.segments - ADD COLUMN id uuid PRIMARY KEY DEFAULT gen_random_uuid(); diff --git a/services/migrations-schema/migrations/00045_recreate-segments_vod_links.sql b/services/migrations-schema/migrations/00045_recreate-segments_vod_links.sql deleted file mode 100644 index f69346b..0000000 --- a/services/migrations-schema/migrations/00045_recreate-segments_vod_links.sql +++ /dev/null @@ -1,10 +0,0 @@ --- we need vod_id and segment_id to be uuid, not text - -DROP TABLE api.segments_vod_links; - -CREATE TABLE api.segments_vod_links ( - id UUID DEFAULT gen_random_uuid(), - vod_id UUID NOT NULL REFERENCES api.vods(id), - segment_id UUID NOT NULL REFERENCES api.segments(id), - PRIMARY KEY(id, vod_id, segment_id) -); diff --git a/services/migrations-schema/migrations/00046_segments_vod_links-many-to-one.sql b/services/migrations-schema/migrations/00046_segments_vod_links-many-to-one.sql deleted file mode 100644 index eb0bceb..0000000 --- a/services/migrations-schema/migrations/00046_segments_vod_links-many-to-one.sql +++ /dev/null @@ -1,10 +0,0 @@ --- In the last migration, I accidentally created a many-to-many relationship. --- What I actually need is a many-to-one relationship. - -DROP TABLE api.segments_vod_links; - -CREATE TABLE api.segments_vod_links ( - id UUID PRIMARY KEY DEFAULT gen_random_uuid(), - vod_id UUID NOT NULL REFERENCES api.vods(id), - segment_id UUID NOT NULL REFERENCES api.segments(id) -); diff --git a/services/migrations-schema/migrations/00047_add-is_recording_aborted-to-vods-default-false.sql b/services/migrations-schema/migrations/00047_add-is_recording_aborted-to-vods-default-false.sql deleted file mode 100644 index a5b8b25..0000000 --- a/services/migrations-schema/migrations/00047_add-is_recording_aborted-to-vods-default-false.sql +++ /dev/null @@ -1,5 +0,0 @@ -ALTER TABLE api.vods - DROP COLUMN is_recording_aborted; - -ALTER TABLE api.vods - ADD COLUMN is_recording_aborted BOOLEAN DEFAULT FALSE; diff --git a/services/migrations-schema/migrations/00048_segments-vod-links-perms.sql b/services/migrations-schema/migrations/00048_segments-vod-links-perms.sql deleted file mode 100644 index c9cce2f..0000000 --- a/services/migrations-schema/migrations/00048_segments-vod-links-perms.sql +++ /dev/null @@ -1,3 +0,0 @@ --- roles & permissions -GRANT all ON api.segments_vod_links TO automation; -GRANT SELECT ON api.segments_vod_links TO web_anon; diff --git a/services/migrations-schema/migrations/00049_add-discord_message_id-on-vods.sql b/services/migrations-schema/migrations/00049_add-discord_message_id-on-vods.sql deleted file mode 100644 index 7960a26..0000000 --- a/services/migrations-schema/migrations/00049_add-discord_message_id-on-vods.sql +++ /dev/null @@ -1,4 +0,0 @@ --- vods needs discord_message_id for chatops -ALTER TABLE api.vods - ADD COLUMN discord_message_id TEXT; - diff --git a/services/migrations-schema/migrations/00050_add-status-to-vod.sql b/services/migrations-schema/migrations/00050_add-status-to-vod.sql deleted file mode 100644 index 75d78b6..0000000 --- a/services/migrations-schema/migrations/00050_add-status-to-vod.sql +++ /dev/null @@ -1,3 +0,0 @@ - -ALTER TABLE api.vods - ADD COLUMN status TEXT; \ No newline at end of file diff --git a/services/migrations-schema/migrations/00051_set-vod-status.sql b/services/migrations-schema/migrations/00051_set-vod-status.sql deleted file mode 100644 index 4336e45..0000000 --- a/services/migrations-schema/migrations/00051_set-vod-status.sql +++ /dev/null @@ -1,21 +0,0 @@ --- 'NEW' in this context is a segment row. --- we update this function to also set the vod status to 'recording' if applicable. - -CREATE OR REPLACE FUNCTION update_vod_on_segment_update() -RETURNS TRIGGER AS $$ -BEGIN - UPDATE api.vods - SET - updated_at = NOW(), - status = CASE - WHEN NEW.filesize > OLD.filesize THEN 'recording' - ELSE status - END - WHERE id IN ( - SELECT vod_id - FROM segments_vod_links - WHERE segment_id = NEW.id - ); - RETURN NEW; -END; -$$ LANGUAGE plpgsql; \ No newline at end of file diff --git a/services/migrations-schema/migrations/00052_correct-typo-filesize-to-bytes.sql b/services/migrations-schema/migrations/00052_correct-typo-filesize-to-bytes.sql deleted file mode 100644 index 419df34..0000000 --- a/services/migrations-schema/migrations/00052_correct-typo-filesize-to-bytes.sql +++ /dev/null @@ -1,21 +0,0 @@ --- 'NEW' in this context is a segment row. --- we update this function to also set the vod status to 'recording' if applicable. - -CREATE OR REPLACE FUNCTION update_vod_on_segment_update() -RETURNS TRIGGER AS $$ -BEGIN - UPDATE api.vods - SET - updated_at = NOW(), - status = CASE - WHEN NEW.bytes > OLD.bytes THEN 'recording' - ELSE status - END - WHERE id IN ( - SELECT vod_id - FROM segments_vod_links - WHERE segment_id = NEW.id - ); - RETURN NEW; -END; -$$ LANGUAGE plpgsql; \ No newline at end of file diff --git a/services/migrations-schema/migrations/00053_add-default-status-on-vods.sql b/services/migrations-schema/migrations/00053_add-default-status-on-vods.sql deleted file mode 100644 index 3fd37a8..0000000 --- a/services/migrations-schema/migrations/00053_add-default-status-on-vods.sql +++ /dev/null @@ -1,5 +0,0 @@ -ALTER TABLE api.vods - DROP COLUMN status; - -ALTER TABLE api.vods - ADD COLUMN status TEXT DEFAULT 'pending_recording'; \ No newline at end of file diff --git a/services/migrations-schema/migrations/00054_remove-bytes-from-vod-tg-function.sql b/services/migrations-schema/migrations/00054_remove-bytes-from-vod-tg-function.sql deleted file mode 100644 index 0671976..0000000 --- a/services/migrations-schema/migrations/00054_remove-bytes-from-vod-tg-function.sql +++ /dev/null @@ -1,27 +0,0 @@ - -DROP FUNCTION update_vod_on_segment_update CASCADE; - --- 'NEW' in this context is a segment row. --- we re-create this trigger function, but this time make it's name more consistent with others --- we also remove the conditional status column because it relies on the non-existant bytes column -CREATE OR REPLACE FUNCTION tg__update_vod_updated_at() -RETURNS TRIGGER AS $$ -BEGIN - UPDATE api.vods - SET - updated_at = NOW() - WHERE id IN ( - SELECT vod_id - FROM segments_vod_links - WHERE segment_id = NEW.id - ); - RETURN NEW; -END; -$$ LANGUAGE plpgsql; - - - -CREATE TRIGGER trigger_update_vod - AFTER UPDATE ON api.segments - FOR EACH ROW - EXECUTE FUNCTION tg__update_vod_updated_at(); diff --git a/services/migrations-schema/migrations/00055_trigger_update_vod-switch-to-before.sql b/services/migrations-schema/migrations/00055_trigger_update_vod-switch-to-before.sql deleted file mode 100644 index ed5c903..0000000 --- a/services/migrations-schema/migrations/00055_trigger_update_vod-switch-to-before.sql +++ /dev/null @@ -1,7 +0,0 @@ -DROP TRIGGER trigger_update_vod ON api.segments; - --- switch from `AFTER UPDATE` to `BEFORE UPDATE` -CREATE TRIGGER trigger_update_vod - BEFORE UPDATE ON api.segments - FOR EACH ROW - EXECUTE FUNCTION tg__update_vod_updated_at(); diff --git a/services/migrations-schema/migrations/00056_add_job-retry-only-6-times.sql b/services/migrations-schema/migrations/00056_add_job-retry-only-6-times.sql deleted file mode 100644 index 9965e6d..0000000 --- a/services/migrations-schema/migrations/00056_add_job-retry-only-6-times.sql +++ /dev/null @@ -1,15 +0,0 @@ - --- 12 times is too many, as it will retry the record task hours after a stream has gone offline. We're reducing retries to 6 -DROP FUNCTION public.tg__add_record_job CASCADE; -CREATE FUNCTION public.tg__add_record_job() RETURNS trigger - LANGUAGE plpgsql SECURITY DEFINER - SET search_path TO 'pg_catalog', 'public', 'pg_temp' - AS $$ - begin - PERFORM graphile_worker.add_job('record', json_build_object( - 'url', NEW.url, - 'vod_id', NEW.id - ), max_attempts := 6); - return NEW; - end; - $$; diff --git a/services/migrations-schema/migrations/00057_recreate-vod_create.sql b/services/migrations-schema/migrations/00057_recreate-vod_create.sql deleted file mode 100644 index 592690b..0000000 --- a/services/migrations-schema/migrations/00057_recreate-vod_create.sql +++ /dev/null @@ -1,8 +0,0 @@ - --- we need to re-create this because I think a CASCADE deleted it. --- when a vod is created, we add a 'record' job in graphile-worker -CREATE TRIGGER vod_create - AFTER INSERT ON api.vods - FOR EACH ROW - EXECUTE PROCEDURE public.tg__add_record_job('record'); - diff --git a/services/migrations-schema/migrations/00058_conditionally-change-vod-status.sql b/services/migrations-schema/migrations/00058_conditionally-change-vod-status.sql deleted file mode 100644 index 7ad02b2..0000000 --- a/services/migrations-schema/migrations/00058_conditionally-change-vod-status.sql +++ /dev/null @@ -1,19 +0,0 @@ --- we want this function to set the vod status to recording -CREATE OR REPLACE FUNCTION tg__update_vod_updated_at() -RETURNS TRIGGER AS $$ -BEGIN - UPDATE api.vods - SET - updated_at = NOW(), - status = CASE - WHEN NEW.filesize > OLD.filesize THEN 'recording' - ELSE status - END - WHERE id IN ( - SELECT vod_id - FROM segments_vod_links - WHERE segment_id = NEW.id - ); - RETURN NEW; -END; -$$ LANGUAGE plpgsql; \ No newline at end of file diff --git a/services/migrations-schema/migrations/00059_fix-filesize-typo.sql b/services/migrations-schema/migrations/00059_fix-filesize-typo.sql deleted file mode 100644 index 3650c24..0000000 --- a/services/migrations-schema/migrations/00059_fix-filesize-typo.sql +++ /dev/null @@ -1,20 +0,0 @@ --- we want this function to set the vod status to recording --- the correct row is bytes, not filesize. -CREATE OR REPLACE FUNCTION tg__update_vod_updated_at() -RETURNS TRIGGER AS $$ -BEGIN - UPDATE api.vods - SET - updated_at = NOW(), - status = CASE - WHEN NEW.bytes > OLD.bytes THEN 'recording' - ELSE status - END - WHERE id IN ( - SELECT vod_id - FROM segments_vod_links - WHERE segment_id = NEW.id - ); - RETURN NEW; -END; -$$ LANGUAGE plpgsql; \ No newline at end of file diff --git a/services/migrations-schema/migrations/00060_create-recordings-table.sql b/services/migrations-schema/migrations/00060_create-recordings-table.sql deleted file mode 100644 index 0691e22..0000000 --- a/services/migrations-schema/migrations/00060_create-recordings-table.sql +++ /dev/null @@ -1,35 +0,0 @@ --- recordings table schema -CREATE TABLE api.recordings ( - id UUID PRIMARY KEY DEFAULT gen_random_uuid(), - url TEXT NOT NULL, - created_at timestamp(6) without time zone, - updated_at timestamp(6) without time zone, - discord_message_id TEXT -); - --- roles & permissions for our backend automation user -GRANT all ON api.recordings TO automation; -GRANT SELECT ON api.recordings TO web_anon; - - --- we re-create this function to use recording_id instead of vod_id -DROP FUNCTION public.tg__add_record_job CASCADE; -CREATE FUNCTION public.tg__add_record_job() RETURNS trigger - LANGUAGE plpgsql SECURITY DEFINER - SET search_path TO 'pg_catalog', 'public', 'pg_temp' - AS $$ - begin - PERFORM graphile_worker.add_job('record', json_build_object( - 'url', NEW.url, - 'recording_id', NEW.id - ), max_attempts := 6); - return NEW; - end; - $$; - - - -CREATE TRIGGER create_recording - AFTER UPDATE ON api.recordings - FOR EACH ROW - EXECUTE FUNCTION tg__add_record_job(); diff --git a/services/migrations-schema/migrations/00061_defaults-for-created_at-and-updated_at.sql b/services/migrations-schema/migrations/00061_defaults-for-created_at-and-updated_at.sql deleted file mode 100644 index 34e7eda..0000000 --- a/services/migrations-schema/migrations/00061_defaults-for-created_at-and-updated_at.sql +++ /dev/null @@ -1,6 +0,0 @@ - -ALTER TABLE IF EXISTS api.recordings - ALTER COLUMN created_at SET DEFAULT now(); - -ALTER TABLE IF EXISTS api.recordings - ALTER COLUMN updated_at SET DEFAULT now(); \ No newline at end of file diff --git a/services/migrations-schema/migrations/00062_create-discord_interactions.sql b/services/migrations-schema/migrations/00062_create-discord_interactions.sql deleted file mode 100644 index 86cfc57..0000000 --- a/services/migrations-schema/migrations/00062_create-discord_interactions.sql +++ /dev/null @@ -1,8 +0,0 @@ --- create discord_interactions table -CREATE TABLE api.discord_interactions ( - id UUID PRIMARY KEY DEFAULT gen_random_uuid(), - discord_message_id TEXT NOT NULL -); -GRANT all ON api.discord_interactions TO automation; -GRANT SELECT ON api.discord_interactions TO web_anon; - diff --git a/services/migrations-schema/migrations/00063_relate-discord_interactions-with-recordings.sql b/services/migrations-schema/migrations/00063_relate-discord_interactions-with-recordings.sql deleted file mode 100644 index 3c1b685..0000000 --- a/services/migrations-schema/migrations/00063_relate-discord_interactions-with-recordings.sql +++ /dev/null @@ -1,14 +0,0 @@ - --- add more cols to api.recordings -ALTER TABLE api.recordings - ADD COLUMN date TIMESTAMP(6) WITHOUT TIME ZONE; - -ALTER TABLE api.recordings - ADD COLUMN vod_id UUID REFERENCES api.vods(id); - -ALTER TABLE api.recordings - DROP COLUMN discord_message_id; - -ALTER TABLE api.recordings - ADD COLUMN discord_interaction_id UUID REFERENCES api.discord_interactions(id); - diff --git a/services/migrations-schema/migrations/00064_execute-procedure-instead-of-function.sql b/services/migrations-schema/migrations/00064_execute-procedure-instead-of-function.sql deleted file mode 100644 index 53e7ad2..0000000 --- a/services/migrations-schema/migrations/00064_execute-procedure-instead-of-function.sql +++ /dev/null @@ -1,8 +0,0 @@ - -DROP TRIGGER create_recording ON api.recordings; - -CREATE TRIGGER recording_create - AFTER INSERT ON api.recordings - FOR EACH ROW - EXECUTE PROCEDURE public.tg__add_record_job('record'); - diff --git a/services/migrations-schema/migrations/00065_move-is_aborted-to-recordings.sql b/services/migrations-schema/migrations/00065_move-is_aborted-to-recordings.sql deleted file mode 100644 index d8bcf37..0000000 --- a/services/migrations-schema/migrations/00065_move-is_aborted-to-recordings.sql +++ /dev/null @@ -1,6 +0,0 @@ --- move is_aborted COL from vods to recordings -ALTER TABLE api.vods - DROP COLUMN is_recording_aborted; - -ALTER TABLE api.recordings - ADD COLUMN is_aborted BOOLEAN NOT NULL DEFAULT FALSE; diff --git a/services/migrations-schema/migrations/00066_add-segments-fk-to-vods.sql b/services/migrations-schema/migrations/00066_add-segments-fk-to-vods.sql deleted file mode 100644 index 90c2010..0000000 --- a/services/migrations-schema/migrations/00066_add-segments-fk-to-vods.sql +++ /dev/null @@ -1,3 +0,0 @@ - -ALTER TABLE api.vods - ADD COLUMN segments UUID REFERENCES api.segments(id); \ No newline at end of file diff --git a/services/migrations-schema/migrations/00067_remove-duplicate-vods-segments.sql b/services/migrations-schema/migrations/00067_remove-duplicate-vods-segments.sql deleted file mode 100644 index b063584..0000000 --- a/services/migrations-schema/migrations/00067_remove-duplicate-vods-segments.sql +++ /dev/null @@ -1,29 +0,0 @@ -/* - -we already have a many-to-one relation. this col is creating a one-to-many relation, causing the following problem. - -{ - "code": "PGRST201", - "details": [ - { - "cardinality": "one-to-many", - "embedding": "segments with vods", - "relationship": "vods_segments_fkey using segments(id) and vods(segments)" - }, - { - "cardinality": "many-to-one", - "embedding": "segments with vods", - "relationship": "segments_vod_id_fkey using segments(vod_id) and vods(id)" - } - ], - "hint": "Try changing 'vods' to one of the following: 'vods!vods_segments_fkey', 'vods!segments_vod_id_fkey'. Find the desired relationship in the 'details' key.", - "message": "Could not embed because more than one relationship was found for 'segments' and 'vods'" -} - -*/ - - - - -ALTER TABLE api.vods - DROP COLUMN segments; \ No newline at end of file diff --git a/services/migrations-schema/migrations/00068_remove-vod_id-from-recordings.sql b/services/migrations-schema/migrations/00068_remove-vod_id-from-recordings.sql deleted file mode 100644 index e3aa3f1..0000000 --- a/services/migrations-schema/migrations/00068_remove-vod_id-from-recordings.sql +++ /dev/null @@ -1,27 +0,0 @@ -/* - -we already have a many-to-one relation. this col is creating a one-to-many relation, causing the following problem. - -{ - "code": "PGRST201", - "details": [ - { - "cardinality": "one-to-many", - "embedding": "segments with vods", - "relationship": "vods_segments_fkey using segments(id) and vods(segments)" - }, - { - "cardinality": "many-to-one", - "embedding": "segments with vods", - "relationship": "segments_vod_id_fkey using segments(vod_id) and vods(id)" - } - ], - "hint": "Try changing 'vods' to one of the following: 'vods!vods_segments_fkey', 'vods!segments_vod_id_fkey'. Find the desired relationship in the 'details' key.", - "message": "Could not embed because more than one relationship was found for 'segments' and 'vods'" -} - -*/ - - -ALTER TABLE api.recordings - DROP COLUMN vod_id; diff --git a/services/migrations-schema/migrations/00069_recreate-recordings-vod-relationship.sql b/services/migrations-schema/migrations/00069_recreate-recordings-vod-relationship.sql deleted file mode 100644 index 7d8a60a..0000000 --- a/services/migrations-schema/migrations/00069_recreate-recordings-vod-relationship.sql +++ /dev/null @@ -1,3 +0,0 @@ - -ALTER TABLE api.recordings - ADD COLUMN vod_id UUID REFERENCES api.vods(id); diff --git a/services/migrations-schema/migrations/00070_relate-vod-to-recording.sql b/services/migrations-schema/migrations/00070_relate-vod-to-recording.sql deleted file mode 100644 index e8ad16a..0000000 --- a/services/migrations-schema/migrations/00070_relate-vod-to-recording.sql +++ /dev/null @@ -1,3 +0,0 @@ - -ALTER TABLE api.vods - ADD COLUMN recording_id UUID REFERENCES api.recordings(id); diff --git a/services/migrations-schema/migrations/00071_remove-recordings_vod_id_fkey.sql b/services/migrations-schema/migrations/00071_remove-recordings_vod_id_fkey.sql deleted file mode 100644 index d4f63da..0000000 --- a/services/migrations-schema/migrations/00071_remove-recordings_vod_id_fkey.sql +++ /dev/null @@ -1,4 +0,0 @@ - --- potentially unecessary fk, because api.vods has the relation too. -ALTER TABLE api.recordings - DROP COLUMN vod_id; \ No newline at end of file diff --git a/services/migrations-schema/migrations/00072_create-builds-table.sql b/services/migrations-schema/migrations/00072_create-builds-table.sql deleted file mode 100644 index 92bd578..0000000 --- a/services/migrations-schema/migrations/00072_create-builds-table.sql +++ /dev/null @@ -1,33 +0,0 @@ --- builds table schema -CREATE TABLE api.builds ( - id UUID PRIMARY KEY DEFAULT gen_random_uuid(), - vod UUID NOT NULL REFERENCES api.vods(id), - task TEXT NOT NULL, - created_at timestamp(6) without time zone, - updated_at timestamp(6) without time zone -); - --- roles & permissions for our backend automation user -GRANT all ON api.builds TO automation; -GRANT SELECT ON api.builds TO web_anon; - - --- trigger function for starting the appropriate task when a new api.builds row is added -CREATE FUNCTION public.tg__add_build_job() RETURNS trigger - LANGUAGE plpgsql SECURITY DEFINER - SET search_path TO 'pg_catalog', 'public', 'pg_temp' - AS $$ - begin - PERFORM graphile_worker.add_job(NEW.task, json_build_object( - 'vod', NEW.vod - ), max_attempts := 6); - return NEW; - end; - $$; - - - -CREATE TRIGGER create_build - AFTER UPDATE ON api.builds - FOR EACH ROW - EXECUTE FUNCTION tg__add_build_job(); diff --git a/services/migrations-schema/migrations/00073_update-builds-table-timestamps.sql b/services/migrations-schema/migrations/00073_update-builds-table-timestamps.sql deleted file mode 100644 index eb3f060..0000000 --- a/services/migrations-schema/migrations/00073_update-builds-table-timestamps.sql +++ /dev/null @@ -1,14 +0,0 @@ - - - -ALTER TABLE api.builds - ALTER COLUMN created_at SET DEFAULT now(); - -ALTER TABLE api.builds - ALTER COLUMN updated_at SET DEFAULT now(); - -CREATE TRIGGER update_builds - BEFORE UPDATE ON api.builds - FOR EACH ROW - EXECUTE PROCEDURE moddatetime(updated_at); - diff --git a/services/migrations-schema/migrations/00074_switch-after-update-to-after-insert.sql b/services/migrations-schema/migrations/00074_switch-after-update-to-after-insert.sql deleted file mode 100644 index 30d0bfe..0000000 --- a/services/migrations-schema/migrations/00074_switch-after-update-to-after-insert.sql +++ /dev/null @@ -1,7 +0,0 @@ --- fixing a mistake. I accidentally did AFTER UPDATE when I wanted AFTER INSERT. -DROP TRIGGER create_build ON api.builds; - -CREATE TRIGGER create_build - AFTER INSERT ON api.builds - FOR EACH ROW - EXECUTE FUNCTION tg__add_build_job(); diff --git a/services/migrations-schema/migrations/00075_add-checksum-to-segments.sql b/services/migrations-schema/migrations/00075_add-checksum-to-segments.sql deleted file mode 100644 index 609c92d..0000000 --- a/services/migrations-schema/migrations/00075_add-checksum-to-segments.sql +++ /dev/null @@ -1,2 +0,0 @@ -ALTER TABLE api.segments - ADD COLUMN checksum TEXT; \ No newline at end of file diff --git a/services/migrations-schema/migrations/00076_builds-use-vod_id-instead-of-vod.sql b/services/migrations-schema/migrations/00076_builds-use-vod_id-instead-of-vod.sql deleted file mode 100644 index e0ec59e..0000000 --- a/services/migrations-schema/migrations/00076_builds-use-vod_id-instead-of-vod.sql +++ /dev/null @@ -1,8 +0,0 @@ - --- for consistency, using vod_id instead of vod - -ALTER TABLE api.builds - DROP COLUMN vod; - -ALTER TABLE api.builds - ADD COLUMN vod_id UUID NOT NULL REFERENCES api.vods(id); \ No newline at end of file diff --git a/services/migrations-schema/migrations/00077_builds-trigger-change-vod-to-vod_id.sql b/services/migrations-schema/migrations/00077_builds-trigger-change-vod-to-vod_id.sql deleted file mode 100644 index d52cf50..0000000 --- a/services/migrations-schema/migrations/00077_builds-trigger-change-vod-to-vod_id.sql +++ /dev/null @@ -1,22 +0,0 @@ - --- we've renamed api.builds.vod to api.builds.vod_id -DROP FUNCTION public.tg__add_build_job CASCADE; - - -CREATE FUNCTION public.tg__add_build_job() RETURNS trigger - LANGUAGE plpgsql SECURITY DEFINER - SET search_path TO 'pg_catalog', 'public', 'pg_temp' - AS $$ - begin - PERFORM graphile_worker.add_job(NEW.task, json_build_object( - 'vod_id', NEW.vod_id - ), max_attempts := 6); - return NEW; - end; - $$; - - -CREATE TRIGGER create_build - AFTER UPDATE ON api.builds - FOR EACH ROW - EXECUTE FUNCTION tg__add_build_job(); diff --git a/services/migrations-schema/migrations/00078_add-bytes_uploaded-to-segments.sql b/services/migrations-schema/migrations/00078_add-bytes_uploaded-to-segments.sql deleted file mode 100644 index 32752b4..0000000 --- a/services/migrations-schema/migrations/00078_add-bytes_uploaded-to-segments.sql +++ /dev/null @@ -1,2 +0,0 @@ -ALTER TABLE api.segments - ADD COLUMN bytes_uploaded BIGINT DEFAULT 0; \ No newline at end of file diff --git a/services/migrations-schema/migrations/00079_stream_id-optional.sql b/services/migrations-schema/migrations/00079_stream_id-optional.sql deleted file mode 100644 index 3d0a395..0000000 --- a/services/migrations-schema/migrations/00079_stream_id-optional.sql +++ /dev/null @@ -1,9 +0,0 @@ - --- data migrations are really difficult if api.vods.stream_id is required. Thus we make NULL allowed on stream_id - -ALTER TABLE api.vods - DROP COLUMN stream_id; - -ALTER TABLE api.vods - ADD COLUMN stream_id UUID REFERENCES api.streams(id); - diff --git a/services/migrations-schema/migrations/00080_add-created_at-to-vtubers.sql b/services/migrations-schema/migrations/00080_add-created_at-to-vtubers.sql deleted file mode 100644 index d43464c..0000000 --- a/services/migrations-schema/migrations/00080_add-created_at-to-vtubers.sql +++ /dev/null @@ -1,11 +0,0 @@ -ALTER TABLE api.vtubers - ADD COLUMN created_at TIMESTAMP(6) WITHOUT TIME ZONE; - -ALTER TABLE api.vtubers - ADD COLUMN updated_at TIMESTAMP(6) WITHOUT TIME ZONE; - -ALTER TABLE api.vtubers - ALTER COLUMN created_at SET DEFAULT now(); - -ALTER TABLE api.vtubers - ALTER COLUMN updated_at SET DEFAULT now(); \ No newline at end of file diff --git a/services/migrations-schema/migrations/00081_add-id_deprecated-to-vods.sql b/services/migrations-schema/migrations/00081_add-id_deprecated-to-vods.sql deleted file mode 100644 index e863384..0000000 --- a/services/migrations-schema/migrations/00081_add-id_deprecated-to-vods.sql +++ /dev/null @@ -1,3 +0,0 @@ --- for temporary data migration purposes, we add api.vods.id_deprecated which is an int and thus compatible with Strapi's IDs that we are importing -ALTER TABLE api.vtubers - ADD COLUMN id_deprecated int; diff --git a/services/migrations-schema/migrations/00082_add-id_deprecated-to-s3_files.sql b/services/migrations-schema/migrations/00082_add-id_deprecated-to-s3_files.sql deleted file mode 100644 index 4c778a3..0000000 --- a/services/migrations-schema/migrations/00082_add-id_deprecated-to-s3_files.sql +++ /dev/null @@ -1,3 +0,0 @@ --- for temporary data migration purposes, we add api.s3_files.id_deprecated which is an int and thus compatible with Strapi's IDs that we are importing -ALTER TABLE api.s3_files - ADD COLUMN id_deprecated int; diff --git a/services/migrations-schema/migrations/00083_create_vods_s3_join.sql b/services/migrations-schema/migrations/00083_create_vods_s3_join.sql deleted file mode 100644 index 735e8aa..0000000 --- a/services/migrations-schema/migrations/00083_create_vods_s3_join.sql +++ /dev/null @@ -1,5 +0,0 @@ -CREATE TABLE api.vods_s3_file_join ( - id uuid PRIMARY KEY DEFAULT gen_random_uuid(), - vod_id uuid, - s3_file_id uuid -); \ No newline at end of file diff --git a/services/migrations-schema/migrations/00084_add-file_id-to-s3_files.sql b/services/migrations-schema/migrations/00084_add-file_id-to-s3_files.sql deleted file mode 100644 index fa08332..0000000 --- a/services/migrations-schema/migrations/00084_add-file_id-to-s3_files.sql +++ /dev/null @@ -1,2 +0,0 @@ -ALTER TABLE api.s3_files - ADD COLUMN file_id TEXT; diff --git a/services/migrations-schema/migrations/00085_sync-s3_files.sql b/services/migrations-schema/migrations/00085_sync-s3_files.sql deleted file mode 100644 index 94493cf..0000000 --- a/services/migrations-schema/migrations/00085_sync-s3_files.sql +++ /dev/null @@ -1,9 +0,0 @@ --- undo last because it was redundant. we don't need file_id because the same data is in s3_id -ALTER TABLE api.s3_files - DROP COLUMN file_id; - --- add created_at and updated_at to match strapi data -ALTER TABLE api.s3_files - ADD COLUMN created_at timestamp(6) without time zone; -ALTER TABLE api.s3_files - ADD COLUMN updated_at timestamp(6) without time zone; \ No newline at end of file diff --git a/services/migrations-schema/migrations/00086_add-cdn_url-to-s3_files.sql b/services/migrations-schema/migrations/00086_add-cdn_url-to-s3_files.sql deleted file mode 100644 index db2a82d..0000000 --- a/services/migrations-schema/migrations/00086_add-cdn_url-to-s3_files.sql +++ /dev/null @@ -1,2 +0,0 @@ -ALTER TABLE api.s3_files - ADD COLUMN cdn_url TEXT; \ No newline at end of file diff --git a/services/migrations-schema/migrations/00087_remove-id_deprecated.sql b/services/migrations-schema/migrations/00087_remove-id_deprecated.sql deleted file mode 100644 index 1c73d22..0000000 --- a/services/migrations-schema/migrations/00087_remove-id_deprecated.sql +++ /dev/null @@ -1,2 +0,0 @@ -ALTER TABLE api.s3_files - DROP COLUMN id_deprecated; diff --git a/services/migrations-schema/migrations/00088_remove-id_deprecated-from-vtubers.sql b/services/migrations-schema/migrations/00088_remove-id_deprecated-from-vtubers.sql deleted file mode 100644 index 30cb5cb..0000000 --- a/services/migrations-schema/migrations/00088_remove-id_deprecated-from-vtubers.sql +++ /dev/null @@ -1,2 +0,0 @@ -ALTER TABLE api.vtubers - DROP COLUMN id_deprecated; diff --git a/services/migrations-schema/migrations/00089_create-vods_s3_files_join.sql b/services/migrations-schema/migrations/00089_create-vods_s3_files_join.sql deleted file mode 100644 index 1d7e59b..0000000 --- a/services/migrations-schema/migrations/00089_create-vods_s3_files_join.sql +++ /dev/null @@ -1,10 +0,0 @@ --- vods_s3_files_join table schema -CREATE TABLE api.vods_s3_files_join ( - id UUID, - vod_id UUID, - s3_file UUID -); - --- roles & permissions -GRANT all ON api.vods_s3_files_join TO automation; -GRANT SELECT ON api.vods_s3_files_join TO web_anon; \ No newline at end of file diff --git a/services/migrations-schema/migrations/00090_rename-vods-s3-files-joins.sql b/services/migrations-schema/migrations/00090_rename-vods-s3-files-joins.sql deleted file mode 100644 index a154599..0000000 --- a/services/migrations-schema/migrations/00090_rename-vods-s3-files-joins.sql +++ /dev/null @@ -1,19 +0,0 @@ --- we are using joins instead of join because it matches all other table names being plural - --- drop table -DROP TABLE api.vods_s3_files_join CASCADE; - - --- vods_s3_files_joins table schema -CREATE TABLE api.vods_s3_files_joins ( - id UUID, - id_old INT, - vod_id UUID, - s3_file UUID -); - --- roles & permissions -GRANT all ON api.vods_s3_files_joins TO automation; -GRANT SELECT ON api.vods_s3_files_joins TO web_anon; - - diff --git a/services/migrations-schema/migrations/00091_drop-vods_s3_file_join.sql b/services/migrations-schema/migrations/00091_drop-vods_s3_file_join.sql deleted file mode 100644 index d56d214..0000000 --- a/services/migrations-schema/migrations/00091_drop-vods_s3_file_join.sql +++ /dev/null @@ -1,2 +0,0 @@ --- drop table -DROP TABLE api.vods_s3_file_join CASCADE; diff --git a/services/migrations-schema/migrations/00092_use-s3_file_id.sql b/services/migrations-schema/migrations/00092_use-s3_file_id.sql deleted file mode 100644 index d852ed4..0000000 --- a/services/migrations-schema/migrations/00092_use-s3_file_id.sql +++ /dev/null @@ -1,5 +0,0 @@ -ALTER TABLE api.vods_s3_files_joins - DROP COLUMN s3_file; - -ALTER TABLE api.vods_s3_files_joins - ADD COLUMN s3_file_id UUID; diff --git a/services/migrations-schema/migrations/00093_enable-pg_trgm.sql b/services/migrations-schema/migrations/00093_enable-pg_trgm.sql deleted file mode 100644 index c77035b..0000000 --- a/services/migrations-schema/migrations/00093_enable-pg_trgm.sql +++ /dev/null @@ -1,2 +0,0 @@ --- enabling pg_trgm for drupal -CREATE EXTENSION IF NOT EXISTS pg_trgm; diff --git a/services/migrations-schema/migrations/00094_add-patrons-table.sql b/services/migrations-schema/migrations/00094_add-patrons-table.sql deleted file mode 100644 index 44a4865..0000000 --- a/services/migrations-schema/migrations/00094_add-patrons-table.sql +++ /dev/null @@ -1,7 +0,0 @@ -CREATE TABLE api.patrons ( - id uuid PRIMARY KEY DEFAULT gen_random_uuid(), - full_name TEXT NOT NULL, - link TEXT -); -GRANT all ON api.patrons TO automation; -GRANT SELECT ON api.patrons TO web_anon; diff --git a/services/migrations-schema/migrations/00095_create-contributors.sql b/services/migrations-schema/migrations/00095_create-contributors.sql deleted file mode 100644 index 1a6b312..0000000 --- a/services/migrations-schema/migrations/00095_create-contributors.sql +++ /dev/null @@ -1,7 +0,0 @@ -CREATE TABLE api.contributors ( - id uuid PRIMARY KEY DEFAULT gen_random_uuid(), - full_name TEXT NOT NULL, - link TEXT -); -GRANT all ON api.contributors TO automation; -GRANT SELECT ON api.contributors TO web_anon; diff --git a/services/migrations-schema/migrations/00096_add-id_num-to-s3_files.sql b/services/migrations-schema/migrations/00096_add-id_num-to-s3_files.sql deleted file mode 100644 index 17dec9c..0000000 --- a/services/migrations-schema/migrations/00096_add-id_num-to-s3_files.sql +++ /dev/null @@ -1,4 +0,0 @@ --- for strapi to postgrest migration. this col is meant to be deleted later - -ALTER TABLE IF EXISTS api.s3_files - ADD COLUMN IF NOT EXISTS id_num INT; diff --git a/services/migrations-schema/migrations/00097_add-id_num-to-mux-assets.sql b/services/migrations-schema/migrations/00097_add-id_num-to-mux-assets.sql deleted file mode 100644 index 0a41bc8..0000000 --- a/services/migrations-schema/migrations/00097_add-id_num-to-mux-assets.sql +++ /dev/null @@ -1,4 +0,0 @@ --- for strapi to postgrest migration. this col is meant to be deleted later - -ALTER TABLE IF EXISTS api.mux_assets - ADD COLUMN IF NOT EXISTS id_num INT; diff --git a/services/migrations-schema/migrations/00098_add-id_num-to-streams.sql b/services/migrations-schema/migrations/00098_add-id_num-to-streams.sql deleted file mode 100644 index 226ae11..0000000 --- a/services/migrations-schema/migrations/00098_add-id_num-to-streams.sql +++ /dev/null @@ -1,6 +0,0 @@ --- for strapi to postgrest migration. this col is meant to be deleted later -ALTER TABLE IF EXISTS api.streams - ADD COLUMN IF NOT EXISTS id_num INT; - -ALTER TABLE IF EXISTS api.vtubers - ADD COLUMN IF NOT EXISTS id_num INT; \ No newline at end of file diff --git a/services/migrations-schema/migrations/00099_add-vtuber_num.sql b/services/migrations-schema/migrations/00099_add-vtuber_num.sql deleted file mode 100644 index d2e3ee4..0000000 --- a/services/migrations-schema/migrations/00099_add-vtuber_num.sql +++ /dev/null @@ -1,6 +0,0 @@ --- adding an INT col to make it compatible with the strapi migration --- this is meant to be deleted after migration to UUID - - -ALTER TABLE IF EXISTS api.streams - ADD COLUMN IF NOT EXISTS vtuber_num INT; \ No newline at end of file diff --git a/services/migrations-schema/migrations/00100_add-id_num-to-tags.sql b/services/migrations-schema/migrations/00100_add-id_num-to-tags.sql deleted file mode 100644 index 226a049..0000000 --- a/services/migrations-schema/migrations/00100_add-id_num-to-tags.sql +++ /dev/null @@ -1,2 +0,0 @@ -ALTER TABLE IF EXISTS api.tags - ADD COLUMN IF NOT EXISTS id_num INT; \ No newline at end of file diff --git a/services/migrations-schema/migrations/00101_add-missing-cols-to-tags.sql b/services/migrations-schema/migrations/00101_add-missing-cols-to-tags.sql deleted file mode 100644 index 78d8103..0000000 --- a/services/migrations-schema/migrations/00101_add-missing-cols-to-tags.sql +++ /dev/null @@ -1,11 +0,0 @@ -ALTER TABLE IF EXISTS api.tags - ADD COLUMN IF NOT EXISTS created_at TIMESTAMP WITHOUT TIME ZONE; - -ALTER TABLE IF EXISTS api.tags - ADD COLUMN IF NOT EXISTS updated_at TIMESTAMP WITHOUT TIME ZONE; - -ALTER TABLE IF EXISTS api.tags - ADD COLUMN IF NOT EXISTS created_by_id INT; - -ALTER TABLE IF EXISTS api.tags - ADD COLUMN IF NOT EXISTS updated_by_id INT; \ No newline at end of file diff --git a/services/migrations-schema/migrations/00102_add-toy_id_num-to-tags.sql b/services/migrations-schema/migrations/00102_add-toy_id_num-to-tags.sql deleted file mode 100644 index 6314af2..0000000 --- a/services/migrations-schema/migrations/00102_add-toy_id_num-to-tags.sql +++ /dev/null @@ -1,3 +0,0 @@ - -ALTER TABLE IF EXISTS api.tags - ADD COLUMN IF NOT EXISTS toy_id_num INT; \ No newline at end of file diff --git a/services/migrations-schema/migrations/00103_add-toy_num.sql b/services/migrations-schema/migrations/00103_add-toy_num.sql deleted file mode 100644 index e0b7524..0000000 --- a/services/migrations-schema/migrations/00103_add-toy_num.sql +++ /dev/null @@ -1,21 +0,0 @@ - -ALTER TABLE IF EXISTS api.toys - ADD COLUMN IF NOT EXISTS toy_id_num INT; - -ALTER TABLE IF EXISTS api.toys - ADD COLUMN IF NOT EXISTS created_at TIMESTAMP WITHOUT TIME ZONE; - -ALTER TABLE IF EXISTS api.toys - ADD COLUMN IF NOT EXISTS updated_at TIMESTAMP WITHOUT TIME ZONE; - -ALTER TABLE IF EXISTS api.toys - ADD COLUMN IF NOT EXISTS created_by_id_num INT; - -ALTER TABLE IF EXISTS api.toys - ADD COLUMN IF NOT EXISTS updated_by_id_num INT; - -ALTER TABLE IF EXISTS api.toys - ADD COLUMN IF NOT EXISTS created_by_id UUID; - -ALTER TABLE IF EXISTS api.toys - ADD COLUMN IF NOT EXISTS updated_by_id UUID; diff --git a/services/migrations-schema/migrations/00104_add-toy_num-fix.sql b/services/migrations-schema/migrations/00104_add-toy_num-fix.sql deleted file mode 100644 index cb461e0..0000000 --- a/services/migrations-schema/migrations/00104_add-toy_num-fix.sql +++ /dev/null @@ -1,7 +0,0 @@ - - -ALTER TABLE IF EXISTS api.toys - DROP COLUMN IF EXISTS toy_id_num; - -ALTER TABLE IF EXISTS api.toys - ADD COLUMN IF NOT EXISTS id_num INT; \ No newline at end of file diff --git a/services/migrations-schema/migrations/00105_add-id_num-to-vods_links.sql b/services/migrations-schema/migrations/00105_add-id_num-to-vods_links.sql deleted file mode 100644 index 4797c5a..0000000 --- a/services/migrations-schema/migrations/00105_add-id_num-to-vods_links.sql +++ /dev/null @@ -1,18 +0,0 @@ - -ALTER TABLE IF EXISTS api.vods_mux_asset_links - ADD COLUMN IF NOT EXISTS id_num INT; - -ALTER TABLE IF EXISTS api.vods_stream_links - ADD COLUMN IF NOT EXISTS id_num INT; - -ALTER TABLE IF EXISTS api.vods_thumbnail_links - ADD COLUMN IF NOT EXISTS id_num INT; - -ALTER TABLE IF EXISTS api.vods_uploader_links - ADD COLUMN IF NOT EXISTS id_num INT; - -ALTER TABLE IF EXISTS api.vods_video_src_b_2_links - ADD COLUMN IF NOT EXISTS id_num INT; - -ALTER TABLE IF EXISTS api.vods_vtuber_links - ADD COLUMN IF NOT EXISTS id_num INT; \ No newline at end of file diff --git a/services/migrations-schema/migrations/00106_add-id_num-to-vods.sql b/services/migrations-schema/migrations/00106_add-id_num-to-vods.sql deleted file mode 100644 index 61bacf8..0000000 --- a/services/migrations-schema/migrations/00106_add-id_num-to-vods.sql +++ /dev/null @@ -1,2 +0,0 @@ -ALTER TABLE IF EXISTS api.vods - ADD COLUMN IF NOT EXISTS id_num INT; \ No newline at end of file diff --git a/services/migrations-schema/migrations/00107_remove-uuid.sql b/services/migrations-schema/migrations/00107_remove-uuid.sql deleted file mode 100644 index 002fee2..0000000 --- a/services/migrations-schema/migrations/00107_remove-uuid.sql +++ /dev/null @@ -1,125 +0,0 @@ --- I was planning on migrating strapi database to postgrest and also migrating from INT to UUID. --- Doing both at once proved far too complex, so I'm reverting the schmea to use INT ids in order to migrate. --- Once that is done we can switch to uuids, but the two steps should be separate - -DO $$ -BEGIN - -- api.builds - ALTER TABLE api.builds DROP COLUMN id CASCADE; - ALTER TABLE api.builds ADD COLUMN id INT GENERATED ALWAYS AS IDENTITY PRIMARY KEY; - ALTER TABLE api.builds DROP COLUMN vod_id CASCADE; - ALTER TABLE api.builds ADD COLUMN vod_id INT; - - -- api.contributors - ALTER TABLE api.contributors DROP COLUMN id CASCADE; - ALTER TABLE api.contributors ADD COLUMN id INT GENERATED ALWAYS AS IDENTITY PRIMARY KEY; - - -- api.discord_interactions - ALTER TABLE api.discord_interactions DROP COLUMN id CASCADE; - ALTER TABLE api.discord_interactions ADD COLUMN id INT GENERATED ALWAYS AS IDENTITY PRIMARY KEY; - - -- api.mux_assets - ALTER TABLE api.mux_assets DROP COLUMN id CASCADE; - ALTER TABLE api.mux_assets ADD COLUMN id INT GENERATED ALWAYS AS IDENTITY PRIMARY KEY; - - -- api.patrons - ALTER TABLE api.patrons DROP COLUMN id CASCADE; - ALTER TABLE api.patrons ADD COLUMN id INT GENERATED ALWAYS AS IDENTITY PRIMARY KEY; - - -- api.recordings - ALTER TABLE api.recordings DROP COLUMN id CASCADE; - ALTER TABLE api.recordings ADD COLUMN id INT GENERATED ALWAYS AS IDENTITY PRIMARY KEY; - ALTER TABLE api.recordings DROP COLUMN discord_interaction_id CASCADE; - ALTER TABLE api.recordings ADD COLUMN discord_interaction_id INT; - - -- api.s3_files - ALTER TABLE api.s3_files DROP COLUMN id CASCADE; - ALTER TABLE api.s3_files ADD COLUMN id INT GENERATED ALWAYS AS IDENTITY PRIMARY KEY; - - -- api.segments - ALTER TABLE api.segments DROP COLUMN id CASCADE; - ALTER TABLE api.segments ADD COLUMN id INT GENERATED ALWAYS AS IDENTITY PRIMARY KEY; - ALTER TABLE api.segments DROP COLUMN vod_id CASCADE; - ALTER TABLE api.segments ADD COLUMN vod_id INT; - - -- api.segments_vod_links - ALTER TABLE api.segments_vod_links DROP COLUMN id CASCADE; - ALTER TABLE api.segments_vod_links ADD COLUMN id INT GENERATED ALWAYS AS IDENTITY PRIMARY KEY; - ALTER TABLE api.segments_vod_links DROP COLUMN segment_id CASCADE; - ALTER TABLE api.segments_vod_links ADD COLUMN segment_id INT; - ALTER TABLE api.segments_vod_links DROP COLUMN vod_id CASCADE; - ALTER TABLE api.segments_vod_links ADD COLUMN vod_id INT; - - -- api.streams - ALTER TABLE api.streams DROP COLUMN id CASCADE; - ALTER TABLE api.streams ADD COLUMN id INT GENERATED ALWAYS AS IDENTITY PRIMARY KEY; - ALTER TABLE api.streams DROP COLUMN vtuber CASCADE; - ALTER TABLE api.streams ADD COLUMN vtuber INT; - - -- api.tags - ALTER TABLE api.tags DROP COLUMN id CASCADE; - ALTER TABLE api.tags ADD COLUMN id INT GENERATED ALWAYS AS IDENTITY PRIMARY KEY; - ALTER TABLE api.tags DROP COLUMN toy_id CASCADE; - ALTER TABLE api.tags ADD COLUMN toy_id INT; - - -- api.tags_vods - ALTER TABLE api.tags_vods DROP COLUMN id CASCADE; - ALTER TABLE api.tags_vods ADD COLUMN id INT GENERATED ALWAYS AS IDENTITY PRIMARY KEY; - ALTER TABLE api.tags_vods DROP COLUMN tag_id CASCADE; - ALTER TABLE api.tags_vods ADD COLUMN tag_id INT; - ALTER TABLE api.tags_vods DROP COLUMN vod_id CASCADE; - ALTER TABLE api.tags_vods ADD COLUMN vod_id INT; - - -- api.toys - ALTER TABLE api.toys DROP COLUMN id CASCADE; - ALTER TABLE api.toys ADD COLUMN id INT GENERATED ALWAYS AS IDENTITY PRIMARY KEY; - ALTER TABLE api.toys DROP COLUMN created_by_id CASCADE; - ALTER TABLE api.toys ADD COLUMN created_by_id INT; - ALTER TABLE api.toys DROP COLUMN updated_by_id CASCADE; - ALTER TABLE api.toys ADD COLUMN updated_by_id INT; - - -- api.toys_tags - ALTER TABLE api.toys_tags DROP COLUMN id CASCADE; - ALTER TABLE api.toys_tags ADD COLUMN id INT GENERATED ALWAYS AS IDENTITY PRIMARY KEY; - ALTER TABLE api.toys_tags DROP COLUMN tag_id CASCADE; - ALTER TABLE api.toys_tags ADD COLUMN tag_id INT; - ALTER TABLE api.toys_tags DROP COLUMN toy_id CASCADE; - ALTER TABLE api.toys_tags ADD COLUMN toy_id INT; - - -- api.toys_vtubers - ALTER TABLE api.toys_vtubers DROP COLUMN id CASCADE; - ALTER TABLE api.toys_vtubers ADD COLUMN id INT GENERATED ALWAYS AS IDENTITY PRIMARY KEY; - ALTER TABLE api.toys_vtubers DROP COLUMN toy_id CASCADE; - ALTER TABLE api.toys_vtubers ADD COLUMN toy_id INT; - ALTER TABLE api.toys_vtubers DROP COLUMN vtuber_id CASCADE; - ALTER TABLE api.toys_vtubers ADD COLUMN vtuber_id INT; - - -- api.vods - ALTER TABLE api.vods DROP COLUMN id CASCADE; - ALTER TABLE api.vods ADD COLUMN id INT GENERATED ALWAYS AS IDENTITY PRIMARY KEY; - ALTER TABLE api.vods DROP COLUMN mux_asset CASCADE; - ALTER TABLE api.vods ADD COLUMN mux_asset INT; - ALTER TABLE api.vods DROP COLUMN recording_id CASCADE; - ALTER TABLE api.vods ADD COLUMN recording_id INT; - ALTER TABLE api.vods DROP COLUMN s3_file CASCADE; - ALTER TABLE api.vods ADD COLUMN s3_file INT; - ALTER TABLE api.vods DROP COLUMN stream_id CASCADE; - ALTER TABLE api.vods ADD COLUMN stream_id INT; - ALTER TABLE api.vods DROP COLUMN thumbnail CASCADE; - ALTER TABLE api.vods ADD COLUMN thumbnail INT; - ALTER TABLE api.vods DROP COLUMN vtuber CASCADE; - ALTER TABLE api.vods ADD COLUMN vtuber INT; - - -- api.vods_s3_files_joins - ALTER TABLE api.vods_s3_files_joins DROP COLUMN id CASCADE; - ALTER TABLE api.vods_s3_files_joins ADD COLUMN id INT GENERATED ALWAYS AS IDENTITY PRIMARY KEY; - ALTER TABLE api.vods_s3_files_joins DROP COLUMN s3_file_id CASCADE; - ALTER TABLE api.vods_s3_files_joins ADD COLUMN s3_file_id INT; - ALTER TABLE api.vods_s3_files_joins DROP COLUMN vod_id CASCADE; - ALTER TABLE api.vods_s3_files_joins ADD COLUMN vod_id INT; - - -- api.vtubers - ALTER TABLE api.vtubers DROP COLUMN id CASCADE; - ALTER TABLE api.vtubers ADD COLUMN id INT GENERATED ALWAYS AS IDENTITY PRIMARY KEY; - -END $$; diff --git a/services/migrations-schema/migrations/00108_add-strapi-tables.sql b/services/migrations-schema/migrations/00108_add-strapi-tables.sql deleted file mode 100644 index 33c24b5..0000000 --- a/services/migrations-schema/migrations/00108_add-strapi-tables.sql +++ /dev/null @@ -1,47 +0,0 @@ - -CREATE TABLE IF NOT EXISTS api.streams_vtuber_links -( - id integer NOT NULL, - stream_id integer, - vtuber_id integer, - stream_order double precision, - CONSTRAINT streams_vtuber_links_pkey PRIMARY KEY (id), - CONSTRAINT streams_vtuber_links_unique UNIQUE (stream_id, vtuber_id), - CONSTRAINT streams_vtuber_links_fk FOREIGN KEY (stream_id) - REFERENCES api.streams (id) MATCH SIMPLE - ON UPDATE NO ACTION - ON DELETE CASCADE, - CONSTRAINT streams_vtuber_links_inv_fk FOREIGN KEY (vtuber_id) - REFERENCES api.vtubers (id) MATCH SIMPLE - ON UPDATE NO ACTION - ON DELETE CASCADE -) - -TABLESPACE pg_default; - -ALTER TABLE IF EXISTS api.streams_vtuber_links - OWNER to postgres; --- Index: streams_vtuber_links_fk - --- DROP INDEX IF EXISTS api.streams_vtuber_links_fk; - -CREATE INDEX IF NOT EXISTS streams_vtuber_links_fk - ON api.streams_vtuber_links USING btree - (stream_id ASC NULLS LAST) - TABLESPACE pg_default; --- Index: streams_vtuber_links_inv_fk - --- DROP INDEX IF EXISTS api.streams_vtuber_links_inv_fk; - -CREATE INDEX IF NOT EXISTS streams_vtuber_links_inv_fk - ON api.streams_vtuber_links USING btree - (vtuber_id ASC NULLS LAST) - TABLESPACE pg_default; --- Index: streams_vtuber_links_order_inv_fk - --- DROP INDEX IF EXISTS api.streams_vtuber_links_order_inv_fk; - -CREATE INDEX IF NOT EXISTS streams_vtuber_links_order_inv_fk - ON api.streams_vtuber_links USING btree - (stream_order ASC NULLS LAST) - TABLESPACE pg_default; \ No newline at end of file diff --git a/services/migrations-schema/migrations/00109_use-consistent-description_1.sql b/services/migrations-schema/migrations/00109_use-consistent-description_1.sql deleted file mode 100644 index 3f7109d..0000000 --- a/services/migrations-schema/migrations/00109_use-consistent-description_1.sql +++ /dev/null @@ -1,5 +0,0 @@ -ALTER TABLE api.vtubers DROP COLUMN description1; -ALTER TABLE api.vtubers DROP COLUMN description2; - -ALTER TABLE api.vtubers ADD COLUMN description_1 TEXT; -ALTER TABLE api.vtubers ADD COLUMN description_2 TEXT; \ No newline at end of file diff --git a/services/migrations-schema/migrations/00110_unseed-vtubers.sql b/services/migrations-schema/migrations/00110_unseed-vtubers.sql deleted file mode 100644 index 6af82b6..0000000 --- a/services/migrations-schema/migrations/00110_unseed-vtubers.sql +++ /dev/null @@ -1,5 +0,0 @@ --- we are removing vtuber rows because vtubers are data. --- data is not supposed to be part of schema migrations --- @see https://github.com/zakpatterson/postgres-schema-migrations?tab=readme-ov-file#schema-migrations-vs-data-migrations - -DELETE FROM api.vtubers; \ No newline at end of file diff --git a/services/migrations-schema/migrations/00111_create-strapi-tables-tvr.sql b/services/migrations-schema/migrations/00111_create-strapi-tables-tvr.sql deleted file mode 100644 index 8bca59b..0000000 --- a/services/migrations-schema/migrations/00111_create-strapi-tables-tvr.sql +++ /dev/null @@ -1,33 +0,0 @@ - -CREATE TABLE IF NOT EXISTS api.tag_vod_relations -( - id integer NOT NULL, - votes integer, - creator_id integer, - created_at timestamp(6) without time zone, - updated_at timestamp(6) without time zone, - created_by_id integer, - updated_by_id integer, - CONSTRAINT tag_vod_relations_pkey PRIMARY KEY (id) -) - -TABLESPACE pg_default; - -ALTER TABLE IF EXISTS api.tag_vod_relations - OWNER to postgres; --- Index: tag_vod_relations_created_by_id_fk - --- DROP INDEX IF EXISTS api.tag_vod_relations_created_by_id_fk; - -CREATE INDEX IF NOT EXISTS tag_vod_relations_created_by_id_fk - ON api.tag_vod_relations USING btree - (created_by_id ASC NULLS LAST) - TABLESPACE pg_default; --- Index: tag_vod_relations_updated_by_id_fk - --- DROP INDEX IF EXISTS api.tag_vod_relations_updated_by_id_fk; - -CREATE INDEX IF NOT EXISTS tag_vod_relations_updated_by_id_fk - ON api.tag_vod_relations USING btree - (updated_by_id ASC NULLS LAST) - TABLESPACE pg_default; \ No newline at end of file diff --git a/services/migrations-schema/migrations/00112_create-tvr_tag_links.sql b/services/migrations-schema/migrations/00112_create-tvr_tag_links.sql deleted file mode 100644 index 48fdcb8..0000000 --- a/services/migrations-schema/migrations/00112_create-tvr_tag_links.sql +++ /dev/null @@ -1,38 +0,0 @@ - -CREATE TABLE IF NOT EXISTS api.tag_vod_relations_tag_links -( - id integer NOT NULL, - tag_vod_relation_id integer, - tag_id integer, - CONSTRAINT tag_vod_relations_tag_links_pkey PRIMARY KEY (id), - CONSTRAINT tag_vod_relations_tag_links_unique UNIQUE (tag_vod_relation_id, tag_id), - CONSTRAINT tag_vod_relations_tag_links_fk FOREIGN KEY (tag_vod_relation_id) - REFERENCES api.tag_vod_relations (id) MATCH SIMPLE - ON UPDATE NO ACTION - ON DELETE CASCADE, - CONSTRAINT tag_vod_relations_tag_links_inv_fk FOREIGN KEY (tag_id) - REFERENCES api.tags (id) MATCH SIMPLE - ON UPDATE NO ACTION - ON DELETE CASCADE -) - -TABLESPACE pg_default; - -ALTER TABLE IF EXISTS api.tag_vod_relations_tag_links - OWNER to postgres; --- Index: tag_vod_relations_tag_links_fk - --- DROP INDEX IF EXISTS api.tag_vod_relations_tag_links_fk; - -CREATE INDEX IF NOT EXISTS tag_vod_relations_tag_links_fk - ON api.tag_vod_relations_tag_links USING btree - (tag_vod_relation_id ASC NULLS LAST) - TABLESPACE pg_default; --- Index: tag_vod_relations_tag_links_inv_fk - --- DROP INDEX IF EXISTS api.tag_vod_relations_tag_links_inv_fk; - -CREATE INDEX IF NOT EXISTS tag_vod_relations_tag_links_inv_fk - ON api.tag_vod_relations_tag_links USING btree - (tag_id ASC NULLS LAST) - TABLESPACE pg_default; \ No newline at end of file diff --git a/services/migrations-schema/migrations/00113_create-tvr_vod_links.sql b/services/migrations-schema/migrations/00113_create-tvr_vod_links.sql deleted file mode 100644 index 76abe0e..0000000 --- a/services/migrations-schema/migrations/00113_create-tvr_vod_links.sql +++ /dev/null @@ -1,47 +0,0 @@ - -CREATE TABLE IF NOT EXISTS api.tag_vod_relations_vod_links -( - id integer NOT NULL, - tag_vod_relation_id integer, - vod_id integer, - tag_vod_relation_order double precision, - CONSTRAINT tag_vod_relations_vod_links_pkey PRIMARY KEY (id), - CONSTRAINT tag_vod_relations_vod_links_unique UNIQUE (tag_vod_relation_id, vod_id), - CONSTRAINT tag_vod_relations_vod_links_fk FOREIGN KEY (tag_vod_relation_id) - REFERENCES api.tag_vod_relations (id) MATCH SIMPLE - ON UPDATE NO ACTION - ON DELETE CASCADE, - CONSTRAINT tag_vod_relations_vod_links_inv_fk FOREIGN KEY (vod_id) - REFERENCES api.vods (id) MATCH SIMPLE - ON UPDATE NO ACTION - ON DELETE CASCADE -) - -TABLESPACE pg_default; - -ALTER TABLE IF EXISTS api.tag_vod_relations_vod_links - OWNER to postgres; --- Index: tag_vod_relations_vod_links_fk - --- DROP INDEX IF EXISTS api.tag_vod_relations_vod_links_fk; - -CREATE INDEX IF NOT EXISTS tag_vod_relations_vod_links_fk - ON api.tag_vod_relations_vod_links USING btree - (tag_vod_relation_id ASC NULLS LAST) - TABLESPACE pg_default; --- Index: tag_vod_relations_vod_links_inv_fk - --- DROP INDEX IF EXISTS api.tag_vod_relations_vod_links_inv_fk; - -CREATE INDEX IF NOT EXISTS tag_vod_relations_vod_links_inv_fk - ON api.tag_vod_relations_vod_links USING btree - (vod_id ASC NULLS LAST) - TABLESPACE pg_default; --- Index: tag_vod_relations_vod_links_order_inv_fk - --- DROP INDEX IF EXISTS api.tag_vod_relations_vod_links_order_inv_fk; - -CREATE INDEX IF NOT EXISTS tag_vod_relations_vod_links_order_inv_fk - ON api.tag_vod_relations_vod_links USING btree - (tag_vod_relation_order ASC NULLS LAST) - TABLESPACE pg_default; \ No newline at end of file diff --git a/services/migrations-schema/migrations/00114_create-tags_toy_links.sql b/services/migrations-schema/migrations/00114_create-tags_toy_links.sql deleted file mode 100644 index 70cbe39..0000000 --- a/services/migrations-schema/migrations/00114_create-tags_toy_links.sql +++ /dev/null @@ -1,47 +0,0 @@ - -CREATE TABLE IF NOT EXISTS api.tags_toy_links -( - id integer NOT NULL, - tag_id integer, - toy_id integer, - tag_order double precision, - CONSTRAINT tags_toy_links_pkey PRIMARY KEY (id), - CONSTRAINT tags_toy_links_unique UNIQUE (tag_id, toy_id), - CONSTRAINT tags_toy_links_fk FOREIGN KEY (tag_id) - REFERENCES api.tags (id) MATCH SIMPLE - ON UPDATE NO ACTION - ON DELETE CASCADE, - CONSTRAINT tags_toy_links_inv_fk FOREIGN KEY (toy_id) - REFERENCES api.toys (id) MATCH SIMPLE - ON UPDATE NO ACTION - ON DELETE CASCADE -) - -TABLESPACE pg_default; - -ALTER TABLE IF EXISTS api.tags_toy_links - OWNER to postgres; --- Index: tags_toy_links_fk - --- DROP INDEX IF EXISTS api.tags_toy_links_fk; - -CREATE INDEX IF NOT EXISTS tags_toy_links_fk - ON api.tags_toy_links USING btree - (tag_id ASC NULLS LAST) - TABLESPACE pg_default; --- Index: tags_toy_links_inv_fk - --- DROP INDEX IF EXISTS api.tags_toy_links_inv_fk; - -CREATE INDEX IF NOT EXISTS tags_toy_links_inv_fk - ON api.tags_toy_links USING btree - (toy_id ASC NULLS LAST) - TABLESPACE pg_default; --- Index: tags_toy_links_order_inv_fk - --- DROP INDEX IF EXISTS api.tags_toy_links_order_inv_fk; - -CREATE INDEX IF NOT EXISTS tags_toy_links_order_inv_fk - ON api.tags_toy_links USING btree - (tag_order ASC NULLS LAST) - TABLESPACE pg_default; \ No newline at end of file diff --git a/services/migrations-schema/migrations/00115_create-tags_vods_links.sql b/services/migrations-schema/migrations/00115_create-tags_vods_links.sql deleted file mode 100644 index 7d7f78e..0000000 --- a/services/migrations-schema/migrations/00115_create-tags_vods_links.sql +++ /dev/null @@ -1,55 +0,0 @@ -CREATE TABLE IF NOT EXISTS api.tags_vods_links -( - id integer NOT NULL, - tag_id integer, - vod_id integer, - vod_order double precision, - tag_order double precision, - CONSTRAINT tags_vods_links_pkey PRIMARY KEY (id), - CONSTRAINT tags_vods_links_unique UNIQUE (tag_id, vod_id), - CONSTRAINT tags_vods_links_fk FOREIGN KEY (tag_id) - REFERENCES api.tags (id) MATCH SIMPLE - ON UPDATE NO ACTION - ON DELETE CASCADE, - CONSTRAINT tags_vods_links_inv_fk FOREIGN KEY (vod_id) - REFERENCES api.vods (id) MATCH SIMPLE - ON UPDATE NO ACTION - ON DELETE CASCADE -) - -TABLESPACE pg_default; - -ALTER TABLE IF EXISTS api.tags_vods_links - OWNER to postgres; --- Index: tags_vods_links_fk - --- DROP INDEX IF EXISTS api.tags_vods_links_fk; - -CREATE INDEX IF NOT EXISTS tags_vods_links_fk - ON api.tags_vods_links USING btree - (tag_id ASC NULLS LAST) - TABLESPACE pg_default; --- Index: tags_vods_links_inv_fk - --- DROP INDEX IF EXISTS api.tags_vods_links_inv_fk; - -CREATE INDEX IF NOT EXISTS tags_vods_links_inv_fk - ON api.tags_vods_links USING btree - (vod_id ASC NULLS LAST) - TABLESPACE pg_default; --- Index: tags_vods_links_order_fk - --- DROP INDEX IF EXISTS api.tags_vods_links_order_fk; - -CREATE INDEX IF NOT EXISTS tags_vods_links_order_fk - ON api.tags_vods_links USING btree - (vod_order ASC NULLS LAST) - TABLESPACE pg_default; --- Index: tags_vods_links_order_inv_fk - --- DROP INDEX IF EXISTS api.tags_vods_links_order_inv_fk; - -CREATE INDEX IF NOT EXISTS tags_vods_links_order_inv_fk - ON api.tags_vods_links USING btree - (tag_order ASC NULLS LAST) - TABLESPACE pg_default; \ No newline at end of file diff --git a/services/migrations-schema/migrations/00116_create-timestamps.sql b/services/migrations-schema/migrations/00116_create-timestamps.sql deleted file mode 100644 index f8d1168..0000000 --- a/services/migrations-schema/migrations/00116_create-timestamps.sql +++ /dev/null @@ -1,210 +0,0 @@ --- Table: api.timestamps - --- DROP TABLE IF EXISTS api.timestamps; - -CREATE TABLE IF NOT EXISTS api.timestamps -( - id integer NOT NULL, - "time" integer, - creator_id integer, - created_at timestamp(6) without time zone, - updated_at timestamp(6) without time zone, - created_by_id integer, - updated_by_id integer, - CONSTRAINT timestamps_pkey PRIMARY KEY (id) -) - -TABLESPACE pg_default; - -ALTER TABLE IF EXISTS api.timestamps - OWNER to postgres; --- Index: timestamps_created_by_id_fk - --- DROP INDEX IF EXISTS api.timestamps_created_by_id_fk; - -CREATE INDEX IF NOT EXISTS timestamps_created_by_id_fk - ON api.timestamps USING btree - (created_by_id ASC NULLS LAST) - TABLESPACE pg_default; --- Index: timestamps_updated_by_id_fk - --- DROP INDEX IF EXISTS api.timestamps_updated_by_id_fk; - -CREATE INDEX IF NOT EXISTS timestamps_updated_by_id_fk - ON api.timestamps USING btree - (updated_by_id ASC NULLS LAST) - TABLESPACE pg_default; - - --- Table: api.timestamps - --- DROP TABLE IF EXISTS api.timestamps; - -CREATE TABLE IF NOT EXISTS api.timestamps -( - id integer NOT NULL, - "time" integer, - creator_id integer, - created_at timestamp(6) without time zone, - updated_at timestamp(6) without time zone, - created_by_id integer, - updated_by_id integer, - CONSTRAINT timestamps_pkey PRIMARY KEY (id) -) - -TABLESPACE pg_default; - -ALTER TABLE IF EXISTS api.timestamps - OWNER to postgres; --- Index: timestamps_created_by_id_fk - --- DROP INDEX IF EXISTS api.timestamps_created_by_id_fk; - -CREATE INDEX IF NOT EXISTS timestamps_created_by_id_fk - ON api.timestamps USING btree - (created_by_id ASC NULLS LAST) - TABLESPACE pg_default; --- Index: timestamps_updated_by_id_fk - --- DROP INDEX IF EXISTS api.timestamps_updated_by_id_fk; - -CREATE INDEX IF NOT EXISTS timestamps_updated_by_id_fk - ON api.timestamps USING btree - (updated_by_id ASC NULLS LAST) - TABLESPACE pg_default; - - --- Table: api.timestamps - --- DROP TABLE IF EXISTS api.timestamps; - -CREATE TABLE IF NOT EXISTS api.timestamps -( - id integer NOT NULL, - "time" integer, - creator_id integer, - created_at timestamp(6) without time zone, - updated_at timestamp(6) without time zone, - created_by_id integer, - updated_by_id integer, - CONSTRAINT timestamps_pkey PRIMARY KEY (id) -) - -TABLESPACE pg_default; - -ALTER TABLE IF EXISTS api.timestamps - OWNER to postgres; --- Index: timestamps_created_by_id_fk - --- DROP INDEX IF EXISTS api.timestamps_created_by_id_fk; - -CREATE INDEX IF NOT EXISTS timestamps_created_by_id_fk - ON api.timestamps USING btree - (created_by_id ASC NULLS LAST) - TABLESPACE pg_default; --- Index: timestamps_updated_by_id_fk - --- DROP INDEX IF EXISTS api.timestamps_updated_by_id_fk; - -CREATE INDEX IF NOT EXISTS timestamps_updated_by_id_fk - ON api.timestamps USING btree - (updated_by_id ASC NULLS LAST) - TABLESPACE pg_default; - - - --- Table: api.timestamps_upvoters_links - --- DROP TABLE IF EXISTS api.timestamps_upvoters_links; - -CREATE TABLE IF NOT EXISTS api.timestamps_upvoters_links -( - id integer NOT NULL, - timestamp_id integer, - user_id integer, - user_order double precision, - CONSTRAINT timestamps_upvoters_links_pkey PRIMARY KEY (id), - CONSTRAINT timestamps_upvoters_links_unique UNIQUE (timestamp_id, user_id), - CONSTRAINT timestamps_upvoters_links_fk FOREIGN KEY (timestamp_id) - REFERENCES api.timestamps (id) MATCH SIMPLE - ON UPDATE NO ACTION - ON DELETE CASCADE -) - -TABLESPACE pg_default; - -ALTER TABLE IF EXISTS api.timestamps_upvoters_links - OWNER to postgres; --- Index: timestamps_upvoters_links_fk - --- DROP INDEX IF EXISTS api.timestamps_upvoters_links_fk; - -CREATE INDEX IF NOT EXISTS timestamps_upvoters_links_fk - ON api.timestamps_upvoters_links USING btree - (timestamp_id ASC NULLS LAST) - TABLESPACE pg_default; --- Index: timestamps_upvoters_links_inv_fk - --- DROP INDEX IF EXISTS api.timestamps_upvoters_links_inv_fk; - -CREATE INDEX IF NOT EXISTS timestamps_upvoters_links_inv_fk - ON api.timestamps_upvoters_links USING btree - (user_id ASC NULLS LAST) - TABLESPACE pg_default; --- Index: timestamps_upvoters_links_order_fk - --- DROP INDEX IF EXISTS api.timestamps_upvoters_links_order_fk; - -CREATE INDEX IF NOT EXISTS timestamps_upvoters_links_order_fk - ON api.timestamps_upvoters_links USING btree - (user_order ASC NULLS LAST) - TABLESPACE pg_default; - - - --- Table: api.timestamps_upvoters_links - --- DROP TABLE IF EXISTS api.timestamps_upvoters_links; - -CREATE TABLE IF NOT EXISTS api.timestamps_upvoters_links -( - id integer NOT NULL, - timestamp_id integer, - user_id integer, - user_order double precision, - CONSTRAINT timestamps_upvoters_links_pkey PRIMARY KEY (id), - CONSTRAINT timestamps_upvoters_links_unique UNIQUE (timestamp_id, user_id), - CONSTRAINT timestamps_upvoters_links_fk FOREIGN KEY (timestamp_id) - REFERENCES api.timestamps (id) MATCH SIMPLE - ON UPDATE NO ACTION - ON DELETE CASCADE -) - -TABLESPACE pg_default; - -ALTER TABLE IF EXISTS api.timestamps_upvoters_links - OWNER to postgres; --- Index: timestamps_upvoters_links_fk - --- DROP INDEX IF EXISTS api.timestamps_upvoters_links_fk; - -CREATE INDEX IF NOT EXISTS timestamps_upvoters_links_fk - ON api.timestamps_upvoters_links USING btree - (timestamp_id ASC NULLS LAST) - TABLESPACE pg_default; --- Index: timestamps_upvoters_links_inv_fk - --- DROP INDEX IF EXISTS api.timestamps_upvoters_links_inv_fk; - -CREATE INDEX IF NOT EXISTS timestamps_upvoters_links_inv_fk - ON api.timestamps_upvoters_links USING btree - (user_id ASC NULLS LAST) - TABLESPACE pg_default; --- Index: timestamps_upvoters_links_order_fk - --- DROP INDEX IF EXISTS api.timestamps_upvoters_links_order_fk; - -CREATE INDEX IF NOT EXISTS timestamps_upvoters_links_order_fk - ON api.timestamps_upvoters_links USING btree - (user_order ASC NULLS LAST) - TABLESPACE pg_default; \ No newline at end of file diff --git a/services/migrations-schema/migrations/00117_create-timestamps_tag_links.sql b/services/migrations-schema/migrations/00117_create-timestamps_tag_links.sql deleted file mode 100644 index 5c16aae..0000000 --- a/services/migrations-schema/migrations/00117_create-timestamps_tag_links.sql +++ /dev/null @@ -1,41 +0,0 @@ --- Table: api.timestamps_tag_links - --- DROP TABLE IF EXISTS api.timestamps_tag_links; - -CREATE TABLE IF NOT EXISTS api.timestamps_tag_links -( - id integer NOT NULL, - timestamp_id integer, - tag_id integer, - CONSTRAINT timestamps_tag_links_pkey PRIMARY KEY (id), - CONSTRAINT timestamps_tag_links_unique UNIQUE (timestamp_id, tag_id), - CONSTRAINT timestamps_tag_links_fk FOREIGN KEY (timestamp_id) - REFERENCES api.timestamps (id) MATCH SIMPLE - ON UPDATE NO ACTION - ON DELETE CASCADE, - CONSTRAINT timestamps_tag_links_inv_fk FOREIGN KEY (tag_id) - REFERENCES api.tags (id) MATCH SIMPLE - ON UPDATE NO ACTION - ON DELETE CASCADE -) - -TABLESPACE pg_default; - -ALTER TABLE IF EXISTS api.timestamps_tag_links - OWNER to postgres; --- Index: timestamps_tag_links_fk - --- DROP INDEX IF EXISTS api.timestamps_tag_links_fk; - -CREATE INDEX IF NOT EXISTS timestamps_tag_links_fk - ON api.timestamps_tag_links USING btree - (timestamp_id ASC NULLS LAST) - TABLESPACE pg_default; --- Index: timestamps_tag_links_inv_fk - --- DROP INDEX IF EXISTS api.timestamps_tag_links_inv_fk; - -CREATE INDEX IF NOT EXISTS timestamps_tag_links_inv_fk - ON api.timestamps_tag_links USING btree - (tag_id ASC NULLS LAST) - TABLESPACE pg_default; \ No newline at end of file diff --git a/services/migrations-schema/migrations/00118_create-timestamps_vod_links.sql b/services/migrations-schema/migrations/00118_create-timestamps_vod_links.sql deleted file mode 100644 index 9f4d198..0000000 --- a/services/migrations-schema/migrations/00118_create-timestamps_vod_links.sql +++ /dev/null @@ -1,50 +0,0 @@ --- Table: api.timestamps_vod_links - --- DROP TABLE IF EXISTS api.timestamps_vod_links; - -CREATE TABLE IF NOT EXISTS api.timestamps_vod_links -( - id integer NOT NULL, - timestamp_id integer, - vod_id integer, - timestamp_order double precision, - CONSTRAINT timestamps_vod_links_pkey PRIMARY KEY (id), - CONSTRAINT timestamps_vod_links_unique UNIQUE (timestamp_id, vod_id), - CONSTRAINT timestamps_vod_links_fk FOREIGN KEY (timestamp_id) - REFERENCES api.timestamps (id) MATCH SIMPLE - ON UPDATE NO ACTION - ON DELETE CASCADE, - CONSTRAINT timestamps_vod_links_inv_fk FOREIGN KEY (vod_id) - REFERENCES api.vods (id) MATCH SIMPLE - ON UPDATE NO ACTION - ON DELETE CASCADE -) - -TABLESPACE pg_default; - -ALTER TABLE IF EXISTS api.timestamps_vod_links - OWNER to postgres; --- Index: timestamps_vod_links_fk - --- DROP INDEX IF EXISTS api.timestamps_vod_links_fk; - -CREATE INDEX IF NOT EXISTS timestamps_vod_links_fk - ON api.timestamps_vod_links USING btree - (timestamp_id ASC NULLS LAST) - TABLESPACE pg_default; --- Index: timestamps_vod_links_inv_fk - --- DROP INDEX IF EXISTS api.timestamps_vod_links_inv_fk; - -CREATE INDEX IF NOT EXISTS timestamps_vod_links_inv_fk - ON api.timestamps_vod_links USING btree - (vod_id ASC NULLS LAST) - TABLESPACE pg_default; --- Index: timestamps_vod_links_order_inv_fk - --- DROP INDEX IF EXISTS api.timestamps_vod_links_order_inv_fk; - -CREATE INDEX IF NOT EXISTS timestamps_vod_links_order_inv_fk - ON api.timestamps_vod_links USING btree - (timestamp_order ASC NULLS LAST) - TABLESPACE pg_default; \ No newline at end of file diff --git a/services/migrations-schema/migrations/00119_create-toys_link_tag_links.sql b/services/migrations-schema/migrations/00119_create-toys_link_tag_links.sql deleted file mode 100644 index 3b06a90..0000000 --- a/services/migrations-schema/migrations/00119_create-toys_link_tag_links.sql +++ /dev/null @@ -1,41 +0,0 @@ --- Table: api.toys_link_tag_links - --- DROP TABLE IF EXISTS api.toys_link_tag_links; - -CREATE TABLE IF NOT EXISTS api.toys_link_tag_links -( - id integer NOT NULL, - toy_id integer, - tag_id integer, - CONSTRAINT toys_link_tag_links_pkey PRIMARY KEY (id), - CONSTRAINT toys_link_tag_links_unique UNIQUE (toy_id, tag_id), - CONSTRAINT toys_link_tag_links_fk FOREIGN KEY (toy_id) - REFERENCES api.toys (id) MATCH SIMPLE - ON UPDATE NO ACTION - ON DELETE CASCADE, - CONSTRAINT toys_link_tag_links_inv_fk FOREIGN KEY (tag_id) - REFERENCES api.tags (id) MATCH SIMPLE - ON UPDATE NO ACTION - ON DELETE CASCADE -) - -TABLESPACE pg_default; - -ALTER TABLE IF EXISTS api.toys_link_tag_links - OWNER to postgres; --- Index: toys_link_tag_links_fk - --- DROP INDEX IF EXISTS api.toys_link_tag_links_fk; - -CREATE INDEX IF NOT EXISTS toys_link_tag_links_fk - ON api.toys_link_tag_links USING btree - (toy_id ASC NULLS LAST) - TABLESPACE pg_default; --- Index: toys_link_tag_links_inv_fk - --- DROP INDEX IF EXISTS api.toys_link_tag_links_inv_fk; - -CREATE INDEX IF NOT EXISTS toys_link_tag_links_inv_fk - ON api.toys_link_tag_links USING btree - (tag_id ASC NULLS LAST) - TABLESPACE pg_default; \ No newline at end of file diff --git a/services/migrations-schema/migrations/00120_create-vods_mux_asset_links.sql b/services/migrations-schema/migrations/00120_create-vods_mux_asset_links.sql deleted file mode 100644 index 2b29cd5..0000000 --- a/services/migrations-schema/migrations/00120_create-vods_mux_asset_links.sql +++ /dev/null @@ -1,41 +0,0 @@ --- Table: api.vods_mux_asset_links - --- DROP TABLE IF EXISTS api.vods_mux_asset_links; - -CREATE TABLE IF NOT EXISTS api.vods_mux_asset_links -( - id integer NOT NULL, - vod_id integer, - mux_asset_id integer, - CONSTRAINT vods_mux_asset_links_pkey PRIMARY KEY (id), - CONSTRAINT vods_mux_asset_links_unique UNIQUE (vod_id, mux_asset_id), - CONSTRAINT vods_mux_asset_links_fk FOREIGN KEY (vod_id) - REFERENCES api.vods (id) MATCH SIMPLE - ON UPDATE NO ACTION - ON DELETE CASCADE, - CONSTRAINT vods_mux_asset_links_inv_fk FOREIGN KEY (mux_asset_id) - REFERENCES api.mux_assets (id) MATCH SIMPLE - ON UPDATE NO ACTION - ON DELETE CASCADE -) - -TABLESPACE pg_default; - -ALTER TABLE IF EXISTS api.vods_mux_asset_links - OWNER to postgres; --- Index: vods_mux_asset_links_fk - --- DROP INDEX IF EXISTS api.vods_mux_asset_links_fk; - -CREATE INDEX IF NOT EXISTS vods_mux_asset_links_fk - ON api.vods_mux_asset_links USING btree - (vod_id ASC NULLS LAST) - TABLESPACE pg_default; --- Index: vods_mux_asset_links_inv_fk - --- DROP INDEX IF EXISTS api.vods_mux_asset_links_inv_fk; - -CREATE INDEX IF NOT EXISTS vods_mux_asset_links_inv_fk - ON api.vods_mux_asset_links USING btree - (mux_asset_id ASC NULLS LAST) - TABLESPACE pg_default; \ No newline at end of file diff --git a/services/migrations-schema/migrations/00121_create-vods_stream_links.sql b/services/migrations-schema/migrations/00121_create-vods_stream_links.sql deleted file mode 100644 index 57b37b9..0000000 --- a/services/migrations-schema/migrations/00121_create-vods_stream_links.sql +++ /dev/null @@ -1,50 +0,0 @@ --- Table: api.vods_stream_links - --- DROP TABLE IF EXISTS api.vods_stream_links; - -CREATE TABLE IF NOT EXISTS api.vods_stream_links -( - id integer NOT NULL, - vod_id integer, - stream_id integer, - vod_order double precision, - CONSTRAINT vods_stream_links_pkey PRIMARY KEY (id), - CONSTRAINT vods_stream_links_unique UNIQUE (vod_id, stream_id), - CONSTRAINT vods_stream_links_fk FOREIGN KEY (vod_id) - REFERENCES api.vods (id) MATCH SIMPLE - ON UPDATE NO ACTION - ON DELETE CASCADE, - CONSTRAINT vods_stream_links_inv_fk FOREIGN KEY (stream_id) - REFERENCES api.streams (id) MATCH SIMPLE - ON UPDATE NO ACTION - ON DELETE CASCADE -) - -TABLESPACE pg_default; - -ALTER TABLE IF EXISTS api.vods_stream_links - OWNER to postgres; --- Index: vods_stream_links_fk - --- DROP INDEX IF EXISTS api.vods_stream_links_fk; - -CREATE INDEX IF NOT EXISTS vods_stream_links_fk - ON api.vods_stream_links USING btree - (vod_id ASC NULLS LAST) - TABLESPACE pg_default; --- Index: vods_stream_links_inv_fk - --- DROP INDEX IF EXISTS api.vods_stream_links_inv_fk; - -CREATE INDEX IF NOT EXISTS vods_stream_links_inv_fk - ON api.vods_stream_links USING btree - (stream_id ASC NULLS LAST) - TABLESPACE pg_default; --- Index: vods_stream_links_order_inv_fk - --- DROP INDEX IF EXISTS api.vods_stream_links_order_inv_fk; - -CREATE INDEX IF NOT EXISTS vods_stream_links_order_inv_fk - ON api.vods_stream_links USING btree - (vod_order ASC NULLS LAST) - TABLESPACE pg_default; \ No newline at end of file diff --git a/services/migrations-schema/migrations/00122_create-vods_thumbnail_links.sql b/services/migrations-schema/migrations/00122_create-vods_thumbnail_links.sql deleted file mode 100644 index 269838c..0000000 --- a/services/migrations-schema/migrations/00122_create-vods_thumbnail_links.sql +++ /dev/null @@ -1,87 +0,0 @@ - --- Table: api.b2_files - --- DROP TABLE IF EXISTS api.b2_files; - -CREATE TABLE IF NOT EXISTS api.b2_files -( - id integer NOT NULL, - url character varying(255) COLLATE pg_catalog."default", - key character varying(255) COLLATE pg_catalog."default", - upload_id character varying(255) COLLATE pg_catalog."default", - created_at timestamp(6) without time zone, - updated_at timestamp(6) without time zone, - created_by_id integer, - updated_by_id integer, - cdn_url character varying(255) COLLATE pg_catalog."default", - CONSTRAINT b2_files_pkey PRIMARY KEY (id) -) - -TABLESPACE pg_default; - -ALTER TABLE IF EXISTS api.b2_files - OWNER to postgres; --- Index: b2_files_created_by_id_fk - --- DROP INDEX IF EXISTS api.b2_files_created_by_id_fk; - -CREATE INDEX IF NOT EXISTS b2_files_created_by_id_fk - ON api.b2_files USING btree - (created_by_id ASC NULLS LAST) - TABLESPACE pg_default; --- Index: b2_files_updated_by_id_fk - --- DROP INDEX IF EXISTS api.b2_files_updated_by_id_fk; - -CREATE INDEX IF NOT EXISTS b2_files_updated_by_id_fk - ON api.b2_files USING btree - (updated_by_id ASC NULLS LAST) - TABLESPACE pg_default; - - - - --- Table: api.vods_thumbnail_links - --- DROP TABLE IF EXISTS api.vods_thumbnail_links; - -CREATE TABLE IF NOT EXISTS api.vods_thumbnail_links -( - id integer NOT NULL, - vod_id integer, - b_2_file_id integer, - CONSTRAINT vods_thumbnail_links_pkey PRIMARY KEY (id), - CONSTRAINT vods_thumbnail_links_unique UNIQUE (vod_id, b_2_file_id), - CONSTRAINT vods_thumbnail_links_fk FOREIGN KEY (vod_id) - REFERENCES api.vods (id) MATCH SIMPLE - ON UPDATE NO ACTION - ON DELETE CASCADE, - CONSTRAINT vods_thumbnail_links_inv_fk FOREIGN KEY (b_2_file_id) - REFERENCES api.b2_files (id) MATCH SIMPLE - ON UPDATE NO ACTION - ON DELETE CASCADE -) - -TABLESPACE pg_default; - -ALTER TABLE IF EXISTS api.vods_thumbnail_links - OWNER to postgres; --- Index: vods_thumbnail_links_fk - --- DROP INDEX IF EXISTS api.vods_thumbnail_links_fk; - -CREATE INDEX IF NOT EXISTS vods_thumbnail_links_fk - ON api.vods_thumbnail_links USING btree - (vod_id ASC NULLS LAST) - TABLESPACE pg_default; --- Index: vods_thumbnail_links_inv_fk - --- DROP INDEX IF EXISTS api.vods_thumbnail_links_inv_fk; - -CREATE INDEX IF NOT EXISTS vods_thumbnail_links_inv_fk - ON api.vods_thumbnail_links USING btree - (b_2_file_id ASC NULLS LAST) - TABLESPACE pg_default; - - - diff --git a/services/migrations-schema/migrations/00123_create-vods_uploader_links.sql b/services/migrations-schema/migrations/00123_create-vods_uploader_links.sql deleted file mode 100644 index 43f4e5f..0000000 --- a/services/migrations-schema/migrations/00123_create-vods_uploader_links.sql +++ /dev/null @@ -1,37 +0,0 @@ --- Table: api.vods_uploader_links - --- DROP TABLE IF EXISTS api.vods_uploader_links; - -CREATE TABLE IF NOT EXISTS api.vods_uploader_links -( - id integer NOT NULL, - vod_id integer, - user_id integer, - CONSTRAINT vods_uploader_links_pkey PRIMARY KEY (id), - CONSTRAINT vods_uploader_links_unique UNIQUE (vod_id, user_id), - CONSTRAINT vods_uploader_links_fk FOREIGN KEY (vod_id) - REFERENCES api.vods (id) MATCH SIMPLE - ON UPDATE NO ACTION - ON DELETE CASCADE -) - -TABLESPACE pg_default; - -ALTER TABLE IF EXISTS api.vods_uploader_links - OWNER to postgres; --- Index: vods_uploader_links_fk - --- DROP INDEX IF EXISTS api.vods_uploader_links_fk; - -CREATE INDEX IF NOT EXISTS vods_uploader_links_fk - ON api.vods_uploader_links USING btree - (vod_id ASC NULLS LAST) - TABLESPACE pg_default; --- Index: vods_uploader_links_inv_fk - --- DROP INDEX IF EXISTS api.vods_uploader_links_inv_fk; - -CREATE INDEX IF NOT EXISTS vods_uploader_links_inv_fk - ON api.vods_uploader_links USING btree - (user_id ASC NULLS LAST) - TABLESPACE pg_default; \ No newline at end of file diff --git a/services/migrations-schema/migrations/00124_create-vods_video_src_b_2_links.sql b/services/migrations-schema/migrations/00124_create-vods_video_src_b_2_links.sql deleted file mode 100644 index 1f37371..0000000 --- a/services/migrations-schema/migrations/00124_create-vods_video_src_b_2_links.sql +++ /dev/null @@ -1,41 +0,0 @@ --- Table: api.vods_video_src_b_2_links - --- DROP TABLE IF EXISTS api.vods_video_src_b_2_links; - -CREATE TABLE IF NOT EXISTS api.vods_video_src_b_2_links -( - id integer NOT NULL, - vod_id integer, - b_2_file_id integer, - CONSTRAINT vods_video_src_b_2_links_pkey PRIMARY KEY (id), - CONSTRAINT vods_video_src_b_2_links_unique UNIQUE (vod_id, b_2_file_id), - CONSTRAINT vods_video_src_b_2_links_fk FOREIGN KEY (vod_id) - REFERENCES api.vods (id) MATCH SIMPLE - ON UPDATE NO ACTION - ON DELETE CASCADE, - CONSTRAINT vods_video_src_b_2_links_inv_fk FOREIGN KEY (b_2_file_id) - REFERENCES api.b2_files (id) MATCH SIMPLE - ON UPDATE NO ACTION - ON DELETE CASCADE -) - -TABLESPACE pg_default; - -ALTER TABLE IF EXISTS api.vods_video_src_b_2_links - OWNER to postgres; --- Index: vods_video_src_b_2_links_fk - --- DROP INDEX IF EXISTS api.vods_video_src_b_2_links_fk; - -CREATE INDEX IF NOT EXISTS vods_video_src_b_2_links_fk - ON api.vods_video_src_b_2_links USING btree - (vod_id ASC NULLS LAST) - TABLESPACE pg_default; --- Index: vods_video_src_b_2_links_inv_fk - --- DROP INDEX IF EXISTS api.vods_video_src_b_2_links_inv_fk; - -CREATE INDEX IF NOT EXISTS vods_video_src_b_2_links_inv_fk - ON api.vods_video_src_b_2_links USING btree - (b_2_file_id ASC NULLS LAST) - TABLESPACE pg_default; \ No newline at end of file diff --git a/services/migrations-schema/migrations/00125_create-vods_vtuber_links.sql b/services/migrations-schema/migrations/00125_create-vods_vtuber_links.sql deleted file mode 100644 index a0f280f..0000000 --- a/services/migrations-schema/migrations/00125_create-vods_vtuber_links.sql +++ /dev/null @@ -1,50 +0,0 @@ --- Table: api.vods_vtuber_links - --- DROP TABLE IF EXISTS api.vods_vtuber_links; - -CREATE TABLE IF NOT EXISTS api.vods_vtuber_links -( - id integer NOT NULL, - vod_id integer, - vtuber_id integer, - vod_order double precision, - CONSTRAINT vods_vtuber_links_pkey PRIMARY KEY (id), - CONSTRAINT vods_vtuber_links_unique UNIQUE (vod_id, vtuber_id), - CONSTRAINT vods_vtuber_links_fk FOREIGN KEY (vod_id) - REFERENCES api.vods (id) MATCH SIMPLE - ON UPDATE NO ACTION - ON DELETE CASCADE, - CONSTRAINT vods_vtuber_links_inv_fk FOREIGN KEY (vtuber_id) - REFERENCES api.vtubers (id) MATCH SIMPLE - ON UPDATE NO ACTION - ON DELETE CASCADE -) - -TABLESPACE pg_default; - -ALTER TABLE IF EXISTS api.vods_vtuber_links - OWNER to postgres; --- Index: vods_vtuber_links_fk - --- DROP INDEX IF EXISTS api.vods_vtuber_links_fk; - -CREATE INDEX IF NOT EXISTS vods_vtuber_links_fk - ON api.vods_vtuber_links USING btree - (vod_id ASC NULLS LAST) - TABLESPACE pg_default; --- Index: vods_vtuber_links_inv_fk - --- DROP INDEX IF EXISTS api.vods_vtuber_links_inv_fk; - -CREATE INDEX IF NOT EXISTS vods_vtuber_links_inv_fk - ON api.vods_vtuber_links USING btree - (vtuber_id ASC NULLS LAST) - TABLESPACE pg_default; --- Index: vods_vtuber_links_order_inv_fk - --- DROP INDEX IF EXISTS api.vods_vtuber_links_order_inv_fk; - -CREATE INDEX IF NOT EXISTS vods_vtuber_links_order_inv_fk - ON api.vods_vtuber_links USING btree - (vod_order ASC NULLS LAST) - TABLESPACE pg_default; \ No newline at end of file diff --git a/services/migrations-schema/migrations/00126_create-vtubers_toy_links.sql b/services/migrations-schema/migrations/00126_create-vtubers_toy_links.sql deleted file mode 100644 index 57c816f..0000000 --- a/services/migrations-schema/migrations/00126_create-vtubers_toy_links.sql +++ /dev/null @@ -1,105 +0,0 @@ --- Table: api.vtubers_toy_links - --- DROP TABLE IF EXISTS api.vtubers_toy_links; - -CREATE TABLE IF NOT EXISTS api.vtubers_toy_links -( - id integer NOT NULL, - vtuber_id integer, - toy_id integer, - vtuber_order double precision, - CONSTRAINT vtubers_toy_links_pkey PRIMARY KEY (id), - CONSTRAINT vtubers_toy_links_unique UNIQUE (vtuber_id, toy_id), - CONSTRAINT vtubers_toy_links_fk FOREIGN KEY (vtuber_id) - REFERENCES api.vtubers (id) MATCH SIMPLE - ON UPDATE NO ACTION - ON DELETE CASCADE, - CONSTRAINT vtubers_toy_links_inv_fk FOREIGN KEY (toy_id) - REFERENCES api.toys (id) MATCH SIMPLE - ON UPDATE NO ACTION - ON DELETE CASCADE -) - -TABLESPACE pg_default; - -ALTER TABLE IF EXISTS api.vtubers_toy_links - OWNER to postgres; --- Index: vtubers_toy_links_fk - --- DROP INDEX IF EXISTS api.vtubers_toy_links_fk; - -CREATE INDEX IF NOT EXISTS vtubers_toy_links_fk - ON api.vtubers_toy_links USING btree - (vtuber_id ASC NULLS LAST) - TABLESPACE pg_default; --- Index: vtubers_toy_links_inv_fk - --- DROP INDEX IF EXISTS api.vtubers_toy_links_inv_fk; - -CREATE INDEX IF NOT EXISTS vtubers_toy_links_inv_fk - ON api.vtubers_toy_links USING btree - (toy_id ASC NULLS LAST) - TABLESPACE pg_default; --- Index: vtubers_toy_links_order_inv_fk - --- DROP INDEX IF EXISTS api.vtubers_toy_links_order_inv_fk; - -CREATE INDEX IF NOT EXISTS vtubers_toy_links_order_inv_fk - ON api.vtubers_toy_links USING btree - (vtuber_order ASC NULLS LAST) - TABLESPACE pg_default; - - - --- also adding vtubers_toys_links - --- Table: api.vtubers_toys_links - --- DROP TABLE IF EXISTS api.vtubers_toys_links; - -CREATE TABLE IF NOT EXISTS api.vtubers_toys_links -( - id integer NOT NULL, - vtuber_id integer, - toy_id integer, - toy_order double precision, - CONSTRAINT vtubers_toys_links_pkey PRIMARY KEY (id), - CONSTRAINT vtubers_toys_links_unique UNIQUE (vtuber_id, toy_id), - CONSTRAINT vtubers_toys_links_fk FOREIGN KEY (vtuber_id) - REFERENCES api.vtubers (id) MATCH SIMPLE - ON UPDATE NO ACTION - ON DELETE CASCADE, - CONSTRAINT vtubers_toys_links_inv_fk FOREIGN KEY (toy_id) - REFERENCES api.toys (id) MATCH SIMPLE - ON UPDATE NO ACTION - ON DELETE CASCADE -) - -TABLESPACE pg_default; - -ALTER TABLE IF EXISTS api.vtubers_toys_links - OWNER to postgres; --- Index: vtubers_toys_links_fk - --- DROP INDEX IF EXISTS api.vtubers_toys_links_fk; - -CREATE INDEX IF NOT EXISTS vtubers_toys_links_fk - ON api.vtubers_toys_links USING btree - (vtuber_id ASC NULLS LAST) - TABLESPACE pg_default; --- Index: vtubers_toys_links_inv_fk - --- DROP INDEX IF EXISTS api.vtubers_toys_links_inv_fk; - -CREATE INDEX IF NOT EXISTS vtubers_toys_links_inv_fk - ON api.vtubers_toys_links USING btree - (toy_id ASC NULLS LAST) - TABLESPACE pg_default; --- Index: vtubers_toys_links_order_fk - --- DROP INDEX IF EXISTS api.vtubers_toys_links_order_fk; - -CREATE INDEX IF NOT EXISTS vtubers_toys_links_order_fk - ON api.vtubers_toys_links USING btree - (toy_order ASC NULLS LAST) - TABLESPACE pg_default; \ No newline at end of file diff --git a/services/migrations-schema/migrations/00127_grant-permissions-for-vods_vtuber_links.sql b/services/migrations-schema/migrations/00127_grant-permissions-for-vods_vtuber_links.sql deleted file mode 100644 index 1f7228b..0000000 --- a/services/migrations-schema/migrations/00127_grant-permissions-for-vods_vtuber_links.sql +++ /dev/null @@ -1,2 +0,0 @@ -GRANT all ON api.vods_vtuber_links TO automation; -GRANT SELECT ON api.vods_vtuber_links TO web_anon; diff --git a/services/migrations-schema/migrations/00128_add-vtuber-fk-to-vods.sql b/services/migrations-schema/migrations/00128_add-vtuber-fk-to-vods.sql deleted file mode 100644 index c6e14cb..0000000 --- a/services/migrations-schema/migrations/00128_add-vtuber-fk-to-vods.sql +++ /dev/null @@ -1,6 +0,0 @@ - -ALTER TABLE IF EXISTS api.vods - ADD CONSTRAINT vods_vtuber_fk FOREIGN KEY (vtuber) - REFERENCES api.vtubers (id) MATCH SIMPLE - ON UPDATE NO ACTION - ON DELETE CASCADE \ No newline at end of file diff --git a/services/migrations-schema/migrations/00129_add-vtuber_id-to-vods.sql b/services/migrations-schema/migrations/00129_add-vtuber_id-to-vods.sql deleted file mode 100644 index 096f800..0000000 --- a/services/migrations-schema/migrations/00129_add-vtuber_id-to-vods.sql +++ /dev/null @@ -1,9 +0,0 @@ -ALTER TABLE api.vods ADD COLUMN vtuber_id INTEGER; - -ALTER TABLE api.vods - DROP CONSTRAINT vods_vtuber_fk; - -ALTER TABLE api.vods - ADD CONSTRAINT vods_vtuber_fk FOREIGN KEY (vtuber_id) - REFERENCES api.vtubers (id) - ON DELETE CASCADE; \ No newline at end of file diff --git a/services/migrations-schema/migrations/00130_add-s3_files-fk-to-vods.sql b/services/migrations-schema/migrations/00130_add-s3_files-fk-to-vods.sql deleted file mode 100644 index 4c6fcdc..0000000 --- a/services/migrations-schema/migrations/00130_add-s3_files-fk-to-vods.sql +++ /dev/null @@ -1,6 +0,0 @@ -ALTER TABLE api.vods ADD COLUMN s3_file_id INTEGER; - -ALTER TABLE api.vods - ADD CONSTRAINT vods_s3_file_fk FOREIGN KEY (s3_file_id) - REFERENCES api.s3_files (id) - ON DELETE CASCADE; \ No newline at end of file diff --git a/services/migrations-schema/migrations/00131_grant-perms-on-s3_files.sql b/services/migrations-schema/migrations/00131_grant-perms-on-s3_files.sql deleted file mode 100644 index 6593f67..0000000 --- a/services/migrations-schema/migrations/00131_grant-perms-on-s3_files.sql +++ /dev/null @@ -1,7 +0,0 @@ -GRANT all ON api.s3_files TO automation; --- GRANT SELECT ON api.s3_files TO web_anon; - --- we only want to grant access to this resource to patrons. how do we do that? @TODO - - - diff --git a/services/migrations-schema/migrations/00132_rename-vtuber_num-to-vtuber_id.sql b/services/migrations-schema/migrations/00132_rename-vtuber_num-to-vtuber_id.sql deleted file mode 100644 index 4c05ef0..0000000 --- a/services/migrations-schema/migrations/00132_rename-vtuber_num-to-vtuber_id.sql +++ /dev/null @@ -1,7 +0,0 @@ -ALTER TABLE IF EXISTS api.streams - ADD COLUMN IF NOT EXISTS vtuber_id INT; - -ALTER TABLE api.streams - ADD CONSTRAINT streams_vtuber_fk FOREIGN KEY (vtuber_id) - REFERENCES api.vtubers (id) - ON DELETE CASCADE; \ No newline at end of file diff --git a/services/migrations-schema/migrations/00133_add-mux_assets-fk-to-vods.sql b/services/migrations-schema/migrations/00133_add-mux_assets-fk-to-vods.sql deleted file mode 100644 index 04e7d0a..0000000 --- a/services/migrations-schema/migrations/00133_add-mux_assets-fk-to-vods.sql +++ /dev/null @@ -1,6 +0,0 @@ -ALTER TABLE api.vods ADD COLUMN mux_asset_id INTEGER; - -ALTER TABLE api.vods - ADD CONSTRAINT vods_mux_asset_fk FOREIGN KEY (mux_asset_id) - REFERENCES api.mux_assets (id) - ON DELETE CASCADE; diff --git a/services/migrations-schema/migrations/00134_add-thumbnail-fk-to-vods.sql b/services/migrations-schema/migrations/00134_add-thumbnail-fk-to-vods.sql deleted file mode 100644 index 6dbafc0..0000000 --- a/services/migrations-schema/migrations/00134_add-thumbnail-fk-to-vods.sql +++ /dev/null @@ -1,6 +0,0 @@ -ALTER TABLE api.vods ADD COLUMN thumbnail_id INTEGER; - -ALTER TABLE api.vods - ADD CONSTRAINT vods_thumbnail_fk FOREIGN KEY (thumbnail_id) - REFERENCES api.b2_files (id) - ON DELETE CASCADE; diff --git a/services/migrations-schema/migrations/00135_add-b2_files-permissions.sql b/services/migrations-schema/migrations/00135_add-b2_files-permissions.sql deleted file mode 100644 index b30808a..0000000 --- a/services/migrations-schema/migrations/00135_add-b2_files-permissions.sql +++ /dev/null @@ -1,2 +0,0 @@ -GRANT all ON api.b2_files TO automation; -GRANT SELECT ON api.b2_files TO web_anon; diff --git a/services/migrations-schema/migrations/00136_add-uuid-to-streams.sql b/services/migrations-schema/migrations/00136_add-uuid-to-streams.sql deleted file mode 100644 index 69151dc..0000000 --- a/services/migrations-schema/migrations/00136_add-uuid-to-streams.sql +++ /dev/null @@ -1,8 +0,0 @@ -ALTER TABLE IF EXISTS api.streams - ADD COLUMN IF NOT EXISTS uuid UUID - DEFAULT gen_random_uuid(); - -ALTER TABLE IF EXISTS api.vods - ADD COLUMN IF NOT EXISTS uuid UUID - DEFAULT gen_random_uuid(); - diff --git a/services/migrations-schema/migrations/00137_add-vods-fk-to-streams.sql b/services/migrations-schema/migrations/00137_add-vods-fk-to-streams.sql deleted file mode 100644 index c38ceaa..0000000 --- a/services/migrations-schema/migrations/00137_add-vods-fk-to-streams.sql +++ /dev/null @@ -1,4 +0,0 @@ -ALTER TABLE api.vods - ADD CONSTRAINT vods_stream_fk FOREIGN KEY (stream_id) - REFERENCES api.streams (id) - ON DELETE CASCADE; \ No newline at end of file diff --git a/services/migrations-schema/migrations/00138_add-date_2-to-streams-and-vods.sql b/services/migrations-schema/migrations/00138_add-date_2-to-streams-and-vods.sql deleted file mode 100644 index e234f37..0000000 --- a/services/migrations-schema/migrations/00138_add-date_2-to-streams-and-vods.sql +++ /dev/null @@ -1,7 +0,0 @@ - - -ALTER TABLE IF EXISTS api.streams - ADD COLUMN IF NOT EXISTS date_2 TIMESTAMP(6) WITH TIME ZONE; - -ALTER TABLE IF EXISTS api.vods - ADD COLUMN IF NOT EXISTS date_2 TIMESTAMP(6) WITH TIME ZONE; \ No newline at end of file diff --git a/services/migrations-schema/migrations/00139_add-timestamps-permissions.sql b/services/migrations-schema/migrations/00139_add-timestamps-permissions.sql deleted file mode 100644 index 1106229..0000000 --- a/services/migrations-schema/migrations/00139_add-timestamps-permissions.sql +++ /dev/null @@ -1,2 +0,0 @@ -GRANT all ON api.timestamps TO automation; -GRANT SELECT ON api.timestamps TO web_anon; diff --git a/services/migrations-schema/migrations/00140_add-permissions-for-links.sql b/services/migrations-schema/migrations/00140_add-permissions-for-links.sql deleted file mode 100644 index 6ebbce7..0000000 --- a/services/migrations-schema/migrations/00140_add-permissions-for-links.sql +++ /dev/null @@ -1,15 +0,0 @@ - -GRANT all ON api.timestamps_vod_links TO automation; -GRANT SELECT ON api.timestamps_vod_links TO web_anon; - - -GRANT all ON api.timestamps_tag_links TO automation; -GRANT SELECT ON api.timestamps_tag_links TO web_anon; - - -GRANT all ON api.toys_link_tag_links TO automation; -GRANT SELECT ON api.toys_link_tag_links TO web_anon; - -GRANT all ON api.vods_mux_asset_links TO automation; -GRANT SELECT ON api.vods_mux_asset_links TO web_anon; - diff --git a/services/migrations-schema/migrations/00141_add-permissions-timestamps_vod_links.sql b/services/migrations-schema/migrations/00141_add-permissions-timestamps_vod_links.sql deleted file mode 100644 index d479f9f..0000000 --- a/services/migrations-schema/migrations/00141_add-permissions-timestamps_vod_links.sql +++ /dev/null @@ -1,2 +0,0 @@ -GRANT all ON api.timestamps_vod_links TO automation; -GRANT SELECT ON api.timestamps_vod_links TO web_anon; diff --git a/services/migrations-schema/migrations/00142_add-permissions-for-tag_vod_relations.sql b/services/migrations-schema/migrations/00142_add-permissions-for-tag_vod_relations.sql deleted file mode 100644 index a354df7..0000000 --- a/services/migrations-schema/migrations/00142_add-permissions-for-tag_vod_relations.sql +++ /dev/null @@ -1,4 +0,0 @@ - - -GRANT all ON api.tag_vod_relations TO automation; -GRANT SELECT ON api.tag_vod_relations TO web_anon; diff --git a/services/migrations-schema/migrations/00143_add-permissions-for-tag_vod_relations_vod_links.sql b/services/migrations-schema/migrations/00143_add-permissions-for-tag_vod_relations_vod_links.sql deleted file mode 100644 index 9a35c3b..0000000 --- a/services/migrations-schema/migrations/00143_add-permissions-for-tag_vod_relations_vod_links.sql +++ /dev/null @@ -1,6 +0,0 @@ - - - - -GRANT all ON api.tag_vod_relations_vod_links TO automation; -GRANT SELECT ON api.tag_vod_relations_vod_links TO web_anon; diff --git a/services/migrations-schema/migrations/00144_add-permissions-for-tags_vods_links.sql b/services/migrations-schema/migrations/00144_add-permissions-for-tags_vods_links.sql deleted file mode 100644 index 6b2f805..0000000 --- a/services/migrations-schema/migrations/00144_add-permissions-for-tags_vods_links.sql +++ /dev/null @@ -1,2 +0,0 @@ -GRANT all ON api.tags_vods_links TO automation; -GRANT SELECT ON api.tags_vods_links TO web_anon; \ No newline at end of file diff --git a/services/migrations-schema/package.json b/services/migrations-schema/package.json deleted file mode 100644 index 2019d04..0000000 --- a/services/migrations-schema/package.json +++ /dev/null @@ -1,19 +0,0 @@ -{ - "name": "@futureporn/migrations-schema", - "type": "module", - "version": "0.6.0", - "description": "", - "main": "index.js", - "scripts": { - "test": "echo \"Error: no test specified\" && exit 0", - "start": "node index.js" - }, - "packageManager": "pnpm@9.6.0", - "keywords": [], - "author": "@CJ_Clippy", - "license": "Unlicense", - "dependencies": { - "dotenv": "^16.4.5", - "postgres-schema-migrations": "^6.1.0" - } -} diff --git a/services/migrations-schema/pnpm-lock.yaml b/services/migrations-schema/pnpm-lock.yaml deleted file mode 100644 index 535b76b..0000000 --- a/services/migrations-schema/pnpm-lock.yaml +++ /dev/null @@ -1,183 +0,0 @@ -lockfileVersion: '9.0' - -settings: - autoInstallPeers: true - excludeLinksFromLockfile: false - -importers: - - .: - dependencies: - dotenv: - specifier: ^16.4.5 - version: 16.4.5 - postgres-schema-migrations: - specifier: ^6.1.0 - version: 6.1.0 - - ../..: {} - - ../../packages/fetchers: {} - - ../../packages/infra: {} - - ../../packages/storage: {} - - ../../packages/types: {} - - ../../packages/utils: {} - - ../bot: {} - - ../capture: {} - - ../factory: {} - - ../htmx: {} - - ../mailbox: {} - - ../migrations-data: {} - - ../next: {} - - ../scout: {} - - ../strapi: {} - - ../uppy: {} - -packages: - - dotenv@16.4.5: - resolution: {integrity: sha512-ZmdL2rui+eB2YwhsWzjInR8LldtZHGDoQ1ugH85ppHKwpUHL7j7rN0Ti9NCnGiQbhaZ11FpR+7ao1dNsmduNUg==} - engines: {node: '>=12'} - - pg-cloudflare@1.1.1: - resolution: {integrity: sha512-xWPagP/4B6BgFO+EKz3JONXv3YDgvkbVrGw2mTo3D6tVDQRh1e7cqVGvyR3BE+eQgAvx1XhW/iEASj4/jCWl3Q==} - - pg-connection-string@2.6.4: - resolution: {integrity: sha512-v+Z7W/0EO707aNMaAEfiGnGL9sxxumwLl2fJvCQtMn9Fxsg+lPpPkdcyBSv/KFgpGdYkMfn+EI1Or2EHjpgLCA==} - - pg-int8@1.0.1: - resolution: {integrity: sha512-WCtabS6t3c8SkpDBUlb1kjOs7l66xsGdKpIPZsg4wR+B3+u9UAum2odSsF9tnvxg80h4ZxLWMy4pRjOsFIqQpw==} - engines: {node: '>=4.0.0'} - - pg-pool@3.6.2: - resolution: {integrity: sha512-Htjbg8BlwXqSBQ9V8Vjtc+vzf/6fVUuak/3/XXKA9oxZprwW3IMDQTGHP+KDmVL7rtd+R1QjbnCFPuTHm3G4hg==} - peerDependencies: - pg: '>=8.0' - - pg-protocol@1.6.1: - resolution: {integrity: sha512-jPIlvgoD63hrEuihvIg+tJhoGjUsLPn6poJY9N5CnlPd91c2T18T/9zBtLxZSb1EhYxBRoZJtzScCaWlYLtktg==} - - pg-types@2.2.0: - resolution: {integrity: sha512-qTAAlrEsl8s4OiEQY69wDvcMIdQN6wdz5ojQiOy6YRMuynxenON0O5oCpJI6lshc6scgAY8qvJ2On/p+CXY0GA==} - engines: {node: '>=4'} - - pg@8.12.0: - resolution: {integrity: sha512-A+LHUSnwnxrnL/tZ+OLfqR1SxLN3c/pgDztZ47Rpbsd4jUytsTtwQo/TLPRzPJMp/1pbhYVhH9cuSZLAajNfjQ==} - engines: {node: '>= 8.0.0'} - peerDependencies: - pg-native: '>=3.0.1' - peerDependenciesMeta: - pg-native: - optional: true - - pgpass@1.0.5: - resolution: {integrity: sha512-FdW9r/jQZhSeohs1Z3sI1yxFQNFvMcnmfuj4WBMUTxOrAyLMaTcE1aAMBiTlbMNaXvBCQuVi0R7hd8udDSP7ug==} - - postgres-array@2.0.0: - resolution: {integrity: sha512-VpZrUqU5A69eQyW2c5CA1jtLecCsN2U/bD6VilrFDWq5+5UIEVO7nazS3TEcHf1zuPYO/sqGvUvW62g86RXZuA==} - engines: {node: '>=4'} - - postgres-bytea@1.0.0: - resolution: {integrity: sha512-xy3pmLuQqRBZBXDULy7KbaitYqLcmxigw14Q5sj8QBVLqEwXfeybIKVWiqAXTlcvdvb0+xkOtDbfQMOf4lST1w==} - engines: {node: '>=0.10.0'} - - postgres-date@1.0.7: - resolution: {integrity: sha512-suDmjLVQg78nMK2UZ454hAG+OAW+HQPZ6n++TNDUX+L0+uUlLywnoxJKDou51Zm+zTCjrCl0Nq6J9C5hP9vK/Q==} - engines: {node: '>=0.10.0'} - - postgres-interval@1.2.0: - resolution: {integrity: sha512-9ZhXKM/rw350N1ovuWHbGxnGh/SNJ4cnxHiM0rxE4VN41wsg8P8zWn9hv/buK00RP4WvlOyr/RBDiptyxVbkZQ==} - engines: {node: '>=0.10.0'} - - postgres-schema-migrations@6.1.0: - resolution: {integrity: sha512-d1LJ+A9Lg4kAwuh91S8ozF8q3adFNJlStbpUF/sbjMTzSIzJClpmg4D6qyd9nvKt2el0rnZJjXZQ2r01Y5OpzA==} - engines: {node: '>10.17.0'} - hasBin: true - - split2@4.2.0: - resolution: {integrity: sha512-UcjcJOWknrNkF6PLX83qcHM6KHgVKNkV62Y8a5uYDVv9ydGQVwAHMKqHdJje1VTWpljG0WYpCDhrCdAOYH4TWg==} - engines: {node: '>= 10.x'} - - sql-template-strings@2.2.2: - resolution: {integrity: sha512-UXhXR2869FQaD+GMly8jAMCRZ94nU5KcrFetZfWEMd+LVVG6y0ExgHAhatEcKZ/wk8YcKPdi+hiD2wm75lq3/Q==} - engines: {node: '>=4.0.0'} - - xtend@4.0.2: - resolution: {integrity: sha512-LKYU1iAXJXUgAXn9URjiu+MWhyUXHsvfp7mcuYm9dSUKK0/CjtrUwFAxD82/mCWbtLsGjFIad0wIsod4zrTAEQ==} - engines: {node: '>=0.4'} - -snapshots: - - dotenv@16.4.5: {} - - pg-cloudflare@1.1.1: - optional: true - - pg-connection-string@2.6.4: {} - - pg-int8@1.0.1: {} - - pg-pool@3.6.2(pg@8.12.0): - dependencies: - pg: 8.12.0 - - pg-protocol@1.6.1: {} - - pg-types@2.2.0: - dependencies: - pg-int8: 1.0.1 - postgres-array: 2.0.0 - postgres-bytea: 1.0.0 - postgres-date: 1.0.7 - postgres-interval: 1.2.0 - - pg@8.12.0: - dependencies: - pg-connection-string: 2.6.4 - pg-pool: 3.6.2(pg@8.12.0) - pg-protocol: 1.6.1 - pg-types: 2.2.0 - pgpass: 1.0.5 - optionalDependencies: - pg-cloudflare: 1.1.1 - - pgpass@1.0.5: - dependencies: - split2: 4.2.0 - - postgres-array@2.0.0: {} - - postgres-bytea@1.0.0: {} - - postgres-date@1.0.7: {} - - postgres-interval@1.2.0: - dependencies: - xtend: 4.0.2 - - postgres-schema-migrations@6.1.0: - dependencies: - pg: 8.12.0 - sql-template-strings: 2.2.2 - transitivePeerDependencies: - - pg-native - - split2@4.2.0: {} - - sql-template-strings@2.2.2: {} - - xtend@4.0.2: {} diff --git a/services/next/.dockerignore b/services/next/.dockerignore deleted file mode 100644 index 83f3821..0000000 --- a/services/next/.dockerignore +++ /dev/null @@ -1,3 +0,0 @@ -## This is the WRONG place to add dockerignore spec! -## We are using monorepo which menas .dockerignore must be in the root of context (../../) -## Add dockerignore specs to ../../.dockerignore instead. diff --git a/services/next/.eslintrc.json b/services/next/.eslintrc.json deleted file mode 100644 index bffb357..0000000 --- a/services/next/.eslintrc.json +++ /dev/null @@ -1,3 +0,0 @@ -{ - "extends": "next/core-web-vitals" -} diff --git a/services/next/.gitignore b/services/next/.gitignore deleted file mode 100644 index c43ed62..0000000 --- a/services/next/.gitignore +++ /dev/null @@ -1,48 +0,0 @@ -# Created by https://www.toptal.com/developers/gitignore/api/nextjs -# Edit at https://www.toptal.com/developers/gitignore?templates=nextjs - -fuck.mjs - -.vscode/ - -.env -.env.* -dist/ - -### NextJS ### -# dependencies -/node_modules -/.pnp -.pnp.js - -# testing -/coverage - -# next.js -/.next/ -/out/ - -# production -/build - -# misc -.DS_Store -*.pem - -# debug -npm-debug.log* -yarn-debug.log* -yarn-error.log* -.pnpm-debug.log* - -# local env files -.env*.local - -# vercel -.vercel - -# typescript -*.tsbuildinfo -next-env.d.ts - -# End of https://www.toptal.com/developers/gitignore/api/nextjs diff --git a/services/next/.nvmrc b/services/next/.nvmrc deleted file mode 100644 index 9de2256..0000000 --- a/services/next/.nvmrc +++ /dev/null @@ -1 +0,0 @@ -lts/iron diff --git a/services/next/CHECKS b/services/next/CHECKS deleted file mode 100644 index 6731352..0000000 --- a/services/next/CHECKS +++ /dev/null @@ -1 +0,0 @@ -/ futureporn.net \ No newline at end of file diff --git a/services/next/LICENSE b/services/next/LICENSE deleted file mode 100644 index 7c53cea..0000000 --- a/services/next/LICENSE +++ /dev/null @@ -1,21 +0,0 @@ -MIT License - -Copyright (c) 2020 Rogier van den Berg - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -SOFTWARE. \ No newline at end of file diff --git a/services/next/README.md b/services/next/README.md deleted file mode 100644 index 9ae2830..0000000 --- a/services/next/README.md +++ /dev/null @@ -1,3 +0,0 @@ -# next - -HTML5 frontend for https://futureporn.net \ No newline at end of file diff --git a/services/next/app.json b/services/next/app.json deleted file mode 100644 index 31825ab..0000000 --- a/services/next/app.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "healthchecks": { - "web": [ - { - "type": "startup", - "name": "web check", - "description": "Checking for expecting string at /api", - "path": "/api", - "content": "Application Programmable Interface", - "attempts": 3 - } - ] - } -} \ No newline at end of file diff --git a/services/next/app/404.tsx b/services/next/app/404.tsx deleted file mode 100644 index bf9ef9c..0000000 --- a/services/next/app/404.tsx +++ /dev/null @@ -1,3 +0,0 @@ -export default function Custom404() { - return

404~~~~ - Page Not Found

-} \ No newline at end of file diff --git a/services/next/app/about/page.tsx b/services/next/app/about/page.tsx deleted file mode 100644 index a936463..0000000 --- a/services/next/app/about/page.tsx +++ /dev/null @@ -1,37 +0,0 @@ -import { FontAwesomeIcon } from "@fortawesome/react-fontawesome"; -import { faExternalLinkAlt } from "@fortawesome/free-solid-svg-icons"; -import Link from 'next/link'; -// import { getProgress } from '../lib/vods' - -export default async function Page() { - // const { complete, total } = await getProgress('projektmelody') - - return ( - <> -
- -
-
-

About

-

It's the worst feeling when a VOD disappears from the internet. It means you missed out, it's gone, and you may never experience what your peers got to take part in.

-

Futureporn is created by fans, for fans. Missed a stream? We got you, bro.

-

Together we can end 404s and create an everlasting archive of lewdtuber livestreams.

- -
- -
- - -
- -
-
-

Futureporn needs financial support to continue improving. If you enjoy this website, please consider becoming a patron.

-
-
-
- -
- - ) -} diff --git a/services/next/app/api/auth/[...nextauth]/route.ts b/services/next/app/api/auth/[...nextauth]/route.ts deleted file mode 100644 index 98f6330..0000000 --- a/services/next/app/api/auth/[...nextauth]/route.ts +++ /dev/null @@ -1,17 +0,0 @@ -/** - * api/auth/[...nextauth]/route.ts - */ - -import { authOptions } from "@/app/lib/auth" -import NextAuth from "next-auth" - - -// v4 -const handler = NextAuth(authOptions) -export { handler as GET, handler as POST } - - - - -// v5 -// export { GET, POST } from "@/app/lib/auth" diff --git a/services/next/app/api/blogs/route.ts b/services/next/app/api/blogs/route.ts deleted file mode 100644 index dca5232..0000000 --- a/services/next/app/api/blogs/route.ts +++ /dev/null @@ -1,10 +0,0 @@ -import { NextResponse } from 'next/server' - -export async function GET() { - const res = await fetch('https://dummyjson.com/posts', { - next: { revalidate: 60 }, - }); - const data = await res.json(); - - return NextResponse.json(data); -} diff --git a/services/next/app/api/page.tsx b/services/next/app/api/page.tsx deleted file mode 100644 index ace3230..0000000 --- a/services/next/app/api/page.tsx +++ /dev/null @@ -1,58 +0,0 @@ -'use client'; - -import { FontAwesomeIcon } from "@fortawesome/react-fontawesome"; -import { faExternalLinkAlt } from "@fortawesome/free-solid-svg-icons"; -import { postgrestUrl } from '@/app/lib/constants' -import Link from 'next/link' -import { useSession } from "next-auth/react"; -import { signIn } from "next-auth/react" - - -export default function Page() { - const { data: session } = useSession(); - return ( -
-
-

Futureporn API

-

Futureporn Application Programmable Interface (API) for developers and power users

-
-
-
-
-

RSS Feed

-

Keep up to date with new VODs using Real Simple Syndication (RSS).

- -

Don't have a RSS reader? Futureporn recommends Fraidycat

- -
-

ATOM

-

RSS

-

JSON

-
-
-
- -
-
-

Data API

-

The Data API contains all the data served by this website in JSON format. This API is unstable, meaning it's subject to changes that may break your integrations.

-
Futureporn API Version 1
-
Futureporn API Version 2
-
-
- -
-
-

Client Session (test)

- 
{JSON.stringify(session)}
- - - - -
-
- -
-
- ) -} \ No newline at end of file diff --git a/services/next/app/api/patreon/currently-entitled-tiers/route.ts b/services/next/app/api/patreon/currently-entitled-tiers/route.ts deleted file mode 100644 index f989cb4..0000000 --- a/services/next/app/api/patreon/currently-entitled-tiers/route.ts +++ /dev/null @@ -1,65 +0,0 @@ -'use server'; - -import { NextResponse } from "next/server"; -import { getServerSession } from "next-auth"; -import { getPatreonMemberships } from "@/app/lib/patreon"; -import { authOptions } from "@/app/lib/auth"; - -export async function GET(req: Request, res: Response) { - - // return NextResponse.json(['test']) - - console.log('lets run getServerSession()') - - - // @TODO @TODO @TODO @todo @todo @todo THE PROBLEM IS WITH getServerSession()!!!! - // or rather, the JWE we generated in middleware.ts is invalid and the error is manifesting within the getServerSession() invocation. - const session = await getServerSession(authOptions); - // console.log('session as follows') - // console.log(session) - - if (session) { - - // console.log('currently-entitled-tiers lets get user id') - // console.log(session) - - - let patreonTiersList - - if (!session.token?.access_token) { - console.error('session.token.access_token was missing') - return NextResponse.json({ error: `Failed to get access token from Session`}, { status: 500 }) - } - - if (!session.token.sub) { - return NextResponse.json({ error: `failed to get profile.sub from Session` }, { status: 400 }) - } - - // try { - // idpToken = await get(session.token.access_token) - // } catch (e) { - // console.error(e) - // return NextResponse.json({ error: `Failed to get Patreon token (Keycloak IDP). e=${e}`}, { status: 401 }) - // } - - try { - patreonTiersList = await getPatreonMemberships(idpToken) - } catch (e) { - console.error(e) - return NextResponse.json({ error: `Failed to get patreon memberships. e=${e}`}, { status: 401 }) - } - - - // side effect which grants the appropriate keycloak roles to the user - try { - await syncronizeKeycloakRoles(session.token.sub, patreonTiersList) - } catch (e) { - console.error(e) - return NextResponse.json({ error: `Failed to syncronize roles` }, { status: 500 }) - } - - - return NextResponse.json(patreonTiersList); - } - return NextResponse.json({ error: "You must be logged in." }, { status: 401 }); -} diff --git a/services/next/app/api/patreon/session/route.ts b/services/next/app/api/patreon/session/route.ts deleted file mode 100644 index 6a2b155..0000000 --- a/services/next/app/api/patreon/session/route.ts +++ /dev/null @@ -1,18 +0,0 @@ -'use server'; - -import { NextResponse } from "next/server"; -import { getServerSession } from "next-auth"; -import { authOptions } from "@/app/lib/auth"; - - -export async function GET() { - - - const session = await getServerSession(authOptions); - - if (session) { - - return NextResponse.json(session) - } - return NextResponse.json({ error: "You must be logged in." }, { status: 401 }); -} diff --git a/services/next/app/api/profile/route.ts b/services/next/app/api/profile/route.ts deleted file mode 100644 index 5c58f29..0000000 --- a/services/next/app/api/profile/route.ts +++ /dev/null @@ -1,51 +0,0 @@ - - -// 'use server'; - -// import { NextRequest, NextResponse } from "next/server"; -// import { getServerSession } from "next-auth"; -// import { authOptions } from "@/app/lib/auth"; -// import { getUMAToken } from "@/app/lib/keycloak"; -// import { configs } from "@/app/config/configs"; - -// export async function POST(req: NextRequest) { -// const session = await getServerSession(authOptions); - -// console.log(`a user is attempting to POST their profile. session as follows`) -// console.log(session) - -// if (session) { -// if (!session.token?.access_token) { -// console.error('session.token.access_token was missing') -// return NextResponse.json({ error: `Failed to get access token from Session`}, { status: 500 }) -// } - -// const uma = await getUMAToken(); -// const userId = session.user.id; // Assuming session.user.id is the Keycloak user ID -// const updatedAttributes = await req.json(); // Assuming the updated attributes are sent in the request body - -// console.log('updatedAttributes as follows') -// console.log(updatedAttributes) - -// const response = await fetch(`${configs.keycloakLocalUrl}/admin/realms/futureporn/users/${userId}`, { -// method: 'PUT', -// headers: { -// 'Authorization': `Bearer ${uma.access_token}`, -// 'Content-Type': 'application/json' -// }, -// body: JSON.stringify({ -// attributes: updatedAttributes -// }) -// }); - -// // /admin/realms/futureporn/users/9dd538cd-56a9-4f43-81cd-fa86473214f5 - -// if (!response.ok) { -// console.error(`failed. res.status=${response.status} res.statusText=${response.statusText}`) -// return NextResponse.json({ error: 'Failed to update user attributes' }, { status: 500 }); -// } else { -// return NextResponse.json({ message: 'User attributes updated successfully' }); -// } -// } -// return NextResponse.json({ error: "You must be logged in." }, { status: 401 }); -// } \ No newline at end of file diff --git a/services/next/app/api/revalidate/route.ts b/services/next/app/api/revalidate/route.ts deleted file mode 100644 index bad85ce..0000000 --- a/services/next/app/api/revalidate/route.ts +++ /dev/null @@ -1,26 +0,0 @@ -import { NextRequest, NextResponse } from 'next/server'; -import { revalidateTag } from 'next/cache'; - -export const dynamic = 'force-dynamic'; - -export async function GET(request: NextRequest) { - const token = request.nextUrl.searchParams.get('token') - const tag = request.nextUrl.searchParams.get('tag') - - - - if (!token) { - return NextResponse.json({ message: 'Missing token param' }, { status: 400}) - } - - if (!tag) { - return NextResponse.json({ message: 'Missing tag param' }, { status: 400 }) - } - - if (token !== process.env.REVALIDATION_TOKEN) { - return NextResponse.json({ message: 'Invalid token' }, { status: 401 }) - } - - revalidateTag(tag) - return NextResponse.json({ revalidated: true, now: Date.now() }) -} \ No newline at end of file diff --git a/services/next/app/api/service.json/route.ts b/services/next/app/api/service.json/route.ts deleted file mode 100644 index 9aed096..0000000 --- a/services/next/app/api/service.json/route.ts +++ /dev/null @@ -1,139 +0,0 @@ -import { NextResponse } from 'next/server' - - -const serviceConfig = { - "cluster": { - "peername": "replace-this-with-a-super-cool-peer-name", - "secret": "3acade7f761c91f5fe3d34c4f4d15a17f817bc3463ab4395958f302b222a023b", - "leave_on_shutdown": false, - "listen_multiaddress": [ - "/ip4/0.0.0.0/tcp/9096" - ], - "connection_manager": { - "high_water": 400, - "low_water": 100, - "grace_period": "2m0s" - }, - "dial_peer_timeout": "3s", - "state_sync_interval": "10m", - "pin_recover_interval": "12m", - "ipfs_sync_interval": "130s", - "replication_factor_min": -1, - "replication_factor_max": -1, - "monitor_ping_interval": "30s", - "peer_watch_interval": "10s", - "mdns_interval": "10s", - "disable_repinning": true, - "follower_mode": true, - "peer_addresses": [ - "/dns4/cluster.sbtp.xyz/tcp/9096/p2p/12D3KooWJmCsFadow1UvqAqCGtuKpqrS3puyPUYujJj4dRRCTfXf" - ] - }, - "consensus": { - "crdt": { - "cluster_name": "futureporn.net", - "trusted_peers": [ - "12D3KooWJmCsFadow1UvqAqCGtuKpqrS3puyPUYujJj4dRRCTfXf" - ], - "rebroadcast_interval": "1m", - "peerset_metric": "ping", - "batching": { - "max_batch_size": 0, - "max_batch_age": "0s", - "max_queue_size": 50000 - } - } - }, - "ipfs_connector": { - "ipfshttp": { - "node_multiaddress": "/ip4/127.0.0.1/tcp/5001", - "connect_swarms_delay": "30s", - "ipfs_request_timeout": "5m", - "repogc_timeout": "24h", - "pin_timeout": "3m", - "unpin_timeout": "3h", - "unpin_disable": false - } - }, - "pin_tracker": { - "stateless": { - "max_pin_queue_size": 1000000, - "concurrent_pins": 8, - "priority_pin_max_age" : "24h", - "priority_pin_max_retries" : 5 - } - }, - "monitor": { - "pubsubmon": { - "check_interval": "15s", - "failure_threshold": 3 - } - }, - "informer": { - "disk": { - "metric_ttl": "5m", - "metric_type": "freespace" - }, - "tags": { - "metric_ttl": "30s", - "tags": {} - } - }, - "allocator": { - "balanced": { - "allocate_by": ["freespace"] - } - }, - "observations": { - "metrics": { - "enable_stats": false, - "prometheus_endpoint": "/ip4/0.0.0.0/tcp/8888", - "reporting_interval": "2s" - }, - "tracing": { - "enable_tracing": false, - "jaeger_agent_endpoint": "/ip4/0.0.0.0/udp/6831", - "sampling_prob": 0.3, - "service_name": "cluster-daemon" - } - }, - "datastore": { - "badger": { - "gc_discard_ratio": 0.2, - "gc_interval": "15m0s", - "gc_sleep": "10s", - "badger_options": { - "dir": "", - "value_dir": "", - "sync_writes": true, - "table_loading_mode": 0, - "value_log_loading_mode": 0, - "num_versions_to_keep": 1, - "max_table_size": 67108864, - "level_size_multiplier": 10, - "max_levels": 7, - "value_threshold": 32, - "num_memtables": 5, - "num_level_zero_tables": 5, - "num_level_zero_tables_stall": 10, - "level_one_size": 268435456, - "value_log_file_size": 1073741823, - "value_log_max_entries": 1000000, - "num_compactors": 2, - "compact_l_0_on_close": true, - "read_only": false, - "truncate": false - } - } - } - } - -export const dynamic = 'force-dynamic' -export async function GET() { - const options = { - headers: { - "Content-Type": "application/json", - } - }; - return new NextResponse(JSON.stringify(serviceConfig), options); -} \ No newline at end of file diff --git a/services/next/app/api/session/route.ts b/services/next/app/api/session/route.ts deleted file mode 100644 index 7cff2d7..0000000 --- a/services/next/app/api/session/route.ts +++ /dev/null @@ -1,12 +0,0 @@ -import { getServerSession } from "next-auth"; -import { authOptions } from "@/app/lib/auth"; -import { NextResponse } from "next/server"; - -export async function GET(request: Request) { - const session = await getServerSession(authOptions); - - return NextResponse.json({ - authenticated: !!session, - session, - }); -} diff --git a/services/next/app/api/user/route.ts b/services/next/app/api/user/route.ts deleted file mode 100644 index 48abd02..0000000 --- a/services/next/app/api/user/route.ts +++ /dev/null @@ -1,3 +0,0 @@ -import { getServerSession } from "next-auth"; -import { NextResponse, NextRequest } from "next/server"; - diff --git a/services/next/app/api/v1.json/route.ts b/services/next/app/api/v1.json/route.ts deleted file mode 100644 index 600a279..0000000 --- a/services/next/app/api/v1.json/route.ts +++ /dev/null @@ -1,91 +0,0 @@ - -import { getVodTitle } from '@/app/components/vod-page'; -import { getUrl, getAllVods } from "@/app/lib/vods" -import { IVod } from "@/app/lib/vods" - - -/* - * this is a legacy format - * - * for API version 1. - * - * @deprecated - */ -interface IVod1 { - title: string; - videoSrcHash: string; - video720Hash: string; - video480Hash: string; - video360Hash: string; - video240Hash: string; - thinHash: string; - thiccHash: string; - announceTitle: string; - announceUrl: string; - date: string; - note: string; - url: string; -} - -interface IAPI1 { - vods: IVod1[] -} - - -export async function GET(): Promise { - try { - const vodsRaw = await getAllVods(); - if (!vodsRaw) { - const options = { - headers: { - "Content-Type": "application/json", - }, - status: 500, - }; - return new Response('{}', options); - } - - const vods: IVod1[] = vodsRaw.map((v: IVod): IVod1 => ({ - title: getVodTitle(v), - videoSrcHash: v.videoSrcHash, - video720Hash: '', - video480Hash: '', - video360Hash: '', - video240Hash: v.video240Hash, - thinHash: '', - thiccHash: '', - announceTitle: v.announce_title, - announceUrl: v.announce_url, - date: v.date_2, - note: v.note || '', - url: getUrl(v, v.vtuber.slug, v.date_2), - })); - - const response = { - vods: vods, - }; - - const options = { - headers: { - "Content-Type": "application/json", - }, - }; - - return new Response(JSON.stringify(response), options); - } catch (error) { - console.error("Error fetching VODs:", error); - - const errorResponse = { - error: "An error occurred while fetching VODs", - }; - - const options = { - headers: { - "Content-Type": "application/json", - }, - status: 500, - }; - - return new Response(JSON.stringify(errorResponse), options); - } -} \ No newline at end of file diff --git a/services/next/app/archive/[uuid]/not-found.tsx b/services/next/app/archive/[uuid]/not-found.tsx deleted file mode 100644 index 785331b..0000000 --- a/services/next/app/archive/[uuid]/not-found.tsx +++ /dev/null @@ -1,12 +0,0 @@ -import Link from 'next/link' - -export default function NotFound() { - return ( -
-

404 Not Found

-

Could not find that stream archive.

- - Return to archive list -
- ) -} \ No newline at end of file diff --git a/services/next/app/archive/[uuid]/page.tsx b/services/next/app/archive/[uuid]/page.tsx deleted file mode 100644 index b9f03a8..0000000 --- a/services/next/app/archive/[uuid]/page.tsx +++ /dev/null @@ -1,21 +0,0 @@ - -import StreamPage from '@/app/components/stream-page'; -import { getStreamByUUID } from '@/app/lib/streams'; - - -interface IPageParams { - params: { - uuid: string; - } -} - - -export default async function Page ({ params: { uuid } }: IPageParams) { - const stream = await getStreamByUUID(uuid); - console.log(`getting stream by uuid. uuid=${uuid}`) - return ( - <> - - - ) -} \ No newline at end of file diff --git a/services/next/app/archive/page.tsx b/services/next/app/archive/page.tsx deleted file mode 100644 index c38ca75..0000000 --- a/services/next/app/archive/page.tsx +++ /dev/null @@ -1,31 +0,0 @@ -import Pager from "@/app/components/pager"; -import StreamsList from "@/app/components/streams-list"; -import StreamsTable from '@/app/components/streams-table'; -import { getAllStreams, getStreamsForVtuber } from "@/app/lib/streams"; -// import { getAllVtubers } from "@/app/lib/vtubers"; -import { notFound } from "next/navigation"; - - - -export default async function Page() { - - - return ( -
- {/* 
-                
here are the streams object

-                
-                    {JSON.stringify(streams, null, 2)}
-                
-
*/} - - - -

Stream Archive

- - - {/* - */} -
- ) -} \ No newline at end of file diff --git a/services/next/app/components/access-denied-screen.tsx b/services/next/app/components/access-denied-screen.tsx deleted file mode 100644 index e1f692d..0000000 --- a/services/next/app/components/access-denied-screen.tsx +++ /dev/null @@ -1,24 +0,0 @@ -import { FontAwesomeIcon } from "@fortawesome/react-fontawesome" -import { faCircleXmark, faExternalLinkAlt } from "@fortawesome/free-solid-svg-icons" -import Link from "next/link" - -export default function AccessDeniedScreen(requiredUserRole: string, featureName: string = 'This feature') { - return <> -
-
-

Access denied

-
-
-

{featureName} is only available to {requiredUserRole}s

-

To unlock this feature, make a pledge at - patreon.com/CJ_Clippy - - -

-
-
- -} \ No newline at end of file diff --git a/services/next/app/components/archive-progress.tsx b/services/next/app/components/archive-progress.tsx deleted file mode 100644 index 1dda4b7..0000000 --- a/services/next/app/components/archive-progress.tsx +++ /dev/null @@ -1,36 +0,0 @@ -import { getAllStreamsForVtuber, getStreamCountForVtuber } from "@/app/lib/streams"; -import { getVodsForVtuber } from "@/app/lib/vods"; -import { IVtuber } from "@futureporn/types"; - -export interface IArchiveProgressProps { - vtuber: IVtuber; -} - -export default async function ArchiveProgress ({ vtuber }: IArchiveProgressProps) { - - // // Check if totalStreams is not zero before calculating completedPercentage - // const completedPercentage = (totalStreams !== 0) ? Math.round(eligibleStreams / totalStreams * 100) : 0; - const goodStreams = await getStreamCountForVtuber(vtuber.id, ['good']) - const issueStreams = await getStreamCountForVtuber(vtuber.id, ['issue']) - const totalStreams = await getStreamCountForVtuber(vtuber.id) - const eligibleStreams = goodStreams+issueStreams - const completedPercentage = Math.floor((eligibleStreams / totalStreams) * 100) - return ( -
- {/*

- {totalStreams} known streams
- {goodStreams} streams archived
- {issueStreams} streams with issues
-

*/} -

{eligibleStreams}/{totalStreams} Streams Archived ({completedPercentage}%)

- {completedPercentage}% -
- ) - // @todo - - // return ( - //
- //

{(vods) ? vods.data.length : 0} vods

 - //
- // ) -} \ No newline at end of file diff --git a/services/next/app/components/auth-buttons.tsx b/services/next/app/components/auth-buttons.tsx deleted file mode 100644 index eb2efcb..0000000 --- a/services/next/app/components/auth-buttons.tsx +++ /dev/null @@ -1,41 +0,0 @@ -"use client"; - -import { signIn, signOut } from "next-auth/react"; -import Link from "next/link"; -import { FontAwesomeIcon } from "@fortawesome/react-fontawesome"; -import { faUser } from "@fortawesome/free-solid-svg-icons"; - -export const LoginButton = () => { - return ( - - ); -}; - -export const RegisterButton = () => { - return ( - - Register - - ); -}; - -export const LogoutButton = () => { - return ( - - ); -}; - -export const ProfileButton = () => { - return ( - - Profile - - ) -}; diff --git a/services/next/app/components/auth-provider.tsx b/services/next/app/components/auth-provider.tsx deleted file mode 100644 index 04e162a..0000000 --- a/services/next/app/components/auth-provider.tsx +++ /dev/null @@ -1,11 +0,0 @@ -"use client"; - -import { SessionProvider } from "next-auth/react"; - -type Props = { - children: React.ReactNode; -} - -export default function AuthProvider({ children }: Props) { - return {children}; -} \ No newline at end of file diff --git a/services/next/app/components/contributors.tsx b/services/next/app/components/contributors.tsx deleted file mode 100644 index 7f0d8d7..0000000 --- a/services/next/app/components/contributors.tsx +++ /dev/null @@ -1,40 +0,0 @@ -import Skeleton, { SkeletonTheme } from "react-loading-skeleton"; -import { getContributors } from "../lib/contributors"; -import Link from 'next/link'; -import { faExternalLinkAlt } from "@fortawesome/free-solid-svg-icons"; -import { FontAwesomeIcon } from "@fortawesome/react-fontawesome"; - -export default async function Contributors() { - try { - const contributors = await getContributors(); - if (!contributors || contributors.length < 1) return ( - - - - ) - const contributorList = contributors.map((contributor, index) => ( - - {contributor.attributes.url ? ( - - {contributor.attributes.name} - - - ) : ( - contributor.attributes.name - )} - {index !== contributors.length - 1 ? ", " : ""} - - )); - return ( - <>{contributorList} - ) - } catch (e) { - if (e instanceof Error) { - console.error(e) - } - return

Failed to fetch contributor list

- } -} \ No newline at end of file diff --git a/services/next/app/components/error-card.tsx b/services/next/app/components/error-card.tsx deleted file mode 100644 index d16beec..0000000 --- a/services/next/app/components/error-card.tsx +++ /dev/null @@ -1,9 +0,0 @@ -export function ErrorCard(props: { message: string }) { - const { message } = props - return ( -
- - {message} -
- ) -} \ No newline at end of file diff --git a/services/next/app/components/footer.tsx b/services/next/app/components/footer.tsx deleted file mode 100644 index 3f162f5..0000000 --- a/services/next/app/components/footer.tsx +++ /dev/null @@ -1,117 +0,0 @@ -import Link from "next/link"; -import { FontAwesomeIcon } from "@fortawesome/react-fontawesome"; -import { faExternalLinkAlt } from "@fortawesome/free-solid-svg-icons"; -import { faGit, faReddit, faDiscord, faPatreon } from "@fortawesome/free-brands-svg-icons"; -import Contributors from "./contributors"; -import PatronsList from "./patrons-list"; - -export default function Footer() { - return ( - <> -
-
- -
-
-

Sitemap

-
    -
  • ↑ Top of page
    • -
  • Vtubers
    • -
  • Archive
    • -
  • About
    • -
  • FAQ
    • -
  • Goals
    • -
  • Patrons
    • -
  • Tags
    • -
  • RSS Feed
    • -
  • API
    • -
  • Status
    • - {/*
  • Upload
    • */} -
  • Profile
    • -
-
-
-

- Futureporn.net is made with ❤️ by CJ_Clippy -

-

- Made possible by generous - - donations - - - - from - -

-

- VOD contributions by -

-

- - - Git Repo - - -

- -

- - - Reddit Thread - - -

- -

- - - Discord Server - - -

-
-
- -
- -
- - ) -} \ No newline at end of file diff --git a/services/next/app/components/funding-goal.tsx b/services/next/app/components/funding-goal.tsx deleted file mode 100644 index 2a96cbc..0000000 --- a/services/next/app/components/funding-goal.tsx +++ /dev/null @@ -1,88 +0,0 @@ - -import { getCampaign } from "@/app/lib/patreon"; -import { getGoals, IGoals } from '@/app/lib/pm' -import Image from "next/legacy/image"; -import React from 'react'; -import Link from 'next/link' - - - -export default async function FundingGoal(): Promise { - const campaignData = await getCampaign(); - const { pledgeSum, patronCount } = campaignData; - - const goals = await getGoals(pledgeSum); - if (!goals || !goals?.featuredFunded?.amountCents || !goals?.featuredUnfunded?.amountCents || !goals?.featuredFunded?.amountCents || !goals?.featuredUnfunded?.completedPercentage || !goals?.featuredFunded?.completedPercentage ) return <> - - return ( - <> - {/*

- pledgeSum:{JSON.stringify(pledgeSum, null, 2)} -

-

- patronCount:{JSON.stringify(patronCount, null, 2)} -

-

featuredFunded:{JSON.stringify(goals.featuredFunded)}

-

featuredUnfunded:{JSON.stringify(goals.featuredUnfunded)}

*/} - - {/* 
-                
-                    {JSON.stringify(goals, null, 2)}
-                
-
*/} -
- - -
-
- Funding Goal -
- - CJ_Clippy - -
-
-
-
- {/* the most recently funded goal */} -
- {/* const { featuredFunded, featuredUnfunded } = goals; - if (!featuredFunded?.amountCents || !featuredFunded?.completedPercentage) return <> - if (!featuredUnfunded?.amountCents || !featuredUnfunded?.completedPercentage) return <> */} - -

${(goals.featuredFunded.amountCents * (goals.featuredFunded.completedPercentage * 0.01) / 100)} of {goals.featuredFunded.amountCents / 100} ({goals.featuredFunded.completedPercentage}%) -

-
- FUNDED -
-

{goals.featuredFunded.description}

-
- - {/* the next unfunded goal */} -
-

${(goals.featuredUnfunded.amountCents * (goals.featuredUnfunded.completedPercentage * 0.01) / 100) | 0} of ${goals.featuredUnfunded.amountCents / 100} ({goals.featuredUnfunded.completedPercentage}%)

- - {goals.featuredUnfunded.completedPercentage}% - -

{goals.featuredUnfunded.description}

-
-
- -

- Thank you, Patrons! -

-
-
-
- - ); -}; - diff --git a/services/next/app/components/icons/carrd.tsx b/services/next/app/components/icons/carrd.tsx deleted file mode 100644 index d900cda..0000000 --- a/services/next/app/components/icons/carrd.tsx +++ /dev/null @@ -1,8 +0,0 @@ -import * as React from "react" -const SvgComponent = (props: any) => ( - - {"Carrd"} - - -) -export default SvgComponent diff --git a/services/next/app/components/icons/chaturbate.tsx b/services/next/app/components/icons/chaturbate.tsx deleted file mode 100644 index 31c641f..0000000 --- a/services/next/app/components/icons/chaturbate.tsx +++ /dev/null @@ -1,14 +0,0 @@ -import * as React from "react" -const SvgComponent = (props: any) => ( - - - -) -export default SvgComponent diff --git a/services/next/app/components/icons/fansly.tsx b/services/next/app/components/icons/fansly.tsx deleted file mode 100644 index 03a78dc..0000000 --- a/services/next/app/components/icons/fansly.tsx +++ /dev/null @@ -1,20 +0,0 @@ -import * as React from "react" -const SvgComponent = (props: any) => ( - - - - -) -export default SvgComponent diff --git a/services/next/app/components/icons/linktree.tsx b/services/next/app/components/icons/linktree.tsx deleted file mode 100644 index 3e17f8b..0000000 --- a/services/next/app/components/icons/linktree.tsx +++ /dev/null @@ -1,30 +0,0 @@ -import * as React from "react" -const SvgComponent = (props: any) => ( - - - - - - - - - - - -) -export default SvgComponent diff --git a/services/next/app/components/icons/onlyfans.tsx b/services/next/app/components/icons/onlyfans.tsx deleted file mode 100644 index 81a568a..0000000 --- a/services/next/app/components/icons/onlyfans.tsx +++ /dev/null @@ -1,55 +0,0 @@ -import * as React from "react" -const SvgComponent = (props: any) => ( - - - - - - -) -export default SvgComponent diff --git a/services/next/app/components/icons/pornhub.tsx b/services/next/app/components/icons/pornhub.tsx deleted file mode 100644 index 5f7a746..0000000 --- a/services/next/app/components/icons/pornhub.tsx +++ /dev/null @@ -1,23 +0,0 @@ -import * as React from "react" -const SvgComponent = (props: any) => ( - - - - - - - -) -export default SvgComponent diff --git a/services/next/app/components/icons/throne.tsx b/services/next/app/components/icons/throne.tsx deleted file mode 100644 index 897285c..0000000 --- a/services/next/app/components/icons/throne.tsx +++ /dev/null @@ -1,31 +0,0 @@ -import * as React from "react" -const SvgComponent = (props: any) => ( - - - - - - - - - - - - -) -export default SvgComponent diff --git a/services/next/app/components/ipfs-cid.tsx b/services/next/app/components/ipfs-cid.tsx deleted file mode 100644 index efbde66..0000000 --- a/services/next/app/components/ipfs-cid.tsx +++ /dev/null @@ -1,42 +0,0 @@ -'use client'; - -import { FontAwesomeIcon } from "@fortawesome/react-fontawesome"; -import { faCopy, faCheck } from "@fortawesome/free-solid-svg-icons"; -import { useState } from "react"; -import styles from '@/assets/styles/cid.module.css' - -interface IIpfsCidProps { - label?: string; - cid: string; -} - - -export function IpfsCid({ label, cid }: IIpfsCidProps) { - - const [isCopied, setIsCopied] = useState(false); - - - - return ( -
- {label} - 
{cid}
- {(isCopied) ? - - : - { - navigator.clipboard.writeText(cid) - setIsCopied(true) - setTimeout(() => setIsCopied(false), 3000) - }} - > - } -
- ) -} diff --git a/services/next/app/components/ipfs-logo.tsx b/services/next/app/components/ipfs-logo.tsx deleted file mode 100644 index 3875418..0000000 --- a/services/next/app/components/ipfs-logo.tsx +++ /dev/null @@ -1,18 +0,0 @@ -import React from 'react'; - -interface LogoProps { - size: number; - color: string; -} - -const IPFSLogo: React.FC = ({ size = 32, color = '#65C2CB' }) => { - - return ( - - IPFS - - - ); -}; - -export default IPFSLogo; \ No newline at end of file diff --git a/services/next/app/components/ipfs.tsx b/services/next/app/components/ipfs.tsx deleted file mode 100644 index cacfea8..0000000 --- a/services/next/app/components/ipfs.tsx +++ /dev/null @@ -1,39 +0,0 @@ -'use client'; - -// import { type Helia, createHelia } from 'helia'; -// import React, { useState, useEffect } from 'react'; - -// export default function Ipfs () { -// const [id, setId] = useState(null) -// const [helia, setHelia] = useState(null) -// const [isOnline, setIsOnline] = useState(false) - -// useEffect(() => { -// const init = async () => { -// if (helia) return - -// const heliaNode = await createHelia(); - -// const nodeId = heliaNode.libp2p.peerId.toString(); -// const nodeIsOnline = heliaNode.libp2p.isStarted(); - -// setHelia(heliaNode); -// setId(nodeId); -// setIsOnline(nodeIsOnline); -// } - -// init() -// }, [helia]) - -// if (!helia || !id) { -// return

Connecting to IPFS...

-// } - -// return ( -//
-//

ID: {id.toString()}

-//

Status: {isOnline ? 'Online' : 'Offline'}

-//
-// ) -// } - diff --git a/services/next/app/components/linkable-heading.tsx b/services/next/app/components/linkable-heading.tsx deleted file mode 100644 index c5e782a..0000000 --- a/services/next/app/components/linkable-heading.tsx +++ /dev/null @@ -1,28 +0,0 @@ -import Link from "next/link"; -import { FontAwesomeIcon } from "@fortawesome/react-fontawesome"; -import { IconDefinition, faLink } from "@fortawesome/free-solid-svg-icons"; - -interface ILinkableHeadingProps { - icon?: IconDefinition; - text: string; - slug: string; -} - -export default function LinkableHeading({ icon, text, slug }: ILinkableHeadingProps) { - return ( -

- {icon && } - {text} - - - - -

- ) -} \ No newline at end of file diff --git a/services/next/app/components/localized-date.tsx b/services/next/app/components/localized-date.tsx deleted file mode 100644 index 44ad6ec..0000000 --- a/services/next/app/components/localized-date.tsx +++ /dev/null @@ -1,26 +0,0 @@ -import { formatISO } from "date-fns"; - -interface ILocalizedDateProps { - date: Date; -} - -/** - * - * this causes hydration issues - * - * Error: Text content does not match server-rendered HTML. - * - * Warning: Text content did not match. Server: "2024-01-01" Client: "2023-12-31" - * - * See more info here: https://nextjs.org/docs/messages/react-hydration-error - */ - -export function LocalizedDate ({ date }: ILocalizedDateProps) { - const isoDateTime = formatISO(date); - const isoDate = formatISO(date, { representation: 'date' }); - return ( - <> - - - ) -} \ No newline at end of file diff --git a/services/next/app/components/navbar.tsx b/services/next/app/components/navbar.tsx deleted file mode 100644 index 8d8dc1d..0000000 --- a/services/next/app/components/navbar.tsx +++ /dev/null @@ -1,93 +0,0 @@ -'use client' - -import { useState } from 'react' -import { FontAwesomeIcon } from "@fortawesome/react-fontawesome"; -import { faExternalLinkAlt, faUpload } from "@fortawesome/free-solid-svg-icons"; -import Link from 'next/link' -import { LoginButton, ProfileButton } from './auth-buttons'; -import { Spinner } from './spinner'; -import ProtectedRoute from "../components/protected-route"; - -export default function Navbar() { - const [isExpanded, setExpanded] = useState(false); - - - - const handleBurgerClick = () => { - setExpanded(!isExpanded); - }; - - return ( - <> - - - ) -} \ No newline at end of file diff --git a/services/next/app/components/notification-center.tsx b/services/next/app/components/notification-center.tsx deleted file mode 100644 index 31218c6..0000000 --- a/services/next/app/components/notification-center.tsx +++ /dev/null @@ -1,13 +0,0 @@ -'use client'; - -import { ToastContainer } from 'react-toastify'; -import 'react-toastify/dist/ReactToastify.css'; - - -export default function NotificationCenter() { - return ( - - ) -} \ No newline at end of file diff --git a/services/next/app/components/notifications.tsx b/services/next/app/components/notifications.tsx deleted file mode 100644 index 1968ecd..0000000 --- a/services/next/app/components/notifications.tsx +++ /dev/null @@ -1,10 +0,0 @@ - -export function DangerNotification ({ errors }: { errors: String[] }): JSX.Element { - return ( -
- {errors && errors.map((error, index) => ( -

Error:{error}

- ))} -
- ); -} \ No newline at end of file diff --git a/services/next/app/components/pager.tsx b/services/next/app/components/pager.tsx deleted file mode 100644 index d1680e4..0000000 --- a/services/next/app/components/pager.tsx +++ /dev/null @@ -1,92 +0,0 @@ -import Link from 'next/link'; - -interface IPagerProps { - baseUrl: string; // Pass the base URL as a prop - page: number; - pageCount: number; -} - -export default function Pager({ baseUrl, page, pageCount }: IPagerProps): React.JSX.Element { - const pageNumbers = Array.from({ length: pageCount }, (_, i) => i + 1); - - const getPagePath = (page: any): string => { - const pageNumber = parseInt(page); - return `${baseUrl}/${pageNumber}`; - }; - - const getNextPagePath = (page: any): string => { - const pageNumber = parseInt(page); - return `${baseUrl}/${pageNumber+1}`; - } - - const getPreviousPagePath = (page: any): string => { - const pageNumber = parseInt(page); - return `${baseUrl}/${pageNumber-1}` - } - - // Define the number of page links to show around the current page - const maxPageLinksToShow = 3; - - // Calculate the range of page numbers to display - const startPage = Math.max(1, page - Math.floor(maxPageLinksToShow / 2)); - const endPage = Math.min(pageCount, startPage + maxPageLinksToShow - 1); - - return ( -
- -
- ); -} diff --git a/services/next/app/components/patron-perks.tsx b/services/next/app/components/patron-perks.tsx deleted file mode 100644 index b6f796e..0000000 --- a/services/next/app/components/patron-perks.tsx +++ /dev/null @@ -1,51 +0,0 @@ -import PatronRoute from "../components/protected-route"; -import { useMutateMetadata, useMetadata } from "../profile/hooks/useMetadata"; -import { faCheckCircle } from "@fortawesome/free-solid-svg-icons"; -import { FontAwesomeIcon } from "@fortawesome/react-fontawesome"; -import VibrateTest from "./vibrate-test"; -import { useState, useEffect } from "react"; -import { faSpinner, faXmarkCircle, faSave } from "@fortawesome/free-solid-svg-icons"; -import Skeleton, { SkeletonTheme } from "react-loading-skeleton" -import 'react-loading-skeleton/dist/skeleton.css'; - -export default function PatronPerks() { - - - - - const { status, data, error, isFetching, isPending } = useMetadata() - const mutateMetadata = useMutateMetadata() - - - - const username = `${data?.metadata?.first_name || ''} ${data?.metadata?.last_name || ''}`.trim(); - const { metadata } = data || {}; - - const [ isUsernamePublic, setIsUsernamePublic ] = useState(metadata?.isUsernamePublic || false) - useEffect(() => { - mutateMetadata.mutate({ isUsernamePublic }) - }, [ isUsernamePublic ]) - - - - return ( - <> -

Patron Perks

-

Website Shoutout

- -
- Display {(!!username) ? username : } publicly? - setIsUsernamePublic(evt.target.checked)}/> - {(mutateMetadata.status === 'success') && } - {(mutateMetadata.status === 'pending') && } - {(mutateMetadata.status === 'error') && } -
- - - -

Vibrate (test)

- - - - ) -} \ No newline at end of file diff --git a/services/next/app/components/patrons-list.tsx b/services/next/app/components/patrons-list.tsx deleted file mode 100644 index 0990914..0000000 --- a/services/next/app/components/patrons-list.tsx +++ /dev/null @@ -1,52 +0,0 @@ -import Skeleton, { SkeletonTheme } from 'react-loading-skeleton'; -import 'react-loading-skeleton/dist/skeleton.css'; -import { getPatrons } from '../lib/patreon'; -import Link from 'next/link' - - -interface PatronsListProps { - displayStyle: string; -} - -export default async function PatronsList({ displayStyle }: PatronsListProps) { - const patrons = await getPatrons() - console.log('patrons list as follows') - console.log(patrons) - - if (!patrons || patrons.length === 0) return ( - - - - ); - - if (displayStyle === 'box') { - return ( -
- {patrons.map((patron) => ( - -
-
-
-
-
- {patron.full_name && ( - - {patron.full_name} - - )} -
-
-
-
-
- ))} -
- ); - } else if (displayStyle === 'list') { - const patronNames = patrons.map((patron) => patron.full_name.trim()).join(', '); - return {patronNames}; - } else { - return ; // Handle unsupported display styles or provide a default display style - } -} - diff --git a/services/next/app/components/permissions-table.tsx b/services/next/app/components/permissions-table.tsx deleted file mode 100644 index f162268..0000000 --- a/services/next/app/components/permissions-table.tsx +++ /dev/null @@ -1,8 +0,0 @@ - -// @see https://gitea.futureporn.net/futureporn/pm/issues/106 - -export default function PermissionsTable() { - return <> -

@todo permissions table

- -} \ No newline at end of file diff --git a/services/next/app/components/protected-route.tsx b/services/next/app/components/protected-route.tsx deleted file mode 100644 index 17cf6db..0000000 --- a/services/next/app/components/protected-route.tsx +++ /dev/null @@ -1,53 +0,0 @@ -'use client' - -import { useSession } from "next-auth/react" -import { Spinner } from "./spinner"; - -// type AuthContentProps = { -// loadingSlot?: React.ReactNode; -// authedSlot: React.ReactNode; -// unauthSlot: React.ReactNode; -// }; - -// export default function AuthContent({ -// loadingSlot, -// authedSlot, -// unauthSlot, -// }: AuthContentProps) { -// const { data: session, status } = useSession(); - -// if (status === 'loading') { -// return <>{!!loadingSlot ? loadingSlot : } -// } - -// if (status === 'authenticated') { -// return <>{authedSlot}; -// } - -// return <>{unauthSlot}; -// } - - -import React from "react"; -import AccessDeniedScreen from './access-denied-screen'; - -interface ProtectedRouteProps extends React.PropsWithChildren { - requiredUserRole: string; - featureName?: string; - loading?: React.ReactNode; - accessDenied?: React.ReactNode; -} - -const ProtectedRoute = (props: ProtectedRouteProps) => { - const { data: session, status } = useSession(); - - if (status === 'loading') return (props.loading) ? props.loading : ; - if (status !== 'authenticated' || !session.roles || !session.roles.includes(props.requiredUserRole)) { - return (!!props?.accessDenied) ? props.accessDenied : AccessDeniedScreen(props.requiredUserRole, props.featureName); - } else { - return props.children; - } - -} - -export default ProtectedRoute \ No newline at end of file diff --git a/services/next/app/components/query-provider.tsx b/services/next/app/components/query-provider.tsx deleted file mode 100644 index 99ea319..0000000 --- a/services/next/app/components/query-provider.tsx +++ /dev/null @@ -1,27 +0,0 @@ -// @see https://github.com/TanStack/query/issues/4933#issuecomment-1416892904 - -'use client'; - -import { QueryClient, QueryClientProvider } from '@tanstack/react-query' -import { useState } from 'react'; - - - -export default function QueryProvider({ - children, -}: { - children: React.ReactNode -}) { - const [queryClient] = useState(() => new QueryClient({ - defaultOptions: { - queries: { - staleTime: 60 * 1000 - } - } - })) - return ( - - {children} - - ); -} \ No newline at end of file diff --git a/services/next/app/components/sortable-tags.tsx b/services/next/app/components/sortable-tags.tsx deleted file mode 100644 index 82a01ee..0000000 --- a/services/next/app/components/sortable-tags.tsx +++ /dev/null @@ -1,70 +0,0 @@ -'use client' - -import React, { useState } from 'react'; -import { ITag } from '../lib/tags'; -import Link from 'next/link'; -import slugify from 'slugify'; -import { FontAwesomeIcon } from "@fortawesome/react-fontawesome"; -import { faFilter } from "@fortawesome/free-solid-svg-icons"; - -interface ISortableTagsProps { - tags: ITag[]; -} - -export default function SortableTags({ tags }: ISortableTagsProps) { - const [filterText, setFilterText] = useState(''); - const [sortOption, setSortOption] = useState('Sort'); - - const filteredTags = tags.filter((tag: ITag) => - tag.name.toLowerCase().includes(filterText.toLowerCase()) - ); - - const sortedTags = [...filteredTags].sort((a, b) => { - if (sortOption === 'Alphabetical') { - return a.name.localeCompare(b.name); - } else if (sortOption === 'Frequency') { - return b.count - a.count; - } - return 0; - }); - - return ( - <> -
-
- setFilterText(e.target.value)} - /> - - - -
-
-
- -
-
-
-
- {sortedTags.map((tag: ITag) => ( - - - {tag.name} ({tag.count}) - - - ))} -
- - ); -} diff --git a/services/next/app/components/spinner.tsx b/services/next/app/components/spinner.tsx deleted file mode 100644 index 23a2ba3..0000000 --- a/services/next/app/components/spinner.tsx +++ /dev/null @@ -1,6 +0,0 @@ -import { faSpinner } from "@fortawesome/free-solid-svg-icons"; -import { FontAwesomeIcon } from "@fortawesome/react-fontawesome"; - -export function Spinner() { - return -} \ No newline at end of file diff --git a/services/next/app/components/stream-button.tsx b/services/next/app/components/stream-button.tsx deleted file mode 100644 index 97b946f..0000000 --- a/services/next/app/components/stream-button.tsx +++ /dev/null @@ -1,17 +0,0 @@ -import { IStream } from "@futureporn/types"; -import Link from "next/link" -import { FontAwesomeIcon } from "@fortawesome/react-fontawesome"; -import { faCalendar } from "@fortawesome/free-solid-svg-icons"; - -export function StreamButton({ stream }: { stream: IStream }) { - if (!stream) return <> - - return ( - - {new Date(stream.date).toLocaleDateString()} - - ) -} \ No newline at end of file diff --git a/services/next/app/components/stream-page.tsx b/services/next/app/components/stream-page.tsx deleted file mode 100644 index da4e9a8..0000000 --- a/services/next/app/components/stream-page.tsx +++ /dev/null @@ -1,203 +0,0 @@ -import { IStream } from "@futureporn/types"; -import { IVod } from "@/app/lib/vods"; -import Link from "next/link"; -import Image from "next/legacy/image"; -import { LocalizedDate } from "./localized-date"; -import { FontAwesomeIcon, FontAwesomeIconProps } from "@fortawesome/react-fontawesome"; -import { faTriangleExclamation, faCircleInfo, faThumbsUp, IconDefinition, faO, faX, faExternalLinkAlt } from "@fortawesome/free-solid-svg-icons"; -import { faXTwitter } from "@fortawesome/free-brands-svg-icons"; -import { notFound } from "next/navigation"; -import ProtectedRoute from "./protected-route"; - -export interface IStreamProps { - stream: IStream; -} -type Status = 'missing' | 'issue' | 'good'; -interface StyleDef { - heading: string; - icon: IconDefinition; - description: string; - prompt: string; -} - -function capitalizeFirstLetter(string: string): string { - return string.charAt(0).toUpperCase() + string.slice(1); -} - -function hasNote(vod: IVod) { - if (!!vod?.note) return true; - else return false; -} - -function determineStatus(stream: IStream): Status { - if (stream.vods.length < 1) { - return 'missing' - } else { - if (stream.vods.some((vod: IVod) => !hasNote(vod))) { - return 'good'; - } else { - return 'issue'; - } - } -} - -export default function StreamPage({ stream }: IStreamProps) { - console.log('StreamPage function has been invoked! stream as follows') - console.log(stream) - if (!stream) notFound() - const displayName = stream.vtuber.display_name; - const date = new Date(stream.date); - const selectedStatus = determineStatus(stream); - - const styleMap: Record = { - 'missing': { - heading: 'is-danger', - icon: faTriangleExclamation, - description: "We don't have a VOD for this stream.", - prompt: 'Know someone who does?' - }, - 'issue': { - heading: 'is-warning', - icon: faCircleInfo, - description: "We have a VOD for this stream, but it's not full quality.", - prompt: 'Have a better copy?' - }, - 'good': { - heading: 'is-success', - icon: faThumbsUp, - description: "We have a VOD for this stream, and we think it's the best quality possible.", - prompt: "Have one that's even better?" - } - }; - const { heading, icon, description, prompt } = styleMap[selectedStatus] || {}; - - - if (!stream) return

NotFound

- // - - // return

- // 

-    //         
-    //             {JSON.stringify(stream, null, 2)}
-
-    //         
-    //
- - //

- // const platformsList = [ - // stream.attributes.isChaturbateStream ? 'Chaturbate' : null, - // stream.attributes.isFanslyStream ? 'Fansly' : null - // ].filter(Boolean).join(', '); - // platformsList = platformsArray.length > 0 ? platformsArray.join(', ') : 'None'; - - // const platformsList = [ - // (stream.attributes.isChaturbateStream && 'CB'), - // (stream.attributes.isFanslyStream && 'Fansly') - // ].filter(Boolean).join(', ') - - const platformsList = [ - (stream.is_chaturbate_stream && 'CB'), - (stream.is_fansly_stream && 'Fansly') - ].filter(Boolean).join(', ') || '!!!'; - - - - return ( - <> - - -
-
-

{displayName} Stream Archive

-
- -
-
-
-
-
- - - - - - - - - - - - - - - - - - - - - -
DescriptionDetails
Platform{platformsList}
UTC Datetime
Local Datetime{date.toLocaleDateString()} {date.toLocaleTimeString()}
- -
-
-
-
- - -
-
-
- VOD {capitalizeFirstLetter(selectedStatus)} -
-
- -

{description}

- } > -

{prompt}
- Upload it here.

- -
-
-
- -
- - - {stream.vods.length !== 0 && -
-

VODs

- - - - - - {/* - */} - - - - - - - {stream.vods.map((vod: IVod) => ( - - {/*

{JSON.stringify(vod, null, 2)}

*/} - - - {/* - */} - - - - - ))} - -
IDUpload DateThumbnailDurationTagsTimestampsNote
{vod.uuid}{vod.publishedAt}{(!!vod?.attributes?.thumbnail?.data?.attributes?.cdnUrl) ? : }{(!!vod?.attributes?.duration) ? vod.duration : }{vod.tagVodRelations.length}{vod.timestamps.length}{(!!vod.note) ? : }
-
} - -
- - - ) -} diff --git a/services/next/app/components/stream.tsx b/services/next/app/components/stream.tsx deleted file mode 100644 index 2e73f35..0000000 --- a/services/next/app/components/stream.tsx +++ /dev/null @@ -1,86 +0,0 @@ -import { IStream } from "@futureporn/types"; -import NotFound from "@/app/vt/[slug]/not-found"; -import { LocalizedDate } from "./localized-date"; -import Link from "next/link"; -import ChaturbateIcon from "@/app/components/icons/chaturbate"; -import FanslyIcon from "@/app/components/icons/fansly"; -import Image from "next/legacy/image"; - -export interface IStreamProps { - stream: IStream; -} - - -export function Stream({ stream }: IStreamProps) { - if (!stream) return - return ( -
- 
-                
-                    {JSON.stringify(stream, null, 2)}
-                
-
- {/*

Stream {stream.attributes.date}

*/} -
- ) -} - - - -export function StreamSummary ({ stream }: IStreamProps) { - if (!stream) return - - // return ( - // 
-    //         
-    //             {JSON.stringify(stream, null, 2)}
-    //         
-    //
- // ) - - const archiveStatus = stream.attributes.archiveStatus; - const archiveStatusClassName = (() => { - if (archiveStatus === 'missing') return 'is-danger'; - if (archiveStatus === 'good') return 'is-success'; - if (archiveStatus === 'issue') return 'is-warning'; - })(); - - return ( - -
- {/* 
-                    
-                        {JSON.stringify(stream, null, 2)}
-                    
-
*/} -
- - {stream.vtuber.display_name} - -
-
- {stream.vtuber.display_name} -
-
- -
-
- {(stream.is_chaturbate_stream) && } - {(stream.is_fansly_stream) && } -
-
-
{stream.archive_status}
-
-
-
-
-
- - ) -} \ No newline at end of file diff --git a/services/next/app/components/streams-list.tsx b/services/next/app/components/streams-list.tsx deleted file mode 100644 index 9b0edee..0000000 --- a/services/next/app/components/streams-list.tsx +++ /dev/null @@ -1,58 +0,0 @@ -import React from 'react' -import Link from 'next/link'; -import { IVtuber, IStream } from '@futureporn/types'; -import { notFound } from 'next/navigation'; -import { getAllStreams } from '@/app/lib/streams'; -import { StreamSummary } from '@/app/components/stream'; - -interface IStreamsListProps { - vtubers: IVtuber[]; - page: number; - pageSize: number; -} - - -interface IStreamsListHeadingProps { - slug: string; - displayName: string; -} - -export function StreamsListHeading({ slug, displayName }: IStreamsListHeadingProps): React.JSX.Element { - return ( -
-

- {displayName} Streams -

-
- ) -} - - -export default async function StreamsList({ vtubers, page = 1, pageSize = 24 }: IStreamsListProps): Promise { - if (!vtubers) return
vtubers is not defined. vtubers:{JSON.stringify(vtubers, null, 2)}
- - // const streams = await getStreamsForVtuber(vtubers[0].id); - const streams = await getAllStreams(['missing', 'issue', 'good']); - - if (!streams) return notFound(); - - - // @todo [ ] pagination - // @todo [ ] sortability - return ( - <> - -

Stream Archive

- - - ); -} diff --git a/services/next/app/components/streams-table.tsx b/services/next/app/components/streams-table.tsx deleted file mode 100644 index fd7a2ee..0000000 --- a/services/next/app/components/streams-table.tsx +++ /dev/null @@ -1,287 +0,0 @@ -'use client' -import React from 'react' -import ReactDOM from 'react-dom/client' -import Link from 'next/link' -import { defaultImageBlur } from '../lib/constants' -import { - keepPreviousData, - QueryClient, - useQuery, -} from '@tanstack/react-query' -import { format } from 'date-fns' -import Image from "next/legacy/image" -import { - PaginationState, - useReactTable, - getCoreRowModel, - ColumnDef, - flexRender, -} from '@tanstack/react-table' -import { FontAwesomeIcon } from '@fortawesome/react-fontawesome' -import { faSpinner } from '@fortawesome/free-solid-svg-icons' - -import { fetchStreamData } from '@/app/lib/streams' -import { IStream } from '@futureporn/types' - -const queryClient = new QueryClient() - -function getStatusClass(value: string) { - switch (value) { - case 'issue': - return 'is-warning'; - case 'missing': - return 'is-danger'; - case 'good': - return 'is-success'; - default: - return ''; - } -} - -export default function StreamsTable() { - const rerender = React.useReducer(() => ({}), {})[1] - - // image & name - // title - // platform - // date & time - // archiveStatus - const columns = React.useMemo[]>( - () => [ - { - header: 'VTuber', - accessorFn: d => ({ - displayName: d.vtuber.display_name, - image: d.vtuber.image, - imageBlur: d.vtuber.image_blur - }), - cell: info => { - const { displayName, image, imageBlur } = info.getValue<{ displayName: string, image: string, imageBlur: string }>(); - return ( - <> -
-
-
- {displayName} -
-
-
- {displayName} -
-
- - ) - } - }, - { - header: 'Date', - accessorFn: d => format(new Date(d.date), 'yyyy-MM-dd HH:mm'), - sortingFn: 'datetime', - sortDescFirst: true, - cell: info => ({info.getValue() as string}) - }, - { - header: 'Platform', - accessorFn: d => [ - (d.is_chaturbate_stream && 'CB'), - (d.is_fansly_stream && 'Fansly') - ].filter(Boolean).join(', ') || '???' - }, - { - header: 'Status', - accessorFn: d => { - if (!d.archive_status) return 'missing'; - return d.archive_status - } - }, - // { - // header: 'Name', - // footer: props => props.column.id, - // columns: [ - // { - // accessorKey: 'firstName', - // cell: info => info.getValue(), - // footer: props => props.column.id, - // }, - // { - // accessorFn: row => row.lastName, - // id: 'lastName', - // cell: info => info.getValue(), - // header: () => Last Name, - // footer: props => props.column.id, - // }, - // ], - // }, - ], - [] - ) - - const [pagination, setPagination] = React.useState({ - pageIndex: 0, - pageSize: 50, - }) - - const { data, error, isPending } = useQuery({ - queryKey: ['streams', pagination.pageIndex, pagination.pageSize], - queryFn: () => fetchStreamData(pagination), - placeholderData: keepPreviousData, // don't have 0 rows flash while changing pages/loading next page, - staleTime: 1000, - }, queryClient) - - const defaultData = React.useMemo(() => [], []) - - const table = useReactTable({ - data: data?.rows ?? defaultData, - columns, - // pageCount: dataQuery.data?.pageCount ?? -1, //you can now pass in `rowCount` instead of pageCount and `pageCount` will be calculated internally (new in v8.13.0) - rowCount: data?.rowCount, // new in v8.13.0 - alternatively, just pass in `pageCount` directly - state: { - pagination, - }, - onPaginationChange: setPagination, - getCoreRowModel: getCoreRowModel(), - manualPagination: true, //we're doing manual "server-side" pagination - // getPaginationRowModel: getPaginationRowModel(), // If only doing manual pagination, you don't need this - debugTable: true, - }) - - return ( -
-
- - {isPending && } - {!isPending && <> - - - {table.getHeaderGroups().map(headerGroup => ( - - {headerGroup.headers.map(header => { - return ( - - ) - })} - - ))} - - - {table.getRowModel().rows.map(row => { - return ( - - {row.getVisibleCells().map(cell => { - return ( - - ) - })} - - ) - })} - -
- {header.isPlaceholder ? null : ( -
- {flexRender( - header.column.columnDef.header, - header.getContext() - )} -
- )} -
- {flexRender( - cell.column.columnDef.cell, - cell.getContext() - )} -
- - -
-
- - - - -
-
- Page - - {table.getState().pagination.pageIndex + 1} of{' '}{table.getPageCount().toLocaleString()} - -
-
- - {/* second row with page number input and pages-per-screen select */} -
-
- Go to page: -
-
- { - const page = e.target.value ? Number(e.target.value) - 1 : 0 - table.setPageIndex(page) - }} - className="input" - /> -
-
-
- -
-
-
- } - - - -
- - ) -} diff --git a/services/next/app/components/tag-button.tsx b/services/next/app/components/tag-button.tsx deleted file mode 100644 index dda1ea5..0000000 --- a/services/next/app/components/tag-button.tsx +++ /dev/null @@ -1,8 +0,0 @@ - -import { useState } from 'react'; - -export function TagButton ({ name, selectedTag, setSelectedTag }: { name: string, selectedTag: string | null, setSelectedTag: Function }) { - return ( - - ) -} \ No newline at end of file diff --git a/services/next/app/components/tag.tsx b/services/next/app/components/tag.tsx deleted file mode 100644 index 9d49264..0000000 --- a/services/next/app/components/tag.tsx +++ /dev/null @@ -1,56 +0,0 @@ -'use client'; - -import { ITagVodRelation } from "@/app/lib/tag-vod-relations" -import { isWithinInterval, subHours } from "date-fns"; -import { faTrash } from "@fortawesome/free-solid-svg-icons"; -import { FontAwesomeIcon } from "@fortawesome/react-fontawesome"; -import { useContext, useEffect, useState } from "react"; -import { useRouter } from 'next/navigation'; -import { postgrestLocalUrl } from "@/app/lib/constants"; - -export interface ITagParams { - tvr: ITagVodRelation; -} - - -function isCreatedByMeRecently(userId: number | undefined, tvr: ITagVodRelation) { - if (!userId) return false; - if (userId !== tvr.attributes.creatorId) return false; - const last24H: Interval = { start: subHours(new Date(), 24), end: new Date() }; - if (!isWithinInterval(new Date(tvr.attributes.createdAt), last24H)) return false; - return true; -} - -async function handleDelete(authContext: IUseAuth | null, tvr: ITagVodRelation): Promise { - if (!authContext) return; - const { authData } = authContext; - const res = await fetch(`${postgrestLocalUrl}/api/tag-vod-relations/deleteMine/${tvr.id}`, { - method: 'DELETE', - headers: { - 'Authorization': `Bearer ${authData?.accessToken}`, - 'Content-Type': 'application/json' - } - }) - if (!res.ok) throw new Error(res.statusText) -} - -export function Tag({ tvr }: ITagParams) { - const authContext = useContext(AuthContext); - const router = useRouter() - const [shouldRenderDeleteButton, setShouldRenderDeleteButton] = useState(false); - - useEffect(() => { - setShouldRenderDeleteButton(isCreatedByMeRecently(authContext?.authData?.user?.id, tvr)); - }, [authContext?.authData?.user?.id, tvr]); - - return ( - - {tvr.attributes.tag.name} - {shouldRenderDeleteButton && { - handleDelete(authContext, tvr); router.refresh() - } - } className="tag">} - - ) -} \ No newline at end of file diff --git a/services/next/app/components/tagger.tsx b/services/next/app/components/tagger.tsx deleted file mode 100644 index a42ecea..0000000 --- a/services/next/app/components/tagger.tsx +++ /dev/null @@ -1,241 +0,0 @@ -'use client'; - -import { useState, useCallback, useEffect, useContext } from 'react'; -import { IVod } from '@/app/lib/vods'; -import { FontAwesomeIcon } from "@fortawesome/react-fontawesome"; -import { faPlus, faX, faTags } from "@fortawesome/free-solid-svg-icons"; -import { formatTimestamp } from '@/app/lib/dates'; -import { readOrCreateTagVodRelation } from '@/app/lib/tag-vod-relations'; -import { readOrCreateTag } from '@/app/lib/tags'; -import { debounce } from 'lodash'; -import { postgrestLocalUrl } from '@/app/lib/constants'; -import { VideoContext } from './video-context'; -import { useForm } from "react-hook-form"; -import { ITimestamp, createTimestamp } from '@/app/lib/timestamps'; -import { useRouter } from 'next/navigation'; -import styles from '@/assets/styles/fp.module.css' -import qs from 'qs'; -import { toast } from 'react-toastify'; -import slugify from 'slugify'; - -interface ITaggerProps { - vod: IVod; - setTimestamps: Function; -} - -export interface ITagSuggestion { - id: number; - name: string; - createdAt: string; -} - - -type FormData = { - tagName: string; - isTimestamp: boolean; -}; - - - - - -export function Tagger({ vod, setTimestamps }: ITaggerProps): React.JSX.Element { - return

@todo Tagger

- const { register, setValue, setError, setFocus, handleSubmit, watch, clearErrors, formState: { errors } } = useForm({ - defaultValues: { - tagName: '', - isTimestamp: true - } - }); - const [isEditor, setIsEditor] = useState(false); - const [isAuthed, setIsAuthed] = useState(false); - const [tagSuggestions, setTagSuggestions] = useState([]); - const { authData } = useAuth(); - const { timeStamp, tvrs, setTvrs } = useContext(VideoContext); - const router = useRouter(); - - const request = debounce((value: string) => { - search(value); - }, 300); - - const debounceRequest = useCallback((v: string) => request(v), [request]); - - - // Callback version of watch. It's your responsibility to unsubscribe when done. - useEffect(() => { - const subscription = watch((value, { name, type }) => { - const tagNameValue = value.tagName as string; - if (name === 'tagName' && type === 'change' && value.tagName !== '') debounceRequest(tagNameValue); - }); - return () => subscription.unsubscribe(); - }, [watch, debounceRequest]); - - - useEffect(() => { - if (isEditor) { - setFocus('tagName'); - getRandomSuggestions(); - } - }, [isEditor, setFocus]); - - useEffect(() => { - if (authData?.accessToken) { - setIsAuthed(true); - } - }, [isAuthed, authData]); - - - async function getRandomSuggestions() { - // @todo https://gitea.futureporn.net/futureporn/pm/issues/129 - setTagSuggestions([]) - // const res = await fetch(`${postgrestLocalUrl}/tag/random`); - // const tags = await res.json(); - // setTagSuggestions(tags) - } - - async function search(value: string) { - const query = qs.stringify( - { - filters: { - tags: { - publishedAt: { - $notNull: true - } - } - }, - query: value - } - ) - if (!value) return; - const res = await fetch(`${postgrestLocalUrl}/fuzzy-search/search?${query}`, { - headers: { - 'Authorization': `Bearer ${authData?.accessToken}` - } - }) - const json = await res.json() - if (!res.ok) { - toast('failed to get recomended tags', { type: 'error', theme: 'dark' }); - } else { - setTagSuggestions(json.tags) - } - } - - - async function onError(errors: any) { - console.error('submit handler encoutnered an error'); - console.error(errors); - toast('there was an error'); - } - - async function onSubmit(values: { tagName: string, isTimestamp: boolean }) { - if (!authData?.accessToken) { - toast('must be logged in', { type: 'error', theme: 'dark' }); - return - } - try { - - const tag = await readOrCreateTag(authData.accessToken, slugify(values.tagName)); - if (!tag) throw new Error(`readOrCreateTag failed`); - - - const tvr = await readOrCreateTagVodRelation(authData.accessToken, tag.id, vod.id); - console.log(`now we check to see if we have a TVR`); - console.log(tvr) - - if (values.isTimestamp) { - console.log(`user specified that we must create a timestamp`); - const timestamp = await createTimestamp(authData, tag.id, vod.id, timeStamp); - console.log(timestamp) - if (!timestamp) throw new Error(`failed to create timestamp`) - setTimestamps((prevTimestamps: ITimestamp[]) => [...prevTimestamps, timestamp]); - } - - setValue('tagName', ''); - router.refresh(); - } catch (e) { - toast(`${e}`, { type: 'error', theme: 'dark' }); - } - } - - // if (!isAuthed) { - // return <> - // } else { - if (isEditor) { - return ( -
- - -
-

Tagger

- -
-
-
-
- - -
-
- Suggestions - {tagSuggestions.length > 0 && tagSuggestions.map((tag: ITagSuggestion) => ())} -
-
- -
- -
- {(!!errors?.root?.serverError) &&
{errors.root.serverError.message}
} - - -
-
-
-
- ) - } else { - return ( - - ); - } - // } - - -} diff --git a/services/next/app/components/thumbnail.tsx b/services/next/app/components/thumbnail.tsx deleted file mode 100644 index a64aeb0..0000000 --- a/services/next/app/components/thumbnail.tsx +++ /dev/null @@ -1,24 +0,0 @@ -'use client' -import LinkableHeading from "./linkable-heading" -import Image from "next/legacy/image" -import { useState } from "react" -import styles from '@/assets/styles/fp.module.css' - - -export default function Thumbnail({url}: { url: string }) { - const [isBig, setIsBig] = useState(false) - - return ( -
- setIsBig(!isBig)} - src={url} - alt="A composite image showing several frames from the source video" - width={(isBig) ? 1920 : 192} - height={(isBig) ? 1080 : 108} - quality={(isBig) ? 100 : 75} - > -
- ) -} \ No newline at end of file diff --git a/services/next/app/components/timestamps-list.tsx b/services/next/app/components/timestamps-list.tsx deleted file mode 100644 index 6bf09c1..0000000 --- a/services/next/app/components/timestamps-list.tsx +++ /dev/null @@ -1,68 +0,0 @@ -import React, { useContext, useState, useEffect } from "react"; -import { IVod } from "@/app/lib/vods"; -import { - ITimestamp, - deleteTimestamp -} from "@/app/lib/timestamps"; -import { - formatTimestamp, - formatUrlTimestamp, -} from "@/app/lib/dates"; -import Link from 'next/link'; -import { faClock, faLink, faTrash } from "@fortawesome/free-solid-svg-icons"; -import { FontAwesomeIcon } from "@fortawesome/react-fontawesome"; -import { isWithinInterval, subHours, Interval } from 'date-fns'; -import { useRouter } from 'next/navigation'; - -export interface ITimestampsProps { - vod: IVod; - timestamps: ITimestamp[]; - setTimestamps: Function; -} - -function isCreatedByMeRecently(authData: any, ts: ITimestamp) { - if (!authData?.user) return false; - if (authData.user.id !== ts.creator_id) return false; - const last24H: Interval = { start: subHours(new Date(), 24), end: new Date() }; - return isWithinInterval(new Date(ts.created_at), last24H); -} - - -export function TimestampsList({ vod, timestamps, setTimestamps }: ITimestampsProps): React.JSX.Element { - // const throttledTimestampFetch = throttle(getRawTimestampsForVod); - - - const hasTimestamps = timestamps.length > 0; - - return ( -
- - {hasTimestamps && ( - timestamps.map((ts: ITimestamp) => ( -

- {JSON.stringify(ts, null, 2)}


- - {formatTimestamp(ts.time)} - {' '} - {/* {ts.tag.name} */} - {isCreatedByMeRecently({}, ts) && ( - - )} -

- )) - )} - - {!hasTimestamps &&

This VOD has no timestamps

} -
- ); -} diff --git a/services/next/app/components/toys.tsx b/services/next/app/components/toys.tsx deleted file mode 100644 index 1739f78..0000000 --- a/services/next/app/components/toys.tsx +++ /dev/null @@ -1,80 +0,0 @@ -import React from 'react'; -import { IToy, IToysResponse } from '@/app/lib/toys'; -import { IVtuber } from '@futureporn/types'; -import Link from 'next/link'; -import Image from "next/legacy/image"; - -export interface IToyProps { - toy: IToy; -} - -export interface IToysListsProps { - vtuber: IVtuber; - toys: IToysResponse; - page: number; - pageSize: number; -} - -// interface VodsListProps { -// vtuber: IVtuber; -// vods: IVods; -// page: number; -// pageSize: number; -// } - - - -export function ToysListHeading({ slug, displayName }: { slug: string, displayName: string }): React.JSX.Element { - return ( -
-

- {displayName}'s Toys -

-
- ) -} - -// export interface IToy { -// id: number; -// tags: ITag[]; -// linkTag: ITag; -// make: string; -// model: string; -// aspectRatio: string; -// image2: string; -// } - -export function ToyItem({ toy }: IToyProps) { - const displayName = `${toy.attributes.make} ${toy.attributes.model}`; - // if (!toy?.linkTag) return
toy.linkTag is missing which is a problem
- return ( -
- - -
- {displayName} -
-

{toy.attributes.model}

- -
- ); -}; - -export function ToysList({ vtuber, toys, page = 1, pageSize = 24 }: IToysListsProps) { - return ( -
- {/* 
{JSON.stringify(toys, null, 2)} toys:{toys.data.length} page:{page} pageSize:{pageSize}
*/} -
- {toys.data.map((toy: IToy) => ( - //

{JSON.stringify(toy, null, 2)}

- - ))} -
-
- ) -}; diff --git a/services/next/app/components/upload-form.tsx b/services/next/app/components/upload-form.tsx deleted file mode 100644 index 25fbc46..0000000 --- a/services/next/app/components/upload-form.tsx +++ /dev/null @@ -1,457 +0,0 @@ -'use client'; - - -import { IVtuber } from "@futureporn/types"; -import { useSearchParams } from 'next/navigation'; -import React from 'react'; -import AwsS3 from '@uppy/aws-s3'; -import RemoteSources from '@uppy/remote-sources'; -import { Dashboard } from '@uppy/react'; -import styles from '@/assets/styles/fp.module.css' -import { projektMelodyEpoch } from "@/app/lib/constants"; -import add from "date-fns/add"; -import sub from "date-fns/sub"; -import { FontAwesomeIcon } from "@fortawesome/react-fontawesome"; -import { faEraser, faInfoCircle, faPaperPlane, faSpinner, faUpload, faX, faXmark } from "@fortawesome/free-solid-svg-icons"; -import { useForm, ValidationMode } from 'react-hook-form'; -import { yupResolver } from '@hookform/resolvers/yup'; -import * as Yup from 'yup'; -import { toast } from "react-toastify"; -import { ErrorMessage } from "@hookform/error-message" -import Uppy from '@uppy/core'; -import { companionUrl } from '@/app/lib/constants'; - - - -interface IUploadFormProps { - vtubers: IVtuber[]; -} - -interface IValidationResults { - valid: boolean; - issues: string[] | null; -} - -interface IFormSchema extends Yup.InferType { }; - - -const validationSchema = Yup.object().shape({ - vtuber: Yup.number() - .required('VTuber is required'), - streamCuid: Yup.string().optional(), - date: Yup.date() - .typeError('Invalid date') // https://stackoverflow.com/a/72985532/1004931 - .min(sub(projektMelodyEpoch, { days: 1 }), 'Date must be after February 7 2020') - .max(add(new Date(), { days: 1 }), 'Date cannot be in the future') - .required('Date is required'), - notes: Yup.string().optional(), - attribution: Yup.boolean().optional(), - files: Yup.array() - .of( - Yup.object().shape({ - key: Yup.string().required('key is required'), - uploadId: Yup.string().required('uploadId is required') - }), - ) - .min(1, 'At least one file is required'), -}); - - - -export default function UploadForm({ vtubers }: IUploadFormProps) { - const searchParams = useSearchParams(); - const cuid = searchParams.get('cuid'); - - return ( -
-
-
-
- VOD Uploading -
-
- -

Coming soon, patrons will be able to upload VODs to Futureporn's archive. Together we can achieve 100% archival!

-
-
-
-
- ) - - // const uppy = new Uppy( - // { - // autoProceed: true, - // debug: true, - // logger: { - // debug: console.info, - // warn: console.log, - // error: console.error - // }, - // } - // ) - // .use(RemoteSources, { - // companionUrl, - // sources: [ - // 'GoogleDrive', - // 'Dropbox', - // 'Url' - // ] - // }) - // .use(AwsS3, { - // companionUrl, - // shouldUseMultipart: true, - // abortMultipartUpload: () => {}, // @see https://github.com/transloadit/uppy/issues/1197#issuecomment-491756118 - // companionHeaders: { - // 'authorization': `Bearer ${authData?.accessToken}` - // } - // }) - - - - const formOptions = { - resolver: yupResolver(validationSchema), - mode: 'onChange' as keyof ValidationMode, - }; - const { - register, - handleSubmit, - setError, - clearErrors, - formState: { - errors, - isValid, - isSubmitted, - isSubmitSuccessful, - isSubmitting - }, - setValue, - watch, - reset - } = useForm(formOptions); - - - // useEffect(() => { - // if (!cuid) return; - // (async () => { - // console.log('query') - // const query = qs.stringify({ - // filters: { - // cuid: { - // '$eq': cuid - // } - // } - // }); - // const res = await fetch(`${process.env.NEXT_PUBLIC_STRAPI_URL}/streams?${query}`); - // if (!res.ok) return; - // const matchingStream = (await res.json()).data as IStream; - // console.log(matchingStream); - // setValue('vtuber', matchingStream.attributes.vtuber.data.id); - // })(); - // }, [cuid]); - - // setValue('streamCuid', cuid||''); - const files = watch('files'); - - - - async function createUSC(data: IFormSchema) { - try { - const res = await fetch(`${process.env.NEXT_PUBLIC_STRAPI_URL}/user-submitted-contents/createFromUppy`, { - method: 'POST', - headers: { - 'authorization': `Bearer ${authData?.accessToken}`, - 'content-type': 'application/json', - 'accept': 'application/json' - }, - body: JSON.stringify({ - data: { - files: data.files, - attribution: data.attribution, - notes: data.notes, - vtuber: data.vtuber, - date: data.date, - streamCuid: cuid - } - }) - }); - - if (!res.ok) { - console.error('failed to fetch /user-submitted-contents/createFromUppy'); - const body = await res.json(); - const error = body.error; - toast.error(`${error.type} ${error.message}`, { theme: 'dark' }); - - setError('root.serverError', { - type: error.type, - message: error.message - }) - } - } catch (e) { - if (e instanceof Error) { - toast.error(`${e.message}`, { theme: 'dark' }); - setError('root.serverError', { - type: "remote", - message: e.message, - }); - } else { - toast.error(`Something went wrong. Please try again.`, { theme: 'dark' }); - setError('root.serverError', { - type: 'remote', - message: 'Something went wrong. Please try again.' - }) - } - } - } - - - uppy.on('complete', async (result: any) => { - for (const s of result.successful) { - if (!s?.s3Multipart) { - const m = 'file was missing s3Multipart' - toast.error(`${m}`, { theme: 'dark' }); - setError('root.serverError', { - type: 'remote', - message: m - }) - throw new Error(m) - } - } - console.log('uppy complete! ') - console.log(result) - toast.success(`upload complete`); - let files = result.successful.map((f: any) => ({ key: f.s3Multipart.key, uploadId: f.s3Multipart.uploadId })); - setValue('files', files); - }); - - - return ( - <> - -
-

Upload VOD

- -

Together we can archive all lewdtuber livestreams!

- - {(!authData?.accessToken) - ? - <> - - - - : ( - - - -
-
- - - {(!isSubmitSuccessful) &&
-
-
-

- Step 1 -

-

- Upload the file -

-
-
-
- - - {/* - Here is how we upload the files to the server. - From uppy, we get a list of files. - we add the files to a hidden input box. - the input box is part of the form which gets POSTed. - */} - - - - - - {errors.files &&

{errors.files.message?.toString()}

} - -
-
} - - {(!isSubmitSuccessful) &&
- {/* {(!cuid) && } */} - -
-
-

- Step 2 -

-

- Tell us about the VOD -

-
-
- -
- - - - {/* */} - - -
- -
- -
-

Choose the VTuber this VOD belongs to. (More VTubers will be added when storage/bandwidth funding is secured.)

- {errors.vtuber &&

vtuber error

} - -
- -
- - setDate(evt.target.value)} - > -

The date when the VOD was originally streamed.

- {errors.date &&

{errors.date.message?.toString()}

} - -
- -
- - -

If there are any issues with the VOD, put a note here. If there are no VOD issues, leave this field blank.

-
- -
- - -
- -
- -
} - - -
-
-
-

- Step 3 -

-

- Send the form -

-
-
-
- - - - - {errors.root?.serverError && ( -
- - -
- )} - - - - {!isSubmitSuccessful && ( - - )} - - {isSubmitting && ( -

- -

- )} - {isSubmitSuccessful && ( - <> - - - - )} - - - -
-
- -
-
- - - ) - } - -
- - - ) - -} diff --git a/services/next/app/components/user-controls.tsx b/services/next/app/components/user-controls.tsx deleted file mode 100644 index 6a76717..0000000 --- a/services/next/app/components/user-controls.tsx +++ /dev/null @@ -1,230 +0,0 @@ -'use client'; - -import React, { useState } from 'react'; -import { patreonQuantumSupporterId } from '../lib/constants'; -import { FontAwesomeIcon } from "@fortawesome/react-fontawesome"; -import { faSave, faTimes, faCheck } from "@fortawesome/free-solid-svg-icons"; -import Skeleton from 'react-loading-skeleton'; - -interface IArchiveSupporterProps { - isNamePublic: boolean; - setIsNamePublic: Function; -} - -interface ISaveButtonProps { - isDirty: boolean; - isLoading: boolean; - isSuccess: boolean; - isNamePublic: boolean; - isLinkPublic: boolean; - vanityLink: string; - setVanityLink: Function; - setIsLoading: Function; - setIsSuccess: Function; - setIsDirty: Function; - setAuthData: Function; - errors: String[]; - setErrors: Function; -} - -interface IQuantumSupporterProps { - isLinkPublic: boolean; - hasUrlBenefit: boolean; - setIsLinkPublic: Function; - vanityLink: string; - setVanityLink: Function; -} - - -export default function UserControls() { - const [isLoading, setIsLoading] = useState(false); - const [isSuccess, setIsSuccess] = useState(false); - const [isDirty, setIsDirty] = useState(false); - const [isNamePublic, setIsNamePublic] = useState(false); - const [isLinkPublic, setIsLinkPublic] = useState(false); - const [errors, setErrors] = useState([]) - const [vanityLink, setVanityLink] = useState('') - - return

@todo user-controls.tsx

- const { authData, setAuthData } = useAuth() - - - if (!authData) return

Loading...

- - - const hasUrlBenefit = (authData?.user?.patreonBenefits) ? authData.user.patreonBenefits.split(' ').includes(patreonQuantumSupporterId) : false; - - return ( -
-
-

Patron Perks

- - - - - - -
-
- ); -}; - - -export function SaveButton({ - isDirty, - setIsDirty, - isLoading, - setIsLoading, - setIsSuccess, - isSuccess, - isNamePublic, - isLinkPublic, - vanityLink, - setVanityLink, - setAuthData, - errors, - setErrors, -}: ISaveButtonProps) { - return

@todo user-controls.tsx

- const { authData } = useAuth(); - const handleClick = async () => { - if (!authData?.user) return; - try { - setIsLoading(true); - - const response = await fetch(`${postgrestLocalUrl}/profile/${authData.user.id}`, { - method: 'PUT', - headers: { - 'Content-Type': 'application/json', - 'Authorization': `Bearer ${authData.accessToken}` - }, - body: JSON.stringify({ - isNamePublic, - isLinkPublic, - vanityLink - }) - }); - - setIsLoading(false); - setIsDirty(true); - - if (!response.ok) { - setIsSuccess(false); - } else { - setIsSuccess(true); - - // Update authData if needed - const updatedAuthData = { ...authData }; - if (!updatedAuthData?.user) return; - updatedAuthData.user.vanityLink = vanityLink; - updatedAuthData.user.isNamePublic = isNamePublic; - updatedAuthData.user.isLinkPublic = isLinkPublic; - setAuthData(updatedAuthData); - } - } catch (error) { - if (error instanceof Error) { - setErrors(errors.concat([error.message])) - } - } - }; - - - return ( - - ) -} - -export function Thanks() { - return

Thank you so much for supporting Futureporn!

-} - -export function QuantumSupporterPerks({ isLinkPublic, setIsLinkPublic, setVanityLink, vanityLink, hasUrlBenefit }: IQuantumSupporterProps) { - const { authData } = useAuth() - - return ( -
- -
- -
-
- setVanityLink(e.target.value)} - /> -
- -
- ) -} - -export function AdvancedArchiveSupporterPerks() { - -} - -export function ArchiveSupporterPerks({ isNamePublic, setIsNamePublic }: IArchiveSupporterProps) { - const { authData } = useAuth() - - return ( -
- -
- -
-
- ) -} \ No newline at end of file diff --git a/services/next/app/components/user-metadata.tsx b/services/next/app/components/user-metadata.tsx deleted file mode 100644 index 60ead00..0000000 --- a/services/next/app/components/user-metadata.tsx +++ /dev/null @@ -1,37 +0,0 @@ -import { FontAwesomeIcon } from "@fortawesome/react-fontawesome" -import { faCheckCircle, faSpinner, faXmarkCircle } from "@fortawesome/free-solid-svg-icons" -import { useMetadata, useMutateMetadata } from "../profile/hooks/useMetadata" -import { useState, useEffect } from 'react' - -export default function UserMetadata() { - - - const { status, data, error, isFetching, isPending } = useMetadata() - const mutateMetadata = useMutateMetadata() - - - const username = `${data?.metadata?.first_name || ''} ${data?.metadata?.last_name || ''}`.trim(); - const { metadata } = data || {}; - - const [ isUsernamePublic, setIsUsernamePublic ] = useState(metadata?.isUsernamePublic || false) - useEffect(() => { - mutateMetadata.mutate({ isUsernamePublic }) - }, [ isUsernamePublic ]) - - return ( - <> - - {isPending && } - -
- Display {username} publicly? - setIsUsernamePublic(evt.target.checked)}/> - {(mutateMetadata.status === 'success') && } - {(mutateMetadata.status === 'pending') && } - {(mutateMetadata.status === 'error') && } -
- - ) -} - - diff --git a/services/next/app/components/vibrate-test.tsx b/services/next/app/components/vibrate-test.tsx deleted file mode 100644 index 2eccfa8..0000000 --- a/services/next/app/components/vibrate-test.tsx +++ /dev/null @@ -1,29 +0,0 @@ -'use client'; - -import { useVibrate } from '@react-hookz/web'; -import { useState } from 'react'; -import { FontAwesomeIcon } from '@fortawesome/react-fontawesome'; -import { faStop, faPlay } from '@fortawesome/free-solid-svg-icons'; - -export default function VibrateTest() { - const [doVibrate, setDoVibrate] = useState(false) - - useVibrate( - doVibrate, - [100, 30, 100, 30, 100, 30, 200, 30, 200, 30, 200, 30, 100, 30, 100, 30, 100], - true - ); - return ( - <> -

This experimental test is meant to activate your device's vibration.

- - - ) -} \ No newline at end of file diff --git a/services/next/app/components/video-context.tsx b/services/next/app/components/video-context.tsx deleted file mode 100644 index 97c5599..0000000 --- a/services/next/app/components/video-context.tsx +++ /dev/null @@ -1,55 +0,0 @@ - -import { createContext } from "react"; -import { ITagVodRelation } from "@/app/lib/tag-vod-relations"; - -export interface IVideoContextValue { - timeStamp: number; - setTimeStamp: Function; - tvrs: ITagVodRelation[]; - setTvrs: Function; -} - -// const defaultContextValue = { -// timeStamp: 3, -// setTimeStamp: () => null, -// ref: null, -// } - -export const VideoContext = createContext({} as IVideoContextValue); - - -// export function VideoContextProvider({ children }: IAuthContextProps): React.JSX.Element { -// const { value: authData, set: setAuthData } = useLocalStorageValue('authData', { -// defaultValue: null, -// }); - -// const { value: lastVisitedPath, set: setLastVisitedPath } = useLocalStorageValue('lastVisitedPath', { -// defaultValue: '/profile', -// initializeWithValue: false, -// }); -// const router = useRouter(); - -// const login = async () => { -// const currentPath = window.location.pathname; -// setLastVisitedPath(currentPath); -// router.push(`${postgrestLocalUrl}/connect/patreon`); -// }; - -// const logout = () => { -// setAuthData({ accessToken: null, user: null }); -// }; - -// return ( -// -// {children} -// -// ); -// } \ No newline at end of file diff --git a/services/next/app/components/video-interactive.tsx b/services/next/app/components/video-interactive.tsx deleted file mode 100644 index 5d21819..0000000 --- a/services/next/app/components/video-interactive.tsx +++ /dev/null @@ -1,149 +0,0 @@ -'use client'; - -import { IVod } from "@/app/lib/vods"; -import { useRef, useState, useEffect, useCallback } from "react"; -import { VideoPlayer } from "./video-player"; -import { Tagger } from './tagger'; -import { ITimestamp, getTimestampsVodLinksForVod } from "@/app/lib/timestamps"; -import { TimestampsList } from "./timestamps-list"; -import { ITagVodRelation } from "@/app/lib/tag-vod-relations"; -import { VideoContext } from "./video-context"; -import { getVodTitle } from "./vod-page"; -import { useSearchParams } from 'next/navigation'; -import type VideoApiElement from "@mux/mux-player"; -import { parseUrlTimestamp } from "@/app/lib/dates"; -import { faTags, faNoteSticky, faClock } from "@fortawesome/free-solid-svg-icons"; -import { Tag } from './tag'; -import VodNav from './vod-nav'; -import LinkableHeading from "./linkable-heading"; - - -export interface IVideoInteractiveProps { - vod: IVod; -} - - -function secondsToHumanReadable(timestampInSeconds: number): string { - const hours = Math.floor(timestampInSeconds / 3600); - const minutes = Math.floor((timestampInSeconds % 3600) / 60); - const seconds = timestampInSeconds % 60; - - return `${hours}h${minutes}m${seconds}s`; -} - - -function humanReadableTimestampToSeconds(timestamp: string): number | null { - const parts = timestamp.split(':'); - - if (parts.length !== 3) { - // Invalid format, return null or throw an error as appropriate - return null; - } - - const hours = parseInt(parts[0], 10); - const minutes = parseInt(parts[1], 10); - const seconds = parseInt(parts[2], 10); - - if (isNaN(hours) || isNaN(minutes) || isNaN(seconds)) { - // Invalid numeric values, return null or throw an error as appropriate - return null; - } - - const totalSeconds = hours * 3600 + minutes * 60 + seconds; - - return totalSeconds; -} - - - - -export function VideoInteractive({ vod }: IVideoInteractiveProps): React.JSX.Element { - - const [timeStamp, setTimeStamp] = useState(0); - const [tvrs, setTvrs] = useState([]); - const [isPlayerReady, setIsPlayerReady] = useState(false); - const [timestamps, setTimestamps] = useState([]); - const [currentTsPage, setCurrentTsPage] = useState(1); - - const getTimestampPage = useCallback(async (page: number) => { - const timestamps = await getTimestampsVodLinksForVod(vod.id, page); - setTimestamps(timestamps); - }, [vod.id, setTimestamps]); // IGNORE TS LINTER! DO NOT PUT timestamps HERE! IT CAUSES SELF-DDOS! - - const ref = useRef(null); - const searchParams = useSearchParams(); - const t = searchParams.get('t'); - - - - useEffect(() => { - getTimestampPage(currentTsPage); - }, [vod.id, getTimestampPage, currentTsPage]); - - useEffect(() => { - if (!t) return; - if (!ref?.current) return; - const videoRef = ref.current as VideoApiElement; - const seconds = parseUrlTimestamp(t) - if (seconds === null) return; - videoRef.currentTime = seconds; - }, [t, isPlayerReady, ref]) - - - return ( - - - - -

- {getVodTitle(vod)} -

- - -
- {vod.note && ( - <> - -
{vod.note}
- - )} - - - 
-                    
-                        {JSON.stringify(vod, null, 2)}
-                    
-
-
- { - (!vod?.tag_vod_relations || vod.tag_vod_relations.length === 0) - ?

This vod has no tags

- : - vod.tag_vod_relations.map((tvr: ITagVodRelation) => ( - - )) - } - {/* */} -
- - 
-                        
-                            {JSON.stringify(timestamps, null, 2)}
-                        
-
- - -
- - - ) -} \ No newline at end of file diff --git a/services/next/app/components/video-player.tsx b/services/next/app/components/video-player.tsx deleted file mode 100644 index e467371..0000000 --- a/services/next/app/components/video-player.tsx +++ /dev/null @@ -1,145 +0,0 @@ -'use client'; - -import { useEffect, useState, forwardRef, useContext, Ref } from 'react'; -import { IVod } from '@/app/lib/vods'; -import { getVodTitle } from './vod-page'; -import { VideoSourceSelector } from '@/app/components/video-source-selector' -import { buildIpfsUrl } from '@/app/lib/ipfs'; -import { postgrestLocalUrl } from '@/app/lib/constants'; -import MuxPlayer from '@mux/mux-player-react/lazy'; -import { VideoContext } from './video-context'; -import MuxPlayerElement from '@mux/mux-player'; -import type VideoApiElement from "@mux/mux-player"; - -interface IPlayerProps { - vod: IVod; - setIsPlayerReady: Function; -} - -interface ITokens { - playbackToken: string; - storyboardToken: string; - thumbnailToken: string; -} - -async function getMuxPlaybackTokens(playback_id: string, jwt: string): Promise { - const res = await fetch(`${postgrestLocalUrl}/api/mux-asset/secure?id=${playback_id}`, { - headers: { - 'Authorization': `Bearer ${jwt}` - } - }) - const json = await res.json() - - return { - playbackToken: json.playbackToken, - storyboardToken: json.storyboardToken, - thumbnailToken: json.thumbnailToken - } -} - -function hexToRgba(hex: string, alpha: number) { - const r = parseInt(hex.slice(1, 3), 16); - const g = parseInt(hex.slice(3, 5), 16); - const b = parseInt(hex.slice(5, 7), 16); - return `rgba(${r}, ${g}, ${b}, ${alpha})`; -} - - - -export const VideoPlayer = forwardRef(function VideoPlayer( props: IPlayerProps, ref: Ref ): React.JSX.Element { - const { vod, setIsPlayerReady } = props - const title: string = getVodTitle(vod); - - const [selectedVideoSource, setSelectedVideoSource] = useState(''); - const [isEntitledToCDN, setIsEntitledToCDN] = useState(false); - const [hlsSource, setHlsSource] = useState(''); - const [isClient, setIsClient] = useState(false); - const [playback_id, setplayback_id] = useState(''); - const [src, setSrc] = useState(''); - const [tokens, setTokens] = useState({}); - const { setTimeStamp } = useContext(VideoContext); - - - - useEffect(() => { - setIsClient(true); - const playback_id = vod?.mux_asset?.playback_id; - - - if (selectedVideoSource === 'Mux') { - if (!!token && !!playback_id) { - try { - getMuxPlaybackTokens(vod.mux_asset.playback_id, token) - .then((tokens) => { - setTokens({ - playback: tokens.playbackToken, - storyboard: tokens.storyboardToken, - thumbnail: tokens.thumbnailToken - }) - setHlsSource(vod.mux_asset.playback_id) - setplayback_id(vod.mux_asset.playback_id) - }); - } - - catch (e) { - console.error(e) - } - } - } else if (selectedVideoSource === 'B2') { - if (!vod.s3_file) return; // This shouldn't happen because videoSourceSelector won't choose B2 if there is no b2. This return is only for satisfying TS - setHlsSource(vod.s3_file.cdn_url); - setplayback_id(''); - setSrc(vod.s3_file.cdn_url); - } - }, [selectedVideoSource, vod, setHlsSource]); - - - if (!isClient) return <> - - - return ( - <> - { - setIsPlayerReady(true)} - } - ref={ref} - preload="auto" - crossOrigin="*" - loading="viewport" - playback_id={playback_id} - src={src} - tokens={tokens} - primaryColor="#FFFFFF" - metadata={{ - video_title: getVodTitle(vod) - }} - - streamType="on-demand" - onTimeUpdate={(evt) => { - const muxPlayer = evt.target as VideoApiElement - const { currentTime } = muxPlayer; - setTimeStamp(currentTime) - }} - muted - > - - {/* {vod?.attributes?.videoSrcB2?.data?.attributes?.cdn_url && (<> -

CDN2

- - )} */} - - - {/* */} - - ) -}) \ No newline at end of file diff --git a/services/next/app/components/video-source-selector.tsx b/services/next/app/components/video-source-selector.tsx deleted file mode 100644 index 408fe24..0000000 --- a/services/next/app/components/video-source-selector.tsx +++ /dev/null @@ -1,142 +0,0 @@ -'use client'; -import { FontAwesomeIcon } from "@fortawesome/react-fontawesome" -import { faPatreon } from "@fortawesome/free-brands-svg-icons"; -import { faGlobe, faTriangleExclamation } from "@fortawesome/free-solid-svg-icons"; -import { useState, useEffect } from 'react'; - -interface IVSSProps { - isMux: boolean; - isB2: boolean; - isIPFSSource: boolean; - isIPFS240: boolean; - isEntitledToCDN: boolean; - setSelectedVideoSource: (option: string) => void; - selectedVideoSource: string; -} - -export function VideoSourceSelector({ - isMux, - isB2, - isIPFSSource, - isIPFS240, - isEntitledToCDN, - selectedVideoSource, - setSelectedVideoSource, -}: IVSSProps): React.JSX.Element { - - // Check for user's entitlements and saved preference when component mounts - useEffect(() => { - // Function to determine the best video source based on entitlements and preferences - const determineBestVideoSource = () => { - if (isEntitledToCDN) { - if (selectedVideoSource === 'Mux' && isMux) { - return 'Mux'; - } - } - - // if the user has B2 as their preference or they have no preference, use B2 - if (selectedVideoSource === 'B2' || !selectedVideoSource) { - return 'B2' - } - - // use IPFS only if the user has opted to use it - if (selectedVideoSource === 'IPFSSource' && isIPFSSource) { - return 'IPFSSource'; - } else if (isIPFS240) { - return 'IPFS240'; - } - // If no sources are available, return an empty string - return ''; - }; - - // If selectedVideoSource is unset, find the value to use - if (selectedVideoSource === '') { - // Load the user's saved preference from storage (e.g., local storage) - const savedPreference = localStorage.getItem('videoSourcePreference'); - - // Check if the saved preference is valid based on entitlements and available sources - if (savedPreference === 'Mux' && isMux && isEntitledToCDN) { - setSelectedVideoSource('Mux'); - } else if (savedPreference === 'B2') { - setSelectedVideoSource('B2'); - } else if (savedPreference === 'IPFSSource') { - setSelectedVideoSource('IPFSSource'); - } else if (savedPreference === 'IPFS240') { - if (isIPFS240) { - setSelectedVideoSource('IPFS240'); - } else { - setSelectedVideoSource('IPFSSource'); - } - } else { - // Determine the best video source if the saved preference is invalid or not available - const bestSource = determineBestVideoSource(); - setSelectedVideoSource(bestSource); - } - } - - - }, [isMux, isB2, isIPFSSource, isIPFS240, isEntitledToCDN, selectedVideoSource, setSelectedVideoSource]); - - // Handle button click to change the selected video source - const handleSourceClick = (source: string) => { - if ( - (source === 'Mux' && isMux && isEntitledToCDN) || - (source === 'B2' && isB2) || - (source === 'IPFSSource') || - (source === 'IPFS240') - ) { - setSelectedVideoSource(source); - // Save the user's preference to storage (e.g., local storage) - localStorage.setItem('videoSourcePreference', source); - } - }; - - return ( - <> -
- -
- - ) -} \ No newline at end of file diff --git a/services/next/app/components/vod-card.tsx b/services/next/app/components/vod-card.tsx deleted file mode 100644 index ea653fe..0000000 --- a/services/next/app/components/vod-card.tsx +++ /dev/null @@ -1,70 +0,0 @@ -import Link from "next/link"; -import { getSafeDate } from '@/app/lib/dates'; -import { IVtuber } from '@futureporn/types'; -import Image from "next/legacy/image" -import { LocalizedDate } from '@/app/components/localized-date' -import Skeleton from "react-loading-skeleton"; - -interface IVodCardProps { - id: number; - title: string; - date: string; - muxAsset: string | undefined; - thumbnail: string | undefined; - vtuber: IVtuber; -} - - -export default function VodCard({ id, title, date, muxAsset, thumbnail = 'https://futureporn-b2.b-cdn.net/default-thumbnail.webp', vtuber }: IVodCardProps) { - - - // return (

@todo W VodCard

) - - if (!vtuber?.slug) return ( -
-
-
-
VOD {id} is missing VTuber.slug
-
-
-
- ) - - - return ( -
-
- -
- {thumbnail && -
- {title} -
- } - {!thumbnail &&

missing thumbnail

} -
-
-

{vtuber.display_name}

- -

{title}

-
- -
-
- - ) -} - - - - - diff --git a/services/next/app/components/vod-nav.tsx b/services/next/app/components/vod-nav.tsx deleted file mode 100644 index 7c21383..0000000 --- a/services/next/app/components/vod-nav.tsx +++ /dev/null @@ -1,76 +0,0 @@ -'use client'; - -import { faVideo, faExternalLinkAlt, faShareAlt } from "@fortawesome/free-solid-svg-icons"; -import { faXTwitter } from '@fortawesome/free-brands-svg-icons'; -import { FontAwesomeIcon } from "@fortawesome/react-fontawesome"; -import Image from "next/legacy/image"; -import Link from 'next/link'; -import { IVod } from '@/app/lib/vods'; -import { buildIpfsUrl } from '@/app/lib/ipfs'; -import { getSafeDate } from "@/app/lib/dates"; -import { StreamButton } from '@/app/components/stream-button'; -import VtuberButton from "./vtuber-button"; -import { LocalizedDate } from "./localized-date"; - -export function getDownloadLink(cid: string, safeDate: string, slug: string, quality: string) { - return buildIpfsUrl(`${cid}?filename=${slug}-${safeDate}-${quality}.mp4`) -} - - -export interface IVodNavProps { - vod: IVod; -} - -export default function VodNav ({ vod }: IVodNavProps) { - const safeDate = getSafeDate(vod.date_2); - return ( - - ) -} \ No newline at end of file diff --git a/services/next/app/components/vod-page-2.tsx b/services/next/app/components/vod-page-2.tsx deleted file mode 100644 index e2c1de8..0000000 --- a/services/next/app/components/vod-page-2.tsx +++ /dev/null @@ -1,61 +0,0 @@ -import { IVod } from "@futureporn/types"; -import Link from "next/link"; -import { FontAwesomeIcon } from "@fortawesome/react-fontawesome"; -import { faChevronLeft, faChevronRight } from "@fortawesome/free-solid-svg-icons"; -import { getNextVod, getPreviousVod, getUrl } from "../lib/vods"; -import { getLocalizedDate } from "../lib/vods"; -import Footer from "./footer"; - -export default async function VodPage2 ({ vod }: { vod: IVod }) { - - // use vod 337 for prototyping, because 337 has both timestamps and tags. - - const nextVod = await getNextVod(vod) - const previousVod = await getPreviousVod(vod) - const slug = vod.vtuber.slug - - return ( - <> -

VodPage2

-

@todo insert video player here

-

@todo insert title here

-

@todo insert notes

-

@todo insert tags here

-

@todo insert timestamps here

- - - ) -} - diff --git a/services/next/app/components/vod-page.tsx b/services/next/app/components/vod-page.tsx deleted file mode 100644 index 7e9a61e..0000000 --- a/services/next/app/components/vod-page.tsx +++ /dev/null @@ -1,106 +0,0 @@ -import { getUrl, getNextVod, getPreviousVod, getLocalizedDate } from '@/app/lib/vods'; -import { IVod } from '@/app/lib/vods'; -import Link from 'next/link'; -import { VideoInteractive } from './video-interactive'; -import { FontAwesomeIcon } from '@fortawesome/react-fontawesome'; -import { faChevronLeft, faChevronRight, faGlobe, faImage, faLink } from "@fortawesome/free-solid-svg-icons"; -import { notFound } from 'next/navigation'; -import { IpfsCid } from './ipfs-cid'; -import LinkableHeading from './linkable-heading'; -import Image from "next/legacy/image"; -import Thumbnail from './thumbnail'; - -export function getVodTitle(vod: IVod): string { - // console.log('lets getVodTitle, ey?') - // console.log(JSON.stringify(vod, null, 2)) - return vod.title || vod.announce_title || `VOD ${vod.id}` - // return vod.title || vod.announceTitle || (vod?.date2 && vod?.vtuber?.display_name) ? `${vod.vtuber.display_name} ${vod.date_2}` : `VOD ${vod.id}`; -} - -export function buildMuxUrl(playbackId: string, token: string) { - return `https://stream.mux.com/${playbackId}.m3u8?token=${token}` -} - -export function buildMuxSignedPlaybackId(playbackId: string, token: string) { - return `${playbackId}?token=${token}` -} - -export function buildMuxThumbnailUrl(playbackId: string, token: string) { - return `https://image.mux.com/${playbackId}/storyboard.vtt?token=${token}` -} - - -export default async function VodPage({vod}: { vod: IVod }) { - - if (!vod) notFound(); - if (!vod.vtuber) { - throw new Error(`vod.vtuber was falsy.`) - } - const slug = vod.vtuber.slug; - const previousVod = await getPreviousVod(vod); - const nextVod = await getNextVod(vod); - - // return 
{JSON.stringify(previousVod, null, 2)}
- // return

{slug} VOD @todo previousVod={previousVod.title} nextVod={nextVod?.title}

- return ( - -
-
- - {/* 
{JSON.stringify(vod, null, 2)}
*/} - - {(vod.thumbnail) && (
- - -
)} - - {(vod.ipfs_cid) && ( - <> - - {vod.ipfs_cid && ( - - )} - - )} - - - - - -
-
- ); -} diff --git a/services/next/app/components/vods-list.tsx b/services/next/app/components/vods-list.tsx deleted file mode 100644 index b7dd8fd..0000000 --- a/services/next/app/components/vods-list.tsx +++ /dev/null @@ -1,66 +0,0 @@ -import React from 'react' -import Link from 'next/link'; -import VodCard from './vod-card'; -import { IVtuber } from '@futureporn/types'; -import { IVod } from '@/app/lib/vods'; -import { getVodTitle } from './vod-page'; -import { notFound } from 'next/navigation'; - -interface IVodsListProps { - vtuber?: IVtuber; - vods: IVod[]; - page: number; - pageSize: number; -} - - -interface IVodsListHeadingProps { - slug: string; - displayName: string; -} - -export function VodsListHeading({ slug, displayName }: IVodsListHeadingProps): React.JSX.Element { - return ( -
-

- {displayName} Vods -

-
- ) -} - - -export default function VodsList({ vods, page = 1, pageSize = 24 }: IVodsListProps): React.JSX.Element { - // if (!vtuber) return
vtuber is not defined. vtuber:{JSON.stringify(vtuber, null, 2)}
- // if (!vods) return
failed to load vods
; - if (!vods) return notFound() - - // @todo [x] pagination - // @todo [x] sortability - return ( - <> -

VodsList on page {page}, pageSize {pageSize}, with {vods.length} vods

- - {/* 
-                
-                    {JSON.stringify(vods, null, 2)}
-                
-
*/} - - -
- {vods.map((vod: IVod) => ( - - ))} -
- - ); -} diff --git a/services/next/app/components/vtuber-button.tsx b/services/next/app/components/vtuber-button.tsx deleted file mode 100644 index 22f5bc2..0000000 --- a/services/next/app/components/vtuber-button.tsx +++ /dev/null @@ -1,29 +0,0 @@ -import Image from "next/legacy/image" - -interface VtuberButtonProps { - image: string; - displayName: string; - size?: string; -} - -export default function VtuberButton ({ image, displayName, size }: VtuberButtonProps) { - const sizeClass = (() => { - if (size === 'large') return 'is-large'; - if (size === 'medium') return 'is-medium'; - if (size === 'small') return 'is-small' - })(); - return ( -
- - {displayName} - - {displayName} -
- ); -} \ No newline at end of file diff --git a/services/next/app/components/vtuber-card.tsx b/services/next/app/components/vtuber-card.tsx deleted file mode 100644 index 739f54e..0000000 --- a/services/next/app/components/vtuber-card.tsx +++ /dev/null @@ -1,44 +0,0 @@ -import Link from "next/link"; -import type { IVtuber } from '@futureporn/types'; -import { getVodsForVtuber } from "@/app/lib/vods"; -import Image from "next/legacy/image" -import NotFound from "@/app/vt/[slug]/not-found"; -import ArchiveProgress from "./archive-progress"; - -export default async function VTuberCard(vtuber: IVtuber) { - const { id, slug, display_name, image_blur, image } = vtuber; - if (!image_blur) return
This VTuberCard is missing image_blur
- const vods = await getVodsForVtuber(id) - if (!vods) return - return ( - -
-
-
-
-
- {display_name} -
-
-
-

{display_name}

- -
-
-
-
- - ) - } \ No newline at end of file diff --git a/services/next/app/config/clientConfigs.ts b/services/next/app/config/clientConfigs.ts deleted file mode 100644 index 2442989..0000000 --- a/services/next/app/config/clientConfigs.ts +++ /dev/null @@ -1,21 +0,0 @@ - -if (!process.env.NEXT_PUBLIC_API_DOMAIN) throw new Error('Missing NEXT_PUBLIC_API_DOMAIN env var'); -if (!process.env.NEXT_PUBLIC_WEBSITE_DOMAIN) throw new Error('Missing NEXT_PUBLIC_WEBSITE_DOMAIN env var'); -if (!process.env.NEXT_PUBLIC_UPPY_COMPANION_URL) throw new Error('Missing NEXT_PUBLIC_UPPY_COMPANION_URL env var'); -if (!process.env.NEXT_PUBLIC_SITE_URL) throw new Error('Missing NEXT_PUBLIC_SITE_URL env var'); -if (!process.env.NEXT_PUBLIC_STRAPI_URL) throw new Error('Missing NEXT_PUBLIC_STRAPI_URL env var'); -if (!process.env.NEXT_PUBLIC_POSTGREST_URL) throw new Error('Missing NEXT_PUBLIC_POSTGREST_URL env var'); - - -// const apiDomain = process.env.NEXT_PUBLIC_API_DOMAIN! -// const websiteDomain = process.env.NEXT_PUBLIC_WEBSITE_DOMAIN! - -// export interface ClientConfig { -// apiDomain: string; -// websiteDomain: string; -// } - -// export const configs: ClientConfig = { -// apiDomain, -// websiteDomain, -// } diff --git a/services/next/app/config/configs.ts b/services/next/app/config/configs.ts deleted file mode 100644 index c0134ea..0000000 --- a/services/next/app/config/configs.ts +++ /dev/null @@ -1,39 +0,0 @@ - -// When adding env vars here, make sure to also add the assertion in ./server.ts - -const patreonClientId = process.env.PATREON_CLIENT_ID! -const patreonClientSecret = process.env.PATREON_CLIENT_SECRET! -const keycloakClientId = process.env.KEYCLOAK_CLIENT_ID! -const keycloakClientSecret = process.env.KEYCLOAK_CLIENT_SECRET! -const keycloakIssuer = process.env.KEYCLOAK_ISSUER! -const keycloakLocalUrl = process.env.KEYCLOAK_LOCAL_URL! -const keycloakUrl = process.env.KEYCLOAK_URL! -const nextAuthSecret = process.env.NEXTAUTH_SECRET! -const nextAuthUrl = process.env.NEXTAUTH_URL! -const nextUrl = process.env.NEXT_PUBLIC_URL! - -export interface ServerConfig { - patreonClientId: string; - patreonClientSecret: string; - keycloakClientId: string; - keycloakClientSecret: string; - keycloakIssuer: string; - keycloakLocalUrl: string; - keycloakUrl: string; - nextAuthSecret: string; - nextAuthUrl: string; - nextUrl: string; -} - -export const configs: ServerConfig = { - patreonClientId, - patreonClientSecret, - keycloakClientId, - keycloakClientSecret, - keycloakIssuer, - keycloakLocalUrl, - keycloakUrl, - nextAuthSecret, - nextAuthUrl, - nextUrl, -} \ No newline at end of file diff --git a/services/next/app/config/server.ts b/services/next/app/config/server.ts deleted file mode 100644 index a70e23c..0000000 --- a/services/next/app/config/server.ts +++ /dev/null @@ -1,20 +0,0 @@ -/** - * this file exists to give us verbose errors when we forget to define a server-side env var. - * configs should go in ./configs - */ - -'use server'; - -export async function main () { - if (!process.env.PATREON_CLIENT_ID) throw new Error("PATREON_CLIENT_ID was missing from env"); - if (!process.env.PATREON_CLIENT_SECRET) throw new Error('Missing PATREON_CLIENT_SECRET env var'); - if (!process.env.KEYCLOAK_CLIENT_ID) throw new Error(`KEYCLOAK_CLIENT_ID missing in env!`); - if (!process.env.KEYCLOAK_CLIENT_SECRET) throw new Error(`KEYCLOAK_CLIENT_SECRET missing in env!`); - if (!process.env.KEYCLOAK_ISSUER) throw new Error(`KEYCLOAK_ISSUER missing in env!`); - if (!process.env.KEYCLOAK_LOCAL_URL) throw new Error(`KEYCLOAK_LOCAL_URL missing in env!`); - if (!process.env.NEXTAUTH_SECRET) throw new Error(`NEXTAUTH_SECRET missing in env!`); - if (!process.env.NEXTAUTH_URL) throw new Error(`NEXTAUTH_URL missing in env!`); - if (!process.env.NEXT_PUBLIC_URL) throw new Error(`NEXT_PUBLIC_URL missing in env!`); -} - -main() diff --git a/services/next/app/connect/patreon/redirect/page.tsx b/services/next/app/connect/patreon/redirect/page.tsx deleted file mode 100644 index 40b65a0..0000000 --- a/services/next/app/connect/patreon/redirect/page.tsx +++ /dev/null @@ -1,122 +0,0 @@ -'use client' - -import { useSearchParams, useRouter } from 'next/navigation' -import Link from 'next/link' -import { useEffect, useState } from 'react' -import { postgrestLocalUrl } from '@/app/lib/constants' -import { DangerNotification } from '@/app/components/notifications' - -export type AccessToken = string | null; - - -export default function Page() { - const searchParams = useSearchParams() - const router = useRouter() - const { authData, setAuthData, lastVisitedPath } = useAuth() - const [errors, setErrors] = useState([]) - - const initAuth = async () => { - try { - const accessToken: AccessToken = getAccessTokenFromURL(); - const json = await getJwt(accessToken); - if (!json) { - setErrors(errors.concat(['Unable to get access token from portal. Please try again later or check Futureporn Discord.'])) - } else { - storeJwtJson(json) - redirect(); - } - } catch (error) { - console.error(error); - } - }; - - const storeJwtJson = (json: IJWT) => { - - - // Store the JWT and other relevant data in your state management system - const data: IAuthData = { - accessToken: json.jwt, - user: json.user, - } - setAuthData(data); - } - - - const getAccessTokenFromURL = () => { - const accessToken: AccessToken = searchParams?.get('access_token'); - if (!accessToken) { - throw new Error('Failed to get access_token from auth portal.'); - } - return accessToken; - }; - - const getJwt = async (accessToken: AccessToken): Promise => { - - try { - const response = await fetch(`${postgrestLocalUrl}/api/auth/patreon/callback?access_token=${accessToken}`); - - if (!response.ok) { - // Handle non-2xx HTTP response status - throw new Error(`Failed to fetch. Status: ${response.status}`); - } - - const json = await response.json(); - - if (!json.jwt) { - throw new Error('Failed to get auth token. Please try again later.'); - } - - return json; - } catch (error) { - console.error(error); - return null; // Return null or handle the error in an appropriate way - } - }; - - - const redirect = () => { - if (!lastVisitedPath) return; // on first render, it's likely null - router.push(lastVisitedPath); - }; - - - useEffect(() => { - initAuth() - }) - - - - - - - {/* - After user auths, - they are redirected to this page. - - This page grabs the access_token from the query string, - exchanges it with strapi for a jwt - then persists the jwt - - After a jwt is stored, this page redirects the user - to whatever page they were previously on. - */} - - // @todo get query parameters - // @todo save account info to session - // @todo ??? - // @todo profit - // const searchParams = useSearchParams() - // const accessToken = searchParams?.get('access_token'); - // const refreshToken = searchParams?.get('refresh_token'); - // const lastVisitedPath = '@todo!' - - return ( -
- {errors && errors.length > 0 && ( - - )} -

Redirecting...

- Click here if you are not automatically redirected -
- ) -} \ No newline at end of file diff --git a/services/next/app/faq/page.tsx b/services/next/app/faq/page.tsx deleted file mode 100644 index fad05ac..0000000 --- a/services/next/app/faq/page.tsx +++ /dev/null @@ -1,65 +0,0 @@ -import Link from 'next/link'; -import { getVtuberBySlug } from '../lib/vtubers' -import { FontAwesomeIcon } from "@fortawesome/react-fontawesome"; -import { faExternalLinkAlt } from "@fortawesome/free-solid-svg-icons"; -import { faLink } from '@fortawesome/free-solid-svg-icons'; -import { projektMelodyEpoch } from '@/app/lib/constants'; -import LinkableHeading from '@/app/components/linkable-heading'; - -export default async function Page() { - return ( -
-
-

Frequently Asked Questions (FAQ)

-
- - - -
- -

VTuber is a portmantou of the words Virtual and Youtuber. Originally started in Japan, VTubing uses cameras and/or motion capture technology to replicate human movement and facial expressions onto a virtual character in realtime.

-
- -
- -

Lewdtubers are sexually explicit vtubers. ProjektMelody was the first Vtuber to livestream on Chaturbate on {projektMelodyEpoch.toDateString()}. Many more followed after her.

-
- - -
-
-
- -
-
-

You may get an error when clicking on a video link. Errors such as DNS_PROBE_FINISHED_NXDOMAIN

- -

This is a DNS server error that occurs when a web browser isn't able to translate the domain name into an IP address.

- -

If this happens, using a different DNS server can fix it. There are many gratis services to choose from, including Cloudflare DNS or Google DNS.

- -

Often, using a DNS server other than the one provided to you by your ISP can improve your internet browsing experience for all websites.

-
-
-
- - -
-
- -
-

Yes. Futureporn aims to become the galaxy's best VTuber hentai site.

-
- -
-
- -

Bandwidth and rental fees are expensive, so Futureporn needs financial assistance to keep servers online and videos streaming.

-

Patrons gain access to perks like our video Content Delivery Network (CDN), and optional shoutouts on the patrons page.

-

Additionally, help is needed populating our archive with vods from past lewdtuber streams.

-
-
- -
- ) -} \ No newline at end of file diff --git a/services/next/app/favicon.ico b/services/next/app/favicon.ico deleted file mode 100644 index 2ed11c7..0000000 Binary files a/services/next/app/favicon.ico and /dev/null differ diff --git a/services/next/app/feed/feed.json/route.ts b/services/next/app/feed/feed.json/route.ts deleted file mode 100644 index 51cbcc3..0000000 --- a/services/next/app/feed/feed.json/route.ts +++ /dev/null @@ -1,11 +0,0 @@ -import { generateFeeds } from "@/app/lib/rss" - -export async function GET() { - const feeds = await generateFeeds() - const options = { - headers: { - "Content-Type": "application/json" - } - } - return new Response(feeds.json1, options) -} \ No newline at end of file diff --git a/services/next/app/feed/feed.xml/route.ts b/services/next/app/feed/feed.xml/route.ts deleted file mode 100644 index 11e66ba..0000000 --- a/services/next/app/feed/feed.xml/route.ts +++ /dev/null @@ -1,11 +0,0 @@ -import { generateFeeds } from "@/app/lib/rss" - -export async function GET() { - const { atom1 } = await generateFeeds() - const options = { - headers: { - "Content-Type": "application/atom+xml" - } - } - return new Response(atom1, options) -} \ No newline at end of file diff --git a/services/next/app/feed/page.tsx b/services/next/app/feed/page.tsx deleted file mode 100644 index e87e056..0000000 --- a/services/next/app/feed/page.tsx +++ /dev/null @@ -1,28 +0,0 @@ - -import Link from 'next/link' - -export default async function Page() { - return ( - <> -
-
-
- -

RSS Feed

- -

Keep up to date with new VODs using Real Simple Syndication (RSS).

- -

Don't have a RSS reader? Futureporn recommends Fraidycat

- -
-

ATOM

-

RSS

-

JSON

-
-
-
-
- - ) -} - diff --git a/services/next/app/feed/rss.xml/route.ts b/services/next/app/feed/rss.xml/route.ts deleted file mode 100644 index c32d021..0000000 --- a/services/next/app/feed/rss.xml/route.ts +++ /dev/null @@ -1,11 +0,0 @@ -import { generateFeeds } from "@/app/lib/rss" - -export async function GET() { - const { rss2 } = await generateFeeds() - const options = { - headers: { - "Content-Type": "application/rss+xml" - } - } - return new Response(rss2, options) -} \ No newline at end of file diff --git a/services/next/app/goals/page.tsx b/services/next/app/goals/page.tsx deleted file mode 100644 index e23ae22..0000000 --- a/services/next/app/goals/page.tsx +++ /dev/null @@ -1,82 +0,0 @@ -import { getGoals } from "@/app/lib/pm"; -import { getCampaign } from "@/app/lib/patreon"; - -interface IFundingStatusBadgeProps { - completedPercentage: number; -} - -function FundingStatusBadge({ completedPercentage }: IFundingStatusBadgeProps) { - if (completedPercentage === 100) return Funded; - return ( - - - {completedPercentage}% Funded - - - ); -} - - - -// export interface IGoals { -// complete: IIssue[]; -// inProgress: IIssue[]; -// planned: IIssue[]; -// featuredFunded: IIssue; -// featuredUnfunded: IIssue; -// } -export default async function Page() { - const { pledgeSum } = await getCampaign() - const goals = await getGoals(pledgeSum); - if (!goals) return

failed to get goals

- const { inProgress, planned, complete } = goals; - return ( - <> -
-
- -
-

Goals

-

Shooting for the stars

-
-
-

- In Progress -

-
    - {inProgress.map((goal) => ( -
  • - ☐ {goal.title} {(!!goal?.amountCents && !!goal.completedPercentage) && } -
    • - ))} -
-
-
-

- Planned -

-
    - {planned.map((goal) => ( -
  • - ☐ {goal.title} {(!!goal?.amountCents && !!goal.completedPercentage) && } -
    • - ))} -
-
-
-

- Completed -

-
    - {complete.map((goal) => ( -
  • - ✅ {goal.title} {(!!goal?.amountCents && !!goal.completedPercentage) && } -
    • - ))} -
-
-
-
- - ) -} \ No newline at end of file diff --git a/services/next/app/health/page.tsx b/services/next/app/health/page.tsx deleted file mode 100644 index 89cf9c0..0000000 --- a/services/next/app/health/page.tsx +++ /dev/null @@ -1,10 +0,0 @@ - -export default async function Page() { - return ( -
-
-

Healthy!

-
-
- ) -} \ No newline at end of file diff --git a/services/next/app/latest-vods/[page]/page.tsx b/services/next/app/latest-vods/[page]/page.tsx deleted file mode 100644 index 17ebc96..0000000 --- a/services/next/app/latest-vods/[page]/page.tsx +++ /dev/null @@ -1,29 +0,0 @@ -import VodsList from '@/app/components/vods-list'; -import { getVods } from '@/app/lib/vods'; -import Pager from '@/app/components/pager'; - -interface IPageParams { - params: { - page: number; - }; -} - -export default async function Page({ params: { page } }: IPageParams) { - - const pageSize = 24 - const { count, vods } = await getVods(page, pageSize, true); - - - return ( - <> -

Latest VODs

-

page {page}

- - - - ); -} diff --git a/services/next/app/latest-vods/page.tsx b/services/next/app/latest-vods/page.tsx deleted file mode 100644 index 3a750d2..0000000 --- a/services/next/app/latest-vods/page.tsx +++ /dev/null @@ -1,25 +0,0 @@ - -import VodsList from '@/app/components/vods-list'; -import { IVodsResponse } from '@/app/lib/vods'; -import Pager from '@/app/components/pager'; -import { getVods } from '@/app/lib/vods'; - - -interface IPageParams { - params: { - slug: string; - } -} - -export default async function Page({ params }: IPageParams) { - const pageSize = 24 - const { vods, count } = await getVods(1, pageSize); - return ( - <> -

Latest VODs

-

page 1

- - - - ) -} \ No newline at end of file diff --git a/services/next/app/layout.tsx b/services/next/app/layout.tsx deleted file mode 100644 index 3d448ca..0000000 --- a/services/next/app/layout.tsx +++ /dev/null @@ -1,58 +0,0 @@ -import { ReactNode } from 'react' -import Footer from "./components/footer" -import Navbar from "./components/navbar" -import "bulma" -import "../assets/styles/global.css" -import "@fortawesome/fontawesome-svg-core/styles.css" -import type { Metadata } from 'next' -import NotificationCenter from './components/notification-center' -import QueryProvider from './components/query-provider' -import AuthProvider from './components/auth-provider' - -export const metadata: Metadata = { - title: 'Futureporn.net', - description: "The Galaxy's Best VTuber Hentai Site", - other: { - RATING: 'RTA-5042-1996-1400-1577-RTA' - }, - metadataBase: new URL('https://futureporn.net'), - twitter: { - site: '@futureporn_net', - creator: '@cj_clippy' - }, - alternates: { - types: { - 'application/atom+xml': '/feed/feed.xml', - 'application/rss+xml': '/feed/rss.xml', - 'application/json': '/feed/feed.json' - } - } -} - -type Props = { - children: ReactNode; -} - - -export default function RootLayout({ - children, -}: Props) { - - - return ( - - - - - - -
- {children} - {/*
*/} -
- - - - - ) -} diff --git a/services/next/app/lib/auth.ts b/services/next/app/lib/auth.ts deleted file mode 100644 index 44e3579..0000000 --- a/services/next/app/lib/auth.ts +++ /dev/null @@ -1,173 +0,0 @@ -import KeycloakProvider, { type KeycloakProfile } from "next-auth/providers/keycloak"; -import { NextAuthOptions } from "next-auth"; -import { jwtDecode } from "jwt-decode"; -import { type JWT } from "next-auth/jwt"; -import NextAuth, { User, Profile } from "next-auth"; -import { configs } from "../config/configs"; -import { extractCurrentlyEntitledTiers, mapTierIdsToRoles } from "./patreon"; -import { getTierNameFromTierId } from "./keycloak"; -import type { OAuthConfig, OAuthUserConfig } from "next-auth/providers/oauth"; - - -declare module "next-auth" { - interface Session { - user: User; - token: JWT | undefined; - profile: Profile; - } - - interface Profile { - realm_access: any; - preferred_username: string; - username_visibility?: "public" | "private"; - } - - interface Session { - roles: any - } - -} - -declare module "next-auth/jwt" { - interface JWT { - expires_at: number; - access_token: string; - refresh_token: string; - profile: Profile; - } -} - - -export interface PatreonProfile extends Record { - sub: string - nickname: string - email: string - picture: string -} - - - -export default function Patreon

( - options: OAuthUserConfig

-): OAuthConfig

{ - return { - id: "patreon", - name: "Patreon", - type: "oauth", - version: "2.0", - authorization: { - url: "https://www.patreon.com/oauth2/authorize", - params: { scope: "identity" }, - }, - token: "https://www.patreon.com/api/oauth2/token", - userinfo: "https://www.patreon.com/api/oauth2/v2/identity?fields%5Buser%5D=about,created,email,first_name,full_name,image_url,last_name,thumb_url,url,vanity&include=memberships,memberships.currently_entitled_tiers,memberships.currently_entitled_tiers.benefits", - profile(profile) { - console.log(`profile callback!!!! userinfo as follows`) - // console.log(profile) - - const tiers = extractCurrentlyEntitledTiers(profile) - console.log(tiers) - - return { - id: profile.data.id, - name: profile.data.attributes.full_name, - email: profile.data.attributes.email, - image: profile.data.attributes.image_url, - currently_entitled_tiers: tiers - } - }, - style: { logo: "/patreon.svg", bg: "#e85b46", text: "#fff" }, - options, - } -} - - - - - -export const authOptions: NextAuthOptions = { - session: { - strategy: "jwt" - }, - providers: [ - Patreon({ - clientId: configs.patreonClientId, - clientSecret: configs.patreonClientSecret, - }) - ], - callbacks: { - // Using the `...rest` parameter to be able to narrow down the type based on `trigger` - jwt({ token, trigger, session, account, profile, user }) { - console.log(`next-auth jwt callback! trigger=${trigger}`) - if (account) { - console.log(`>>>> account was present!`) - console.log(account) - console.log(user) - token.currently_entitled_tiers = user.currently_entitled_tiers - } - if (trigger === 'signIn' && profile) { - console.log('trigger is signIn and profile as follows') - console.log(profile) - token.test = true - return token - } - if (trigger === "update" && session?.name) { - // Note, that `session` can be any arbitrary object, remember to validate it! - token.name = session.name - } - - token.test = 'yessir' - return token - }, - async session({ session, token, user }) { - console.log('Send properties to the client, like an access_token and user id from a provider.') - console.log(token) - console.log(session) - console.log(user) - session.token = token - if (token?.currently_entitled_tiers) { - session.roles = mapTierIdsToRoles(token.currently_entitled_tiers) - } - - - return session - } - } -} - - -export const { handler, signIn, signOut, auth } = NextAuth(authOptions) - - - -// async jwt({ token, account, profile }) { -// try { -// if (account) { -// const decodedToken = jwtDecode(account.access_token as any) -// if (token == null){ -// throw new Error("Unable to decode token") -// } -// console.log('decodedToken as follows') -// console.log(JSON.stringify(decodedToken, null, 2)) -// // Do something here to add more info, maybe just overwrite profile (thats the one that should have this info) -// profile = decodedToken -// token.account = account -// } -// if (profile) { -// console.log('profile as follows') -// console.log(profile) -// token.profile = profile -// // Then do here the assignation of roles elements to token so session has access -// // This can be modified so uses by client, realm or account BE AWARE OF THAT! -// // Modify the "resource_access['next-auth-AFB']" value to the one your resource/realm/accout -// // json scope roles you need - -// // While the info is already on profile, we could make a new key on the json response of session -// const clientRoles = profile.realm_access.roles -// token.client_roles = clientRoles -// } -// } catch (error) { -// console.log(error) -// } -// return token -// }, \ No newline at end of file diff --git a/services/next/app/lib/b2File.ts b/services/next/app/lib/b2File.ts deleted file mode 100644 index 389ab10..0000000 --- a/services/next/app/lib/b2File.ts +++ /dev/null @@ -1,2 +0,0 @@ -import { IMeta } from "@futureporn/types"; - diff --git a/services/next/app/lib/constants.ts b/services/next/app/lib/constants.ts deleted file mode 100644 index 30bde6b..0000000 --- a/services/next/app/lib/constants.ts +++ /dev/null @@ -1,27 +0,0 @@ -if (!process.env.NEXT_PUBLIC_SITE_URL) console.error('NEXT_PUBLIC_SITE_URL was missing in env'); -if (!process.env.NEXT_PUBLIC_STRAPI_URL) console.error('NEXT_PUBLIC_STRAPI_URL was missing in env'); -if (!process.env.NEXT_PUBLIC_UPPY_COMPANION_URL) console.error('NEXT_PUBLIC_UPPY_COMPANION_URL undefined in env'); - -export const companionUrl = ''+process.env.NEXT_PUBLIC_UPPY_COMPANION_URL -export const siteUrl = ''+process.env.NEXT_PUBLIC_SITE_URL -export const postgrestUrl = ''+process.env.NEXT_PUBLIC_POSTGREST_URL -export const postgrestLocalUrl = 'http://postgrest.futureporn.svc.cluster.local:9000' -export const patreonCampaignId: string = '8012692' -export const patreonSupporterBenefitId: string = '4760169' -export const patreonQuantumSupporterId: string = '10663202' -export const patreonVideoAccessBenefitId: string = '13462019' -export const patreonApiIdentityUrl = 'https://www.patreon.com/api/oauth2/v2/identity' -export const skeletonHeight = '32pt' -export const skeletonBaseColor = '#000' -export const skeletonHighlightColor = '#000' -export const skeletonBorderRadius = 0 -export const description = "The Galaxy's Best VTuber Hentai Site" -export const title = "Futureporn.net" -export const siteImage = 'https://futureporn.net/images/futureporn-icon.png' -export const favicon = 'https://futureporn.net/favicon.ico' -export const authorName = 'CJ_Clippy' -export const authorEmail = 'cj@futureporn.net' -export const authorLink = 'https://futureporn.net' -export const giteaUrl = 'https://gitea.futureporn.net' -export const projektMelodyEpoch = new Date('2020-02-07T23:21:48.000Z') -export const defaultImageBlur = 'data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAABmJLR0QA/wD/AP+gvaeTAAAADUlEQVQImWOIUT7wHwAEXQI/2aBnMAAAAABJRU5ErkJggg==' \ No newline at end of file diff --git a/services/next/app/lib/contributors.ts b/services/next/app/lib/contributors.ts deleted file mode 100644 index 22a4798..0000000 --- a/services/next/app/lib/contributors.ts +++ /dev/null @@ -1,22 +0,0 @@ -import { postgrestLocalUrl } from "./constants"; -import fetchAPI from "./fetch-api"; - -export interface IContributor { - id: number; - name: string; - url?: string; - isFinancialDonor: boolean; - isVodProvider: boolean; -} - - -export async function getContributors(): Promise { - try { - const res = await fetchAPI(`/contributors`); - return res.data; - } catch (e) { - console.error(`error while fetching contributors`) - console.error(e); - return null; - } -} diff --git a/services/next/app/lib/dates.ts b/services/next/app/lib/dates.ts deleted file mode 100644 index 330dab2..0000000 --- a/services/next/app/lib/dates.ts +++ /dev/null @@ -1,59 +0,0 @@ -import { parse } from 'date-fns'; -import { format } from 'date-fns-tz' -import { toZonedTime, fromZonedTime } from 'date-fns-tz' - -const safeDateFormatString: string = "yyyyMMdd'T'HHmmss'Z'" -const localTimeZone = Intl.DateTimeFormat().resolvedOptions().timeZone; - - -export function getSafeDate(date: string | Date): string { - let dateString: string; - if (!date) throw new Error(`date passed to getSafeDate() was falsy. ${date}`); - if (typeof date === 'string') { - const dateObject = toZonedTime(date, 'UTC'); - dateString = format(dateObject, safeDateFormatString, { timeZone: 'UTC' }); - } else { - dateString = format(date, safeDateFormatString, { timeZone: 'UTC' }); - } - - return dateString; -} - - -export function getDateFromSafeDate(safeDate: string): Date { - console.log(`getDateFromSafeDate(). safeDate=${safeDate}`) - const date = parse(safeDate, safeDateFormatString, new Date()) - const utcDate = fromZonedTime(date, 'UTC') - return utcDate; -} - - -export function formatTimestamp(seconds: number = 0): string { - return new Date(seconds * 1000).toISOString().slice(11, 19); -} - -export function formatUrlTimestamp(timestampInSeconds: number): string { - const hours = Math.floor(timestampInSeconds / 3600); - const minutes = Math.floor((timestampInSeconds % 3600) / 60); - const seconds = timestampInSeconds % 60; - return `${hours}h${minutes}m${seconds}s`; -} - -export function parseUrlTimestamp(timestamp: string): number | null { - // Regular expression to match the "XhYmZs" format - const regex = /^(\d+)h(\d+)m(\d+)s$/; - const match = timestamp.match(regex); - - if (match) { - const hours = parseInt(match[1], 10); - const minutes = parseInt(match[2], 10); - const seconds = parseInt(match[3], 10); - - if (!isNaN(hours) && !isNaN(minutes) && !isNaN(seconds)) { - return hours * 3600 + minutes * 60 + seconds; - } - } - - // If the format doesn't match or parsing fails, return null - return null; -} \ No newline at end of file diff --git a/services/next/app/lib/fetch-api.ts b/services/next/app/lib/fetch-api.ts deleted file mode 100644 index 8db3165..0000000 --- a/services/next/app/lib/fetch-api.ts +++ /dev/null @@ -1,35 +0,0 @@ -// greets https://github.com/strapi/nextjs-corporate-starter/blob/main/frontend/src/app/%5Blang%5D/utils/fetch-api.tsx#L4 - -import qs from "qs"; -import { postgrestLocalUrl } from "./constants"; - -export default async function fetchAPI( - path: string, - urlParamsObject = {}, - options = {} -) { - try { - // Merge default and user options - const mergedOptions = { - next: { revalidate: 60 }, - headers: { - "Content-Type": "application/json", - }, - ...options, - }; - - // Build request URL - const queryString = qs.stringify(urlParamsObject); - const requestUrl = `${postgrestLocalUrl}${path}${queryString ? `?${queryString}` : ""}`; - console.log(`fetching--> ${requestUrl}`) - - // Trigger API call - const response = await fetch(requestUrl, mergedOptions); - const data = await response.json(); - return data; - - } catch (error) { - console.error(error); - throw new Error(`Error while fetching data from API. ${path}`); - } -} \ No newline at end of file diff --git a/services/next/app/lib/fetchers.ts b/services/next/app/lib/fetchers.ts deleted file mode 100644 index 98b6e5a..0000000 --- a/services/next/app/lib/fetchers.ts +++ /dev/null @@ -1,42 +0,0 @@ -import { postgrestLocalUrl } from "./constants"; - -/* - * https://postgrest.org/en/latest/references/api/pagination_count.html - * HTTP/1.1 206 Partial Content - * Content-Range: 0-24/3572000 - */ -export function getCountFromHeaders(res: Response) { - const count = parseInt(res.headers.get('Content-Range')?.split('/').at(-1) || '0') - return count -} - -export async function fetchPaginatedData(apiEndpoint: string, pageSize: number, queryParams: Record = {}): Promise { - let data: any[] = []; - let totalDataCount: number = 0; - let totalRequestsNeeded: number = 1; - - for (let requestCounter = 0; requestCounter < totalRequestsNeeded; requestCounter++) { - const humanReadableRequestCount = requestCounter + 1; - const params = new URLSearchParams({ - 'pagination[page]': humanReadableRequestCount.toString(), - 'pagination[pageSize]': pageSize.toString(), - ...queryParams, - }); - const url = `${postgrestLocalUrl}${apiEndpoint}?${params}`; - - const response = await fetch(url, { - method: 'GET' - }); - - const responseData = await response.json(); - - - if (requestCounter === 0) { - totalDataCount = responseData.meta.pagination.total; - totalRequestsNeeded = Math.ceil(totalDataCount / pageSize); - } - data = data.concat(responseData.data); - } - - return data; -} diff --git a/services/next/app/lib/ipfs.ts b/services/next/app/lib/ipfs.ts deleted file mode 100644 index ffb3f04..0000000 --- a/services/next/app/lib/ipfs.ts +++ /dev/null @@ -1,7 +0,0 @@ -export function buildIpfsUrl (urlFragment: string): string { - return `https://ipfs.io/ipfs/${urlFragment}` -} - -export function buildPatronIpfsUrl (cid: string, token: string): string { - return `https://gw.futureporn.net/ipfs/${cid}?token=${token}` -} diff --git a/services/next/app/lib/keycloak.ts b/services/next/app/lib/keycloak.ts deleted file mode 100644 index bbd6181..0000000 --- a/services/next/app/lib/keycloak.ts +++ /dev/null @@ -1,210 +0,0 @@ -import { type Tier, type TiersList, tiers } from './patreon' -import { configs } from '../config/configs'; - -export interface UMAToken { - upgraded: boolean; - access_token: string; - expires_in: number; - refresh_expires_in: number; - token_type: string; - "not-before-policy": number; -} - -export interface KeycloakGroup { - id: string; - name: string; - path: string; - subGroups: KeycloakGroup[]; -} - -// Maps patreon tiers to keycloak groups. -export const patreonToKeycloakMap: Record = { - everyone: 'ccaece3a-bb62-4fc9-be1d-6326ecdec65c', - free: 'ccaece3a-bb62-4fc9-be1d-6326ecdec65c', - archiveSupporter: '9e70fe60-5015-44df-ab77-d93b90e86738', - stealthSupporter: 'fd5358fe-d5e8-43be-85f2-27ddff711bd0', - tuneItUp: '4127e407-0c09-4c0a-b231-0bc058fb3dbd', - maxQ: '25b3d3af-2015-49ea-949f-b052fc82c6a3', - archiveCollector: '9e70fe60-5015-44df-ab77-d93b90e86738', - advancedArchiveSupporter: '7f875c63-4c74-4ae1-b33c-eefa7904d031', - quantumSupporter: '13076175-3a6f-4d80-84f2-6a8d5711e5f5', - sneakyQuantumSupporter: '13076175-3a6f-4d80-84f2-6a8d5711e5f5', - luberPlusPlus: '205d9c95-68ec-4b20-a6c1-28162af8a8f5' -}; - - -export function getTierNameFromTierId(tierId: string): string { - const tierName = Object.entries(tiers).find(([_, id]) => id === tierId)?.[0]; - if (!tierName) throw new Error(`getTierNameFromTierId failed to convert tierId=${tierId} into a tier name.`); - return tierName -} - -export function getKeycloakIdFromTierId(tierId: string): string | undefined { - // Find the tier name corresponding to the provided tier ID - const tierName = getTierNameFromTierId(tierId) - - if (!tierName) { - console.warn(`Tier ID ${tierId} not found in tiers map.`); - return undefined; // Return undefined if the tier ID is not found - } - - // Use the tier name to get the corresponding Keycloak group ID - const keycloakId = patreonToKeycloakMap[tierName]; - - if (!keycloakId) { - console.warn(`Keycloak ID for tier ${tierName} not found in patreonToKeycloakMap.`); - } - - return keycloakId; -} - - - -/** - * This gets us an access_token with our service-account-futureporn user privs. - * This service account has manage-users role so it can modify their group memebership. - */ -export async function getUMAToken(): Promise { - const res = await fetch(`${configs.keycloakLocalUrl}/realms/futureporn/protocol/openid-connect/token`, { - method: 'POST', - headers: { - 'Content-Type': 'application/x-www-form-urlencoded' - }, - body: new URLSearchParams({ - grant_type: 'urn:ietf:params:oauth:grant-type:uma-ticket', - client_id: configs.keycloakClientId, - client_secret: configs.keycloakClientSecret, - audience: 'futureporn' - }).toString() - }) - const data = await res.json() - if (!res.ok) { - throw new Error(`failed to getUMAToken. body=${JSON.stringify(data, null, 2)}, res.status=${res.status}, res.statusText=${res.statusText}`); - } - return data -} - - - - -export async function getUserGroups(uma: UMAToken, userId: string): Promise { - if (!uma) throw new Error('getUserGroups() requires a UMAToken as second param, but it was undefined.'); - if (!userId) throw new Error('getUserGroups() requires a userId as second param, but it was undefined.'); - const res = await fetch(`${configs.keycloakLocalUrl}/admin/realms/futureporn/users/${userId}/groups`, { - headers: { - 'Authorization': `Bearer ${uma.access_token}` - } - }) - const data = await res.json() as KeycloakGroup[] - if (!res.ok) { - throw new Error(`failed to getUserGroups. body=${JSON.stringify(data, null, 2)}, res.status=${res.status}, res.statusText=${res.statusText}`); - } - return data.map((g) => g.id) -} - - - -export async function addUserGroup(uma: UMAToken, userId: string, groupId: string): Promise { - const res = await fetch(`${configs.keycloakLocalUrl}/admin/realms/futureporn/users/${userId}/groups/${groupId}`, { - method: 'PUT', - headers: { - 'Authorization': `Bearer ${uma.access_token}` - } - }) - if (!res.ok) { - throw new Error(`failed to addUserGroup. res.status=${res.status}, res.statusText=${res.statusText}`); - } -} - - -export async function removeUserGroup(uma: UMAToken, userId: string, groupId: string): Promise { - const res = await fetch(`${configs.keycloakLocalUrl}/admin/realms/futureporn/users/${userId}/groups/${groupId}`, { - method: 'DELETE', - headers: { - 'Authorization': `Bearer ${uma.access_token}` - } - }) - if (!res.ok) { - throw new Error(`failed to removeUserGroup. res.status=${res.status}, res.statusText=${res.statusText}`); - } -} - - - - -/** - * Identifies the changes required to sync the actual state with the desired state. - * - * @param desired - Array of desired group IDs. - * @param actual - Array of actual group IDs. - * @returns An object with: - * - `toAdd`: Groups in `desired` but not in `actual` (need to be added). - * - `toRemove`: Groups in `actual` but not in `desired` (need to be removed). - */ -export function calculateSyncChanges(desired: string[], actual: string[]) { - const toAdd = Array.from(new Set(desired.filter(item => !actual.includes(item)))); - const toRemove = Array.from(new Set(actual.filter(item => !desired.includes(item)))); - return { toAdd, toRemove }; -} - -export async function syncronizeKeycloakRoles(keycloakUserId: string, patreonTiersList: TiersList): Promise { - - if (!keycloakUserId) throw new Error('syncronizeKeycloakRoles() requires userId as first param, but it was undefined.'); - if (!patreonTiersList) throw new Error('patreonTiersList() requires userId as second param, but it was undefined.'); - - // 1. [-] get Keycloak service account uma token - // POST https://keycloak.fp.sbtp.xyz/realms/futureporn/protocol/openid-connect/token - // 2. [-] use the map to determine the groups the user needs to be assigned to - // 3. [-] get a list of groups the user is currently a member of - // GET https://keycloak.fp.sbtp.xyz/admin/realms/futureporn/users/fbec8417-e5e3-4282-a98d-ed2fbc4a7e82/groups - // GET https://keycloak.fp.sbtp.xyz/admin/realms/futureporn/users/fbec8417-e5e3-4282-a98d-ed2fbc4a7e82/role-mappings/realm - // 4. [ ] add any groups the user should be a member of - // PUT https://keycloak.fp.sbtp.xyz/admin/realms/futureporn/users/fbec8417-e5e3-4282-a98d-ed2fbc4a7e82/groups/ccaece3a-bb62-4fc9-be1d-6326ecdec65c - // 5. [ ] remove any groups the user should not be a member of - // DELETE https://keycloak.fp.sbtp.xyz/admin/realms/futureporn/users/fbec8417-e5e3-4282-a98d-ed2fbc4a7e82/groups/ccaece3a-bb62-4fc9-be1d-6326ecdec65c - // - - - const uma = await getUMAToken() - // console.log('uma token as follows') - // console.log(uma) - // console.log('got uma token') - - - const desiredKeycloakGroupIds = patreonTiersList - .map((entitledTierId) => getKeycloakIdFromTierId(entitledTierId)) - .filter((groupId): groupId is string => groupId !== undefined); - // console.log(`got desiredKeycloakGroupIds=${desiredKeycloakGroupIds.join(', ')}`) - - - if (desiredKeycloakGroupIds.length === 0) { - throw new Error(`failed to get keycloak group id from the following patreon tiers: ${patreonTiersList.join(',')}`); - } - // console.log('desiredKeycloakGroupIds as follows') - // console.log(desiredKeycloakGroupIds) - - - const actualKeycloakGroupIds = await getUserGroups(uma, keycloakUserId); - // console.log(`actualKeyclaokGroupIds as follows`) - // console.log(actualKeycloakGroupIds) - - - const { toAdd, toRemove } = calculateSyncChanges(desiredKeycloakGroupIds, actualKeycloakGroupIds); - - - if (toAdd.length > 0) { - // console.log(`Groups to add: ${toAdd.join(', ')}`); - await Promise.all(toAdd.map(groupId => addUserGroup(uma, keycloakUserId, groupId))); - } - - if (toRemove.length > 0) { - // console.log(`Groups to remove: ${toRemove.join(', ')}`); - await Promise.all(toRemove.map(groupId => removeUserGroup(uma, keycloakUserId, groupId))); - } - - - console.log('finished updating keycloak groups.') - - -} - diff --git a/services/next/app/lib/patreon.ts b/services/next/app/lib/patreon.ts deleted file mode 100644 index 574cdcb..0000000 --- a/services/next/app/lib/patreon.ts +++ /dev/null @@ -1,277 +0,0 @@ -import { postgrestLocalUrl, patreonVideoAccessBenefitId, giteaUrl } from './constants' -import { type IPatron } from '@futureporn/types' -import { PublicPatron } from '@futureporn/utils/patron.ts'; -import { Session } from 'next-auth'; -import { JWT } from 'next-auth/jwt'; -import { type UMAToken, getKeycloakIdFromTierId, getUMAToken, syncronizeKeycloakRoles } from './keycloak'; -import { patreonApiIdentityUrl } from './constants'; - - -export type TiersList = string[] -interface KeycloakToken { - account: { - access_token: string - } -} -interface KeycloakIdpToken { - access_token: string; - expires_in: number; - refresh_expires_in: number; - refresh_token: string; - token_type: string; - "not-before-policy": number; - scope: string; - version: string; -} -export interface PatreonResponse { - data: PatreonUserData; - included: IncludedItem[]; - links: { - self: string; - }; -} - -export interface PatreonUserData { - attributes: UserAttributes; - id: string; - relationships: { - memberships: { - data: Relationship[]; - }; - }; - type: "user"; -} - -interface UserAttributes { - about: string | null; - created: string; // ISO 8601 date string - first_name: string; - full_name: string; - image_url: string; - last_name: string; - thumb_url: string; - url: string; - vanity: string | null; -} - -interface Relationship { - id: string; - type: string; -} - -type IncludedItem = Member | Tier | Benefit; - -interface Member { - attributes: Record; - id: string; - relationships: { - currently_entitled_tiers: { - data: Relationship[]; - }; - }; - type: "member"; -} - -export interface Tier { - attributes: Record; - id: string; - relationships: { - benefits: { - data: Relationship[]; - }; - }; - type: "tier"; -} - -interface Benefit { - attributes: Record; - id: string; - type: "benefit"; -} - -export interface ICampaign { - pledgeSum: number; - patronCount: number; -} - - -export interface IMarshalledCampaign { - data: { - attributes: { - pledge_sum: number, - patron_count: number - } - } -} - - -export const tiers = { - everyone: '-1', - free: '10620388', - archiveSupporter: '8154170', - stealthSupporter: '9561793', - tuneItUp: '9184994', - maxQ: '22529959', - archiveCollector: '8154171', - advancedArchiveSupporter: '8686045', - quantumSupporter: '8694826', - sneakyQuantumSupporter: '9560538', - luberPlusPlus: '8686022' -} - - -// Maps patreon tiers to keycloak roles -// @todo this is a dirty hack, this should be removed once we figure out how to sync keycloak roles at login. -export const tiersToRolesMap: Record = { - everyone: ['cdn_2', 'default-roles-futureporn', 'offline_access', 'uma_authorization'], - free: ['cdn_2', 'default-roles-futureporn', 'offline_access', 'uma_authorization'], - archiveSupporter: ['cdn_2', 'cdn_1', 'patron', 'website_shoutout', 'offline_access', 'default-roles-futureporn', 'uma_authorization'], - stealthSupporter: ['hacker', 'cdn_2', 'cdn_1', 'patron', 'website_shoutout', 'offline_access', 'default-roles-futureporn', 'uma_authorization'], - tuneItUp: ['cdn_2', 'cdn_1', 'patron', 'website_shoutout', 'offline_access', 'default-roles-futureporn', 'uma_authorization'], - maxQ: ['cdn_2', 'cdn_1', 'patron', 'website_shoutout', 'offline_access', 'default-roles-futureporn', 'uma_authorization', 'uploader'], - archiveCollector: ['cdn_2', 'cdn_1', 'patron', 'website_shoutout', 'offline_access', 'default-roles-futureporn', 'uma_authorization', 'uploader'], - advancedArchiveSupporter: ['cdn_2', 'cdn_1', 'patron', 'website_shoutout', 'offline_access', 'default-roles-futureporn', 'uma_authorization', 'uploader'], - quantumSupporter: ['cdn_2', 'cdn_1', 'patron', 'website_shoutout', 'offline_access', 'default-roles-futureporn', 'uma_authorization', 'uploader'], - sneakyQuantumSupporter: ['cdn_2', 'cdn_1', 'patron', 'website_shoutout', 'offline_access', 'default-roles-futureporn', 'uma_authorization', 'uploader'], - luberPlusPlus: ['cdn_2', 'cdn_1', 'patron', 'website_shoutout', 'offline_access', 'default-roles-futureporn', 'uma_authorization', 'uploader'] -}; - - -export const mapTierIdsToRoles = (tierIds: string[]): string[] => { - - console.log(`mapTierIdsToRoles tierIds=${JSON.stringify(tierIds, null, 2)}`) - // Reverse map of tiers for easier lookup by tier ID - const idToTier = Object.entries(tiers).reduce>( - (acc, [tierName, tierId]) => { - acc[tierId] = tierName; - return acc; - }, - {} - ); - - // Aggregate roles for all tier IDs - const roles = tierIds.flatMap((tierId) => { - const tierName = idToTier[tierId]; - return tierName ? tiersToRolesMap[tierName] : []; - }); - - // Remove duplicates and return - return [...new Set(roles)]; -}; - - -export async function updateKeycloakUserPatreonEntitlements(token: JWT): Promise { - - console.log(`updateKeycloakUserPatreonEntitlements() invoked.`) - - const userId = token?.sub - if (!userId) { - throw new Error(`failed to get userId from token.sub`); - } - - const keycloakidpToken = await getKeycloakIdpToken(token.access_token) - - if (!keycloakidpToken) { - throw new Error(`failed to get keycloakIdpToken; it was falsy.`) - } - - const patreonTiersList = await getPatreonMemberships(keycloakidpToken) - - - await syncronizeKeycloakRoles(userId, patreonTiersList) - - return patreonTiersList -} - -export async function getKeycloakIdpToken(access_token: string): Promise { - // console.log(`getKeycloakIdpToken() using access_token=${access_token}`) - - // @todo check the access_token. if it is expired, use the refresh_token to get a new access_token. - - const res = await fetch(`https://keycloak.fp.sbtp.xyz/realms/futureporn/broker/patreon/token`, { - headers: { - 'Authorization': `Bearer ${access_token}` - } - }) - - if (!res.ok) { - const bod = await res.text() - const msg = `req.status=${res.status} req.statusText=${res.statusText} body=${bod}` - console.log(msg) - throw new Error(`Failed to getKeycloakIdpToken. ${msg}`) - } - - const idpToken = await res.json() - return idpToken -} - -export function extractCurrentlyEntitledTiers(response: PatreonResponse): string[] { - return response.included - .filter((item): item is Member => item.type === "member") - .flatMap(member => member.relationships.currently_entitled_tiers.data) - .map((t) => t.id) // from the currently_entitled_tiers, we only want the id. - .filter((t) => Object.values(tiers).includes(t)) // we filter out any non-futureporn patreon tiers. -} - -export async function getPatreonMemberships(token: KeycloakIdpToken): Promise { - // console.log(`getPatreonMemberships with keycloakidpToken as follows`) - // console.log(token) - const query = 'fields%5Buser%5D=about,created,email,first_name,full_name,image_url,last_name,thumb_url,url,vanity&include=memberships,memberships.currently_entitled_tiers,memberships.currently_entitled_tiers.benefits'; - const res = await fetch(`${patreonApiIdentityUrl}?${query}`, { - headers: { - 'Authorization': `Bearer ${token.access_token}` - } - }) - const data = await res.json() as PatreonResponse - - // from the currently_entitled_tiers, we only want the id. - // we filter out any non-futureporn patreon tiers. - return extractCurrentlyEntitledTiers(data) - .map((rel) => rel.id) - .filter((t) => Object.values(tiers).includes(t)) -} - - - -export function isEntitledToPatronVideoAccess(session: Session): boolean { - if (!session.user?.patreonBenefits) return false; - const patreonBenefits = session.user.patreonBenefits - return (patreonBenefits.includes(patreonVideoAccessBenefitId)) -} - - -export async function getPatrons(): Promise { - let patrons: PublicPatron[] = [] - try { - const url = `${postgrestLocalUrl}/patrons` - console.log(`GET requesting ${url}`) - const res = await fetch(url); - const data = await res.json(); - if (!res.ok) throw new Error(`failed to get /patrons. res.status=${res.status}, res.statusText=${res.statusText}`); - if (!data) throw new Error(`no patron data was available. ${JSON.stringify(data)}`); - patrons = data - } catch (e) { - console.error('failed to get patrons~ list') - console.error(e) - return [] as PublicPatron[] - } - return patrons -} - - -export async function getCampaign(): Promise { - const res = await fetch('https://www.patreon.com/api/campaigns/8012692', { - headers: { - accept: 'application/json' - }, - next: { - revalidate: 43200 // 12 hour cache - } - }) - const campaignData = await res.json(); - const data = { - patronCount: campaignData.patron_count, - pledgeSum: campaignData.campaign_pledge_sum - } - return data -} diff --git a/services/next/app/lib/pm.ts b/services/next/app/lib/pm.ts deleted file mode 100644 index cc17e5a..0000000 --- a/services/next/app/lib/pm.ts +++ /dev/null @@ -1,139 +0,0 @@ -import matter from 'gray-matter'; - -const CACHE_TIME = 3600; -const GOAL_LABEL = 'Goal'; - -export interface IIssue { - id: number; - title: string; - comments: number; - updatedAt: string; - createdAt: string; - assignee: string | null; - name: string | null; - completedPercentage: number | null; - amountCents: number | null; - description: string | null; -} - -export interface IGoals { - complete: IIssue[]; - inProgress: IIssue[]; - planned: IIssue[]; - featuredFunded: IIssue; - featuredUnfunded: IIssue; -} - - -export interface IGiteaIssue { - id: number; - title: string; - body: string; - comments: number; - updated_at: string; - created_at: string; - assignee: string | null; -} - -const bigHairyAudaciousGoal: IIssue = { - id: 55234234, - title: 'BHAG', - comments: 0, - updatedAt: '2023-09-20T08:54:01.373Z', - createdAt: '2023-09-20T08:54:01.373Z', - assignee: null, - name: 'Big Hairy Audacious Goal', - description: 'World domination!!!!!1', - amountCents: 100000000, - completedPercentage: 0.04 -}; - -const defaultGoal: IIssue = { - id: 55234233, - title: 'e', - comments: 0, - updatedAt: '2023-09-20T08:54:01.373Z', - createdAt: '2023-09-20T08:54:01.373Z', - assignee: null, - name: 'Generic', - description: 'Getting started', - amountCents: 200, - completedPercentage: 1 -}; - -export function calcPercent(goalAmountCents: number, totalPledgeSumCents: number): number { - if (!goalAmountCents || totalPledgeSumCents <= 0) { - return 0; - } - const output = Math.min(100, Math.floor((totalPledgeSumCents / goalAmountCents) * 100)); - return output; -} - -export async function getGoals(pledgeSum: number): Promise { - try { - const openData = await fetchAndParseData('open', pledgeSum); - const closedData = await fetchAndParseData('closed', pledgeSum); - - - const inProgress = filterByAssignee(openData); - const planned = filterByAssignee(openData, true); - const funded = filterAndSortGoals(openData.concat(closedData), true); - const unfunded = filterAndSortGoals(openData.concat(closedData), false); - - // console.log('the following are unfunded goals') - // console.log(unfunded) - - return { - complete: closedData, - inProgress, - planned, - featuredFunded: funded[funded.length - 1] || defaultGoal, - featuredUnfunded: unfunded[0] || bigHairyAudaciousGoal - }; - } catch (error) { - console.error('Error fetching goals:', error); - return null; - } -} - -function filterByAssignee(issues: IIssue[], isPlanned: boolean = false): IIssue[] { - return issues.filter((issue) => (isPlanned ? issue.assignee === null : issue.assignee !== null)) -} - -async function fetchAndParseData(state: 'open' | 'closed', pledgeSum: number): Promise { - const response = await fetch(`https://gitea.futureporn.net/api/v1/repos/futureporn/pm/issues?state=${state}&labels=${GOAL_LABEL}`, { - next: { - revalidate: CACHE_TIME, - tags: ['goals'] - }, - }); - - if (!response.ok) return []; - - return response.json().then(issues => issues.map((g: IGiteaIssue) => parseGiteaGoal(g, pledgeSum))); -} - - - -function filterAndSortGoals(issues: IIssue[], isFunded: boolean): IIssue[] { - return issues - .filter((issue) => issue.amountCents) - .filter((issue) => (issue.completedPercentage === 100) === isFunded) - .sort((b, a) => b.amountCents! - a.amountCents!); -} - -function parseGiteaGoal(giteaIssue: IGiteaIssue, pledgeSum: number): IIssue { - const headMatter: any = matter(giteaIssue.body); - return { - id: giteaIssue.id, - title: giteaIssue.title, - comments: giteaIssue.comments, - updatedAt: giteaIssue.updated_at, - createdAt: giteaIssue.created_at, - assignee: giteaIssue.assignee, - name: headMatter.data.name || '', - description: headMatter.data.description || '', - amountCents: headMatter.data.amountCents || 0, - completedPercentage: calcPercent(headMatter.data.amountCents, pledgeSum) - }; -} diff --git a/services/next/app/lib/retry.ts b/services/next/app/lib/retry.ts deleted file mode 100644 index 68a4d7d..0000000 --- a/services/next/app/lib/retry.ts +++ /dev/null @@ -1,13 +0,0 @@ -export async function retry(fn: Function, maxRetries: number) { - let retries = 0; - while (retries < maxRetries) { - try { - return await fn(); - } catch (error) { - console.error(`Error during fetch attempt ${retries + 1}:`, error); - retries++; - } - } - console.error(`Max retries (${maxRetries}) reached. Giving up.`); - return null; -} \ No newline at end of file diff --git a/services/next/app/lib/rss.ts b/services/next/app/lib/rss.ts deleted file mode 100644 index 74ba374..0000000 --- a/services/next/app/lib/rss.ts +++ /dev/null @@ -1,51 +0,0 @@ -import { authorName, authorEmail, siteUrl, title, description, siteImage, favicon, authorLink } from './constants' -import { Feed } from "feed"; -import { getVods, getUrl, IVod } from '@/app/lib/vods' -import { ITagVodRelation } from '@/app/lib/tag-vod-relations'; - -export async function generateFeeds() { - const feedOptions = { - id: siteUrl, - title: title, - description: description, - link: siteUrl, - language: 'en', - image: siteImage, - favicon: favicon, - copyright: '', - generator: ' ', - feedLinks: { - json: `${siteUrl}/feed/feed.json`, - atom: `${siteUrl}/feed/feed.xml` - }, - author: { - name: authorName, - email: authorEmail, - link: authorLink - } - }; - - const feed = new Feed(feedOptions); - - const vods = await getVods() - - vods.data.map((vod: IVod) => { - feed.addItem({ - title: vod.title || vod.announceTitle, - description: vod.title, // @todo vod.spoiler or vod.note could go here - content: vod.tagVodRelations.data.map((tvr: ITagVodRelation) => tvr.attributes.tag.name).join(' '), - link: getUrl(vod, vod.vtuber.slug, vod.date2), - date: new Date(vod.date2), - image: vod.vtuber.image - }) - }) - - - return { - atom1: feed.atom1(), - rss2: feed.rss2(), - json1: feed.json1() - } -} - - diff --git a/services/next/app/lib/shareRef.ts b/services/next/app/lib/shareRef.ts deleted file mode 100644 index 5a6dddc..0000000 --- a/services/next/app/lib/shareRef.ts +++ /dev/null @@ -1,16 +0,0 @@ -import type { MutableRefObject, RefCallback } from 'react'; - -type RefType = MutableRefObject | RefCallback | null; - -export const shareRef = (refA: RefType, refB: RefType): RefCallback => instance => { - if (typeof refA === 'function') { - refA(instance); - } else if (refA && 'current' in refA) { - (refA as MutableRefObject).current = instance as T; // Use type assertion to tell TypeScript the type - } - if (typeof refB === 'function') { - refB(instance); - } else if (refB && 'current' in refB) { - (refB as MutableRefObject).current = instance as T; // Use type assertion to tell TypeScript the type - } -}; diff --git a/services/next/app/lib/streams.ts b/services/next/app/lib/streams.ts deleted file mode 100644 index 4d0a993..0000000 --- a/services/next/app/lib/streams.ts +++ /dev/null @@ -1,415 +0,0 @@ - -import { postgrestLocalUrl, postgrestUrl, siteUrl } from './constants'; -import { getSafeDate } from './dates'; -import qs from 'qs'; -import { IStream } from '@futureporn/types'; - - - -const fetchStreamsOptions = { - next: { - tags: ['streams'], - revalidation: 1 - } -} - - -export async function getStreamByUUID(uuid: string): Promise { - // const query = qs.stringify({ - // filters: { - // cuid: { - // $eq: cuid - // } - // }, - // pagination: { - // limit: 1 - // }, - // populate: { - // vtuber: { - // fields: ['slug', 'displayName'] - // }, - // tweet: { - // fields: ['isChaturbateInvite', 'isFanslyInvite', 'url'] - // }, - // vods: { - // fields: ['note', 'cuid', 'publishedAt'], - // populate: { - // tagVodRelations: { - // fields: ['id'] - // }, - // timestamps: '*' - // } - // } - // } - // }); - const query = `select=*,vods(*),vtuber:vtubers(slug,display_name,id,image,image_blur)&uuid=eq.${uuid}&limit=1` - const res = await fetch(`${postgrestUrl}/streams?${query}`); - const json = await res.json(); - console.log(json) - return json[0]; -} - -export function getUrl(stream: IStream, slug: string, date: string): string { - console.log(`getUrl() invoked with idk idk`) - return `${siteUrl}/vt/${slug}/stream/${getSafeDate(date)}` -} - - -export function getPaginatedUrl(): (slug: string, pageNumber: number) => string { - return (slug: string, pageNumber: number) => { - return `${siteUrl}/vt/${slug}/streams/${pageNumber}` - } -} - - - -export function getLocalizedDate(stream: IStream): string { - return new Date(stream.date).toLocaleDateString() -} - - - - -export async function getStreamsForYear(year: number): Promise { - const startOfYear = new Date(year, 0, 0); - const endOfYear = new Date(year, 11, 31); - - const pageSize = 100; // Number of records per page - let currentPage = 0; - let allStreams: IStream[] = []; - - while (true) { - const query = qs.stringify({ - filters: { - date: { - $gte: startOfYear, - $lte: endOfYear, - }, - }, - populate: { - vtuber: { - fields: ['displayName'] - } - }, - pagination: { - page: currentPage, - pageSize: pageSize, - } - }); - - const res = await fetch(`${postgrestUrl}/streams?${query}`, fetchStreamsOptions); - - if (!res.ok) { - // Handle error if needed - console.error('here is the res.body') - - console.error((await res.text())); - throw new Error(`Error fetching streams: ${res.status}`); - } - - const json = await res.json(); - const streams = json as IStream[]; - - if (streams.length === 0) { - // No more records, break the loop - break; - } - - allStreams = [...allStreams, ...streams]; - currentPage += pageSize; - } - - return allStreams; - } - -export async function getStream(id: number): Promise { - const query = qs.stringify({ - filters: { - id: { - $eq: id - } - } - }); - const res = await fetch(`${postgrestUrl}/vods?${query}`, fetchStreamsOptions); - const json = await res.json(); - return json.data; -} - - - - -export async function getAllStreams(archiveStatuses = ['missing', 'issue', 'good']): Promise { - throw new Error('getAllStreams function is not performant. please use something more efficient.') - const pageSize = 100; // Adjust this value as needed - const sortDesc = true; // Adjust the sorting direction as needed - - const allStreams: IStream[] = []; - let currentPage = 1; - - while (true) { - const query = qs.stringify({ - populate: { - vtuber: { - fields: ['slug', 'displayName', 'image', 'imageBlur', 'themeColor'], - }, - muxAsset: { - fields: ['playbackId', 'assetId'], - }, - thumbnail: { - fields: ['cdnUrl', 'url'], - }, - tagstreamRelations: { - fields: ['tag'], - populate: ['tag'], - }, - videoSrcB2: { - fields: ['url', 'key', 'uploadId', 'cdnUrl'], - }, - tweet: { - fields: ['isChaturbateInvite', 'isFanslyInvite'] - } - }, - filters: { - archiveStatus: { - '$in': archiveStatuses - } - }, - sort: { - date: sortDesc ? 'desc' : 'asc', - }, - pagination: { - pageSize, - page: currentPage, - }, - }); - const response = await fetch(`${postgrestUrl}/streams?${query}`, fetchStreamsOptions); - const responseData = await response.json(); - - if (!responseData.data || responseData.data.length === 0) { - // No more data to fetch - break; - } - - allStreams.push(...responseData.data); - currentPage++; - } - - return allStreams; -} - -export async function getStreamForVtuber(vtuberId: number, safeDate: string): Promise { - const query = qs.stringify({ - populate: { - vods: { - fields: [ - 'id', - 'date' - ] - }, - tweet: { - fields: [ - 'id' - ] - } - } - }); - - const response = await fetch(`${postgrestUrl}/streams?${query}`, fetchStreamsOptions); - - if (response.status !== 200) throw new Error('network fetch error while attempting to getStreamForVtuber'); - - const responseData = await response.json(); - return responseData; -} - -export async function getAllStreamsForVtuber(vtuberId: number, archiveStatuses = ['missing', 'issue', 'good']): Promise { - const maxRetries = 3; - - let retries = 0; - let allStreams: IStream[] = []; - let currentPage = 1; - - while (retries < maxRetries) { - try { - const query = qs.stringify({ - populate: '*', - filters: { - archiveStatus: { - '$in': archiveStatuses - }, - vtuber: { - id: { - $eq: vtuberId - } - } - }, - sort: { - date: 'desc', - }, - pagination: { - pageSize: 100, - page: currentPage, - }, - }); - - // console.log(`postgrestLocalUrl=${postgrestLocalUrl}`) - const response = await fetch(`${postgrestUrl}/streams?${query}`, fetchStreamsOptions) - - if (response.status !== 200) { - // If the response status is not 200 (OK), consider it a network failure - const bod = await response.text(); - console.log(response.status); - console.log(bod); - retries++; - continue; - } - - const responseData = await response.json(); - - if (!responseData.data || responseData.data.length === 0) { - // No more data to fetch - break; - } - - allStreams.push(...responseData.data); - currentPage++; - } catch (error) { - // Network failure or other error occurred - retries++; - } - } - - if (retries === maxRetries) { - throw new Error(`Failed to fetch streams after ${maxRetries} retries.`); - } - - return allStreams; -} - -/** - * Used as table data on /archive page. - * .pageIndex, pagination.pageSize - */ - -export async function fetchStreamData({ pageIndex, pageSize }: { pageIndex: number, pageSize: number }) { - // console.log(`fetchStreamData() invoked`) - const offset = pageIndex * pageSize; - // const query = qs.stringify({ - // populate: { - // vtuber: { - // fields: ['slug', 'displayName', 'publishedAt', 'image', 'imageBlur'] - // } - // }, - // filters: { - // vtuber: { - // publishedAt: { - // $notNull: true - // } - // } - // }, - // pagination: { - // start: offset, - // limit: pageSize, - // withCount: true - // }, - // sort: ['date:desc'] - // }) - const query = 'select=*,vtuber:vtubers(id,slug,image,image_blur,theme_color,display_name)' - const response = await fetch( - `${postgrestUrl}/streams?${query}` - ); - const data = await response.json(); - // console.log(data) - const filtered = data.filter((datum: any) => !!datum?.vtuber) - const d = { - rows: filtered, - pageCount: Math.ceil(filtered.length / pageSize), - rowCount: filtered, - } - // console.log(`fetchStreamData with pageIndex=${pageIndex}, pageSize=${pageSize}\n\n${JSON.stringify(d, null, 2)}`) - return d; -} - -export async function getStreamCountForVtuber(vtuberId: number, archiveStatuses = ['missing', 'issue', 'good']): Promise { - if (!vtuberId) throw new Error(`getStreamCountForVtuber requires a vtuberId, but it was undefined.`); - const res = await fetch( - `${postgrestLocalUrl}/streams?vtuber_id=eq.${vtuberId}&archive_status=in.(${archiveStatuses.join(',')})&limit=1`, - Object.assign(fetchStreamsOptions, { - headers: { - 'Prefer': 'count=exact' - } - }) - ) - const total = res.headers.get('Content-Range')?.split('/').at(-1) - const data = await res.json() - // console.log(`getStreamCountForVtuber with vtuberId=${vtuberId}, archiveStatuses=${archiveStatuses}, Content-Range=${res.headers.get('Content-Range')}`) - // console.log(JSON.stringify(data, null, 2)) - if (!total) { - console.error(`Failed to getStreamCountForVtuber-- total was falsy.`) - return 1; - } - else return parseInt(total)+1; -} - -export async function getStreamsForVtuber(vtuberId: number, page: number = 1, pageSize: number = 25, sortDesc = true): Promise { - // console.log(`getStreamsForVtuber() with postgrestLocalUrl=${postgrestLocalUrl}`) - const query = qs.stringify( - { - populate: { - vtuber: { - fields: [ - 'id', - ] - } - }, - filters: { - vtuber: { - id: { - $eq: vtuberId - } - } - }, - pagination: { - page: page, - pageSize: pageSize - }, - sort: { - date: (sortDesc) ? 'desc' : 'asc' - } - } - ) - const res = await fetch(`${postgrestUrl}/streams?${query}`, fetchStreamsOptions) - const data = await res.json() - // console.log(data) - return data -} - - -// /** -// * This returns stale data, because futureporn-historian is broken. -// * @todo get live data from historian -// * @see https://gitea.futureporn.net/futureporn/futureporn-historian/issues/1 -// */ -// export async function getProgress(vtuberSlug: string): Promise<{ complete: number; total: number }> { -// const query = qs.stringify({ -// filters: { -// vtuber: { -// slug: { -// $eq: vtuberSlug -// } -// } -// } -// }) -// const data = await fetch(`${postgrestUrl}/streams?${query}`, fetchStreamsOptions) -// .then((res) => res.json()) -// .then((g) => { -// return g -// }) - -// const total = data.meta.pagination.total - -// return { -// complete: total, -// total: total -// } -// } \ No newline at end of file diff --git a/services/next/app/lib/tag-vod-relations.ts b/services/next/app/lib/tag-vod-relations.ts deleted file mode 100644 index dad7e93..0000000 --- a/services/next/app/lib/tag-vod-relations.ts +++ /dev/null @@ -1,174 +0,0 @@ -/** - * Tag Vod Relations are an old name for what I'm now calling, "VodTag" - * - * VodTags are Tags related to Vods - * - */ - - -import qs from 'qs'; -import { postgrestLocalUrl } from './constants' -import { ITag, IToyTag } from './tags'; -import { IVod } from './vods'; -import { IMeta } from '@futureporn/types'; - - - - -export async function deleteTvr(authData: IAuthData, tagId: number) { - return fetch(`${postgrestLocalUrl}/tag-vod-relations/deleteMine/${tagId}`, { - method: 'DELETE', - headers: { - 'Authorization': `Bearer ${authData.accessToken}`, - 'Content-Type': 'application/json' - } - }) - .then((res) => { - if (!res.ok) throw new Error(res.statusText); - else return res.json(); - }) - .catch((e) => { - console.error(e); - // setError('root.serverError', { message: e.message }) - }) -} - -export async function readTagVodRelation(accessToken: string, tagId: number, vodId: number): Promise { - if (!tagId) throw new Error('readTagVodRelation requires tagId as second param'); - if (!vodId) throw new Error('readTagVodRelation requires vodId as second param'); - const findQuery = qs.stringify({ - filters: { - $and: [ - { - tag: tagId - }, { - vod: vodId - } - ] - } - }); - const res = await fetch(`${postgrestLocalUrl}/tag-vod-relations?${findQuery}`); - const json = await res.json(); - return json.data[0]; -} - -export async function createTagVodRelation(accessToken: string, tagId: number, vodId: number): Promise { - if (!accessToken) throw new Error('Must be logged in'); - if (!tagId) throw new Error('tagId is required.'); - if (!vodId) throw new Error('vodId is required.'); - const payload = { - tag: tagId, - vod: vodId - } - const res = await fetch(`${postgrestLocalUrl}/tag-vod-relations`, { - method: 'POST', - body: JSON.stringify({ data: payload }), - headers: { - authorization: `Bearer ${accessToken}`, - 'content-type': 'application/json' - } - }) - const json = await res.json(); - // console.log(json) - return json.data; -} - -export async function readOrCreateTagVodRelation (accessToken: string, tagId: number, vodId: number): Promise { - console.log(`Checking if the tagVodRelation with tagId=${tagId}, vodId=${vodId} already exists`); - const existingTagVodRelation = await readTagVodRelation(accessToken, tagId, vodId); - if (!!existingTagVodRelation) { - console.log(`there is an existing TVR so we return it`); - console.log(existingTagVodRelation); - return existingTagVodRelation - } - const newTagVodRelation = await createTagVodRelation(accessToken, tagId, vodId); - return newTagVodRelation; -} - -// export async function createTagAndTvr(setError: Function, authData: IAuthData, tagName: string, vodId: number) { -// if (!authData) throw new Error('Must be logged in'); -// if (!tagName || tagName === '') throw new Error('tagName cannot be empty'); -// const data = { -// tagName: tagName, -// vodId: vodId -// }; -// try { -// const res = await fetch(`${postgrestLocalUrl}/tag-vod-relations/tag`, { -// method: 'POST', -// body: JSON.stringify({ data }), -// headers: { -// 'Content-Type': 'application/json', -// 'Authorization': `Bearer ${authData.accessToken}` -// }, -// }); -// const json = await res.json(); -// return json.data; -// } catch (e) { -// setError('global', { type: 'idk', message: e }) -// } -// } - - -export async function getTagVodRelationsForVtuber(vtuberId: number, page: number = 1, pageSize: number = 25): Promise { - // get the tag-vod-relations where the vtuber is the vtuber we are interested in. - const query = qs.stringify( - { - populate: { - tag: { - fields: ['id', 'name'], - populate: { - toy: { - fields: ['linkTag', 'make', 'model', 'image2'], - populate: { - linkTag: { - fields: ['name'] - } - } - } - } - }, - vod: { - populate: { - vtuber: { - fields: ['slug'] - } - } - } - }, - filters: { - vod: { - vtuber: { - id: { - $eq: vtuberId - } - } - }, - tag: { - toy: { - linkTag: { - name: { - $notNull: true - } - } - } - } - }, - pagination: { - page: page, - pageSize: pageSize - }, - sort: { - id: 'desc' - } - } - ) - // we need to return an IToys object - // to get an IToys object, we have to get a list of toys from tvrs. - - - const res = await fetch(`${postgrestLocalUrl}/tag-vod-relations?${query}`); - if (!res.ok) return null; - const tvrs = await res.json() - return tvrs; -} - diff --git a/services/next/app/lib/tags.ts b/services/next/app/lib/tags.ts deleted file mode 100644 index 0850f5c..0000000 --- a/services/next/app/lib/tags.ts +++ /dev/null @@ -1,116 +0,0 @@ -import { postgrestLocalUrl } from './constants' -import { fetchPaginatedData } from './fetchers'; -import { IVod } from './vods'; -import slugify from 'slugify'; -import { IToy } from './toys'; -import qs from 'qs'; -import { IMeta } from '@futureporn/types'; - - -export interface ITag { - id: number; - name: string; - count: number; -} - - - -export function getTagHref(name: string): string { - return `/tags/${slugify(name)}` -} - - -export async function createTag(accessToken: string, tagName: string): Promise { - const payload = { - name: slugify(tagName) - }; - const res = await fetch(`${postgrestLocalUrl}/tags`, { - method: 'POST', - headers: { - 'authorization': `Bearer ${accessToken}`, - 'accept': 'application/json', - 'content-type': 'application/json' - }, - body: JSON.stringify({ data: payload }) - }); - const json = await res.json(); - // console.log(json); - if (!!json?.error) throw new Error(json.error.message); - if (!json?.data) throw new Error('created tag was missing data'); - return json.data as ITag; -} - -export async function readTag(accessToken: string, tagName: string): Promise { - - const findQuery = qs.stringify({ - filters: { - name: { - $eq: tagName - } - } - }); - const findResponse = await fetch(`${postgrestLocalUrl}/tags?${findQuery}`, { - method: 'GET', - headers: { - 'Authorization': `Bearer ${accessToken}`, - 'Accept': 'application/json', - 'Content-Type': 'application/json' - } - }); - - const json = await findResponse.json(); - return json.data[0]; -} - -export async function readOrCreateTag(accessToken: string, tagName: string): Promise { - console.log(`Checking if the tagName=${tagName} already exists`); - - const existingTag = await readTag(accessToken, tagName); - if (!!existingTag) { - console.log('there is an existing tag so we return it'); - console.log(existingTag); - return existingTag; - } - - const newTag = await createTag(accessToken, tagName); - return newTag; - - -} - -export async function getTags(): Promise { - const tagVodRelations = await fetchPaginatedData('/tag-vod-relations', 100, { 'populate[0]': 'tag', 'populate[1]': 'vod' }); - - // Create a Map to store tag data, including counts and IDs - const tagDataMap = new Map(); - - // Populate the tag data map with counts and IDs - tagVodRelations.forEach(tvr => { - const tagName = tvr.attributes.tag.name; - const tagId = tvr.attributes.tag.data.id; - - if (!tagDataMap.has(tagName)) { - tagDataMap.set(tagName, { id: tagId, count: 1 }); - } else { - const existingData = tagDataMap.get(tagName); - if (existingData) { - tagDataMap.set(tagName, { id: existingData.id, count: existingData.count + 1 }); - } - } - }); - - // Create an array of Tag objects with id, name, and count - const tags = Array.from(tagDataMap.keys()).map(tagName => { - const tagData = tagDataMap.get(tagName); - return { - id: tagData ? tagData.id : -1, - attributes: { - name: tagName, - count: tagData ? tagData.count : 0, - } - }; - }); - - - return tags; -} diff --git a/services/next/app/lib/timestamps.ts b/services/next/app/lib/timestamps.ts deleted file mode 100644 index 1f70423..0000000 --- a/services/next/app/lib/timestamps.ts +++ /dev/null @@ -1,125 +0,0 @@ - - -import qs from 'qs'; -import { postgrestLocalUrl, postgrestUrl } from './constants' -import { ITagsResponse, ITag, ITagResponse } from './tags'; -import { IMeta } from '@futureporn/types'; -import { getCountFromHeaders } from './fetchers'; - -export interface ITimestamp { - id: number; - time: number; - tag_name: string; - tn_short: string; - tag_id: number; - vod_id: number; - tag: ITagResponse; - created_at: string; - creator_id: number; -} - - - -export interface ITimestampResponse { - data: ITimestamp; - meta: IMeta; -} - -export interface ITimestampsResponse { - data: ITimestamp[]; - meta: IMeta; -} - -function truncateString(str: string, maxLength: number) { - if (str.length <= maxLength) { - return str; - } - return str.substring(0, maxLength - 1) + '…'; -} - -export function deleteTimestamp(authData: IAuthData, tsId: number) { - return fetch(`${postgrestLocalUrl}/timestamps/deleteMine/${tsId}`, { - method: 'DELETE', - headers: { - 'Authorization': `Bearer ${authData.accessToken}`, - 'Content-Type': 'application/json' - } - }) - .then((res) => { - if (!res.ok) throw new Error(res.statusText); - else return res.json(); - }) - .catch((e) => { - console.error(e); - // setError('root.serverError', { message: e.message }) - }) -} - -export async function createTimestamp( - authData: IAuthData, - tagId: number, - vodId: number, - time: number -): Promise { - if (!authData?.user?.id || !authData?.accessToken) throw new Error('User must be logged in to create timestamps'); - const query = qs.stringify({ - populate: '*' - }); - const response = await fetch(`${postgrestLocalUrl}/timestamps?${query}`, { - method: 'POST', - headers: { - 'Authorization': `Bearer ${authData.accessToken}`, - 'Content-Type': 'application/json' - }, - body: JSON.stringify({ - data: { - time: Math.floor(time), - tag: tagId, - vod: vodId, - creatorId: authData.user.id - } - }) - }); - - const json = await response.json(); - - if (!response.ok) { - throw new Error(json?.error?.message || response.statusText); - } - - return json.data; -} - - - -export async function getTimestampsVodLinksForVod(vodId: number, page: number = 1, pageSize: number = 25): Promise { - // const query = qs.stringify({ - // filters: { - // vod: { - // id: { - // $eq: vodId, - // }, - // }, - // }, - // populate: '*', - // sort: 'time:asc', - // pagination: { - // page: page, - // pageSize: pageSize, - // }, - // }); - - const query = `select=*,tags_vods(tag_id,tags(*))&id=eq.${vodId}`; - const response = await fetch(`${postgrestUrl}/vods?${query}`, { - headers: { - "Prefer": "count=exact" - } - }); - - // /vods?id=eq.326&select=timestamps_vod_links(timestamps(timestamps_tag_links(tags(id,name)))) - - - const data = await response.json() as ITimestamp[]; - - return data; -} \ No newline at end of file diff --git a/services/next/app/lib/toys.ts b/services/next/app/lib/toys.ts deleted file mode 100644 index 53cbea8..0000000 --- a/services/next/app/lib/toys.ts +++ /dev/null @@ -1,19 +0,0 @@ - -import { ITag, ITagResponse, ITagsResponse } from '@/app/lib/tags' -import { IMeta } from '@futureporn/types'; - - - - -/** This endpoint doesn't exist at the moment, but definitely could in the future */ -// export function getUrl(toy: IToy): string { -// return `${siteUrl}/toy/${toy.name}` -// } - -// export function getToysForVtuber(vtuberId: number, page: number = 1, pageSize: number = 25): Promise { -// const tvrs = await getTagVodRelationsForVtuber(vtuberId, page, pageNumber); -// return { -// data: tvrs.data. -// pagination: tvrs.pagination -// } -// } diff --git a/services/next/app/lib/tweets.ts b/services/next/app/lib/tweets.ts deleted file mode 100644 index 427c42f..0000000 --- a/services/next/app/lib/tweets.ts +++ /dev/null @@ -1,28 +0,0 @@ -import { IVtuberResponse, IMeta } from "@futureporn/types"; - - -export interface ITweet { - id: number; - attributes: { - date: string; - date2: string; - isChaturbateInvite: boolean; - isFanslyInvite: boolean; - cuid: string; - json: string; - id_str: string; - url: string; - vtuber: IVtuberResponse; - } -} - -export interface ITweetResponse { - data: ITweet; - meta: IMeta; -} - -export interface ITweetsResponse { - data: ITweet[]; - meta: IMeta; -} - diff --git a/services/next/app/lib/useForwardRef.ts b/services/next/app/lib/useForwardRef.ts deleted file mode 100644 index 13a97fd..0000000 --- a/services/next/app/lib/useForwardRef.ts +++ /dev/null @@ -1,27 +0,0 @@ -/** - * @see https://github.com/facebook/react/issues/24722#issue-1270749463 - */ - -import React, { useEffect, useRef, type ForwardedRef } from 'react'; - -const useForwardRef = ( - ref: ForwardedRef, - initialValue: any = null -) => { - const targetRef = useRef(initialValue); - - useEffect(() => { - if (!ref) return; - - if (typeof ref === 'function') { - ref(targetRef.current); - } else { - ref.current = targetRef.current; - } - }, [ref]); - - return targetRef; -}; - - -export default useForwardRef \ No newline at end of file diff --git a/services/next/app/lib/users.ts b/services/next/app/lib/users.ts deleted file mode 100644 index 188ae90..0000000 --- a/services/next/app/lib/users.ts +++ /dev/null @@ -1 +0,0 @@ -import { IMeta } from "@futureporn/types"; diff --git a/services/next/app/lib/vods.ts b/services/next/app/lib/vods.ts deleted file mode 100644 index ae3bc6f..0000000 --- a/services/next/app/lib/vods.ts +++ /dev/null @@ -1,414 +0,0 @@ - -import { postgrestLocalUrl, siteUrl } from './constants'; -import { getDateFromSafeDate, getSafeDate } from './dates'; -import { IVtuber, IStream, ITimestamp, IVod } from '@futureporn/types'; -import qs from 'qs'; -import { ITagVodRelation } from './tag-vod-relations'; -import { IMeta, IMuxAsset, IMuxAssetResponse } from '@futureporn/types'; -import { IS3File, IS3FileResponse } from '@/app/lib/b2File'; -import fetchAPI from './fetch-api'; -import { IUserResponse } from './users'; -import { getCountFromHeaders } from './fetchers'; - -/** - * Dec 2024 UUIDs were introduced. - * Going forward, use UUIDs where possible. - * safeDates are retained for backwards compatibility. - * - * @see https://www.w3.org/Provider/Style/URI - */ -export interface IVodPageProps { - params: { - safeDateOrUUID: string; - slug: string; - }; -} - - - - -const fetchVodsOptions = { - next: { - tags: ['vods'] - } -} - - -export async function getVodFromSafeDateOrUUID(safeDateOrUUID: string): Promise { - let vod: IVod | null; - let date: Date; - if (!safeDateOrUUID) { - console.log(`safeDateOrUUID was missing`); - return null; - } else if (/^[0-9a-f]{8}-[0-9a-f]{4}-[0-5][0-9a-f]{3}-[089ab][0-9a-f]{3}-[0-9a-f]{12}$/i.test(safeDateOrUUID)) { - console.log('this is a UUID!'); - vod = await getVodByUUID(safeDateOrUUID); - if (!vod) return null; - } else { - console.log(`this is a safe date. ${safeDateOrUUID}`) - date = getDateFromSafeDate(safeDateOrUUID); - console.log(`date=${date.toISOString()}`) - if (!date) { - console.log('there is no date') - return null; - } - vod = await getVodForDate(date); - } - return vod; -} - - - -export function getUrl(vod: IVod, slug: string, date: string): string { - return `/vt/${slug}/vod/${getSafeDate(date)}` -} - - -export function getPaginatedUrl(): (slug: string, pageNumber: number) => string { - return (slug: string, pageNumber: number) => { - return `${siteUrl}/vt/${slug}/vods/${pageNumber}` - } -} - - -/** @deprecated old format for futureporn.net/api/v1.json, which is deprecated. Please use getUrl() instead */ -export function getDeprecatedUrl(vod: IVod): string { - return `${siteUrl}/vods/${getSafeDate(vod.date_2)}` -} - - -export async function getNextVod(vod: IVod): Promise { - const query = new URLSearchParams({ - select: 'date_2,title,announce_title,vtuber:vtubers(slug)', - [`date_2`]: `gt.${vod.date_2}`, - [`vtuber.slug`]: `eq.${vod.vtuber.slug}`, - ['published_at']: 'not.is.null', - limit: '1', - order: 'date_2.asc', - }).toString(); - const res = await fetch(`${postgrestLocalUrl}/vods?${query}`, fetchVodsOptions) - const data = await res.json() - if (!res.ok) { - throw new Error(`res.status=${res.status} res.statusText=${res.statusText} \ndata=${JSON.stringify(data, null, 2)}`); - } - return data[0]; -} - - -export function getLocalizedDate(vod: IVod): string { - return new Date(vod.date_2).toLocaleDateString() -} - -export async function getPreviousVod(vod: IVod): Promise { - const query = new URLSearchParams({ - select: 'date_2,title,announce_title,vtuber:vtubers(slug)', - [`date_2`]: `lt.${vod.date_2}`, - [`vtuber.slug`]: `eq.${vod.vtuber.slug}`, - limit: '1', - order: 'date_2.desc', - }).toString(); - const res = await fetch(`${postgrestLocalUrl}/vods?${query}`, fetchVodsOptions) - const data = await res.json() - if (!res.ok) { - throw new Error(`res.status=${res.status} res.statusText=${res.statusText} \ndata=${JSON.stringify(data, null, 2)}`); - } - return data[0]; -} - -export async function getVodByUUID(uuid: string): Promise { - const query = new URLSearchParams({ - uuid: `eq.${uuid}`, - select: ` - vtuber(slug,displayName,image,imageBlur,themeColor), - muxAsset(playbackId,assetId), - thumbnail(cdnUrl,url), - tagVodRelations(tag,createdAt,creatorId,tag(*)), - videoSrcB2(url,key,uploadId,cdnUrl), - stream(archiveStatus,date,tweet,uuid), - timestamps_vod_links(timestamps(timestamps_tag_links(tags(id,name)))) - `.replace(/\s+/g, ''), // Remove whitespace for URL encoding - }); - - - try { - const res = await fetch(`${postgrestLocalUrl}/vods?${query}`, { cache: 'no-store', next: { tags: ['vods'] } }) - if (!res.ok) { - throw new Error('failed to fetch getVodByUUID') - } - const json = await res.json() - const vod = json.data[0] - if (!vod) return null; - return vod; - } catch (e) { - if (e instanceof Error) { - console.error(e) - } - return null; - } -} -export async function getVodForDate(date: Date): Promise { - const iso8601DateString = date.toISOString(); - console.log(`getVodForDate ison8601DateString=${iso8601DateString}`) - - const selectFields = [ - 'id', - 'date_2', - 'title', - 'announce_title', - 'vtuber:vtubers(slug,display_name,image,image_blur,theme_color)', - 'timestamps_vod_links(timestamps(timestamps_tag_links(tags(id,name))))', - ].join(','); - - const queryParams = { - select: selectFields, - date_2: `eq.${iso8601DateString}`, - published_at: 'not.is.null', - limit: '1', - }; - - const query = new URLSearchParams(queryParams).toString(); - - console.log(query) - - const res = await fetch(`${postgrestLocalUrl}/vods?${query}`, { - cache: 'no-store', - next: { tags: ['vods'] } - }); - - const json = await res.json(); - if (!res.ok) { - console.log(`res.status=${res.status} res.statusText=${res.statusText} body=${JSON.stringify(json, null, 2)}`) - throw new Error('Failed to fetch vodForDate'); - } - - const vod = json[0]; // PostgREST returns an array of results - if (!vod) return null; - - return vod; - -} - - -export async function getVod(id: number): Promise { - const query = qs.stringify( - { - filters: { - id: { - $eq: id - } - } - } - ) - const res = await fetch(`${postgrestLocalUrl}/vods?${query}`, fetchVodsOptions); - if (!res.ok) return null; - const data = await res.json(); - return data; -} - -export async function getVods(page: number = 1, pageSize: number = 25, sortDesc = true): Promise<{ vods: IVod[], count: number }> { - // const query = qs.stringify( - // { - // populate: { - // vtuber: { - // fields: ['slug', 'displayName', 'image', 'imageBlur'] - // }, - // muxAsset: { - // fields: ['playbackId', 'assetId'] - // }, - // thumbnail: { - // fields: ['cdnUrl', 'url'] - // }, - // tagVodRelations: { - // fields: ['tag'], - // populate: ['tag'] - // }, - // videoSrcB2: { - // fields: ['url', 'key', 'uploadId', 'cdnUrl'] - // } - // }, - // sort: { - // date: (sortDesc) ? 'desc' : 'asc' - // }, - // pagination: { - // pageSize: pageSize, - // page: page - // } - // } - // ) - - // console.log(`postgrestLocalUrl=${postgrestLocalUrl} query=${query}`) - // const url = `${configs.postgrestUrl}/vods?select=*,segments(*),recording:recordings(is_aborted)&id=eq.${vodId}` - const selects = [ - '*', - 'vtuber:vtubers(id,slug,image,display_name,image_blur)', - // 'mux_asset:mux_assets(playback_id,asset_id)', - 'thumbnail:b2_files(cdn_url)' - ] - const queryObject = { - select: selects.join(','), - limit: pageSize, - offset: page*pageSize - }; - const query = qs.stringify(queryObject, { encode: false }); - - const res = await fetch( - `${postgrestLocalUrl}/vods?${query}`, - Object.assign({}, fetchVodsOptions, { headers: { - 'Prefer': 'count=exact' - }}) - ); - const data = await res.json() - if (!res.ok) { - throw new Error(`Failed to fetch vods status=${res.status}, statusText=${res.statusText}, data=${data}`); - } - - console.log(`${data.length} vods. sample as follows.`) - console.log(data[0]) - - const count = getCountFromHeaders(res) - - return { - vods: data, - count: count - } -} - - - -export async function getAllVods(): Promise { - const pageSize = 100; // Adjust this value as needed - const sortDesc = true; // Adjust the sorting direction as needed - - const allVods: IVod[] = []; - let currentPage = 1; - - while (true) { - const query = qs.stringify({ - populate: { - vtuber: { - fields: ['slug', 'displayName', 'image', 'imageBlur'], - }, - muxAsset: { - fields: ['playbackId', 'assetId'], - }, - thumbnail: { - fields: ['cdnUrl', 'url'], - }, - tagVodRelations: { - fields: ['tag'], - populate: ['tag'], - }, - videoSrcB2: { - fields: ['url', 'key', 'uploadId', 'cdnUrl'], - }, - }, - sort: { - date: sortDesc ? 'desc' : 'asc', - }, - pagination: { - pageSize, - page: currentPage, - }, - }); - - try { - const response = await fetch(`${postgrestLocalUrl}/vods?${query}`, fetchVodsOptions); - - if (!response.ok) { - // Handle non-successful response (e.g., HTTP error) - throw new Error(`HTTP error! Status: ${response.status}`); - } - - const responseData = await response.json(); - - if (!responseData.data || responseData.data.length === 0) { - // No more data to fetch - break; - } - - allVods.push(...responseData.data); - currentPage++; - } catch (error) { - // Handle fetch error - if (error instanceof Error) { - console.error('Error fetching data:', error.message); - } - return null; - } - } - - return allVods; -} - - - -export async function getVodsForVtuber(vtuberId: number, page: number = 1, pageSize: number = 25, sortDesc = true): Promise<{ vods: IVod[] | null, count: number }> { - const res = await fetch(`${postgrestLocalUrl}/vods?limit=${pageSize}&offset=${page*pageSize}&select=*,thumbnail:b2_files(cdn_url),vtuber:vtubers(id,slug,image,display_name,image_blur)&vtuber.id=eq.${vtuberId}`, fetchVodsOptions) - if (!res.ok) { - const body = await res.text() - console.error(`getVodsForVtuber() failed. ok=${res.ok} status=${res.status} statusText=${res.statusText} body=${body}`); - return { vods: null, count: 0 }; - } - const vods = await res.json() as IVod[]; - const count = getCountFromHeaders(res) - return { vods, count }; -} - - -export async function getVodsForTag(tag: string): Promise { - // const query = qs.stringify( - // { - // populate: { - // vtuber: { - // fields: ['slug', 'displayName', 'image', 'imageBlur'] - // }, - // videoSrcB2: { - // fields: ['url', 'key', 'uploadId', 'cdnUrl'] - // } - // }, - // filters: { - // tagVodRelations: { - // tag: { - // name: { - // $eq: tag - // } - // } - // } - // } - // } - // ) - const query = 'select(*),vtuber:vtubers(id,slug,image,display_name,image_blur),thumbnail:b2_files(cdn_url)' - const res = await fetch(`${postgrestLocalUrl}/vods?${query}`, fetchVodsOptions) - if (!res.ok) return null; - const vods = await res.json() - return vods; -} - -/** - * This returns stale data, because futureporn-historian is broken. - * @todo get live data from historian - * @see https://git.futureporn.net/futureporn/futureporn-historian/issues/1 - */ -export async function getProgress(vtuberSlug: string): Promise<{ complete: number; total: number }> { - const query = qs.stringify({ - filters: { - vtuber: { - slug: { - $eq: vtuberSlug - } - } - } - }) - const data = await fetch(`${postgrestLocalUrl}/vods?${query}`, fetchVodsOptions) - .then((res) => res.json()) - .then((g) => { - return g - }) - - const total = data.meta.pagination.total - - return { - complete: total, - total: total - } -} \ No newline at end of file diff --git a/services/next/app/lib/vtubers.ts b/services/next/app/lib/vtubers.ts deleted file mode 100644 index 4289984..0000000 --- a/services/next/app/lib/vtubers.ts +++ /dev/null @@ -1,95 +0,0 @@ - - -import { IVod } from './vods' -import { postgrestLocalUrl, siteUrl } from './constants'; -import qs from 'qs'; -import { IMeta, IVtuber } from '@futureporn/types'; - - -const fetchVtubersOptions = { - next: { - tags: ['vtubers'] - } -} - - - - -export function getUrl(slug: string): string { - return `${siteUrl}/vt/${slug}` -} - - - - -export async function getVtuberBySlug(slug: string): Promise { - const res = await fetch(`${postgrestLocalUrl}/vtubers?slug=eq.${slug}`); - if (!res.ok) { - console.error(`error inside getVtuberBySlug-- ${res.statusText}`); - return null; - } - const vtubers = await res.json(); - return vtubers[0]; -} - -export async function getVtuberById(id: number): Promise { - const res = await fetch(`${postgrestLocalUrl}/vtubers?id=eq.${id}`); - if (!res.ok) { - console.error(`error inside getVtuberById-- ${res.statusText}`); - return null; - } - const vtuber = await res.json(); - return vtuber -} - -export async function getVtubers(): Promise { - const res = await fetch(`${postgrestLocalUrl}/vtubers`); - if (!res.ok) { - console.error(`error inside getVtubers-- ${res.statusText}`); - return null; - } - const vtubers = await res.json(); - return vtubers; - -} - -export async function getAllVtubers(): Promise { - const pageSize = 100; - - const allVtubers: IVtuber[] = []; - let currentPage = 1; - - while (true) { - const query = new URLSearchParams({ - offset: ''+currentPage, - limit: ''+pageSize - }).toString() - try { - console.log(`Getting ${postgrestLocalUrl}/vtubers page=${currentPage}`); - const response = await fetch(`${postgrestLocalUrl}/vtubers?${query}`, fetchVtubersOptions); - - if (!response.ok) { - // Handle non-successful response (e.g., HTTP error) - throw new Error(`HTTP error! Status: ${response.status}`); - } - - const responseData = await response.json(); - - if (!responseData.data || responseData.data.length === 0) { - // No more data to fetch - break; - } - - allVtubers.push(...responseData.data); - currentPage++; - } catch (error) { - // Handle fetch error - if (error instanceof Error) { - console.error('Error fetching data:', error.message); - } - return null; - } - } - - return allVtubers; -} \ No newline at end of file diff --git a/services/next/app/page.tsx b/services/next/app/page.tsx deleted file mode 100644 index 2985faa..0000000 --- a/services/next/app/page.tsx +++ /dev/null @@ -1,81 +0,0 @@ - -import FundingGoal from "@/app/components/funding-goal"; -import VodCard from "@/app/components/vod-card"; -import { getVodTitle } from "@/app/components/vod-page"; -import { getVods } from '@/app/lib/vods'; -import { IVod } from "@/app/lib/vods"; -import { IVtuber } from '@futureporn/types'; -import { getVtubers } from "./lib/vtubers"; -import VTuberCard from "./components/vtuber-card"; -import Link from 'next/link'; -import { notFound } from "next/navigation"; -import { ErrorCard } from "./components/error-card"; - - -export default async function Page() { - - const { vods, count } = await getVods(1, 9, true); - - const vtubers = await getVtubers(); - - return ( - <> -

-
-
-

- The Galaxy's Best VTuber Hentai Site -

-

For adults only (NSFW)

-
-
- - - - - -
- -

Latest VODs

-
- - - {(count === 0) &&

Error: Failed to fetch VODs from the database

} - - {/* 
-                
-                  {JSON.stringify(vods, null, 2)}
-                
-
*/} - {vods && vods.map((vod: IVod) => ( - - ))} - -
- - See all Latest Vods -
-
- -

VTubers

- -
-
- - ); -} diff --git a/services/next/app/patrons/page.tsx b/services/next/app/patrons/page.tsx deleted file mode 100644 index b44e91c..0000000 --- a/services/next/app/patrons/page.tsx +++ /dev/null @@ -1,46 +0,0 @@ - -import PatronsList from '../components/patrons-list'; -import { FontAwesomeIcon } from "@fortawesome/react-fontawesome"; -import { faExternalLinkAlt } from "@fortawesome/free-solid-svg-icons"; -import Link from 'next/link' -import { getCampaign } from '../lib/patreon'; - -export default async function Page() { - - const patreonCampaign = await getCampaign() - - return ( - <> -
-
-
-

Patron List

-

- Futureporn.net continues to improve thanks to - {patreonCampaign.patronCount} generous supporters. -

-
-
- - - -
-

Want to get your name on this list, and get perks like FAST video streaming?

- - Become a patron today! - - -

- Patron names are private by default--{' '} - Opt-in to have your name displayed. -

-
-
-
-
- - ); -} diff --git a/services/next/app/profile/hooks/patreonCurrentlyEntitledTiers.ts b/services/next/app/profile/hooks/patreonCurrentlyEntitledTiers.ts deleted file mode 100644 index 1440cda..0000000 --- a/services/next/app/profile/hooks/patreonCurrentlyEntitledTiers.ts +++ /dev/null @@ -1,16 +0,0 @@ -import { TiersList } from "@/app/lib/patreon" - -export async function fetchPatreonCurrentlyEntitledTiers (): Promise { - const response = await fetch(`/api/patreon/currently-entitled-tiers`, { - credentials: 'include' - }) - const data = await response.json() - - if (!response.ok) { - throw new Error(`failed to fetchPatreonCurrentlyEntitledTiers() res.status=${response.status}`) - } - - - console.log(data) - return data -} diff --git a/services/next/app/profile/hooks/updateProfile.ts b/services/next/app/profile/hooks/updateProfile.ts deleted file mode 100644 index 3c6bac4..0000000 --- a/services/next/app/profile/hooks/updateProfile.ts +++ /dev/null @@ -1,21 +0,0 @@ -import { configs } from "@/app/config/configs"; - - -export type UpdateIsUsernamePublicInput = { - isUsernamePublic: boolean; - access_token: string; -} - - -export async function updateIsUsernamePublic (data: UpdateIsUsernamePublicInput): Promise { - console.log(`upadateIsUernamePublic configs.nextUrl=${configs.nextUrl}`) - const res = await fetch(`${configs.nextUrl}/api/profile`, { - method: 'POST', - body: JSON.stringify({ - username_visibility: data.isUsernamePublic - }) - }) - const d = await res.json() - if (!res.ok) throw new Error(`failed to updateProfile. ${res.status} ${res.statusText}`); - return d -} \ No newline at end of file diff --git a/services/next/app/profile/hooks/useMetadata.ts b/services/next/app/profile/hooks/useMetadata.ts deleted file mode 100644 index 62149e9..0000000 --- a/services/next/app/profile/hooks/useMetadata.ts +++ /dev/null @@ -1,52 +0,0 @@ -// import { useQuery, useMutation, useQueryClient } from '@tanstack/react-query' - -// export type MetadataPayload = { -// metadata: { -// first_name: string -// last_name: string -// patreon: { -// entitledTiers: string[], -// lifetimeSupportCents: number, -// currentlyEntitledSupportCents: number -// }, -// isUsernamePublic: boolean -// } -// } -// export type UpdateMetadataInput = { isUsernamePublic: boolean } - - -// const fetchMetadata = async (): Promise => { -// const response = await fetch(`/api/user/attributes`) -// const data = await response.json() -// return data -// } - -// const fetchMutateMetadata = async (data: UpdateMetadataInput): Promise => { -// const res = await fetch('/api/user/attributes', { -// method: 'POST', -// body: JSON.stringify({ -// isUsernamePublic: data.isUsernamePublic -// }) -// }) -// if (!res.ok) throw new Error(`failed to fetchMutateMetadata. ${res.status} ${res.statusText}`); -// } - -// const useMetadata = () => { -// return useQuery({ -// queryKey: ['user/attributes'], -// queryFn: () => fetchMetadata() -// }) -// } - -// const useMutateMetadata = () => { -// const queryClient = useQueryClient() - -// return useMutation({ -// mutationFn: (data: UpdateMetadataInput) => fetchMutateMetadata(data), -// onSuccess: () => { -// queryClient.invalidateQueries({ queryKey: ['user/attributes'] }) -// } -// }) -// } - -// export { useMetadata, fetchMetadata, useMutateMetadata } diff --git a/services/next/app/profile/page.tsx b/services/next/app/profile/page.tsx deleted file mode 100644 index dcf51ba..0000000 --- a/services/next/app/profile/page.tsx +++ /dev/null @@ -1,242 +0,0 @@ -'use client'; - -import 'react-loading-skeleton/dist/skeleton.css'; -import { FontAwesomeIcon } from "@fortawesome/react-fontawesome"; -import { faSpinner, faCheckCircle, faXmarkCircle } from "@fortawesome/free-solid-svg-icons"; -import { useMutation, useQueryClient } from "@tanstack/react-query"; -// import { updateIsUsernamePublic } from "./hooks/updateProfile"; -import { useQuery } from '@tanstack/react-query'; -import ProtectedRoute from "../components/protected-route"; -import VibrateTest from "../components/vibrate-test"; -import { useSession } from "next-auth/react" -import { LoginButton, LogoutButton } from "../components/auth-buttons"; -import Skeleton, { SkeletonTheme } from 'react-loading-skeleton'; -import Link from 'next/link'; -import { useEffect } from 'react'; -import { useState } from 'react'; -import { fetchPatreonCurrentlyEntitledTiers } from './hooks/patreonCurrentlyEntitledTiers'; -import { Spinner } from '../components/spinner'; -import { signIn, signOut } from "next-auth/react"; - -export default function Page() { - - const queryClient = useQueryClient() - // const sessionContext = Session.useSessionContext() - // if (sessionContext.loading) { - // return - // } - const { data, status, update } = useSession() - - - async function renewJwt() { - await signOut({ redirect: false }); - await signIn("keycloak", { redirect: false }); - } - - // const { data: patreonTier, isPending, refetch } = useQuery({ - // queryKey: ['user/tier'], - // queryFn: () => fetchPatreonCurrentlyEntitledTiers(), - // }) - - // const keycloakGroupQuery = useQuery({ - // queryKey: ['user/group'], - // queryFn: () => fetchKeycloakGroup() - // }) - - // const attributesMutation = useMutation({ - // mutationFn: updateIsUsernamePublic, - // mutationKey: ['user/attributes'], - // onSuccess: () => queryClient.invalidateQueries({ queryKey: ['user/attributes'] }) - // }) - - // const metadataQuery = useQuery({ - // queryKey: ['user/metadata'], - // queryFn: () => fetchMetadata() - // }) - - // const [ isUsernamePublic, setIsUsernamePublic ] = useState() - // const [ username, setUsername ] = useState('') - // useEffect(() => { - // if (metadataQuery.data?.metadata) { - // setUsername(formatPatronUsername(metadataQuery.data.metadata.first_name, metadataQuery.data.metadata.last_name)) - // setIsUsernamePublic(metadataQuery.data.metadata.isUsernamePublic) - // } - // }, [metadataQuery.data]) - - const isUsernamePublic = (data?.profile?.username_visibility === 'public') - const [isGo, setIsGo] = useState() - - // useEffect(() => { - // const fetchData = async () => { - // const res = await fetch(`${process.env.KEYCLOAK_URL}/protocol/openid-connect/token`, { - // method: 'POST', - // headers: { 'Content-Type': 'application/x-www-form-urlencoded' }, - // body: new URLSearchParams({ - // client_id: process.env.KEYCLOAK_CLIENT_ID, - // client_secret: process.env.KEYCLOAK_CLIENT_SECRET, - // grant_type: 'refresh_token', - // refresh_token: session.refreshToken, - // }), - // }); - - // const data = await res.json(); - - // if (res.ok) { - // // Update session with new token - // session.accessToken = data.access_token; - // session.refreshToken = data.refresh_token; - // res.status(200).json(session); - // } else { - // res.status(400).json({ error: 'Token refresh failed' }); - // } - // } - - // fetchData(); - // }, [isGo]); - - - return ( -
- {/* {(metadataQuery.isPending) && } */} -
-

Debug section

- {/* {(isPending) ? Syncronizing Patron entitlements... : Patreon entitlements synced.} */} - {/*

metadataQuery as follows

*/} - {/* 
{JSON.stringify(metadataQuery.data, null, 2)}
*/} -

session as follows

- 
{JSON.stringify(data, null, 2)}
- {(status === 'unauthenticated') && } - - {/* */} - - -
- - - {(data?.user) && -
- -

Profile

- - - -
-
-
- {/*

{username}

*/} -

{data?.user?.name}

-
-
-
- - {/*

Patronage

-
-

You belong to the {patreonTier} tier. Thank you!

-
*/} - -

Patron Perks

-
-

Test Perk (not real)

- -

Hey look at you, you're granted access to this perk!

- -
- -
-

Website Shoutout

- - {isUsernamePublic && {data.user.name} will be displayed on the /patrons page} - {!isUsernamePublic && Your username will be hidden from the /patrons page due to your privacy setting.} - {/* Users can update privacy pref at https://keycloak.fp.sbtp.xyz/realms/futureporn/account/ */} - -
- -
-

Premium Content Delivery Network (CDN1)

- -

You have access to Futureporn's Premium CDN for reliable video playback

- -
- -
-

Economy Content Delivery Network (CDN2)

- -

You have access to Futureporn's Economy CDN for basic video playback

- -
- - -
-

Vibrate (test)

- -
- -
- } -
- ) - - // if (metadataQuery.isPending) return ; - // return 
{JSON.stringify(metadataQuery.data, null, 2)}
- // return

@todo

- // if (!isPending) return ; - // if (!data) return

there is no data

; - // if (!data?.metadata) return

there is no data.metadata

; - // const { first_name, last_name } = data.metadata - // const username = formatPatronUsername(first_name, last_name) - // const { metadata } = data || {} - // const { isUsernamePublic } = metadata - - - // return ( - // <> - - //
- //
- //

Profile

- - //
- //
Username
- //

- // {isPending && - // - // - // - // } - // {!isPending &&

{username}

} - //

- //
- - //
- //
User ID
- //
- //

{sessionContext.userId}

- //
- //
- - //

Patron Perks

- //

Website Shoutout

- // - //
- // Display {(!!username) ? username : } publicly? - // attributesMutation.mutate({ isUsernamePublic: evt.target.checked })}/> - // {(attributesMutation.status === 'success') && } - // {(attributesMutation.status === 'pending') && } - // {(attributesMutation.status === 'error') && } - //
- // - - //

Content Delivery Network (CDN)

- // - //

You have access to Futureporn's CDN for reliable video playback

- // - - - //

Vibrate (test)

- // - //
- //
- - // - // ) -} \ No newline at end of file diff --git a/services/next/app/sign-in.tsx b/services/next/app/sign-in.tsx deleted file mode 100644 index ae47881..0000000 --- a/services/next/app/sign-in.tsx +++ /dev/null @@ -1,19 +0,0 @@ -'use client'; - -type Props = { - onSignIn: () => Promise; -}; - -const SignIn = ({ onSignIn }: Props) => { - return ( -
{ - onSignIn(); - }} - > - Sign In -
- ); -}; - -export default SignIn; \ No newline at end of file diff --git a/services/next/app/sign-out.tsx b/services/next/app/sign-out.tsx deleted file mode 100644 index 504b139..0000000 --- a/services/next/app/sign-out.tsx +++ /dev/null @@ -1,19 +0,0 @@ -'use client'; - -type Props = { - onSignOut: () => Promise; -}; - -const SignOut = ({ onSignOut }: Props) => { - return ( -
{ - onSignOut(); - }} - > - Sign Out -
- ); -}; - -export default SignOut; \ No newline at end of file diff --git a/services/next/app/tags/[slug]/page.tsx b/services/next/app/tags/[slug]/page.tsx deleted file mode 100644 index b06e93c..0000000 --- a/services/next/app/tags/[slug]/page.tsx +++ /dev/null @@ -1,35 +0,0 @@ -import { getVodsForTag, IVod } from '@/app/lib/vods' -import VodCard from '@/app/components/vod-card' -import Link from 'next/link' -import { getVodTitle } from '@/app/components/vod-page' -import { notFound } from 'next/navigation' - -export default async function Page({ params }: { params: { slug: string }}) { - const vods = await getVodsForTag(params.slug) - if (!vods) return notFound() - return ( -
-
-

Tagged “{params.slug}”

-
- -
- {vods.map((vod: IVod) => ( - - ))} -
- -
-

See all tags.

-
-
- ) -} \ No newline at end of file diff --git a/services/next/app/tags/page.tsx b/services/next/app/tags/page.tsx deleted file mode 100644 index e025a49..0000000 --- a/services/next/app/tags/page.tsx +++ /dev/null @@ -1,15 +0,0 @@ -import { getTags } from '../lib/tags' -import SortableTags from '../components/sortable-tags' - -export default async function Page() { - const tags = await getTags(); - - return ( -
-
-

Tags

- -
-
- ) -} \ No newline at end of file diff --git a/services/next/app/upload/page.tsx b/services/next/app/upload/page.tsx deleted file mode 100644 index 8f633c9..0000000 --- a/services/next/app/upload/page.tsx +++ /dev/null @@ -1,30 +0,0 @@ - -import { getAllVtubers } from '@/app/lib/vtubers'; - - -import UploadForm from '@/app/components/upload-form'; -import { Suspense } from 'react'; - -import '@uppy/core/dist/style.min.css'; -import '@uppy/dashboard/dist/style.min.css'; -import { getStreamByUUID } from '@/app/lib/streams'; - - -export default async function Page() { - const vtubers = await getAllVtubers(); - - if (!vtubers) return ( - - ) - - return ( - <> - - - - - - - - ) -} \ No newline at end of file diff --git a/services/next/app/uppy.tsx b/services/next/app/uppy.tsx deleted file mode 100644 index 1fdda93..0000000 --- a/services/next/app/uppy.tsx +++ /dev/null @@ -1,57 +0,0 @@ -'use client'; - -import React, { useState, createContext, useContext, useEffect } from 'react'; -import Uppy from '@uppy/core'; -import AwsS3 from '@uppy/aws-s3'; -import RemoteSources from '@uppy/remote-sources'; -// import { useAuth } from './components/auth'; -import { companionUrl } from '@/app/lib/constants'; - - -// Uppy is a challenging react integration. Following are some references -// @see https://github.com/transloadit/uppy/issues/4727#issuecomment-1761118428 - - -export const UppyContext = createContext(new Uppy()); - -// export default function UppyProvider({ -// children -// }: { -// children: React.ReactNode -// }) { -// // const { authData } = useAuth(); -// const uppy = new Uppy( -// // const [uppy] = useState(() => new Uppy( -// { -// autoProceed: true, -// debug: true, -// logger: { -// debug: console.info, -// warn: console.log, -// error: console.error -// }, - -// } -// ) -// .use(RemoteSources, { -// companionUrl, -// title: 'testing 123', -// }) -// .use(AwsS3, { -// companionUrl, -// shouldUseMultipart: true, -// abortMultipartUpload: () => {}, // @see https://github.com/transloadit/uppy/issues/1197#issuecomment-491756118 -// companionHeaders: { -// 'authorization': `Bearer ${authData?.accessToken}` -// } -// }) -// // ); - - - -// return ( -// -// {children} -// -// ) -// } diff --git a/services/next/app/vods/[safeDateOrUUID]/page.tsx b/services/next/app/vods/[safeDateOrUUID]/page.tsx deleted file mode 100644 index b7914b3..0000000 --- a/services/next/app/vods/[safeDateOrUUID]/page.tsx +++ /dev/null @@ -1,16 +0,0 @@ - -import VodPage from '@/app/components/vod-page'; -import { IVodPageProps, getVodFromSafeDateOrUUID } from '@/app/lib/vods'; -import { notFound } from 'next/navigation'; - - -/** - * This route exists as backwards compatibility for Futureporn 0.0.0 which was on neocities - * @see https://www.w3.org/Provider/Style/URI - */ -export default async function Page({ params: { safeDateOrUUID, slug } }: IVodPageProps) { - const vod = await getVodFromSafeDateOrUUID(safeDateOrUUID); - if (!vod) notFound(); - return -} - diff --git a/services/next/app/vods/page.tsx b/services/next/app/vods/page.tsx deleted file mode 100644 index 175ff08..0000000 --- a/services/next/app/vods/page.tsx +++ /dev/null @@ -1,6 +0,0 @@ - -import { redirect } from 'next/navigation'; - -export default async function Page() { - redirect('/latest-vods/1') -} \ No newline at end of file diff --git a/services/next/app/vt/[slug]/not-found.tsx b/services/next/app/vt/[slug]/not-found.tsx deleted file mode 100644 index 87c153f..0000000 --- a/services/next/app/vt/[slug]/not-found.tsx +++ /dev/null @@ -1,11 +0,0 @@ -import Link from 'next/link' - -export default function NotFound() { - return ( -
-

404 Not Found

- - Return to vtuber list -
- ) -} \ No newline at end of file diff --git a/services/next/app/vt/[slug]/page.tsx b/services/next/app/vt/[slug]/page.tsx deleted file mode 100644 index fd9299b..0000000 --- a/services/next/app/vt/[slug]/page.tsx +++ /dev/null @@ -1,221 +0,0 @@ -import VodsList from '@/app/components/vods-list'; -import Link from 'next/link'; -import { getVtuberBySlug } from '@/app/lib/vtubers' -import { FontAwesomeIcon } from "@fortawesome/react-fontawesome"; -import { faExternalLinkAlt, faBagShopping } from "@fortawesome/free-solid-svg-icons"; -import { faFacebook, faInstagram, faPatreon, faYoutube, faTwitch, faTiktok, faXTwitter, faReddit, faDiscord } from "@fortawesome/free-brands-svg-icons"; -import Image from "next/legacy/image"; -import OnlyfansIcon from "@/app/components/icons/onlyfans"; -import PornhubIcon from '@/app/components/icons/pornhub'; -import ThroneIcon from '@/app/components/icons/throne'; -import LinktreeIcon from '@/app/components/icons/linktree'; -import FanslyIcon from '@/app/components/icons/fansly'; -import ChaturbateIcon from '@/app/components/icons/chaturbate'; -import CarrdIcon from '@/app/components/icons/carrd'; -import styles from '@/assets/styles/icon.module.css'; - -import { getVodsForVtuber } from '@/app/lib/vods'; -import { notFound } from 'next/navigation'; -import ArchiveProgress from '@/app/components/archive-progress'; -import { getAllStreamsForVtuber, getStreamsForVtuber } from '@/app/lib/streams'; -import LinkableHeading from '@/app/components/linkable-heading'; - - - -export default async function Page({ params }: { params: { slug: string } }) { - const vtuber = await getVtuberBySlug(params.slug); - if (!vtuber) notFound(); - - const pageSize = 9 - const page = 1 - const { vods, count } = await getVodsForVtuber(vtuber.id, page, pageSize); - if (!vods) notFound(); - - - return ( - <> - {vtuber && ( - <> -
- -
-
-

{vtuber.display_name}

-
-
-
- {vtuber.display_name} -
-
-
-

{vtuber.description_1}

-

{vtuber.description_2}

-
-
- -

- Socials -

- -
-
- {vtuber.patreon && ( -
- - Patreon - -
- )} - {vtuber.twitter && ( -
- - Twitter - -
- )} - {vtuber.youtube && ( -
- - YouTube - -
- )} - {vtuber.twitch && ( -
- - Twitch - -
- )} - {vtuber.tiktok && ( -
- - TikTok - -
- )} - {vtuber.fansly && ( -
- - Fansly - -
- )} - {vtuber.onlyfans && ( -
- - - - OnlyFans - -
- )} - {vtuber.pornhub && ( -
- - Pornhub - -
- )} - {vtuber.reddit && ( -
- - Reddit - -
- )} - {vtuber.discord && ( -
- - Discord - -
- )} - {vtuber.instagram && ( -
- - Instagram - -
- )} - {vtuber.facebook && ( -
- - Facebook - -
- )} - {vtuber.merch && ( -
- - Merch - -
- )} - {vtuber.chaturbate && ( -
- - Chaturbate - -
- )} - {vtuber.throne && ( -
- - Throne - -
- )} - {vtuber.linktree && ( -
- - Linktree - -
- )} - {vtuber.carrd && ( -
- - Carrd - -
- )} -
-
- - - {/*

- Toys -

- - <> - - {(toys.pagination.total > toySampleCount) && See all of {vtuber.display_name}'s toys} - */} - -

- Vods -

- - - { - (vods) ? ( - See all {vtuber.display_name} vods - ) : (

No VODs have been added, yet.

) - } - - -
- - )} - - ); -} diff --git a/services/next/app/vt/[slug]/stream/[safeDate]/page.tsx b/services/next/app/vt/[slug]/stream/[safeDate]/page.tsx deleted file mode 100644 index f2af6c1..0000000 --- a/services/next/app/vt/[slug]/stream/[safeDate]/page.tsx +++ /dev/null @@ -1,31 +0,0 @@ - -import { Stream } from '@/app/components/stream'; -import { getStreamForVtuber } from '@/app/lib/streams'; -import { getVtuberBySlug } from '@/app/lib/vtubers'; -import NotFound from '../../not-found'; - -interface IPageProps { - params: { - safeDate: string; - slug: string; - }; -} - -export default async function Page({ params: { safeDate, slug } }: IPageProps) { - const vtuber = await getVtuberBySlug(slug); - if (!vtuber) return - const stream = await getStreamForVtuber(vtuber.id, safeDate); - if (!stream) return - - return ( -
-
-

Stream Page!

-

slug={slug} safeDate={safeDate}

- - -
-
- ) -} - diff --git a/services/next/app/vt/[slug]/streams/page.tsx b/services/next/app/vt/[slug]/streams/page.tsx deleted file mode 100644 index 065836b..0000000 --- a/services/next/app/vt/[slug]/streams/page.tsx +++ /dev/null @@ -1,23 +0,0 @@ - -import { getVtuberBySlug } from '@/app/lib/vtubers'; -import { getStreamsForVtuber } from '@/app/lib/streams'; -import Pager from '@/app/components/pager'; -import { notFound } from 'next/navigation'; - -interface IPageParams { - params: { - slug: string; - } -} - -export default async function Page({ params }: IPageParams) { - const vtuber = await getVtuberBySlug(params.slug); - if (!vtuber) return

vtuber {params.slug} not found

- const streams = await getStreamsForVtuber(vtuber.id, 1, 24); - if (!streams) return

streams not found

; - return ( - <> - - - ) -} \ No newline at end of file diff --git a/services/next/app/vt/[slug]/toys/[page]/page.tsx b/services/next/app/vt/[slug]/toys/[page]/page.tsx deleted file mode 100644 index fb01d2a..0000000 --- a/services/next/app/vt/[slug]/toys/[page]/page.tsx +++ /dev/null @@ -1,33 +0,0 @@ - -// import VodsList, { VodsListHeading } from '@/app/components/vods-list' -// import { getVtuberBySlug } from '@/app/lib/vtubers' -// // import { IToys, getToysForVtuber } from '@/app/lib/toys' -// import { ToysList, ToysListHeading } from '@/app/components/toys' -// import Pager from '@/app/components/pager' - -// interface IPageParams { -// params: { -// name: string; -// page: number; -// } -// } - -export default async function Page() { - // const vtuber = await getVtuberBySlug(params.slug) - return

Toys pages coming soon

- // const toys: IToys = await getToysForVtuber(vtuber.id, params.page, 24) - // return ( - //
- //
- // - // - // - //
- //
- // ) -} \ No newline at end of file diff --git a/services/next/app/vt/[slug]/toys/page.tsx b/services/next/app/vt/[slug]/toys/page.tsx deleted file mode 100644 index 0062aae..0000000 --- a/services/next/app/vt/[slug]/toys/page.tsx +++ /dev/null @@ -1,33 +0,0 @@ - -// import VodsList, { VodsListHeading } from '@/app/components/vods-list' -// import { getVtuberBySlug } from '@/app/lib/vtubers' -// // import { IToys, getToysForVtuber } from '@/app/lib/toys' -// import { ToysList } from '@/app/components/toys' -// import Pager from '@/app/components/pager' - -interface IPageParams { - params: { - name: string; - } -} - -export default async function Page({ params }: IPageParams) { - // const vtuber = await getVtuberBySlug(params.slug) - return

toys pages coming soon

- // const toys: IToys = await getToysForVtuber(vtuber.id, 1, 24) - // return ( - //
- //
- // {/* */} - // {/* */} - // - // - //
- //
- // ) -} \ No newline at end of file diff --git a/services/next/app/vt/[slug]/vod/[safeDateOrUUID]/page.tsx b/services/next/app/vt/[slug]/vod/[safeDateOrUUID]/page.tsx deleted file mode 100644 index 49184b6..0000000 --- a/services/next/app/vt/[slug]/vod/[safeDateOrUUID]/page.tsx +++ /dev/null @@ -1,19 +0,0 @@ - -import VodPage2 from '@/app/components/vod-page-2' -import { IVodPageProps, getVodFromSafeDateOrUUID } from '@/app/lib/vods' -import { notFound } from 'next/navigation'; - - -export default async function Page({ params: { safeDateOrUUID } }: IVodPageProps) { - const vod = await getVodFromSafeDateOrUUID(safeDateOrUUID); - if (!vod) return notFound(); - // return ( - // 
-    //         
-    //             {JSON.stringify(vod, null, 2)}
-    //         
-    //
- // ) - return -} - diff --git a/services/next/app/vt/[slug]/vod/page.tsx b/services/next/app/vt/[slug]/vod/page.tsx deleted file mode 100644 index b62229f..0000000 --- a/services/next/app/vt/[slug]/vod/page.tsx +++ /dev/null @@ -1,15 +0,0 @@ -import React from 'react'; -import Link from 'next/link'; -import { redirect } from 'next/navigation'; - -interface IPageParams { - params: { - slug: string; - } -} - -export default function Page({ params: { slug } }: IPageParams) { - redirect(`/vt/${slug}/vods`) - return See {`/vt/${slug}/vods`} -} - diff --git a/services/next/app/vt/[slug]/vods/[page]/page.tsx b/services/next/app/vt/[slug]/vods/[page]/page.tsx deleted file mode 100644 index db67580..0000000 --- a/services/next/app/vt/[slug]/vods/[page]/page.tsx +++ /dev/null @@ -1,46 +0,0 @@ -import VodsList, { VodsListHeading } from '@/app/components/vods-list'; -import { getVtuberBySlug, getUrl } from '@/app/lib/vtubers'; -import { IVodsResponse, getVodsForVtuber } from '@/app/lib/vods'; -import Pager from '@/app/components/pager'; -import { notFound } from 'next/navigation'; - - -interface IPageParams { - params: { - slug: string; - page: string; - }; -} - -export default async function Page({ params }: IPageParams) { - const pageNumber = parseInt(params.page); - const pageSize = 24 - - console.log(`lets get us some vtuber and vods`); - const vtuber = await getVtuberBySlug(params.slug); - if (!vtuber) { - console.error('getVtuberBySlug failed to get us a vtuber object.') - return

failed to get vtuber

- // return notFound(); - } - - - const {vods, count} = await getVodsForVtuber(vtuber.id, pageNumber, 24, true); - if (!vods) { - return

failed to get vods

- console.error('getVodsForVtuber failed to get us a vods object.') - // return notFound(); - } - - return ( - <> - - - - - ); -} diff --git a/services/next/app/vt/[slug]/vods/page.tsx b/services/next/app/vt/[slug]/vods/page.tsx deleted file mode 100644 index 1849ddb..0000000 --- a/services/next/app/vt/[slug]/vods/page.tsx +++ /dev/null @@ -1,32 +0,0 @@ - -import VodsList, { VodsListHeading } from '@/app/components/vods-list' -import { getVtuberBySlug, getUrl } from '@/app/lib/vtubers' -import { IVodsResponse, getVodsForVtuber, getPaginatedUrl } from '@/app/lib/vods' -import Pager from '@/app/components/pager' -import { notFound } from 'next/navigation' - -interface IPageParams { - params: { - slug: string; - } -} - -export default async function Page({ params }: IPageParams) { - const vtuber = await getVtuberBySlug(params.slug) - const pageCount = 24 - if (!vtuber) notFound(); - const vods = await getVodsForVtuber(vtuber.id, 1, pageCount) - if (!vods) notFound(); - return ( - <> - 
-                
-                    {JSON.stringify(vods, null, 2)}
-                
-
- {/* - - */} - - ) -} \ No newline at end of file diff --git a/services/next/app/vt/page.tsx b/services/next/app/vt/page.tsx deleted file mode 100644 index 93a0cd9..0000000 --- a/services/next/app/vt/page.tsx +++ /dev/null @@ -1,36 +0,0 @@ -import { notFound } from 'next/navigation' -import VTuberCard from '../components/vtuber-card' -import { getVtubers } from '../lib/vtubers' -import { IVtuber } from '@futureporn/types' - - -export default async function Page() { - const vtubers = await getVtubers() - if (!vtubers) notFound() - // return ( - // 
-    //         
-    //             {JSON.stringify(vtubers, null, 2)}
-    //         
-    //
- // ) - return ( - <> - {/* 
-                
-                    {JSON.stringify(vtubers, null, 2)}
-                
-
*/} -
-
-

VTubers

- -
-
- - ) -} \ No newline at end of file diff --git a/services/next/assets/styles/cid.module.css b/services/next/assets/styles/cid.module.css deleted file mode 100644 index e195bb4..0000000 --- a/services/next/assets/styles/cid.module.css +++ /dev/null @@ -1,19 +0,0 @@ -.container { - display: flex; - align-items: center; -} - -.cid { - overflow: hidden; - text-overflow: ellipsis; - text-align: center; - flex: 1; -} - -.label { - width: 6em; -} - -.green { - color: rgb(52, 168, 115); -} \ No newline at end of file diff --git a/services/next/assets/styles/fp.module.css b/services/next/assets/styles/fp.module.css deleted file mode 100644 index 106e6b5..0000000 --- a/services/next/assets/styles/fp.module.css +++ /dev/null @@ -1,28 +0,0 @@ - -.noselect { - user-select: none; -} - -.tagButton { - height: 2em; - margin-bottom: 0.5rem; - border-radius: 4px; -} - -.isTiny { - height: 1.5em; -} - -.grade { - font-family: Arial, Helvetica, sans-serif; - font-size: 8rem; - font-weight: bolder; -} - -.zoomin { - cursor: zoom-in; -} - -.zoomout { - cursor: zoom-out; -} \ No newline at end of file diff --git a/services/next/assets/styles/global.css b/services/next/assets/styles/global.css deleted file mode 100644 index 4c04dc6..0000000 --- a/services/next/assets/styles/global.css +++ /dev/null @@ -1,58 +0,0 @@ -/* nunito-regular - latin */ -@font-face { - font-display: swap; /* Check https://developer.mozilla.org/en-US/docs/Web/CSS/@font-face/font-display for other options. */ - font-family: 'Nunito'; - font-style: normal; - font-weight: 400; - src: url('/fonts/nunito-v26-latin-regular.woff2') format('woff2'); /* Chrome 36+, Opera 23+, Firefox 39+, Safari 12+, iOS 10+ */ -} - -/* - palleton color scheme - https://paletton.com/#uid=54W0u0kv5npmjustvtxAGj4KwdK -*/ - -:root { - - /* mux player styling */ - --media-accent-color: #fb00ff; - - /* this brightens message headers (funding goal) which by default were too close to the bg color */ - --bulma-dark-l: 22%; - - /* Colors and Lightness values */ - --bulma-scheme-h: 221; - --bulma-scheme-s: 14%; - --bulma-light-l: 90%; - --bulma-light-invert-l: 20%; - --bulma-dark-invert-l: 90%; - --bulma-soft-l: 90%; - --bulma-bold-l: 20%; - --bulma-soft-invert-l: 20%; - --bulma-bold-invert-l: 90%; - /* etc. */ - - /* Color Palettes */ - --bulma-primary: hsla(var(--bulma-primary-h), var(--bulma-primary-s), var(--bulma-primary-l), 1); - --bulma-primary-base: hsla(var(--bulma-primary-h), var(--bulma-primary-s), var(--bulma-primary-l), 1); - --bulma-primary-rgb: 0, 209, 178; - --bulma-primary-h: 299deg; - --bulma-primary-s: 50%; - --bulma-primary-l: 50%; - --bulma-primary-00-l: 1%; - --bulma-primary-05-l: 6%; - --bulma-primary-10-l: 11%; - --bulma-primary-15-l: 16%; - --bulma-primary-20-l: 21%; - --bulma-info-l: 50%; - - /* Typography */ - --bulma-family-primary: Nunito, Inter, SF Pro, Segoe UI, Roboto, Oxygen, Ubuntu, Helvetica Neue, Helvetica, Arial, sans-serif; - --bulma-family-secondary: Inter, SF Pro, Segoe UI, Roboto, Oxygen, Ubuntu, Helvetica Neue, Helvetica, Arial, sans-serif; - --bulma-family-code: Inconsolata, Hack, SF Mono, Roboto Mono, Source Code Pro, Ubuntu Mono, monospace; - --bulma-size-small: 0.75rem; - --bulma-size-normal: 1rem; - --bulma-size-medium: 1.25rem; - --bulma-size-large: 1.5rem; - /* etc. */ -} \ No newline at end of file diff --git a/services/next/assets/styles/icon.module.css b/services/next/assets/styles/icon.module.css deleted file mode 100644 index 5d3efba..0000000 --- a/services/next/assets/styles/icon.module.css +++ /dev/null @@ -1,20 +0,0 @@ - -svg.icon { - width: 1em; - height: 1em; - vertical-align: -0.125em; - fill: rgb(208, 209, 205); -} - -svg.icon path { - fill: rgb(208, 209, 205); -} - -svg.icon g path { - fill: rgb(208, 209, 205) !important; -} - -svg.bigIcon { - width: 10em; - height: 10em; -} \ No newline at end of file diff --git a/services/next/assets/styles/player.module.css b/services/next/assets/styles/player.module.css deleted file mode 100644 index b3f531b..0000000 --- a/services/next/assets/styles/player.module.css +++ /dev/null @@ -1,4 +0,0 @@ - -.fpMediaPlayer { - --media-aspect-ratio: 1.7778; -} \ No newline at end of file diff --git a/services/next/assets/svg/README.md b/services/next/assets/svg/README.md deleted file mode 100644 index bbf6f41..0000000 --- a/services/next/assets/svg/README.md +++ /dev/null @@ -1,5 +0,0 @@ -# SVG in next/react - -see https://blog.logrocket.com/import-svgs-next-js-apps/ - -TL;DR: use https://react-svgr.com/playground/ to convert svg to jsx \ No newline at end of file diff --git a/services/next/assets/svg/carrd.svg b/services/next/assets/svg/carrd.svg deleted file mode 100644 index 9b1ead5..0000000 --- a/services/next/assets/svg/carrd.svg +++ /dev/null @@ -1 +0,0 @@ -Carrd diff --git a/services/next/assets/svg/chaturbate.svg b/services/next/assets/svg/chaturbate.svg deleted file mode 100644 index 0ef00ed..0000000 --- a/services/next/assets/svg/chaturbate.svg +++ /dev/null @@ -1,15 +0,0 @@ -import * as React from "react" -const SvgComponent = (props) => ( - - - -) -export default SvgComponent diff --git a/services/next/assets/svg/checkmark.svg b/services/next/assets/svg/checkmark.svg deleted file mode 100644 index 23cce6f..0000000 --- a/services/next/assets/svg/checkmark.svg +++ /dev/null @@ -1,5 +0,0 @@ - - - - - \ No newline at end of file diff --git a/services/next/assets/svg/fansly.tsx b/services/next/assets/svg/fansly.tsx deleted file mode 100644 index 03a78dc..0000000 --- a/services/next/assets/svg/fansly.tsx +++ /dev/null @@ -1,20 +0,0 @@ -import * as React from "react" -const SvgComponent = (props: any) => ( - - - - -) -export default SvgComponent diff --git a/services/next/assets/svg/ipfs.svg b/services/next/assets/svg/ipfs.svg deleted file mode 100644 index ea32d6e..0000000 --- a/services/next/assets/svg/ipfs.svg +++ /dev/null @@ -1 +0,0 @@ -IPFS \ No newline at end of file diff --git a/services/next/assets/svg/linktree.svg b/services/next/assets/svg/linktree.svg deleted file mode 100644 index 0f8d400..0000000 --- a/services/next/assets/svg/linktree.svg +++ /dev/null @@ -1,64 +0,0 @@ - - - - - - - - - - - - - - diff --git a/services/next/assets/svg/noun-adult-content-1731184.svg b/services/next/assets/svg/noun-adult-content-1731184.svg deleted file mode 100644 index 8509fd0..0000000 --- a/services/next/assets/svg/noun-adult-content-1731184.svg +++ /dev/null @@ -1 +0,0 @@ -Created by Anatolii Babiifrom the Noun Project \ No newline at end of file diff --git a/services/next/assets/svg/noun-anime-3890912.svg b/services/next/assets/svg/noun-anime-3890912.svg deleted file mode 100644 index c5c376f..0000000 --- a/services/next/assets/svg/noun-anime-3890912.svg +++ /dev/null @@ -1 +0,0 @@ -Created by Kevinfrom the Noun Project \ No newline at end of file diff --git a/services/next/assets/svg/noun-avatar-3546974.svg b/services/next/assets/svg/noun-avatar-3546974.svg deleted file mode 100644 index ec43ede..0000000 --- a/services/next/assets/svg/noun-avatar-3546974.svg +++ /dev/null @@ -1 +0,0 @@ -love charger copy 2Created by KEN111from the Noun Project \ No newline at end of file diff --git a/services/next/assets/svg/noun-girl-842331.svg b/services/next/assets/svg/noun-girl-842331.svg deleted file mode 100644 index f609fb4..0000000 --- a/services/next/assets/svg/noun-girl-842331.svg +++ /dev/null @@ -1,4 +0,0 @@ -Created by Zackary Cloefrom the Noun Project \ No newline at end of file diff --git a/services/next/assets/svg/noun-network-1603820.svg b/services/next/assets/svg/noun-network-1603820.svg deleted file mode 100644 index 8a3d5c0..0000000 --- a/services/next/assets/svg/noun-network-1603820.svg +++ /dev/null @@ -1 +0,0 @@ -Created by Three Six Fivefrom the Noun Project \ No newline at end of file diff --git a/services/next/assets/svg/onlyfans.svg b/services/next/assets/svg/onlyfans.svg deleted file mode 100644 index bba261f..0000000 --- a/services/next/assets/svg/onlyfans.svg +++ /dev/null @@ -1,9 +0,0 @@ - - - - - - - - - \ No newline at end of file diff --git a/services/next/assets/svg/pornhub.svg b/services/next/assets/svg/pornhub.svg deleted file mode 100644 index 4b1b6bd..0000000 --- a/services/next/assets/svg/pornhub.svg +++ /dev/null @@ -1,5 +0,0 @@ - - - - - diff --git a/services/next/assets/svg/throne.svg b/services/next/assets/svg/throne.svg deleted file mode 100644 index a396573..0000000 --- a/services/next/assets/svg/throne.svg +++ /dev/null @@ -1,12 +0,0 @@ - - - - - - - - - - - - diff --git a/services/next/next.config.js b/services/next/next.config.js deleted file mode 100644 index ccc33e5..0000000 --- a/services/next/next.config.js +++ /dev/null @@ -1,28 +0,0 @@ -/** @type {import('next').NextConfig} */ -const path = require("path"); -const nextConfig = { - output: 'standalone', - reactStrictMode: false, - sassOptions: { - includePaths: [path.join(__dirname, "assets", "styles")], - }, - images: { - remotePatterns: [ - { - protocol: 'https', - hostname: 'futureporn-b2.b-cdn.net', - port: '', - pathname: '/**', - }, - { - protocol: 'https', - hostname: 'fp-dev.b-cdn.net', - port: '', - pathname: '/**', - }, - ], - } -}; - - -module.exports = nextConfig; diff --git a/services/next/package.json b/services/next/package.json deleted file mode 100644 index d0d8130..0000000 --- a/services/next/package.json +++ /dev/null @@ -1,86 +0,0 @@ -{ - "name": "@futureporn/next", - "version": "2.0.0", - "private": true, - "scripts": { - "dev": "NODE_EXTRA_CA_CERTS=/app/certs/letsencrypt-stg-root-x1.pem next dev", - "build": "next build", - "start": "next start", - "lint": "next lint", - "preinstall": "npx only-allow pnpm", - "clean": "rm -rf dist", - "superclean": "rm -rf node_modules && rm -rf pnpm-lock.yaml && rm -rf dist" - }, - "dependencies": { - "@dicebear/collection": "^9.2.2", - "@dicebear/core": "^9.2.2", - "@fortawesome/fontawesome-free": "^6.6.0", - "@fortawesome/fontawesome-svg-core": "^6.6.0", - "@fortawesome/free-brands-svg-icons": "^6.6.0", - "@fortawesome/free-solid-svg-icons": "^6.6.0", - "@fortawesome/react-fontawesome": "^0.2.2", - "@futureporn/types": "workspace:*", - "@futureporn/utils": "workspace:^", - "@hookform/error-message": "^2.0.1", - "@hookform/resolvers": "^3.9.0", - "@logto/next": "^3.7.1", - "@mux/blurhash": "^0.1.2", - "@mux/mux-player": "^2.9.1", - "@mux/mux-player-react": "^2.9.1", - "@paralleldrive/cuid2": "^2.2.2", - "@react-hookz/web": "^24.0.4", - "@tanstack/react-query": "^5.53.3", - "@tanstack/react-table": "^8.20.5", - "@types/lodash": "^4.17.7", - "@types/qs": "^6.9.15", - "@types/react": "^18.3.5", - "@types/react-dom": "^18.3.0", - "@uppy/aws-s3": "^4.1.0", - "@uppy/aws-s3-multipart": "^4.0.0", - "@uppy/core": "^4.2.0", - "@uppy/dashboard": "^4.1.0", - "@uppy/drag-drop": "^4.0.2", - "@uppy/file-input": "^4.0.1", - "@uppy/progress-bar": "^4.0.0", - "@uppy/react": "^4.0.2", - "@uppy/remote-sources": "^2.2.0", - "bulma": "^1.0.2", - "date-fns": "^3.6.0", - "date-fns-tz": "^3.1.3", - "dayjs": "^1.11.13", - "dotenv": "^16.4.5", - "feed": "^4.2.2", - "gray-matter": "^4.0.3", - "hls.js": "^1.5.15", - "jose": "^5.9.6", - "jwt-decode": "^4.0.0", - "lodash": "^4.17.21", - "lunarphase-js": "^2.0.3", - "multiformats": "^13.2.2", - "next": "14.2.7", - "next-auth": "4.24.10", - "next-goatcounter": "^1.0.5", - "nextjs-cors": "^2.2.0", - "nextjs-toploader": "^3.6.15", - "plyr": "^3.7.8", - "qs": "^6.13.0", - "react": "^18.3.1", - "react-data-table-component": "^7.6.2", - "react-dom": "^18.3.1", - "react-hook-form": "^7.53.0", - "react-loading-skeleton": "^3.4.0", - "react-toastify": "^10.0.5", - "sass": "^1.77.8", - "sharp": "^0.33.5", - "slugify": "^1.6.6", - "styled-components": "6.1.13", - "yup": "^1.4.0" - }, - "devDependencies": { - "@types/node": "^22.5.2", - "eslint": "^9.9.1", - "eslint-config-next": "14.2.7", - "typescript": "5.5.4" - }, - "packageManager": "pnpm@9.14.4" -} diff --git a/services/next/pnpm-lock.yaml b/services/next/pnpm-lock.yaml deleted file mode 100644 index a7b4b90..0000000 --- a/services/next/pnpm-lock.yaml +++ /dev/null @@ -1,5293 +0,0 @@ -lockfileVersion: '9.0' - -settings: - autoInstallPeers: true - excludeLinksFromLockfile: false - -importers: - - .: - dependencies: - '@dicebear/collection': - specifier: ^9.2.2 - version: 9.2.2(@dicebear/core@9.2.2) - '@dicebear/core': - specifier: ^9.2.2 - version: 9.2.2 - '@fortawesome/fontawesome-free': - specifier: ^6.6.0 - version: 6.6.0 - '@fortawesome/fontawesome-svg-core': - specifier: ^6.6.0 - version: 6.6.0 - '@fortawesome/free-brands-svg-icons': - specifier: ^6.6.0 - version: 6.6.0 - '@fortawesome/free-solid-svg-icons': - specifier: ^6.6.0 - version: 6.6.0 - '@fortawesome/react-fontawesome': - specifier: ^0.2.2 - version: 0.2.2(@fortawesome/fontawesome-svg-core@6.6.0)(react@18.3.1) - '@futureporn/types': - specifier: workspace:* - version: link:../../packages/types - '@futureporn/utils': - specifier: workspace:^ - version: link:../../packages/utils - '@hookform/error-message': - specifier: ^2.0.1 - version: 2.0.1(react-dom@18.3.1(react@18.3.1))(react-hook-form@7.53.0(react@18.3.1))(react@18.3.1) - '@hookform/resolvers': - specifier: ^3.9.0 - version: 3.9.0(react-hook-form@7.53.0(react@18.3.1)) - '@logto/next': - specifier: ^3.7.1 - version: 3.7.1(next@14.2.7(react-dom@18.3.1(react@18.3.1))(react@18.3.1)(sass@1.77.8)) - '@mux/blurhash': - specifier: ^0.1.2 - version: 0.1.2 - '@mux/mux-player': - specifier: ^2.9.1 - version: 2.9.1 - '@mux/mux-player-react': - specifier: ^2.9.1 - version: 2.9.1(@types/react-dom@18.3.0)(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - '@paralleldrive/cuid2': - specifier: ^2.2.2 - version: 2.2.2 - '@react-hookz/web': - specifier: ^24.0.4 - version: 24.0.4(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - '@tanstack/react-query': - specifier: ^5.53.3 - version: 5.53.3(react@18.3.1) - '@tanstack/react-table': - specifier: ^8.20.5 - version: 8.20.5(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - '@types/lodash': - specifier: ^4.17.7 - version: 4.17.7 - '@types/qs': - specifier: ^6.9.15 - version: 6.9.15 - '@types/react': - specifier: ^18.3.5 - version: 18.3.5 - '@types/react-dom': - specifier: ^18.3.0 - version: 18.3.0 - '@uppy/aws-s3': - specifier: ^4.1.0 - version: 4.1.0(@uppy/core@4.2.0) - '@uppy/aws-s3-multipart': - specifier: ^4.0.0 - version: 4.0.0(@uppy/core@4.2.0) - '@uppy/core': - specifier: ^4.2.0 - version: 4.2.0 - '@uppy/dashboard': - specifier: ^4.1.0 - version: 4.1.0(@uppy/core@4.2.0) - '@uppy/drag-drop': - specifier: ^4.0.2 - version: 4.0.2(@uppy/core@4.2.0) - '@uppy/file-input': - specifier: ^4.0.1 - version: 4.0.1(@uppy/core@4.2.0) - '@uppy/progress-bar': - specifier: ^4.0.0 - version: 4.0.0(@uppy/core@4.2.0) - '@uppy/react': - specifier: ^4.0.2 - version: 4.0.2(@uppy/core@4.2.0)(@uppy/dashboard@4.1.0(@uppy/core@4.2.0))(@uppy/drag-drop@4.0.2(@uppy/core@4.2.0))(@uppy/file-input@4.0.1(@uppy/core@4.2.0))(@uppy/progress-bar@4.0.0(@uppy/core@4.2.0))(@uppy/status-bar@4.0.3(@uppy/core@4.2.0))(react@18.3.1) - '@uppy/remote-sources': - specifier: ^2.2.0 - version: 2.2.0(@uppy/core@4.2.0) - bulma: - specifier: ^1.0.2 - version: 1.0.2 - date-fns: - specifier: ^3.6.0 - version: 3.6.0 - date-fns-tz: - specifier: ^3.1.3 - version: 3.1.3(date-fns@3.6.0) - dayjs: - specifier: ^1.11.13 - version: 1.11.13 - dotenv: - specifier: ^16.4.5 - version: 16.4.5 - feed: - specifier: ^4.2.2 - version: 4.2.2 - gray-matter: - specifier: ^4.0.3 - version: 4.0.3 - hls.js: - specifier: ^1.5.15 - version: 1.5.15 - jose: - specifier: ^5.9.6 - version: 5.9.6 - jwt-decode: - specifier: ^4.0.0 - version: 4.0.0 - lodash: - specifier: ^4.17.21 - version: 4.17.21 - lunarphase-js: - specifier: ^2.0.3 - version: 2.0.3 - multiformats: - specifier: ^13.2.2 - version: 13.2.2 - next: - specifier: 14.2.7 - version: 14.2.7(react-dom@18.3.1(react@18.3.1))(react@18.3.1)(sass@1.77.8) - next-auth: - specifier: 4.24.10 - version: 4.24.10(next@14.2.7(react-dom@18.3.1(react@18.3.1))(react@18.3.1)(sass@1.77.8))(nodemailer@6.9.16)(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - next-goatcounter: - specifier: ^1.0.5 - version: 1.0.5(next@14.2.7(react-dom@18.3.1(react@18.3.1))(react@18.3.1)(sass@1.77.8))(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - nextjs-cors: - specifier: ^2.2.0 - version: 2.2.0(next@14.2.7(react-dom@18.3.1(react@18.3.1))(react@18.3.1)(sass@1.77.8)) - nextjs-toploader: - specifier: ^3.6.15 - version: 3.6.15(next@14.2.7(react-dom@18.3.1(react@18.3.1))(react@18.3.1)(sass@1.77.8))(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - plyr: - specifier: ^3.7.8 - version: 3.7.8 - qs: - specifier: ^6.13.0 - version: 6.13.0 - react: - specifier: ^18.3.1 - version: 18.3.1 - react-data-table-component: - specifier: ^7.6.2 - version: 7.6.2(react@18.3.1)(styled-components@6.1.13(react-dom@18.3.1(react@18.3.1))(react@18.3.1)) - react-dom: - specifier: ^18.3.1 - version: 18.3.1(react@18.3.1) - react-hook-form: - specifier: ^7.53.0 - version: 7.53.0(react@18.3.1) - react-loading-skeleton: - specifier: ^3.4.0 - version: 3.4.0(react@18.3.1) - react-toastify: - specifier: ^10.0.5 - version: 10.0.5(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - sass: - specifier: ^1.77.8 - version: 1.77.8 - sharp: - specifier: ^0.33.5 - version: 0.33.5 - slugify: - specifier: ^1.6.6 - version: 1.6.6 - styled-components: - specifier: 6.1.13 - version: 6.1.13(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - yup: - specifier: ^1.4.0 - version: 1.4.0 - devDependencies: - '@types/node': - specifier: ^22.5.2 - version: 22.5.2 - eslint: - specifier: ^9.9.1 - version: 9.9.1 - eslint-config-next: - specifier: 14.2.7 - version: 14.2.7(eslint@9.9.1)(typescript@5.5.4) - typescript: - specifier: 5.5.4 - version: 5.5.4 - -packages: - - '@babel/runtime@7.26.0': - resolution: {integrity: sha512-FDSOghenHTiToteC/QRlv2q3DhPZ/oOXTBoirfWNx1Cx3TMVcGWQtMMmQcSvb/JjpNeGzx8Pq/b4fKEJuWm1sw==} - engines: {node: '>=6.9.0'} - - '@dicebear/adventurer-neutral@9.2.2': - resolution: {integrity: sha512-XVAjhUWjav6luTZ7txz8zVJU/H0DiUy4uU1Z7IO5MDO6kWvum+If1+0OUgEWYZwM+RDI7rt2CgVP910DyZGd1w==} - engines: {node: '>=18.0.0'} - peerDependencies: - '@dicebear/core': ^9.0.0 - - '@dicebear/adventurer@9.2.2': - resolution: {integrity: sha512-WjBXCP9EXbUul2zC3BS2/R3/4diw1uh/lU4jTEnujK1mhqwIwanFboIMzQsasNNL/xf+m3OHN7MUNJfHZ1fLZA==} - engines: {node: '>=18.0.0'} - peerDependencies: - '@dicebear/core': ^9.0.0 - - '@dicebear/avataaars-neutral@9.2.2': - resolution: {integrity: sha512-pRj16P27dFDBI3LtdiHUDwIXIGndHAbZf5AxaMkn6/+0X93mVQ/btVJDXyW0G96WCsyC88wKAWr6/KJotPxU6Q==} - engines: {node: '>=18.0.0'} - peerDependencies: - '@dicebear/core': ^9.0.0 - - '@dicebear/avataaars@9.2.2': - resolution: {integrity: sha512-WqJPQEt0OhBybTpI0TqU1uD1pSk9M2+VPIwvBye/dXo46b+0jHGpftmxjQwk6tX8z0+mRko8pwV5n+cWht1/+w==} - engines: {node: '>=18.0.0'} - peerDependencies: - '@dicebear/core': ^9.0.0 - - '@dicebear/big-ears-neutral@9.2.2': - resolution: {integrity: sha512-IPHt8fi3dv9cyfBJBZ4s8T+PhFCrQvOCf91iRHBT3iOLNPdyZpI5GNLmGiV0XMAvIDP5NvA5+f6wdoBLhYhbDA==} - engines: {node: '>=18.0.0'} - peerDependencies: - '@dicebear/core': ^9.0.0 - - '@dicebear/big-ears@9.2.2': - resolution: {integrity: sha512-hz4UXdPq4qqZpu0YVvlqM4RDFhk5i0WgPcuwj/MOLlgTjuj63uHUhCQSk6ZiW1DQOs12qpwUBMGWVHxBRBas9g==} - engines: {node: '>=18.0.0'} - peerDependencies: - '@dicebear/core': ^9.0.0 - - '@dicebear/big-smile@9.2.2': - resolution: {integrity: sha512-D4td0GL8or1nTNnXvZqkEXlzyqzGPWs3znOnm1HIohtFTeIwXm72Ob2lNDsaQJSJvXmVlwaQQ0CCTvyCl8Stjw==} - engines: {node: '>=18.0.0'} - peerDependencies: - '@dicebear/core': ^9.0.0 - - '@dicebear/bottts-neutral@9.2.2': - resolution: {integrity: sha512-lSgpqmSJtlnyxVuUgNdBwyzuA0O9xa5zRJtz7x2KyWbicXir5iYdX0MVMCkp1EDvlcxm9rGJsclktugOyakTlw==} - engines: {node: '>=18.0.0'} - peerDependencies: - '@dicebear/core': ^9.0.0 - - '@dicebear/bottts@9.2.2': - resolution: {integrity: sha512-wugFkzw8JNWV1nftq/Wp/vmQsLAXDxrMtRK3AoMODuUpSVoP3EHRUfKS043xggOsQFvoj0HZ7kadmhn0AMLf5A==} - engines: {node: '>=18.0.0'} - peerDependencies: - '@dicebear/core': ^9.0.0 - - '@dicebear/collection@9.2.2': - resolution: {integrity: sha512-vZAmXhPWCK3sf8Fj9/QflFC6XOLroJOT5K1HdnzHaPboEvffUQideGCrrEamnJtlH0iF0ZDXh8gqmwy2fu+yHA==} - engines: {node: '>=18.0.0'} - peerDependencies: - '@dicebear/core': ^9.0.0 - - '@dicebear/core@9.2.2': - resolution: {integrity: sha512-ROhgHG249dPtcXgBHcqPEsDeAPRPRD/9d+tZCjLYyueO+cXDlIA8dUlxpwIVcOuZFvCyW6RJtqo8BhNAi16pIQ==} - engines: {node: '>=18.0.0'} - - '@dicebear/croodles-neutral@9.2.2': - resolution: {integrity: sha512-/4mNirxoQ+z1kHXnpDRbJ1JV1ZgXogeTeNp0MaFYxocCgHfJ7ckNM23EE1I7akoo9pqPxrKlaeNzGAjKHdS9vA==} - engines: {node: '>=18.0.0'} - peerDependencies: - '@dicebear/core': ^9.0.0 - - '@dicebear/croodles@9.2.2': - resolution: {integrity: sha512-OzvAXQWsOgMwL3Sl+lBxCubqSOWoBJpC78c4TKnNTS21rR63TtXUyVdLLzgKVN4YHRnvMgtPf8F/W9YAgIDK4w==} - engines: {node: '>=18.0.0'} - peerDependencies: - '@dicebear/core': ^9.0.0 - - '@dicebear/dylan@9.2.2': - resolution: {integrity: sha512-s7e3XliC1YXP+Wykj+j5kwdOWFRXFzYHYk/PB4oZ1F3sJandXiG0HS4chaNu4EoP0yZgKyFMUVTGZx+o6tMaYg==} - engines: {node: '>=18.0.0'} - peerDependencies: - '@dicebear/core': ^9.0.0 - - '@dicebear/fun-emoji@9.2.2': - resolution: {integrity: sha512-M+rYTpB3lfwz18f+/i+ggNwNWUoEj58SJqXJ1wr7Jh/4E5uL+NmJg9JGwYNaVtGbCFrKAjSaILNUWGQSFgMfog==} - engines: {node: '>=18.0.0'} - peerDependencies: - '@dicebear/core': ^9.0.0 - - '@dicebear/glass@9.2.2': - resolution: {integrity: sha512-imCMxcg+XScHYtQq2MUv1lCzhQSCUglMlPSezKEpXhTxgbgUpmGlSGVkOfmX5EEc7SQowKkF1W/1gNk6CXvBaQ==} - engines: {node: '>=18.0.0'} - peerDependencies: - '@dicebear/core': ^9.0.0 - - '@dicebear/icons@9.2.2': - resolution: {integrity: sha512-Tqq2OVCdS7J02DNw58xwlgLGl40sWEckbqXT3qRvIF63FfVq+wQZBGuhuiyAURcSgvsc3h2oQeYFi9iXh7HTOA==} - engines: {node: '>=18.0.0'} - peerDependencies: - '@dicebear/core': ^9.0.0 - - '@dicebear/identicon@9.2.2': - resolution: {integrity: sha512-POVKFulIrcuZf3rdAgxYaSm2XUg/TJg3tg9zq9150reEGPpzWR7ijyJ03dzAADPzS3DExfdYVT9+z3JKwwJnTQ==} - engines: {node: '>=18.0.0'} - peerDependencies: - '@dicebear/core': ^9.0.0 - - '@dicebear/initials@9.2.2': - resolution: {integrity: sha512-/xNnsEmsstWjmF77htAOuwOMhFlP6eBVXgcgFlTl/CCH/Oc6H7t0vwX1he8KLQBBzjGpvJcvIAn4Wh9rE4D5/A==} - engines: {node: '>=18.0.0'} - peerDependencies: - '@dicebear/core': ^9.0.0 - - '@dicebear/lorelei-neutral@9.2.2': - resolution: {integrity: sha512-Eys9Os6nt2Xll7Mvu66CfRR2YggTopWcmFcRZ9pPdohS96kT0MsLI2iTcfZXQ51K8hvT3IbwoGc86W8n0cDxAQ==} - engines: {node: '>=18.0.0'} - peerDependencies: - '@dicebear/core': ^9.0.0 - - '@dicebear/lorelei@9.2.2': - resolution: {integrity: sha512-koXqVr/vcWUPo00VP5H6Czsit+uF1tmwd2NK7Q/e34/9Sd1f4QLLxHjjBNm/iNjCI1+UNTOvZ2Qqu0N5eo7Flw==} - engines: {node: '>=18.0.0'} - peerDependencies: - '@dicebear/core': ^9.0.0 - - '@dicebear/micah@9.2.2': - resolution: {integrity: sha512-NCajcJV5yw8uMKiACp694w1T/UyYme2CUEzyTzWHgWnQ+drAuCcH8gpAoLWd67viNdQB/MTpNlaelUgTjmI4AQ==} - engines: {node: '>=18.0.0'} - peerDependencies: - '@dicebear/core': ^9.0.0 - - '@dicebear/miniavs@9.2.2': - resolution: {integrity: sha512-vvkWXttdw+KHF3j+9qcUFzK+P0nbNnImGjvN48wwkPIh2h08WWFq0MnoOls4IHwUJC4GXBjWtiyVoCxz6hhtOA==} - engines: {node: '>=18.0.0'} - peerDependencies: - '@dicebear/core': ^9.0.0 - - '@dicebear/notionists-neutral@9.2.2': - resolution: {integrity: sha512-AhOzk+lz6kB4uxGun8AJhV+W1nttnMlxmxd+5KbQ/txCIziYIaeD3il44wsAGegEpGFvAZyMYtR/jjfHcem3TA==} - engines: {node: '>=18.0.0'} - peerDependencies: - '@dicebear/core': ^9.0.0 - - '@dicebear/notionists@9.2.2': - resolution: {integrity: sha512-Z9orRaHoj7Y9Ap4wEu8XOrFACsG1KbbBQUPV1R50uh6AHwsyNrm4cS84ICoGLvxgLNHHOae3YCjd8aMu2z19zg==} - engines: {node: '>=18.0.0'} - peerDependencies: - '@dicebear/core': ^9.0.0 - - '@dicebear/open-peeps@9.2.2': - resolution: {integrity: sha512-6PeQDHYyjvKrGSl/gP+RE5dSYAQGKpcGnM65HorgyTIugZK7STo0W4hvEycedupZ3MCCEH8x/XyiChKM2sHXog==} - engines: {node: '>=18.0.0'} - peerDependencies: - '@dicebear/core': ^9.0.0 - - '@dicebear/personas@9.2.2': - resolution: {integrity: sha512-705+ObNLC0w1fcgE/Utav+8bqO+Esu53TXegpX5j7trGEoIMf2bThqJGHuhknZ3+T2az3Wr89cGyOGlI0KLzLA==} - engines: {node: '>=18.0.0'} - peerDependencies: - '@dicebear/core': ^9.0.0 - - '@dicebear/pixel-art-neutral@9.2.2': - resolution: {integrity: sha512-CdUY77H6Aj7dKLW3hdkv7tu0XQJArUjaWoXihQxlhl3oVYplWaoyu9omYy5pl8HTqs8YgVTGljjMXYoFuK0JUw==} - engines: {node: '>=18.0.0'} - peerDependencies: - '@dicebear/core': ^9.0.0 - - '@dicebear/pixel-art@9.2.2': - resolution: {integrity: sha512-BvbFdrpzQl04+Y9UsWP63YGug+ENGC7GMG88qbEFWxb/IqRavGa4H3D0T4Zl2PSLiw7f2Ctv98bsCQZ1PtCznQ==} - engines: {node: '>=18.0.0'} - peerDependencies: - '@dicebear/core': ^9.0.0 - - '@dicebear/rings@9.2.2': - resolution: {integrity: sha512-eD1J1k364Arny+UlvGrk12HP/XGG6WxPSm4BarFqdJGSV45XOZlwqoi7FlcMr9r9yvE/nGL8OizbwMYusEEdjw==} - engines: {node: '>=18.0.0'} - peerDependencies: - '@dicebear/core': ^9.0.0 - - '@dicebear/shapes@9.2.2': - resolution: {integrity: sha512-e741NNWBa7fg0BjomxXa0fFPME2XCIR0FA+VHdq9AD2taTGHEPsg5x1QJhCRdK6ww85yeu3V3ucpZXdSrHVw5Q==} - engines: {node: '>=18.0.0'} - peerDependencies: - '@dicebear/core': ^9.0.0 - - '@dicebear/thumbs@9.2.2': - resolution: {integrity: sha512-FkPLDNu7n5kThLSk7lR/0cz/NkUqgGdZGfLZv6fLkGNGtv6W+e2vZaO7HCXVwIgJ+II+kImN41zVIZ6Jlll7pQ==} - engines: {node: '>=18.0.0'} - peerDependencies: - '@dicebear/core': ^9.0.0 - - '@edge-runtime/cookies@4.1.1': - resolution: {integrity: sha512-ATZLTOpnCUD9ZLNBIXhxOmP/UVx6BfhCjDy9P1YACpD8vrHb5Uw7YlG9RYUl1AMF7Y10TIIN3jhFbUSMiH2J7g==} - engines: {node: '>=16'} - - '@emnapi/runtime@1.2.0': - resolution: {integrity: sha512-bV21/9LQmcQeCPEg3BDFtvwL6cwiTMksYNWQQ4KOxCZikEGalWtenoZ0wCiukJINlGCIi2KXx01g4FoH/LxpzQ==} - - '@emotion/is-prop-valid@1.2.2': - resolution: {integrity: sha512-uNsoYd37AFmaCdXlg6EYD1KaPOaRWRByMCYzbKUX4+hhMfrxdVSelShywL4JVaAeM/eHUOSprYBQls+/neX3pw==} - - '@emotion/memoize@0.8.1': - resolution: {integrity: sha512-W2P2c/VRW1/1tLox0mVUalvnWXxavmv/Oum2aPsRcoDJuob75FC3Y8FbpfLwUegRcxINtGUMPq0tFCvYNTBXNA==} - - '@emotion/unitless@0.8.1': - resolution: {integrity: sha512-KOEGMu6dmJZtpadb476IsZBclKvILjopjUii3V+7MnXIQCYh8W3NgNcgwo21n9LXZX6EDIKvqfjYxXebDwxKmQ==} - - '@eslint-community/eslint-utils@4.4.0': - resolution: {integrity: sha512-1/sA4dwrzBAyeUoQ6oxahHKmrZvsnLCg4RfxW3ZFGGmQkSNQPFNLV9CUEFQP1x9EYXHTo5p6xdhZM1Ne9p/AfA==} - engines: {node: ^12.22.0 || ^14.17.0 || >=16.0.0} - peerDependencies: - eslint: ^6.0.0 || ^7.0.0 || >=8.0.0 - - '@eslint-community/regexpp@4.11.0': - resolution: {integrity: sha512-G/M/tIiMrTAxEWRfLfQJMmGNX28IxBg4PBz8XqQhqUHLFI6TL2htpIB1iQCj144V5ee/JaKyT9/WZ0MGZWfA7A==} - engines: {node: ^12.0.0 || ^14.0.0 || >=16.0.0} - - '@eslint/config-array@0.18.0': - resolution: {integrity: sha512-fTxvnS1sRMu3+JjXwJG0j/i4RT9u4qJ+lqS/yCGap4lH4zZGzQ7tu+xZqQmcMZq5OBZDL4QRxQzRjkWcGt8IVw==} - engines: {node: ^18.18.0 || ^20.9.0 || >=21.1.0} - - '@eslint/eslintrc@3.1.0': - resolution: {integrity: sha512-4Bfj15dVJdoy3RfZmmo86RK1Fwzn6SstsvK9JS+BaVKqC6QQQQyXekNaC+g+LKNgkQ+2VhGAzm6hO40AhMR3zQ==} - engines: {node: ^18.18.0 || ^20.9.0 || >=21.1.0} - - '@eslint/js@9.9.1': - resolution: {integrity: sha512-xIDQRsfg5hNBqHz04H1R3scSVwmI+KUbqjsQKHKQ1DAUSaUjYPReZZmS/5PNiKu1fUvzDd6H7DEDKACSEhu+TQ==} - engines: {node: ^18.18.0 || ^20.9.0 || >=21.1.0} - - '@eslint/object-schema@2.1.4': - resolution: {integrity: sha512-BsWiH1yFGjXXS2yvrf5LyuoSIIbPrGUWob917o+BTKuZ7qJdxX8aJLRxs1fS9n6r7vESrq1OUqb68dANcFXuQQ==} - engines: {node: ^18.18.0 || ^20.9.0 || >=21.1.0} - - '@fortawesome/fontawesome-common-types@6.6.0': - resolution: {integrity: sha512-xyX0X9mc0kyz9plIyryrRbl7ngsA9jz77mCZJsUkLl+ZKs0KWObgaEBoSgQiYWAsSmjz/yjl0F++Got0Mdp4Rw==} - engines: {node: '>=6'} - - '@fortawesome/fontawesome-free@6.6.0': - resolution: {integrity: sha512-60G28ke/sXdtS9KZCpZSHHkCbdsOGEhIUGlwq6yhY74UpTiToIh8np7A8yphhM4BWsvNFtIvLpi4co+h9Mr9Ow==} - engines: {node: '>=6'} - - '@fortawesome/fontawesome-svg-core@6.6.0': - resolution: {integrity: sha512-KHwPkCk6oRT4HADE7smhfsKudt9N/9lm6EJ5BVg0tD1yPA5hht837fB87F8pn15D8JfTqQOjhKTktwmLMiD7Kg==} - engines: {node: '>=6'} - - '@fortawesome/free-brands-svg-icons@6.6.0': - resolution: {integrity: sha512-1MPD8lMNW/earme4OQi1IFHtmHUwAKgghXlNwWi9GO7QkTfD+IIaYpIai4m2YJEzqfEji3jFHX1DZI5pbY/biQ==} - engines: {node: '>=6'} - - '@fortawesome/free-solid-svg-icons@6.6.0': - resolution: {integrity: sha512-IYv/2skhEDFc2WGUcqvFJkeK39Q+HyPf5GHUrT/l2pKbtgEIv1al1TKd6qStR5OIwQdN1GZP54ci3y4mroJWjA==} - engines: {node: '>=6'} - - '@fortawesome/react-fontawesome@0.2.2': - resolution: {integrity: sha512-EnkrprPNqI6SXJl//m29hpaNzOp1bruISWaOiRtkMi/xSvHJlzc2j2JAYS7egxt/EbjSNV/k6Xy0AQI6vB2+1g==} - peerDependencies: - '@fortawesome/fontawesome-svg-core': ~1 || ~6 - react: '>=16.3' - - '@hookform/error-message@2.0.1': - resolution: {integrity: sha512-U410sAr92xgxT1idlu9WWOVjndxLdgPUHEB8Schr27C9eh7/xUnITWpCMF93s+lGiG++D4JnbSnrb5A21AdSNg==} - peerDependencies: - react: '>=16.8.0' - react-dom: '>=16.8.0' - react-hook-form: ^7.0.0 - - '@hookform/resolvers@3.9.0': - resolution: {integrity: sha512-bU0Gr4EepJ/EQsH/IwEzYLsT/PEj5C0ynLQ4m+GSHS+xKH4TfSelhluTgOaoc4kA5s7eCsQbM4wvZLzELmWzUg==} - peerDependencies: - react-hook-form: ^7.0.0 - - '@humanwhocodes/module-importer@1.0.1': - resolution: {integrity: sha512-bxveV4V8v5Yb4ncFTT3rPSgZBOpCkjfK0y4oVVVJwIuDVBRMDXrPyXRL988i5ap9m9bnyEEjWfm5WkBmtffLfA==} - engines: {node: '>=12.22'} - - '@humanwhocodes/retry@0.3.0': - resolution: {integrity: sha512-d2CGZR2o7fS6sWB7DG/3a95bGKQyHMACZ5aW8qGkkqQpUoZV6C0X7Pc7l4ZNMZkfNBf4VWNe9E1jRsf0G146Ew==} - engines: {node: '>=18.18'} - - '@img/sharp-darwin-arm64@0.33.5': - resolution: {integrity: sha512-UT4p+iz/2H4twwAoLCqfA9UH5pI6DggwKEGuaPy7nCVQ8ZsiY5PIcrRvD1DzuY3qYL07NtIQcWnBSY/heikIFQ==} - engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0} - cpu: [arm64] - os: [darwin] - - '@img/sharp-darwin-x64@0.33.5': - resolution: {integrity: sha512-fyHac4jIc1ANYGRDxtiqelIbdWkIuQaI84Mv45KvGRRxSAa7o7d1ZKAOBaYbnepLC1WqxfpimdeWfvqqSGwR2Q==} - engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0} - cpu: [x64] - os: [darwin] - - '@img/sharp-libvips-darwin-arm64@1.0.4': - resolution: {integrity: sha512-XblONe153h0O2zuFfTAbQYAX2JhYmDHeWikp1LM9Hul9gVPjFY427k6dFEcOL72O01QxQsWi761svJ/ev9xEDg==} - cpu: [arm64] - os: [darwin] - - '@img/sharp-libvips-darwin-x64@1.0.4': - resolution: {integrity: sha512-xnGR8YuZYfJGmWPvmlunFaWJsb9T/AO2ykoP3Fz/0X5XV2aoYBPkX6xqCQvUTKKiLddarLaxpzNe+b1hjeWHAQ==} - cpu: [x64] - os: [darwin] - - '@img/sharp-libvips-linux-arm64@1.0.4': - resolution: {integrity: sha512-9B+taZ8DlyyqzZQnoeIvDVR/2F4EbMepXMc/NdVbkzsJbzkUjhXv/70GQJ7tdLA4YJgNP25zukcxpX2/SueNrA==} - cpu: [arm64] - os: [linux] - - '@img/sharp-libvips-linux-arm@1.0.5': - resolution: {integrity: sha512-gvcC4ACAOPRNATg/ov8/MnbxFDJqf/pDePbBnuBDcjsI8PssmjoKMAz4LtLaVi+OnSb5FK/yIOamqDwGmXW32g==} - cpu: [arm] - os: [linux] - - '@img/sharp-libvips-linux-s390x@1.0.4': - resolution: {integrity: sha512-u7Wz6ntiSSgGSGcjZ55im6uvTrOxSIS8/dgoVMoiGE9I6JAfU50yH5BoDlYA1tcuGS7g/QNtetJnxA6QEsCVTA==} - cpu: [s390x] - os: [linux] - - '@img/sharp-libvips-linux-x64@1.0.4': - resolution: {integrity: sha512-MmWmQ3iPFZr0Iev+BAgVMb3ZyC4KeFc3jFxnNbEPas60e1cIfevbtuyf9nDGIzOaW9PdnDciJm+wFFaTlj5xYw==} - cpu: [x64] - os: [linux] - - '@img/sharp-libvips-linuxmusl-arm64@1.0.4': - resolution: {integrity: sha512-9Ti+BbTYDcsbp4wfYib8Ctm1ilkugkA/uscUn6UXK1ldpC1JjiXbLfFZtRlBhjPZ5o1NCLiDbg8fhUPKStHoTA==} - cpu: [arm64] - os: [linux] - - '@img/sharp-libvips-linuxmusl-x64@1.0.4': - resolution: {integrity: sha512-viYN1KX9m+/hGkJtvYYp+CCLgnJXwiQB39damAO7WMdKWlIhmYTfHjwSbQeUK/20vY154mwezd9HflVFM1wVSw==} - cpu: [x64] - os: [linux] - - '@img/sharp-linux-arm64@0.33.5': - resolution: {integrity: sha512-JMVv+AMRyGOHtO1RFBiJy/MBsgz0x4AWrT6QoEVVTyh1E39TrCUpTRI7mx9VksGX4awWASxqCYLCV4wBZHAYxA==} - engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0} - cpu: [arm64] - os: [linux] - - '@img/sharp-linux-arm@0.33.5': - resolution: {integrity: sha512-JTS1eldqZbJxjvKaAkxhZmBqPRGmxgu+qFKSInv8moZ2AmT5Yib3EQ1c6gp493HvrvV8QgdOXdyaIBrhvFhBMQ==} - engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0} - cpu: [arm] - os: [linux] - - '@img/sharp-linux-s390x@0.33.5': - resolution: {integrity: sha512-y/5PCd+mP4CA/sPDKl2961b+C9d+vPAveS33s6Z3zfASk2j5upL6fXVPZi7ztePZ5CuH+1kW8JtvxgbuXHRa4Q==} - engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0} - cpu: [s390x] - os: [linux] - - '@img/sharp-linux-x64@0.33.5': - resolution: {integrity: sha512-opC+Ok5pRNAzuvq1AG0ar+1owsu842/Ab+4qvU879ippJBHvyY5n2mxF1izXqkPYlGuP/M556uh53jRLJmzTWA==} - engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0} - cpu: [x64] - os: [linux] - - '@img/sharp-linuxmusl-arm64@0.33.5': - resolution: {integrity: sha512-XrHMZwGQGvJg2V/oRSUfSAfjfPxO+4DkiRh6p2AFjLQztWUuY/o8Mq0eMQVIY7HJ1CDQUJlxGGZRw1a5bqmd1g==} - engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0} - cpu: [arm64] - os: [linux] - - '@img/sharp-linuxmusl-x64@0.33.5': - resolution: {integrity: sha512-WT+d/cgqKkkKySYmqoZ8y3pxx7lx9vVejxW/W4DOFMYVSkErR+w7mf2u8m/y4+xHe7yY9DAXQMWQhpnMuFfScw==} - engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0} - cpu: [x64] - os: [linux] - - '@img/sharp-wasm32@0.33.5': - resolution: {integrity: sha512-ykUW4LVGaMcU9lu9thv85CbRMAwfeadCJHRsg2GmeRa/cJxsVY9Rbd57JcMxBkKHag5U/x7TSBpScF4U8ElVzg==} - engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0} - cpu: [wasm32] - - '@img/sharp-win32-ia32@0.33.5': - resolution: {integrity: sha512-T36PblLaTwuVJ/zw/LaH0PdZkRz5rd3SmMHX8GSmR7vtNSP5Z6bQkExdSK7xGWyxLw4sUknBuugTelgw2faBbQ==} - engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0} - cpu: [ia32] - os: [win32] - - '@img/sharp-win32-x64@0.33.5': - resolution: {integrity: sha512-MpY/o8/8kj+EcnxwvrP4aTJSWw/aZ7JIGR4aBeZkZw5B7/Jn+tY9/VNwtcoGmdT7GfggGIU4kygOMSbYnOrAbg==} - engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0} - cpu: [x64] - os: [win32] - - '@isaacs/cliui@8.0.2': - resolution: {integrity: sha512-O8jcjabXaleOG9DQ0+ARXWZBTfnP4WNAqzuiJK7ll44AmxGKv/J2M4TPjxjY3znBCfvBXFzucm1twdyFybFqEA==} - engines: {node: '>=12'} - - '@logto/client@2.8.1': - resolution: {integrity: sha512-tUQC36l9U3knrTicXFjd+FiBqwG1/KSGn1o3wx9DFn+5iSTQa66B+Y88GaXcxAYsgjzmSHrDY3qxuQg729mleQ==} - - '@logto/js@4.2.0': - resolution: {integrity: sha512-kse29kNKuM/tw30YcOf2eOQuFBlGPZTr4rKI/LpdTKhk0fLGM5ZJKPQWNPiPFZdBfTldERXVNtd17/bZLWc/OQ==} - - '@logto/next@3.7.1': - resolution: {integrity: sha512-ZMk+yszQV9N7y21oT+V0c1bE88ffDdJJKJtXxpFHAEwjwXFgIfxlpWnmXppb5v3Zkf/SISFEyFTGYqIB9l7rDg==} - peerDependencies: - next: '>=12' - - '@logto/node@2.5.8': - resolution: {integrity: sha512-QNVWIZf6sLAbF6rDT/wAG64S4IH5OQYk38fJvJYuIuMRHhUDf2VD+ENZ5BBwX3sOHFf6OM4rJVt2vWVJ8kTVow==} - - '@mux/blurhash@0.1.2': - resolution: {integrity: sha512-fWLOXHS2l3CGyPHF4NSRLqZx9DDAz1WYC4YXD3du24xxibIKUyBYzg7PDtx54z5QaQ12ln5oPFvhH5LhaLzeZg==} - - '@mux/mux-player-react@2.9.1': - resolution: {integrity: sha512-1BpMs1J7P+d+/QCf9/mkTk/NPYR6sOskR4Ih0uFZjDAqNUN7/C9Q0FEJ6hF3sFXwAXo50RhnfCzsC5uYx3QHbA==} - peerDependencies: - '@types/react': ^17.0.0 || ^18 || ^19 - '@types/react-dom': '*' - react: ^17.0.2 || ^18 || ^19 - react-dom: ^17.0.2 || ^18 || ^19 - peerDependenciesMeta: - '@types/react': - optional: true - '@types/react-dom': - optional: true - - '@mux/mux-player@2.9.1': - resolution: {integrity: sha512-TAyoUSPTV0IXWGMOknL6O+IeGSEJ8aS154DzyzqZgdd3zDJHM8JpkyNHgtowatMHT2lB6h+qMtWfp4u3ijpo2A==} - - '@mux/mux-video@0.20.2': - resolution: {integrity: sha512-CqkK9EZZWdQE4U62JKlmWDskirT+D9C4suh2tSqKb2CA/0S4ybbbrVWcCKF7xfadUacfKO1yPsOKbe46F6phVQ==} - - '@mux/playback-core@0.25.2': - resolution: {integrity: sha512-vrBbCgLHwmPpVxF0QGj+sXHUVXSxgDJJhVm8pxPXEkbw0vjPNHTXgAd/Ty6JA0vZ0ZjoQuAa17AxJ+c02JYeWQ==} - - '@next/env@14.2.7': - resolution: {integrity: sha512-OTx9y6I3xE/eih+qtthppwLytmpJVPM5PPoJxChFsbjIEFXIayG0h/xLzefHGJviAa3Q5+Fd+9uYojKkHDKxoQ==} - - '@next/eslint-plugin-next@14.2.7': - resolution: {integrity: sha512-+7xh142AdhZGjY9/L0iFo7mqRBMJHe+q+uOL+hto1Lfo9DeWCGcR6no4StlFbVSVcA6fQLKEX6y6qhMsSKbgNQ==} - - '@next/swc-darwin-arm64@14.2.7': - resolution: {integrity: sha512-UhZGcOyI9LE/tZL3h9rs/2wMZaaJKwnpAyegUVDGZqwsla6hMfeSj9ssBWQS9yA4UXun3pPhrFLVnw5KXZs3vw==} - engines: {node: '>= 10'} - cpu: [arm64] - os: [darwin] - - '@next/swc-darwin-x64@14.2.7': - resolution: {integrity: sha512-ys2cUgZYRc+CbyDeLAaAdZgS7N1Kpyy+wo0b/gAj+SeOeaj0Lw/q+G1hp+DuDiDAVyxLBCJXEY/AkhDmtihUTA==} - engines: {node: '>= 10'} - cpu: [x64] - os: [darwin] - - '@next/swc-linux-arm64-gnu@14.2.7': - resolution: {integrity: sha512-2xoWtE13sUJ3qrC1lwE/HjbDPm+kBQYFkkiVECJWctRASAHQ+NwjMzgrfqqMYHfMxFb5Wws3w9PqzZJqKFdWcQ==} - engines: {node: '>= 10'} - cpu: [arm64] - os: [linux] - - '@next/swc-linux-arm64-musl@14.2.7': - resolution: {integrity: sha512-+zJ1gJdl35BSAGpkCbfyiY6iRTaPrt3KTl4SF/B1NyELkqqnrNX6cp4IjjjxKpd64/7enI0kf6b9O1Uf3cL0pw==} - engines: {node: '>= 10'} - cpu: [arm64] - os: [linux] - - '@next/swc-linux-x64-gnu@14.2.7': - resolution: {integrity: sha512-m6EBqrskeMUzykBrv0fDX/28lWIBGhMzOYaStp0ihkjzIYJiKUOzVYD1gULHc8XDf5EMSqoH/0/TRAgXqpQwmw==} - engines: {node: '>= 10'} - cpu: [x64] - os: [linux] - - '@next/swc-linux-x64-musl@14.2.7': - resolution: {integrity: sha512-gUu0viOMvMlzFRz1r1eQ7Ql4OE+hPOmA7smfZAhn8vC4+0swMZaZxa9CSIozTYavi+bJNDZ3tgiSdMjmMzRJlQ==} - engines: {node: '>= 10'} - cpu: [x64] - os: [linux] - - '@next/swc-win32-arm64-msvc@14.2.7': - resolution: {integrity: sha512-PGbONHIVIuzWlYmLvuFKcj+8jXnLbx4WrlESYlVnEzDsa3+Q2hI1YHoXaSmbq0k4ZwZ7J6sWNV4UZfx1OeOlbQ==} - engines: {node: '>= 10'} - cpu: [arm64] - os: [win32] - - '@next/swc-win32-ia32-msvc@14.2.7': - resolution: {integrity: sha512-BiSY5umlx9ed5RQDoHcdbuKTUkuFORDqzYKPHlLeS+STUWQKWziVOn3Ic41LuTBvqE0TRJPKpio9GSIblNR+0w==} - engines: {node: '>= 10'} - cpu: [ia32] - os: [win32] - - '@next/swc-win32-x64-msvc@14.2.7': - resolution: {integrity: sha512-pxsI23gKWRt/SPHFkDEsP+w+Nd7gK37Hpv0ngc5HpWy2e7cKx9zR/+Q2ptAUqICNTecAaGWvmhway7pj/JLEWA==} - engines: {node: '>= 10'} - cpu: [x64] - os: [win32] - - '@noble/hashes@1.5.0': - resolution: {integrity: sha512-1j6kQFb7QRru7eKN3ZDvRcP13rugwdxZqCjbiAVZfIJwgj2A65UmT4TgARXGlXgnRkORLTDTrO19ZErt7+QXgA==} - engines: {node: ^14.21.3 || >=16} - - '@nodelib/fs.scandir@2.1.5': - resolution: {integrity: sha512-vq24Bq3ym5HEQm2NKCr3yXDwjc7vTsEThRDnkp2DK9p1uqLR+DHurm/NOTo0KG7HYHU7eppKZj3MyqYuMBf62g==} - engines: {node: '>= 8'} - - '@nodelib/fs.stat@2.0.5': - resolution: {integrity: sha512-RkhPPp2zrqDAQA/2jNhnztcPAlv64XdhIp7a7454A5ovI7Bukxgt7MX7udwAu3zg1DcpPU0rz3VV1SeaqvY4+A==} - engines: {node: '>= 8'} - - '@nodelib/fs.walk@1.2.8': - resolution: {integrity: sha512-oGB+UxlgWcgQkgwo8GcEGwemoTFt3FIO9ababBmaGwXIoBKZ+GTy0pP185beGg7Llih/NSHSV2XAs1lnznocSg==} - engines: {node: '>= 8'} - - '@nolyfill/is-core-module@1.0.39': - resolution: {integrity: sha512-nn5ozdjYQpUCZlWGuxcJY/KpxkWQs4DcbMCmKojjyrYDEAGy4Ce19NN4v5MduafTwJlbKc99UA8YhSVqq9yPZA==} - engines: {node: '>=12.4.0'} - - '@panva/hkdf@1.2.1': - resolution: {integrity: sha512-6oclG6Y3PiDFcoyk8srjLfVKyMfVCKJ27JwNPViuXziFpmdz+MZnZN/aKY0JGXgYuO/VghU0jcOAZgWXZ1Dmrw==} - - '@paralleldrive/cuid2@2.2.2': - resolution: {integrity: sha512-ZOBkgDwEdoYVlSeRbYYXs0S9MejQofiVYoTbKzy/6GQa39/q5tQU2IX46+shYnUkpEl3wc+J6wRlar7r2EK2xA==} - - '@pkgjs/parseargs@0.11.0': - resolution: {integrity: sha512-+1VkjdD0QBLPodGrJUeqarH8VAIvQODIbwh9XpP5Syisf7YoQgsJKPNFoqqLQlu+VQ/tVSshMR6loPMn8U+dPg==} - engines: {node: '>=14'} - - '@react-hookz/deep-equal@1.0.4': - resolution: {integrity: sha512-N56fTrAPUDz/R423pag+n6TXWbvlBZDtTehaGFjK0InmN+V2OFWLE/WmORhmn6Ce7dlwH5+tQN1LJFw3ngTJVg==} - - '@react-hookz/web@24.0.4': - resolution: {integrity: sha512-DcIM6JiZklDyHF6CRD1FTXzuggAkQ+3Ncq2Wln7Kdih8GV6ZIeN9JfS6ZaQxpQUxan8/4n0J2V/R7nMeiSrb2Q==} - engines: {node: '>=18.0.0'} - peerDependencies: - js-cookie: ^3.0.5 - react: ^16.8 || ^17 || ^18 - react-dom: ^16.8 || ^17 || ^18 - peerDependenciesMeta: - js-cookie: - optional: true - - '@rtsao/scc@1.1.0': - resolution: {integrity: sha512-zt6OdqaDoOnJ1ZYsCYGt9YmWzDXl4vQdKTyJev62gFhRGKdx7mcT54V9KIjg+d2wi9EXsPvAPKe7i7WjfVWB8g==} - - '@rushstack/eslint-patch@1.10.4': - resolution: {integrity: sha512-WJgX9nzTqknM393q1QJDJmoW28kUfEnybeTfVNcNAPnIx210RXm2DiXiHzfNPJNIUUb1tJnz/l4QGtJ30PgWmA==} - - '@silverhand/essentials@2.9.2': - resolution: {integrity: sha512-bD+82D9Dfa1F5xX1kfdR5ODIoJS41NOxTuHx4shVS5A4/ayEG+ZplpDDjB19fsa7kZXgSgD75R4sUCXjm88x6w==} - engines: {node: ^18.12.0 || ^20.9.0 || ^22.0.0, pnpm: ^9.0.0} - - '@swc/counter@0.1.3': - resolution: {integrity: sha512-e2BR4lsJkkRlKZ/qCHPw9ZaSxc0MVUd7gtbtaB7aMvHeJVYe8sOB8DBZkP2DtISHGSku9sCK6T6cnY0CtXrOCQ==} - - '@swc/helpers@0.5.5': - resolution: {integrity: sha512-KGYxvIOXcceOAbEk4bi/dVLEK9z8sZ0uBB3Il5b1rhfClSpcX0yfRO0KmTkqR2cnQDymwLB+25ZyMzICg/cm/A==} - - '@tanstack/query-core@5.53.3': - resolution: {integrity: sha512-ZfjAgd7NpqDx0e4aYBt7EmS2enbulPrJwowTy+mayRE93WUUH+sIYHun1TdRjpGwDPMNNZ5D6goh7n3CwoO+HA==} - - '@tanstack/react-query@5.53.3': - resolution: {integrity: sha512-286mN/91CeM7vC6CZFLKYDHSw+WyMX6ekIvzoTbpM4xyPb99VSyCKPLyPgaOatKqYm6ooMBquSq9NGRdKgsJfg==} - peerDependencies: - react: ^18 || ^19 - - '@tanstack/react-table@8.20.5': - resolution: {integrity: sha512-WEHopKw3znbUZ61s9i0+i9g8drmDo6asTWbrQh8Us63DAk/M0FkmIqERew6P71HI75ksZ2Pxyuf4vvKh9rAkiA==} - engines: {node: '>=12'} - peerDependencies: - react: '>=16.8' - react-dom: '>=16.8' - - '@tanstack/table-core@8.20.5': - resolution: {integrity: sha512-P9dF7XbibHph2PFRz8gfBKEXEY/HJPOhym8CHmjF8y3q5mWpKx9xtZapXQUWCgkqvsK0R46Azuz+VaxD4Xl+Tg==} - engines: {node: '>=12'} - - '@transloadit/prettier-bytes@0.3.4': - resolution: {integrity: sha512-8/SnIF9Q2k52mbjRVAYLranwkaDTLb+O9r4Z/uo8uNw//SjygKvvbF4BHSOuReufaAyum1q13602VcNud25Dfg==} - - '@types/json-schema@7.0.15': - resolution: {integrity: sha512-5+fP8P8MFNC+AyZCDxrB2pkZFPGzqQWUzpSeuuVLvm8VMcorNYavBqoFcxK8bQz4Qsbn4oUEEem4wDLfcysGHA==} - - '@types/json5@0.0.29': - resolution: {integrity: sha512-dRLjCWHYg4oaA77cxO64oO+7JwCwnIzkZPdrrC71jQmQtlhM556pwKo5bUzqvZndkVbeFLIIi+9TC40JNF5hNQ==} - - '@types/lodash@4.17.7': - resolution: {integrity: sha512-8wTvZawATi/lsmNu10/j2hk1KEP0IvjubqPE3cu1Xz7xfXXt5oCq3SNUz4fMIP4XGF9Ky+Ue2tBA3hcS7LSBlA==} - - '@types/node@22.5.2': - resolution: {integrity: sha512-acJsPTEqYqulZS/Yp/S3GgeE6GZ0qYODUR8aVr/DkhHQ8l9nd4j5x1/ZJy9/gHrRlFMqkO6i0I3E27Alu4jjPg==} - - '@types/prop-types@15.7.12': - resolution: {integrity: sha512-5zvhXYtRNRluoE/jAp4GVsSduVUzNWKkOZrCDBWYtE7biZywwdC2AcEzg+cSMLFRfVgeAFqpfNabiPjxFddV1Q==} - - '@types/qs@6.9.15': - resolution: {integrity: sha512-uXHQKES6DQKKCLh441Xv/dwxOq1TVS3JPUMlEqoEglvlhR6Mxnlew/Xq/LRVHpLyk7iK3zODe1qYHIMltO7XGg==} - - '@types/react-dom@18.3.0': - resolution: {integrity: sha512-EhwApuTmMBmXuFOikhQLIBUn6uFg81SwLMOAUgodJF14SOBOCMdU04gDoYi0WOJJHD144TL32z4yDqCW3dnkQg==} - - '@types/react@18.3.5': - resolution: {integrity: sha512-WeqMfGJLGuLCqHGYRGHxnKrXcTitc6L/nBUWfWPcTarG3t9PsquqUMuVeXZeca+mglY4Vo5GZjCi0A3Or2lnxA==} - - '@types/retry@0.12.2': - resolution: {integrity: sha512-XISRgDJ2Tc5q4TRqvgJtzsRkFYNJzZrhTdtMoGVBttwzzQJkPnS3WWTFc7kuDRoPtPakl+T+OfdEUjYJj7Jbow==} - - '@types/stylis@4.2.5': - resolution: {integrity: sha512-1Xve+NMN7FWjY14vLoY5tL3BVEQ/n42YLwaqJIPYhotZ9uBHt87VceMwWQpzmdEt2TNXIorIFG+YeCUUW7RInw==} - - '@typescript-eslint/parser@7.2.0': - resolution: {integrity: sha512-5FKsVcHTk6TafQKQbuIVkXq58Fnbkd2wDL4LB7AURN7RUOu1utVP+G8+6u3ZhEroW3DF6hyo3ZEXxgKgp4KeCg==} - engines: {node: ^16.0.0 || >=18.0.0} - peerDependencies: - eslint: ^8.56.0 - typescript: '*' - peerDependenciesMeta: - typescript: - optional: true - - '@typescript-eslint/scope-manager@7.2.0': - resolution: {integrity: sha512-Qh976RbQM/fYtjx9hs4XkayYujB/aPwglw2choHmf3zBjB4qOywWSdt9+KLRdHubGcoSwBnXUH2sR3hkyaERRg==} - engines: {node: ^16.0.0 || >=18.0.0} - - '@typescript-eslint/types@7.2.0': - resolution: {integrity: sha512-XFtUHPI/abFhm4cbCDc5Ykc8npOKBSJePY3a3s+lwumt7XWJuzP5cZcfZ610MIPHjQjNsOLlYK8ASPaNG8UiyA==} - engines: {node: ^16.0.0 || >=18.0.0} - - '@typescript-eslint/typescript-estree@7.2.0': - resolution: {integrity: sha512-cyxS5WQQCoBwSakpMrvMXuMDEbhOo9bNHHrNcEWis6XHx6KF518tkF1wBvKIn/tpq5ZpUYK7Bdklu8qY0MsFIA==} - engines: {node: ^16.0.0 || >=18.0.0} - peerDependencies: - typescript: '*' - peerDependenciesMeta: - typescript: - optional: true - - '@typescript-eslint/visitor-keys@7.2.0': - resolution: {integrity: sha512-c6EIQRHhcpl6+tO8EMR+kjkkV+ugUNXOmeASA1rlzkd8EPIriavpWoiEz1HR/VLhbVIdhqnV6E7JZm00cBDx2A==} - engines: {node: ^16.0.0 || >=18.0.0} - - '@uppy/aws-s3-multipart@4.0.0': - resolution: {integrity: sha512-tW7W1cBh/99PhYaYDQ4Bo5h0aCIjnCgx/n6d6h7OJMu4NRD703DV/D8AHKIRl5JgecDekiTbApy2iu3q4uKkyw==} - deprecated: Use @uppy/aws-s3 instead. - - '@uppy/aws-s3@4.1.0': - resolution: {integrity: sha512-xRip1Lo3He+3J3fP/SooEFQJKWMCVADTl8J375PzvpaeNnDFKa6W2XLEEl/fGy/K7vI4sH8Znz4+omdtSFCPSQ==} - peerDependencies: - '@uppy/core': ^4.2.0 - - '@uppy/box@3.1.0': - resolution: {integrity: sha512-d7PUhEdTNEr+7dTNc2lIv/AknRdcxOEXZML5Jp43S//VAGPu8pwdGgmHqi00s8RF4I6daSt1p+tl6VsMnzY3sQ==} - peerDependencies: - '@uppy/core': ^4.2.0 - - '@uppy/companion-client@4.1.0': - resolution: {integrity: sha512-nQ8CQfZcYVBNtFQ6ePj7FDIq38DXlH0YpzP/91LR9gnDVISJKKUuvWfr6tPktj1lRw9FZV8jLmlMKT2ituVKiw==} - peerDependencies: - '@uppy/core': ^4.2.0 - - '@uppy/core@4.2.0': - resolution: {integrity: sha512-/oQ2m/xubGfANR0UfMqYFR2mT94OpuXTp9N2cQLIQmWYZtpvfX2gyNBFtQJA3Njqpmox1RfIhOAsVFFuhYVa+Q==} - - '@uppy/dashboard@4.1.0': - resolution: {integrity: sha512-TSwgW1x0YDnZP4yJwxVrxO6vsW3GrWoqXwOdpcTGDwdIOvZZJBAajqr3QrVdkbz1L4YfQAgTtHZlyUhm5qMuzg==} - peerDependencies: - '@uppy/core': ^4.2.0 - - '@uppy/drag-drop@4.0.2': - resolution: {integrity: sha512-0/b8hBAX8tDBikkr2tORtKT3gEcCxQlygSBCJrbLTQTDh4poTpmHWyquqvsCcBtW7AqULhQn5h/xSSacBnEf/Q==} - peerDependencies: - '@uppy/core': ^4.1.1 - - '@uppy/dropbox@4.1.0': - resolution: {integrity: sha512-Ha+WhJwQyQ+VRMrfPKdr+tuEBKRUMMeCfqfDpjasiwJSgDxQUFgGhv81ZoHXYtxs/aOwucsMl3G4tt9FM3EK/w==} - peerDependencies: - '@uppy/core': ^4.2.0 - - '@uppy/facebook@4.1.0': - resolution: {integrity: sha512-0ZO8bx4yvlu97Zkh7QW25hqirSOpjumz4SVE3MHukCaRcYxMChYBqC0ABFTIWCsD9gmUfdQm4CN5qoBm6dqomA==} - peerDependencies: - '@uppy/core': ^4.2.0 - - '@uppy/file-input@4.0.1': - resolution: {integrity: sha512-UKZXl3089OVserkSA52TkPVBjJUsqEWcT9+UxuPUz/m+lS51uXonK0yl9ZrSCqkY+4yhLcdEdH0xW1XrJXNHYg==} - peerDependencies: - '@uppy/core': ^4.1.1 - - '@uppy/google-drive@4.1.0': - resolution: {integrity: sha512-djmPmElbkmNePzWPT38q+HkkhYPlfoN+7hUqp3YIIMXEvPZFZqUz/vPaly1qRvxGZiENlzD45jhwJQ3PhZ9N5A==} - peerDependencies: - '@uppy/core': ^4.2.0 - - '@uppy/google-photos@0.3.0': - resolution: {integrity: sha512-FY5W8fOuBVzFl6Y0VW772iKCcnCOMBMFwhuRL1922RI4roApX77b0mXG6vCPh3n7XpDRa4FFKA7lN4/9DQM4ag==} - peerDependencies: - '@uppy/core': ^4.2.0 - - '@uppy/informer@4.1.0': - resolution: {integrity: sha512-Dzq7bEnUUePd7Syy6bDgzwSc16Re1tDYqP/sivtvPDrqINz8gUIST6IxN0GxRoSH732EjGiMlSf3OjwV/N18xQ==} - peerDependencies: - '@uppy/core': ^4.2.0 - - '@uppy/instagram@4.1.0': - resolution: {integrity: sha512-+19SEIPWykha/pmOpgPrur8vqxImgwn4rLR3F3papbJdJuyUsVejWnrD4HEZaX4ay8HtMvBjz6AaY4KygONz+g==} - peerDependencies: - '@uppy/core': ^4.2.0 - - '@uppy/onedrive@4.1.0': - resolution: {integrity: sha512-PmYMD6IEbDiBqjLDNYmJ+lETrIudR05DM8rvNHAKzZu3m7oIw1iN7Tg9DLmL0DdnQ7F5rKSYL/SZBVB40yKLUQ==} - peerDependencies: - '@uppy/core': ^4.2.0 - - '@uppy/progress-bar@4.0.0': - resolution: {integrity: sha512-hCUjlfGWHlvBPQDO5YBH/8HEr+3+ZEobTblBg0Wbn3ecJSiKkSRi0GkDVp3OMnwfqgK2wm8Ve+tR/5Gds7vE0A==} - peerDependencies: - '@uppy/core': ^4.0.0 - - '@uppy/provider-views@4.0.1': - resolution: {integrity: sha512-oAOIVdCSPIpDZJXwU83o+13+qWYrIfRzJaXom7ZsJpj+WDbtFjML5iF3evDmqt22V3HwOC0N187lZvcO/9RwFA==} - peerDependencies: - '@uppy/core': ^4.1.1 - - '@uppy/react@4.0.2': - resolution: {integrity: sha512-q0IKlldfAmAWhpDyx19U3nCDO/aRXkjP/E3e/k1uWNMRTCBEtYdXPN/UIaYMsn3NcUwae/g/jOOV79OiB5WW0w==} - peerDependencies: - '@uppy/core': ^4.1.2 - '@uppy/dashboard': ^4.0.3 - '@uppy/drag-drop': ^4.0.2 - '@uppy/file-input': ^4.0.1 - '@uppy/progress-bar': ^4.0.0 - '@uppy/status-bar': ^4.0.3 - react: ^18.0.0 - peerDependenciesMeta: - '@uppy/dashboard': - optional: true - '@uppy/drag-drop': - optional: true - '@uppy/file-input': - optional: true - '@uppy/progress-bar': - optional: true - '@uppy/status-bar': - optional: true - - '@uppy/remote-sources@2.2.0': - resolution: {integrity: sha512-Spo+oc2vKW0oKRD4Rhf5kZXYv+5Sim/5TcMmxxfHxLPS46yh+WNLU/499ojKr31ZBHqhkXkzUdliSYunqlDwlw==} - peerDependencies: - '@uppy/core': ^4.2.0 - - '@uppy/status-bar@4.0.3': - resolution: {integrity: sha512-ckujiEQwHgpJGa5Q6OZF+hJ+3JSMgs/7vyl4aeBvV0zSWoPSg/W10TpyGeNvMaaAsbAs4UB+0LuUjVu/vSmFcw==} - peerDependencies: - '@uppy/core': ^4.1.2 - - '@uppy/store-default@4.1.0': - resolution: {integrity: sha512-z5VSc4PNXpAtrrUPg5hdKJO5Ul7u4ZYLyK+tYzvEgzgR4nLVZmpGzj/d4N90jXpUqEibWKXvevODEB5VlTLHzg==} - - '@uppy/thumbnail-generator@4.0.0': - resolution: {integrity: sha512-nwgRO/LHLzUqzyB1TDl6g8LNmqtkswXpvRNcPij0gOrPTTWjGY6ULv+ywXYiF5baWF2aGS+K62jJSUGBWonx0w==} - peerDependencies: - '@uppy/core': ^4.0.0 - - '@uppy/unsplash@4.1.0': - resolution: {integrity: sha512-r7RIO96igbDo9ENP3z7X0fqdOiA3zM1ihnG1bfBVgJax2t0VLfb/peB6XLILT9WSzOWi2izajElVCK9Q384Okw==} - peerDependencies: - '@uppy/core': ^4.2.0 - - '@uppy/url@4.1.0': - resolution: {integrity: sha512-7rxImH1h6vagjeqvAX/Go/6CrhE4SwBMZtJ3kgi5km1k9G4J/0rVfnylgdP4A5W2u7TR2RAShfAE+Nu/M2cMpw==} - peerDependencies: - '@uppy/core': ^4.2.0 - - '@uppy/utils@6.0.2': - resolution: {integrity: sha512-ZoNeAa1YTKSlcvXe1SP3POjzjRZ9jSojorbst03vwd1Ks9vHPGf6pne61DowTXHZ3HMj1vpcIaQ1VIEWeeADlA==} - - '@uppy/zoom@3.1.0': - resolution: {integrity: sha512-ubx5GjmYGUYjBTCaRFJAJaO78B5d4O4m2CkfG+R6VAcEGlrv7djujYJVUXfjzTevcRtq3qhDfK/WgNMjJv0ptQ==} - peerDependencies: - '@uppy/core': ^4.2.0 - - acorn-jsx@5.3.2: - resolution: {integrity: sha512-rq9s+JNhf0IChjtDXxllJ7g41oZk5SlXtp0LHwyA5cejwn7vKmKp4pPri6YEePv2PU65sAsegbXtIinmDFDXgQ==} - peerDependencies: - acorn: ^6.0.0 || ^7.0.0 || ^8.0.0 - - acorn@8.12.1: - resolution: {integrity: sha512-tcpGyI9zbizT9JbV6oYE477V6mTlXvvi0T0G3SNIYE2apm/G5huBa1+K89VGeovbg+jycCrfhl3ADxErOuO6Jg==} - engines: {node: '>=0.4.0'} - hasBin: true - - ajv@6.12.6: - resolution: {integrity: sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==} - - ansi-regex@5.0.1: - resolution: {integrity: sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==} - engines: {node: '>=8'} - - ansi-regex@6.0.1: - resolution: {integrity: sha512-n5M855fKb2SsfMIiFFoVrABHJC8QtHwVx+mHWP3QcEqBHYienj5dHSgjbxtC0WEZXYt4wcD6zrQElDPhFuZgfA==} - engines: {node: '>=12'} - - ansi-styles@4.3.0: - resolution: {integrity: sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==} - engines: {node: '>=8'} - - ansi-styles@6.2.1: - resolution: {integrity: sha512-bN798gFfQX+viw3R7yrGWRqnrN2oRkEkUjjl4JNn4E8GxxbjtG3FbrEIIY3l8/hrwUwIeCZvi4QuOTP4MErVug==} - engines: {node: '>=12'} - - anymatch@3.1.3: - resolution: {integrity: sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw==} - engines: {node: '>= 8'} - - argparse@1.0.10: - resolution: {integrity: sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==} - - argparse@2.0.1: - resolution: {integrity: sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==} - - aria-query@5.1.3: - resolution: {integrity: sha512-R5iJ5lkuHybztUfuOAznmboyjWq8O6sqNqtK7CLOqdydi54VNbORp49mb14KbWgG1QD3JFO9hJdZ+y4KutfdOQ==} - - array-buffer-byte-length@1.0.1: - resolution: {integrity: sha512-ahC5W1xgou+KTXix4sAO8Ki12Q+jf4i0+tmk3sC+zgcynshkHxzpXdImBehiUYKKKDwvfFiJl1tZt6ewscS1Mg==} - engines: {node: '>= 0.4'} - - array-includes@3.1.8: - resolution: {integrity: sha512-itaWrbYbqpGXkGhZPGUulwnhVf5Hpy1xiCFsGqyIGglbBxmG5vSjxQen3/WGOjPpNEv1RtBLKxbmVXm8HpJStQ==} - engines: {node: '>= 0.4'} - - array-union@2.1.0: - resolution: {integrity: sha512-HGyxoOTYUyCM6stUe6EJgnd4EoewAI7zMdfqO+kGjnlZmBDz/cR5pf8r/cR4Wq60sL/p0IkcjUEEPwS3GFrIyw==} - engines: {node: '>=8'} - - array.prototype.findlast@1.2.5: - resolution: {integrity: sha512-CVvd6FHg1Z3POpBLxO6E6zr+rSKEQ9L6rZHAaY7lLfhKsWYUBBOuMs0e9o24oopj6H+geRCX0YJ+TJLBK2eHyQ==} - engines: {node: '>= 0.4'} - - array.prototype.findlastindex@1.2.5: - resolution: {integrity: sha512-zfETvRFA8o7EiNn++N5f/kaCw221hrpGsDmcpndVupkPzEc1Wuf3VgC0qby1BbHs7f5DVYjgtEU2LLh5bqeGfQ==} - engines: {node: '>= 0.4'} - - array.prototype.flat@1.3.2: - resolution: {integrity: sha512-djYB+Zx2vLewY8RWlNCUdHjDXs2XOgm602S9E7P/UpHgfeHL00cRiIF+IN/G/aUJ7kGPb6yO/ErDI5V2s8iycA==} - engines: {node: '>= 0.4'} - - array.prototype.flatmap@1.3.2: - resolution: {integrity: sha512-Ewyx0c9PmpcsByhSW4r+9zDU7sGjFc86qf/kKtuSCRdhfbk0SNLLkaT5qvcHnRGgc5NP/ly/y+qkXkqONX54CQ==} - engines: {node: '>= 0.4'} - - array.prototype.tosorted@1.1.4: - resolution: {integrity: sha512-p6Fx8B7b7ZhL/gmUsAy0D15WhvDccw3mnGNbZpi3pmeJdxtWsj2jEaI4Y6oo3XiHfzuSgPwKc04MYt6KgvC/wA==} - engines: {node: '>= 0.4'} - - arraybuffer.prototype.slice@1.0.3: - resolution: {integrity: sha512-bMxMKAjg13EBSVscxTaYA4mRc5t1UAXa2kXiGTNfZ079HIWXEkKmkgFrh/nJqamaLSrXO5H4WFFkPEaLJWbs3A==} - engines: {node: '>= 0.4'} - - ast-types-flow@0.0.8: - resolution: {integrity: sha512-OH/2E5Fg20h2aPrbe+QL8JZQFko0YZaF+j4mnQ7BGhfavO7OpSLa8a0y9sBwomHdSbkhTS8TQNayBfnW5DwbvQ==} - - available-typed-arrays@1.0.7: - resolution: {integrity: sha512-wvUjBtSGN7+7SjNpq/9M2Tg350UZD3q62IFZLbRAR1bSMlCo1ZaeW+BJ+D090e4hIIZLBcTDWe4Mh4jvUDajzQ==} - engines: {node: '>= 0.4'} - - axe-core@4.10.0: - resolution: {integrity: sha512-Mr2ZakwQ7XUAjp7pAwQWRhhK8mQQ6JAaNWSjmjxil0R8BPioMtQsTLOolGYkji1rcL++3dCqZA3zWqpT+9Ew6g==} - engines: {node: '>=4'} - - axobject-query@3.1.1: - resolution: {integrity: sha512-goKlv8DZrK9hUh975fnHzhNIO4jUnFCfv/dszV5VwUGDFjI6vQ2VwoyjYjYNEbBE8AH87TduWP5uyDR1D+Iteg==} - - balanced-match@1.0.2: - resolution: {integrity: sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==} - - base64-js@1.5.1: - resolution: {integrity: sha512-AKpaYlHn8t4SVbOHCy+b5+KKgvR4vrsD8vbvrbiQJps7fKDTkjkDry6ji0rUJjC0kzbNePLwzxq8iypo41qeWA==} - - binary-extensions@2.3.0: - resolution: {integrity: sha512-Ceh+7ox5qe7LJuLHoY0feh3pHuUDHAcRUeyL2VYghZwfpkNIy/+8Ocg0a3UuSoYzavmylwuLWQOf3hl0jjMMIw==} - engines: {node: '>=8'} - - bl@4.1.0: - resolution: {integrity: sha512-1W07cM9gS6DcLperZfFSj+bWLtaPGSOHWhPiGzXmvVJbRLdG82sH/Kn8EtW1VqWVA54AKf2h5k5BbnIbwF3h6w==} - - blurhash@1.1.5: - resolution: {integrity: sha512-a+LO3A2DfxTaTztsmkbLYmUzUeApi0LZuKalwbNmqAHR6HhJGMt1qSV/R3wc+w4DL28holjqO3Bg74aUGavGjg==} - - brace-expansion@1.1.11: - resolution: {integrity: sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==} - - brace-expansion@2.0.1: - resolution: {integrity: sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==} - - braces@3.0.3: - resolution: {integrity: sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==} - engines: {node: '>=8'} - - buffer@5.7.1: - resolution: {integrity: sha512-EHcyIPBQ4BSGlvjB16k5KgAJ27CIsHY/2JBmCRReo48y9rQ3MaUzWX3KVlBa4U7MyX02HdVj0K7C3WaB3ju7FQ==} - - bulma@1.0.2: - resolution: {integrity: sha512-D7GnDuF6seb6HkcnRMM9E739QpEY9chDzzeFrHMyEns/EXyDJuQ0XA0KxbBl/B2NTsKSoDomW61jFGFaAxhK5A==} - - busboy@1.6.0: - resolution: {integrity: sha512-8SFQbg/0hQ9xy3UNTB0YEnsNBbWfhf7RtnzpL7TkBiTBRfrQ9Fxcnz7VJsleJpyp6rVLvXiuORqjlHi5q+PYuA==} - engines: {node: '>=10.16.0'} - - call-bind@1.0.7: - resolution: {integrity: sha512-GHTSNSYICQ7scH7sZ+M2rFopRoLh8t2bLSW6BbgrtLsahOIB5iyAVJf9GjWK3cYTDaMj4XdBpM1cA6pIS0Kv2w==} - engines: {node: '>= 0.4'} - - callsites@3.1.0: - resolution: {integrity: sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==} - engines: {node: '>=6'} - - camelcase-keys@7.0.2: - resolution: {integrity: sha512-Rjs1H+A9R+Ig+4E/9oyB66UC5Mj9Xq3N//vcLf2WzgdTi/3gUu3Z9KoqmlrEG4VuuLK8wJHofxzdQXz/knhiYg==} - engines: {node: '>=12'} - - camelcase@6.3.0: - resolution: {integrity: sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==} - engines: {node: '>=10'} - - camelize@1.0.1: - resolution: {integrity: sha512-dU+Tx2fsypxTgtLoE36npi3UqcjSSMNYfkqgmoEhtZrraP5VWq0K7FkWVTYa8eMPtnU/G2txVsfdCJTn9uzpuQ==} - - caniuse-lite@1.0.30001655: - resolution: {integrity: sha512-jRGVy3iSGO5Uutn2owlb5gR6qsGngTw9ZTb4ali9f3glshcNmJ2noam4Mo9zia5P9Dk3jNNydy7vQjuE5dQmfg==} - - castable-video@1.0.10: - resolution: {integrity: sha512-tJgUv+8/zE191y8EKojvB0eKIyKA9obIttd6Wpdm6x2qBmuwZ7wDgzVCSmf5cN2v9jBiuu0s7O5poz8a8cFX/w==} - - chalk@4.1.2: - resolution: {integrity: sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==} - engines: {node: '>=10'} - - chokidar@3.6.0: - resolution: {integrity: sha512-7VT13fmjotKpGipCW9JEQAusEPE+Ei8nl6/g4FBAmIm0GOOLMua9NDDo/DWp0ZAxCr3cPq5ZpBqmPAQgDda2Pw==} - engines: {node: '>= 8.10.0'} - - chownr@1.1.4: - resolution: {integrity: sha512-jJ0bqzaylmJtVnNgzTeSOs8DPavpbYgEr/b0YL8/2GO3xJEhInFmhKMUnEJQjZumK7KXGFhUy89PrsJWlakBVg==} - - classnames@2.5.1: - resolution: {integrity: sha512-saHYOzhIQs6wy2sVxTM6bUDsQO4F50V9RQ22qBpEdCW+I+/Wmke2HOl6lS6dTpdxVhb88/I6+Hs+438c3lfUow==} - - client-only@0.0.1: - resolution: {integrity: sha512-IV3Ou0jSMzZrd3pZ48nLkT9DA7Ag1pnPzaiQhpW7c3RbcqqzvzzVu+L8gfqMp/8IM2MQtSiqaCxrrcfu8I8rMA==} - - clsx@2.1.1: - resolution: {integrity: sha512-eYm0QWBtUrBWZWG0d386OGAw16Z995PiOVo2B7bjWSbHedGl5e0ZWaq65kOGgUSNesEIDkB9ISbTg/JK9dhCZA==} - engines: {node: '>=6'} - - color-convert@2.0.1: - resolution: {integrity: sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==} - engines: {node: '>=7.0.0'} - - color-name@1.1.4: - resolution: {integrity: sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==} - - color-string@1.9.1: - resolution: {integrity: sha512-shrVawQFojnZv6xM40anx4CkoDP+fZsw/ZerEMsW/pyzsRbElpsL/DBVW7q3ExxwusdNXI3lXpuhEZkzs8p5Eg==} - - color@4.2.3: - resolution: {integrity: sha512-1rXeuUUiGGrykh+CeBdu5Ie7OJwinCgQY0bc7GCRxy5xVHy+moaqkpL/jqQq0MtQOeYcrqEz4abc5f0KtU7W4A==} - engines: {node: '>=12.5.0'} - - concat-map@0.0.1: - resolution: {integrity: sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==} - - cookie@0.6.0: - resolution: {integrity: sha512-U71cyTamuh1CRNCfpGY6to28lxvNwPG4Guz/EVjgf3Jmzv0vlDp1atT9eS5dDjMYHucpHbWns6Lwf3BKz6svdw==} - engines: {node: '>= 0.6'} - - cookie@0.7.1: - resolution: {integrity: sha512-6DnInpx7SJ2AK3+CTUE/ZM0vWTUboZCegxhC2xiIydHR9jNuTAASBrfEpHhiGOZw/nX51bHt6YQl8jsGo4y/0w==} - engines: {node: '>= 0.6'} - - core-js@3.38.1: - resolution: {integrity: sha512-OP35aUorbU3Zvlx7pjsFdu1rGNnD4pgw/CWoYzRY3t2EzoVT7shKHY1dlAy3f41cGIO7ZDPQimhGFTlEYkG/Hw==} - - cors@2.8.5: - resolution: {integrity: sha512-KIHbLJqu73RGr/hnbrO9uBeixNGuvSQjul/jdFvS/KFSIH1hWVd1ng7zOHx+YrEfInLG7q4n6GHQ9cDtxv/P6g==} - engines: {node: '>= 0.10'} - - cross-spawn@7.0.3: - resolution: {integrity: sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==} - engines: {node: '>= 8'} - - css-color-keywords@1.0.0: - resolution: {integrity: sha512-FyyrDHZKEjXDpNJYvVsV960FiqQyXc/LlYmsxl2BcdMb2WPx0OGRVgTg55rPSyLSNMqP52R9r8geSp7apN3Ofg==} - engines: {node: '>=4'} - - css-to-react-native@3.2.0: - resolution: {integrity: sha512-e8RKaLXMOFii+02mOlqwjbD00KSEKqblnpO9e++1aXS1fPQOpS1YoqdVHBqPjHNoxeF2mimzVqawm2KCbEdtHQ==} - - csstype@3.1.3: - resolution: {integrity: sha512-M1uQkMl8rQK/szD0LNhtqxIPLpimGm8sOBwU7lLnCpSbTyY3yeU1Vc7l4KT5zT4s/yOxHH5O7tIuuLOCnLADRw==} - - custom-event-polyfill@1.0.7: - resolution: {integrity: sha512-TDDkd5DkaZxZFM8p+1I3yAlvM3rSr1wbrOliG4yJiwinMZN8z/iGL7BTlDkrJcYTmgUSb4ywVCc3ZaUtOtC76w==} - - custom-media-element@1.3.2: - resolution: {integrity: sha512-nDyMobZgoAVqz7mA8rsn7i1/6bjH6N9ab2Ge7LyyNxrvxAq7zQJPg8i3u2VH7wEB+Y1T1+C3/h1G774/D+ZLag==} - - damerau-levenshtein@1.0.8: - resolution: {integrity: sha512-sdQSFB7+llfUcQHUQO3+B8ERRj0Oa4w9POWMI/puGtuf7gFywGmkaLCElnudfTiKZV+NvHqL0ifzdrI8Ro7ESA==} - - data-view-buffer@1.0.1: - resolution: {integrity: sha512-0lht7OugA5x3iJLOWFhWK/5ehONdprk0ISXqVFn/NFrDu+cuc8iADFrGQz5BnRK7LLU3JmkbXSxaqX+/mXYtUA==} - engines: {node: '>= 0.4'} - - data-view-byte-length@1.0.1: - resolution: {integrity: sha512-4J7wRJD3ABAzr8wP+OcIcqq2dlUKp4DVflx++hs5h5ZKydWMI6/D/fAot+yh6g2tHh8fLFTvNOaVN357NvSrOQ==} - engines: {node: '>= 0.4'} - - data-view-byte-offset@1.0.0: - resolution: {integrity: sha512-t/Ygsytq+R995EJ5PZlD4Cu56sWa8InXySaViRzw9apusqsOO2bQP+SbYzAhR0pFKoB+43lYy8rWban9JSuXnA==} - engines: {node: '>= 0.4'} - - date-fns-tz@3.1.3: - resolution: {integrity: sha512-ZfbMu+nbzW0mEzC8VZrLiSWvUIaI3aRHeq33mTe7Y38UctKukgqPR4nTDwcwS4d64Gf8GghnVsroBuMY3eiTeA==} - peerDependencies: - date-fns: ^3.0.0 - - date-fns@3.6.0: - resolution: {integrity: sha512-fRHTG8g/Gif+kSh50gaGEdToemgfj74aRX3swtiouboip5JDLAyDE9F11nHMIcvOaXeOC6D7SpNhi7uFyB7Uww==} - - dayjs@1.11.13: - resolution: {integrity: sha512-oaMBel6gjolK862uaPQOVTA7q3TZhuSvuMQAAglQDOWYO9A91IrAOUJEyKVlqJlHE0vq5p5UXxzdPfMH/x6xNg==} - - debug@3.2.7: - resolution: {integrity: sha512-CFjzYYAi4ThfiQvizrFQevTTXHtnCqWfe7x1AhgEscTz6ZbLbfoLRLPugTQyBth6f8ZERVUSyWHFD/7Wu4t1XQ==} - peerDependencies: - supports-color: '*' - peerDependenciesMeta: - supports-color: - optional: true - - debug@4.3.6: - resolution: {integrity: sha512-O/09Bd4Z1fBrU4VzkhFqVgpPzaGbw6Sm9FEkBT1A/YBXQFGuuSxa1dN2nxgxS34JmKXqYx8CZAwEVoJFImUXIg==} - engines: {node: '>=6.0'} - peerDependencies: - supports-color: '*' - peerDependenciesMeta: - supports-color: - optional: true - - decompress-response@6.0.0: - resolution: {integrity: sha512-aW35yZM6Bb/4oJlZncMH2LCoZtJXTRxES17vE3hoRiowU2kWHaJKFkSBDnDR+cm9J+9QhXmREyIfv0pji9ejCQ==} - engines: {node: '>=10'} - - deep-equal@2.2.3: - resolution: {integrity: sha512-ZIwpnevOurS8bpT4192sqAowWM76JDKSHYzMLty3BZGSswgq6pBaH3DhCSW5xVAZICZyKdOBPjwww5wfgT/6PA==} - engines: {node: '>= 0.4'} - - deep-extend@0.6.0: - resolution: {integrity: sha512-LOHxIOaPYdHlJRtCQfDIVZtfw/ufM8+rVj649RIHzcm/vGwQRXFt6OPqIFWsm2XEMrNIEtWR64sY1LEKD2vAOA==} - engines: {node: '>=4.0.0'} - - deep-is@0.1.4: - resolution: {integrity: sha512-oIPzksmTg4/MriiaYGO+okXDT7ztn/w3Eptv/+gSIdMdKsJo0u4CfYNFJPy+4SKMuCqGw2wxnA+URMg3t8a/bQ==} - - deepmerge@4.3.1: - resolution: {integrity: sha512-3sUqbMEc77XqpdNO7FRyRog+eW3ph+GYCbj+rK+uYyRMuwsVy0rMiVtPn+QJlKFvWP/1PYpapqYn0Me2knFn+A==} - engines: {node: '>=0.10.0'} - - define-data-property@1.1.4: - resolution: {integrity: sha512-rBMvIzlpA8v6E+SJZoo++HAYqsLrkg7MSfIinMPFhmkorw7X+dOXVJQs+QT69zGkzMyfDnIMN2Wid1+NbL3T+A==} - engines: {node: '>= 0.4'} - - define-properties@1.2.1: - resolution: {integrity: sha512-8QmQKqEASLd5nx0U1B1okLElbUuuttJ/AnYmRXbbbGDWh6uS208EjD4Xqq/I9wK7u0v6O08XhTWnt5XtEbR6Dg==} - engines: {node: '>= 0.4'} - - detect-libc@2.0.3: - resolution: {integrity: sha512-bwy0MGW55bG41VqxxypOsdSdGqLwXPI/focwgTYCFMbdUiBAxLg9CFzG08sz2aqzknwiX7Hkl0bQENjg8iLByw==} - engines: {node: '>=8'} - - dir-glob@3.0.1: - resolution: {integrity: sha512-WkrWp9GR4KXfKGYzOLmTuGVi1UWFfws377n9cc55/tb6DuqyF6pcQ5AbiHEshaDpY9v6oaSr2XCDidGmMwdzIA==} - engines: {node: '>=8'} - - doctrine@2.1.0: - resolution: {integrity: sha512-35mSku4ZXK0vfCuHEDAwt55dg2jNajHZ1odvF+8SSr82EsZY4QmXfuWso8oEd8zRhVObSN18aM0CjSdoBX7zIw==} - engines: {node: '>=0.10.0'} - - dotenv@16.4.5: - resolution: {integrity: sha512-ZmdL2rui+eB2YwhsWzjInR8LldtZHGDoQ1ugH85ppHKwpUHL7j7rN0Ti9NCnGiQbhaZ11FpR+7ao1dNsmduNUg==} - engines: {node: '>=12'} - - eastasianwidth@0.2.0: - resolution: {integrity: sha512-I88TYZWc9XiYHRQ4/3c5rjjfgkjhLyW2luGIheGERbNQ6OY7yTybanSpDXZa8y7VUP9YmDcYa+eyq4ca7iLqWA==} - - emoji-regex@8.0.0: - resolution: {integrity: sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==} - - emoji-regex@9.2.2: - resolution: {integrity: sha512-L18DaJsXSUk2+42pv8mLs5jJT2hqFkFE4j21wOmgbUqsZ2hL72NsUU785g9RXgo3s0ZNgVl42TiHp3ZtOv/Vyg==} - - end-of-stream@1.4.4: - resolution: {integrity: sha512-+uw1inIHVPQoaVuHzRyXd21icM+cnt4CzD5rW+NC1wjOUSTOs+Te7FOv7AhN7vS9x/oIyhLP5PR1H+phQAHu5Q==} - - enhanced-resolve@5.17.1: - resolution: {integrity: sha512-LMHl3dXhTcfv8gM4kEzIUeTQ+7fpdA0l2tUf34BddXPkz2A5xJ5L/Pchd5BL6rdccM9QGvu0sWZzK1Z1t4wwyg==} - engines: {node: '>=10.13.0'} - - es-abstract@1.23.3: - resolution: {integrity: sha512-e+HfNH61Bj1X9/jLc5v1owaLYuHdeHHSQlkhCBiTK8rBvKaULl/beGMxwrMXjpYrv4pz22BlY570vVePA2ho4A==} - engines: {node: '>= 0.4'} - - es-define-property@1.0.0: - resolution: {integrity: sha512-jxayLKShrEqqzJ0eumQbVhTYQM27CfT1T35+gCgDFoL82JLsXqTJ76zv6A0YLOgEnLUMvLzsDsGIrl8NFpT2gQ==} - engines: {node: '>= 0.4'} - - es-errors@1.3.0: - resolution: {integrity: sha512-Zf5H2Kxt2xjTvbJvP2ZWLEICxA6j+hAmMzIlypy4xcBg1vKVnx89Wy0GbS+kf5cwCVFFzdCFh2XSCFNULS6csw==} - engines: {node: '>= 0.4'} - - es-get-iterator@1.1.3: - resolution: {integrity: sha512-sPZmqHBe6JIiTfN5q2pEi//TwxmAFHwj/XEuYjTuse78i8KxaqMTTzxPoFKuzRpDpTJ+0NAbpfenkmH2rePtuw==} - - es-iterator-helpers@1.0.19: - resolution: {integrity: sha512-zoMwbCcH5hwUkKJkT8kDIBZSz9I6mVG//+lDCinLCGov4+r7NIy0ld8o03M0cJxl2spVf6ESYVS6/gpIfq1FFw==} - engines: {node: '>= 0.4'} - - es-object-atoms@1.0.0: - resolution: {integrity: sha512-MZ4iQ6JwHOBQjahnjwaC1ZtIBH+2ohjamzAO3oaHcXYup7qxjF2fixyH+Q71voWHeOkI2q/TnJao/KfXYIZWbw==} - engines: {node: '>= 0.4'} - - es-set-tostringtag@2.0.3: - resolution: {integrity: sha512-3T8uNMC3OQTHkFUsFq8r/BwAXLHvU/9O9mE0fBc/MY5iq/8H7ncvO947LmYA6ldWw9Uh8Yhf25zu6n7nML5QWQ==} - engines: {node: '>= 0.4'} - - es-shim-unscopables@1.0.2: - resolution: {integrity: sha512-J3yBRXCzDu4ULnQwxyToo/OjdMx6akgVC7K6few0a7F/0wLtmKKN7I73AH5T2836UuXRqN7Qg+IIUw/+YJksRw==} - - es-to-primitive@1.2.1: - resolution: {integrity: sha512-QCOllgZJtaUo9miYBcLChTUaHNjJF3PYs1VidD7AwiEj1kYxKeQTctLAezAOH5ZKRH0g2IgPn6KwB4IT8iRpvA==} - engines: {node: '>= 0.4'} - - escape-string-regexp@4.0.0: - resolution: {integrity: sha512-TtpcNJ3XAzx3Gq8sWRzJaVajRs0uVxA2YAkdb1jm2YkPz4G6egUFAyA3n5vtEIZefPk5Wa4UXbKuS5fKkJWdgA==} - engines: {node: '>=10'} - - eslint-config-next@14.2.7: - resolution: {integrity: sha512-ppmy+QdQ7qkuCHGDlPjWaoSbJvjGpWSBD4zEW8f1eWlxYXYpZK7QzBOer1EcHKT3uKhlY1JjUus9g7Kvv712rw==} - peerDependencies: - eslint: ^7.23.0 || ^8.0.0 - typescript: '>=3.3.1' - peerDependenciesMeta: - typescript: - optional: true - - eslint-import-resolver-node@0.3.9: - resolution: {integrity: sha512-WFj2isz22JahUv+B788TlO3N6zL3nNJGU8CcZbPZvVEkBPaJdCV4vy5wyghty5ROFbCRnm132v8BScu5/1BQ8g==} - - eslint-import-resolver-typescript@3.6.3: - resolution: {integrity: sha512-ud9aw4szY9cCT1EWWdGv1L1XR6hh2PaRWif0j2QjQ0pgTY/69iw+W0Z4qZv5wHahOl8isEr+k/JnyAqNQkLkIA==} - engines: {node: ^14.18.0 || >=16.0.0} - peerDependencies: - eslint: '*' - eslint-plugin-import: '*' - eslint-plugin-import-x: '*' - peerDependenciesMeta: - eslint-plugin-import: - optional: true - eslint-plugin-import-x: - optional: true - - eslint-module-utils@2.9.0: - resolution: {integrity: sha512-McVbYmwA3NEKwRQY5g4aWMdcZE5xZxV8i8l7CqJSrameuGSQJtSWaL/LxTEzSKKaCcOhlpDR8XEfYXWPrdo/ZQ==} - engines: {node: '>=4'} - peerDependencies: - '@typescript-eslint/parser': '*' - eslint: '*' - eslint-import-resolver-node: '*' - eslint-import-resolver-typescript: '*' - eslint-import-resolver-webpack: '*' - peerDependenciesMeta: - '@typescript-eslint/parser': - optional: true - eslint: - optional: true - eslint-import-resolver-node: - optional: true - eslint-import-resolver-typescript: - optional: true - eslint-import-resolver-webpack: - optional: true - - eslint-plugin-import@2.30.0: - resolution: {integrity: sha512-/mHNE9jINJfiD2EKkg1BKyPyUk4zdnT54YgbOgfjSakWT5oyX/qQLVNTkehyfpcMxZXMy1zyonZ2v7hZTX43Yw==} - engines: {node: '>=4'} - peerDependencies: - '@typescript-eslint/parser': '*' - eslint: ^2 || ^3 || ^4 || ^5 || ^6 || ^7.2.0 || ^8 - peerDependenciesMeta: - '@typescript-eslint/parser': - optional: true - - eslint-plugin-jsx-a11y@6.9.0: - resolution: {integrity: sha512-nOFOCaJG2pYqORjK19lqPqxMO/JpvdCZdPtNdxY3kvom3jTvkAbOvQvD8wuD0G8BYR0IGAGYDlzqWJOh/ybn2g==} - engines: {node: '>=4.0'} - peerDependencies: - eslint: ^3 || ^4 || ^5 || ^6 || ^7 || ^8 - - eslint-plugin-react-hooks@4.6.2: - resolution: {integrity: sha512-QzliNJq4GinDBcD8gPB5v0wh6g8q3SUi6EFF0x8N/BL9PoVs0atuGc47ozMRyOWAKdwaZ5OnbOEa3WR+dSGKuQ==} - engines: {node: '>=10'} - peerDependencies: - eslint: ^3.0.0 || ^4.0.0 || ^5.0.0 || ^6.0.0 || ^7.0.0 || ^8.0.0-0 - - eslint-plugin-react@7.35.1: - resolution: {integrity: sha512-B5ok2JgbaaWn/zXbKCGgKDNL2tsID3Pd/c/yvjcpsd9HQDwyYc/TQv3AZMmOvrJgCs3AnYNUHRCQEMMQAYJ7Yg==} - engines: {node: '>=4'} - peerDependencies: - eslint: ^3 || ^4 || ^5 || ^6 || ^7 || ^8 || ^9.7 - - eslint-scope@8.0.2: - resolution: {integrity: sha512-6E4xmrTw5wtxnLA5wYL3WDfhZ/1bUBGOXV0zQvVRDOtrR8D0p6W7fs3JweNYhwRYeGvd/1CKX2se0/2s7Q/nJA==} - engines: {node: ^18.18.0 || ^20.9.0 || >=21.1.0} - - eslint-visitor-keys@3.4.3: - resolution: {integrity: sha512-wpc+LXeiyiisxPlEkUzU6svyS1frIO3Mgxj1fdy7Pm8Ygzguax2N3Fa/D/ag1WqbOprdI+uY6wMUl8/a2G+iag==} - engines: {node: ^12.22.0 || ^14.17.0 || >=16.0.0} - - eslint-visitor-keys@4.0.0: - resolution: {integrity: sha512-OtIRv/2GyiF6o/d8K7MYKKbXrOUBIK6SfkIRM4Z0dY3w+LiQ0vy3F57m0Z71bjbyeiWFiHJ8brqnmE6H6/jEuw==} - engines: {node: ^18.18.0 || ^20.9.0 || >=21.1.0} - - eslint@9.9.1: - resolution: {integrity: sha512-dHvhrbfr4xFQ9/dq+jcVneZMyRYLjggWjk6RVsIiHsP8Rz6yZ8LvZ//iU4TrZF+SXWG+JkNF2OyiZRvzgRDqMg==} - engines: {node: ^18.18.0 || ^20.9.0 || >=21.1.0} - hasBin: true - peerDependencies: - jiti: '*' - peerDependenciesMeta: - jiti: - optional: true - - espree@10.1.0: - resolution: {integrity: sha512-M1M6CpiE6ffoigIOWYO9UDP8TMUw9kqb21tf+08IgDYjCsOvCuDt4jQcZmoYxx+w7zlKw9/N0KXfto+I8/FrXA==} - engines: {node: ^18.18.0 || ^20.9.0 || >=21.1.0} - - esprima@4.0.1: - resolution: {integrity: sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==} - engines: {node: '>=4'} - hasBin: true - - esquery@1.6.0: - resolution: {integrity: sha512-ca9pw9fomFcKPvFLXhBKUK90ZvGibiGOvRJNbjljY7s7uq/5YO4BOzcYtJqExdx99rF6aAcnRxHmcUHcz6sQsg==} - engines: {node: '>=0.10'} - - esrecurse@4.3.0: - resolution: {integrity: sha512-KmfKL3b6G+RXvP8N1vr3Tq1kL/oCFgn2NYXEtqP8/L3pKapUA4G8cFVaoF3SU323CD4XypR/ffioHmkti6/Tag==} - engines: {node: '>=4.0'} - - estraverse@5.3.0: - resolution: {integrity: sha512-MMdARuVEQziNTeJD8DgMqmhwR11BRQ/cBP+pLtYdSTnf3MIO8fFeiINEbX36ZdNlfU/7A9f3gUw49B3oQsvwBA==} - engines: {node: '>=4.0'} - - esutils@2.0.3: - resolution: {integrity: sha512-kVscqXk4OCp68SZ0dkgEKVi6/8ij300KBWTJq32P/dYeWTSwK41WyTxalN1eRmA5Z9UU/LX9D7FWSmV9SAYx6g==} - engines: {node: '>=0.10.0'} - - eventemitter3@5.0.1: - resolution: {integrity: sha512-GWkBvjiSZK87ELrYOSESUYeVIc9mvLLf/nXalMOS5dYrgZq9o5OVkbZAVM06CVxYsCwH9BDZFPlQTlPA1j4ahA==} - - exifr@7.1.3: - resolution: {integrity: sha512-g/aje2noHivrRSLbAUtBPWFbxKdKhgj/xr1vATDdUXPOFYJlQ62Ft0oy+72V6XLIpDJfHs6gXLbBLAolqOXYRw==} - - expand-template@2.0.3: - resolution: {integrity: sha512-XYfuKMvj4O35f/pOXLObndIRvyQ+/+6AhODh+OKWj9S9498pHHn/IMszH+gt0fBCRWMNfk1ZSp5x3AifmnI2vg==} - engines: {node: '>=6'} - - extend-shallow@2.0.1: - resolution: {integrity: sha512-zCnTtlxNoAiDc3gqY2aYAWFx7XWWiasuF2K8Me5WbN8otHKTUKBwjPtNpRs/rbUZm7KxWAaNj7P1a/p52GbVug==} - engines: {node: '>=0.10.0'} - - fast-deep-equal@3.1.3: - resolution: {integrity: sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q==} - - fast-glob@3.3.2: - resolution: {integrity: sha512-oX2ruAFQwf/Orj8m737Y5adxDQO0LAB7/S5MnxCdTNDd4p6BsyIVsv9JQsATbTSq8KHRpLwIHbVlUNatxd+1Ow==} - engines: {node: '>=8.6.0'} - - fast-json-stable-stringify@2.1.0: - resolution: {integrity: sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==} - - fast-levenshtein@2.0.6: - resolution: {integrity: sha512-DCXu6Ifhqcks7TZKY3Hxp3y6qphY5SJZmrWMDrKcERSOXWQdMhU9Ig/PYrzyw/ul9jOIyh0N4M0tbC5hodg8dw==} - - fastq@1.17.1: - resolution: {integrity: sha512-sRVD3lWVIXWg6By68ZN7vho9a1pQcN/WBFaAAsDDFzlJjvoGx0P8z7V1t72grFJfJhu3YPZBuu25f7Kaw2jN1w==} - - feed@4.2.2: - resolution: {integrity: sha512-u5/sxGfiMfZNtJ3OvQpXcvotFpYkL0n9u9mM2vkui2nGo8b4wvDkJ8gAkYqbA8QpGyFCv3RK0Z+Iv+9veCS9bQ==} - engines: {node: '>=0.4.0'} - - file-entry-cache@8.0.0: - resolution: {integrity: sha512-XXTUwCvisa5oacNGRP9SfNtYBNAMi+RPwBFmblZEF7N7swHYQS6/Zfk7SRwx4D5j3CH211YNRco1DEMNVfZCnQ==} - engines: {node: '>=16.0.0'} - - fill-range@7.1.1: - resolution: {integrity: sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==} - engines: {node: '>=8'} - - find-up@5.0.0: - resolution: {integrity: sha512-78/PXT1wlLLDgTzDs7sjq9hzz0vXD+zn+7wypEe4fXQxCmdmqfGsEPQxmiCSQI3ajFV91bVSsvNtrJRiW6nGng==} - engines: {node: '>=10'} - - flat-cache@4.0.1: - resolution: {integrity: sha512-f7ccFPK3SXFHpx15UIGyRJ/FJQctuKZ0zVuN3frBo4HnK3cay9VEW0R6yPYFHC0AgqhukPzKjq22t5DmAyqGyw==} - engines: {node: '>=16'} - - flatted@3.3.1: - resolution: {integrity: sha512-X8cqMLLie7KsNUDSdzeN8FYK9rEt4Dt67OsG/DNGnYTSDBG4uFAJFBnUeiV+zCVAvwFy56IjM9sH51jVaEhNxw==} - - for-each@0.3.3: - resolution: {integrity: sha512-jqYfLp7mo9vIyQf8ykW2v7A+2N4QjeCeI5+Dz9XraiO1ign81wjiH7Fb9vSOWvQfNtmSa4H2RoQTrrXivdUZmw==} - - foreground-child@3.3.0: - resolution: {integrity: sha512-Ld2g8rrAyMYFXBhEqMz8ZAHBi4J4uS1i/CxGMDnjyFWddMXLVcDp051DZfu+t7+ab7Wv6SMqpWmyFIj5UbfFvg==} - engines: {node: '>=14'} - - fs-constants@1.0.0: - resolution: {integrity: sha512-y6OAwoSIf7FyjMIv94u+b5rdheZEjzR63GTyZJm5qh4Bi+2YgwLCcI/fPFZkL5PSixOt6ZNKm+w+Hfp/Bciwow==} - - fsevents@2.3.3: - resolution: {integrity: sha512-5xoDfX+fL7faATnagmWPpbFtwh/R77WmMMqqHGS65C3vvB0YHrgF+B1YmZ3441tMj5n63k0212XNoJwzlhffQw==} - engines: {node: ^8.16.0 || ^10.6.0 || >=11.0.0} - os: [darwin] - - function-bind@1.1.2: - resolution: {integrity: sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA==} - - function.prototype.name@1.1.6: - resolution: {integrity: sha512-Z5kx79swU5P27WEayXM1tBi5Ze/lbIyiNgU3qyXUOf9b2rgXYyF9Dy9Cx+IQv/Lc8WCG6L82zwUPpSS9hGehIg==} - engines: {node: '>= 0.4'} - - functions-have-names@1.2.3: - resolution: {integrity: sha512-xckBUXyTIqT97tq2x2AMb+g163b5JFysYk0x4qxNFwbfQkmNZoiRHb6sPzI9/QV33WeuvVYBUIiD4NzNIyqaRQ==} - - get-intrinsic@1.2.4: - resolution: {integrity: sha512-5uYhsJH8VJBTv7oslg4BznJYhDoRI6waYCxMmCdnTrcCrHA/fCFKoTFz2JKKE0HdDFUF7/oQuhzumXJK7paBRQ==} - engines: {node: '>= 0.4'} - - get-symbol-description@1.0.2: - resolution: {integrity: sha512-g0QYk1dZBxGwk+Ngc+ltRH2IBp2f7zBkBMBJZCDerh6EhlhSR6+9irMCuT/09zD6qkarHUSn529sK/yL4S27mg==} - engines: {node: '>= 0.4'} - - get-tsconfig@4.8.0: - resolution: {integrity: sha512-Pgba6TExTZ0FJAn1qkJAjIeKoDJ3CsI2ChuLohJnZl/tTU8MVrq3b+2t5UOPfRa4RMsorClBjJALkJUMjG1PAw==} - - github-from-package@0.0.0: - resolution: {integrity: sha512-SyHy3T1v2NUXn29OsWdxmK6RwHD+vkj3v8en8AOBZ1wBQ/hCAQ5bAQTD02kW4W9tUp/3Qh6J8r9EvntiyCmOOw==} - - glob-parent@5.1.2: - resolution: {integrity: sha512-AOIgSQCepiJYwP3ARnGx+5VnTu2HBYdzbGP45eLw1vr3zB3vZLeyed1sC9hnbcOc9/SrMyM5RPQrkGz4aS9Zow==} - engines: {node: '>= 6'} - - glob-parent@6.0.2: - resolution: {integrity: sha512-XxwI8EOhVQgWp6iDL+3b0r86f4d6AX6zSU55HfB4ydCEuXLXc5FcYeOu+nnGftS4TEju/11rt4KJPTMgbfmv4A==} - engines: {node: '>=10.13.0'} - - glob@10.3.10: - resolution: {integrity: sha512-fa46+tv1Ak0UPK1TOy/pZrIybNNt4HCv7SDzwyfiOZkvZLEbjsZkJBPtDHVshZjbecAoAGSC20MjLDG/qr679g==} - engines: {node: '>=16 || 14 >=14.17'} - hasBin: true - - globals@14.0.0: - resolution: {integrity: sha512-oahGvuMGQlPw/ivIYBjVSrWAfWLBeku5tpPE2fOPLi+WHffIWbuh2tCjhyQhTBPMf5E9jDEH4FOmTYgYwbKwtQ==} - engines: {node: '>=18'} - - globalthis@1.0.4: - resolution: {integrity: sha512-DpLKbNU4WylpxJykQujfCcwYWiV/Jhm50Goo0wrVILAv5jOr9d+H+UR3PhSCD2rCCEIg0uc+G+muBTwD54JhDQ==} - engines: {node: '>= 0.4'} - - globby@11.1.0: - resolution: {integrity: sha512-jhIXaOzy1sb8IyocaruWSn1TjmnBVs8Ayhcy83rmxNJ8q2uWKCAj3CnJY+KpGSXCueAPc0i05kVvVKtP1t9S3g==} - engines: {node: '>=10'} - - gopd@1.0.1: - resolution: {integrity: sha512-d65bNlIadxvpb/A2abVdlqKqV563juRnZ1Wtk6s1sIR8uNsXR70xqIzVqxVf1eTqDunwT2MkczEeaezCKTZhwA==} - - graceful-fs@4.2.11: - resolution: {integrity: sha512-RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ==} - - gray-matter@4.0.3: - resolution: {integrity: sha512-5v6yZd4JK3eMI3FqqCouswVqwugaA9r4dNZB1wwcmrD02QkV5H0y7XBQW8QwQqEaZY1pM9aqORSORhJRdNK44Q==} - engines: {node: '>=6.0'} - - has-bigints@1.0.2: - resolution: {integrity: sha512-tSvCKtBr9lkF0Ex0aQiP9N+OpV4zi2r/Nee5VkRDbaqv35RLYMzbwQfFSZZH0kR+Rd6302UJZ2p/bJCEoR3VoQ==} - - has-flag@4.0.0: - resolution: {integrity: sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==} - engines: {node: '>=8'} - - has-property-descriptors@1.0.2: - resolution: {integrity: sha512-55JNKuIW+vq4Ke1BjOTjM2YctQIvCT7GFzHwmfZPGo5wnrgkid0YQtnAleFSqumZm4az3n2BS+erby5ipJdgrg==} - - has-proto@1.0.3: - resolution: {integrity: sha512-SJ1amZAJUiZS+PhsVLf5tGydlaVB8EdFpaSO4gmiUKUOxk8qzn5AIy4ZeJUmh22znIdk/uMAUT2pl3FxzVUH+Q==} - engines: {node: '>= 0.4'} - - has-symbols@1.0.3: - resolution: {integrity: sha512-l3LCuF6MgDNwTDKkdYGEihYjt5pRPbEg46rtlmnSPlUbgmB8LOIrKJbYYFBSbnPaJexMKtiPO8hmeRjRz2Td+A==} - engines: {node: '>= 0.4'} - - has-tostringtag@1.0.2: - resolution: {integrity: sha512-NqADB8VjPFLM2V0VvHUewwwsw0ZWBaIdgo+ieHtK3hasLz4qeCRjYcqfB6AQrBggRKppKF8L52/VqdVsO47Dlw==} - engines: {node: '>= 0.4'} - - hasown@2.0.2: - resolution: {integrity: sha512-0hJU9SCPvmMzIBdZFqNPXWa6dqh7WdH0cII9y+CyS8rG3nL48Bclra9HmKhVVUHyPWNH5Y7xDwAB7bfgSjkUMQ==} - engines: {node: '>= 0.4'} - - hls.js@1.5.15: - resolution: {integrity: sha512-6cD7xN6bycBHaXz2WyPIaHn/iXFizE5au2yvY5q9aC4wfihxAr16C9fUy4nxh2a3wOw0fEgLRa9dN6wsYjlpNg==} - - ieee754@1.2.1: - resolution: {integrity: sha512-dcyqhDvX1C46lXZcVqCpK+FtMRQVdIMN6/Df5js2zouUsqG7I6sFxitIC+7KYK29KdXOLHdu9zL4sFnoVQnqaA==} - - ignore@5.3.2: - resolution: {integrity: sha512-hsBTNUqQTDwkWtcdYI2i06Y/nUBEsNEDJKjWdigLvegy8kDuJAS8uRlpkkcQpyEXL0Z/pjDy5HBmMjRCJ2gq+g==} - engines: {node: '>= 4'} - - immutable@4.3.7: - resolution: {integrity: sha512-1hqclzwYwjRDFLjcFxOM5AYkkG0rpFPpr1RLPMEuGczoS7YA8gLhy8SWXYRAA/XwfEHpfo3cw5JGioS32fnMRw==} - - import-fresh@3.3.0: - resolution: {integrity: sha512-veYYhQa+D1QBKznvhUHxb8faxlrwUnxseDAbAp457E0wLNio2bOSKnjYDhMj+YiAq61xrMGhQk9iXVk5FzgQMw==} - engines: {node: '>=6'} - - imurmurhash@0.1.4: - resolution: {integrity: sha512-JmXMZ6wuvDmLiHEml9ykzqO6lwFbof0GG4IkcGaENdCRDDmMVnny7s5HsIgHCbaq0w2MyPhDqkhTUgS2LU2PHA==} - engines: {node: '>=0.8.19'} - - inherits@2.0.4: - resolution: {integrity: sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==} - - ini@1.3.8: - resolution: {integrity: sha512-JV/yugV2uzW5iMRSiZAyDtQd+nxtUnjeLt0acNdw98kKLrvuRVyB80tsREOE7yvGVgalhZ6RNXCmEHkUKBKxew==} - - internal-slot@1.0.7: - resolution: {integrity: sha512-NGnrKwXzSms2qUUih/ILZ5JBqNTSa1+ZmP6flaIp6KmSElgE9qdndzS3cqjrDovwFdmwsGsLdeFgB6suw+1e9g==} - engines: {node: '>= 0.4'} - - is-arguments@1.1.1: - resolution: {integrity: sha512-8Q7EARjzEnKpt/PCD7e1cgUS0a6X8u5tdSiMqXhojOdoV9TsMsiO+9VLC5vAmO8N7/GmXn7yjR8qnA6bVAEzfA==} - engines: {node: '>= 0.4'} - - is-array-buffer@3.0.4: - resolution: {integrity: sha512-wcjaerHw0ydZwfhiKbXJWLDY8A7yV7KhjQOpb83hGgGfId/aQa4TOvwyzn2PuswW2gPCYEL/nEAiSVpdOj1lXw==} - engines: {node: '>= 0.4'} - - is-arrayish@0.3.2: - resolution: {integrity: sha512-eVRqCvVlZbuw3GrM63ovNSNAeA1K16kaR/LRY/92w0zxQ5/1YzwblUX652i4Xs9RwAGjW9d9y6X88t8OaAJfWQ==} - - is-async-function@2.0.0: - resolution: {integrity: sha512-Y1JXKrfykRJGdlDwdKlLpLyMIiWqWvuSd17TvZk68PLAOGOoF4Xyav1z0Xhoi+gCYjZVeC5SI+hYFOfvXmGRCA==} - engines: {node: '>= 0.4'} - - is-bigint@1.0.4: - resolution: {integrity: sha512-zB9CruMamjym81i2JZ3UMn54PKGsQzsJeo6xvN3HJJ4CAsQNB6iRutp2To77OfCNuoxspsIhzaPoO1zyCEhFOg==} - - is-binary-path@2.1.0: - resolution: {integrity: sha512-ZMERYes6pDydyuGidse7OsHxtbI7WVeUEozgR/g7rd0xUimYNlvZRE/K2MgZTjWy725IfelLeVcEM97mmtRGXw==} - engines: {node: '>=8'} - - is-boolean-object@1.1.2: - resolution: {integrity: sha512-gDYaKHJmnj4aWxyj6YHyXVpdQawtVLHU5cb+eztPGczf6cjuTdwve5ZIEfgXqH4e57An1D1AKf8CZ3kYrQRqYA==} - engines: {node: '>= 0.4'} - - is-bun-module@1.1.0: - resolution: {integrity: sha512-4mTAVPlrXpaN3jtF0lsnPCMGnq4+qZjVIKq0HCpfcqf8OC1SM5oATCIAPM5V5FN05qp2NNnFndphmdZS9CV3hA==} - - is-callable@1.2.7: - resolution: {integrity: sha512-1BC0BVFhS/p0qtw6enp8e+8OD0UrK0oFLztSjNzhcKA3WDuJxxAPXzPuPtKkjEY9UUoEWlX/8fgKeu2S8i9JTA==} - engines: {node: '>= 0.4'} - - is-core-module@2.15.1: - resolution: {integrity: sha512-z0vtXSwucUJtANQWldhbtbt7BnL0vxiFjIdDLAatwhDYty2bad6s+rijD6Ri4YuYJubLzIJLUidCh09e1djEVQ==} - engines: {node: '>= 0.4'} - - is-data-view@1.0.1: - resolution: {integrity: sha512-AHkaJrsUVW6wq6JS8y3JnM/GJF/9cf+k20+iDzlSaJrinEo5+7vRiteOSwBhHRiAyQATN1AmY4hwzxJKPmYf+w==} - engines: {node: '>= 0.4'} - - is-date-object@1.0.5: - resolution: {integrity: sha512-9YQaSxsAiSwcvS33MBk3wTCVnWK+HhF8VZR2jRxehM16QcVOdHqPn4VPHmRK4lSr38n9JriurInLcP90xsYNfQ==} - engines: {node: '>= 0.4'} - - is-extendable@0.1.1: - resolution: {integrity: sha512-5BMULNob1vgFX6EjQw5izWDxrecWK9AM72rugNr0TFldMOi0fj6Jk+zeKIt0xGj4cEfQIJth4w3OKWOJ4f+AFw==} - engines: {node: '>=0.10.0'} - - is-extglob@2.1.1: - resolution: {integrity: sha512-SbKbANkN603Vi4jEZv49LeVJMn4yGwsbzZworEoyEiutsN3nJYdbO36zfhGJ6QEDpOZIFkDtnq5JRxmvl3jsoQ==} - engines: {node: '>=0.10.0'} - - is-finalizationregistry@1.0.2: - resolution: {integrity: sha512-0by5vtUJs8iFQb5TYUHHPudOR+qXYIMKtiUzvLIZITZUjknFmziyBJuLhVRc+Ds0dREFlskDNJKYIdIzu/9pfw==} - - is-fullwidth-code-point@3.0.0: - resolution: {integrity: sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==} - engines: {node: '>=8'} - - is-generator-function@1.0.10: - resolution: {integrity: sha512-jsEjy9l3yiXEQ+PsXdmBwEPcOxaXWLspKdplFUVI9vq1iZgIekeC0L167qeu86czQaxed3q/Uzuw0swL0irL8A==} - engines: {node: '>= 0.4'} - - is-glob@4.0.3: - resolution: {integrity: sha512-xelSayHH36ZgE7ZWhli7pW34hNbNl8Ojv5KVmkJD4hBdD3th8Tfk9vYasLM+mXWOZhFkgZfxhLSnrwRr4elSSg==} - engines: {node: '>=0.10.0'} - - is-map@2.0.3: - resolution: {integrity: sha512-1Qed0/Hr2m+YqxnM09CjA2d/i6YZNfF6R2oRAOj36eUdS6qIV/huPJNSEpKbupewFs+ZsJlxsjjPbc0/afW6Lw==} - engines: {node: '>= 0.4'} - - is-negative-zero@2.0.3: - resolution: {integrity: sha512-5KoIu2Ngpyek75jXodFvnafB6DJgr3u8uuK0LEZJjrU19DrMD3EVERaR8sjz8CCGgpZvxPl9SuE1GMVPFHx1mw==} - engines: {node: '>= 0.4'} - - is-network-error@1.1.0: - resolution: {integrity: sha512-tUdRRAnhT+OtCZR/LxZelH/C7QtjtFrTu5tXCA8pl55eTUElUHT+GPYV8MBMBvea/j+NxQqVt3LbWMRir7Gx9g==} - engines: {node: '>=16'} - - is-number-object@1.0.7: - resolution: {integrity: sha512-k1U0IRzLMo7ZlYIfzRu23Oh6MiIFasgpb9X76eqfFZAqwH44UI4KTBvBYIZ1dSL9ZzChTB9ShHfLkR4pdW5krQ==} - engines: {node: '>= 0.4'} - - is-number@7.0.0: - resolution: {integrity: sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==} - engines: {node: '>=0.12.0'} - - is-path-inside@3.0.3: - resolution: {integrity: sha512-Fd4gABb+ycGAmKou8eMftCupSir5lRxqf4aD/vd0cD2qc4HL07OjCeuHMr8Ro4CoMaeCKDB0/ECBOVWjTwUvPQ==} - engines: {node: '>=8'} - - is-regex@1.1.4: - resolution: {integrity: sha512-kvRdxDsxZjhzUX07ZnLydzS1TU/TJlTUHHY4YLL87e37oUA49DfkLqgy+VjFocowy29cKvcSiu+kIv728jTTVg==} - engines: {node: '>= 0.4'} - - is-set@2.0.3: - resolution: {integrity: sha512-iPAjerrse27/ygGLxw+EBR9agv9Y6uLeYVJMu+QNCoouJ1/1ri0mGrcWpfCqFZuzzx3WjtwxG098X+n4OuRkPg==} - engines: {node: '>= 0.4'} - - is-shared-array-buffer@1.0.3: - resolution: {integrity: sha512-nA2hv5XIhLR3uVzDDfCIknerhx8XUKnstuOERPNNIinXG7v9u+ohXF67vxm4TPTEPU6lm61ZkwP3c9PCB97rhg==} - engines: {node: '>= 0.4'} - - is-string@1.0.7: - resolution: {integrity: sha512-tE2UXzivje6ofPW7l23cjDOMa09gb7xlAqG6jG5ej6uPV32TlWP3NKPigtaGeHNu9fohccRYvIiZMfOOnOYUtg==} - engines: {node: '>= 0.4'} - - is-symbol@1.0.4: - resolution: {integrity: sha512-C/CPBqKWnvdcxqIARxyOh4v1UUEOCHpgDa0WYgpKDFMszcrPcffg5uhwSgPCLD2WWxmq6isisz87tzT01tuGhg==} - engines: {node: '>= 0.4'} - - is-typed-array@1.1.13: - resolution: {integrity: sha512-uZ25/bUAlUY5fR4OKT4rZQEBrzQWYV9ZJYGGsUmEJ6thodVJ1HX64ePQ6Z0qPWP+m+Uq6e9UugrE38jeYsDSMw==} - engines: {node: '>= 0.4'} - - is-weakmap@2.0.2: - resolution: {integrity: sha512-K5pXYOm9wqY1RgjpL3YTkF39tni1XajUIkawTLUo9EZEVUFga5gSQJF8nNS7ZwJQ02y+1YCNYcMh+HIf1ZqE+w==} - engines: {node: '>= 0.4'} - - is-weakref@1.0.2: - resolution: {integrity: sha512-qctsuLZmIQ0+vSSMfoVvyFe2+GSEvnmZ2ezTup1SBse9+twCCeial6EEi3Nc2KFcf6+qz2FBPnjXsk8xhKSaPQ==} - - is-weakset@2.0.3: - resolution: {integrity: sha512-LvIm3/KWzS9oRFHugab7d+M/GcBXuXX5xZkzPmN+NxihdQlZUQ4dWuSV1xR/sq6upL1TJEDrfBgRepHFdBtSNQ==} - engines: {node: '>= 0.4'} - - isarray@2.0.5: - resolution: {integrity: sha512-xHjhDr3cNBK0BzdUJSPXZntQUx/mwMS5Rw4A7lPJ90XGAO6ISP/ePDNuo0vhqOZU+UD5JoodwCAAoZQd3FeAKw==} - - isexe@2.0.0: - resolution: {integrity: sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==} - - iterator.prototype@1.1.2: - resolution: {integrity: sha512-DR33HMMr8EzwuRL8Y9D3u2BMj8+RqSE850jfGu59kS7tbmPLzGkZmVSfyCFSDxuZiEY6Rzt3T2NA/qU+NwVj1w==} - - jackspeak@2.3.6: - resolution: {integrity: sha512-N3yCS/NegsOBokc8GAdM8UcmfsKiSS8cipheD/nivzr700H+nsMOxJjQnvwOcRYVuFkdH0wGUvW2WbXGmrZGbQ==} - engines: {node: '>=14'} - - jose@4.15.9: - resolution: {integrity: sha512-1vUQX+IdDMVPj4k8kOxgUqlcK518yluMuGZwqlr44FS1ppZB/5GWh4rZG89erpOBOJjU/OBsnCVFfapsRz6nEA==} - - jose@5.9.6: - resolution: {integrity: sha512-AMlnetc9+CV9asI19zHmrgS/WYsWUwCn2R7RzlbJWD7F9eWYUTGyBmU9o6PxngtLGOiDGPRu+Uc4fhKzbpteZQ==} - - js-base64@3.7.7: - resolution: {integrity: sha512-7rCnleh0z2CkXhH67J8K1Ytz0b2Y+yxTPL+/KOJoa20hfnVQ/3/T6W/KflYI4bRHRagNeXeU2bkNGI3v1oS/lw==} - - js-tokens@4.0.0: - resolution: {integrity: sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==} - - js-yaml@3.14.1: - resolution: {integrity: sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g==} - hasBin: true - - js-yaml@4.1.0: - resolution: {integrity: sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA==} - hasBin: true - - json-buffer@3.0.1: - resolution: {integrity: sha512-4bV5BfR2mqfQTJm+V5tPPdf+ZpuhiIvTuAB5g8kcrXOZpTT/QwwVRWBywX1ozr6lEuPdbHxwaJlm9G6mI2sfSQ==} - - json-schema-traverse@0.4.1: - resolution: {integrity: sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==} - - json-stable-stringify-without-jsonify@1.0.1: - resolution: {integrity: sha512-Bdboy+l7tA3OGW6FjyFHWkP5LuByj1Tk33Ljyq0axyzdk9//JSi2u3fP1QSmd1KNwq6VOKYGlAu87CisVir6Pw==} - - json5@1.0.2: - resolution: {integrity: sha512-g1MWMLBiz8FKi1e4w0UyVL3w+iJceWAFBAaBnnGKOpNa5f8TLktkbre1+s6oICydWAm+HRUGTmI+//xv2hvXYA==} - hasBin: true - - jsx-ast-utils@3.3.5: - resolution: {integrity: sha512-ZZow9HBI5O6EPgSJLUb8n2NKgmVWTwCvHGwFuJlMjvLFqlGG6pjirPhtdsseaLZjSibD8eegzmYpUZwoIlj2cQ==} - engines: {node: '>=4.0'} - - jwt-decode@4.0.0: - resolution: {integrity: sha512-+KJGIyHgkGuIq3IEBNftfhW/LfWhXUIY6OmyVWjliu5KH1y0fw7VQ8YndE2O4qZdMSd9SqbnC8GOcZEy0Om7sA==} - engines: {node: '>=18'} - - keyv@4.5.4: - resolution: {integrity: sha512-oxVHkHR/EJf2CNXnWxRLW6mg7JyCCUcG0DtEGmL2ctUo1PNTin1PUil+r/+4r5MpVgC/fn1kjsx7mjSujKqIpw==} - - kind-of@6.0.3: - resolution: {integrity: sha512-dcS1ul+9tmeD95T+x28/ehLgd9mENa3LsvDTtzm3vyBEO7RPptvAD+t44WVXaUjTBRcrpFeFlC8WCruUR456hw==} - engines: {node: '>=0.10.0'} - - language-subtag-registry@0.3.23: - resolution: {integrity: sha512-0K65Lea881pHotoGEa5gDlMxt3pctLi2RplBb7Ezh4rRdLEOtgi7n4EwK9lamnUCkKBqaeKRVebTq6BAxSkpXQ==} - - language-tags@1.0.9: - resolution: {integrity: sha512-MbjN408fEndfiQXbFQ1vnd+1NoLDsnQW41410oQBXiyXDMYH5z505juWa4KUE1LqxRC7DgOgZDbKLxHIwm27hA==} - engines: {node: '>=0.10'} - - levn@0.4.1: - resolution: {integrity: sha512-+bT2uH4E5LGE7h/n3evcS/sQlJXCpIp6ym8OWJ5eV6+67Dsql/LaaT7qJBAt2rzfoa/5QBGBhxDix1dMt2kQKQ==} - engines: {node: '>= 0.8.0'} - - loadjs@4.3.0: - resolution: {integrity: sha512-vNX4ZZLJBeDEOBvdr2v/F+0aN5oMuPu7JTqrMwp+DtgK+AryOlpy6Xtm2/HpNr+azEa828oQjOtWsB6iDtSfSQ==} - - locate-path@6.0.0: - resolution: {integrity: sha512-iPZK6eYjbxRu3uB4/WZ3EsEIMJFMqAoopl3R+zuq0UjcAm/MO6KCweDgPfP3elTztoKP3KtnVHxTn2NHBSDVUw==} - engines: {node: '>=10'} - - lodash.merge@4.6.2: - resolution: {integrity: sha512-0KpjqXRVvrYyCsX1swR/XTK0va6VQkQM6MNo7PqW77ByjAhoARA8EfrP1N4+KlKj8YS0ZUCtRT/YUuhyYDujIQ==} - - lodash@4.17.21: - resolution: {integrity: sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==} - - loose-envify@1.4.0: - resolution: {integrity: sha512-lyuxPGr/Wfhrlem2CL/UcnUc1zcqKAImBDzukY7Y5F/yQiNdko6+fRLevlw1HgMySw7f611UIY408EtxRSoK3Q==} - hasBin: true - - lru-cache@10.4.3: - resolution: {integrity: sha512-JNAzZcXrCt42VGLuYz0zfAzDfAvJWW6AfYlDBQyDV5DClI2m5sAmK+OIO7s59XfsRsWHp02jAJrRadPRGTt6SQ==} - - lru-cache@6.0.0: - resolution: {integrity: sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==} - engines: {node: '>=10'} - - lunarphase-js@2.0.3: - resolution: {integrity: sha512-zTr/UWbxQ1lyKgaBnyJ/DvKCPONhZQcwmQ8PuF2g2QwdkF8JkhgPe8QlDroxSjZrfpg/9x6jQ6lFtBkSXXf1oQ==} - - map-obj@4.3.0: - resolution: {integrity: sha512-hdN1wVrZbb29eBGiGjJbeP8JbKjq1urkHJ/LIP/NY48MZ1QVXUsQBV1G1zvYFHn1XE06cwjBsOI2K3Ulnj1YXQ==} - engines: {node: '>=8'} - - media-chrome@3.2.5: - resolution: {integrity: sha512-tTsgS7x77Bn4p/wca/Si/7A+Q3z9DzKq0SOkroQvrNMXBVyQasMayDcsKg5Ur5NGsymZfttnJi7tXvVr/tPj8g==} - - media-tracks@0.3.3: - resolution: {integrity: sha512-9P2FuUHnZZ3iji+2RQk7Zkh5AmZTnOG5fODACnjhCVveX1McY3jmCRHofIEI+yTBqplz7LXy48c7fQ3Uigp88w==} - - memoize-one@6.0.0: - resolution: {integrity: sha512-rkpe71W0N0c0Xz6QD0eJETuWAJGnJ9afsl1srmwPrI+yBCkge5EycXXbYRyvL29zZVUWQCY7InPRCv3GDXuZNw==} - - merge2@1.4.1: - resolution: {integrity: sha512-8q7VEgMJW4J8tcfVPy8g09NcQwZdbwFEqhe/WZkoIzjn/3TGDwtOCYtXGxA3O8tPzpczCCDgv+P2P5y00ZJOOg==} - engines: {node: '>= 8'} - - micromatch@4.0.8: - resolution: {integrity: sha512-PXwfBhYu0hBCPw8Dn0E+WDYb7af3dSLVWKi3HGv84IdF4TyFoC0ysxFd0Goxw7nSv4T/PzEJQxsYsEiFCKo2BA==} - engines: {node: '>=8.6'} - - mime-match@1.0.2: - resolution: {integrity: sha512-VXp/ugGDVh3eCLOBCiHZMYWQaTNUHv2IJrut+yXA6+JbLPXHglHwfS/5A5L0ll+jkCY7fIzRJcH6OIunF+c6Cg==} - - mimic-response@3.1.0: - resolution: {integrity: sha512-z0yWI+4FDrrweS8Zmt4Ej5HdJmky15+L2e6Wgn3+iK5fWzb6T3fhNFq2+MeTRb064c6Wr4N/wv0DzQTjNzHNGQ==} - engines: {node: '>=10'} - - minimatch@3.1.2: - resolution: {integrity: sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==} - - minimatch@9.0.3: - resolution: {integrity: sha512-RHiac9mvaRw0x3AYRgDC1CxAP7HTcNrrECeA8YYJeWnpo+2Q5CegtZjaotWTWxDG3UeGA1coE05iH1mPjT/2mg==} - engines: {node: '>=16 || 14 >=14.17'} - - minimatch@9.0.5: - resolution: {integrity: sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow==} - engines: {node: '>=16 || 14 >=14.17'} - - minimist@1.2.8: - resolution: {integrity: sha512-2yyAR8qBkN3YuheJanUpWC5U3bb5osDywNB8RzDVlDwDHbocAJveqqj1u8+SVD7jkWT4yvsHCpWqqWqAxb0zCA==} - - minipass@7.1.2: - resolution: {integrity: sha512-qOOzS1cBTWYF4BH8fVePDBOO9iptMnGUEZwNc/cMWnTV2nVLZ7VoNWEPHkYczZA0pdoA7dl6e7FL659nX9S2aw==} - engines: {node: '>=16 || 14 >=14.17'} - - mkdirp-classic@0.5.3: - resolution: {integrity: sha512-gKLcREMhtuZRwRAfqP3RFW+TK4JqApVBtOIftVgjuABpAtpxhPGaDcfvbhNvD0B8iD1oUr/txX35NjcaY6Ns/A==} - - ms@2.1.2: - resolution: {integrity: sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==} - - ms@2.1.3: - resolution: {integrity: sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==} - - multiformats@13.2.2: - resolution: {integrity: sha512-RWI+nyf0q64vyOxL8LbKtjJMki0sogRL/8axvklNtiTM0iFCVtHwME9w6+0P1/v4dQvsIg8A45oT3ka1t/M/+A==} - - mux-embed@5.2.1: - resolution: {integrity: sha512-NukHw91xeEVDBeXVDBpi2BvXNix7gSuvdtyvOph5yR/ROn1hHbTlcYWoKQyCyJX9frsF00UROEul+S8wPzU3aQ==} - - namespace-emitter@2.0.1: - resolution: {integrity: sha512-N/sMKHniSDJBjfrkbS/tpkPj4RAbvW3mr8UAzvlMHyun93XEm83IAvhWtJVHo+RHn/oO8Job5YN4b+wRjSVp5g==} - - nanoid@3.3.7: - resolution: {integrity: sha512-eSRppjcPIatRIMC1U6UngP8XFcz8MQWGQdt1MTBQ7NaAmvXDfvNxbvWV3x2y6CdEUciCSsDHDQZbhYaB8QEo2g==} - engines: {node: ^10 || ^12 || ^13.7 || ^14 || >=15.0.1} - hasBin: true - - nanoid@5.0.7: - resolution: {integrity: sha512-oLxFY2gd2IqnjcYyOXD8XGCftpGtZP2AbHbOkthDkvRywH5ayNtPVy9YlOPcHckXzbLTCHpkb7FB+yuxKV13pQ==} - engines: {node: ^18 || >=20} - hasBin: true - - napi-build-utils@1.0.2: - resolution: {integrity: sha512-ONmRUqK7zj7DWX0D9ADe03wbwOBZxNAfF20PlGfCWQcD3+/MakShIHrMqx9YwPTfxDdF1zLeL+RGZiR9kGMLdg==} - - natural-compare@1.4.0: - resolution: {integrity: sha512-OWND8ei3VtNC9h7V60qff3SVobHr996CTwgxubgyQYEpg290h9J0buyECNNJexkFm5sOajh5G116RYA1c8ZMSw==} - - next-auth@4.24.10: - resolution: {integrity: sha512-8NGqiRO1GXBcVfV8tbbGcUgQkAGsX4GRzzXXea4lDikAsJtD5KiEY34bfhUOjHLvr6rT6afpcxw2H8EZqOV6aQ==} - peerDependencies: - '@auth/core': 0.34.2 - next: ^12.2.5 || ^13 || ^14 || ^15 - nodemailer: ^6.6.5 - react: ^17.0.2 || ^18 - react-dom: ^17.0.2 || ^18 - peerDependenciesMeta: - '@auth/core': - optional: true - nodemailer: - optional: true - - next-goatcounter@1.0.5: - resolution: {integrity: sha512-t2khpwRk1sDeZwth8wg0SF6MKAQ4lrUJ0qKFETmeEkIudcrc6hbMSvmhiVc8XrpTl13S4F2wWRH248FSyY8Gvw==} - peerDependencies: - next: '>14.0.0' - react: '>18.0.0' - react-dom: '>18.0.0' - - next@14.2.7: - resolution: {integrity: sha512-4Qy2aK0LwH4eQiSvQWyKuC7JXE13bIopEQesWE0c/P3uuNRnZCQanI0vsrMLmUQJLAto+A+/8+sve2hd+BQuOQ==} - engines: {node: '>=18.17.0'} - hasBin: true - peerDependencies: - '@opentelemetry/api': ^1.1.0 - '@playwright/test': ^1.41.2 - react: ^18.2.0 - react-dom: ^18.2.0 - sass: ^1.3.0 - peerDependenciesMeta: - '@opentelemetry/api': - optional: true - '@playwright/test': - optional: true - sass: - optional: true - - nextjs-cors@2.2.0: - resolution: {integrity: sha512-FZu/A+L59J4POJNqwXYyCPDvsLDeu5HjSBvytzS6lsrJeDz5cmnH45zV+VoNic0hjaeER9xGaiIjZIWzEHnxQg==} - peerDependencies: - next: ^8.1.1-canary.54 || ^9.0.0 || ^10.0.0-0 || ^11.0.0 || ^12.0.0 || ^13.0.0 || ^14.0.0 - - nextjs-toploader@3.6.15: - resolution: {integrity: sha512-DMxO0BiT+NbGU7E9A8U2+0e7rRbG9qozbk19DFXhKRc9wuhgTPR/u8zr2TevsbFtVxDb9mf8YHFz+oBgjMC+HA==} - peerDependencies: - next: '>= 6.0.0' - react: '>= 16.0.0' - react-dom: '>= 16.0.0' - - node-abi@3.67.0: - resolution: {integrity: sha512-bLn/fU/ALVBE9wj+p4Y21ZJWYFjUXLXPi/IewyLZkx3ApxKDNBWCKdReeKOtD8dWpOdDCeMyLh6ZewzcLsG2Nw==} - engines: {node: '>=10'} - - node-addon-api@5.1.0: - resolution: {integrity: sha512-eh0GgfEkpnoWDq+VY8OyvYhFEzBk6jIYbRKdIlyTiAXIVJ8PyBaKb0rp7oDtoddbdoHWhq8wwr+XZ81F1rpNdA==} - - nodemailer@6.9.16: - resolution: {integrity: sha512-psAuZdTIRN08HKVd/E8ObdV6NO7NTBY3KsC30F7M4H1OnmLCUNaS56FpYxyb26zWLSyYF9Ozch9KYHhHegsiOQ==} - engines: {node: '>=6.0.0'} - - normalize-path@3.0.0: - resolution: {integrity: sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==} - engines: {node: '>=0.10.0'} - - nprogress@0.2.0: - resolution: {integrity: sha512-I19aIingLgR1fmhftnbWWO3dXc0hSxqHQHQb3H8m+K3TnEn/iSeTZZOyvKXWqQESMwuUVnatlCnZdLBZZt2VSA==} - - oauth@0.9.15: - resolution: {integrity: sha512-a5ERWK1kh38ExDEfoO6qUHJb32rd7aYmPHuyCu3Fta/cnICvYmgd2uhuKXvPD+PXB+gCEYYEaQdIRAjCOwAKNA==} - - object-assign@4.1.1: - resolution: {integrity: sha512-rJgTQnkUnH1sFw8yT6VSU3zD3sWmu6sZhIseY8VX+GRu3P6F7Fu+JNDoXfklElbLJSnc3FUQHVe4cU5hj+BcUg==} - engines: {node: '>=0.10.0'} - - object-hash@2.2.0: - resolution: {integrity: sha512-gScRMn0bS5fH+IuwyIFgnh9zBdo4DV+6GhygmWM9HyNJSgS0hScp1f5vjtm7oIIOiT9trXrShAkLFSc2IqKNgw==} - engines: {node: '>= 6'} - - object-inspect@1.13.2: - resolution: {integrity: sha512-IRZSRuzJiynemAXPYtPe5BoI/RESNYR7TYm50MC5Mqbd3Jmw5y790sErYw3V6SryFJD64b74qQQs9wn5Bg/k3g==} - engines: {node: '>= 0.4'} - - object-is@1.1.6: - resolution: {integrity: sha512-F8cZ+KfGlSGi09lJT7/Nd6KJZ9ygtvYC0/UYYLI9nmQKLMnydpB9yvbv9K1uSkEu7FU9vYPmVwLg328tX+ot3Q==} - engines: {node: '>= 0.4'} - - object-keys@1.1.1: - resolution: {integrity: sha512-NuAESUOUMrlIXOfHKzD6bpPu3tYt3xvjNdRIQ+FeT0lNb4K8WR70CaDxhuNguS2XG+GjkyMwOzsN5ZktImfhLA==} - engines: {node: '>= 0.4'} - - object.assign@4.1.5: - resolution: {integrity: sha512-byy+U7gp+FVwmyzKPYhW2h5l3crpmGsxl7X2s8y43IgxvG4g3QZ6CffDtsNQy1WsmZpQbO+ybo0AlW7TY6DcBQ==} - engines: {node: '>= 0.4'} - - object.entries@1.1.8: - resolution: {integrity: sha512-cmopxi8VwRIAw/fkijJohSfpef5PdN0pMQJN6VC/ZKvn0LIknWD8KtgY6KlQdEc4tIjcQ3HxSMmnvtzIscdaYQ==} - engines: {node: '>= 0.4'} - - object.fromentries@2.0.8: - resolution: {integrity: sha512-k6E21FzySsSK5a21KRADBd/NGneRegFO5pLHfdQLpRDETUNJueLXs3WCzyQ3tFRDYgbq3KHGXfTbi2bs8WQ6rQ==} - engines: {node: '>= 0.4'} - - object.groupby@1.0.3: - resolution: {integrity: sha512-+Lhy3TQTuzXI5hevh8sBGqbmurHbbIjAi0Z4S63nthVLmLxfbj4T54a4CfZrXIrt9iP4mVAPYMo/v99taj3wjQ==} - engines: {node: '>= 0.4'} - - object.values@1.2.0: - resolution: {integrity: sha512-yBYjY9QX2hnRmZHAjG/f13MzmBzxzYgQhFrke06TTyKY5zSTEqkOeukBzIdVA3j3ulu8Qa3MbVFShV7T2RmGtQ==} - engines: {node: '>= 0.4'} - - oidc-token-hash@5.0.3: - resolution: {integrity: sha512-IF4PcGgzAr6XXSff26Sk/+P4KZFJVuHAJZj3wgO3vX2bMdNVp/QXTP3P7CEm9V1IdG8lDLY3HhiqpsE/nOwpPw==} - engines: {node: ^10.13.0 || >=12.0.0} - - once@1.4.0: - resolution: {integrity: sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==} - - openid-client@5.7.1: - resolution: {integrity: sha512-jDBPgSVfTnkIh71Hg9pRvtJc6wTwqjRkN88+gCFtYWrlP4Yx2Dsrow8uPi3qLr/aeymPF3o2+dS+wOpglK04ew==} - - optionator@0.9.4: - resolution: {integrity: sha512-6IpQ7mKUxRcZNLIObR0hz7lxsapSSIYNZJwXPGeF0mTVqGKFIXj1DQcMoT22S3ROcLyY/rz0PWaWZ9ayWmad9g==} - engines: {node: '>= 0.8.0'} - - p-limit@3.1.0: - resolution: {integrity: sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==} - engines: {node: '>=10'} - - p-locate@5.0.0: - resolution: {integrity: sha512-LaNjtRWUBY++zB5nE/NwcaoMylSPk+S+ZHNB1TzdbMJMny6dynpAGt7X/tl/QYq3TIeE6nxHppbo2LGymrG5Pw==} - engines: {node: '>=10'} - - p-queue@8.0.1: - resolution: {integrity: sha512-NXzu9aQJTAzbBqOt2hwsR63ea7yvxJc0PwN/zobNAudYfb1B7R08SzB4TsLeSbUCuG467NhnoT0oO6w1qRO+BA==} - engines: {node: '>=18'} - - p-retry@6.2.0: - resolution: {integrity: sha512-JA6nkq6hKyWLLasXQXUrO4z8BUZGUt/LjlJxx8Gb2+2ntodU/SS63YZ8b0LUTbQ8ZB9iwOfhEPhg4ykKnn2KsA==} - engines: {node: '>=16.17'} - - p-timeout@6.1.2: - resolution: {integrity: sha512-UbD77BuZ9Bc9aABo74gfXhNvzC9Tx7SxtHSh1fxvx3jTLLYvmVhiQZZrJzqqU0jKbN32kb5VOKiLEQI/3bIjgQ==} - engines: {node: '>=14.16'} - - parent-module@1.0.1: - resolution: {integrity: sha512-GQ2EWRpQV8/o+Aw8YqtfZZPfNRWZYkbidE9k5rpl/hC3vtHHBfGm2Ifi6qWV+coDGkrUKZAxE3Lot5kcsRlh+g==} - engines: {node: '>=6'} - - path-exists@4.0.0: - resolution: {integrity: sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==} - engines: {node: '>=8'} - - path-key@3.1.1: - resolution: {integrity: sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==} - engines: {node: '>=8'} - - path-parse@1.0.7: - resolution: {integrity: sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==} - - path-scurry@1.11.1: - resolution: {integrity: sha512-Xa4Nw17FS9ApQFJ9umLiJS4orGjm7ZzwUrwamcGQuHSzDyth9boKDaycYdDcZDuqYATXw4HFXgaqWTctW/v1HA==} - engines: {node: '>=16 || 14 >=14.18'} - - path-type@4.0.0: - resolution: {integrity: sha512-gDKb8aZMDeD/tZWs9P6+q0J9Mwkdl6xMV8TjnGP3qJVJ06bdMgkbBlLU8IdfOsIsFz2BW1rNVT3XuNEl8zPAvw==} - engines: {node: '>=8'} - - picocolors@1.1.0: - resolution: {integrity: sha512-TQ92mBOW0l3LeMeyLV6mzy/kWr8lkd/hp3mTg7wYK7zJhuBStmGMBG0BdeDZS/dZx1IukaX6Bk11zcln25o1Aw==} - - picomatch@2.3.1: - resolution: {integrity: sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==} - engines: {node: '>=8.6'} - - plyr@3.7.8: - resolution: {integrity: sha512-yG/EHDobwbB/uP+4Bm6eUpJ93f8xxHjjk2dYcD1Oqpe1EcuQl5tzzw9Oq+uVAzd2lkM11qZfydSiyIpiB8pgdA==} - - possible-typed-array-names@1.0.0: - resolution: {integrity: sha512-d7Uw+eZoloe0EHDIYoe+bQ5WXnGMOpmiZFTuMWCwpjzzkL2nTjcKiAk4hh8TjnGye2TwWOk3UXucZ+3rbmBa8Q==} - engines: {node: '>= 0.4'} - - postcss-value-parser@4.2.0: - resolution: {integrity: sha512-1NNCs6uurfkVbeXG4S8JFT9t19m45ICnif8zWLd5oPSZ50QnwMfK+H3jv408d4jw/7Bttv5axS5IiHoLaVNHeQ==} - - postcss@8.4.31: - resolution: {integrity: sha512-PS08Iboia9mts/2ygV3eLpY5ghnUcfLV/EXTOW1E2qYxJKGGBUtNjN76FYHnMs36RmARn41bC0AZmn+rR0OVpQ==} - engines: {node: ^10 || ^12 || >=14} - - postcss@8.4.38: - resolution: {integrity: sha512-Wglpdk03BSfXkHoQa3b/oulrotAkwrlLDRSOb9D0bN86FdRyE9lppSp33aHNPgBa0JKCoB+drFLZkQoRRYae5A==} - engines: {node: ^10 || ^12 || >=14} - - preact-render-to-string@5.2.3: - resolution: {integrity: sha512-aPDxUn5o3GhWdtJtW0svRC2SS/l8D9MAgo2+AWml+BhDImb27ALf04Q2d+AHqUUOc6RdSXFIBVa2gxzgMKgtZA==} - peerDependencies: - preact: '>=10' - - preact@10.23.2: - resolution: {integrity: sha512-kKYfePf9rzKnxOAKDpsWhg/ysrHPqT+yQ7UW4JjdnqjFIeNUnNcEJvhuA8fDenxAGWzUqtd51DfVg7xp/8T9NA==} - - prebuild-install@7.1.2: - resolution: {integrity: sha512-UnNke3IQb6sgarcZIDU3gbMeTp/9SSU1DAIkil7PrqG1vZlBtY5msYccSKSHDqa3hNg436IXK+SNImReuA1wEQ==} - engines: {node: '>=10'} - hasBin: true - - prelude-ls@1.2.1: - resolution: {integrity: sha512-vkcDPrRZo1QZLbn5RLGPpg/WmIQ65qoWWhcGKf/b5eplkkarX0m9z8ppCat4mlOqUsWpyNuYgO3VRyrYHSzX5g==} - engines: {node: '>= 0.8.0'} - - pretty-format@3.8.0: - resolution: {integrity: sha512-WuxUnVtlWL1OfZFQFuqvnvs6MiAGk9UNsBostyBOB0Is9wb5uRESevA6rnl/rkksXaGX3GzZhPup5d6Vp1nFew==} - - prop-types@15.8.1: - resolution: {integrity: sha512-oj87CgZICdulUohogVAR7AjlC0327U4el4L6eAvOqCeudMDVU0NThNaV+b9Df4dXgSP1gXMTnPdhfe/2qDH5cg==} - - property-expr@2.0.6: - resolution: {integrity: sha512-SVtmxhRE/CGkn3eZY1T6pC8Nln6Fr/lu1mKSgRud0eC73whjGfoAogbn78LkD8aFL0zz3bAFerKSnOl7NlErBA==} - - pump@3.0.0: - resolution: {integrity: sha512-LwZy+p3SFs1Pytd/jYct4wpv49HiYCqd9Rlc5ZVdk0V+8Yzv6jR5Blk3TRmPL1ft69TxP0IMZGJ+WPFU2BFhww==} - - punycode@2.3.1: - resolution: {integrity: sha512-vYt7UD1U9Wg6138shLtLOvdAu+8DsC/ilFtEVHcH+wydcSpNE20AfSOduf6MkRFahL5FY7X1oU7nKVZFtfq8Fg==} - engines: {node: '>=6'} - - qs@6.13.0: - resolution: {integrity: sha512-+38qI9SOr8tfZ4QmJNplMUxqjbe7LKvvZgWdExBOmd+egZTtjLB67Gu0HRX3u/XOq7UU2Nx6nsjvS16Z9uwfpg==} - engines: {node: '>=0.6'} - - queue-microtask@1.2.3: - resolution: {integrity: sha512-NuaNSa6flKT5JaSYQzJok04JzTL1CA6aGhv5rfLW3PgqA+M2ChpZQnAC8h8i4ZFkBS8X5RqkDBHA7r4hej3K9A==} - - quick-lru@5.1.1: - resolution: {integrity: sha512-WuyALRjWPDGtt/wzJiadO5AXY+8hZ80hVpe6MyivgraREW751X3SbhRvG3eLKOYN+8VEvqLcf3wdnt44Z4S4SA==} - engines: {node: '>=10'} - - rangetouch@2.0.1: - resolution: {integrity: sha512-sln+pNSc8NGaHoLzwNBssFSf/rSYkqeBXzX1AtJlkJiUaVSJSbRAWJk+4omsXkN+EJalzkZhWQ3th1m0FpR5xA==} - - rc@1.2.8: - resolution: {integrity: sha512-y3bGgqKj3QBdxLbLkomlohkvsA8gdAiUQlSBJnBhfn+BPxg4bc62d8TcBW15wavDfgexCgccckhcZvywyQYPOw==} - hasBin: true - - react-data-table-component@7.6.2: - resolution: {integrity: sha512-nHe7040fmtrJyQr/ieGrTfV0jBflYGK4sLokC6/AFOv3ThjmA9WzKz8Z8/2wMxzRqLU+Rn0CVFg+8+frKLepWQ==} - peerDependencies: - react: '>= 16.8.3' - styled-components: '>= 5.0.0' - - react-dom@18.3.1: - resolution: {integrity: sha512-5m4nQKp+rZRb09LNH59GM4BxTh9251/ylbKIbpe7TpGxfJ+9kv6BLkLBXIjjspbgbnIBNqlI23tRnTWT0snUIw==} - peerDependencies: - react: ^18.3.1 - - react-hook-form@7.53.0: - resolution: {integrity: sha512-M1n3HhqCww6S2hxLxciEXy2oISPnAzxY7gvwVPrtlczTM/1dDadXgUxDpHMrMTblDOcm/AXtXxHwZ3jpg1mqKQ==} - engines: {node: '>=18.0.0'} - peerDependencies: - react: ^16.8.0 || ^17 || ^18 || ^19 - - react-is@16.13.1: - resolution: {integrity: sha512-24e6ynE2H+OKt4kqsOvNd8kBpV65zoxbA4BVsEOB3ARVWQki/DHzaUoC5KuON/BiccDaCCTZBuOcfZs70kR8bQ==} - - react-loading-skeleton@3.4.0: - resolution: {integrity: sha512-1oJEBc9+wn7BbkQQk7YodlYEIjgeR+GrRjD+QXkVjwZN7LGIcAFHrx4NhT7UHGBxNY1+zax3c+Fo6XQM4R7CgA==} - peerDependencies: - react: '>=16.8.0' - - react-toastify@10.0.5: - resolution: {integrity: sha512-mNKt2jBXJg4O7pSdbNUfDdTsK9FIdikfsIE/yUCxbAEXl4HMyJaivrVFcn3Elvt5xvCQYhUZm+hqTIu1UXM3Pw==} - peerDependencies: - react: '>=18' - react-dom: '>=18' - - react@18.3.1: - resolution: {integrity: sha512-wS+hAgJShR0KhEvPJArfuPVN1+Hz1t0Y6n5jLrGQbkb4urgPE/0Rve+1kMB1v/oWgHgm4WIcV+i7F2pTVj+2iQ==} - engines: {node: '>=0.10.0'} - - readable-stream@3.6.2: - resolution: {integrity: sha512-9u/sniCrY3D5WdsERHzHE4G2YCXqoG5FTHUiCC4SIbr6XcLZBY05ya9EKjYek9O5xOAwjGq+1JdGBAS7Q9ScoA==} - engines: {node: '>= 6'} - - readdirp@3.6.0: - resolution: {integrity: sha512-hOS089on8RduqdbhvQ5Z37A0ESjsqz6qnRcffsMU3495FuTdqSm+7bhJ29JvIOsBDEEnan5DPu9t3To9VRlMzA==} - engines: {node: '>=8.10.0'} - - reflect.getprototypeof@1.0.6: - resolution: {integrity: sha512-fmfw4XgoDke3kdI6h4xcUz1dG8uaiv5q9gcEwLS4Pnth2kxT+GZ7YehS1JTMGBQmtV7Y4GFGbs2re2NqhdozUg==} - engines: {node: '>= 0.4'} - - regenerator-runtime@0.14.1: - resolution: {integrity: sha512-dYnhHh0nJoMfnkZs6GmmhFknAGRrLznOu5nc9ML+EJxGvrx6H7teuevqVqCuPcPK//3eDrrjQhehXVx9cnkGdw==} - - regexp.prototype.flags@1.5.2: - resolution: {integrity: sha512-NcDiDkTLuPR+++OCKB0nWafEmhg/Da8aUPLPMQbK+bxKKCm1/S5he+AqYa4PlMCVBalb4/yxIRub6qkEx5yJbw==} - engines: {node: '>= 0.4'} - - resolve-from@4.0.0: - resolution: {integrity: sha512-pb/MYmXstAkysRFx8piNI1tGFNQIFA3vkE3Gq4EuA1dF6gHp/+vgZqsCGJapvy8N3Q+4o7FwvquPJcnZ7RYy4g==} - engines: {node: '>=4'} - - resolve-pkg-maps@1.0.0: - resolution: {integrity: sha512-seS2Tj26TBVOC2NIc2rOe2y2ZO7efxITtLZcGSOnHHNOQ7CkiUBfw0Iw2ck6xkIhPwLhKNLS8BO+hEpngQlqzw==} - - resolve@1.22.8: - resolution: {integrity: sha512-oKWePCxqpd6FlLvGV1VU0x7bkPmmCNolxzjMf4NczoDnQcIWrAF+cPtZn5i6n+RfD2d9i0tzpKnG6Yk168yIyw==} - hasBin: true - - resolve@2.0.0-next.5: - resolution: {integrity: sha512-U7WjGVG9sH8tvjW5SmGbQuui75FiyjAX72HX15DwBBwF9dNiQZRQAg9nnPhYy+TUnE0+VcrttuvNI8oSxZcocA==} - hasBin: true - - retry@0.13.1: - resolution: {integrity: sha512-XQBQ3I8W1Cge0Seh+6gjj03LbmRFWuoszgK9ooCpwYIrhhoO80pfq4cUkU5DkknwfOfFteRwlZ56PYOGYyFWdg==} - engines: {node: '>= 4'} - - reusify@1.0.4: - resolution: {integrity: sha512-U9nH88a3fc/ekCF1l0/UP1IosiuIjyTh7hBvXVMHYgVcfGvt897Xguj2UOLDeI5BG2m7/uwyaLVT6fbtCwTyzw==} - engines: {iojs: '>=1.0.0', node: '>=0.10.0'} - - run-parallel@1.2.0: - resolution: {integrity: sha512-5l4VyZR86LZ/lDxZTR6jqL8AFE2S0IFLMP26AbjsLVADxHdhB/c0GUsH+y39UfCi3dzz8OlQuPmnaJOMoDHQBA==} - - safe-array-concat@1.1.2: - resolution: {integrity: sha512-vj6RsCsWBCf19jIeHEfkRMw8DPiBb+DMXklQ/1SGDHOMlHdPUkZXFQ2YdplS23zESTijAcurb1aSgJA3AgMu1Q==} - engines: {node: '>=0.4'} - - safe-buffer@5.2.1: - resolution: {integrity: sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ==} - - safe-regex-test@1.0.3: - resolution: {integrity: sha512-CdASjNJPvRa7roO6Ra/gLYBTzYzzPyyBXxIMdGW3USQLyjWEls2RgW5UBTXaQVp+OrpeCK3bLem8smtmheoRuw==} - engines: {node: '>= 0.4'} - - sass@1.77.8: - resolution: {integrity: sha512-4UHg6prsrycW20fqLGPShtEvo/WyHRVRHwOP4DzkUrObWoWI05QBSfzU71TVB7PFaL104TwNaHpjlWXAZbQiNQ==} - engines: {node: '>=14.0.0'} - hasBin: true - - sax@1.4.1: - resolution: {integrity: sha512-+aWOz7yVScEGoKNd4PA10LZ8sk0A/z5+nXQG5giUO5rprX9jgYsTdov9qCchZiPIZezbZH+jRut8nPodFAX4Jg==} - - scheduler@0.23.2: - resolution: {integrity: sha512-UOShsPwz7NrMUqhR6t0hWjFduvOzbtv7toDH1/hIrfRNIDBnnBWd0CwJTGvTpngVlmwGCdP9/Zl/tVrDqcuYzQ==} - - section-matter@1.0.0: - resolution: {integrity: sha512-vfD3pmTzGpufjScBh50YHKzEu2lxBWhVEHsNGoEXmCmn2hKGfeNLYMzCJpe8cD7gqX7TJluOVpBkAequ6dgMmA==} - engines: {node: '>=4'} - - semver@6.3.1: - resolution: {integrity: sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==} - hasBin: true - - semver@7.6.3: - resolution: {integrity: sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==} - engines: {node: '>=10'} - hasBin: true - - set-function-length@1.2.2: - resolution: {integrity: sha512-pgRc4hJ4/sNjWCSS9AmnS40x3bNMDTknHgL5UaMBTMyJnU90EgWh1Rz+MC9eFu4BuN/UwZjKQuY/1v3rM7HMfg==} - engines: {node: '>= 0.4'} - - set-function-name@2.0.2: - resolution: {integrity: sha512-7PGFlmtwsEADb0WYyvCMa1t+yke6daIG4Wirafur5kcf+MhUnPms1UeR0CKQdTZD81yESwMHbtn+TR+dMviakQ==} - engines: {node: '>= 0.4'} - - shallow-equal@3.1.0: - resolution: {integrity: sha512-pfVOw8QZIXpMbhBWvzBISicvToTiM5WBF1EeAUZDDSb5Dt29yl4AYbyywbJFSEsRUMr7gJaxqCdr4L3tQf9wVg==} - - shallowequal@1.1.0: - resolution: {integrity: sha512-y0m1JoUZSlPAjXVtPPW70aZWfIL/dSP7AFkRnniLCrK/8MDKog3TySTBmckD+RObVxH0v4Tox67+F14PdED2oQ==} - - sharp@0.30.7: - resolution: {integrity: sha512-G+MY2YW33jgflKPTXXptVO28HvNOo9G3j0MybYAHeEmby+QuD2U98dT6ueht9cv/XDqZspSpIhoSW+BAKJ7Hig==} - engines: {node: '>=12.13.0'} - - sharp@0.33.5: - resolution: {integrity: sha512-haPVm1EkS9pgvHrQ/F3Xy+hgcuMV0Wm9vfIBSiwZ05k+xgb0PkBQpGsAA/oWdDobNaZTH5ppvHtzCFbnSEwHVw==} - engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0} - - shebang-command@2.0.0: - resolution: {integrity: sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==} - engines: {node: '>=8'} - - shebang-regex@3.0.0: - resolution: {integrity: sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==} - engines: {node: '>=8'} - - side-channel@1.0.6: - resolution: {integrity: sha512-fDW/EZ6Q9RiO8eFG8Hj+7u/oW+XrPTIChwCOM2+th2A6OblDtYYIpve9m+KvI9Z4C9qSEXlaGR6bTEYHReuglA==} - engines: {node: '>= 0.4'} - - signal-exit@4.1.0: - resolution: {integrity: sha512-bzyZ1e88w9O1iNJbKnOlvYTrWPDl46O1bG0D3XInv+9tkPrxrN8jUUTiFlDkkmKWgn1M6CfIA13SuGqOa9Korw==} - engines: {node: '>=14'} - - simple-concat@1.0.1: - resolution: {integrity: sha512-cSFtAPtRhljv69IK0hTVZQ+OfE9nePi/rtJmw5UjHeVyVroEqJXP1sFztKUy1qU+xvz3u/sfYJLa947b7nAN2Q==} - - simple-get@4.0.1: - resolution: {integrity: sha512-brv7p5WgH0jmQJr1ZDDfKDOSeWWg+OVypG99A/5vYGPqJ6pxiaHLy8nxtFjBA7oMa01ebA9gfh1uMCFqOuXxvA==} - - simple-swizzle@0.2.2: - resolution: {integrity: sha512-JA//kQgZtbuY83m+xT+tXJkmJncGMTFT+C+g2h2R9uxkYIrE2yy9sgmcLhCnw57/WSD+Eh3J97FPEDFnbXnDUg==} - - slash@3.0.0: - resolution: {integrity: sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==} - engines: {node: '>=8'} - - slugify@1.6.6: - resolution: {integrity: sha512-h+z7HKHYXj6wJU+AnS/+IH8Uh9fdcX1Lrhg1/VMdf9PwoBQXFcXiAdsy2tSK0P6gKwJLXp02r90ahUCqHk9rrw==} - engines: {node: '>=8.0.0'} - - source-map-js@1.2.0: - resolution: {integrity: sha512-itJW8lvSA0TXEphiRoawsCksnlf8SyvmFzIhltqAHluXd88pkCd+cXJVHTDwdCr0IzwptSm035IHQktUu1QUMg==} - engines: {node: '>=0.10.0'} - - sprintf-js@1.0.3: - resolution: {integrity: sha512-D9cPgkvLlV3t3IzL0D0YLvGA9Ahk4PcvVwUbN0dSGr1aP0Nrt4AEnTUbuGvquEC0mA64Gqt1fzirlRs5ibXx8g==} - - stop-iteration-iterator@1.0.0: - resolution: {integrity: sha512-iCGQj+0l0HOdZ2AEeBADlsRC+vsnDsZsbdSiH1yNSjcfKM7fdpCMfqAL/dwF5BLiw/XhRft/Wax6zQbhq2BcjQ==} - engines: {node: '>= 0.4'} - - streamsearch@1.1.0: - resolution: {integrity: sha512-Mcc5wHehp9aXz1ax6bZUyY5afg9u2rv5cqQI3mRrYkGC8rW2hM02jWuwjtL++LS5qinSyhj2QfLyNsuc+VsExg==} - engines: {node: '>=10.0.0'} - - string-width@4.2.3: - resolution: {integrity: sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==} - engines: {node: '>=8'} - - string-width@5.1.2: - resolution: {integrity: sha512-HnLOCR3vjcY8beoNLtcjZ5/nxn2afmME6lhrDrebokqMap+XbeW8n9TXpPDOqdGK5qcI3oT0GKTW6wC7EMiVqA==} - engines: {node: '>=12'} - - string.prototype.includes@2.0.0: - resolution: {integrity: sha512-E34CkBgyeqNDcrbU76cDjL5JLcVrtSdYq0MEh/B10r17pRP4ciHLwTgnuLV8Ay6cgEMLkcBkFCKyFZ43YldYzg==} - - string.prototype.matchall@4.0.11: - resolution: {integrity: sha512-NUdh0aDavY2og7IbBPenWqR9exH+E26Sv8e0/eTe1tltDGZL+GtBkDAnnyBtmekfK6/Dq3MkcGtzXFEd1LQrtg==} - engines: {node: '>= 0.4'} - - string.prototype.repeat@1.0.0: - resolution: {integrity: sha512-0u/TldDbKD8bFCQ/4f5+mNRrXwZ8hg2w7ZR8wa16e8z9XpePWl3eGEcUD0OXpEH/VJH/2G3gjUtR3ZOiBe2S/w==} - - string.prototype.trim@1.2.9: - resolution: {integrity: sha512-klHuCNxiMZ8MlsOihJhJEBJAiMVqU3Z2nEXWfWnIqjN0gEFS9J9+IxKozWWtQGcgoa1WUZzLjKPTr4ZHNFTFxw==} - engines: {node: '>= 0.4'} - - string.prototype.trimend@1.0.8: - resolution: {integrity: sha512-p73uL5VCHCO2BZZ6krwwQE3kCzM7NKmis8S//xEC6fQonchbum4eP6kR4DLEjQFO3Wnj3Fuo8NM0kOSjVdHjZQ==} - - string.prototype.trimstart@1.0.8: - resolution: {integrity: sha512-UXSH262CSZY1tfu3G3Secr6uGLCFVPMhIqHjlgCUtCCcgihYc/xKs9djMTMUOb2j1mVSeU8EU6NWc/iQKU6Gfg==} - engines: {node: '>= 0.4'} - - string_decoder@1.3.0: - resolution: {integrity: sha512-hkRX8U1WjJFd8LsDJ2yQ/wWWxaopEsABU1XfkM8A+j0+85JAGppt16cr1Whg6KIbb4okU6Mql6BOj+uup/wKeA==} - - strip-ansi@6.0.1: - resolution: {integrity: sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==} - engines: {node: '>=8'} - - strip-ansi@7.1.0: - resolution: {integrity: sha512-iq6eVVI64nQQTRYq2KtEg2d2uU7LElhTJwsH4YzIHZshxlgZms/wIc4VoDQTlG/IvVIrBKG06CrZnp0qv7hkcQ==} - engines: {node: '>=12'} - - strip-bom-string@1.0.0: - resolution: {integrity: sha512-uCC2VHvQRYu+lMh4My/sFNmF2klFymLX1wHJeXnbEJERpV/ZsVuonzerjfrGpIGF7LBVa1O7i9kjiWvJiFck8g==} - engines: {node: '>=0.10.0'} - - strip-bom@3.0.0: - resolution: {integrity: sha512-vavAMRXOgBVNF6nyEEmL3DBK19iRpDcoIwW+swQ+CbGiu7lju6t+JklA1MHweoWtadgt4ISVUsXLyDq34ddcwA==} - engines: {node: '>=4'} - - strip-json-comments@2.0.1: - resolution: {integrity: sha512-4gB8na07fecVVkOI6Rs4e7T6NOTki5EmL7TUduTs6bu3EdnSycntVJ4re8kgZA+wx9IueI2Y11bfbgwtzuE0KQ==} - engines: {node: '>=0.10.0'} - - strip-json-comments@3.1.1: - resolution: {integrity: sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==} - engines: {node: '>=8'} - - styled-components@6.1.13: - resolution: {integrity: sha512-M0+N2xSnAtwcVAQeFEsGWFFxXDftHUD7XrKla06QbpUMmbmtFBMMTcKWvFXtWxuD5qQkB8iU5gk6QASlx2ZRMw==} - engines: {node: '>= 16'} - peerDependencies: - react: '>= 16.8.0' - react-dom: '>= 16.8.0' - - styled-jsx@5.1.1: - resolution: {integrity: sha512-pW7uC1l4mBZ8ugbiZrcIsiIvVx1UmTfw7UkC3Um2tmfUq9Bhk8IiyEIPl6F8agHgjzku6j0xQEZbfA5uSgSaCw==} - engines: {node: '>= 12.0.0'} - peerDependencies: - '@babel/core': '*' - babel-plugin-macros: '*' - react: '>= 16.8.0 || 17.x.x || ^18.0.0-0' - peerDependenciesMeta: - '@babel/core': - optional: true - babel-plugin-macros: - optional: true - - stylis@4.3.2: - resolution: {integrity: sha512-bhtUjWd/z6ltJiQwg0dUfxEJ+W+jdqQd8TbWLWyeIJHlnsqmGLRFFd8e5mA0AZi/zx90smXRlN66YMTcaSFifg==} - - supports-color@7.2.0: - resolution: {integrity: sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==} - engines: {node: '>=8'} - - supports-preserve-symlinks-flag@1.0.0: - resolution: {integrity: sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==} - engines: {node: '>= 0.4'} - - tapable@2.2.1: - resolution: {integrity: sha512-GNzQvQTOIP6RyTfE2Qxb8ZVlNmw0n88vp1szwWRimP02mnTsx3Wtn5qRdqY9w2XduFNUgvOwhNnQsjwCp+kqaQ==} - engines: {node: '>=6'} - - tar-fs@2.1.1: - resolution: {integrity: sha512-V0r2Y9scmbDRLCNex/+hYzvp/zyYjvFbHPNgVTKfQvVrb6guiE/fxP+XblDNR011utopbkex2nM4dHNV6GDsng==} - - tar-stream@2.2.0: - resolution: {integrity: sha512-ujeqbceABgwMZxEJnk2HDY2DlnUZ+9oEcb1KzTVfYHio0UE6dG71n60d8D2I4qNvleWrrXpmjpt7vZeF1LnMZQ==} - engines: {node: '>=6'} - - text-table@0.2.0: - resolution: {integrity: sha512-N+8UisAXDGk8PFXP4HAzVR9nbfmVJ3zYLAWiTIoqC5v5isinhr+r5uaO8+7r3BMfuNIufIsA7RdpVgacC2cSpw==} - - tiny-case@1.0.3: - resolution: {integrity: sha512-Eet/eeMhkO6TX8mnUteS9zgPbUMQa4I6Kkp5ORiBD5476/m+PIRiumP5tmh5ioJpH7k51Kehawy2UDfsnxxY8Q==} - - to-regex-range@5.0.1: - resolution: {integrity: sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==} - engines: {node: '>=8.0'} - - toposort@2.0.2: - resolution: {integrity: sha512-0a5EOkAUp8D4moMi2W8ZF8jcga7BgZd91O/yabJCFY8az+XSzeGyTKs0Aoo897iV1Nj6guFq8orWDS96z91oGg==} - - ts-api-utils@1.3.0: - resolution: {integrity: sha512-UQMIo7pb8WRomKR1/+MFVLTroIvDVtMX3K6OUir8ynLyzB8Jeriont2bTAtmNPa1ekAgN7YPDyf6V+ygrdU+eQ==} - engines: {node: '>=16'} - peerDependencies: - typescript: '>=4.2.0' - - tsconfig-paths@3.15.0: - resolution: {integrity: sha512-2Ac2RgzDe/cn48GvOe3M+o82pEFewD3UPbyoUHHdKasHwJKjds4fLXWf/Ux5kATBKN20oaFGu+jbElp1pos0mg==} - - tslib@2.6.2: - resolution: {integrity: sha512-AEYxH93jGFPn/a2iVAwW87VuUIkR1FVUKB77NwMF7nBTDkDrrT/Hpt/IrCJ0QXhW27jTBDcf5ZY7w6RiqTMw2Q==} - - tslib@2.7.0: - resolution: {integrity: sha512-gLXCKdN1/j47AiHiOkJN69hJmcbGTHI0ImLmbYLHykhgeN0jVGola9yVjFgzCUklsZQMW55o+dW7IXv3RCXDzA==} - - tunnel-agent@0.6.0: - resolution: {integrity: sha512-McnNiV1l8RYeY8tBgEpuodCC1mLUdbSN+CYBL7kJsJNInOP8UjDDEwdk6Mw60vdLLrr5NHKZhMAOSrR2NZuQ+w==} - - type-check@0.4.0: - resolution: {integrity: sha512-XleUoc9uwGXqjWwXaUTZAmzMcFZ5858QA2vvx1Ur5xIcixXIP+8LnFDgRplU30us6teqdlskFfu+ae4K79Ooew==} - engines: {node: '>= 0.8.0'} - - type-fest@1.4.0: - resolution: {integrity: sha512-yGSza74xk0UG8k+pLh5oeoYirvIiWo5t0/o3zHHAO2tRDiZcxWP7fywNlXhqb6/r6sWvwi+RsyQMWhVLe4BVuA==} - engines: {node: '>=10'} - - type-fest@2.19.0: - resolution: {integrity: sha512-RAH822pAdBgcNMAfWnCBU3CFZcfZ/i1eZjwFU/dsLKumyuuP3niueg2UAukXYF0E2AAoc82ZSSf9J0WQBinzHA==} - engines: {node: '>=12.20'} - - typed-array-buffer@1.0.2: - resolution: {integrity: sha512-gEymJYKZtKXzzBzM4jqa9w6Q1Jjm7x2d+sh19AdsD4wqnMPDYyvwpsIc2Q/835kHuo3BEQ7CjelGhfTsoBb2MQ==} - engines: {node: '>= 0.4'} - - typed-array-byte-length@1.0.1: - resolution: {integrity: sha512-3iMJ9q0ao7WE9tWcaYKIptkNBuOIcZCCT0d4MRvuuH88fEoEH62IuQe0OtraD3ebQEoTRk8XCBoknUNc1Y67pw==} - engines: {node: '>= 0.4'} - - typed-array-byte-offset@1.0.2: - resolution: {integrity: sha512-Ous0vodHa56FviZucS2E63zkgtgrACj7omjwd/8lTEMEPFFyjfixMZ1ZXenpgCFBBt4EC1J2XsyVS2gkG0eTFA==} - engines: {node: '>= 0.4'} - - typed-array-length@1.0.6: - resolution: {integrity: sha512-/OxDN6OtAk5KBpGb28T+HZc2M+ADtvRxXrKKbUwtsLgdoxgX13hyy7ek6bFRl5+aBs2yZzB0c4CnQfAtVypW/g==} - engines: {node: '>= 0.4'} - - typescript@5.5.4: - resolution: {integrity: sha512-Mtq29sKDAEYP7aljRgtPOpTvOfbwRWlS6dPRzwjdE+C0R4brX/GUyhHSecbHMFLNBLcJIPt9nl9yG5TZ1weH+Q==} - engines: {node: '>=14.17'} - hasBin: true - - unbox-primitive@1.0.2: - resolution: {integrity: sha512-61pPlCD9h51VoreyJ0BReideM3MDKMKnh6+V9L08331ipq6Q8OFXZYiqP6n/tbHx4s5I9uRhcye6BrbkizkBDw==} - - undici-types@6.19.8: - resolution: {integrity: sha512-ve2KP6f/JnbPBFyobGHuerC9g1FYGn/F8n1LWTwNxCEzd6IfqTwUQcNXgEtmmQ6DlRrC1hrSrBnCZPokRrDHjw==} - - uri-js@4.4.1: - resolution: {integrity: sha512-7rKUyy33Q1yc98pQ1DAmLtwX109F7TIfWlW1Ydo8Wl1ii1SeHieeh0HHfPeL2fMXK6z0s8ecKs9frCuLJvndBg==} - - url-polyfill@1.1.12: - resolution: {integrity: sha512-mYFmBHCapZjtcNHW0MDq9967t+z4Dmg5CJ0KqysK3+ZbyoNOWQHksGCTWwDhxGXllkWlOc10Xfko6v4a3ucM6A==} - - use-sync-external-store@1.2.2: - resolution: {integrity: sha512-PElTlVMwpblvbNqQ82d2n6RjStvdSoNe9FG28kNfz3WiXilJm4DdNkEzRhCZuIDwY8U08WVihhGR5iRqAwfDiw==} - peerDependencies: - react: ^16.8.0 || ^17.0.0 || ^18.0.0 - - util-deprecate@1.0.2: - resolution: {integrity: sha512-EPD5q1uXyFxJpCrLnCc1nHnq3gOa6DZBocAIiI2TaSCA7VCJ1UJDMagCzIkXNsUYfD1daK//LTEQ8xiIbrHtcw==} - - uuid@8.3.2: - resolution: {integrity: sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==} - hasBin: true - - vary@1.1.2: - resolution: {integrity: sha512-BNGbWLfd0eUPabhkXUVm0j8uuvREyTh5ovRa/dyow/BqAbZJyC+5fU+IzQOzmAKzYqYRAISoRhdQr3eIZ/PXqg==} - engines: {node: '>= 0.8'} - - which-boxed-primitive@1.0.2: - resolution: {integrity: sha512-bwZdv0AKLpplFY2KZRX6TvyuN7ojjr7lwkg6ml0roIy9YeuSr7JS372qlNW18UQYzgYK9ziGcerWqZOmEn9VNg==} - - which-builtin-type@1.1.4: - resolution: {integrity: sha512-bppkmBSsHFmIMSl8BO9TbsyzsvGjVoppt8xUiGzwiu/bhDCGxnpOKCxgqj6GuyHE0mINMDecBFPlOm2hzY084w==} - engines: {node: '>= 0.4'} - - which-collection@1.0.2: - resolution: {integrity: sha512-K4jVyjnBdgvc86Y6BkaLZEN933SwYOuBFkdmBu9ZfkcAbdVbpITnDmjvZ/aQjRXQrv5EPkTnD1s39GiiqbngCw==} - engines: {node: '>= 0.4'} - - which-typed-array@1.1.15: - resolution: {integrity: sha512-oV0jmFtUky6CXfkqehVvBP/LSWJ2sy4vWMioiENyJLePrBO/yKyV9OyJySfAKosh+RYkIl5zJCNZ8/4JncrpdA==} - engines: {node: '>= 0.4'} - - which@2.0.2: - resolution: {integrity: sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==} - engines: {node: '>= 8'} - hasBin: true - - wildcard@1.1.2: - resolution: {integrity: sha512-DXukZJxpHA8LuotRwL0pP1+rS6CS7FF2qStDDE1C7DDg2rLud2PXRMuEDYIPhgEezwnlHNL4c+N6MfMTjCGTng==} - - word-wrap@1.2.5: - resolution: {integrity: sha512-BN22B5eaMMI9UMtjrGd5g5eCYPpCPDUy0FJXbYsaT5zYxjFOckS53SQDE3pWkVoWpHXVb3BrYcEN4Twa55B5cA==} - engines: {node: '>=0.10.0'} - - wrap-ansi@7.0.0: - resolution: {integrity: sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==} - engines: {node: '>=10'} - - wrap-ansi@8.1.0: - resolution: {integrity: sha512-si7QWI6zUMq56bESFvagtmzMdGOtoxfR+Sez11Mobfc7tm+VkUckk9bW2UeffTGVUbOksxmSw0AA2gs8g71NCQ==} - engines: {node: '>=12'} - - wrappy@1.0.2: - resolution: {integrity: sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==} - - xml-js@1.6.11: - resolution: {integrity: sha512-7rVi2KMfwfWFl+GpPg6m80IVMWXLRjO+PxTq7V2CDhoGak0wzYzFgUY2m4XJ47OGdXd8eLE8EmwfAmdjw7lC1g==} - hasBin: true - - yallist@4.0.0: - resolution: {integrity: sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==} - - yocto-queue@0.1.0: - resolution: {integrity: sha512-rVksvsnNCdJ/ohGc6xgPwyN8eheCxsiLM8mxuE/t/mOVqJewPuO1miLpTHQiRgTKCLexL4MeAFVagts7HmNZ2Q==} - engines: {node: '>=10'} - - yup@1.4.0: - resolution: {integrity: sha512-wPbgkJRCqIf+OHyiTBQoJiP5PFuAXaWiJK6AmYkzQAh5/c2K9hzSApBZG5wV9KoKSePF7sAxmNSvh/13YHkFDg==} - -snapshots: - - '@babel/runtime@7.26.0': - dependencies: - regenerator-runtime: 0.14.1 - - '@dicebear/adventurer-neutral@9.2.2(@dicebear/core@9.2.2)': - dependencies: - '@dicebear/core': 9.2.2 - - '@dicebear/adventurer@9.2.2(@dicebear/core@9.2.2)': - dependencies: - '@dicebear/core': 9.2.2 - - '@dicebear/avataaars-neutral@9.2.2(@dicebear/core@9.2.2)': - dependencies: - '@dicebear/core': 9.2.2 - - '@dicebear/avataaars@9.2.2(@dicebear/core@9.2.2)': - dependencies: - '@dicebear/core': 9.2.2 - - '@dicebear/big-ears-neutral@9.2.2(@dicebear/core@9.2.2)': - dependencies: - '@dicebear/core': 9.2.2 - - '@dicebear/big-ears@9.2.2(@dicebear/core@9.2.2)': - dependencies: - '@dicebear/core': 9.2.2 - - '@dicebear/big-smile@9.2.2(@dicebear/core@9.2.2)': - dependencies: - '@dicebear/core': 9.2.2 - - '@dicebear/bottts-neutral@9.2.2(@dicebear/core@9.2.2)': - dependencies: - '@dicebear/core': 9.2.2 - - '@dicebear/bottts@9.2.2(@dicebear/core@9.2.2)': - dependencies: - '@dicebear/core': 9.2.2 - - '@dicebear/collection@9.2.2(@dicebear/core@9.2.2)': - dependencies: - '@dicebear/adventurer': 9.2.2(@dicebear/core@9.2.2) - '@dicebear/adventurer-neutral': 9.2.2(@dicebear/core@9.2.2) - '@dicebear/avataaars': 9.2.2(@dicebear/core@9.2.2) - '@dicebear/avataaars-neutral': 9.2.2(@dicebear/core@9.2.2) - '@dicebear/big-ears': 9.2.2(@dicebear/core@9.2.2) - '@dicebear/big-ears-neutral': 9.2.2(@dicebear/core@9.2.2) - '@dicebear/big-smile': 9.2.2(@dicebear/core@9.2.2) - '@dicebear/bottts': 9.2.2(@dicebear/core@9.2.2) - '@dicebear/bottts-neutral': 9.2.2(@dicebear/core@9.2.2) - '@dicebear/core': 9.2.2 - '@dicebear/croodles': 9.2.2(@dicebear/core@9.2.2) - '@dicebear/croodles-neutral': 9.2.2(@dicebear/core@9.2.2) - '@dicebear/dylan': 9.2.2(@dicebear/core@9.2.2) - '@dicebear/fun-emoji': 9.2.2(@dicebear/core@9.2.2) - '@dicebear/glass': 9.2.2(@dicebear/core@9.2.2) - '@dicebear/icons': 9.2.2(@dicebear/core@9.2.2) - '@dicebear/identicon': 9.2.2(@dicebear/core@9.2.2) - '@dicebear/initials': 9.2.2(@dicebear/core@9.2.2) - '@dicebear/lorelei': 9.2.2(@dicebear/core@9.2.2) - '@dicebear/lorelei-neutral': 9.2.2(@dicebear/core@9.2.2) - '@dicebear/micah': 9.2.2(@dicebear/core@9.2.2) - '@dicebear/miniavs': 9.2.2(@dicebear/core@9.2.2) - '@dicebear/notionists': 9.2.2(@dicebear/core@9.2.2) - '@dicebear/notionists-neutral': 9.2.2(@dicebear/core@9.2.2) - '@dicebear/open-peeps': 9.2.2(@dicebear/core@9.2.2) - '@dicebear/personas': 9.2.2(@dicebear/core@9.2.2) - '@dicebear/pixel-art': 9.2.2(@dicebear/core@9.2.2) - '@dicebear/pixel-art-neutral': 9.2.2(@dicebear/core@9.2.2) - '@dicebear/rings': 9.2.2(@dicebear/core@9.2.2) - '@dicebear/shapes': 9.2.2(@dicebear/core@9.2.2) - '@dicebear/thumbs': 9.2.2(@dicebear/core@9.2.2) - - '@dicebear/core@9.2.2': - dependencies: - '@types/json-schema': 7.0.15 - - '@dicebear/croodles-neutral@9.2.2(@dicebear/core@9.2.2)': - dependencies: - '@dicebear/core': 9.2.2 - - '@dicebear/croodles@9.2.2(@dicebear/core@9.2.2)': - dependencies: - '@dicebear/core': 9.2.2 - - '@dicebear/dylan@9.2.2(@dicebear/core@9.2.2)': - dependencies: - '@dicebear/core': 9.2.2 - - '@dicebear/fun-emoji@9.2.2(@dicebear/core@9.2.2)': - dependencies: - '@dicebear/core': 9.2.2 - - '@dicebear/glass@9.2.2(@dicebear/core@9.2.2)': - dependencies: - '@dicebear/core': 9.2.2 - - '@dicebear/icons@9.2.2(@dicebear/core@9.2.2)': - dependencies: - '@dicebear/core': 9.2.2 - - '@dicebear/identicon@9.2.2(@dicebear/core@9.2.2)': - dependencies: - '@dicebear/core': 9.2.2 - - '@dicebear/initials@9.2.2(@dicebear/core@9.2.2)': - dependencies: - '@dicebear/core': 9.2.2 - - '@dicebear/lorelei-neutral@9.2.2(@dicebear/core@9.2.2)': - dependencies: - '@dicebear/core': 9.2.2 - - '@dicebear/lorelei@9.2.2(@dicebear/core@9.2.2)': - dependencies: - '@dicebear/core': 9.2.2 - - '@dicebear/micah@9.2.2(@dicebear/core@9.2.2)': - dependencies: - '@dicebear/core': 9.2.2 - - '@dicebear/miniavs@9.2.2(@dicebear/core@9.2.2)': - dependencies: - '@dicebear/core': 9.2.2 - - '@dicebear/notionists-neutral@9.2.2(@dicebear/core@9.2.2)': - dependencies: - '@dicebear/core': 9.2.2 - - '@dicebear/notionists@9.2.2(@dicebear/core@9.2.2)': - dependencies: - '@dicebear/core': 9.2.2 - - '@dicebear/open-peeps@9.2.2(@dicebear/core@9.2.2)': - dependencies: - '@dicebear/core': 9.2.2 - - '@dicebear/personas@9.2.2(@dicebear/core@9.2.2)': - dependencies: - '@dicebear/core': 9.2.2 - - '@dicebear/pixel-art-neutral@9.2.2(@dicebear/core@9.2.2)': - dependencies: - '@dicebear/core': 9.2.2 - - '@dicebear/pixel-art@9.2.2(@dicebear/core@9.2.2)': - dependencies: - '@dicebear/core': 9.2.2 - - '@dicebear/rings@9.2.2(@dicebear/core@9.2.2)': - dependencies: - '@dicebear/core': 9.2.2 - - '@dicebear/shapes@9.2.2(@dicebear/core@9.2.2)': - dependencies: - '@dicebear/core': 9.2.2 - - '@dicebear/thumbs@9.2.2(@dicebear/core@9.2.2)': - dependencies: - '@dicebear/core': 9.2.2 - - '@edge-runtime/cookies@4.1.1': {} - - '@emnapi/runtime@1.2.0': - dependencies: - tslib: 2.7.0 - optional: true - - '@emotion/is-prop-valid@1.2.2': - dependencies: - '@emotion/memoize': 0.8.1 - - '@emotion/memoize@0.8.1': {} - - '@emotion/unitless@0.8.1': {} - - '@eslint-community/eslint-utils@4.4.0(eslint@9.9.1)': - dependencies: - eslint: 9.9.1 - eslint-visitor-keys: 3.4.3 - - '@eslint-community/regexpp@4.11.0': {} - - '@eslint/config-array@0.18.0': - dependencies: - '@eslint/object-schema': 2.1.4 - debug: 4.3.6 - minimatch: 3.1.2 - transitivePeerDependencies: - - supports-color - - '@eslint/eslintrc@3.1.0': - dependencies: - ajv: 6.12.6 - debug: 4.3.6 - espree: 10.1.0 - globals: 14.0.0 - ignore: 5.3.2 - import-fresh: 3.3.0 - js-yaml: 4.1.0 - minimatch: 3.1.2 - strip-json-comments: 3.1.1 - transitivePeerDependencies: - - supports-color - - '@eslint/js@9.9.1': {} - - '@eslint/object-schema@2.1.4': {} - - '@fortawesome/fontawesome-common-types@6.6.0': {} - - '@fortawesome/fontawesome-free@6.6.0': {} - - '@fortawesome/fontawesome-svg-core@6.6.0': - dependencies: - '@fortawesome/fontawesome-common-types': 6.6.0 - - '@fortawesome/free-brands-svg-icons@6.6.0': - dependencies: - '@fortawesome/fontawesome-common-types': 6.6.0 - - '@fortawesome/free-solid-svg-icons@6.6.0': - dependencies: - '@fortawesome/fontawesome-common-types': 6.6.0 - - '@fortawesome/react-fontawesome@0.2.2(@fortawesome/fontawesome-svg-core@6.6.0)(react@18.3.1)': - dependencies: - '@fortawesome/fontawesome-svg-core': 6.6.0 - prop-types: 15.8.1 - react: 18.3.1 - - '@hookform/error-message@2.0.1(react-dom@18.3.1(react@18.3.1))(react-hook-form@7.53.0(react@18.3.1))(react@18.3.1)': - dependencies: - react: 18.3.1 - react-dom: 18.3.1(react@18.3.1) - react-hook-form: 7.53.0(react@18.3.1) - - '@hookform/resolvers@3.9.0(react-hook-form@7.53.0(react@18.3.1))': - dependencies: - react-hook-form: 7.53.0(react@18.3.1) - - '@humanwhocodes/module-importer@1.0.1': {} - - '@humanwhocodes/retry@0.3.0': {} - - '@img/sharp-darwin-arm64@0.33.5': - optionalDependencies: - '@img/sharp-libvips-darwin-arm64': 1.0.4 - optional: true - - '@img/sharp-darwin-x64@0.33.5': - optionalDependencies: - '@img/sharp-libvips-darwin-x64': 1.0.4 - optional: true - - '@img/sharp-libvips-darwin-arm64@1.0.4': - optional: true - - '@img/sharp-libvips-darwin-x64@1.0.4': - optional: true - - '@img/sharp-libvips-linux-arm64@1.0.4': - optional: true - - '@img/sharp-libvips-linux-arm@1.0.5': - optional: true - - '@img/sharp-libvips-linux-s390x@1.0.4': - optional: true - - '@img/sharp-libvips-linux-x64@1.0.4': - optional: true - - '@img/sharp-libvips-linuxmusl-arm64@1.0.4': - optional: true - - '@img/sharp-libvips-linuxmusl-x64@1.0.4': - optional: true - - '@img/sharp-linux-arm64@0.33.5': - optionalDependencies: - '@img/sharp-libvips-linux-arm64': 1.0.4 - optional: true - - '@img/sharp-linux-arm@0.33.5': - optionalDependencies: - '@img/sharp-libvips-linux-arm': 1.0.5 - optional: true - - '@img/sharp-linux-s390x@0.33.5': - optionalDependencies: - '@img/sharp-libvips-linux-s390x': 1.0.4 - optional: true - - '@img/sharp-linux-x64@0.33.5': - optionalDependencies: - '@img/sharp-libvips-linux-x64': 1.0.4 - optional: true - - '@img/sharp-linuxmusl-arm64@0.33.5': - optionalDependencies: - '@img/sharp-libvips-linuxmusl-arm64': 1.0.4 - optional: true - - '@img/sharp-linuxmusl-x64@0.33.5': - optionalDependencies: - '@img/sharp-libvips-linuxmusl-x64': 1.0.4 - optional: true - - '@img/sharp-wasm32@0.33.5': - dependencies: - '@emnapi/runtime': 1.2.0 - optional: true - - '@img/sharp-win32-ia32@0.33.5': - optional: true - - '@img/sharp-win32-x64@0.33.5': - optional: true - - '@isaacs/cliui@8.0.2': - dependencies: - string-width: 5.1.2 - string-width-cjs: string-width@4.2.3 - strip-ansi: 7.1.0 - strip-ansi-cjs: strip-ansi@6.0.1 - wrap-ansi: 8.1.0 - wrap-ansi-cjs: wrap-ansi@7.0.0 - - '@logto/client@2.8.1': - dependencies: - '@logto/js': 4.2.0 - '@silverhand/essentials': 2.9.2 - camelcase-keys: 7.0.2 - jose: 5.9.6 - - '@logto/js@4.2.0': - dependencies: - '@silverhand/essentials': 2.9.2 - camelcase-keys: 7.0.2 - - '@logto/next@3.7.1(next@14.2.7(react-dom@18.3.1(react@18.3.1))(react@18.3.1)(sass@1.77.8))': - dependencies: - '@edge-runtime/cookies': 4.1.1 - '@logto/node': 2.5.8 - cookie: 0.6.0 - next: 14.2.7(react-dom@18.3.1(react@18.3.1))(react@18.3.1)(sass@1.77.8) - - '@logto/node@2.5.8': - dependencies: - '@logto/client': 2.8.1 - '@silverhand/essentials': 2.9.2 - js-base64: 3.7.7 - - '@mux/blurhash@0.1.2': - dependencies: - blurhash: 1.1.5 - sharp: 0.30.7 - - '@mux/mux-player-react@2.9.1(@types/react-dom@18.3.0)(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1)': - dependencies: - '@mux/mux-player': 2.9.1 - '@mux/playback-core': 0.25.2 - prop-types: 15.8.1 - react: 18.3.1 - react-dom: 18.3.1(react@18.3.1) - optionalDependencies: - '@types/react': 18.3.5 - '@types/react-dom': 18.3.0 - - '@mux/mux-player@2.9.1': - dependencies: - '@mux/mux-video': 0.20.2 - '@mux/playback-core': 0.25.2 - media-chrome: 3.2.5 - - '@mux/mux-video@0.20.2': - dependencies: - '@mux/playback-core': 0.25.2 - castable-video: 1.0.10 - custom-media-element: 1.3.2 - media-tracks: 0.3.3 - - '@mux/playback-core@0.25.2': - dependencies: - hls.js: 1.5.15 - mux-embed: 5.2.1 - - '@next/env@14.2.7': {} - - '@next/eslint-plugin-next@14.2.7': - dependencies: - glob: 10.3.10 - - '@next/swc-darwin-arm64@14.2.7': - optional: true - - '@next/swc-darwin-x64@14.2.7': - optional: true - - '@next/swc-linux-arm64-gnu@14.2.7': - optional: true - - '@next/swc-linux-arm64-musl@14.2.7': - optional: true - - '@next/swc-linux-x64-gnu@14.2.7': - optional: true - - '@next/swc-linux-x64-musl@14.2.7': - optional: true - - '@next/swc-win32-arm64-msvc@14.2.7': - optional: true - - '@next/swc-win32-ia32-msvc@14.2.7': - optional: true - - '@next/swc-win32-x64-msvc@14.2.7': - optional: true - - '@noble/hashes@1.5.0': {} - - '@nodelib/fs.scandir@2.1.5': - dependencies: - '@nodelib/fs.stat': 2.0.5 - run-parallel: 1.2.0 - - '@nodelib/fs.stat@2.0.5': {} - - '@nodelib/fs.walk@1.2.8': - dependencies: - '@nodelib/fs.scandir': 2.1.5 - fastq: 1.17.1 - - '@nolyfill/is-core-module@1.0.39': {} - - '@panva/hkdf@1.2.1': {} - - '@paralleldrive/cuid2@2.2.2': - dependencies: - '@noble/hashes': 1.5.0 - - '@pkgjs/parseargs@0.11.0': - optional: true - - '@react-hookz/deep-equal@1.0.4': {} - - '@react-hookz/web@24.0.4(react-dom@18.3.1(react@18.3.1))(react@18.3.1)': - dependencies: - '@react-hookz/deep-equal': 1.0.4 - react: 18.3.1 - react-dom: 18.3.1(react@18.3.1) - - '@rtsao/scc@1.1.0': {} - - '@rushstack/eslint-patch@1.10.4': {} - - '@silverhand/essentials@2.9.2': {} - - '@swc/counter@0.1.3': {} - - '@swc/helpers@0.5.5': - dependencies: - '@swc/counter': 0.1.3 - tslib: 2.7.0 - - '@tanstack/query-core@5.53.3': {} - - '@tanstack/react-query@5.53.3(react@18.3.1)': - dependencies: - '@tanstack/query-core': 5.53.3 - react: 18.3.1 - - '@tanstack/react-table@8.20.5(react-dom@18.3.1(react@18.3.1))(react@18.3.1)': - dependencies: - '@tanstack/table-core': 8.20.5 - react: 18.3.1 - react-dom: 18.3.1(react@18.3.1) - - '@tanstack/table-core@8.20.5': {} - - '@transloadit/prettier-bytes@0.3.4': {} - - '@types/json-schema@7.0.15': {} - - '@types/json5@0.0.29': {} - - '@types/lodash@4.17.7': {} - - '@types/node@22.5.2': - dependencies: - undici-types: 6.19.8 - - '@types/prop-types@15.7.12': {} - - '@types/qs@6.9.15': {} - - '@types/react-dom@18.3.0': - dependencies: - '@types/react': 18.3.5 - - '@types/react@18.3.5': - dependencies: - '@types/prop-types': 15.7.12 - csstype: 3.1.3 - - '@types/retry@0.12.2': {} - - '@types/stylis@4.2.5': {} - - '@typescript-eslint/parser@7.2.0(eslint@9.9.1)(typescript@5.5.4)': - dependencies: - '@typescript-eslint/scope-manager': 7.2.0 - '@typescript-eslint/types': 7.2.0 - '@typescript-eslint/typescript-estree': 7.2.0(typescript@5.5.4) - '@typescript-eslint/visitor-keys': 7.2.0 - debug: 4.3.6 - eslint: 9.9.1 - optionalDependencies: - typescript: 5.5.4 - transitivePeerDependencies: - - supports-color - - '@typescript-eslint/scope-manager@7.2.0': - dependencies: - '@typescript-eslint/types': 7.2.0 - '@typescript-eslint/visitor-keys': 7.2.0 - - '@typescript-eslint/types@7.2.0': {} - - '@typescript-eslint/typescript-estree@7.2.0(typescript@5.5.4)': - dependencies: - '@typescript-eslint/types': 7.2.0 - '@typescript-eslint/visitor-keys': 7.2.0 - debug: 4.3.6 - globby: 11.1.0 - is-glob: 4.0.3 - minimatch: 9.0.3 - semver: 7.6.3 - ts-api-utils: 1.3.0(typescript@5.5.4) - optionalDependencies: - typescript: 5.5.4 - transitivePeerDependencies: - - supports-color - - '@typescript-eslint/visitor-keys@7.2.0': - dependencies: - '@typescript-eslint/types': 7.2.0 - eslint-visitor-keys: 3.4.3 - - '@uppy/aws-s3-multipart@4.0.0(@uppy/core@4.2.0)': - dependencies: - '@uppy/aws-s3': 4.1.0(@uppy/core@4.2.0) - transitivePeerDependencies: - - '@uppy/core' - - '@uppy/aws-s3@4.1.0(@uppy/core@4.2.0)': - dependencies: - '@uppy/companion-client': 4.1.0(@uppy/core@4.2.0) - '@uppy/core': 4.2.0 - '@uppy/utils': 6.0.2 - - '@uppy/box@3.1.0(@uppy/core@4.2.0)': - dependencies: - '@uppy/companion-client': 4.1.0(@uppy/core@4.2.0) - '@uppy/core': 4.2.0 - '@uppy/provider-views': 4.0.1(@uppy/core@4.2.0) - '@uppy/utils': 6.0.2 - preact: 10.23.2 - - '@uppy/companion-client@4.1.0(@uppy/core@4.2.0)': - dependencies: - '@uppy/core': 4.2.0 - '@uppy/utils': 6.0.2 - namespace-emitter: 2.0.1 - p-retry: 6.2.0 - - '@uppy/core@4.2.0': - dependencies: - '@transloadit/prettier-bytes': 0.3.4 - '@uppy/store-default': 4.1.0 - '@uppy/utils': 6.0.2 - lodash: 4.17.21 - mime-match: 1.0.2 - namespace-emitter: 2.0.1 - nanoid: 5.0.7 - preact: 10.23.2 - - '@uppy/dashboard@4.1.0(@uppy/core@4.2.0)': - dependencies: - '@transloadit/prettier-bytes': 0.3.4 - '@uppy/core': 4.2.0 - '@uppy/informer': 4.1.0(@uppy/core@4.2.0) - '@uppy/provider-views': 4.0.1(@uppy/core@4.2.0) - '@uppy/status-bar': 4.0.3(@uppy/core@4.2.0) - '@uppy/thumbnail-generator': 4.0.0(@uppy/core@4.2.0) - '@uppy/utils': 6.0.2 - classnames: 2.5.1 - lodash: 4.17.21 - memoize-one: 6.0.0 - nanoid: 5.0.7 - preact: 10.23.2 - shallow-equal: 3.1.0 - - '@uppy/drag-drop@4.0.2(@uppy/core@4.2.0)': - dependencies: - '@uppy/core': 4.2.0 - '@uppy/utils': 6.0.2 - preact: 10.23.2 - - '@uppy/dropbox@4.1.0(@uppy/core@4.2.0)': - dependencies: - '@uppy/companion-client': 4.1.0(@uppy/core@4.2.0) - '@uppy/core': 4.2.0 - '@uppy/provider-views': 4.0.1(@uppy/core@4.2.0) - '@uppy/utils': 6.0.2 - preact: 10.23.2 - - '@uppy/facebook@4.1.0(@uppy/core@4.2.0)': - dependencies: - '@uppy/companion-client': 4.1.0(@uppy/core@4.2.0) - '@uppy/core': 4.2.0 - '@uppy/provider-views': 4.0.1(@uppy/core@4.2.0) - '@uppy/utils': 6.0.2 - preact: 10.23.2 - - '@uppy/file-input@4.0.1(@uppy/core@4.2.0)': - dependencies: - '@uppy/core': 4.2.0 - '@uppy/utils': 6.0.2 - preact: 10.23.2 - - '@uppy/google-drive@4.1.0(@uppy/core@4.2.0)': - dependencies: - '@uppy/companion-client': 4.1.0(@uppy/core@4.2.0) - '@uppy/core': 4.2.0 - '@uppy/provider-views': 4.0.1(@uppy/core@4.2.0) - '@uppy/utils': 6.0.2 - preact: 10.23.2 - - '@uppy/google-photos@0.3.0(@uppy/core@4.2.0)': - dependencies: - '@uppy/companion-client': 4.1.0(@uppy/core@4.2.0) - '@uppy/core': 4.2.0 - '@uppy/provider-views': 4.0.1(@uppy/core@4.2.0) - '@uppy/utils': 6.0.2 - preact: 10.23.2 - - '@uppy/informer@4.1.0(@uppy/core@4.2.0)': - dependencies: - '@uppy/core': 4.2.0 - '@uppy/utils': 6.0.2 - preact: 10.23.2 - - '@uppy/instagram@4.1.0(@uppy/core@4.2.0)': - dependencies: - '@uppy/companion-client': 4.1.0(@uppy/core@4.2.0) - '@uppy/core': 4.2.0 - '@uppy/provider-views': 4.0.1(@uppy/core@4.2.0) - '@uppy/utils': 6.0.2 - preact: 10.23.2 - - '@uppy/onedrive@4.1.0(@uppy/core@4.2.0)': - dependencies: - '@uppy/companion-client': 4.1.0(@uppy/core@4.2.0) - '@uppy/core': 4.2.0 - '@uppy/provider-views': 4.0.1(@uppy/core@4.2.0) - '@uppy/utils': 6.0.2 - preact: 10.23.2 - - '@uppy/progress-bar@4.0.0(@uppy/core@4.2.0)': - dependencies: - '@uppy/core': 4.2.0 - '@uppy/utils': 6.0.2 - preact: 10.23.2 - - '@uppy/provider-views@4.0.1(@uppy/core@4.2.0)': - dependencies: - '@uppy/core': 4.2.0 - '@uppy/utils': 6.0.2 - classnames: 2.5.1 - nanoid: 5.0.7 - p-queue: 8.0.1 - preact: 10.23.2 - - '@uppy/react@4.0.2(@uppy/core@4.2.0)(@uppy/dashboard@4.1.0(@uppy/core@4.2.0))(@uppy/drag-drop@4.0.2(@uppy/core@4.2.0))(@uppy/file-input@4.0.1(@uppy/core@4.2.0))(@uppy/progress-bar@4.0.0(@uppy/core@4.2.0))(@uppy/status-bar@4.0.3(@uppy/core@4.2.0))(react@18.3.1)': - dependencies: - '@uppy/core': 4.2.0 - '@uppy/utils': 6.0.2 - react: 18.3.1 - use-sync-external-store: 1.2.2(react@18.3.1) - optionalDependencies: - '@uppy/dashboard': 4.1.0(@uppy/core@4.2.0) - '@uppy/drag-drop': 4.0.2(@uppy/core@4.2.0) - '@uppy/file-input': 4.0.1(@uppy/core@4.2.0) - '@uppy/progress-bar': 4.0.0(@uppy/core@4.2.0) - '@uppy/status-bar': 4.0.3(@uppy/core@4.2.0) - - '@uppy/remote-sources@2.2.0(@uppy/core@4.2.0)': - dependencies: - '@uppy/box': 3.1.0(@uppy/core@4.2.0) - '@uppy/core': 4.2.0 - '@uppy/dashboard': 4.1.0(@uppy/core@4.2.0) - '@uppy/dropbox': 4.1.0(@uppy/core@4.2.0) - '@uppy/facebook': 4.1.0(@uppy/core@4.2.0) - '@uppy/google-drive': 4.1.0(@uppy/core@4.2.0) - '@uppy/google-photos': 0.3.0(@uppy/core@4.2.0) - '@uppy/instagram': 4.1.0(@uppy/core@4.2.0) - '@uppy/onedrive': 4.1.0(@uppy/core@4.2.0) - '@uppy/unsplash': 4.1.0(@uppy/core@4.2.0) - '@uppy/url': 4.1.0(@uppy/core@4.2.0) - '@uppy/zoom': 3.1.0(@uppy/core@4.2.0) - - '@uppy/status-bar@4.0.3(@uppy/core@4.2.0)': - dependencies: - '@transloadit/prettier-bytes': 0.3.4 - '@uppy/core': 4.2.0 - '@uppy/utils': 6.0.2 - classnames: 2.5.1 - preact: 10.23.2 - - '@uppy/store-default@4.1.0': {} - - '@uppy/thumbnail-generator@4.0.0(@uppy/core@4.2.0)': - dependencies: - '@uppy/core': 4.2.0 - '@uppy/utils': 6.0.2 - exifr: 7.1.3 - - '@uppy/unsplash@4.1.0(@uppy/core@4.2.0)': - dependencies: - '@uppy/companion-client': 4.1.0(@uppy/core@4.2.0) - '@uppy/core': 4.2.0 - '@uppy/provider-views': 4.0.1(@uppy/core@4.2.0) - '@uppy/utils': 6.0.2 - preact: 10.23.2 - - '@uppy/url@4.1.0(@uppy/core@4.2.0)': - dependencies: - '@uppy/companion-client': 4.1.0(@uppy/core@4.2.0) - '@uppy/core': 4.2.0 - '@uppy/utils': 6.0.2 - nanoid: 5.0.7 - preact: 10.23.2 - - '@uppy/utils@6.0.2': - dependencies: - lodash: 4.17.21 - preact: 10.23.2 - - '@uppy/zoom@3.1.0(@uppy/core@4.2.0)': - dependencies: - '@uppy/companion-client': 4.1.0(@uppy/core@4.2.0) - '@uppy/core': 4.2.0 - '@uppy/provider-views': 4.0.1(@uppy/core@4.2.0) - '@uppy/utils': 6.0.2 - preact: 10.23.2 - - acorn-jsx@5.3.2(acorn@8.12.1): - dependencies: - acorn: 8.12.1 - - acorn@8.12.1: {} - - ajv@6.12.6: - dependencies: - fast-deep-equal: 3.1.3 - fast-json-stable-stringify: 2.1.0 - json-schema-traverse: 0.4.1 - uri-js: 4.4.1 - - ansi-regex@5.0.1: {} - - ansi-regex@6.0.1: {} - - ansi-styles@4.3.0: - dependencies: - color-convert: 2.0.1 - - ansi-styles@6.2.1: {} - - anymatch@3.1.3: - dependencies: - normalize-path: 3.0.0 - picomatch: 2.3.1 - - argparse@1.0.10: - dependencies: - sprintf-js: 1.0.3 - - argparse@2.0.1: {} - - aria-query@5.1.3: - dependencies: - deep-equal: 2.2.3 - - array-buffer-byte-length@1.0.1: - dependencies: - call-bind: 1.0.7 - is-array-buffer: 3.0.4 - - array-includes@3.1.8: - dependencies: - call-bind: 1.0.7 - define-properties: 1.2.1 - es-abstract: 1.23.3 - es-object-atoms: 1.0.0 - get-intrinsic: 1.2.4 - is-string: 1.0.7 - - array-union@2.1.0: {} - - array.prototype.findlast@1.2.5: - dependencies: - call-bind: 1.0.7 - define-properties: 1.2.1 - es-abstract: 1.23.3 - es-errors: 1.3.0 - es-object-atoms: 1.0.0 - es-shim-unscopables: 1.0.2 - - array.prototype.findlastindex@1.2.5: - dependencies: - call-bind: 1.0.7 - define-properties: 1.2.1 - es-abstract: 1.23.3 - es-errors: 1.3.0 - es-object-atoms: 1.0.0 - es-shim-unscopables: 1.0.2 - - array.prototype.flat@1.3.2: - dependencies: - call-bind: 1.0.7 - define-properties: 1.2.1 - es-abstract: 1.23.3 - es-shim-unscopables: 1.0.2 - - array.prototype.flatmap@1.3.2: - dependencies: - call-bind: 1.0.7 - define-properties: 1.2.1 - es-abstract: 1.23.3 - es-shim-unscopables: 1.0.2 - - array.prototype.tosorted@1.1.4: - dependencies: - call-bind: 1.0.7 - define-properties: 1.2.1 - es-abstract: 1.23.3 - es-errors: 1.3.0 - es-shim-unscopables: 1.0.2 - - arraybuffer.prototype.slice@1.0.3: - dependencies: - array-buffer-byte-length: 1.0.1 - call-bind: 1.0.7 - define-properties: 1.2.1 - es-abstract: 1.23.3 - es-errors: 1.3.0 - get-intrinsic: 1.2.4 - is-array-buffer: 3.0.4 - is-shared-array-buffer: 1.0.3 - - ast-types-flow@0.0.8: {} - - available-typed-arrays@1.0.7: - dependencies: - possible-typed-array-names: 1.0.0 - - axe-core@4.10.0: {} - - axobject-query@3.1.1: - dependencies: - deep-equal: 2.2.3 - - balanced-match@1.0.2: {} - - base64-js@1.5.1: {} - - binary-extensions@2.3.0: {} - - bl@4.1.0: - dependencies: - buffer: 5.7.1 - inherits: 2.0.4 - readable-stream: 3.6.2 - - blurhash@1.1.5: {} - - brace-expansion@1.1.11: - dependencies: - balanced-match: 1.0.2 - concat-map: 0.0.1 - - brace-expansion@2.0.1: - dependencies: - balanced-match: 1.0.2 - - braces@3.0.3: - dependencies: - fill-range: 7.1.1 - - buffer@5.7.1: - dependencies: - base64-js: 1.5.1 - ieee754: 1.2.1 - - bulma@1.0.2: {} - - busboy@1.6.0: - dependencies: - streamsearch: 1.1.0 - - call-bind@1.0.7: - dependencies: - es-define-property: 1.0.0 - es-errors: 1.3.0 - function-bind: 1.1.2 - get-intrinsic: 1.2.4 - set-function-length: 1.2.2 - - callsites@3.1.0: {} - - camelcase-keys@7.0.2: - dependencies: - camelcase: 6.3.0 - map-obj: 4.3.0 - quick-lru: 5.1.1 - type-fest: 1.4.0 - - camelcase@6.3.0: {} - - camelize@1.0.1: {} - - caniuse-lite@1.0.30001655: {} - - castable-video@1.0.10: - dependencies: - custom-media-element: 1.3.2 - - chalk@4.1.2: - dependencies: - ansi-styles: 4.3.0 - supports-color: 7.2.0 - - chokidar@3.6.0: - dependencies: - anymatch: 3.1.3 - braces: 3.0.3 - glob-parent: 5.1.2 - is-binary-path: 2.1.0 - is-glob: 4.0.3 - normalize-path: 3.0.0 - readdirp: 3.6.0 - optionalDependencies: - fsevents: 2.3.3 - - chownr@1.1.4: {} - - classnames@2.5.1: {} - - client-only@0.0.1: {} - - clsx@2.1.1: {} - - color-convert@2.0.1: - dependencies: - color-name: 1.1.4 - - color-name@1.1.4: {} - - color-string@1.9.1: - dependencies: - color-name: 1.1.4 - simple-swizzle: 0.2.2 - - color@4.2.3: - dependencies: - color-convert: 2.0.1 - color-string: 1.9.1 - - concat-map@0.0.1: {} - - cookie@0.6.0: {} - - cookie@0.7.1: {} - - core-js@3.38.1: {} - - cors@2.8.5: - dependencies: - object-assign: 4.1.1 - vary: 1.1.2 - - cross-spawn@7.0.3: - dependencies: - path-key: 3.1.1 - shebang-command: 2.0.0 - which: 2.0.2 - - css-color-keywords@1.0.0: {} - - css-to-react-native@3.2.0: - dependencies: - camelize: 1.0.1 - css-color-keywords: 1.0.0 - postcss-value-parser: 4.2.0 - - csstype@3.1.3: {} - - custom-event-polyfill@1.0.7: {} - - custom-media-element@1.3.2: {} - - damerau-levenshtein@1.0.8: {} - - data-view-buffer@1.0.1: - dependencies: - call-bind: 1.0.7 - es-errors: 1.3.0 - is-data-view: 1.0.1 - - data-view-byte-length@1.0.1: - dependencies: - call-bind: 1.0.7 - es-errors: 1.3.0 - is-data-view: 1.0.1 - - data-view-byte-offset@1.0.0: - dependencies: - call-bind: 1.0.7 - es-errors: 1.3.0 - is-data-view: 1.0.1 - - date-fns-tz@3.1.3(date-fns@3.6.0): - dependencies: - date-fns: 3.6.0 - - date-fns@3.6.0: {} - - dayjs@1.11.13: {} - - debug@3.2.7: - dependencies: - ms: 2.1.3 - - debug@4.3.6: - dependencies: - ms: 2.1.2 - - decompress-response@6.0.0: - dependencies: - mimic-response: 3.1.0 - - deep-equal@2.2.3: - dependencies: - array-buffer-byte-length: 1.0.1 - call-bind: 1.0.7 - es-get-iterator: 1.1.3 - get-intrinsic: 1.2.4 - is-arguments: 1.1.1 - is-array-buffer: 3.0.4 - is-date-object: 1.0.5 - is-regex: 1.1.4 - is-shared-array-buffer: 1.0.3 - isarray: 2.0.5 - object-is: 1.1.6 - object-keys: 1.1.1 - object.assign: 4.1.5 - regexp.prototype.flags: 1.5.2 - side-channel: 1.0.6 - which-boxed-primitive: 1.0.2 - which-collection: 1.0.2 - which-typed-array: 1.1.15 - - deep-extend@0.6.0: {} - - deep-is@0.1.4: {} - - deepmerge@4.3.1: {} - - define-data-property@1.1.4: - dependencies: - es-define-property: 1.0.0 - es-errors: 1.3.0 - gopd: 1.0.1 - - define-properties@1.2.1: - dependencies: - define-data-property: 1.1.4 - has-property-descriptors: 1.0.2 - object-keys: 1.1.1 - - detect-libc@2.0.3: {} - - dir-glob@3.0.1: - dependencies: - path-type: 4.0.0 - - doctrine@2.1.0: - dependencies: - esutils: 2.0.3 - - dotenv@16.4.5: {} - - eastasianwidth@0.2.0: {} - - emoji-regex@8.0.0: {} - - emoji-regex@9.2.2: {} - - end-of-stream@1.4.4: - dependencies: - once: 1.4.0 - - enhanced-resolve@5.17.1: - dependencies: - graceful-fs: 4.2.11 - tapable: 2.2.1 - - es-abstract@1.23.3: - dependencies: - array-buffer-byte-length: 1.0.1 - arraybuffer.prototype.slice: 1.0.3 - available-typed-arrays: 1.0.7 - call-bind: 1.0.7 - data-view-buffer: 1.0.1 - data-view-byte-length: 1.0.1 - data-view-byte-offset: 1.0.0 - es-define-property: 1.0.0 - es-errors: 1.3.0 - es-object-atoms: 1.0.0 - es-set-tostringtag: 2.0.3 - es-to-primitive: 1.2.1 - function.prototype.name: 1.1.6 - get-intrinsic: 1.2.4 - get-symbol-description: 1.0.2 - globalthis: 1.0.4 - gopd: 1.0.1 - has-property-descriptors: 1.0.2 - has-proto: 1.0.3 - has-symbols: 1.0.3 - hasown: 2.0.2 - internal-slot: 1.0.7 - is-array-buffer: 3.0.4 - is-callable: 1.2.7 - is-data-view: 1.0.1 - is-negative-zero: 2.0.3 - is-regex: 1.1.4 - is-shared-array-buffer: 1.0.3 - is-string: 1.0.7 - is-typed-array: 1.1.13 - is-weakref: 1.0.2 - object-inspect: 1.13.2 - object-keys: 1.1.1 - object.assign: 4.1.5 - regexp.prototype.flags: 1.5.2 - safe-array-concat: 1.1.2 - safe-regex-test: 1.0.3 - string.prototype.trim: 1.2.9 - string.prototype.trimend: 1.0.8 - string.prototype.trimstart: 1.0.8 - typed-array-buffer: 1.0.2 - typed-array-byte-length: 1.0.1 - typed-array-byte-offset: 1.0.2 - typed-array-length: 1.0.6 - unbox-primitive: 1.0.2 - which-typed-array: 1.1.15 - - es-define-property@1.0.0: - dependencies: - get-intrinsic: 1.2.4 - - es-errors@1.3.0: {} - - es-get-iterator@1.1.3: - dependencies: - call-bind: 1.0.7 - get-intrinsic: 1.2.4 - has-symbols: 1.0.3 - is-arguments: 1.1.1 - is-map: 2.0.3 - is-set: 2.0.3 - is-string: 1.0.7 - isarray: 2.0.5 - stop-iteration-iterator: 1.0.0 - - es-iterator-helpers@1.0.19: - dependencies: - call-bind: 1.0.7 - define-properties: 1.2.1 - es-abstract: 1.23.3 - es-errors: 1.3.0 - es-set-tostringtag: 2.0.3 - function-bind: 1.1.2 - get-intrinsic: 1.2.4 - globalthis: 1.0.4 - has-property-descriptors: 1.0.2 - has-proto: 1.0.3 - has-symbols: 1.0.3 - internal-slot: 1.0.7 - iterator.prototype: 1.1.2 - safe-array-concat: 1.1.2 - - es-object-atoms@1.0.0: - dependencies: - es-errors: 1.3.0 - - es-set-tostringtag@2.0.3: - dependencies: - get-intrinsic: 1.2.4 - has-tostringtag: 1.0.2 - hasown: 2.0.2 - - es-shim-unscopables@1.0.2: - dependencies: - hasown: 2.0.2 - - es-to-primitive@1.2.1: - dependencies: - is-callable: 1.2.7 - is-date-object: 1.0.5 - is-symbol: 1.0.4 - - escape-string-regexp@4.0.0: {} - - eslint-config-next@14.2.7(eslint@9.9.1)(typescript@5.5.4): - dependencies: - '@next/eslint-plugin-next': 14.2.7 - '@rushstack/eslint-patch': 1.10.4 - '@typescript-eslint/parser': 7.2.0(eslint@9.9.1)(typescript@5.5.4) - eslint: 9.9.1 - eslint-import-resolver-node: 0.3.9 - eslint-import-resolver-typescript: 3.6.3(@typescript-eslint/parser@7.2.0(eslint@9.9.1)(typescript@5.5.4))(eslint-import-resolver-node@0.3.9)(eslint-plugin-import@2.30.0(eslint@9.9.1))(eslint@9.9.1) - eslint-plugin-import: 2.30.0(@typescript-eslint/parser@7.2.0(eslint@9.9.1)(typescript@5.5.4))(eslint-import-resolver-typescript@3.6.3(@typescript-eslint/parser@7.2.0(eslint@9.9.1)(typescript@5.5.4))(eslint-import-resolver-node@0.3.9)(eslint-plugin-import@2.30.0(eslint@9.9.1))(eslint@9.9.1))(eslint@9.9.1) - eslint-plugin-jsx-a11y: 6.9.0(eslint@9.9.1) - eslint-plugin-react: 7.35.1(eslint@9.9.1) - eslint-plugin-react-hooks: 4.6.2(eslint@9.9.1) - optionalDependencies: - typescript: 5.5.4 - transitivePeerDependencies: - - eslint-import-resolver-webpack - - eslint-plugin-import-x - - supports-color - - eslint-import-resolver-node@0.3.9: - dependencies: - debug: 3.2.7 - is-core-module: 2.15.1 - resolve: 1.22.8 - transitivePeerDependencies: - - supports-color - - eslint-import-resolver-typescript@3.6.3(@typescript-eslint/parser@7.2.0(eslint@9.9.1)(typescript@5.5.4))(eslint-import-resolver-node@0.3.9)(eslint-plugin-import@2.30.0(eslint@9.9.1))(eslint@9.9.1): - dependencies: - '@nolyfill/is-core-module': 1.0.39 - debug: 4.3.6 - enhanced-resolve: 5.17.1 - eslint: 9.9.1 - eslint-module-utils: 2.9.0(@typescript-eslint/parser@7.2.0(eslint@9.9.1)(typescript@5.5.4))(eslint-import-resolver-node@0.3.9)(eslint-import-resolver-typescript@3.6.3(@typescript-eslint/parser@7.2.0(eslint@9.9.1)(typescript@5.5.4))(eslint-import-resolver-node@0.3.9)(eslint-plugin-import@2.30.0(eslint@9.9.1))(eslint@9.9.1))(eslint@9.9.1) - fast-glob: 3.3.2 - get-tsconfig: 4.8.0 - is-bun-module: 1.1.0 - is-glob: 4.0.3 - optionalDependencies: - eslint-plugin-import: 2.30.0(@typescript-eslint/parser@7.2.0(eslint@9.9.1)(typescript@5.5.4))(eslint-import-resolver-typescript@3.6.3(@typescript-eslint/parser@7.2.0(eslint@9.9.1)(typescript@5.5.4))(eslint-import-resolver-node@0.3.9)(eslint-plugin-import@2.30.0(eslint@9.9.1))(eslint@9.9.1))(eslint@9.9.1) - transitivePeerDependencies: - - '@typescript-eslint/parser' - - eslint-import-resolver-node - - eslint-import-resolver-webpack - - supports-color - - eslint-module-utils@2.9.0(@typescript-eslint/parser@7.2.0(eslint@9.9.1)(typescript@5.5.4))(eslint-import-resolver-node@0.3.9)(eslint-import-resolver-typescript@3.6.3(@typescript-eslint/parser@7.2.0(eslint@9.9.1)(typescript@5.5.4))(eslint-import-resolver-node@0.3.9)(eslint-plugin-import@2.30.0(eslint@9.9.1))(eslint@9.9.1))(eslint@9.9.1): - dependencies: - debug: 3.2.7 - optionalDependencies: - '@typescript-eslint/parser': 7.2.0(eslint@9.9.1)(typescript@5.5.4) - eslint: 9.9.1 - eslint-import-resolver-node: 0.3.9 - eslint-import-resolver-typescript: 3.6.3(@typescript-eslint/parser@7.2.0(eslint@9.9.1)(typescript@5.5.4))(eslint-import-resolver-node@0.3.9)(eslint-plugin-import@2.30.0(eslint@9.9.1))(eslint@9.9.1) - transitivePeerDependencies: - - supports-color - - eslint-plugin-import@2.30.0(@typescript-eslint/parser@7.2.0(eslint@9.9.1)(typescript@5.5.4))(eslint-import-resolver-typescript@3.6.3(@typescript-eslint/parser@7.2.0(eslint@9.9.1)(typescript@5.5.4))(eslint-import-resolver-node@0.3.9)(eslint-plugin-import@2.30.0(eslint@9.9.1))(eslint@9.9.1))(eslint@9.9.1): - dependencies: - '@rtsao/scc': 1.1.0 - array-includes: 3.1.8 - array.prototype.findlastindex: 1.2.5 - array.prototype.flat: 1.3.2 - array.prototype.flatmap: 1.3.2 - debug: 3.2.7 - doctrine: 2.1.0 - eslint: 9.9.1 - eslint-import-resolver-node: 0.3.9 - eslint-module-utils: 2.9.0(@typescript-eslint/parser@7.2.0(eslint@9.9.1)(typescript@5.5.4))(eslint-import-resolver-node@0.3.9)(eslint-import-resolver-typescript@3.6.3(@typescript-eslint/parser@7.2.0(eslint@9.9.1)(typescript@5.5.4))(eslint-import-resolver-node@0.3.9)(eslint-plugin-import@2.30.0(eslint@9.9.1))(eslint@9.9.1))(eslint@9.9.1) - hasown: 2.0.2 - is-core-module: 2.15.1 - is-glob: 4.0.3 - minimatch: 3.1.2 - object.fromentries: 2.0.8 - object.groupby: 1.0.3 - object.values: 1.2.0 - semver: 6.3.1 - tsconfig-paths: 3.15.0 - optionalDependencies: - '@typescript-eslint/parser': 7.2.0(eslint@9.9.1)(typescript@5.5.4) - transitivePeerDependencies: - - eslint-import-resolver-typescript - - eslint-import-resolver-webpack - - supports-color - - eslint-plugin-jsx-a11y@6.9.0(eslint@9.9.1): - dependencies: - aria-query: 5.1.3 - array-includes: 3.1.8 - array.prototype.flatmap: 1.3.2 - ast-types-flow: 0.0.8 - axe-core: 4.10.0 - axobject-query: 3.1.1 - damerau-levenshtein: 1.0.8 - emoji-regex: 9.2.2 - es-iterator-helpers: 1.0.19 - eslint: 9.9.1 - hasown: 2.0.2 - jsx-ast-utils: 3.3.5 - language-tags: 1.0.9 - minimatch: 3.1.2 - object.fromentries: 2.0.8 - safe-regex-test: 1.0.3 - string.prototype.includes: 2.0.0 - - eslint-plugin-react-hooks@4.6.2(eslint@9.9.1): - dependencies: - eslint: 9.9.1 - - eslint-plugin-react@7.35.1(eslint@9.9.1): - dependencies: - array-includes: 3.1.8 - array.prototype.findlast: 1.2.5 - array.prototype.flatmap: 1.3.2 - array.prototype.tosorted: 1.1.4 - doctrine: 2.1.0 - es-iterator-helpers: 1.0.19 - eslint: 9.9.1 - estraverse: 5.3.0 - hasown: 2.0.2 - jsx-ast-utils: 3.3.5 - minimatch: 3.1.2 - object.entries: 1.1.8 - object.fromentries: 2.0.8 - object.values: 1.2.0 - prop-types: 15.8.1 - resolve: 2.0.0-next.5 - semver: 6.3.1 - string.prototype.matchall: 4.0.11 - string.prototype.repeat: 1.0.0 - - eslint-scope@8.0.2: - dependencies: - esrecurse: 4.3.0 - estraverse: 5.3.0 - - eslint-visitor-keys@3.4.3: {} - - eslint-visitor-keys@4.0.0: {} - - eslint@9.9.1: - dependencies: - '@eslint-community/eslint-utils': 4.4.0(eslint@9.9.1) - '@eslint-community/regexpp': 4.11.0 - '@eslint/config-array': 0.18.0 - '@eslint/eslintrc': 3.1.0 - '@eslint/js': 9.9.1 - '@humanwhocodes/module-importer': 1.0.1 - '@humanwhocodes/retry': 0.3.0 - '@nodelib/fs.walk': 1.2.8 - ajv: 6.12.6 - chalk: 4.1.2 - cross-spawn: 7.0.3 - debug: 4.3.6 - escape-string-regexp: 4.0.0 - eslint-scope: 8.0.2 - eslint-visitor-keys: 4.0.0 - espree: 10.1.0 - esquery: 1.6.0 - esutils: 2.0.3 - fast-deep-equal: 3.1.3 - file-entry-cache: 8.0.0 - find-up: 5.0.0 - glob-parent: 6.0.2 - ignore: 5.3.2 - imurmurhash: 0.1.4 - is-glob: 4.0.3 - is-path-inside: 3.0.3 - json-stable-stringify-without-jsonify: 1.0.1 - levn: 0.4.1 - lodash.merge: 4.6.2 - minimatch: 3.1.2 - natural-compare: 1.4.0 - optionator: 0.9.4 - strip-ansi: 6.0.1 - text-table: 0.2.0 - transitivePeerDependencies: - - supports-color - - espree@10.1.0: - dependencies: - acorn: 8.12.1 - acorn-jsx: 5.3.2(acorn@8.12.1) - eslint-visitor-keys: 4.0.0 - - esprima@4.0.1: {} - - esquery@1.6.0: - dependencies: - estraverse: 5.3.0 - - esrecurse@4.3.0: - dependencies: - estraverse: 5.3.0 - - estraverse@5.3.0: {} - - esutils@2.0.3: {} - - eventemitter3@5.0.1: {} - - exifr@7.1.3: {} - - expand-template@2.0.3: {} - - extend-shallow@2.0.1: - dependencies: - is-extendable: 0.1.1 - - fast-deep-equal@3.1.3: {} - - fast-glob@3.3.2: - dependencies: - '@nodelib/fs.stat': 2.0.5 - '@nodelib/fs.walk': 1.2.8 - glob-parent: 5.1.2 - merge2: 1.4.1 - micromatch: 4.0.8 - - fast-json-stable-stringify@2.1.0: {} - - fast-levenshtein@2.0.6: {} - - fastq@1.17.1: - dependencies: - reusify: 1.0.4 - - feed@4.2.2: - dependencies: - xml-js: 1.6.11 - - file-entry-cache@8.0.0: - dependencies: - flat-cache: 4.0.1 - - fill-range@7.1.1: - dependencies: - to-regex-range: 5.0.1 - - find-up@5.0.0: - dependencies: - locate-path: 6.0.0 - path-exists: 4.0.0 - - flat-cache@4.0.1: - dependencies: - flatted: 3.3.1 - keyv: 4.5.4 - - flatted@3.3.1: {} - - for-each@0.3.3: - dependencies: - is-callable: 1.2.7 - - foreground-child@3.3.0: - dependencies: - cross-spawn: 7.0.3 - signal-exit: 4.1.0 - - fs-constants@1.0.0: {} - - fsevents@2.3.3: - optional: true - - function-bind@1.1.2: {} - - function.prototype.name@1.1.6: - dependencies: - call-bind: 1.0.7 - define-properties: 1.2.1 - es-abstract: 1.23.3 - functions-have-names: 1.2.3 - - functions-have-names@1.2.3: {} - - get-intrinsic@1.2.4: - dependencies: - es-errors: 1.3.0 - function-bind: 1.1.2 - has-proto: 1.0.3 - has-symbols: 1.0.3 - hasown: 2.0.2 - - get-symbol-description@1.0.2: - dependencies: - call-bind: 1.0.7 - es-errors: 1.3.0 - get-intrinsic: 1.2.4 - - get-tsconfig@4.8.0: - dependencies: - resolve-pkg-maps: 1.0.0 - - github-from-package@0.0.0: {} - - glob-parent@5.1.2: - dependencies: - is-glob: 4.0.3 - - glob-parent@6.0.2: - dependencies: - is-glob: 4.0.3 - - glob@10.3.10: - dependencies: - foreground-child: 3.3.0 - jackspeak: 2.3.6 - minimatch: 9.0.5 - minipass: 7.1.2 - path-scurry: 1.11.1 - - globals@14.0.0: {} - - globalthis@1.0.4: - dependencies: - define-properties: 1.2.1 - gopd: 1.0.1 - - globby@11.1.0: - dependencies: - array-union: 2.1.0 - dir-glob: 3.0.1 - fast-glob: 3.3.2 - ignore: 5.3.2 - merge2: 1.4.1 - slash: 3.0.0 - - gopd@1.0.1: - dependencies: - get-intrinsic: 1.2.4 - - graceful-fs@4.2.11: {} - - gray-matter@4.0.3: - dependencies: - js-yaml: 3.14.1 - kind-of: 6.0.3 - section-matter: 1.0.0 - strip-bom-string: 1.0.0 - - has-bigints@1.0.2: {} - - has-flag@4.0.0: {} - - has-property-descriptors@1.0.2: - dependencies: - es-define-property: 1.0.0 - - has-proto@1.0.3: {} - - has-symbols@1.0.3: {} - - has-tostringtag@1.0.2: - dependencies: - has-symbols: 1.0.3 - - hasown@2.0.2: - dependencies: - function-bind: 1.1.2 - - hls.js@1.5.15: {} - - ieee754@1.2.1: {} - - ignore@5.3.2: {} - - immutable@4.3.7: {} - - import-fresh@3.3.0: - dependencies: - parent-module: 1.0.1 - resolve-from: 4.0.0 - - imurmurhash@0.1.4: {} - - inherits@2.0.4: {} - - ini@1.3.8: {} - - internal-slot@1.0.7: - dependencies: - es-errors: 1.3.0 - hasown: 2.0.2 - side-channel: 1.0.6 - - is-arguments@1.1.1: - dependencies: - call-bind: 1.0.7 - has-tostringtag: 1.0.2 - - is-array-buffer@3.0.4: - dependencies: - call-bind: 1.0.7 - get-intrinsic: 1.2.4 - - is-arrayish@0.3.2: {} - - is-async-function@2.0.0: - dependencies: - has-tostringtag: 1.0.2 - - is-bigint@1.0.4: - dependencies: - has-bigints: 1.0.2 - - is-binary-path@2.1.0: - dependencies: - binary-extensions: 2.3.0 - - is-boolean-object@1.1.2: - dependencies: - call-bind: 1.0.7 - has-tostringtag: 1.0.2 - - is-bun-module@1.1.0: - dependencies: - semver: 7.6.3 - - is-callable@1.2.7: {} - - is-core-module@2.15.1: - dependencies: - hasown: 2.0.2 - - is-data-view@1.0.1: - dependencies: - is-typed-array: 1.1.13 - - is-date-object@1.0.5: - dependencies: - has-tostringtag: 1.0.2 - - is-extendable@0.1.1: {} - - is-extglob@2.1.1: {} - - is-finalizationregistry@1.0.2: - dependencies: - call-bind: 1.0.7 - - is-fullwidth-code-point@3.0.0: {} - - is-generator-function@1.0.10: - dependencies: - has-tostringtag: 1.0.2 - - is-glob@4.0.3: - dependencies: - is-extglob: 2.1.1 - - is-map@2.0.3: {} - - is-negative-zero@2.0.3: {} - - is-network-error@1.1.0: {} - - is-number-object@1.0.7: - dependencies: - has-tostringtag: 1.0.2 - - is-number@7.0.0: {} - - is-path-inside@3.0.3: {} - - is-regex@1.1.4: - dependencies: - call-bind: 1.0.7 - has-tostringtag: 1.0.2 - - is-set@2.0.3: {} - - is-shared-array-buffer@1.0.3: - dependencies: - call-bind: 1.0.7 - - is-string@1.0.7: - dependencies: - has-tostringtag: 1.0.2 - - is-symbol@1.0.4: - dependencies: - has-symbols: 1.0.3 - - is-typed-array@1.1.13: - dependencies: - which-typed-array: 1.1.15 - - is-weakmap@2.0.2: {} - - is-weakref@1.0.2: - dependencies: - call-bind: 1.0.7 - - is-weakset@2.0.3: - dependencies: - call-bind: 1.0.7 - get-intrinsic: 1.2.4 - - isarray@2.0.5: {} - - isexe@2.0.0: {} - - iterator.prototype@1.1.2: - dependencies: - define-properties: 1.2.1 - get-intrinsic: 1.2.4 - has-symbols: 1.0.3 - reflect.getprototypeof: 1.0.6 - set-function-name: 2.0.2 - - jackspeak@2.3.6: - dependencies: - '@isaacs/cliui': 8.0.2 - optionalDependencies: - '@pkgjs/parseargs': 0.11.0 - - jose@4.15.9: {} - - jose@5.9.6: {} - - js-base64@3.7.7: {} - - js-tokens@4.0.0: {} - - js-yaml@3.14.1: - dependencies: - argparse: 1.0.10 - esprima: 4.0.1 - - js-yaml@4.1.0: - dependencies: - argparse: 2.0.1 - - json-buffer@3.0.1: {} - - json-schema-traverse@0.4.1: {} - - json-stable-stringify-without-jsonify@1.0.1: {} - - json5@1.0.2: - dependencies: - minimist: 1.2.8 - - jsx-ast-utils@3.3.5: - dependencies: - array-includes: 3.1.8 - array.prototype.flat: 1.3.2 - object.assign: 4.1.5 - object.values: 1.2.0 - - jwt-decode@4.0.0: {} - - keyv@4.5.4: - dependencies: - json-buffer: 3.0.1 - - kind-of@6.0.3: {} - - language-subtag-registry@0.3.23: {} - - language-tags@1.0.9: - dependencies: - language-subtag-registry: 0.3.23 - - levn@0.4.1: - dependencies: - prelude-ls: 1.2.1 - type-check: 0.4.0 - - loadjs@4.3.0: {} - - locate-path@6.0.0: - dependencies: - p-locate: 5.0.0 - - lodash.merge@4.6.2: {} - - lodash@4.17.21: {} - - loose-envify@1.4.0: - dependencies: - js-tokens: 4.0.0 - - lru-cache@10.4.3: {} - - lru-cache@6.0.0: - dependencies: - yallist: 4.0.0 - - lunarphase-js@2.0.3: {} - - map-obj@4.3.0: {} - - media-chrome@3.2.5: {} - - media-tracks@0.3.3: {} - - memoize-one@6.0.0: {} - - merge2@1.4.1: {} - - micromatch@4.0.8: - dependencies: - braces: 3.0.3 - picomatch: 2.3.1 - - mime-match@1.0.2: - dependencies: - wildcard: 1.1.2 - - mimic-response@3.1.0: {} - - minimatch@3.1.2: - dependencies: - brace-expansion: 1.1.11 - - minimatch@9.0.3: - dependencies: - brace-expansion: 2.0.1 - - minimatch@9.0.5: - dependencies: - brace-expansion: 2.0.1 - - minimist@1.2.8: {} - - minipass@7.1.2: {} - - mkdirp-classic@0.5.3: {} - - ms@2.1.2: {} - - ms@2.1.3: {} - - multiformats@13.2.2: {} - - mux-embed@5.2.1: {} - - namespace-emitter@2.0.1: {} - - nanoid@3.3.7: {} - - nanoid@5.0.7: {} - - napi-build-utils@1.0.2: {} - - natural-compare@1.4.0: {} - - next-auth@4.24.10(next@14.2.7(react-dom@18.3.1(react@18.3.1))(react@18.3.1)(sass@1.77.8))(nodemailer@6.9.16)(react-dom@18.3.1(react@18.3.1))(react@18.3.1): - dependencies: - '@babel/runtime': 7.26.0 - '@panva/hkdf': 1.2.1 - cookie: 0.7.1 - jose: 4.15.9 - next: 14.2.7(react-dom@18.3.1(react@18.3.1))(react@18.3.1)(sass@1.77.8) - oauth: 0.9.15 - openid-client: 5.7.1 - preact: 10.23.2 - preact-render-to-string: 5.2.3(preact@10.23.2) - react: 18.3.1 - react-dom: 18.3.1(react@18.3.1) - uuid: 8.3.2 - optionalDependencies: - nodemailer: 6.9.16 - - next-goatcounter@1.0.5(next@14.2.7(react-dom@18.3.1(react@18.3.1))(react@18.3.1)(sass@1.77.8))(react-dom@18.3.1(react@18.3.1))(react@18.3.1): - dependencies: - next: 14.2.7(react-dom@18.3.1(react@18.3.1))(react@18.3.1)(sass@1.77.8) - react: 18.3.1 - react-dom: 18.3.1(react@18.3.1) - - next@14.2.7(react-dom@18.3.1(react@18.3.1))(react@18.3.1)(sass@1.77.8): - dependencies: - '@next/env': 14.2.7 - '@swc/helpers': 0.5.5 - busboy: 1.6.0 - caniuse-lite: 1.0.30001655 - graceful-fs: 4.2.11 - postcss: 8.4.31 - react: 18.3.1 - react-dom: 18.3.1(react@18.3.1) - styled-jsx: 5.1.1(react@18.3.1) - optionalDependencies: - '@next/swc-darwin-arm64': 14.2.7 - '@next/swc-darwin-x64': 14.2.7 - '@next/swc-linux-arm64-gnu': 14.2.7 - '@next/swc-linux-arm64-musl': 14.2.7 - '@next/swc-linux-x64-gnu': 14.2.7 - '@next/swc-linux-x64-musl': 14.2.7 - '@next/swc-win32-arm64-msvc': 14.2.7 - '@next/swc-win32-ia32-msvc': 14.2.7 - '@next/swc-win32-x64-msvc': 14.2.7 - sass: 1.77.8 - transitivePeerDependencies: - - '@babel/core' - - babel-plugin-macros - - nextjs-cors@2.2.0(next@14.2.7(react-dom@18.3.1(react@18.3.1))(react@18.3.1)(sass@1.77.8)): - dependencies: - cors: 2.8.5 - next: 14.2.7(react-dom@18.3.1(react@18.3.1))(react@18.3.1)(sass@1.77.8) - - nextjs-toploader@3.6.15(next@14.2.7(react-dom@18.3.1(react@18.3.1))(react@18.3.1)(sass@1.77.8))(react-dom@18.3.1(react@18.3.1))(react@18.3.1): - dependencies: - next: 14.2.7(react-dom@18.3.1(react@18.3.1))(react@18.3.1)(sass@1.77.8) - nprogress: 0.2.0 - prop-types: 15.8.1 - react: 18.3.1 - react-dom: 18.3.1(react@18.3.1) - - node-abi@3.67.0: - dependencies: - semver: 7.6.3 - - node-addon-api@5.1.0: {} - - nodemailer@6.9.16: - optional: true - - normalize-path@3.0.0: {} - - nprogress@0.2.0: {} - - oauth@0.9.15: {} - - object-assign@4.1.1: {} - - object-hash@2.2.0: {} - - object-inspect@1.13.2: {} - - object-is@1.1.6: - dependencies: - call-bind: 1.0.7 - define-properties: 1.2.1 - - object-keys@1.1.1: {} - - object.assign@4.1.5: - dependencies: - call-bind: 1.0.7 - define-properties: 1.2.1 - has-symbols: 1.0.3 - object-keys: 1.1.1 - - object.entries@1.1.8: - dependencies: - call-bind: 1.0.7 - define-properties: 1.2.1 - es-object-atoms: 1.0.0 - - object.fromentries@2.0.8: - dependencies: - call-bind: 1.0.7 - define-properties: 1.2.1 - es-abstract: 1.23.3 - es-object-atoms: 1.0.0 - - object.groupby@1.0.3: - dependencies: - call-bind: 1.0.7 - define-properties: 1.2.1 - es-abstract: 1.23.3 - - object.values@1.2.0: - dependencies: - call-bind: 1.0.7 - define-properties: 1.2.1 - es-object-atoms: 1.0.0 - - oidc-token-hash@5.0.3: {} - - once@1.4.0: - dependencies: - wrappy: 1.0.2 - - openid-client@5.7.1: - dependencies: - jose: 4.15.9 - lru-cache: 6.0.0 - object-hash: 2.2.0 - oidc-token-hash: 5.0.3 - - optionator@0.9.4: - dependencies: - deep-is: 0.1.4 - fast-levenshtein: 2.0.6 - levn: 0.4.1 - prelude-ls: 1.2.1 - type-check: 0.4.0 - word-wrap: 1.2.5 - - p-limit@3.1.0: - dependencies: - yocto-queue: 0.1.0 - - p-locate@5.0.0: - dependencies: - p-limit: 3.1.0 - - p-queue@8.0.1: - dependencies: - eventemitter3: 5.0.1 - p-timeout: 6.1.2 - - p-retry@6.2.0: - dependencies: - '@types/retry': 0.12.2 - is-network-error: 1.1.0 - retry: 0.13.1 - - p-timeout@6.1.2: {} - - parent-module@1.0.1: - dependencies: - callsites: 3.1.0 - - path-exists@4.0.0: {} - - path-key@3.1.1: {} - - path-parse@1.0.7: {} - - path-scurry@1.11.1: - dependencies: - lru-cache: 10.4.3 - minipass: 7.1.2 - - path-type@4.0.0: {} - - picocolors@1.1.0: {} - - picomatch@2.3.1: {} - - plyr@3.7.8: - dependencies: - core-js: 3.38.1 - custom-event-polyfill: 1.0.7 - loadjs: 4.3.0 - rangetouch: 2.0.1 - url-polyfill: 1.1.12 - - possible-typed-array-names@1.0.0: {} - - postcss-value-parser@4.2.0: {} - - postcss@8.4.31: - dependencies: - nanoid: 3.3.7 - picocolors: 1.1.0 - source-map-js: 1.2.0 - - postcss@8.4.38: - dependencies: - nanoid: 3.3.7 - picocolors: 1.1.0 - source-map-js: 1.2.0 - - preact-render-to-string@5.2.3(preact@10.23.2): - dependencies: - preact: 10.23.2 - pretty-format: 3.8.0 - - preact@10.23.2: {} - - prebuild-install@7.1.2: - dependencies: - detect-libc: 2.0.3 - expand-template: 2.0.3 - github-from-package: 0.0.0 - minimist: 1.2.8 - mkdirp-classic: 0.5.3 - napi-build-utils: 1.0.2 - node-abi: 3.67.0 - pump: 3.0.0 - rc: 1.2.8 - simple-get: 4.0.1 - tar-fs: 2.1.1 - tunnel-agent: 0.6.0 - - prelude-ls@1.2.1: {} - - pretty-format@3.8.0: {} - - prop-types@15.8.1: - dependencies: - loose-envify: 1.4.0 - object-assign: 4.1.1 - react-is: 16.13.1 - - property-expr@2.0.6: {} - - pump@3.0.0: - dependencies: - end-of-stream: 1.4.4 - once: 1.4.0 - - punycode@2.3.1: {} - - qs@6.13.0: - dependencies: - side-channel: 1.0.6 - - queue-microtask@1.2.3: {} - - quick-lru@5.1.1: {} - - rangetouch@2.0.1: {} - - rc@1.2.8: - dependencies: - deep-extend: 0.6.0 - ini: 1.3.8 - minimist: 1.2.8 - strip-json-comments: 2.0.1 - - react-data-table-component@7.6.2(react@18.3.1)(styled-components@6.1.13(react-dom@18.3.1(react@18.3.1))(react@18.3.1)): - dependencies: - deepmerge: 4.3.1 - react: 18.3.1 - styled-components: 6.1.13(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - - react-dom@18.3.1(react@18.3.1): - dependencies: - loose-envify: 1.4.0 - react: 18.3.1 - scheduler: 0.23.2 - - react-hook-form@7.53.0(react@18.3.1): - dependencies: - react: 18.3.1 - - react-is@16.13.1: {} - - react-loading-skeleton@3.4.0(react@18.3.1): - dependencies: - react: 18.3.1 - - react-toastify@10.0.5(react-dom@18.3.1(react@18.3.1))(react@18.3.1): - dependencies: - clsx: 2.1.1 - react: 18.3.1 - react-dom: 18.3.1(react@18.3.1) - - react@18.3.1: - dependencies: - loose-envify: 1.4.0 - - readable-stream@3.6.2: - dependencies: - inherits: 2.0.4 - string_decoder: 1.3.0 - util-deprecate: 1.0.2 - - readdirp@3.6.0: - dependencies: - picomatch: 2.3.1 - - reflect.getprototypeof@1.0.6: - dependencies: - call-bind: 1.0.7 - define-properties: 1.2.1 - es-abstract: 1.23.3 - es-errors: 1.3.0 - get-intrinsic: 1.2.4 - globalthis: 1.0.4 - which-builtin-type: 1.1.4 - - regenerator-runtime@0.14.1: {} - - regexp.prototype.flags@1.5.2: - dependencies: - call-bind: 1.0.7 - define-properties: 1.2.1 - es-errors: 1.3.0 - set-function-name: 2.0.2 - - resolve-from@4.0.0: {} - - resolve-pkg-maps@1.0.0: {} - - resolve@1.22.8: - dependencies: - is-core-module: 2.15.1 - path-parse: 1.0.7 - supports-preserve-symlinks-flag: 1.0.0 - - resolve@2.0.0-next.5: - dependencies: - is-core-module: 2.15.1 - path-parse: 1.0.7 - supports-preserve-symlinks-flag: 1.0.0 - - retry@0.13.1: {} - - reusify@1.0.4: {} - - run-parallel@1.2.0: - dependencies: - queue-microtask: 1.2.3 - - safe-array-concat@1.1.2: - dependencies: - call-bind: 1.0.7 - get-intrinsic: 1.2.4 - has-symbols: 1.0.3 - isarray: 2.0.5 - - safe-buffer@5.2.1: {} - - safe-regex-test@1.0.3: - dependencies: - call-bind: 1.0.7 - es-errors: 1.3.0 - is-regex: 1.1.4 - - sass@1.77.8: - dependencies: - chokidar: 3.6.0 - immutable: 4.3.7 - source-map-js: 1.2.0 - - sax@1.4.1: {} - - scheduler@0.23.2: - dependencies: - loose-envify: 1.4.0 - - section-matter@1.0.0: - dependencies: - extend-shallow: 2.0.1 - kind-of: 6.0.3 - - semver@6.3.1: {} - - semver@7.6.3: {} - - set-function-length@1.2.2: - dependencies: - define-data-property: 1.1.4 - es-errors: 1.3.0 - function-bind: 1.1.2 - get-intrinsic: 1.2.4 - gopd: 1.0.1 - has-property-descriptors: 1.0.2 - - set-function-name@2.0.2: - dependencies: - define-data-property: 1.1.4 - es-errors: 1.3.0 - functions-have-names: 1.2.3 - has-property-descriptors: 1.0.2 - - shallow-equal@3.1.0: {} - - shallowequal@1.1.0: {} - - sharp@0.30.7: - dependencies: - color: 4.2.3 - detect-libc: 2.0.3 - node-addon-api: 5.1.0 - prebuild-install: 7.1.2 - semver: 7.6.3 - simple-get: 4.0.1 - tar-fs: 2.1.1 - tunnel-agent: 0.6.0 - - sharp@0.33.5: - dependencies: - color: 4.2.3 - detect-libc: 2.0.3 - semver: 7.6.3 - optionalDependencies: - '@img/sharp-darwin-arm64': 0.33.5 - '@img/sharp-darwin-x64': 0.33.5 - '@img/sharp-libvips-darwin-arm64': 1.0.4 - '@img/sharp-libvips-darwin-x64': 1.0.4 - '@img/sharp-libvips-linux-arm': 1.0.5 - '@img/sharp-libvips-linux-arm64': 1.0.4 - '@img/sharp-libvips-linux-s390x': 1.0.4 - '@img/sharp-libvips-linux-x64': 1.0.4 - '@img/sharp-libvips-linuxmusl-arm64': 1.0.4 - '@img/sharp-libvips-linuxmusl-x64': 1.0.4 - '@img/sharp-linux-arm': 0.33.5 - '@img/sharp-linux-arm64': 0.33.5 - '@img/sharp-linux-s390x': 0.33.5 - '@img/sharp-linux-x64': 0.33.5 - '@img/sharp-linuxmusl-arm64': 0.33.5 - '@img/sharp-linuxmusl-x64': 0.33.5 - '@img/sharp-wasm32': 0.33.5 - '@img/sharp-win32-ia32': 0.33.5 - '@img/sharp-win32-x64': 0.33.5 - - shebang-command@2.0.0: - dependencies: - shebang-regex: 3.0.0 - - shebang-regex@3.0.0: {} - - side-channel@1.0.6: - dependencies: - call-bind: 1.0.7 - es-errors: 1.3.0 - get-intrinsic: 1.2.4 - object-inspect: 1.13.2 - - signal-exit@4.1.0: {} - - simple-concat@1.0.1: {} - - simple-get@4.0.1: - dependencies: - decompress-response: 6.0.0 - once: 1.4.0 - simple-concat: 1.0.1 - - simple-swizzle@0.2.2: - dependencies: - is-arrayish: 0.3.2 - - slash@3.0.0: {} - - slugify@1.6.6: {} - - source-map-js@1.2.0: {} - - sprintf-js@1.0.3: {} - - stop-iteration-iterator@1.0.0: - dependencies: - internal-slot: 1.0.7 - - streamsearch@1.1.0: {} - - string-width@4.2.3: - dependencies: - emoji-regex: 8.0.0 - is-fullwidth-code-point: 3.0.0 - strip-ansi: 6.0.1 - - string-width@5.1.2: - dependencies: - eastasianwidth: 0.2.0 - emoji-regex: 9.2.2 - strip-ansi: 7.1.0 - - string.prototype.includes@2.0.0: - dependencies: - define-properties: 1.2.1 - es-abstract: 1.23.3 - - string.prototype.matchall@4.0.11: - dependencies: - call-bind: 1.0.7 - define-properties: 1.2.1 - es-abstract: 1.23.3 - es-errors: 1.3.0 - es-object-atoms: 1.0.0 - get-intrinsic: 1.2.4 - gopd: 1.0.1 - has-symbols: 1.0.3 - internal-slot: 1.0.7 - regexp.prototype.flags: 1.5.2 - set-function-name: 2.0.2 - side-channel: 1.0.6 - - string.prototype.repeat@1.0.0: - dependencies: - define-properties: 1.2.1 - es-abstract: 1.23.3 - - string.prototype.trim@1.2.9: - dependencies: - call-bind: 1.0.7 - define-properties: 1.2.1 - es-abstract: 1.23.3 - es-object-atoms: 1.0.0 - - string.prototype.trimend@1.0.8: - dependencies: - call-bind: 1.0.7 - define-properties: 1.2.1 - es-object-atoms: 1.0.0 - - string.prototype.trimstart@1.0.8: - dependencies: - call-bind: 1.0.7 - define-properties: 1.2.1 - es-object-atoms: 1.0.0 - - string_decoder@1.3.0: - dependencies: - safe-buffer: 5.2.1 - - strip-ansi@6.0.1: - dependencies: - ansi-regex: 5.0.1 - - strip-ansi@7.1.0: - dependencies: - ansi-regex: 6.0.1 - - strip-bom-string@1.0.0: {} - - strip-bom@3.0.0: {} - - strip-json-comments@2.0.1: {} - - strip-json-comments@3.1.1: {} - - styled-components@6.1.13(react-dom@18.3.1(react@18.3.1))(react@18.3.1): - dependencies: - '@emotion/is-prop-valid': 1.2.2 - '@emotion/unitless': 0.8.1 - '@types/stylis': 4.2.5 - css-to-react-native: 3.2.0 - csstype: 3.1.3 - postcss: 8.4.38 - react: 18.3.1 - react-dom: 18.3.1(react@18.3.1) - shallowequal: 1.1.0 - stylis: 4.3.2 - tslib: 2.6.2 - - styled-jsx@5.1.1(react@18.3.1): - dependencies: - client-only: 0.0.1 - react: 18.3.1 - - stylis@4.3.2: {} - - supports-color@7.2.0: - dependencies: - has-flag: 4.0.0 - - supports-preserve-symlinks-flag@1.0.0: {} - - tapable@2.2.1: {} - - tar-fs@2.1.1: - dependencies: - chownr: 1.1.4 - mkdirp-classic: 0.5.3 - pump: 3.0.0 - tar-stream: 2.2.0 - - tar-stream@2.2.0: - dependencies: - bl: 4.1.0 - end-of-stream: 1.4.4 - fs-constants: 1.0.0 - inherits: 2.0.4 - readable-stream: 3.6.2 - - text-table@0.2.0: {} - - tiny-case@1.0.3: {} - - to-regex-range@5.0.1: - dependencies: - is-number: 7.0.0 - - toposort@2.0.2: {} - - ts-api-utils@1.3.0(typescript@5.5.4): - dependencies: - typescript: 5.5.4 - - tsconfig-paths@3.15.0: - dependencies: - '@types/json5': 0.0.29 - json5: 1.0.2 - minimist: 1.2.8 - strip-bom: 3.0.0 - - tslib@2.6.2: {} - - tslib@2.7.0: {} - - tunnel-agent@0.6.0: - dependencies: - safe-buffer: 5.2.1 - - type-check@0.4.0: - dependencies: - prelude-ls: 1.2.1 - - type-fest@1.4.0: {} - - type-fest@2.19.0: {} - - typed-array-buffer@1.0.2: - dependencies: - call-bind: 1.0.7 - es-errors: 1.3.0 - is-typed-array: 1.1.13 - - typed-array-byte-length@1.0.1: - dependencies: - call-bind: 1.0.7 - for-each: 0.3.3 - gopd: 1.0.1 - has-proto: 1.0.3 - is-typed-array: 1.1.13 - - typed-array-byte-offset@1.0.2: - dependencies: - available-typed-arrays: 1.0.7 - call-bind: 1.0.7 - for-each: 0.3.3 - gopd: 1.0.1 - has-proto: 1.0.3 - is-typed-array: 1.1.13 - - typed-array-length@1.0.6: - dependencies: - call-bind: 1.0.7 - for-each: 0.3.3 - gopd: 1.0.1 - has-proto: 1.0.3 - is-typed-array: 1.1.13 - possible-typed-array-names: 1.0.0 - - typescript@5.5.4: {} - - unbox-primitive@1.0.2: - dependencies: - call-bind: 1.0.7 - has-bigints: 1.0.2 - has-symbols: 1.0.3 - which-boxed-primitive: 1.0.2 - - undici-types@6.19.8: {} - - uri-js@4.4.1: - dependencies: - punycode: 2.3.1 - - url-polyfill@1.1.12: {} - - use-sync-external-store@1.2.2(react@18.3.1): - dependencies: - react: 18.3.1 - - util-deprecate@1.0.2: {} - - uuid@8.3.2: {} - - vary@1.1.2: {} - - which-boxed-primitive@1.0.2: - dependencies: - is-bigint: 1.0.4 - is-boolean-object: 1.1.2 - is-number-object: 1.0.7 - is-string: 1.0.7 - is-symbol: 1.0.4 - - which-builtin-type@1.1.4: - dependencies: - function.prototype.name: 1.1.6 - has-tostringtag: 1.0.2 - is-async-function: 2.0.0 - is-date-object: 1.0.5 - is-finalizationregistry: 1.0.2 - is-generator-function: 1.0.10 - is-regex: 1.1.4 - is-weakref: 1.0.2 - isarray: 2.0.5 - which-boxed-primitive: 1.0.2 - which-collection: 1.0.2 - which-typed-array: 1.1.15 - - which-collection@1.0.2: - dependencies: - is-map: 2.0.3 - is-set: 2.0.3 - is-weakmap: 2.0.2 - is-weakset: 2.0.3 - - which-typed-array@1.1.15: - dependencies: - available-typed-arrays: 1.0.7 - call-bind: 1.0.7 - for-each: 0.3.3 - gopd: 1.0.1 - has-tostringtag: 1.0.2 - - which@2.0.2: - dependencies: - isexe: 2.0.0 - - wildcard@1.1.2: {} - - word-wrap@1.2.5: {} - - wrap-ansi@7.0.0: - dependencies: - ansi-styles: 4.3.0 - string-width: 4.2.3 - strip-ansi: 6.0.1 - - wrap-ansi@8.1.0: - dependencies: - ansi-styles: 6.2.1 - string-width: 5.1.2 - strip-ansi: 7.1.0 - - wrappy@1.0.2: {} - - xml-js@1.6.11: - dependencies: - sax: 1.4.1 - - yallist@4.0.0: {} - - yocto-queue@0.1.0: {} - - yup@1.4.0: - dependencies: - property-expr: 2.0.6 - tiny-case: 1.0.3 - toposort: 2.0.2 - type-fest: 2.19.0 diff --git a/services/next/public/fonts/nunito-v26-latin-regular.woff2 b/services/next/public/fonts/nunito-v26-latin-regular.woff2 deleted file mode 100644 index 99439c1..0000000 Binary files a/services/next/public/fonts/nunito-v26-latin-regular.woff2 and /dev/null differ diff --git a/services/next/public/fonts/overpass-v13-latin-regular.woff2 b/services/next/public/fonts/overpass-v13-latin-regular.woff2 deleted file mode 100644 index afd295f..0000000 Binary files a/services/next/public/fonts/overpass-v13-latin-regular.woff2 and /dev/null differ diff --git a/services/next/public/futureporn-icon.png b/services/next/public/futureporn-icon.png deleted file mode 100644 index 037e639..0000000 Binary files a/services/next/public/futureporn-icon.png and /dev/null differ diff --git a/services/next/public/images/.keep b/services/next/public/images/.keep deleted file mode 100644 index e69de29..0000000 diff --git a/services/next/public/images/cj_clippy.jpg b/services/next/public/images/cj_clippy.jpg deleted file mode 100644 index d1c8717..0000000 Binary files a/services/next/public/images/cj_clippy.jpg and /dev/null differ diff --git a/services/next/public/images/default-thumbnail.webp b/services/next/public/images/default-thumbnail.webp deleted file mode 100644 index d468e15..0000000 Binary files a/services/next/public/images/default-thumbnail.webp and /dev/null differ diff --git a/services/next/public/images/projekt-melody.jpg b/services/next/public/images/projekt-melody.jpg deleted file mode 100644 index 41916fa..0000000 Binary files a/services/next/public/images/projekt-melody.jpg and /dev/null differ diff --git a/services/next/public/images/projektmelody-thumbnail.webp b/services/next/public/images/projektmelody-thumbnail.webp deleted file mode 100644 index dfb8073..0000000 Binary files a/services/next/public/images/projektmelody-thumbnail.webp and /dev/null differ diff --git a/services/next/public/images/vercel.svg b/services/next/public/images/vercel.svg deleted file mode 100644 index 08d0cd1..0000000 --- a/services/next/public/images/vercel.svg +++ /dev/null @@ -1,3 +0,0 @@ - - - \ No newline at end of file diff --git a/services/next/test-jwe-decrypt.js b/services/next/test-jwe-decrypt.js deleted file mode 100644 index 58d8ce8..0000000 --- a/services/next/test-jwe-decrypt.js +++ /dev/null @@ -1,18 +0,0 @@ -// const { jwtDecrypt } = require('jose'); -// const dotenv = require('dotenv') -// dotenv.config({ -// path: '../../.env.development' -// }) - -// async function decryptJWE(jwe, secret) { -// const key = new TextEncoder().encode(secret); // Encode the secret to Uint8Array -// const { payload, protectedHeader } = await jwtDecrypt(jwe, key); -// console.log('Decrypted payload:', new TextDecoder().decode(payload)); -// console.log('Header:', protectedHeader); -// } - -// const jwe = '375hO4PPr4GCghunRf52r7tlG7HAFLanZ7D5blc0QDamW3nXp_terShYROf7bpPak8N1k29cF_e_hdDZNeI42ZaFQInhjCOBLrYDpcxbvjALNhkwFNPz_wj1IPqDehjMz1vowdN9LdrwJup9a8Q.HbClJBjeMIyzT3vrwRdM0Q'; - - -// const secret = process.env.NEXTAUTH_SECRET; -// decryptJWE(jwe, secret).catch(console.error); diff --git a/services/next/tsconfig.json b/services/next/tsconfig.json deleted file mode 100644 index f991314..0000000 --- a/services/next/tsconfig.json +++ /dev/null @@ -1,41 +0,0 @@ -{ - "compilerOptions": { - "target": "ES2015", - "lib": [ - "dom", - "dom.iterable", - "esnext" - ], - "allowJs": true, - "skipLibCheck": true, - "strict": true, - "noEmit": true, - "esModuleInterop": true, - "module": "esnext", - "moduleResolution": "bundler", - "resolveJsonModule": true, - "isolatedModules": true, - "jsx": "preserve", - "incremental": true, - "plugins": [ - { - "name": "next" - } - ], - "paths": { - "@/*": [ - "./*" - ] - } - }, - "include": [ - "next-env.d.ts", - "**/*.ts", - "**/*.tsx", - ".next/types/**/*.ts", - "app/components/auth.tsx.old" - ], - "exclude": [ - "node_modules" - ] -} \ No newline at end of file diff --git a/services/next/tsconfig.json.old b/services/next/tsconfig.json.old deleted file mode 100644 index 4b44d95..0000000 --- a/services/next/tsconfig.json.old +++ /dev/null @@ -1,51 +0,0 @@ -{ - "compilerOptions": { - "baseUrl": ".", - "paths": { - "@/components/*": [ - "app/components/*" - ], - "@/lib/*": [ - "app/lib/*" - ], - "@/assets/*": [ - "assets/*" - ] - }, - "target": "es5", - "lib": [ - "dom", - "dom.iterable", - "esnext" - ], - "allowJs": true, - "skipLibCheck": true, - "strict": true, - "forceConsistentCasingInFileNames": true, - "noEmit": true, - "esModuleInterop": true, - "module": "esnext", - "moduleResolution": "node", - "resolveJsonModule": true, - "isolatedModules": true, - "jsx": "preserve", - "incremental": true, - "plugins": [ - { - "name": "next" - } - ] - }, - "include": [ - "next-env.d.ts", - "**/*.ts", - "**/*.tsx", - "dist/types/**/*.ts", - ".next/types/**/*.ts", - "./app", - "./assets" - ], - "exclude": [ - "node_modules" - ] -} \ No newline at end of file diff --git a/services/scout/.dockerignore b/services/scout/.dockerignore deleted file mode 100644 index f46ca59..0000000 --- a/services/scout/.dockerignore +++ /dev/null @@ -1,4 +0,0 @@ -# STOP! This .dockerignore is probably not the .dockerignore you are looking for. -# The dockerignore in the ROOT of the Docker context is the .dockerignore that docker uses. -# We are using a monorepo and the docker build context is the root of this git repo. -# thus, see ../../.dockerignore diff --git a/services/scout/.gitignore b/services/scout/.gitignore deleted file mode 100644 index 25b08c6..0000000 --- a/services/scout/.gitignore +++ /dev/null @@ -1,146 +0,0 @@ -lib/ - -# Created by https://www.toptal.com/developers/gitignore/api/node -# Edit at https://www.toptal.com/developers/gitignore?templates=node - -### Node ### -# Logs -logs -*.log -npm-debug.log* -yarn-debug.log* -yarn-error.log* -lerna-debug.log* -.pnpm-debug.log* - -# Diagnostic reports (https://nodejs.org/api/report.html) -report.[0-9]*.[0-9]*.[0-9]*.[0-9]*.json - -# Runtime data -pids -*.pid -*.seed -*.pid.lock - -# Directory for instrumented libs generated by jscoverage/JSCover -lib-cov - -# Coverage directory used by tools like istanbul -coverage -*.lcov - -# nyc test coverage -.nyc_output - -# Grunt intermediate storage (https://gruntjs.com/creating-plugins#storing-task-files) -.grunt - -# Bower dependency directory (https://bower.io/) -bower_components - -# node-waf configuration -.lock-wscript - -# Compiled binary addons (https://nodejs.org/api/addons.html) -build/Release - -# Dependency directories -node_modules/ -jspm_packages/ - -# Snowpack dependency directory (https://snowpack.dev/) -web_modules/ - -# TypeScript cache -*.tsbuildinfo - -# Optional npm cache directory -.npm - -# Optional eslint cache -.eslintcache - -# Optional stylelint cache -.stylelintcache - -# Microbundle cache -.rpt2_cache/ -.rts2_cache_cjs/ -.rts2_cache_es/ -.rts2_cache_umd/ - -# Optional REPL history -.node_repl_history - -# Output of 'npm pack' -*.tgz - -# Yarn Integrity file -.yarn-integrity - -# dotenv environment variable files -.env -.env.development.local -.env.test.local -.env.production.local -.env.local - -# parcel-bundler cache (https://parceljs.org/) -.cache -.parcel-cache - -# Next.js build output -.next -out - -# Nuxt.js build / generate output -.nuxt -dist - -# Gatsby files -.cache/ -# Comment in the public line in if your project uses Gatsby and not Next.js -# https://nextjs.org/blog/next-9-1#public-directory-support -# public - -# vuepress build output -.vuepress/dist - -# vuepress v2.x temp and cache directory -.temp - -# Docusaurus cache and generated files -.docusaurus - -# Serverless directories -.serverless/ - -# FuseBox cache -.fusebox/ - -# DynamoDB Local files -.dynamodb/ - -# TernJS port file -.tern-port - -# Stores VSCode versions used for testing VSCode extensions -.vscode-test - -# yarn v2 -.yarn/cache -.yarn/unplugged -.yarn/build-state.yml -.yarn/install-state.gz -.pnp.* - -### Node Patch ### -# Serverless Webpack directories -.webpack/ - -# Optional stylelint cache - -# SvelteKit build / generate output -.svelte-kit - -# End of https://www.toptal.com/developers/gitignore/api/node diff --git a/services/scout/.mocharc.json b/services/scout/.mocharc.json deleted file mode 100644 index 7771cc1..0000000 --- a/services/scout/.mocharc.json +++ /dev/null @@ -1,6 +0,0 @@ -{ - "$schema": "https://json.schemastore.org/mocharc.json", - "extension": ["ts"], - "require": "tsx", - "spec": "src/**/*.spec.ts" -} diff --git a/services/scout/README.md b/services/scout/README.md deleted file mode 100644 index 7bf8e7f..0000000 --- a/services/scout/README.md +++ /dev/null @@ -1,47 +0,0 @@ -# scout - -Vtuber data acquisition. Anything having to do with external WWW data acquisition goes in this module. - -## Features - - * [x] Ingests going live notification e-mails - * [ ] Sends `start_recording` signals to @futureporn/capture - * [x] Fetches vtuber data from platform - * [x] image - * [x] themeColor - * [x] displayName - * [x] Platform Support - * [x] fansly - * [x] chaturbate - - -## Design requirements - - * [ ] get watched channels list from Strapi - * [ ] every 3 mins, watch/unwatch based on channels list - * [ ] watch important sources for go-live notifications - * [ ] CB tab - * [ ] email inbox - * [ ] alerts realtime server when watched room goes live - * [ ] logs chat messages - * [ ] throws errors when unable to connect - * [ ] runs browser headless - * [ ] runs in the cloud - * [x] runs in k8s cluster - - - -## Puppeteer - -For when we get to the point where we need it, here are the packages we used with success during past testing. - - "puppeteer": "^22.7.1", - "puppeteer-extra": "^3.3.6", - "puppeteer-extra-plugin-repl": "^2.3.3", - "puppeteer-extra-plugin-stealth": "^2.11.2" - - -## Adding API routes - -* Routes are specified in ./src/api.yml -* Route handlers are specified in ./src/app.js \ No newline at end of file diff --git a/services/scout/node.d.ts b/services/scout/node.d.ts deleted file mode 100644 index a9bed81..0000000 --- a/services/scout/node.d.ts +++ /dev/null @@ -1,4 +0,0 @@ -interface ImportMeta { - dirname: string; - url: string; -} \ No newline at end of file diff --git a/services/scout/package.json b/services/scout/package.json deleted file mode 100644 index e631ccf..0000000 --- a/services/scout/package.json +++ /dev/null @@ -1,85 +0,0 @@ -{ - "name": "@futureporn/scout", - "type": "module", - "version": "4.0.1", - "description": "vtuber data acquisition", - "exports": { - "./*.ts": "./src/*.ts" - }, - "scripts": { - "build": "tsup", - "test": "pnpm run test.unit && pnpm run test.integration", - "test.unit": "mocha --require ts-node/register src/**/*.spec.ts -g unit", - "test.integration": "mocha --require ts-node/register src/**/*.spec.ts -g integration", - "dev": "nodemon --ext js,ts,json,yaml --exec \"node --import tsx --disable-warning=ExperimentalWarning ./src/index.ts\"", - "start": "node ./dist/index.cjs", - "clean": "rm -rf dist", - "superclean": "rm -rf node_modules && rm -rf pnpm-lock.yaml && rm -rf dist" - }, - "keywords": [], - "author": "@CJ_Clippy", - "license": "Unlicense", - "dependencies": { - "@aws-sdk/client-s3": "^3.637.0", - "@aws-sdk/lib-storage": "^3.637.0", - "@aws-sdk/s3-request-presigner": "^3.637.0", - "@fastify/static": "^7.0.4", - "@fastify/swagger": "^8.15.0", - "@fastify/swagger-ui": "^4.1.0", - "@futureporn/types": "workspace:*", - "@paralleldrive/cuid2": "^2.2.2", - "@temporalio/client": "^1.11.1", - "@temporalio/worker": "^1.11.1", - "@temporalio/workflow": "^1.11.1", - "@tsconfig/node20": "^20.1.4", - "@types/imapflow": "^1.0.19", - "@types/node": "^22.5.2", - "@types/pg": "^8.11.8", - "cheerio": "1.0.0", - "concurrently": "^8.2.2", - "date-fns": "^3.6.0", - "dotenv": "^16.4.5", - "fastify": "^4.28.1", - "fastq": "^1.17.1", - "faye": "^1.4.0", - "htmlparser2": "^9.1.0", - "imapflow": "^1.0.164", - "js-yaml": "^4.1.0", - "limiter": "2.1.0", - "mailparser": "^3.7.1", - "node-fetch": "^3.3.2", - "openapi-backend": "^5.10.6", - "p-retry": "^6.2.0", - "pg": "8.12.0", - "prevvy": "^8.0.1", - "qs": "^6.13.0", - "rate-limiter-flexible": "^5.0.3", - "sharp": "^0.33.5", - "slugify": "^1.6.6", - "swagger-editor-dist": "^4.13.1", - "swagger-ui-dist": "^5.17.14", - "ts-json-schema-generator": "^2.3.0", - "tsx": "^4.19.0", - "typescript-json-schema": "^0.65.1", - "xpath": "^0.0.34" - }, - "packageManager": "pnpm@9.6.0", - "devDependencies": { - "@babel/preset-env": "^7.25.4", - "@babel/preset-typescript": "^7.24.7", - "@futureporn/utils": "workspace:^", - "@types/chai": "^4.3.19", - "@types/cheerio": "^0.22.35", - "@types/mailparser": "^3.4.4", - "@types/mocha": "^10.0.7", - "@types/sinon": "^17.0.3", - "chai": "^5.1.1", - "esmock": "^2.6.7", - "mocha": "^10.7.3", - "nodemon": "^3.1.4", - "sinon": "^18.0.0", - "ts-node": "^10.9.2", - "tsup": "^8.2.4", - "typescript": "^5.5.4" - } -} diff --git a/services/scout/pnpm-lock.yaml b/services/scout/pnpm-lock.yaml deleted file mode 100644 index 0efa8d4..0000000 --- a/services/scout/pnpm-lock.yaml +++ /dev/null @@ -1,8278 +0,0 @@ -lockfileVersion: '9.0' - -settings: - autoInstallPeers: true - excludeLinksFromLockfile: false - -importers: - - .: - dependencies: - '@aws-sdk/client-s3': - specifier: ^3.637.0 - version: 3.637.0 - '@aws-sdk/lib-storage': - specifier: ^3.637.0 - version: 3.637.0(@aws-sdk/client-s3@3.637.0) - '@aws-sdk/s3-request-presigner': - specifier: ^3.637.0 - version: 3.637.0 - '@fastify/static': - specifier: ^7.0.4 - version: 7.0.4 - '@fastify/swagger': - specifier: ^8.15.0 - version: 8.15.0 - '@fastify/swagger-ui': - specifier: ^4.1.0 - version: 4.1.0 - '@futureporn/types': - specifier: workspace:* - version: link:../../packages/types - '@paralleldrive/cuid2': - specifier: ^2.2.2 - version: 2.2.2 - '@temporalio/client': - specifier: ^1.11.1 - version: 1.11.1 - '@temporalio/worker': - specifier: ^1.11.1 - version: 1.11.1(esbuild@0.23.1) - '@temporalio/workflow': - specifier: ^1.11.1 - version: 1.11.1 - '@tsconfig/node20': - specifier: ^20.1.4 - version: 20.1.4 - '@types/imapflow': - specifier: ^1.0.19 - version: 1.0.19 - '@types/node': - specifier: ^22.5.2 - version: 22.5.2 - '@types/pg': - specifier: ^8.11.8 - version: 8.11.8 - cheerio: - specifier: 1.0.0 - version: 1.0.0 - concurrently: - specifier: ^8.2.2 - version: 8.2.2 - date-fns: - specifier: ^3.6.0 - version: 3.6.0 - dotenv: - specifier: ^16.4.5 - version: 16.4.5 - fastify: - specifier: ^4.28.1 - version: 4.28.1 - fastq: - specifier: ^1.17.1 - version: 1.17.1 - faye: - specifier: ^1.4.0 - version: 1.4.0 - htmlparser2: - specifier: ^9.1.0 - version: 9.1.0 - imapflow: - specifier: ^1.0.164 - version: 1.0.164 - js-yaml: - specifier: ^4.1.0 - version: 4.1.0 - limiter: - specifier: 2.1.0 - version: 2.1.0 - mailparser: - specifier: ^3.7.1 - version: 3.7.1 - node-fetch: - specifier: ^3.3.2 - version: 3.3.2 - openapi-backend: - specifier: ^5.10.6 - version: 5.10.6 - p-retry: - specifier: ^6.2.0 - version: 6.2.0 - pg: - specifier: 8.12.0 - version: 8.12.0 - prevvy: - specifier: ^8.0.1 - version: 8.0.1 - qs: - specifier: ^6.13.0 - version: 6.13.0 - rate-limiter-flexible: - specifier: ^5.0.3 - version: 5.0.3 - sharp: - specifier: ^0.33.5 - version: 0.33.5 - slugify: - specifier: ^1.6.6 - version: 1.6.6 - swagger-editor-dist: - specifier: ^4.13.1 - version: 4.13.1 - swagger-ui-dist: - specifier: ^5.17.14 - version: 5.17.14 - ts-json-schema-generator: - specifier: ^2.3.0 - version: 2.3.0 - tsx: - specifier: ^4.19.0 - version: 4.19.0 - typescript-json-schema: - specifier: ^0.65.1 - version: 0.65.1(@swc/core@1.7.23) - xpath: - specifier: ^0.0.34 - version: 0.0.34 - devDependencies: - '@babel/preset-env': - specifier: ^7.25.4 - version: 7.25.4(@babel/core@7.25.2) - '@babel/preset-typescript': - specifier: ^7.24.7 - version: 7.24.7(@babel/core@7.25.2) - '@futureporn/utils': - specifier: workspace:^ - version: link:../../packages/utils - '@types/chai': - specifier: ^4.3.19 - version: 4.3.19 - '@types/cheerio': - specifier: ^0.22.35 - version: 0.22.35 - '@types/mailparser': - specifier: ^3.4.4 - version: 3.4.4 - '@types/mocha': - specifier: ^10.0.7 - version: 10.0.7 - '@types/sinon': - specifier: ^17.0.3 - version: 17.0.3 - chai: - specifier: ^5.1.1 - version: 5.1.1 - esmock: - specifier: ^2.6.7 - version: 2.6.7 - mocha: - specifier: ^10.7.3 - version: 10.7.3 - nodemon: - specifier: ^3.1.4 - version: 3.1.4 - sinon: - specifier: ^18.0.0 - version: 18.0.0 - ts-node: - specifier: ^10.9.2 - version: 10.9.2(@swc/core@1.7.23)(@types/node@22.5.2)(typescript@5.5.4) - tsup: - specifier: ^8.2.4 - version: 8.2.4(@swc/core@1.7.23)(tsx@4.19.0)(typescript@5.5.4)(yaml@2.5.0) - typescript: - specifier: ^5.5.4 - version: 5.5.4 - -packages: - - '@ampproject/remapping@2.3.0': - resolution: {integrity: sha512-30iZtAPgz+LTIYoeivqYo853f02jBYSd5uGnGpkFV0M3xOt9aN73erkgYAmZU43x4VfqcnLxW9Kpg3R5LC4YYw==} - engines: {node: '>=6.0.0'} - - '@apidevtools/json-schema-ref-parser@11.7.0': - resolution: {integrity: sha512-pRrmXMCwnmrkS3MLgAIW5dXRzeTv6GLjkjb4HmxNnvAKXN1Nfzp4KmGADBQvlVUcqi+a5D+hfGDLLnd5NnYxog==} - engines: {node: '>= 16'} - - '@aws-crypto/crc32@5.2.0': - resolution: {integrity: sha512-nLbCWqQNgUiwwtFsen1AdzAtvuLRsQS8rYgMuxCrdKf9kOssamGLuPwyTY9wyYblNr9+1XM8v6zoDTPPSIeANg==} - engines: {node: '>=16.0.0'} - - '@aws-crypto/crc32c@5.2.0': - resolution: {integrity: sha512-+iWb8qaHLYKrNvGRbiYRHSdKRWhto5XlZUEBwDjYNf+ly5SVYG6zEoYIdxvf5R3zyeP16w4PLBn3rH1xc74Rag==} - - '@aws-crypto/sha1-browser@5.2.0': - resolution: {integrity: sha512-OH6lveCFfcDjX4dbAvCFSYUjJZjDr/3XJ3xHtjn3Oj5b9RjojQo8npoLeA/bNwkOkrSQ0wgrHzXk4tDRxGKJeg==} - - '@aws-crypto/sha256-browser@5.2.0': - resolution: {integrity: sha512-AXfN/lGotSQwu6HNcEsIASo7kWXZ5HYWvfOmSNKDsEqC4OashTp8alTmaz+F7TC2L083SFv5RdB+qU3Vs1kZqw==} - - '@aws-crypto/sha256-js@5.2.0': - resolution: {integrity: sha512-FFQQyu7edu4ufvIZ+OadFpHHOt+eSTBaYaki44c+akjg7qZg9oOQeLlk77F6tSYqjDAFClrHJk9tMf0HdVyOvA==} - engines: {node: '>=16.0.0'} - - '@aws-crypto/supports-web-crypto@5.2.0': - resolution: {integrity: sha512-iAvUotm021kM33eCdNfwIN//F77/IADDSs58i+MDaOqFrVjZo9bAal0NK7HurRuWLLpF1iLX7gbWrjHjeo+YFg==} - - '@aws-crypto/util@5.2.0': - resolution: {integrity: sha512-4RkU9EsI6ZpBve5fseQlGNUWKMa1RLPQ1dnjnQoe07ldfIzcsGb5hC5W0Dm7u423KWzawlrpbjXBrXCEv9zazQ==} - - '@aws-sdk/client-s3@3.637.0': - resolution: {integrity: sha512-y6UC94fsMvhKbf0dzfnjVP1HePeGjplfcYfilZU1COIJLyTkMcUv4XcT4I407CGIrvgEafONHkiC09ygqUauNA==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/client-sso-oidc@3.637.0': - resolution: {integrity: sha512-27bHALN6Qb6m6KZmPvRieJ/QRlj1lyac/GT2Rn5kJpre8Mpp+yxrtvp3h9PjNBty4lCeFEENfY4dGNSozBuBcw==} - engines: {node: '>=16.0.0'} - peerDependencies: - '@aws-sdk/client-sts': ^3.637.0 - - '@aws-sdk/client-sso@3.637.0': - resolution: {integrity: sha512-+KjLvgX5yJYROWo3TQuwBJlHCY0zz9PsLuEolmXQn0BVK1L/m9GteZHtd+rEdAoDGBpE0Xqjy1oz5+SmtsaRUw==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/client-sts@3.637.0': - resolution: {integrity: sha512-xUi7x4qDubtA8QREtlblPuAcn91GS/09YVEY/RwU7xCY0aqGuFwgszAANlha4OUIqva8oVj2WO4gJuG+iaSnhw==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/core@3.635.0': - resolution: {integrity: sha512-i1x/E/sgA+liUE1XJ7rj1dhyXpAKO1UKFUcTTHXok2ARjWTvszHnSXMOsB77aPbmn0fUp1JTx2kHUAZ1LVt5Bg==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/credential-provider-env@3.620.1': - resolution: {integrity: sha512-ExuILJ2qLW5ZO+rgkNRj0xiAipKT16Rk77buvPP8csR7kkCflT/gXTyzRe/uzIiETTxM7tr8xuO9MP/DQXqkfg==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/credential-provider-http@3.635.0': - resolution: {integrity: sha512-iJyRgEjOCQlBMXqtwPLIKYc7Bsc6nqjrZybdMDenPDa+kmLg7xh8LxHsu9088e+2/wtLicE34FsJJIfzu3L82g==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/credential-provider-ini@3.637.0': - resolution: {integrity: sha512-h+PFCWfZ0Q3Dx84SppET/TFpcQHmxFW8/oV9ArEvMilw4EBN+IlxgbL0CnHwjHW64szcmrM0mbebjEfHf4FXmw==} - engines: {node: '>=16.0.0'} - peerDependencies: - '@aws-sdk/client-sts': ^3.637.0 - - '@aws-sdk/credential-provider-node@3.637.0': - resolution: {integrity: sha512-yoEhoxJJfs7sPVQ6Is939BDQJZpZCoUgKr/ySse4YKOZ24t4VqgHA6+wV7rYh+7IW24Rd91UTvEzSuHYTlxlNA==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/credential-provider-process@3.620.1': - resolution: {integrity: sha512-hWqFMidqLAkaV9G460+1at6qa9vySbjQKKc04p59OT7lZ5cO5VH5S4aI05e+m4j364MBROjjk2ugNvfNf/8ILg==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/credential-provider-sso@3.637.0': - resolution: {integrity: sha512-Mvz+h+e62/tl+dVikLafhv+qkZJ9RUb8l2YN/LeKMWkxQylPT83CPk9aimVhCV89zth1zpREArl97+3xsfgQvA==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/credential-provider-web-identity@3.621.0': - resolution: {integrity: sha512-w7ASSyfNvcx7+bYGep3VBgC3K6vEdLmlpjT7nSIHxxQf+WSdvy+HynwJosrpZax0sK5q0D1Jpn/5q+r5lwwW6w==} - engines: {node: '>=16.0.0'} - peerDependencies: - '@aws-sdk/client-sts': ^3.621.0 - - '@aws-sdk/lib-storage@3.637.0': - resolution: {integrity: sha512-HiNGOP4a1QrCWwO1joKw4mCp19nLXoF9K52PislBaYDI35IlHC3DP6MeOg5zmElwtL1GtEHFBy5olfPWPsLyLg==} - engines: {node: '>=16.0.0'} - peerDependencies: - '@aws-sdk/client-s3': ^3.637.0 - - '@aws-sdk/middleware-bucket-endpoint@3.620.0': - resolution: {integrity: sha512-eGLL0W6L3HDb3OACyetZYOWpHJ+gLo0TehQKeQyy2G8vTYXqNTeqYhuI6up9HVjBzU9eQiULVQETmgQs7TFaRg==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/middleware-expect-continue@3.620.0': - resolution: {integrity: sha512-QXeRFMLfyQ31nAHLbiTLtk0oHzG9QLMaof5jIfqcUwnOkO8YnQdeqzakrg1Alpy/VQ7aqzIi8qypkBe2KXZz0A==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/middleware-flexible-checksums@3.620.0': - resolution: {integrity: sha512-ftz+NW7qka2sVuwnnO1IzBku5ccP+s5qZGeRTPgrKB7OzRW85gthvIo1vQR2w+OwHFk7WJbbhhWwbCbktnP4UA==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/middleware-host-header@3.620.0': - resolution: {integrity: sha512-VMtPEZwqYrII/oUkffYsNWY9PZ9xpNJpMgmyU0rlDQ25O1c0Hk3fJmZRe6pEkAJ0omD7kLrqGl1DUjQVxpd/Rg==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/middleware-location-constraint@3.609.0': - resolution: {integrity: sha512-xzsdoTkszGVqGVPjUmgoP7TORiByLueMHieI1fhQL888WPdqctwAx3ES6d/bA9Q/i8jnc6hs+Fjhy8UvBTkE9A==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/middleware-logger@3.609.0': - resolution: {integrity: sha512-S62U2dy4jMDhDFDK5gZ4VxFdWzCtLzwbYyFZx2uvPYTECkepLUfzLic2BHg2Qvtu4QjX+oGE3P/7fwaGIsGNuQ==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/middleware-recursion-detection@3.620.0': - resolution: {integrity: sha512-nh91S7aGK3e/o1ck64sA/CyoFw+gAYj2BDOnoNa6ouyCrVJED96ZXWbhye/fz9SgmNUZR2g7GdVpiLpMKZoI5w==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/middleware-sdk-s3@3.635.0': - resolution: {integrity: sha512-RLdYJPEV4JL/7NBoFUs7VlP90X++5FlJdxHz0DzCjmiD3qCviKy+Cym3qg1gBgHwucs5XisuClxDrGokhAdTQw==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/middleware-ssec@3.609.0': - resolution: {integrity: sha512-GZSD1s7+JswWOTamVap79QiDaIV7byJFssBW68GYjyRS5EBjNfwA/8s+6uE6g39R3ojyTbYOmvcANoZEhSULXg==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/middleware-user-agent@3.637.0': - resolution: {integrity: sha512-EYo0NE9/da/OY8STDsK2LvM4kNa79DBsf4YVtaG4P5pZ615IeFsD8xOHZeuJmUrSMlVQ8ywPRX7WMucUybsKug==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/region-config-resolver@3.614.0': - resolution: {integrity: sha512-vDCeMXvic/LU0KFIUjpC3RiSTIkkvESsEfbVHiHH0YINfl8HnEqR5rj+L8+phsCeVg2+LmYwYxd5NRz4PHxt5g==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/s3-request-presigner@3.637.0': - resolution: {integrity: sha512-URRiEDZEICyfAXmXcXREQCsvZrapITAymvg46p1Xjnuv7PTnUB0SF18B2omPL0E5d/X+T3O9NKdtot+BqJbIWw==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/signature-v4-multi-region@3.635.0': - resolution: {integrity: sha512-J6QY4/invOkpogCHjSaDON1hF03viPpOnsrzVuCvJMmclS/iG62R4EY0wq1alYll0YmSdmKlpJwHMWwGtqK63Q==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/token-providers@3.614.0': - resolution: {integrity: sha512-okItqyY6L9IHdxqs+Z116y5/nda7rHxLvROxtAJdLavWTYDydxrZstImNgGWTeVdmc0xX2gJCI77UYUTQWnhRw==} - engines: {node: '>=16.0.0'} - peerDependencies: - '@aws-sdk/client-sso-oidc': ^3.614.0 - - '@aws-sdk/types@3.609.0': - resolution: {integrity: sha512-+Tqnh9w0h2LcrUsdXyT1F8mNhXz+tVYBtP19LpeEGntmvHwa2XzvLUCWpoIAIVsHp5+HdB2X9Sn0KAtmbFXc2Q==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/util-arn-parser@3.568.0': - resolution: {integrity: sha512-XUKJWWo+KOB7fbnPP0+g/o5Ulku/X53t7i/h+sPHr5xxYTJJ9CYnbToo95mzxe7xWvkLrsNtJ8L+MnNn9INs2w==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/util-endpoints@3.637.0': - resolution: {integrity: sha512-pAqOKUHeVWHEXXDIp/qoMk/6jyxIb6GGjnK1/f8dKHtKIEs4tKsnnL563gceEvdad53OPXIt86uoevCcCzmBnw==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/util-format-url@3.609.0': - resolution: {integrity: sha512-fuk29BI/oLQlJ7pfm6iJ4gkEpHdavffAALZwXh9eaY1vQ0ip0aKfRTiNudPoJjyyahnz5yJ1HkmlcDitlzsOrQ==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/util-locate-window@3.568.0': - resolution: {integrity: sha512-3nh4TINkXYr+H41QaPelCceEB2FXP3fxp93YZXB/kqJvX0U9j0N0Uk45gvsjmEPzG8XxkPEeLIfT2I1M7A6Lig==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/util-user-agent-browser@3.609.0': - resolution: {integrity: sha512-fojPU+mNahzQ0YHYBsx0ZIhmMA96H+ZIZ665ObU9tl+SGdbLneVZVikGve+NmHTQwHzwkFsZYYnVKAkreJLAtA==} - - '@aws-sdk/util-user-agent-node@3.614.0': - resolution: {integrity: sha512-15ElZT88peoHnq5TEoEtZwoXTXRxNrk60TZNdpl/TUBJ5oNJ9Dqb5Z4ryb8ofN6nm9aFf59GVAerFDz8iUoHBA==} - engines: {node: '>=16.0.0'} - peerDependencies: - aws-crt: '>=1.0.0' - peerDependenciesMeta: - aws-crt: - optional: true - - '@aws-sdk/xml-builder@3.609.0': - resolution: {integrity: sha512-l9XxNcA4HX98rwCC2/KoiWcmEiRfZe4G+mYwDbCFT87JIMj6GBhLDkAzr/W8KAaA2IDr8Vc6J8fZPgVulxxfMA==} - engines: {node: '>=16.0.0'} - - '@babel/code-frame@7.24.7': - resolution: {integrity: sha512-BcYH1CVJBO9tvyIZ2jVeXgSIMvGZ2FDRvDdOIVQyuklNKSsx+eppDEBq/g47Ayw+RqNFE+URvOShmf+f/qwAlA==} - engines: {node: '>=6.9.0'} - - '@babel/compat-data@7.25.4': - resolution: {integrity: sha512-+LGRog6RAsCJrrrg/IO6LGmpphNe5DiK30dGjCoxxeGv49B10/3XYGxPsAwrDlMFcFEvdAUavDT8r9k/hSyQqQ==} - engines: {node: '>=6.9.0'} - - '@babel/core@7.25.2': - resolution: {integrity: sha512-BBt3opiCOxUr9euZ5/ro/Xv8/V7yJ5bjYMqG/C1YAo8MIKAnumZalCN+msbci3Pigy4lIQfPUpfMM27HMGaYEA==} - engines: {node: '>=6.9.0'} - - '@babel/generator@7.25.6': - resolution: {integrity: sha512-VPC82gr1seXOpkjAAKoLhP50vx4vGNlF4msF64dSFq1P8RfB+QAuJWGHPXXPc8QyfVWwwB/TNNU4+ayZmHNbZw==} - engines: {node: '>=6.9.0'} - - '@babel/helper-annotate-as-pure@7.24.7': - resolution: {integrity: sha512-BaDeOonYvhdKw+JoMVkAixAAJzG2jVPIwWoKBPdYuY9b452e2rPuI9QPYh3KpofZ3pW2akOmwZLOiOsHMiqRAg==} - engines: {node: '>=6.9.0'} - - '@babel/helper-builder-binary-assignment-operator-visitor@7.24.7': - resolution: {integrity: sha512-xZeCVVdwb4MsDBkkyZ64tReWYrLRHlMN72vP7Bdm3OUOuyFZExhsHUUnuWnm2/XOlAJzR0LfPpB56WXZn0X/lA==} - engines: {node: '>=6.9.0'} - - '@babel/helper-compilation-targets@7.25.2': - resolution: {integrity: sha512-U2U5LsSaZ7TAt3cfaymQ8WHh0pxvdHoEk6HVpaexxixjyEquMh0L0YNJNM6CTGKMXV1iksi0iZkGw4AcFkPaaw==} - engines: {node: '>=6.9.0'} - - '@babel/helper-create-class-features-plugin@7.25.4': - resolution: {integrity: sha512-ro/bFs3/84MDgDmMwbcHgDa8/E6J3QKNTk4xJJnVeFtGE+tL0K26E3pNxhYz2b67fJpt7Aphw5XcploKXuCvCQ==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0 - - '@babel/helper-create-regexp-features-plugin@7.25.2': - resolution: {integrity: sha512-+wqVGP+DFmqwFD3EH6TMTfUNeqDehV3E/dl+Sd54eaXqm17tEUNbEIn4sVivVowbvUpOtIGxdo3GoXyDH9N/9g==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0 - - '@babel/helper-define-polyfill-provider@0.6.2': - resolution: {integrity: sha512-LV76g+C502biUK6AyZ3LK10vDpDyCzZnhZFXkH1L75zHPj68+qc8Zfpx2th+gzwA2MzyK+1g/3EPl62yFnVttQ==} - peerDependencies: - '@babel/core': ^7.4.0 || ^8.0.0-0 <8.0.0 - - '@babel/helper-member-expression-to-functions@7.24.8': - resolution: {integrity: sha512-LABppdt+Lp/RlBxqrh4qgf1oEH/WxdzQNDJIu5gC/W1GyvPVrOBiItmmM8wan2fm4oYqFuFfkXmlGpLQhPY8CA==} - engines: {node: '>=6.9.0'} - - '@babel/helper-module-imports@7.24.7': - resolution: {integrity: sha512-8AyH3C+74cgCVVXow/myrynrAGv+nTVg5vKu2nZph9x7RcRwzmh0VFallJuFTZ9mx6u4eSdXZfcOzSqTUm0HCA==} - engines: {node: '>=6.9.0'} - - '@babel/helper-module-transforms@7.25.2': - resolution: {integrity: sha512-BjyRAbix6j/wv83ftcVJmBt72QtHI56C7JXZoG2xATiLpmoC7dpd8WnkikExHDVPpi/3qCmO6WY1EaXOluiecQ==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0 - - '@babel/helper-optimise-call-expression@7.24.7': - resolution: {integrity: sha512-jKiTsW2xmWwxT1ixIdfXUZp+P5yURx2suzLZr5Hi64rURpDYdMW0pv+Uf17EYk2Rd428Lx4tLsnjGJzYKDM/6A==} - engines: {node: '>=6.9.0'} - - '@babel/helper-plugin-utils@7.24.8': - resolution: {integrity: sha512-FFWx5142D8h2Mgr/iPVGH5G7w6jDn4jUSpZTyDnQO0Yn7Ks2Kuz6Pci8H6MPCoUJegd/UZQ3tAvfLCxQSnWWwg==} - engines: {node: '>=6.9.0'} - - '@babel/helper-remap-async-to-generator@7.25.0': - resolution: {integrity: sha512-NhavI2eWEIz/H9dbrG0TuOicDhNexze43i5z7lEqwYm0WEZVTwnPpA0EafUTP7+6/W79HWIP2cTe3Z5NiSTVpw==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0 - - '@babel/helper-replace-supers@7.25.0': - resolution: {integrity: sha512-q688zIvQVYtZu+i2PsdIu/uWGRpfxzr5WESsfpShfZECkO+d2o+WROWezCi/Q6kJ0tfPa5+pUGUlfx2HhrA3Bg==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0 - - '@babel/helper-simple-access@7.24.7': - resolution: {integrity: sha512-zBAIvbCMh5Ts+b86r/CjU+4XGYIs+R1j951gxI3KmmxBMhCg4oQMsv6ZXQ64XOm/cvzfU1FmoCyt6+owc5QMYg==} - engines: {node: '>=6.9.0'} - - '@babel/helper-skip-transparent-expression-wrappers@7.24.7': - resolution: {integrity: sha512-IO+DLT3LQUElMbpzlatRASEyQtfhSE0+m465v++3jyyXeBTBUjtVZg28/gHeV5mrTJqvEKhKroBGAvhW+qPHiQ==} - engines: {node: '>=6.9.0'} - - '@babel/helper-string-parser@7.24.8': - resolution: {integrity: sha512-pO9KhhRcuUyGnJWwyEgnRJTSIZHiT+vMD0kPeD+so0l7mxkMT19g3pjY9GTnHySck/hDzq+dtW/4VgnMkippsQ==} - engines: {node: '>=6.9.0'} - - '@babel/helper-validator-identifier@7.24.7': - resolution: {integrity: sha512-rR+PBcQ1SMQDDyF6X0wxtG8QyLCgUB0eRAGguqRLfkCA87l7yAP7ehq8SNj96OOGTO8OBV70KhuFYcIkHXOg0w==} - engines: {node: '>=6.9.0'} - - '@babel/helper-validator-option@7.24.8': - resolution: {integrity: sha512-xb8t9tD1MHLungh/AIoWYN+gVHaB9kwlu8gffXGSt3FFEIT7RjS+xWbc2vUD1UTZdIpKj/ab3rdqJ7ufngyi2Q==} - engines: {node: '>=6.9.0'} - - '@babel/helper-wrap-function@7.25.0': - resolution: {integrity: sha512-s6Q1ebqutSiZnEjaofc/UKDyC4SbzV5n5SrA2Gq8UawLycr3i04f1dX4OzoQVnexm6aOCh37SQNYlJ/8Ku+PMQ==} - engines: {node: '>=6.9.0'} - - '@babel/helpers@7.25.6': - resolution: {integrity: sha512-Xg0tn4HcfTijTwfDwYlvVCl43V6h4KyVVX2aEm4qdO/PC6L2YvzLHFdmxhoeSA3eslcE6+ZVXHgWwopXYLNq4Q==} - engines: {node: '>=6.9.0'} - - '@babel/highlight@7.24.7': - resolution: {integrity: sha512-EStJpq4OuY8xYfhGVXngigBJRWxftKX9ksiGDnmlY3o7B/V7KIAc9X4oiK87uPJSc/vs5L869bem5fhZa8caZw==} - engines: {node: '>=6.9.0'} - - '@babel/parser@7.25.6': - resolution: {integrity: sha512-trGdfBdbD0l1ZPmcJ83eNxB9rbEax4ALFTF7fN386TMYbeCQbyme5cOEXQhbGXKebwGaB/J52w1mrklMcbgy6Q==} - engines: {node: '>=6.0.0'} - hasBin: true - - '@babel/plugin-bugfix-firefox-class-in-computed-class-key@7.25.3': - resolution: {integrity: sha512-wUrcsxZg6rqBXG05HG1FPYgsP6EvwF4WpBbxIpWIIYnH8wG0gzx3yZY3dtEHas4sTAOGkbTsc9EGPxwff8lRoA==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0 - - '@babel/plugin-bugfix-safari-class-field-initializer-scope@7.25.0': - resolution: {integrity: sha512-Bm4bH2qsX880b/3ziJ8KD711LT7z4u8CFudmjqle65AZj/HNUFhEf90dqYv6O86buWvSBmeQDjv0Tn2aF/bIBA==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0 - - '@babel/plugin-bugfix-safari-id-destructuring-collision-in-function-expression@7.25.0': - resolution: {integrity: sha512-lXwdNZtTmeVOOFtwM/WDe7yg1PL8sYhRk/XH0FzbR2HDQ0xC+EnQ/JHeoMYSavtU115tnUk0q9CDyq8si+LMAA==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0 - - '@babel/plugin-bugfix-v8-spread-parameters-in-optional-chaining@7.24.7': - resolution: {integrity: sha512-+izXIbke1T33mY4MSNnrqhPXDz01WYhEf3yF5NbnUtkiNnm+XBZJl3kNfoK6NKmYlz/D07+l2GWVK/QfDkNCuQ==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.13.0 - - '@babel/plugin-bugfix-v8-static-class-fields-redefine-readonly@7.25.0': - resolution: {integrity: sha512-tggFrk1AIShG/RUQbEwt2Tr/E+ObkfwrPjR6BjbRvsx24+PSjK8zrq0GWPNCjo8qpRx4DuJzlcvWJqlm+0h3kw==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0 - - '@babel/plugin-proposal-private-property-in-object@7.21.0-placeholder-for-preset-env.2': - resolution: {integrity: sha512-SOSkfJDddaM7mak6cPEpswyTRnuRltl429hMraQEglW+OkovnCzsiszTmsrlY//qLFjCpQDFRvjdm2wA5pPm9w==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-syntax-async-generators@7.8.4': - resolution: {integrity: sha512-tycmZxkGfZaxhMRbXlPXuVFpdWlXpir2W4AMhSJgRKzk/eDlIXOhb2LHWoLpDF7TEHylV5zNhykX6KAgHJmTNw==} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-syntax-class-properties@7.12.13': - resolution: {integrity: sha512-fm4idjKla0YahUNgFNLCB0qySdsoPiZP3iQE3rky0mBUtMZ23yDJ9SJdg6dXTSDnulOVqiF3Hgr9nbXvXTQZYA==} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-syntax-class-static-block@7.14.5': - resolution: {integrity: sha512-b+YyPmr6ldyNnM6sqYeMWE+bgJcJpO6yS4QD7ymxgH34GBPNDM/THBh8iunyvKIZztiwLH4CJZ0RxTk9emgpjw==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-syntax-dynamic-import@7.8.3': - resolution: {integrity: sha512-5gdGbFon+PszYzqs83S3E5mpi7/y/8M9eC90MRTZfduQOYW76ig6SOSPNe41IG5LoP3FGBn2N0RjVDSQiS94kQ==} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-syntax-export-namespace-from@7.8.3': - resolution: {integrity: sha512-MXf5laXo6c1IbEbegDmzGPwGNTsHZmEy6QGznu5Sh2UCWvueywb2ee+CCE4zQiZstxU9BMoQO9i6zUFSY0Kj0Q==} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-syntax-import-assertions@7.25.6': - resolution: {integrity: sha512-aABl0jHw9bZ2karQ/uUD6XP4u0SG22SJrOHFoL6XB1R7dTovOP4TzTlsxOYC5yQ1pdscVK2JTUnF6QL3ARoAiQ==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-syntax-import-attributes@7.25.6': - resolution: {integrity: sha512-sXaDXaJN9SNLymBdlWFA+bjzBhFD617ZaFiY13dGt7TVslVvVgA6fkZOP7Ki3IGElC45lwHdOTrCtKZGVAWeLQ==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-syntax-import-meta@7.10.4': - resolution: {integrity: sha512-Yqfm+XDx0+Prh3VSeEQCPU81yC+JWZ2pDPFSS4ZdpfZhp4MkFMaDC1UqseovEKwSUpnIL7+vK+Clp7bfh0iD7g==} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-syntax-json-strings@7.8.3': - resolution: {integrity: sha512-lY6kdGpWHvjoe2vk4WrAapEuBR69EMxZl+RoGRhrFGNYVK8mOPAW8VfbT/ZgrFbXlDNiiaxQnAtgVCZ6jv30EA==} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-syntax-jsx@7.24.7': - resolution: {integrity: sha512-6ddciUPe/mpMnOKv/U+RSd2vvVy+Yw/JfBB0ZHYjEZt9NLHmCUylNYlsbqCCS1Bffjlb0fCwC9Vqz+sBz6PsiQ==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-syntax-logical-assignment-operators@7.10.4': - resolution: {integrity: sha512-d8waShlpFDinQ5MtvGU9xDAOzKH47+FFoney2baFIoMr952hKOLp1HR7VszoZvOsV/4+RRszNY7D17ba0te0ig==} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-syntax-nullish-coalescing-operator@7.8.3': - resolution: {integrity: sha512-aSff4zPII1u2QD7y+F8oDsz19ew4IGEJg9SVW+bqwpwtfFleiQDMdzA/R+UlWDzfnHFCxxleFT0PMIrR36XLNQ==} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-syntax-numeric-separator@7.10.4': - resolution: {integrity: sha512-9H6YdfkcK/uOnY/K7/aA2xpzaAgkQn37yzWUMRK7OaPOqOpGS1+n0H5hxT9AUw9EsSjPW8SVyMJwYRtWs3X3ug==} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-syntax-object-rest-spread@7.8.3': - resolution: {integrity: sha512-XoqMijGZb9y3y2XskN+P1wUGiVwWZ5JmoDRwx5+3GmEplNyVM2s2Dg8ILFQm8rWM48orGy5YpI5Bl8U1y7ydlA==} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-syntax-optional-catch-binding@7.8.3': - resolution: {integrity: sha512-6VPD0Pc1lpTqw0aKoeRTMiB+kWhAoT24PA+ksWSBrFtl5SIRVpZlwN3NNPQjehA2E/91FV3RjLWoVTglWcSV3Q==} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-syntax-optional-chaining@7.8.3': - resolution: {integrity: sha512-KoK9ErH1MBlCPxV0VANkXW2/dw4vlbGDrFgz8bmUsBGYkFRcbRwMh6cIJubdPrkxRwuGdtCk0v/wPTKbQgBjkg==} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-syntax-private-property-in-object@7.14.5': - resolution: {integrity: sha512-0wVnp9dxJ72ZUJDV27ZfbSj6iHLoytYZmh3rFcxNnvsJF3ktkzLDZPy/mA17HGsaQT3/DQsWYX1f1QGWkCoVUg==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-syntax-top-level-await@7.14.5': - resolution: {integrity: sha512-hx++upLv5U1rgYfwe1xBQUhRmU41NEvpUvrp8jkrSCdvGSnM5/qdRMtylJ6PG5OFkBaHkbTAKTnd3/YyESRHFw==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-syntax-typescript@7.25.4': - resolution: {integrity: sha512-uMOCoHVU52BsSWxPOMVv5qKRdeSlPuImUCB2dlPuBSU+W2/ROE7/Zg8F2Kepbk+8yBa68LlRKxO+xgEVWorsDg==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-syntax-unicode-sets-regex@7.18.6': - resolution: {integrity: sha512-727YkEAPwSIQTv5im8QHz3upqp92JTWhidIC81Tdx4VJYIte/VndKf1qKrfnnhPLiPghStWfvC/iFaMCQu7Nqg==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0 - - '@babel/plugin-transform-arrow-functions@7.24.7': - resolution: {integrity: sha512-Dt9LQs6iEY++gXUwY03DNFat5C2NbO48jj+j/bSAz6b3HgPs39qcPiYt77fDObIcFwj3/C2ICX9YMwGflUoSHQ==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-transform-async-generator-functions@7.25.4': - resolution: {integrity: sha512-jz8cV2XDDTqjKPwVPJBIjORVEmSGYhdRa8e5k5+vN+uwcjSrSxUaebBRa4ko1jqNF2uxyg8G6XYk30Jv285xzg==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-transform-async-to-generator@7.24.7': - resolution: {integrity: sha512-SQY01PcJfmQ+4Ash7NE+rpbLFbmqA2GPIgqzxfFTL4t1FKRq4zTms/7htKpoCUI9OcFYgzqfmCdH53s6/jn5fA==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-transform-block-scoped-functions@7.24.7': - resolution: {integrity: sha512-yO7RAz6EsVQDaBH18IDJcMB1HnrUn2FJ/Jslc/WtPPWcjhpUJXU/rjbwmluzp7v/ZzWcEhTMXELnnsz8djWDwQ==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-transform-block-scoping@7.25.0': - resolution: {integrity: sha512-yBQjYoOjXlFv9nlXb3f1casSHOZkWr29NX+zChVanLg5Nc157CrbEX9D7hxxtTpuFy7Q0YzmmWfJxzvps4kXrQ==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-transform-class-properties@7.25.4': - resolution: {integrity: sha512-nZeZHyCWPfjkdU5pA/uHiTaDAFUEqkpzf1YoQT2NeSynCGYq9rxfyI3XpQbfx/a0hSnFH6TGlEXvae5Vi7GD8g==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-transform-class-static-block@7.24.7': - resolution: {integrity: sha512-HMXK3WbBPpZQufbMG4B46A90PkuuhN9vBCb5T8+VAHqvAqvcLi+2cKoukcpmUYkszLhScU3l1iudhrks3DggRQ==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.12.0 - - '@babel/plugin-transform-classes@7.25.4': - resolution: {integrity: sha512-oexUfaQle2pF/b6E0dwsxQtAol9TLSO88kQvym6HHBWFliV2lGdrPieX+WgMRLSJDVzdYywk7jXbLPuO2KLTLg==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-transform-computed-properties@7.24.7': - resolution: {integrity: sha512-25cS7v+707Gu6Ds2oY6tCkUwsJ9YIDbggd9+cu9jzzDgiNq7hR/8dkzxWfKWnTic26vsI3EsCXNd4iEB6e8esQ==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-transform-destructuring@7.24.8': - resolution: {integrity: sha512-36e87mfY8TnRxc7yc6M9g9gOB7rKgSahqkIKwLpz4Ppk2+zC2Cy1is0uwtuSG6AE4zlTOUa+7JGz9jCJGLqQFQ==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-transform-dotall-regex@7.24.7': - resolution: {integrity: sha512-ZOA3W+1RRTSWvyqcMJDLqbchh7U4NRGqwRfFSVbOLS/ePIP4vHB5e8T8eXcuqyN1QkgKyj5wuW0lcS85v4CrSw==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-transform-duplicate-keys@7.24.7': - resolution: {integrity: sha512-JdYfXyCRihAe46jUIliuL2/s0x0wObgwwiGxw/UbgJBr20gQBThrokO4nYKgWkD7uBaqM7+9x5TU7NkExZJyzw==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-transform-duplicate-named-capturing-groups-regex@7.25.0': - resolution: {integrity: sha512-YLpb4LlYSc3sCUa35un84poXoraOiQucUTTu8X1j18JV+gNa8E0nyUf/CjZ171IRGr4jEguF+vzJU66QZhn29g==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0 - - '@babel/plugin-transform-dynamic-import@7.24.7': - resolution: {integrity: sha512-sc3X26PhZQDb3JhORmakcbvkeInvxz+A8oda99lj7J60QRuPZvNAk9wQlTBS1ZynelDrDmTU4pw1tyc5d5ZMUg==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-transform-exponentiation-operator@7.24.7': - resolution: {integrity: sha512-Rqe/vSc9OYgDajNIK35u7ot+KeCoetqQYFXM4Epf7M7ez3lWlOjrDjrwMei6caCVhfdw+mIKD4cgdGNy5JQotQ==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-transform-export-namespace-from@7.24.7': - resolution: {integrity: sha512-v0K9uNYsPL3oXZ/7F9NNIbAj2jv1whUEtyA6aujhekLs56R++JDQuzRcP2/z4WX5Vg/c5lE9uWZA0/iUoFhLTA==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-transform-for-of@7.24.7': - resolution: {integrity: sha512-wo9ogrDG1ITTTBsy46oGiN1dS9A7MROBTcYsfS8DtsImMkHk9JXJ3EWQM6X2SUw4x80uGPlwj0o00Uoc6nEE3g==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-transform-function-name@7.25.1': - resolution: {integrity: sha512-TVVJVdW9RKMNgJJlLtHsKDTydjZAbwIsn6ySBPQaEAUU5+gVvlJt/9nRmqVbsV/IBanRjzWoaAQKLoamWVOUuA==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-transform-json-strings@7.24.7': - resolution: {integrity: sha512-2yFnBGDvRuxAaE/f0vfBKvtnvvqU8tGpMHqMNpTN2oWMKIR3NqFkjaAgGwawhqK/pIN2T3XdjGPdaG0vDhOBGw==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-transform-literals@7.25.2': - resolution: {integrity: sha512-HQI+HcTbm9ur3Z2DkO+jgESMAMcYLuN/A7NRw9juzxAezN9AvqvUTnpKP/9kkYANz6u7dFlAyOu44ejuGySlfw==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-transform-logical-assignment-operators@7.24.7': - resolution: {integrity: sha512-4D2tpwlQ1odXmTEIFWy9ELJcZHqrStlzK/dAOWYyxX3zT0iXQB6banjgeOJQXzEc4S0E0a5A+hahxPaEFYftsw==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-transform-member-expression-literals@7.24.7': - resolution: {integrity: sha512-T/hRC1uqrzXMKLQ6UCwMT85S3EvqaBXDGf0FaMf4446Qx9vKwlghvee0+uuZcDUCZU5RuNi4781UQ7R308zzBw==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-transform-modules-amd@7.24.7': - resolution: {integrity: sha512-9+pB1qxV3vs/8Hdmz/CulFB8w2tuu6EB94JZFsjdqxQokwGa9Unap7Bo2gGBGIvPmDIVvQrom7r5m/TCDMURhg==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-transform-modules-commonjs@7.24.8': - resolution: {integrity: sha512-WHsk9H8XxRs3JXKWFiqtQebdh9b/pTk4EgueygFzYlTKAg0Ud985mSevdNjdXdFBATSKVJGQXP1tv6aGbssLKA==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-transform-modules-systemjs@7.25.0': - resolution: {integrity: sha512-YPJfjQPDXxyQWg/0+jHKj1llnY5f/R6a0p/vP4lPymxLu7Lvl4k2WMitqi08yxwQcCVUUdG9LCUj4TNEgAp3Jw==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-transform-modules-umd@7.24.7': - resolution: {integrity: sha512-3aytQvqJ/h9z4g8AsKPLvD4Zqi2qT+L3j7XoFFu1XBlZWEl2/1kWnhmAbxpLgPrHSY0M6UA02jyTiwUVtiKR6A==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-transform-named-capturing-groups-regex@7.24.7': - resolution: {integrity: sha512-/jr7h/EWeJtk1U/uz2jlsCioHkZk1JJZVcc8oQsJ1dUlaJD83f4/6Zeh2aHt9BIFokHIsSeDfhUmju0+1GPd6g==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0 - - '@babel/plugin-transform-new-target@7.24.7': - resolution: {integrity: sha512-RNKwfRIXg4Ls/8mMTza5oPF5RkOW8Wy/WgMAp1/F1yZ8mMbtwXW+HDoJiOsagWrAhI5f57Vncrmr9XeT4CVapA==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-transform-nullish-coalescing-operator@7.24.7': - resolution: {integrity: sha512-Ts7xQVk1OEocqzm8rHMXHlxvsfZ0cEF2yomUqpKENHWMF4zKk175Y4q8H5knJes6PgYad50uuRmt3UJuhBw8pQ==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-transform-numeric-separator@7.24.7': - resolution: {integrity: sha512-e6q1TiVUzvH9KRvicuxdBTUj4AdKSRwzIyFFnfnezpCfP2/7Qmbb8qbU2j7GODbl4JMkblitCQjKYUaX/qkkwA==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-transform-object-rest-spread@7.24.7': - resolution: {integrity: sha512-4QrHAr0aXQCEFni2q4DqKLD31n2DL+RxcwnNjDFkSG0eNQ/xCavnRkfCUjsyqGC2OviNJvZOF/mQqZBw7i2C5Q==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-transform-object-super@7.24.7': - resolution: {integrity: sha512-A/vVLwN6lBrMFmMDmPPz0jnE6ZGx7Jq7d6sT/Ev4H65RER6pZ+kczlf1DthF5N0qaPHBsI7UXiE8Zy66nmAovg==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-transform-optional-catch-binding@7.24.7': - resolution: {integrity: sha512-uLEndKqP5BfBbC/5jTwPxLh9kqPWWgzN/f8w6UwAIirAEqiIVJWWY312X72Eub09g5KF9+Zn7+hT7sDxmhRuKA==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-transform-optional-chaining@7.24.8': - resolution: {integrity: sha512-5cTOLSMs9eypEy8JUVvIKOu6NgvbJMnpG62VpIHrTmROdQ+L5mDAaI40g25k5vXti55JWNX5jCkq3HZxXBQANw==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-transform-parameters@7.24.7': - resolution: {integrity: sha512-yGWW5Rr+sQOhK0Ot8hjDJuxU3XLRQGflvT4lhlSY0DFvdb3TwKaY26CJzHtYllU0vT9j58hc37ndFPsqT1SrzA==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-transform-private-methods@7.25.4': - resolution: {integrity: sha512-ao8BG7E2b/URaUQGqN3Tlsg+M3KlHY6rJ1O1gXAEUnZoyNQnvKyH87Kfg+FoxSeyWUB8ISZZsC91C44ZuBFytw==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-transform-private-property-in-object@7.24.7': - resolution: {integrity: sha512-9z76mxwnwFxMyxZWEgdgECQglF2Q7cFLm0kMf8pGwt+GSJsY0cONKj/UuO4bOH0w/uAel3ekS4ra5CEAyJRmDA==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-transform-property-literals@7.24.7': - resolution: {integrity: sha512-EMi4MLQSHfd2nrCqQEWxFdha2gBCqU4ZcCng4WBGZ5CJL4bBRW0ptdqqDdeirGZcpALazVVNJqRmsO8/+oNCBA==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-transform-regenerator@7.24.7': - resolution: {integrity: sha512-lq3fvXPdimDrlg6LWBoqj+r/DEWgONuwjuOuQCSYgRroXDH/IdM1C0IZf59fL5cHLpjEH/O6opIRBbqv7ELnuA==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-transform-reserved-words@7.24.7': - resolution: {integrity: sha512-0DUq0pHcPKbjFZCfTss/pGkYMfy3vFWydkUBd9r0GHpIyfs2eCDENvqadMycRS9wZCXR41wucAfJHJmwA0UmoQ==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-transform-shorthand-properties@7.24.7': - resolution: {integrity: sha512-KsDsevZMDsigzbA09+vacnLpmPH4aWjcZjXdyFKGzpplxhbeB4wYtury3vglQkg6KM/xEPKt73eCjPPf1PgXBA==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-transform-spread@7.24.7': - resolution: {integrity: sha512-x96oO0I09dgMDxJaANcRyD4ellXFLLiWhuwDxKZX5g2rWP1bTPkBSwCYv96VDXVT1bD9aPj8tppr5ITIh8hBng==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-transform-sticky-regex@7.24.7': - resolution: {integrity: sha512-kHPSIJc9v24zEml5geKg9Mjx5ULpfncj0wRpYtxbvKyTtHCYDkVE3aHQ03FrpEo4gEe2vrJJS1Y9CJTaThA52g==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-transform-template-literals@7.24.7': - resolution: {integrity: sha512-AfDTQmClklHCOLxtGoP7HkeMw56k1/bTQjwsfhL6pppo/M4TOBSq+jjBUBLmV/4oeFg4GWMavIl44ZeCtmmZTw==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-transform-typeof-symbol@7.24.8': - resolution: {integrity: sha512-adNTUpDCVnmAE58VEqKlAA6ZBlNkMnWD0ZcW76lyNFN3MJniyGFZfNwERVk8Ap56MCnXztmDr19T4mPTztcuaw==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-transform-typescript@7.25.2': - resolution: {integrity: sha512-lBwRvjSmqiMYe/pS0+1gggjJleUJi7NzjvQ1Fkqtt69hBa/0t1YuW/MLQMAPixfwaQOHUXsd6jeU3Z+vdGv3+A==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-transform-unicode-escapes@7.24.7': - resolution: {integrity: sha512-U3ap1gm5+4edc2Q/P+9VrBNhGkfnf+8ZqppY71Bo/pzZmXhhLdqgaUl6cuB07O1+AQJtCLfaOmswiNbSQ9ivhw==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-transform-unicode-property-regex@7.24.7': - resolution: {integrity: sha512-uH2O4OV5M9FZYQrwc7NdVmMxQJOCCzFeYudlZSzUAHRFeOujQefa92E74TQDVskNHCzOXoigEuoyzHDhaEaK5w==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-transform-unicode-regex@7.24.7': - resolution: {integrity: sha512-hlQ96MBZSAXUq7ltkjtu3FJCCSMx/j629ns3hA3pXnBXjanNP0LHi+JpPeA81zaWgVK1VGH95Xuy7u0RyQ8kMg==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/plugin-transform-unicode-sets-regex@7.25.4': - resolution: {integrity: sha512-qesBxiWkgN1Q+31xUE9RcMk79eOXXDCv6tfyGMRSs4RGlioSg2WVyQAm07k726cSE56pa+Kb0y9epX2qaXzTvA==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0 - - '@babel/preset-env@7.25.4': - resolution: {integrity: sha512-W9Gyo+KmcxjGahtt3t9fb14vFRWvPpu5pT6GBlovAK6BTBcxgjfVMSQCfJl4oi35ODrxP6xx2Wr8LNST57Mraw==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/preset-modules@0.1.6-no-external-plugins': - resolution: {integrity: sha512-HrcgcIESLm9aIR842yhJ5RWan/gebQUJ6E/E5+rf0y9o6oj7w0Br+sWuL6kEQ/o/AdfvR1Je9jG18/gnpwjEyA==} - peerDependencies: - '@babel/core': ^7.0.0-0 || ^8.0.0-0 <8.0.0 - - '@babel/preset-typescript@7.24.7': - resolution: {integrity: sha512-SyXRe3OdWwIwalxDg5UtJnJQO+YPcTfwiIY2B0Xlddh9o7jpWLvv8X1RthIeDOxQ+O1ML5BLPCONToObyVQVuQ==} - engines: {node: '>=6.9.0'} - peerDependencies: - '@babel/core': ^7.0.0-0 - - '@babel/regjsgen@0.8.0': - resolution: {integrity: sha512-x/rqGMdzj+fWZvCOYForTghzbtqPDZ5gPwaoNGHdgDfF2QA/XZbCBp4Moo5scrkAMPhB7z26XM/AaHuIJdgauA==} - - '@babel/runtime@7.25.6': - resolution: {integrity: sha512-VBj9MYyDb9tuLq7yzqjgzt6Q+IBQLrGZfdjOekyEirZPHxXWoTSGUTMrpsfi58Up73d13NfYLv8HT9vmznjzhQ==} - engines: {node: '>=6.9.0'} - - '@babel/template@7.25.0': - resolution: {integrity: sha512-aOOgh1/5XzKvg1jvVz7AVrx2piJ2XBi227DHmbY6y+bM9H2FlN+IfecYu4Xl0cNiiVejlsCri89LUsbj8vJD9Q==} - engines: {node: '>=6.9.0'} - - '@babel/traverse@7.25.6': - resolution: {integrity: sha512-9Vrcx5ZW6UwK5tvqsj0nGpp/XzqthkT0dqIc9g1AdtygFToNtTF67XzYS//dm+SAK9cp3B9R4ZO/46p63SCjlQ==} - engines: {node: '>=6.9.0'} - - '@babel/types@7.25.6': - resolution: {integrity: sha512-/l42B1qxpG6RdfYf343Uw1vmDjeNhneUXtzhojE7pDgfpEypmRhI6j1kr17XCVv4Cgl9HdAiQY2x0GwKm7rWCw==} - engines: {node: '>=6.9.0'} - - '@cspotcode/source-map-support@0.8.1': - resolution: {integrity: sha512-IchNf6dN4tHoMFIn/7OE8LWZ19Y6q/67Bmf6vnGREv8RSbBVb9LPJxEcnwrcwX6ixSvaiGoomAUvu4YSxXrVgw==} - engines: {node: '>=12'} - - '@emnapi/runtime@1.2.0': - resolution: {integrity: sha512-bV21/9LQmcQeCPEg3BDFtvwL6cwiTMksYNWQQ4KOxCZikEGalWtenoZ0wCiukJINlGCIi2KXx01g4FoH/LxpzQ==} - - '@esbuild/aix-ppc64@0.23.1': - resolution: {integrity: sha512-6VhYk1diRqrhBAqpJEdjASR/+WVRtfjpqKuNw11cLiaWpAT/Uu+nokB+UJnevzy/P9C/ty6AOe0dwueMrGh/iQ==} - engines: {node: '>=18'} - cpu: [ppc64] - os: [aix] - - '@esbuild/android-arm64@0.23.1': - resolution: {integrity: sha512-xw50ipykXcLstLeWH7WRdQuysJqejuAGPd30vd1i5zSyKK3WE+ijzHmLKxdiCMtH1pHz78rOg0BKSYOSB/2Khw==} - engines: {node: '>=18'} - cpu: [arm64] - os: [android] - - '@esbuild/android-arm@0.23.1': - resolution: {integrity: sha512-uz6/tEy2IFm9RYOyvKl88zdzZfwEfKZmnX9Cj1BHjeSGNuGLuMD1kR8y5bteYmwqKm1tj8m4cb/aKEorr6fHWQ==} - engines: {node: '>=18'} - cpu: [arm] - os: [android] - - '@esbuild/android-x64@0.23.1': - resolution: {integrity: sha512-nlN9B69St9BwUoB+jkyU090bru8L0NA3yFvAd7k8dNsVH8bi9a8cUAUSEcEEgTp2z3dbEDGJGfP6VUnkQnlReg==} - engines: {node: '>=18'} - cpu: [x64] - os: [android] - - '@esbuild/darwin-arm64@0.23.1': - resolution: {integrity: sha512-YsS2e3Wtgnw7Wq53XXBLcV6JhRsEq8hkfg91ESVadIrzr9wO6jJDMZnCQbHm1Guc5t/CdDiFSSfWP58FNuvT3Q==} - engines: {node: '>=18'} - cpu: [arm64] - os: [darwin] - - '@esbuild/darwin-x64@0.23.1': - resolution: {integrity: sha512-aClqdgTDVPSEGgoCS8QDG37Gu8yc9lTHNAQlsztQ6ENetKEO//b8y31MMu2ZaPbn4kVsIABzVLXYLhCGekGDqw==} - engines: {node: '>=18'} - cpu: [x64] - os: [darwin] - - '@esbuild/freebsd-arm64@0.23.1': - resolution: {integrity: sha512-h1k6yS8/pN/NHlMl5+v4XPfikhJulk4G+tKGFIOwURBSFzE8bixw1ebjluLOjfwtLqY0kewfjLSrO6tN2MgIhA==} - engines: {node: '>=18'} - cpu: [arm64] - os: [freebsd] - - '@esbuild/freebsd-x64@0.23.1': - resolution: {integrity: sha512-lK1eJeyk1ZX8UklqFd/3A60UuZ/6UVfGT2LuGo3Wp4/z7eRTRYY+0xOu2kpClP+vMTi9wKOfXi2vjUpO1Ro76g==} - engines: {node: '>=18'} - cpu: [x64] - os: [freebsd] - - '@esbuild/linux-arm64@0.23.1': - resolution: {integrity: sha512-/93bf2yxencYDnItMYV/v116zff6UyTjo4EtEQjUBeGiVpMmffDNUyD9UN2zV+V3LRV3/on4xdZ26NKzn6754g==} - engines: {node: '>=18'} - cpu: [arm64] - os: [linux] - - '@esbuild/linux-arm@0.23.1': - resolution: {integrity: sha512-CXXkzgn+dXAPs3WBwE+Kvnrf4WECwBdfjfeYHpMeVxWE0EceB6vhWGShs6wi0IYEqMSIzdOF1XjQ/Mkm5d7ZdQ==} - engines: {node: '>=18'} - cpu: [arm] - os: [linux] - - '@esbuild/linux-ia32@0.23.1': - resolution: {integrity: sha512-VTN4EuOHwXEkXzX5nTvVY4s7E/Krz7COC8xkftbbKRYAl96vPiUssGkeMELQMOnLOJ8k3BY1+ZY52tttZnHcXQ==} - engines: {node: '>=18'} - cpu: [ia32] - os: [linux] - - '@esbuild/linux-loong64@0.23.1': - resolution: {integrity: sha512-Vx09LzEoBa5zDnieH8LSMRToj7ir/Jeq0Gu6qJ/1GcBq9GkfoEAoXvLiW1U9J1qE/Y/Oyaq33w5p2ZWrNNHNEw==} - engines: {node: '>=18'} - cpu: [loong64] - os: [linux] - - '@esbuild/linux-mips64el@0.23.1': - resolution: {integrity: sha512-nrFzzMQ7W4WRLNUOU5dlWAqa6yVeI0P78WKGUo7lg2HShq/yx+UYkeNSE0SSfSure0SqgnsxPvmAUu/vu0E+3Q==} - engines: {node: '>=18'} - cpu: [mips64el] - os: [linux] - - '@esbuild/linux-ppc64@0.23.1': - resolution: {integrity: sha512-dKN8fgVqd0vUIjxuJI6P/9SSSe/mB9rvA98CSH2sJnlZ/OCZWO1DJvxj8jvKTfYUdGfcq2dDxoKaC6bHuTlgcw==} - engines: {node: '>=18'} - cpu: [ppc64] - os: [linux] - - '@esbuild/linux-riscv64@0.23.1': - resolution: {integrity: sha512-5AV4Pzp80fhHL83JM6LoA6pTQVWgB1HovMBsLQ9OZWLDqVY8MVobBXNSmAJi//Csh6tcY7e7Lny2Hg1tElMjIA==} - engines: {node: '>=18'} - cpu: [riscv64] - os: [linux] - - '@esbuild/linux-s390x@0.23.1': - resolution: {integrity: sha512-9ygs73tuFCe6f6m/Tb+9LtYxWR4c9yg7zjt2cYkjDbDpV/xVn+68cQxMXCjUpYwEkze2RcU/rMnfIXNRFmSoDw==} - engines: {node: '>=18'} - cpu: [s390x] - os: [linux] - - '@esbuild/linux-x64@0.23.1': - resolution: {integrity: sha512-EV6+ovTsEXCPAp58g2dD68LxoP/wK5pRvgy0J/HxPGB009omFPv3Yet0HiaqvrIrgPTBuC6wCH1LTOY91EO5hQ==} - engines: {node: '>=18'} - cpu: [x64] - os: [linux] - - '@esbuild/netbsd-x64@0.23.1': - resolution: {integrity: sha512-aevEkCNu7KlPRpYLjwmdcuNz6bDFiE7Z8XC4CPqExjTvrHugh28QzUXVOZtiYghciKUacNktqxdpymplil1beA==} - engines: {node: '>=18'} - cpu: [x64] - os: [netbsd] - - '@esbuild/openbsd-arm64@0.23.1': - resolution: {integrity: sha512-3x37szhLexNA4bXhLrCC/LImN/YtWis6WXr1VESlfVtVeoFJBRINPJ3f0a/6LV8zpikqoUg4hyXw0sFBt5Cr+Q==} - engines: {node: '>=18'} - cpu: [arm64] - os: [openbsd] - - '@esbuild/openbsd-x64@0.23.1': - resolution: {integrity: sha512-aY2gMmKmPhxfU+0EdnN+XNtGbjfQgwZj43k8G3fyrDM/UdZww6xrWxmDkuz2eCZchqVeABjV5BpildOrUbBTqA==} - engines: {node: '>=18'} - cpu: [x64] - os: [openbsd] - - '@esbuild/sunos-x64@0.23.1': - resolution: {integrity: sha512-RBRT2gqEl0IKQABT4XTj78tpk9v7ehp+mazn2HbUeZl1YMdaGAQqhapjGTCe7uw7y0frDi4gS0uHzhvpFuI1sA==} - engines: {node: '>=18'} - cpu: [x64] - os: [sunos] - - '@esbuild/win32-arm64@0.23.1': - resolution: {integrity: sha512-4O+gPR5rEBe2FpKOVyiJ7wNDPA8nGzDuJ6gN4okSA1gEOYZ67N8JPk58tkWtdtPeLz7lBnY6I5L3jdsr3S+A6A==} - engines: {node: '>=18'} - cpu: [arm64] - os: [win32] - - '@esbuild/win32-ia32@0.23.1': - resolution: {integrity: sha512-BcaL0Vn6QwCwre3Y717nVHZbAa4UBEigzFm6VdsVdT/MbZ38xoj1X9HPkZhbmaBGUD1W8vxAfffbDe8bA6AKnQ==} - engines: {node: '>=18'} - cpu: [ia32] - os: [win32] - - '@esbuild/win32-x64@0.23.1': - resolution: {integrity: sha512-BHpFFeslkWrXWyUPnbKm+xYYVYruCinGcftSBaa8zoF9hZO4BcSCFUvHVTtzpIY6YzUnYtuEhZ+C9iEXjxnasg==} - engines: {node: '>=18'} - cpu: [x64] - os: [win32] - - '@fastify/accept-negotiator@1.1.0': - resolution: {integrity: sha512-OIHZrb2ImZ7XG85HXOONLcJWGosv7sIvM2ifAPQVhg9Lv7qdmMBNVaai4QTdyuaqbKM5eO6sLSQOYI7wEQeCJQ==} - engines: {node: '>=14'} - - '@fastify/ajv-compiler@3.6.0': - resolution: {integrity: sha512-LwdXQJjmMD+GwLOkP7TVC68qa+pSSogeWWmznRJ/coyTcfe9qA05AHFSe1eZFwK6q+xVRpChnvFUkf1iYaSZsQ==} - - '@fastify/error@3.4.1': - resolution: {integrity: sha512-wWSvph+29GR783IhmvdwWnN4bUxTD01Vm5Xad4i7i1VuAOItLvbPAb69sb0IQ2N57yprvhNIwAP5B6xfKTmjmQ==} - - '@fastify/fast-json-stringify-compiler@4.3.0': - resolution: {integrity: sha512-aZAXGYo6m22Fk1zZzEUKBvut/CIIQe/BapEORnxiD5Qr0kPHqqI69NtEMCme74h+at72sPhbkb4ZrLd1W3KRLA==} - - '@fastify/merge-json-schemas@0.1.1': - resolution: {integrity: sha512-fERDVz7topgNjtXsJTTW1JKLy0rhuLRcquYqNR9rF7OcVpCa2OVW49ZPDIhaRRCaUuvVxI+N416xUoF76HNSXA==} - - '@fastify/send@2.1.0': - resolution: {integrity: sha512-yNYiY6sDkexoJR0D8IDy3aRP3+L4wdqCpvx5WP+VtEU58sn7USmKynBzDQex5X42Zzvw2gNzzYgP90UfWShLFA==} - - '@fastify/static@7.0.4': - resolution: {integrity: sha512-p2uKtaf8BMOZWLs6wu+Ihg7bWNBdjNgCwDza4MJtTqg+5ovKmcbgbR9Xs5/smZ1YISfzKOCNYmZV8LaCj+eJ1Q==} - - '@fastify/swagger-ui@4.1.0': - resolution: {integrity: sha512-Bqsd6VFQR7WoT6eRammOF8/gXf5GKywq2zYy8/3fj2rsZw43cmXdfsEKxVAmAwOW2Nv+dnyQaf5qM6kBqyXRlw==} - - '@fastify/swagger@8.15.0': - resolution: {integrity: sha512-zy+HEEKFqPMS2sFUsQU5X0MHplhKJvWeohBwTCkBAJA/GDYGLGUWQaETEhptiqxK7Hs0fQB9B4MDb3pbwIiCwA==} - - '@grpc/grpc-js@1.11.1': - resolution: {integrity: sha512-gyt/WayZrVPH2w/UTLansS7F9Nwld472JxxaETamrM8HNlsa+jSLNyKAZmhxI2Me4c3mQHFiS1wWHDY1g1Kthw==} - engines: {node: '>=12.10.0'} - - '@grpc/proto-loader@0.7.13': - resolution: {integrity: sha512-AiXO/bfe9bmxBjxxtYxFAXGZvMaN5s8kO+jBHAJCON8rJoB5YS/D6X7ZNc6XQkuHNmyl4CYaMI1fJ/Gn27RGGw==} - engines: {node: '>=6'} - hasBin: true - - '@img/sharp-darwin-arm64@0.33.5': - resolution: {integrity: sha512-UT4p+iz/2H4twwAoLCqfA9UH5pI6DggwKEGuaPy7nCVQ8ZsiY5PIcrRvD1DzuY3qYL07NtIQcWnBSY/heikIFQ==} - engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0} - cpu: [arm64] - os: [darwin] - - '@img/sharp-darwin-x64@0.33.5': - resolution: {integrity: sha512-fyHac4jIc1ANYGRDxtiqelIbdWkIuQaI84Mv45KvGRRxSAa7o7d1ZKAOBaYbnepLC1WqxfpimdeWfvqqSGwR2Q==} - engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0} - cpu: [x64] - os: [darwin] - - '@img/sharp-libvips-darwin-arm64@1.0.4': - resolution: {integrity: sha512-XblONe153h0O2zuFfTAbQYAX2JhYmDHeWikp1LM9Hul9gVPjFY427k6dFEcOL72O01QxQsWi761svJ/ev9xEDg==} - cpu: [arm64] - os: [darwin] - - '@img/sharp-libvips-darwin-x64@1.0.4': - resolution: {integrity: sha512-xnGR8YuZYfJGmWPvmlunFaWJsb9T/AO2ykoP3Fz/0X5XV2aoYBPkX6xqCQvUTKKiLddarLaxpzNe+b1hjeWHAQ==} - cpu: [x64] - os: [darwin] - - '@img/sharp-libvips-linux-arm64@1.0.4': - resolution: {integrity: sha512-9B+taZ8DlyyqzZQnoeIvDVR/2F4EbMepXMc/NdVbkzsJbzkUjhXv/70GQJ7tdLA4YJgNP25zukcxpX2/SueNrA==} - cpu: [arm64] - os: [linux] - - '@img/sharp-libvips-linux-arm@1.0.5': - resolution: {integrity: sha512-gvcC4ACAOPRNATg/ov8/MnbxFDJqf/pDePbBnuBDcjsI8PssmjoKMAz4LtLaVi+OnSb5FK/yIOamqDwGmXW32g==} - cpu: [arm] - os: [linux] - - '@img/sharp-libvips-linux-s390x@1.0.4': - resolution: {integrity: sha512-u7Wz6ntiSSgGSGcjZ55im6uvTrOxSIS8/dgoVMoiGE9I6JAfU50yH5BoDlYA1tcuGS7g/QNtetJnxA6QEsCVTA==} - cpu: [s390x] - os: [linux] - - '@img/sharp-libvips-linux-x64@1.0.4': - resolution: {integrity: sha512-MmWmQ3iPFZr0Iev+BAgVMb3ZyC4KeFc3jFxnNbEPas60e1cIfevbtuyf9nDGIzOaW9PdnDciJm+wFFaTlj5xYw==} - cpu: [x64] - os: [linux] - - '@img/sharp-libvips-linuxmusl-arm64@1.0.4': - resolution: {integrity: sha512-9Ti+BbTYDcsbp4wfYib8Ctm1ilkugkA/uscUn6UXK1ldpC1JjiXbLfFZtRlBhjPZ5o1NCLiDbg8fhUPKStHoTA==} - cpu: [arm64] - os: [linux] - - '@img/sharp-libvips-linuxmusl-x64@1.0.4': - resolution: {integrity: sha512-viYN1KX9m+/hGkJtvYYp+CCLgnJXwiQB39damAO7WMdKWlIhmYTfHjwSbQeUK/20vY154mwezd9HflVFM1wVSw==} - cpu: [x64] - os: [linux] - - '@img/sharp-linux-arm64@0.33.5': - resolution: {integrity: sha512-JMVv+AMRyGOHtO1RFBiJy/MBsgz0x4AWrT6QoEVVTyh1E39TrCUpTRI7mx9VksGX4awWASxqCYLCV4wBZHAYxA==} - engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0} - cpu: [arm64] - os: [linux] - - '@img/sharp-linux-arm@0.33.5': - resolution: {integrity: sha512-JTS1eldqZbJxjvKaAkxhZmBqPRGmxgu+qFKSInv8moZ2AmT5Yib3EQ1c6gp493HvrvV8QgdOXdyaIBrhvFhBMQ==} - engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0} - cpu: [arm] - os: [linux] - - '@img/sharp-linux-s390x@0.33.5': - resolution: {integrity: sha512-y/5PCd+mP4CA/sPDKl2961b+C9d+vPAveS33s6Z3zfASk2j5upL6fXVPZi7ztePZ5CuH+1kW8JtvxgbuXHRa4Q==} - engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0} - cpu: [s390x] - os: [linux] - - '@img/sharp-linux-x64@0.33.5': - resolution: {integrity: sha512-opC+Ok5pRNAzuvq1AG0ar+1owsu842/Ab+4qvU879ippJBHvyY5n2mxF1izXqkPYlGuP/M556uh53jRLJmzTWA==} - engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0} - cpu: [x64] - os: [linux] - - '@img/sharp-linuxmusl-arm64@0.33.5': - resolution: {integrity: sha512-XrHMZwGQGvJg2V/oRSUfSAfjfPxO+4DkiRh6p2AFjLQztWUuY/o8Mq0eMQVIY7HJ1CDQUJlxGGZRw1a5bqmd1g==} - engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0} - cpu: [arm64] - os: [linux] - - '@img/sharp-linuxmusl-x64@0.33.5': - resolution: {integrity: sha512-WT+d/cgqKkkKySYmqoZ8y3pxx7lx9vVejxW/W4DOFMYVSkErR+w7mf2u8m/y4+xHe7yY9DAXQMWQhpnMuFfScw==} - engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0} - cpu: [x64] - os: [linux] - - '@img/sharp-wasm32@0.33.5': - resolution: {integrity: sha512-ykUW4LVGaMcU9lu9thv85CbRMAwfeadCJHRsg2GmeRa/cJxsVY9Rbd57JcMxBkKHag5U/x7TSBpScF4U8ElVzg==} - engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0} - cpu: [wasm32] - - '@img/sharp-win32-ia32@0.33.5': - resolution: {integrity: sha512-T36PblLaTwuVJ/zw/LaH0PdZkRz5rd3SmMHX8GSmR7vtNSP5Z6bQkExdSK7xGWyxLw4sUknBuugTelgw2faBbQ==} - engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0} - cpu: [ia32] - os: [win32] - - '@img/sharp-win32-x64@0.33.5': - resolution: {integrity: sha512-MpY/o8/8kj+EcnxwvrP4aTJSWw/aZ7JIGR4aBeZkZw5B7/Jn+tY9/VNwtcoGmdT7GfggGIU4kygOMSbYnOrAbg==} - engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0} - cpu: [x64] - os: [win32] - - '@isaacs/cliui@8.0.2': - resolution: {integrity: sha512-O8jcjabXaleOG9DQ0+ARXWZBTfnP4WNAqzuiJK7ll44AmxGKv/J2M4TPjxjY3znBCfvBXFzucm1twdyFybFqEA==} - engines: {node: '>=12'} - - '@jridgewell/gen-mapping@0.3.5': - resolution: {integrity: sha512-IzL8ZoEDIBRWEzlCcRhOaCupYyN5gdIK+Q6fbFdPDg6HqX6jpkItn7DFIpW9LQzXG6Df9sA7+OKnq0qlz/GaQg==} - engines: {node: '>=6.0.0'} - - '@jridgewell/resolve-uri@3.1.2': - resolution: {integrity: sha512-bRISgCIjP20/tbWSPWMEi54QVPRZExkuD9lJL+UIxUKtwVJA8wW1Trb1jMs1RFXo1CBTNZ/5hpC9QvmKWdopKw==} - engines: {node: '>=6.0.0'} - - '@jridgewell/set-array@1.2.1': - resolution: {integrity: sha512-R8gLRTZeyp03ymzP/6Lil/28tGeGEzhx1q2k703KGWRAI1VdvPIXdG70VJc2pAMw3NA6JKL5hhFu1sJX0Mnn/A==} - engines: {node: '>=6.0.0'} - - '@jridgewell/source-map@0.3.6': - resolution: {integrity: sha512-1ZJTZebgqllO79ue2bm3rIGud/bOe0pP5BjSRCRxxYkEZS8STV7zN84UBbiYu7jy+eCKSnVIUgoWWE/tt+shMQ==} - - '@jridgewell/sourcemap-codec@1.5.0': - resolution: {integrity: sha512-gv3ZRaISU3fjPAgNsriBRqGWQL6quFx04YMPW/zD8XMLsU32mhCCbfbO6KZFLjvYpCZ8zyDEgqsgf+PwPaM7GQ==} - - '@jridgewell/trace-mapping@0.3.25': - resolution: {integrity: sha512-vNk6aEwybGtawWmy/PzwnGDOjCkLWSD2wqvjGGAgOAwCGWySYXfYoxt00IJkTF+8Lb57DwOb3Aa0o9CApepiYQ==} - - '@jridgewell/trace-mapping@0.3.9': - resolution: {integrity: sha512-3Belt6tdc8bPgAtbcmdtNJlirVoTmEb5e2gC94PnkwEW9jI6CAHUeoG85tjWP5WquqfavoMtMwiG4P926ZKKuQ==} - - '@js-sdsl/ordered-map@4.4.2': - resolution: {integrity: sha512-iUKgm52T8HOE/makSxjqoWhe95ZJA1/G1sYsGev2JDKUSS14KAgg1LHb+Ba+IPow0xflbnSkOsZcO08C7w1gYw==} - - '@jsdevtools/ono@7.1.3': - resolution: {integrity: sha512-4JQNk+3mVzK3xh2rqd6RB4J46qUR19azEHBneZyTZM+c456qOrbbM/5xcR8huNCCcbVt7+UmizG6GuUvPvKUYg==} - - '@jsonjoy.com/base64@1.1.2': - resolution: {integrity: sha512-q6XAnWQDIMA3+FTiOYajoYqySkO+JSat0ytXGSuRdq9uXE7o92gzuQwQM14xaCRlBLGq3v5miDGC4vkVTn54xA==} - engines: {node: '>=10.0'} - peerDependencies: - tslib: '2' - - '@jsonjoy.com/json-pack@1.1.0': - resolution: {integrity: sha512-zlQONA+msXPPwHWZMKFVS78ewFczIll5lXiVPwFPCZUsrOKdxc2AvxU1HoNBmMRhqDZUR9HkC3UOm+6pME6Xsg==} - engines: {node: '>=10.0'} - peerDependencies: - tslib: '2' - - '@jsonjoy.com/util@1.3.0': - resolution: {integrity: sha512-Cebt4Vk7k1xHy87kHY7KSPLT77A7Ev7IfOblyLZhtYEhrdQ6fX4EoLq3xOQ3O/DRMEh2ok5nyC180E+ABS8Wmw==} - engines: {node: '>=10.0'} - peerDependencies: - tslib: '2' - - '@lukeed/ms@2.0.2': - resolution: {integrity: sha512-9I2Zn6+NJLfaGoz9jN3lpwDgAYvfGeNYdbAIjJOqzs4Tpc+VU3Jqq4IofSUBKajiDS8k9fZIg18/z13mpk1bsA==} - engines: {node: '>=8'} - - '@noble/hashes@1.5.0': - resolution: {integrity: sha512-1j6kQFb7QRru7eKN3ZDvRcP13rugwdxZqCjbiAVZfIJwgj2A65UmT4TgARXGlXgnRkORLTDTrO19ZErt7+QXgA==} - engines: {node: ^14.21.3 || >=16} - - '@nodelib/fs.scandir@2.1.5': - resolution: {integrity: sha512-vq24Bq3ym5HEQm2NKCr3yXDwjc7vTsEThRDnkp2DK9p1uqLR+DHurm/NOTo0KG7HYHU7eppKZj3MyqYuMBf62g==} - engines: {node: '>= 8'} - - '@nodelib/fs.stat@2.0.5': - resolution: {integrity: sha512-RkhPPp2zrqDAQA/2jNhnztcPAlv64XdhIp7a7454A5ovI7Bukxgt7MX7udwAu3zg1DcpPU0rz3VV1SeaqvY4+A==} - engines: {node: '>= 8'} - - '@nodelib/fs.walk@1.2.8': - resolution: {integrity: sha512-oGB+UxlgWcgQkgwo8GcEGwemoTFt3FIO9ababBmaGwXIoBKZ+GTy0pP185beGg7Llih/NSHSV2XAs1lnznocSg==} - engines: {node: '>= 8'} - - '@paralleldrive/cuid2@2.2.2': - resolution: {integrity: sha512-ZOBkgDwEdoYVlSeRbYYXs0S9MejQofiVYoTbKzy/6GQa39/q5tQU2IX46+shYnUkpEl3wc+J6wRlar7r2EK2xA==} - - '@pkgjs/parseargs@0.11.0': - resolution: {integrity: sha512-+1VkjdD0QBLPodGrJUeqarH8VAIvQODIbwh9XpP5Syisf7YoQgsJKPNFoqqLQlu+VQ/tVSshMR6loPMn8U+dPg==} - engines: {node: '>=14'} - - '@protobufjs/aspromise@1.1.2': - resolution: {integrity: sha512-j+gKExEuLmKwvz3OgROXtrJ2UG2x8Ch2YZUxahh+s1F2HZ+wAceUNLkvy6zKCPVRkU++ZWQrdxsUeQXmcg4uoQ==} - - '@protobufjs/base64@1.1.2': - resolution: {integrity: sha512-AZkcAA5vnN/v4PDqKyMR5lx7hZttPDgClv83E//FMNhR2TMcLUhfRUBHCmSl0oi9zMgDDqRUJkSxO3wm85+XLg==} - - '@protobufjs/codegen@2.0.4': - resolution: {integrity: sha512-YyFaikqM5sH0ziFZCN3xDC7zeGaB/d0IUb9CATugHWbd1FRFwWwt4ld4OYMPWu5a3Xe01mGAULCdqhMlPl29Jg==} - - '@protobufjs/eventemitter@1.1.0': - resolution: {integrity: sha512-j9ednRT81vYJ9OfVuXG6ERSTdEL1xVsNgqpkxMsbIabzSo3goCjDIveeGv5d03om39ML71RdmrGNjG5SReBP/Q==} - - '@protobufjs/fetch@1.1.0': - resolution: {integrity: sha512-lljVXpqXebpsijW71PZaCYeIcE5on1w5DlQy5WH6GLbFryLUrBD4932W/E2BSpfRJWseIL4v/KPgBFxDOIdKpQ==} - - '@protobufjs/float@1.0.2': - resolution: {integrity: sha512-Ddb+kVXlXst9d+R9PfTIxh1EdNkgoRe5tOX6t01f1lYWOvJnSPDBlG241QLzcyPdoNTsblLUdujGSE4RzrTZGQ==} - - '@protobufjs/inquire@1.1.0': - resolution: {integrity: sha512-kdSefcPdruJiFMVSbn801t4vFK7KB/5gd2fYvrxhuJYg8ILrmn9SKSX2tZdV6V+ksulWqS7aXjBcRXl3wHoD9Q==} - - '@protobufjs/path@1.1.2': - resolution: {integrity: sha512-6JOcJ5Tm08dOHAbdR3GrvP+yUUfkjG5ePsHYczMFLq3ZmMkAD98cDgcT2iA1lJ9NVwFd4tH/iSSoe44YWkltEA==} - - '@protobufjs/pool@1.1.0': - resolution: {integrity: sha512-0kELaGSIDBKvcgS4zkjz1PeddatrjYcmMWOlAuAPwAeccUrPHdUqo/J6LiymHHEiJT5NrF1UVwxY14f+fy4WQw==} - - '@protobufjs/utf8@1.1.0': - resolution: {integrity: sha512-Vvn3zZrhQZkkBE8LSuW3em98c0FwgO4nxzv6OdSxPKJIEKY2bGbHn+mhGIPerzI4twdxaP8/0+06HBpwf345Lw==} - - '@rollup/rollup-android-arm-eabi@4.21.2': - resolution: {integrity: sha512-fSuPrt0ZO8uXeS+xP3b+yYTCBUd05MoSp2N/MFOgjhhUhMmchXlpTQrTpI8T+YAwAQuK7MafsCOxW7VrPMrJcg==} - cpu: [arm] - os: [android] - - '@rollup/rollup-android-arm64@4.21.2': - resolution: {integrity: sha512-xGU5ZQmPlsjQS6tzTTGwMsnKUtu0WVbl0hYpTPauvbRAnmIvpInhJtgjj3mcuJpEiuUw4v1s4BimkdfDWlh7gA==} - cpu: [arm64] - os: [android] - - '@rollup/rollup-darwin-arm64@4.21.2': - resolution: {integrity: sha512-99AhQ3/ZMxU7jw34Sq8brzXqWH/bMnf7ZVhvLk9QU2cOepbQSVTns6qoErJmSiAvU3InRqC2RRZ5ovh1KN0d0Q==} - cpu: [arm64] - os: [darwin] - - '@rollup/rollup-darwin-x64@4.21.2': - resolution: {integrity: sha512-ZbRaUvw2iN/y37x6dY50D8m2BnDbBjlnMPotDi/qITMJ4sIxNY33HArjikDyakhSv0+ybdUxhWxE6kTI4oX26w==} - cpu: [x64] - os: [darwin] - - '@rollup/rollup-linux-arm-gnueabihf@4.21.2': - resolution: {integrity: sha512-ztRJJMiE8nnU1YFcdbd9BcH6bGWG1z+jP+IPW2oDUAPxPjo9dverIOyXz76m6IPA6udEL12reYeLojzW2cYL7w==} - cpu: [arm] - os: [linux] - - '@rollup/rollup-linux-arm-musleabihf@4.21.2': - resolution: {integrity: sha512-flOcGHDZajGKYpLV0JNc0VFH361M7rnV1ee+NTeC/BQQ1/0pllYcFmxpagltANYt8FYf9+kL6RSk80Ziwyhr7w==} - cpu: [arm] - os: [linux] - - '@rollup/rollup-linux-arm64-gnu@4.21.2': - resolution: {integrity: sha512-69CF19Kp3TdMopyteO/LJbWufOzqqXzkrv4L2sP8kfMaAQ6iwky7NoXTp7bD6/irKgknDKM0P9E/1l5XxVQAhw==} - cpu: [arm64] - os: [linux] - - '@rollup/rollup-linux-arm64-musl@4.21.2': - resolution: {integrity: sha512-48pD/fJkTiHAZTnZwR0VzHrao70/4MlzJrq0ZsILjLW/Ab/1XlVUStYyGt7tdyIiVSlGZbnliqmult/QGA2O2w==} - cpu: [arm64] - os: [linux] - - '@rollup/rollup-linux-powerpc64le-gnu@4.21.2': - resolution: {integrity: sha512-cZdyuInj0ofc7mAQpKcPR2a2iu4YM4FQfuUzCVA2u4HI95lCwzjoPtdWjdpDKyHxI0UO82bLDoOaLfpZ/wviyQ==} - cpu: [ppc64] - os: [linux] - - '@rollup/rollup-linux-riscv64-gnu@4.21.2': - resolution: {integrity: sha512-RL56JMT6NwQ0lXIQmMIWr1SW28z4E4pOhRRNqwWZeXpRlykRIlEpSWdsgNWJbYBEWD84eocjSGDu/XxbYeCmwg==} - cpu: [riscv64] - os: [linux] - - '@rollup/rollup-linux-s390x-gnu@4.21.2': - resolution: {integrity: sha512-PMxkrWS9z38bCr3rWvDFVGD6sFeZJw4iQlhrup7ReGmfn7Oukrr/zweLhYX6v2/8J6Cep9IEA/SmjXjCmSbrMQ==} - cpu: [s390x] - os: [linux] - - '@rollup/rollup-linux-x64-gnu@4.21.2': - resolution: {integrity: sha512-B90tYAUoLhU22olrafY3JQCFLnT3NglazdwkHyxNDYF/zAxJt5fJUB/yBoWFoIQ7SQj+KLe3iL4BhOMa9fzgpw==} - cpu: [x64] - os: [linux] - - '@rollup/rollup-linux-x64-musl@4.21.2': - resolution: {integrity: sha512-7twFizNXudESmC9oneLGIUmoHiiLppz/Xs5uJQ4ShvE6234K0VB1/aJYU3f/4g7PhssLGKBVCC37uRkkOi8wjg==} - cpu: [x64] - os: [linux] - - '@rollup/rollup-win32-arm64-msvc@4.21.2': - resolution: {integrity: sha512-9rRero0E7qTeYf6+rFh3AErTNU1VCQg2mn7CQcI44vNUWM9Ze7MSRS/9RFuSsox+vstRt97+x3sOhEey024FRQ==} - cpu: [arm64] - os: [win32] - - '@rollup/rollup-win32-ia32-msvc@4.21.2': - resolution: {integrity: sha512-5rA4vjlqgrpbFVVHX3qkrCo/fZTj1q0Xxpg+Z7yIo3J2AilW7t2+n6Q8Jrx+4MrYpAnjttTYF8rr7bP46BPzRw==} - cpu: [ia32] - os: [win32] - - '@rollup/rollup-win32-x64-msvc@4.21.2': - resolution: {integrity: sha512-6UUxd0+SKomjdzuAcp+HAmxw1FlGBnl1v2yEPSabtx4lBfdXHDVsW7+lQkgz9cNFJGY3AWR7+V8P5BqkD9L9nA==} - cpu: [x64] - os: [win32] - - '@selderee/plugin-htmlparser2@0.11.0': - resolution: {integrity: sha512-P33hHGdldxGabLFjPPpaTxVolMrzrcegejx+0GxjrIb9Zv48D8yAIA/QTDR2dFl7Uz7urX8aX6+5bCZslr+gWQ==} - - '@sinonjs/commons@2.0.0': - resolution: {integrity: sha512-uLa0j859mMrg2slwQYdO/AkrOfmH+X6LTVmNTS9CqexuE2IvVORIkSpJLqePAbEnKJ77aMmCwr1NUZ57120Xcg==} - - '@sinonjs/commons@3.0.1': - resolution: {integrity: sha512-K3mCHKQ9sVh8o1C9cxkwxaOmXoAMlDxC1mYyHrjqOWEcBjYr76t96zL2zlj5dUGZ3HSw240X1qgH3Mjf1yJWpQ==} - - '@sinonjs/fake-timers@11.3.1': - resolution: {integrity: sha512-EVJO7nW5M/F5Tur0Rf2z/QoMo+1Ia963RiMtapiQrEWvY0iBUvADo8Beegwjpnle5BHkyHuoxSTW3jF43H1XRA==} - - '@sinonjs/samsam@8.0.0': - resolution: {integrity: sha512-Bp8KUVlLp8ibJZrnvq2foVhP0IVX2CIprMJPK0vqGqgrDa0OHVKeZyBykqskkrdxV6yKBPmGasO8LVjAKR3Gew==} - - '@sinonjs/text-encoding@0.7.3': - resolution: {integrity: sha512-DE427ROAphMQzU4ENbliGYrBSYPXF+TtLg9S8vzeA+OF4ZKzoDdzfL8sxuMUGS/lgRhM6j1URSk9ghf7Xo1tyA==} - - '@smithy/abort-controller@3.1.1': - resolution: {integrity: sha512-MBJBiidoe+0cTFhyxT8g+9g7CeVccLM0IOKKUMCNQ1CNMJ/eIfoo0RTfVrXOONEI1UCN1W+zkiHSbzUNE9dZtQ==} - engines: {node: '>=16.0.0'} - - '@smithy/chunked-blob-reader-native@3.0.0': - resolution: {integrity: sha512-VDkpCYW+peSuM4zJip5WDfqvg2Mo/e8yxOv3VF1m11y7B8KKMKVFtmZWDe36Fvk8rGuWrPZHHXZ7rR7uM5yWyg==} - - '@smithy/chunked-blob-reader@3.0.0': - resolution: {integrity: sha512-sbnURCwjF0gSToGlsBiAmd1lRCmSn72nu9axfJu5lIx6RUEgHu6GwTMbqCdhQSi0Pumcm5vFxsi9XWXb2mTaoA==} - - '@smithy/config-resolver@3.0.5': - resolution: {integrity: sha512-SkW5LxfkSI1bUC74OtfBbdz+grQXYiPYolyu8VfpLIjEoN/sHVBlLeGXMQ1vX4ejkgfv6sxVbQJ32yF2cl1veA==} - engines: {node: '>=16.0.0'} - - '@smithy/core@2.4.0': - resolution: {integrity: sha512-cHXq+FneIF/KJbt4q4pjN186+Jf4ZB0ZOqEaZMBhT79srEyGDDBV31NqBRBjazz8ppQ1bJbDJMY9ba5wKFV36w==} - engines: {node: '>=16.0.0'} - - '@smithy/credential-provider-imds@3.2.0': - resolution: {integrity: sha512-0SCIzgd8LYZ9EJxUjLXBmEKSZR/P/w6l7Rz/pab9culE/RWuqelAKGJvn5qUOl8BgX8Yj5HWM50A5hiB/RzsgA==} - engines: {node: '>=16.0.0'} - - '@smithy/eventstream-codec@3.1.2': - resolution: {integrity: sha512-0mBcu49JWt4MXhrhRAlxASNy0IjDRFU+aWNDRal9OtUJvJNiwDuyKMUONSOjLjSCeGwZaE0wOErdqULer8r7yw==} - - '@smithy/eventstream-serde-browser@3.0.6': - resolution: {integrity: sha512-2hM54UWQUOrki4BtsUI1WzmD13/SeaqT/AB3EUJKbcver/WgKNaiJ5y5F5XXuVe6UekffVzuUDrBZVAA3AWRpQ==} - engines: {node: '>=16.0.0'} - - '@smithy/eventstream-serde-config-resolver@3.0.3': - resolution: {integrity: sha512-NVTYjOuYpGfrN/VbRQgn31x73KDLfCXCsFdad8DiIc3IcdxL+dYA9zEQPyOP7Fy2QL8CPy2WE4WCUD+ZsLNfaQ==} - engines: {node: '>=16.0.0'} - - '@smithy/eventstream-serde-node@3.0.5': - resolution: {integrity: sha512-+upXvnHNyZP095s11jF5dhGw/Ihzqwl5G+/KtMnoQOpdfC3B5HYCcDVG9EmgkhJMXJlM64PyN5gjJl0uXFQehQ==} - engines: {node: '>=16.0.0'} - - '@smithy/eventstream-serde-universal@3.0.5': - resolution: {integrity: sha512-5u/nXbyoh1s4QxrvNre9V6vfyoLWuiVvvd5TlZjGThIikc3G+uNiG9uOTCWweSRjv1asdDIWK7nOmN7le4RYHQ==} - engines: {node: '>=16.0.0'} - - '@smithy/fetch-http-handler@3.2.4': - resolution: {integrity: sha512-kBprh5Gs5h7ug4nBWZi1FZthdqSM+T7zMmsZxx0IBvWUn7dK3diz2SHn7Bs4dQGFDk8plDv375gzenDoNwrXjg==} - - '@smithy/hash-blob-browser@3.1.2': - resolution: {integrity: sha512-hAbfqN2UbISltakCC2TP0kx4LqXBttEv2MqSPE98gVuDFMf05lU+TpC41QtqGP3Ff5A3GwZMPfKnEy0VmEUpmg==} - - '@smithy/hash-node@3.0.3': - resolution: {integrity: sha512-2ctBXpPMG+B3BtWSGNnKELJ7SH9e4TNefJS0cd2eSkOOROeBnnVBnAy9LtJ8tY4vUEoe55N4CNPxzbWvR39iBw==} - engines: {node: '>=16.0.0'} - - '@smithy/hash-stream-node@3.1.2': - resolution: {integrity: sha512-PBgDMeEdDzi6JxKwbfBtwQG9eT9cVwsf0dZzLXoJF4sHKHs5HEo/3lJWpn6jibfJwT34I1EBXpBnZE8AxAft6g==} - engines: {node: '>=16.0.0'} - - '@smithy/invalid-dependency@3.0.3': - resolution: {integrity: sha512-ID1eL/zpDULmHJbflb864k72/SNOZCADRc9i7Exq3RUNJw6raWUSlFEQ+3PX3EYs++bTxZB2dE9mEHTQLv61tw==} - - '@smithy/is-array-buffer@2.2.0': - resolution: {integrity: sha512-GGP3O9QFD24uGeAXYUjwSTXARoqpZykHadOmA8G5vfJPK0/DC67qa//0qvqrJzL1xc8WQWX7/yc7fwudjPHPhA==} - engines: {node: '>=14.0.0'} - - '@smithy/is-array-buffer@3.0.0': - resolution: {integrity: sha512-+Fsu6Q6C4RSJiy81Y8eApjEB5gVtM+oFKTffg+jSuwtvomJJrhUJBu2zS8wjXSgH/g1MKEWrzyChTBe6clb5FQ==} - engines: {node: '>=16.0.0'} - - '@smithy/md5-js@3.0.3': - resolution: {integrity: sha512-O/SAkGVwpWmelpj/8yDtsaVe6sINHLB1q8YE/+ZQbDxIw3SRLbTZuRaI10K12sVoENdnHqzPp5i3/H+BcZ3m3Q==} - - '@smithy/middleware-content-length@3.0.5': - resolution: {integrity: sha512-ILEzC2eyxx6ncej3zZSwMpB5RJ0zuqH7eMptxC4KN3f+v9bqT8ohssKbhNR78k/2tWW+KS5Spw+tbPF4Ejyqvw==} - engines: {node: '>=16.0.0'} - - '@smithy/middleware-endpoint@3.1.0': - resolution: {integrity: sha512-5y5aiKCEwg9TDPB4yFE7H6tYvGFf1OJHNczeY10/EFF8Ir8jZbNntQJxMWNfeQjC1mxPsaQ6mR9cvQbf+0YeMw==} - engines: {node: '>=16.0.0'} - - '@smithy/middleware-retry@3.0.15': - resolution: {integrity: sha512-iTMedvNt1ApdvkaoE8aSDuwaoc+BhvHqttbA/FO4Ty+y/S5hW6Ci/CTScG7vam4RYJWZxdTElc3MEfHRVH6cgQ==} - engines: {node: '>=16.0.0'} - - '@smithy/middleware-serde@3.0.3': - resolution: {integrity: sha512-puUbyJQBcg9eSErFXjKNiGILJGtiqmuuNKEYNYfUD57fUl4i9+mfmThtQhvFXU0hCVG0iEJhvQUipUf+/SsFdA==} - engines: {node: '>=16.0.0'} - - '@smithy/middleware-stack@3.0.3': - resolution: {integrity: sha512-r4klY9nFudB0r9UdSMaGSyjyQK5adUyPnQN/ZM6M75phTxOdnc/AhpvGD1fQUvgmqjQEBGCwpnPbDm8pH5PapA==} - engines: {node: '>=16.0.0'} - - '@smithy/node-config-provider@3.1.4': - resolution: {integrity: sha512-YvnElQy8HR4vDcAjoy7Xkx9YT8xZP4cBXcbJSgm/kxmiQu08DwUwj8rkGnyoJTpfl/3xYHH+d8zE+eHqoDCSdQ==} - engines: {node: '>=16.0.0'} - - '@smithy/node-http-handler@3.1.4': - resolution: {integrity: sha512-+UmxgixgOr/yLsUxcEKGH0fMNVteJFGkmRltYFHnBMlogyFdpzn2CwqWmxOrfJELhV34v0WSlaqG1UtE1uXlJg==} - engines: {node: '>=16.0.0'} - - '@smithy/property-provider@3.1.3': - resolution: {integrity: sha512-zahyOVR9Q4PEoguJ/NrFP4O7SMAfYO1HLhB18M+q+Z4KFd4V2obiMnlVoUFzFLSPeVt1POyNWneHHrZaTMoc/g==} - engines: {node: '>=16.0.0'} - - '@smithy/protocol-http@4.1.0': - resolution: {integrity: sha512-dPVoHYQ2wcHooGXg3LQisa1hH0e4y0pAddPMeeUPipI1tEOqL6A4N0/G7abeq+K8wrwSgjk4C0wnD1XZpJm5aA==} - engines: {node: '>=16.0.0'} - - '@smithy/querystring-builder@3.0.3': - resolution: {integrity: sha512-vyWckeUeesFKzCDaRwWLUA1Xym9McaA6XpFfAK5qI9DKJ4M33ooQGqvM4J+LalH4u/Dq9nFiC8U6Qn1qi0+9zw==} - engines: {node: '>=16.0.0'} - - '@smithy/querystring-parser@3.0.3': - resolution: {integrity: sha512-zahM1lQv2YjmznnfQsWbYojFe55l0SLG/988brlLv1i8z3dubloLF+75ATRsqPBboUXsW6I9CPGE5rQgLfY0vQ==} - engines: {node: '>=16.0.0'} - - '@smithy/service-error-classification@3.0.3': - resolution: {integrity: sha512-Jn39sSl8cim/VlkLsUhRFq/dKDnRUFlfRkvhOJaUbLBXUsLRLNf9WaxDv/z9BjuQ3A6k/qE8af1lsqcwm7+DaQ==} - engines: {node: '>=16.0.0'} - - '@smithy/shared-ini-file-loader@3.1.4': - resolution: {integrity: sha512-qMxS4hBGB8FY2GQqshcRUy1K6k8aBWP5vwm8qKkCT3A9K2dawUwOIJfqh9Yste/Bl0J2lzosVyrXDj68kLcHXQ==} - engines: {node: '>=16.0.0'} - - '@smithy/signature-v4@4.1.0': - resolution: {integrity: sha512-aRryp2XNZeRcOtuJoxjydO6QTaVhxx/vjaR+gx7ZjaFgrgPRyZ3HCTbfwqYj6ZWEBHkCSUfcaymKPURaByukag==} - engines: {node: '>=16.0.0'} - - '@smithy/smithy-client@3.2.0': - resolution: {integrity: sha512-pDbtxs8WOhJLJSeaF/eAbPgXg4VVYFlRcL/zoNYA5WbG3wBL06CHtBSg53ppkttDpAJ/hdiede+xApip1CwSLw==} - engines: {node: '>=16.0.0'} - - '@smithy/types@3.3.0': - resolution: {integrity: sha512-IxvBBCTFDHbVoK7zIxqA1ZOdc4QfM5HM7rGleCuHi7L1wnKv5Pn69xXJQ9hgxH60ZVygH9/JG0jRgtUncE3QUA==} - engines: {node: '>=16.0.0'} - - '@smithy/url-parser@3.0.3': - resolution: {integrity: sha512-pw3VtZtX2rg+s6HMs6/+u9+hu6oY6U7IohGhVNnjbgKy86wcIsSZwgHrFR+t67Uyxvp4Xz3p3kGXXIpTNisq8A==} - - '@smithy/util-base64@3.0.0': - resolution: {integrity: sha512-Kxvoh5Qtt0CDsfajiZOCpJxgtPHXOKwmM+Zy4waD43UoEMA+qPxxa98aE/7ZhdnBFZFXMOiBR5xbcaMhLtznQQ==} - engines: {node: '>=16.0.0'} - - '@smithy/util-body-length-browser@3.0.0': - resolution: {integrity: sha512-cbjJs2A1mLYmqmyVl80uoLTJhAcfzMOyPgjwAYusWKMdLeNtzmMz9YxNl3/jRLoxSS3wkqkf0jwNdtXWtyEBaQ==} - - '@smithy/util-body-length-node@3.0.0': - resolution: {integrity: sha512-Tj7pZ4bUloNUP6PzwhN7K386tmSmEET9QtQg0TgdNOnxhZvCssHji+oZTUIuzxECRfG8rdm2PMw2WCFs6eIYkA==} - engines: {node: '>=16.0.0'} - - '@smithy/util-buffer-from@2.2.0': - resolution: {integrity: sha512-IJdWBbTcMQ6DA0gdNhh/BwrLkDR+ADW5Kr1aZmd4k3DIF6ezMV4R2NIAmT08wQJ3yUK82thHWmC/TnK/wpMMIA==} - engines: {node: '>=14.0.0'} - - '@smithy/util-buffer-from@3.0.0': - resolution: {integrity: sha512-aEOHCgq5RWFbP+UDPvPot26EJHjOC+bRgse5A8V3FSShqd5E5UN4qc7zkwsvJPPAVsf73QwYcHN1/gt/rtLwQA==} - engines: {node: '>=16.0.0'} - - '@smithy/util-config-provider@3.0.0': - resolution: {integrity: sha512-pbjk4s0fwq3Di/ANL+rCvJMKM5bzAQdE5S/6RL5NXgMExFAi6UgQMPOm5yPaIWPpr+EOXKXRonJ3FoxKf4mCJQ==} - engines: {node: '>=16.0.0'} - - '@smithy/util-defaults-mode-browser@3.0.15': - resolution: {integrity: sha512-FZ4Psa3vjp8kOXcd3HJOiDPBCWtiilLl57r0cnNtq/Ga9RSDrM5ERL6xt+tO43+2af6Pn5Yp92x2n5vPuduNfg==} - engines: {node: '>= 10.0.0'} - - '@smithy/util-defaults-mode-node@3.0.15': - resolution: {integrity: sha512-KSyAAx2q6d0t6f/S4XB2+3+6aQacm3aLMhs9aLMqn18uYGUepbdssfogW5JQZpc6lXNBnp0tEnR5e9CEKmEd7A==} - engines: {node: '>= 10.0.0'} - - '@smithy/util-endpoints@2.0.5': - resolution: {integrity: sha512-ReQP0BWihIE68OAblC/WQmDD40Gx+QY1Ez8mTdFMXpmjfxSyz2fVQu3A4zXRfQU9sZXtewk3GmhfOHswvX+eNg==} - engines: {node: '>=16.0.0'} - - '@smithy/util-hex-encoding@3.0.0': - resolution: {integrity: sha512-eFndh1WEK5YMUYvy3lPlVmYY/fZcQE1D8oSf41Id2vCeIkKJXPcYDCZD+4+xViI6b1XSd7tE+s5AmXzz5ilabQ==} - engines: {node: '>=16.0.0'} - - '@smithy/util-middleware@3.0.3': - resolution: {integrity: sha512-l+StyYYK/eO3DlVPbU+4Bi06Jjal+PFLSMmlWM1BEwyLxZ3aKkf1ROnoIakfaA7mC6uw3ny7JBkau4Yc+5zfWw==} - engines: {node: '>=16.0.0'} - - '@smithy/util-retry@3.0.3': - resolution: {integrity: sha512-AFw+hjpbtVApzpNDhbjNG5NA3kyoMs7vx0gsgmlJF4s+yz1Zlepde7J58zpIRIsdjc+emhpAITxA88qLkPF26w==} - engines: {node: '>=16.0.0'} - - '@smithy/util-stream@3.1.3': - resolution: {integrity: sha512-FIv/bRhIlAxC0U7xM1BCnF2aDRPq0UaelqBHkM2lsCp26mcBbgI0tCVTv+jGdsQLUmAMybua/bjDsSu8RQHbmw==} - engines: {node: '>=16.0.0'} - - '@smithy/util-uri-escape@3.0.0': - resolution: {integrity: sha512-LqR7qYLgZTD7nWLBecUi4aqolw8Mhza9ArpNEQ881MJJIU2sE5iHCK6TdyqqzcDLy0OPe10IY4T8ctVdtynubg==} - engines: {node: '>=16.0.0'} - - '@smithy/util-utf8@2.3.0': - resolution: {integrity: sha512-R8Rdn8Hy72KKcebgLiv8jQcQkXoLMOGGv5uI1/k0l+snqkOzQ1R0ChUBCxWMlBsFMekWjq0wRudIweFs7sKT5A==} - engines: {node: '>=14.0.0'} - - '@smithy/util-utf8@3.0.0': - resolution: {integrity: sha512-rUeT12bxFnplYDe815GXbq/oixEGHfRFFtcTF3YdDi/JaENIM6aSYYLJydG83UNzLXeRI5K8abYd/8Sp/QM0kA==} - engines: {node: '>=16.0.0'} - - '@smithy/util-waiter@3.1.2': - resolution: {integrity: sha512-4pP0EV3iTsexDx+8PPGAKCQpd/6hsQBaQhqWzU4hqKPHN5epPsxKbvUTIiYIHTxaKt6/kEaqPBpu/ufvfbrRzw==} - engines: {node: '>=16.0.0'} - - '@swc/core-darwin-arm64@1.7.23': - resolution: {integrity: sha512-yyOHPfti6yKlQulfVWMt7BVKst+SyEZYCWuQSGMn1KgmNCH/bYufRWfQXIhkGSj44ZkEepJmsJ8tDyIb4k5WyA==} - engines: {node: '>=10'} - cpu: [arm64] - os: [darwin] - - '@swc/core-darwin-x64@1.7.23': - resolution: {integrity: sha512-GzqHwQ0Y1VyjdI/bBKFX2GKm5HD3PIB6OhuAQtWZMTtEr2yIrlT0YK2T+XKh7oIg31JwxGBeQdBk3KTI7DARmQ==} - engines: {node: '>=10'} - cpu: [x64] - os: [darwin] - - '@swc/core-linux-arm-gnueabihf@1.7.23': - resolution: {integrity: sha512-qwX4gB41OS6/OZkHcpTqLFGsdmvoZyffnJIlgB/kZKwH3lfeJWzv6vx57zXtNpM/t7GoQEe0VZUVdmNjxSxBZw==} - engines: {node: '>=10'} - cpu: [arm] - os: [linux] - - '@swc/core-linux-arm64-gnu@1.7.23': - resolution: {integrity: sha512-TsrbUZdMaUwzI7+g/8rHPLWbntMKYSu5Bn5IBSqVKPeyqaXxNnlIUnWXgXcUcRAc+T+Y8ADfr7EiFz9iz5DuSA==} - engines: {node: '>=10'} - cpu: [arm64] - os: [linux] - - '@swc/core-linux-arm64-musl@1.7.23': - resolution: {integrity: sha512-JEdtwdthazKq4PBz53KSubwwK8MvqODAihGSAzc8u3Unq4ojcvaS8b0CwLBeD+kTQ78HpxOXTt3DsFIxpgaCAA==} - engines: {node: '>=10'} - cpu: [arm64] - os: [linux] - - '@swc/core-linux-x64-gnu@1.7.23': - resolution: {integrity: sha512-V51gFPWaVAHbI1yg9ahsoya3aB4uawye3SZ5uQWgcP7wdCdiv60dw4F5nuPJf5Z1oXD3U/BslXuamv8Oh9vXqQ==} - engines: {node: '>=10'} - cpu: [x64] - os: [linux] - - '@swc/core-linux-x64-musl@1.7.23': - resolution: {integrity: sha512-BBqQi4+UdeRqag3yM4IJjaHG4yc1o3l9ksENHToE0o/u2DT0FY5+K/DiYGZLC1JHbSFzNqRCYsa7DIzRtZ0A1A==} - engines: {node: '>=10'} - cpu: [x64] - os: [linux] - - '@swc/core-win32-arm64-msvc@1.7.23': - resolution: {integrity: sha512-JPk6pvCKncL6bXG7p+NLZf8PWx4FakVvKNdwGeMrYunb+yk1IZf7qf9LJk8+GDGF5QviDXPs8opZrTrfsW80fA==} - engines: {node: '>=10'} - cpu: [arm64] - os: [win32] - - '@swc/core-win32-ia32-msvc@1.7.23': - resolution: {integrity: sha512-2Whxi8d+bLQBzJcQ5qYPHlk02YYVGsMVav0fWk+FnX2z1QRREIu1L1xvrpi7gBpjXp6BIU40ya8GiKeekNT2bg==} - engines: {node: '>=10'} - cpu: [ia32] - os: [win32] - - '@swc/core-win32-x64-msvc@1.7.23': - resolution: {integrity: sha512-82fARk4/yJ40kwWKY/gdKDisPdtgJE9jgpl/vkNG3alyJxrCzuNM7+CtiKoYbXLeqM8GQTS3wlvCaJu9oQ8dag==} - engines: {node: '>=10'} - cpu: [x64] - os: [win32] - - '@swc/core@1.7.23': - resolution: {integrity: sha512-VDNkpDvDlreGh2E3tlDj8B3piiuLhhQA/7rIVZpiLUvG1YpucAa6N7iDXA7Gc/+Hah8spaCg/qvEaBkCmcIYCQ==} - engines: {node: '>=10'} - peerDependencies: - '@swc/helpers': '*' - peerDependenciesMeta: - '@swc/helpers': - optional: true - - '@swc/counter@0.1.3': - resolution: {integrity: sha512-e2BR4lsJkkRlKZ/qCHPw9ZaSxc0MVUd7gtbtaB7aMvHeJVYe8sOB8DBZkP2DtISHGSku9sCK6T6cnY0CtXrOCQ==} - - '@swc/types@0.1.12': - resolution: {integrity: sha512-wBJA+SdtkbFhHjTMYH+dEH1y4VpfGdAc2Kw/LK09i9bXd/K6j6PkDcFCEzb6iVfZMkPRrl/q0e3toqTAJdkIVA==} - - '@temporalio/activity@1.11.1': - resolution: {integrity: sha512-3nfkYBvWzHeAd/0a7M4GdfrUcDs6dA6L5bvGRJQYxNZ0h1X7Shd/FXQ5Yvfqz2LAa4NKlgZ4qcjfnUiulJkVyA==} - - '@temporalio/client@1.11.1': - resolution: {integrity: sha512-1cEh6y7gB1bV/dZbSLL8TsEWM9/glj4j46V8sOS1B3ykoK2+5KaBvkUBKeS/SVH8puqo1zaWbaYEWD8kajg6/g==} - - '@temporalio/common@1.11.1': - resolution: {integrity: sha512-8fQwmYHMakSbqMX26FNfiLwBwVwsMNbGmVfGaFOqy72QZuUiXxgmImXQhK6ir1ieeH8bLyY5laAosB4W6VPBAA==} - - '@temporalio/core-bridge@1.11.1': - resolution: {integrity: sha512-zgBHPdzQqOHyetVR12k4L1vrGlrwFFsMZ1iNaSJoaf8M4C5whYlzv13nUvXThZkaN06/xQCop6L02XkmhxkzYA==} - - '@temporalio/proto@1.11.1': - resolution: {integrity: sha512-qTNSsU88IOJbv6lhWyW0qAHAYg4euEW/NNPgAp5ohfPkqaw+/j51QABO9E6m/KQwMZ6x43z2JjQRS37aC6Psiw==} - - '@temporalio/worker@1.11.1': - resolution: {integrity: sha512-PiYbPLUH0UIakVtcZzJ4064Z3bOYrk+pOL8w8YxBlE85IQKQG6tVm9yrqd/XpC9lk0JOJhdw6KLcm64kDRrryw==} - engines: {node: '>= 16.0.0'} - - '@temporalio/workflow@1.11.1': - resolution: {integrity: sha512-aTfoHPc6O/7UioOSe+PHmpzLZveG2qn0VI/snlclPFs8VO8r5hcbXb5jYeuzCi26mm7Z+Dxmf2hCK77tJlPeKg==} - - '@tsconfig/node10@1.0.11': - resolution: {integrity: sha512-DcRjDCujK/kCk/cUe8Xz8ZSpm8mS3mNNpta+jGCA6USEDfktlNvm1+IuZ9eTcDbNk41BHwpHHeW+N1lKCz4zOw==} - - '@tsconfig/node12@1.0.11': - resolution: {integrity: sha512-cqefuRsh12pWyGsIoBKJA9luFu3mRxCA+ORZvA4ktLSzIuCUtWVxGIuXigEwO5/ywWFMZ2QEGKWvkZG1zDMTag==} - - '@tsconfig/node14@1.0.3': - resolution: {integrity: sha512-ysT8mhdixWK6Hw3i1V2AeRqZ5WfXg1G43mqoYlM2nc6388Fq5jcXyr5mRsqViLx/GJYdoL0bfXD8nmF+Zn/Iow==} - - '@tsconfig/node16@1.0.4': - resolution: {integrity: sha512-vxhUy4J8lyeyinH7Azl1pdd43GJhZH/tP2weN8TntQblOY+A0XbT8DJk1/oCPuOOyg/Ja757rG0CgHcWC8OfMA==} - - '@tsconfig/node20@20.1.4': - resolution: {integrity: sha512-sqgsT69YFeLWf5NtJ4Xq/xAF8p4ZQHlmGW74Nu2tD4+g5fAsposc4ZfaaPixVu4y01BEiDCWLRDCvDM5JOsRxg==} - - '@types/chai@4.3.19': - resolution: {integrity: sha512-2hHHvQBVE2FiSK4eN0Br6snX9MtolHaTo/batnLjlGRhoQzlCL61iVpxoqO7SfFyOw+P/pwv+0zNHzKoGWz9Cw==} - - '@types/cheerio@0.22.35': - resolution: {integrity: sha512-yD57BchKRvTV+JD53UZ6PD8KWY5g5rvvMLRnZR3EQBCZXiDT/HR+pKpMzFGlWNhFrXlo7VPZXtKvIEwZkAWOIA==} - - '@types/debug@4.1.12': - resolution: {integrity: sha512-vIChWdVG3LG1SMxEvI/AK+FWJthlrqlTu7fbrlywTkkaONwk/UAGaULXRlf8vkzFBLVm0zkMdCquhL5aOjhXPQ==} - - '@types/estree@1.0.5': - resolution: {integrity: sha512-/kYRxGDLWzHOB7q+wtSUQlFrtcdUccpfy+X+9iMBpHK8QLLhx2wIPYuS5DYtR9Wa/YlZAbIovy7qVdB1Aq6Lyw==} - - '@types/fluent-ffmpeg@2.1.26': - resolution: {integrity: sha512-0JVF3wdQG+pN0ImwWD0bNgJiKF2OHg/7CDBHw5UIbRTvlnkgGHK6V5doE54ltvhud4o31/dEiHm23CAlxFiUQg==} - - '@types/imapflow@1.0.19': - resolution: {integrity: sha512-U48VZXe4XYhS3AFNI+4ougW8OXI4VaKjyF0nGXgVzIN8SPs9lh2LPNRM0HmIM+hUTw60l7MHgbQO8hsf+Q4U5w==} - - '@types/json-schema@7.0.15': - resolution: {integrity: sha512-5+fP8P8MFNC+AyZCDxrB2pkZFPGzqQWUzpSeuuVLvm8VMcorNYavBqoFcxK8bQz4Qsbn4oUEEem4wDLfcysGHA==} - - '@types/luxon@3.4.2': - resolution: {integrity: sha512-TifLZlFudklWlMBfhubvgqTXRzLDI5pCbGa4P8a3wPyUQSW+1xQ5eDsreP9DWHX3tjq1ke96uYG/nwundroWcA==} - - '@types/mailparser@3.4.4': - resolution: {integrity: sha512-C6Znp2QVS25JqtuPyxj38Qh+QoFcLycdxsvcc6IZCGekhaMBzbdTXzwGzhGoYb3TfKu8IRCNV0sV1o3Od97cEQ==} - - '@types/mocha@10.0.7': - resolution: {integrity: sha512-GN8yJ1mNTcFcah/wKEFIJckJx9iJLoMSzWcfRRuxz/Jk+U6KQNnml+etbtxFK8lPjzOw3zp4Ha/kjSst9fsHYw==} - - '@types/ms@0.7.34': - resolution: {integrity: sha512-nG96G3Wp6acyAgJqGasjODb+acrI7KltPiRxzHPXnP3NgI28bpQDRv53olbqGXbfcgF5aiiHmO3xpwEpS5Ld9g==} - - '@types/node@18.19.48': - resolution: {integrity: sha512-7WevbG4ekUcRQSZzOwxWgi5dZmTak7FaxXDoW7xVxPBmKx1rTzfmRLkeCgJzcbBnOV2dkhAPc8cCeT6agocpjg==} - - '@types/node@20.16.3': - resolution: {integrity: sha512-/wdGiWRkMOm53gAsSyFMXFZHbVg7C6CbkrzHNpaHoYfsUWPg7m6ZRKtvQjgvQ9i8WT540a3ydRlRQbxjY30XxQ==} - - '@types/node@22.5.2': - resolution: {integrity: sha512-acJsPTEqYqulZS/Yp/S3GgeE6GZ0qYODUR8aVr/DkhHQ8l9nd4j5x1/ZJy9/gHrRlFMqkO6i0I3E27Alu4jjPg==} - - '@types/pg@8.11.8': - resolution: {integrity: sha512-IqpCf8/569txXN/HoP5i1LjXfKZWL76Yr2R77xgeIICUbAYHeoaEZFhYHo2uDftecLWrTJUq63JvQu8q3lnDyA==} - - '@types/retry@0.12.2': - resolution: {integrity: sha512-XISRgDJ2Tc5q4TRqvgJtzsRkFYNJzZrhTdtMoGVBttwzzQJkPnS3WWTFc7kuDRoPtPakl+T+OfdEUjYJj7Jbow==} - - '@types/sinon@17.0.3': - resolution: {integrity: sha512-j3uovdn8ewky9kRBG19bOwaZbexJu/XjtkHyjvUgt4xfPFz18dcORIMqnYh66Fx3Powhcr85NT5+er3+oViapw==} - - '@types/sinonjs__fake-timers@8.1.5': - resolution: {integrity: sha512-mQkU2jY8jJEF7YHjHvsQO8+3ughTL1mcnn96igfhONmR+fUPSKIkefQYpSe8bsly2Ep7oQbn/6VG5/9/0qcArQ==} - - '@webassemblyjs/ast@1.12.1': - resolution: {integrity: sha512-EKfMUOPRRUTy5UII4qJDGPpqfwjOmZ5jeGFwid9mnoqIFK+e0vqoi1qH56JpmZSzEL53jKnNzScdmftJyG5xWg==} - - '@webassemblyjs/floating-point-hex-parser@1.11.6': - resolution: {integrity: sha512-ejAj9hfRJ2XMsNHk/v6Fu2dGS+i4UaXBXGemOfQ/JfQ6mdQg/WXtwleQRLLS4OvfDhv8rYnVwH27YJLMyYsxhw==} - - '@webassemblyjs/helper-api-error@1.11.6': - resolution: {integrity: sha512-o0YkoP4pVu4rN8aTJgAyj9hC2Sv5UlkzCHhxqWj8butaLvnpdc2jOwh4ewE6CX0txSfLn/UYaV/pheS2Txg//Q==} - - '@webassemblyjs/helper-buffer@1.12.1': - resolution: {integrity: sha512-nzJwQw99DNDKr9BVCOZcLuJJUlqkJh+kVzVl6Fmq/tI5ZtEyWT1KZMyOXltXLZJmDtvLCDgwsyrkohEtopTXCw==} - - '@webassemblyjs/helper-numbers@1.11.6': - resolution: {integrity: sha512-vUIhZ8LZoIWHBohiEObxVm6hwP034jwmc9kuq5GdHZH0wiLVLIPcMCdpJzG4C11cHoQ25TFIQj9kaVADVX7N3g==} - - '@webassemblyjs/helper-wasm-bytecode@1.11.6': - resolution: {integrity: sha512-sFFHKwcmBprO9e7Icf0+gddyWYDViL8bpPjJJl0WHxCdETktXdmtWLGVzoHbqUcY4Be1LkNfwTmXOJUFZYSJdA==} - - '@webassemblyjs/helper-wasm-section@1.12.1': - resolution: {integrity: sha512-Jif4vfB6FJlUlSbgEMHUyk1j234GTNG9dBJ4XJdOySoj518Xj0oGsNi59cUQF4RRMS9ouBUxDDdyBVfPTypa5g==} - - '@webassemblyjs/ieee754@1.11.6': - resolution: {integrity: sha512-LM4p2csPNvbij6U1f19v6WR56QZ8JcHg3QIJTlSwzFcmx6WSORicYj6I63f9yU1kEUtrpG+kjkiIAkevHpDXrg==} - - '@webassemblyjs/leb128@1.11.6': - resolution: {integrity: sha512-m7a0FhE67DQXgouf1tbN5XQcdWoNgaAuoULHIfGFIEVKA6tu/edls6XnIlkmS6FrXAquJRPni3ZZKjw6FSPjPQ==} - - '@webassemblyjs/utf8@1.11.6': - resolution: {integrity: sha512-vtXf2wTQ3+up9Zsg8sa2yWiQpzSsMyXj0qViVP6xKGCUT8p8YJ6HqI7l5eCnWx1T/FYdsv07HQs2wTFbbof/RA==} - - '@webassemblyjs/wasm-edit@1.12.1': - resolution: {integrity: sha512-1DuwbVvADvS5mGnXbE+c9NfA8QRcZ6iKquqjjmR10k6o+zzsRVesil54DKexiowcFCPdr/Q0qaMgB01+SQ1u6g==} - - '@webassemblyjs/wasm-gen@1.12.1': - resolution: {integrity: sha512-TDq4Ojh9fcohAw6OIMXqiIcTq5KUXTGRkVxbSo1hQnSy6lAM5GSdfwWeSxpAo0YzgsgF182E/U0mDNhuA0tW7w==} - - '@webassemblyjs/wasm-opt@1.12.1': - resolution: {integrity: sha512-Jg99j/2gG2iaz3hijw857AVYekZe2SAskcqlWIZXjji5WStnOpVoat3gQfT/Q5tb2djnCjBtMocY/Su1GfxPBg==} - - '@webassemblyjs/wasm-parser@1.12.1': - resolution: {integrity: sha512-xikIi7c2FHXysxXe3COrVUPSheuBtpcfhbpFj4gmu7KRLYOzANztwUU0IbsqvMqzuNK2+glRGWCEqZo1WCLyAQ==} - - '@webassemblyjs/wast-printer@1.12.1': - resolution: {integrity: sha512-+X4WAlOisVWQMikjbcvY2e0rwPsKQ9F688lksZhBcPycBBuii3O7m8FACbDMWDojpAqvjIncrG8J0XHKyQfVeA==} - - '@xtuc/ieee754@1.2.0': - resolution: {integrity: sha512-DX8nKgqcGwsc0eJSqYt5lwP4DH5FlHnmuWWBRy7X0NcaGR0ZtuyeESgMwTYVEtxmsNGY+qit4QYT/MIYTOTPeA==} - - '@xtuc/long@4.2.2': - resolution: {integrity: sha512-NuHqBY1PB/D8xU6s/thBgOAiAP7HOYDQ32+BFZILJ8ivkUkAHQnWfn6WhL79Owj1qmUnoN/YPhktdIoucipkAQ==} - - abort-controller@3.0.0: - resolution: {integrity: sha512-h8lQ8tacZYnR3vNQTgibj+tODHI5/+l06Au2Pcriv/Gmet0eaj4TwWH41sO9wnHDiQsEj19q0drzdWdeAHtweg==} - engines: {node: '>=6.5'} - - abstract-logging@2.0.1: - resolution: {integrity: sha512-2BjRTZxTPvheOvGbBslFSYOUkr+SjPtOnrLP33f+VIWLzezQpZcqVg7ja3L4dBXmzzgwT+a029jRx5PCi3JuiA==} - - acorn-import-attributes@1.9.5: - resolution: {integrity: sha512-n02Vykv5uA3eHGM/Z2dQrcD56kL8TyDb2p1+0P83PClMnC/nc+anbQRhIOWnSq4Ke/KvDPrY3C9hDtC/A3eHnQ==} - peerDependencies: - acorn: ^8 - - acorn-walk@8.3.3: - resolution: {integrity: sha512-MxXdReSRhGO7VlFe1bRG/oI7/mdLV9B9JJT0N8vZOhF7gFRR5l3M8W9G8JxmKV+JC5mGqJ0QvqfSOLsCPa4nUw==} - engines: {node: '>=0.4.0'} - - acorn@8.12.1: - resolution: {integrity: sha512-tcpGyI9zbizT9JbV6oYE477V6mTlXvvi0T0G3SNIYE2apm/G5huBa1+K89VGeovbg+jycCrfhl3ADxErOuO6Jg==} - engines: {node: '>=0.4.0'} - hasBin: true - - ajv-formats@2.1.1: - resolution: {integrity: sha512-Wx0Kx52hxE7C18hkMEggYlEifqWZtYaRgouJor+WMdPnQyEK13vgEWyVNup7SoeeoLMsr4kf5h6dOW11I15MUA==} - peerDependencies: - ajv: ^8.0.0 - peerDependenciesMeta: - ajv: - optional: true - - ajv-formats@3.0.1: - resolution: {integrity: sha512-8iUql50EUR+uUcdRQ3HDqa6EVyo3docL8g5WJ3FNcWmu62IbkGUue/pEyLBW8VGKKucTPgqeks4fIU1DA4yowQ==} - peerDependencies: - ajv: ^8.0.0 - peerDependenciesMeta: - ajv: - optional: true - - ajv-keywords@3.5.2: - resolution: {integrity: sha512-5p6WTN0DdTGVQk6VjcEju19IgaHudalcfabD7yhDGeA6bcQnmL+CpveLJq/3hvfwd1aof6L386Ougkx6RfyMIQ==} - peerDependencies: - ajv: ^6.9.1 - - ajv@6.12.6: - resolution: {integrity: sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==} - - ajv@8.17.1: - resolution: {integrity: sha512-B/gBuNg5SiMTrPkC+A2+cW0RszwxYmn6VYxB/inlBStS5nx6xHIt/ehKRhIMhqusl7a8LjQoZnjCs5vhwxOQ1g==} - - ansi-colors@4.1.3: - resolution: {integrity: sha512-/6w/C21Pm1A7aZitlI5Ni/2J6FFQN8i1Cvz3kHABAAbw93v/NlvKdVOqz7CCWz/3iv/JplRSEEZ83XION15ovw==} - engines: {node: '>=6'} - - ansi-regex@5.0.1: - resolution: {integrity: sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==} - engines: {node: '>=8'} - - ansi-regex@6.0.1: - resolution: {integrity: sha512-n5M855fKb2SsfMIiFFoVrABHJC8QtHwVx+mHWP3QcEqBHYienj5dHSgjbxtC0WEZXYt4wcD6zrQElDPhFuZgfA==} - engines: {node: '>=12'} - - ansi-styles@3.2.1: - resolution: {integrity: sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==} - engines: {node: '>=4'} - - ansi-styles@4.3.0: - resolution: {integrity: sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==} - engines: {node: '>=8'} - - ansi-styles@6.2.1: - resolution: {integrity: sha512-bN798gFfQX+viw3R7yrGWRqnrN2oRkEkUjjl4JNn4E8GxxbjtG3FbrEIIY3l8/hrwUwIeCZvi4QuOTP4MErVug==} - engines: {node: '>=12'} - - any-promise@1.3.0: - resolution: {integrity: sha512-7UvmKalWRt1wgjL1RrGxoSJW/0QZFIegpeGvZG9kjp8vrRu55XTHbwnqq2GpXm9uLbcuhxm3IqX9OB4MZR1b2A==} - - anymatch@3.1.3: - resolution: {integrity: sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw==} - engines: {node: '>= 8'} - - arg@4.1.3: - resolution: {integrity: sha512-58S9QDqG0Xx27YwPSt9fJxivjYl432YCwfDMfZ+71RAqUrZef7LrKQZ3LHLOwCS4FLNBplP533Zx895SeOCHvA==} - - arg@5.0.2: - resolution: {integrity: sha512-PYjyFOLKQ9y57JvQ6QLo8dAgNqswh8M1RMJYdQduT6xbWSgK36P/Z/v+p888pM69jMMfS8Xd8F6I1kQ/I9HUGg==} - - argparse@2.0.1: - resolution: {integrity: sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==} - - array-union@2.1.0: - resolution: {integrity: sha512-HGyxoOTYUyCM6stUe6EJgnd4EoewAI7zMdfqO+kGjnlZmBDz/cR5pf8r/cR4Wq60sL/p0IkcjUEEPwS3GFrIyw==} - engines: {node: '>=8'} - - asap@2.0.6: - resolution: {integrity: sha512-BSHWgDSAiKs50o2Re8ppvp3seVHXSRM44cdSsT9FfNEUUZLOGWVCsiWaRPWM1Znn+mqZ1OfVZ3z3DWEzSp7hRA==} - - assertion-error@2.0.1: - resolution: {integrity: sha512-Izi8RQcffqCeNVgFigKli1ssklIbpHnCYc6AknXGYoB6grJqyeby7jv12JUQgmTAnIDnbck1uxksT4dzN3PWBA==} - engines: {node: '>=12'} - - async@0.2.10: - resolution: {integrity: sha512-eAkdoKxU6/LkKDBzLpT+t6Ff5EtfSF4wx1WfJiPEEV7WNLnDaRXk0oVysiEPm262roaachGexwUv94WhSgN5TQ==} - - atomic-sleep@1.0.0: - resolution: {integrity: sha512-kNOjDqAh7px0XWNI+4QbzoiR/nTkHAWNud2uvnJquD1/x5a7EQZMJT0AczqK0Qn67oY/TTQ1LbUKajZpp3I9tQ==} - engines: {node: '>=8.0.0'} - - avvio@8.4.0: - resolution: {integrity: sha512-CDSwaxINFy59iNwhYnkvALBwZiTydGkOecZyPkqBpABYR1KqGEsET0VOOYDwtleZSUIdeY36DC2bSZ24CO1igA==} - - babel-plugin-polyfill-corejs2@0.4.11: - resolution: {integrity: sha512-sMEJ27L0gRHShOh5G54uAAPaiCOygY/5ratXuiyb2G46FmlSpc9eFCzYVyDiPxfNbwzA7mYahmjQc5q+CZQ09Q==} - peerDependencies: - '@babel/core': ^7.4.0 || ^8.0.0-0 <8.0.0 - - babel-plugin-polyfill-corejs3@0.10.6: - resolution: {integrity: sha512-b37+KR2i/khY5sKmWNVQAnitvquQbNdWy6lJdsr0kmquCKEEUgMKK4SboVM3HtfnZilfjr4MMQ7vY58FVWDtIA==} - peerDependencies: - '@babel/core': ^7.4.0 || ^8.0.0-0 <8.0.0 - - babel-plugin-polyfill-regenerator@0.6.2: - resolution: {integrity: sha512-2R25rQZWP63nGwaAswvDazbPXfrM3HwVoBXK6HcqeKrSrL/JqcC/rDcf95l4r7LXLyxDXc8uQDa064GubtCABg==} - peerDependencies: - '@babel/core': ^7.4.0 || ^8.0.0-0 <8.0.0 - - balanced-match@1.0.2: - resolution: {integrity: sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==} - - base64-js@1.5.1: - resolution: {integrity: sha512-AKpaYlHn8t4SVbOHCy+b5+KKgvR4vrsD8vbvrbiQJps7fKDTkjkDry6ji0rUJjC0kzbNePLwzxq8iypo41qeWA==} - - bath-es5@3.0.3: - resolution: {integrity: sha512-PdCioDToH3t84lP40kUFCKWCOCH389Dl1kbC8FGoqOwamxsmqxxnJSXdkTOsPoNHXjem4+sJ+bbNoQm5zeCqxg==} - - binary-extensions@2.3.0: - resolution: {integrity: sha512-Ceh+7ox5qe7LJuLHoY0feh3pHuUDHAcRUeyL2VYghZwfpkNIy/+8Ocg0a3UuSoYzavmylwuLWQOf3hl0jjMMIw==} - engines: {node: '>=8'} - - boolbase@1.0.0: - resolution: {integrity: sha512-JZOSA7Mo9sNGB8+UjSgzdLtokWAky1zbztM3WRLCbZ70/3cTANmQmOdR7y2g+J0e2WXywy1yS468tY+IruqEww==} - - bowser@2.11.0: - resolution: {integrity: sha512-AlcaJBi/pqqJBIQ8U9Mcpc9i8Aqxn88Skv5d+xBX006BY5u8N3mGLHa5Lgppa7L/HfwgwLgZ6NYs+Ag6uUmJRA==} - - brace-expansion@1.1.11: - resolution: {integrity: sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==} - - brace-expansion@2.0.1: - resolution: {integrity: sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==} - - braces@3.0.3: - resolution: {integrity: sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==} - engines: {node: '>=8'} - - browser-stdout@1.3.1: - resolution: {integrity: sha512-qhAVI1+Av2X7qelOfAIYwXONood6XlZE/fXaBSmW/T5SzLAmCgzi+eiWE7fUvbHaeNBQH13UftjpXxsfLkMpgw==} - - browserslist@4.23.3: - resolution: {integrity: sha512-btwCFJVjI4YWDNfau8RhZ+B1Q/VLoUITrm3RlP6y1tYGWIOa+InuYiRGXUBXo8nA1qKmHMyLB/iVQg5TT4eFoA==} - engines: {node: ^6 || ^7 || ^8 || ^9 || ^10 || ^11 || ^12 || >=13.7} - hasBin: true - - buffer-from@1.1.2: - resolution: {integrity: sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==} - - buffer@5.6.0: - resolution: {integrity: sha512-/gDYp/UtU0eA1ys8bOs9J6a+E/KWIY+DZ+Q2WESNUA0jFRsJOc0SNUO6xJ5SGA1xueg3NL65W6s+NY5l9cunuw==} - - buffer@6.0.3: - resolution: {integrity: sha512-FTiCpNxtwiZZHEZbcbTIcZjERVICn9yq/pDFkTl95/AxzD1naBctN7YO68riM/gLSDY7sdrMby8hofADYuuqOA==} - - bundle-require@5.0.0: - resolution: {integrity: sha512-GuziW3fSSmopcx4KRymQEJVbZUfqlCqcq7dvs6TYwKRZiegK/2buMxQTPs6MGlNv50wms1699qYO54R8XfRX4w==} - engines: {node: ^12.20.0 || ^14.13.1 || >=16.0.0} - peerDependencies: - esbuild: '>=0.18' - - cac@6.7.14: - resolution: {integrity: sha512-b6Ilus+c3RrdDk+JhLKUAQfzzgLEPy6wcXqS7f/xe1EETvsDP6GORG7SFuOs6cID5YkqchW/LXZbX5bc8j7ZcQ==} - engines: {node: '>=8'} - - call-bind@1.0.7: - resolution: {integrity: sha512-GHTSNSYICQ7scH7sZ+M2rFopRoLh8t2bLSW6BbgrtLsahOIB5iyAVJf9GjWK3cYTDaMj4XdBpM1cA6pIS0Kv2w==} - engines: {node: '>= 0.4'} - - camelcase@6.3.0: - resolution: {integrity: sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==} - engines: {node: '>=10'} - - caniuse-lite@1.0.30001655: - resolution: {integrity: sha512-jRGVy3iSGO5Uutn2owlb5gR6qsGngTw9ZTb4ali9f3glshcNmJ2noam4Mo9zia5P9Dk3jNNydy7vQjuE5dQmfg==} - - cargo-cp-artifact@0.1.9: - resolution: {integrity: sha512-6F+UYzTaGB+awsTXg0uSJA1/b/B3DDJzpKVRu0UmyI7DmNeaAl2RFHuTGIN6fEgpadRxoXGb7gbC1xo4C3IdyA==} - hasBin: true - - chai@5.1.1: - resolution: {integrity: sha512-pT1ZgP8rPNqUgieVaEY+ryQr6Q4HXNg8Ei9UnLUrjN4IA7dvQC5JB+/kxVcPNDHyBcc/26CXPkbNzq3qwrOEKA==} - engines: {node: '>=12'} - - chalk@2.4.2: - resolution: {integrity: sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==} - engines: {node: '>=4'} - - chalk@4.1.2: - resolution: {integrity: sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==} - engines: {node: '>=10'} - - check-error@2.1.1: - resolution: {integrity: sha512-OAlb+T7V4Op9OwdkjmguYRqncdlx5JiofwOAUkmTF+jNdHwzTaTs4sRAGpzLF3oOz5xAyDGrPgeIDFQmDOTiJw==} - engines: {node: '>= 16'} - - cheerio-select@2.1.0: - resolution: {integrity: sha512-9v9kG0LvzrlcungtnJtpGNxY+fzECQKhK4EGJX2vByejiMX84MFNQw4UxPJl3bFbTMw+Dfs37XaIkCwTZfLh4g==} - - cheerio@1.0.0: - resolution: {integrity: sha512-quS9HgjQpdaXOvsZz82Oz7uxtXiy6UIsIQcpBj7HRw2M63Skasm9qlDocAM7jNuaxdhpPU7c4kJN+gA5MCu4ww==} - engines: {node: '>=18.17'} - - chokidar@3.6.0: - resolution: {integrity: sha512-7VT13fmjotKpGipCW9JEQAusEPE+Ei8nl6/g4FBAmIm0GOOLMua9NDDo/DWp0ZAxCr3cPq5ZpBqmPAQgDda2Pw==} - engines: {node: '>= 8.10.0'} - - chrome-trace-event@1.0.4: - resolution: {integrity: sha512-rNjApaLzuwaOTjCiT8lSDdGN1APCiqkChLMJxJPWLunPAt5fy8xgU9/jNOchV84wfIxrA0lRQB7oCT8jrn/wrQ==} - engines: {node: '>=6.0'} - - cliui@7.0.4: - resolution: {integrity: sha512-OcRE68cOsVMXp1Yvonl/fzkQOyjLSu/8bhPDfQt0e0/Eb283TKP20Fs2MqoPsr9SwA595rRCA+QMzYc9nBP+JQ==} - - cliui@8.0.1: - resolution: {integrity: sha512-BSeNnyus75C4//NQ9gQt1/csTXyo/8Sb+afLAkzAptFuMsod9HFokGNudZpi/oQV73hnVK+sR+5PVRMd+Dr7YQ==} - engines: {node: '>=12'} - - color-convert@1.9.3: - resolution: {integrity: sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==} - - color-convert@2.0.1: - resolution: {integrity: sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==} - engines: {node: '>=7.0.0'} - - color-name@1.1.3: - resolution: {integrity: sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==} - - color-name@1.1.4: - resolution: {integrity: sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==} - - color-string@1.9.1: - resolution: {integrity: sha512-shrVawQFojnZv6xM40anx4CkoDP+fZsw/ZerEMsW/pyzsRbElpsL/DBVW7q3ExxwusdNXI3lXpuhEZkzs8p5Eg==} - - color@4.2.3: - resolution: {integrity: sha512-1rXeuUUiGGrykh+CeBdu5Ie7OJwinCgQY0bc7GCRxy5xVHy+moaqkpL/jqQq0MtQOeYcrqEz4abc5f0KtU7W4A==} - engines: {node: '>=12.5.0'} - - commander@12.1.0: - resolution: {integrity: sha512-Vw8qHK3bZM9y/P10u3Vib8o/DdkvA2OtPtZvD871QKjy74Wj1WSKFILMPRPSdUSx5RFK1arlJzEtA4PkFgnbuA==} - engines: {node: '>=18'} - - commander@2.20.3: - resolution: {integrity: sha512-GpVkmM8vF2vQUkj2LvZmD35JxeJOLCwJ9cUkugyk2nuhbv3+mJvpLYYt+0+USMxE+oj+ey/lJEnhZw75x/OMcQ==} - - commander@4.1.1: - resolution: {integrity: sha512-NOKm8xhkzAjzFx8B2v5OAHT+u5pRQc2UCa2Vq9jYL/31o2wi9mxBA7LIFs3sV5VSC49z6pEhfbMULvShKj26WA==} - engines: {node: '>= 6'} - - concat-map@0.0.1: - resolution: {integrity: sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==} - - concurrently@8.2.2: - resolution: {integrity: sha512-1dP4gpXFhei8IOtlXRE/T/4H88ElHgTiUzh71YUmtjTEHMSRS2Z/fgOxHSxxusGHogsRfxNq1vyAwxSC+EVyDg==} - engines: {node: ^14.13.0 || >=16.0.0} - hasBin: true - - consola@3.2.3: - resolution: {integrity: sha512-I5qxpzLv+sJhTVEoLYNcTW+bThDCPsit0vLNKShZx6rLtpilNpmmeTPaeqJb9ZE9dV3DGaeby6Vuhrw38WjeyQ==} - engines: {node: ^14.18.0 || >=16.10.0} - - content-disposition@0.5.4: - resolution: {integrity: sha512-FveZTNuGw04cxlAiWbzi6zTAL/lhehaWbTtgluJh4/E95DqMwTmha3KZN1aAWA8cFIhHzMZUvLevkw5Rqk+tSQ==} - engines: {node: '>= 0.6'} - - convert-source-map@2.0.0: - resolution: {integrity: sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==} - - cookie@0.5.0: - resolution: {integrity: sha512-YZ3GUyn/o8gfKJlnlX7g7xq4gyO6OSuhGPKaaGssGB2qgDUS0gPgtTvoyZLTt9Ab6dC4hfc9dV5arkvc/OCmrw==} - engines: {node: '>= 0.6'} - - cookie@0.6.0: - resolution: {integrity: sha512-U71cyTamuh1CRNCfpGY6to28lxvNwPG4Guz/EVjgf3Jmzv0vlDp1atT9eS5dDjMYHucpHbWns6Lwf3BKz6svdw==} - engines: {node: '>= 0.6'} - - core-js-compat@3.38.1: - resolution: {integrity: sha512-JRH6gfXxGmrzF3tZ57lFx97YARxCXPaMzPo6jELZhv88pBH5VXpQ+y0znKGlFnzuaihqhLbefxSJxWJMPtfDzw==} - - create-require@1.1.1: - resolution: {integrity: sha512-dcKFX3jn0MpIaXjisoRvexIJVEKzaq7z2rZKxf+MSr9TkdmHmsU4m2lcLojrj/FHl8mk5VxMmYA+ftRkP/3oKQ==} - - cross-spawn@7.0.3: - resolution: {integrity: sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==} - engines: {node: '>= 8'} - - csprng@0.1.2: - resolution: {integrity: sha512-D3WAbvvgUVIqSxUfdvLeGjuotsB32bvfVPd+AaaTWMtyUeC9zgCnw5xs94no89yFLVsafvY9dMZEhTwsY/ZecA==} - engines: {node: '>=0.6.0'} - - css-select@5.1.0: - resolution: {integrity: sha512-nwoRF1rvRRnnCqqY7updORDsuqKzqYJ28+oSMaJMMgOauh3fvwHqMS7EZpIPqK8GL+g9mKxF1vP/ZjSeNjEVHg==} - - css-what@6.1.0: - resolution: {integrity: sha512-HTUrgRJ7r4dsZKU6GjmpfRK1O76h97Z8MfS1G0FozR+oF2kG6Vfe8JE6zwrkbxigziPHinCJ+gCPjA9EaBDtRw==} - engines: {node: '>= 6'} - - data-uri-to-buffer@4.0.1: - resolution: {integrity: sha512-0R9ikRb668HB7QDxT1vkpuUBtqc53YyAwMwGeUFKRojY/NWKvdZ+9UYtRfGmhqNbRkTSVpMbmyhXipFFv2cb/A==} - engines: {node: '>= 12'} - - date-fns@2.30.0: - resolution: {integrity: sha512-fnULvOpxnC5/Vg3NCiWelDsLiUc9bRwAPs/+LfTLNvetFCtCTN+yQz15C/fs4AwX1R9K5GLtLfn8QW+dWisaAw==} - engines: {node: '>=0.11'} - - date-fns@3.6.0: - resolution: {integrity: sha512-fRHTG8g/Gif+kSh50gaGEdToemgfj74aRX3swtiouboip5JDLAyDE9F11nHMIcvOaXeOC6D7SpNhi7uFyB7Uww==} - - debug@4.3.6: - resolution: {integrity: sha512-O/09Bd4Z1fBrU4VzkhFqVgpPzaGbw6Sm9FEkBT1A/YBXQFGuuSxa1dN2nxgxS34JmKXqYx8CZAwEVoJFImUXIg==} - engines: {node: '>=6.0'} - peerDependencies: - supports-color: '*' - peerDependenciesMeta: - supports-color: - optional: true - - decamelize@4.0.0: - resolution: {integrity: sha512-9iE1PgSik9HeIIw2JO94IidnE3eBoQrFJ3w7sFuzSX4DpmZ3v5sZpUiV5Swcf6mQEF+Y0ru8Neo+p+nyh2J+hQ==} - engines: {node: '>=10'} - - deep-eql@5.0.2: - resolution: {integrity: sha512-h5k/5U50IJJFpzfL6nO9jaaumfjO/f2NjK/oYB2Djzm4p9L+3T9qWpZqZ2hAbLPuuYq9wrU08WQyBTL5GbPk5Q==} - engines: {node: '>=6'} - - deepmerge@4.3.1: - resolution: {integrity: sha512-3sUqbMEc77XqpdNO7FRyRog+eW3ph+GYCbj+rK+uYyRMuwsVy0rMiVtPn+QJlKFvWP/1PYpapqYn0Me2knFn+A==} - engines: {node: '>=0.10.0'} - - define-data-property@1.1.4: - resolution: {integrity: sha512-rBMvIzlpA8v6E+SJZoo++HAYqsLrkg7MSfIinMPFhmkorw7X+dOXVJQs+QT69zGkzMyfDnIMN2Wid1+NbL3T+A==} - engines: {node: '>= 0.4'} - - depd@2.0.0: - resolution: {integrity: sha512-g7nH6P6dyDioJogAAGprGpCtVImJhpPk/roCzdb3fIh61/s/nPsfR6onyMwkCAR/OlC3yBC0lESvUoQEAssIrw==} - engines: {node: '>= 0.8'} - - dereference-json-schema@0.2.1: - resolution: {integrity: sha512-uzJsrg225owJyRQ8FNTPHIuBOdSzIZlHhss9u6W8mp7jJldHqGuLv9cULagP/E26QVJDnjtG8U7Dw139mM1ydA==} - - detect-libc@2.0.3: - resolution: {integrity: sha512-bwy0MGW55bG41VqxxypOsdSdGqLwXPI/focwgTYCFMbdUiBAxLg9CFzG08sz2aqzknwiX7Hkl0bQENjg8iLByw==} - engines: {node: '>=8'} - - diff@4.0.2: - resolution: {integrity: sha512-58lmxKSA4BNyLz+HHMUzlOEpg09FV+ev6ZMe3vJihgdxzgcwZ8VoEEPmALCZG9LmqfVoNMMKpttIYTVG6uDY7A==} - engines: {node: '>=0.3.1'} - - diff@5.2.0: - resolution: {integrity: sha512-uIFDxqpRZGZ6ThOk84hEfqWoHx2devRFvpTZcTHur85vImfaxUbTW9Ryh4CpCuDnToOP1CEtXKIgytHBPVff5A==} - engines: {node: '>=0.3.1'} - - dir-glob@3.0.1: - resolution: {integrity: sha512-WkrWp9GR4KXfKGYzOLmTuGVi1UWFfws377n9cc55/tb6DuqyF6pcQ5AbiHEshaDpY9v6oaSr2XCDidGmMwdzIA==} - engines: {node: '>=8'} - - dom-serializer@2.0.0: - resolution: {integrity: sha512-wIkAryiqt/nV5EQKqQpo3SToSOV9J0DnbJqwK7Wv/Trc92zIAYZ4FlMu+JPFW1DfGFt81ZTCGgDEabffXeLyJg==} - - domelementtype@2.3.0: - resolution: {integrity: sha512-OLETBj6w0OsagBwdXnPdN0cnMfF9opN69co+7ZrbfPGrdpPVNBUj02spi6B1N7wChLQiPn4CSH/zJvXw56gmHw==} - - domhandler@5.0.3: - resolution: {integrity: sha512-cgwlv/1iFQiFnU96XXgROh8xTeetsnJiDsTc7TYCLFd9+/WNkIqPTxiM/8pSd8VIrhXGTf1Ny1q1hquVqDJB5w==} - engines: {node: '>= 4'} - - domutils@3.1.0: - resolution: {integrity: sha512-H78uMmQtI2AhgDJjWeQmHwJJ2bLPD3GMmO7Zja/ZZh84wkm+4ut+IUnUdRa8uCGX88DiVx1j6FRe1XfxEgjEZA==} - - dotenv@16.4.5: - resolution: {integrity: sha512-ZmdL2rui+eB2YwhsWzjInR8LldtZHGDoQ1ugH85ppHKwpUHL7j7rN0Ti9NCnGiQbhaZ11FpR+7ao1dNsmduNUg==} - engines: {node: '>=12'} - - eastasianwidth@0.2.0: - resolution: {integrity: sha512-I88TYZWc9XiYHRQ4/3c5rjjfgkjhLyW2luGIheGERbNQ6OY7yTybanSpDXZa8y7VUP9YmDcYa+eyq4ca7iLqWA==} - - electron-to-chromium@1.5.13: - resolution: {integrity: sha512-lbBcvtIJ4J6sS4tb5TLp1b4LyfCdMkwStzXPyAgVgTRAsep4bvrAGaBOP7ZJtQMNJpSQ9SqG4brWOroNaQtm7Q==} - - emoji-regex@8.0.0: - resolution: {integrity: sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==} - - emoji-regex@9.2.2: - resolution: {integrity: sha512-L18DaJsXSUk2+42pv8mLs5jJT2hqFkFE4j21wOmgbUqsZ2hL72NsUU785g9RXgo3s0ZNgVl42TiHp3ZtOv/Vyg==} - - encoding-japanese@2.0.0: - resolution: {integrity: sha512-++P0RhebUC8MJAwJOsT93dT+5oc5oPImp1HubZpAuCZ5kTLnhuuBhKHj2jJeO/Gj93idPBWmIuQ9QWMe5rX3pQ==} - engines: {node: '>=8.10.0'} - - encoding-japanese@2.1.0: - resolution: {integrity: sha512-58XySVxUgVlBikBTbQ8WdDxBDHIdXucB16LO5PBHR8t75D54wQrNo4cg+58+R1CtJfKnsVsvt9XlteRaR8xw1w==} - engines: {node: '>=8.10.0'} - - encoding-japanese@2.2.0: - resolution: {integrity: sha512-EuJWwlHPZ1LbADuKTClvHtwbaFn4rOD+dRAbWysqEOXRc2Uui0hJInNJrsdH0c+OhJA4nrCBdSkW4DD5YxAo6A==} - engines: {node: '>=8.10.0'} - - encoding-sniffer@0.2.0: - resolution: {integrity: sha512-ju7Wq1kg04I3HtiYIOrUrdfdDvkyO9s5XM8QAj/bN61Yo/Vb4vgJxy5vi4Yxk01gWHbrofpPtpxM8bKger9jhg==} - - enhanced-resolve@5.17.1: - resolution: {integrity: sha512-LMHl3dXhTcfv8gM4kEzIUeTQ+7fpdA0l2tUf34BddXPkz2A5xJ5L/Pchd5BL6rdccM9QGvu0sWZzK1Z1t4wwyg==} - engines: {node: '>=10.13.0'} - - entities@4.5.0: - resolution: {integrity: sha512-V0hjH4dGPh9Ao5p0MoRY6BVqtwCjhz6vI5LT8AJ55H+4g9/4vbHx1I54fS0XuclLhDHArPQCiMjDxjaL8fPxhw==} - engines: {node: '>=0.12'} - - es-define-property@1.0.0: - resolution: {integrity: sha512-jxayLKShrEqqzJ0eumQbVhTYQM27CfT1T35+gCgDFoL82JLsXqTJ76zv6A0YLOgEnLUMvLzsDsGIrl8NFpT2gQ==} - engines: {node: '>= 0.4'} - - es-errors@1.3.0: - resolution: {integrity: sha512-Zf5H2Kxt2xjTvbJvP2ZWLEICxA6j+hAmMzIlypy4xcBg1vKVnx89Wy0GbS+kf5cwCVFFzdCFh2XSCFNULS6csw==} - engines: {node: '>= 0.4'} - - es-module-lexer@1.5.4: - resolution: {integrity: sha512-MVNK56NiMrOwitFB7cqDwq0CQutbw+0BvLshJSse0MUNU+y1FC3bUS/AQg7oUng+/wKrrki7JfmwtVHkVfPLlw==} - - esbuild@0.23.1: - resolution: {integrity: sha512-VVNz/9Sa0bs5SELtn3f7qhJCDPCF5oMEl5cO9/SSinpE9hbPVvxbd572HH5AKiP7WD8INO53GgfDDhRjkylHEg==} - engines: {node: '>=18'} - hasBin: true - - escalade@3.2.0: - resolution: {integrity: sha512-WUj2qlxaQtO4g6Pq5c29GTcWGDyd8itL8zTlipgECz3JesAiiOKotd8JU6otB3PACgG6xkJUyVhboMS+bje/jA==} - engines: {node: '>=6'} - - escape-html@1.0.3: - resolution: {integrity: sha512-NiSupZ4OeuGwr68lGIeym/ksIZMJodUGOSCZ/FSnTxcrekbvqrgdUxlJOMpijaKZVjAJrWrGs/6Jy8OMuyj9ow==} - - escape-string-regexp@1.0.5: - resolution: {integrity: sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==} - engines: {node: '>=0.8.0'} - - escape-string-regexp@4.0.0: - resolution: {integrity: sha512-TtpcNJ3XAzx3Gq8sWRzJaVajRs0uVxA2YAkdb1jm2YkPz4G6egUFAyA3n5vtEIZefPk5Wa4UXbKuS5fKkJWdgA==} - engines: {node: '>=10'} - - eslint-scope@5.1.1: - resolution: {integrity: sha512-2NxwbF/hZ0KpepYN0cNbo+FN6XoK7GaHlQhgx/hIZl6Va0bF45RQOOwhLIy8lQDbuCiadSLCBnH2CFYquit5bw==} - engines: {node: '>=8.0.0'} - - esmock@2.6.7: - resolution: {integrity: sha512-4DmjZ0qQIG+NQV1njHvWrua/cZEuJq56A3pSELT2BjNuol1aads7BluofCbLErdO41Ic1XCd2UMepVLpjL64YQ==} - engines: {node: '>=14.16.0'} - - esrecurse@4.3.0: - resolution: {integrity: sha512-KmfKL3b6G+RXvP8N1vr3Tq1kL/oCFgn2NYXEtqP8/L3pKapUA4G8cFVaoF3SU323CD4XypR/ffioHmkti6/Tag==} - engines: {node: '>=4.0'} - - estraverse@4.3.0: - resolution: {integrity: sha512-39nnKffWz8xN1BU/2c79n9nB9HDzo0niYUqx6xyqUnyoAnQyyWpOTdZEeiCch8BBu515t4wp9ZmgVfVhn9EBpw==} - engines: {node: '>=4.0'} - - estraverse@5.3.0: - resolution: {integrity: sha512-MMdARuVEQziNTeJD8DgMqmhwR11BRQ/cBP+pLtYdSTnf3MIO8fFeiINEbX36ZdNlfU/7A9f3gUw49B3oQsvwBA==} - engines: {node: '>=4.0'} - - esutils@2.0.3: - resolution: {integrity: sha512-kVscqXk4OCp68SZ0dkgEKVi6/8ij300KBWTJq32P/dYeWTSwK41WyTxalN1eRmA5Z9UU/LX9D7FWSmV9SAYx6g==} - engines: {node: '>=0.10.0'} - - event-target-shim@5.0.1: - resolution: {integrity: sha512-i/2XbnSz/uxRCU6+NdVJgKWDTM427+MqYbkQzD321DuCQJUqOuJKIA0IM2+W2xtYHdKOmZ4dR6fExsd4SXL+WQ==} - engines: {node: '>=6'} - - events@3.3.0: - resolution: {integrity: sha512-mQw+2fkQbALzQ7V0MY0IqdnXNOeTtP4r0lN9z7AAawCXgqea7bDii20AYrIBrFd/Hx0M2Ocz6S111CaFkUcb0Q==} - engines: {node: '>=0.8.x'} - - execa@5.1.1: - resolution: {integrity: sha512-8uSpZZocAZRBAPIEINJj3Lo9HyGitllczc27Eh5YYojjMFMn8yHMDMaUHE2Jqfq05D/wucwI4JGURyXt1vchyg==} - engines: {node: '>=10'} - - execa@8.0.1: - resolution: {integrity: sha512-VyhnebXciFV2DESc+p6B+y0LjSm0krU4OgJN44qFAhBY0TJ+1V61tYD2+wHusZ6F9n5K+vl8k0sTy7PEfV4qpg==} - engines: {node: '>=16.17'} - - fast-content-type-parse@1.1.0: - resolution: {integrity: sha512-fBHHqSTFLVnR61C+gltJuE5GkVQMV0S2nqUO8TJ+5Z3qAKG8vAx4FKai1s5jq/inV1+sREynIWSuQ6HgoSXpDQ==} - - fast-decode-uri-component@1.0.1: - resolution: {integrity: sha512-WKgKWg5eUxvRZGwW8FvfbaH7AXSh2cL+3j5fMGzUMCxWBJ3dV3a7Wz8y2f/uQ0e3B6WmodD3oS54jTQ9HVTIIg==} - - fast-deep-equal@3.1.3: - resolution: {integrity: sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q==} - - fast-glob@3.3.2: - resolution: {integrity: sha512-oX2ruAFQwf/Orj8m737Y5adxDQO0LAB7/S5MnxCdTNDd4p6BsyIVsv9JQsATbTSq8KHRpLwIHbVlUNatxd+1Ow==} - engines: {node: '>=8.6.0'} - - fast-json-stable-stringify@2.1.0: - resolution: {integrity: sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==} - - fast-json-stringify@5.16.1: - resolution: {integrity: sha512-KAdnLvy1yu/XrRtP+LJnxbBGrhN+xXu+gt3EUvZhYGKCr3lFHq/7UFJHHFgmJKoqlh6B40bZLEv7w46B0mqn1g==} - - fast-querystring@1.1.2: - resolution: {integrity: sha512-g6KuKWmFXc0fID8WWH0jit4g0AGBoJhCkJMb1RmbsSEUNvQ+ZC8D6CUZ+GtF8nMzSPXnhiePyyqqipzNNEnHjg==} - - fast-redact@3.5.0: - resolution: {integrity: sha512-dwsoQlS7h9hMeYUq1W++23NDcBLV4KqONnITDV9DjfS3q1SgDGVrBdvvTLUotWtPSD7asWDV9/CmsZPy8Hf70A==} - engines: {node: '>=6'} - - fast-uri@2.4.0: - resolution: {integrity: sha512-ypuAmmMKInk5q7XcepxlnUWDLWv4GFtaJqAzWKqn62IpQ3pejtr5dTVbt3vwqVaMKmkNR55sTT+CqUKIaT21BA==} - - fast-uri@3.0.1: - resolution: {integrity: sha512-MWipKbbYiYI0UC7cl8m/i/IWTqfC8YXsqjzybjddLsFjStroQzsHXkc73JutMvBiXmOvapk+axIl79ig5t55Bw==} - - fast-xml-parser@4.4.1: - resolution: {integrity: sha512-xkjOecfnKGkSsOwtZ5Pz7Us/T6mrbPQrq0nh+aCO5V9nk5NLWmasAHumTKjiPJPWANe+kAZ84Jc8ooJkzZ88Sw==} - hasBin: true - - fastify-plugin@4.5.1: - resolution: {integrity: sha512-stRHYGeuqpEZTL1Ef0Ovr2ltazUT9g844X5z/zEBFLG8RYlpDiOCIG+ATvYEp+/zmc7sN29mcIMp8gvYplYPIQ==} - - fastify@4.28.1: - resolution: {integrity: sha512-kFWUtpNr4i7t5vY2EJPCN2KgMVpuqfU4NjnJNCgiNB900oiDeYqaNDRcAfeBbOF5hGixixxcKnOU4KN9z6QncQ==} - - fastq@1.17.1: - resolution: {integrity: sha512-sRVD3lWVIXWg6By68ZN7vho9a1pQcN/WBFaAAsDDFzlJjvoGx0P8z7V1t72grFJfJhu3YPZBuu25f7Kaw2jN1w==} - - faye-websocket@0.11.4: - resolution: {integrity: sha512-CzbClwlXAuiRQAlUyfqPgvPoNKTckTPGfwZV4ZdAhVcP2lh9KUxJg2b5GkE7XbjKQ3YJnQ9z6D9ntLAlB+tP8g==} - engines: {node: '>=0.8.0'} - - faye@1.4.0: - resolution: {integrity: sha512-kRrIg4be8VNYhycS2PY//hpBJSzZPr/DBbcy9VWelhZMW3KhyLkQR0HL0k0MNpmVoNFF4EdfMFkNAWjTP65g6w==} - engines: {node: '>=0.8.0'} - - fetch-blob@3.2.0: - resolution: {integrity: sha512-7yAQpD2UMJzLi1Dqv7qFYnPbaPx7ZfFK6PiIxQ4PfkGPyNyl2Ugx+a/umUonmKqjhM4DnfbMvdX6otXq83soQQ==} - engines: {node: ^12.20 || >= 14.13} - - fill-range@7.1.1: - resolution: {integrity: sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==} - engines: {node: '>=8'} - - find-my-way@8.2.0: - resolution: {integrity: sha512-HdWXgFYc6b1BJcOBDBwjqWuHJj1WYiqrxSh25qtU4DabpMFdj/gSunNBQb83t+8Zt67D7CXEzJWTkxaShMTMOA==} - engines: {node: '>=14'} - - find-up@5.0.0: - resolution: {integrity: sha512-78/PXT1wlLLDgTzDs7sjq9hzz0vXD+zn+7wypEe4fXQxCmdmqfGsEPQxmiCSQI3ajFV91bVSsvNtrJRiW6nGng==} - engines: {node: '>=10'} - - flat@5.0.2: - resolution: {integrity: sha512-b6suED+5/3rTpUBdG1gupIl8MPFCAMA0QXwmljLhvCUKcUvdE4gWky9zpuGCcXHOsz4J9wPGNWq6OKpmIzz3hQ==} - hasBin: true - - fluent-ffmpeg@2.1.3: - resolution: {integrity: sha512-Be3narBNt2s6bsaqP6Jzq91heDgOEaDCJAXcE3qcma/EJBSy5FB4cvO31XBInuAuKBx8Kptf8dkhjK0IOru39Q==} - engines: {node: '>=18'} - - foreground-child@3.3.0: - resolution: {integrity: sha512-Ld2g8rrAyMYFXBhEqMz8ZAHBi4J4uS1i/CxGMDnjyFWddMXLVcDp051DZfu+t7+ab7Wv6SMqpWmyFIj5UbfFvg==} - engines: {node: '>=14'} - - formdata-polyfill@4.0.10: - resolution: {integrity: sha512-buewHzMvYL29jdeQTVILecSaZKnt/RJWjoZCF5OW60Z67/GmSLBkOFM7qh1PI3zFNtJbaZL5eQu1vLfazOwj4g==} - engines: {node: '>=12.20.0'} - - forwarded@0.2.0: - resolution: {integrity: sha512-buRG0fpBtRHSTCOASe6hD258tEubFoRLb4ZNA6NxMVHNw2gOcwHo9wyablzMzOA5z9xA9L1KNjk/Nt6MT9aYow==} - engines: {node: '>= 0.6'} - - fs-monkey@1.0.6: - resolution: {integrity: sha512-b1FMfwetIKymC0eioW7mTywihSQE4oLzQn1dB6rZB5fx/3NpNEdAWeCSMB+60/AeT0TCXsxzAlcYVEFCTAksWg==} - - fs.realpath@1.0.0: - resolution: {integrity: sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==} - - fsevents@2.3.3: - resolution: {integrity: sha512-5xoDfX+fL7faATnagmWPpbFtwh/R77WmMMqqHGS65C3vvB0YHrgF+B1YmZ3441tMj5n63k0212XNoJwzlhffQw==} - engines: {node: ^8.16.0 || ^10.6.0 || >=11.0.0} - os: [darwin] - - function-bind@1.1.2: - resolution: {integrity: sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA==} - - gensync@1.0.0-beta.2: - resolution: {integrity: sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==} - engines: {node: '>=6.9.0'} - - get-caller-file@2.0.5: - resolution: {integrity: sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==} - engines: {node: 6.* || 8.* || >= 10.*} - - get-func-name@2.0.2: - resolution: {integrity: sha512-8vXOvuE167CtIc3OyItco7N/dpRtBbYOsPsXCz7X/PMnlGjYjSGuZJgM1Y7mmew7BKf9BqvLX2tnOVy1BBUsxQ==} - - get-intrinsic@1.2.4: - resolution: {integrity: sha512-5uYhsJH8VJBTv7oslg4BznJYhDoRI6waYCxMmCdnTrcCrHA/fCFKoTFz2JKKE0HdDFUF7/oQuhzumXJK7paBRQ==} - engines: {node: '>= 0.4'} - - get-stream@6.0.1: - resolution: {integrity: sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg==} - engines: {node: '>=10'} - - get-stream@8.0.1: - resolution: {integrity: sha512-VaUJspBffn/LMCJVoMvSAdmscJyS1auj5Zulnn5UoYcY531UWmdwhRWkcGKnGU93m5HSXP9LP2usOryrBtQowA==} - engines: {node: '>=16'} - - get-tsconfig@4.8.0: - resolution: {integrity: sha512-Pgba6TExTZ0FJAn1qkJAjIeKoDJ3CsI2ChuLohJnZl/tTU8MVrq3b+2t5UOPfRa4RMsorClBjJALkJUMjG1PAw==} - - glob-parent@5.1.2: - resolution: {integrity: sha512-AOIgSQCepiJYwP3ARnGx+5VnTu2HBYdzbGP45eLw1vr3zB3vZLeyed1sC9hnbcOc9/SrMyM5RPQrkGz4aS9Zow==} - engines: {node: '>= 6'} - - glob-to-regexp@0.4.1: - resolution: {integrity: sha512-lkX1HJXwyMcprw/5YUZc2s7DrpAiHB21/V+E1rHUrVNokkvB6bqMzT0VfV6/86ZNabt1k14YOIaT7nDvOX3Iiw==} - - glob@10.4.5: - resolution: {integrity: sha512-7Bv8RF0k6xjo7d4A/PxYLbUCfb6c+Vpd2/mB2yRDlew7Jb5hEXiCD9ibfO7wpk8i4sevK6DFny9h7EYbM3/sHg==} - hasBin: true - - glob@7.2.3: - resolution: {integrity: sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==} - deprecated: Glob versions prior to v9 are no longer supported - - glob@8.1.0: - resolution: {integrity: sha512-r8hpEjiQEYlF2QU0df3dS+nxxSIreXQS1qRhMJM0Q5NDdR386C7jb7Hwwod8Fgiuex+k0GFjgft18yvxm5XoCQ==} - engines: {node: '>=12'} - deprecated: Glob versions prior to v9 are no longer supported - - globals@11.12.0: - resolution: {integrity: sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==} - engines: {node: '>=4'} - - globby@11.1.0: - resolution: {integrity: sha512-jhIXaOzy1sb8IyocaruWSn1TjmnBVs8Ayhcy83rmxNJ8q2uWKCAj3CnJY+KpGSXCueAPc0i05kVvVKtP1t9S3g==} - engines: {node: '>=10'} - - gopd@1.0.1: - resolution: {integrity: sha512-d65bNlIadxvpb/A2abVdlqKqV563juRnZ1Wtk6s1sIR8uNsXR70xqIzVqxVf1eTqDunwT2MkczEeaezCKTZhwA==} - - graceful-fs@4.2.11: - resolution: {integrity: sha512-RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ==} - - has-flag@3.0.0: - resolution: {integrity: sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==} - engines: {node: '>=4'} - - has-flag@4.0.0: - resolution: {integrity: sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==} - engines: {node: '>=8'} - - has-property-descriptors@1.0.2: - resolution: {integrity: sha512-55JNKuIW+vq4Ke1BjOTjM2YctQIvCT7GFzHwmfZPGo5wnrgkid0YQtnAleFSqumZm4az3n2BS+erby5ipJdgrg==} - - has-proto@1.0.3: - resolution: {integrity: sha512-SJ1amZAJUiZS+PhsVLf5tGydlaVB8EdFpaSO4gmiUKUOxk8qzn5AIy4ZeJUmh22znIdk/uMAUT2pl3FxzVUH+Q==} - engines: {node: '>= 0.4'} - - has-symbols@1.0.3: - resolution: {integrity: sha512-l3LCuF6MgDNwTDKkdYGEihYjt5pRPbEg46rtlmnSPlUbgmB8LOIrKJbYYFBSbnPaJexMKtiPO8hmeRjRz2Td+A==} - engines: {node: '>= 0.4'} - - hasown@2.0.2: - resolution: {integrity: sha512-0hJU9SCPvmMzIBdZFqNPXWa6dqh7WdH0cII9y+CyS8rG3nL48Bclra9HmKhVVUHyPWNH5Y7xDwAB7bfgSjkUMQ==} - engines: {node: '>= 0.4'} - - he@1.2.0: - resolution: {integrity: sha512-F/1DnUGPopORZi0ni+CvrCgHQ5FyEAHRLSApuYWMmrbSwoN2Mn/7k+Gl38gJnR7yyDZk6WLXwiGod1JOWNDKGw==} - hasBin: true - - heap-js@2.5.0: - resolution: {integrity: sha512-kUGoI3p7u6B41z/dp33G6OaL7J4DRqRYwVmeIlwLClx7yaaAy7hoDExnuejTKtuDwfcatGmddHDEOjf6EyIxtQ==} - engines: {node: '>=10.0.0'} - - html-to-text@9.0.5: - resolution: {integrity: sha512-qY60FjREgVZL03vJU6IfMV4GDjGBIoOyvuFdpBDIX9yTlDw0TjxVBQp+P8NvpdIXNJvfWBTNul7fsAQJq2FNpg==} - engines: {node: '>=14'} - - htmlparser2@8.0.2: - resolution: {integrity: sha512-GYdjWKDkbRLkZ5geuHs5NY1puJ+PXwP7+fHPRz06Eirsb9ugf6d8kkXav6ADhcODhFFPMIXyxkxSuMf3D6NCFA==} - - htmlparser2@9.1.0: - resolution: {integrity: sha512-5zfg6mHUoaer/97TxnGpxmbR7zJtPwIYFMZ/H5ucTlPZhKvtum05yiPK3Mgai3a0DyVxv7qYqoweaEd2nrYQzQ==} - - http-errors@2.0.0: - resolution: {integrity: sha512-FtwrG/euBzaEjYeRqOgly7G0qviiXoJWnvEH2Z1plBdXgbyjv34pHTSb9zoeHMyDy33+DWy5Wt9Wo+TURtOYSQ==} - engines: {node: '>= 0.8'} - - http-parser-js@0.5.8: - resolution: {integrity: sha512-SGeBX54F94Wgu5RH3X5jsDtf4eHyRogWX1XGT3b4HuW3tQPM4AaBzoUji/4AAJNXCEOWZ5O0DgZmJw1947gD5Q==} - - human-signals@2.1.0: - resolution: {integrity: sha512-B4FFZ6q/T2jhhksgkbEW3HBvWIfDW85snkQgawt07S7J5QXTk6BkNV+0yAeZrM5QpMAdYlocGoljn0sJ/WQkFw==} - engines: {node: '>=10.17.0'} - - human-signals@5.0.0: - resolution: {integrity: sha512-AXcZb6vzzrFAUE61HnN4mpLqd/cSIwNQjtNWR0euPm6y0iqx3G4gOXaIDdtdDwZmhwe82LA6+zinmW4UBWVePQ==} - engines: {node: '>=16.17.0'} - - hyperdyperid@1.2.0: - resolution: {integrity: sha512-Y93lCzHYgGWdrJ66yIktxiaGULYc6oGiABxhcO5AufBeOyoIdZF7bIfLaOrbM0iGIOXQQgxxRrFEnb+Y6w1n4A==} - engines: {node: '>=10.18'} - - iconv-lite@0.6.3: - resolution: {integrity: sha512-4fCk79wshMdzMp2rH06qWrJE4iolqLhCUH+OiuIgU++RB0+94NlDL81atO7GX55uUKueo0txHNtvEyI6D7WdMw==} - engines: {node: '>=0.10.0'} - - ieee754@1.2.1: - resolution: {integrity: sha512-dcyqhDvX1C46lXZcVqCpK+FtMRQVdIMN6/Df5js2zouUsqG7I6sFxitIC+7KYK29KdXOLHdu9zL4sFnoVQnqaA==} - - ignore-by-default@1.0.1: - resolution: {integrity: sha512-Ius2VYcGNk7T90CppJqcIkS5ooHUZyIQK+ClZfMfMNFEF9VSE73Fq+906u/CWu92x4gzZMWOwfFYckPObzdEbA==} - - ignore@5.3.2: - resolution: {integrity: sha512-hsBTNUqQTDwkWtcdYI2i06Y/nUBEsNEDJKjWdigLvegy8kDuJAS8uRlpkkcQpyEXL0Z/pjDy5HBmMjRCJ2gq+g==} - engines: {node: '>= 4'} - - imapflow@1.0.164: - resolution: {integrity: sha512-+KAmLrpqq2Q0Ts1imMP4svydfhYznlvlLHhgtTb8NiIcccZvdRNfdHVP8/RrGaw0hy0TOaluawsm/6q+TqdLPw==} - - inflight@1.0.6: - resolution: {integrity: sha512-k92I/b08q4wvFscXCLvqfsHCrjrF7yiXsQuIVvVE7N82W3+aqpzuUdBbfhWcy/FZR3/4IgflMgKLOsvPDrGCJA==} - deprecated: This module is not supported, and leaks memory. Do not use it. Check out lru-cache if you want a good and tested way to coalesce async requests by a key value, which is much more comprehensive and powerful. - - inherits@2.0.4: - resolution: {integrity: sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==} - - ip-address@9.0.5: - resolution: {integrity: sha512-zHtQzGojZXTwZTHQqra+ETKd4Sn3vgi7uBmlPoXVWZqYvuKmtI0l/VZTjqGmJY9x88GGOaZ9+G9ES8hC4T4X8g==} - engines: {node: '>= 12'} - - ipaddr.js@1.9.1: - resolution: {integrity: sha512-0KI/607xoxSToH7GjN1FfSbLoU0+btTicjsQSWQlh/hZykN8KpmMf7uYwPW3R+akZ6R/w18ZlXSHBYXiYUPO3g==} - engines: {node: '>= 0.10'} - - is-arrayish@0.3.2: - resolution: {integrity: sha512-eVRqCvVlZbuw3GrM63ovNSNAeA1K16kaR/LRY/92w0zxQ5/1YzwblUX652i4Xs9RwAGjW9d9y6X88t8OaAJfWQ==} - - is-binary-path@2.1.0: - resolution: {integrity: sha512-ZMERYes6pDydyuGidse7OsHxtbI7WVeUEozgR/g7rd0xUimYNlvZRE/K2MgZTjWy725IfelLeVcEM97mmtRGXw==} - engines: {node: '>=8'} - - is-core-module@2.15.1: - resolution: {integrity: sha512-z0vtXSwucUJtANQWldhbtbt7BnL0vxiFjIdDLAatwhDYty2bad6s+rijD6Ri4YuYJubLzIJLUidCh09e1djEVQ==} - engines: {node: '>= 0.4'} - - is-extglob@2.1.1: - resolution: {integrity: sha512-SbKbANkN603Vi4jEZv49LeVJMn4yGwsbzZworEoyEiutsN3nJYdbO36zfhGJ6QEDpOZIFkDtnq5JRxmvl3jsoQ==} - engines: {node: '>=0.10.0'} - - is-fullwidth-code-point@3.0.0: - resolution: {integrity: sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==} - engines: {node: '>=8'} - - is-glob@4.0.3: - resolution: {integrity: sha512-xelSayHH36ZgE7ZWhli7pW34hNbNl8Ojv5KVmkJD4hBdD3th8Tfk9vYasLM+mXWOZhFkgZfxhLSnrwRr4elSSg==} - engines: {node: '>=0.10.0'} - - is-network-error@1.1.0: - resolution: {integrity: sha512-tUdRRAnhT+OtCZR/LxZelH/C7QtjtFrTu5tXCA8pl55eTUElUHT+GPYV8MBMBvea/j+NxQqVt3LbWMRir7Gx9g==} - engines: {node: '>=16'} - - is-number@7.0.0: - resolution: {integrity: sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==} - engines: {node: '>=0.12.0'} - - is-plain-obj@2.1.0: - resolution: {integrity: sha512-YWnfyRwxL/+SsrWYfOpUtz5b3YD+nyfkHvjbcanzk8zgyO4ASD67uVMRt8k5bM4lLMDnXfriRhOpemw+NfT1eA==} - engines: {node: '>=8'} - - is-stream@2.0.1: - resolution: {integrity: sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg==} - engines: {node: '>=8'} - - is-stream@3.0.0: - resolution: {integrity: sha512-LnQR4bZ9IADDRSkvpqMGvt/tEJWclzklNgSw48V5EAaAeDd6qGvN8ei6k5p0tvxSR171VmGyHuTiAOfxAbr8kA==} - engines: {node: ^12.20.0 || ^14.13.1 || >=16.0.0} - - is-unicode-supported@0.1.0: - resolution: {integrity: sha512-knxG2q4UC3u8stRGyAVJCOdxFmv5DZiRcdlIaAQXAbSfJya+OhopNotLQrstBhququ4ZpuKbDc/8S6mgXgPFPw==} - engines: {node: '>=10'} - - isexe@2.0.0: - resolution: {integrity: sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==} - - isexe@3.1.1: - resolution: {integrity: sha512-LpB/54B+/2J5hqQ7imZHfdU31OlgQqx7ZicVlkm9kzg9/w8GKLEcFfJl/t7DCEDueOyBAD6zCCwTO6Fzs0NoEQ==} - engines: {node: '>=16'} - - jackspeak@3.4.3: - resolution: {integrity: sha512-OGlZQpz2yfahA/Rd1Y8Cd9SIEsqvXkLVoSw/cgwhnhFMDbsQFeZYoJJ7bIZBS9BcamUW96asq/npPWugM+RQBw==} - - jest-worker@27.5.1: - resolution: {integrity: sha512-7vuh85V5cdDofPyxn58nrPjBktZo0u9x1g8WtjQol+jZDaE+fhN+cIvTj11GndBnMnyfrUOG1sZQxCdjKh+DKg==} - engines: {node: '>= 10.13.0'} - - joycon@3.1.1: - resolution: {integrity: sha512-34wB/Y7MW7bzjKRjUKTa46I2Z7eV62Rkhva+KkopW7Qvv/OSWBqvkSY7vusOPrNuZcUG3tApvdVgNB8POj3SPw==} - engines: {node: '>=10'} - - js-tokens@4.0.0: - resolution: {integrity: sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==} - - js-yaml@4.1.0: - resolution: {integrity: sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA==} - hasBin: true - - jsbn@1.1.0: - resolution: {integrity: sha512-4bYVV3aAMtDTTu4+xsDYa6sy9GyJ69/amsu9sYF2zqjiEoZA5xJi3BrfX3uY+/IekIu7MwdObdbDWpoZdBv3/A==} - - jsesc@0.5.0: - resolution: {integrity: sha512-uZz5UnB7u4T9LvwmFqXii7pZSouaRPorGs5who1Ip7VO0wxanFvBL7GkM6dTHlgX+jhBApRetaWpnDabOeTcnA==} - hasBin: true - - jsesc@2.5.2: - resolution: {integrity: sha512-OYu7XEzjkCQ3C5Ps3QIZsQfNpqoJyZZA99wd9aWd05NCtC5pWOkShK2mkL6HXQR6/Cy2lbNdPlZBpuQHXE63gA==} - engines: {node: '>=4'} - hasBin: true - - json-parse-even-better-errors@2.3.1: - resolution: {integrity: sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==} - - json-schema-ref-resolver@1.0.1: - resolution: {integrity: sha512-EJAj1pgHc1hxF6vo2Z3s69fMjO1INq6eGHXZ8Z6wCQeldCuwxGK9Sxf4/cScGn3FZubCVUehfWtcDM/PLteCQw==} - - json-schema-resolver@2.0.0: - resolution: {integrity: sha512-pJ4XLQP4Q9HTxl6RVDLJ8Cyh1uitSs0CzDBAz1uoJ4sRD/Bk7cFSXL1FUXDW3zJ7YnfliJx6eu8Jn283bpZ4Yg==} - engines: {node: '>=10'} - - json-schema-traverse@0.4.1: - resolution: {integrity: sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==} - - json-schema-traverse@1.0.0: - resolution: {integrity: sha512-NM8/P9n3XjXhIZn1lLhkFaACTOURQXjWhV4BA/RnOv8xvgqtqpAX9IO4mRQxSx1Rlo4tqzeqb0sOlruaOy3dug==} - - json5@2.2.3: - resolution: {integrity: sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==} - engines: {node: '>=6'} - hasBin: true - - just-extend@6.2.0: - resolution: {integrity: sha512-cYofQu2Xpom82S6qD778jBDpwvvy39s1l/hrYij2u9AMdQcGRpaBu6kY4mVhuno5kJVi1DAz4aiphA2WI1/OAw==} - - just-performance@4.3.0: - resolution: {integrity: sha512-L7RjvtJsL0QO8xFs5wEoDDzzJwoiowRw6Rn/GnvldlchS2JQr9wFYPiwZcDfrbbujEKqKN0tvENdbjXdYhDp5Q==} - - leac@0.6.0: - resolution: {integrity: sha512-y+SqErxb8h7nE/fiEX07jsbuhrpO9lL8eca7/Y1nuWV2moNlXhyd59iDGcRf6moVyDMbmTNzL40SUyrFU/yDpg==} - - libbase64@1.2.1: - resolution: {integrity: sha512-l+nePcPbIG1fNlqMzrh68MLkX/gTxk/+vdvAb388Ssi7UuUN31MI44w4Yf33mM3Cm4xDfw48mdf3rkdHszLNew==} - - libbase64@1.3.0: - resolution: {integrity: sha512-GgOXd0Eo6phYgh0DJtjQ2tO8dc0IVINtZJeARPeiIJqge+HdsWSuaDTe8ztQ7j/cONByDZ3zeB325AHiv5O0dg==} - - libmime@5.2.0: - resolution: {integrity: sha512-X2U5Wx0YmK0rXFbk67ASMeqYIkZ6E5vY7pNWRKtnNzqjvdYYG8xtPDpCnuUEnPU9vlgNev+JoSrcaKSUaNvfsw==} - - libmime@5.3.5: - resolution: {integrity: sha512-nSlR1yRZ43L3cZCiWEw7ali3jY29Hz9CQQ96Oy+sSspYnIP5N54ucOPHqooBsXzwrX1pwn13VUE05q4WmzfaLg==} - - libqp@2.0.1: - resolution: {integrity: sha512-Ka0eC5LkF3IPNQHJmYBWljJsw0UvM6j+QdKRbWyCdTmYwvIDE6a7bCm0UkTAL/K+3KXK5qXT/ClcInU01OpdLg==} - - libqp@2.1.0: - resolution: {integrity: sha512-O6O6/fsG5jiUVbvdgT7YX3xY3uIadR6wEZ7+vy9u7PKHAlSEB6blvC1o5pHBjgsi95Uo0aiBBdkyFecj6jtb7A==} - - light-my-request@5.13.0: - resolution: {integrity: sha512-9IjUN9ZyCS9pTG+KqTDEQo68Sui2lHsYBrfMyVUTTZ3XhH8PMZq7xO94Kr+eP9dhi/kcKsx4N41p2IXEBil1pQ==} - - lilconfig@3.1.2: - resolution: {integrity: sha512-eop+wDAvpItUys0FWkHIKeC9ybYrTGbU41U5K7+bttZZeohvnY7M9dZ5kB21GNWiFT2q1OoPTvncPCgSOVO5ow==} - engines: {node: '>=14'} - - limiter@2.1.0: - resolution: {integrity: sha512-361TYz6iay6n+9KvUUImqdLuFigK+K79qrUtBsXhJTLdH4rIt/r1y8r1iozwh8KbZNpujbFTSh74mJ7bwbAMOw==} - - lines-and-columns@1.2.4: - resolution: {integrity: sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg==} - - linkify-it@5.0.0: - resolution: {integrity: sha512-5aHCbzQRADcdP+ATqnDuhhJ/MRIqDkZX5pyjFHRRysS8vZ5AbqGEoFIb6pYHPZ+L/OC2Lc+xT8uHVVR5CAK/wQ==} - - load-tsconfig@0.2.5: - resolution: {integrity: sha512-IXO6OCs9yg8tMKzfPZ1YmheJbZCiEsnBdcB03l0OcfK9prKnJb96siuHCr5Fl37/yo9DnKU+TLpxzTUspw9shg==} - engines: {node: ^12.20.0 || ^14.13.1 || >=16.0.0} - - loader-runner@4.3.0: - resolution: {integrity: sha512-3R/1M+yS3j5ou80Me59j7F9IMs4PXs3VqRrm0TU3AbKPxlmpoY1TNscJV/oGJXo8qCatFGTfDbY6W6ipGOYXfg==} - engines: {node: '>=6.11.5'} - - locate-path@6.0.0: - resolution: {integrity: sha512-iPZK6eYjbxRu3uB4/WZ3EsEIMJFMqAoopl3R+zuq0UjcAm/MO6KCweDgPfP3elTztoKP3KtnVHxTn2NHBSDVUw==} - engines: {node: '>=10'} - - lodash.camelcase@4.3.0: - resolution: {integrity: sha512-TwuEnCnxbc3rAvhf/LbG7tJUDzhqXyFnv3dtzLOPgCG/hODL7WFnsbwktkD7yUV0RrreP/l1PALq/YSg6VvjlA==} - - lodash.debounce@4.0.8: - resolution: {integrity: sha512-FT1yDzDYEoYWhnSGnpE/4Kj1fLZkDFyqRb7fNt6FdYOSxlUWAtp42Eh6Wb0rGIv/m9Bgo7x4GhQbm5Ys4SG5ow==} - - lodash.get@4.4.2: - resolution: {integrity: sha512-z+Uw/vLuy6gQe8cfaFWD7p0wVv8fJl3mbzXh33RS+0oW2wvUqiRXiQ69gLWSLpgB5/6sU+r6BlQR0MBILadqTQ==} - - lodash.merge@4.6.2: - resolution: {integrity: sha512-0KpjqXRVvrYyCsX1swR/XTK0va6VQkQM6MNo7PqW77ByjAhoARA8EfrP1N4+KlKj8YS0ZUCtRT/YUuhyYDujIQ==} - - lodash.sortby@4.7.0: - resolution: {integrity: sha512-HDWXG8isMntAyRF5vZ7xKuEvOhT4AhlRt/3czTSjvGUxjYCBVRQY48ViDHyfYz9VIoBkW4TMGQNapx+l3RUwdA==} - - lodash@4.17.21: - resolution: {integrity: sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==} - - log-symbols@4.1.0: - resolution: {integrity: sha512-8XPvpAA8uyhfteu8pIvQxpJZ7SYYdpUivZpGy6sFsBuKRY/7rQGavedeB8aK+Zkyq6upMFVL/9AW6vOYzfRyLg==} - engines: {node: '>=10'} - - long@5.2.3: - resolution: {integrity: sha512-lcHwpNoggQTObv5apGNCTdJrO69eHOZMi4BNC+rTLER8iHAqGrUVeLh/irVIM7zTw2bOXA8T6uNPeujwOLg/2Q==} - - loupe@3.1.1: - resolution: {integrity: sha512-edNu/8D5MKVfGVFRhFf8aAxiTM6Wumfz5XsaatSxlD3w4R1d/WEKUTydCdPGbl9K7QG/Ca3GnDV2sIKIpXRQcw==} - - lru-cache@10.4.3: - resolution: {integrity: sha512-JNAzZcXrCt42VGLuYz0zfAzDfAvJWW6AfYlDBQyDV5DClI2m5sAmK+OIO7s59XfsRsWHp02jAJrRadPRGTt6SQ==} - - lru-cache@5.1.1: - resolution: {integrity: sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==} - - luxon@1.28.1: - resolution: {integrity: sha512-gYHAa180mKrNIUJCbwpmD0aTu9kV0dREDrwNnuyFAsO1Wt0EVYSZelPnJlbj9HplzXX/YWXHFTL45kvZ53M0pw==} - - mailparser@3.7.1: - resolution: {integrity: sha512-RCnBhy5q8XtB3mXzxcAfT1huNqN93HTYYyL6XawlIKycfxM/rXPg9tXoZ7D46+SgCS1zxKzw+BayDQSvncSTTw==} - - mailsplit@5.4.0: - resolution: {integrity: sha512-wnYxX5D5qymGIPYLwnp6h8n1+6P6vz/MJn5AzGjZ8pwICWssL+CCQjWBIToOVHASmATot4ktvlLo6CyLfOXWYA==} - - make-error@1.3.6: - resolution: {integrity: sha512-s8UhlNe7vPKomQhC1qFelMokr/Sc3AgNbso3n74mVPA5LTZwkB9NlXf4XPamLxJE8h0gh73rM94xvwRT2CVInw==} - - memfs@4.11.1: - resolution: {integrity: sha512-LZcMTBAgqUUKNXZagcZxvXXfgF1bHX7Y7nQ0QyEiNbRJgE29GhgPd8Yna1VQcLlPiHt/5RFJMWYN9Uv/VPNvjQ==} - engines: {node: '>= 4.0.0'} - - merge-stream@2.0.0: - resolution: {integrity: sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==} - - merge2@1.4.1: - resolution: {integrity: sha512-8q7VEgMJW4J8tcfVPy8g09NcQwZdbwFEqhe/WZkoIzjn/3TGDwtOCYtXGxA3O8tPzpczCCDgv+P2P5y00ZJOOg==} - engines: {node: '>= 8'} - - micromatch@4.0.8: - resolution: {integrity: sha512-PXwfBhYu0hBCPw8Dn0E+WDYb7af3dSLVWKi3HGv84IdF4TyFoC0ysxFd0Goxw7nSv4T/PzEJQxsYsEiFCKo2BA==} - engines: {node: '>=8.6'} - - mime-db@1.52.0: - resolution: {integrity: sha512-sPU4uV7dYlvtWJxwwxHD0PuihVNiE7TyAbQ5SWxDCB9mUYvOgroQOwYQQOKPJ8CIbE+1ETVlOoK1UC2nU3gYvg==} - engines: {node: '>= 0.6'} - - mime-types@2.1.35: - resolution: {integrity: sha512-ZDY+bPm5zTTF+YpCrAU9nK0UgICYPT0QtT1NZWFv4s++TNkcgVaT0g6+4R2uI4MjQjzysHB1zxuWL50hzaeXiw==} - engines: {node: '>= 0.6'} - - mime@3.0.0: - resolution: {integrity: sha512-jSCU7/VB1loIWBZe14aEYHU/+1UMEHoaO7qxCOVJOw9GgH72VAWppxNcjU+x9a2k3GSIBXNKxXQFqRvvZ7vr3A==} - engines: {node: '>=10.0.0'} - hasBin: true - - mimic-fn@2.1.0: - resolution: {integrity: sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==} - engines: {node: '>=6'} - - mimic-fn@4.0.0: - resolution: {integrity: sha512-vqiC06CuhBTUdZH+RYl8sFrL096vA45Ok5ISO6sE/Mr1jRbGH4Csnhi8f3wKVl7x8mO4Au7Ir9D3Oyv1VYMFJw==} - engines: {node: '>=12'} - - minimatch@3.1.2: - resolution: {integrity: sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==} - - minimatch@5.1.6: - resolution: {integrity: sha512-lKwV/1brpG6mBUFHtb7NUmtABCb2WZZmm2wNiOA5hAb8VdCS4B3dtMWyvcoViccwAW/COERjXLt0zP1zXUN26g==} - engines: {node: '>=10'} - - minimatch@9.0.5: - resolution: {integrity: sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow==} - engines: {node: '>=16 || 14 >=14.17'} - - minipass@7.1.2: - resolution: {integrity: sha512-qOOzS1cBTWYF4BH8fVePDBOO9iptMnGUEZwNc/cMWnTV2nVLZ7VoNWEPHkYczZA0pdoA7dl6e7FL659nX9S2aw==} - engines: {node: '>=16 || 14 >=14.17'} - - mocha@10.7.3: - resolution: {integrity: sha512-uQWxAu44wwiACGqjbPYmjo7Lg8sFrS3dQe7PP2FQI+woptP4vZXSMcfMyFL/e1yFEeEpV4RtyTpZROOKmxis+A==} - engines: {node: '>= 14.0.0'} - hasBin: true - - mock-json-schema@1.1.1: - resolution: {integrity: sha512-YV23vlsLP1EEOy0EviUvZTluXjLR+rhMzeayP2rcDiezj3RW01MhOSQkbQskdtg0K2fnGas5LKbSXgNjAOSX4A==} - - ms@2.1.2: - resolution: {integrity: sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==} - - ms@2.1.3: - resolution: {integrity: sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==} - - ms@3.0.0-canary.1: - resolution: {integrity: sha512-kh8ARjh8rMN7Du2igDRO9QJnqCb2xYTJxyQYK7vJJS4TvLLmsbyhiKpSW+t+y26gyOyMd0riphX0GeWKU3ky5g==} - engines: {node: '>=12.13'} - - mz@2.7.0: - resolution: {integrity: sha512-z81GNO7nnYMEhrGh9LeymoE4+Yr0Wn5McHIZMK5cfQCl+NDX08sCZgUc9/6MHni9IWuFLm1Z3HTCXu2z9fN62Q==} - - neo-async@2.6.2: - resolution: {integrity: sha512-Yd3UES5mWCSqR+qNT93S3UoYUkqAZ9lLg8a7g9rimsWmYGK8cVToA4/sF3RrshdyV3sAGMXVUmpMYOw+dLpOuw==} - - nise@6.0.0: - resolution: {integrity: sha512-K8ePqo9BFvN31HXwEtTNGzgrPpmvgciDsFz8aztFjt4LqKO/JeFD8tBOeuDiCMXrIl/m1YvfH8auSpxfaD09wg==} - - node-domexception@1.0.0: - resolution: {integrity: sha512-/jKZoMpw0F8GRwl4/eLROPA3cfcXtLApP0QzLmUT/HuPCZWyB7IY9ZrMeKw2O/nFIqPQB3PVM9aYm0F312AXDQ==} - engines: {node: '>=10.5.0'} - - node-fetch@3.3.2: - resolution: {integrity: sha512-dRB78srN/l6gqWulah9SrxeYnxeddIG30+GOqK/9OlLVyLg3HPnr6SqOWTWOXKRwC2eGYCkZ59NNuSgvSrpgOA==} - engines: {node: ^12.20.0 || ^14.13.1 || >=16.0.0} - - node-releases@2.0.18: - resolution: {integrity: sha512-d9VeXT4SJ7ZeOqGX6R5EM022wpL+eWPooLI+5UpWn2jCT1aosUQEhQP214x33Wkwx3JQMvIm+tIoVOdodFS40g==} - - nodemailer@6.9.13: - resolution: {integrity: sha512-7o38Yogx6krdoBf3jCAqnIN4oSQFx+fMa0I7dK1D+me9kBxx12D+/33wSb+fhOCtIxvYJ+4x4IMEhmhCKfAiOA==} - engines: {node: '>=6.0.0'} - - nodemailer@6.9.14: - resolution: {integrity: sha512-Dobp/ebDKBvz91sbtRKhcznLThrKxKt97GI2FAlAyy+fk19j73Uz3sBXolVtmcXjaorivqsbbbjDY+Jkt4/bQA==} - engines: {node: '>=6.0.0'} - - nodemon@3.1.4: - resolution: {integrity: sha512-wjPBbFhtpJwmIeY2yP7QF+UKzPfltVGtfce1g/bB15/8vCGZj8uxD62b/b9M9/WVgme0NZudpownKN+c0plXlQ==} - engines: {node: '>=10'} - hasBin: true - - normalize-path@3.0.0: - resolution: {integrity: sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==} - engines: {node: '>=0.10.0'} - - npm-run-path@4.0.1: - resolution: {integrity: sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw==} - engines: {node: '>=8'} - - npm-run-path@5.3.0: - resolution: {integrity: sha512-ppwTtiJZq0O/ai0z7yfudtBpWIoxM8yE6nHi1X47eFR2EWORqfbu6CnPlNsjeN683eT0qG6H/Pyf9fCcvjnnnQ==} - engines: {node: ^12.20.0 || ^14.13.1 || >=16.0.0} - - nth-check@2.1.1: - resolution: {integrity: sha512-lqjrjmaOoAnWfMmBPL+XNnynZh2+swxiX3WUE0s4yEHI6m+AwrK2UZOimIRl3X/4QctVqS8AiZjFqyOGrMXb/w==} - - object-assign@4.1.1: - resolution: {integrity: sha512-rJgTQnkUnH1sFw8yT6VSU3zD3sWmu6sZhIseY8VX+GRu3P6F7Fu+JNDoXfklElbLJSnc3FUQHVe4cU5hj+BcUg==} - engines: {node: '>=0.10.0'} - - object-inspect@1.13.2: - resolution: {integrity: sha512-IRZSRuzJiynemAXPYtPe5BoI/RESNYR7TYm50MC5Mqbd3Jmw5y790sErYw3V6SryFJD64b74qQQs9wn5Bg/k3g==} - engines: {node: '>= 0.4'} - - obuf@1.1.2: - resolution: {integrity: sha512-PX1wu0AmAdPqOL1mWhqmlOd8kOIZQwGZw6rh7uby9fTc5lhaOWFLX3I6R1hrF9k3zUY40e6igsLGkDXK92LJNg==} - - on-exit-leak-free@2.1.2: - resolution: {integrity: sha512-0eJJY6hXLGf1udHwfNftBqH+g73EU4B504nZeKpz1sYRKafAghwxEJunB2O7rDZkL4PGfsMVnTXZ2EjibbqcsA==} - engines: {node: '>=14.0.0'} - - once@1.4.0: - resolution: {integrity: sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==} - - onetime@5.1.2: - resolution: {integrity: sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==} - engines: {node: '>=6'} - - onetime@6.0.0: - resolution: {integrity: sha512-1FlR+gjXK7X+AsAHso35MnyN5KqGwJRi/31ft6x0M194ht7S+rWAvd7PHss9xSKMzE0asv1pyIHaJYq+BbacAQ==} - engines: {node: '>=12'} - - openapi-backend@5.10.6: - resolution: {integrity: sha512-vTjBRys/O4JIHdlRHUKZ7pxS+gwIJreAAU9dvYRFrImtPzQ5qxm5a6B8BTVT9m6I8RGGsShJv35MAc3Tu2/y/A==} - engines: {node: '>=12.0.0'} - - openapi-schema-validator@12.1.3: - resolution: {integrity: sha512-xTHOmxU/VQGUgo7Cm0jhwbklOKobXby+/237EG967+3TQEYJztMgX9Q5UE2taZKwyKPUq0j11dngpGjUuxz1hQ==} - - openapi-types@12.1.3: - resolution: {integrity: sha512-N4YtSYJqghVu4iek2ZUvcN/0aqH1kRDuNqzcycDxhOUpg7GdvLa2F3DgS6yBNhInhv2r/6I0Flkn7CqL8+nIcw==} - - p-limit@3.1.0: - resolution: {integrity: sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==} - engines: {node: '>=10'} - - p-locate@5.0.0: - resolution: {integrity: sha512-LaNjtRWUBY++zB5nE/NwcaoMylSPk+S+ZHNB1TzdbMJMny6dynpAGt7X/tl/QYq3TIeE6nxHppbo2LGymrG5Pw==} - engines: {node: '>=10'} - - p-retry@6.2.0: - resolution: {integrity: sha512-JA6nkq6hKyWLLasXQXUrO4z8BUZGUt/LjlJxx8Gb2+2ntodU/SS63YZ8b0LUTbQ8ZB9iwOfhEPhg4ykKnn2KsA==} - engines: {node: '>=16.17'} - - package-json-from-dist@1.0.0: - resolution: {integrity: sha512-dATvCeZN/8wQsGywez1mzHtTlP22H8OEfPrVMLNr4/eGa+ijtLn/6M5f0dY8UKNrC2O9UCU6SSoG3qRKnt7STw==} - - parse5-htmlparser2-tree-adapter@7.0.0: - resolution: {integrity: sha512-B77tOZrqqfUfnVcOrUvfdLbz4pu4RopLD/4vmu3HUPswwTA8OH0EMW9BlWR2B0RCoiZRAHEUu7IxeP1Pd1UU+g==} - - parse5-parser-stream@7.1.2: - resolution: {integrity: sha512-JyeQc9iwFLn5TbvvqACIF/VXG6abODeB3Fwmv/TGdLk2LfbWkaySGY72at4+Ty7EkPZj854u4CrICqNk2qIbow==} - - parse5@7.1.2: - resolution: {integrity: sha512-Czj1WaSVpaoj0wbhMzLmWD69anp2WH7FXMB9n1Sy8/ZFF9jolSQVMu1Ij5WIyGmcBmhk7EOndpO4mIpihVqAXw==} - - parseley@0.12.1: - resolution: {integrity: sha512-e6qHKe3a9HWr0oMRVDTRhKce+bRO8VGQR3NyVwcjwrbhMmFCX9KszEV35+rn4AdilFAq9VPxP/Fe1wC9Qjd2lw==} - - path-equal@1.2.5: - resolution: {integrity: sha512-i73IctDr3F2W+bsOWDyyVm/lqsXO47aY9nsFZUjTT/aljSbkxHxxCoyZ9UUrM8jK0JVod+An+rl48RCsvWM+9g==} - - path-exists@4.0.0: - resolution: {integrity: sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==} - engines: {node: '>=8'} - - path-is-absolute@1.0.1: - resolution: {integrity: sha512-AVbw3UJ2e9bq64vSaS9Am0fje1Pa8pbGqTTsmXfaIiMpnr5DlDhfJOuLj9Sf95ZPVDAUerDfEk88MPmPe7UCQg==} - engines: {node: '>=0.10.0'} - - path-key@3.1.1: - resolution: {integrity: sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==} - engines: {node: '>=8'} - - path-key@4.0.0: - resolution: {integrity: sha512-haREypq7xkM7ErfgIyA0z+Bj4AGKlMSdlQE2jvJo6huWD1EdkKYV+G/T4nq0YEF2vgTT8kqMFKo1uHn950r4SQ==} - engines: {node: '>=12'} - - path-parse@1.0.7: - resolution: {integrity: sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==} - - path-scurry@1.11.1: - resolution: {integrity: sha512-Xa4Nw17FS9ApQFJ9umLiJS4orGjm7ZzwUrwamcGQuHSzDyth9boKDaycYdDcZDuqYATXw4HFXgaqWTctW/v1HA==} - engines: {node: '>=16 || 14 >=14.18'} - - path-to-regexp@6.2.2: - resolution: {integrity: sha512-GQX3SSMokngb36+whdpRXE+3f9V8UzyAorlYvOGx87ufGHehNTn5lCxrKtLyZ4Yl/wEKnNnr98ZzOwwDZV5ogw==} - - path-type@4.0.0: - resolution: {integrity: sha512-gDKb8aZMDeD/tZWs9P6+q0J9Mwkdl6xMV8TjnGP3qJVJ06bdMgkbBlLU8IdfOsIsFz2BW1rNVT3XuNEl8zPAvw==} - engines: {node: '>=8'} - - pathval@2.0.0: - resolution: {integrity: sha512-vE7JKRyES09KiunauX7nd2Q9/L7lhok4smP9RZTDeD4MVs72Dp2qNFVz39Nz5a0FVEW0BJR6C0DYrq6unoziZA==} - engines: {node: '>= 14.16'} - - peberminta@0.9.0: - resolution: {integrity: sha512-XIxfHpEuSJbITd1H3EeQwpcZbTLHc+VVr8ANI9t5sit565tsI4/xK3KWTUFE2e6QiangUkh3B0jihzmGnNrRsQ==} - - pg-cloudflare@1.1.1: - resolution: {integrity: sha512-xWPagP/4B6BgFO+EKz3JONXv3YDgvkbVrGw2mTo3D6tVDQRh1e7cqVGvyR3BE+eQgAvx1XhW/iEASj4/jCWl3Q==} - - pg-connection-string@2.6.4: - resolution: {integrity: sha512-v+Z7W/0EO707aNMaAEfiGnGL9sxxumwLl2fJvCQtMn9Fxsg+lPpPkdcyBSv/KFgpGdYkMfn+EI1Or2EHjpgLCA==} - - pg-int8@1.0.1: - resolution: {integrity: sha512-WCtabS6t3c8SkpDBUlb1kjOs7l66xsGdKpIPZsg4wR+B3+u9UAum2odSsF9tnvxg80h4ZxLWMy4pRjOsFIqQpw==} - engines: {node: '>=4.0.0'} - - pg-numeric@1.0.2: - resolution: {integrity: sha512-BM/Thnrw5jm2kKLE5uJkXqqExRUY/toLHda65XgFTBTFYZyopbKjBe29Ii3RbkvlsMoFwD+tHeGaCjjv0gHlyw==} - engines: {node: '>=4'} - - pg-pool@3.6.2: - resolution: {integrity: sha512-Htjbg8BlwXqSBQ9V8Vjtc+vzf/6fVUuak/3/XXKA9oxZprwW3IMDQTGHP+KDmVL7rtd+R1QjbnCFPuTHm3G4hg==} - peerDependencies: - pg: '>=8.0' - - pg-protocol@1.6.1: - resolution: {integrity: sha512-jPIlvgoD63hrEuihvIg+tJhoGjUsLPn6poJY9N5CnlPd91c2T18T/9zBtLxZSb1EhYxBRoZJtzScCaWlYLtktg==} - - pg-types@2.2.0: - resolution: {integrity: sha512-qTAAlrEsl8s4OiEQY69wDvcMIdQN6wdz5ojQiOy6YRMuynxenON0O5oCpJI6lshc6scgAY8qvJ2On/p+CXY0GA==} - engines: {node: '>=4'} - - pg-types@4.0.2: - resolution: {integrity: sha512-cRL3JpS3lKMGsKaWndugWQoLOCoP+Cic8oseVcbr0qhPzYD5DWXK+RZ9LY9wxRf7RQia4SCwQlXk0q6FCPrVng==} - engines: {node: '>=10'} - - pg@8.12.0: - resolution: {integrity: sha512-A+LHUSnwnxrnL/tZ+OLfqR1SxLN3c/pgDztZ47Rpbsd4jUytsTtwQo/TLPRzPJMp/1pbhYVhH9cuSZLAajNfjQ==} - engines: {node: '>= 8.0.0'} - peerDependencies: - pg-native: '>=3.0.1' - peerDependenciesMeta: - pg-native: - optional: true - - pgpass@1.0.5: - resolution: {integrity: sha512-FdW9r/jQZhSeohs1Z3sI1yxFQNFvMcnmfuj4WBMUTxOrAyLMaTcE1aAMBiTlbMNaXvBCQuVi0R7hd8udDSP7ug==} - - picocolors@1.1.0: - resolution: {integrity: sha512-TQ92mBOW0l3LeMeyLV6mzy/kWr8lkd/hp3mTg7wYK7zJhuBStmGMBG0BdeDZS/dZx1IukaX6Bk11zcln25o1Aw==} - - picomatch@2.3.1: - resolution: {integrity: sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==} - engines: {node: '>=8.6'} - - pino-abstract-transport@1.2.0: - resolution: {integrity: sha512-Guhh8EZfPCfH+PMXAb6rKOjGQEoy0xlAIn+irODG5kgfYV+BQ0rGYYWTIel3P5mmyXqkYkPmdIkywsn6QKUR1Q==} - - pino-std-serializers@7.0.0: - resolution: {integrity: sha512-e906FRY0+tV27iq4juKzSYPbUj2do2X2JX4EzSca1631EB2QJQUqGbDuERal7LCtOpxl6x3+nvo9NPZcmjkiFA==} - - pino@9.2.0: - resolution: {integrity: sha512-g3/hpwfujK5a4oVbaefoJxezLzsDgLcNJeITvC6yrfwYeT9la+edCK42j5QpEQSQCZgTKapXvnQIdgZwvRaZug==} - hasBin: true - - pino@9.4.0: - resolution: {integrity: sha512-nbkQb5+9YPhQRz/BeQmrWpEknAaqjpAqRK8NwJpmrX/JHu7JuZC5G1CeAwJDJfGes4h+YihC6in3Q2nGb+Y09w==} - hasBin: true - - pirates@4.0.6: - resolution: {integrity: sha512-saLsH7WeYYPiD25LDuLRRY/i+6HaPYr6G1OUlN39otzkSTxKnubR9RTxS3/Kk50s1g2JTgFwWQDQyplC5/SHZg==} - engines: {node: '>= 6'} - - postcss-load-config@6.0.1: - resolution: {integrity: sha512-oPtTM4oerL+UXmx+93ytZVN82RrlY/wPUV8IeDxFrzIjXOLF1pN+EmKPLbubvKHT2HC20xXsCAH2Z+CKV6Oz/g==} - engines: {node: '>= 18'} - peerDependencies: - jiti: '>=1.21.0' - postcss: '>=8.0.9' - tsx: ^4.8.1 - yaml: ^2.4.2 - peerDependenciesMeta: - jiti: - optional: true - postcss: - optional: true - tsx: - optional: true - yaml: - optional: true - - postgres-array@2.0.0: - resolution: {integrity: sha512-VpZrUqU5A69eQyW2c5CA1jtLecCsN2U/bD6VilrFDWq5+5UIEVO7nazS3TEcHf1zuPYO/sqGvUvW62g86RXZuA==} - engines: {node: '>=4'} - - postgres-array@3.0.2: - resolution: {integrity: sha512-6faShkdFugNQCLwucjPcY5ARoW1SlbnrZjmGl0IrrqewpvxvhSLHimCVzqeuULCbG0fQv7Dtk1yDbG3xv7Veog==} - engines: {node: '>=12'} - - postgres-bytea@1.0.0: - resolution: {integrity: sha512-xy3pmLuQqRBZBXDULy7KbaitYqLcmxigw14Q5sj8QBVLqEwXfeybIKVWiqAXTlcvdvb0+xkOtDbfQMOf4lST1w==} - engines: {node: '>=0.10.0'} - - postgres-bytea@3.0.0: - resolution: {integrity: sha512-CNd4jim9RFPkObHSjVHlVrxoVQXz7quwNFpz7RY1okNNme49+sVyiTvTRobiLV548Hx/hb1BG+iE7h9493WzFw==} - engines: {node: '>= 6'} - - postgres-date@1.0.7: - resolution: {integrity: sha512-suDmjLVQg78nMK2UZ454hAG+OAW+HQPZ6n++TNDUX+L0+uUlLywnoxJKDou51Zm+zTCjrCl0Nq6J9C5hP9vK/Q==} - engines: {node: '>=0.10.0'} - - postgres-date@2.1.0: - resolution: {integrity: sha512-K7Juri8gtgXVcDfZttFKVmhglp7epKb1K4pgrkLxehjqkrgPhfG6OO8LHLkfaqkbpjNRnra018XwAr1yQFWGcA==} - engines: {node: '>=12'} - - postgres-interval@1.2.0: - resolution: {integrity: sha512-9ZhXKM/rw350N1ovuWHbGxnGh/SNJ4cnxHiM0rxE4VN41wsg8P8zWn9hv/buK00RP4WvlOyr/RBDiptyxVbkZQ==} - engines: {node: '>=0.10.0'} - - postgres-interval@3.0.0: - resolution: {integrity: sha512-BSNDnbyZCXSxgA+1f5UU2GmwhoI0aU5yMxRGO8CdFEcY2BQF9xm/7MqKnYoM1nJDk8nONNWDk9WeSmePFhQdlw==} - engines: {node: '>=12'} - - postgres-range@1.1.4: - resolution: {integrity: sha512-i/hbxIE9803Alj/6ytL7UHQxRvZkI9O4Sy+J3HGc4F4oo/2eQAjTSNJ0bfxyse3bH0nuVesCk+3IRLaMtG3H6w==} - - prevvy@8.0.1: - resolution: {integrity: sha512-ztl6JrbdlICy9cBOxN/aVcT8bp8G08SXMUPns/MJvHHMB6cc3goJiTQwTGLL0X2PoMUYr31YZgd6X6k87NU4OQ==} - - process-warning@3.0.0: - resolution: {integrity: sha512-mqn0kFRl0EoqhnL0GQ0veqFHyIN1yig9RHh/InzORTUiZHFRAur+aMtRkELNwGs9aNwKS6tg/An4NYBPGwvtzQ==} - - process-warning@4.0.0: - resolution: {integrity: sha512-/MyYDxttz7DfGMMHiysAsFE4qF+pQYAA8ziO/3NcRVrQ5fSk+Mns4QZA/oRPFzvcqNoVJXQNWNAsdwBXLUkQKw==} - - process@0.11.10: - resolution: {integrity: sha512-cdGef/drWFoydD1JsMzuFf8100nZl+GT+yacc2bEced5f9Rjk4z+WtFUTBu9PhOi9j/jfmBPu0mMEY4wIdAF8A==} - engines: {node: '>= 0.6.0'} - - proto3-json-serializer@2.0.2: - resolution: {integrity: sha512-SAzp/O4Yh02jGdRc+uIrGoe87dkN/XtwxfZ4ZyafJHymd79ozp5VG5nyZ7ygqPM5+cpLDjjGnYFUkngonyDPOQ==} - engines: {node: '>=14.0.0'} - - protobufjs@7.4.0: - resolution: {integrity: sha512-mRUWCc3KUU4w1jU8sGxICXH/gNS94DvI1gxqDvBzhj1JpcsimQkYiOJfwsPUykUI5ZaspFbSgmBLER8IrQ3tqw==} - engines: {node: '>=12.0.0'} - - proxy-addr@2.0.7: - resolution: {integrity: sha512-llQsMLSUDUPT44jdrU/O37qlnifitDP+ZwrmmZcoSKyLKvtZxpyV0n2/bD/N4tBAAZ/gJEdZU7KMraoK1+XYAg==} - engines: {node: '>= 0.10'} - - psl@1.9.0: - resolution: {integrity: sha512-E/ZsdU4HLs/68gYzgGTkMicWTLPdAftJLfJFlLUAAKZGkStNU72sZjT66SnMDVOfOWY/YAoiD7Jxa9iHvngcag==} - - pstree.remy@1.1.8: - resolution: {integrity: sha512-77DZwxQmxKnu3aR542U+X8FypNzbfJ+C5XQDk3uWjWxn6151aIMGthWYRXTqT1E5oJvg+ljaa2OJi+VfvCOQ8w==} - - punycode.js@2.3.1: - resolution: {integrity: sha512-uxFIHU0YlHYhDQtV4R9J6a52SLx28BCjT+4ieh7IGbgwVJWO+km431c4yRlREUAsAmt/uMjQUyQHNEPf0M39CA==} - engines: {node: '>=6'} - - punycode@2.3.1: - resolution: {integrity: sha512-vYt7UD1U9Wg6138shLtLOvdAu+8DsC/ilFtEVHcH+wydcSpNE20AfSOduf6MkRFahL5FY7X1oU7nKVZFtfq8Fg==} - engines: {node: '>=6'} - - qs@6.13.0: - resolution: {integrity: sha512-+38qI9SOr8tfZ4QmJNplMUxqjbe7LKvvZgWdExBOmd+egZTtjLB67Gu0HRX3u/XOq7UU2Nx6nsjvS16Z9uwfpg==} - engines: {node: '>=0.6'} - - querystringify@2.2.0: - resolution: {integrity: sha512-FIqgj2EUvTa7R50u0rGsyTftzjYmv/a3hO345bZNrqabNqjtgiDMgmo4mkUjd+nzU5oF3dClKqFIPUKybUyqoQ==} - - queue-microtask@1.2.3: - resolution: {integrity: sha512-NuaNSa6flKT5JaSYQzJok04JzTL1CA6aGhv5rfLW3PgqA+M2ChpZQnAC8h8i4ZFkBS8X5RqkDBHA7r4hej3K9A==} - - quick-format-unescaped@4.0.4: - resolution: {integrity: sha512-tYC1Q1hgyRuHgloV/YXs2w15unPVh8qfu/qCTfhTYamaw7fyhumKa2yGpdSo87vY32rIclj+4fWYQXUMs9EHvg==} - - randombytes@2.1.0: - resolution: {integrity: sha512-vYl3iOX+4CKUWuxGi9Ukhie6fsqXqS9FE2Zaic4tNFD2N2QQaXOMFbuKK4QmDHC0JO6B1Zp41J0LpT0oR68amQ==} - - rate-limiter-flexible@5.0.3: - resolution: {integrity: sha512-lWx2y8NBVlTOLPyqs+6y7dxfEpT6YFqKy3MzWbCy95sTTOhOuxufP2QvRyOHpfXpB9OUJPbVLybw3z3AVAS5fA==} - - readable-stream@3.6.2: - resolution: {integrity: sha512-9u/sniCrY3D5WdsERHzHE4G2YCXqoG5FTHUiCC4SIbr6XcLZBY05ya9EKjYek9O5xOAwjGq+1JdGBAS7Q9ScoA==} - engines: {node: '>= 6'} - - readable-stream@4.5.2: - resolution: {integrity: sha512-yjavECdqeZ3GLXNgRXgeQEdz9fvDDkNKyHnbHRFtOr7/LcfgBcmct7t/ET+HaCTqfh06OzoAxrkN/IfjJBVe+g==} - engines: {node: ^12.22.0 || ^14.17.0 || >=16.0.0} - - readdirp@3.6.0: - resolution: {integrity: sha512-hOS089on8RduqdbhvQ5Z37A0ESjsqz6qnRcffsMU3495FuTdqSm+7bhJ29JvIOsBDEEnan5DPu9t3To9VRlMzA==} - engines: {node: '>=8.10.0'} - - real-require@0.2.0: - resolution: {integrity: sha512-57frrGM/OCTLqLOAh0mhVA9VBMHd+9U7Zb2THMGdBUoZVOtGbJzjxsYGDJ3A9AYYCP4hn6y1TVbaOfzWtm5GFg==} - engines: {node: '>= 12.13.0'} - - regenerate-unicode-properties@10.1.1: - resolution: {integrity: sha512-X007RyZLsCJVVrjgEFVpLUTZwyOZk3oiL75ZcuYjlIWd6rNJtOjkBwQc5AsRrpbKVkxN6sklw/k/9m2jJYOf8Q==} - engines: {node: '>=4'} - - regenerate@1.4.2: - resolution: {integrity: sha512-zrceR/XhGYU/d/opr2EKO7aRHUeiBI8qjtfHqADTwZd6Szfy16la6kqD0MIUs5z5hx6AaKa+PixpPrR289+I0A==} - - regenerator-runtime@0.14.1: - resolution: {integrity: sha512-dYnhHh0nJoMfnkZs6GmmhFknAGRrLznOu5nc9ML+EJxGvrx6H7teuevqVqCuPcPK//3eDrrjQhehXVx9cnkGdw==} - - regenerator-transform@0.15.2: - resolution: {integrity: sha512-hfMp2BoF0qOk3uc5V20ALGDS2ddjQaLrdl7xrGXvAIow7qeWRM2VA2HuCHkUKk9slq3VwEwLNK3DFBqDfPGYtg==} - - regexpu-core@5.3.2: - resolution: {integrity: sha512-RAM5FlZz+Lhmo7db9L298p2vHP5ZywrVXmVXpmAD9GuL5MPH6t9ROw1iA/wfHkQ76Qe7AaPF0nGuim96/IrQMQ==} - engines: {node: '>=4'} - - regjsparser@0.9.1: - resolution: {integrity: sha512-dQUtn90WanSNl+7mQKcXAgZxvUe7Z0SqXlgzv0za4LwiUhyzBC58yQO3liFoUgu8GiJVInAhJjkj1N0EtQ5nkQ==} - hasBin: true - - require-directory@2.1.1: - resolution: {integrity: sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==} - engines: {node: '>=0.10.0'} - - require-from-string@2.0.2: - resolution: {integrity: sha512-Xf0nWe6RseziFMu+Ap9biiUbmplq6S9/p+7w7YXP/JBHhrUDDUhwa+vANyubuqfZWTveU//DYVGsDG7RKL/vEw==} - engines: {node: '>=0.10.0'} - - requires-port@1.0.0: - resolution: {integrity: sha512-KigOCHcocU3XODJxsu8i/j8T9tzT4adHiecwORRQ0ZZFcp7ahwXuRU1m+yuO90C5ZUyGeGfocHDI14M3L3yDAQ==} - - resolve-from@5.0.0: - resolution: {integrity: sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==} - engines: {node: '>=8'} - - resolve-pkg-maps@1.0.0: - resolution: {integrity: sha512-seS2Tj26TBVOC2NIc2rOe2y2ZO7efxITtLZcGSOnHHNOQ7CkiUBfw0Iw2ck6xkIhPwLhKNLS8BO+hEpngQlqzw==} - - resolve@1.22.8: - resolution: {integrity: sha512-oKWePCxqpd6FlLvGV1VU0x7bkPmmCNolxzjMf4NczoDnQcIWrAF+cPtZn5i6n+RfD2d9i0tzpKnG6Yk168yIyw==} - hasBin: true - - ret@0.4.3: - resolution: {integrity: sha512-0f4Memo5QP7WQyUEAYUO3esD/XjOc3Zjjg5CPsAq1p8sIu0XPeMbHJemKA0BO7tV0X7+A0FoEpbmHXWxPyD3wQ==} - engines: {node: '>=10'} - - retry@0.13.1: - resolution: {integrity: sha512-XQBQ3I8W1Cge0Seh+6gjj03LbmRFWuoszgK9ooCpwYIrhhoO80pfq4cUkU5DkknwfOfFteRwlZ56PYOGYyFWdg==} - engines: {node: '>= 4'} - - reusify@1.0.4: - resolution: {integrity: sha512-U9nH88a3fc/ekCF1l0/UP1IosiuIjyTh7hBvXVMHYgVcfGvt897Xguj2UOLDeI5BG2m7/uwyaLVT6fbtCwTyzw==} - engines: {iojs: '>=1.0.0', node: '>=0.10.0'} - - rfdc@1.4.1: - resolution: {integrity: sha512-q1b3N5QkRUWUl7iyylaaj3kOpIT0N2i9MqIEQXP73GVsN9cw3fdx8X63cEmWhJGi2PPCF23Ijp7ktmd39rawIA==} - - rollup@4.21.2: - resolution: {integrity: sha512-e3TapAgYf9xjdLvKQCkQTnbTKd4a6jwlpQSJJFokHGaX2IVjoEqkIIhiQfqsi0cdwlOD+tQGuOd5AJkc5RngBw==} - engines: {node: '>=18.0.0', npm: '>=8.0.0'} - hasBin: true - - run-parallel@1.2.0: - resolution: {integrity: sha512-5l4VyZR86LZ/lDxZTR6jqL8AFE2S0IFLMP26AbjsLVADxHdhB/c0GUsH+y39UfCi3dzz8OlQuPmnaJOMoDHQBA==} - - rxjs@7.8.1: - resolution: {integrity: sha512-AA3TVj+0A2iuIoQkWEK/tqFjBq2j+6PO6Y0zJcvzLAFhEFIO3HL0vls9hWLncZbAAbK0mar7oZ4V079I/qPMxg==} - - safe-buffer@5.2.1: - resolution: {integrity: sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ==} - - safe-regex2@3.1.0: - resolution: {integrity: sha512-RAAZAGbap2kBfbVhvmnTFv73NWLMvDGOITFYTZBAaY8eR+Ir4ef7Up/e7amo+y1+AH+3PtLkrt9mvcTsG9LXug==} - - safe-stable-stringify@2.5.0: - resolution: {integrity: sha512-b3rppTKm9T+PsVCBEOUR46GWI7fdOs00VKZ1+9c1EWDaDMvjQc6tUwuFyIprgGgTcWoVHSKrU8H31ZHA2e0RHA==} - engines: {node: '>=10'} - - safer-buffer@2.1.2: - resolution: {integrity: sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==} - - schema-utils@3.3.0: - resolution: {integrity: sha512-pN/yOAvcC+5rQ5nERGuwrjLlYvLTbCibnZ1I7B1LaiAz9BRBlE9GMgE/eqV30P7aJQUf7Ddimy/RsbYO/GrVGg==} - engines: {node: '>= 10.13.0'} - - secure-json-parse@2.7.0: - resolution: {integrity: sha512-6aU+Rwsezw7VR8/nyvKTx8QpWH9FrcYiXXlqC4z5d5XQBDRqtbfsRjnwGyqbi3gddNtWHuEk9OANUotL26qKUw==} - - selderee@0.11.0: - resolution: {integrity: sha512-5TF+l7p4+OsnP8BCCvSyZiSPc4x4//p5uPwK8TCnVPJYRmU2aYKMpOXvw8zM5a5JvuuCGN1jmsMwuU2W02ukfA==} - - semver@6.3.1: - resolution: {integrity: sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==} - hasBin: true - - semver@7.6.3: - resolution: {integrity: sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==} - engines: {node: '>=10'} - hasBin: true - - sequin@0.1.1: - resolution: {integrity: sha512-hJWMZRwP75ocoBM+1/YaCsvS0j5MTPeBHJkS2/wruehl9xwtX30HlDF1Gt6UZ8HHHY8SJa2/IL+jo+JJCd59rA==} - engines: {node: '>=0.4.0'} - - serialize-javascript@6.0.2: - resolution: {integrity: sha512-Saa1xPByTTq2gdeFZYLLo+RFE35NHZkAbqZeWNd3BpzppeVisAqpDjcp8dyf6uIvEqJRd46jemmyA4iFIeVk8g==} - - set-cookie-parser@2.7.0: - resolution: {integrity: sha512-lXLOiqpkUumhRdFF3k1osNXCy9akgx/dyPZ5p8qAg9seJzXr5ZrlqZuWIMuY6ejOsVLE6flJ5/h3lsn57fQ/PQ==} - - set-function-length@1.2.2: - resolution: {integrity: sha512-pgRc4hJ4/sNjWCSS9AmnS40x3bNMDTknHgL5UaMBTMyJnU90EgWh1Rz+MC9eFu4BuN/UwZjKQuY/1v3rM7HMfg==} - engines: {node: '>= 0.4'} - - setprototypeof@1.2.0: - resolution: {integrity: sha512-E5LDX7Wrp85Kil5bhZv46j8jOeboKq5JMmYM3gVGdGH8xFpPWXUMsNrlODCrkoxMEeNi/XZIwuRvY4XNwYMJpw==} - - sharp@0.33.5: - resolution: {integrity: sha512-haPVm1EkS9pgvHrQ/F3Xy+hgcuMV0Wm9vfIBSiwZ05k+xgb0PkBQpGsAA/oWdDobNaZTH5ppvHtzCFbnSEwHVw==} - engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0} - - shebang-command@2.0.0: - resolution: {integrity: sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==} - engines: {node: '>=8'} - - shebang-regex@3.0.0: - resolution: {integrity: sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==} - engines: {node: '>=8'} - - shell-quote@1.8.1: - resolution: {integrity: sha512-6j1W9l1iAs/4xYBI1SYOVZyFcCis9b4KCLQ8fgAGG07QvzaRLVVRQvAy85yNmmZSjYjg4MWh4gNvlPujU/5LpA==} - - side-channel@1.0.6: - resolution: {integrity: sha512-fDW/EZ6Q9RiO8eFG8Hj+7u/oW+XrPTIChwCOM2+th2A6OblDtYYIpve9m+KvI9Z4C9qSEXlaGR6bTEYHReuglA==} - engines: {node: '>= 0.4'} - - signal-exit@3.0.7: - resolution: {integrity: sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==} - - signal-exit@4.1.0: - resolution: {integrity: sha512-bzyZ1e88w9O1iNJbKnOlvYTrWPDl46O1bG0D3XInv+9tkPrxrN8jUUTiFlDkkmKWgn1M6CfIA13SuGqOa9Korw==} - engines: {node: '>=14'} - - simple-swizzle@0.2.2: - resolution: {integrity: sha512-JA//kQgZtbuY83m+xT+tXJkmJncGMTFT+C+g2h2R9uxkYIrE2yy9sgmcLhCnw57/WSD+Eh3J97FPEDFnbXnDUg==} - - simple-update-notifier@2.0.0: - resolution: {integrity: sha512-a2B9Y0KlNXl9u/vsW6sTIu9vGEpfKu2wRV6l1H3XEas/0gUIzGzBoP/IouTcUQbm9JWZLH3COxyn03TYlFax6w==} - engines: {node: '>=10'} - - sinon@18.0.0: - resolution: {integrity: sha512-+dXDXzD1sBO6HlmZDd7mXZCR/y5ECiEiGCBSGuFD/kZ0bDTofPYc6JaeGmPSF+1j1MejGUWkORbYOLDyvqCWpA==} - - slash@3.0.0: - resolution: {integrity: sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==} - engines: {node: '>=8'} - - slugify@1.6.6: - resolution: {integrity: sha512-h+z7HKHYXj6wJU+AnS/+IH8Uh9fdcX1Lrhg1/VMdf9PwoBQXFcXiAdsy2tSK0P6gKwJLXp02r90ahUCqHk9rrw==} - engines: {node: '>=8.0.0'} - - smart-buffer@4.2.0: - resolution: {integrity: sha512-94hK0Hh8rPqQl2xXc3HsaBoOXKV20MToPkcXvwbISWLEs+64sBq5kFgn2kJDHb1Pry9yrP0dxrCI9RRci7RXKg==} - engines: {node: '>= 6.0.0', npm: '>= 3.0.0'} - - socks@2.8.3: - resolution: {integrity: sha512-l5x7VUUWbjVFbafGLxPWkYsHIhEvmF85tbIeFZWc8ZPtoMyybuEhL7Jye/ooC4/d48FgOjSJXgsF/AJPYCW8Zw==} - engines: {node: '>= 10.0.0', npm: '>= 3.0.0'} - - sonic-boom@4.1.0: - resolution: {integrity: sha512-NGipjjRicyJJ03rPiZCJYjwlsuP2d1/5QUviozRXC7S3WdVWNK5e3Ojieb9CCyfhq2UC+3+SRd9nG3I2lPRvUw==} - - source-map-js@1.2.0: - resolution: {integrity: sha512-itJW8lvSA0TXEphiRoawsCksnlf8SyvmFzIhltqAHluXd88pkCd+cXJVHTDwdCr0IzwptSm035IHQktUu1QUMg==} - engines: {node: '>=0.10.0'} - - source-map-loader@4.0.2: - resolution: {integrity: sha512-oYwAqCuL0OZhBoSgmdrLa7mv9MjommVMiQIWgcztf+eS4+8BfcUee6nenFnDhKOhzAVnk5gpZdfnz1iiBv+5sg==} - engines: {node: '>= 14.15.0'} - peerDependencies: - webpack: ^5.72.1 - - source-map-support@0.5.21: - resolution: {integrity: sha512-uBHU3L3czsIyYXKX88fdrGovxdSCoTGDRZ6SYXtSRxLZUzHg5P/66Ht6uoUlHu9EZod+inXhKo3qQgwXUT/y1w==} - - source-map@0.6.1: - resolution: {integrity: sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==} - engines: {node: '>=0.10.0'} - - source-map@0.7.4: - resolution: {integrity: sha512-l3BikUxvPOcn5E74dZiq5BGsTb5yEwhaTSzccU6t4sDOH8NWJCstKO5QT2CvtFoK6F0saL7p9xHAqHOlCPJygA==} - engines: {node: '>= 8'} - - source-map@0.8.0-beta.0: - resolution: {integrity: sha512-2ymg6oRBpebeZi9UUNsgQ89bhx01TcTkmNTGnNO88imTmbSgy4nfujrgVEFKWpMTEGA11EDkTt7mqObTPdigIA==} - engines: {node: '>= 8'} - - spawn-command@0.0.2: - resolution: {integrity: sha512-zC8zGoGkmc8J9ndvml8Xksr1Amk9qBujgbF0JAIWO7kXr43w0h/0GJNM/Vustixu+YE8N/MTrQ7N31FvHUACxQ==} - - split2@4.2.0: - resolution: {integrity: sha512-UcjcJOWknrNkF6PLX83qcHM6KHgVKNkV62Y8a5uYDVv9ydGQVwAHMKqHdJje1VTWpljG0WYpCDhrCdAOYH4TWg==} - engines: {node: '>= 10.x'} - - sprintf-js@1.1.3: - resolution: {integrity: sha512-Oo+0REFV59/rz3gfJNKQiBlwfHaSESl1pcGyABQsnnIfWOFt6JNj5gCog2U6MLZ//IGYD+nA8nI+mTShREReaA==} - - statuses@2.0.1: - resolution: {integrity: sha512-RwNA9Z/7PrK06rYLIzFMlaF+l73iwpzsqRIFgbMLbTcLD6cOao82TaWefPXQvB2fOC4AjuYSEndS7N/mTCbkdQ==} - engines: {node: '>= 0.8'} - - stream-browserify@3.0.0: - resolution: {integrity: sha512-H73RAHsVBapbim0tU2JwwOiXUj+fikfiaoYAKHF3VJfA0pe2BCzkhAHBlLG6REzE+2WNZcxOXjK7lkso+9euLA==} - - string-width@4.2.3: - resolution: {integrity: sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==} - engines: {node: '>=8'} - - string-width@5.1.2: - resolution: {integrity: sha512-HnLOCR3vjcY8beoNLtcjZ5/nxn2afmME6lhrDrebokqMap+XbeW8n9TXpPDOqdGK5qcI3oT0GKTW6wC7EMiVqA==} - engines: {node: '>=12'} - - string_decoder@1.3.0: - resolution: {integrity: sha512-hkRX8U1WjJFd8LsDJ2yQ/wWWxaopEsABU1XfkM8A+j0+85JAGppt16cr1Whg6KIbb4okU6Mql6BOj+uup/wKeA==} - - strip-ansi@6.0.1: - resolution: {integrity: sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==} - engines: {node: '>=8'} - - strip-ansi@7.1.0: - resolution: {integrity: sha512-iq6eVVI64nQQTRYq2KtEg2d2uU7LElhTJwsH4YzIHZshxlgZms/wIc4VoDQTlG/IvVIrBKG06CrZnp0qv7hkcQ==} - engines: {node: '>=12'} - - strip-final-newline@2.0.0: - resolution: {integrity: sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA==} - engines: {node: '>=6'} - - strip-final-newline@3.0.0: - resolution: {integrity: sha512-dOESqjYr96iWYylGObzd39EuNTa5VJxyvVAEm5Jnh7KGo75V43Hk1odPQkNDyXNmUR6k+gEiDVXnjB8HJ3crXw==} - engines: {node: '>=12'} - - strip-json-comments@3.1.1: - resolution: {integrity: sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==} - engines: {node: '>=8'} - - strnum@1.0.5: - resolution: {integrity: sha512-J8bbNyKKXl5qYcR36TIO8W3mVGVHrmmxsd5PAItGkmyzwJvybiw2IVq5nqd0i4LSNSkB/sx9VHllbfFdr9k1JA==} - - sucrase@3.35.0: - resolution: {integrity: sha512-8EbVDiu9iN/nESwxeSxDKe0dunta1GOlHufmSSXxMD2z2/tMZpDMpvXQGsc+ajGo8y2uYUmixaSRUc/QPoQ0GA==} - engines: {node: '>=16 || 14 >=14.17'} - hasBin: true - - supports-color@5.5.0: - resolution: {integrity: sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==} - engines: {node: '>=4'} - - supports-color@7.2.0: - resolution: {integrity: sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==} - engines: {node: '>=8'} - - supports-color@8.1.1: - resolution: {integrity: sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==} - engines: {node: '>=10'} - - supports-preserve-symlinks-flag@1.0.0: - resolution: {integrity: sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==} - engines: {node: '>= 0.4'} - - swagger-editor-dist@4.13.1: - resolution: {integrity: sha512-rCalVoyq7h1lZa/aJaHux8JTrEAmGHdpHqVzJH/rQeP35MByQzV709RcqGMRjgN/oONFoUVf35qCiVZZITC41A==} - - swagger-ui-dist@5.17.14: - resolution: {integrity: sha512-CVbSfaLpstV65OnSjbXfVd6Sta3q3F7Cj/yYuvHMp1P90LztOLs6PfUnKEVAeiIVQt9u2SaPwv0LiH/OyMjHRw==} - - swc-loader@0.2.6: - resolution: {integrity: sha512-9Zi9UP2YmDpgmQVbyOPJClY0dwf58JDyDMQ7uRc4krmc72twNI2fvlBWHLqVekBpPc7h5NJkGVT1zNDxFrqhvg==} - peerDependencies: - '@swc/core': ^1.2.147 - webpack: '>=2' - - tapable@2.2.1: - resolution: {integrity: sha512-GNzQvQTOIP6RyTfE2Qxb8ZVlNmw0n88vp1szwWRimP02mnTsx3Wtn5qRdqY9w2XduFNUgvOwhNnQsjwCp+kqaQ==} - engines: {node: '>=6'} - - terser-webpack-plugin@5.3.10: - resolution: {integrity: sha512-BKFPWlPDndPs+NGGCr1U59t0XScL5317Y0UReNrHaw9/FwhPENlq6bfgs+4yPfyP51vqC1bQ4rp1EfXW5ZSH9w==} - engines: {node: '>= 10.13.0'} - peerDependencies: - '@swc/core': '*' - esbuild: '*' - uglify-js: '*' - webpack: ^5.1.0 - peerDependenciesMeta: - '@swc/core': - optional: true - esbuild: - optional: true - uglify-js: - optional: true - - terser@5.31.6: - resolution: {integrity: sha512-PQ4DAriWzKj+qgehQ7LK5bQqCFNMmlhjR2PFFLuqGCpuCAauxemVBWwWOxo3UIwWQx8+Pr61Df++r76wDmkQBg==} - engines: {node: '>=10'} - hasBin: true - - thenify-all@1.6.0: - resolution: {integrity: sha512-RNxQH/qI8/t3thXJDwcstUO4zeqo64+Uy/+sNVRBx4Xn2OX+OZ9oP+iJnNFqplFra2ZUVeKCSa2oVWi3T4uVmA==} - engines: {node: '>=0.8'} - - thenify@3.3.1: - resolution: {integrity: sha512-RVZSIV5IG10Hk3enotrhvz0T9em6cyHBLkH/YAZuKqd8hRkKhSfCGIcP2KUY0EPxndzANBmNllzWPwak+bheSw==} - - thingies@1.21.0: - resolution: {integrity: sha512-hsqsJsFMsV+aD4s3CWKk85ep/3I9XzYV/IXaSouJMYIoDlgyi11cBhsqYe9/geRfB0YIikBQg6raRaM+nIMP9g==} - engines: {node: '>=10.18'} - peerDependencies: - tslib: ^2 - - thread-stream@3.1.0: - resolution: {integrity: sha512-OqyPZ9u96VohAyMfJykzmivOrY2wfMSf3C5TtFJVgN+Hm6aj+voFhlK+kZEIv2FBh1X6Xp3DlnCOfEQ3B2J86A==} - - tlds@1.252.0: - resolution: {integrity: sha512-GA16+8HXvqtfEnw/DTcwB0UU354QE1n3+wh08oFjr6Znl7ZLAeUgYzCcK+/CCrOyE0vnHR8/pu3XXG3vDijXpQ==} - hasBin: true - - to-fast-properties@2.0.0: - resolution: {integrity: sha512-/OaKK0xYrs3DmxRYqL/yDc+FxFUVYhDlXMhRmv3z915w2HF1tnN1omB354j8VUGO/hbRzyD6Y3sA7v7GS/ceog==} - engines: {node: '>=4'} - - to-regex-range@5.0.1: - resolution: {integrity: sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==} - engines: {node: '>=8.0'} - - toad-cache@3.7.0: - resolution: {integrity: sha512-/m8M+2BJUpoJdgAHoG+baCwBT+tf2VraSfkBgl0Y00qIWt41DJ8R5B8nsEw0I58YwF5IZH6z24/2TobDKnqSWw==} - engines: {node: '>=12'} - - toidentifier@1.0.1: - resolution: {integrity: sha512-o5sSPKEkg/DIQNmH43V0/uerLrpzVedkUh8tGNvaeXpfpuwjKenlSox/2O/BTlZUtEe+JG7s5YhEz608PlAHRA==} - engines: {node: '>=0.6'} - - touch@3.1.1: - resolution: {integrity: sha512-r0eojU4bI8MnHr8c5bNo7lJDdI2qXlWWJk6a9EAFG7vbhTjElYhBVS3/miuE0uOuoLdb8Mc/rVfsmm6eo5o9GA==} - hasBin: true - - tough-cookie@4.1.4: - resolution: {integrity: sha512-Loo5UUvLD9ScZ6jh8beX1T6sO1w2/MpCRpEP7V280GKMVUQ0Jzar2U3UJPsrdbziLEMMhu3Ujnq//rhiFuIeag==} - engines: {node: '>=6'} - - tr46@1.0.1: - resolution: {integrity: sha512-dTpowEjclQ7Kgx5SdBkqRzVhERQXov8/l9Ft9dVM9fmg0W0KQSVaXX9T4i6twCPNtYiZM53lpSSUAwJbFPOHxA==} - - tree-dump@1.0.2: - resolution: {integrity: sha512-dpev9ABuLWdEubk+cIaI9cHwRNNDjkBBLXTwI4UCUFdQ5xXKqNXoK4FEciw/vxf+NQ7Cb7sGUyeUtORvHIdRXQ==} - engines: {node: '>=10.0'} - peerDependencies: - tslib: '2' - - tree-kill@1.2.2: - resolution: {integrity: sha512-L0Orpi8qGpRG//Nd+H90vFB+3iHnue1zSSGmNOOCh1GLJ7rUKVwV2HvijphGQS2UmhUZewS9VgvxYIdgr+fG1A==} - hasBin: true - - ts-interface-checker@0.1.13: - resolution: {integrity: sha512-Y/arvbn+rrz3JCKl9C4kVNfTfSm2/mEp5FSz5EsZSANGPSlQrpRI5M4PKF+mJnE52jOO90PnPSc3Ur3bTQw0gA==} - - ts-json-schema-generator@2.3.0: - resolution: {integrity: sha512-t4lBQAwZc0sOJq9LJt3NgbznIcslVnm0JeEMFq8qIRklpMRY8jlYD0YmnRWbqBKANxkby91P1XanSSlSOFpUmg==} - engines: {node: '>=18.0.0'} - hasBin: true - - ts-node@10.9.2: - resolution: {integrity: sha512-f0FFpIdcHgn8zcPSbf1dRevwt047YMnaiJM3u2w2RewrB+fob/zePZcrOyQoLMMO7aBIddLcQIEK5dYjkLnGrQ==} - hasBin: true - peerDependencies: - '@swc/core': '>=1.2.50' - '@swc/wasm': '>=1.2.50' - '@types/node': '*' - typescript: '>=2.7' - peerDependenciesMeta: - '@swc/core': - optional: true - '@swc/wasm': - optional: true - - tslib@2.7.0: - resolution: {integrity: sha512-gLXCKdN1/j47AiHiOkJN69hJmcbGTHI0ImLmbYLHykhgeN0jVGola9yVjFgzCUklsZQMW55o+dW7IXv3RCXDzA==} - - tsup@8.2.4: - resolution: {integrity: sha512-akpCPePnBnC/CXgRrcy72ZSntgIEUa1jN0oJbbvpALWKNOz1B7aM+UVDWGRGIO/T/PZugAESWDJUAb5FD48o8Q==} - engines: {node: '>=18'} - hasBin: true - peerDependencies: - '@microsoft/api-extractor': ^7.36.0 - '@swc/core': ^1 - postcss: ^8.4.12 - typescript: '>=4.5.0' - peerDependenciesMeta: - '@microsoft/api-extractor': - optional: true - '@swc/core': - optional: true - postcss: - optional: true - typescript: - optional: true - - tsx@4.19.0: - resolution: {integrity: sha512-bV30kM7bsLZKZIOCHeMNVMJ32/LuJzLVajkQI/qf92J2Qr08ueLQvW00PUZGiuLPP760UINwupgUj8qrSCPUKg==} - engines: {node: '>=18.0.0'} - hasBin: true - - tunnel-agent@0.6.0: - resolution: {integrity: sha512-McnNiV1l8RYeY8tBgEpuodCC1mLUdbSN+CYBL7kJsJNInOP8UjDDEwdk6Mw60vdLLrr5NHKZhMAOSrR2NZuQ+w==} - - type-detect@4.0.8: - resolution: {integrity: sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g==} - engines: {node: '>=4'} - - type-detect@4.1.0: - resolution: {integrity: sha512-Acylog8/luQ8L7il+geoSxhEkazvkslg7PSNKOX59mbB9cOveP5aq9h74Y7YU8yDpJwetzQQrfIwtf4Wp4LKcw==} - engines: {node: '>=4'} - - typescript-json-schema@0.65.1: - resolution: {integrity: sha512-tuGH7ff2jPaUYi6as3lHyHcKpSmXIqN7/mu50x3HlYn0EHzLpmt3nplZ7EuhUkO0eqDRc9GqWNkfjgBPIS9kxg==} - hasBin: true - - typescript@5.5.4: - resolution: {integrity: sha512-Mtq29sKDAEYP7aljRgtPOpTvOfbwRWlS6dPRzwjdE+C0R4brX/GUyhHSecbHMFLNBLcJIPt9nl9yG5TZ1weH+Q==} - engines: {node: '>=14.17'} - hasBin: true - - uc.micro@2.1.0: - resolution: {integrity: sha512-ARDJmphmdvUk6Glw7y9DQ2bFkKBHwQHLi2lsaH6PPmz/Ka9sFOBsBluozhDltWmnv9u/cF6Rt87znRTPV+yp/A==} - - undefsafe@2.0.5: - resolution: {integrity: sha512-WxONCrssBM8TSPRqN5EmsjVrsv4A8X12J4ArBiiayv3DyyG3ZlIg6yysuuSYdZsVz3TKcTg2fd//Ujd4CHV1iA==} - - undici-types@5.26.5: - resolution: {integrity: sha512-JlCMO+ehdEIKqlFxk6IfVoAUVmgz7cU7zD/h9XZ0qzeosSHmUJVOzSQvvYSYWXkFXC+IfLKSIffhv0sVZup6pA==} - - undici-types@6.19.8: - resolution: {integrity: sha512-ve2KP6f/JnbPBFyobGHuerC9g1FYGn/F8n1LWTwNxCEzd6IfqTwUQcNXgEtmmQ6DlRrC1hrSrBnCZPokRrDHjw==} - - undici@6.19.8: - resolution: {integrity: sha512-U8uCCl2x9TK3WANvmBavymRzxbfFYG+tAu+fgx3zxQy3qdagQqBLwJVrdyO1TBfUXvfKveMKJZhpvUYoOjM+4g==} - engines: {node: '>=18.17'} - - unicode-canonical-property-names-ecmascript@2.0.0: - resolution: {integrity: sha512-yY5PpDlfVIU5+y/BSCxAJRBIS1Zc2dDG3Ujq+sR0U+JjUevW2JhocOF+soROYDSaAezOzOKuyyixhD6mBknSmQ==} - engines: {node: '>=4'} - - unicode-match-property-ecmascript@2.0.0: - resolution: {integrity: sha512-5kaZCrbp5mmbz5ulBkDkbY0SsPOjKqVS35VpL9ulMPfSl0J0Xsm+9Evphv9CoIZFwre7aJoa94AY6seMKGVN5Q==} - engines: {node: '>=4'} - - unicode-match-property-value-ecmascript@2.1.0: - resolution: {integrity: sha512-qxkjQt6qjg/mYscYMC0XKRn3Rh0wFPlfxB0xkt9CfyTvpX1Ra0+rAmdX2QyAobptSEvuy4RtpPRui6XkV+8wjA==} - engines: {node: '>=4'} - - unicode-property-aliases-ecmascript@2.1.0: - resolution: {integrity: sha512-6t3foTQI9qne+OZoVQB/8x8rk2k1eVy1gRXhV3oFQ5T6R1dqQ1xtin3XqSlx3+ATBkliTaR/hHyJBm+LVPNM8w==} - engines: {node: '>=4'} - - unionfs@4.5.4: - resolution: {integrity: sha512-qI3RvJwwdFcWUdZz1dWgAyLSfGlY2fS2pstvwkZBUTnkxjcnIvzriBLtqJTKz9FtArAvJeiVCqHlxhOw8Syfyw==} - - universalify@0.2.0: - resolution: {integrity: sha512-CJ1QgKmNg3CwvAv/kOFmtnEN05f0D/cn9QntgNOQlQF9dgvVTHj3t+8JPdjqawCHk7V/KA+fbUqzZ9XWhcqPUg==} - engines: {node: '>= 4.0.0'} - - update-browserslist-db@1.1.0: - resolution: {integrity: sha512-EdRAaAyk2cUE1wOf2DkEhzxqOQvFOoRJFNS6NeyJ01Gp2beMRpBAINjM2iDXE3KCuKhwnvHIQCJm6ThL2Z+HzQ==} - hasBin: true - peerDependencies: - browserslist: '>= 4.21.0' - - uri-js@4.4.1: - resolution: {integrity: sha512-7rKUyy33Q1yc98pQ1DAmLtwX109F7TIfWlW1Ydo8Wl1ii1SeHieeh0HHfPeL2fMXK6z0s8ecKs9frCuLJvndBg==} - - url-parse@1.5.10: - resolution: {integrity: sha512-WypcfiRhfeUP9vvF0j6rw0J3hrWrw6iZv3+22h6iRMJ/8z1Tj6XfLP4DsUix5MhMPnXpiHDoKyoZ/bdCkwBCiQ==} - - util-deprecate@1.0.2: - resolution: {integrity: sha512-EPD5q1uXyFxJpCrLnCc1nHnq3gOa6DZBocAIiI2TaSCA7VCJ1UJDMagCzIkXNsUYfD1daK//LTEQ8xiIbrHtcw==} - - uuid@9.0.1: - resolution: {integrity: sha512-b+1eJOlsR9K8HJpow9Ok3fiWOWSIcIzXodvv0rQjVoOVNpWMpxf1wZNpt4y9h10odCNrqnYp1OBzRktckBe3sA==} - hasBin: true - - v8-compile-cache-lib@3.0.1: - resolution: {integrity: sha512-wa7YjyUGfNZngI/vtK0UHAN+lgDCxBPCylVXGp0zu59Fz5aiGtNXaq3DhIov063MorB+VfufLh3JlF2KdTK3xg==} - - watchpack@2.4.2: - resolution: {integrity: sha512-TnbFSbcOCcDgjZ4piURLCbJ3nJhznVh9kw6F6iokjiFPl8ONxe9A6nMDVXDiNbrSfLILs6vB07F7wLBrwPYzJw==} - engines: {node: '>=10.13.0'} - - web-streams-polyfill@3.3.3: - resolution: {integrity: sha512-d2JWLCivmZYTSIoge9MsgFCZrt571BikcWGYkjC1khllbTeDlGqZ2D8vD8E/lJa8WGWbb7Plm8/XJYV7IJHZZw==} - engines: {node: '>= 8'} - - webidl-conversions@4.0.2: - resolution: {integrity: sha512-YQ+BmxuTgd6UXZW3+ICGfyqRyHXVlD5GtQr5+qjiNW7bF0cqrzX500HVXPBOvgXb5YnzDd+h0zqyv61KUD7+Sg==} - - webpack-sources@3.2.3: - resolution: {integrity: sha512-/DyMEOrDgLKKIG0fmvtz+4dUX/3Ghozwgm6iPp8KRhvn+eQf9+Q7GWxVNMk3+uCPWfdXYC4ExGBckIXdFEfH1w==} - engines: {node: '>=10.13.0'} - - webpack@5.94.0: - resolution: {integrity: sha512-KcsGn50VT+06JH/iunZJedYGUJS5FGjow8wb9c0v5n1Om8O1g4L6LjtfxwlXIATopoQu+vOXXa7gYisWxCoPyg==} - engines: {node: '>=10.13.0'} - hasBin: true - peerDependencies: - webpack-cli: '*' - peerDependenciesMeta: - webpack-cli: - optional: true - - websocket-driver@0.7.4: - resolution: {integrity: sha512-b17KeDIQVjvb0ssuSDF2cYXSg2iztliJ4B9WdsuB6J952qCPKmnVq4DyW5motImXHDC1cBT/1UezrJVsKw5zjg==} - engines: {node: '>=0.8.0'} - - websocket-extensions@0.1.4: - resolution: {integrity: sha512-OqedPIGOfsDlo31UNwYbCFMSaO9m9G/0faIHj5/dZFDMFqPTcx6UwqyOy3COEaEOg/9VsGIpdqn62W5KhoKSpg==} - engines: {node: '>=0.8.0'} - - whatwg-encoding@3.1.1: - resolution: {integrity: sha512-6qN4hJdMwfYBtE3YBTTHhoeuUrDBPZmbQaxWAqSALV/MeEnR5z1xd8UKud2RAkFoPkmB+hli1TZSnyi84xz1vQ==} - engines: {node: '>=18'} - - whatwg-mimetype@4.0.0: - resolution: {integrity: sha512-QaKxh0eNIi2mE9p2vEdzfagOKHCcj1pJ56EEHGQOVxp8r9/iszLUUV7v89x9O1p/T+NlTM5W7jW6+cz4Fq1YVg==} - engines: {node: '>=18'} - - whatwg-url@7.1.0: - resolution: {integrity: sha512-WUu7Rg1DroM7oQvGWfOiAK21n74Gg+T4elXEQYkOhtyLeWiJFoOGLXPKI/9gzIie9CtwVLm8wtw6YJdKyxSjeg==} - - which@1.3.1: - resolution: {integrity: sha512-HxJdYWq1MTIQbJ3nw0cqssHoTNU267KlrDuGZ1WYlxDStUtKUhOaJmh112/TZmHxxUfuJqPXSOm7tDyas0OSIQ==} - hasBin: true - - which@2.0.2: - resolution: {integrity: sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==} - engines: {node: '>= 8'} - hasBin: true - - which@4.0.0: - resolution: {integrity: sha512-GlaYyEb07DPxYCKhKzplCWBJtvxZcZMrL+4UkrTSJHHPyZU4mYYTv3qaOe77H7EODLSSopAUFAc6W8U4yqvscg==} - engines: {node: ^16.13.0 || >=18.0.0} - hasBin: true - - workerpool@6.5.1: - resolution: {integrity: sha512-Fs4dNYcsdpYSAfVxhnl1L5zTksjvOJxtC5hzMNl+1t9B8hTJTdKDyZ5ju7ztgPy+ft9tBFXoOlDNiOT9WUXZlA==} - - wrap-ansi@7.0.0: - resolution: {integrity: sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==} - engines: {node: '>=10'} - - wrap-ansi@8.1.0: - resolution: {integrity: sha512-si7QWI6zUMq56bESFvagtmzMdGOtoxfR+Sez11Mobfc7tm+VkUckk9bW2UeffTGVUbOksxmSw0AA2gs8g71NCQ==} - engines: {node: '>=12'} - - wrappy@1.0.2: - resolution: {integrity: sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==} - - xpath@0.0.34: - resolution: {integrity: sha512-FxF6+rkr1rNSQrhUNYrAFJpRXNzlDoMxeXN5qI84939ylEv3qqPFKa85Oxr6tDaJKqwW6KKyo2v26TSv3k6LeA==} - engines: {node: '>=0.6.0'} - - xtend@4.0.2: - resolution: {integrity: sha512-LKYU1iAXJXUgAXn9URjiu+MWhyUXHsvfp7mcuYm9dSUKK0/CjtrUwFAxD82/mCWbtLsGjFIad0wIsod4zrTAEQ==} - engines: {node: '>=0.4'} - - y18n@5.0.8: - resolution: {integrity: sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==} - engines: {node: '>=10'} - - yallist@3.1.1: - resolution: {integrity: sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==} - - yaml@2.5.0: - resolution: {integrity: sha512-2wWLbGbYDiSqqIKoPjar3MPgB94ErzCtrNE1FdqGuaO0pi2JGjmE8aW8TDZwzU7vuxcGRdL/4gPQwQ7hD5AMSw==} - engines: {node: '>= 14'} - hasBin: true - - yargs-parser@20.2.9: - resolution: {integrity: sha512-y11nGElTIV+CT3Zv9t7VKl+Q3hTQoT9a1Qzezhhl6Rp21gJ/IVTW7Z3y9EWXhuUBC2Shnf+DX0antecpAwSP8w==} - engines: {node: '>=10'} - - yargs-parser@21.1.1: - resolution: {integrity: sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw==} - engines: {node: '>=12'} - - yargs-unparser@2.0.0: - resolution: {integrity: sha512-7pRTIA9Qc1caZ0bZ6RYRGbHJthJWuakf+WmHK0rVeLkNrrGhfoabBNdue6kdINI6r4if7ocq9aD/n7xwKOdzOA==} - engines: {node: '>=10'} - - yargs@16.2.0: - resolution: {integrity: sha512-D1mvvtDG0L5ft/jGWkLpG1+m0eQxOfaBvTNELraWj22wSVUMWxZUvYgJYcKh6jGGIkJFhH4IZPQhR4TKpc8mBw==} - engines: {node: '>=10'} - - yargs@17.7.2: - resolution: {integrity: sha512-7dSzzRQ++CKnNI/krKnYRV7JKKPUXMEh61soaHKg9mrWEhzFWhFnxPxGl+69cD1Ou63C13NUPCnmIcrvqCuM6w==} - engines: {node: '>=12'} - - yn@3.1.1: - resolution: {integrity: sha512-Ux4ygGWsu2c7isFWe8Yu1YluJmqVhxqK2cLXNQA5AcC3QfbGNpM7fu0Y8b/z16pXLnFxZYvWhd3fhBY9DLmC6Q==} - engines: {node: '>=6'} - - yocto-queue@0.1.0: - resolution: {integrity: sha512-rVksvsnNCdJ/ohGc6xgPwyN8eheCxsiLM8mxuE/t/mOVqJewPuO1miLpTHQiRgTKCLexL4MeAFVagts7HmNZ2Q==} - engines: {node: '>=10'} - -snapshots: - - '@ampproject/remapping@2.3.0': - dependencies: - '@jridgewell/gen-mapping': 0.3.5 - '@jridgewell/trace-mapping': 0.3.25 - - '@apidevtools/json-schema-ref-parser@11.7.0': - dependencies: - '@jsdevtools/ono': 7.1.3 - '@types/json-schema': 7.0.15 - js-yaml: 4.1.0 - - '@aws-crypto/crc32@5.2.0': - dependencies: - '@aws-crypto/util': 5.2.0 - '@aws-sdk/types': 3.609.0 - tslib: 2.7.0 - - '@aws-crypto/crc32c@5.2.0': - dependencies: - '@aws-crypto/util': 5.2.0 - '@aws-sdk/types': 3.609.0 - tslib: 2.7.0 - - '@aws-crypto/sha1-browser@5.2.0': - dependencies: - '@aws-crypto/supports-web-crypto': 5.2.0 - '@aws-crypto/util': 5.2.0 - '@aws-sdk/types': 3.609.0 - '@aws-sdk/util-locate-window': 3.568.0 - '@smithy/util-utf8': 2.3.0 - tslib: 2.7.0 - - '@aws-crypto/sha256-browser@5.2.0': - dependencies: - '@aws-crypto/sha256-js': 5.2.0 - '@aws-crypto/supports-web-crypto': 5.2.0 - '@aws-crypto/util': 5.2.0 - '@aws-sdk/types': 3.609.0 - '@aws-sdk/util-locate-window': 3.568.0 - '@smithy/util-utf8': 2.3.0 - tslib: 2.7.0 - - '@aws-crypto/sha256-js@5.2.0': - dependencies: - '@aws-crypto/util': 5.2.0 - '@aws-sdk/types': 3.609.0 - tslib: 2.7.0 - - '@aws-crypto/supports-web-crypto@5.2.0': - dependencies: - tslib: 2.7.0 - - '@aws-crypto/util@5.2.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/util-utf8': 2.3.0 - tslib: 2.7.0 - - '@aws-sdk/client-s3@3.637.0': - dependencies: - '@aws-crypto/sha1-browser': 5.2.0 - '@aws-crypto/sha256-browser': 5.2.0 - '@aws-crypto/sha256-js': 5.2.0 - '@aws-sdk/client-sso-oidc': 3.637.0(@aws-sdk/client-sts@3.637.0) - '@aws-sdk/client-sts': 3.637.0 - '@aws-sdk/core': 3.635.0 - '@aws-sdk/credential-provider-node': 3.637.0(@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0))(@aws-sdk/client-sts@3.637.0) - '@aws-sdk/middleware-bucket-endpoint': 3.620.0 - '@aws-sdk/middleware-expect-continue': 3.620.0 - '@aws-sdk/middleware-flexible-checksums': 3.620.0 - '@aws-sdk/middleware-host-header': 3.620.0 - '@aws-sdk/middleware-location-constraint': 3.609.0 - '@aws-sdk/middleware-logger': 3.609.0 - '@aws-sdk/middleware-recursion-detection': 3.620.0 - '@aws-sdk/middleware-sdk-s3': 3.635.0 - '@aws-sdk/middleware-ssec': 3.609.0 - '@aws-sdk/middleware-user-agent': 3.637.0 - '@aws-sdk/region-config-resolver': 3.614.0 - '@aws-sdk/signature-v4-multi-region': 3.635.0 - '@aws-sdk/types': 3.609.0 - '@aws-sdk/util-endpoints': 3.637.0 - '@aws-sdk/util-user-agent-browser': 3.609.0 - '@aws-sdk/util-user-agent-node': 3.614.0 - '@aws-sdk/xml-builder': 3.609.0 - '@smithy/config-resolver': 3.0.5 - '@smithy/core': 2.4.0 - '@smithy/eventstream-serde-browser': 3.0.6 - '@smithy/eventstream-serde-config-resolver': 3.0.3 - '@smithy/eventstream-serde-node': 3.0.5 - '@smithy/fetch-http-handler': 3.2.4 - '@smithy/hash-blob-browser': 3.1.2 - '@smithy/hash-node': 3.0.3 - '@smithy/hash-stream-node': 3.1.2 - '@smithy/invalid-dependency': 3.0.3 - '@smithy/md5-js': 3.0.3 - '@smithy/middleware-content-length': 3.0.5 - '@smithy/middleware-endpoint': 3.1.0 - '@smithy/middleware-retry': 3.0.15 - '@smithy/middleware-serde': 3.0.3 - '@smithy/middleware-stack': 3.0.3 - '@smithy/node-config-provider': 3.1.4 - '@smithy/node-http-handler': 3.1.4 - '@smithy/protocol-http': 4.1.0 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - '@smithy/url-parser': 3.0.3 - '@smithy/util-base64': 3.0.0 - '@smithy/util-body-length-browser': 3.0.0 - '@smithy/util-body-length-node': 3.0.0 - '@smithy/util-defaults-mode-browser': 3.0.15 - '@smithy/util-defaults-mode-node': 3.0.15 - '@smithy/util-endpoints': 2.0.5 - '@smithy/util-middleware': 3.0.3 - '@smithy/util-retry': 3.0.3 - '@smithy/util-stream': 3.1.3 - '@smithy/util-utf8': 3.0.0 - '@smithy/util-waiter': 3.1.2 - tslib: 2.7.0 - transitivePeerDependencies: - - aws-crt - - '@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0)': - dependencies: - '@aws-crypto/sha256-browser': 5.2.0 - '@aws-crypto/sha256-js': 5.2.0 - '@aws-sdk/client-sts': 3.637.0 - '@aws-sdk/core': 3.635.0 - '@aws-sdk/credential-provider-node': 3.637.0(@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0))(@aws-sdk/client-sts@3.637.0) - '@aws-sdk/middleware-host-header': 3.620.0 - '@aws-sdk/middleware-logger': 3.609.0 - '@aws-sdk/middleware-recursion-detection': 3.620.0 - '@aws-sdk/middleware-user-agent': 3.637.0 - '@aws-sdk/region-config-resolver': 3.614.0 - '@aws-sdk/types': 3.609.0 - '@aws-sdk/util-endpoints': 3.637.0 - '@aws-sdk/util-user-agent-browser': 3.609.0 - '@aws-sdk/util-user-agent-node': 3.614.0 - '@smithy/config-resolver': 3.0.5 - '@smithy/core': 2.4.0 - '@smithy/fetch-http-handler': 3.2.4 - '@smithy/hash-node': 3.0.3 - '@smithy/invalid-dependency': 3.0.3 - '@smithy/middleware-content-length': 3.0.5 - '@smithy/middleware-endpoint': 3.1.0 - '@smithy/middleware-retry': 3.0.15 - '@smithy/middleware-serde': 3.0.3 - '@smithy/middleware-stack': 3.0.3 - '@smithy/node-config-provider': 3.1.4 - '@smithy/node-http-handler': 3.1.4 - '@smithy/protocol-http': 4.1.0 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - '@smithy/url-parser': 3.0.3 - '@smithy/util-base64': 3.0.0 - '@smithy/util-body-length-browser': 3.0.0 - '@smithy/util-body-length-node': 3.0.0 - '@smithy/util-defaults-mode-browser': 3.0.15 - '@smithy/util-defaults-mode-node': 3.0.15 - '@smithy/util-endpoints': 2.0.5 - '@smithy/util-middleware': 3.0.3 - '@smithy/util-retry': 3.0.3 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - transitivePeerDependencies: - - aws-crt - - '@aws-sdk/client-sso@3.637.0': - dependencies: - '@aws-crypto/sha256-browser': 5.2.0 - '@aws-crypto/sha256-js': 5.2.0 - '@aws-sdk/core': 3.635.0 - '@aws-sdk/middleware-host-header': 3.620.0 - '@aws-sdk/middleware-logger': 3.609.0 - '@aws-sdk/middleware-recursion-detection': 3.620.0 - '@aws-sdk/middleware-user-agent': 3.637.0 - '@aws-sdk/region-config-resolver': 3.614.0 - '@aws-sdk/types': 3.609.0 - '@aws-sdk/util-endpoints': 3.637.0 - '@aws-sdk/util-user-agent-browser': 3.609.0 - '@aws-sdk/util-user-agent-node': 3.614.0 - '@smithy/config-resolver': 3.0.5 - '@smithy/core': 2.4.0 - '@smithy/fetch-http-handler': 3.2.4 - '@smithy/hash-node': 3.0.3 - '@smithy/invalid-dependency': 3.0.3 - '@smithy/middleware-content-length': 3.0.5 - '@smithy/middleware-endpoint': 3.1.0 - '@smithy/middleware-retry': 3.0.15 - '@smithy/middleware-serde': 3.0.3 - '@smithy/middleware-stack': 3.0.3 - '@smithy/node-config-provider': 3.1.4 - '@smithy/node-http-handler': 3.1.4 - '@smithy/protocol-http': 4.1.0 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - '@smithy/url-parser': 3.0.3 - '@smithy/util-base64': 3.0.0 - '@smithy/util-body-length-browser': 3.0.0 - '@smithy/util-body-length-node': 3.0.0 - '@smithy/util-defaults-mode-browser': 3.0.15 - '@smithy/util-defaults-mode-node': 3.0.15 - '@smithy/util-endpoints': 2.0.5 - '@smithy/util-middleware': 3.0.3 - '@smithy/util-retry': 3.0.3 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - transitivePeerDependencies: - - aws-crt - - '@aws-sdk/client-sts@3.637.0': - dependencies: - '@aws-crypto/sha256-browser': 5.2.0 - '@aws-crypto/sha256-js': 5.2.0 - '@aws-sdk/client-sso-oidc': 3.637.0(@aws-sdk/client-sts@3.637.0) - '@aws-sdk/core': 3.635.0 - '@aws-sdk/credential-provider-node': 3.637.0(@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0))(@aws-sdk/client-sts@3.637.0) - '@aws-sdk/middleware-host-header': 3.620.0 - '@aws-sdk/middleware-logger': 3.609.0 - '@aws-sdk/middleware-recursion-detection': 3.620.0 - '@aws-sdk/middleware-user-agent': 3.637.0 - '@aws-sdk/region-config-resolver': 3.614.0 - '@aws-sdk/types': 3.609.0 - '@aws-sdk/util-endpoints': 3.637.0 - '@aws-sdk/util-user-agent-browser': 3.609.0 - '@aws-sdk/util-user-agent-node': 3.614.0 - '@smithy/config-resolver': 3.0.5 - '@smithy/core': 2.4.0 - '@smithy/fetch-http-handler': 3.2.4 - '@smithy/hash-node': 3.0.3 - '@smithy/invalid-dependency': 3.0.3 - '@smithy/middleware-content-length': 3.0.5 - '@smithy/middleware-endpoint': 3.1.0 - '@smithy/middleware-retry': 3.0.15 - '@smithy/middleware-serde': 3.0.3 - '@smithy/middleware-stack': 3.0.3 - '@smithy/node-config-provider': 3.1.4 - '@smithy/node-http-handler': 3.1.4 - '@smithy/protocol-http': 4.1.0 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - '@smithy/url-parser': 3.0.3 - '@smithy/util-base64': 3.0.0 - '@smithy/util-body-length-browser': 3.0.0 - '@smithy/util-body-length-node': 3.0.0 - '@smithy/util-defaults-mode-browser': 3.0.15 - '@smithy/util-defaults-mode-node': 3.0.15 - '@smithy/util-endpoints': 2.0.5 - '@smithy/util-middleware': 3.0.3 - '@smithy/util-retry': 3.0.3 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - transitivePeerDependencies: - - aws-crt - - '@aws-sdk/core@3.635.0': - dependencies: - '@smithy/core': 2.4.0 - '@smithy/node-config-provider': 3.1.4 - '@smithy/property-provider': 3.1.3 - '@smithy/protocol-http': 4.1.0 - '@smithy/signature-v4': 4.1.0 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - '@smithy/util-middleware': 3.0.3 - fast-xml-parser: 4.4.1 - tslib: 2.7.0 - - '@aws-sdk/credential-provider-env@3.620.1': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/property-provider': 3.1.3 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/credential-provider-http@3.635.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/fetch-http-handler': 3.2.4 - '@smithy/node-http-handler': 3.1.4 - '@smithy/property-provider': 3.1.3 - '@smithy/protocol-http': 4.1.0 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - '@smithy/util-stream': 3.1.3 - tslib: 2.7.0 - - '@aws-sdk/credential-provider-ini@3.637.0(@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0))(@aws-sdk/client-sts@3.637.0)': - dependencies: - '@aws-sdk/client-sts': 3.637.0 - '@aws-sdk/credential-provider-env': 3.620.1 - '@aws-sdk/credential-provider-http': 3.635.0 - '@aws-sdk/credential-provider-process': 3.620.1 - '@aws-sdk/credential-provider-sso': 3.637.0(@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0)) - '@aws-sdk/credential-provider-web-identity': 3.621.0(@aws-sdk/client-sts@3.637.0) - '@aws-sdk/types': 3.609.0 - '@smithy/credential-provider-imds': 3.2.0 - '@smithy/property-provider': 3.1.3 - '@smithy/shared-ini-file-loader': 3.1.4 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - transitivePeerDependencies: - - '@aws-sdk/client-sso-oidc' - - aws-crt - - '@aws-sdk/credential-provider-node@3.637.0(@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0))(@aws-sdk/client-sts@3.637.0)': - dependencies: - '@aws-sdk/credential-provider-env': 3.620.1 - '@aws-sdk/credential-provider-http': 3.635.0 - '@aws-sdk/credential-provider-ini': 3.637.0(@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0))(@aws-sdk/client-sts@3.637.0) - '@aws-sdk/credential-provider-process': 3.620.1 - '@aws-sdk/credential-provider-sso': 3.637.0(@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0)) - '@aws-sdk/credential-provider-web-identity': 3.621.0(@aws-sdk/client-sts@3.637.0) - '@aws-sdk/types': 3.609.0 - '@smithy/credential-provider-imds': 3.2.0 - '@smithy/property-provider': 3.1.3 - '@smithy/shared-ini-file-loader': 3.1.4 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - transitivePeerDependencies: - - '@aws-sdk/client-sso-oidc' - - '@aws-sdk/client-sts' - - aws-crt - - '@aws-sdk/credential-provider-process@3.620.1': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/property-provider': 3.1.3 - '@smithy/shared-ini-file-loader': 3.1.4 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/credential-provider-sso@3.637.0(@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0))': - dependencies: - '@aws-sdk/client-sso': 3.637.0 - '@aws-sdk/token-providers': 3.614.0(@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0)) - '@aws-sdk/types': 3.609.0 - '@smithy/property-provider': 3.1.3 - '@smithy/shared-ini-file-loader': 3.1.4 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - transitivePeerDependencies: - - '@aws-sdk/client-sso-oidc' - - aws-crt - - '@aws-sdk/credential-provider-web-identity@3.621.0(@aws-sdk/client-sts@3.637.0)': - dependencies: - '@aws-sdk/client-sts': 3.637.0 - '@aws-sdk/types': 3.609.0 - '@smithy/property-provider': 3.1.3 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/lib-storage@3.637.0(@aws-sdk/client-s3@3.637.0)': - dependencies: - '@aws-sdk/client-s3': 3.637.0 - '@smithy/abort-controller': 3.1.1 - '@smithy/middleware-endpoint': 3.1.0 - '@smithy/smithy-client': 3.2.0 - buffer: 5.6.0 - events: 3.3.0 - stream-browserify: 3.0.0 - tslib: 2.7.0 - - '@aws-sdk/middleware-bucket-endpoint@3.620.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@aws-sdk/util-arn-parser': 3.568.0 - '@smithy/node-config-provider': 3.1.4 - '@smithy/protocol-http': 4.1.0 - '@smithy/types': 3.3.0 - '@smithy/util-config-provider': 3.0.0 - tslib: 2.7.0 - - '@aws-sdk/middleware-expect-continue@3.620.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/protocol-http': 4.1.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/middleware-flexible-checksums@3.620.0': - dependencies: - '@aws-crypto/crc32': 5.2.0 - '@aws-crypto/crc32c': 5.2.0 - '@aws-sdk/types': 3.609.0 - '@smithy/is-array-buffer': 3.0.0 - '@smithy/protocol-http': 4.1.0 - '@smithy/types': 3.3.0 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - - '@aws-sdk/middleware-host-header@3.620.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/protocol-http': 4.1.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/middleware-location-constraint@3.609.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/middleware-logger@3.609.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/middleware-recursion-detection@3.620.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/protocol-http': 4.1.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/middleware-sdk-s3@3.635.0': - dependencies: - '@aws-sdk/core': 3.635.0 - '@aws-sdk/types': 3.609.0 - '@aws-sdk/util-arn-parser': 3.568.0 - '@smithy/core': 2.4.0 - '@smithy/node-config-provider': 3.1.4 - '@smithy/protocol-http': 4.1.0 - '@smithy/signature-v4': 4.1.0 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - '@smithy/util-config-provider': 3.0.0 - '@smithy/util-middleware': 3.0.3 - '@smithy/util-stream': 3.1.3 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - - '@aws-sdk/middleware-ssec@3.609.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/middleware-user-agent@3.637.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@aws-sdk/util-endpoints': 3.637.0 - '@smithy/protocol-http': 4.1.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/region-config-resolver@3.614.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/node-config-provider': 3.1.4 - '@smithy/types': 3.3.0 - '@smithy/util-config-provider': 3.0.0 - '@smithy/util-middleware': 3.0.3 - tslib: 2.7.0 - - '@aws-sdk/s3-request-presigner@3.637.0': - dependencies: - '@aws-sdk/signature-v4-multi-region': 3.635.0 - '@aws-sdk/types': 3.609.0 - '@aws-sdk/util-format-url': 3.609.0 - '@smithy/middleware-endpoint': 3.1.0 - '@smithy/protocol-http': 4.1.0 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/signature-v4-multi-region@3.635.0': - dependencies: - '@aws-sdk/middleware-sdk-s3': 3.635.0 - '@aws-sdk/types': 3.609.0 - '@smithy/protocol-http': 4.1.0 - '@smithy/signature-v4': 4.1.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/token-providers@3.614.0(@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0))': - dependencies: - '@aws-sdk/client-sso-oidc': 3.637.0(@aws-sdk/client-sts@3.637.0) - '@aws-sdk/types': 3.609.0 - '@smithy/property-provider': 3.1.3 - '@smithy/shared-ini-file-loader': 3.1.4 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/types@3.609.0': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/util-arn-parser@3.568.0': - dependencies: - tslib: 2.7.0 - - '@aws-sdk/util-endpoints@3.637.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/types': 3.3.0 - '@smithy/util-endpoints': 2.0.5 - tslib: 2.7.0 - - '@aws-sdk/util-format-url@3.609.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/querystring-builder': 3.0.3 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/util-locate-window@3.568.0': - dependencies: - tslib: 2.7.0 - - '@aws-sdk/util-user-agent-browser@3.609.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/types': 3.3.0 - bowser: 2.11.0 - tslib: 2.7.0 - - '@aws-sdk/util-user-agent-node@3.614.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/node-config-provider': 3.1.4 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/xml-builder@3.609.0': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@babel/code-frame@7.24.7': - dependencies: - '@babel/highlight': 7.24.7 - picocolors: 1.1.0 - - '@babel/compat-data@7.25.4': {} - - '@babel/core@7.25.2': - dependencies: - '@ampproject/remapping': 2.3.0 - '@babel/code-frame': 7.24.7 - '@babel/generator': 7.25.6 - '@babel/helper-compilation-targets': 7.25.2 - '@babel/helper-module-transforms': 7.25.2(@babel/core@7.25.2) - '@babel/helpers': 7.25.6 - '@babel/parser': 7.25.6 - '@babel/template': 7.25.0 - '@babel/traverse': 7.25.6 - '@babel/types': 7.25.6 - convert-source-map: 2.0.0 - debug: 4.3.6 - gensync: 1.0.0-beta.2 - json5: 2.2.3 - semver: 6.3.1 - transitivePeerDependencies: - - supports-color - - '@babel/generator@7.25.6': - dependencies: - '@babel/types': 7.25.6 - '@jridgewell/gen-mapping': 0.3.5 - '@jridgewell/trace-mapping': 0.3.25 - jsesc: 2.5.2 - - '@babel/helper-annotate-as-pure@7.24.7': - dependencies: - '@babel/types': 7.25.6 - - '@babel/helper-builder-binary-assignment-operator-visitor@7.24.7': - dependencies: - '@babel/traverse': 7.25.6 - '@babel/types': 7.25.6 - transitivePeerDependencies: - - supports-color - - '@babel/helper-compilation-targets@7.25.2': - dependencies: - '@babel/compat-data': 7.25.4 - '@babel/helper-validator-option': 7.24.8 - browserslist: 4.23.3 - lru-cache: 5.1.1 - semver: 6.3.1 - - '@babel/helper-create-class-features-plugin@7.25.4(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-annotate-as-pure': 7.24.7 - '@babel/helper-member-expression-to-functions': 7.24.8 - '@babel/helper-optimise-call-expression': 7.24.7 - '@babel/helper-replace-supers': 7.25.0(@babel/core@7.25.2) - '@babel/helper-skip-transparent-expression-wrappers': 7.24.7 - '@babel/traverse': 7.25.6 - semver: 6.3.1 - transitivePeerDependencies: - - supports-color - - '@babel/helper-create-regexp-features-plugin@7.25.2(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-annotate-as-pure': 7.24.7 - regexpu-core: 5.3.2 - semver: 6.3.1 - - '@babel/helper-define-polyfill-provider@0.6.2(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-compilation-targets': 7.25.2 - '@babel/helper-plugin-utils': 7.24.8 - debug: 4.3.6 - lodash.debounce: 4.0.8 - resolve: 1.22.8 - transitivePeerDependencies: - - supports-color - - '@babel/helper-member-expression-to-functions@7.24.8': - dependencies: - '@babel/traverse': 7.25.6 - '@babel/types': 7.25.6 - transitivePeerDependencies: - - supports-color - - '@babel/helper-module-imports@7.24.7': - dependencies: - '@babel/traverse': 7.25.6 - '@babel/types': 7.25.6 - transitivePeerDependencies: - - supports-color - - '@babel/helper-module-transforms@7.25.2(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-module-imports': 7.24.7 - '@babel/helper-simple-access': 7.24.7 - '@babel/helper-validator-identifier': 7.24.7 - '@babel/traverse': 7.25.6 - transitivePeerDependencies: - - supports-color - - '@babel/helper-optimise-call-expression@7.24.7': - dependencies: - '@babel/types': 7.25.6 - - '@babel/helper-plugin-utils@7.24.8': {} - - '@babel/helper-remap-async-to-generator@7.25.0(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-annotate-as-pure': 7.24.7 - '@babel/helper-wrap-function': 7.25.0 - '@babel/traverse': 7.25.6 - transitivePeerDependencies: - - supports-color - - '@babel/helper-replace-supers@7.25.0(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-member-expression-to-functions': 7.24.8 - '@babel/helper-optimise-call-expression': 7.24.7 - '@babel/traverse': 7.25.6 - transitivePeerDependencies: - - supports-color - - '@babel/helper-simple-access@7.24.7': - dependencies: - '@babel/traverse': 7.25.6 - '@babel/types': 7.25.6 - transitivePeerDependencies: - - supports-color - - '@babel/helper-skip-transparent-expression-wrappers@7.24.7': - dependencies: - '@babel/traverse': 7.25.6 - '@babel/types': 7.25.6 - transitivePeerDependencies: - - supports-color - - '@babel/helper-string-parser@7.24.8': {} - - '@babel/helper-validator-identifier@7.24.7': {} - - '@babel/helper-validator-option@7.24.8': {} - - '@babel/helper-wrap-function@7.25.0': - dependencies: - '@babel/template': 7.25.0 - '@babel/traverse': 7.25.6 - '@babel/types': 7.25.6 - transitivePeerDependencies: - - supports-color - - '@babel/helpers@7.25.6': - dependencies: - '@babel/template': 7.25.0 - '@babel/types': 7.25.6 - - '@babel/highlight@7.24.7': - dependencies: - '@babel/helper-validator-identifier': 7.24.7 - chalk: 2.4.2 - js-tokens: 4.0.0 - picocolors: 1.1.0 - - '@babel/parser@7.25.6': - dependencies: - '@babel/types': 7.25.6 - - '@babel/plugin-bugfix-firefox-class-in-computed-class-key@7.25.3(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-plugin-utils': 7.24.8 - '@babel/traverse': 7.25.6 - transitivePeerDependencies: - - supports-color - - '@babel/plugin-bugfix-safari-class-field-initializer-scope@7.25.0(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-plugin-utils': 7.24.8 - - '@babel/plugin-bugfix-safari-id-destructuring-collision-in-function-expression@7.25.0(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-plugin-utils': 7.24.8 - - '@babel/plugin-bugfix-v8-spread-parameters-in-optional-chaining@7.24.7(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-plugin-utils': 7.24.8 - '@babel/helper-skip-transparent-expression-wrappers': 7.24.7 - '@babel/plugin-transform-optional-chaining': 7.24.8(@babel/core@7.25.2) - transitivePeerDependencies: - - supports-color - - '@babel/plugin-bugfix-v8-static-class-fields-redefine-readonly@7.25.0(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-plugin-utils': 7.24.8 - '@babel/traverse': 7.25.6 - transitivePeerDependencies: - - supports-color - - '@babel/plugin-proposal-private-property-in-object@7.21.0-placeholder-for-preset-env.2(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - - '@babel/plugin-syntax-async-generators@7.8.4(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-plugin-utils': 7.24.8 - - '@babel/plugin-syntax-class-properties@7.12.13(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-plugin-utils': 7.24.8 - - '@babel/plugin-syntax-class-static-block@7.14.5(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-plugin-utils': 7.24.8 - - '@babel/plugin-syntax-dynamic-import@7.8.3(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-plugin-utils': 7.24.8 - - '@babel/plugin-syntax-export-namespace-from@7.8.3(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-plugin-utils': 7.24.8 - - '@babel/plugin-syntax-import-assertions@7.25.6(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-plugin-utils': 7.24.8 - - '@babel/plugin-syntax-import-attributes@7.25.6(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-plugin-utils': 7.24.8 - - '@babel/plugin-syntax-import-meta@7.10.4(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-plugin-utils': 7.24.8 - - '@babel/plugin-syntax-json-strings@7.8.3(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-plugin-utils': 7.24.8 - - '@babel/plugin-syntax-jsx@7.24.7(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-plugin-utils': 7.24.8 - - '@babel/plugin-syntax-logical-assignment-operators@7.10.4(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-plugin-utils': 7.24.8 - - '@babel/plugin-syntax-nullish-coalescing-operator@7.8.3(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-plugin-utils': 7.24.8 - - '@babel/plugin-syntax-numeric-separator@7.10.4(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-plugin-utils': 7.24.8 - - '@babel/plugin-syntax-object-rest-spread@7.8.3(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-plugin-utils': 7.24.8 - - '@babel/plugin-syntax-optional-catch-binding@7.8.3(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-plugin-utils': 7.24.8 - - '@babel/plugin-syntax-optional-chaining@7.8.3(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-plugin-utils': 7.24.8 - - '@babel/plugin-syntax-private-property-in-object@7.14.5(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-plugin-utils': 7.24.8 - - '@babel/plugin-syntax-top-level-await@7.14.5(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-plugin-utils': 7.24.8 - - '@babel/plugin-syntax-typescript@7.25.4(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-plugin-utils': 7.24.8 - - '@babel/plugin-syntax-unicode-sets-regex@7.18.6(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-create-regexp-features-plugin': 7.25.2(@babel/core@7.25.2) - '@babel/helper-plugin-utils': 7.24.8 - - '@babel/plugin-transform-arrow-functions@7.24.7(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-plugin-utils': 7.24.8 - - '@babel/plugin-transform-async-generator-functions@7.25.4(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-plugin-utils': 7.24.8 - '@babel/helper-remap-async-to-generator': 7.25.0(@babel/core@7.25.2) - '@babel/plugin-syntax-async-generators': 7.8.4(@babel/core@7.25.2) - '@babel/traverse': 7.25.6 - transitivePeerDependencies: - - supports-color - - '@babel/plugin-transform-async-to-generator@7.24.7(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-module-imports': 7.24.7 - '@babel/helper-plugin-utils': 7.24.8 - '@babel/helper-remap-async-to-generator': 7.25.0(@babel/core@7.25.2) - transitivePeerDependencies: - - supports-color - - '@babel/plugin-transform-block-scoped-functions@7.24.7(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-plugin-utils': 7.24.8 - - '@babel/plugin-transform-block-scoping@7.25.0(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-plugin-utils': 7.24.8 - - '@babel/plugin-transform-class-properties@7.25.4(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-create-class-features-plugin': 7.25.4(@babel/core@7.25.2) - '@babel/helper-plugin-utils': 7.24.8 - transitivePeerDependencies: - - supports-color - - '@babel/plugin-transform-class-static-block@7.24.7(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-create-class-features-plugin': 7.25.4(@babel/core@7.25.2) - '@babel/helper-plugin-utils': 7.24.8 - '@babel/plugin-syntax-class-static-block': 7.14.5(@babel/core@7.25.2) - transitivePeerDependencies: - - supports-color - - '@babel/plugin-transform-classes@7.25.4(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-annotate-as-pure': 7.24.7 - '@babel/helper-compilation-targets': 7.25.2 - '@babel/helper-plugin-utils': 7.24.8 - '@babel/helper-replace-supers': 7.25.0(@babel/core@7.25.2) - '@babel/traverse': 7.25.6 - globals: 11.12.0 - transitivePeerDependencies: - - supports-color - - '@babel/plugin-transform-computed-properties@7.24.7(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-plugin-utils': 7.24.8 - '@babel/template': 7.25.0 - - '@babel/plugin-transform-destructuring@7.24.8(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-plugin-utils': 7.24.8 - - '@babel/plugin-transform-dotall-regex@7.24.7(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-create-regexp-features-plugin': 7.25.2(@babel/core@7.25.2) - '@babel/helper-plugin-utils': 7.24.8 - - '@babel/plugin-transform-duplicate-keys@7.24.7(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-plugin-utils': 7.24.8 - - '@babel/plugin-transform-duplicate-named-capturing-groups-regex@7.25.0(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-create-regexp-features-plugin': 7.25.2(@babel/core@7.25.2) - '@babel/helper-plugin-utils': 7.24.8 - - '@babel/plugin-transform-dynamic-import@7.24.7(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-plugin-utils': 7.24.8 - '@babel/plugin-syntax-dynamic-import': 7.8.3(@babel/core@7.25.2) - - '@babel/plugin-transform-exponentiation-operator@7.24.7(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-builder-binary-assignment-operator-visitor': 7.24.7 - '@babel/helper-plugin-utils': 7.24.8 - transitivePeerDependencies: - - supports-color - - '@babel/plugin-transform-export-namespace-from@7.24.7(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-plugin-utils': 7.24.8 - '@babel/plugin-syntax-export-namespace-from': 7.8.3(@babel/core@7.25.2) - - '@babel/plugin-transform-for-of@7.24.7(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-plugin-utils': 7.24.8 - '@babel/helper-skip-transparent-expression-wrappers': 7.24.7 - transitivePeerDependencies: - - supports-color - - '@babel/plugin-transform-function-name@7.25.1(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-compilation-targets': 7.25.2 - '@babel/helper-plugin-utils': 7.24.8 - '@babel/traverse': 7.25.6 - transitivePeerDependencies: - - supports-color - - '@babel/plugin-transform-json-strings@7.24.7(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-plugin-utils': 7.24.8 - '@babel/plugin-syntax-json-strings': 7.8.3(@babel/core@7.25.2) - - '@babel/plugin-transform-literals@7.25.2(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-plugin-utils': 7.24.8 - - '@babel/plugin-transform-logical-assignment-operators@7.24.7(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-plugin-utils': 7.24.8 - '@babel/plugin-syntax-logical-assignment-operators': 7.10.4(@babel/core@7.25.2) - - '@babel/plugin-transform-member-expression-literals@7.24.7(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-plugin-utils': 7.24.8 - - '@babel/plugin-transform-modules-amd@7.24.7(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-module-transforms': 7.25.2(@babel/core@7.25.2) - '@babel/helper-plugin-utils': 7.24.8 - transitivePeerDependencies: - - supports-color - - '@babel/plugin-transform-modules-commonjs@7.24.8(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-module-transforms': 7.25.2(@babel/core@7.25.2) - '@babel/helper-plugin-utils': 7.24.8 - '@babel/helper-simple-access': 7.24.7 - transitivePeerDependencies: - - supports-color - - '@babel/plugin-transform-modules-systemjs@7.25.0(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-module-transforms': 7.25.2(@babel/core@7.25.2) - '@babel/helper-plugin-utils': 7.24.8 - '@babel/helper-validator-identifier': 7.24.7 - '@babel/traverse': 7.25.6 - transitivePeerDependencies: - - supports-color - - '@babel/plugin-transform-modules-umd@7.24.7(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-module-transforms': 7.25.2(@babel/core@7.25.2) - '@babel/helper-plugin-utils': 7.24.8 - transitivePeerDependencies: - - supports-color - - '@babel/plugin-transform-named-capturing-groups-regex@7.24.7(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-create-regexp-features-plugin': 7.25.2(@babel/core@7.25.2) - '@babel/helper-plugin-utils': 7.24.8 - - '@babel/plugin-transform-new-target@7.24.7(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-plugin-utils': 7.24.8 - - '@babel/plugin-transform-nullish-coalescing-operator@7.24.7(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-plugin-utils': 7.24.8 - '@babel/plugin-syntax-nullish-coalescing-operator': 7.8.3(@babel/core@7.25.2) - - '@babel/plugin-transform-numeric-separator@7.24.7(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-plugin-utils': 7.24.8 - '@babel/plugin-syntax-numeric-separator': 7.10.4(@babel/core@7.25.2) - - '@babel/plugin-transform-object-rest-spread@7.24.7(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-compilation-targets': 7.25.2 - '@babel/helper-plugin-utils': 7.24.8 - '@babel/plugin-syntax-object-rest-spread': 7.8.3(@babel/core@7.25.2) - '@babel/plugin-transform-parameters': 7.24.7(@babel/core@7.25.2) - - '@babel/plugin-transform-object-super@7.24.7(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-plugin-utils': 7.24.8 - '@babel/helper-replace-supers': 7.25.0(@babel/core@7.25.2) - transitivePeerDependencies: - - supports-color - - '@babel/plugin-transform-optional-catch-binding@7.24.7(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-plugin-utils': 7.24.8 - '@babel/plugin-syntax-optional-catch-binding': 7.8.3(@babel/core@7.25.2) - - '@babel/plugin-transform-optional-chaining@7.24.8(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-plugin-utils': 7.24.8 - '@babel/helper-skip-transparent-expression-wrappers': 7.24.7 - '@babel/plugin-syntax-optional-chaining': 7.8.3(@babel/core@7.25.2) - transitivePeerDependencies: - - supports-color - - '@babel/plugin-transform-parameters@7.24.7(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-plugin-utils': 7.24.8 - - '@babel/plugin-transform-private-methods@7.25.4(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-create-class-features-plugin': 7.25.4(@babel/core@7.25.2) - '@babel/helper-plugin-utils': 7.24.8 - transitivePeerDependencies: - - supports-color - - '@babel/plugin-transform-private-property-in-object@7.24.7(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-annotate-as-pure': 7.24.7 - '@babel/helper-create-class-features-plugin': 7.25.4(@babel/core@7.25.2) - '@babel/helper-plugin-utils': 7.24.8 - '@babel/plugin-syntax-private-property-in-object': 7.14.5(@babel/core@7.25.2) - transitivePeerDependencies: - - supports-color - - '@babel/plugin-transform-property-literals@7.24.7(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-plugin-utils': 7.24.8 - - '@babel/plugin-transform-regenerator@7.24.7(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-plugin-utils': 7.24.8 - regenerator-transform: 0.15.2 - - '@babel/plugin-transform-reserved-words@7.24.7(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-plugin-utils': 7.24.8 - - '@babel/plugin-transform-shorthand-properties@7.24.7(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-plugin-utils': 7.24.8 - - '@babel/plugin-transform-spread@7.24.7(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-plugin-utils': 7.24.8 - '@babel/helper-skip-transparent-expression-wrappers': 7.24.7 - transitivePeerDependencies: - - supports-color - - '@babel/plugin-transform-sticky-regex@7.24.7(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-plugin-utils': 7.24.8 - - '@babel/plugin-transform-template-literals@7.24.7(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-plugin-utils': 7.24.8 - - '@babel/plugin-transform-typeof-symbol@7.24.8(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-plugin-utils': 7.24.8 - - '@babel/plugin-transform-typescript@7.25.2(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-annotate-as-pure': 7.24.7 - '@babel/helper-create-class-features-plugin': 7.25.4(@babel/core@7.25.2) - '@babel/helper-plugin-utils': 7.24.8 - '@babel/helper-skip-transparent-expression-wrappers': 7.24.7 - '@babel/plugin-syntax-typescript': 7.25.4(@babel/core@7.25.2) - transitivePeerDependencies: - - supports-color - - '@babel/plugin-transform-unicode-escapes@7.24.7(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-plugin-utils': 7.24.8 - - '@babel/plugin-transform-unicode-property-regex@7.24.7(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-create-regexp-features-plugin': 7.25.2(@babel/core@7.25.2) - '@babel/helper-plugin-utils': 7.24.8 - - '@babel/plugin-transform-unicode-regex@7.24.7(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-create-regexp-features-plugin': 7.25.2(@babel/core@7.25.2) - '@babel/helper-plugin-utils': 7.24.8 - - '@babel/plugin-transform-unicode-sets-regex@7.25.4(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-create-regexp-features-plugin': 7.25.2(@babel/core@7.25.2) - '@babel/helper-plugin-utils': 7.24.8 - - '@babel/preset-env@7.25.4(@babel/core@7.25.2)': - dependencies: - '@babel/compat-data': 7.25.4 - '@babel/core': 7.25.2 - '@babel/helper-compilation-targets': 7.25.2 - '@babel/helper-plugin-utils': 7.24.8 - '@babel/helper-validator-option': 7.24.8 - '@babel/plugin-bugfix-firefox-class-in-computed-class-key': 7.25.3(@babel/core@7.25.2) - '@babel/plugin-bugfix-safari-class-field-initializer-scope': 7.25.0(@babel/core@7.25.2) - '@babel/plugin-bugfix-safari-id-destructuring-collision-in-function-expression': 7.25.0(@babel/core@7.25.2) - '@babel/plugin-bugfix-v8-spread-parameters-in-optional-chaining': 7.24.7(@babel/core@7.25.2) - '@babel/plugin-bugfix-v8-static-class-fields-redefine-readonly': 7.25.0(@babel/core@7.25.2) - '@babel/plugin-proposal-private-property-in-object': 7.21.0-placeholder-for-preset-env.2(@babel/core@7.25.2) - '@babel/plugin-syntax-async-generators': 7.8.4(@babel/core@7.25.2) - '@babel/plugin-syntax-class-properties': 7.12.13(@babel/core@7.25.2) - '@babel/plugin-syntax-class-static-block': 7.14.5(@babel/core@7.25.2) - '@babel/plugin-syntax-dynamic-import': 7.8.3(@babel/core@7.25.2) - '@babel/plugin-syntax-export-namespace-from': 7.8.3(@babel/core@7.25.2) - '@babel/plugin-syntax-import-assertions': 7.25.6(@babel/core@7.25.2) - '@babel/plugin-syntax-import-attributes': 7.25.6(@babel/core@7.25.2) - '@babel/plugin-syntax-import-meta': 7.10.4(@babel/core@7.25.2) - '@babel/plugin-syntax-json-strings': 7.8.3(@babel/core@7.25.2) - '@babel/plugin-syntax-logical-assignment-operators': 7.10.4(@babel/core@7.25.2) - '@babel/plugin-syntax-nullish-coalescing-operator': 7.8.3(@babel/core@7.25.2) - '@babel/plugin-syntax-numeric-separator': 7.10.4(@babel/core@7.25.2) - '@babel/plugin-syntax-object-rest-spread': 7.8.3(@babel/core@7.25.2) - '@babel/plugin-syntax-optional-catch-binding': 7.8.3(@babel/core@7.25.2) - '@babel/plugin-syntax-optional-chaining': 7.8.3(@babel/core@7.25.2) - '@babel/plugin-syntax-private-property-in-object': 7.14.5(@babel/core@7.25.2) - '@babel/plugin-syntax-top-level-await': 7.14.5(@babel/core@7.25.2) - '@babel/plugin-syntax-unicode-sets-regex': 7.18.6(@babel/core@7.25.2) - '@babel/plugin-transform-arrow-functions': 7.24.7(@babel/core@7.25.2) - '@babel/plugin-transform-async-generator-functions': 7.25.4(@babel/core@7.25.2) - '@babel/plugin-transform-async-to-generator': 7.24.7(@babel/core@7.25.2) - '@babel/plugin-transform-block-scoped-functions': 7.24.7(@babel/core@7.25.2) - '@babel/plugin-transform-block-scoping': 7.25.0(@babel/core@7.25.2) - '@babel/plugin-transform-class-properties': 7.25.4(@babel/core@7.25.2) - '@babel/plugin-transform-class-static-block': 7.24.7(@babel/core@7.25.2) - '@babel/plugin-transform-classes': 7.25.4(@babel/core@7.25.2) - '@babel/plugin-transform-computed-properties': 7.24.7(@babel/core@7.25.2) - '@babel/plugin-transform-destructuring': 7.24.8(@babel/core@7.25.2) - '@babel/plugin-transform-dotall-regex': 7.24.7(@babel/core@7.25.2) - '@babel/plugin-transform-duplicate-keys': 7.24.7(@babel/core@7.25.2) - '@babel/plugin-transform-duplicate-named-capturing-groups-regex': 7.25.0(@babel/core@7.25.2) - '@babel/plugin-transform-dynamic-import': 7.24.7(@babel/core@7.25.2) - '@babel/plugin-transform-exponentiation-operator': 7.24.7(@babel/core@7.25.2) - '@babel/plugin-transform-export-namespace-from': 7.24.7(@babel/core@7.25.2) - '@babel/plugin-transform-for-of': 7.24.7(@babel/core@7.25.2) - '@babel/plugin-transform-function-name': 7.25.1(@babel/core@7.25.2) - '@babel/plugin-transform-json-strings': 7.24.7(@babel/core@7.25.2) - '@babel/plugin-transform-literals': 7.25.2(@babel/core@7.25.2) - '@babel/plugin-transform-logical-assignment-operators': 7.24.7(@babel/core@7.25.2) - '@babel/plugin-transform-member-expression-literals': 7.24.7(@babel/core@7.25.2) - '@babel/plugin-transform-modules-amd': 7.24.7(@babel/core@7.25.2) - '@babel/plugin-transform-modules-commonjs': 7.24.8(@babel/core@7.25.2) - '@babel/plugin-transform-modules-systemjs': 7.25.0(@babel/core@7.25.2) - '@babel/plugin-transform-modules-umd': 7.24.7(@babel/core@7.25.2) - '@babel/plugin-transform-named-capturing-groups-regex': 7.24.7(@babel/core@7.25.2) - '@babel/plugin-transform-new-target': 7.24.7(@babel/core@7.25.2) - '@babel/plugin-transform-nullish-coalescing-operator': 7.24.7(@babel/core@7.25.2) - '@babel/plugin-transform-numeric-separator': 7.24.7(@babel/core@7.25.2) - '@babel/plugin-transform-object-rest-spread': 7.24.7(@babel/core@7.25.2) - '@babel/plugin-transform-object-super': 7.24.7(@babel/core@7.25.2) - '@babel/plugin-transform-optional-catch-binding': 7.24.7(@babel/core@7.25.2) - '@babel/plugin-transform-optional-chaining': 7.24.8(@babel/core@7.25.2) - '@babel/plugin-transform-parameters': 7.24.7(@babel/core@7.25.2) - '@babel/plugin-transform-private-methods': 7.25.4(@babel/core@7.25.2) - '@babel/plugin-transform-private-property-in-object': 7.24.7(@babel/core@7.25.2) - '@babel/plugin-transform-property-literals': 7.24.7(@babel/core@7.25.2) - '@babel/plugin-transform-regenerator': 7.24.7(@babel/core@7.25.2) - '@babel/plugin-transform-reserved-words': 7.24.7(@babel/core@7.25.2) - '@babel/plugin-transform-shorthand-properties': 7.24.7(@babel/core@7.25.2) - '@babel/plugin-transform-spread': 7.24.7(@babel/core@7.25.2) - '@babel/plugin-transform-sticky-regex': 7.24.7(@babel/core@7.25.2) - '@babel/plugin-transform-template-literals': 7.24.7(@babel/core@7.25.2) - '@babel/plugin-transform-typeof-symbol': 7.24.8(@babel/core@7.25.2) - '@babel/plugin-transform-unicode-escapes': 7.24.7(@babel/core@7.25.2) - '@babel/plugin-transform-unicode-property-regex': 7.24.7(@babel/core@7.25.2) - '@babel/plugin-transform-unicode-regex': 7.24.7(@babel/core@7.25.2) - '@babel/plugin-transform-unicode-sets-regex': 7.25.4(@babel/core@7.25.2) - '@babel/preset-modules': 0.1.6-no-external-plugins(@babel/core@7.25.2) - babel-plugin-polyfill-corejs2: 0.4.11(@babel/core@7.25.2) - babel-plugin-polyfill-corejs3: 0.10.6(@babel/core@7.25.2) - babel-plugin-polyfill-regenerator: 0.6.2(@babel/core@7.25.2) - core-js-compat: 3.38.1 - semver: 6.3.1 - transitivePeerDependencies: - - supports-color - - '@babel/preset-modules@0.1.6-no-external-plugins(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-plugin-utils': 7.24.8 - '@babel/types': 7.25.6 - esutils: 2.0.3 - - '@babel/preset-typescript@7.24.7(@babel/core@7.25.2)': - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-plugin-utils': 7.24.8 - '@babel/helper-validator-option': 7.24.8 - '@babel/plugin-syntax-jsx': 7.24.7(@babel/core@7.25.2) - '@babel/plugin-transform-modules-commonjs': 7.24.8(@babel/core@7.25.2) - '@babel/plugin-transform-typescript': 7.25.2(@babel/core@7.25.2) - transitivePeerDependencies: - - supports-color - - '@babel/regjsgen@0.8.0': {} - - '@babel/runtime@7.25.6': - dependencies: - regenerator-runtime: 0.14.1 - - '@babel/template@7.25.0': - dependencies: - '@babel/code-frame': 7.24.7 - '@babel/parser': 7.25.6 - '@babel/types': 7.25.6 - - '@babel/traverse@7.25.6': - dependencies: - '@babel/code-frame': 7.24.7 - '@babel/generator': 7.25.6 - '@babel/parser': 7.25.6 - '@babel/template': 7.25.0 - '@babel/types': 7.25.6 - debug: 4.3.6 - globals: 11.12.0 - transitivePeerDependencies: - - supports-color - - '@babel/types@7.25.6': - dependencies: - '@babel/helper-string-parser': 7.24.8 - '@babel/helper-validator-identifier': 7.24.7 - to-fast-properties: 2.0.0 - - '@cspotcode/source-map-support@0.8.1': - dependencies: - '@jridgewell/trace-mapping': 0.3.9 - - '@emnapi/runtime@1.2.0': - dependencies: - tslib: 2.7.0 - optional: true - - '@esbuild/aix-ppc64@0.23.1': - optional: true - - '@esbuild/android-arm64@0.23.1': - optional: true - - '@esbuild/android-arm@0.23.1': - optional: true - - '@esbuild/android-x64@0.23.1': - optional: true - - '@esbuild/darwin-arm64@0.23.1': - optional: true - - '@esbuild/darwin-x64@0.23.1': - optional: true - - '@esbuild/freebsd-arm64@0.23.1': - optional: true - - '@esbuild/freebsd-x64@0.23.1': - optional: true - - '@esbuild/linux-arm64@0.23.1': - optional: true - - '@esbuild/linux-arm@0.23.1': - optional: true - - '@esbuild/linux-ia32@0.23.1': - optional: true - - '@esbuild/linux-loong64@0.23.1': - optional: true - - '@esbuild/linux-mips64el@0.23.1': - optional: true - - '@esbuild/linux-ppc64@0.23.1': - optional: true - - '@esbuild/linux-riscv64@0.23.1': - optional: true - - '@esbuild/linux-s390x@0.23.1': - optional: true - - '@esbuild/linux-x64@0.23.1': - optional: true - - '@esbuild/netbsd-x64@0.23.1': - optional: true - - '@esbuild/openbsd-arm64@0.23.1': - optional: true - - '@esbuild/openbsd-x64@0.23.1': - optional: true - - '@esbuild/sunos-x64@0.23.1': - optional: true - - '@esbuild/win32-arm64@0.23.1': - optional: true - - '@esbuild/win32-ia32@0.23.1': - optional: true - - '@esbuild/win32-x64@0.23.1': - optional: true - - '@fastify/accept-negotiator@1.1.0': {} - - '@fastify/ajv-compiler@3.6.0': - dependencies: - ajv: 8.17.1 - ajv-formats: 2.1.1(ajv@8.17.1) - fast-uri: 2.4.0 - - '@fastify/error@3.4.1': {} - - '@fastify/fast-json-stringify-compiler@4.3.0': - dependencies: - fast-json-stringify: 5.16.1 - - '@fastify/merge-json-schemas@0.1.1': - dependencies: - fast-deep-equal: 3.1.3 - - '@fastify/send@2.1.0': - dependencies: - '@lukeed/ms': 2.0.2 - escape-html: 1.0.3 - fast-decode-uri-component: 1.0.1 - http-errors: 2.0.0 - mime: 3.0.0 - - '@fastify/static@7.0.4': - dependencies: - '@fastify/accept-negotiator': 1.1.0 - '@fastify/send': 2.1.0 - content-disposition: 0.5.4 - fastify-plugin: 4.5.1 - fastq: 1.17.1 - glob: 10.4.5 - - '@fastify/swagger-ui@4.1.0': - dependencies: - '@fastify/static': 7.0.4 - fastify-plugin: 4.5.1 - openapi-types: 12.1.3 - rfdc: 1.4.1 - yaml: 2.5.0 - - '@fastify/swagger@8.15.0': - dependencies: - fastify-plugin: 4.5.1 - json-schema-resolver: 2.0.0 - openapi-types: 12.1.3 - rfdc: 1.4.1 - yaml: 2.5.0 - transitivePeerDependencies: - - supports-color - - '@grpc/grpc-js@1.11.1': - dependencies: - '@grpc/proto-loader': 0.7.13 - '@js-sdsl/ordered-map': 4.4.2 - - '@grpc/proto-loader@0.7.13': - dependencies: - lodash.camelcase: 4.3.0 - long: 5.2.3 - protobufjs: 7.4.0 - yargs: 17.7.2 - - '@img/sharp-darwin-arm64@0.33.5': - optionalDependencies: - '@img/sharp-libvips-darwin-arm64': 1.0.4 - optional: true - - '@img/sharp-darwin-x64@0.33.5': - optionalDependencies: - '@img/sharp-libvips-darwin-x64': 1.0.4 - optional: true - - '@img/sharp-libvips-darwin-arm64@1.0.4': - optional: true - - '@img/sharp-libvips-darwin-x64@1.0.4': - optional: true - - '@img/sharp-libvips-linux-arm64@1.0.4': - optional: true - - '@img/sharp-libvips-linux-arm@1.0.5': - optional: true - - '@img/sharp-libvips-linux-s390x@1.0.4': - optional: true - - '@img/sharp-libvips-linux-x64@1.0.4': - optional: true - - '@img/sharp-libvips-linuxmusl-arm64@1.0.4': - optional: true - - '@img/sharp-libvips-linuxmusl-x64@1.0.4': - optional: true - - '@img/sharp-linux-arm64@0.33.5': - optionalDependencies: - '@img/sharp-libvips-linux-arm64': 1.0.4 - optional: true - - '@img/sharp-linux-arm@0.33.5': - optionalDependencies: - '@img/sharp-libvips-linux-arm': 1.0.5 - optional: true - - '@img/sharp-linux-s390x@0.33.5': - optionalDependencies: - '@img/sharp-libvips-linux-s390x': 1.0.4 - optional: true - - '@img/sharp-linux-x64@0.33.5': - optionalDependencies: - '@img/sharp-libvips-linux-x64': 1.0.4 - optional: true - - '@img/sharp-linuxmusl-arm64@0.33.5': - optionalDependencies: - '@img/sharp-libvips-linuxmusl-arm64': 1.0.4 - optional: true - - '@img/sharp-linuxmusl-x64@0.33.5': - optionalDependencies: - '@img/sharp-libvips-linuxmusl-x64': 1.0.4 - optional: true - - '@img/sharp-wasm32@0.33.5': - dependencies: - '@emnapi/runtime': 1.2.0 - optional: true - - '@img/sharp-win32-ia32@0.33.5': - optional: true - - '@img/sharp-win32-x64@0.33.5': - optional: true - - '@isaacs/cliui@8.0.2': - dependencies: - string-width: 5.1.2 - string-width-cjs: string-width@4.2.3 - strip-ansi: 7.1.0 - strip-ansi-cjs: strip-ansi@6.0.1 - wrap-ansi: 8.1.0 - wrap-ansi-cjs: wrap-ansi@7.0.0 - - '@jridgewell/gen-mapping@0.3.5': - dependencies: - '@jridgewell/set-array': 1.2.1 - '@jridgewell/sourcemap-codec': 1.5.0 - '@jridgewell/trace-mapping': 0.3.25 - - '@jridgewell/resolve-uri@3.1.2': {} - - '@jridgewell/set-array@1.2.1': {} - - '@jridgewell/source-map@0.3.6': - dependencies: - '@jridgewell/gen-mapping': 0.3.5 - '@jridgewell/trace-mapping': 0.3.25 - - '@jridgewell/sourcemap-codec@1.5.0': {} - - '@jridgewell/trace-mapping@0.3.25': - dependencies: - '@jridgewell/resolve-uri': 3.1.2 - '@jridgewell/sourcemap-codec': 1.5.0 - - '@jridgewell/trace-mapping@0.3.9': - dependencies: - '@jridgewell/resolve-uri': 3.1.2 - '@jridgewell/sourcemap-codec': 1.5.0 - - '@js-sdsl/ordered-map@4.4.2': {} - - '@jsdevtools/ono@7.1.3': {} - - '@jsonjoy.com/base64@1.1.2(tslib@2.7.0)': - dependencies: - tslib: 2.7.0 - - '@jsonjoy.com/json-pack@1.1.0(tslib@2.7.0)': - dependencies: - '@jsonjoy.com/base64': 1.1.2(tslib@2.7.0) - '@jsonjoy.com/util': 1.3.0(tslib@2.7.0) - hyperdyperid: 1.2.0 - thingies: 1.21.0(tslib@2.7.0) - tslib: 2.7.0 - - '@jsonjoy.com/util@1.3.0(tslib@2.7.0)': - dependencies: - tslib: 2.7.0 - - '@lukeed/ms@2.0.2': {} - - '@noble/hashes@1.5.0': {} - - '@nodelib/fs.scandir@2.1.5': - dependencies: - '@nodelib/fs.stat': 2.0.5 - run-parallel: 1.2.0 - - '@nodelib/fs.stat@2.0.5': {} - - '@nodelib/fs.walk@1.2.8': - dependencies: - '@nodelib/fs.scandir': 2.1.5 - fastq: 1.17.1 - - '@paralleldrive/cuid2@2.2.2': - dependencies: - '@noble/hashes': 1.5.0 - - '@pkgjs/parseargs@0.11.0': - optional: true - - '@protobufjs/aspromise@1.1.2': {} - - '@protobufjs/base64@1.1.2': {} - - '@protobufjs/codegen@2.0.4': {} - - '@protobufjs/eventemitter@1.1.0': {} - - '@protobufjs/fetch@1.1.0': - dependencies: - '@protobufjs/aspromise': 1.1.2 - '@protobufjs/inquire': 1.1.0 - - '@protobufjs/float@1.0.2': {} - - '@protobufjs/inquire@1.1.0': {} - - '@protobufjs/path@1.1.2': {} - - '@protobufjs/pool@1.1.0': {} - - '@protobufjs/utf8@1.1.0': {} - - '@rollup/rollup-android-arm-eabi@4.21.2': - optional: true - - '@rollup/rollup-android-arm64@4.21.2': - optional: true - - '@rollup/rollup-darwin-arm64@4.21.2': - optional: true - - '@rollup/rollup-darwin-x64@4.21.2': - optional: true - - '@rollup/rollup-linux-arm-gnueabihf@4.21.2': - optional: true - - '@rollup/rollup-linux-arm-musleabihf@4.21.2': - optional: true - - '@rollup/rollup-linux-arm64-gnu@4.21.2': - optional: true - - '@rollup/rollup-linux-arm64-musl@4.21.2': - optional: true - - '@rollup/rollup-linux-powerpc64le-gnu@4.21.2': - optional: true - - '@rollup/rollup-linux-riscv64-gnu@4.21.2': - optional: true - - '@rollup/rollup-linux-s390x-gnu@4.21.2': - optional: true - - '@rollup/rollup-linux-x64-gnu@4.21.2': - optional: true - - '@rollup/rollup-linux-x64-musl@4.21.2': - optional: true - - '@rollup/rollup-win32-arm64-msvc@4.21.2': - optional: true - - '@rollup/rollup-win32-ia32-msvc@4.21.2': - optional: true - - '@rollup/rollup-win32-x64-msvc@4.21.2': - optional: true - - '@selderee/plugin-htmlparser2@0.11.0': - dependencies: - domhandler: 5.0.3 - selderee: 0.11.0 - - '@sinonjs/commons@2.0.0': - dependencies: - type-detect: 4.0.8 - - '@sinonjs/commons@3.0.1': - dependencies: - type-detect: 4.0.8 - - '@sinonjs/fake-timers@11.3.1': - dependencies: - '@sinonjs/commons': 3.0.1 - - '@sinonjs/samsam@8.0.0': - dependencies: - '@sinonjs/commons': 2.0.0 - lodash.get: 4.4.2 - type-detect: 4.1.0 - - '@sinonjs/text-encoding@0.7.3': {} - - '@smithy/abort-controller@3.1.1': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/chunked-blob-reader-native@3.0.0': - dependencies: - '@smithy/util-base64': 3.0.0 - tslib: 2.7.0 - - '@smithy/chunked-blob-reader@3.0.0': - dependencies: - tslib: 2.7.0 - - '@smithy/config-resolver@3.0.5': - dependencies: - '@smithy/node-config-provider': 3.1.4 - '@smithy/types': 3.3.0 - '@smithy/util-config-provider': 3.0.0 - '@smithy/util-middleware': 3.0.3 - tslib: 2.7.0 - - '@smithy/core@2.4.0': - dependencies: - '@smithy/middleware-endpoint': 3.1.0 - '@smithy/middleware-retry': 3.0.15 - '@smithy/middleware-serde': 3.0.3 - '@smithy/protocol-http': 4.1.0 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - '@smithy/util-body-length-browser': 3.0.0 - '@smithy/util-middleware': 3.0.3 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - - '@smithy/credential-provider-imds@3.2.0': - dependencies: - '@smithy/node-config-provider': 3.1.4 - '@smithy/property-provider': 3.1.3 - '@smithy/types': 3.3.0 - '@smithy/url-parser': 3.0.3 - tslib: 2.7.0 - - '@smithy/eventstream-codec@3.1.2': - dependencies: - '@aws-crypto/crc32': 5.2.0 - '@smithy/types': 3.3.0 - '@smithy/util-hex-encoding': 3.0.0 - tslib: 2.7.0 - - '@smithy/eventstream-serde-browser@3.0.6': - dependencies: - '@smithy/eventstream-serde-universal': 3.0.5 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/eventstream-serde-config-resolver@3.0.3': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/eventstream-serde-node@3.0.5': - dependencies: - '@smithy/eventstream-serde-universal': 3.0.5 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/eventstream-serde-universal@3.0.5': - dependencies: - '@smithy/eventstream-codec': 3.1.2 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/fetch-http-handler@3.2.4': - dependencies: - '@smithy/protocol-http': 4.1.0 - '@smithy/querystring-builder': 3.0.3 - '@smithy/types': 3.3.0 - '@smithy/util-base64': 3.0.0 - tslib: 2.7.0 - - '@smithy/hash-blob-browser@3.1.2': - dependencies: - '@smithy/chunked-blob-reader': 3.0.0 - '@smithy/chunked-blob-reader-native': 3.0.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/hash-node@3.0.3': - dependencies: - '@smithy/types': 3.3.0 - '@smithy/util-buffer-from': 3.0.0 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - - '@smithy/hash-stream-node@3.1.2': - dependencies: - '@smithy/types': 3.3.0 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - - '@smithy/invalid-dependency@3.0.3': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/is-array-buffer@2.2.0': - dependencies: - tslib: 2.7.0 - - '@smithy/is-array-buffer@3.0.0': - dependencies: - tslib: 2.7.0 - - '@smithy/md5-js@3.0.3': - dependencies: - '@smithy/types': 3.3.0 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - - '@smithy/middleware-content-length@3.0.5': - dependencies: - '@smithy/protocol-http': 4.1.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/middleware-endpoint@3.1.0': - dependencies: - '@smithy/middleware-serde': 3.0.3 - '@smithy/node-config-provider': 3.1.4 - '@smithy/shared-ini-file-loader': 3.1.4 - '@smithy/types': 3.3.0 - '@smithy/url-parser': 3.0.3 - '@smithy/util-middleware': 3.0.3 - tslib: 2.7.0 - - '@smithy/middleware-retry@3.0.15': - dependencies: - '@smithy/node-config-provider': 3.1.4 - '@smithy/protocol-http': 4.1.0 - '@smithy/service-error-classification': 3.0.3 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - '@smithy/util-middleware': 3.0.3 - '@smithy/util-retry': 3.0.3 - tslib: 2.7.0 - uuid: 9.0.1 - - '@smithy/middleware-serde@3.0.3': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/middleware-stack@3.0.3': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/node-config-provider@3.1.4': - dependencies: - '@smithy/property-provider': 3.1.3 - '@smithy/shared-ini-file-loader': 3.1.4 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/node-http-handler@3.1.4': - dependencies: - '@smithy/abort-controller': 3.1.1 - '@smithy/protocol-http': 4.1.0 - '@smithy/querystring-builder': 3.0.3 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/property-provider@3.1.3': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/protocol-http@4.1.0': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/querystring-builder@3.0.3': - dependencies: - '@smithy/types': 3.3.0 - '@smithy/util-uri-escape': 3.0.0 - tslib: 2.7.0 - - '@smithy/querystring-parser@3.0.3': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/service-error-classification@3.0.3': - dependencies: - '@smithy/types': 3.3.0 - - '@smithy/shared-ini-file-loader@3.1.4': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/signature-v4@4.1.0': - dependencies: - '@smithy/is-array-buffer': 3.0.0 - '@smithy/protocol-http': 4.1.0 - '@smithy/types': 3.3.0 - '@smithy/util-hex-encoding': 3.0.0 - '@smithy/util-middleware': 3.0.3 - '@smithy/util-uri-escape': 3.0.0 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - - '@smithy/smithy-client@3.2.0': - dependencies: - '@smithy/middleware-endpoint': 3.1.0 - '@smithy/middleware-stack': 3.0.3 - '@smithy/protocol-http': 4.1.0 - '@smithy/types': 3.3.0 - '@smithy/util-stream': 3.1.3 - tslib: 2.7.0 - - '@smithy/types@3.3.0': - dependencies: - tslib: 2.7.0 - - '@smithy/url-parser@3.0.3': - dependencies: - '@smithy/querystring-parser': 3.0.3 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/util-base64@3.0.0': - dependencies: - '@smithy/util-buffer-from': 3.0.0 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - - '@smithy/util-body-length-browser@3.0.0': - dependencies: - tslib: 2.7.0 - - '@smithy/util-body-length-node@3.0.0': - dependencies: - tslib: 2.7.0 - - '@smithy/util-buffer-from@2.2.0': - dependencies: - '@smithy/is-array-buffer': 2.2.0 - tslib: 2.7.0 - - '@smithy/util-buffer-from@3.0.0': - dependencies: - '@smithy/is-array-buffer': 3.0.0 - tslib: 2.7.0 - - '@smithy/util-config-provider@3.0.0': - dependencies: - tslib: 2.7.0 - - '@smithy/util-defaults-mode-browser@3.0.15': - dependencies: - '@smithy/property-provider': 3.1.3 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - bowser: 2.11.0 - tslib: 2.7.0 - - '@smithy/util-defaults-mode-node@3.0.15': - dependencies: - '@smithy/config-resolver': 3.0.5 - '@smithy/credential-provider-imds': 3.2.0 - '@smithy/node-config-provider': 3.1.4 - '@smithy/property-provider': 3.1.3 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/util-endpoints@2.0.5': - dependencies: - '@smithy/node-config-provider': 3.1.4 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/util-hex-encoding@3.0.0': - dependencies: - tslib: 2.7.0 - - '@smithy/util-middleware@3.0.3': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/util-retry@3.0.3': - dependencies: - '@smithy/service-error-classification': 3.0.3 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/util-stream@3.1.3': - dependencies: - '@smithy/fetch-http-handler': 3.2.4 - '@smithy/node-http-handler': 3.1.4 - '@smithy/types': 3.3.0 - '@smithy/util-base64': 3.0.0 - '@smithy/util-buffer-from': 3.0.0 - '@smithy/util-hex-encoding': 3.0.0 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - - '@smithy/util-uri-escape@3.0.0': - dependencies: - tslib: 2.7.0 - - '@smithy/util-utf8@2.3.0': - dependencies: - '@smithy/util-buffer-from': 2.2.0 - tslib: 2.7.0 - - '@smithy/util-utf8@3.0.0': - dependencies: - '@smithy/util-buffer-from': 3.0.0 - tslib: 2.7.0 - - '@smithy/util-waiter@3.1.2': - dependencies: - '@smithy/abort-controller': 3.1.1 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@swc/core-darwin-arm64@1.7.23': - optional: true - - '@swc/core-darwin-x64@1.7.23': - optional: true - - '@swc/core-linux-arm-gnueabihf@1.7.23': - optional: true - - '@swc/core-linux-arm64-gnu@1.7.23': - optional: true - - '@swc/core-linux-arm64-musl@1.7.23': - optional: true - - '@swc/core-linux-x64-gnu@1.7.23': - optional: true - - '@swc/core-linux-x64-musl@1.7.23': - optional: true - - '@swc/core-win32-arm64-msvc@1.7.23': - optional: true - - '@swc/core-win32-ia32-msvc@1.7.23': - optional: true - - '@swc/core-win32-x64-msvc@1.7.23': - optional: true - - '@swc/core@1.7.23': - dependencies: - '@swc/counter': 0.1.3 - '@swc/types': 0.1.12 - optionalDependencies: - '@swc/core-darwin-arm64': 1.7.23 - '@swc/core-darwin-x64': 1.7.23 - '@swc/core-linux-arm-gnueabihf': 1.7.23 - '@swc/core-linux-arm64-gnu': 1.7.23 - '@swc/core-linux-arm64-musl': 1.7.23 - '@swc/core-linux-x64-gnu': 1.7.23 - '@swc/core-linux-x64-musl': 1.7.23 - '@swc/core-win32-arm64-msvc': 1.7.23 - '@swc/core-win32-ia32-msvc': 1.7.23 - '@swc/core-win32-x64-msvc': 1.7.23 - - '@swc/counter@0.1.3': {} - - '@swc/types@0.1.12': - dependencies: - '@swc/counter': 0.1.3 - - '@temporalio/activity@1.11.1': - dependencies: - '@temporalio/common': 1.11.1 - abort-controller: 3.0.0 - - '@temporalio/client@1.11.1': - dependencies: - '@grpc/grpc-js': 1.11.1 - '@temporalio/common': 1.11.1 - '@temporalio/proto': 1.11.1 - abort-controller: 3.0.0 - long: 5.2.3 - uuid: 9.0.1 - - '@temporalio/common@1.11.1': - dependencies: - '@temporalio/proto': 1.11.1 - long: 5.2.3 - ms: 3.0.0-canary.1 - proto3-json-serializer: 2.0.2 - - '@temporalio/core-bridge@1.11.1': - dependencies: - '@temporalio/common': 1.11.1 - arg: 5.0.2 - cargo-cp-artifact: 0.1.9 - which: 4.0.0 - - '@temporalio/proto@1.11.1': - dependencies: - long: 5.2.3 - protobufjs: 7.4.0 - - '@temporalio/worker@1.11.1(esbuild@0.23.1)': - dependencies: - '@swc/core': 1.7.23 - '@temporalio/activity': 1.11.1 - '@temporalio/client': 1.11.1 - '@temporalio/common': 1.11.1 - '@temporalio/core-bridge': 1.11.1 - '@temporalio/proto': 1.11.1 - '@temporalio/workflow': 1.11.1 - abort-controller: 3.0.0 - heap-js: 2.5.0 - memfs: 4.11.1 - rxjs: 7.8.1 - source-map: 0.7.4 - source-map-loader: 4.0.2(webpack@5.94.0(@swc/core@1.7.23)(esbuild@0.23.1)) - supports-color: 8.1.1 - swc-loader: 0.2.6(@swc/core@1.7.23)(webpack@5.94.0(@swc/core@1.7.23)(esbuild@0.23.1)) - unionfs: 4.5.4 - webpack: 5.94.0(@swc/core@1.7.23)(esbuild@0.23.1) - transitivePeerDependencies: - - '@swc/helpers' - - esbuild - - uglify-js - - webpack-cli - - '@temporalio/workflow@1.11.1': - dependencies: - '@temporalio/common': 1.11.1 - '@temporalio/proto': 1.11.1 - - '@tsconfig/node10@1.0.11': {} - - '@tsconfig/node12@1.0.11': {} - - '@tsconfig/node14@1.0.3': {} - - '@tsconfig/node16@1.0.4': {} - - '@tsconfig/node20@20.1.4': {} - - '@types/chai@4.3.19': {} - - '@types/cheerio@0.22.35': - dependencies: - '@types/node': 22.5.2 - - '@types/debug@4.1.12': - dependencies: - '@types/ms': 0.7.34 - - '@types/estree@1.0.5': {} - - '@types/fluent-ffmpeg@2.1.26': - dependencies: - '@types/node': 22.5.2 - - '@types/imapflow@1.0.19': - dependencies: - '@types/node': 22.5.2 - - '@types/json-schema@7.0.15': {} - - '@types/luxon@3.4.2': {} - - '@types/mailparser@3.4.4': - dependencies: - '@types/node': 22.5.2 - iconv-lite: 0.6.3 - - '@types/mocha@10.0.7': {} - - '@types/ms@0.7.34': {} - - '@types/node@18.19.48': - dependencies: - undici-types: 5.26.5 - - '@types/node@20.16.3': - dependencies: - undici-types: 6.19.8 - - '@types/node@22.5.2': - dependencies: - undici-types: 6.19.8 - - '@types/pg@8.11.8': - dependencies: - '@types/node': 22.5.2 - pg-protocol: 1.6.1 - pg-types: 4.0.2 - - '@types/retry@0.12.2': {} - - '@types/sinon@17.0.3': - dependencies: - '@types/sinonjs__fake-timers': 8.1.5 - - '@types/sinonjs__fake-timers@8.1.5': {} - - '@webassemblyjs/ast@1.12.1': - dependencies: - '@webassemblyjs/helper-numbers': 1.11.6 - '@webassemblyjs/helper-wasm-bytecode': 1.11.6 - - '@webassemblyjs/floating-point-hex-parser@1.11.6': {} - - '@webassemblyjs/helper-api-error@1.11.6': {} - - '@webassemblyjs/helper-buffer@1.12.1': {} - - '@webassemblyjs/helper-numbers@1.11.6': - dependencies: - '@webassemblyjs/floating-point-hex-parser': 1.11.6 - '@webassemblyjs/helper-api-error': 1.11.6 - '@xtuc/long': 4.2.2 - - '@webassemblyjs/helper-wasm-bytecode@1.11.6': {} - - '@webassemblyjs/helper-wasm-section@1.12.1': - dependencies: - '@webassemblyjs/ast': 1.12.1 - '@webassemblyjs/helper-buffer': 1.12.1 - '@webassemblyjs/helper-wasm-bytecode': 1.11.6 - '@webassemblyjs/wasm-gen': 1.12.1 - - '@webassemblyjs/ieee754@1.11.6': - dependencies: - '@xtuc/ieee754': 1.2.0 - - '@webassemblyjs/leb128@1.11.6': - dependencies: - '@xtuc/long': 4.2.2 - - '@webassemblyjs/utf8@1.11.6': {} - - '@webassemblyjs/wasm-edit@1.12.1': - dependencies: - '@webassemblyjs/ast': 1.12.1 - '@webassemblyjs/helper-buffer': 1.12.1 - '@webassemblyjs/helper-wasm-bytecode': 1.11.6 - '@webassemblyjs/helper-wasm-section': 1.12.1 - '@webassemblyjs/wasm-gen': 1.12.1 - '@webassemblyjs/wasm-opt': 1.12.1 - '@webassemblyjs/wasm-parser': 1.12.1 - '@webassemblyjs/wast-printer': 1.12.1 - - '@webassemblyjs/wasm-gen@1.12.1': - dependencies: - '@webassemblyjs/ast': 1.12.1 - '@webassemblyjs/helper-wasm-bytecode': 1.11.6 - '@webassemblyjs/ieee754': 1.11.6 - '@webassemblyjs/leb128': 1.11.6 - '@webassemblyjs/utf8': 1.11.6 - - '@webassemblyjs/wasm-opt@1.12.1': - dependencies: - '@webassemblyjs/ast': 1.12.1 - '@webassemblyjs/helper-buffer': 1.12.1 - '@webassemblyjs/wasm-gen': 1.12.1 - '@webassemblyjs/wasm-parser': 1.12.1 - - '@webassemblyjs/wasm-parser@1.12.1': - dependencies: - '@webassemblyjs/ast': 1.12.1 - '@webassemblyjs/helper-api-error': 1.11.6 - '@webassemblyjs/helper-wasm-bytecode': 1.11.6 - '@webassemblyjs/ieee754': 1.11.6 - '@webassemblyjs/leb128': 1.11.6 - '@webassemblyjs/utf8': 1.11.6 - - '@webassemblyjs/wast-printer@1.12.1': - dependencies: - '@webassemblyjs/ast': 1.12.1 - '@xtuc/long': 4.2.2 - - '@xtuc/ieee754@1.2.0': {} - - '@xtuc/long@4.2.2': {} - - abort-controller@3.0.0: - dependencies: - event-target-shim: 5.0.1 - - abstract-logging@2.0.1: {} - - acorn-import-attributes@1.9.5(acorn@8.12.1): - dependencies: - acorn: 8.12.1 - - acorn-walk@8.3.3: - dependencies: - acorn: 8.12.1 - - acorn@8.12.1: {} - - ajv-formats@2.1.1(ajv@8.17.1): - optionalDependencies: - ajv: 8.17.1 - - ajv-formats@3.0.1(ajv@8.17.1): - optionalDependencies: - ajv: 8.17.1 - - ajv-keywords@3.5.2(ajv@6.12.6): - dependencies: - ajv: 6.12.6 - - ajv@6.12.6: - dependencies: - fast-deep-equal: 3.1.3 - fast-json-stable-stringify: 2.1.0 - json-schema-traverse: 0.4.1 - uri-js: 4.4.1 - - ajv@8.17.1: - dependencies: - fast-deep-equal: 3.1.3 - fast-uri: 3.0.1 - json-schema-traverse: 1.0.0 - require-from-string: 2.0.2 - - ansi-colors@4.1.3: {} - - ansi-regex@5.0.1: {} - - ansi-regex@6.0.1: {} - - ansi-styles@3.2.1: - dependencies: - color-convert: 1.9.3 - - ansi-styles@4.3.0: - dependencies: - color-convert: 2.0.1 - - ansi-styles@6.2.1: {} - - any-promise@1.3.0: {} - - anymatch@3.1.3: - dependencies: - normalize-path: 3.0.0 - picomatch: 2.3.1 - - arg@4.1.3: {} - - arg@5.0.2: {} - - argparse@2.0.1: {} - - array-union@2.1.0: {} - - asap@2.0.6: {} - - assertion-error@2.0.1: {} - - async@0.2.10: {} - - atomic-sleep@1.0.0: {} - - avvio@8.4.0: - dependencies: - '@fastify/error': 3.4.1 - fastq: 1.17.1 - - babel-plugin-polyfill-corejs2@0.4.11(@babel/core@7.25.2): - dependencies: - '@babel/compat-data': 7.25.4 - '@babel/core': 7.25.2 - '@babel/helper-define-polyfill-provider': 0.6.2(@babel/core@7.25.2) - semver: 6.3.1 - transitivePeerDependencies: - - supports-color - - babel-plugin-polyfill-corejs3@0.10.6(@babel/core@7.25.2): - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-define-polyfill-provider': 0.6.2(@babel/core@7.25.2) - core-js-compat: 3.38.1 - transitivePeerDependencies: - - supports-color - - babel-plugin-polyfill-regenerator@0.6.2(@babel/core@7.25.2): - dependencies: - '@babel/core': 7.25.2 - '@babel/helper-define-polyfill-provider': 0.6.2(@babel/core@7.25.2) - transitivePeerDependencies: - - supports-color - - balanced-match@1.0.2: {} - - base64-js@1.5.1: {} - - bath-es5@3.0.3: {} - - binary-extensions@2.3.0: {} - - boolbase@1.0.0: {} - - bowser@2.11.0: {} - - brace-expansion@1.1.11: - dependencies: - balanced-match: 1.0.2 - concat-map: 0.0.1 - - brace-expansion@2.0.1: - dependencies: - balanced-match: 1.0.2 - - braces@3.0.3: - dependencies: - fill-range: 7.1.1 - - browser-stdout@1.3.1: {} - - browserslist@4.23.3: - dependencies: - caniuse-lite: 1.0.30001655 - electron-to-chromium: 1.5.13 - node-releases: 2.0.18 - update-browserslist-db: 1.1.0(browserslist@4.23.3) - - buffer-from@1.1.2: {} - - buffer@5.6.0: - dependencies: - base64-js: 1.5.1 - ieee754: 1.2.1 - - buffer@6.0.3: - dependencies: - base64-js: 1.5.1 - ieee754: 1.2.1 - - bundle-require@5.0.0(esbuild@0.23.1): - dependencies: - esbuild: 0.23.1 - load-tsconfig: 0.2.5 - - cac@6.7.14: {} - - call-bind@1.0.7: - dependencies: - es-define-property: 1.0.0 - es-errors: 1.3.0 - function-bind: 1.1.2 - get-intrinsic: 1.2.4 - set-function-length: 1.2.2 - - camelcase@6.3.0: {} - - caniuse-lite@1.0.30001655: {} - - cargo-cp-artifact@0.1.9: {} - - chai@5.1.1: - dependencies: - assertion-error: 2.0.1 - check-error: 2.1.1 - deep-eql: 5.0.2 - loupe: 3.1.1 - pathval: 2.0.0 - - chalk@2.4.2: - dependencies: - ansi-styles: 3.2.1 - escape-string-regexp: 1.0.5 - supports-color: 5.5.0 - - chalk@4.1.2: - dependencies: - ansi-styles: 4.3.0 - supports-color: 7.2.0 - - check-error@2.1.1: {} - - cheerio-select@2.1.0: - dependencies: - boolbase: 1.0.0 - css-select: 5.1.0 - css-what: 6.1.0 - domelementtype: 2.3.0 - domhandler: 5.0.3 - domutils: 3.1.0 - - cheerio@1.0.0: - dependencies: - cheerio-select: 2.1.0 - dom-serializer: 2.0.0 - domhandler: 5.0.3 - domutils: 3.1.0 - encoding-sniffer: 0.2.0 - htmlparser2: 9.1.0 - parse5: 7.1.2 - parse5-htmlparser2-tree-adapter: 7.0.0 - parse5-parser-stream: 7.1.2 - undici: 6.19.8 - whatwg-mimetype: 4.0.0 - - chokidar@3.6.0: - dependencies: - anymatch: 3.1.3 - braces: 3.0.3 - glob-parent: 5.1.2 - is-binary-path: 2.1.0 - is-glob: 4.0.3 - normalize-path: 3.0.0 - readdirp: 3.6.0 - optionalDependencies: - fsevents: 2.3.3 - - chrome-trace-event@1.0.4: {} - - cliui@7.0.4: - dependencies: - string-width: 4.2.3 - strip-ansi: 6.0.1 - wrap-ansi: 7.0.0 - - cliui@8.0.1: - dependencies: - string-width: 4.2.3 - strip-ansi: 6.0.1 - wrap-ansi: 7.0.0 - - color-convert@1.9.3: - dependencies: - color-name: 1.1.3 - - color-convert@2.0.1: - dependencies: - color-name: 1.1.4 - - color-name@1.1.3: {} - - color-name@1.1.4: {} - - color-string@1.9.1: - dependencies: - color-name: 1.1.4 - simple-swizzle: 0.2.2 - - color@4.2.3: - dependencies: - color-convert: 2.0.1 - color-string: 1.9.1 - - commander@12.1.0: {} - - commander@2.20.3: {} - - commander@4.1.1: {} - - concat-map@0.0.1: {} - - concurrently@8.2.2: - dependencies: - chalk: 4.1.2 - date-fns: 2.30.0 - lodash: 4.17.21 - rxjs: 7.8.1 - shell-quote: 1.8.1 - spawn-command: 0.0.2 - supports-color: 8.1.1 - tree-kill: 1.2.2 - yargs: 17.7.2 - - consola@3.2.3: {} - - content-disposition@0.5.4: - dependencies: - safe-buffer: 5.2.1 - - convert-source-map@2.0.0: {} - - cookie@0.5.0: {} - - cookie@0.6.0: {} - - core-js-compat@3.38.1: - dependencies: - browserslist: 4.23.3 - - create-require@1.1.1: {} - - cross-spawn@7.0.3: - dependencies: - path-key: 3.1.1 - shebang-command: 2.0.0 - which: 2.0.2 - - csprng@0.1.2: - dependencies: - sequin: 0.1.1 - - css-select@5.1.0: - dependencies: - boolbase: 1.0.0 - css-what: 6.1.0 - domhandler: 5.0.3 - domutils: 3.1.0 - nth-check: 2.1.1 - - css-what@6.1.0: {} - - data-uri-to-buffer@4.0.1: {} - - date-fns@2.30.0: - dependencies: - '@babel/runtime': 7.25.6 - - date-fns@3.6.0: {} - - debug@4.3.6: - dependencies: - ms: 2.1.2 - - debug@4.3.6(supports-color@5.5.0): - dependencies: - ms: 2.1.2 - optionalDependencies: - supports-color: 5.5.0 - - debug@4.3.6(supports-color@8.1.1): - dependencies: - ms: 2.1.2 - optionalDependencies: - supports-color: 8.1.1 - - decamelize@4.0.0: {} - - deep-eql@5.0.2: {} - - deepmerge@4.3.1: {} - - define-data-property@1.1.4: - dependencies: - es-define-property: 1.0.0 - es-errors: 1.3.0 - gopd: 1.0.1 - - depd@2.0.0: {} - - dereference-json-schema@0.2.1: {} - - detect-libc@2.0.3: {} - - diff@4.0.2: {} - - diff@5.2.0: {} - - dir-glob@3.0.1: - dependencies: - path-type: 4.0.0 - - dom-serializer@2.0.0: - dependencies: - domelementtype: 2.3.0 - domhandler: 5.0.3 - entities: 4.5.0 - - domelementtype@2.3.0: {} - - domhandler@5.0.3: - dependencies: - domelementtype: 2.3.0 - - domutils@3.1.0: - dependencies: - dom-serializer: 2.0.0 - domelementtype: 2.3.0 - domhandler: 5.0.3 - - dotenv@16.4.5: {} - - eastasianwidth@0.2.0: {} - - electron-to-chromium@1.5.13: {} - - emoji-regex@8.0.0: {} - - emoji-regex@9.2.2: {} - - encoding-japanese@2.0.0: {} - - encoding-japanese@2.1.0: {} - - encoding-japanese@2.2.0: {} - - encoding-sniffer@0.2.0: - dependencies: - iconv-lite: 0.6.3 - whatwg-encoding: 3.1.1 - - enhanced-resolve@5.17.1: - dependencies: - graceful-fs: 4.2.11 - tapable: 2.2.1 - - entities@4.5.0: {} - - es-define-property@1.0.0: - dependencies: - get-intrinsic: 1.2.4 - - es-errors@1.3.0: {} - - es-module-lexer@1.5.4: {} - - esbuild@0.23.1: - optionalDependencies: - '@esbuild/aix-ppc64': 0.23.1 - '@esbuild/android-arm': 0.23.1 - '@esbuild/android-arm64': 0.23.1 - '@esbuild/android-x64': 0.23.1 - '@esbuild/darwin-arm64': 0.23.1 - '@esbuild/darwin-x64': 0.23.1 - '@esbuild/freebsd-arm64': 0.23.1 - '@esbuild/freebsd-x64': 0.23.1 - '@esbuild/linux-arm': 0.23.1 - '@esbuild/linux-arm64': 0.23.1 - '@esbuild/linux-ia32': 0.23.1 - '@esbuild/linux-loong64': 0.23.1 - '@esbuild/linux-mips64el': 0.23.1 - '@esbuild/linux-ppc64': 0.23.1 - '@esbuild/linux-riscv64': 0.23.1 - '@esbuild/linux-s390x': 0.23.1 - '@esbuild/linux-x64': 0.23.1 - '@esbuild/netbsd-x64': 0.23.1 - '@esbuild/openbsd-arm64': 0.23.1 - '@esbuild/openbsd-x64': 0.23.1 - '@esbuild/sunos-x64': 0.23.1 - '@esbuild/win32-arm64': 0.23.1 - '@esbuild/win32-ia32': 0.23.1 - '@esbuild/win32-x64': 0.23.1 - - escalade@3.2.0: {} - - escape-html@1.0.3: {} - - escape-string-regexp@1.0.5: {} - - escape-string-regexp@4.0.0: {} - - eslint-scope@5.1.1: - dependencies: - esrecurse: 4.3.0 - estraverse: 4.3.0 - - esmock@2.6.7: {} - - esrecurse@4.3.0: - dependencies: - estraverse: 5.3.0 - - estraverse@4.3.0: {} - - estraverse@5.3.0: {} - - esutils@2.0.3: {} - - event-target-shim@5.0.1: {} - - events@3.3.0: {} - - execa@5.1.1: - dependencies: - cross-spawn: 7.0.3 - get-stream: 6.0.1 - human-signals: 2.1.0 - is-stream: 2.0.1 - merge-stream: 2.0.0 - npm-run-path: 4.0.1 - onetime: 5.1.2 - signal-exit: 3.0.7 - strip-final-newline: 2.0.0 - - execa@8.0.1: - dependencies: - cross-spawn: 7.0.3 - get-stream: 8.0.1 - human-signals: 5.0.0 - is-stream: 3.0.0 - merge-stream: 2.0.0 - npm-run-path: 5.3.0 - onetime: 6.0.0 - signal-exit: 4.1.0 - strip-final-newline: 3.0.0 - - fast-content-type-parse@1.1.0: {} - - fast-decode-uri-component@1.0.1: {} - - fast-deep-equal@3.1.3: {} - - fast-glob@3.3.2: - dependencies: - '@nodelib/fs.stat': 2.0.5 - '@nodelib/fs.walk': 1.2.8 - glob-parent: 5.1.2 - merge2: 1.4.1 - micromatch: 4.0.8 - - fast-json-stable-stringify@2.1.0: {} - - fast-json-stringify@5.16.1: - dependencies: - '@fastify/merge-json-schemas': 0.1.1 - ajv: 8.17.1 - ajv-formats: 3.0.1(ajv@8.17.1) - fast-deep-equal: 3.1.3 - fast-uri: 2.4.0 - json-schema-ref-resolver: 1.0.1 - rfdc: 1.4.1 - - fast-querystring@1.1.2: - dependencies: - fast-decode-uri-component: 1.0.1 - - fast-redact@3.5.0: {} - - fast-uri@2.4.0: {} - - fast-uri@3.0.1: {} - - fast-xml-parser@4.4.1: - dependencies: - strnum: 1.0.5 - - fastify-plugin@4.5.1: {} - - fastify@4.28.1: - dependencies: - '@fastify/ajv-compiler': 3.6.0 - '@fastify/error': 3.4.1 - '@fastify/fast-json-stringify-compiler': 4.3.0 - abstract-logging: 2.0.1 - avvio: 8.4.0 - fast-content-type-parse: 1.1.0 - fast-json-stringify: 5.16.1 - find-my-way: 8.2.0 - light-my-request: 5.13.0 - pino: 9.4.0 - process-warning: 3.0.0 - proxy-addr: 2.0.7 - rfdc: 1.4.1 - secure-json-parse: 2.7.0 - semver: 7.6.3 - toad-cache: 3.7.0 - - fastq@1.17.1: - dependencies: - reusify: 1.0.4 - - faye-websocket@0.11.4: - dependencies: - websocket-driver: 0.7.4 - - faye@1.4.0: - dependencies: - asap: 2.0.6 - csprng: 0.1.2 - faye-websocket: 0.11.4 - safe-buffer: 5.2.1 - tough-cookie: 4.1.4 - tunnel-agent: 0.6.0 - - fetch-blob@3.2.0: - dependencies: - node-domexception: 1.0.0 - web-streams-polyfill: 3.3.3 - - fill-range@7.1.1: - dependencies: - to-regex-range: 5.0.1 - - find-my-way@8.2.0: - dependencies: - fast-deep-equal: 3.1.3 - fast-querystring: 1.1.2 - safe-regex2: 3.1.0 - - find-up@5.0.0: - dependencies: - locate-path: 6.0.0 - path-exists: 4.0.0 - - flat@5.0.2: {} - - fluent-ffmpeg@2.1.3: - dependencies: - async: 0.2.10 - which: 1.3.1 - - foreground-child@3.3.0: - dependencies: - cross-spawn: 7.0.3 - signal-exit: 4.1.0 - - formdata-polyfill@4.0.10: - dependencies: - fetch-blob: 3.2.0 - - forwarded@0.2.0: {} - - fs-monkey@1.0.6: {} - - fs.realpath@1.0.0: {} - - fsevents@2.3.3: - optional: true - - function-bind@1.1.2: {} - - gensync@1.0.0-beta.2: {} - - get-caller-file@2.0.5: {} - - get-func-name@2.0.2: {} - - get-intrinsic@1.2.4: - dependencies: - es-errors: 1.3.0 - function-bind: 1.1.2 - has-proto: 1.0.3 - has-symbols: 1.0.3 - hasown: 2.0.2 - - get-stream@6.0.1: {} - - get-stream@8.0.1: {} - - get-tsconfig@4.8.0: - dependencies: - resolve-pkg-maps: 1.0.0 - - glob-parent@5.1.2: - dependencies: - is-glob: 4.0.3 - - glob-to-regexp@0.4.1: {} - - glob@10.4.5: - dependencies: - foreground-child: 3.3.0 - jackspeak: 3.4.3 - minimatch: 9.0.5 - minipass: 7.1.2 - package-json-from-dist: 1.0.0 - path-scurry: 1.11.1 - - glob@7.2.3: - dependencies: - fs.realpath: 1.0.0 - inflight: 1.0.6 - inherits: 2.0.4 - minimatch: 3.1.2 - once: 1.4.0 - path-is-absolute: 1.0.1 - - glob@8.1.0: - dependencies: - fs.realpath: 1.0.0 - inflight: 1.0.6 - inherits: 2.0.4 - minimatch: 5.1.6 - once: 1.4.0 - - globals@11.12.0: {} - - globby@11.1.0: - dependencies: - array-union: 2.1.0 - dir-glob: 3.0.1 - fast-glob: 3.3.2 - ignore: 5.3.2 - merge2: 1.4.1 - slash: 3.0.0 - - gopd@1.0.1: - dependencies: - get-intrinsic: 1.2.4 - - graceful-fs@4.2.11: {} - - has-flag@3.0.0: {} - - has-flag@4.0.0: {} - - has-property-descriptors@1.0.2: - dependencies: - es-define-property: 1.0.0 - - has-proto@1.0.3: {} - - has-symbols@1.0.3: {} - - hasown@2.0.2: - dependencies: - function-bind: 1.1.2 - - he@1.2.0: {} - - heap-js@2.5.0: {} - - html-to-text@9.0.5: - dependencies: - '@selderee/plugin-htmlparser2': 0.11.0 - deepmerge: 4.3.1 - dom-serializer: 2.0.0 - htmlparser2: 8.0.2 - selderee: 0.11.0 - - htmlparser2@8.0.2: - dependencies: - domelementtype: 2.3.0 - domhandler: 5.0.3 - domutils: 3.1.0 - entities: 4.5.0 - - htmlparser2@9.1.0: - dependencies: - domelementtype: 2.3.0 - domhandler: 5.0.3 - domutils: 3.1.0 - entities: 4.5.0 - - http-errors@2.0.0: - dependencies: - depd: 2.0.0 - inherits: 2.0.4 - setprototypeof: 1.2.0 - statuses: 2.0.1 - toidentifier: 1.0.1 - - http-parser-js@0.5.8: {} - - human-signals@2.1.0: {} - - human-signals@5.0.0: {} - - hyperdyperid@1.2.0: {} - - iconv-lite@0.6.3: - dependencies: - safer-buffer: 2.1.2 - - ieee754@1.2.1: {} - - ignore-by-default@1.0.1: {} - - ignore@5.3.2: {} - - imapflow@1.0.164: - dependencies: - encoding-japanese: 2.2.0 - iconv-lite: 0.6.3 - libbase64: 1.3.0 - libmime: 5.3.5 - libqp: 2.1.0 - mailsplit: 5.4.0 - nodemailer: 6.9.14 - pino: 9.2.0 - socks: 2.8.3 - - inflight@1.0.6: - dependencies: - once: 1.4.0 - wrappy: 1.0.2 - - inherits@2.0.4: {} - - ip-address@9.0.5: - dependencies: - jsbn: 1.1.0 - sprintf-js: 1.1.3 - - ipaddr.js@1.9.1: {} - - is-arrayish@0.3.2: {} - - is-binary-path@2.1.0: - dependencies: - binary-extensions: 2.3.0 - - is-core-module@2.15.1: - dependencies: - hasown: 2.0.2 - - is-extglob@2.1.1: {} - - is-fullwidth-code-point@3.0.0: {} - - is-glob@4.0.3: - dependencies: - is-extglob: 2.1.1 - - is-network-error@1.1.0: {} - - is-number@7.0.0: {} - - is-plain-obj@2.1.0: {} - - is-stream@2.0.1: {} - - is-stream@3.0.0: {} - - is-unicode-supported@0.1.0: {} - - isexe@2.0.0: {} - - isexe@3.1.1: {} - - jackspeak@3.4.3: - dependencies: - '@isaacs/cliui': 8.0.2 - optionalDependencies: - '@pkgjs/parseargs': 0.11.0 - - jest-worker@27.5.1: - dependencies: - '@types/node': 22.5.2 - merge-stream: 2.0.0 - supports-color: 8.1.1 - - joycon@3.1.1: {} - - js-tokens@4.0.0: {} - - js-yaml@4.1.0: - dependencies: - argparse: 2.0.1 - - jsbn@1.1.0: {} - - jsesc@0.5.0: {} - - jsesc@2.5.2: {} - - json-parse-even-better-errors@2.3.1: {} - - json-schema-ref-resolver@1.0.1: - dependencies: - fast-deep-equal: 3.1.3 - - json-schema-resolver@2.0.0: - dependencies: - debug: 4.3.6 - rfdc: 1.4.1 - uri-js: 4.4.1 - transitivePeerDependencies: - - supports-color - - json-schema-traverse@0.4.1: {} - - json-schema-traverse@1.0.0: {} - - json5@2.2.3: {} - - just-extend@6.2.0: {} - - just-performance@4.3.0: {} - - leac@0.6.0: {} - - libbase64@1.2.1: {} - - libbase64@1.3.0: {} - - libmime@5.2.0: - dependencies: - encoding-japanese: 2.0.0 - iconv-lite: 0.6.3 - libbase64: 1.2.1 - libqp: 2.0.1 - - libmime@5.3.5: - dependencies: - encoding-japanese: 2.1.0 - iconv-lite: 0.6.3 - libbase64: 1.3.0 - libqp: 2.1.0 - - libqp@2.0.1: {} - - libqp@2.1.0: {} - - light-my-request@5.13.0: - dependencies: - cookie: 0.6.0 - process-warning: 3.0.0 - set-cookie-parser: 2.7.0 - - lilconfig@3.1.2: {} - - limiter@2.1.0: - dependencies: - just-performance: 4.3.0 - - lines-and-columns@1.2.4: {} - - linkify-it@5.0.0: - dependencies: - uc.micro: 2.1.0 - - load-tsconfig@0.2.5: {} - - loader-runner@4.3.0: {} - - locate-path@6.0.0: - dependencies: - p-locate: 5.0.0 - - lodash.camelcase@4.3.0: {} - - lodash.debounce@4.0.8: {} - - lodash.get@4.4.2: {} - - lodash.merge@4.6.2: {} - - lodash.sortby@4.7.0: {} - - lodash@4.17.21: {} - - log-symbols@4.1.0: - dependencies: - chalk: 4.1.2 - is-unicode-supported: 0.1.0 - - long@5.2.3: {} - - loupe@3.1.1: - dependencies: - get-func-name: 2.0.2 - - lru-cache@10.4.3: {} - - lru-cache@5.1.1: - dependencies: - yallist: 3.1.1 - - luxon@1.28.1: {} - - mailparser@3.7.1: - dependencies: - encoding-japanese: 2.1.0 - he: 1.2.0 - html-to-text: 9.0.5 - iconv-lite: 0.6.3 - libmime: 5.3.5 - linkify-it: 5.0.0 - mailsplit: 5.4.0 - nodemailer: 6.9.13 - punycode.js: 2.3.1 - tlds: 1.252.0 - - mailsplit@5.4.0: - dependencies: - libbase64: 1.2.1 - libmime: 5.2.0 - libqp: 2.0.1 - - make-error@1.3.6: {} - - memfs@4.11.1: - dependencies: - '@jsonjoy.com/json-pack': 1.1.0(tslib@2.7.0) - '@jsonjoy.com/util': 1.3.0(tslib@2.7.0) - tree-dump: 1.0.2(tslib@2.7.0) - tslib: 2.7.0 - - merge-stream@2.0.0: {} - - merge2@1.4.1: {} - - micromatch@4.0.8: - dependencies: - braces: 3.0.3 - picomatch: 2.3.1 - - mime-db@1.52.0: {} - - mime-types@2.1.35: - dependencies: - mime-db: 1.52.0 - - mime@3.0.0: {} - - mimic-fn@2.1.0: {} - - mimic-fn@4.0.0: {} - - minimatch@3.1.2: - dependencies: - brace-expansion: 1.1.11 - - minimatch@5.1.6: - dependencies: - brace-expansion: 2.0.1 - - minimatch@9.0.5: - dependencies: - brace-expansion: 2.0.1 - - minipass@7.1.2: {} - - mocha@10.7.3: - dependencies: - ansi-colors: 4.1.3 - browser-stdout: 1.3.1 - chokidar: 3.6.0 - debug: 4.3.6(supports-color@8.1.1) - diff: 5.2.0 - escape-string-regexp: 4.0.0 - find-up: 5.0.0 - glob: 8.1.0 - he: 1.2.0 - js-yaml: 4.1.0 - log-symbols: 4.1.0 - minimatch: 5.1.6 - ms: 2.1.3 - serialize-javascript: 6.0.2 - strip-json-comments: 3.1.1 - supports-color: 8.1.1 - workerpool: 6.5.1 - yargs: 16.2.0 - yargs-parser: 20.2.9 - yargs-unparser: 2.0.0 - - mock-json-schema@1.1.1: - dependencies: - lodash: 4.17.21 - - ms@2.1.2: {} - - ms@2.1.3: {} - - ms@3.0.0-canary.1: {} - - mz@2.7.0: - dependencies: - any-promise: 1.3.0 - object-assign: 4.1.1 - thenify-all: 1.6.0 - - neo-async@2.6.2: {} - - nise@6.0.0: - dependencies: - '@sinonjs/commons': 3.0.1 - '@sinonjs/fake-timers': 11.3.1 - '@sinonjs/text-encoding': 0.7.3 - just-extend: 6.2.0 - path-to-regexp: 6.2.2 - - node-domexception@1.0.0: {} - - node-fetch@3.3.2: - dependencies: - data-uri-to-buffer: 4.0.1 - fetch-blob: 3.2.0 - formdata-polyfill: 4.0.10 - - node-releases@2.0.18: {} - - nodemailer@6.9.13: {} - - nodemailer@6.9.14: {} - - nodemon@3.1.4: - dependencies: - chokidar: 3.6.0 - debug: 4.3.6(supports-color@5.5.0) - ignore-by-default: 1.0.1 - minimatch: 3.1.2 - pstree.remy: 1.1.8 - semver: 7.6.3 - simple-update-notifier: 2.0.0 - supports-color: 5.5.0 - touch: 3.1.1 - undefsafe: 2.0.5 - - normalize-path@3.0.0: {} - - npm-run-path@4.0.1: - dependencies: - path-key: 3.1.1 - - npm-run-path@5.3.0: - dependencies: - path-key: 4.0.0 - - nth-check@2.1.1: - dependencies: - boolbase: 1.0.0 - - object-assign@4.1.1: {} - - object-inspect@1.13.2: {} - - obuf@1.1.2: {} - - on-exit-leak-free@2.1.2: {} - - once@1.4.0: - dependencies: - wrappy: 1.0.2 - - onetime@5.1.2: - dependencies: - mimic-fn: 2.1.0 - - onetime@6.0.0: - dependencies: - mimic-fn: 4.0.0 - - openapi-backend@5.10.6: - dependencies: - '@apidevtools/json-schema-ref-parser': 11.7.0 - ajv: 8.17.1 - bath-es5: 3.0.3 - cookie: 0.5.0 - dereference-json-schema: 0.2.1 - lodash: 4.17.21 - mock-json-schema: 1.1.1 - openapi-schema-validator: 12.1.3 - openapi-types: 12.1.3 - qs: 6.13.0 - - openapi-schema-validator@12.1.3: - dependencies: - ajv: 8.17.1 - ajv-formats: 2.1.1(ajv@8.17.1) - lodash.merge: 4.6.2 - openapi-types: 12.1.3 - - openapi-types@12.1.3: {} - - p-limit@3.1.0: - dependencies: - yocto-queue: 0.1.0 - - p-locate@5.0.0: - dependencies: - p-limit: 3.1.0 - - p-retry@6.2.0: - dependencies: - '@types/retry': 0.12.2 - is-network-error: 1.1.0 - retry: 0.13.1 - - package-json-from-dist@1.0.0: {} - - parse5-htmlparser2-tree-adapter@7.0.0: - dependencies: - domhandler: 5.0.3 - parse5: 7.1.2 - - parse5-parser-stream@7.1.2: - dependencies: - parse5: 7.1.2 - - parse5@7.1.2: - dependencies: - entities: 4.5.0 - - parseley@0.12.1: - dependencies: - leac: 0.6.0 - peberminta: 0.9.0 - - path-equal@1.2.5: {} - - path-exists@4.0.0: {} - - path-is-absolute@1.0.1: {} - - path-key@3.1.1: {} - - path-key@4.0.0: {} - - path-parse@1.0.7: {} - - path-scurry@1.11.1: - dependencies: - lru-cache: 10.4.3 - minipass: 7.1.2 - - path-to-regexp@6.2.2: {} - - path-type@4.0.0: {} - - pathval@2.0.0: {} - - peberminta@0.9.0: {} - - pg-cloudflare@1.1.1: - optional: true - - pg-connection-string@2.6.4: {} - - pg-int8@1.0.1: {} - - pg-numeric@1.0.2: {} - - pg-pool@3.6.2(pg@8.12.0): - dependencies: - pg: 8.12.0 - - pg-protocol@1.6.1: {} - - pg-types@2.2.0: - dependencies: - pg-int8: 1.0.1 - postgres-array: 2.0.0 - postgres-bytea: 1.0.0 - postgres-date: 1.0.7 - postgres-interval: 1.2.0 - - pg-types@4.0.2: - dependencies: - pg-int8: 1.0.1 - pg-numeric: 1.0.2 - postgres-array: 3.0.2 - postgres-bytea: 3.0.0 - postgres-date: 2.1.0 - postgres-interval: 3.0.0 - postgres-range: 1.1.4 - - pg@8.12.0: - dependencies: - pg-connection-string: 2.6.4 - pg-pool: 3.6.2(pg@8.12.0) - pg-protocol: 1.6.1 - pg-types: 2.2.0 - pgpass: 1.0.5 - optionalDependencies: - pg-cloudflare: 1.1.1 - - pgpass@1.0.5: - dependencies: - split2: 4.2.0 - - picocolors@1.1.0: {} - - picomatch@2.3.1: {} - - pino-abstract-transport@1.2.0: - dependencies: - readable-stream: 4.5.2 - split2: 4.2.0 - - pino-std-serializers@7.0.0: {} - - pino@9.2.0: - dependencies: - atomic-sleep: 1.0.0 - fast-redact: 3.5.0 - on-exit-leak-free: 2.1.2 - pino-abstract-transport: 1.2.0 - pino-std-serializers: 7.0.0 - process-warning: 3.0.0 - quick-format-unescaped: 4.0.4 - real-require: 0.2.0 - safe-stable-stringify: 2.5.0 - sonic-boom: 4.1.0 - thread-stream: 3.1.0 - - pino@9.4.0: - dependencies: - atomic-sleep: 1.0.0 - fast-redact: 3.5.0 - on-exit-leak-free: 2.1.2 - pino-abstract-transport: 1.2.0 - pino-std-serializers: 7.0.0 - process-warning: 4.0.0 - quick-format-unescaped: 4.0.4 - real-require: 0.2.0 - safe-stable-stringify: 2.5.0 - sonic-boom: 4.1.0 - thread-stream: 3.1.0 - - pirates@4.0.6: {} - - postcss-load-config@6.0.1(tsx@4.19.0)(yaml@2.5.0): - dependencies: - lilconfig: 3.1.2 - optionalDependencies: - tsx: 4.19.0 - yaml: 2.5.0 - - postgres-array@2.0.0: {} - - postgres-array@3.0.2: {} - - postgres-bytea@1.0.0: {} - - postgres-bytea@3.0.0: - dependencies: - obuf: 1.1.2 - - postgres-date@1.0.7: {} - - postgres-date@2.1.0: {} - - postgres-interval@1.2.0: - dependencies: - xtend: 4.0.2 - - postgres-interval@3.0.0: {} - - postgres-range@1.1.4: {} - - prevvy@8.0.1: - dependencies: - '@types/debug': 4.1.12 - '@types/fluent-ffmpeg': 2.1.26 - '@types/luxon': 3.4.2 - '@types/node': 20.16.3 - debug: 4.3.6 - execa: 8.0.1 - fluent-ffmpeg: 2.1.3 - luxon: 1.28.1 - typescript: 5.5.4 - transitivePeerDependencies: - - supports-color - - process-warning@3.0.0: {} - - process-warning@4.0.0: {} - - process@0.11.10: {} - - proto3-json-serializer@2.0.2: - dependencies: - protobufjs: 7.4.0 - - protobufjs@7.4.0: - dependencies: - '@protobufjs/aspromise': 1.1.2 - '@protobufjs/base64': 1.1.2 - '@protobufjs/codegen': 2.0.4 - '@protobufjs/eventemitter': 1.1.0 - '@protobufjs/fetch': 1.1.0 - '@protobufjs/float': 1.0.2 - '@protobufjs/inquire': 1.1.0 - '@protobufjs/path': 1.1.2 - '@protobufjs/pool': 1.1.0 - '@protobufjs/utf8': 1.1.0 - '@types/node': 22.5.2 - long: 5.2.3 - - proxy-addr@2.0.7: - dependencies: - forwarded: 0.2.0 - ipaddr.js: 1.9.1 - - psl@1.9.0: {} - - pstree.remy@1.1.8: {} - - punycode.js@2.3.1: {} - - punycode@2.3.1: {} - - qs@6.13.0: - dependencies: - side-channel: 1.0.6 - - querystringify@2.2.0: {} - - queue-microtask@1.2.3: {} - - quick-format-unescaped@4.0.4: {} - - randombytes@2.1.0: - dependencies: - safe-buffer: 5.2.1 - - rate-limiter-flexible@5.0.3: {} - - readable-stream@3.6.2: - dependencies: - inherits: 2.0.4 - string_decoder: 1.3.0 - util-deprecate: 1.0.2 - - readable-stream@4.5.2: - dependencies: - abort-controller: 3.0.0 - buffer: 6.0.3 - events: 3.3.0 - process: 0.11.10 - string_decoder: 1.3.0 - - readdirp@3.6.0: - dependencies: - picomatch: 2.3.1 - - real-require@0.2.0: {} - - regenerate-unicode-properties@10.1.1: - dependencies: - regenerate: 1.4.2 - - regenerate@1.4.2: {} - - regenerator-runtime@0.14.1: {} - - regenerator-transform@0.15.2: - dependencies: - '@babel/runtime': 7.25.6 - - regexpu-core@5.3.2: - dependencies: - '@babel/regjsgen': 0.8.0 - regenerate: 1.4.2 - regenerate-unicode-properties: 10.1.1 - regjsparser: 0.9.1 - unicode-match-property-ecmascript: 2.0.0 - unicode-match-property-value-ecmascript: 2.1.0 - - regjsparser@0.9.1: - dependencies: - jsesc: 0.5.0 - - require-directory@2.1.1: {} - - require-from-string@2.0.2: {} - - requires-port@1.0.0: {} - - resolve-from@5.0.0: {} - - resolve-pkg-maps@1.0.0: {} - - resolve@1.22.8: - dependencies: - is-core-module: 2.15.1 - path-parse: 1.0.7 - supports-preserve-symlinks-flag: 1.0.0 - - ret@0.4.3: {} - - retry@0.13.1: {} - - reusify@1.0.4: {} - - rfdc@1.4.1: {} - - rollup@4.21.2: - dependencies: - '@types/estree': 1.0.5 - optionalDependencies: - '@rollup/rollup-android-arm-eabi': 4.21.2 - '@rollup/rollup-android-arm64': 4.21.2 - '@rollup/rollup-darwin-arm64': 4.21.2 - '@rollup/rollup-darwin-x64': 4.21.2 - '@rollup/rollup-linux-arm-gnueabihf': 4.21.2 - '@rollup/rollup-linux-arm-musleabihf': 4.21.2 - '@rollup/rollup-linux-arm64-gnu': 4.21.2 - '@rollup/rollup-linux-arm64-musl': 4.21.2 - '@rollup/rollup-linux-powerpc64le-gnu': 4.21.2 - '@rollup/rollup-linux-riscv64-gnu': 4.21.2 - '@rollup/rollup-linux-s390x-gnu': 4.21.2 - '@rollup/rollup-linux-x64-gnu': 4.21.2 - '@rollup/rollup-linux-x64-musl': 4.21.2 - '@rollup/rollup-win32-arm64-msvc': 4.21.2 - '@rollup/rollup-win32-ia32-msvc': 4.21.2 - '@rollup/rollup-win32-x64-msvc': 4.21.2 - fsevents: 2.3.3 - - run-parallel@1.2.0: - dependencies: - queue-microtask: 1.2.3 - - rxjs@7.8.1: - dependencies: - tslib: 2.7.0 - - safe-buffer@5.2.1: {} - - safe-regex2@3.1.0: - dependencies: - ret: 0.4.3 - - safe-stable-stringify@2.5.0: {} - - safer-buffer@2.1.2: {} - - schema-utils@3.3.0: - dependencies: - '@types/json-schema': 7.0.15 - ajv: 6.12.6 - ajv-keywords: 3.5.2(ajv@6.12.6) - - secure-json-parse@2.7.0: {} - - selderee@0.11.0: - dependencies: - parseley: 0.12.1 - - semver@6.3.1: {} - - semver@7.6.3: {} - - sequin@0.1.1: {} - - serialize-javascript@6.0.2: - dependencies: - randombytes: 2.1.0 - - set-cookie-parser@2.7.0: {} - - set-function-length@1.2.2: - dependencies: - define-data-property: 1.1.4 - es-errors: 1.3.0 - function-bind: 1.1.2 - get-intrinsic: 1.2.4 - gopd: 1.0.1 - has-property-descriptors: 1.0.2 - - setprototypeof@1.2.0: {} - - sharp@0.33.5: - dependencies: - color: 4.2.3 - detect-libc: 2.0.3 - semver: 7.6.3 - optionalDependencies: - '@img/sharp-darwin-arm64': 0.33.5 - '@img/sharp-darwin-x64': 0.33.5 - '@img/sharp-libvips-darwin-arm64': 1.0.4 - '@img/sharp-libvips-darwin-x64': 1.0.4 - '@img/sharp-libvips-linux-arm': 1.0.5 - '@img/sharp-libvips-linux-arm64': 1.0.4 - '@img/sharp-libvips-linux-s390x': 1.0.4 - '@img/sharp-libvips-linux-x64': 1.0.4 - '@img/sharp-libvips-linuxmusl-arm64': 1.0.4 - '@img/sharp-libvips-linuxmusl-x64': 1.0.4 - '@img/sharp-linux-arm': 0.33.5 - '@img/sharp-linux-arm64': 0.33.5 - '@img/sharp-linux-s390x': 0.33.5 - '@img/sharp-linux-x64': 0.33.5 - '@img/sharp-linuxmusl-arm64': 0.33.5 - '@img/sharp-linuxmusl-x64': 0.33.5 - '@img/sharp-wasm32': 0.33.5 - '@img/sharp-win32-ia32': 0.33.5 - '@img/sharp-win32-x64': 0.33.5 - - shebang-command@2.0.0: - dependencies: - shebang-regex: 3.0.0 - - shebang-regex@3.0.0: {} - - shell-quote@1.8.1: {} - - side-channel@1.0.6: - dependencies: - call-bind: 1.0.7 - es-errors: 1.3.0 - get-intrinsic: 1.2.4 - object-inspect: 1.13.2 - - signal-exit@3.0.7: {} - - signal-exit@4.1.0: {} - - simple-swizzle@0.2.2: - dependencies: - is-arrayish: 0.3.2 - - simple-update-notifier@2.0.0: - dependencies: - semver: 7.6.3 - - sinon@18.0.0: - dependencies: - '@sinonjs/commons': 3.0.1 - '@sinonjs/fake-timers': 11.3.1 - '@sinonjs/samsam': 8.0.0 - diff: 5.2.0 - nise: 6.0.0 - supports-color: 7.2.0 - - slash@3.0.0: {} - - slugify@1.6.6: {} - - smart-buffer@4.2.0: {} - - socks@2.8.3: - dependencies: - ip-address: 9.0.5 - smart-buffer: 4.2.0 - - sonic-boom@4.1.0: - dependencies: - atomic-sleep: 1.0.0 - - source-map-js@1.2.0: {} - - source-map-loader@4.0.2(webpack@5.94.0(@swc/core@1.7.23)(esbuild@0.23.1)): - dependencies: - iconv-lite: 0.6.3 - source-map-js: 1.2.0 - webpack: 5.94.0(@swc/core@1.7.23)(esbuild@0.23.1) - - source-map-support@0.5.21: - dependencies: - buffer-from: 1.1.2 - source-map: 0.6.1 - - source-map@0.6.1: {} - - source-map@0.7.4: {} - - source-map@0.8.0-beta.0: - dependencies: - whatwg-url: 7.1.0 - - spawn-command@0.0.2: {} - - split2@4.2.0: {} - - sprintf-js@1.1.3: {} - - statuses@2.0.1: {} - - stream-browserify@3.0.0: - dependencies: - inherits: 2.0.4 - readable-stream: 3.6.2 - - string-width@4.2.3: - dependencies: - emoji-regex: 8.0.0 - is-fullwidth-code-point: 3.0.0 - strip-ansi: 6.0.1 - - string-width@5.1.2: - dependencies: - eastasianwidth: 0.2.0 - emoji-regex: 9.2.2 - strip-ansi: 7.1.0 - - string_decoder@1.3.0: - dependencies: - safe-buffer: 5.2.1 - - strip-ansi@6.0.1: - dependencies: - ansi-regex: 5.0.1 - - strip-ansi@7.1.0: - dependencies: - ansi-regex: 6.0.1 - - strip-final-newline@2.0.0: {} - - strip-final-newline@3.0.0: {} - - strip-json-comments@3.1.1: {} - - strnum@1.0.5: {} - - sucrase@3.35.0: - dependencies: - '@jridgewell/gen-mapping': 0.3.5 - commander: 4.1.1 - glob: 10.4.5 - lines-and-columns: 1.2.4 - mz: 2.7.0 - pirates: 4.0.6 - ts-interface-checker: 0.1.13 - - supports-color@5.5.0: - dependencies: - has-flag: 3.0.0 - - supports-color@7.2.0: - dependencies: - has-flag: 4.0.0 - - supports-color@8.1.1: - dependencies: - has-flag: 4.0.0 - - supports-preserve-symlinks-flag@1.0.0: {} - - swagger-editor-dist@4.13.1: {} - - swagger-ui-dist@5.17.14: {} - - swc-loader@0.2.6(@swc/core@1.7.23)(webpack@5.94.0(@swc/core@1.7.23)(esbuild@0.23.1)): - dependencies: - '@swc/core': 1.7.23 - '@swc/counter': 0.1.3 - webpack: 5.94.0(@swc/core@1.7.23)(esbuild@0.23.1) - - tapable@2.2.1: {} - - terser-webpack-plugin@5.3.10(@swc/core@1.7.23)(esbuild@0.23.1)(webpack@5.94.0(@swc/core@1.7.23)(esbuild@0.23.1)): - dependencies: - '@jridgewell/trace-mapping': 0.3.25 - jest-worker: 27.5.1 - schema-utils: 3.3.0 - serialize-javascript: 6.0.2 - terser: 5.31.6 - webpack: 5.94.0(@swc/core@1.7.23)(esbuild@0.23.1) - optionalDependencies: - '@swc/core': 1.7.23 - esbuild: 0.23.1 - - terser@5.31.6: - dependencies: - '@jridgewell/source-map': 0.3.6 - acorn: 8.12.1 - commander: 2.20.3 - source-map-support: 0.5.21 - - thenify-all@1.6.0: - dependencies: - thenify: 3.3.1 - - thenify@3.3.1: - dependencies: - any-promise: 1.3.0 - - thingies@1.21.0(tslib@2.7.0): - dependencies: - tslib: 2.7.0 - - thread-stream@3.1.0: - dependencies: - real-require: 0.2.0 - - tlds@1.252.0: {} - - to-fast-properties@2.0.0: {} - - to-regex-range@5.0.1: - dependencies: - is-number: 7.0.0 - - toad-cache@3.7.0: {} - - toidentifier@1.0.1: {} - - touch@3.1.1: {} - - tough-cookie@4.1.4: - dependencies: - psl: 1.9.0 - punycode: 2.3.1 - universalify: 0.2.0 - url-parse: 1.5.10 - - tr46@1.0.1: - dependencies: - punycode: 2.3.1 - - tree-dump@1.0.2(tslib@2.7.0): - dependencies: - tslib: 2.7.0 - - tree-kill@1.2.2: {} - - ts-interface-checker@0.1.13: {} - - ts-json-schema-generator@2.3.0: - dependencies: - '@types/json-schema': 7.0.15 - commander: 12.1.0 - glob: 10.4.5 - json5: 2.2.3 - normalize-path: 3.0.0 - safe-stable-stringify: 2.5.0 - tslib: 2.7.0 - typescript: 5.5.4 - - ts-node@10.9.2(@swc/core@1.7.23)(@types/node@18.19.48)(typescript@5.5.4): - dependencies: - '@cspotcode/source-map-support': 0.8.1 - '@tsconfig/node10': 1.0.11 - '@tsconfig/node12': 1.0.11 - '@tsconfig/node14': 1.0.3 - '@tsconfig/node16': 1.0.4 - '@types/node': 18.19.48 - acorn: 8.12.1 - acorn-walk: 8.3.3 - arg: 4.1.3 - create-require: 1.1.1 - diff: 4.0.2 - make-error: 1.3.6 - typescript: 5.5.4 - v8-compile-cache-lib: 3.0.1 - yn: 3.1.1 - optionalDependencies: - '@swc/core': 1.7.23 - - ts-node@10.9.2(@swc/core@1.7.23)(@types/node@22.5.2)(typescript@5.5.4): - dependencies: - '@cspotcode/source-map-support': 0.8.1 - '@tsconfig/node10': 1.0.11 - '@tsconfig/node12': 1.0.11 - '@tsconfig/node14': 1.0.3 - '@tsconfig/node16': 1.0.4 - '@types/node': 22.5.2 - acorn: 8.12.1 - acorn-walk: 8.3.3 - arg: 4.1.3 - create-require: 1.1.1 - diff: 4.0.2 - make-error: 1.3.6 - typescript: 5.5.4 - v8-compile-cache-lib: 3.0.1 - yn: 3.1.1 - optionalDependencies: - '@swc/core': 1.7.23 - - tslib@2.7.0: {} - - tsup@8.2.4(@swc/core@1.7.23)(tsx@4.19.0)(typescript@5.5.4)(yaml@2.5.0): - dependencies: - bundle-require: 5.0.0(esbuild@0.23.1) - cac: 6.7.14 - chokidar: 3.6.0 - consola: 3.2.3 - debug: 4.3.6 - esbuild: 0.23.1 - execa: 5.1.1 - globby: 11.1.0 - joycon: 3.1.1 - picocolors: 1.1.0 - postcss-load-config: 6.0.1(tsx@4.19.0)(yaml@2.5.0) - resolve-from: 5.0.0 - rollup: 4.21.2 - source-map: 0.8.0-beta.0 - sucrase: 3.35.0 - tree-kill: 1.2.2 - optionalDependencies: - '@swc/core': 1.7.23 - typescript: 5.5.4 - transitivePeerDependencies: - - jiti - - supports-color - - tsx - - yaml - - tsx@4.19.0: - dependencies: - esbuild: 0.23.1 - get-tsconfig: 4.8.0 - optionalDependencies: - fsevents: 2.3.3 - - tunnel-agent@0.6.0: - dependencies: - safe-buffer: 5.2.1 - - type-detect@4.0.8: {} - - type-detect@4.1.0: {} - - typescript-json-schema@0.65.1(@swc/core@1.7.23): - dependencies: - '@types/json-schema': 7.0.15 - '@types/node': 18.19.48 - glob: 7.2.3 - path-equal: 1.2.5 - safe-stable-stringify: 2.5.0 - ts-node: 10.9.2(@swc/core@1.7.23)(@types/node@18.19.48)(typescript@5.5.4) - typescript: 5.5.4 - yargs: 17.7.2 - transitivePeerDependencies: - - '@swc/core' - - '@swc/wasm' - - typescript@5.5.4: {} - - uc.micro@2.1.0: {} - - undefsafe@2.0.5: {} - - undici-types@5.26.5: {} - - undici-types@6.19.8: {} - - undici@6.19.8: {} - - unicode-canonical-property-names-ecmascript@2.0.0: {} - - unicode-match-property-ecmascript@2.0.0: - dependencies: - unicode-canonical-property-names-ecmascript: 2.0.0 - unicode-property-aliases-ecmascript: 2.1.0 - - unicode-match-property-value-ecmascript@2.1.0: {} - - unicode-property-aliases-ecmascript@2.1.0: {} - - unionfs@4.5.4: - dependencies: - fs-monkey: 1.0.6 - - universalify@0.2.0: {} - - update-browserslist-db@1.1.0(browserslist@4.23.3): - dependencies: - browserslist: 4.23.3 - escalade: 3.2.0 - picocolors: 1.1.0 - - uri-js@4.4.1: - dependencies: - punycode: 2.3.1 - - url-parse@1.5.10: - dependencies: - querystringify: 2.2.0 - requires-port: 1.0.0 - - util-deprecate@1.0.2: {} - - uuid@9.0.1: {} - - v8-compile-cache-lib@3.0.1: {} - - watchpack@2.4.2: - dependencies: - glob-to-regexp: 0.4.1 - graceful-fs: 4.2.11 - - web-streams-polyfill@3.3.3: {} - - webidl-conversions@4.0.2: {} - - webpack-sources@3.2.3: {} - - webpack@5.94.0(@swc/core@1.7.23)(esbuild@0.23.1): - dependencies: - '@types/estree': 1.0.5 - '@webassemblyjs/ast': 1.12.1 - '@webassemblyjs/wasm-edit': 1.12.1 - '@webassemblyjs/wasm-parser': 1.12.1 - acorn: 8.12.1 - acorn-import-attributes: 1.9.5(acorn@8.12.1) - browserslist: 4.23.3 - chrome-trace-event: 1.0.4 - enhanced-resolve: 5.17.1 - es-module-lexer: 1.5.4 - eslint-scope: 5.1.1 - events: 3.3.0 - glob-to-regexp: 0.4.1 - graceful-fs: 4.2.11 - json-parse-even-better-errors: 2.3.1 - loader-runner: 4.3.0 - mime-types: 2.1.35 - neo-async: 2.6.2 - schema-utils: 3.3.0 - tapable: 2.2.1 - terser-webpack-plugin: 5.3.10(@swc/core@1.7.23)(esbuild@0.23.1)(webpack@5.94.0(@swc/core@1.7.23)(esbuild@0.23.1)) - watchpack: 2.4.2 - webpack-sources: 3.2.3 - transitivePeerDependencies: - - '@swc/core' - - esbuild - - uglify-js - - websocket-driver@0.7.4: - dependencies: - http-parser-js: 0.5.8 - safe-buffer: 5.2.1 - websocket-extensions: 0.1.4 - - websocket-extensions@0.1.4: {} - - whatwg-encoding@3.1.1: - dependencies: - iconv-lite: 0.6.3 - - whatwg-mimetype@4.0.0: {} - - whatwg-url@7.1.0: - dependencies: - lodash.sortby: 4.7.0 - tr46: 1.0.1 - webidl-conversions: 4.0.2 - - which@1.3.1: - dependencies: - isexe: 2.0.0 - - which@2.0.2: - dependencies: - isexe: 2.0.0 - - which@4.0.0: - dependencies: - isexe: 3.1.1 - - workerpool@6.5.1: {} - - wrap-ansi@7.0.0: - dependencies: - ansi-styles: 4.3.0 - string-width: 4.2.3 - strip-ansi: 6.0.1 - - wrap-ansi@8.1.0: - dependencies: - ansi-styles: 6.2.1 - string-width: 5.1.2 - strip-ansi: 7.1.0 - - wrappy@1.0.2: {} - - xpath@0.0.34: {} - - xtend@4.0.2: {} - - y18n@5.0.8: {} - - yallist@3.1.1: {} - - yaml@2.5.0: {} - - yargs-parser@20.2.9: {} - - yargs-parser@21.1.1: {} - - yargs-unparser@2.0.0: - dependencies: - camelcase: 6.3.0 - decamelize: 4.0.0 - flat: 5.0.2 - is-plain-obj: 2.1.0 - - yargs@16.2.0: - dependencies: - cliui: 7.0.4 - escalade: 3.2.0 - get-caller-file: 2.0.5 - require-directory: 2.1.1 - string-width: 4.2.3 - y18n: 5.0.8 - yargs-parser: 20.2.9 - - yargs@17.7.2: - dependencies: - cliui: 8.0.1 - escalade: 3.2.0 - get-caller-file: 2.0.5 - require-directory: 2.1.1 - string-width: 4.2.3 - y18n: 5.0.8 - yargs-parser: 21.1.1 - - yn@3.1.1: {} - - yocto-queue@0.1.0: {} diff --git a/services/scout/src/api.yaml b/services/scout/src/api.yaml deleted file mode 100644 index 1221577..0000000 --- a/services/scout/src/api.yaml +++ /dev/null @@ -1,55 +0,0 @@ -openapi: '3.0.1' -info: - title: "@futureporn/scout" - version: '4.0.1' - description: REST API for acquiring vtuber data - -paths: - - '/pets': - get: - operationId: getPets - summary: List pets - responses: - 200: - $ref: '#/components/responses/PetListWithExample' - - '/pets/{id}': - get: - operationId: getPetById - summary: Get pet by its id - parameters: - - name: id - in: path - required: true - schema: - type: integer - minimum: 1 - responses: - 200: - $ref: '#/components/responses/PetResponseWithSchema' - -components: - responses: - PetListWithExample: - description: List of pets - content: - 'application/json': - example: - - id: 1 - name: Garfield - - id: 2 - name: Odie - PetResponseWithSchema: - description: A single pet - content: - 'application/json': - schema: - type: object - properties: - id: - type: integer - minimum: 1 - name: - type: string - example: Garfield diff --git a/services/scout/src/cb.spec.ts b/services/scout/src/cb.spec.ts deleted file mode 100644 index ac04298..0000000 --- a/services/scout/src/cb.spec.ts +++ /dev/null @@ -1,45 +0,0 @@ -import { describe } from 'mocha' -import { expect } from 'chai'; -import { getBroadcasterDisplayName, getInitialRoomDossier, getRandomRoom } from './cb.js' -import { dirname, join } from 'path'; -import { fileURLToPath } from 'url'; -import fs from 'node:fs/promises' -const __dirname = dirname(fileURLToPath(import.meta.url)); -const cbRoomFixturePath = join(__dirname, './fixtures/cb.projektmelody.fixture.html') - -describe('cb', function () { - let fixture: string - beforeEach(async function () { - const fileContent = await fs.readFile(cbRoomFixturePath, { encoding: 'utf-8' }) - fixture = fileContent - }) - describe('unit', function () { - describe('getInitialRoomDossier', function () { - it('should return a Dossier object', function () { - const dossier = getInitialRoomDossier(fixture) - expect(dossier).to.have.property('broadcaster_username', 'projektmelody') - expect(dossier).to.have.property('broadcaster_gender', 'female') - expect(dossier).to.have.property('room_uid', 'G0TWFS5') - }) - }) - describe('getBroadcasterDisplayName', function () { - it('should get a formatted display name', function () { - expect(fixture).to.match(/Chaturbate/) - const displayName = getBroadcasterDisplayName(fixture) - expect(displayName).to.equal('Projektmelody') - }) - }) - }) - describe('integration', function () { - describe('getRandomRoom', function () { - it('should return a Room object of an online room', async function () { - this.timeout(1000*16) - const room = await getRandomRoom() - expect(room).to.have.property('url') - expect(room).to.have.property('name') - expect(room.name).to.match(/[a-z_]/) - expect(room.url).to.match(/https:\/\//) - }) - }) - }) -}) \ No newline at end of file diff --git a/services/scout/src/cb.ts b/services/scout/src/cb.ts deleted file mode 100644 index c27aa07..0000000 --- a/services/scout/src/cb.ts +++ /dev/null @@ -1,233 +0,0 @@ -import * as cheerio from 'cheerio' -import fetch from 'node-fetch' -import scrapingFetch from './scrapingFetch.ts'; - -interface Dossier { - viewer_uid: null | string; - is_age_verified: boolean; - age: number; - room_status: 'offline' | 'online'; - num_viewers: number; - wschat_host: string; - viewer_username: string; - viewer_gender: 'm' | 'f'; - allow_anonymous_tipping: boolean; - chat_username: string; - chat_password: string; - broadcaster_username: string; - room_pass: string; - last_pass: string; - chat_rules: string; - room_title: string; - room_uid: string; - broadcaster_uid: string; - broadcaster_gender: 'female' | 'male'; - apps_running: string; - hls_source: string; - dismissible_messages: string[]; - edge_auth: string; - is_widescreen: boolean; - allow_private_shows: boolean; - private_show_price: number; - private_min_minutes: number; - allow_show_recordings: boolean; - spy_private_show_price: number; - private_show_id: string; - low_satisfaction_score: boolean; - hidden_message: string; - following: boolean; - follow_notification_frequency: string; - is_moderator: boolean; - chat_settings: { - font_size: string; - show_emoticons: boolean; - emoticon_autocomplete_delay: number; - sort_users_key: string; - room_entry_for: 'org' | 'user'; - room_leave_for: 'org' | 'user'; - c2c_notify_limit: number; - silence_broadcasters: string; - allowed_chat: 'all' | 'whisper'; - collapse_notices: boolean; - highest_token_color: string; - mod_expire: number; - max_pm_age: number; - font_family: string; - font_color: string; - tip_volume: number; - ignored_users: string; - }; - broadcaster_on_new_chat: boolean; - token_balance: number; - is_supporter: boolean; - needs_supporter_to_pm: boolean; - server_name: string; - num_followed: number; - num_followed_online: number; - has_studio: boolean; - is_mobile: boolean; - ignored_emoticons: string[]; - tfa_enabled: boolean; - satisfaction_score: { - percent: number; - up_votes: number; - down_votes: number; - max: number; - }; - hide_satisfaction_score: boolean; - tips_in_past_24_hours: number; - last_vote_in_past_24_hours: string | null; - last_vote_in_past_90_days_down: boolean; - show_mobile_site_banner_link: boolean; - exploring_hashtag: string; - source_name: 'un' | 'o'; - performer_has_fanclub: boolean; - opt_out: boolean; - fan_club_is_member: boolean; - asp_auth_url: string; - browser_id: string; - edge_region: string; - userlist_color: 'g' | 'b' | 'r'; - active_password: boolean; - fan_club_paid_with_tokens: boolean; - quality: { - quality: string; - rate: number; - stopped: boolean; - }; -} - - -export interface ChaturbateModel { - gender: string; - location: string; - current_show: 'public' | 'private'; - username: string; - room_subject: string; - tags: string[]; - is_new: boolean; - num_users: number; - num_followers: number; - country: string; - spoken_languages: string; - display_name: string; - birthday: string; - is_hd: boolean; - age: number; - seconds_online: number; - image_url: string; - image_url_360x270: string; - chat_room_url_revshare: string; - iframe_embed_revshare: string; - chat_room_url: string; - iframe_embed: string; - slug: string; -} - -export interface ChaturbateOnlineModelsResponse { - results: ChaturbateModel[], - count: number -} - -export interface Room { - name: string; - url: string; -} - - - // display_name is tricky. - // there is no capitaliziation in dossier.broadcaster_username. - // there is a `Real Name` k/v field in CB bios, but it's not foolproof as the broadcaster can enter anything, append notes, etc. - // so for now I'm just going to use the lowercase dossier.broadcaster_username - // actually, we can get username from - -export async function fetchHtml(url: string): Promise { - const fetchOptions = { - headers: { - 'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36', - } - } - const res = await scrapingFetch(url, fetchOptions); - const body = await res.text() - return body -} - -export function getBroadcasterDisplayName(html: string): string|null { - if (!html) throw new Error('getBroadcasterDisplayName requires html as argument'); - const $ = cheerio.load(html); - const ogTitle = $('meta[property="og:title"]')?.attr('content')?.split(' ')?.at(1); - return (!!ogTitle) ? ogTitle : null -} - - -/** - * getInitialRoomDossier - * - * Gets data about the model from their CB page. - * - * @param {String} roomUrl example: https://chaturbate.com/projektmelody - * @returns {Object} initialRoomDossier - * - * @todo please get a fixture of when a room is in password mode - */ -export function getInitialRoomDossier(html: string): Dossier|null { - if (!html) throw new Error('getInitialRoomDossier requires html as argument'); - - - try { - const $ = cheerio.load(html); - let rawScript = $('script:contains(window.initialRoomDossier)').html(); - if (!rawScript) { - throw new Error('window.initialRoomDossier is null. This could mean the channel is in password mode'); - } - let rawDossier = rawScript.slice(rawScript.indexOf('"'), rawScript.lastIndexOf('"') + 1); - let dossier: Dossier = JSON.parse(JSON.parse(rawDossier)); - return dossier; - } catch (error) { - if (error instanceof Error) { - // Handle the error gracefully - console.error(`Error fetching initial room dossier: ${error.message}`); - } else { - console.error('caught an exotic error, uh-oh') - console.error(error) - } - return null; - } -} - - - -export async function getRandomRoom(): Promise { - try { - const res = await scrapingFetch('https://chaturbate.com/api/public/affiliates/onlinerooms/?wm=DiPkB&client_ip=request_ip', { - headers: { - accept: 'application/json' - } - }); - const data = await res.json() as ChaturbateOnlineModelsResponse; - - if (!data || !Array.isArray(data.results) || data.results.length === 0) { - throw new Error('No results found'); - } - - const results = data.results; - const randomIndex = Math.floor(Math.random() * results.length); - - if (!results[randomIndex]) { - throw new Error('No result found at random index'); - } - - const username = results[randomIndex].username; - return { - url: `https://chaturbate.com/${username}`, - name: username - } - } catch (error) { - if (error instanceof Error) { - console.error(`Error in getRandomRoom: ${error.message}`); - } else { - console.error('An unexpected error occurred'); - } - throw error; // Re-throw the error to propagate it further - } -} \ No newline at end of file diff --git a/services/scout/src/config.ts b/services/scout/src/config.ts deleted file mode 100644 index 19daa34..0000000 --- a/services/scout/src/config.ts +++ /dev/null @@ -1,35 +0,0 @@ -import 'dotenv/config' - -const requiredEnvVars = [ - 'HTTP_PROXY', - 'POSTGREST_URL', - 'NODE_ENV', - 'WORKER_CONNECTION_STRING', - 'PORT', -] as const; - -const getEnvVar = (key: typeof requiredEnvVars[number]): string => { - const value = process.env[key]; - if (!value) { - throw new Error(`Missing ${key} env var`); - } - return value; -}; - -export interface Config { - postgrestUrl: string; - httpProxy: string; - nodeEnv: string; - workerConnectionString: string; - port: number; -} - - -export const configs: Config = { - httpProxy: getEnvVar('HTTP_PROXY'), - postgrestUrl: getEnvVar('POSTGREST_URL'), - nodeEnv: getEnvVar('NODE_ENV'), - workerConnectionString: getEnvVar('WORKER_CONNECTION_STRING'), - port: parseInt(getEnvVar('PORT')), -} - diff --git a/services/scout/src/css/SwaggerDark.css b/services/scout/src/css/SwaggerDark.css deleted file mode 100644 index c7348f0..0000000 --- a/services/scout/src/css/SwaggerDark.css +++ /dev/null @@ -1,851 +0,0 @@ -/* @see https://github.com/Amoenus/SwaggerDark/tree/master */ - -@media only screen and (prefers-color-scheme: dark) { - - a { color: #8c8cfa; } - - ::-webkit-scrollbar-track-piece { background-color: rgba(255, 255, 255, .2) !important; } - - ::-webkit-scrollbar-track { background-color: rgba(255, 255, 255, .3) !important; } - - ::-webkit-scrollbar-thumb { background-color: rgba(255, 255, 255, .5) !important; } - - embed[type="application/pdf"] { filter: invert(90%); } - - html { - background: #1f1f1f !important; - box-sizing: border-box; - filter: contrast(100%) brightness(100%) saturate(100%); - overflow-y: scroll; - } - - body { - background: #1f1f1f; - background-color: #1f1f1f; - background-image: none !important; - } - - button, input, select, textarea { - background-color: #1f1f1f; - color: #bfbfbf; - } - - font, html { color: #bfbfbf; } - - .swagger-ui, .swagger-ui section h3 { color: #b5bac9; } - - .swagger-ui a { background-color: transparent; } - - .swagger-ui mark { - background-color: #664b00; - color: #bfbfbf; - } - - .swagger-ui legend { color: inherit; } - - .swagger-ui .debug * { outline: #e6da99 solid 1px; } - - .swagger-ui .debug-white * { outline: #fff solid 1px; } - - .swagger-ui .debug-black * { outline: #bfbfbf solid 1px; } - - .swagger-ui .debug-grid { background: url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAgAAAAICAYAAADED76LAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAyhpVFh0WE1MOmNvbS5hZG9iZS54bXAAAAAAADw/eHBhY2tldCBiZWdpbj0i77u/IiBpZD0iVzVNME1wQ2VoaUh6cmVTek5UY3prYzlkIj8+IDx4OnhtcG1ldGEgeG1sbnM6eD0iYWRvYmU6bnM6bWV0YS8iIHg6eG1wdGs9IkFkb2JlIFhNUCBDb3JlIDUuNi1jMTExIDc5LjE1ODMyNSwgMjAxNS8wOS8xMC0wMToxMDoyMCAgICAgICAgIj4gPHJkZjpSREYgeG1sbnM6cmRmPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5LzAyLzIyLXJkZi1zeW50YXgtbnMjIj4gPHJkZjpEZXNjcmlwdGlvbiByZGY6YWJvdXQ9IiIgeG1sbnM6eG1wTU09Imh0dHA6Ly9ucy5hZG9iZS5jb20veGFwLzEuMC9tbS8iIHhtbG5zOnN0UmVmPSJodHRwOi8vbnMuYWRvYmUuY29tL3hhcC8xLjAvc1R5cGUvUmVzb3VyY2VSZWYjIiB4bWxuczp4bXA9Imh0dHA6Ly9ucy5hZG9iZS5jb20veGFwLzEuMC8iIHhtcE1NOkRvY3VtZW50SUQ9InhtcC5kaWQ6MTRDOTY4N0U2N0VFMTFFNjg2MzZDQjkwNkQ4MjgwMEIiIHhtcE1NOkluc3RhbmNlSUQ9InhtcC5paWQ6MTRDOTY4N0Q2N0VFMTFFNjg2MzZDQjkwNkQ4MjgwMEIiIHhtcDpDcmVhdG9yVG9vbD0iQWRvYmUgUGhvdG9zaG9wIENDIDIwMTUgKE1hY2ludG9zaCkiPiA8eG1wTU06RGVyaXZlZEZyb20gc3RSZWY6aW5zdGFuY2VJRD0ieG1wLmlpZDo3NjcyQkQ3NjY3QzUxMUU2QjJCQ0UyNDA4MTAwMjE3MSIgc3RSZWY6ZG9jdW1lbnRJRD0ieG1wLmRpZDo3NjcyQkQ3NzY3QzUxMUU2QjJCQ0UyNDA4MTAwMjE3MSIvPiA8L3JkZjpEZXNjcmlwdGlvbj4gPC9yZGY6UkRGPiA8L3g6eG1wbWV0YT4gPD94cGFja2V0IGVuZD0iciI/PsBS+GMAAAAjSURBVHjaYvz//z8DLsD4gcGXiYEAGBIKGBne//fFpwAgwAB98AaF2pjlUQAAAABJRU5ErkJggg==) 0 0; } - - .swagger-ui .debug-grid-16 { background: url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAyhpVFh0WE1MOmNvbS5hZG9iZS54bXAAAAAAADw/eHBhY2tldCBiZWdpbj0i77u/IiBpZD0iVzVNME1wQ2VoaUh6cmVTek5UY3prYzlkIj8+IDx4OnhtcG1ldGEgeG1sbnM6eD0iYWRvYmU6bnM6bWV0YS8iIHg6eG1wdGs9IkFkb2JlIFhNUCBDb3JlIDUuNi1jMTExIDc5LjE1ODMyNSwgMjAxNS8wOS8xMC0wMToxMDoyMCAgICAgICAgIj4gPHJkZjpSREYgeG1sbnM6cmRmPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5LzAyLzIyLXJkZi1zeW50YXgtbnMjIj4gPHJkZjpEZXNjcmlwdGlvbiByZGY6YWJvdXQ9IiIgeG1sbnM6eG1wTU09Imh0dHA6Ly9ucy5hZG9iZS5jb20veGFwLzEuMC9tbS8iIHhtbG5zOnN0UmVmPSJodHRwOi8vbnMuYWRvYmUuY29tL3hhcC8xLjAvc1R5cGUvUmVzb3VyY2VSZWYjIiB4bWxuczp4bXA9Imh0dHA6Ly9ucy5hZG9iZS5jb20veGFwLzEuMC8iIHhtcE1NOkRvY3VtZW50SUQ9InhtcC5kaWQ6ODYyRjhERDU2N0YyMTFFNjg2MzZDQjkwNkQ4MjgwMEIiIHhtcE1NOkluc3RhbmNlSUQ9InhtcC5paWQ6ODYyRjhERDQ2N0YyMTFFNjg2MzZDQjkwNkQ4MjgwMEIiIHhtcDpDcmVhdG9yVG9vbD0iQWRvYmUgUGhvdG9zaG9wIENDIDIwMTUgKE1hY2ludG9zaCkiPiA8eG1wTU06RGVyaXZlZEZyb20gc3RSZWY6aW5zdGFuY2VJRD0ieG1wLmlpZDo3NjcyQkQ3QTY3QzUxMUU2QjJCQ0UyNDA4MTAwMjE3MSIgc3RSZWY6ZG9jdW1lbnRJRD0ieG1wLmRpZDo3NjcyQkQ3QjY3QzUxMUU2QjJCQ0UyNDA4MTAwMjE3MSIvPiA8L3JkZjpEZXNjcmlwdGlvbj4gPC9yZGY6UkRGPiA8L3g6eG1wbWV0YT4gPD94cGFja2V0IGVuZD0iciI/PvCS01IAAABMSURBVHjaYmR4/5+BFPBfAMFm/MBgx8RAGWCn1AAmSg34Q6kBDKMGMDCwICeMIemF/5QawEipAWwUhwEjMDvbAWlWkvVBwu8vQIABAEwBCph8U6c0AAAAAElFTkSuQmCC) 0 0; } - - .swagger-ui .debug-grid-8-solid { background: url(data:image/jpeg;base64,/9j/4QAYRXhpZgAASUkqAAgAAAAAAAAAAAAAAP/sABFEdWNreQABAAQAAAAAAAD/4QMxaHR0cDovL25zLmFkb2JlLmNvbS94YXAvMS4wLwA8P3hwYWNrZXQgYmVnaW49Iu+7vyIgaWQ9Ilc1TTBNcENlaGlIenJlU3pOVGN6a2M5ZCI/PiA8eDp4bXBtZXRhIHhtbG5zOng9ImFkb2JlOm5zOm1ldGEvIiB4OnhtcHRrPSJBZG9iZSBYTVAgQ29yZSA1LjYtYzExMSA3OS4xNTgzMjUsIDIwMTUvMDkvMTAtMDE6MTA6MjAgICAgICAgICI+IDxyZGY6UkRGIHhtbG5zOnJkZj0iaHR0cDovL3d3dy53My5vcmcvMTk5OS8wMi8yMi1yZGYtc3ludGF4LW5zIyI+IDxyZGY6RGVzY3JpcHRpb24gcmRmOmFib3V0PSIiIHhtbG5zOnhtcD0iaHR0cDovL25zLmFkb2JlLmNvbS94YXAvMS4wLyIgeG1sbnM6eG1wTU09Imh0dHA6Ly9ucy5hZG9iZS5jb20veGFwLzEuMC9tbS8iIHhtbG5zOnN0UmVmPSJodHRwOi8vbnMuYWRvYmUuY29tL3hhcC8xLjAvc1R5cGUvUmVzb3VyY2VSZWYjIiB4bXA6Q3JlYXRvclRvb2w9IkFkb2JlIFBob3Rvc2hvcCBDQyAyMDE1IChNYWNpbnRvc2gpIiB4bXBNTTpJbnN0YW5jZUlEPSJ4bXAuaWlkOkIxMjI0OTczNjdCMzExRTZCMkJDRTI0MDgxMDAyMTcxIiB4bXBNTTpEb2N1bWVudElEPSJ4bXAuZGlkOkIxMjI0OTc0NjdCMzExRTZCMkJDRTI0MDgxMDAyMTcxIj4gPHhtcE1NOkRlcml2ZWRGcm9tIHN0UmVmOmluc3RhbmNlSUQ9InhtcC5paWQ6QjEyMjQ5NzE2N0IzMTFFNkIyQkNFMjQwODEwMDIxNzEiIHN0UmVmOmRvY3VtZW50SUQ9InhtcC5kaWQ6QjEyMjQ5NzI2N0IzMTFFNkIyQkNFMjQwODEwMDIxNzEiLz4gPC9yZGY6RGVzY3JpcHRpb24+IDwvcmRmOlJERj4gPC94OnhtcG1ldGE+IDw/eHBhY2tldCBlbmQ9InIiPz7/7gAOQWRvYmUAZMAAAAAB/9sAhAAbGhopHSlBJiZBQi8vL0JHPz4+P0dHR0dHR0dHR0dHR0dHR0dHR0dHR0dHR0dHR0dHR0dHR0dHR0dHR0dHR0dHAR0pKTQmND8oKD9HPzU/R0dHR0dHR0dHR0dHR0dHR0dHR0dHR0dHR0dHR0dHR0dHR0dHR0dHR0dHR0dHR0dHR0f/wAARCAAIAAgDASIAAhEBAxEB/8QAWQABAQAAAAAAAAAAAAAAAAAAAAYBAQEAAAAAAAAAAAAAAAAAAAIEEAEBAAMBAAAAAAAAAAAAAAABADECA0ERAAEDBQAAAAAAAAAAAAAAAAARITFBUWESIv/aAAwDAQACEQMRAD8AoOnTV1QTD7JJshP3vSM3P//Z) 0 0 #1c1c21; } - - .swagger-ui .debug-grid-16-solid { background: url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAIAAACQkWg2AAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAyhpVFh0WE1MOmNvbS5hZG9iZS54bXAAAAAAADw/eHBhY2tldCBiZWdpbj0i77u/IiBpZD0iVzVNME1wQ2VoaUh6cmVTek5UY3prYzlkIj8+IDx4OnhtcG1ldGEgeG1sbnM6eD0iYWRvYmU6bnM6bWV0YS8iIHg6eG1wdGs9IkFkb2JlIFhNUCBDb3JlIDUuNi1jMTExIDc5LjE1ODMyNSwgMjAxNS8wOS8xMC0wMToxMDoyMCAgICAgICAgIj4gPHJkZjpSREYgeG1sbnM6cmRmPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5LzAyLzIyLXJkZi1zeW50YXgtbnMjIj4gPHJkZjpEZXNjcmlwdGlvbiByZGY6YWJvdXQ9IiIgeG1sbnM6eG1wPSJodHRwOi8vbnMuYWRvYmUuY29tL3hhcC8xLjAvIiB4bWxuczp4bXBNTT0iaHR0cDovL25zLmFkb2JlLmNvbS94YXAvMS4wL21tLyIgeG1sbnM6c3RSZWY9Imh0dHA6Ly9ucy5hZG9iZS5jb20veGFwLzEuMC9zVHlwZS9SZXNvdXJjZVJlZiMiIHhtcDpDcmVhdG9yVG9vbD0iQWRvYmUgUGhvdG9zaG9wIENDIDIwMTUgKE1hY2ludG9zaCkiIHhtcE1NOkluc3RhbmNlSUQ9InhtcC5paWQ6NzY3MkJEN0U2N0M1MTFFNkIyQkNFMjQwODEwMDIxNzEiIHhtcE1NOkRvY3VtZW50SUQ9InhtcC5kaWQ6NzY3MkJEN0Y2N0M1MTFFNkIyQkNFMjQwODEwMDIxNzEiPiA8eG1wTU06RGVyaXZlZEZyb20gc3RSZWY6aW5zdGFuY2VJRD0ieG1wLmlpZDo3NjcyQkQ3QzY3QzUxMUU2QjJCQ0UyNDA4MTAwMjE3MSIgc3RSZWY6ZG9jdW1lbnRJRD0ieG1wLmRpZDo3NjcyQkQ3RDY3QzUxMUU2QjJCQ0UyNDA4MTAwMjE3MSIvPiA8L3JkZjpEZXNjcmlwdGlvbj4gPC9yZGY6UkRGPiA8L3g6eG1wbWV0YT4gPD94cGFja2V0IGVuZD0iciI/Pve6J3kAAAAzSURBVHjaYvz//z8D0UDsMwMjSRoYP5Gq4SPNbRjVMEQ1fCRDg+in/6+J1AJUxsgAEGAA31BAJMS0GYEAAAAASUVORK5CYII=) 0 0 #1c1c21; } - - .swagger-ui .b--black { border-color: #000; } - - .swagger-ui .b--near-black { border-color: #121212; } - - .swagger-ui .b--dark-gray { border-color: #333; } - - .swagger-ui .b--mid-gray { border-color: #545454; } - - .swagger-ui .b--gray { border-color: #787878; } - - .swagger-ui .b--silver { border-color: #999; } - - .swagger-ui .b--light-silver { border-color: #6e6e6e; } - - .swagger-ui .b--moon-gray { border-color: #4d4d4d; } - - .swagger-ui .b--light-gray { border-color: #2b2b2b; } - - .swagger-ui .b--near-white { border-color: #242424; } - - .swagger-ui .b--white { border-color: #1c1c21; } - - .swagger-ui .b--white-90 { border-color: rgba(28, 28, 33, .9); } - - .swagger-ui .b--white-80 { border-color: rgba(28, 28, 33, .8); } - - .swagger-ui .b--white-70 { border-color: rgba(28, 28, 33, .7); } - - .swagger-ui .b--white-60 { border-color: rgba(28, 28, 33, .6); } - - .swagger-ui .b--white-50 { border-color: rgba(28, 28, 33, .5); } - - .swagger-ui .b--white-40 { border-color: rgba(28, 28, 33, .4); } - - .swagger-ui .b--white-30 { border-color: rgba(28, 28, 33, .3); } - - .swagger-ui .b--white-20 { border-color: rgba(28, 28, 33, .2); } - - .swagger-ui .b--white-10 { border-color: rgba(28, 28, 33, .1); } - - .swagger-ui .b--white-05 { border-color: rgba(28, 28, 33, .05); } - - .swagger-ui .b--white-025 { border-color: rgba(28, 28, 33, .024); } - - .swagger-ui .b--white-0125 { border-color: rgba(28, 28, 33, .01); } - - .swagger-ui .b--black-90 { border-color: rgba(0, 0, 0, .9); } - - .swagger-ui .b--black-80 { border-color: rgba(0, 0, 0, .8); } - - .swagger-ui .b--black-70 { border-color: rgba(0, 0, 0, .7); } - - .swagger-ui .b--black-60 { border-color: rgba(0, 0, 0, .6); } - - .swagger-ui .b--black-50 { border-color: rgba(0, 0, 0, .5); } - - .swagger-ui .b--black-40 { border-color: rgba(0, 0, 0, .4); } - - .swagger-ui .b--black-30 { border-color: rgba(0, 0, 0, .3); } - - .swagger-ui .b--black-20 { border-color: rgba(0, 0, 0, .2); } - - .swagger-ui .b--black-10 { border-color: rgba(0, 0, 0, .1); } - - .swagger-ui .b--black-05 { border-color: rgba(0, 0, 0, .05); } - - .swagger-ui .b--black-025 { border-color: rgba(0, 0, 0, .024); } - - .swagger-ui .b--black-0125 { border-color: rgba(0, 0, 0, .01); } - - .swagger-ui .b--dark-red { border-color: #bc2f36; } - - .swagger-ui .b--red { border-color: #c83932; } - - .swagger-ui .b--light-red { border-color: #ab3c2b; } - - .swagger-ui .b--orange { border-color: #cc6e33; } - - .swagger-ui .b--purple { border-color: #5e2ca5; } - - .swagger-ui .b--light-purple { border-color: #672caf; } - - .swagger-ui .b--dark-pink { border-color: #ab2b81; } - - .swagger-ui .b--hot-pink { border-color: #c03086; } - - .swagger-ui .b--pink { border-color: #8f2464; } - - .swagger-ui .b--light-pink { border-color: #721d4d; } - - .swagger-ui .b--dark-green { border-color: #1c6e50; } - - .swagger-ui .b--green { border-color: #279b70; } - - .swagger-ui .b--light-green { border-color: #228762; } - - .swagger-ui .b--navy { border-color: #0d1d35; } - - .swagger-ui .b--dark-blue { border-color: #20497e; } - - .swagger-ui .b--blue { border-color: #4380d0; } - - .swagger-ui .b--light-blue { border-color: #20517e; } - - .swagger-ui .b--lightest-blue { border-color: #143a52; } - - .swagger-ui .b--washed-blue { border-color: #0c312d; } - - .swagger-ui .b--washed-green { border-color: #0f3d2c; } - - .swagger-ui .b--washed-red { border-color: #411010; } - - .swagger-ui .b--transparent { border-color: transparent; } - - .swagger-ui .b--gold, .swagger-ui .b--light-yellow, .swagger-ui .b--washed-yellow, .swagger-ui .b--yellow { border-color: #664b00; } - - .swagger-ui .shadow-1 { box-shadow: rgba(0, 0, 0, .2) 0 0 4px 2px; } - - .swagger-ui .shadow-2 { box-shadow: rgba(0, 0, 0, .2) 0 0 8px 2px; } - - .swagger-ui .shadow-3 { box-shadow: rgba(0, 0, 0, .2) 2px 2px 4px 2px; } - - .swagger-ui .shadow-4 { box-shadow: rgba(0, 0, 0, .2) 2px 2px 8px 0; } - - .swagger-ui .shadow-5 { box-shadow: rgba(0, 0, 0, .2) 4px 4px 8px 0; } - - @media screen and (min-width: 30em) { - .swagger-ui .shadow-1-ns { box-shadow: rgba(0, 0, 0, .2) 0 0 4px 2px; } - - .swagger-ui .shadow-2-ns { box-shadow: rgba(0, 0, 0, .2) 0 0 8px 2px; } - - .swagger-ui .shadow-3-ns { box-shadow: rgba(0, 0, 0, .2) 2px 2px 4px 2px; } - - .swagger-ui .shadow-4-ns { box-shadow: rgba(0, 0, 0, .2) 2px 2px 8px 0; } - - .swagger-ui .shadow-5-ns { box-shadow: rgba(0, 0, 0, .2) 4px 4px 8px 0; } - } - - @media screen and (max-width: 60em) and (min-width: 30em) { - .swagger-ui .shadow-1-m { box-shadow: rgba(0, 0, 0, .2) 0 0 4px 2px; } - - .swagger-ui .shadow-2-m { box-shadow: rgba(0, 0, 0, .2) 0 0 8px 2px; } - - .swagger-ui .shadow-3-m { box-shadow: rgba(0, 0, 0, .2) 2px 2px 4px 2px; } - - .swagger-ui .shadow-4-m { box-shadow: rgba(0, 0, 0, .2) 2px 2px 8px 0; } - - .swagger-ui .shadow-5-m { box-shadow: rgba(0, 0, 0, .2) 4px 4px 8px 0; } - } - - @media screen and (min-width: 60em) { - .swagger-ui .shadow-1-l { box-shadow: rgba(0, 0, 0, .2) 0 0 4px 2px; } - - .swagger-ui .shadow-2-l { box-shadow: rgba(0, 0, 0, .2) 0 0 8px 2px; } - - .swagger-ui .shadow-3-l { box-shadow: rgba(0, 0, 0, .2) 2px 2px 4px 2px; } - - .swagger-ui .shadow-4-l { box-shadow: rgba(0, 0, 0, .2) 2px 2px 8px 0; } - - .swagger-ui .shadow-5-l { box-shadow: rgba(0, 0, 0, .2) 4px 4px 8px 0; } - } - - .swagger-ui .black-05 { color: rgba(191, 191, 191, .05); } - - .swagger-ui .bg-black-05 { background-color: rgba(0, 0, 0, .05); } - - .swagger-ui .black-90, .swagger-ui .hover-black-90:focus, .swagger-ui .hover-black-90:hover { color: rgba(191, 191, 191, .9); } - - .swagger-ui .black-80, .swagger-ui .hover-black-80:focus, .swagger-ui .hover-black-80:hover { color: rgba(191, 191, 191, .8); } - - .swagger-ui .black-70, .swagger-ui .hover-black-70:focus, .swagger-ui .hover-black-70:hover { color: rgba(191, 191, 191, .7); } - - .swagger-ui .black-60, .swagger-ui .hover-black-60:focus, .swagger-ui .hover-black-60:hover { color: rgba(191, 191, 191, .6); } - - .swagger-ui .black-50, .swagger-ui .hover-black-50:focus, .swagger-ui .hover-black-50:hover { color: rgba(191, 191, 191, .5); } - - .swagger-ui .black-40, .swagger-ui .hover-black-40:focus, .swagger-ui .hover-black-40:hover { color: rgba(191, 191, 191, .4); } - - .swagger-ui .black-30, .swagger-ui .hover-black-30:focus, .swagger-ui .hover-black-30:hover { color: rgba(191, 191, 191, .3); } - - .swagger-ui .black-20, .swagger-ui .hover-black-20:focus, .swagger-ui .hover-black-20:hover { color: rgba(191, 191, 191, .2); } - - .swagger-ui .black-10, .swagger-ui .hover-black-10:focus, .swagger-ui .hover-black-10:hover { color: rgba(191, 191, 191, .1); } - - .swagger-ui .hover-white-90:focus, .swagger-ui .hover-white-90:hover, .swagger-ui .white-90 { color: rgba(255, 255, 255, .9); } - - .swagger-ui .hover-white-80:focus, .swagger-ui .hover-white-80:hover, .swagger-ui .white-80 { color: rgba(255, 255, 255, .8); } - - .swagger-ui .hover-white-70:focus, .swagger-ui .hover-white-70:hover, .swagger-ui .white-70 { color: rgba(255, 255, 255, .7); } - - .swagger-ui .hover-white-60:focus, .swagger-ui .hover-white-60:hover, .swagger-ui .white-60 { color: rgba(255, 255, 255, .6); } - - .swagger-ui .hover-white-50:focus, .swagger-ui .hover-white-50:hover, .swagger-ui .white-50 { color: rgba(255, 255, 255, .5); } - - .swagger-ui .hover-white-40:focus, .swagger-ui .hover-white-40:hover, .swagger-ui .white-40 { color: rgba(255, 255, 255, .4); } - - .swagger-ui .hover-white-30:focus, .swagger-ui .hover-white-30:hover, .swagger-ui .white-30 { color: rgba(255, 255, 255, .3); } - - .swagger-ui .hover-white-20:focus, .swagger-ui .hover-white-20:hover, .swagger-ui .white-20 { color: rgba(255, 255, 255, .2); } - - .swagger-ui .hover-white-10:focus, .swagger-ui .hover-white-10:hover, .swagger-ui .white-10 { color: rgba(255, 255, 255, .1); } - - .swagger-ui .hover-moon-gray:focus, .swagger-ui .hover-moon-gray:hover, .swagger-ui .moon-gray { color: #ccc; } - - .swagger-ui .hover-light-gray:focus, .swagger-ui .hover-light-gray:hover, .swagger-ui .light-gray { color: #ededed; } - - .swagger-ui .hover-near-white:focus, .swagger-ui .hover-near-white:hover, .swagger-ui .near-white { color: #f5f5f5; } - - .swagger-ui .dark-red, .swagger-ui .hover-dark-red:focus, .swagger-ui .hover-dark-red:hover { color: #e6999d; } - - .swagger-ui .hover-red:focus, .swagger-ui .hover-red:hover, .swagger-ui .red { color: #e69d99; } - - .swagger-ui .hover-light-red:focus, .swagger-ui .hover-light-red:hover, .swagger-ui .light-red { color: #e6a399; } - - .swagger-ui .hover-orange:focus, .swagger-ui .hover-orange:hover, .swagger-ui .orange { color: #e6b699; } - - .swagger-ui .gold, .swagger-ui .hover-gold:focus, .swagger-ui .hover-gold:hover { color: #e6d099; } - - .swagger-ui .hover-yellow:focus, .swagger-ui .hover-yellow:hover, .swagger-ui .yellow { color: #e6da99; } - - .swagger-ui .hover-light-yellow:focus, .swagger-ui .hover-light-yellow:hover, .swagger-ui .light-yellow { color: #ede6b6; } - - .swagger-ui .hover-purple:focus, .swagger-ui .hover-purple:hover, .swagger-ui .purple { color: #b99ae4; } - - .swagger-ui .hover-light-purple:focus, .swagger-ui .hover-light-purple:hover, .swagger-ui .light-purple { color: #bb99e6; } - - .swagger-ui .dark-pink, .swagger-ui .hover-dark-pink:focus, .swagger-ui .hover-dark-pink:hover { color: #e699cc; } - - .swagger-ui .hot-pink, .swagger-ui .hover-hot-pink:focus, .swagger-ui .hover-hot-pink:hover, .swagger-ui .hover-pink:focus, .swagger-ui .hover-pink:hover, .swagger-ui .pink { color: #e699c7; } - - .swagger-ui .hover-light-pink:focus, .swagger-ui .hover-light-pink:hover, .swagger-ui .light-pink { color: #edb6d5; } - - .swagger-ui .dark-green, .swagger-ui .green, .swagger-ui .hover-dark-green:focus, .swagger-ui .hover-dark-green:hover, .swagger-ui .hover-green:focus, .swagger-ui .hover-green:hover { color: #99e6c9; } - - .swagger-ui .hover-light-green:focus, .swagger-ui .hover-light-green:hover, .swagger-ui .light-green { color: #a1e8ce; } - - .swagger-ui .hover-navy:focus, .swagger-ui .hover-navy:hover, .swagger-ui .navy { color: #99b8e6; } - - .swagger-ui .blue, .swagger-ui .dark-blue, .swagger-ui .hover-blue:focus, .swagger-ui .hover-blue:hover, .swagger-ui .hover-dark-blue:focus, .swagger-ui .hover-dark-blue:hover { color: #99bae6; } - - .swagger-ui .hover-light-blue:focus, .swagger-ui .hover-light-blue:hover, .swagger-ui .light-blue { color: #a9cbea; } - - .swagger-ui .hover-lightest-blue:focus, .swagger-ui .hover-lightest-blue:hover, .swagger-ui .lightest-blue { color: #d6e9f5; } - - .swagger-ui .hover-washed-blue:focus, .swagger-ui .hover-washed-blue:hover, .swagger-ui .washed-blue { color: #f7fdfc; } - - .swagger-ui .hover-washed-green:focus, .swagger-ui .hover-washed-green:hover, .swagger-ui .washed-green { color: #ebfaf4; } - - .swagger-ui .hover-washed-yellow:focus, .swagger-ui .hover-washed-yellow:hover, .swagger-ui .washed-yellow { color: #fbf9ef; } - - .swagger-ui .hover-washed-red:focus, .swagger-ui .hover-washed-red:hover, .swagger-ui .washed-red { color: #f9e7e7; } - - .swagger-ui .color-inherit, .swagger-ui .hover-inherit:focus, .swagger-ui .hover-inherit:hover { color: inherit; } - - .swagger-ui .bg-black-90, .swagger-ui .hover-bg-black-90:focus, .swagger-ui .hover-bg-black-90:hover { background-color: rgba(0, 0, 0, .9); } - - .swagger-ui .bg-black-80, .swagger-ui .hover-bg-black-80:focus, .swagger-ui .hover-bg-black-80:hover { background-color: rgba(0, 0, 0, .8); } - - .swagger-ui .bg-black-70, .swagger-ui .hover-bg-black-70:focus, .swagger-ui .hover-bg-black-70:hover { background-color: rgba(0, 0, 0, .7); } - - .swagger-ui .bg-black-60, .swagger-ui .hover-bg-black-60:focus, .swagger-ui .hover-bg-black-60:hover { background-color: rgba(0, 0, 0, .6); } - - .swagger-ui .bg-black-50, .swagger-ui .hover-bg-black-50:focus, .swagger-ui .hover-bg-black-50:hover { background-color: rgba(0, 0, 0, .5); } - - .swagger-ui .bg-black-40, .swagger-ui .hover-bg-black-40:focus, .swagger-ui .hover-bg-black-40:hover { background-color: rgba(0, 0, 0, .4); } - - .swagger-ui .bg-black-30, .swagger-ui .hover-bg-black-30:focus, .swagger-ui .hover-bg-black-30:hover { background-color: rgba(0, 0, 0, .3); } - - .swagger-ui .bg-black-20, .swagger-ui .hover-bg-black-20:focus, .swagger-ui .hover-bg-black-20:hover { background-color: rgba(0, 0, 0, .2); } - - .swagger-ui .bg-white-90, .swagger-ui .hover-bg-white-90:focus, .swagger-ui .hover-bg-white-90:hover { background-color: rgba(28, 28, 33, .9); } - - .swagger-ui .bg-white-80, .swagger-ui .hover-bg-white-80:focus, .swagger-ui .hover-bg-white-80:hover { background-color: rgba(28, 28, 33, .8); } - - .swagger-ui .bg-white-70, .swagger-ui .hover-bg-white-70:focus, .swagger-ui .hover-bg-white-70:hover { background-color: rgba(28, 28, 33, .7); } - - .swagger-ui .bg-white-60, .swagger-ui .hover-bg-white-60:focus, .swagger-ui .hover-bg-white-60:hover { background-color: rgba(28, 28, 33, .6); } - - .swagger-ui .bg-white-50, .swagger-ui .hover-bg-white-50:focus, .swagger-ui .hover-bg-white-50:hover { background-color: rgba(28, 28, 33, .5); } - - .swagger-ui .bg-white-40, .swagger-ui .hover-bg-white-40:focus, .swagger-ui .hover-bg-white-40:hover { background-color: rgba(28, 28, 33, .4); } - - .swagger-ui .bg-white-30, .swagger-ui .hover-bg-white-30:focus, .swagger-ui .hover-bg-white-30:hover { background-color: rgba(28, 28, 33, .3); } - - .swagger-ui .bg-white-20, .swagger-ui .hover-bg-white-20:focus, .swagger-ui .hover-bg-white-20:hover { background-color: rgba(28, 28, 33, .2); } - - .swagger-ui .bg-black, .swagger-ui .hover-bg-black:focus, .swagger-ui .hover-bg-black:hover { background-color: #000; } - - .swagger-ui .bg-near-black, .swagger-ui .hover-bg-near-black:focus, .swagger-ui .hover-bg-near-black:hover { background-color: #121212; } - - .swagger-ui .bg-dark-gray, .swagger-ui .hover-bg-dark-gray:focus, .swagger-ui .hover-bg-dark-gray:hover { background-color: #333; } - - .swagger-ui .bg-mid-gray, .swagger-ui .hover-bg-mid-gray:focus, .swagger-ui .hover-bg-mid-gray:hover { background-color: #545454; } - - .swagger-ui .bg-gray, .swagger-ui .hover-bg-gray:focus, .swagger-ui .hover-bg-gray:hover { background-color: #787878; } - - .swagger-ui .bg-silver, .swagger-ui .hover-bg-silver:focus, .swagger-ui .hover-bg-silver:hover { background-color: #999; } - - .swagger-ui .bg-white, .swagger-ui .hover-bg-white:focus, .swagger-ui .hover-bg-white:hover { background-color: #1c1c21; } - - .swagger-ui .bg-transparent, .swagger-ui .hover-bg-transparent:focus, .swagger-ui .hover-bg-transparent:hover { background-color: transparent; } - - .swagger-ui .bg-dark-red, .swagger-ui .hover-bg-dark-red:focus, .swagger-ui .hover-bg-dark-red:hover { background-color: #bc2f36; } - - .swagger-ui .bg-red, .swagger-ui .hover-bg-red:focus, .swagger-ui .hover-bg-red:hover { background-color: #c83932; } - - .swagger-ui .bg-light-red, .swagger-ui .hover-bg-light-red:focus, .swagger-ui .hover-bg-light-red:hover { background-color: #ab3c2b; } - - .swagger-ui .bg-orange, .swagger-ui .hover-bg-orange:focus, .swagger-ui .hover-bg-orange:hover { background-color: #cc6e33; } - - .swagger-ui .bg-gold, .swagger-ui .bg-light-yellow, .swagger-ui .bg-washed-yellow, .swagger-ui .bg-yellow, .swagger-ui .hover-bg-gold:focus, .swagger-ui .hover-bg-gold:hover, .swagger-ui .hover-bg-light-yellow:focus, .swagger-ui .hover-bg-light-yellow:hover, .swagger-ui .hover-bg-washed-yellow:focus, .swagger-ui .hover-bg-washed-yellow:hover, .swagger-ui .hover-bg-yellow:focus, .swagger-ui .hover-bg-yellow:hover { background-color: #664b00; } - - .swagger-ui .bg-purple, .swagger-ui .hover-bg-purple:focus, .swagger-ui .hover-bg-purple:hover { background-color: #5e2ca5; } - - .swagger-ui .bg-light-purple, .swagger-ui .hover-bg-light-purple:focus, .swagger-ui .hover-bg-light-purple:hover { background-color: #672caf; } - - .swagger-ui .bg-dark-pink, .swagger-ui .hover-bg-dark-pink:focus, .swagger-ui .hover-bg-dark-pink:hover { background-color: #ab2b81; } - - .swagger-ui .bg-hot-pink, .swagger-ui .hover-bg-hot-pink:focus, .swagger-ui .hover-bg-hot-pink:hover { background-color: #c03086; } - - .swagger-ui .bg-pink, .swagger-ui .hover-bg-pink:focus, .swagger-ui .hover-bg-pink:hover { background-color: #8f2464; } - - .swagger-ui .bg-light-pink, .swagger-ui .hover-bg-light-pink:focus, .swagger-ui .hover-bg-light-pink:hover { background-color: #721d4d; } - - .swagger-ui .bg-dark-green, .swagger-ui .hover-bg-dark-green:focus, .swagger-ui .hover-bg-dark-green:hover { background-color: #1c6e50; } - - .swagger-ui .bg-green, .swagger-ui .hover-bg-green:focus, .swagger-ui .hover-bg-green:hover { background-color: #279b70; } - - .swagger-ui .bg-light-green, .swagger-ui .hover-bg-light-green:focus, .swagger-ui .hover-bg-light-green:hover { background-color: #228762; } - - .swagger-ui .bg-navy, .swagger-ui .hover-bg-navy:focus, .swagger-ui .hover-bg-navy:hover { background-color: #0d1d35; } - - .swagger-ui .bg-dark-blue, .swagger-ui .hover-bg-dark-blue:focus, .swagger-ui .hover-bg-dark-blue:hover { background-color: #20497e; } - - .swagger-ui .bg-blue, .swagger-ui .hover-bg-blue:focus, .swagger-ui .hover-bg-blue:hover { background-color: #4380d0; } - - .swagger-ui .bg-light-blue, .swagger-ui .hover-bg-light-blue:focus, .swagger-ui .hover-bg-light-blue:hover { background-color: #20517e; } - - .swagger-ui .bg-lightest-blue, .swagger-ui .hover-bg-lightest-blue:focus, .swagger-ui .hover-bg-lightest-blue:hover { background-color: #143a52; } - - .swagger-ui .bg-washed-blue, .swagger-ui .hover-bg-washed-blue:focus, .swagger-ui .hover-bg-washed-blue:hover { background-color: #0c312d; } - - .swagger-ui .bg-washed-green, .swagger-ui .hover-bg-washed-green:focus, .swagger-ui .hover-bg-washed-green:hover { background-color: #0f3d2c; } - - .swagger-ui .bg-washed-red, .swagger-ui .hover-bg-washed-red:focus, .swagger-ui .hover-bg-washed-red:hover { background-color: #411010; } - - .swagger-ui .bg-inherit, .swagger-ui .hover-bg-inherit:focus, .swagger-ui .hover-bg-inherit:hover { background-color: inherit; } - - .swagger-ui .shadow-hover { transition: all .5s cubic-bezier(.165, .84, .44, 1) 0s; } - - .swagger-ui .shadow-hover::after { - border-radius: inherit; - box-shadow: rgba(0, 0, 0, .2) 0 0 16px 2px; - content: ""; - height: 100%; - left: 0; - opacity: 0; - position: absolute; - top: 0; - transition: opacity .5s cubic-bezier(.165, .84, .44, 1) 0s; - width: 100%; - z-index: -1; - } - - .swagger-ui .bg-animate, .swagger-ui .bg-animate:focus, .swagger-ui .bg-animate:hover { transition: background-color .15s ease-in-out 0s; } - - .swagger-ui .nested-links a { - color: #99bae6; - transition: color .15s ease-in 0s; - } - - .swagger-ui .nested-links a:focus, .swagger-ui .nested-links a:hover { - color: #a9cbea; - transition: color .15s ease-in 0s; - } - - .swagger-ui .opblock-tag { - border-bottom: 1px solid rgba(58, 64, 80, .3); - color: #b5bac9; - transition: all .2s ease 0s; - } - - .swagger-ui .opblock-tag svg, .swagger-ui section.models h4 svg { transition: all .4s ease 0s; } - - .swagger-ui .opblock { - border: 1px solid #000; - border-radius: 4px; - box-shadow: rgba(0, 0, 0, .19) 0 0 3px; - margin: 0 0 15px; - } - - .swagger-ui .opblock .tab-header .tab-item.active h4 span::after { background: gray; } - - .swagger-ui .opblock.is-open .opblock-summary { border-bottom: 1px solid #000; } - - .swagger-ui .opblock .opblock-section-header { - background: rgba(28, 28, 33, .8); - box-shadow: rgba(0, 0, 0, .1) 0 1px 2px; - } - - .swagger-ui .opblock .opblock-section-header > label > span { padding: 0 10px 0 0; } - - .swagger-ui .opblock .opblock-summary-method { - background: #000; - color: #fff; - text-shadow: rgba(0, 0, 0, .1) 0 1px 0; - } - - .swagger-ui .opblock.opblock-post { - background: rgba(72, 203, 144, .1); - border-color: #48cb90; - } - - .swagger-ui .opblock.opblock-post .opblock-summary-method, .swagger-ui .opblock.opblock-post .tab-header .tab-item.active h4 span::after { background: #48cb90; } - - .swagger-ui .opblock.opblock-post .opblock-summary { border-color: #48cb90; } - - .swagger-ui .opblock.opblock-put { - background: rgba(213, 157, 88, .1); - border-color: #d59d58; - } - - .swagger-ui .opblock.opblock-put .opblock-summary-method, .swagger-ui .opblock.opblock-put .tab-header .tab-item.active h4 span::after { background: #d59d58; } - - .swagger-ui .opblock.opblock-put .opblock-summary { border-color: #d59d58; } - - .swagger-ui .opblock.opblock-delete { - background: rgba(200, 50, 50, .1); - border-color: #c83232; - } - - .swagger-ui .opblock.opblock-delete .opblock-summary-method, .swagger-ui .opblock.opblock-delete .tab-header .tab-item.active h4 span::after { background: #c83232; } - - .swagger-ui .opblock.opblock-delete .opblock-summary { border-color: #c83232; } - - .swagger-ui .opblock.opblock-get { - background: rgba(42, 105, 167, .1); - border-color: #2a69a7; - } - - .swagger-ui .opblock.opblock-get .opblock-summary-method, .swagger-ui .opblock.opblock-get .tab-header .tab-item.active h4 span::after { background: #2a69a7; } - - .swagger-ui .opblock.opblock-get .opblock-summary { border-color: #2a69a7; } - - .swagger-ui .opblock.opblock-patch { - background: rgba(92, 214, 188, .1); - border-color: #5cd6bc; - } - - .swagger-ui .opblock.opblock-patch .opblock-summary-method, .swagger-ui .opblock.opblock-patch .tab-header .tab-item.active h4 span::after { background: #5cd6bc; } - - .swagger-ui .opblock.opblock-patch .opblock-summary { border-color: #5cd6bc; } - - .swagger-ui .opblock.opblock-head { - background: rgba(140, 63, 207, .1); - border-color: #8c3fcf; - } - - .swagger-ui .opblock.opblock-head .opblock-summary-method, .swagger-ui .opblock.opblock-head .tab-header .tab-item.active h4 span::after { background: #8c3fcf; } - - .swagger-ui .opblock.opblock-head .opblock-summary { border-color: #8c3fcf; } - - .swagger-ui .opblock.opblock-options { - background: rgba(36, 89, 143, .1); - border-color: #24598f; - } - - .swagger-ui .opblock.opblock-options .opblock-summary-method, .swagger-ui .opblock.opblock-options .tab-header .tab-item.active h4 span::after { background: #24598f; } - - .swagger-ui .opblock.opblock-options .opblock-summary { border-color: #24598f; } - - .swagger-ui .opblock.opblock-deprecated { - background: rgba(46, 46, 46, .1); - border-color: #2e2e2e; - opacity: .6; - } - - .swagger-ui .opblock.opblock-deprecated .opblock-summary-method, .swagger-ui .opblock.opblock-deprecated .tab-header .tab-item.active h4 span::after { background: #2e2e2e; } - - .swagger-ui .opblock.opblock-deprecated .opblock-summary { border-color: #2e2e2e; } - - .swagger-ui .filter .operation-filter-input { border: 2px solid #2b3446; } - - .swagger-ui .tab li:first-of-type::after { background: rgba(0, 0, 0, .2); } - - .swagger-ui .download-contents { - background: #7c8192; - color: #fff; - } - - .swagger-ui .scheme-container { - background: #1c1c21; - box-shadow: rgba(0, 0, 0, .15) 0 1px 2px 0; - } - - .swagger-ui .loading-container .loading::before { - animation: 1s linear 0s infinite normal none running rotation, .5s ease 0s 1 normal none running opacity; - border-color: rgba(0, 0, 0, .6) rgba(84, 84, 84, .1) rgba(84, 84, 84, .1); - } - - .swagger-ui .response-control-media-type--accept-controller select { border-color: #196619; } - - .swagger-ui .response-control-media-type__accept-message { color: #99e699; } - - .swagger-ui .version-pragma__message code { background-color: #3b3b3b; } - - .swagger-ui .btn { - background: 0 0; - border: 2px solid gray; - box-shadow: rgba(0, 0, 0, .1) 0 1px 2px; - color: #b5bac9; - } - - .swagger-ui .btn:hover { box-shadow: rgba(0, 0, 0, .3) 0 0 5px; } - - .swagger-ui .btn.authorize, .swagger-ui .btn.cancel { - background-color: transparent; - border-color: #a72a2a; - color: #e69999; - } - - .swagger-ui .btn.cancel:hover { - background-color: #a72a2a; - color: #fff; - } - - .swagger-ui .btn.authorize { - border-color: #48cb90; - color: #9ce3c3; - } - - .swagger-ui .btn.authorize svg { fill: #9ce3c3; } - - .btn.authorize.unlocked:hover { - background-color: #48cb90; - color: #fff; - } - - .btn.authorize.unlocked:hover svg { - fill: #fbfbfb; - } - - .swagger-ui .btn.execute { - background-color: #5892d5; - border-color: #5892d5; - color: #fff; - } - - .swagger-ui .copy-to-clipboard { background: #7c8192; } - - .swagger-ui .copy-to-clipboard button { background: url("data:image/svg+xml;charset=utf-8,") 50% center no-repeat; } - - .swagger-ui select { - background: url("data:image/svg+xml;charset=utf-8,") right 10px center/20px no-repeat #212121; - background: url(data:image/svg+xml;base64,PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiIHN0YW5kYWxvbmU9Im5vIj8+CjxzdmcKICAgeG1sbnM6ZGM9Imh0dHA6Ly9wdXJsLm9yZy9kYy9lbGVtZW50cy8xLjEvIgogICB4bWxuczpjYz0iaHR0cDovL2NyZWF0aXZlY29tbW9ucy5vcmcvbnMjIgogICB4bWxuczpyZGY9Imh0dHA6Ly93d3cudzMub3JnLzE5OTkvMDIvMjItcmRmLXN5bnRheC1ucyMiCiAgIHhtbG5zOnN2Zz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciCiAgIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIKICAgeG1sbnM6c29kaXBvZGk9Imh0dHA6Ly9zb2RpcG9kaS5zb3VyY2Vmb3JnZS5uZXQvRFREL3NvZGlwb2RpLTAuZHRkIgogICB4bWxuczppbmtzY2FwZT0iaHR0cDovL3d3dy5pbmtzY2FwZS5vcmcvbmFtZXNwYWNlcy9pbmtzY2FwZSIKICAgaW5rc2NhcGU6dmVyc2lvbj0iMS4wICg0MDM1YTRmYjQ5LCAyMDIwLTA1LTAxKSIKICAgc29kaXBvZGk6ZG9jbmFtZT0iZG93bmxvYWQuc3ZnIgogICBpZD0ic3ZnNCIKICAgdmVyc2lvbj0iMS4xIgogICB2aWV3Qm94PSIwIDAgMjAgMjAiPgogIDxtZXRhZGF0YQogICAgIGlkPSJtZXRhZGF0YTEwIj4KICAgIDxyZGY6UkRGPgogICAgICA8Y2M6V29yawogICAgICAgICByZGY6YWJvdXQ9IiI+CiAgICAgICAgPGRjOmZvcm1hdD5pbWFnZS9zdmcreG1sPC9kYzpmb3JtYXQ+CiAgICAgICAgPGRjOnR5cGUKICAgICAgICAgICByZGY6cmVzb3VyY2U9Imh0dHA6Ly9wdXJsLm9yZy9kYy9kY21pdHlwZS9TdGlsbEltYWdlIiAvPgogICAgICA8L2NjOldvcms+CiAgICA8L3JkZjpSREY+CiAgPC9tZXRhZGF0YT4KICA8ZGVmcwogICAgIGlkPSJkZWZzOCIgLz4KICA8c29kaXBvZGk6bmFtZWR2aWV3CiAgICAgaW5rc2NhcGU6Y3VycmVudC1sYXllcj0ic3ZnNCIKICAgICBpbmtzY2FwZTp3aW5kb3ctbWF4aW1pemVkPSIxIgogICAgIGlua3NjYXBlOndpbmRvdy15PSItOSIKICAgICBpbmtzY2FwZTp3aW5kb3cteD0iLTkiCiAgICAgaW5rc2NhcGU6Y3k9IjEwIgogICAgIGlua3NjYXBlOmN4PSIxMCIKICAgICBpbmtzY2FwZTp6b29tPSI0MS41IgogICAgIHNob3dncmlkPSJmYWxzZSIKICAgICBpZD0ibmFtZWR2aWV3NiIKICAgICBpbmtzY2FwZTp3aW5kb3ctaGVpZ2h0PSIxMDAxIgogICAgIGlua3NjYXBlOndpbmRvdy13aWR0aD0iMTkyMCIKICAgICBpbmtzY2FwZTpwYWdlc2hhZG93PSIyIgogICAgIGlua3NjYXBlOnBhZ2VvcGFjaXR5PSIwIgogICAgIGd1aWRldG9sZXJhbmNlPSIxMCIKICAgICBncmlkdG9sZXJhbmNlPSIxMCIKICAgICBvYmplY3R0b2xlcmFuY2U9IjEwIgogICAgIGJvcmRlcm9wYWNpdHk9IjEiCiAgICAgYm9yZGVyY29sb3I9IiM2NjY2NjYiCiAgICAgcGFnZWNvbG9yPSIjZmZmZmZmIiAvPgogIDxwYXRoCiAgICAgc3R5bGU9ImZpbGw6I2ZmZmZmZiIKICAgICBpZD0icGF0aDIiCiAgICAgZD0iTTEzLjQxOCA3Ljg1OWEuNjk1LjY5NSAwIDAxLjk3OCAwIC42OC42OCAwIDAxMCAuOTY5bC0zLjkwOCAzLjgzYS42OTcuNjk3IDAgMDEtLjk3OSAwbC0zLjkwOC0zLjgzYS42OC42OCAwIDAxMC0uOTY5LjY5NS42OTUgMCAwMS45NzggMEwxMCAxMWwzLjQxOC0zLjE0MXoiIC8+Cjwvc3ZnPgo=) right 10px center/20px no-repeat #1c1c21; - border: 2px solid #41444e; - } - - .swagger-ui select[multiple] { background: #212121; } - - .swagger-ui button.invalid, .swagger-ui input[type=email].invalid, .swagger-ui input[type=file].invalid, .swagger-ui input[type=password].invalid, .swagger-ui input[type=search].invalid, .swagger-ui input[type=text].invalid, .swagger-ui select.invalid, .swagger-ui textarea.invalid { - background: #390e0e; - border-color: #c83232; - } - - .swagger-ui input[type=email], .swagger-ui input[type=file], .swagger-ui input[type=password], .swagger-ui input[type=search], .swagger-ui input[type=text], .swagger-ui textarea { - background: #1c1c21; - border: 1px solid #404040; - } - - .swagger-ui textarea { - background: rgba(28, 28, 33, .8); - color: #b5bac9; - } - - .swagger-ui input[disabled], .swagger-ui select[disabled] { - background-color: #1f1f1f; - color: #bfbfbf; - } - - .swagger-ui textarea[disabled] { - background-color: #41444e; - color: #fff; - } - - .swagger-ui select[disabled] { border-color: #878787; } - - .swagger-ui textarea:focus { border: 2px solid #2a69a7; } - - .swagger-ui .checkbox input[type=checkbox] + label > .item { - background: #303030; - box-shadow: #303030 0 0 0 2px; - } - - .swagger-ui .checkbox input[type=checkbox]:checked + label > .item { background: url("data:image/svg+xml;charset=utf-8,") 50% center no-repeat #303030; } - - .swagger-ui .dialog-ux .backdrop-ux { background: rgba(0, 0, 0, .8); } - - .swagger-ui .dialog-ux .modal-ux { - background: #1c1c21; - border: 1px solid #2e2e2e; - box-shadow: rgba(0, 0, 0, .2) 0 10px 30px 0; - } - - .swagger-ui .dialog-ux .modal-ux-header .close-modal { background: 0 0; } - - .swagger-ui .model .deprecated span, .swagger-ui .model .deprecated td { color: #bfbfbf !important; } - - .swagger-ui .model-toggle::after { background: url("data:image/svg+xml;charset=utf-8,") 50% center/100% no-repeat; } - - .swagger-ui .model-hint { - background: rgba(0, 0, 0, .7); - color: #ebebeb; - } - - .swagger-ui section.models { border: 1px solid rgba(58, 64, 80, .3); } - - .swagger-ui section.models.is-open h4 { border-bottom: 1px solid rgba(58, 64, 80, .3); } - - .swagger-ui section.models .model-container { background: rgba(0, 0, 0, .05); } - - .swagger-ui section.models .model-container:hover { background: rgba(0, 0, 0, .07); } - - .swagger-ui .model-box { background: rgba(0, 0, 0, .1); } - - .swagger-ui .prop-type { color: #aaaad4; } - - .swagger-ui table thead tr td, .swagger-ui table thead tr th { - border-bottom: 1px solid rgba(58, 64, 80, .2); - color: #b5bac9; - } - - .swagger-ui .parameter__name.required::after { color: rgba(230, 153, 153, .6); } - - .swagger-ui .topbar .download-url-wrapper .select-label { color: #f0f0f0; } - - .swagger-ui .topbar .download-url-wrapper .download-url-button { - background: #63a040; - color: #fff; - } - - .swagger-ui .info .title small { background: #7c8492; } - - .swagger-ui .info .title small.version-stamp { background-color: #7a9b27; } - - .swagger-ui .auth-container .errors { - background-color: #350d0d; - color: #b5bac9; - } - - .swagger-ui .errors-wrapper { - background: rgba(200, 50, 50, .1); - border: 2px solid #c83232; - } - - .swagger-ui .markdown code, .swagger-ui .renderedmarkdown code { - background: rgba(0, 0, 0, .05); - color: #c299e6; - } - - .swagger-ui .model-toggle:after { background: url(data:image/svg+xml;base64,PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiIHN0YW5kYWxvbmU9Im5vIj8+CjxzdmcKICAgeG1sbnM6ZGM9Imh0dHA6Ly9wdXJsLm9yZy9kYy9lbGVtZW50cy8xLjEvIgogICB4bWxuczpjYz0iaHR0cDovL2NyZWF0aXZlY29tbW9ucy5vcmcvbnMjIgogICB4bWxuczpyZGY9Imh0dHA6Ly93d3cudzMub3JnLzE5OTkvMDIvMjItcmRmLXN5bnRheC1ucyMiCiAgIHhtbG5zOnN2Zz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciCiAgIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIKICAgeG1sbnM6c29kaXBvZGk9Imh0dHA6Ly9zb2RpcG9kaS5zb3VyY2Vmb3JnZS5uZXQvRFREL3NvZGlwb2RpLTAuZHRkIgogICB4bWxuczppbmtzY2FwZT0iaHR0cDovL3d3dy5pbmtzY2FwZS5vcmcvbmFtZXNwYWNlcy9pbmtzY2FwZSIKICAgaW5rc2NhcGU6dmVyc2lvbj0iMS4wICg0MDM1YTRmYjQ5LCAyMDIwLTA1LTAxKSIKICAgc29kaXBvZGk6ZG9jbmFtZT0iZG93bmxvYWQyLnN2ZyIKICAgaWQ9InN2ZzQiCiAgIHZlcnNpb249IjEuMSIKICAgaGVpZ2h0PSIyNCIKICAgd2lkdGg9IjI0Ij4KICA8bWV0YWRhdGEKICAgICBpZD0ibWV0YWRhdGExMCI+CiAgICA8cmRmOlJERj4KICAgICAgPGNjOldvcmsKICAgICAgICAgcmRmOmFib3V0PSIiPgogICAgICAgIDxkYzpmb3JtYXQ+aW1hZ2Uvc3ZnK3htbDwvZGM6Zm9ybWF0PgogICAgICAgIDxkYzp0eXBlCiAgICAgICAgICAgcmRmOnJlc291cmNlPSJodHRwOi8vcHVybC5vcmcvZGMvZGNtaXR5cGUvU3RpbGxJbWFnZSIgLz4KICAgICAgPC9jYzpXb3JrPgogICAgPC9yZGY6UkRGPgogIDwvbWV0YWRhdGE+CiAgPGRlZnMKICAgICBpZD0iZGVmczgiIC8+CiAgPHNvZGlwb2RpOm5hbWVkdmlldwogICAgIGlua3NjYXBlOmN1cnJlbnQtbGF5ZXI9InN2ZzQiCiAgICAgaW5rc2NhcGU6d2luZG93LW1heGltaXplZD0iMSIKICAgICBpbmtzY2FwZTp3aW5kb3cteT0iLTkiCiAgICAgaW5rc2NhcGU6d2luZG93LXg9Ii05IgogICAgIGlua3NjYXBlOmN5PSIxMiIKICAgICBpbmtzY2FwZTpjeD0iMTIiCiAgICAgaW5rc2NhcGU6em9vbT0iMzQuNTgzMzMzIgogICAgIHNob3dncmlkPSJmYWxzZSIKICAgICBpZD0ibmFtZWR2aWV3NiIKICAgICBpbmtzY2FwZTp3aW5kb3ctaGVpZ2h0PSIxMDAxIgogICAgIGlua3NjYXBlOndpbmRvdy13aWR0aD0iMTkyMCIKICAgICBpbmtzY2FwZTpwYWdlc2hhZG93PSIyIgogICAgIGlua3NjYXBlOnBhZ2VvcGFjaXR5PSIwIgogICAgIGd1aWRldG9sZXJhbmNlPSIxMCIKICAgICBncmlkdG9sZXJhbmNlPSIxMCIKICAgICBvYmplY3R0b2xlcmFuY2U9IjEwIgogICAgIGJvcmRlcm9wYWNpdHk9IjEiCiAgICAgYm9yZGVyY29sb3I9IiM2NjY2NjYiCiAgICAgcGFnZWNvbG9yPSIjZmZmZmZmIiAvPgogIDxwYXRoCiAgICAgc3R5bGU9ImZpbGw6I2ZmZmZmZiIKICAgICBpZD0icGF0aDIiCiAgICAgZD0iTTEwIDZMOC41OSA3LjQxIDEzLjE3IDEybC00LjU4IDQuNTlMMTAgMThsNi02eiIgLz4KPC9zdmc+Cg==) 50% no-repeat; } - - /* arrows for each operation and request are now white */ - .arrow, #large-arrow-up { fill: #fff; } - - #unlocked { fill: #fff; } - - ::-webkit-scrollbar-track { background-color: #646464 !important; } - - ::-webkit-scrollbar-thumb { - background-color: #242424 !important; - border: 2px solid #3e4346 !important; - } - - ::-webkit-scrollbar-button:vertical:start:decrement { - background: linear-gradient(130deg, #696969 40%, rgba(255, 0, 0, 0) 41%), linear-gradient(230deg, #696969 40%, transparent 41%), linear-gradient(0deg, #696969 40%, transparent 31%); - background-color: #b6b6b6; - } - - ::-webkit-scrollbar-button:vertical:end:increment { - background: linear-gradient(310deg, #696969 40%, transparent 41%), linear-gradient(50deg, #696969 40%, transparent 41%), linear-gradient(180deg, #696969 40%, transparent 31%); - background-color: #b6b6b6; - } - - ::-webkit-scrollbar-button:horizontal:end:increment { - background: linear-gradient(210deg, #696969 40%, transparent 41%), linear-gradient(330deg, #696969 40%, transparent 41%), linear-gradient(90deg, #696969 30%, transparent 31%); - background-color: #b6b6b6; - } - - ::-webkit-scrollbar-button:horizontal:start:decrement { - background: linear-gradient(30deg, #696969 40%, transparent 41%), linear-gradient(150deg, #696969 40%, transparent 41%), linear-gradient(270deg, #696969 30%, transparent 31%); - background-color: #b6b6b6; - } - - ::-webkit-scrollbar-button, ::-webkit-scrollbar-track-piece { background-color: #3e4346 !important; } - - .swagger-ui .black, .swagger-ui .checkbox, .swagger-ui .dark-gray, .swagger-ui .download-url-wrapper .loading, .swagger-ui .errors-wrapper .errors small, .swagger-ui .fallback, .swagger-ui .filter .loading, .swagger-ui .gray, .swagger-ui .hover-black:focus, .swagger-ui .hover-black:hover, .swagger-ui .hover-dark-gray:focus, .swagger-ui .hover-dark-gray:hover, .swagger-ui .hover-gray:focus, .swagger-ui .hover-gray:hover, .swagger-ui .hover-light-silver:focus, .swagger-ui .hover-light-silver:hover, .swagger-ui .hover-mid-gray:focus, .swagger-ui .hover-mid-gray:hover, .swagger-ui .hover-near-black:focus, .swagger-ui .hover-near-black:hover, .swagger-ui .hover-silver:focus, .swagger-ui .hover-silver:hover, .swagger-ui .light-silver, .swagger-ui .markdown pre, .swagger-ui .mid-gray, .swagger-ui .model .property, .swagger-ui .model .property.primitive, .swagger-ui .model-title, .swagger-ui .near-black, .swagger-ui .parameter__extension, .swagger-ui .parameter__in, .swagger-ui .prop-format, .swagger-ui .renderedmarkdown pre, .swagger-ui .response-col_links .response-undocumented, .swagger-ui .response-col_status .response-undocumented, .swagger-ui .silver, .swagger-ui section.models h4, .swagger-ui section.models h5, .swagger-ui span.token-not-formatted, .swagger-ui span.token-string, .swagger-ui table.headers .header-example, .swagger-ui table.model tr.description, .swagger-ui table.model tr.extension { color: #bfbfbf; } - - .swagger-ui .hover-white:focus, .swagger-ui .hover-white:hover, .swagger-ui .info .title small pre, .swagger-ui .topbar a, .swagger-ui .white { color: #fff; } - - .swagger-ui .bg-black-10, .swagger-ui .hover-bg-black-10:focus, .swagger-ui .hover-bg-black-10:hover, .swagger-ui .stripe-dark:nth-child(2n + 1) { background-color: rgba(0, 0, 0, .1); } - - .swagger-ui .bg-white-10, .swagger-ui .hover-bg-white-10:focus, .swagger-ui .hover-bg-white-10:hover, .swagger-ui .stripe-light:nth-child(2n + 1) { background-color: rgba(28, 28, 33, .1); } - - .swagger-ui .bg-light-silver, .swagger-ui .hover-bg-light-silver:focus, .swagger-ui .hover-bg-light-silver:hover, .swagger-ui .striped--light-silver:nth-child(2n + 1) { background-color: #6e6e6e; } - - .swagger-ui .bg-moon-gray, .swagger-ui .hover-bg-moon-gray:focus, .swagger-ui .hover-bg-moon-gray:hover, .swagger-ui .striped--moon-gray:nth-child(2n + 1) { background-color: #4d4d4d; } - - .swagger-ui .bg-light-gray, .swagger-ui .hover-bg-light-gray:focus, .swagger-ui .hover-bg-light-gray:hover, .swagger-ui .striped--light-gray:nth-child(2n + 1) { background-color: #2b2b2b; } - - .swagger-ui .bg-near-white, .swagger-ui .hover-bg-near-white:focus, .swagger-ui .hover-bg-near-white:hover, .swagger-ui .striped--near-white:nth-child(2n + 1) { background-color: #242424; } - - .swagger-ui .opblock-tag:hover, .swagger-ui section.models h4:hover { background: rgba(0, 0, 0, .02); } - - .swagger-ui .checkbox p, .swagger-ui .dialog-ux .modal-ux-content h4, .swagger-ui .dialog-ux .modal-ux-content p, .swagger-ui .dialog-ux .modal-ux-header h3, .swagger-ui .errors-wrapper .errors h4, .swagger-ui .errors-wrapper hgroup h4, .swagger-ui .info .base-url, .swagger-ui .info .title, .swagger-ui .info h1, .swagger-ui .info h2, .swagger-ui .info h3, .swagger-ui .info h4, .swagger-ui .info h5, .swagger-ui .info li, .swagger-ui .info p, .swagger-ui .info table, .swagger-ui .loading-container .loading::after, .swagger-ui .model, .swagger-ui .opblock .opblock-section-header h4, .swagger-ui .opblock .opblock-section-header > label, .swagger-ui .opblock .opblock-summary-description, .swagger-ui .opblock .opblock-summary-operation-id, .swagger-ui .opblock .opblock-summary-path, .swagger-ui .opblock .opblock-summary-path__deprecated, .swagger-ui .opblock-description-wrapper, .swagger-ui .opblock-description-wrapper h4, .swagger-ui .opblock-description-wrapper p, .swagger-ui .opblock-external-docs-wrapper, .swagger-ui .opblock-external-docs-wrapper h4, .swagger-ui .opblock-external-docs-wrapper p, .swagger-ui .opblock-tag small, .swagger-ui .opblock-title_normal, .swagger-ui .opblock-title_normal h4, .swagger-ui .opblock-title_normal p, .swagger-ui .parameter__name, .swagger-ui .parameter__type, .swagger-ui .response-col_links, .swagger-ui .response-col_status, .swagger-ui .responses-inner h4, .swagger-ui .responses-inner h5, .swagger-ui .scheme-container .schemes > label, .swagger-ui .scopes h2, .swagger-ui .servers > label, .swagger-ui .tab li, .swagger-ui label, .swagger-ui select, .swagger-ui table.headers td { color: #b5bac9; } - - .swagger-ui .download-url-wrapper .failed, .swagger-ui .filter .failed, .swagger-ui .model-deprecated-warning, .swagger-ui .parameter__deprecated, .swagger-ui .parameter__name.required span, .swagger-ui table.model tr.property-row .star { color: #e69999; } - - .swagger-ui .opblock-body pre.microlight, .swagger-ui textarea.curl { - background: #41444e; - border-radius: 4px; - color: #fff; - } - - .swagger-ui .expand-methods svg, .swagger-ui .expand-methods:hover svg { fill: #bfbfbf; } - - .swagger-ui .auth-container, .swagger-ui .dialog-ux .modal-ux-header { border-bottom: 1px solid #2e2e2e; } - - .swagger-ui .topbar .download-url-wrapper .select-label select, .swagger-ui .topbar .download-url-wrapper input[type=text] { border: 2px solid #63a040; } - - .swagger-ui .info a, .swagger-ui .info a:hover, .swagger-ui .scopes h2 a { color: #99bde6; } - - /* Dark Scrollbar */ - ::-webkit-scrollbar { - width: 14px; - height: 14px; - } - - ::-webkit-scrollbar-button { - background-color: #3e4346 !important; - } - - ::-webkit-scrollbar-track { - background-color: #646464 !important; - } - - ::-webkit-scrollbar-track-piece { - background-color: #3e4346 !important; - } - - ::-webkit-scrollbar-thumb { - height: 50px; - background-color: #242424 !important; - border: 2px solid #3e4346 !important; - } - - ::-webkit-scrollbar-corner {} - - ::-webkit-resizer {} - - ::-webkit-scrollbar-button:vertical:start:decrement { - background: - linear-gradient(130deg, #696969 40%, rgba(255, 0, 0, 0) 41%), - linear-gradient(230deg, #696969 40%, rgba(0, 0, 0, 0) 41%), - linear-gradient(0deg, #696969 40%, rgba(0, 0, 0, 0) 31%); - background-color: #b6b6b6; - } - - ::-webkit-scrollbar-button:vertical:end:increment { - background: - linear-gradient(310deg, #696969 40%, rgba(0, 0, 0, 0) 41%), - linear-gradient(50deg, #696969 40%, rgba(0, 0, 0, 0) 41%), - linear-gradient(180deg, #696969 40%, rgba(0, 0, 0, 0) 31%); - background-color: #b6b6b6; - } - - ::-webkit-scrollbar-button:horizontal:end:increment { - background: - linear-gradient(210deg, #696969 40%, rgba(0, 0, 0, 0) 41%), - linear-gradient(330deg, #696969 40%, rgba(0, 0, 0, 0) 41%), - linear-gradient(90deg, #696969 30%, rgba(0, 0, 0, 0) 31%); - background-color: #b6b6b6; - } - - ::-webkit-scrollbar-button:horizontal:start:decrement { - background: - linear-gradient(30deg, #696969 40%, rgba(0, 0, 0, 0) 41%), - linear-gradient(150deg, #696969 40%, rgba(0, 0, 0, 0) 41%), - linear-gradient(270deg, #696969 30%, rgba(0, 0, 0, 0) 31%); - background-color: #b6b6b6; - } -} \ No newline at end of file diff --git a/services/scout/src/fansly.spec.ts b/services/scout/src/fansly.spec.ts deleted file mode 100644 index ce555a5..0000000 --- a/services/scout/src/fansly.spec.ts +++ /dev/null @@ -1,47 +0,0 @@ -import { expect } from 'chai' -import { usernameRegex, normalize, urlFromUsername, getAccountData } from './fansly.ts' -import { describe } from 'mocha' - -describe('fansly', function () { - describe('integration', function () { - describe('getAccountData', function () { - it('should get username, id, and location', async function () { - const data = await getAccountData('projektmelody') - // console.log(data) - expect(data).to.have.property('username', 'ProjektMelody') - expect(data).to.have.property('id', '284824898138812416') - expect(data).to.have.property('location', 'Casting Couch, JP') - }) - }) - }) - describe('unit', function () { - describe('regex', function () { - describe('username', function () { - it('should get the username of the channel', function () { - expect(usernameRegex.exec('https://fansly.com/18Plus/posts')?.at(1)).to.equal('18Plus') - expect(usernameRegex.exec('https://fansly.com/projektmelody/posts')?.at(1)).to.equal('projektmelody') - expect(usernameRegex.exec('https://fansly.com/GoodKittenVR')?.at(1)).to.equal('GoodKittenVR') - expect(usernameRegex.exec('https://fansly.com/live/MzLewdieB')?.at(1)).to.equal('MzLewdieB') - expect(usernameRegex.exec('https://fansly.com/live/340602399334871040')?.at(1)).to.equal('340602399334871040') - }) - }) - }) - describe('url', function () { - describe('fromUsername', function () { - it('should accept a channel name and give us a valid channel URL', function () { - expect(urlFromUsername('projektmelody')).to.equal('https://fansly.com/projektmelody') - expect(urlFromUsername('GoodKittenVR')).to.equal('https://fansly.com/GoodKittenVR') - expect(urlFromUsername('MzLewdieB')).to.equal('https://fansly.com/MzLewdieB') - expect(urlFromUsername('340602399334871040')).to.equal('https://fansly.com/340602399334871040') - }) - }) - describe('normalize', function () { - it('should accept a live URL and return a normal channel url.', function () { - expect(normalize('https://fansly.com/live/projektmelody')).to.equal('https://fansly.com/projektmelody') - expect(normalize('https://fansly.com/live/340602399334871040')).to.equal('https://fansly.com/340602399334871040') - expect(normalize('https://fansly.com/live/GoodKittenVR')).to.equal('https://fansly.com/GoodKittenVR') - }) - }) - }) - }) -}) \ No newline at end of file diff --git a/services/scout/src/fansly.ts b/services/scout/src/fansly.ts deleted file mode 100644 index fec8e83..0000000 --- a/services/scout/src/fansly.ts +++ /dev/null @@ -1,171 +0,0 @@ -import { download, getTmpFile } from '@futureporn/utils/file.ts'; -import type { VtuberRecord } from '@futureporn/types'; -import { ua0 } from './ua.ts'; -import scrapingFetch from './scrapingFetch.ts'; - -export interface FanslyProfile { - id: string; - username: string; - displayName?: string | null; - flags: number; - version: number; - followCount: number; - subscriberCount: number; - permissions: { - accountPermissionFlags: { - flags: number; - }; - }; - timelineStats: { - accountId: string; - imageCount: number; - videoCount: number; - bundleCount: number; - bundleImageCount: number; - bundleVideoCount: number; - fetchedAt: number; - }; - profileAccessFlags: number; - profileFlags: number; - about: string; - location: string; - profileSocials: any[]; - pinnedPosts: { - postId: string; - accountId: string; - pos: number; - createdAt: number; - }[]; - statusId: number; - lastSeenAt: number; - postLikes: number; - accountMediaLikes: number; - avatar: { - id: string; - type: number; - status: number; - accountId: string; - mimetype: string; - flags: number; - location: string; - width: number; - height: number; - metadata: string; - updatedAt: number; - createdAt: number; - variants: any[]; - variantHash: {}; - locations: any[]; - }; - banner: { - id: string; - type: number; - status: number; - accountId: string; - mimetype: string; - flags: number; - location: string; - width: number; - height: number; - metadata: string; - updatedAt: number; - createdAt: number; - variants: any[]; - variantHash: {}; - locations: any[]; - }; - mediaStoryState: { - accountId: string; - status: number; - storyCount: number; - version: number; - createdAt: number; - updatedAt: number; - hasActiveStories: boolean; - }; - subscriptionTiers: { - id: string; - accountId: string; - name: string; - color: string; - pos: number; - price: number; - maxSubscribers: number; - subscriptionBenefits?: any[]; - includedTierIds: string[]; - plans: any[]; - }[]; - streaming: { - accountId: string; - channel: { - id: string; - accountId: string; - playbackUrl: string; - chatRoomId: string; - status: number; - version: number; - createdAt: number; - updatedAt?: null | number; - stream: any; - arn: null; - ingestEndpoint: null; - }; - enabled: boolean; - }; - walls: { - id: string; - accountId: string; - pos: null; - name: string; - description: ''; - metadata: ''; - }[]; - profileAccess: boolean; -} - -export const usernameRegex = new RegExp(/^https:\/\/fansly\.com\/(?:live\/)?([^\/]+)/) -export const urlFromUsername = (username: string) => `https://fansly.com/${username}` -export const normalize = (url: string) => { - if (!url) throw new Error('normalized received a null or undefined url.'); - const username = usernameRegex.exec(url)?.at(1) - if (!username) throw new Error('failed to get username from url'); - return urlFromUsername(username) -} - - -export const imageUrlFromUsername = async function image(fanslyUserId: string) { - if (!fanslyUserId) throw new Error(`first arg passed to fansly.data.image must be a {string} fanslyUserId`); - const url = `https://api.fansly.com/api/v1/account/${fanslyUserId}/avatar` - const filePath = getTmpFile('avatar.jpg') - return download({ filePath, url }) -} - -export async function getProfileImage(username: string): Promise { - const data = await getAccountData(username) - return data.avatar.location -} - - -export async function getAccountData(username: string): Promise { - const fetchUrl = `https://apiv3.fansly.com/api/v1/account?usernames=${username}&ngsw-bypass=true` - const fetchOptions = { - method: 'GET', - headers: { - 'User-Agent': ua0, - 'Accept': 'application/json' - } - } - const res = await scrapingFetch(fetchUrl, fetchOptions) - if (!res.ok) { - const body = await res.text() - const msg = `failed to fetch getAccountData res.status=${res.status}, res.statusText=${res.statusText}, body=${body}` - console.error(msg) - throw new Error(msg) - } - const data = await res.json() as any - - if (!data?.success) throw new Error('data.success was expected to exist but it is absent.'); - if (data.success !== true) throw new Error('data.success was not true'); - if (!data?.response) throw new Error('data.response was expected to exist but it is absent.'); - return data.response[0] -} diff --git a/services/scout/src/fastify.ts b/services/scout/src/fastify.ts deleted file mode 100644 index 2ae1e58..0000000 --- a/services/scout/src/fastify.ts +++ /dev/null @@ -1,165 +0,0 @@ - - -import Fastify, { FastifyPluginCallback, FastifyReply, FastifyRequest, FastifyReplyContext, FastifyPluginAsync, FastifyServerOptions } from 'fastify' -import fastifySwagger from '@fastify/swagger' -import fastifySwaggerUi from '@fastify/swagger-ui' -import { readFileSync } from 'node:fs' -import { fileURLToPath } from 'url' -import { dirname, join } from 'node:path' -import { Config } from './config' -import { VtuberRecord, VtuberResponse, VtuberDataScrape } from './schemas.ts' -import scrapeVtuberData from './scrapeVtuberData.ts' -import { getPlaylistUrl } from './ytdlp.ts' -import { getRandomRoom } from './cb.ts' -import { getPackageVersion } from '@futureporn/utils/file.ts' -import { type GenericApiResponse } from '@futureporn/types' - -type VtuberDataRequest = FastifyRequest<{ - Querystring: { url: string } -}> - - -const __dirname = dirname(fileURLToPath(import.meta.url)); -const swaggerDarkCss = readFileSync(join(__dirname, './css/SwaggerDark.css'), { encoding: 'utf-8' }) -const version = getPackageVersion(join(__dirname, '../package.json')) - - -async function fastifySetup(configs: Config) { - - const fastify = Fastify({ - logger: true - }) - - - await fastify.register(fastifySwagger, { - openapi: { - info: { - title: '@futureporn/scout', - description: 'Vtuber data acquisition API', - version - }, - } - }) - await fastify.register(fastifySwaggerUi, { - theme: { - title: '@fp/scout', - css: [ - { filename: 'SwaggerDark.css', content: swaggerDarkCss } - ] - }, - routePrefix: '/', - uiConfig: { - docExpansion: 'list', - deepLinking: true - }, - uiHooks: { - onRequest: function (request: FastifyRequest, reply: FastifyReply, next: any) { next() }, - preHandler: function (request: FastifyRequest, reply: FastifyReply, next: any) { next() } - }, - staticCSP: true, - transformStaticCSP: (header: any) => header, - transformSpecification: (swaggerObject: any, request: FastifyRequest, reply: FastifyReply) => { return swaggerObject }, - transformSpecificationClone: true -}) - -fastify.addSchema(VtuberResponse) -fastify.addSchema(VtuberRecord) -fastify.addSchema(VtuberDataScrape) - - - -fastify.get('/chaturbate/random-room', { - schema: { - response: { - '2xx': { - type: 'object' - } - }, - tags: ['chaturbate'] - } -}, async (req, reply) => { - const room = await getRandomRoom() - console.log(room) - reply.type('application/json').send(JSON.stringify(room)) -}) - - - -fastify.get('/ytdlp/playlist-url', { - schema: { - querystring: { - type: 'object', - properties: { - playlistUrl: { - type: 'string' - } - } - }, - response: { - '2xx': { - error: { type: 'boolean' }, - message: { type: 'string' }, - data: { type: 'object', properties: { - playlistUrl: { type: 'string' } - }} - } - }, - tags: ['yt-dlp'] - } -}, async (req: VtuberDataRequest, reply) => { - try { - const { data, error, message } = await getPlaylistUrl(req.query.url) - console.log(`playlistUrl=${data.playlistUrl}`) - reply.type('application/json').send(JSON.stringify({ - data: { - playlistUrl: data.playlistUrl - }, - error: error, - message: message - })) - } catch (e) { - reply.type('application/json').send(JSON.stringify({ data: null, error: e })) - } -}) - - - -fastify.get('/vtuber/data', { - schema: { - querystring: { - type: 'object', - properties: { - url: { - type: 'string', - description: 'URL of a vtuber profile on Chaturbate or Fansly. ex: https://chaturbate.com/projektmelody' - } - } - }, - response: { - '2xx': { $ref: 'VtuberDataScrape' } - }, - tags: [ - 'vtuber' - ] - } -}, async (req: VtuberDataRequest, reply) => { - console.log(`we received a request with url=${req.query.url}`) - const data = await scrapeVtuberData(req.query.url) - reply.type('application/json').send(data) -}) - - - -fastify.listen({ host: '0.0.0.0', port: configs.port }, function (err, address) { - console.log(`@futureporn/scout listening on ${address}`) - if (err) { - fastify.log.error(err) - process.exit(1) - } -}) - - -} - - -export default fastifySetup diff --git a/services/scout/src/fixtures/.gitignore b/services/scout/src/fixtures/.gitignore deleted file mode 100644 index 314f02b..0000000 --- a/services/scout/src/fixtures/.gitignore +++ /dev/null @@ -1 +0,0 @@ -*.txt \ No newline at end of file diff --git a/services/scout/src/fixtures/cb.projektmelody.fixture.html b/services/scout/src/fixtures/cb.projektmelody.fixture.html deleted file mode 100644 index 80ee9b1..0000000 --- a/services/scout/src/fixtures/cb.projektmelody.fixture.html +++ /dev/null @@ -1,718 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - -Chaturbate - 100% Free Chat & Webcams - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - -
-
- -
-
-
- -
- -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/services/scout/src/hello.ts b/services/scout/src/hello.ts deleted file mode 100644 index 6e158df..0000000 --- a/services/scout/src/hello.ts +++ /dev/null @@ -1,9 +0,0 @@ -import icons from './icons.ts' - -export default function hello(thing: string) { - if (thing === 'world') { - return icons.world - } else { - return 'hi' - } -} \ No newline at end of file diff --git a/services/scout/src/icons.ts b/services/scout/src/icons.ts deleted file mode 100644 index 6a37fe8..0000000 --- a/services/scout/src/icons.ts +++ /dev/null @@ -1,4 +0,0 @@ -export default ({ - world: '🌏', - sun: '☀️' -}) \ No newline at end of file diff --git a/services/scout/src/index.browser.js b/services/scout/src/index.browser.js deleted file mode 100644 index df35654..0000000 --- a/services/scout/src/index.browser.js +++ /dev/null @@ -1,174 +0,0 @@ -// watches chaturbate for go live - -import puppeteer from 'puppeteer-extra'; -import { dirname } from 'path'; -import { fileURLToPath } from 'url'; -import StealthPlugin from 'puppeteer-extra-plugin-stealth' -import delay from 'delay' -import ReplPlugin from 'puppeteer-extra-plugin-repl' -import fsp from 'fs/promises'; -import repl from 'puppeteer-extra-plugin-repl'; - -const __dirname = dirname(fileURLToPath(import.meta.url)); -const browserDataDir = __dirname+'/futureporn-scout-datadir'; - - -const searchInputSelector = 'body > app-root > div > div.site-wrapper.nav-bar-visible.nav-bar-top-visible > div > app-explore-route > div > app-account-explore-route > div > input' -const followButtonSelector = "xpath///app-account-follow-button/div/xd-localization-string[contains(., 'Follow')]" -const onlineIndicator = 'a.online-indicator.is-live' - -// @todo Get this value from Strapi -const channels = [ - 'avabrooks' -] - - -const scrollDown = async (page) => { - console.log('scrolling down') - await page.keyboard.press('PageDown') - await page.evaluate(async () => { - window.scrollBy(0, 500); - }); -} - -const handleOnlineChannel = async (page) => { - const href = await page.evaluate(async () => { - const onlineIndicator = 'a.online-indicator.is-live' - const href = document.querySelector(onlineIndicator).href - return href - }) - console.log(`${href} is online!`) - await fsp.appendFile('./data.csv', `${new Date().toISOString()},${href}\n`) -} - -/** - * Open up a tab to the channel. - * Intercept websockets events which tell us when the channel is online - */ -const monitor = async (browser, channel) => { - if (!browser) throw new Error('monitor requires page arg'); - if (!channel) throw new Error('monitor requires channel arg'); - console.log(`monitoring ${channel}`) - const page = await browser.newPage(); - - await page.setRequestInterception(true); - - const url = await new Promise((resolve) => { - page.on('request', interceptRequest => { - const url = interceptRequest.url(); - console.log(url) - if (url.startsWith('wss://realtime')) { - console.log(`request! ${interceptRequest.url()} ${JSON.stringify(interceptRequest.headers(), null, 2)}`); - resolve(interceptRequest.url()); - } - interceptRequest.continue(); - }); - - page.goto(`https://chaturbate.com/${channel}`); - }) - - await page.repl() -} - -const dash = async (page, channel) => { - console.log('check') - await page.goto(`https://chaturbate.com/${channel}`) - - - // look for is-live indicator - try { - console.log('waiting for home page') - await page.waitForSelector('div.stories-scroll-container', { timeout: 15000 }) - console.log('waiting for online indicators') - await page.waitForSelector(onlineIndicator, { timeout: 10000 }) - console.log(`FOUND online channel! ${JSON.stringify(onlineIndicator, null, 2)}`); - handleOnlineChannel(page) - delay(1000) - } catch (e) { - console.error(e) - console.log('error on the dash. lets move on.') - } -} - -const discover = async (page) => { - - // Navigate the page to a URL - await page.goto('https://fansly.com/explore/discover'); - - - console.log('wait for search input') - await page.waitForSelector(searchInputSelector) - - // console.log('click search input') - // await page.click(searchInputSelector) - - console.log('type a random letter') - const letter = (() => { - const letters = 'abcdefghijklmnopqrstuvwxyz' - const randomIndex = Math.floor(Math.random() * letters.length); - return letters[randomIndex]; - })() - await page.type(searchInputSelector, letter) - - - - // // Start an interactive REPL here with the `page` instance. - // await page.repl() - // // Afterwards start REPL with the `browser` instance. - // await browser.repl() - - let go = true - setTimeout(() => { - go = false - }, 1000*30*1) // ~2 minutes of following - - while (go) { - try { - console.log('Wait for Follow/Unfollow buttons') - try { - await page.waitForSelector(followButtonSelector, { timeout: 1000 }) - await page.click(followButtonSelector, { timeout: 1000 }) - } catch {} - - // look for is-live indicator - try { - await page.waitForSelector(onlineIndicator, { timeout: 100 }) - console.log(`FOUND online channel! ${JSON.stringify(onlineIndicator, null, 2)}`); - handleOnlineChannel(page) - } catch (e) { - // console.log('online channel not found') - } - - scrollDown(page) - await page.keyboard.press('PageDown') - } catch (e) { - console.error('Error while waiting for follow button') - console.error(e) - } - await delay(15000) - } -} - -(async () => { - // Launch the browser and open a new blank page - puppeteer.use(StealthPlugin()) - puppeteer.use(ReplPlugin()) - const browser = await puppeteer.launch({ - headless: false, - args: [ - `--user-data-dir=${browserDataDir}` - ] - }); - - - for (const ch of channels) { - await monitor(browser, ch) - // await dash(page) - // await discover(page) // discover & follow - // await dash(page) // dashboard & see who's live - } - - - - -})(); \ No newline at end of file diff --git a/services/scout/src/index.ts b/services/scout/src/index.ts deleted file mode 100644 index 479c565..0000000 --- a/services/scout/src/index.ts +++ /dev/null @@ -1,6 +0,0 @@ - -import fastify from './fastify.js' -import { configs } from './config.js' - -fastify(configs) - diff --git a/services/scout/src/loader.js b/services/scout/src/loader.js deleted file mode 100644 index 4d2438f..0000000 --- a/services/scout/src/loader.js +++ /dev/null @@ -1,13 +0,0 @@ -import { readFileSync } from 'node:fs' -import yaml from 'js-yaml' -import { join, dirname } from 'node:path' -import { fileURLToPath } from 'url'; - -const __dirname = dirname(fileURLToPath(import.meta.url)); - - -export function loadOpenApiSpec () { - const rawFile = readFileSync(join(__dirname, './api.yaml'), { encoding: 'utf-8' }) - const doc = yaml.load(rawFile) - return doc -} diff --git a/services/scout/src/schemas.ts b/services/scout/src/schemas.ts deleted file mode 100644 index af03515..0000000 --- a/services/scout/src/schemas.ts +++ /dev/null @@ -1,28 +0,0 @@ -/** - * schemas.ts - * - * uses ts-json-schema-generator to generate json schema from typescript declarations. - * - */ -import tsj, { Config } from 'ts-json-schema-generator' -import { createRequire } from 'node:module' - - - -const require = createRequire(import.meta.url); -const typesIndex = require.resolve('@futureporn/types/src/index.ts'); -const typesTsConfig = require.resolve('@futureporn/types/tsconfig.json'); - -const config: Config = { - path: typesIndex, - tsconfig: typesTsConfig, - type: '*', - skipTypeCheck: true, - encodeRefs: true, - topRef: false, -} - -export const VtuberResponse = tsj.createGenerator(Object.assign(config, { schemaId: 'VtuberResponse' })).createSchema('VtuberResponse') -export const VtuberRecord = tsj.createGenerator(Object.assign(config, { schemaId: 'VtuberRecord' })).createSchema('VtuberRecord') -export const VtuberDataScrape = tsj.createGenerator(Object.assign(config, { schemaId: 'VtuberDataScrape' })).createSchema('VtuberDataScrape') -// export const VtuberDataScrape = tsj.createGenerator(Object.assign(config, { schemaId: 'VtuberDataScrape' })).createSchema('VtuberDataScrape') diff --git a/services/scout/src/scrapeVtuberData.spec.ts b/services/scout/src/scrapeVtuberData.spec.ts deleted file mode 100644 index 43d269b..0000000 --- a/services/scout/src/scrapeVtuberData.spec.ts +++ /dev/null @@ -1,14 +0,0 @@ -import scrapeVtuberData from "./scrapeVtuberData.ts" -import { expect } from "chai" - -describe('integration', function () { - describe('scrapeVtuberData', function () { - it('should get displayname, username, and id from chaturbate', async function () { - const vtuber = await scrapeVtuberData('https://chaturbate.com/projektmelody') - expect(vtuber).to.have.property('display_name', 'Projektmelody') - expect(vtuber).to.have.property('chaturbate_id', 'G0TWFS5') - expect(vtuber).to.have.property('slug', 'projektmelody') - expect(vtuber).to.have.property('theme_color', '#5C23C0') - }) - }) -}) \ No newline at end of file diff --git a/services/scout/src/scrapeVtuberData.ts b/services/scout/src/scrapeVtuberData.ts deleted file mode 100644 index 706cf17..0000000 --- a/services/scout/src/scrapeVtuberData.ts +++ /dev/null @@ -1,51 +0,0 @@ -import type { VtuberDataScrape } from "@futureporn/types" -import { fetchHtml, getBroadcasterDisplayName, getInitialRoomDossier } from './cb.ts' -import { getAccountData, usernameRegex } from "./fansly.ts" -import { fpSlugify } from "@futureporn/utils/name.ts" - - -/** - * - * scrapeVtuberData - * - * The purpose of this function is to retrieve enough data about a vtuber in order for us to create a database record about them. - */ -export default async function scrapeVtuberData(url: string): Promise { - - let display_name, chaturbate_id, slug, fansly_id, chaturbate, fansly - if (url.match(/chaturbate/)) { - console.log('url matches chaturbate') - let html = await fetchHtml(url) - // console.log(html) - let dossier = getInitialRoomDossier(html) - if (!dossier) throw new Error('failed to fetch initial room dossier.'); - slug = dossier.broadcaster_username - chaturbate_id = dossier.broadcaster_uid - display_name = getBroadcasterDisplayName(html) - chaturbate = url - if (!display_name) throw new Error('failed to get broadcaster display name from chaturbate'); - // console.log(dossier) - } else if (url.match(/fansly/)) { - console.log('url matches fansly') - const username = usernameRegex.exec(url)?.at(1) - if (!username) throw new Error(`failed to parse fansly username from url=${url}`); - const data = await getAccountData(username) - slug = fpSlugify(data.username) - display_name = data?.username - fansly_id = data.id - fansly = url - } else { - throw new Error('The URL does not match a known platform'); - } - - - return { - display_name, - chaturbate_id, - chaturbate, - fansly_id, - fansly, - slug, - } - -} \ No newline at end of file diff --git a/services/scout/src/scrapingFetch.spec.ts b/services/scout/src/scrapingFetch.spec.ts deleted file mode 100644 index bb77480..0000000 --- a/services/scout/src/scrapingFetch.spec.ts +++ /dev/null @@ -1,31 +0,0 @@ -import scrapingFetch from "./scrapingFetch.ts" -import { expect } from "chai" - -describe('scrapingFetch', function () { - describe('unit', function () { - xit('idk', async function () { - - }) - }) - describe('integration', function () { - it('should be rate limited while fetching a url', async function () { - this.timeout(1000*30) - // @see https://dog.ceo/dog-api/ - const dogBreedApiUrl = 'https://dog.ceo/api/breeds/image/random' - const res = await scrapingFetch(dogBreedApiUrl) - const json = await res.json() - expect(json).to.have.property('message') - expect(json).to.have.property('status') - - const res1 = await scrapingFetch(dogBreedApiUrl) - const json1 = await res1.json() - expect(json1).to.have.property('message') - expect(json1).to.have.property('status') - - const res2 = await scrapingFetch(dogBreedApiUrl) - const json2 = await res2.json() - expect(json2).to.have.property('message') - expect(json2).to.have.property('status') - }) - }) -}) \ No newline at end of file diff --git a/services/scout/src/scrapingFetch.ts b/services/scout/src/scrapingFetch.ts deleted file mode 100644 index fc37cba..0000000 --- a/services/scout/src/scrapingFetch.ts +++ /dev/null @@ -1,75 +0,0 @@ -/** - * scrapingFetch - * - * Like a regular fetch(), but this one is rate limited so as not to be a nuisance. - * - * rate limiting provided by https://github.com/animir/node-rate-limiter-flexible - * - * the token count is measured at the database level, so many methods cluster-wide can use scrapingFetch and there - * is a guarantee that our fetches stay within the limits. - */ -import { RateLimiterMemory, RateLimiterPostgres, RateLimiterQueue, type IRateLimiterPostgresOptions } from 'rate-limiter-flexible'; -import pRetry from 'p-retry' -import { configs } from './config.ts' -import pg from 'pg' -const { Pool } = pg - -const rateLimiterOptions = { - points: 1, - duration: 5, -} - -console.log(`connectionString=${configs.workerConnectionString}`) -const storeClient = new Pool({ - connectionString: configs.workerConnectionString, -}) -storeClient.on('error', (err) => { - console.error('A pool error occurred', err.stack) -}) -storeClient.on('connect', () => { - // console.log(`postgres storeClient Pool connedcted!!!!!`) - storeClient.on('error', (err) => { - console.error('A pool error occurred within the connect callbakc', err.stack) - }) -}); - - -const postgresOptions: IRateLimiterPostgresOptions = { - storeClient, - schemaName: 'public', - tableName: 'limiter', - keyPrefix: 'scraping_fetch', - tableCreated: true, -} -console.log(`process.env.NODE_ENV=${configs.nodeEnv}`) -const limiterFlexible = (process.env.NODE_ENV === 'development') - ? new RateLimiterMemory(rateLimiterOptions) - : new RateLimiterPostgres(Object.assign(rateLimiterOptions, postgresOptions)) - -const limiterQueue = new RateLimiterQueue(limiterFlexible, { - maxQueueSize: 64, -}); - - -export default async function scrapingFetch(url: string, options?: RequestInit): Promise { - - const run = async () => { - console.log(`${performance.now()} scrapingFetch() spending 1 token and fetching ${url}`) - await limiterQueue.removeTokens(1) - const res = await fetch(url, options) - return res - } - - return pRetry(run, { - forever: false, - maxTimeout: 8000, - retries: 3, - onFailedAttempt: (e) => { - console.error(e); - console.error(`There was an error DURING scrapingFetch. We will now retry up to ${e.retriesLeft} times. cause=${e.cause}, message=${e.message}, attemptNumber=${e.attemptNumber}, name=${e.name}`) - } - }) - - - -} \ No newline at end of file diff --git a/services/scout/src/signals.js b/services/scout/src/signals.js deleted file mode 100644 index 2fb00e4..0000000 --- a/services/scout/src/signals.js +++ /dev/null @@ -1,297 +0,0 @@ - -import 'dotenv/config' -import qs from 'qs' -import { subMinutes, addMinutes } from 'date-fns' -import { fpSlugify, download } from './utils.js' -import { getProminentColor } from './image.js' -import { getImage } from './vtuber.js' -import fansly from './fansly.js' - -// alternative js libraries for postgres notify/wait -// * https://github.com/imqueue/pg-pubsub -// * https://github.com/voxpelli/node-pg-pubsub -// * https://github.com/andywer/pg-listen - -if (!process.env.SCOUT_STRAPI_API_KEY) throw new Error('SCOUT_STRAPI_API_KEY is missing from env'); -if (!process.env.STRAPI_URL) throw new Error('STRAPI_URL is missing from env'); -if (!process.env.SCOUT_RECENTS_TOKEN) throw new Error('SCOUT_RECENTS_TOKEN is undefined in env'); -if (!process.env.CDN_BUCKET_URL) throw new Error('CDN_BUCKET_URL is undefined in env'); - - - - -/** - * Create a database record which shows this stream exists - * - * It's kind of complicated, but we do it this way so we don't need a backend batch processor. - * Instead, Scout takes as much responsibility as possible and does the work that a human would do if they were creating the records. - * - * In Strapi, we are finding or updating or creating the following content-types. - * * vtuber - * * platform-notification - * * stream - * - * It's a 3 step process, with each step outlined in the function body. - */ -export async function createStreamInDb ({ source, platform, channel, date, url, userId }) { - throw new Error('createStreamInDb is deprecated.'); - - let vtuberId, streamId - - console.log('>> # Step 1') - // # Step 1. - // First we find or create the vtuber - // The vtuber may already be in the db, so we look for that record. All we need is the Vtuber ID. - // If the vtuber is not in the db, we create the vtuber record. - - // GET /api/:pluralApiId?filters[field][operator]=value - const findVtubersFilters = (() => { - if (platform === 'chaturbate') { - return { chaturbate: { $eq: url } } - } else if (platform === 'fansly') { - if (!userId) throw new Error('Fansly userId was undefined, but it is required.') - return { fanslyId: { $eq: userId } } - } - })() - console.log('>>>>> the following is findVtubersFilters.') - console.log(findVtubersFilters) - - const findVtubersQueryString = qs.stringify({ - filters: findVtubersFilters - }, { encode: false }) - console.log(`>>>>> platform=${platform}, url=${url}, userId=${userId}`) - - console.log('>> findVtuber') - const findVtuberRes = await fetch(`${process.env.STRAPI_URL}/api/vtubers?${findVtubersQueryString}`, { - method: 'GET', - headers: { - 'content-type': 'application/json' - } - }) - const findVtuberJson = await findVtuberRes.json() - console.log('>> here is the vtuber json') - console.log(findVtuberJson) - if (findVtuberJson?.data && findVtuberJson.data.length > 0) { - console.log('>>a vtuber was FOUND') - if (findVtuberJson.data.length > 1) throw new Error('There was more than one vtuber match. There must only be one.') - vtuberId = findVtuberJson.data[0].id - console.log('here is the findVtuberJson (as follows)') - console.log(findVtuberJson) - console.log(`the matching vtuber has ID=${vtuberId} (${findVtuberJson.data[0].attributes.displayName})`) - } - - if (!vtuberId) { - console.log('>> !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! (DEPRECATED FUNCTION) vtuberId was not found so we create') - - /** - * We are creating a vtuber record. - * We need a few things. - * * image URL - * * themeColor - * - * To get an image, we have to do a few things. - * * [x] download image from platform - * * [x] get themeColor from image - * * [x] upload image to b2 - * * [x] get B2 cdn link to image - * - * To get themeColor, we need the image locally where we can then run - */ - - // download image from platform - // vtuber.getImage expects a vtuber object, which we don't have yet, so we create a dummy one - const dummyVtuber = { - attributes: { - slug: fpSlugify(channel), - fansly: fansly.url.fromUsername(channel) - } - } - const platformImageUrl = await getImage(dummyVtuber) - const imageFile = await download({ url: platformImageUrl }) - - // get themeColor from image - const themeColor = await getProminentColor(imageFile) - - // upload image to b2 - const b2FileData = await s3.uploadFile(imageFile) - - // get b2 cdn link to image - const imageCdnLink = `${process.env.CDN_BUCKET_URL}/${b2FileData.Key}` - - - const createVtuberRes = await fetch(`${process.env.STRAPI_URL}/api/vtubers`, { - method: 'POST', - headers: { - 'authorization': `Bearer ${process.env.SCOUT_STRAPI_API_KEY}`, - 'content-type': 'application/json' - }, - body: JSON.stringify({ - data: { - displayName: channel, - fansly: (platform === 'fansly') ? url : null, - fanslyId: (platform === 'fansly') ? userId : null, - chaturbate: (platform === 'chaturbate') ? url : null, - slug: fpSlugify(channel), - description1: ' ', - image: imageCdnLink, - themeColor: themeColor || '#dde1ec' - } - }) - }) - const createVtuberJson = await createVtuberRes.json() - console.log('>> createVtuberJson as follows') - console.log(JSON.stringify(createVtuberJson, null, 2)) - if (createVtuberJson.data) { - vtuberId = createVtuberJson.data.id - console.log(`>>> vtuber created with id=${vtuberId}`) - } - } - - if (!vtuberId) throw new Error(`>> we weren't able to find or create a vtuberId so we are panicking. (this should not happen under normal circumstances. Bug desu ka?)`) - console.log(`>># Step 2. vtuberId=${vtuberId}`) - // # Step 2. - // Next we create the platform-notification record. - // This probably doesn't already exist, so we don't check for a pre-existing platform-notification. - const pNotifPayload = { - data: { - source: source, - date: date, - date2: date, - platform: platform, - vtuber: vtuberId, - } - } - console.log('pNotifPayload as follows') - console.log(pNotifPayload) - - const pNotifCreateRes = await fetch(`${process.env.STRAPI_URL}/api/platform-notifications`, { - method: 'POST', - headers: { - 'authorization': `Bearer ${process.env.SCOUT_STRAPI_API_KEY}`, - 'Content-Type': 'application/json' - }, - body: JSON.stringify(pNotifPayload) - }) - const pNotifData = await pNotifCreateRes.json() - if (pNotifData.error) { - console.error('>> we failed to create platform-notification, there was an error in the response') - console.error(pNotifData.error) - throw new Error(pNotifData.error) - } - console.log(`>> pNotifData (json response) is as follows`) - console.log(pNotifData) - if (!pNotifData.data?.id) throw new Error('failed to created pNotifData! The response was missing an id'); - - // # Step 3. - // Finally we find or create the stream record - // The stream may already be in the db (the streamer is multi-platform streaming), so we look for that record. - // This gets a bit tricky. How do we determine one stream from another? - // For now, the rule is 30 minutes of separation. - // Anything <=30m is interpreted as the same stream. Anything >30m is interpreted as a different stream. - // If the stream is not in the db, we create the stream record - const dateSinceRange = subMinutes(new Date(date), 30) - const dateUntilRange = addMinutes(new Date(date), 30) - console.log(`Find a stream within + or - 30 mins of the notif date=${new Date(date).toISOString()}. dateSinceRange=${dateSinceRange.toISOString()}, dateUntilRange=${dateUntilRange.toISOString()}`) - const findStreamQueryString = qs.stringify({ - populate: 'platform_notifications', - filters: { - date: { - $gte: dateSinceRange, - $lte: dateUntilRange - }, - vtuber: { - id: { - '$eq': vtuberId - } - } - } - }, { encode: false }) - - console.log('>> findStream') - const findStreamRes = await fetch(`${process.env.STRAPI_URL}/api/streams?${findStreamQueryString}`, { - method: 'GET', - headers: { - 'authorization': `Bearer ${process.env.SCOUT_STRAPI_API_KEY}`, - 'Content-Type': 'application/json' - } - }) - const findStreamData = await findStreamRes.json() - if (findStreamData?.data && findStreamData.data.length > 0) { - console.log('>> we found a findStreamData json. (there is an existing stream for this e-mail/notification)') - console.log(findStreamData) - streamId = findStreamData.data?.id - - // Before we're done here, we need to do something extra. We need to populate isChaturbateStream and/or isFanslyStream. - // We know which of these booleans to set based on the stream's related platform_notifications - // We go through each pNotif and look at it's platform - let isFanslyStream, isChaturbateStream - for (const pn of findStreamData.platform_notifications) { - if (pn.platform === 'fansly') { - isFanslyStream = true - } else if (pn.platform === 'chaturbate') { - isChaturbateStream = true - } - } - - console.log(`>>> updating stream ${streamId}. isFanslyStream=${isFanslyStream}, isChaturbateStream=${isChaturbateStream}`) - const updateStreamRes = await fetch(`${process.env.STRAPI_URL}/api/stream/${streamId}`, { - method: 'PUT', - headers: { - 'authorization': `Bearer ${process.env.SCOUT_STRAPI_API_KEY}`, - 'content-type': 'application/json' - }, - body: JSON.stringify({ - data: { - isFanslyStream: isFanslyStream, - isChaturbateStream: isChaturbateStream - } - }) - }) - const updateStreamJson = await updateStreamRes.json() - if (updateStreamJson?.error) throw new Error(updateStreamJson); - console.log(`>> assuming a successful update to the stream record. response as follows.`) - console.log(JSON.stringify(updateStreamJson, null, 2)) - } - - if (!streamId) { - console.log('>> did not find a streamId, so we go ahead and create a stream record in the db.') - const createStreamPayload = { - data: { - isFanslyStream: (platform === 'fansly') ? true : false, - isChaturbateStream: (platform === 'chaturbate') ? true : false, - archiveStatus: 'missing', - date: date, - date2: date, - date_str: date, - vtuber: vtuberId, - platform_notifications: [ - pNotifData.data.id - ] - } - } - console.log('>> createStreamPayload as follows') - console.log(createStreamPayload) - const createStreamRes = await fetch(`${process.env.STRAPI_URL}/api/streams`, { - method: 'POST', - headers: { - 'authorization': `Bearer ${process.env.SCOUT_STRAPI_API_KEY}`, - "Content-Type": "application/json" - }, - body: JSON.stringify(createStreamPayload) - }) - const createStreamJson = await createStreamRes.json() - console.log('>> we got the createStreamJson') - console.log(createStreamJson) - if (createStreamJson.error) { - console.error(JSON.stringify(createStreamJson.error, null, 2)) - throw new Error('Failed to create stream in DB due to an error. (see above)') - } - - } - - - -} - - - diff --git a/services/scout/src/spawnWrapper.spec.ts b/services/scout/src/spawnWrapper.spec.ts deleted file mode 100644 index c3e98f2..0000000 --- a/services/scout/src/spawnWrapper.spec.ts +++ /dev/null @@ -1,30 +0,0 @@ -import { expect } from "chai" -import spawnWrapper from "./spawnWrapper.ts" -import { getRandomRoom } from "./cb.ts" - -describe('spawnWrapper', function () { - describe('integration', function () { - this.timeout(1000*8) - let roomUrl: string - this.beforeAll(async function () { - roomUrl = (await getRandomRoom()).url - }) - it('should get a playlistUrl of an active stream', async function () { - // the system under test is the network integration - const {code, output} = await spawnWrapper('yt-dlp', ['-g', roomUrl]) - expect(code).to.equal(0) - expect(output).to.match(/https:\/\/.*\.m3u8/) - }) - // these tests are flaky because the rooms used will not always be in the same state - xit('should handle when the room is offline', async function () { - const {code, output} = await spawnWrapper('yt-dlp', ['-g', 'chaturbate.com/48507961285']) - expect(code).to.equal(1) - expect(output).to.match(/Room is currently offline/) - }) - xit('should handle when the room is passworded', async function () { - const {code, output} = await spawnWrapper('yt-dlp', ['-g', 'chaturbate.com/projektmelody']) - expect(code).to.equal(1) - expect(output).to.match(/Unable to find stream URL/) - }) - }) -}) \ No newline at end of file diff --git a/services/scout/src/spawnWrapper.ts b/services/scout/src/spawnWrapper.ts deleted file mode 100644 index 03c2974..0000000 --- a/services/scout/src/spawnWrapper.ts +++ /dev/null @@ -1,34 +0,0 @@ -import child_process from 'node:child_process' - -export interface SpawnOutput { - code: number; - output: string; -} - - -/** - * we have this child_process.spawn wrapper to make testing easier. - * this function is meant to be mocked during unit tests so the function logic can be tested - * without making a network request. - */ -export default async function spawnWrapper (command: string, args: string[]): Promise { - console.log(`spawnWrapper command=${command}, with the following args ${args.join(' ')}`) - return new Promise((resolve, reject) => { - let output = ''; - const process = child_process.spawn(command, args) - process.on('exit', function (code) { - if (code === undefined || code === null) throw new Error('process exited without an exit code'); - resolve({ code, output }) - }) - process.stdout.on('data', (data) => { - output += data - }) - process.stderr.on('data', (data) => { - output += data - }) - process.on('error', function (e) { - reject(e) - }) - }) -} - diff --git a/services/scout/src/twitter.js b/services/scout/src/twitter.js deleted file mode 100644 index ea900bc..0000000 --- a/services/scout/src/twitter.js +++ /dev/null @@ -1,65 +0,0 @@ - -import * as htmlparser2 from "htmlparser2"; -import { load } from 'cheerio' -import { download } from '@futureporn/utils/file.ts'; -import pRetry, { AbortError } from 'p-retry'; - -if (!process.env.SCOUT_NITTER_ACCESS_KEY) throw new Error('SCOUT_NITTER_ACCESS_KEY was undefined in env'); -if (!process.env.SCOUT_NITTER_URL) throw new Error('SCOUT_NITTER_URL was undefined in env'); - - - -const regex = { - username: new RegExp(/https:\/\/(?:twitter\.com|x\.com)\/([a-zA-Z0-9_]+)/i) -} - -const normalize = (url) => { - if (!url) throw new Error('normalized received a null or undefined url.'); - return fromUsername(twitter.regex.username.exec(url).at(1)) -} - - -const image = async function image (twitterUsername) { - if (!twitterUsername) throw new Error('first arg to twitter.data.image must be a twitterUsername. It was undefined.'); - const requestDataFromNitter = async () => { - const url = `${process.env.SCOUT_NITTER_URL}/${twitterUsername}/rss?key=${process.env.SCOUT_NITTER_ACCESS_KEY}` - // console.log(`fetching from url=${url}`) - const response = await fetch(url); - // Abort retrying if the resource doesn't exist - if (response.status === 404) { - throw new AbortError(response.statusText); - } - return response.text(); - } - const body = await pRetry(requestDataFromNitter, { retries: 5 }); - try { - const dom = htmlparser2.parseDocument(body); - const $ = load(dom, { _useHtmlParser2: true }) - const urls = $('url:contains("profile_images")').first() - const downloadedImageFile = await download({ url: urls.text() }) - return downloadedImageFile - } catch (e) { - console.error(`while fetching rss from nitter, the following error was encountered.`) - console.error(e) - } -} - -const fromUsername = (username) => `https://x.com/${username}` - -const url = { - normalize, - fromUsername -} - -const data = { - image -} - -const twitter = { - regex, - url, - data, -} - - -export default twitter \ No newline at end of file diff --git a/services/scout/src/twitter.spec.js b/services/scout/src/twitter.spec.js deleted file mode 100644 index e2f2403..0000000 --- a/services/scout/src/twitter.spec.js +++ /dev/null @@ -1,28 +0,0 @@ -import { expect } from 'chai' -import twitter from './twitter.js' -import { describe } from 'mocha' -import { tmpFileRegex } from './utils.js' - -describe('twitter', function () { - describe('regex', function () { - describe('username', function () { - it('should get the username of the channel', function () { - expect(twitter.regex.username.exec('https://twitter.com/18Plus').at(1)).to.equal('18Plus') - expect(twitter.regex.username.exec('https://twitter.com/projektmelody').at(1)).to.equal('projektmelody') - expect(twitter.regex.username.exec('https://twitter.com/GoodKittenVR').at(1)).to.equal('GoodKittenVR') - expect(twitter.regex.username.exec('https://x.com/projektmelody').at(1)).to.equal('projektmelody') - expect(twitter.regex.username.exec('https://x.com/18Plus').at(1)).to.equal('18Plus') - expect(twitter.regex.username.exec('https://x.com/GoodKittenVR').at(1)).to.equal('GoodKittenVR') - }) - }) - }) - describe('data', function () { - this.timeout(1000*30) - describe('image', function () { - it("should download the twitter users's avatar and save it to disk", async function () { - const imgFile = await twitter.data.image('projektmelody') - expect(imgFile).to.match(tmpFileRegex) - }) - }) - }) -}) \ No newline at end of file diff --git a/services/scout/src/ua.ts b/services/scout/src/ua.ts deleted file mode 100644 index 7d643f8..0000000 --- a/services/scout/src/ua.ts +++ /dev/null @@ -1 +0,0 @@ -export const ua0 = 'Mozilla/5.0 (X11; Linux x86_64; rv:105.0) Gecko/20100101 Firefox/105.0' \ No newline at end of file diff --git a/services/scout/src/vtuber.spec.js b/services/scout/src/vtuber.spec.js deleted file mode 100644 index b628368..0000000 --- a/services/scout/src/vtuber.spec.js +++ /dev/null @@ -1,36 +0,0 @@ - -import { expect } from 'chai' -import { describe } from 'mocha' -import { getImage } from './vtuber.js' -import { tmpFileRegex } from './utils.js' - -const vtuberFixture0 = { - id: 0, - attributes: { - slug: 'projektmelody', - twitter: 'https://x.com/projektmelody', - fansly: 'https://fansly.com/projektmelody' - } -} -const vtuberFixture1 = { - id: 0, - attributes: { - slug: 'projektmelody', - twitter: undefined, - fanslyId: '284824898138812416' - } -} - -describe('vtuber', function () { - this.timeout(1000*60) - describe('getImage', function () { - it('should download an avatar image from twitter', async function () { - const file = await getImage(vtuberFixture0) - expect(file).to.match(tmpFileRegex) - }) - it('should download an avatar image from fansly', async function () { - const file = await getImage(vtuberFixture1) - expect(file).to.match(tmpFileRegex) - }) - }) -}) \ No newline at end of file diff --git a/services/scout/src/vtuber.ts b/services/scout/src/vtuber.ts deleted file mode 100644 index 31164ad..0000000 --- a/services/scout/src/vtuber.ts +++ /dev/null @@ -1,44 +0,0 @@ -import dotenv from 'dotenv'; -dotenv.config({ - path: '../../.env', -}); - -import { type IVtuber } from '@futureporn/types'; -import twitter from './twitter.js'; -import { getProfileImage } from './fansly.ts'; - -/** - * Acquire a vtuber image from the www - * - * Sources preference - * 1. Twitter - * 2. Fansly - * - * Our task is to download an avatar image of the vtuber. - * A slug is good for pulling a record from the database. From there, we can see any social medias such as Twitter or Fansly. - * Twitter is preferred. - * - * We depend on one of these social media URLs. If there is neither Twitter nor Fansly listed, we throw an error. - * - * @param {IVtuber} vtuber -- vtuber instance from Strapi - * @returns {string} filePath -- path on disk where the image was saved - */ -export async function getImage(vtuber: IVtuber): Promise { - if (!vtuber) throw new Error('first arg must be vtuber instance'); - - const { twitter: twitterUrl, fanslyId: fanslyId } = vtuber.attributes; - const twitterUsername = twitterUrl && twitterUrl.match(/@(\w+)/)?.[1]; - - let img: string|undefined; - if (twitterUrl) { - img = await twitter.data.image(twitterUsername); - } else if (fanslyId) { - img = await getProfileImage(fanslyId); - } else { - const msg = `while attempting to get vtuber image, there was neither twitterUrl nor fanslyId listed. One of these must exist for us to download an image.\nvtuber=${JSON.stringify(vtuber, null, 2)}`; - console.error(msg); - throw new Error(msg); - } - if (!img) throw new Error('failed to acquire vtuber image'); - return img; -} \ No newline at end of file diff --git a/services/scout/src/ytdlp.spec.ts b/services/scout/src/ytdlp.spec.ts deleted file mode 100644 index d550f89..0000000 --- a/services/scout/src/ytdlp.spec.ts +++ /dev/null @@ -1,53 +0,0 @@ -import { getRandomRoom } from './cb.ts' -import { expect } from 'chai' -import esmock from 'esmock' -import { mock } from 'node:test' - -describe('esmock integration', function () { - // sanity test to ensure esmock functionality doesn't break - // here we are overriding the hello.ts module's functionality - // normally it would return an Earth emoji with Asia visible. - it('should return a planet Earth emoji with Americas visible', async function () { - const hello = await esmock('./hello.ts', { - './icons': { world: '🌎' } - }) - expect(hello('world')).to.equal('🌎') - expect(hello()).to.equal('hi') - }) -}) - -describe('ytdlp', function () { - - describe('integration', function () { - let roomUrl: string; - this.beforeAll(async function () { - roomUrl = (await getRandomRoom()).url - }) - }) - describe('unit', function () { - it('should handle 403s by using a proxy', async function () { - this.timeout(2000) - const ytdlpErrorRequestForbidden = "ERROR: [Chaturbate] projektmelody: Unable to download webpage: HTTP Error 403: Forbidden (caused by ); please report this issue on https://github.com/yt-dlp/yt-dlp/issues?q= , filling out the appropriate issue template. Confirm you are on the latest version using yt-dlp -U" - const requestSimulator = mock.fn(() => { - if (requestSimulator.mock.calls.length === 0) { - return { - code: 1, - output: ytdlpErrorRequestForbidden - } - } else { - return { - code: 0, - output: 'https://example.com/playlist.m3u8' - } - } - }) - - const ytdlp = await esmock('./ytdlp.ts', { - // simulate a yt-dlp request getting blocked by Cloudflare - './spawnWrapper.ts': requestSimulator - }) - const url = await ytdlp.getPlaylistUrl('chaturbate.com/projektmelody') - expect(url).to.match(/https:\/\/.*\.m3u8/) - }) - }) -}) \ No newline at end of file diff --git a/services/scout/src/ytdlp.ts b/services/scout/src/ytdlp.ts deleted file mode 100644 index dfb046b..0000000 --- a/services/scout/src/ytdlp.ts +++ /dev/null @@ -1,43 +0,0 @@ -import spawnWrapper from './spawnWrapper.ts' -import 'dotenv/config' -import { configs } from './config.ts' -import { type GenericApiResponse } from '@futureporn/types' -import { ExhaustedRetriesError, RoomOfflineError } from '@futureporn/utils/error.ts' - -const maxRetries = 3 - - - -export async function getPlaylistUrl (roomUrl: string, proxy = false, retries = 0): Promise { - console.log(`getPlaylistUrl roomUrl=${roomUrl} proxy=${false} retries=${retries}`) - let args = ['-4', '-g', roomUrl] - if (proxy) { - console.log(`proxy=${proxy}, HTTP_PROXY=${configs.httpProxy}`) - args = args.concat(['--proxy', configs.httpProxy]) - } - const { code, output } = await spawnWrapper('yt-dlp', args) - if (output.match(/HTTP Error 403/)) { - // we were likely blocked by Cloudflare - // we make the request a second time, this time via proxy - if (retries < maxRetries) return getPlaylistUrl(roomUrl, true, retries+=1); - else throw new ExhaustedRetriesError(); - } else if (output.match(/Unable to find stream URL/)) { - // sometimes this happens. a retry is in order. - if (retries < maxRetries) return getPlaylistUrl(roomUrl, proxy, retries+=1); - else throw new ExhaustedRetriesError() - } else if (code === 0 && output.match(/https:\/\/.*\.m3u8/)) { - // this must be an OK result with a playlist - return { data: { playlistUrl: output.trim() }, error: null, message: 'we got a playlistUrl' } - } else if (code === 1 && output.match(/Room is currently offline/)) { - throw new RoomOfflineError() - } else { - console.error('exotic scenario') - const msg = `We encountered an exotic scenario where code=${code} and output=${output}. Admin: please patch the code to handle this scenario.` - console.error(msg) - throw new Error(msg) - } -} - -export default { - getPlaylistUrl -} \ No newline at end of file diff --git a/services/scout/tsconfig.json b/services/scout/tsconfig.json deleted file mode 100644 index faacd28..0000000 --- a/services/scout/tsconfig.json +++ /dev/null @@ -1,33 +0,0 @@ -{ - "compilerOptions": { - // Base Options recommended for all projects - "allowImportingTsExtensions": true, - "noEmit": true, - "esModuleInterop": true, - "skipLibCheck": true, - "target": "ESNext", - "allowJs": true, - "moduleResolution": "Bundler", - "resolveJsonModule": true, - "moduleDetection": "force", - "isolatedModules": true, - // Enable strict type checking so you can catch bugs early - "strict": true, - "noUncheckedIndexedAccess": true, - "noImplicitOverride": true, - // Transpile our TypeScript code to JavaScript - "module": "ESNext", - "outDir": "dist", - "lib": [ - "ESNext", - "dom" - ] - }, - // Include the necessary files for your project - "include": [ - "src/**/*.ts" - ], - "exclude": [ - "node_modules" - ] -} \ No newline at end of file diff --git a/services/scout/tsup.config.ts b/services/scout/tsup.config.ts deleted file mode 100644 index 1ce909d..0000000 --- a/services/scout/tsup.config.ts +++ /dev/null @@ -1,18 +0,0 @@ -import { defineConfig } from 'tsup' -import { exec } from 'node:child_process' -import { promisify } from 'node:util' - -export default defineConfig({ - entry: [ - 'src/index.ts' - ], - shims: true, - clean: true, - loader: { - '.yml': 'file' - }, - onSuccess: async () => { - const execP = promisify(exec) - // execP('cp ./src/api.yaml ./dist/api.yaml') - }, -}) diff --git a/services/strapi/.editorconfig b/services/strapi/.editorconfig deleted file mode 100644 index 473e451..0000000 --- a/services/strapi/.editorconfig +++ /dev/null @@ -1,16 +0,0 @@ -root = true - -[*] -indent_style = space -indent_size = 2 -end_of_line = lf -charset = utf-8 -trim_trailing_whitespace = true -insert_final_newline = true - -[{package.json,*.yml}] -indent_style = space -indent_size = 2 - -[*.md] -trim_trailing_whitespace = false diff --git a/services/strapi/.eslintignore b/services/strapi/.eslintignore deleted file mode 100644 index 90759a5..0000000 --- a/services/strapi/.eslintignore +++ /dev/null @@ -1,3 +0,0 @@ -.cache -build -**/node_modules/** diff --git a/services/strapi/.eslintrc b/services/strapi/.eslintrc deleted file mode 100644 index b2ca93b..0000000 --- a/services/strapi/.eslintrc +++ /dev/null @@ -1,27 +0,0 @@ -{ - "parser": "babel-eslint", - "extends": "eslint:recommended", - "env": { - "commonjs": true, - "es6": true, - "node": true, - "browser": false - }, - "parserOptions": { - "ecmaFeatures": { - "experimentalObjectRestSpread": true, - "jsx": false - }, - "sourceType": "module" - }, - "globals": { - "strapi": true - }, - "rules": { - "indent": ["error", 2, { "SwitchCase": 1 }], - "linebreak-style": ["error", "unix"], - "no-console": 0, - "quotes": ["error", "single"], - "semi": ["error", "always"] - } -} diff --git a/services/strapi/.gitignore b/services/strapi/.gitignore deleted file mode 100644 index 91e0eb7..0000000 --- a/services/strapi/.gitignore +++ /dev/null @@ -1,115 +0,0 @@ -############################ -# OS X -############################ - -.DS_Store -.AppleDouble -.LSOverride -Icon -.Spotlight-V100 -.Trashes -._* - - -############################ -# Linux -############################ - -*~ - - -############################ -# Windows -############################ - -Thumbs.db -ehthumbs.db -Desktop.ini -$RECYCLE.BIN/ -*.cab -*.msi -*.msm -*.msp - - -############################ -# Packages -############################ - -*.7z -*.csv -*.dat -*.dmg -*.gz -*.iso -*.jar -*.rar -*.tar -*.zip -*.com -*.class -*.dll -*.exe -*.o -*.seed -*.so -*.swo -*.swp -*.swn -*.swm -*.out -*.pid - - -############################ -# Logs and databases -############################ - -.tmp -*.log -*.sql -*.sqlite -*.sqlite3 - - -############################ -# Misc. -############################ - -*# -ssl -.idea -nbproject -public/uploads/* -!public/uploads/.gitkeep - -############################ -# Node.js -############################ - -lib-cov -lcov.info -pids -logs -results -node_modules -.node_history - -############################ -# Tests -############################ - -coverage - -############################ -# Strapi -############################ - -.env -license.txt -exports -.strapi -dist -build -.strapi-updater.json -.strapi-cloud.json diff --git a/services/strapi/README.md b/services/strapi/README.md deleted file mode 100644 index 879d89b..0000000 --- a/services/strapi/README.md +++ /dev/null @@ -1,57 +0,0 @@ -# 🚀 Getting started with Strapi - -Strapi comes with a full featured [Command Line Interface](https://docs.strapi.io/dev-docs/cli) (CLI) which lets you scaffold and manage your project in seconds. - -### `develop` - -Start your Strapi application with autoReload enabled. [Learn more](https://docs.strapi.io/dev-docs/cli#strapi-develop) - -``` -npm run develop -# or -yarn develop -``` - -### `start` - -Start your Strapi application with autoReload disabled. [Learn more](https://docs.strapi.io/dev-docs/cli#strapi-start) - -``` -npm run start -# or -yarn start -``` - -### `build` - -Build your admin panel. [Learn more](https://docs.strapi.io/dev-docs/cli#strapi-build) - -``` -npm run build -# or -yarn build -``` - -## ⚙️ Deployment - -Strapi gives you many possible deployment options for your project including [Strapi Cloud](https://cloud.strapi.io). Browse the [deployment section of the documentation](https://docs.strapi.io/dev-docs/deployment) to find the best solution for your use case. - -## 📚 Learn more - -- [Resource center](https://strapi.io/resource-center) - Strapi resource center. -- [Strapi documentation](https://docs.strapi.io) - Official Strapi documentation. -- [Strapi tutorials](https://strapi.io/tutorials) - List of tutorials made by the core team and the community. -- [Strapi blog](https://strapi.io/blog) - Official Strapi blog containing articles made by the Strapi team and the community. -- [Changelog](https://strapi.io/changelog) - Find out about the Strapi product updates, new features and general improvements. - -Feel free to check out the [Strapi GitHub repository](https://github.com/strapi/strapi). Your feedback and contributions are welcome! - -## ✨ Community - -- [Discord](https://discord.strapi.io) - Come chat with the Strapi community including the core team. -- [Forum](https://forum.strapi.io/) - Place to discuss, ask questions and find answers, show your Strapi project and get feedback or just talk with other Community members. -- [Awesome Strapi](https://github.com/strapi/awesome-strapi) - A curated list of awesome things related to Strapi. - ---- - -🤫 Psst! [Strapi is hiring](https://strapi.io/careers). diff --git a/services/strapi/config/admin.js b/services/strapi/config/admin.js deleted file mode 100644 index fa18851..0000000 --- a/services/strapi/config/admin.js +++ /dev/null @@ -1,17 +0,0 @@ -module.exports = ({ env }) => ({ - auth: { - secret: env('ADMIN_JWT_SECRET'), - }, - apiToken: { - salt: env('API_TOKEN_SALT'), - }, - transfer: { - token: { - salt: env('TRANSFER_TOKEN_SALT'), - }, - }, - flags: { - nps: env.bool('FLAG_NPS', true), - promoteEE: env.bool('FLAG_PROMOTE_EE', true), - }, -}); diff --git a/services/strapi/config/api.js b/services/strapi/config/api.js deleted file mode 100644 index 62f8b65..0000000 --- a/services/strapi/config/api.js +++ /dev/null @@ -1,7 +0,0 @@ -module.exports = { - rest: { - defaultLimit: 25, - maxLimit: 100, - withCount: true, - }, -}; diff --git a/services/strapi/config/database.js b/services/strapi/config/database.js deleted file mode 100644 index 63a17c3..0000000 --- a/services/strapi/config/database.js +++ /dev/null @@ -1,92 +0,0 @@ -const path = require('path'); - -module.exports = ({ env }) => { - const client = env('DATABASE_CLIENT', 'sqlite'); - - const connections = { - mysql: { - connection: { - connectionString: env('DATABASE_URL'), - host: env('DATABASE_HOST', 'localhost'), - port: env.int('DATABASE_PORT', 3306), - database: env('DATABASE_NAME', 'strapi'), - user: env('DATABASE_USERNAME', 'strapi'), - password: env('DATABASE_PASSWORD', 'strapi'), - ssl: env.bool('DATABASE_SSL', false) && { - key: env('DATABASE_SSL_KEY', undefined), - cert: env('DATABASE_SSL_CERT', undefined), - ca: env('DATABASE_SSL_CA', undefined), - capath: env('DATABASE_SSL_CAPATH', undefined), - cipher: env('DATABASE_SSL_CIPHER', undefined), - rejectUnauthorized: env.bool( - 'DATABASE_SSL_REJECT_UNAUTHORIZED', - true - ), - }, - }, - pool: { min: env.int('DATABASE_POOL_MIN', 2), max: env.int('DATABASE_POOL_MAX', 10) }, - }, - mysql2: { - connection: { - host: env('DATABASE_HOST', 'localhost'), - port: env.int('DATABASE_PORT', 3306), - database: env('DATABASE_NAME', 'strapi'), - user: env('DATABASE_USERNAME', 'strapi'), - password: env('DATABASE_PASSWORD', 'strapi'), - ssl: env.bool('DATABASE_SSL', false) && { - key: env('DATABASE_SSL_KEY', undefined), - cert: env('DATABASE_SSL_CERT', undefined), - ca: env('DATABASE_SSL_CA', undefined), - capath: env('DATABASE_SSL_CAPATH', undefined), - cipher: env('DATABASE_SSL_CIPHER', undefined), - rejectUnauthorized: env.bool( - 'DATABASE_SSL_REJECT_UNAUTHORIZED', - true - ), - }, - }, - pool: { min: env.int('DATABASE_POOL_MIN', 2), max: env.int('DATABASE_POOL_MAX', 10) }, - }, - postgres: { - connection: { - connectionString: env('DATABASE_URL'), - host: env('DATABASE_HOST', 'localhost'), - port: env.int('DATABASE_PORT', 5432), - database: env('DATABASE_NAME', 'strapi'), - user: env('DATABASE_USERNAME', 'strapi'), - password: env('DATABASE_PASSWORD', 'strapi'), - ssl: env.bool('DATABASE_SSL', false) && { - key: env('DATABASE_SSL_KEY', undefined), - cert: env('DATABASE_SSL_CERT', undefined), - ca: env('DATABASE_SSL_CA', undefined), - capath: env('DATABASE_SSL_CAPATH', undefined), - cipher: env('DATABASE_SSL_CIPHER', undefined), - rejectUnauthorized: env.bool( - 'DATABASE_SSL_REJECT_UNAUTHORIZED', - true - ), - }, - schema: env('DATABASE_SCHEMA', 'public'), - }, - pool: { min: env.int('DATABASE_POOL_MIN', 2), max: env.int('DATABASE_POOL_MAX', 10) }, - }, - sqlite: { - connection: { - filename: path.join( - __dirname, - '..', - env('DATABASE_FILENAME', '.tmp/data.db') - ), - }, - useNullAsDefault: true, - }, - }; - - return { - connection: { - client, - ...connections[client], - acquireConnectionTimeout: env.int('DATABASE_CONNECTION_TIMEOUT', 60000), - }, - }; -}; diff --git a/services/strapi/config/middlewares.js b/services/strapi/config/middlewares.js deleted file mode 100644 index 6eaf586..0000000 --- a/services/strapi/config/middlewares.js +++ /dev/null @@ -1,12 +0,0 @@ -module.exports = [ - 'strapi::logger', - 'strapi::errors', - 'strapi::security', - 'strapi::cors', - 'strapi::poweredBy', - 'strapi::query', - 'strapi::body', - 'strapi::session', - 'strapi::favicon', - 'strapi::public', -]; diff --git a/services/strapi/config/plugins.js b/services/strapi/config/plugins.js deleted file mode 100644 index 5b3cfd1..0000000 --- a/services/strapi/config/plugins.js +++ /dev/null @@ -1,45 +0,0 @@ -module.exports = () => ({ - 'fuzzy-search': { - enabled: true, - config: { - contentTypes: [{ - uid: 'api::tag.tag', - modelName: 'tag', - transliterate: false, - queryConstraints: { - where: { - '$and': [ - { - publishedAt: { - '$notNull': true - } - }, - ] - } - }, - fuzzysortOptions: { - characterLimit: 32, - threshold: -600, - limit: 10, - keys: [{ - name: 'name', - weight: 100 - }] - } - }] - } - }, - "users-permissions": { - config: { - register: { - allowedFields: [ - "isNamePublic", - "isLinkPublic", - "avatar", - "vanityLink", - "patreonBenefits" - ] - } - } - } -}); diff --git a/services/strapi/config/server.js b/services/strapi/config/server.js deleted file mode 100644 index 15e5966..0000000 --- a/services/strapi/config/server.js +++ /dev/null @@ -1,12 +0,0 @@ -module.exports = ({ env }) => ({ - host: env('HOST', '0.0.0.0'), - port: env.int('PORT', 1337), - proxy: true, - app: { - keys: env.array('APP_KEYS'), - }, - webhooks: { - populateRelations: env.bool('WEBHOOKS_POPULATE_RELATIONS', false), - }, - url: env('STRAPI_URL', 'http://localhost:1337'), -}); diff --git a/services/strapi/database/daily-backup.sh b/services/strapi/database/daily-backup.sh deleted file mode 100644 index 1ee0aeb..0000000 --- a/services/strapi/database/daily-backup.sh +++ /dev/null @@ -1,13 +0,0 @@ -#!/bin/bash - -# daily-backup.sh -# useful for the dokku server -# dokku's backup feature is broken atm https://github.com/dokku/dokku-postgres/issues/274 -# backups are exported from dokku:postgres plugin before being sent to b2 - - -filename="$(date +'%Y-%m-%d_%H-%M-%S').psql" - -dokku postgres:export futureporn-db > "${filename}" -b2-linux upload-file futureporn-db-backup "./${filename}" "${filename}" - diff --git a/services/strapi/database/devDb.sh b/services/strapi/database/devDb.sh deleted file mode 100755 index d33e117..0000000 --- a/services/strapi/database/devDb.sh +++ /dev/null @@ -1,21 +0,0 @@ -#!/bin/bash - - -# Check if the containers already exist -pgadmin_exists=$(docker ps -a --filter "name=pgadmin" --format '{{.Names}}') -strapi_postgres_exists=$(docker ps -a --filter "name=strapi-postgres" --format '{{.Names}}') - -# Run strapi-postgres container if it doesn't exist or is not running -if [ -z "$strapi_postgres_exists" ]; then - docker run -d --name strapi-postgres -p 5432:5432 -e POSTGRES_PASSWORD=$POSTGRES_PASSWORD postgres:14.7 - echo "strapi-postgres container created and started." -else - container_status=$(docker inspect -f '{{.State.Status}}' strapi-postgres) - - if [ "$container_status" != "running" ]; then - docker start strapi-postgres - echo "strapi-postgres container started." - else - echo "strapi-postgres container already exists and is running. Skipping creation." - fi -fi diff --git a/services/strapi/database/migrations/.gitkeep b/services/strapi/database/migrations/.gitkeep deleted file mode 100644 index e69de29..0000000 diff --git a/services/strapi/database/migrations/2023-08-01-relate-vods-to-vtubers-part2.js b/services/strapi/database/migrations/2023-08-01-relate-vods-to-vtubers-part2.js deleted file mode 100644 index 795adca..0000000 --- a/services/strapi/database/migrations/2023-08-01-relate-vods-to-vtubers-part2.js +++ /dev/null @@ -1,25 +0,0 @@ -module.exports = { - async up(knex) { - // ... (Create vods_vtuber_links table if not already created) - - // Get vtuber ID for ProjektMelody (assuming it's 1) - const vtuberId = 1; - - // Get all VODs from the database - const vods = await knex.select('*').from('vods'); - - // For each VOD, associate it with the vtuber (vtuber with ID 1) if not already associated - for (const [index, vod] of vods.entries()) { - const existingAssociation = await knex('vods_vtuber_links') - .where({ vtuber_id: vtuberId, vod_id: vod.id }) - .first(); - if (!existingAssociation) { - await knex('vods_vtuber_links').insert({ - vtuber_id: vtuberId, - vod_id: vod.id, - vod_order: index + 1, // Auto-increment the vod_order number - }); - } - } - } -}; diff --git a/services/strapi/database/migrations/2023-08-17-reformat-cdnUrl.js b/services/strapi/database/migrations/2023-08-17-reformat-cdnUrl.js deleted file mode 100644 index c090e12..0000000 --- a/services/strapi/database/migrations/2023-08-17-reformat-cdnUrl.js +++ /dev/null @@ -1,18 +0,0 @@ -module.exports = { - async up(knex) { - - // Get all B2 Files from the database - const files = await knex.select('*').from('b2_files'); - - // For each B2 File, update cdnUrl - // we do this to change - // erroneous https://futureporn-b2.b-cdn.net/futureporn/:key - // to https://futureporn-b2.b-cdn.net/:key - for (const [index, file] of files.entries()) { - const key = file.key; - const cdnUrl = `https://futureporn-b2.b-cdn.net/${key}`; - await knex('b2_files').update({ cdn_url: cdnUrl }).where({ id: file.id }); - } - }, - }; - \ No newline at end of file diff --git a/services/strapi/database/migrations/2023-08-20-strip-query-string-from-cid.js b/services/strapi/database/migrations/2023-08-20-strip-query-string-from-cid.js deleted file mode 100644 index 0a254f2..0000000 --- a/services/strapi/database/migrations/2023-08-20-strip-query-string-from-cid.js +++ /dev/null @@ -1,23 +0,0 @@ -const stripQueryString = function (text) { - if (!text) return ''; - return text.split(/[?#]/)[0]; -} - -module.exports = { - async up(knex) { - - // Get all vods - const vods = await knex.select('*').from('vods'); - - // For each vod, update videoSrcHash and video240Hash - // we remove any existing ?filename(...) qs from the cid - for (const [index, vod] of vods.entries()) { - const strippedVideoSrcHash = stripQueryString(vod.video_src_hash) - const strippedVideo240Hash = stripQueryString(vod.video_240_hash) - await knex('vods').update({ video_src_hash: strippedVideoSrcHash }).where({ id: vod.id }); - await knex('vods').update({ video_240_hash: strippedVideo240Hash }).where({ id: vod.id }); - } - - }, - }; - \ No newline at end of file diff --git a/services/strapi/database/migrations/2023-08-30-remove-cloudinary.js b/services/strapi/database/migrations/2023-08-30-remove-cloudinary.js deleted file mode 100644 index 6f1f5a7..0000000 --- a/services/strapi/database/migrations/2023-08-30-remove-cloudinary.js +++ /dev/null @@ -1,13 +0,0 @@ -module.exports = { - async up(knex) { - - const toys = await knex.select('*').from('toys'); - for (const [index, toy] of toys.entries()) { - if (toy.image_2) { - const existingImageFilename = new URL(toy.image_2).pathname.split('/').at(-1) - await knex('toys').update({ image_2: `https://futureporn-b2.b-cdn.net/${existingImageFilename}` }).where({ id: toy.id }); - } - } - }, - }; - \ No newline at end of file diff --git a/services/strapi/database/migrations/2023-08-30-toy-image-field-simplify.js b/services/strapi/database/migrations/2023-08-30-toy-image-field-simplify.js deleted file mode 100644 index 66ab1de..0000000 --- a/services/strapi/database/migrations/2023-08-30-toy-image-field-simplify.js +++ /dev/null @@ -1,33 +0,0 @@ -module.exports = { - async up(knex) { - // Add the `image2` field (column) as a short text field - await knex.schema.table('toys', (table) => { - table.string('image_2', 512); - }); - - // Get all toys - const toys = await knex.select('*').from('toys'); - - // Update the image2 field with the previous image URLs - for (const toy of toys) { - // lookup the file morph which maps toy to (image) file - const imageFileId = (await knex.select('file_id').from('files_related_morphs').where({ related_id: toy.id }))[0].file_id - - // get the image data from the file - const imageUrl = (await knex.select('url').from('files').where({ id: imageFileId }))[0].url - - if (!imageUrl) continue; - - // Copy the values from image to image2 - await knex('toys').update({ image_2: imageUrl }).where({ id: toy.id }); - } - - const hasImageColumn = await knex.schema.hasColumn('toys', 'image'); - if (hasImageColumn) { - // Drop the `image` column - table.dropColumn('image'); - } - - - }, -}; diff --git a/services/strapi/database/migrations/2023-09-08-change-date-to-string.js b/services/strapi/database/migrations/2023-09-08-change-date-to-string.js deleted file mode 100644 index 3b03cc0..0000000 --- a/services/strapi/database/migrations/2023-09-08-change-date-to-string.js +++ /dev/null @@ -1,23 +0,0 @@ -module.exports = { - async up(knex) { - // Check if the 'date_2' column exists in the 'vods' table - const hasDate2Column = await knex.schema.hasColumn('vods', 'date_2'); - - if (!hasDate2Column) { - // Add the new 'date_2' column as a string if it doesn't exist - await knex.schema.table('vods', (table) => { - table.string('date_2'); - }); - - // Fetch all existing rows from the 'vods' table - const existingVods = await knex.select('id', 'date').from('vods'); - - // Loop through each row and update 'date_2' with the date value - for (const vod of existingVods) { - await knex('vods') - .where({ id: vod.id }) - .update({ date_2: vod.date.toISOString() }); - } - } - }, -}; diff --git a/services/strapi/database/migrations/2023-09-08-drop-toys-image.js b/services/strapi/database/migrations/2023-09-08-drop-toys-image.js deleted file mode 100644 index 2119714..0000000 --- a/services/strapi/database/migrations/2023-09-08-drop-toys-image.js +++ /dev/null @@ -1,11 +0,0 @@ -module.exports = { - async up(knex) { - const hasColumn = await knex.schema.hasColumn('toys', 'image'); - - if (hasColumn) { - await knex.schema.table('toys', (table) => { - table.dropColumn('image'); - }); - } - } -}; diff --git a/services/strapi/database/migrations/2023-09-08-drop-vod-videosrc.js b/services/strapi/database/migrations/2023-09-08-drop-vod-videosrc.js deleted file mode 100644 index 8d1f878..0000000 --- a/services/strapi/database/migrations/2023-09-08-drop-vod-videosrc.js +++ /dev/null @@ -1,11 +0,0 @@ -module.exports = { - async up(knex) { - const hasColumn = await knex.schema.hasColumn('vods', 'video_src'); - - if (hasColumn) { - await knex.schema.table('vods', (table) => { - table.dropColumn('video_src'); - }); - } - } -}; diff --git a/services/strapi/database/migrations/2023-12-24-add-cuid-to-vods.js b/services/strapi/database/migrations/2023-12-24-add-cuid-to-vods.js deleted file mode 100644 index 5590b99..0000000 --- a/services/strapi/database/migrations/2023-12-24-add-cuid-to-vods.js +++ /dev/null @@ -1,31 +0,0 @@ - -const generateCuid = require('../../misc/generateCuid'); - -module.exports = { - async up(knex) { - - console.log(`MIGRATION-- 2023-12-24-add-cuid-to-vods.js`); - - // Check if the 'cuid' column already exists in the 'vods' table - const hasCuidColumn = await knex.schema.hasColumn('vods', 'cuid'); - - if (!hasCuidColumn) { - // Add the 'cuid' column to the 'vods' table - await knex.schema.table('vods', (table) => { - table.string('cuid'); - }); - } - - // Get all vods from the database - const vods = await knex.select('*').from('vods'); - - // For each vod, populate cuid if it's null or undefined - for (const [index, vod] of vods.entries()) { - if (!vod.cuid) { - await knex('vods').update({ cuid: generateCuid() }).where({ id: vod.id }); - } - } - - }, -}; - diff --git a/services/strapi/database/migrations/2023-12-26-add-cuid-to-streams.js b/services/strapi/database/migrations/2023-12-26-add-cuid-to-streams.js deleted file mode 100644 index 942854b..0000000 --- a/services/strapi/database/migrations/2023-12-26-add-cuid-to-streams.js +++ /dev/null @@ -1,33 +0,0 @@ - -const { init } = require('@paralleldrive/cuid2'); - -module.exports = { - async up(knex) { - - console.log(`MIGRATION-- 2023-12-26-add-cuid-to-streams.js`); - - // Check if the 'cuid' column already exists in the 'streams' table - const hasCuidColumn = await knex.schema.hasColumn('streams', 'cuid'); - - if (!hasCuidColumn) { - // Add the 'cuid' column to the 'streams' table - await knex.schema.table('streams', (table) => { - table.string('cuid'); - }); - } - - // Get all streams from the database - const streams = await knex.select('*').from('streams'); - - // For each stream, populate cuid if it's null or undefined - for (const [index, stream] of streams.entries()) { - if (!stream.cuid) { - const length = 10; - const genCuid = init({ length }); - await knex('streams').update({ cuid: genCuid() }).where({ id: stream.id }); - } - } - - }, -}; - diff --git a/services/strapi/database/migrations/2023-12-27-relate-vods-to-streams.js b/services/strapi/database/migrations/2023-12-27-relate-vods-to-streams.js deleted file mode 100644 index 703275d..0000000 --- a/services/strapi/database/migrations/2023-12-27-relate-vods-to-streams.js +++ /dev/null @@ -1,35 +0,0 @@ - -const { sub, add } = require('date-fns'); - - -module.exports = { - async up(knex) { - console.log(`MIGRATION-- 2023-12-27-relate-vods-to-streams.js`); - - // Get all VODs from the database - const vods = await knex.select('*').from('vods'); - - // For each VOD, associate it with the stream with the nearest date (if not already associated) - for (const [index, vod] of vods.entries()) { - const existingAssociation = await knex('vods_stream_links') - .where({ vod_id: vod.id }) - .first(); - - if (!existingAssociation) { - // get nearest stream within +/- 3 hours - const date2 = new Date(vod.date_2); - const startDate = sub(date2, { hours: 3 }) - const endDate = add(date2, { hours: 3 }); - console.log(`vod.id=${vod.id}, vod.date_2=${vod.date_2}, date2=${date2}, startDate=${startDate}, endDate=${endDate}`) - const stream = await knex('streams') - .whereBetween('date', [startDate, endDate]) - - await knex('vods_stream_links').insert({ - stream_id: stream.id, - vod_id: vod.id, - vod_order: 1, - }); - } - } - }, -}; diff --git a/services/strapi/database/migrations/2023.05.09-video-src-sanity.js.noexec b/services/strapi/database/migrations/2023.05.09-video-src-sanity.js.noexec deleted file mode 100644 index cda7f9d..0000000 --- a/services/strapi/database/migrations/2023.05.09-video-src-sanity.js.noexec +++ /dev/null @@ -1,26 +0,0 @@ - -const fetch = require('node-fetch') - -let problemUrls = [] - -async function checkUrl(url) { - const res = await fetch(url); - if (!res.ok || !res?.headers?.get('x-bz-file-name') || !res?.headers?.get('x-bz-file-id')) problemUrls.push(url) -} - - - -module.exports = { - async up(knex) { - - // Get all VODs from the database - const vods = await knex.select('*').from('vods'); - - // sanity check every B2 URL - for (const vod of vods) { - await checkUrl(vod.video_src) - } - - process.exit(5923423) - }, -}; \ No newline at end of file diff --git a/services/strapi/database/migrations/2023.05.11T12.32.00.convert-to-video-src-b2.js.noexec b/services/strapi/database/migrations/2023.05.11T12.32.00.convert-to-video-src-b2.js.noexec deleted file mode 100644 index 0ccaeb3..0000000 --- a/services/strapi/database/migrations/2023.05.11T12.32.00.convert-to-video-src-b2.js.noexec +++ /dev/null @@ -1,98 +0,0 @@ - -const fetch = require('node-fetch') - -// greets chatgpt -async function getFileDetailsFromUrl(url) { - const controller = new AbortController(); - const signal = controller.signal; - - const options = { - signal, - }; - - let retries = 10; - - while (retries) { - console.log(`fetching~~ ${url}`); - const timeoutId = setTimeout(() => { - console.log('fetch timed out, aborting...'); - controller.abort(); - }, 5000); - - try { - const res = await fetch(url, options); - - clearTimeout(timeoutId); - - console.log('finished fetch'); - if (!res.ok) throw new Error(`problem while getting file from url with url ${url}`); - if (!res?.headers?.get('x-bz-file-name')) throw new Error(`${url} did not have a x-bz-file-name in the response headers`); - if (!res?.headers?.get('x-bz-file-id')) throw new Error(`${url} did not have a x-bz-file-id in the response headers`); - - return { - key: res.headers.get('x-bz-file-name'), - url: url, - uploadId: res.headers.get('x-bz-file-id'), - }; - } catch (err) { - clearTimeout(timeoutId); - retries--; - - if (retries === 0) { - console.error(`Could not fetch file details from URL: ${url}.`); - throw err; - } - - console.warn(`Retrying fetch (${retries} attempts left)`); - } - } -} - - - - -module.exports = { - async up(knex) { - // You have full access to the Knex.js API with an already initialized connection to the database - - // Get all VODs from the database - const vods = await knex.select('*').from('vods'); - - - // Process each VOD - for (const vod of vods) { - - // courtesy timer - await new Promise((resolve) => setTimeout(resolve, 1000)) - - console.log(vod) - // Get the file details from the VOD's video source URL - if (vod?.video_src) { - try { - const fileDetails = await getFileDetailsFromUrl(vod.video_src); - - // Insert the B2 file into the database - const [file] = await knex('b2_files').insert({ - url: fileDetails.url, - key: fileDetails.key, - upload_id: fileDetails.uploadId, - }).returning('id'); - - console.log(file) - console.log(`attempting to insert vod_id:${vod.id}, b_2_file_id:${file.id} for videoSrcB2`) - - // Link the B2 file to the VOD - await knex('vods_video_src_b_2_links').insert({ - vod_id: vod.id, - b_2_file_id: file.id, - }); - } catch (e) { - console.error(e) - console.log(`there was an error so we are skipping vod ${vod.id}`) - } - } else { - console.log(`${vod.id} has no video_src. skipping.`) - } - } - }, -}; diff --git a/services/strapi/database/migrations/2023.05.14T00.42.00.000Z.migrate-tags-to-tag-vod-relations.js b/services/strapi/database/migrations/2023.05.14T00.42.00.000Z.migrate-tags-to-tag-vod-relations.js deleted file mode 100644 index 7c3e24a..0000000 --- a/services/strapi/database/migrations/2023.05.14T00.42.00.000Z.migrate-tags-to-tag-vod-relations.js +++ /dev/null @@ -1,43 +0,0 @@ - -// up until now, tags have been attached directly to each vod object. -// now, tags are not attached to vods. -// instead, tag-vod-relations are used to associate a tag with a vod - -// what we need to do in this migration is -// * create a new tag-vod-relation for each tag in each vod -// * delete tags field in vods - -module.exports = { - async up(knex) { - - console.log('2023.05.14 - migrate tags to tag_vod_relations') - - // get all tags_vods_links - // for each, create a tag-vod-relation - const tagsVodsLinks = await knex.select('*').from('tags_vods_links') - - for (const tvl of tagsVodsLinks) { - // Create a tag-vod-relation entry for each tag - const tvr = await knex('tag_vod_relations') - .insert({ - created_at: new Date(), - updated_at: new Date(), - creator_id: 1 - }) - .returning( - ['id'] - ) - - await knex('tag_vod_relations_tag_links').insert({ - tag_vod_relation_id: tvr[0].id, - tag_id: tvl.tag_id - }) - - await knex('tag_vod_relations_vod_links').insert({ - tag_vod_relation_id: tvr[0].id, - vod_id: tvl.vod_id - }) - } - - }, -}; \ No newline at end of file diff --git a/services/strapi/database/migrations/2023.05.15T02.44.00.000Z.drop-vod-tags.js b/services/strapi/database/migrations/2023.05.15T02.44.00.000Z.drop-vod-tags.js deleted file mode 100644 index 15fc208..0000000 --- a/services/strapi/database/migrations/2023.05.15T02.44.00.000Z.drop-vod-tags.js +++ /dev/null @@ -1,12 +0,0 @@ - -// previously, we tagged vods directly on the vod content-type -// now, we use tag-vod-relation to relate tags to vods. -// thus, we want to get rid of vod.tags -// and also tag.vods - -module.exports = { - async up(knex) { - console.log('2023.05.15 - drop tags_vods_links') - await knex.schema.dropTable('tags_vods_links') - } -} \ No newline at end of file diff --git a/services/strapi/database/migrations/2023.05.25-gimme-the-tags.js.noexec b/services/strapi/database/migrations/2023.05.25-gimme-the-tags.js.noexec deleted file mode 100644 index 65af409..0000000 --- a/services/strapi/database/migrations/2023.05.25-gimme-the-tags.js.noexec +++ /dev/null @@ -1,110 +0,0 @@ - -// const fetch = require('node-fetch') - -// // greets chatgpt -// async function getFileDetailsFromUrl(url) { -// const controller = new AbortController(); -// const signal = controller.signal; - -// const options = { -// signal, -// }; - -// let retries = 10; - -// while (retries) { -// console.log(`fetching ${url}`); -// const timeoutId = setTimeout(() => { -// console.log('fetch timed out, aborting...'); -// controller.abort(); -// }, 5000); - -// try { -// const res = await fetch(url, options); - -// clearTimeout(timeoutId); - -// console.log('finished fetch'); -// if (!res.ok) throw new Error(`problem while getting file from url with url ${url}`); -// if (!res?.headers?.get('x-bz-file-name')) throw new Error(`${url} did not have a x-bz-file-name in the response headers`); -// if (!res?.headers?.get('x-bz-file-id')) throw new Error(`${url} did not have a x-bz-file-id in the response headers`); - -// return { -// key: res.headers.get('x-bz-file-name'), -// url: url, -// uploadId: res.headers.get('x-bz-file-id'), -// }; -// } catch (err) { -// clearTimeout(timeoutId); -// retries--; - -// if (retries === 0) { -// console.error(`Could not fetch file details from URL: ${url}.`); -// throw err; -// } - -// console.warn(`Retrying fetch (${retries} attempts left)`); -// } -// } -// } - - - - -module.exports = { - async up(knex) { - // You have full access to the Knex.js API with an already initialized connection to the database - - - // we iterate through the local, non-strapi backup db first. - // get list of all tags - // for each tag - // * get list of related vods - // * create relation in Strapi - // * - - - - // Get all VODs from the database - const vods = await knex.select('*').from('vods'); - - - // Process each VOD - for (const vod of vods) { - - // courtesy timer - await new Promise((resolve) => setTimeout(resolve, 10)) - - // @todo - - console.log(vod) - // Get the file details from the VOD's video source URL - if (vod?.video_src) { - try { - const fileDetails = await getFileDetailsFromUrl(vod.video_src); - - // Insert the B2 file into the database - const [file] = await knex('b2_files').insert({ - url: fileDetails.url, - key: fileDetails.key, - upload_id: fileDetails.uploadId, - }).returning('id'); - - console.log(file) - console.log(`attempting to insert vod_id:${vod.id}, b_2_file_id:${file.id} for videoSrcB2`) - - // Link the B2 file to the VOD - await knex('vods_video_src_b_2_links').insert({ - vod_id: vod.id, - b_2_file_id: file.id, - }); - } catch (e) { - console.error(e) - console.log(`there was an error so we are skipping vod ${vod.id}`) - } - } else { - console.log(`${vod.id} has no video_src. skipping.`) - } - } - }, -}; \ No newline at end of file diff --git a/services/strapi/database/migrations/2023.05.25T20.44.00.000Z.get-the-og-tags.js b/services/strapi/database/migrations/2023.05.25T20.44.00.000Z.get-the-og-tags.js deleted file mode 100644 index a211ebb..0000000 --- a/services/strapi/database/migrations/2023.05.25T20.44.00.000Z.get-the-og-tags.js +++ /dev/null @@ -1,124 +0,0 @@ -'use strict' - - -require('dotenv').config() - -const { Client } = require('pg') -const fetch = require('node-fetch') -const _ = require('lodash'); -const ogVods = require('../og-tags.json') - - -// const slugify = require('slugify') - - -// function slugifyString (str) { -// return slugify(str, { -// replacement: '-', // replace spaces with replacement character, defaults to `-` -// remove: undefined, // remove characters that match regex, defaults to `undefined` -// lower: true, // convert to lower case, defaults to `false` -// strict: true, // strip special characters except replacement, defaults to `false` -// locale: 'en', // language code of the locale to use -// trim: true // trim leading and trailing replacement chars, defaults to `true` -// }) -// } - - -async function associateTagWithVodsInStrapi (tagId, vodsIds) { - const res = await fetch(`${process.env.STRAPI_URL}/api/tags/${tagId}`, { - method: 'PUT', - headers: { - 'authorization': `Bearer ${process.env.STRAPI_API_KEY}` - }, - data: { - vods: [vodsIds] - } - }) - const json = await res.json() - - - if (!res.ok) throw new Error(JSON.stringify(json)) -} - - - -async function associateVodWithTagsInStrapi (knex, vodId, tagsIds) { - console.log(`updating vodId:${vodId} with tagsIds:${tagsIds}`) - for (const tagId of tagsIds) { - // see if it exists already - const rows = await knex.select('*').from('tags_vods_links').where({ - 'vod_id': vodId, - 'tag_id': tagId - }) - if (rows.length === 0) { - await knex('tags_vods_links').insert({ - vod_id: vodId, - tag_id: tagId - }); - } - } -} - -async function getStrapiVodByAnnounceUrl (knex, announceUrl) { - const rows = await knex.select('*').from('vods').where('announce_url', announceUrl) - return (rows[0]) -} - - - - -async function getStrapiTagByName (knex, tag) { - const rows = await knex.select('*').from('tags').where({ 'name': tag }) - return rows[0] -} - - - - - -module.exports = { - async up(knex) { - // You have full access to the Knex.js API with an already initialized connection to the database - - for (const vod of ogVods) { - // get matching vod in strapi - console.log(vod) - if (vod.announceUrl) { - const strapiVod = await getStrapiVodByAnnounceUrl(knex, vod.announceUrl) - - if (strapiVod) { - // we've got a matching vod - - if (vod.tags) { - console.log(`source vod has tags: ${vod.tags}`) - - let strapiTagsIds = [] - - // for each tag, get the matching strapi tag ID - for (const tag of vod.tags) { - // lookup the strapi tag id - const strapiTag = await getStrapiTagByName(knex, tag) - if (!!strapiTag) { - strapiTagsIds.push(strapiTag.id) - } - } - - console.log(`we are adding the following strapiTagsIds to vod ID ${strapiVod.id}: ${strapiTagsIds}`) - - // create relations between matching vod and the tags - await associateVodWithTagsInStrapi(knex, strapiVod.id, strapiTagsIds) - - } - } - } - } - - // Get all VODs from the database - const vods = await knex.select('*').from('vods'); - - // Process each VOD - for (const vod of vods) { - - } - } -} diff --git a/services/strapi/database/migrations/2023.07.17.relate-vods-to-vtubers.js b/services/strapi/database/migrations/2023.07.17.relate-vods-to-vtubers.js deleted file mode 100644 index 5f035a1..0000000 --- a/services/strapi/database/migrations/2023.07.17.relate-vods-to-vtubers.js +++ /dev/null @@ -1,70 +0,0 @@ -module.exports = { - async up(knex) { - - console.log('Create vtubers table') - await knex.schema.createTable('vtubers', (table) => { - table.increments('id').primary(); - table.string('displayName').notNullable(); - table.string('chaturbate'); - table.string('twitter'); - table.string('patreon'); - table.string('twitch'); - table.string('tiktok'); - table.string('onlyfans'); - table.string('youtube'); - table.string('linktree'); - table.string('carrd'); - table.string('fansly'); - table.string('pornhub'); - table.string('discord'); - table.string('reddit'); - table.string('throne'); - table.string('instagram'); - table.string('facebook'); - table.string('merch'); - table.string('slug').notNullable(); - table.text('description1').notNullable(); - table.text('description2'); - table.string('image').notNullable(); - }); - - console.log('Create vods_vtuber_links table') - await knex.schema.createTable('vods_vtuber_links', (table) => { - table.increments('id').primary(); - table.integer('vod_id').unsigned().references('vods.id'); - table.integer('vtuber_id').unsigned().references('vtubers.id'); - table.integer('vod_order').notNullable(); - }); - - - console.log('Create a vtuber entry for ProjektMelody') - const projektMelody = { - displayName: 'ProjektMelody', - slug: 'projektmelody', // You can customize the slug based on your preference - description1: 'Description for ProjektMelody', // Add your vtuber's description here - image: 'http://futureporn-b2.b-cdn.net/futureporn/projekt-melody.jpg', // Replace with the image filename for ProjektMelody - }; - - console.log('Get all VODs from the database') - const vods = await knex.select('*').from('vods'); - - console.log('get projektmelody id') - // const [projektMelodyId] = await knex('vtubers').insert(projektMelody); - const projektMelodyId = 1 - - console.log(`projektmelodyId is : ${projektMelodyId}`) - - console.log(`For each VOD, associate ProjektMelody vtuber.`) - for (const [index, vod] of vods.entries()) { - console.log(`Check if vtuber_id exists in the vtubers table`) - const vtuber = await knex('vtubers').where('id', projektMelodyId).first(); - if (vtuber) { - await knex('vods_vtuber_links').insert({ - vtuber_id: projektMelodyId, - vod_id: vod.id, - vod_order: index + 1, // Auto-increment the vod_order number - }); - } - } - }, -}; diff --git a/services/strapi/database/migrations/2023.07.31.add-b2-file-cdnUrl.js b/services/strapi/database/migrations/2023.07.31.add-b2-file-cdnUrl.js deleted file mode 100644 index 308f159..0000000 --- a/services/strapi/database/migrations/2023.07.31.add-b2-file-cdnUrl.js +++ /dev/null @@ -1,18 +0,0 @@ -module.exports = { - async up(knex) { - // Add the 'cdn_url' column to the 'b2_files' table - await knex.schema.table('b2_files', (table) => { - table.string('cdn_url'); // Change the data type if needed (e.g., text, varchar, etc.) - }); - - // Get all B2 Files from the database - const files = await knex.select('*').from('b2_files'); - - // For each B2 File, create cdnUrl - for (const [index, file] of files.entries()) { - const key = file.key; - const cdnUrl = `https://futureporn-b2.b-cdn.net/futureporn/${key}`; - await knex('b2_files').update({ cdn_url: cdnUrl }).where({ id: file.id }); - } - }, -}; diff --git a/services/strapi/database/migrations/2024-01-08-add-streams.js.noexec b/services/strapi/database/migrations/2024-01-08-add-streams.js.noexec deleted file mode 100644 index d354107..0000000 --- a/services/strapi/database/migrations/2024-01-08-add-streams.js.noexec +++ /dev/null @@ -1,30 +0,0 @@ -module.exports = { - async up(knex) { - - await knex.schema.createTable('streams', (table) => { - table.increments('id').primary(); - table.string('date_str').notNullable(); - table.string('vods'); - table.string('vtuber'); - table.string('tweet'); - table.string('date'); - table.string('cuid'); - }); - - - // Add the 'cdn_url' column to the 'b2_files' table - await knex.schema.table('b2_files', (table) => { - table.string('cdn_url'); // Change the data type if needed (e.g., text, varchar, etc.) - }); - - // Get all B2 Files from the database - const files = await knex.select('*').from('b2_files'); - - // For each B2 File, create cdnUrl - for (const [index, file] of files.entries()) { - const key = file.key; - const cdnUrl = `https://futureporn-b2.b-cdn.net/futureporn/${key}`; - await knex('b2_files').update({ cdn_url: cdnUrl }).where({ id: file.id }); - } - }, -}; diff --git a/services/strapi/database/migrations/2024-01-14-add-date2-to-streams.js b/services/strapi/database/migrations/2024-01-14-add-date2-to-streams.js deleted file mode 100644 index 5cbd5cf..0000000 --- a/services/strapi/database/migrations/2024-01-14-add-date2-to-streams.js +++ /dev/null @@ -1,29 +0,0 @@ - -module.exports = { - async up(knex) { - - console.log(`MIGRATION-- 2024-01-14-add-date2-to-streams.js`); - - // Check if the 'date_2' column already exists in the 'streams' table - const hasColumn = await knex.schema.hasColumn('streams', 'date_2'); - - if (!hasColumn) { - console.log(`Adding the 'date_2' column to the 'streams' table`); - await knex.schema.table('streams', (table) => { - table.string('date_2'); - }); - } - - // Get all streams from the database - const streams = await knex.select('*').from('streams'); - - // For each stream, populate date_2 if it's null or undefined - for (const [index, stream] of streams.entries()) { - if (stream.date_2 === null && stream.date_str !== null) { - const result = await knex('streams').update({ date_2: stream.date_str }).where({ id: stream.id }); - } - } - - }, -}; - diff --git a/services/strapi/database/migrations/2024-01-15-add-platform-to-streams.js b/services/strapi/database/migrations/2024-01-15-add-platform-to-streams.js deleted file mode 100644 index a1632e9..0000000 --- a/services/strapi/database/migrations/2024-01-15-add-platform-to-streams.js +++ /dev/null @@ -1,49 +0,0 @@ - -module.exports = { - async up(knex) { - - console.log(`MIGRATION-- 2024-01-15-add-platform-streams.js`); - - // Check if the 'platform' column already exists in the 'streams' table - const hasColumn = await knex.schema.hasColumn('streams', 'platform'); - - if (!hasColumn) { - console.log(`Adding the 'platform' column to the 'streams' table`); - await knex.schema.table('streams', (table) => { - table.string('platform'); - }); - } - - // Get all streams from the database - const streams = await knex.select('*').from('streams'); - - // For each stream, populate platform based on the related tweet data - for (const [index, stream] of streams.entries()) { - - const tweetLink = await knex('streams_tweet_links') - .where({ stream_id: stream.id }) - .first(); - - if (tweetLink) { - console.log(tweetLink); - - const tweet = await knex('tweets') - .where({ id: tweetLink.tweet_id }) - .first(); - - console.log(tweet); - - if (!!tweet) { - console.log(`stream ${stream.id} tweet tweet.is_chaturbate_invite=${tweet.is_chaturbate_invite}, tweet.is_fansly_invite=${tweet.is_fansly_invite}`); - await knex('streams').update({ - is_chaturbate_stream: !!tweet.is_chaturbate_invite, - is_fansly_stream: !!tweet.is_fansly_invite - }).where({ id: stream.id }); - } - } - - } - - }, -}; - diff --git a/services/strapi/database/migrations/2024-07-04-add-fansly-id-to-vtuber.js b/services/strapi/database/migrations/2024-07-04-add-fansly-id-to-vtuber.js deleted file mode 100644 index 3314815..0000000 --- a/services/strapi/database/migrations/2024-07-04-add-fansly-id-to-vtuber.js +++ /dev/null @@ -1,28 +0,0 @@ -module.exports = { - async up(knex) { - - console.log(`MIGRATION-- 2024-07-04-add-fansly-id-to-vtuber.js`); - - // Check if the 'fansly_id' column already exists in the 'vtubers' table - const hasColumn = await knex.schema.hasColumn('vtubers', 'fansly_id'); - - if (!hasColumn) { - console.log(`Adding the 'fansly_id' column to the 'vtubers' table`); - await knex.schema.table('vtubers', (table) => { - table.string('fansly_id'); - }); - } - - // Get all vtubers from the database - const vtubers = await knex.select('*').from('vtubers'); - - // For each vtuber, populate fansly_id if it's null or undefined - for (const [_, vtuber] of vtubers.entries()) { - if (!vtuber.fansly_id) { - await knex('vtubers').update({ fansly_id: '' }).where({ id: vtuber.id }); - } - } - - }, -}; - diff --git a/services/strapi/database/og-tags.json b/services/strapi/database/og-tags.json deleted file mode 100644 index 7d838af..0000000 --- a/services/strapi/database/og-tags.json +++ /dev/null @@ -1,1009 +0,0 @@ -[{ - "tags": null, - "date": "2020-02-09T18:14:25.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1226570058073362438" -}, { - "tags": null, - "date": "2020-02-10T02:15:55.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1226691233659183104" -}, { - "tags": null, - "date": "2020-02-12T01:11:48.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1227399871734468610" -}, { - "tags": null, - "date": "2020-02-12T17:14:12.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1227642067733618691" -}, { - "tags": null, - "date": "2020-02-13T02:09:11.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1227776703415693312" -}, { - "tags": null, - "date": "2020-02-15T02:13:56.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1228502672246005760" -}, { - "tags": null, - "date": "2020-02-18T21:17:28.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1229877618067025923" -}, { - "tags": null, - "date": "2020-02-20T01:06:47.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1230297714719674368" -}, { - "tags": null, - "date": "2020-02-22T02:13:38.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1231039313300901889" -}, { - "tags": null, - "date": "2023-02-19T00:15:09.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1627099434508075008" -}, { - "tags": null, - "date": "2020-02-09T01:40:10.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1226319848411717632" -}, { - "tags": null, - "date": "2020-02-21T16:25:47.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1230891377422192641" -}, { - "tags": null, - "date": "2020-03-03T21:06:17.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1234948231311876096" -}, { - "tags": null, - "date": "2020-03-05T01:18:07.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1235373996906078208" -}, { - "tags": null, - "date": "2020-03-07T02:40:52.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1236119594995245057" -}, { - "tags": null, - "date": "2020-03-12T00:01:06.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1237891327922016258" -}, { - "tags": null, - "date": "2020-03-15T20:22:40.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1239285911201988609" -}, { - "tags": null, - "date": "2020-03-17T19:55:46.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1240003917355921412" -}, { - "tags": null, - "date": "2020-03-22T00:11:12.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1241517748276154371" -}, { - "tags": null, - "date": "2020-03-26T00:14:56.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1242968240894234627" -}, { - "tags": null, - "date": "2020-03-01T21:06:17.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1234223457723961344" -}, { - "tags": ["anal", "deep throat", "vore", "stuck in wall", "choking", "puddle", "squirting"], - "date": "2020-02-08T16:12:42.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1226177041109786625" -}, { - "tags": null, - "date": "2020-02-28T16:38:43.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1233431346112061441" -}, { - "tags": null, - "date": "2020-04-14T19:57:03.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1250151101174816769" -}, { - "tags": null, - "date": "2020-04-24T00:55:16.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1253487639430410240" -}, { - "tags": null, - "date": "2020-04-25T23:05:42.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1254184839684726786" -}, { - "tags": null, - "date": "2020-04-26T22:54:50.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1254544493849739264" -}, { - "tags": null, - "date": "2020-05-09T21:59:16.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1259241552016216065" -}, { - "tags": null, - "date": "2020-05-12T19:01:53.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1260284077011238912" -}, { - "tags": null, - "date": "2020-06-27T00:06:39.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1276668227767144452" -}, { - "tags": null, - "date": "2020-02-17T01:05:40.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1229210268447715328" -}, { - "tags": null, - "date": "2020-04-05T22:55:16.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1246934456927215617" -}, { - "tags": null, - "date": "2020-05-05T19:00:56.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1257747123682119680" -}, { - "tags": null, - "date": "2020-05-28T19:57:30.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1266096281002356736" -}, { - "tags": null, - "date": "2020-05-29T23:02:07.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1266505128426815488" -}, { - "tags": null, - "date": "2020-06-01T00:13:53.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1267247965464297473" -}, { - "tags": null, - "date": "2020-06-06T00:02:11.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1269056957295583240" -}, { - "tags": null, - "date": "2020-06-16T18:55:04.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1272965936685953024" -}, { - "tags": null, - "date": "2020-06-18T23:37:57.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1273761903664336897" -}, { - "tags": null, - "date": "2020-06-21T00:09:09.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1274494531312984064" -}, { - "tags": null, - "date": "2020-06-23T20:00:12.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1275519042955153409" -}, { - "tags": null, - "date": "2020-02-27T01:10:55.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1232835470712803328" -}, { - "tags": null, - "date": "2020-05-23T00:02:55.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1263983714893279233" -}, { - "tags": null, - "date": "2020-07-15T00:25:49.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1283196031648358400" -}, { - "tags": null, - "date": "2020-07-18T01:14:51.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1284295535751499776" -}, { - "tags": null, - "date": "2020-07-25T00:00:05.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1286813436119220225" -}, { - "tags": null, - "date": "2020-07-29T20:03:40.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1288565878502699008" -}, { - "tags": null, - "date": "2020-08-01T00:00:00.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1289350128436838400" -}, { - "tags": null, - "date": "2020-08-05T19:52:40.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1291099825396748292" -}, { - "tags": null, - "date": "2020-08-14T22:21:59.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1294398894466629634" -}, { - "tags": null, - "date": "2020-08-19T21:00:11.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1296190247957659649" -}, { - "tags": null, - "date": "2020-03-14T01:38:59.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1238640737668997120" -}, { - "tags": null, - "date": "2020-07-10T23:59:34.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1281739875319009280" -}, { - "tags": null, - "date": "2020-09-11T18:02:31.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1304480454242861056" -}, { - "tags": null, - "date": "2020-09-13T23:00:49.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1305280300130406402" -}, { - "tags": null, - "date": "2020-09-18T22:55:13.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1307090831011205120" -}, { - "tags": null, - "date": "2020-09-28T20:14:36.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1310674290744995843" -}, { - "tags": null, - "date": "2020-10-02T23:48:02.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1312177554824990720" -}, { - "tags": null, - "date": "2020-10-06T22:59:13.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1313614818713231360" -}, { - "tags": null, - "date": "2020-10-09T18:01:05.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1314626953803161601" -}, { - "tags": null, - "date": "2020-04-02T00:11:39.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1245504130753404931" -}, { - "tags": null, - "date": "2020-08-23T22:59:21.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1297669785883484160" -}, { - "tags": null, - "date": "2020-09-20T20:00:12.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1307771561651441665" -}, { - "tags": null, - "date": "2020-10-31T23:03:57.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1322675709379334146" -}, { - "tags": null, - "date": "2020-11-18T21:28:43.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1329174724790915075" -}, { - "tags": null, - "date": "2020-11-23T23:56:04.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1331023742693232646" -}, { - "tags": null, - "date": "2020-11-26T22:03:19.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1332082533526360066" -}, { - "tags": null, - "date": "2020-12-04T21:18:42.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1334970406025965571" -}, { - "tags": null, - "date": "2020-12-07T23:56:41.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1336097330483916800" -}, { - "tags": null, - "date": "2020-04-09T00:06:24.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1248039525215080449" -}, { - "tags": null, - "date": "2020-10-18T18:59:38.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1317903180148166657" -}, { - "tags": null, - "date": "2020-10-29T19:58:10.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1321904176637595648" -}, { - "tags": null, - "date": "2021-01-05T23:07:36.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1346594227233427459" -}, { - "tags": null, - "date": "2021-01-08T23:03:45.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1347680421920862209" -}, { - "tags": null, - "date": "2021-01-12T23:03:22.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1349129873068068873" -}, { - "tags": null, - "date": "2021-01-16T01:01:22.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1350246732391706624" -}, { - "tags": null, - "date": "2021-01-22T23:02:24.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1352753509045776384" -}, { - "tags": null, - "date": "2021-01-26T23:02:21.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1354203048491544581" -}, { - "tags": null, - "date": "2021-02-03T23:00:44.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1357101745961328645" -}, { - "tags": null, - "date": "2020-12-21T21:01:24.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1341126649329410050" -}, { - "tags": null, - "date": "2020-12-28T23:20:13.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1343698295563153408" -}, { - "tags": null, - "date": "2021-02-14T21:13:33.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1361061038620364812" -}, { - "tags": null, - "date": "2021-02-18T00:01:18.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1362190417631076352" -}, { - "tags": null, - "date": "2021-02-20T00:59:31.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1362929843759943681" -}, { - "tags": null, - "date": "2021-02-24T23:01:00.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1364711958105194498" -}, { - "tags": null, - "date": "2021-03-02T23:07:27.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1366887909241012233" -}, { - "tags": null, - "date": "2021-03-12T22:53:59.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1370508398081540098" -}, { - "tags": null, - "date": "2021-03-13T20:58:44.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1370841782506901516" -}, { - "tags": null, - "date": "2021-03-20T21:54:09.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1373392441257103368" -}, { - "tags": null, - "date": "2021-03-22T22:05:15.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1374120011854397442" -}, { - "tags": null, - "date": "2021-02-10T23:26:55.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1359645050792206337" -}, { - "tags": null, - "date": "2021-02-25T00:00:00.000Z", - "announceUrl": null -}, { - "tags": null, - "date": "2021-04-03T01:26:21.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1378156887884005378" -}, { - "tags": null, - "date": "2021-04-03T19:55:31.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1378436020081950726" -}, { - "tags": null, - "date": "2021-04-12T23:11:23.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1381746799506030593" -}, { - "tags": null, - "date": "2021-04-24T17:31:05.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1386009816443805699" -}, { - "tags": null, - "date": "2021-05-01T16:59:01.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1388538459816595463" -}, { - "tags": null, - "date": "2021-05-14T15:53:36.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1393233038298001411" -}, { - "tags": null, - "date": "2021-05-21T22:59:03.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1395876824865988611" -}, { - "tags": null, - "date": "2021-05-25T22:04:21.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1397312608454258690" -}, { - "tags": null, - "date": "2021-06-05T22:02:00.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1401298283499298817" -}, { - "tags": null, - "date": "2021-06-12T22:56:31.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1403848719695482888" -}, { - "tags": null, - "date": "2022-01-09T23:32:49.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1480321695315640328" -}, { - "tags": null, - "date": "2021-06-26T20:08:24.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1408879841315860486" -}, { - "tags": null, - "date": "2021-07-03T22:04:50.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1411445858244169728" -}, { - "tags": null, - "date": "2021-07-07T19:04:50.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1412850109608566786" -}, { - "tags": null, - "date": "2021-07-13T19:52:08.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1415036340580884482" -}, { - "tags": null, - "date": "2021-07-17T20:05:10.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1416489172311887876" -}, { - "tags": null, - "date": "2021-08-04T23:11:38.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1423059078381719564" -}, { - "tags": null, - "date": "2021-08-08T20:26:41.000Z", - "announceUrl": "http://twitter.com/ProjektMelody/status/1424467119006261249" -}, { - "tags": null, - "date": "2021-08-12T19:57:20.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1425909284940955648" -}, { - "tags": null, - "date": "2021-08-17T23:16:50.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1427771428833738755" -}, { - "tags": null, - "date": "2021-08-21T20:13:36.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1429174868935856133" -}, { - "tags": null, - "date": "2022-05-13T19:19:42.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1525194090299670528" -}, { - "tags": null, - "date": "2021-09-09T23:01:37.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1436102522201116673" -}, { - "tags": null, - "date": "2021-09-12T22:03:47.000Z", - "announceUrl": "http://twitter.com/ProjektMelody/status/1437175131223302146" -}, { - "tags": null, - "date": "2021-09-19T19:47:34.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1439677566739259395" -}, { - "tags": null, - "date": "2021-09-21T21:56:01.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1440434669305012228" -}, { - "tags": null, - "date": "2021-09-29T18:55:41.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1443288390007508995" -}, { - "tags": null, - "date": "2021-10-09T20:09:55.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1446930950332506117" -}, { - "tags": null, - "date": "2021-10-11T22:06:20.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1447685023059128320" -}, { - "tags": null, - "date": "2021-10-23T20:18:46.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1452006607626412038" -}, { - "tags": null, - "date": "2021-11-04T22:03:43.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1456381673235492878" -}, { - "tags": null, - "date": "2023-04-04T23:43:09.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1643398832485482497" -}, { - "tags": null, - "date": "2022-09-07T23:13:00.000Z", - "announceUrl": null -}, { - "tags": null, - "date": "2021-11-12T00:08:21.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1458949749986443268" -}, { - "tags": null, - "date": "2021-11-19T20:01:27.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1461786722337972235" -}, { - "tags": null, - "date": "2021-12-06T20:10:31.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1467949594252398599" -}, { - "tags": null, - "date": "2021-12-12T23:12:01.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1470169597546479617" -}, { - "tags": null, - "date": "2021-12-15T23:04:14.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1471254803451887625" -}, { - "tags": null, - "date": "2021-12-17T23:05:54.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1471979997426589699" -}, { - "tags": null, - "date": "2021-12-25T22:34:35.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1474871219610603526" -}, { - "tags": null, - "date": "2021-12-30T23:17:45.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1476694022408261640" -}, { - "tags": null, - "date": "2022-01-03T23:10:33.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1478141764741611527" -}, { - "tags": null, - "date": "2022-01-13T00:03:21.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1481416541493153795" -}, { - "tags": null, - "date": "2022-01-22T22:59:59.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1485024472105164805" -}, { - "tags": null, - "date": "2022-01-26T01:57:25.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1486156290585882626" -}, { - "tags": null, - "date": "2022-02-02T21:48:11.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1488992672022945793" -}, { - "tags": null, - "date": "2022-02-16T23:00:32.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1494084309958987782" -}, { - "tags": null, - "date": "2022-02-18T20:01:16.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1494763968535179274" -}, { - "tags": null, - "date": "2022-03-10T23:02:20.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1502057294246424600" -}, { - "tags": null, - "date": "2022-03-18T01:35:11.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1504632475804446721" -}, { - "tags": null, - "date": "2022-04-06T00:02:17.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1511494467097870340" -}, { - "tags": null, - "date": "2022-04-10T00:12:41.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1512946635655065602" -}, { - "tags": null, - "date": "2022-04-16T23:09:42.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1515467499642531845" -}, { - "tags": null, - "date": "2022-04-22T23:14:35.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1517643056228487168" -}, { - "tags": null, - "date": "2022-05-06T22:59:23.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1522712662349656064" -}, { - "tags": null, - "date": "2022-05-08T22:51:40.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1523435492657664000" -}, { - "tags": null, - "date": "2022-05-19T00:44:58.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1527087885693878275" -}, { - "tags": null, - "date": "2022-05-25T02:06:07.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1529282633762492417" -}, { - "tags": null, - "date": "2022-06-05T23:30:37.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1533592158179139585" -}, { - "tags": null, - "date": "2022-06-09T21:10:03.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1535006331119222784" -}, { - "tags": null, - "date": "2022-06-22T23:46:31.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1539756753147117568" -}, { - "tags": null, - "date": "2022-07-19T03:48:05.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1549239628418490368" -}, { - "tags": null, - "date": "2022-08-03T23:32:24.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1554973488871530501" -}, { - "tags": null, - "date": "2022-08-05T23:15:33.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1555694026376060966" -}, { - "tags": null, - "date": "2022-08-11T20:31:00.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1557827065101127680#m" -}, { - "tags": null, - "date": "2022-08-23T23:28:21.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1562220295683014657" -}, { - "tags": null, - "date": "2022-09-10T21:03:36.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1568706781806821377" -}, { - "tags": null, - "date": "2022-06-18T23:07:00.000Z", - "announceUrl": null -}, { - "tags": null, - "date": "2022-09-13T23:26:31.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1569829911057031170" -}, { - "tags": null, - "date": "2022-09-21T23:38:26.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1572732011529506817" -}, { - "tags": null, - "date": "2022-10-02T02:05:22.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1576392868201365504" -}, { - "tags": null, - "date": "2022-10-04T23:15:33.000Z", - "announceUrl": "http://twitter.com/ProjektMelody/status/1577437242716741632" -}, { - "tags": null, - "date": "2022-10-13T02:22:45.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1580383510908399616" -}, { - "tags": null, - "date": "2022-10-15T00:31:27.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1581080275546537984" -}, { - "tags": ["squirting", "toy", "lovense-lush", "fantasy-for-her-suction", "crave-vesper-necklace", "womanizer-duo", "twitching", "licking", "unboxing", "suction", "review", "orgasm", "tongue", "vibrator", "cum-eating", "pussy-milking", "torture", "rope", "restraint", "bondage", "chains", "dildo", "deep-breathing"], - "date": "2022-10-20T23:21:15.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1583236936445353985" -}, { - "tags": ["jumpsuit", "3d", "new-outfit", "pole-dancing", "lovense-lush", "lovense-hyfy", "blowjob", "bottomless", "ass", "dancing", "pool", "precum", "pussy"], - "date": "2022-11-04T20:29:53.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1588629627907473409" -}, { - "tags": ["video-game", "hentai", "eroge", "daraku-gear", "mobile-game", "buffering", "sponsored", "lovense-lush", "storytime", "hentai", "games", "gacha", "waifu", "womb-tattoo", "bondage", "mind-break", "squirting", "nipple-clamps", "handcuffs", "suction-cups", "prisoner", "slave", "big-brother", "master", "hitachi-magic-wand", "double-penetration", "confusion", "cock-block", "crying", "edging", "cum", "pasties", "robocock", "milking", "hose", "self-censorship", "threesome", "blowjob", "spanking", "cucking", "feet", "sex-training"], - "date": "2022-12-14T00:01:45.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1602816075304935425" -}, { - "tags": ["japan", "monokini", "outfit", "game-of-thrones", "gundam", "growling", "grinding", "flooring", "pool", "lovense-lush", "heavy-breathing", "moaning", "naked", "edging", "womb-tattoo", "pelvic-thrusting", "missionary", "fingering", "cum-drunk", "laughing", "c2c", "self-censorship", "sex-ed", "sex-stories", "glory-hole", "texting", "ass", "2-cooms", "orgasm", "selfie-cam", "non-euclidian", "silly-dancing"], - "date": "2022-12-16T00:30:34.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1603548101561696261" -}, { - "tags": ["silly-music", "guest-dj", "lovense-lush", "3d", "original-outfit", "step-brother", "buffering", "screen-recording", "coffee", "anime-discussion", "monday", "topless", "pasties", "just-chatting", "moaning", "countdown", "orgasm", "hands-free-cum", "yandere", "all-fours", "malfunctioning-hand", "bed", "high-heels", "boobs", "twerking", "factoid", "cowgirl", "unzip", "belly", "femdom", "gamer-chair", "selfie-camera", "pussy-licking", "pussy-closeup", "fingering", "aftershocks", "dakimakura-discussion", "2000s-music", "ghost-in-the-shell", "lgbtq", "spread-legs", "feet", "footjob", "tit-belt"], - "date": "2020-05-17T00:07:30.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1261810539442946049" -}, { - "tags": null, - "date": "2020-05-20T01:16:56.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1262915175037927425" -}, { - "tags": null, - "date": "2020-07-05T00:02:06.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1279566184690659330" -}, { - "tags": ["just-chatting", "chastity", "recovery", "live-2d", "fetish-research", "house-party", "video-game"], - "date": "2023-01-05T20:58:29.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1611104872484556805" -}, { - "tags": ["singing", "christmas", "karaoke", "just-chatting", "holiday", "lovense-lush", "tomboy", "live2d", "debut", "pegging", "asmr", "strapon-dildo", "erotic-roleplay", "edging"], - "date": "2023-01-13T18:21:13.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1613964398506147853" -}, { - "tags": ["just-chatting", "twintails", "g-string", "swimming-pool", "lovense-lush", "3d", "leap-motion", "orgasm-denial", "moaning", "bad-audio", "toilet", "bidet", "succubus-lingerie", "womb-tattoo", "dressup", "tv-discussion", "states-discussion", "naked", "experimental-lighting", "handjob", "asmr-discussion", "tease"], - "date": "2023-01-20T00:37:06.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1616233319439515648" -}, { - "tags": null, - "date": "2020-07-06T20:03:01.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1280230795085578247" -}, { - "tags": null, - "date": "2020-07-07T20:59:26.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1280607381605449729" -}, { - "tags": null, - "date": "2020-08-22T00:03:48.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1296961229475512323" -}, { - "tags": ["asmr", "3dio", "dominatrix", "submission", "breeding", "ai-dungeon", "tentacles", "anal", "fantasy-writing", "moaning", "cum-ban", "heavy-breathing", "orgasm", "denial", "cum-drunk"], - "date": "2023-01-21T20:36:06.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1616897448890273807" -}, { - "tags": null, - "date": "2020-09-05T23:08:12.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1302383058247614465" -}, { - "tags": null, - "date": "2021-07-04T18:50:39.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1411759377816690696" -}, { - "tags": ["bepis", "pasties", "recovery", "hentai-discussion", "topless", "boobs", "live2d", "handjob", "lovense-lush", "guilty-fap", "train-molestation", "sex-dungeon", "bdsm", "santa", "moaning", "mel-noises", "rickroll", "cucked", "cbat", "punishment2-cum", "orgasm", "milking-device", "cumdrunk", "panting", "heat", "feral", "deep-breathing", "monster-girl", "roleplay", "fucking", "gratitude", "snack", "meltys-quest", "eroge", "fat-bastard", "voiceover", "girl-on-girl", "thirsty", "slut", "good-audio", "love"], - "date": "2023-02-17T02:10:04.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1626403575642353665" -}, { - "tags": ["social-media", "aspirations", "first-time", "lovense-lush", "bad-audio", "ahegao", "3d", "lonely", "friends", "dab", "tag-discussion", "deep-breathing", "jerk-off-gesture", "gratitude", "cat-girls", "plexstorm", "hentai-game", "cute-pussy", "origin", "moaning", "twerking", "dancing", "shaking", "strip-tease", "anime-discussion", "video-game-discussion", "ass", "pasties", "high-heels", "harness", "thong", "leggings", "technical-difficulties", "panic-attack", "meditation", "just-chatting", "masturbation", "nipples"], - "date": "2020-02-07T23:21:48.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1225922638687752192" -}, { - "tags": null, - "date": "2020-10-16T23:32:50.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1317247159478136832" -}, { - "tags": ["bad-audio", "new-outfit", "anniversary", "bunny-outfit", "3d", "sexmachine", "raul", "recovery", "bunny-suit", "sit-on-face", "naked", "jacket", "mel-noises", "rickroll", "frickenator", "standing-cum", "legwarmers", "bunny-ears", "ass", "leg-shaking", "glitch", "doggy-style", "breeding", "dirty-talk", "cum-drunk", "trouble-walking", "slut", "food", "masturbation", "dick-sucking", "t1m", "lovense-lush", "pool", "flooring"], - "date": "2023-02-12T23:07:09.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1624907994671489026" -}, { - "tags": ["mel-noises", "crying", "good-audio", "live2d", "moaning", "dildo", "masturbation", "glass-dildo", "teaser", "sex-stories", "horny", "script-writing", "joi", "topless", "pasties", "naked", "asmr", "just-chatting", "self-care", "deep-breathing", "guided-meditation", "tantric-sex", "slut", "orgasm", "hentai-game", "caring"], - "date": "2023-02-09T00:25:47.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1623478232036122624" -}, { - "tags": ["just-chatting", "community", "anxiety", "dork", "live2d", "nut-between-worlds", "pro-social-behavior", "topless", "pasties", "harness", "boobs", "moaning", "blowjob"], - "date": "2023-02-13T03:07:00.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1624907994671489026" -}, { - "tags": null, - "date": "2020-03-01T01:14:02.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1233923415964340225" -}, { - "tags": null, - "date": "2020-03-28T01:42:21.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1243715015829585925" -}, { - "tags": null, - "date": "2020-04-01T00:13:26.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1245142190952796167" -}, { - "tags": null, - "date": "2020-05-02T22:01:33.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1256705414663725058" -}, { - "tags": null, - "date": "2020-06-10T18:58:26.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1270792457941368832" -}, { - "tags": null, - "date": "2020-06-28T00:10:07.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1277031489205678083" -}, { - "tags": null, - "date": "2020-02-25T21:31:41.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1232417908678168576" -}, { - "tags": null, - "date": "2020-03-10T22:00:51.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1237498680690855939" -}, { - "tags": null, - "date": "2020-03-20T15:41:36.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1241027117284044801" -}, { - "tags": null, - "date": "2020-08-28T23:03:16.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1299482712869306368" -}, { - "tags": null, - "date": "2020-09-24T23:25:58.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1309272896456527872" -}, { - "tags": null, - "date": "2020-10-13T23:03:14.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1316152545732157448" -}, { - "tags": null, - "date": "2020-10-23T18:55:31.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1319714083462107139" -}, { - "tags": ["just-chatting", "lovense-lush", "mel-noises", "pro-social-behavior", "topless", "g-string", "thong", "high-heels", "selfie-camera", "ass", "porn-discussion", "panties", "no-nut-november", "moaning", "feet", "feet-licking", "vtuber-discussion", "gamer-chair", "naked", "stretching", "flexibility", "orgasm", "masturbation"], - "date": "2020-11-09T00:55:59.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1325603004695842816" -}, { - "tags": null, - "date": "2020-12-14T21:46:27.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1338601272354758656" -}, { - "tags": null, - "date": "2020-12-24T23:02:13.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1342244216731275265" -}, { - "tags": null, - "date": "2020-08-11T23:01:22.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1293321639728492544" -}, { - "tags": null, - "date": "2020-10-11T22:05:30.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1315413239556190211" -}, { - "tags": null, - "date": "2021-03-03T23:03:48.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1367249376675041285" -}, { - "tags": null, - "date": "2021-04-18T00:30:03.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1383578535340634120" -}, { - "tags": null, - "date": "2021-04-23T23:01:52.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1385730672661303296" -}, { - "tags": null, - "date": "2021-06-06T20:55:39.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1401643974922838019" -}, { - "tags": null, - "date": "2021-06-15T22:57:44.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1404936189946236930" -}, { - "tags": null, - "date": "2021-07-27T23:04:15.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1420158120370872320" -}, { - "tags": null, - "date": "2021-08-30T23:08:30.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1432480377302552587" -}, { - "tags": null, - "date": "2021-09-03T21:59:09.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1433912474542264321" -}, { - "tags": null, - "date": "2021-02-05T22:57:21.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1357825669024120841" -}, { - "tags": null, - "date": "2021-10-04T22:20:50.000Z", - "announceUrl": "http://twitter.com/ProjektMelody/status/1445151953764458501" -}, { - "tags": null, - "date": "2021-11-16T23:07:06.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1460746277717782528" -}, { - "tags": null, - "date": "2021-12-22T23:58:43.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1473805228537438209" -}, { - "tags": null, - "date": "2022-01-15T20:53:35.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1482455948459450369" -}, { - "tags": null, - "date": "2022-01-28T22:13:21.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1487187063048921093" -}, { - "tags": null, - "date": "2022-02-13T21:17:23.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1492971187047374849" -}, { - "tags": null, - "date": "2022-04-13T20:10:50.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1514335322527649798" -}, { - "tags": null, - "date": "2022-05-14T23:02:18.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1525612497935507457" -}, { - "tags": null, - "date": "2022-05-26T18:31:28.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1529892992818876417" -}, { - "tags": null, - "date": "2022-08-01T19:28:31.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1554187338804338696" -}, { - "tags": null, - "date": "2022-09-02T20:06:16.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1565793017960828931" -}, { - "tags": null, - "date": "2022-09-23T23:38:18.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1573456755236954114" -}, { - "tags": ["memes", "anime", "bdsm", "orgasm", "moaning", "laughing", "cum-drunk", "lovense-lush"], - "date": "2022-10-27T23:20:05.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1585773359379677184" -}, { - "tags": ["lovense-hyphy", "lovense-lush", "whispering", "asmr", "sportscar", "pee", "sick", "coughing", "shaking", "cum", "orgasm", "brainfrog", "oral", "sucking", "sex-toy", "cum-drunk", "moaning", "twitching", "thrusting", "grinding", "objectification", "flooring", "keyboard-clicking", "mocap-failure", "muted", "charades", "posing", "riding", "dry-humping", "ass", "high-heels", "legs", "hip-sway", "plug-suit", "chest-harness", "naked", "womb-tattoo", "sexy-dance", "slav-squat", "tail", "pole-dance", "clipping", "licking", "glowing", "dab"], - "date": "2022-11-12T00:13:40.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1591222662487236609" -}, { - "tags": ["eroge", "video-game", "orc", "moaning", "cyber", "cum-drunk", "orgasm", "towel", "petting", "massage", "accupressure", "lingerie", "ass", "thong", "pasties", "adhesive-bandage", "monster-girls", "texting", "lovense-lush", "lovense-hyphy", "broken-toy", "tail", "live2d", "food-porn", "self-care", "aromatherapy", "monster-dick", "hot-sluts", "monster", "fantasy", "cock-sleeve", "feet", "footjob", "fingering", "elf", "cum-whore", "panties", "cum"], - "date": "2022-11-19T22:35:57.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1594097172689166337" -}, { - "tags": ["ass", "tail", "lovense-lush", "conversation", "grinding", "flooring", "going-away", "humping", "laughing", "eating", "harness", "boobs", "toes", "cum-drunk", "aftershocks", "dancing", "pole-dancing", "moaning", "feet", "stepping", "cock-abuse", "extreme-closeup", "butthole", "panties", "shaking", "pussy-licking", "singing", "hentai", "carnival", "fingering", "wedgie", "fetishwear", "watch-along", "pasties", "creampie", "rude-sex", "cumming", "g-string", "idol", "voyeurism", "condom", "gay", "spitting", "pervert", "edging", "mutual-masturbation", "sniffing"], - "date": "2022-11-22T23:04:43.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1595191577068044289" -}, { - "tags": ["hentai", "eroge", "dohna-dohna", "orgasm-denial", "chastity", "video-game", "live2d", "ovulation", "feet", "horny", "dream", "vampire", "just-chatting", "numi", "game-of-thrones", "recovery", "bad-audio", "yandere", "storytime", "spontaneous-song", "crushes"], - "date": "2023-01-01T22:03:49.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1609671764514164737" -}, { - "tags": null, - "date": "2021-09-07T22:01:24.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1435362590893527040" -}, { - "tags": null, - "date": "2021-09-16T20:00:39.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1438593697445302274" -}, { - "tags": null, - "date": "2022-02-07T23:27:14.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1490829536316985348" -}, { - "tags": ["lawnmower", "motorbunny", "bad-audio", "3d", "lovense-lush", "pussy-to-mouth", "screaming", "swimming-pool", "moaning", "deep-breathing", "cock-riding", "mel-noises", "mind-break", "technical-difficulties", "yelling", "echo", "reverse-cowgirl", "muffled-screams", "orgasm", "no-face-tracking", "swearing", "chaturbate-compliance", "spit", "messy", "cum-drinking", "clit-milking-device", "multiple-orgasms", "4-cum", "squirting", "loud-orgasm", "cum-chalice", "schlorp", "sksksksk"], - "date": "2023-01-25T00:19:39.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1618040869587947521" -}, { - "tags": ["lovense-lush", "lovense-hush", "tail", "butt-plug", "double-penetration", "moaning", "blushing", "manual-masturbation", "embarrasment", "orgasm", "just-chatting", "shorts", "stripping", "jiggle-physics", "3d", "boobs", "pasties", "dancing", "swearing", "vtuber-discussion", "t-pose", "ass", "anime-discussion", "selfie-camera", "edging", "jojo-posing", "anal-fingering", "fingering"], - "date": "2020-11-18T01:59:20.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1328880436551049217" -}, { - "tags": null, - "date": "2021-01-03T23:01:53.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1345868009483735042" -}, { - "tags": null, - "date": "2021-01-10T19:57:37.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1348358353676873729" -}, { - "tags": null, - "date": "2021-02-07T23:04:03.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1358552132295798787" -}, { - "tags": ["boobs", "porn-game", "video-game", "bondage", "mobile-game", "android", "moaning", "bikini", "blowjob", "doggy-style", "3d", "sponsored"], - "date": "2022-11-18T01:03:45.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1593409592477638656" -}, { - "tags": ["lovense-lush", "spanking", "ass", "stripping", "bottom-bitch", "permission", "cum-slut", "blowjob", "grinding", "yoga", "cyber", "kegel", "conversation", "bend-over", "squirming", "horny", "dildo-choking", "deep-throating", "finger-stimulation", "begging", "hummer", "orgasm", "cum-drunk", "laughing", "gratitude", "teasing", "crying", "bullying", "moaning", "feet-licking", "womb-tattoo", "harness", "boobs", "vagina", "drugs", "interpretive-dance", "sexy-dancing", "pole-dancing", "flooring", "jig", "silly-dancing", "tail"], - "date": "2022-11-22T01:15:55.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1594862203546501121" -}, { - "tags": ["love-drunk", "noises", "x-mas", "technical-difficulties", "horny", "chat-analytics", "chat-roast", "lovense-lush", "moaning", "self-deprecation-humor", "edging", "just-chatting", "orgasm", "2-cum", "cum-drunk", "multiple-orgasms", "hands-free-cum", "handcuffs", "butt-plug", "anal", "chastity-device", "bdsm", "ball-gag", "collar", "heavy-breathing", "big-o", "snacking", "fat-bastard", "airplane", "mile-high-club", "dirty-talk", "video-game", "malady", "hime-hajime", "big-bang-studios", "a-nut-between-worlds"], - "date": "2022-12-17T22:14:20.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1604238592389238784" -}, { - "tags": ["video-game", "recovery", "bad-audio", "technical-difficulties", "just-chatting", "purino-party", "zooted", "medication", null], - "date": "2023-01-05T02:07:18.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1610820355895037955" -}, { - "tags": ["cum-ban", "soaking", "semantics", "lovense-lush", "dildo", "pussy-noises", "relaxation", "meditation", "games", "meltys-quest", "wet", "asmr", "messy", "moaning", "horny", "blowjob", "doctor-defiance", "cum-brain", "mind-break", "giggles", "mel-noises", "hentai-game", "prank", "ear-rape", "live2d", "voice-acting", "goblin-sex", "drake__selfsuck"], - "date": "2023-01-09T23:07:18.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1612586844298018817" -}, { - "tags": ["bondage", "digital-art", "lovense-lush", "mel-noises", "moaning", "hucow", "pussy-milking", "browser-wars", "edging", "daddy-play", "orgasm", "feet", "live2d", "rapping", "singing", "vibrator", "good-audio", "vibrator-asmr", "spreader-bars", "precum", "puddle", "bdsm", "restraint", "slut", "cum-drunk", "loud-orgasm", "multiple-orgasms", "screaming", "begging", "cum-inside", "mind-break", "aftershocks", "labia-spreader"], - "date": "2023-01-29T22:06:21.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1619819262125944832" -}, { - "tags": ["pasties", "topless", "live2d", "lovense-lush", "lovense-osci", "orgasm", "cum-drunk", "mind-break", "moaning", "mel-noises", "multiple-orgasms", "hentai-watch-along", "dirty-talk", "blowjob", "horny", "tentacles", "double-penetration", "fantasy"], - "date": "2023-02-01T01:38:32.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1620597436988411907" -}, { - "tags": ["cooking", "onigiri", "seiso", "irl", "bad-audio", "rickroll", "dirty-slut", "crepe", "jokes", "just-chatting", "sex-toy-discussion", "booli", "femdom", "topless", "apron", "boobs", "nipples", "bacon", "innuendo", "dirty-talk", "parenting", "stories"], - "date": "2023-02-24T00:17:38.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1628911998787362817" -}, { - "tags": ["3d", "lovense-lush", "lovense-sex-machine", "pool", "dancing", "sway", "ass", "shorts", "leggings", "middrift", "mel-noises", "pig-latin", "moaning", "topless", "bra", "bottomless", "good-audio", "kneeling", "legs-spread", "t1m", "pussy", "grinding", "shaking", "missionary-style", "first-time", "lovense-hyphy", "cum", "orgasm", "multiple-orgasms", "begging", "prone-bone", "daddy", "dirty-talk", "shibari", "closeup", "pov", "6-cums"], - "date": "2023-03-04T02:28:14.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1631843966843863040" -}, { - "tags": ["anime-girl", "horny", "baka", "lovense-lush", "boobs", "harness", "pasties", "cum", "orgasm", "edging", "gunrun", "hormones", "subathon", "fantasy", "sake", "ntrpg", "game-night", "toilet", "ntr", "elderly", "fatherboard", "sneeze", "dream-daddy", "futa-fix-dick-dine-and-dash", "futanari", "asmr", "lovense-hush", "anal", "begging"], - "date": "2023-03-03T02:04:05.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1631475499753979908" -}, { - "tags": ["lovense-partnership", "big-bang-a-nut-between-worlds", "selfcest", "cuck", "video-game", "sponsored-stream", "finger-blasting", "blowjob", "handjob"], - "date": "2023-03-24T21:13:29.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1639374902246404102" -}, { - "tags": ["bikini", "womb-tattoo", "pool", "lovense-lush", "japan", "adhd", "edging", "permission", "cum-slut", "mel-noises", "moaning", "begging", "yelling", "mindbreak", "cum-drunk", "dirty-talk", "bbc", "dildo", "death", "lovense-sex-machine", "bakery", "orgasms", "multiple-orgasms", "ejaculate", "blowjob", "just-chatting", "choking", "joi", "slave", "master", "deepthroat", "sloppy", "3d", "goblin", "anal-breeding", "rapping", "dj", "dancing", "hime-hajime", "bad-audio", "voice-acting", "alto"], - "date": "2023-03-23T21:13:04.000Z", - "announceUrl": "https://twitter.com/ProjektMelody/status/1639012409175072769" -}] \ No newline at end of file diff --git a/services/strapi/favicon.png b/services/strapi/favicon.png deleted file mode 100644 index df668a8..0000000 Binary files a/services/strapi/favicon.png and /dev/null differ diff --git a/services/strapi/jsconfig.json b/services/strapi/jsconfig.json deleted file mode 100644 index e030430..0000000 --- a/services/strapi/jsconfig.json +++ /dev/null @@ -1,9 +0,0 @@ -{ - "compilerOptions": { - "module": "NodeNext", - "moduleResolution": "NodeNext", - "target": "ES2021", - "checkJs": true, - "allowJs": true - } -} diff --git a/services/strapi/misc/generateCuid.js b/services/strapi/misc/generateCuid.js deleted file mode 100644 index c049924..0000000 --- a/services/strapi/misc/generateCuid.js +++ /dev/null @@ -1,7 +0,0 @@ -const { init } = require('@paralleldrive/cuid2'); - -module.exports = function() { - const length = 10; - const genCuid = init({ length }); - return genCuid(); -} \ No newline at end of file diff --git a/services/strapi/package.json b/services/strapi/package.json deleted file mode 100644 index 5a5f7b3..0000000 --- a/services/strapi/package.json +++ /dev/null @@ -1,51 +0,0 @@ -{ - "name": "@futureporn/strapi", - "private": true, - "version": "0.1.0", - "description": "A Strapi application", - "scripts": { - "dev": "pnpm run develop", - "develop": "strapi develop", - "start": "strapi start", - "build": "strapi build", - "strapi": "strapi", - "deploy": "strapi deploy", - "clean": "rm -rf dist", - "superclean": "rm -rf node_modules && rm -rf pnpm-lock.yaml && rm -rf dist" - }, - "dependencies": { - "@11ty/eleventy-fetch": "^4.0.1", - "@aws-sdk/client-s3": "^3.637.0", - "@mux/mux-node": "^8.8.0", - "@paralleldrive/cuid2": "^2.2.2", - "@strapi/plugin-cloud": "4.25.9", - "@strapi/plugin-i18n": "4.25.9", - "@strapi/plugin-users-permissions": "4.25.9", - "@strapi/strapi": "4.25.9", - "@strapi/utils": "^4.25.9", - "canvas": "^2.11.2", - "date-fns": "^3.6.0", - "dotenv": "^16.4.5", - "lodash": "^4.17.21", - "node-fetch": "^3.3.2", - "pg": "8.12.0", - "react": "^18.3.1", - "react-dom": "^18.3.1", - "react-router-dom": "6.26.1", - "sharp": "^0.33.5", - "strapi-plugin-fuzzy-search": "^3.0.0", - "styled-components": "6.1.13" - }, - "author": { - "name": "A Strapi developer" - }, - "strapi": { - "uuid": "de6744d2-f4ac-43cf-aeba-224639f274d1" - }, - "engines": { - "node": "20.x.x", - "npm": ">=6.0.0" - }, - "packageManager": "pnpm@9.6.0", - "license": "MIT" -} diff --git a/services/strapi/pnpm-lock.yaml b/services/strapi/pnpm-lock.yaml deleted file mode 100644 index b90d087..0000000 --- a/services/strapi/pnpm-lock.yaml +++ /dev/null @@ -1,14433 +0,0 @@ -lockfileVersion: '9.0' - -settings: - autoInstallPeers: true - excludeLinksFromLockfile: false - -importers: - - .: - dependencies: - '@11ty/eleventy-fetch': - specifier: ^4.0.1 - version: 4.0.1 - '@aws-sdk/client-s3': - specifier: ^3.637.0 - version: 3.637.0 - '@mux/mux-node': - specifier: ^8.8.0 - version: 8.8.0 - '@paralleldrive/cuid2': - specifier: ^2.2.2 - version: 2.2.2 - '@strapi/plugin-cloud': - specifier: 4.25.9 - version: 4.25.9(vz4izpmlclysylnr54rpbz6mea) - '@strapi/plugin-i18n': - specifier: 4.25.9 - version: 4.25.9(22se43zwxmtuqqjkykcc76uoqe) - '@strapi/plugin-users-permissions': - specifier: 4.25.9 - version: 4.25.9(22se43zwxmtuqqjkykcc76uoqe) - '@strapi/strapi': - specifier: 4.25.9 - version: 4.25.9(@babel/runtime@7.25.6)(@codemirror/autocomplete@6.18.0(@codemirror/language@6.10.2)(@codemirror/state@6.4.1)(@codemirror/view@6.33.0)(@lezer/common@1.2.1))(@codemirror/language@6.10.2)(@codemirror/lint@6.8.1)(@codemirror/search@6.5.6)(@codemirror/state@6.4.1)(@codemirror/theme-one-dark@6.1.2)(@codemirror/view@6.33.0)(@swc/helpers@0.5.13)(@types/hoist-non-react-statics@3.3.5)(@types/node@22.5.2)(@types/react@18.3.5)(codemirror@5.65.17)(pg@8.12.0)(react-dom@18.3.1(react@18.3.1))(react-router-dom@6.26.1(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(react@18.3.1)(redux@4.2.1)(styled-components@6.1.13(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(terser@5.31.6)(type-fest@2.19.0) - '@strapi/utils': - specifier: ^4.25.9 - version: 4.25.9 - canvas: - specifier: ^2.11.2 - version: 2.11.2 - date-fns: - specifier: ^3.6.0 - version: 3.6.0 - dotenv: - specifier: ^16.4.5 - version: 16.4.5 - lodash: - specifier: ^4.17.21 - version: 4.17.21 - node-fetch: - specifier: ^3.3.2 - version: 3.3.2 - pg: - specifier: 8.12.0 - version: 8.12.0 - react: - specifier: ^18.3.1 - version: 18.3.1 - react-dom: - specifier: ^18.3.1 - version: 18.3.1(react@18.3.1) - react-router-dom: - specifier: 6.26.1 - version: 6.26.1(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - sharp: - specifier: ^0.33.5 - version: 0.33.5 - strapi-plugin-fuzzy-search: - specifier: ^3.0.0 - version: 3.0.0(@strapi/strapi@4.25.9(@babel/runtime@7.25.6)(@codemirror/autocomplete@6.18.0(@codemirror/language@6.10.2)(@codemirror/state@6.4.1)(@codemirror/view@6.33.0)(@lezer/common@1.2.1))(@codemirror/language@6.10.2)(@codemirror/lint@6.8.1)(@codemirror/search@6.5.6)(@codemirror/state@6.4.1)(@codemirror/theme-one-dark@6.1.2)(@codemirror/view@6.33.0)(@swc/helpers@0.5.13)(@types/hoist-non-react-statics@3.3.5)(@types/node@22.5.2)(@types/react@18.3.5)(codemirror@5.65.17)(pg@8.12.0)(react-dom@18.3.1(react@18.3.1))(react-router-dom@6.26.1(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(react@18.3.1)(redux@4.2.1)(styled-components@6.1.13(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(terser@5.31.6)(type-fest@2.19.0))(@strapi/utils@4.25.9)(yup@0.32.9) - styled-components: - specifier: 6.1.13 - version: 6.1.13(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - -packages: - - '@11ty/eleventy-fetch@4.0.1': - resolution: {integrity: sha512-yIiLM5ziBmg86i4TlXpBdcIygJHvh/GgPJyAiFOckO9H4y9cQDM8eIcJCUQ4Mum0NEVui/OjhEut2R08xw0vlQ==} - engines: {node: '>=14'} - - '@aws-crypto/crc32@5.2.0': - resolution: {integrity: sha512-nLbCWqQNgUiwwtFsen1AdzAtvuLRsQS8rYgMuxCrdKf9kOssamGLuPwyTY9wyYblNr9+1XM8v6zoDTPPSIeANg==} - engines: {node: '>=16.0.0'} - - '@aws-crypto/crc32c@5.2.0': - resolution: {integrity: sha512-+iWb8qaHLYKrNvGRbiYRHSdKRWhto5XlZUEBwDjYNf+ly5SVYG6zEoYIdxvf5R3zyeP16w4PLBn3rH1xc74Rag==} - - '@aws-crypto/sha1-browser@5.2.0': - resolution: {integrity: sha512-OH6lveCFfcDjX4dbAvCFSYUjJZjDr/3XJ3xHtjn3Oj5b9RjojQo8npoLeA/bNwkOkrSQ0wgrHzXk4tDRxGKJeg==} - - '@aws-crypto/sha256-browser@5.2.0': - resolution: {integrity: sha512-AXfN/lGotSQwu6HNcEsIASo7kWXZ5HYWvfOmSNKDsEqC4OashTp8alTmaz+F7TC2L083SFv5RdB+qU3Vs1kZqw==} - - '@aws-crypto/sha256-js@5.2.0': - resolution: {integrity: sha512-FFQQyu7edu4ufvIZ+OadFpHHOt+eSTBaYaki44c+akjg7qZg9oOQeLlk77F6tSYqjDAFClrHJk9tMf0HdVyOvA==} - engines: {node: '>=16.0.0'} - - '@aws-crypto/supports-web-crypto@5.2.0': - resolution: {integrity: sha512-iAvUotm021kM33eCdNfwIN//F77/IADDSs58i+MDaOqFrVjZo9bAal0NK7HurRuWLLpF1iLX7gbWrjHjeo+YFg==} - - '@aws-crypto/util@5.2.0': - resolution: {integrity: sha512-4RkU9EsI6ZpBve5fseQlGNUWKMa1RLPQ1dnjnQoe07ldfIzcsGb5hC5W0Dm7u423KWzawlrpbjXBrXCEv9zazQ==} - - '@aws-sdk/client-s3@3.637.0': - resolution: {integrity: sha512-y6UC94fsMvhKbf0dzfnjVP1HePeGjplfcYfilZU1COIJLyTkMcUv4XcT4I407CGIrvgEafONHkiC09ygqUauNA==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/client-sso-oidc@3.637.0': - resolution: {integrity: sha512-27bHALN6Qb6m6KZmPvRieJ/QRlj1lyac/GT2Rn5kJpre8Mpp+yxrtvp3h9PjNBty4lCeFEENfY4dGNSozBuBcw==} - engines: {node: '>=16.0.0'} - peerDependencies: - '@aws-sdk/client-sts': ^3.637.0 - - '@aws-sdk/client-sso@3.637.0': - resolution: {integrity: sha512-+KjLvgX5yJYROWo3TQuwBJlHCY0zz9PsLuEolmXQn0BVK1L/m9GteZHtd+rEdAoDGBpE0Xqjy1oz5+SmtsaRUw==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/client-sts@3.637.0': - resolution: {integrity: sha512-xUi7x4qDubtA8QREtlblPuAcn91GS/09YVEY/RwU7xCY0aqGuFwgszAANlha4OUIqva8oVj2WO4gJuG+iaSnhw==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/core@3.635.0': - resolution: {integrity: sha512-i1x/E/sgA+liUE1XJ7rj1dhyXpAKO1UKFUcTTHXok2ARjWTvszHnSXMOsB77aPbmn0fUp1JTx2kHUAZ1LVt5Bg==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/credential-provider-env@3.620.1': - resolution: {integrity: sha512-ExuILJ2qLW5ZO+rgkNRj0xiAipKT16Rk77buvPP8csR7kkCflT/gXTyzRe/uzIiETTxM7tr8xuO9MP/DQXqkfg==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/credential-provider-http@3.635.0': - resolution: {integrity: sha512-iJyRgEjOCQlBMXqtwPLIKYc7Bsc6nqjrZybdMDenPDa+kmLg7xh8LxHsu9088e+2/wtLicE34FsJJIfzu3L82g==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/credential-provider-ini@3.637.0': - resolution: {integrity: sha512-h+PFCWfZ0Q3Dx84SppET/TFpcQHmxFW8/oV9ArEvMilw4EBN+IlxgbL0CnHwjHW64szcmrM0mbebjEfHf4FXmw==} - engines: {node: '>=16.0.0'} - peerDependencies: - '@aws-sdk/client-sts': ^3.637.0 - - '@aws-sdk/credential-provider-node@3.637.0': - resolution: {integrity: sha512-yoEhoxJJfs7sPVQ6Is939BDQJZpZCoUgKr/ySse4YKOZ24t4VqgHA6+wV7rYh+7IW24Rd91UTvEzSuHYTlxlNA==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/credential-provider-process@3.620.1': - resolution: {integrity: sha512-hWqFMidqLAkaV9G460+1at6qa9vySbjQKKc04p59OT7lZ5cO5VH5S4aI05e+m4j364MBROjjk2ugNvfNf/8ILg==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/credential-provider-sso@3.637.0': - resolution: {integrity: sha512-Mvz+h+e62/tl+dVikLafhv+qkZJ9RUb8l2YN/LeKMWkxQylPT83CPk9aimVhCV89zth1zpREArl97+3xsfgQvA==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/credential-provider-web-identity@3.621.0': - resolution: {integrity: sha512-w7ASSyfNvcx7+bYGep3VBgC3K6vEdLmlpjT7nSIHxxQf+WSdvy+HynwJosrpZax0sK5q0D1Jpn/5q+r5lwwW6w==} - engines: {node: '>=16.0.0'} - peerDependencies: - '@aws-sdk/client-sts': ^3.621.0 - - '@aws-sdk/middleware-bucket-endpoint@3.620.0': - resolution: {integrity: sha512-eGLL0W6L3HDb3OACyetZYOWpHJ+gLo0TehQKeQyy2G8vTYXqNTeqYhuI6up9HVjBzU9eQiULVQETmgQs7TFaRg==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/middleware-expect-continue@3.620.0': - resolution: {integrity: sha512-QXeRFMLfyQ31nAHLbiTLtk0oHzG9QLMaof5jIfqcUwnOkO8YnQdeqzakrg1Alpy/VQ7aqzIi8qypkBe2KXZz0A==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/middleware-flexible-checksums@3.620.0': - resolution: {integrity: sha512-ftz+NW7qka2sVuwnnO1IzBku5ccP+s5qZGeRTPgrKB7OzRW85gthvIo1vQR2w+OwHFk7WJbbhhWwbCbktnP4UA==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/middleware-host-header@3.620.0': - resolution: {integrity: sha512-VMtPEZwqYrII/oUkffYsNWY9PZ9xpNJpMgmyU0rlDQ25O1c0Hk3fJmZRe6pEkAJ0omD7kLrqGl1DUjQVxpd/Rg==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/middleware-location-constraint@3.609.0': - resolution: {integrity: sha512-xzsdoTkszGVqGVPjUmgoP7TORiByLueMHieI1fhQL888WPdqctwAx3ES6d/bA9Q/i8jnc6hs+Fjhy8UvBTkE9A==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/middleware-logger@3.609.0': - resolution: {integrity: sha512-S62U2dy4jMDhDFDK5gZ4VxFdWzCtLzwbYyFZx2uvPYTECkepLUfzLic2BHg2Qvtu4QjX+oGE3P/7fwaGIsGNuQ==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/middleware-recursion-detection@3.620.0': - resolution: {integrity: sha512-nh91S7aGK3e/o1ck64sA/CyoFw+gAYj2BDOnoNa6ouyCrVJED96ZXWbhye/fz9SgmNUZR2g7GdVpiLpMKZoI5w==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/middleware-sdk-s3@3.635.0': - resolution: {integrity: sha512-RLdYJPEV4JL/7NBoFUs7VlP90X++5FlJdxHz0DzCjmiD3qCviKy+Cym3qg1gBgHwucs5XisuClxDrGokhAdTQw==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/middleware-ssec@3.609.0': - resolution: {integrity: sha512-GZSD1s7+JswWOTamVap79QiDaIV7byJFssBW68GYjyRS5EBjNfwA/8s+6uE6g39R3ojyTbYOmvcANoZEhSULXg==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/middleware-user-agent@3.637.0': - resolution: {integrity: sha512-EYo0NE9/da/OY8STDsK2LvM4kNa79DBsf4YVtaG4P5pZ615IeFsD8xOHZeuJmUrSMlVQ8ywPRX7WMucUybsKug==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/region-config-resolver@3.614.0': - resolution: {integrity: sha512-vDCeMXvic/LU0KFIUjpC3RiSTIkkvESsEfbVHiHH0YINfl8HnEqR5rj+L8+phsCeVg2+LmYwYxd5NRz4PHxt5g==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/signature-v4-multi-region@3.635.0': - resolution: {integrity: sha512-J6QY4/invOkpogCHjSaDON1hF03viPpOnsrzVuCvJMmclS/iG62R4EY0wq1alYll0YmSdmKlpJwHMWwGtqK63Q==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/token-providers@3.614.0': - resolution: {integrity: sha512-okItqyY6L9IHdxqs+Z116y5/nda7rHxLvROxtAJdLavWTYDydxrZstImNgGWTeVdmc0xX2gJCI77UYUTQWnhRw==} - engines: {node: '>=16.0.0'} - peerDependencies: - '@aws-sdk/client-sso-oidc': ^3.614.0 - - '@aws-sdk/types@3.609.0': - resolution: {integrity: sha512-+Tqnh9w0h2LcrUsdXyT1F8mNhXz+tVYBtP19LpeEGntmvHwa2XzvLUCWpoIAIVsHp5+HdB2X9Sn0KAtmbFXc2Q==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/util-arn-parser@3.568.0': - resolution: {integrity: sha512-XUKJWWo+KOB7fbnPP0+g/o5Ulku/X53t7i/h+sPHr5xxYTJJ9CYnbToo95mzxe7xWvkLrsNtJ8L+MnNn9INs2w==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/util-endpoints@3.637.0': - resolution: {integrity: sha512-pAqOKUHeVWHEXXDIp/qoMk/6jyxIb6GGjnK1/f8dKHtKIEs4tKsnnL563gceEvdad53OPXIt86uoevCcCzmBnw==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/util-locate-window@3.568.0': - resolution: {integrity: sha512-3nh4TINkXYr+H41QaPelCceEB2FXP3fxp93YZXB/kqJvX0U9j0N0Uk45gvsjmEPzG8XxkPEeLIfT2I1M7A6Lig==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/util-user-agent-browser@3.609.0': - resolution: {integrity: sha512-fojPU+mNahzQ0YHYBsx0ZIhmMA96H+ZIZ665ObU9tl+SGdbLneVZVikGve+NmHTQwHzwkFsZYYnVKAkreJLAtA==} - - '@aws-sdk/util-user-agent-node@3.614.0': - resolution: {integrity: sha512-15ElZT88peoHnq5TEoEtZwoXTXRxNrk60TZNdpl/TUBJ5oNJ9Dqb5Z4ryb8ofN6nm9aFf59GVAerFDz8iUoHBA==} - engines: {node: '>=16.0.0'} - peerDependencies: - aws-crt: '>=1.0.0' - peerDependenciesMeta: - aws-crt: - optional: true - - '@aws-sdk/xml-builder@3.609.0': - resolution: {integrity: sha512-l9XxNcA4HX98rwCC2/KoiWcmEiRfZe4G+mYwDbCFT87JIMj6GBhLDkAzr/W8KAaA2IDr8Vc6J8fZPgVulxxfMA==} - engines: {node: '>=16.0.0'} - - '@babel/code-frame@7.24.7': - resolution: {integrity: sha512-BcYH1CVJBO9tvyIZ2jVeXgSIMvGZ2FDRvDdOIVQyuklNKSsx+eppDEBq/g47Ayw+RqNFE+URvOShmf+f/qwAlA==} - engines: {node: '>=6.9.0'} - - '@babel/generator@7.25.6': - resolution: {integrity: sha512-VPC82gr1seXOpkjAAKoLhP50vx4vGNlF4msF64dSFq1P8RfB+QAuJWGHPXXPc8QyfVWwwB/TNNU4+ayZmHNbZw==} - engines: {node: '>=6.9.0'} - - '@babel/helper-module-imports@7.24.7': - resolution: {integrity: sha512-8AyH3C+74cgCVVXow/myrynrAGv+nTVg5vKu2nZph9x7RcRwzmh0VFallJuFTZ9mx6u4eSdXZfcOzSqTUm0HCA==} - engines: {node: '>=6.9.0'} - - '@babel/helper-string-parser@7.24.8': - resolution: {integrity: sha512-pO9KhhRcuUyGnJWwyEgnRJTSIZHiT+vMD0kPeD+so0l7mxkMT19g3pjY9GTnHySck/hDzq+dtW/4VgnMkippsQ==} - engines: {node: '>=6.9.0'} - - '@babel/helper-validator-identifier@7.24.7': - resolution: {integrity: sha512-rR+PBcQ1SMQDDyF6X0wxtG8QyLCgUB0eRAGguqRLfkCA87l7yAP7ehq8SNj96OOGTO8OBV70KhuFYcIkHXOg0w==} - engines: {node: '>=6.9.0'} - - '@babel/highlight@7.24.7': - resolution: {integrity: sha512-EStJpq4OuY8xYfhGVXngigBJRWxftKX9ksiGDnmlY3o7B/V7KIAc9X4oiK87uPJSc/vs5L869bem5fhZa8caZw==} - engines: {node: '>=6.9.0'} - - '@babel/parser@7.25.6': - resolution: {integrity: sha512-trGdfBdbD0l1ZPmcJ83eNxB9rbEax4ALFTF7fN386TMYbeCQbyme5cOEXQhbGXKebwGaB/J52w1mrklMcbgy6Q==} - engines: {node: '>=6.0.0'} - hasBin: true - - '@babel/runtime-corejs3@7.25.6': - resolution: {integrity: sha512-Gz0Nrobx8szge6kQQ5Z5MX9L3ObqNwCQY1PSwSNzreFL7aHGxv8Fp2j3ETV6/wWdbiV+mW6OSm8oQhg3Tcsniw==} - engines: {node: '>=6.9.0'} - - '@babel/runtime@7.25.6': - resolution: {integrity: sha512-VBj9MYyDb9tuLq7yzqjgzt6Q+IBQLrGZfdjOekyEirZPHxXWoTSGUTMrpsfi58Up73d13NfYLv8HT9vmznjzhQ==} - engines: {node: '>=6.9.0'} - - '@babel/template@7.25.0': - resolution: {integrity: sha512-aOOgh1/5XzKvg1jvVz7AVrx2piJ2XBi227DHmbY6y+bM9H2FlN+IfecYu4Xl0cNiiVejlsCri89LUsbj8vJD9Q==} - engines: {node: '>=6.9.0'} - - '@babel/traverse@7.25.6': - resolution: {integrity: sha512-9Vrcx5ZW6UwK5tvqsj0nGpp/XzqthkT0dqIc9g1AdtygFToNtTF67XzYS//dm+SAK9cp3B9R4ZO/46p63SCjlQ==} - engines: {node: '>=6.9.0'} - - '@babel/types@7.25.6': - resolution: {integrity: sha512-/l42B1qxpG6RdfYf343Uw1vmDjeNhneUXtzhojE7pDgfpEypmRhI6j1kr17XCVv4Cgl9HdAiQY2x0GwKm7rWCw==} - engines: {node: '>=6.9.0'} - - '@casl/ability@6.5.0': - resolution: {integrity: sha512-3guc94ugr5ylZQIpJTLz0CDfwNi0mxKVECj1vJUPAvs+Lwunh/dcuUjwzc4MHM9D8JOYX0XUZMEPedpB3vIbOw==} - - '@codemirror/autocomplete@6.18.0': - resolution: {integrity: sha512-5DbOvBbY4qW5l57cjDsmmpDh3/TeK1vXfTHa+BUMrRzdWdcxKZ4U4V7vQaTtOpApNU4kLS4FQ6cINtLg245LXA==} - peerDependencies: - '@codemirror/language': ^6.0.0 - '@codemirror/state': ^6.0.0 - '@codemirror/view': ^6.0.0 - '@lezer/common': ^1.0.0 - - '@codemirror/commands@6.6.1': - resolution: {integrity: sha512-iBfKbyIoXS1FGdsKcZmnrxmbc8VcbMrSgD7AVrsnX+WyAYjmUDWvE93dt5D874qS4CCVu4O1JpbagHdXbbLiOw==} - - '@codemirror/lang-json@6.0.1': - resolution: {integrity: sha512-+T1flHdgpqDDlJZ2Lkil/rLiRy684WMLc74xUnjJH48GQdfJo/pudlTRreZmKwzP8/tGdKf83wlbAdOCzlJOGQ==} - - '@codemirror/language@6.10.2': - resolution: {integrity: sha512-kgbTYTo0Au6dCSc/TFy7fK3fpJmgHDv1sG1KNQKJXVi+xBTEeBPY/M30YXiU6mMXeH+YIDLsbrT4ZwNRdtF+SA==} - - '@codemirror/lint@6.8.1': - resolution: {integrity: sha512-IZ0Y7S4/bpaunwggW2jYqwLuHj0QtESf5xcROewY6+lDNwZ/NzvR4t+vpYgg9m7V8UXLPYqG+lu3DF470E5Oxg==} - - '@codemirror/search@6.5.6': - resolution: {integrity: sha512-rpMgcsh7o0GuCDUXKPvww+muLA1pDJaFrpq/CCHtpQJYz8xopu4D1hPcKRoDD0YlF8gZaqTNIRa4VRBWyhyy7Q==} - - '@codemirror/state@6.4.1': - resolution: {integrity: sha512-QkEyUiLhsJoZkbumGZlswmAhA7CBU02Wrz7zvH4SrcifbsqwlXShVXg65f3v/ts57W3dqyamEriMhij1Z3Zz4A==} - - '@codemirror/theme-one-dark@6.1.2': - resolution: {integrity: sha512-F+sH0X16j/qFLMAfbciKTxVOwkdAS336b7AXTKOZhy8BR3eH/RelsnLgLFINrpST63mmN2OuwUt0W2ndUgYwUA==} - - '@codemirror/view@6.33.0': - resolution: {integrity: sha512-AroaR3BvnjRW8fiZBalAaK+ZzB5usGgI014YKElYZvQdNH5ZIidHlO+cyf/2rWzyBFRkvG6VhiXeAEbC53P2YQ==} - - '@colors/colors@1.5.0': - resolution: {integrity: sha512-ooWCrlZP11i8GImSjTHYHLkvFDP48nS4+204nGb1RiX/WXYHmJA2III9/e2DWVabCESdW7hBAEzHRqUn9OUVvQ==} - engines: {node: '>=0.1.90'} - - '@colors/colors@1.6.0': - resolution: {integrity: sha512-Ir+AOibqzrIsL6ajt3Rz3LskB7OiMVHqltZmspbW/TJuTVuyOMirVqAkjfY6JISiLHgyNqicAC8AyHHGzNd/dA==} - engines: {node: '>=0.1.90'} - - '@dabh/diagnostics@2.0.3': - resolution: {integrity: sha512-hrlQOIi7hAfzsMqlGSFyVucrx38O+j6wiGOf//H2ecvIEqYN4ADBSS2iLMh5UFyDunCNniUIPk/q3riFv45xRA==} - - '@discoveryjs/json-ext@0.5.7': - resolution: {integrity: sha512-dBVuXR082gk3jsFp7Rd/JI4kytwGHecnCoTtXFb7DB6CNHp4rg5k1bhg0nWdLGLnOV71lmDzGQaLMy8iPLY0pw==} - engines: {node: '>=10.0.0'} - - '@emnapi/runtime@1.2.0': - resolution: {integrity: sha512-bV21/9LQmcQeCPEg3BDFtvwL6cwiTMksYNWQQ4KOxCZikEGalWtenoZ0wCiukJINlGCIi2KXx01g4FoH/LxpzQ==} - - '@emotion/babel-plugin@11.12.0': - resolution: {integrity: sha512-y2WQb+oP8Jqvvclh8Q55gLUyb7UFvgv7eJfsj7td5TToBrIUtPay2kMrZi4xjq9qw2vD0ZR5fSho0yqoFgX7Rw==} - - '@emotion/cache@11.13.1': - resolution: {integrity: sha512-iqouYkuEblRcXmylXIwwOodiEK5Ifl7JcX7o6V4jI3iW4mLXX3dmt5xwBtIkJiQEXFAI+pC8X0i67yiPkH9Ucw==} - - '@emotion/hash@0.9.2': - resolution: {integrity: sha512-MyqliTZGuOm3+5ZRSaaBGP3USLw6+EGykkwZns2EPC5g8jJ4z9OrdZY9apkl3+UP9+sdz76YYkwCKP5gh8iY3g==} - - '@emotion/is-prop-valid@1.2.2': - resolution: {integrity: sha512-uNsoYd37AFmaCdXlg6EYD1KaPOaRWRByMCYzbKUX4+hhMfrxdVSelShywL4JVaAeM/eHUOSprYBQls+/neX3pw==} - - '@emotion/memoize@0.8.1': - resolution: {integrity: sha512-W2P2c/VRW1/1tLox0mVUalvnWXxavmv/Oum2aPsRcoDJuob75FC3Y8FbpfLwUegRcxINtGUMPq0tFCvYNTBXNA==} - - '@emotion/memoize@0.9.0': - resolution: {integrity: sha512-30FAj7/EoJ5mwVPOWhAyCX+FPfMDrVecJAM+Iw9NRoSl4BBAQeqj4cApHHUXOVvIPgLVDsCFoz/hGD+5QQD1GQ==} - - '@emotion/react@11.13.3': - resolution: {integrity: sha512-lIsdU6JNrmYfJ5EbUCf4xW1ovy5wKQ2CkPRM4xogziOxH1nXxBSjpC9YqbFAP7circxMfYp+6x676BqWcEiixg==} - peerDependencies: - '@types/react': '*' - react: '>=16.8.0' - peerDependenciesMeta: - '@types/react': - optional: true - - '@emotion/serialize@1.3.1': - resolution: {integrity: sha512-dEPNKzBPU+vFPGa+z3axPRn8XVDetYORmDC0wAiej+TNcOZE70ZMJa0X7JdeoM6q/nWTMZeLpN/fTnD9o8MQBA==} - - '@emotion/sheet@1.4.0': - resolution: {integrity: sha512-fTBW9/8r2w3dXWYM4HCB1Rdp8NLibOw2+XELH5m5+AkWiL/KqYX6dc0kKYlaYyKjrQ6ds33MCdMPEwgs2z1rqg==} - - '@emotion/unitless@0.10.0': - resolution: {integrity: sha512-dFoMUuQA20zvtVTuxZww6OHoJYgrzfKM1t52mVySDJnMSEa08ruEvdYQbhvyu6soU+NeLVd3yKfTfT0NeV6qGg==} - - '@emotion/unitless@0.8.1': - resolution: {integrity: sha512-KOEGMu6dmJZtpadb476IsZBclKvILjopjUii3V+7MnXIQCYh8W3NgNcgwo21n9LXZX6EDIKvqfjYxXebDwxKmQ==} - - '@emotion/use-insertion-effect-with-fallbacks@1.1.0': - resolution: {integrity: sha512-+wBOcIV5snwGgI2ya3u99D7/FJquOIniQT1IKyDsBmEgwvpxMNeS65Oib7OnE2d2aY+3BU4OiH+0Wchf8yk3Hw==} - peerDependencies: - react: '>=16.8.0' - - '@emotion/utils@1.4.0': - resolution: {integrity: sha512-spEnrA1b6hDR/C68lC2M7m6ALPUHZC0lIY7jAS/B/9DuuO1ZP04eov8SMv/6fwRd8pzmsn2AuJEznRREWlQrlQ==} - - '@emotion/weak-memoize@0.4.0': - resolution: {integrity: sha512-snKqtPW01tN0ui7yu9rGv69aJXr/a/Ywvl11sUjNtEcRc+ng/mQriFL0wLXMef74iHa/EkftbDzU9F8iFbH+zg==} - - '@esbuild/aix-ppc64@0.19.11': - resolution: {integrity: sha512-FnzU0LyE3ySQk7UntJO4+qIiQgI7KoODnZg5xzXIrFJlKd2P2gwHsHY4927xj9y5PJmJSzULiUCWmv7iWnNa7g==} - engines: {node: '>=12'} - cpu: [ppc64] - os: [aix] - - '@esbuild/android-arm64@0.16.17': - resolution: {integrity: sha512-MIGl6p5sc3RDTLLkYL1MyL8BMRN4tLMRCn+yRJJmEDvYZ2M7tmAf80hx1kbNEUX2KJ50RRtxZ4JHLvCfuB6kBg==} - engines: {node: '>=12'} - cpu: [arm64] - os: [android] - - '@esbuild/android-arm64@0.19.11': - resolution: {integrity: sha512-aiu7K/5JnLj//KOnOfEZ0D90obUkRzDMyqd/wNAUQ34m4YUPVhRZpnqKV9uqDGxT7cToSDnIHsGooyIczu9T+Q==} - engines: {node: '>=12'} - cpu: [arm64] - os: [android] - - '@esbuild/android-arm@0.16.17': - resolution: {integrity: sha512-N9x1CMXVhtWEAMS7pNNONyA14f71VPQN9Cnavj1XQh6T7bskqiLLrSca4O0Vr8Wdcga943eThxnVp3JLnBMYtw==} - engines: {node: '>=12'} - cpu: [arm] - os: [android] - - '@esbuild/android-arm@0.19.11': - resolution: {integrity: sha512-5OVapq0ClabvKvQ58Bws8+wkLCV+Rxg7tUVbo9xu034Nm536QTII4YzhaFriQ7rMrorfnFKUsArD2lqKbFY4vw==} - engines: {node: '>=12'} - cpu: [arm] - os: [android] - - '@esbuild/android-x64@0.16.17': - resolution: {integrity: sha512-a3kTv3m0Ghh4z1DaFEuEDfz3OLONKuFvI4Xqczqx4BqLyuFaFkuaG4j2MtA6fuWEFeC5x9IvqnX7drmRq/fyAQ==} - engines: {node: '>=12'} - cpu: [x64] - os: [android] - - '@esbuild/android-x64@0.19.11': - resolution: {integrity: sha512-eccxjlfGw43WYoY9QgB82SgGgDbibcqyDTlk3l3C0jOVHKxrjdc9CTwDUQd0vkvYg5um0OH+GpxYvp39r+IPOg==} - engines: {node: '>=12'} - cpu: [x64] - os: [android] - - '@esbuild/darwin-arm64@0.16.17': - resolution: {integrity: sha512-/2agbUEfmxWHi9ARTX6OQ/KgXnOWfsNlTeLcoV7HSuSTv63E4DqtAc+2XqGw1KHxKMHGZgbVCZge7HXWX9Vn+w==} - engines: {node: '>=12'} - cpu: [arm64] - os: [darwin] - - '@esbuild/darwin-arm64@0.19.11': - resolution: {integrity: sha512-ETp87DRWuSt9KdDVkqSoKoLFHYTrkyz2+65fj9nfXsaV3bMhTCjtQfw3y+um88vGRKRiF7erPrh/ZuIdLUIVxQ==} - engines: {node: '>=12'} - cpu: [arm64] - os: [darwin] - - '@esbuild/darwin-x64@0.16.17': - resolution: {integrity: sha512-2By45OBHulkd9Svy5IOCZt376Aa2oOkiE9QWUK9fe6Tb+WDr8hXL3dpqi+DeLiMed8tVXspzsTAvd0jUl96wmg==} - engines: {node: '>=12'} - cpu: [x64] - os: [darwin] - - '@esbuild/darwin-x64@0.19.11': - resolution: {integrity: sha512-fkFUiS6IUK9WYUO/+22omwetaSNl5/A8giXvQlcinLIjVkxwTLSktbF5f/kJMftM2MJp9+fXqZ5ezS7+SALp4g==} - engines: {node: '>=12'} - cpu: [x64] - os: [darwin] - - '@esbuild/freebsd-arm64@0.16.17': - resolution: {integrity: sha512-mt+cxZe1tVx489VTb4mBAOo2aKSnJ33L9fr25JXpqQqzbUIw/yzIzi+NHwAXK2qYV1lEFp4OoVeThGjUbmWmdw==} - engines: {node: '>=12'} - cpu: [arm64] - os: [freebsd] - - '@esbuild/freebsd-arm64@0.19.11': - resolution: {integrity: sha512-lhoSp5K6bxKRNdXUtHoNc5HhbXVCS8V0iZmDvyWvYq9S5WSfTIHU2UGjcGt7UeS6iEYp9eeymIl5mJBn0yiuxA==} - engines: {node: '>=12'} - cpu: [arm64] - os: [freebsd] - - '@esbuild/freebsd-x64@0.16.17': - resolution: {integrity: sha512-8ScTdNJl5idAKjH8zGAsN7RuWcyHG3BAvMNpKOBaqqR7EbUhhVHOqXRdL7oZvz8WNHL2pr5+eIT5c65kA6NHug==} - engines: {node: '>=12'} - cpu: [x64] - os: [freebsd] - - '@esbuild/freebsd-x64@0.19.11': - resolution: {integrity: sha512-JkUqn44AffGXitVI6/AbQdoYAq0TEullFdqcMY/PCUZ36xJ9ZJRtQabzMA+Vi7r78+25ZIBosLTOKnUXBSi1Kw==} - engines: {node: '>=12'} - cpu: [x64] - os: [freebsd] - - '@esbuild/linux-arm64@0.16.17': - resolution: {integrity: sha512-7S8gJnSlqKGVJunnMCrXHU9Q8Q/tQIxk/xL8BqAP64wchPCTzuM6W3Ra8cIa1HIflAvDnNOt2jaL17vaW+1V0g==} - engines: {node: '>=12'} - cpu: [arm64] - os: [linux] - - '@esbuild/linux-arm64@0.19.11': - resolution: {integrity: sha512-LneLg3ypEeveBSMuoa0kwMpCGmpu8XQUh+mL8XXwoYZ6Be2qBnVtcDI5azSvh7vioMDhoJFZzp9GWp9IWpYoUg==} - engines: {node: '>=12'} - cpu: [arm64] - os: [linux] - - '@esbuild/linux-arm@0.16.17': - resolution: {integrity: sha512-iihzrWbD4gIT7j3caMzKb/RsFFHCwqqbrbH9SqUSRrdXkXaygSZCZg1FybsZz57Ju7N/SHEgPyaR0LZ8Zbe9gQ==} - engines: {node: '>=12'} - cpu: [arm] - os: [linux] - - '@esbuild/linux-arm@0.19.11': - resolution: {integrity: sha512-3CRkr9+vCV2XJbjwgzjPtO8T0SZUmRZla+UL1jw+XqHZPkPgZiyWvbDvl9rqAN8Zl7qJF0O/9ycMtjU67HN9/Q==} - engines: {node: '>=12'} - cpu: [arm] - os: [linux] - - '@esbuild/linux-ia32@0.16.17': - resolution: {integrity: sha512-kiX69+wcPAdgl3Lonh1VI7MBr16nktEvOfViszBSxygRQqSpzv7BffMKRPMFwzeJGPxcio0pdD3kYQGpqQ2SSg==} - engines: {node: '>=12'} - cpu: [ia32] - os: [linux] - - '@esbuild/linux-ia32@0.19.11': - resolution: {integrity: sha512-caHy++CsD8Bgq2V5CodbJjFPEiDPq8JJmBdeyZ8GWVQMjRD0sU548nNdwPNvKjVpamYYVL40AORekgfIubwHoA==} - engines: {node: '>=12'} - cpu: [ia32] - os: [linux] - - '@esbuild/linux-loong64@0.16.17': - resolution: {integrity: sha512-dTzNnQwembNDhd654cA4QhbS9uDdXC3TKqMJjgOWsC0yNCbpzfWoXdZvp0mY7HU6nzk5E0zpRGGx3qoQg8T2DQ==} - engines: {node: '>=12'} - cpu: [loong64] - os: [linux] - - '@esbuild/linux-loong64@0.19.11': - resolution: {integrity: sha512-ppZSSLVpPrwHccvC6nQVZaSHlFsvCQyjnvirnVjbKSHuE5N24Yl8F3UwYUUR1UEPaFObGD2tSvVKbvR+uT1Nrg==} - engines: {node: '>=12'} - cpu: [loong64] - os: [linux] - - '@esbuild/linux-mips64el@0.16.17': - resolution: {integrity: sha512-ezbDkp2nDl0PfIUn0CsQ30kxfcLTlcx4Foz2kYv8qdC6ia2oX5Q3E/8m6lq84Dj/6b0FrkgD582fJMIfHhJfSw==} - engines: {node: '>=12'} - cpu: [mips64el] - os: [linux] - - '@esbuild/linux-mips64el@0.19.11': - resolution: {integrity: sha512-B5x9j0OgjG+v1dF2DkH34lr+7Gmv0kzX6/V0afF41FkPMMqaQ77pH7CrhWeR22aEeHKaeZVtZ6yFwlxOKPVFyg==} - engines: {node: '>=12'} - cpu: [mips64el] - os: [linux] - - '@esbuild/linux-ppc64@0.16.17': - resolution: {integrity: sha512-dzS678gYD1lJsW73zrFhDApLVdM3cUF2MvAa1D8K8KtcSKdLBPP4zZSLy6LFZ0jYqQdQ29bjAHJDgz0rVbLB3g==} - engines: {node: '>=12'} - cpu: [ppc64] - os: [linux] - - '@esbuild/linux-ppc64@0.19.11': - resolution: {integrity: sha512-MHrZYLeCG8vXblMetWyttkdVRjQlQUb/oMgBNurVEnhj4YWOr4G5lmBfZjHYQHHN0g6yDmCAQRR8MUHldvvRDA==} - engines: {node: '>=12'} - cpu: [ppc64] - os: [linux] - - '@esbuild/linux-riscv64@0.16.17': - resolution: {integrity: sha512-ylNlVsxuFjZK8DQtNUwiMskh6nT0vI7kYl/4fZgV1llP5d6+HIeL/vmmm3jpuoo8+NuXjQVZxmKuhDApK0/cKw==} - engines: {node: '>=12'} - cpu: [riscv64] - os: [linux] - - '@esbuild/linux-riscv64@0.19.11': - resolution: {integrity: sha512-f3DY++t94uVg141dozDu4CCUkYW+09rWtaWfnb3bqe4w5NqmZd6nPVBm+qbz7WaHZCoqXqHz5p6CM6qv3qnSSQ==} - engines: {node: '>=12'} - cpu: [riscv64] - os: [linux] - - '@esbuild/linux-s390x@0.16.17': - resolution: {integrity: sha512-gzy7nUTO4UA4oZ2wAMXPNBGTzZFP7mss3aKR2hH+/4UUkCOyqmjXiKpzGrY2TlEUhbbejzXVKKGazYcQTZWA/w==} - engines: {node: '>=12'} - cpu: [s390x] - os: [linux] - - '@esbuild/linux-s390x@0.19.11': - resolution: {integrity: sha512-A5xdUoyWJHMMlcSMcPGVLzYzpcY8QP1RtYzX5/bS4dvjBGVxdhuiYyFwp7z74ocV7WDc0n1harxmpq2ePOjI0Q==} - engines: {node: '>=12'} - cpu: [s390x] - os: [linux] - - '@esbuild/linux-x64@0.16.17': - resolution: {integrity: sha512-mdPjPxfnmoqhgpiEArqi4egmBAMYvaObgn4poorpUaqmvzzbvqbowRllQ+ZgzGVMGKaPkqUmPDOOFQRUFDmeUw==} - engines: {node: '>=12'} - cpu: [x64] - os: [linux] - - '@esbuild/linux-x64@0.19.11': - resolution: {integrity: sha512-grbyMlVCvJSfxFQUndw5mCtWs5LO1gUlwP4CDi4iJBbVpZcqLVT29FxgGuBJGSzyOxotFG4LoO5X+M1350zmPA==} - engines: {node: '>=12'} - cpu: [x64] - os: [linux] - - '@esbuild/netbsd-x64@0.16.17': - resolution: {integrity: sha512-/PzmzD/zyAeTUsduZa32bn0ORug+Jd1EGGAUJvqfeixoEISYpGnAezN6lnJoskauoai0Jrs+XSyvDhppCPoKOA==} - engines: {node: '>=12'} - cpu: [x64] - os: [netbsd] - - '@esbuild/netbsd-x64@0.19.11': - resolution: {integrity: sha512-13jvrQZJc3P230OhU8xgwUnDeuC/9egsjTkXN49b3GcS5BKvJqZn86aGM8W9pd14Kd+u7HuFBMVtrNGhh6fHEQ==} - engines: {node: '>=12'} - cpu: [x64] - os: [netbsd] - - '@esbuild/openbsd-x64@0.16.17': - resolution: {integrity: sha512-2yaWJhvxGEz2RiftSk0UObqJa/b+rIAjnODJgv2GbGGpRwAfpgzyrg1WLK8rqA24mfZa9GvpjLcBBg8JHkoodg==} - engines: {node: '>=12'} - cpu: [x64] - os: [openbsd] - - '@esbuild/openbsd-x64@0.19.11': - resolution: {integrity: sha512-ysyOGZuTp6SNKPE11INDUeFVVQFrhcNDVUgSQVDzqsqX38DjhPEPATpid04LCoUr2WXhQTEZ8ct/EgJCUDpyNw==} - engines: {node: '>=12'} - cpu: [x64] - os: [openbsd] - - '@esbuild/sunos-x64@0.16.17': - resolution: {integrity: sha512-xtVUiev38tN0R3g8VhRfN7Zl42YCJvyBhRKw1RJjwE1d2emWTVToPLNEQj/5Qxc6lVFATDiy6LjVHYhIPrLxzw==} - engines: {node: '>=12'} - cpu: [x64] - os: [sunos] - - '@esbuild/sunos-x64@0.19.11': - resolution: {integrity: sha512-Hf+Sad9nVwvtxy4DXCZQqLpgmRTQqyFyhT3bZ4F2XlJCjxGmRFF0Shwn9rzhOYRB61w9VMXUkxlBy56dk9JJiQ==} - engines: {node: '>=12'} - cpu: [x64] - os: [sunos] - - '@esbuild/win32-arm64@0.16.17': - resolution: {integrity: sha512-ga8+JqBDHY4b6fQAmOgtJJue36scANy4l/rL97W+0wYmijhxKetzZdKOJI7olaBaMhWt8Pac2McJdZLxXWUEQw==} - engines: {node: '>=12'} - cpu: [arm64] - os: [win32] - - '@esbuild/win32-arm64@0.19.11': - resolution: {integrity: sha512-0P58Sbi0LctOMOQbpEOvOL44Ne0sqbS0XWHMvvrg6NE5jQ1xguCSSw9jQeUk2lfrXYsKDdOe6K+oZiwKPilYPQ==} - engines: {node: '>=12'} - cpu: [arm64] - os: [win32] - - '@esbuild/win32-ia32@0.16.17': - resolution: {integrity: sha512-WnsKaf46uSSF/sZhwnqE4L/F89AYNMiD4YtEcYekBt9Q7nj0DiId2XH2Ng2PHM54qi5oPrQ8luuzGszqi/veig==} - engines: {node: '>=12'} - cpu: [ia32] - os: [win32] - - '@esbuild/win32-ia32@0.19.11': - resolution: {integrity: sha512-6YOrWS+sDJDmshdBIQU+Uoyh7pQKrdykdefC1avn76ss5c+RN6gut3LZA4E2cH5xUEp5/cA0+YxRaVtRAb0xBg==} - engines: {node: '>=12'} - cpu: [ia32] - os: [win32] - - '@esbuild/win32-x64@0.16.17': - resolution: {integrity: sha512-y+EHuSchhL7FjHgvQL/0fnnFmO4T1bhvWANX6gcnqTjtnKWbTvUMCpGnv2+t+31d7RzyEAYAd4u2fnIhHL6N/Q==} - engines: {node: '>=12'} - cpu: [x64] - os: [win32] - - '@esbuild/win32-x64@0.19.11': - resolution: {integrity: sha512-vfkhltrjCAb603XaFhqhAF4LGDi2M4OrCRrFusyQ+iTLQ/o60QQXxc9cZC/FFpihBI9N1Grn6SMKVJ4KP7Fuiw==} - engines: {node: '>=12'} - cpu: [x64] - os: [win32] - - '@floating-ui/core@1.6.7': - resolution: {integrity: sha512-yDzVT/Lm101nQ5TCVeK65LtdN7Tj4Qpr9RTXJ2vPFLqtLxwOrpoxAHAJI8J3yYWUc40J0BDBheaitK5SJmno2g==} - - '@floating-ui/dom@1.6.10': - resolution: {integrity: sha512-fskgCFv8J8OamCmyun8MfjB1Olfn+uZKjOKZ0vhYF3gRmEUXcGOjxWL8bBr7i4kIuPZ2KD2S3EUIOxnjC8kl2A==} - - '@floating-ui/react-dom@2.1.1': - resolution: {integrity: sha512-4h84MJt3CHrtG18mGsXuLCHMrug49d7DFkU0RMIyshRveBeyV2hmV/pDaF2Uxtu8kgq5r46llp5E5FQiR0K2Yg==} - peerDependencies: - react: '>=16.8.0' - react-dom: '>=16.8.0' - - '@floating-ui/utils@0.2.7': - resolution: {integrity: sha512-X8R8Oj771YRl/w+c1HqAC1szL8zWQRwFvgDwT129k9ACdBoud/+/rX9V0qiMl6LWUdP9voC2nDVZYPMQQsb6eA==} - - '@formatjs/ecma402-abstract@1.14.3': - resolution: {integrity: sha512-SlsbRC/RX+/zg4AApWIFNDdkLtFbkq3LNoZWXZCE/nHVKqoIJyaoQyge/I0Y38vLxowUn9KTtXgusLD91+orbg==} - - '@formatjs/fast-memoize@2.0.1': - resolution: {integrity: sha512-M2GgV+qJn5WJQAYewz7q2Cdl6fobQa69S1AzSM2y0P68ZDbK5cWrJIcPCO395Of1ksftGZoOt4LYCO/j9BKBSA==} - - '@formatjs/icu-messageformat-parser@2.3.1': - resolution: {integrity: sha512-knF2AkAKN4Upv4oIiKY4Wd/dLH68TNMPgV/tJMu/T6FP9aQwbv8fpj7U3lkyniPaNVxvia56Gxax8MKOjtxLSQ==} - - '@formatjs/icu-skeleton-parser@1.3.18': - resolution: {integrity: sha512-ND1ZkZfmLPcHjAH1sVpkpQxA+QYfOX3py3SjKWMUVGDow18gZ0WPqz3F+pJLYQMpS2LnnQ5zYR2jPVYTbRwMpg==} - - '@formatjs/intl-displaynames@6.3.1': - resolution: {integrity: sha512-TlxguMDUbnFrJ4NA8fSyqXC62M7czvlRJ5mrJgtB91JVA+QPjjNdcRm1qPIC/DcU/pGUDcEzThn/x5A+jp15gg==} - - '@formatjs/intl-listformat@7.2.1': - resolution: {integrity: sha512-fRJFWLrGa7d25I4JSxNjKX29oXGcIXx8fJjgURnvs2C3ijS4gurUgFrUwLbv/2KfPfyJ5g567pz2INelNJZBdw==} - - '@formatjs/intl-localematcher@0.2.32': - resolution: {integrity: sha512-k/MEBstff4sttohyEpXxCmC3MqbUn9VvHGlZ8fauLzkbwXmVrEeyzS+4uhrvAk9DWU9/7otYWxyDox4nT/KVLQ==} - - '@formatjs/intl@2.7.1': - resolution: {integrity: sha512-se6vxidsN3PCmzqTsDd3YDT4IX9ZySPy39LYhF7x2ssNvlGMOuW3umkrIhKkXB7ZskqsJGY53LVCdiHsSwhGng==} - peerDependencies: - typescript: ^4.7 || 5 - peerDependenciesMeta: - typescript: - optional: true - - '@hapi/bourne@3.0.0': - resolution: {integrity: sha512-Waj1cwPXJDucOib4a3bAISsKJVb15MKi9IvmTI/7ssVEm6sywXGjVJDhl6/umt1pK1ZS7PacXU3A1PmFKHEZ2w==} - - '@img/sharp-darwin-arm64@0.33.5': - resolution: {integrity: sha512-UT4p+iz/2H4twwAoLCqfA9UH5pI6DggwKEGuaPy7nCVQ8ZsiY5PIcrRvD1DzuY3qYL07NtIQcWnBSY/heikIFQ==} - engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0} - cpu: [arm64] - os: [darwin] - - '@img/sharp-darwin-x64@0.33.5': - resolution: {integrity: sha512-fyHac4jIc1ANYGRDxtiqelIbdWkIuQaI84Mv45KvGRRxSAa7o7d1ZKAOBaYbnepLC1WqxfpimdeWfvqqSGwR2Q==} - engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0} - cpu: [x64] - os: [darwin] - - '@img/sharp-libvips-darwin-arm64@1.0.4': - resolution: {integrity: sha512-XblONe153h0O2zuFfTAbQYAX2JhYmDHeWikp1LM9Hul9gVPjFY427k6dFEcOL72O01QxQsWi761svJ/ev9xEDg==} - cpu: [arm64] - os: [darwin] - - '@img/sharp-libvips-darwin-x64@1.0.4': - resolution: {integrity: sha512-xnGR8YuZYfJGmWPvmlunFaWJsb9T/AO2ykoP3Fz/0X5XV2aoYBPkX6xqCQvUTKKiLddarLaxpzNe+b1hjeWHAQ==} - cpu: [x64] - os: [darwin] - - '@img/sharp-libvips-linux-arm64@1.0.4': - resolution: {integrity: sha512-9B+taZ8DlyyqzZQnoeIvDVR/2F4EbMepXMc/NdVbkzsJbzkUjhXv/70GQJ7tdLA4YJgNP25zukcxpX2/SueNrA==} - cpu: [arm64] - os: [linux] - - '@img/sharp-libvips-linux-arm@1.0.5': - resolution: {integrity: sha512-gvcC4ACAOPRNATg/ov8/MnbxFDJqf/pDePbBnuBDcjsI8PssmjoKMAz4LtLaVi+OnSb5FK/yIOamqDwGmXW32g==} - cpu: [arm] - os: [linux] - - '@img/sharp-libvips-linux-s390x@1.0.4': - resolution: {integrity: sha512-u7Wz6ntiSSgGSGcjZ55im6uvTrOxSIS8/dgoVMoiGE9I6JAfU50yH5BoDlYA1tcuGS7g/QNtetJnxA6QEsCVTA==} - cpu: [s390x] - os: [linux] - - '@img/sharp-libvips-linux-x64@1.0.4': - resolution: {integrity: sha512-MmWmQ3iPFZr0Iev+BAgVMb3ZyC4KeFc3jFxnNbEPas60e1cIfevbtuyf9nDGIzOaW9PdnDciJm+wFFaTlj5xYw==} - cpu: [x64] - os: [linux] - - '@img/sharp-libvips-linuxmusl-arm64@1.0.4': - resolution: {integrity: sha512-9Ti+BbTYDcsbp4wfYib8Ctm1ilkugkA/uscUn6UXK1ldpC1JjiXbLfFZtRlBhjPZ5o1NCLiDbg8fhUPKStHoTA==} - cpu: [arm64] - os: [linux] - - '@img/sharp-libvips-linuxmusl-x64@1.0.4': - resolution: {integrity: sha512-viYN1KX9m+/hGkJtvYYp+CCLgnJXwiQB39damAO7WMdKWlIhmYTfHjwSbQeUK/20vY154mwezd9HflVFM1wVSw==} - cpu: [x64] - os: [linux] - - '@img/sharp-linux-arm64@0.33.5': - resolution: {integrity: sha512-JMVv+AMRyGOHtO1RFBiJy/MBsgz0x4AWrT6QoEVVTyh1E39TrCUpTRI7mx9VksGX4awWASxqCYLCV4wBZHAYxA==} - engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0} - cpu: [arm64] - os: [linux] - - '@img/sharp-linux-arm@0.33.5': - resolution: {integrity: sha512-JTS1eldqZbJxjvKaAkxhZmBqPRGmxgu+qFKSInv8moZ2AmT5Yib3EQ1c6gp493HvrvV8QgdOXdyaIBrhvFhBMQ==} - engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0} - cpu: [arm] - os: [linux] - - '@img/sharp-linux-s390x@0.33.5': - resolution: {integrity: sha512-y/5PCd+mP4CA/sPDKl2961b+C9d+vPAveS33s6Z3zfASk2j5upL6fXVPZi7ztePZ5CuH+1kW8JtvxgbuXHRa4Q==} - engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0} - cpu: [s390x] - os: [linux] - - '@img/sharp-linux-x64@0.33.5': - resolution: {integrity: sha512-opC+Ok5pRNAzuvq1AG0ar+1owsu842/Ab+4qvU879ippJBHvyY5n2mxF1izXqkPYlGuP/M556uh53jRLJmzTWA==} - engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0} - cpu: [x64] - os: [linux] - - '@img/sharp-linuxmusl-arm64@0.33.5': - resolution: {integrity: sha512-XrHMZwGQGvJg2V/oRSUfSAfjfPxO+4DkiRh6p2AFjLQztWUuY/o8Mq0eMQVIY7HJ1CDQUJlxGGZRw1a5bqmd1g==} - engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0} - cpu: [arm64] - os: [linux] - - '@img/sharp-linuxmusl-x64@0.33.5': - resolution: {integrity: sha512-WT+d/cgqKkkKySYmqoZ8y3pxx7lx9vVejxW/W4DOFMYVSkErR+w7mf2u8m/y4+xHe7yY9DAXQMWQhpnMuFfScw==} - engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0} - cpu: [x64] - os: [linux] - - '@img/sharp-wasm32@0.33.5': - resolution: {integrity: sha512-ykUW4LVGaMcU9lu9thv85CbRMAwfeadCJHRsg2GmeRa/cJxsVY9Rbd57JcMxBkKHag5U/x7TSBpScF4U8ElVzg==} - engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0} - cpu: [wasm32] - - '@img/sharp-win32-ia32@0.33.5': - resolution: {integrity: sha512-T36PblLaTwuVJ/zw/LaH0PdZkRz5rd3SmMHX8GSmR7vtNSP5Z6bQkExdSK7xGWyxLw4sUknBuugTelgw2faBbQ==} - engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0} - cpu: [ia32] - os: [win32] - - '@img/sharp-win32-x64@0.33.5': - resolution: {integrity: sha512-MpY/o8/8kj+EcnxwvrP4aTJSWw/aZ7JIGR4aBeZkZw5B7/Jn+tY9/VNwtcoGmdT7GfggGIU4kygOMSbYnOrAbg==} - engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0} - cpu: [x64] - os: [win32] - - '@internationalized/date@3.5.5': - resolution: {integrity: sha512-H+CfYvOZ0LTJeeLOqm19E3uj/4YjrmOFtBufDHPfvtI80hFAMqtrp7oCACpe4Cil5l8S0Qu/9dYfZc/5lY8WQQ==} - - '@internationalized/number@3.5.3': - resolution: {integrity: sha512-rd1wA3ebzlp0Mehj5YTuTI50AQEx80gWFyHcQu+u91/5NgdwBecO8BH6ipPfE+lmQ9d63vpB3H9SHoIUiupllw==} - - '@isaacs/cliui@8.0.2': - resolution: {integrity: sha512-O8jcjabXaleOG9DQ0+ARXWZBTfnP4WNAqzuiJK7ll44AmxGKv/J2M4TPjxjY3znBCfvBXFzucm1twdyFybFqEA==} - engines: {node: '>=12'} - - '@jridgewell/gen-mapping@0.3.5': - resolution: {integrity: sha512-IzL8ZoEDIBRWEzlCcRhOaCupYyN5gdIK+Q6fbFdPDg6HqX6jpkItn7DFIpW9LQzXG6Df9sA7+OKnq0qlz/GaQg==} - engines: {node: '>=6.0.0'} - - '@jridgewell/resolve-uri@3.1.2': - resolution: {integrity: sha512-bRISgCIjP20/tbWSPWMEi54QVPRZExkuD9lJL+UIxUKtwVJA8wW1Trb1jMs1RFXo1CBTNZ/5hpC9QvmKWdopKw==} - engines: {node: '>=6.0.0'} - - '@jridgewell/set-array@1.2.1': - resolution: {integrity: sha512-R8gLRTZeyp03ymzP/6Lil/28tGeGEzhx1q2k703KGWRAI1VdvPIXdG70VJc2pAMw3NA6JKL5hhFu1sJX0Mnn/A==} - engines: {node: '>=6.0.0'} - - '@jridgewell/source-map@0.3.6': - resolution: {integrity: sha512-1ZJTZebgqllO79ue2bm3rIGud/bOe0pP5BjSRCRxxYkEZS8STV7zN84UBbiYu7jy+eCKSnVIUgoWWE/tt+shMQ==} - - '@jridgewell/sourcemap-codec@1.5.0': - resolution: {integrity: sha512-gv3ZRaISU3fjPAgNsriBRqGWQL6quFx04YMPW/zD8XMLsU32mhCCbfbO6KZFLjvYpCZ8zyDEgqsgf+PwPaM7GQ==} - - '@jridgewell/trace-mapping@0.3.25': - resolution: {integrity: sha512-vNk6aEwybGtawWmy/PzwnGDOjCkLWSD2wqvjGGAgOAwCGWySYXfYoxt00IJkTF+8Lb57DwOb3Aa0o9CApepiYQ==} - - '@juggle/resize-observer@3.4.0': - resolution: {integrity: sha512-dfLbk+PwWvFzSxwk3n5ySL0hfBog779o8h68wK/7/APo/7cgyWp5jcXockbxdk5kFRkbeXWm4Fbi9FrdN381sA==} - - '@koa/cors@5.0.0': - resolution: {integrity: sha512-x/iUDjcS90W69PryLDIMgFyV21YLTnG9zOpPXS7Bkt2b8AsY3zZsIpOLBkYr9fBcF3HbkKaER5hOBZLfpLgYNw==} - engines: {node: '>= 14.0.0'} - - '@koa/router@10.1.1': - resolution: {integrity: sha512-ORNjq5z4EmQPriKbR0ER3k4Gh7YGNhWDL7JBW+8wXDrHLbWYKYSJaOJ9aN06npF5tbTxe2JBOsurpJDAvjiXKw==} - engines: {node: '>= 8.0.0'} - deprecated: '**IMPORTANT 10x+ PERFORMANCE UPGRADE**: Please upgrade to v12.0.1+ as we have fixed an issue with debuglog causing 10x slower router benchmark performance, see https://github.com/koajs/router/pull/173' - - '@lezer/common@1.2.1': - resolution: {integrity: sha512-yemX0ZD2xS/73llMZIK6KplkjIjf2EvAHcinDi/TfJ9hS25G0388+ClHt6/3but0oOxinTcQHJLDXh6w1crzFQ==} - - '@lezer/highlight@1.2.1': - resolution: {integrity: sha512-Z5duk4RN/3zuVO7Jq0pGLJ3qynpxUVsh7IbUbGj88+uV2ApSAn6kWg2au3iJb+0Zi7kKtqffIESgNcRXWZWmSA==} - - '@lezer/json@1.0.2': - resolution: {integrity: sha512-xHT2P4S5eeCYECyKNPhr4cbEL9tc8w83SPwRC373o9uEdrvGKTZoJVAGxpOsZckMlEh9W23Pc72ew918RWQOBQ==} - - '@lezer/lr@1.4.2': - resolution: {integrity: sha512-pu0K1jCIdnQ12aWNaAVU5bzi7Bd1w54J3ECgANPmYLtQKP0HBj2cE/5coBD66MT10xbtIuUr7tg0Shbsvk0mDA==} - - '@mapbox/node-pre-gyp@1.0.11': - resolution: {integrity: sha512-Yhlar6v9WQgUp/He7BdgzOz8lqMQ8sU+jkCq7Wx8Myc5YFJLbEe7lgui/V7G1qB1DJykHSGwreceSaD60Y0PUQ==} - hasBin: true - - '@mux/mux-node@8.8.0': - resolution: {integrity: sha512-7EMuTh62s3Ux+SrcKHoLvXgLDQzeHmbBnOf8xO9hEPLxU9SdV8XX7cqTkWnYlmVdP6ywIoBb4boQX2skI5qk5w==} - - '@noble/hashes@1.5.0': - resolution: {integrity: sha512-1j6kQFb7QRru7eKN3ZDvRcP13rugwdxZqCjbiAVZfIJwgj2A65UmT4TgARXGlXgnRkORLTDTrO19ZErt7+QXgA==} - engines: {node: ^14.21.3 || >=16} - - '@nodelib/fs.scandir@2.1.5': - resolution: {integrity: sha512-vq24Bq3ym5HEQm2NKCr3yXDwjc7vTsEThRDnkp2DK9p1uqLR+DHurm/NOTo0KG7HYHU7eppKZj3MyqYuMBf62g==} - engines: {node: '>= 8'} - - '@nodelib/fs.stat@2.0.5': - resolution: {integrity: sha512-RkhPPp2zrqDAQA/2jNhnztcPAlv64XdhIp7a7454A5ovI7Bukxgt7MX7udwAu3zg1DcpPU0rz3VV1SeaqvY4+A==} - engines: {node: '>= 8'} - - '@nodelib/fs.walk@1.2.8': - resolution: {integrity: sha512-oGB+UxlgWcgQkgwo8GcEGwemoTFt3FIO9ababBmaGwXIoBKZ+GTy0pP185beGg7Llih/NSHSV2XAs1lnznocSg==} - engines: {node: '>= 8'} - - '@paralleldrive/cuid2@2.2.2': - resolution: {integrity: sha512-ZOBkgDwEdoYVlSeRbYYXs0S9MejQofiVYoTbKzy/6GQa39/q5tQU2IX46+shYnUkpEl3wc+J6wRlar7r2EK2xA==} - - '@pkgjs/parseargs@0.11.0': - resolution: {integrity: sha512-+1VkjdD0QBLPodGrJUeqarH8VAIvQODIbwh9XpP5Syisf7YoQgsJKPNFoqqLQlu+VQ/tVSshMR6loPMn8U+dPg==} - engines: {node: '>=14'} - - '@pkgr/utils@2.4.2': - resolution: {integrity: sha512-POgTXhjrTfbTV63DiFXav4lBHiICLKKwDeaKn9Nphwj7WH6m0hMMCaJkMyRWjgtPFyRKRVoMXXjczsTQRDEhYw==} - engines: {node: ^12.20.0 || ^14.18.0 || >=16.0.0} - - '@pmmmwh/react-refresh-webpack-plugin@0.5.11': - resolution: {integrity: sha512-7j/6vdTym0+qZ6u4XbSAxrWBGYSdCfTzySkj7WAFgDLmSyWlOrWvpyzxlFh5jtw9dn0oL/jtW+06XfFiisN3JQ==} - engines: {node: '>= 10.13'} - peerDependencies: - '@types/webpack': 4.x || 5.x - react-refresh: '>=0.10.0 <1.0.0' - sockjs-client: ^1.4.0 - type-fest: '>=0.17.0 <5.0.0' - webpack: '>=4.43.0 <6.0.0' - webpack-dev-server: 3.x || 4.x - webpack-hot-middleware: 2.x - webpack-plugin-serve: 0.x || 1.x - peerDependenciesMeta: - '@types/webpack': - optional: true - sockjs-client: - optional: true - type-fest: - optional: true - webpack-dev-server: - optional: true - webpack-hot-middleware: - optional: true - webpack-plugin-serve: - optional: true - - '@pnpm/config.env-replace@1.1.0': - resolution: {integrity: sha512-htyl8TWnKL7K/ESFa1oW2UB5lVDxuF5DpM7tBi6Hu2LNL3mWkIzNLG6N4zoCUP1lCKNxWy/3iu8mS8MvToGd6w==} - engines: {node: '>=12.22.0'} - - '@pnpm/network.ca-file@1.0.2': - resolution: {integrity: sha512-YcPQ8a0jwYU9bTdJDpXjMi7Brhkr1mXsXrUJvjqM2mQDgkRiz8jFaQGOdaLxgjtUfQgZhKy/O3cG/YwmgKaxLA==} - engines: {node: '>=12.22.0'} - - '@pnpm/npm-conf@2.3.1': - resolution: {integrity: sha512-c83qWb22rNRuB0UaVCI0uRPNRr8Z0FWnEIvT47jiHAmOIUHbBOg5XvV7pM5x+rKn9HRpjxquDbXYSXr3fAKFcw==} - engines: {node: '>=12'} - - '@polka/url@1.0.0-next.25': - resolution: {integrity: sha512-j7P6Rgr3mmtdkeDGTe0E/aYyWEWVtc5yFXtHCRHs28/jptDEWfaVOc5T7cblqy1XKPPfCxJc/8DwQ5YgLOZOVQ==} - - '@radix-ui/number@1.1.0': - resolution: {integrity: sha512-V3gRzhVNU1ldS5XhAPTom1fOIo4ccrjjJgmE+LI2h/WaFpHmx0MQApT+KZHnx8abG6Avtfcz4WoEciMnpFT3HQ==} - - '@radix-ui/primitive@1.0.1': - resolution: {integrity: sha512-yQ8oGX2GVsEYMWGxcovu1uGWPCxV5BFfeeYxqPmuAzUyLT9qmaMXSAhXpb0WrspIeqYzdJpkh2vHModJPgRIaw==} - - '@radix-ui/primitive@1.1.0': - resolution: {integrity: sha512-4Z8dn6Upk0qk4P74xBhZ6Hd/w0mPEzOOLxy4xiPXOXqjF7jZS0VAKk7/x/H6FyY2zCkYJqePf1G5KmkmNJ4RBA==} - - '@radix-ui/react-arrow@1.1.0': - resolution: {integrity: sha512-FmlW1rCg7hBpEBwFbjHwCW6AmWLQM6g/v0Sn8XbP9NvmSZ2San1FpQeyPtufzOMSIx7Y4dzjlHoifhp+7NkZhw==} - peerDependencies: - '@types/react': '*' - '@types/react-dom': '*' - react: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc - react-dom: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc - peerDependenciesMeta: - '@types/react': - optional: true - '@types/react-dom': - optional: true - - '@radix-ui/react-collection@1.0.3': - resolution: {integrity: sha512-3SzW+0PW7yBBoQlT8wNcGtaxaD0XSu0uLUFgrtHY08Acx05TaHaOmVLR73c0j/cqpDy53KBMO7s0dx2wmOIDIA==} - peerDependencies: - '@types/react': '*' - '@types/react-dom': '*' - react: ^16.8 || ^17.0 || ^18.0 - react-dom: ^16.8 || ^17.0 || ^18.0 - peerDependenciesMeta: - '@types/react': - optional: true - '@types/react-dom': - optional: true - - '@radix-ui/react-collection@1.1.0': - resolution: {integrity: sha512-GZsZslMJEyo1VKm5L1ZJY8tGDxZNPAoUeQUIbKeJfoi7Q4kmig5AsgLMYYuyYbfjd8fBmFORAIwYAkXMnXZgZw==} - peerDependencies: - '@types/react': '*' - '@types/react-dom': '*' - react: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc - react-dom: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc - peerDependenciesMeta: - '@types/react': - optional: true - '@types/react-dom': - optional: true - - '@radix-ui/react-compose-refs@1.0.1': - resolution: {integrity: sha512-fDSBgd44FKHa1FRMU59qBMPFcl2PZE+2nmqunj+BWFyYYjnhIDWL2ItDs3rrbJDQOtzt5nIebLCQc4QRfz6LJw==} - peerDependencies: - '@types/react': '*' - react: ^16.8 || ^17.0 || ^18.0 - peerDependenciesMeta: - '@types/react': - optional: true - - '@radix-ui/react-compose-refs@1.1.0': - resolution: {integrity: sha512-b4inOtiaOnYf9KWyO3jAeeCG6FeyfY6ldiEPanbUjWd+xIk5wZeHa8yVwmrJ2vderhu/BQvzCrJI0lHd+wIiqw==} - peerDependencies: - '@types/react': '*' - react: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc - peerDependenciesMeta: - '@types/react': - optional: true - - '@radix-ui/react-context@1.0.1': - resolution: {integrity: sha512-ebbrdFoYTcuZ0v4wG5tedGnp9tzcV8awzsxYph7gXUyvnNLuTIcCk1q17JEbnVhXAKG9oX3KtchwiMIAYp9NLg==} - peerDependencies: - '@types/react': '*' - react: ^16.8 || ^17.0 || ^18.0 - peerDependenciesMeta: - '@types/react': - optional: true - - '@radix-ui/react-context@1.1.0': - resolution: {integrity: sha512-OKrckBy+sMEgYM/sMmqmErVn0kZqrHPJze+Ql3DzYsDDp0hl0L62nx/2122/Bvps1qz645jlcu2tD9lrRSdf8A==} - peerDependencies: - '@types/react': '*' - react: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc - peerDependenciesMeta: - '@types/react': - optional: true - - '@radix-ui/react-direction@1.0.1': - resolution: {integrity: sha512-RXcvnXgyvYvBEOhCBuddKecVkoMiI10Jcm5cTI7abJRAHYfFxeu+FBQs/DvdxSYucxR5mna0dNsL6QFlds5TMA==} - peerDependencies: - '@types/react': '*' - react: ^16.8 || ^17.0 || ^18.0 - peerDependenciesMeta: - '@types/react': - optional: true - - '@radix-ui/react-direction@1.1.0': - resolution: {integrity: sha512-BUuBvgThEiAXh2DWu93XsT+a3aWrGqolGlqqw5VU1kG7p/ZH2cuDlM1sRLNnY3QcBS69UIz2mcKhMxDsdewhjg==} - peerDependencies: - '@types/react': '*' - react: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc - peerDependenciesMeta: - '@types/react': - optional: true - - '@radix-ui/react-dismissable-layer@1.1.0': - resolution: {integrity: sha512-/UovfmmXGptwGcBQawLzvn2jOfM0t4z3/uKffoBlj724+n3FvBbZ7M0aaBOmkp6pqFYpO4yx8tSVJjx3Fl2jig==} - peerDependencies: - '@types/react': '*' - '@types/react-dom': '*' - react: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc - react-dom: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc - peerDependenciesMeta: - '@types/react': - optional: true - '@types/react-dom': - optional: true - - '@radix-ui/react-dropdown-menu@2.1.1': - resolution: {integrity: sha512-y8E+x9fBq9qvteD2Zwa4397pUVhYsh9iq44b5RD5qu1GMJWBCBuVg1hMyItbc6+zH00TxGRqd9Iot4wzf3OoBQ==} - peerDependencies: - '@types/react': '*' - '@types/react-dom': '*' - react: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc - react-dom: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc - peerDependenciesMeta: - '@types/react': - optional: true - '@types/react-dom': - optional: true - - '@radix-ui/react-focus-guards@1.0.1': - resolution: {integrity: sha512-Rect2dWbQ8waGzhMavsIbmSVCgYxkXLxxR3ZvCX79JOglzdEy4JXMb98lq4hPxUbLr77nP0UOGf4rcMU+s1pUA==} - peerDependencies: - '@types/react': '*' - react: ^16.8 || ^17.0 || ^18.0 - peerDependenciesMeta: - '@types/react': - optional: true - - '@radix-ui/react-focus-guards@1.1.0': - resolution: {integrity: sha512-w6XZNUPVv6xCpZUqb/yN9DL6auvpGX3C/ee6Hdi16v2UUy25HV2Q5bcflsiDyT/g5RwbPQ/GIT1vLkeRb+ITBw==} - peerDependencies: - '@types/react': '*' - react: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc - peerDependenciesMeta: - '@types/react': - optional: true - - '@radix-ui/react-focus-scope@1.0.4': - resolution: {integrity: sha512-sL04Mgvf+FmyvZeYfNu1EPAaaxD+aw7cYeIB9L9Fvq8+urhltTRaEo5ysKOpHuKPclsZcSUMKlN05x4u+CINpA==} - peerDependencies: - '@types/react': '*' - '@types/react-dom': '*' - react: ^16.8 || ^17.0 || ^18.0 - react-dom: ^16.8 || ^17.0 || ^18.0 - peerDependenciesMeta: - '@types/react': - optional: true - '@types/react-dom': - optional: true - - '@radix-ui/react-focus-scope@1.1.0': - resolution: {integrity: sha512-200UD8zylvEyL8Bx+z76RJnASR2gRMuxlgFCPAe/Q/679a/r0eK3MBVYMb7vZODZcffZBdob1EGnky78xmVvcA==} - peerDependencies: - '@types/react': '*' - '@types/react-dom': '*' - react: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc - react-dom: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc - peerDependenciesMeta: - '@types/react': - optional: true - '@types/react-dom': - optional: true - - '@radix-ui/react-id@1.0.1': - resolution: {integrity: sha512-tI7sT/kqYp8p96yGWY1OAnLHrqDgzHefRBKQ2YAkBS5ja7QLcZ9Z/uY7bEjPUatf8RomoXM8/1sMj1IJaE5UzQ==} - peerDependencies: - '@types/react': '*' - react: ^16.8 || ^17.0 || ^18.0 - peerDependenciesMeta: - '@types/react': - optional: true - - '@radix-ui/react-id@1.1.0': - resolution: {integrity: sha512-EJUrI8yYh7WOjNOqpoJaf1jlFIH2LvtgAl+YcFqNCa+4hj64ZXmPkAKOFs/ukjz3byN6bdb/AVUqHkI8/uWWMA==} - peerDependencies: - '@types/react': '*' - react: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc - peerDependenciesMeta: - '@types/react': - optional: true - - '@radix-ui/react-menu@2.1.1': - resolution: {integrity: sha512-oa3mXRRVjHi6DZu/ghuzdylyjaMXLymx83irM7hTxutQbD+7IhPKdMdRHD26Rm+kHRrWcrUkkRPv5pd47a2xFQ==} - peerDependencies: - '@types/react': '*' - '@types/react-dom': '*' - react: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc - react-dom: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc - peerDependenciesMeta: - '@types/react': - optional: true - '@types/react-dom': - optional: true - - '@radix-ui/react-popper@1.2.0': - resolution: {integrity: sha512-ZnRMshKF43aBxVWPWvbj21+7TQCvhuULWJ4gNIKYpRlQt5xGRhLx66tMp8pya2UkGHTSlhpXwmjqltDYHhw7Vg==} - peerDependencies: - '@types/react': '*' - '@types/react-dom': '*' - react: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc - react-dom: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc - peerDependenciesMeta: - '@types/react': - optional: true - '@types/react-dom': - optional: true - - '@radix-ui/react-portal@1.1.1': - resolution: {integrity: sha512-A3UtLk85UtqhzFqtoC8Q0KvR2GbXF3mtPgACSazajqq6A41mEQgo53iPzY4i6BwDxlIFqWIhiQ2G729n+2aw/g==} - peerDependencies: - '@types/react': '*' - '@types/react-dom': '*' - react: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc - react-dom: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc - peerDependenciesMeta: - '@types/react': - optional: true - '@types/react-dom': - optional: true - - '@radix-ui/react-presence@1.1.0': - resolution: {integrity: sha512-Gq6wuRN/asf9H/E/VzdKoUtT8GC9PQc9z40/vEr0VCJ4u5XvvhWIrSsCB6vD2/cH7ugTdSfYq9fLJCcM00acrQ==} - peerDependencies: - '@types/react': '*' - '@types/react-dom': '*' - react: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc - react-dom: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc - peerDependenciesMeta: - '@types/react': - optional: true - '@types/react-dom': - optional: true - - '@radix-ui/react-primitive@1.0.3': - resolution: {integrity: sha512-yi58uVyoAcK/Nq1inRY56ZSjKypBNKTa/1mcL8qdl6oJeEaDbOldlzrGn7P6Q3Id5d+SYNGc5AJgc4vGhjs5+g==} - peerDependencies: - '@types/react': '*' - '@types/react-dom': '*' - react: ^16.8 || ^17.0 || ^18.0 - react-dom: ^16.8 || ^17.0 || ^18.0 - peerDependenciesMeta: - '@types/react': - optional: true - '@types/react-dom': - optional: true - - '@radix-ui/react-primitive@2.0.0': - resolution: {integrity: sha512-ZSpFm0/uHa8zTvKBDjLFWLo8dkr4MBsiDLz0g3gMUwqgLHz9rTaRRGYDgvZPtBJgYCBKXkS9fzmoySgr8CO6Cw==} - peerDependencies: - '@types/react': '*' - '@types/react-dom': '*' - react: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc - react-dom: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc - peerDependenciesMeta: - '@types/react': - optional: true - '@types/react-dom': - optional: true - - '@radix-ui/react-roving-focus@1.0.4': - resolution: {integrity: sha512-2mUg5Mgcu001VkGy+FfzZyzbmuUWzgWkj3rvv4yu+mLw03+mTzbxZHvfcGyFp2b8EkQeMkpRQ5FiA2Vr2O6TeQ==} - peerDependencies: - '@types/react': '*' - '@types/react-dom': '*' - react: ^16.8 || ^17.0 || ^18.0 - react-dom: ^16.8 || ^17.0 || ^18.0 - peerDependenciesMeta: - '@types/react': - optional: true - '@types/react-dom': - optional: true - - '@radix-ui/react-roving-focus@1.1.0': - resolution: {integrity: sha512-EA6AMGeq9AEeQDeSH0aZgG198qkfHSbvWTf1HvoDmOB5bBG/qTxjYMWUKMnYiV6J/iP/J8MEFSuB2zRU2n7ODA==} - peerDependencies: - '@types/react': '*' - '@types/react-dom': '*' - react: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc - react-dom: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc - peerDependenciesMeta: - '@types/react': - optional: true - '@types/react-dom': - optional: true - - '@radix-ui/react-separator@1.0.3': - resolution: {integrity: sha512-itYmTy/kokS21aiV5+Z56MZB54KrhPgn6eHDKkFeOLR34HMN2s8PaN47qZZAGnvupcjxHaFZnW4pQEh0BvvVuw==} - peerDependencies: - '@types/react': '*' - '@types/react-dom': '*' - react: ^16.8 || ^17.0 || ^18.0 - react-dom: ^16.8 || ^17.0 || ^18.0 - peerDependenciesMeta: - '@types/react': - optional: true - '@types/react-dom': - optional: true - - '@radix-ui/react-slot@1.0.2': - resolution: {integrity: sha512-YeTpuq4deV+6DusvVUW4ivBgnkHwECUu0BiN43L5UCDFgdhsRUWAghhTF5MbvNTPzmiFOx90asDSUjWuCNapwg==} - peerDependencies: - '@types/react': '*' - react: ^16.8 || ^17.0 || ^18.0 - peerDependenciesMeta: - '@types/react': - optional: true - - '@radix-ui/react-slot@1.1.0': - resolution: {integrity: sha512-FUCf5XMfmW4dtYl69pdS4DbxKy8nj4M7SafBgPllysxmdachynNflAdp/gCsnYWNDnge6tI9onzMp5ARYc1KNw==} - peerDependencies: - '@types/react': '*' - react: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc - peerDependenciesMeta: - '@types/react': - optional: true - - '@radix-ui/react-toggle-group@1.0.4': - resolution: {integrity: sha512-Uaj/M/cMyiyT9Bx6fOZO0SAG4Cls0GptBWiBmBxofmDbNVnYYoyRWj/2M/6VCi/7qcXFWnHhRUfdfZFvvkuu8A==} - peerDependencies: - '@types/react': '*' - '@types/react-dom': '*' - react: ^16.8 || ^17.0 || ^18.0 - react-dom: ^16.8 || ^17.0 || ^18.0 - peerDependenciesMeta: - '@types/react': - optional: true - '@types/react-dom': - optional: true - - '@radix-ui/react-toggle@1.0.3': - resolution: {integrity: sha512-Pkqg3+Bc98ftZGsl60CLANXQBBQ4W3mTFS9EJvNxKMZ7magklKV69/id1mlAlOFDDfHvlCms0fx8fA4CMKDJHg==} - peerDependencies: - '@types/react': '*' - '@types/react-dom': '*' - react: ^16.8 || ^17.0 || ^18.0 - react-dom: ^16.8 || ^17.0 || ^18.0 - peerDependenciesMeta: - '@types/react': - optional: true - '@types/react-dom': - optional: true - - '@radix-ui/react-toolbar@1.0.4': - resolution: {integrity: sha512-tBgmM/O7a07xbaEkYJWYTXkIdU/1pW4/KZORR43toC/4XWyBCURK0ei9kMUdp+gTPPKBgYLxXmRSH1EVcIDp8Q==} - peerDependencies: - '@types/react': '*' - '@types/react-dom': '*' - react: ^16.8 || ^17.0 || ^18.0 - react-dom: ^16.8 || ^17.0 || ^18.0 - peerDependenciesMeta: - '@types/react': - optional: true - '@types/react-dom': - optional: true - - '@radix-ui/react-use-callback-ref@1.0.1': - resolution: {integrity: sha512-D94LjX4Sp0xJFVaoQOd3OO9k7tpBYNOXdVhkltUbGv2Qb9OXdrg/CpsjlZv7ia14Sylv398LswWBVVu5nqKzAQ==} - peerDependencies: - '@types/react': '*' - react: ^16.8 || ^17.0 || ^18.0 - peerDependenciesMeta: - '@types/react': - optional: true - - '@radix-ui/react-use-callback-ref@1.1.0': - resolution: {integrity: sha512-CasTfvsy+frcFkbXtSJ2Zu9JHpN8TYKxkgJGWbjiZhFivxaeW7rMeZt7QELGVLaYVfFMsKHjb7Ak0nMEe+2Vfw==} - peerDependencies: - '@types/react': '*' - react: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc - peerDependenciesMeta: - '@types/react': - optional: true - - '@radix-ui/react-use-controllable-state@1.0.1': - resolution: {integrity: sha512-Svl5GY5FQeN758fWKrjM6Qb7asvXeiZltlT4U2gVfl8Gx5UAv2sMR0LWo8yhsIZh2oQ0eFdZ59aoOOMV7b47VA==} - peerDependencies: - '@types/react': '*' - react: ^16.8 || ^17.0 || ^18.0 - peerDependenciesMeta: - '@types/react': - optional: true - - '@radix-ui/react-use-controllable-state@1.1.0': - resolution: {integrity: sha512-MtfMVJiSr2NjzS0Aa90NPTnvTSg6C/JLCV7ma0W6+OMV78vd8OyRpID+Ng9LxzsPbLeuBnWBA1Nq30AtBIDChw==} - peerDependencies: - '@types/react': '*' - react: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc - peerDependenciesMeta: - '@types/react': - optional: true - - '@radix-ui/react-use-escape-keydown@1.1.0': - resolution: {integrity: sha512-L7vwWlR1kTTQ3oh7g1O0CBF3YCyyTj8NmhLR+phShpyA50HCfBFKVJTpshm9PzLiKmehsrQzTYTpX9HvmC9rhw==} - peerDependencies: - '@types/react': '*' - react: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc - peerDependenciesMeta: - '@types/react': - optional: true - - '@radix-ui/react-use-layout-effect@1.0.1': - resolution: {integrity: sha512-v/5RegiJWYdoCvMnITBkNNx6bCj20fiaJnWtRkU18yITptraXjffz5Qbn05uOiQnOvi+dbkznkoaMltz1GnszQ==} - peerDependencies: - '@types/react': '*' - react: ^16.8 || ^17.0 || ^18.0 - peerDependenciesMeta: - '@types/react': - optional: true - - '@radix-ui/react-use-layout-effect@1.1.0': - resolution: {integrity: sha512-+FPE0rOdziWSrH9athwI1R0HDVbWlEhd+FR+aSDk4uWGmSJ9Z54sdZVDQPZAinJhJXwfT+qnj969mCsT2gfm5w==} - peerDependencies: - '@types/react': '*' - react: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc - peerDependenciesMeta: - '@types/react': - optional: true - - '@radix-ui/react-use-previous@1.1.0': - resolution: {integrity: sha512-Z/e78qg2YFnnXcW88A4JmTtm4ADckLno6F7OXotmkQfeuCVaKuYzqAATPhVzl3delXE7CxIV8shofPn3jPc5Og==} - peerDependencies: - '@types/react': '*' - react: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc - peerDependenciesMeta: - '@types/react': - optional: true - - '@radix-ui/react-use-rect@1.1.0': - resolution: {integrity: sha512-0Fmkebhr6PiseyZlYAOtLS+nb7jLmpqTrJyv61Pe68MKYW6OWdRE2kI70TaYY27u7H0lajqM3hSMMLFq18Z7nQ==} - peerDependencies: - '@types/react': '*' - react: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc - peerDependenciesMeta: - '@types/react': - optional: true - - '@radix-ui/react-use-size@1.1.0': - resolution: {integrity: sha512-XW3/vWuIXHa+2Uwcc2ABSfcCledmXhhQPlGbfcRXbiUQI5Icjcg19BGCZVKKInYbvUCut/ufbbLLPFC5cbb1hw==} - peerDependencies: - '@types/react': '*' - react: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc - peerDependenciesMeta: - '@types/react': - optional: true - - '@radix-ui/react-visually-hidden@1.1.0': - resolution: {integrity: sha512-N8MDZqtgCgG5S3aV60INAB475osJousYpZ4cTJ2cFbMpdHS5Y6loLTH8LPtkj2QN0x93J30HT/M3qJXM0+lyeQ==} - peerDependencies: - '@types/react': '*' - '@types/react-dom': '*' - react: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc - react-dom: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc - peerDependenciesMeta: - '@types/react': - optional: true - '@types/react-dom': - optional: true - - '@radix-ui/rect@1.1.0': - resolution: {integrity: sha512-A9+lCBZoaMJlVKcRBz2YByCG+Cp2t6nAnMnNba+XiWxnj6r4JUFqfsgwocMBZU9LPtdxC6wB56ySYpc7LQIoJg==} - - '@react-dnd/asap@5.0.2': - resolution: {integrity: sha512-WLyfoHvxhs0V9U+GTsGilGgf2QsPl6ZZ44fnv0/b8T3nQyvzxidxsg/ZltbWssbsRDlYW8UKSQMTGotuTotZ6A==} - - '@react-dnd/invariant@4.0.2': - resolution: {integrity: sha512-xKCTqAK/FFauOM9Ta2pswIyT3D8AQlfrYdOi/toTPEhqCuAs1v5tcJ3Y08Izh1cJ5Jchwy9SeAXmMg6zrKs2iw==} - - '@react-dnd/shallowequal@4.0.2': - resolution: {integrity: sha512-/RVXdLvJxLg4QKvMoM5WlwNR9ViO9z8B/qPcc+C0Sa/teJY7QG7kJ441DwzOjMYEY7GmU4dj5EcGHIkKZiQZCA==} - - '@reduxjs/toolkit@1.9.7': - resolution: {integrity: sha512-t7v8ZPxhhKgOKtU+uyJT13lu4vL7az5aFi4IdoDs/eS548edn2M8Ik9h8fxgvMjGoAUVFSt6ZC1P5cWmQ014QQ==} - peerDependencies: - react: ^16.9.0 || ^17.0.0 || ^18 - react-redux: ^7.2.1 || ^8.0.2 - peerDependenciesMeta: - react: - optional: true - react-redux: - optional: true - - '@remix-run/router@1.19.1': - resolution: {integrity: sha512-S45oynt/WH19bHbIXjtli6QmwNYvaz+vtnubvNpNDvUOoA/OWh6j1OikIP3G+v5GHdxyC6EXoChG3HgYGEUfcg==} - engines: {node: '>=14.0.0'} - - '@rollup/rollup-android-arm-eabi@4.21.2': - resolution: {integrity: sha512-fSuPrt0ZO8uXeS+xP3b+yYTCBUd05MoSp2N/MFOgjhhUhMmchXlpTQrTpI8T+YAwAQuK7MafsCOxW7VrPMrJcg==} - cpu: [arm] - os: [android] - - '@rollup/rollup-android-arm64@4.21.2': - resolution: {integrity: sha512-xGU5ZQmPlsjQS6tzTTGwMsnKUtu0WVbl0hYpTPauvbRAnmIvpInhJtgjj3mcuJpEiuUw4v1s4BimkdfDWlh7gA==} - cpu: [arm64] - os: [android] - - '@rollup/rollup-darwin-arm64@4.21.2': - resolution: {integrity: sha512-99AhQ3/ZMxU7jw34Sq8brzXqWH/bMnf7ZVhvLk9QU2cOepbQSVTns6qoErJmSiAvU3InRqC2RRZ5ovh1KN0d0Q==} - cpu: [arm64] - os: [darwin] - - '@rollup/rollup-darwin-x64@4.21.2': - resolution: {integrity: sha512-ZbRaUvw2iN/y37x6dY50D8m2BnDbBjlnMPotDi/qITMJ4sIxNY33HArjikDyakhSv0+ybdUxhWxE6kTI4oX26w==} - cpu: [x64] - os: [darwin] - - '@rollup/rollup-linux-arm-gnueabihf@4.21.2': - resolution: {integrity: sha512-ztRJJMiE8nnU1YFcdbd9BcH6bGWG1z+jP+IPW2oDUAPxPjo9dverIOyXz76m6IPA6udEL12reYeLojzW2cYL7w==} - cpu: [arm] - os: [linux] - - '@rollup/rollup-linux-arm-musleabihf@4.21.2': - resolution: {integrity: sha512-flOcGHDZajGKYpLV0JNc0VFH361M7rnV1ee+NTeC/BQQ1/0pllYcFmxpagltANYt8FYf9+kL6RSk80Ziwyhr7w==} - cpu: [arm] - os: [linux] - - '@rollup/rollup-linux-arm64-gnu@4.21.2': - resolution: {integrity: sha512-69CF19Kp3TdMopyteO/LJbWufOzqqXzkrv4L2sP8kfMaAQ6iwky7NoXTp7bD6/irKgknDKM0P9E/1l5XxVQAhw==} - cpu: [arm64] - os: [linux] - - '@rollup/rollup-linux-arm64-musl@4.21.2': - resolution: {integrity: sha512-48pD/fJkTiHAZTnZwR0VzHrao70/4MlzJrq0ZsILjLW/Ab/1XlVUStYyGt7tdyIiVSlGZbnliqmult/QGA2O2w==} - cpu: [arm64] - os: [linux] - - '@rollup/rollup-linux-powerpc64le-gnu@4.21.2': - resolution: {integrity: sha512-cZdyuInj0ofc7mAQpKcPR2a2iu4YM4FQfuUzCVA2u4HI95lCwzjoPtdWjdpDKyHxI0UO82bLDoOaLfpZ/wviyQ==} - cpu: [ppc64] - os: [linux] - - '@rollup/rollup-linux-riscv64-gnu@4.21.2': - resolution: {integrity: sha512-RL56JMT6NwQ0lXIQmMIWr1SW28z4E4pOhRRNqwWZeXpRlykRIlEpSWdsgNWJbYBEWD84eocjSGDu/XxbYeCmwg==} - cpu: [riscv64] - os: [linux] - - '@rollup/rollup-linux-s390x-gnu@4.21.2': - resolution: {integrity: sha512-PMxkrWS9z38bCr3rWvDFVGD6sFeZJw4iQlhrup7ReGmfn7Oukrr/zweLhYX6v2/8J6Cep9IEA/SmjXjCmSbrMQ==} - cpu: [s390x] - os: [linux] - - '@rollup/rollup-linux-x64-gnu@4.21.2': - resolution: {integrity: sha512-B90tYAUoLhU22olrafY3JQCFLnT3NglazdwkHyxNDYF/zAxJt5fJUB/yBoWFoIQ7SQj+KLe3iL4BhOMa9fzgpw==} - cpu: [x64] - os: [linux] - - '@rollup/rollup-linux-x64-musl@4.21.2': - resolution: {integrity: sha512-7twFizNXudESmC9oneLGIUmoHiiLppz/Xs5uJQ4ShvE6234K0VB1/aJYU3f/4g7PhssLGKBVCC37uRkkOi8wjg==} - cpu: [x64] - os: [linux] - - '@rollup/rollup-win32-arm64-msvc@4.21.2': - resolution: {integrity: sha512-9rRero0E7qTeYf6+rFh3AErTNU1VCQg2mn7CQcI44vNUWM9Ze7MSRS/9RFuSsox+vstRt97+x3sOhEey024FRQ==} - cpu: [arm64] - os: [win32] - - '@rollup/rollup-win32-ia32-msvc@4.21.2': - resolution: {integrity: sha512-5rA4vjlqgrpbFVVHX3qkrCo/fZTj1q0Xxpg+Z7yIo3J2AilW7t2+n6Q8Jrx+4MrYpAnjttTYF8rr7bP46BPzRw==} - cpu: [ia32] - os: [win32] - - '@rollup/rollup-win32-x64-msvc@4.21.2': - resolution: {integrity: sha512-6UUxd0+SKomjdzuAcp+HAmxw1FlGBnl1v2yEPSabtx4lBfdXHDVsW7+lQkgz9cNFJGY3AWR7+V8P5BqkD9L9nA==} - cpu: [x64] - os: [win32] - - '@rushstack/node-core-library@5.7.0': - resolution: {integrity: sha512-Ff9Cz/YlWu9ce4dmqNBZpA45AEya04XaBFIjV7xTVeEf+y/kTjEasmozqFELXlNG4ROdevss75JrrZ5WgufDkQ==} - peerDependencies: - '@types/node': '*' - peerDependenciesMeta: - '@types/node': - optional: true - - '@rushstack/terminal@0.14.0': - resolution: {integrity: sha512-juTKMAMpTIJKudeFkG5slD8Z/LHwNwGZLtU441l/u82XdTBfsP+LbGKJLCNwP5se+DMCT55GB8x9p6+C4UL7jw==} - peerDependencies: - '@types/node': '*' - peerDependenciesMeta: - '@types/node': - optional: true - - '@rushstack/ts-command-line@4.22.6': - resolution: {integrity: sha512-QSRqHT/IfoC5nk9zn6+fgyqOPXHME0BfchII9EUPR19pocsNp/xSbeBCbD3PIR2Lg+Q5qk7OFqk1VhWPMdKHJg==} - - '@sentry/core@6.19.7': - resolution: {integrity: sha512-tOfZ/umqB2AcHPGbIrsFLcvApdTm9ggpi/kQZFkej7kMphjT+SGBiQfYtjyg9jcRW+ilAR4JXC9BGKsdEQ+8Vw==} - engines: {node: '>=6'} - - '@sentry/hub@6.19.7': - resolution: {integrity: sha512-y3OtbYFAqKHCWezF0EGGr5lcyI2KbaXW2Ik7Xp8Mu9TxbSTuwTe4rTntwg8ngPjUQU3SUHzgjqVB8qjiGqFXCA==} - engines: {node: '>=6'} - - '@sentry/minimal@6.19.7': - resolution: {integrity: sha512-wcYmSJOdvk6VAPx8IcmZgN08XTXRwRtB1aOLZm+MVHjIZIhHoBGZJYTVQS/BWjldsamj2cX3YGbGXNunaCfYJQ==} - engines: {node: '>=6'} - - '@sentry/node@6.19.7': - resolution: {integrity: sha512-gtmRC4dAXKODMpHXKfrkfvyBL3cI8y64vEi3fDD046uqYcrWdgoQsffuBbxMAizc6Ez1ia+f0Flue6p15Qaltg==} - engines: {node: '>=6'} - - '@sentry/types@6.19.7': - resolution: {integrity: sha512-jH84pDYE+hHIbVnab3Hr+ZXr1v8QABfhx39KknxqKWr2l0oEItzepV0URvbEhB446lk/S/59230dlUUIBGsXbg==} - engines: {node: '>=6'} - - '@sentry/utils@6.19.7': - resolution: {integrity: sha512-z95ECmE3i9pbWoXQrD/7PgkBAzJYR+iXtPuTkpBjDKs86O3mT+PXOT3BAn79w2wkn7/i3vOGD2xVr1uiMl26dA==} - engines: {node: '>=6'} - - '@simov/deep-extend@1.0.0': - resolution: {integrity: sha512-Arv8/ZPcdKAMJnNF8cks35mPq1y3JnwH1lWpfWDKlJoj+Vw2xmA4+oL7m9GVHTgdX0mGFR7bCPTBTGbxhnfJJw==} - engines: {node: '>=4.0.0'} - - '@sindresorhus/is@4.6.0': - resolution: {integrity: sha512-t09vSN3MdfsyCHoFcTRCH/iUtG7OJ0CsjzB8cjAmKc/va/kIgeDI/TxsigdncE/4be734m0cvIYwNaV4i2XqAw==} - engines: {node: '>=10'} - - '@sindresorhus/slugify@1.1.0': - resolution: {integrity: sha512-ujZRbmmizX26yS/HnB3P9QNlNa4+UvHh+rIse3RbOXLp8yl6n1TxB4t7NHggtVgS8QmmOtzXo48kCxZGACpkPw==} - engines: {node: '>=10'} - - '@sindresorhus/transliterate@0.1.2': - resolution: {integrity: sha512-5/kmIOY9FF32nicXH+5yLNTX4NJ4atl7jRgqAJuIn/iyDFXBktOKDxCvyGE/EzmF4ngSUvjXxQUQlQiZ5lfw+w==} - engines: {node: '>=10'} - - '@smithy/abort-controller@3.1.1': - resolution: {integrity: sha512-MBJBiidoe+0cTFhyxT8g+9g7CeVccLM0IOKKUMCNQ1CNMJ/eIfoo0RTfVrXOONEI1UCN1W+zkiHSbzUNE9dZtQ==} - engines: {node: '>=16.0.0'} - - '@smithy/chunked-blob-reader-native@3.0.0': - resolution: {integrity: sha512-VDkpCYW+peSuM4zJip5WDfqvg2Mo/e8yxOv3VF1m11y7B8KKMKVFtmZWDe36Fvk8rGuWrPZHHXZ7rR7uM5yWyg==} - - '@smithy/chunked-blob-reader@3.0.0': - resolution: {integrity: sha512-sbnURCwjF0gSToGlsBiAmd1lRCmSn72nu9axfJu5lIx6RUEgHu6GwTMbqCdhQSi0Pumcm5vFxsi9XWXb2mTaoA==} - - '@smithy/config-resolver@3.0.5': - resolution: {integrity: sha512-SkW5LxfkSI1bUC74OtfBbdz+grQXYiPYolyu8VfpLIjEoN/sHVBlLeGXMQ1vX4ejkgfv6sxVbQJ32yF2cl1veA==} - engines: {node: '>=16.0.0'} - - '@smithy/core@2.4.0': - resolution: {integrity: sha512-cHXq+FneIF/KJbt4q4pjN186+Jf4ZB0ZOqEaZMBhT79srEyGDDBV31NqBRBjazz8ppQ1bJbDJMY9ba5wKFV36w==} - engines: {node: '>=16.0.0'} - - '@smithy/credential-provider-imds@3.2.0': - resolution: {integrity: sha512-0SCIzgd8LYZ9EJxUjLXBmEKSZR/P/w6l7Rz/pab9culE/RWuqelAKGJvn5qUOl8BgX8Yj5HWM50A5hiB/RzsgA==} - engines: {node: '>=16.0.0'} - - '@smithy/eventstream-codec@3.1.2': - resolution: {integrity: sha512-0mBcu49JWt4MXhrhRAlxASNy0IjDRFU+aWNDRal9OtUJvJNiwDuyKMUONSOjLjSCeGwZaE0wOErdqULer8r7yw==} - - '@smithy/eventstream-serde-browser@3.0.6': - resolution: {integrity: sha512-2hM54UWQUOrki4BtsUI1WzmD13/SeaqT/AB3EUJKbcver/WgKNaiJ5y5F5XXuVe6UekffVzuUDrBZVAA3AWRpQ==} - engines: {node: '>=16.0.0'} - - '@smithy/eventstream-serde-config-resolver@3.0.3': - resolution: {integrity: sha512-NVTYjOuYpGfrN/VbRQgn31x73KDLfCXCsFdad8DiIc3IcdxL+dYA9zEQPyOP7Fy2QL8CPy2WE4WCUD+ZsLNfaQ==} - engines: {node: '>=16.0.0'} - - '@smithy/eventstream-serde-node@3.0.5': - resolution: {integrity: sha512-+upXvnHNyZP095s11jF5dhGw/Ihzqwl5G+/KtMnoQOpdfC3B5HYCcDVG9EmgkhJMXJlM64PyN5gjJl0uXFQehQ==} - engines: {node: '>=16.0.0'} - - '@smithy/eventstream-serde-universal@3.0.5': - resolution: {integrity: sha512-5u/nXbyoh1s4QxrvNre9V6vfyoLWuiVvvd5TlZjGThIikc3G+uNiG9uOTCWweSRjv1asdDIWK7nOmN7le4RYHQ==} - engines: {node: '>=16.0.0'} - - '@smithy/fetch-http-handler@3.2.4': - resolution: {integrity: sha512-kBprh5Gs5h7ug4nBWZi1FZthdqSM+T7zMmsZxx0IBvWUn7dK3diz2SHn7Bs4dQGFDk8plDv375gzenDoNwrXjg==} - - '@smithy/hash-blob-browser@3.1.2': - resolution: {integrity: sha512-hAbfqN2UbISltakCC2TP0kx4LqXBttEv2MqSPE98gVuDFMf05lU+TpC41QtqGP3Ff5A3GwZMPfKnEy0VmEUpmg==} - - '@smithy/hash-node@3.0.3': - resolution: {integrity: sha512-2ctBXpPMG+B3BtWSGNnKELJ7SH9e4TNefJS0cd2eSkOOROeBnnVBnAy9LtJ8tY4vUEoe55N4CNPxzbWvR39iBw==} - engines: {node: '>=16.0.0'} - - '@smithy/hash-stream-node@3.1.2': - resolution: {integrity: sha512-PBgDMeEdDzi6JxKwbfBtwQG9eT9cVwsf0dZzLXoJF4sHKHs5HEo/3lJWpn6jibfJwT34I1EBXpBnZE8AxAft6g==} - engines: {node: '>=16.0.0'} - - '@smithy/invalid-dependency@3.0.3': - resolution: {integrity: sha512-ID1eL/zpDULmHJbflb864k72/SNOZCADRc9i7Exq3RUNJw6raWUSlFEQ+3PX3EYs++bTxZB2dE9mEHTQLv61tw==} - - '@smithy/is-array-buffer@2.2.0': - resolution: {integrity: sha512-GGP3O9QFD24uGeAXYUjwSTXARoqpZykHadOmA8G5vfJPK0/DC67qa//0qvqrJzL1xc8WQWX7/yc7fwudjPHPhA==} - engines: {node: '>=14.0.0'} - - '@smithy/is-array-buffer@3.0.0': - resolution: {integrity: sha512-+Fsu6Q6C4RSJiy81Y8eApjEB5gVtM+oFKTffg+jSuwtvomJJrhUJBu2zS8wjXSgH/g1MKEWrzyChTBe6clb5FQ==} - engines: {node: '>=16.0.0'} - - '@smithy/md5-js@3.0.3': - resolution: {integrity: sha512-O/SAkGVwpWmelpj/8yDtsaVe6sINHLB1q8YE/+ZQbDxIw3SRLbTZuRaI10K12sVoENdnHqzPp5i3/H+BcZ3m3Q==} - - '@smithy/middleware-content-length@3.0.5': - resolution: {integrity: sha512-ILEzC2eyxx6ncej3zZSwMpB5RJ0zuqH7eMptxC4KN3f+v9bqT8ohssKbhNR78k/2tWW+KS5Spw+tbPF4Ejyqvw==} - engines: {node: '>=16.0.0'} - - '@smithy/middleware-endpoint@3.1.0': - resolution: {integrity: sha512-5y5aiKCEwg9TDPB4yFE7H6tYvGFf1OJHNczeY10/EFF8Ir8jZbNntQJxMWNfeQjC1mxPsaQ6mR9cvQbf+0YeMw==} - engines: {node: '>=16.0.0'} - - '@smithy/middleware-retry@3.0.15': - resolution: {integrity: sha512-iTMedvNt1ApdvkaoE8aSDuwaoc+BhvHqttbA/FO4Ty+y/S5hW6Ci/CTScG7vam4RYJWZxdTElc3MEfHRVH6cgQ==} - engines: {node: '>=16.0.0'} - - '@smithy/middleware-serde@3.0.3': - resolution: {integrity: sha512-puUbyJQBcg9eSErFXjKNiGILJGtiqmuuNKEYNYfUD57fUl4i9+mfmThtQhvFXU0hCVG0iEJhvQUipUf+/SsFdA==} - engines: {node: '>=16.0.0'} - - '@smithy/middleware-stack@3.0.3': - resolution: {integrity: sha512-r4klY9nFudB0r9UdSMaGSyjyQK5adUyPnQN/ZM6M75phTxOdnc/AhpvGD1fQUvgmqjQEBGCwpnPbDm8pH5PapA==} - engines: {node: '>=16.0.0'} - - '@smithy/node-config-provider@3.1.4': - resolution: {integrity: sha512-YvnElQy8HR4vDcAjoy7Xkx9YT8xZP4cBXcbJSgm/kxmiQu08DwUwj8rkGnyoJTpfl/3xYHH+d8zE+eHqoDCSdQ==} - engines: {node: '>=16.0.0'} - - '@smithy/node-http-handler@3.1.4': - resolution: {integrity: sha512-+UmxgixgOr/yLsUxcEKGH0fMNVteJFGkmRltYFHnBMlogyFdpzn2CwqWmxOrfJELhV34v0WSlaqG1UtE1uXlJg==} - engines: {node: '>=16.0.0'} - - '@smithy/property-provider@3.1.3': - resolution: {integrity: sha512-zahyOVR9Q4PEoguJ/NrFP4O7SMAfYO1HLhB18M+q+Z4KFd4V2obiMnlVoUFzFLSPeVt1POyNWneHHrZaTMoc/g==} - engines: {node: '>=16.0.0'} - - '@smithy/protocol-http@4.1.0': - resolution: {integrity: sha512-dPVoHYQ2wcHooGXg3LQisa1hH0e4y0pAddPMeeUPipI1tEOqL6A4N0/G7abeq+K8wrwSgjk4C0wnD1XZpJm5aA==} - engines: {node: '>=16.0.0'} - - '@smithy/querystring-builder@3.0.3': - resolution: {integrity: sha512-vyWckeUeesFKzCDaRwWLUA1Xym9McaA6XpFfAK5qI9DKJ4M33ooQGqvM4J+LalH4u/Dq9nFiC8U6Qn1qi0+9zw==} - engines: {node: '>=16.0.0'} - - '@smithy/querystring-parser@3.0.3': - resolution: {integrity: sha512-zahM1lQv2YjmznnfQsWbYojFe55l0SLG/988brlLv1i8z3dubloLF+75ATRsqPBboUXsW6I9CPGE5rQgLfY0vQ==} - engines: {node: '>=16.0.0'} - - '@smithy/service-error-classification@3.0.3': - resolution: {integrity: sha512-Jn39sSl8cim/VlkLsUhRFq/dKDnRUFlfRkvhOJaUbLBXUsLRLNf9WaxDv/z9BjuQ3A6k/qE8af1lsqcwm7+DaQ==} - engines: {node: '>=16.0.0'} - - '@smithy/shared-ini-file-loader@3.1.4': - resolution: {integrity: sha512-qMxS4hBGB8FY2GQqshcRUy1K6k8aBWP5vwm8qKkCT3A9K2dawUwOIJfqh9Yste/Bl0J2lzosVyrXDj68kLcHXQ==} - engines: {node: '>=16.0.0'} - - '@smithy/signature-v4@4.1.0': - resolution: {integrity: sha512-aRryp2XNZeRcOtuJoxjydO6QTaVhxx/vjaR+gx7ZjaFgrgPRyZ3HCTbfwqYj6ZWEBHkCSUfcaymKPURaByukag==} - engines: {node: '>=16.0.0'} - - '@smithy/smithy-client@3.2.0': - resolution: {integrity: sha512-pDbtxs8WOhJLJSeaF/eAbPgXg4VVYFlRcL/zoNYA5WbG3wBL06CHtBSg53ppkttDpAJ/hdiede+xApip1CwSLw==} - engines: {node: '>=16.0.0'} - - '@smithy/types@3.3.0': - resolution: {integrity: sha512-IxvBBCTFDHbVoK7zIxqA1ZOdc4QfM5HM7rGleCuHi7L1wnKv5Pn69xXJQ9hgxH60ZVygH9/JG0jRgtUncE3QUA==} - engines: {node: '>=16.0.0'} - - '@smithy/url-parser@3.0.3': - resolution: {integrity: sha512-pw3VtZtX2rg+s6HMs6/+u9+hu6oY6U7IohGhVNnjbgKy86wcIsSZwgHrFR+t67Uyxvp4Xz3p3kGXXIpTNisq8A==} - - '@smithy/util-base64@3.0.0': - resolution: {integrity: sha512-Kxvoh5Qtt0CDsfajiZOCpJxgtPHXOKwmM+Zy4waD43UoEMA+qPxxa98aE/7ZhdnBFZFXMOiBR5xbcaMhLtznQQ==} - engines: {node: '>=16.0.0'} - - '@smithy/util-body-length-browser@3.0.0': - resolution: {integrity: sha512-cbjJs2A1mLYmqmyVl80uoLTJhAcfzMOyPgjwAYusWKMdLeNtzmMz9YxNl3/jRLoxSS3wkqkf0jwNdtXWtyEBaQ==} - - '@smithy/util-body-length-node@3.0.0': - resolution: {integrity: sha512-Tj7pZ4bUloNUP6PzwhN7K386tmSmEET9QtQg0TgdNOnxhZvCssHji+oZTUIuzxECRfG8rdm2PMw2WCFs6eIYkA==} - engines: {node: '>=16.0.0'} - - '@smithy/util-buffer-from@2.2.0': - resolution: {integrity: sha512-IJdWBbTcMQ6DA0gdNhh/BwrLkDR+ADW5Kr1aZmd4k3DIF6ezMV4R2NIAmT08wQJ3yUK82thHWmC/TnK/wpMMIA==} - engines: {node: '>=14.0.0'} - - '@smithy/util-buffer-from@3.0.0': - resolution: {integrity: sha512-aEOHCgq5RWFbP+UDPvPot26EJHjOC+bRgse5A8V3FSShqd5E5UN4qc7zkwsvJPPAVsf73QwYcHN1/gt/rtLwQA==} - engines: {node: '>=16.0.0'} - - '@smithy/util-config-provider@3.0.0': - resolution: {integrity: sha512-pbjk4s0fwq3Di/ANL+rCvJMKM5bzAQdE5S/6RL5NXgMExFAi6UgQMPOm5yPaIWPpr+EOXKXRonJ3FoxKf4mCJQ==} - engines: {node: '>=16.0.0'} - - '@smithy/util-defaults-mode-browser@3.0.15': - resolution: {integrity: sha512-FZ4Psa3vjp8kOXcd3HJOiDPBCWtiilLl57r0cnNtq/Ga9RSDrM5ERL6xt+tO43+2af6Pn5Yp92x2n5vPuduNfg==} - engines: {node: '>= 10.0.0'} - - '@smithy/util-defaults-mode-node@3.0.15': - resolution: {integrity: sha512-KSyAAx2q6d0t6f/S4XB2+3+6aQacm3aLMhs9aLMqn18uYGUepbdssfogW5JQZpc6lXNBnp0tEnR5e9CEKmEd7A==} - engines: {node: '>= 10.0.0'} - - '@smithy/util-endpoints@2.0.5': - resolution: {integrity: sha512-ReQP0BWihIE68OAblC/WQmDD40Gx+QY1Ez8mTdFMXpmjfxSyz2fVQu3A4zXRfQU9sZXtewk3GmhfOHswvX+eNg==} - engines: {node: '>=16.0.0'} - - '@smithy/util-hex-encoding@3.0.0': - resolution: {integrity: sha512-eFndh1WEK5YMUYvy3lPlVmYY/fZcQE1D8oSf41Id2vCeIkKJXPcYDCZD+4+xViI6b1XSd7tE+s5AmXzz5ilabQ==} - engines: {node: '>=16.0.0'} - - '@smithy/util-middleware@3.0.3': - resolution: {integrity: sha512-l+StyYYK/eO3DlVPbU+4Bi06Jjal+PFLSMmlWM1BEwyLxZ3aKkf1ROnoIakfaA7mC6uw3ny7JBkau4Yc+5zfWw==} - engines: {node: '>=16.0.0'} - - '@smithy/util-retry@3.0.3': - resolution: {integrity: sha512-AFw+hjpbtVApzpNDhbjNG5NA3kyoMs7vx0gsgmlJF4s+yz1Zlepde7J58zpIRIsdjc+emhpAITxA88qLkPF26w==} - engines: {node: '>=16.0.0'} - - '@smithy/util-stream@3.1.3': - resolution: {integrity: sha512-FIv/bRhIlAxC0U7xM1BCnF2aDRPq0UaelqBHkM2lsCp26mcBbgI0tCVTv+jGdsQLUmAMybua/bjDsSu8RQHbmw==} - engines: {node: '>=16.0.0'} - - '@smithy/util-uri-escape@3.0.0': - resolution: {integrity: sha512-LqR7qYLgZTD7nWLBecUi4aqolw8Mhza9ArpNEQ881MJJIU2sE5iHCK6TdyqqzcDLy0OPe10IY4T8ctVdtynubg==} - engines: {node: '>=16.0.0'} - - '@smithy/util-utf8@2.3.0': - resolution: {integrity: sha512-R8Rdn8Hy72KKcebgLiv8jQcQkXoLMOGGv5uI1/k0l+snqkOzQ1R0ChUBCxWMlBsFMekWjq0wRudIweFs7sKT5A==} - engines: {node: '>=14.0.0'} - - '@smithy/util-utf8@3.0.0': - resolution: {integrity: sha512-rUeT12bxFnplYDe815GXbq/oixEGHfRFFtcTF3YdDi/JaENIM6aSYYLJydG83UNzLXeRI5K8abYd/8Sp/QM0kA==} - engines: {node: '>=16.0.0'} - - '@smithy/util-waiter@3.1.2': - resolution: {integrity: sha512-4pP0EV3iTsexDx+8PPGAKCQpd/6hsQBaQhqWzU4hqKPHN5epPsxKbvUTIiYIHTxaKt6/kEaqPBpu/ufvfbrRzw==} - engines: {node: '>=16.0.0'} - - '@strapi/admin@4.25.9': - resolution: {integrity: sha512-j61GipixI7rNhDEhiWjY+pa7YVQaGOpHmrXHH8cSequI2w+2XF+hHH8zBpzNOuJ38e02DJ9dfugudaYx7cyxGQ==} - engines: {node: '>=18.0.0 <=20.x.x', npm: '>=6.0.0'} - peerDependencies: - '@strapi/data-transfer': ^4.16.0 - '@strapi/strapi': ^4.3.4 - react: ^17.0.0 || ^18.0.0 - react-dom: ^17.0.0 || ^18.0.0 - react-router-dom: ^5.2.0 - styled-components: ^5.2.1 - - '@strapi/cloud-cli@4.25.9': - resolution: {integrity: sha512-QIinff6A2wMOgqWYvmBxV0ttVMKvWeX/whjnOcUlnTMUaZbq8OgC2usCxad+2uYKbo/qdLhkE9wrwbaZn9Zzhg==} - engines: {node: '>=18.0.0 <=20.x.x', npm: '>=6.0.0'} - hasBin: true - - '@strapi/content-releases@4.25.9': - resolution: {integrity: sha512-N+BjsCBxJuI3Er1GFt64XBtPv/8UL3EUn21VbdqUIRk9MKOAXt7kwgj4veGkGQ6Nt4kxpMXRzRR5HN1IFqTcTQ==} - engines: {node: '>=16.0.0 <=20.x.x', npm: '>=6.0.0'} - peerDependencies: - '@strapi/admin': ^4.19.0 - '@strapi/strapi': ^4.15.1 - react: ^17.0.0 || ^18.0.0 - react-dom: ^17.0.0 || ^18.0.0 - react-router-dom: 5.3.4 - styled-components: 5.3.3 - - '@strapi/data-transfer@4.25.9': - resolution: {integrity: sha512-92CXvYV9B07VbpLzcEU4i8yZmI7wbC/AarFjEPB1Eajq/3vLZIB7pPwqWBYlPOf4kMsmabwZmeNQJZm4JjFalQ==} - engines: {node: '>=18.0.0 <=20.x.x', npm: '>=6.0.0'} - peerDependencies: - '@strapi/strapi': ^4.14.4 - - '@strapi/database@4.25.9': - resolution: {integrity: sha512-y/li0iHY76wL9BhXVr4vvAtgnPt993adV7J+h560nrUYtHvj8YQp1GMYktC+4ZQMLaf01HZ+IkrFeqHTXZ8sXQ==} - engines: {node: '>=18.0.0 <=20.x.x', npm: '>=6.0.0'} - - '@strapi/design-system@1.19.0': - resolution: {integrity: sha512-kEQNaRztIcr6I5Zh6mxtE/Nmkk1mylCS5s56ySKDdqOjWZw2BCbS72/J9k6r1RF1TLIDSXJN9r5dHR0ZKtWvBQ==} - peerDependencies: - '@strapi/icons': ^1.5.0 - react: ^17.0.0 || ^18.0.0 - react-dom: ^17.0.0 || ^18.0.0 - react-router-dom: ^5.2.0 - styled-components: ^5.2.1 - - '@strapi/generate-new@4.25.9': - resolution: {integrity: sha512-XsyjCNVGuuV0TgGbTK+y2xPKBkwfNg92Y5hkqznjJzagj0M83PMNONtKPG4CZY1LvqMMix0NPckCtSR5lFcNdA==} - engines: {node: '>=18.0.0 <=20.x.x', npm: '>=6.0.0'} - - '@strapi/generators@4.25.9': - resolution: {integrity: sha512-0sl8xQgkoHQZRKwCN+h51GUnNbxwqFU98JQMvuEjhv7TBsJ3T/00RXDXMXTlID4H+DYipYnf6n4MRUhz0lWnag==} - engines: {node: '>=18.0.0 <=20.x.x', npm: '>=6.0.0'} - - '@strapi/helper-plugin@4.25.9': - resolution: {integrity: sha512-SFHVvKTf/7TNenDa6/6aafMvYyUKWWos+rjwL8qHqG975we9IZIjiQHYytJY5ZzYYAnL7vsT86RKmTA96Kf+bQ==} - engines: {node: '>=18.0.0 <=20.x.x', npm: '>=6.0.0'} - peerDependencies: - '@strapi/design-system': 1.19.0 - '@strapi/icons': 1.19.0 - react: ^17.0.0 || ^18.0.0 - react-dom: ^17.0.0 || ^18.0.0 - react-router-dom: ^5.2.0 - styled-components: ^5.2.1 - - '@strapi/icons@1.19.0': - resolution: {integrity: sha512-jcS7n3Ps+73fYGadxdaD6owazoDJKN1fHSG9dp8RX4RqkP6BfoHOX5j3aodVLmDX57Ksg6gy5JXf9xEml7nMpQ==} - peerDependencies: - react: ^17.0.0 || ^18.0.0 - react-dom: ^17.0.0 || ^18.0.0 - - '@strapi/logger@4.25.9': - resolution: {integrity: sha512-kyoOXVpQSNaxgWLfYeo7Zy9VUc4Q6PIRw9X/UHnr2cx5H/KWl/TEdvCDmE5m2jAr073ShKMyT5H5osOV1qY1Fg==} - engines: {node: '>=18.0.0 <=20.x.x', npm: '>=6.0.0'} - - '@strapi/pack-up@4.23.0': - resolution: {integrity: sha512-hiSqUEEzks2JDai6bfvtvPHYaPhI6UnSifx9ZqBdC9Q551BYm1xt+1K7HJVeW0IPI4zLckZvCcGPHh/NeYyTPw==} - engines: {node: '>=18.0.0 <=20.x.x', npm: '>=6.0.0'} - hasBin: true - - '@strapi/permissions@4.25.9': - resolution: {integrity: sha512-7pCIdVWP7Z9wB0omWwuLwk4FtP1EJuBKSJ1gOmOluUCHC21xleBsZbiqQU8HRTc5lDd+7/vlECJYKg+2biCmQw==} - engines: {node: '>=18.0.0 <=20.x.x', npm: '>=6.0.0'} - - '@strapi/plugin-cloud@4.25.9': - resolution: {integrity: sha512-pBLIKbZlMrk9S0pzqhz/Zhf8+t+Rj2Sr3UDxRLKwfxm5sYBt0CC2x7rRdIupwdo6ebGcib1tDJbhxZ0SCtwQPQ==} - engines: {node: '>=18.0.0 <=20.x.x', npm: '>=6.0.0'} - peerDependencies: - '@strapi/strapi': ^4.4.0 - react: ^17.0.0 || ^18.0.0 - react-dom: ^17.0.0 || ^18.0.0 - react-router-dom: 5.3.4 - styled-components: 5.3.3 - - '@strapi/plugin-content-manager@4.25.9': - resolution: {integrity: sha512-EeXkba/pUQSId5G9vw+wlpP12b8h6KxGQSMncnS55RhlWXXaxr7mBSC+LvxLO9Ka/ViaoIqc94QHNOXhaBjQ5A==} - engines: {node: '>=18.0.0 <=20.x.x', npm: '>=6.0.0'} - - '@strapi/plugin-content-type-builder@4.25.9': - resolution: {integrity: sha512-GQx2I0ppZkmRKQhdO+tCxhE2HvzSi8mWSlKDwoBydk2aAuwJ4+8idu51lM3eayyfBuFnMo2KLiOu9Y8VszjndA==} - engines: {node: '>=18.0.0 <=20.x.x', npm: '>=6.0.0'} - peerDependencies: - '@strapi/strapi': ^4.0.0 - react: ^17.0.0 || ^18.0.0 - react-dom: ^17.0.0 || ^18.0.0 - react-router-dom: ^5.2.0 - styled-components: ^5.2.1 - - '@strapi/plugin-email@4.25.9': - resolution: {integrity: sha512-vZj/QiZAlZuD6UhAq5nHJaEUYAyVQPMp1pJnpJsQNL9DpZ+FWuX3SVQKfdiNpE3v0Be9D9maDAeJFBYztw+YZA==} - engines: {node: '>=18.0.0 <=20.x.x', npm: '>=6.0.0'} - peerDependencies: - koa: 2.13.4 - react: ^17.0.0 || ^18.0.0 - react-dom: ^17.0.0 || ^18.0.0 - react-router-dom: ^5.2.0 - styled-components: ^5.2.1 - - '@strapi/plugin-i18n@4.25.9': - resolution: {integrity: sha512-0Py2BJZmo9z1Leda7pDktwx5cyDyDAEEn7IoujUvuxnrjkqEoNMHh5+CiMeviYH4YkJwgKbFzpCkbDFDfH79FQ==} - engines: {node: '>=18.0.0 <=20.x.x', npm: '>=6.0.0'} - peerDependencies: - '@strapi/strapi': ^4.0.0 - react: ^17.0.0 || ^18.0.0 - react-dom: ^17.0.0 || ^18.0.0 - react-router-dom: ^5.2.0 - styled-components: ^5.2.1 - - '@strapi/plugin-upload@4.25.9': - resolution: {integrity: sha512-ydNFsZR9mpJI4FO5kF+FC8n6kR80m1oeZcBroAd9NQsxiIeVHXz5jJlYmuwu07gg2VpbC8OuzsXZLw32elQLIQ==} - engines: {node: '>=18.0.0 <=20.x.x', npm: '>=6.0.0'} - peerDependencies: - '@strapi/strapi': ^4.0.0 - react: ^17.0.0 || ^18.0.0 - react-dom: ^17.0.0 || ^18.0.0 - react-router-dom: ^5.2.0 - styled-components: ^5.2.1 - - '@strapi/plugin-users-permissions@4.25.9': - resolution: {integrity: sha512-t0C7sTTUbGABJl+SHVvch/QcWJtpjwzAG3OrT1rjPyVBiTA4bl0JzR0ZOO7hUFDNTq/Dvrfkvo7dJN3ETVK7VA==} - engines: {node: '>=18.0.0 <=20.x.x', npm: '>=6.0.0'} - peerDependencies: - '@strapi/strapi': ^4.0.0 - react: ^17.0.0 || ^18.0.0 - react-dom: ^17.0.0 || ^18.0.0 - react-router-dom: ^5.2.0 - styled-components: ^5.2.1 - - '@strapi/provider-audit-logs-local@4.25.9': - resolution: {integrity: sha512-/+E+GdI3QMwiHEIfXcTR7+sD09gDuxcy9zAc+t9cXPwoOXQIWVJBRF2PcfGlefM6iUUX7KFi7v0VadioAGMqog==} - engines: {node: '>=18.0.0 <=20.x.x', npm: '>=6.0.0'} - - '@strapi/provider-email-sendmail@4.25.9': - resolution: {integrity: sha512-SNSFReu/s9XM0lMFbdj1NQ3zwcjSZv3qfA9nblWaMWqV5MTCUKn/868X80pxB+d5SLNn9ix905buHXqClKv63A==} - engines: {node: '>=18.0.0 <=20.x.x', npm: '>=6.0.0'} - - '@strapi/provider-upload-local@4.25.9': - resolution: {integrity: sha512-LMxgN7lrGisAg7oK99IXYmbM0OS861IhFYAnlCHPeOn3/4QEK6dqKULEo3jToxzzOkVl80RRgPk2aCDS73cDrw==} - engines: {node: '>=18.0.0 <=20.x.x', npm: '>=6.0.0'} - - '@strapi/strapi@4.25.9': - resolution: {integrity: sha512-hh8j+/6mz88Ymv0gNqWslNGH1WR+Vbm1+xilOEEDGR87q+GDIY5kHpBojgYoCQzz0lTLMBtPPezSnZlvYuKRjg==} - engines: {node: '>=18.0.0 <=20.x.x', npm: '>=6.0.0'} - hasBin: true - - '@strapi/types@4.25.9': - resolution: {integrity: sha512-XwiEcC3JVMLVIGy6vtAEcw8las4RDcj10h0Ydeyb9YOqxMO47wMZMHED5oTlUDa3C1iSPTHN8DbSoSu6eot6Bg==} - engines: {node: '>=18.0.0 <=20.x.x', npm: '>=6.0.0'} - - '@strapi/typescript-utils@4.25.9': - resolution: {integrity: sha512-ZMqimhBfl9hTQmhuaRFpJGZaCD8zlUN0kB2FywEgmedAjuH2pO1H1IwoDvERNIg5GoFMEzxLlPxCftJTIvF2fQ==} - engines: {node: '>=18.0.0 <=20.x.x', npm: '>=6.0.0'} - - '@strapi/ui-primitives@1.19.0': - resolution: {integrity: sha512-dEpmI0PpSH6VWuP/bBvRKI5lUpazdDAcxOpukoq2QDwUFbuZWywgW7a6O5nMnD4bLQtyNeYwd52J8Jqr9pNoQA==} - peerDependencies: - react: ^17.0.0 || ^18.0.0 - react-dom: ^17.0.0 || ^18.0.0 - - '@strapi/utils@4.25.9': - resolution: {integrity: sha512-tAcxiT0l0Of3FSsN1K2/BfpwyRP8ZbnjjpKZsODRj+OIWPAMFuEBYet4CFBpbu2jjPsc/maTtaSOBwNrJRN2bA==} - engines: {node: '>=18.0.0 <=20.x.x', npm: '>=6.0.0'} - - '@swc/core-darwin-arm64@1.7.23': - resolution: {integrity: sha512-yyOHPfti6yKlQulfVWMt7BVKst+SyEZYCWuQSGMn1KgmNCH/bYufRWfQXIhkGSj44ZkEepJmsJ8tDyIb4k5WyA==} - engines: {node: '>=10'} - cpu: [arm64] - os: [darwin] - - '@swc/core-darwin-x64@1.7.23': - resolution: {integrity: sha512-GzqHwQ0Y1VyjdI/bBKFX2GKm5HD3PIB6OhuAQtWZMTtEr2yIrlT0YK2T+XKh7oIg31JwxGBeQdBk3KTI7DARmQ==} - engines: {node: '>=10'} - cpu: [x64] - os: [darwin] - - '@swc/core-linux-arm-gnueabihf@1.7.23': - resolution: {integrity: sha512-qwX4gB41OS6/OZkHcpTqLFGsdmvoZyffnJIlgB/kZKwH3lfeJWzv6vx57zXtNpM/t7GoQEe0VZUVdmNjxSxBZw==} - engines: {node: '>=10'} - cpu: [arm] - os: [linux] - - '@swc/core-linux-arm64-gnu@1.7.23': - resolution: {integrity: sha512-TsrbUZdMaUwzI7+g/8rHPLWbntMKYSu5Bn5IBSqVKPeyqaXxNnlIUnWXgXcUcRAc+T+Y8ADfr7EiFz9iz5DuSA==} - engines: {node: '>=10'} - cpu: [arm64] - os: [linux] - - '@swc/core-linux-arm64-musl@1.7.23': - resolution: {integrity: sha512-JEdtwdthazKq4PBz53KSubwwK8MvqODAihGSAzc8u3Unq4ojcvaS8b0CwLBeD+kTQ78HpxOXTt3DsFIxpgaCAA==} - engines: {node: '>=10'} - cpu: [arm64] - os: [linux] - - '@swc/core-linux-x64-gnu@1.7.23': - resolution: {integrity: sha512-V51gFPWaVAHbI1yg9ahsoya3aB4uawye3SZ5uQWgcP7wdCdiv60dw4F5nuPJf5Z1oXD3U/BslXuamv8Oh9vXqQ==} - engines: {node: '>=10'} - cpu: [x64] - os: [linux] - - '@swc/core-linux-x64-musl@1.7.23': - resolution: {integrity: sha512-BBqQi4+UdeRqag3yM4IJjaHG4yc1o3l9ksENHToE0o/u2DT0FY5+K/DiYGZLC1JHbSFzNqRCYsa7DIzRtZ0A1A==} - engines: {node: '>=10'} - cpu: [x64] - os: [linux] - - '@swc/core-win32-arm64-msvc@1.7.23': - resolution: {integrity: sha512-JPk6pvCKncL6bXG7p+NLZf8PWx4FakVvKNdwGeMrYunb+yk1IZf7qf9LJk8+GDGF5QviDXPs8opZrTrfsW80fA==} - engines: {node: '>=10'} - cpu: [arm64] - os: [win32] - - '@swc/core-win32-ia32-msvc@1.7.23': - resolution: {integrity: sha512-2Whxi8d+bLQBzJcQ5qYPHlk02YYVGsMVav0fWk+FnX2z1QRREIu1L1xvrpi7gBpjXp6BIU40ya8GiKeekNT2bg==} - engines: {node: '>=10'} - cpu: [ia32] - os: [win32] - - '@swc/core-win32-x64-msvc@1.7.23': - resolution: {integrity: sha512-82fARk4/yJ40kwWKY/gdKDisPdtgJE9jgpl/vkNG3alyJxrCzuNM7+CtiKoYbXLeqM8GQTS3wlvCaJu9oQ8dag==} - engines: {node: '>=10'} - cpu: [x64] - os: [win32] - - '@swc/core@1.7.23': - resolution: {integrity: sha512-VDNkpDvDlreGh2E3tlDj8B3piiuLhhQA/7rIVZpiLUvG1YpucAa6N7iDXA7Gc/+Hah8spaCg/qvEaBkCmcIYCQ==} - engines: {node: '>=10'} - peerDependencies: - '@swc/helpers': '*' - peerDependenciesMeta: - '@swc/helpers': - optional: true - - '@swc/counter@0.1.3': - resolution: {integrity: sha512-e2BR4lsJkkRlKZ/qCHPw9ZaSxc0MVUd7gtbtaB7aMvHeJVYe8sOB8DBZkP2DtISHGSku9sCK6T6cnY0CtXrOCQ==} - - '@swc/helpers@0.5.13': - resolution: {integrity: sha512-UoKGxQ3r5kYI9dALKJapMmuK+1zWM/H17Z1+iwnNmzcJRnfFuevZs375TA5rW31pu4BS4NoSy1fRsexDXfWn5w==} - - '@swc/types@0.1.12': - resolution: {integrity: sha512-wBJA+SdtkbFhHjTMYH+dEH1y4VpfGdAc2Kw/LK09i9bXd/K6j6PkDcFCEzb6iVfZMkPRrl/q0e3toqTAJdkIVA==} - - '@szmarczak/http-timer@4.0.6': - resolution: {integrity: sha512-4BAffykYOgO+5nzBWYwE3W90sBgLJoUPRWWcL8wlyiM8IB8ipJz3UMJ9KXQd1RKQXpKp8Tutn80HZtWsu2u76w==} - engines: {node: '>=10'} - - '@types/argparse@1.0.38': - resolution: {integrity: sha512-ebDJ9b0e702Yr7pWgB0jzm+CX4Srzz8RcXtLJDJB+BSccqMa36uyH/zUsSYao5+BD1ytv3k3rPYCq4mAE1hsXA==} - - '@types/body-parser@1.19.5': - resolution: {integrity: sha512-fB3Zu92ucau0iQ0JMCFQE7b/dv8Ot07NI3KaZIkIUNXq82k4eBAqUaneXfleGY9JWskeS9y+u0nXMyspcuQrCg==} - - '@types/cacheable-request@6.0.3': - resolution: {integrity: sha512-IQ3EbTzGxIigb1I3qPZc1rWJnH0BmSKv5QYTalEwweFvyBDLSAe24zP0le/hyi7ecGfZVlIVAg4BZqb8WBwKqw==} - - '@types/connect@3.4.38': - resolution: {integrity: sha512-K6uROf1LD88uDQqJCktA4yzL1YYAK6NgfsI0v/mTgyPKWsX1CnJ0XPSDhViejru1GcRkLWb8RlzFYJRqGUbaug==} - - '@types/estree@1.0.5': - resolution: {integrity: sha512-/kYRxGDLWzHOB7q+wtSUQlFrtcdUccpfy+X+9iMBpHK8QLLhx2wIPYuS5DYtR9Wa/YlZAbIovy7qVdB1Aq6Lyw==} - - '@types/express-serve-static-core@4.19.5': - resolution: {integrity: sha512-y6W03tvrACO72aijJ5uF02FRq5cgDR9lUxddQ8vyF+GvmjJQqbzDcJngEjURc+ZsG31VI3hODNZJ2URj86pzmg==} - - '@types/express@4.17.21': - resolution: {integrity: sha512-ejlPM315qwLpaQlQDTjPdsUFSc6ZsP4AN6AlWnogPjQ7CVi7PYF3YVz+CY3jE2pwYf7E/7HlDAN0rV2GxTG0HQ==} - - '@types/fined@1.1.5': - resolution: {integrity: sha512-2N93vadEGDFhASTIRbizbl4bNqpMOId5zZfj6hHqYZfEzEfO9onnU4Im8xvzo8uudySDveDHBOOSlTWf38ErfQ==} - - '@types/follow-redirects@1.14.4': - resolution: {integrity: sha512-GWXfsD0Jc1RWiFmMuMFCpXMzi9L7oPDVwxUnZdg89kDNnqsRfUKXEtUYtA98A6lig1WXH/CYY/fvPW9HuN5fTA==} - - '@types/formidable@1.2.8': - resolution: {integrity: sha512-6psvrUy5VDYb+yaPJReF1WrRsz+FBwyJutK9Twz1Efa27tm07bARNIkK2B8ZPWq80dXqpKfrxTO96xrtPp+AuA==} - - '@types/glob@7.2.0': - resolution: {integrity: sha512-ZUxbzKl0IfJILTS6t7ip5fQQM/J3TJYubDm3nMbgubNNYS62eXeUpoLUC8/7fJNiFYHTrGPQn7hspDUzIHX3UA==} - - '@types/hoist-non-react-statics@3.3.5': - resolution: {integrity: sha512-SbcrWzkKBw2cdwRTwQAswfpB9g9LJWfjtUeW/jvNwbhC8cpmmNYVePa+ncbUe0rGTQ7G3Ff6mYUN2VMfLVr+Sg==} - - '@types/html-minifier-terser@6.1.0': - resolution: {integrity: sha512-oh/6byDPnL1zeNXFrDXFLyZjkr1MsBG667IM792caf1L2UPOOMf65NFzjUH/ltyfwjAGfs1rsX1eftK0jC/KIg==} - - '@types/http-cache-semantics@4.0.4': - resolution: {integrity: sha512-1m0bIFVc7eJWyve9S0RnuRgcQqF/Xd5QsUZAZeQFr1Q3/p9JWoQQEqmVy+DPTNpGXwhgIetAoYF8JSc33q29QA==} - - '@types/http-errors@2.0.4': - resolution: {integrity: sha512-D0CFMMtydbJAegzOyHjtiKPLlvnm3iTZyZRSZoLq2mRhDdmLfIWOCYPfQJ4cu2erKghU++QvjcUjp/5h7hESpA==} - - '@types/inquirer@6.5.0': - resolution: {integrity: sha512-rjaYQ9b9y/VFGOpqBEXRavc3jh0a+e6evAbI31tMda8VlPaSy0AZJfXsvmIe3wklc7W6C3zCSfleuMXR7NOyXw==} - - '@types/interpret@1.1.3': - resolution: {integrity: sha512-uBaBhj/BhilG58r64mtDb/BEdH51HIQLgP5bmWzc5qCtFMja8dCk/IOJmk36j0lbi9QHwI6sbtUNGuqXdKCAtQ==} - - '@types/is-hotkey@0.1.10': - resolution: {integrity: sha512-RvC8KMw5BCac1NvRRyaHgMMEtBaZ6wh0pyPTBu7izn4Sj/AX9Y4aXU5c7rX8PnM/knsuUpC1IeoBkANtxBypsQ==} - - '@types/json-schema@7.0.15': - resolution: {integrity: sha512-5+fP8P8MFNC+AyZCDxrB2pkZFPGzqQWUzpSeuuVLvm8VMcorNYavBqoFcxK8bQz4Qsbn4oUEEem4wDLfcysGHA==} - - '@types/jsonwebtoken@9.0.6': - resolution: {integrity: sha512-/5hndP5dCjloafCXns6SZyESp3Ldq7YjH3zwzwczYnjxIT0Fqzk5ROSYVGfFyczIue7IUEj8hkvLbPoLQ18vQw==} - - '@types/keyv@3.1.4': - resolution: {integrity: sha512-BQ5aZNSCpj7D6K2ksrRCTmKRLEpnPvWDiLPfoGyhZ++8YtiK9d/3DBKPJgry359X/P1PfruyYwvnvwFjuEiEIg==} - - '@types/liftoff@2.5.1': - resolution: {integrity: sha512-nB3R6Q9CZcM07JgiTK6ibxqrG1reiHE+UX7em/W1DKwVBxDlfKWOefQjk4jubY5xX+GDxVsWR2KD1SenPby8ow==} - - '@types/lodash@4.17.7': - resolution: {integrity: sha512-8wTvZawATi/lsmNu10/j2hk1KEP0IvjubqPE3cu1Xz7xfXXt5oCq3SNUz4fMIP4XGF9Ky+Ue2tBA3hcS7LSBlA==} - - '@types/mime@1.3.5': - resolution: {integrity: sha512-/pyBZWSLD2n0dcHE3hq8s8ZvcETHtEuF+3E7XVt0Ig2nvsVQXdghHVcEkIWjy9A0wKfTn97a/PSDYohKIlnP/w==} - - '@types/minimatch@5.1.2': - resolution: {integrity: sha512-K0VQKziLUWkVKiRVrx4a40iPaxTUefQmjtkQofBkYRcoaaL/8rhwDWww9qWbrgicNOgnpIsMxyNIUM4+n6dUIA==} - - '@types/node-fetch@2.6.11': - resolution: {integrity: sha512-24xFj9R5+rfQJLRyM56qh+wnVSYhyXC2tkoBndtY0U+vubqNsYXGjufB2nn8Q6gt0LrARwL6UBtMCSVCwl4B1g==} - - '@types/node@18.19.48': - resolution: {integrity: sha512-7WevbG4ekUcRQSZzOwxWgi5dZmTak7FaxXDoW7xVxPBmKx1rTzfmRLkeCgJzcbBnOV2dkhAPc8cCeT6agocpjg==} - - '@types/node@22.5.2': - resolution: {integrity: sha512-acJsPTEqYqulZS/Yp/S3GgeE6GZ0qYODUR8aVr/DkhHQ8l9nd4j5x1/ZJy9/gHrRlFMqkO6i0I3E27Alu4jjPg==} - - '@types/normalize-package-data@2.4.4': - resolution: {integrity: sha512-37i+OaWTh9qeK4LSHPsyRC7NahnGotNuZvjLSgcPzblpHB3rrCJxAOgI5gCdKm7coonsaX1Of0ILiTcnZjbfxA==} - - '@types/parse-json@4.0.2': - resolution: {integrity: sha512-dISoDXWWQwUquiKsyZ4Ng+HX2KsPL7LyHKHQwgGFEA3IaKac4Obd+h2a/a6waisAoepJlBcx9paWqjA8/HVjCw==} - - '@types/progress-stream@2.0.5': - resolution: {integrity: sha512-5YNriuEZkHlFHHepLIaxzq3atGeav1qCTGzB74HKWpo66qjfostF+rHc785YYYHeBytve8ZG3ejg42jEIfXNiQ==} - - '@types/prop-types@15.7.12': - resolution: {integrity: sha512-5zvhXYtRNRluoE/jAp4GVsSduVUzNWKkOZrCDBWYtE7biZywwdC2AcEzg+cSMLFRfVgeAFqpfNabiPjxFddV1Q==} - - '@types/qs@6.9.15': - resolution: {integrity: sha512-uXHQKES6DQKKCLh441Xv/dwxOq1TVS3JPUMlEqoEglvlhR6Mxnlew/Xq/LRVHpLyk7iK3zODe1qYHIMltO7XGg==} - - '@types/range-parser@1.2.7': - resolution: {integrity: sha512-hKormJbkJqzQGhziax5PItDUTMAM9uE2XXQmM37dyd4hVM+5aVl7oVxMVUiVQn2oCQFN/LKCZdvSM0pFRqbSmQ==} - - '@types/react-transition-group@4.4.11': - resolution: {integrity: sha512-RM05tAniPZ5DZPzzNFP+DmrcOdD0efDUxMy3145oljWSl3x9ZV5vhme98gTxFrj2lhXvmGNnUiuDyJgY9IKkNA==} - - '@types/react@18.3.5': - resolution: {integrity: sha512-WeqMfGJLGuLCqHGYRGHxnKrXcTitc6L/nBUWfWPcTarG3t9PsquqUMuVeXZeca+mglY4Vo5GZjCi0A3Or2lnxA==} - - '@types/responselike@1.0.3': - resolution: {integrity: sha512-H/+L+UkTV33uf49PH5pCAUBVPNj2nDBXTN+qS1dOwyyg24l3CcicicCA7ca+HMvJBZcFgl5r8e+RR6elsb4Lyw==} - - '@types/send@0.17.4': - resolution: {integrity: sha512-x2EM6TJOybec7c52BX0ZspPodMsQUd5L6PRwOunVyVUhXiBSKf3AezDL8Dgvgt5o0UfKNfuA0eMLr2wLT4AiBA==} - - '@types/serve-static@1.15.7': - resolution: {integrity: sha512-W8Ym+h8nhuRwaKPaDw34QUkwsGi6Rc4yYqvKFo5rm2FUEhCFbzVWrxXUxuKK8TASjWsysJY0nsmNCGhCOIsrOw==} - - '@types/stylis@4.2.5': - resolution: {integrity: sha512-1Xve+NMN7FWjY14vLoY5tL3BVEQ/n42YLwaqJIPYhotZ9uBHt87VceMwWQpzmdEt2TNXIorIFG+YeCUUW7RInw==} - - '@types/through@0.0.33': - resolution: {integrity: sha512-HsJ+z3QuETzP3cswwtzt2vEIiHBk/dCcHGhbmG5X3ecnwFD/lPrMpliGXxSCg03L9AhrdwA4Oz/qfspkDW+xGQ==} - - '@types/triple-beam@1.3.5': - resolution: {integrity: sha512-6WaYesThRMCl19iryMYP7/x2OVgCtbIVflDGFpWnb9irXI3UjYE4AzmYuiUKY1AJstGijoY+MgUszMgRxIYTYw==} - - '@types/use-sync-external-store@0.0.3': - resolution: {integrity: sha512-EwmlvuaxPNej9+T4v5AuBPJa2x2UOJVdjCtDHgcDqitUeOtjnJKJ+apYjVcAoBEMjKW1VVFGZLUb5+qqa09XFA==} - - '@ucast/core@1.10.2': - resolution: {integrity: sha512-ons5CwXZ/51wrUPfoduC+cO7AS1/wRb0ybpQJ9RrssossDxVy4t49QxWoWgfBDvVKsz9VXzBk9z0wqTdZ+Cq8g==} - - '@ucast/js@3.0.4': - resolution: {integrity: sha512-TgG1aIaCMdcaEyckOZKQozn1hazE0w90SVdlpIJ/er8xVumE11gYAtSbw/LBeUnA4fFnFWTcw3t6reqseeH/4Q==} - - '@ucast/mongo2js@1.3.4': - resolution: {integrity: sha512-ahazOr1HtelA5AC1KZ9x0UwPMqqimvfmtSm/PRRSeKKeE5G2SCqTgwiNzO7i9jS8zA3dzXpKVPpXMkcYLnyItA==} - - '@ucast/mongo@2.4.3': - resolution: {integrity: sha512-XcI8LclrHWP83H+7H2anGCEeDq0n+12FU2mXCTz6/Tva9/9ddK/iacvvhCyW6cijAAOILmt0tWplRyRhVyZLsA==} - - '@uiw/codemirror-extensions-basic-setup@4.23.0': - resolution: {integrity: sha512-+k5nkRpUWGaHr1JWT8jcKsVewlXw5qBgSopm9LW8fZ6KnSNZBycz8kHxh0+WSvckmXEESGptkIsb7dlkmJT/hQ==} - peerDependencies: - '@codemirror/autocomplete': '>=6.0.0' - '@codemirror/commands': '>=6.0.0' - '@codemirror/language': '>=6.0.0' - '@codemirror/lint': '>=6.0.0' - '@codemirror/search': '>=6.0.0' - '@codemirror/state': '>=6.0.0' - '@codemirror/view': '>=6.0.0' - - '@uiw/react-codemirror@4.23.0': - resolution: {integrity: sha512-MnqTXfgeLA3fsUUQjqjJgemEuNyoGALgsExVm0NQAllAAi1wfj+IoKFeK+h3XXMlTFRCFYOUh4AHDv0YXJLsOg==} - peerDependencies: - '@babel/runtime': '>=7.11.0' - '@codemirror/state': '>=6.0.0' - '@codemirror/theme-one-dark': '>=6.0.0' - '@codemirror/view': '>=6.0.0' - codemirror: '>=6.0.0' - react: '>=16.8.0' - react-dom: '>=16.8.0' - - '@vitejs/plugin-react-swc@3.5.0': - resolution: {integrity: sha512-1PrOvAaDpqlCV+Up8RkAh9qaiUjoDUcjtttyhXDKw53XA6Ve16SOp6cCOpRs8Dj8DqUQs6eTW5YkLcLJjrXAig==} - peerDependencies: - vite: ^4 || ^5 - - '@webassemblyjs/ast@1.12.1': - resolution: {integrity: sha512-EKfMUOPRRUTy5UII4qJDGPpqfwjOmZ5jeGFwid9mnoqIFK+e0vqoi1qH56JpmZSzEL53jKnNzScdmftJyG5xWg==} - - '@webassemblyjs/floating-point-hex-parser@1.11.6': - resolution: {integrity: sha512-ejAj9hfRJ2XMsNHk/v6Fu2dGS+i4UaXBXGemOfQ/JfQ6mdQg/WXtwleQRLLS4OvfDhv8rYnVwH27YJLMyYsxhw==} - - '@webassemblyjs/helper-api-error@1.11.6': - resolution: {integrity: sha512-o0YkoP4pVu4rN8aTJgAyj9hC2Sv5UlkzCHhxqWj8butaLvnpdc2jOwh4ewE6CX0txSfLn/UYaV/pheS2Txg//Q==} - - '@webassemblyjs/helper-buffer@1.12.1': - resolution: {integrity: sha512-nzJwQw99DNDKr9BVCOZcLuJJUlqkJh+kVzVl6Fmq/tI5ZtEyWT1KZMyOXltXLZJmDtvLCDgwsyrkohEtopTXCw==} - - '@webassemblyjs/helper-numbers@1.11.6': - resolution: {integrity: sha512-vUIhZ8LZoIWHBohiEObxVm6hwP034jwmc9kuq5GdHZH0wiLVLIPcMCdpJzG4C11cHoQ25TFIQj9kaVADVX7N3g==} - - '@webassemblyjs/helper-wasm-bytecode@1.11.6': - resolution: {integrity: sha512-sFFHKwcmBprO9e7Icf0+gddyWYDViL8bpPjJJl0WHxCdETktXdmtWLGVzoHbqUcY4Be1LkNfwTmXOJUFZYSJdA==} - - '@webassemblyjs/helper-wasm-section@1.12.1': - resolution: {integrity: sha512-Jif4vfB6FJlUlSbgEMHUyk1j234GTNG9dBJ4XJdOySoj518Xj0oGsNi59cUQF4RRMS9ouBUxDDdyBVfPTypa5g==} - - '@webassemblyjs/ieee754@1.11.6': - resolution: {integrity: sha512-LM4p2csPNvbij6U1f19v6WR56QZ8JcHg3QIJTlSwzFcmx6WSORicYj6I63f9yU1kEUtrpG+kjkiIAkevHpDXrg==} - - '@webassemblyjs/leb128@1.11.6': - resolution: {integrity: sha512-m7a0FhE67DQXgouf1tbN5XQcdWoNgaAuoULHIfGFIEVKA6tu/edls6XnIlkmS6FrXAquJRPni3ZZKjw6FSPjPQ==} - - '@webassemblyjs/utf8@1.11.6': - resolution: {integrity: sha512-vtXf2wTQ3+up9Zsg8sa2yWiQpzSsMyXj0qViVP6xKGCUT8p8YJ6HqI7l5eCnWx1T/FYdsv07HQs2wTFbbof/RA==} - - '@webassemblyjs/wasm-edit@1.12.1': - resolution: {integrity: sha512-1DuwbVvADvS5mGnXbE+c9NfA8QRcZ6iKquqjjmR10k6o+zzsRVesil54DKexiowcFCPdr/Q0qaMgB01+SQ1u6g==} - - '@webassemblyjs/wasm-gen@1.12.1': - resolution: {integrity: sha512-TDq4Ojh9fcohAw6OIMXqiIcTq5KUXTGRkVxbSo1hQnSy6lAM5GSdfwWeSxpAo0YzgsgF182E/U0mDNhuA0tW7w==} - - '@webassemblyjs/wasm-opt@1.12.1': - resolution: {integrity: sha512-Jg99j/2gG2iaz3hijw857AVYekZe2SAskcqlWIZXjji5WStnOpVoat3gQfT/Q5tb2djnCjBtMocY/Su1GfxPBg==} - - '@webassemblyjs/wasm-parser@1.12.1': - resolution: {integrity: sha512-xikIi7c2FHXysxXe3COrVUPSheuBtpcfhbpFj4gmu7KRLYOzANztwUU0IbsqvMqzuNK2+glRGWCEqZo1WCLyAQ==} - - '@webassemblyjs/wast-printer@1.12.1': - resolution: {integrity: sha512-+X4WAlOisVWQMikjbcvY2e0rwPsKQ9F688lksZhBcPycBBuii3O7m8FACbDMWDojpAqvjIncrG8J0XHKyQfVeA==} - - '@xtuc/ieee754@1.2.0': - resolution: {integrity: sha512-DX8nKgqcGwsc0eJSqYt5lwP4DH5FlHnmuWWBRy7X0NcaGR0ZtuyeESgMwTYVEtxmsNGY+qit4QYT/MIYTOTPeA==} - - '@xtuc/long@4.2.2': - resolution: {integrity: sha512-NuHqBY1PB/D8xU6s/thBgOAiAP7HOYDQ32+BFZILJ8ivkUkAHQnWfn6WhL79Owj1qmUnoN/YPhktdIoucipkAQ==} - - abbrev@1.1.1: - resolution: {integrity: sha512-nne9/IiQ/hzIhY6pdDnbBtz7DjPTKrY00P/zvPSm5pOFkl6xuGrGnXn/VtTNNfNtAfZ9/1RtehkszU9qcTii0Q==} - - abort-controller@3.0.0: - resolution: {integrity: sha512-h8lQ8tacZYnR3vNQTgibj+tODHI5/+l06Au2Pcriv/Gmet0eaj4TwWH41sO9wnHDiQsEj19q0drzdWdeAHtweg==} - engines: {node: '>=6.5'} - - accepts@1.3.8: - resolution: {integrity: sha512-PYAthTa2m2VKxuvSD3DPC/Gy+U+sOA1LAuT8mkmRuvw+NACSaeXEQ+NHcVF7rONl6qcaxV3Uuemwawk+7+SJLw==} - engines: {node: '>= 0.6'} - - acorn-import-attributes@1.9.5: - resolution: {integrity: sha512-n02Vykv5uA3eHGM/Z2dQrcD56kL8TyDb2p1+0P83PClMnC/nc+anbQRhIOWnSq4Ke/KvDPrY3C9hDtC/A3eHnQ==} - peerDependencies: - acorn: ^8 - - acorn-walk@8.3.3: - resolution: {integrity: sha512-MxXdReSRhGO7VlFe1bRG/oI7/mdLV9B9JJT0N8vZOhF7gFRR5l3M8W9G8JxmKV+JC5mGqJ0QvqfSOLsCPa4nUw==} - engines: {node: '>=0.4.0'} - - acorn@8.12.1: - resolution: {integrity: sha512-tcpGyI9zbizT9JbV6oYE477V6mTlXvvi0T0G3SNIYE2apm/G5huBa1+K89VGeovbg+jycCrfhl3ADxErOuO6Jg==} - engines: {node: '>=0.4.0'} - hasBin: true - - addressparser@1.0.1: - resolution: {integrity: sha512-aQX7AISOMM7HFE0iZ3+YnD07oIeJqWGVnJ+ZIKaBZAk03ftmVYVqsGas/rbXKR21n4D/hKCSHypvcyOkds/xzg==} - - agent-base@6.0.2: - resolution: {integrity: sha512-RZNwNclF7+MS/8bDg70amg32dyeZGZxiDuQmZxKLAlQjr3jGyLx+4Kkk58UO7D2QdgFIQCovuSuZESne6RG6XQ==} - engines: {node: '>= 6.0.0'} - - agentkeepalive@4.5.0: - resolution: {integrity: sha512-5GG/5IbQQpC9FpkRGsSvZI5QYeSCzlJHdpBQntCsuTOxhKD8lqKhrleg2Yi7yvMIf82Ycmmqln9U8V9qwEiJew==} - engines: {node: '>= 8.0.0'} - - aggregate-error@3.1.0: - resolution: {integrity: sha512-4I7Td01quW/RpocfNayFdFVk1qSuoh0E7JrbRJ16nH01HhKFQ88INq9Sd+nd72zqRySlr9BmDA8xlEJ6vJMrYA==} - engines: {node: '>=8'} - - ajv-draft-04@1.0.0: - resolution: {integrity: sha512-mv00Te6nmYbRp5DCwclxtt7yV/joXJPGS7nM+97GdxvuttCOfgI3K4U25zboyeX0O+myI8ERluxQe5wljMmVIw==} - peerDependencies: - ajv: ^8.5.0 - peerDependenciesMeta: - ajv: - optional: true - - ajv-formats@2.1.1: - resolution: {integrity: sha512-Wx0Kx52hxE7C18hkMEggYlEifqWZtYaRgouJor+WMdPnQyEK13vgEWyVNup7SoeeoLMsr4kf5h6dOW11I15MUA==} - peerDependencies: - ajv: ^8.0.0 - peerDependenciesMeta: - ajv: - optional: true - - ajv-formats@3.0.1: - resolution: {integrity: sha512-8iUql50EUR+uUcdRQ3HDqa6EVyo3docL8g5WJ3FNcWmu62IbkGUue/pEyLBW8VGKKucTPgqeks4fIU1DA4yowQ==} - peerDependencies: - ajv: ^8.0.0 - peerDependenciesMeta: - ajv: - optional: true - - ajv-keywords@3.5.2: - resolution: {integrity: sha512-5p6WTN0DdTGVQk6VjcEju19IgaHudalcfabD7yhDGeA6bcQnmL+CpveLJq/3hvfwd1aof6L386Ougkx6RfyMIQ==} - peerDependencies: - ajv: ^6.9.1 - - ajv-keywords@5.1.0: - resolution: {integrity: sha512-YCS/JNFAUyr5vAuhk1DWm1CBxRHW9LbJ2ozWeemrIqpbsqKjHVxYPyi5GC0rjZIT5JxJ3virVTS8wk4i/Z+krw==} - peerDependencies: - ajv: ^8.8.2 - - ajv@6.12.6: - resolution: {integrity: sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==} - - ajv@8.13.0: - resolution: {integrity: sha512-PRA911Blj99jR5RMeTunVbNXMF6Lp4vZXnk5GQjcnUWUTsrXtekg/pnmFFI2u/I36Y/2bITGS30GZCXei6uNkA==} - - ajv@8.17.1: - resolution: {integrity: sha512-B/gBuNg5SiMTrPkC+A2+cW0RszwxYmn6VYxB/inlBStS5nx6xHIt/ehKRhIMhqusl7a8LjQoZnjCs5vhwxOQ1g==} - - ansi-align@3.0.1: - resolution: {integrity: sha512-IOfwwBF5iczOjp/WeY4YxyjqAFMQoZufdQWDd19SEExbVLNXqvpzSJ/M7Za4/sCPmQ0+GRquoA7bGcINcxew6w==} - - ansi-escapes@4.3.2: - resolution: {integrity: sha512-gKXj5ALrKWQLsYG9jlTRmR/xKluxHV+Z9QEwNIgCfM1/uwPMCuzVVnh5mwTd+OuBZcwSIMbqssNWRm1lE51QaQ==} - engines: {node: '>=8'} - - ansi-html-community@0.0.8: - resolution: {integrity: sha512-1APHAyr3+PCamwNw3bXCPp4HFLONZt/yIH0sZp0/469KWNTEy+qN5jQ3GVX6DMZ1UXAi34yVwtTeaG/HpBuuzw==} - engines: {'0': node >= 0.8.0} - hasBin: true - - ansi-regex@2.1.1: - resolution: {integrity: sha512-TIGnTpdo+E3+pCyAluZvtED5p5wCqLdezCyhPZzKPcxvFplEt4i+W7OONCKgeZFT3+y5NZZfOOS/Bdcanm1MYA==} - engines: {node: '>=0.10.0'} - - ansi-regex@4.1.1: - resolution: {integrity: sha512-ILlv4k/3f6vfQ4OoP2AGvirOktlQ98ZEL1k9FaQjxa3L1abBgbuTDAdPOpvbGncC0BTVQrl+OM8xZGK6tWXt7g==} - engines: {node: '>=6'} - - ansi-regex@5.0.1: - resolution: {integrity: sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==} - engines: {node: '>=8'} - - ansi-regex@6.0.1: - resolution: {integrity: sha512-n5M855fKb2SsfMIiFFoVrABHJC8QtHwVx+mHWP3QcEqBHYienj5dHSgjbxtC0WEZXYt4wcD6zrQElDPhFuZgfA==} - engines: {node: '>=12'} - - ansi-styles@2.2.1: - resolution: {integrity: sha512-kmCevFghRiWM7HB5zTPULl4r9bVFSWjz62MhqizDGUrq2NWuNMQyuv4tHHoKJHs69M/MF64lEcHdYIocrdWQYA==} - engines: {node: '>=0.10.0'} - - ansi-styles@3.2.1: - resolution: {integrity: sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==} - engines: {node: '>=4'} - - ansi-styles@4.3.0: - resolution: {integrity: sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==} - engines: {node: '>=8'} - - ansi-styles@6.2.1: - resolution: {integrity: sha512-bN798gFfQX+viw3R7yrGWRqnrN2oRkEkUjjl4JNn4E8GxxbjtG3FbrEIIY3l8/hrwUwIeCZvi4QuOTP4MErVug==} - engines: {node: '>=12'} - - any-promise@1.3.0: - resolution: {integrity: sha512-7UvmKalWRt1wgjL1RrGxoSJW/0QZFIegpeGvZG9kjp8vrRu55XTHbwnqq2GpXm9uLbcuhxm3IqX9OB4MZR1b2A==} - - anymatch@3.1.3: - resolution: {integrity: sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw==} - engines: {node: '>= 8'} - - aproba@2.0.0: - resolution: {integrity: sha512-lYe4Gx7QT+MKGbDsA+Z+he/Wtef0BiwDOlK/XkBrdfsh9J/jPPXbX0tE9x9cl27Tmu5gg3QUbUrQYa/y+KOHPQ==} - - are-we-there-yet@2.0.0: - resolution: {integrity: sha512-Ci/qENmwHnsYo9xKIcUJN5LeDKdJ6R1Z1j9V/J5wyq8nh/mYPEpIKJbBZXtZjG04HiK7zV/p6Vs9952MrMeUIw==} - engines: {node: '>=10'} - deprecated: This package is no longer supported. - - argparse@1.0.10: - resolution: {integrity: sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==} - - argparse@2.0.1: - resolution: {integrity: sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==} - - aria-hidden@1.2.4: - resolution: {integrity: sha512-y+CcFFwelSXpLZk/7fMB2mUbGtX9lKycf1MWJ7CaTIERyitVlyQx6C+sxcROU2BAJ24OiZyK+8wj2i8AlBoS3A==} - engines: {node: '>=10'} - - arr-diff@4.0.0: - resolution: {integrity: sha512-YVIQ82gZPGBebQV/a8dar4AitzCQs0jjXwMPZllpXMaGjXPYVUawSxQrRsjhjupyVxEvbHgUmIhKVlND+j02kA==} - engines: {node: '>=0.10.0'} - - arr-flatten@1.1.0: - resolution: {integrity: sha512-L3hKV5R/p5o81R7O02IGnwpDmkp6E982XhtbuwSe3O4qOtMMMtodicASA1Cny2U+aCXcNpml+m4dPsvsJ3jatg==} - engines: {node: '>=0.10.0'} - - arr-union@3.1.0: - resolution: {integrity: sha512-sKpyeERZ02v1FeCZT8lrfJq5u6goHCtpTAzPwJYe7c8SPFOboNjNg1vz2L4VTn9T4PQxEx13TbXLmYUcS6Ug7Q==} - engines: {node: '>=0.10.0'} - - array-each@1.0.1: - resolution: {integrity: sha512-zHjL5SZa68hkKHBFBK6DJCTtr9sfTCPCaph/L7tMSLcTFgy+zX7E+6q5UArbtOtMBCtxdICpfTCspRse+ywyXA==} - engines: {node: '>=0.10.0'} - - array-slice@1.1.0: - resolution: {integrity: sha512-B1qMD3RBP7O8o0H2KbrXDyB0IccejMF15+87Lvlor12ONPRHP6gTjXMNkt/d3ZuOGbAe66hFmaCfECI24Ufp6w==} - engines: {node: '>=0.10.0'} - - array-union@2.1.0: - resolution: {integrity: sha512-HGyxoOTYUyCM6stUe6EJgnd4EoewAI7zMdfqO+kGjnlZmBDz/cR5pf8r/cR4Wq60sL/p0IkcjUEEPwS3GFrIyw==} - engines: {node: '>=8'} - - array-unique@0.3.2: - resolution: {integrity: sha512-SleRWjh9JUud2wH1hPs9rZBZ33H6T9HOiL0uwGnGx9FpE6wKGyfWugmbkEOIs6qWrZhg0LWeLziLrEwQJhs5mQ==} - engines: {node: '>=0.10.0'} - - asn1.js@5.4.1: - resolution: {integrity: sha512-+I//4cYPccV8LdmBLiX8CYvf9Sp3vQsrqu2QNXRcrbiWvcx/UdlFiqUJJzxRQxgsZmvhXhn4cSKeSmoFjVdupA==} - - assign-symbols@1.0.0: - resolution: {integrity: sha512-Q+JC7Whu8HhmTdBph/Tq59IoRtoy6KAm5zzPv00WdujX82lbAL8K7WVjne7vdCsAmbF4AYaDOPyO3k0kl8qIrw==} - engines: {node: '>=0.10.0'} - - async@3.2.6: - resolution: {integrity: sha512-htCUDlxyyCLMgaM3xXg0C0LW2xqfuQ6p05pCEIsXuyQ+a1koYKTuBMzRNwmybfLgvJDMd0r1LTn4+E0Ti6C2AA==} - - asynckit@0.4.0: - resolution: {integrity: sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q==} - - atob@2.1.2: - resolution: {integrity: sha512-Wm6ukoaOGJi/73p/cl2GvLjTI5JM1k/O14isD73YML8StrH/7/lRFgmg8nICZgD3bZZvjwCGxtMOD3wWNAu8cg==} - engines: {node: '>= 4.5.0'} - hasBin: true - - axios@1.7.4: - resolution: {integrity: sha512-DukmaFRnY6AzAALSH4J2M3k6PkaC+MfaAGdEERRWcC9q3/TWQwLpHR8ZRLKTdQ3aBDL64EdluRDjJqKw+BPZEw==} - - b4a@1.6.6: - resolution: {integrity: sha512-5Tk1HLk6b6ctmjIkAcU/Ujv/1WqiDl0F0JdRCR80VsOcUlHcu7pWeWRlOqQLHfDEsVx9YH/aif5AG4ehoCtTmg==} - - babel-plugin-macros@3.1.0: - resolution: {integrity: sha512-Cg7TFGpIr01vOQNODXOOaGz2NpCU5gl8x1qJFbb6hbZxR7XrcE2vtbAsTAbJ7/xwJtUuJEw8K8Zr/AE0LHlesg==} - engines: {node: '>=10', npm: '>=6'} - - balanced-match@1.0.2: - resolution: {integrity: sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==} - - bare-events@2.4.2: - resolution: {integrity: sha512-qMKFd2qG/36aA4GwvKq8MxnPgCQAmBWmSyLWsJcbn8v03wvIPQ/hG1Ms8bPzndZxMDoHpxez5VOS+gC9Yi24/Q==} - - bare-fs@2.3.3: - resolution: {integrity: sha512-7RYKL+vZVCyAsMLi5SPu7QGauGGT8avnP/HO571ndEuV4MYdGXvLhtW67FuLPeEI8EiIY7zbbRR9x7x7HU0kgw==} - - bare-os@2.4.2: - resolution: {integrity: sha512-HZoJwzC+rZ9lqEemTMiO0luOePoGYNBgsLLgegKR/cljiJvcDNhDZQkzC+NC5Oh0aHbdBNSOHpghwMuB5tqhjg==} - - bare-path@2.1.3: - resolution: {integrity: sha512-lh/eITfU8hrj9Ru5quUp0Io1kJWIk1bTjzo7JH1P5dWmQ2EL4hFUlfI8FonAhSlgIfhn63p84CDY/x+PisgcXA==} - - bare-stream@2.2.0: - resolution: {integrity: sha512-+o9MG5bPRRBlkVSpfFlMag3n7wMaIZb4YZasU2+/96f+3HTQ4F9DKQeu3K/Sjz1W0umu6xvVq1ON0ipWdMlr3A==} - - base64-js@1.5.1: - resolution: {integrity: sha512-AKpaYlHn8t4SVbOHCy+b5+KKgvR4vrsD8vbvrbiQJps7fKDTkjkDry6ji0rUJjC0kzbNePLwzxq8iypo41qeWA==} - - base@0.11.2: - resolution: {integrity: sha512-5T6P4xPgpp0YDFvSWwEZ4NoE3aM4QBQXDzmVbraCkFj8zHM+mba8SyqB5DbZWyR7mYHo6Y7BdQo3MoA4m0TeQg==} - engines: {node: '>=0.10.0'} - - bcryptjs@2.4.3: - resolution: {integrity: sha512-V/Hy/X9Vt7f3BbPJEi8BdVFMByHi+jNXrYkW3huaybV/kQ0KJg0Y6PkEMbn+zeT+i+SiKZ/HMqJGIIt4LZDqNQ==} - - big-integer@1.6.52: - resolution: {integrity: sha512-QxD8cf2eVqJOOz63z6JIN9BzvVs/dlySa5HGSBH5xtR8dPteIRQnBxxKqkNTiT6jbDTF6jAfrd4oMcND9RGbQg==} - engines: {node: '>=0.6'} - - big.js@5.2.2: - resolution: {integrity: sha512-vyL2OymJxmarO8gxMr0mhChsO9QGwhynfuu4+MHTAW6czfq9humCB7rKpUjDd9YUiDPU4mzpyupFSvOClAwbmQ==} - - binary-extensions@2.3.0: - resolution: {integrity: sha512-Ceh+7ox5qe7LJuLHoY0feh3pHuUDHAcRUeyL2VYghZwfpkNIy/+8Ocg0a3UuSoYzavmylwuLWQOf3hl0jjMMIw==} - engines: {node: '>=8'} - - bl@4.1.0: - resolution: {integrity: sha512-1W07cM9gS6DcLperZfFSj+bWLtaPGSOHWhPiGzXmvVJbRLdG82sH/Kn8EtW1VqWVA54AKf2h5k5BbnIbwF3h6w==} - - bn.js@4.12.0: - resolution: {integrity: sha512-c98Bf3tPniI+scsdk237ku1Dc3ujXQTSgyiPUDEOe7tRkhrqridvh8klBv0HCEso1OLOYcHuCv/cS6DNxKH+ZA==} - - boolbase@1.0.0: - resolution: {integrity: sha512-JZOSA7Mo9sNGB8+UjSgzdLtokWAky1zbztM3WRLCbZ70/3cTANmQmOdR7y2g+J0e2WXywy1yS468tY+IruqEww==} - - bowser@2.11.0: - resolution: {integrity: sha512-AlcaJBi/pqqJBIQ8U9Mcpc9i8Aqxn88Skv5d+xBX006BY5u8N3mGLHa5Lgppa7L/HfwgwLgZ6NYs+Ag6uUmJRA==} - - boxen@5.1.2: - resolution: {integrity: sha512-9gYgQKXx+1nP8mP7CzFyaUARhg7D3n1dF/FnErWmu9l6JvGpNUN278h0aSb+QjoiKSWG+iZ3uHrcqk0qrY9RQQ==} - engines: {node: '>=10'} - - bplist-parser@0.2.0: - resolution: {integrity: sha512-z0M+byMThzQmD9NILRniCUXYsYpjwnlO8N5uCFaCqIOpqRsJCrQL9NK3JsD67CN5a08nF5oIL2bD6loTdHOuKw==} - engines: {node: '>= 5.10.0'} - - brace-expansion@1.1.11: - resolution: {integrity: sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==} - - brace-expansion@2.0.1: - resolution: {integrity: sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==} - - braces@2.3.2: - resolution: {integrity: sha512-aNdbnj9P8PjdXU4ybaWLK2IF3jc/EoDYbC7AazW6to3TRsfXxscC9UXOB5iDiEQrkyIbWp2SLQda4+QAa7nc3w==} - engines: {node: '>=0.10.0'} - - braces@3.0.3: - resolution: {integrity: sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==} - engines: {node: '>=8'} - - broadcast-channel@3.7.0: - resolution: {integrity: sha512-cIAKJXAxGJceNZGTZSBzMxzyOn72cVgPnKx4dc6LRjQgbaJUQqhy5rzL3zbMxkMWsGKkv2hSFkPRMEXfoMZ2Mg==} - - brorand@1.1.0: - resolution: {integrity: sha512-cKV8tMCEpQs4hK/ik71d6LrPOnpkpGBR0wzxqr68g2m/LB2GxVYQroAjMJZRVM1Y4BCjCKc3vAamxSzOY2RP+w==} - - browserslist-to-esbuild@1.2.0: - resolution: {integrity: sha512-ftrrbI/VHBgEnmnSyhkqvQVMp6jAKybfs0qMIlm7SLBrQTGMsdCIP4q3BoKeLsZTBQllIQtY9kbxgRYV2WU47g==} - engines: {node: '>=12'} - - browserslist@4.23.3: - resolution: {integrity: sha512-btwCFJVjI4YWDNfau8RhZ+B1Q/VLoUITrm3RlP6y1tYGWIOa+InuYiRGXUBXo8nA1qKmHMyLB/iVQg5TT4eFoA==} - engines: {node: ^6 || ^7 || ^8 || ^9 || ^10 || ^11 || ^12 || >=13.7} - hasBin: true - - buffer-equal-constant-time@1.0.1: - resolution: {integrity: sha512-zRpUiDwd/xk6ADqPMATG8vc9VPrkck7T07OIx0gnjmJAnHnTVXNQG3vfvWNuiZIkwu9KrKdA1iJKfsfTVxE6NA==} - - buffer-from@1.1.2: - resolution: {integrity: sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==} - - buffer@5.7.1: - resolution: {integrity: sha512-EHcyIPBQ4BSGlvjB16k5KgAJ27CIsHY/2JBmCRReo48y9rQ3MaUzWX3KVlBa4U7MyX02HdVj0K7C3WaB3ju7FQ==} - - buildmail@3.10.0: - resolution: {integrity: sha512-6e5sDN/pl3en5Klqdfyir7LEIBiFr9oqZuvYaEyVwjxpIbBZN+98e0j87Fz2Ukl8ud32rbk9VGOZAnsOZ7pkaA==} - deprecated: This project is unmaintained - - bundle-name@3.0.0: - resolution: {integrity: sha512-PKA4BeSvBpQKQ8iPOGCSiell+N8P+Tf1DlwqmYhpe2gAhKPHn8EYOxVT+ShuGmhg8lN8XiSlS80yiExKXrURlw==} - engines: {node: '>=12'} - - byte-size@7.0.1: - resolution: {integrity: sha512-crQdqyCwhokxwV1UyDzLZanhkugAgft7vt0qbbdt60C6Zf3CAiGmtUCylbtYwrU6loOUw3euGrNtW1J651ot1A==} - engines: {node: '>=10'} - - bytes@3.1.2: - resolution: {integrity: sha512-/Nf7TyzTx6S3yRJObOAV7956r8cr2+Oj8AC5dt8wSP3BQAoeX58NoHyCU8P8zGkNXStjTSi6fzO6F0pBdcYbEg==} - engines: {node: '>= 0.8'} - - cache-base@1.0.1: - resolution: {integrity: sha512-AKcdTnFSWATd5/GCPRxr2ChwIJ85CeyrEyjRHlKxQ56d4XJMGym0uAiKn0xbLOGOl3+yRpOTi484dVCEc5AUzQ==} - engines: {node: '>=0.10.0'} - - cache-content-type@1.0.1: - resolution: {integrity: sha512-IKufZ1o4Ut42YUrZSo8+qnMTrFuKkvyoLXUywKz9GJ5BrhOFGhLdkx9sG4KAnVvbY6kEcSFjLQul+DVmBm2bgA==} - engines: {node: '>= 6.0.0'} - - cacheable-lookup@5.0.4: - resolution: {integrity: sha512-2/kNscPhpcxrOigMZzbiWF7dz8ilhb/nIHU3EyZiXWXpeq/au8qJ8VhdftMkty3n7Gj6HIGalQG8oiBNB3AJgA==} - engines: {node: '>=10.6.0'} - - cacheable-request@7.0.4: - resolution: {integrity: sha512-v+p6ongsrp0yTGbJXjgxPow2+DL93DASP4kXCDKb8/bwRtt9OEF3whggkkDkGNzgcWy2XaF4a8nZglC7uElscg==} - engines: {node: '>=8'} - - call-bind@1.0.7: - resolution: {integrity: sha512-GHTSNSYICQ7scH7sZ+M2rFopRoLh8t2bLSW6BbgrtLsahOIB5iyAVJf9GjWK3cYTDaMj4XdBpM1cA6pIS0Kv2w==} - engines: {node: '>= 0.4'} - - callsites@3.1.0: - resolution: {integrity: sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==} - engines: {node: '>=6'} - - camel-case@3.0.0: - resolution: {integrity: sha512-+MbKztAYHXPr1jNTSKQF52VpcFjwY5RkR7fxksV8Doo4KAYc5Fl4UJRgthBbTmEx8C54DqahhbLJkDwjI3PI/w==} - - camel-case@4.1.2: - resolution: {integrity: sha512-gxGWBrTT1JuMx6R+o5PTXMmUnhnVzLQ9SNutD4YqKtI6ap897t3tKECYla6gCWEkplXnlNybEkZg9GEGxKFCgw==} - - camelcase@6.3.0: - resolution: {integrity: sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==} - engines: {node: '>=10'} - - camelize@1.0.1: - resolution: {integrity: sha512-dU+Tx2fsypxTgtLoE36npi3UqcjSSMNYfkqgmoEhtZrraP5VWq0K7FkWVTYa8eMPtnU/G2txVsfdCJTn9uzpuQ==} - - caniuse-lite@1.0.30001655: - resolution: {integrity: sha512-jRGVy3iSGO5Uutn2owlb5gR6qsGngTw9ZTb4ali9f3glshcNmJ2noam4Mo9zia5P9Dk3jNNydy7vQjuE5dQmfg==} - - canvas@2.11.2: - resolution: {integrity: sha512-ItanGBMrmRV7Py2Z+Xhs7cT+FNt5K0vPL4p9EZ/UX/Mu7hFbkxSjKF2KVtPwX7UYWp7dRKnrTvReflgrItJbdw==} - engines: {node: '>=6'} - - chalk@1.1.3: - resolution: {integrity: sha512-U3lRVLMSlsCfjqYPbLyVv11M9CPW4I728d6TCKMAOJueEeB9/8o+eSsMnxPJD+Q+K909sdESg7C+tIkoH6on1A==} - engines: {node: '>=0.10.0'} - - chalk@2.4.2: - resolution: {integrity: sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==} - engines: {node: '>=4'} - - chalk@4.1.2: - resolution: {integrity: sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==} - engines: {node: '>=10'} - - change-case@3.1.0: - resolution: {integrity: sha512-2AZp7uJZbYEzRPsFoa+ijKdvp9zsrnnt6+yFokfwEpeJm0xuJDVoxiRCAaTzyJND8GJkofo2IcKWaUZ/OECVzw==} - - chardet@0.7.0: - resolution: {integrity: sha512-mT8iDcrh03qDGRRmoA2hmBJnxpllMR+0/0qlzjqZES6NdiWDcZkCNAk4rPFZ9Q85r27unkiNNg8ZOiwZXBHwcA==} - - chokidar@3.5.3: - resolution: {integrity: sha512-Dr3sfKRP6oTcjf2JmUmFJfeVMvXBdegxB0iVQ5eb2V10uFJUCAS8OByZdVAyVb8xXNz3GjjTgj9kLWsZTqE6kw==} - engines: {node: '>= 8.10.0'} - - chokidar@3.6.0: - resolution: {integrity: sha512-7VT13fmjotKpGipCW9JEQAusEPE+Ei8nl6/g4FBAmIm0GOOLMua9NDDo/DWp0ZAxCr3cPq5ZpBqmPAQgDda2Pw==} - engines: {node: '>= 8.10.0'} - - chownr@1.1.4: - resolution: {integrity: sha512-jJ0bqzaylmJtVnNgzTeSOs8DPavpbYgEr/b0YL8/2GO3xJEhInFmhKMUnEJQjZumK7KXGFhUy89PrsJWlakBVg==} - - chownr@2.0.0: - resolution: {integrity: sha512-bIomtDF5KGpdogkLd9VspvFzk9KfpyyGlS8YFVZl7TGPBHL5snIOnxeshwVgPteQ9b4Eydl+pVbIyE1DcvCWgQ==} - engines: {node: '>=10'} - - chrome-trace-event@1.0.4: - resolution: {integrity: sha512-rNjApaLzuwaOTjCiT8lSDdGN1APCiqkChLMJxJPWLunPAt5fy8xgU9/jNOchV84wfIxrA0lRQB7oCT8jrn/wrQ==} - engines: {node: '>=6.0'} - - ci-info@3.8.0: - resolution: {integrity: sha512-eXTggHWSooYhq49F2opQhuHWgzucfF2YgODK4e1566GQs5BIfP30B0oenwBJHfWxAs2fyPB1s7Mg949zLf61Yw==} - engines: {node: '>=8'} - - class-utils@0.3.6: - resolution: {integrity: sha512-qOhPa/Fj7s6TY8H8esGu5QNpMMQxz79h+urzrNYN6mn+9BnxlDGf5QZ+XeCDsxSjPqsSR56XOZOJmpeurnLMeg==} - engines: {node: '>=0.10.0'} - - clean-css@5.3.3: - resolution: {integrity: sha512-D5J+kHaVb/wKSFcyyV75uCn8fiY4sV38XJoe4CUyGQ+mOU/fMVYUdH1hJC+CJQ5uY3EnW27SbJYS4X8BiLrAFg==} - engines: {node: '>= 10.0'} - - clean-stack@2.2.0: - resolution: {integrity: sha512-4diC9HaTE+KRAMWhDhrGOECgWZxoevMc5TlkObMqNSsVU62PYzXZ/SMTjzyGAFF1YusgxGcSWTEXBhp0CPwQ1A==} - engines: {node: '>=6'} - - cli-boxes@2.2.1: - resolution: {integrity: sha512-y4coMcylgSCdVinjiDBuR8PCC2bLjyGTwEmPb9NHR/QaNU6EUOXcTY/s6VjGMD6ENSEaeQYHCY0GNGS5jfMwPw==} - engines: {node: '>=6'} - - cli-cursor@2.1.0: - resolution: {integrity: sha512-8lgKz8LmCRYZZQDpRyT2m5rKJ08TnU4tR9FFFW2rxpxR1FzWi4PQ/NfyODchAatHaUgnSPVcx/R5w6NuTBzFiw==} - engines: {node: '>=4'} - - cli-cursor@3.1.0: - resolution: {integrity: sha512-I/zHAwsKf9FqGoXM4WWRACob9+SNukZTd94DWF57E4toouRulbCxcUh6RKUEOQlYTHJnzkPMySvPNaaSLNfLZw==} - engines: {node: '>=8'} - - cli-progress@3.12.0: - resolution: {integrity: sha512-tRkV3HJ1ASwm19THiiLIXLO7Im7wlTuKnvkYaTkyoAPefqjNg7W7DHKUlGRxy9vxDvbyCYQkQozvptuMkGCg8A==} - engines: {node: '>=4'} - - cli-spinners@2.9.2: - resolution: {integrity: sha512-ywqV+5MmyL4E7ybXgKys4DugZbX0FC6LnwrhjuykIjnK9k8OQacQ7axGKnjDXWNhns0xot3bZI5h55H8yo9cJg==} - engines: {node: '>=6'} - - cli-table3@0.6.5: - resolution: {integrity: sha512-+W/5efTR7y5HRD7gACw9yQjqMVvEMLBHmboM/kPWam+H+Hmyrgjh6YncVKK122YZkXrLudzTuAukUw9FnMf7IQ==} - engines: {node: 10.* || >= 12.*} - - cli-width@3.0.0: - resolution: {integrity: sha512-FxqpkPPwu1HjuN93Omfm4h8uIanXofW0RxVEW3k5RKx+mJJYSthzNhp32Kzxxy3YAEZ/Dc/EWN1vZRY0+kOhbw==} - engines: {node: '>= 10'} - - cliui@7.0.4: - resolution: {integrity: sha512-OcRE68cOsVMXp1Yvonl/fzkQOyjLSu/8bhPDfQt0e0/Eb283TKP20Fs2MqoPsr9SwA595rRCA+QMzYc9nBP+JQ==} - - cliui@8.0.1: - resolution: {integrity: sha512-BSeNnyus75C4//NQ9gQt1/csTXyo/8Sb+afLAkzAptFuMsod9HFokGNudZpi/oQV73hnVK+sR+5PVRMd+Dr7YQ==} - engines: {node: '>=12'} - - clone-response@1.0.3: - resolution: {integrity: sha512-ROoL94jJH2dUVML2Y/5PEDNaSHgeOdSDicUyS7izcF63G6sTc/FTjLub4b8Il9S8S0beOfYt0TaA5qvFK+w0wA==} - - clone@1.0.4: - resolution: {integrity: sha512-JQHZ2QMW6l3aH/j6xCqQThY/9OH4D/9ls34cgkUBiEeocRTU04tHfKPBsUK1PqZCUQM7GiA0IIXJSuXHI64Kbg==} - engines: {node: '>=0.8'} - - co-body@5.2.0: - resolution: {integrity: sha512-sX/LQ7LqUhgyaxzbe7IqwPeTr2yfpfUIQ/dgpKo6ZI4y4lpQA0YxAomWIY+7I7rHWcG02PG+OuPREzMW/5tszQ==} - - co-body@6.2.0: - resolution: {integrity: sha512-Kbpv2Yd1NdL1V/V4cwLVxraHDV6K8ayohr2rmH0J87Er8+zJjcTa6dAn9QMPC9CRgU8+aNajKbSf1TzDB1yKPA==} - engines: {node: '>=8.0.0'} - - co@4.6.0: - resolution: {integrity: sha512-QVb0dM5HvG+uaxitm8wONl7jltx8dqhfU33DcqtOZcLSVIKSDDLDi7+0LbAKiyI8hD9u42m2YxXSkMGWThaecQ==} - engines: {iojs: '>= 1.0.0', node: '>= 0.12.0'} - - codemirror@5.65.17: - resolution: {integrity: sha512-1zOsUx3lzAOu/gnMAZkQ9kpIHcPYOc9y1Fbm2UVk5UBPkdq380nhkelG0qUwm1f7wPvTbndu9ZYlug35EwAZRQ==} - - collection-visit@1.0.0: - resolution: {integrity: sha512-lNkKvzEeMBBjUGHZ+q6z9pSJla0KWAQPvtzhEV9+iGyQYG+pBpl7xKDhxoNSOZH2hhv0v5k0y2yAM4o4SjoSkw==} - engines: {node: '>=0.10.0'} - - color-convert@1.9.3: - resolution: {integrity: sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==} - - color-convert@2.0.1: - resolution: {integrity: sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==} - engines: {node: '>=7.0.0'} - - color-name@1.1.3: - resolution: {integrity: sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==} - - color-name@1.1.4: - resolution: {integrity: sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==} - - color-string@1.9.1: - resolution: {integrity: sha512-shrVawQFojnZv6xM40anx4CkoDP+fZsw/ZerEMsW/pyzsRbElpsL/DBVW7q3ExxwusdNXI3lXpuhEZkzs8p5Eg==} - - color-support@1.1.3: - resolution: {integrity: sha512-qiBjkpbMLO/HL68y+lh4q0/O1MZFj2RX6X/KmMa3+gJD3z+WwI1ZzDHysvqHGS3mP6mznPckpXmw1nI9cJjyRg==} - hasBin: true - - color@3.2.1: - resolution: {integrity: sha512-aBl7dZI9ENN6fUGC7mWpMTPNHmWUSNan9tuWN6ahh5ZLNk9baLJOnSMlrQkHcrfFgz2/RigjUVAjdx36VcemKA==} - - color@4.2.3: - resolution: {integrity: sha512-1rXeuUUiGGrykh+CeBdu5Ie7OJwinCgQY0bc7GCRxy5xVHy+moaqkpL/jqQq0MtQOeYcrqEz4abc5f0KtU7W4A==} - engines: {node: '>=12.5.0'} - - colorette@2.0.19: - resolution: {integrity: sha512-3tlv/dIP7FWvj3BsbHrGLJ6l/oKh1O3TcgBqMn+yyCagOxc23fyzDS6HypQbgxWbkpDnf52p1LuR4eWDQ/K9WQ==} - - colorette@2.0.20: - resolution: {integrity: sha512-IfEDxwoWIjkeXL1eXcDiow4UbKjhLdq6/EuSVR9GMN7KVH3r9gQ83e73hsz1Nd1T3ijd5xv1wcWRYO+D6kCI2w==} - - colorspace@1.1.4: - resolution: {integrity: sha512-BgvKJiuVu1igBUF2kEjRCZXol6wiiGbY5ipL/oVPwm0BL9sIpMIzM8IK7vwuxIIzOXMV3Ey5w+vxhm0rR/TN8w==} - - combined-stream@1.0.8: - resolution: {integrity: sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==} - engines: {node: '>= 0.8'} - - commander@10.0.1: - resolution: {integrity: sha512-y4Mg2tXshplEbSGzx7amzPwKKOCGuoSRP/CjEdwwk0FOGlUbq6lKuoyDZTNZkmxHdJtp54hdfY/JUrdL7Xfdug==} - engines: {node: '>=14'} - - commander@2.20.3: - resolution: {integrity: sha512-GpVkmM8vF2vQUkj2LvZmD35JxeJOLCwJ9cUkugyk2nuhbv3+mJvpLYYt+0+USMxE+oj+ey/lJEnhZw75x/OMcQ==} - - commander@7.2.0: - resolution: {integrity: sha512-QrWXB+ZQSVPmIWIhtEO9H+gwHaMGYiF5ChvoJ+K9ZGHG/sVsa6yiesAD1GC/x46sET00Xlwo1u49RVVVzvcSkw==} - engines: {node: '>= 10'} - - commander@8.3.0: - resolution: {integrity: sha512-OkTL9umf+He2DZkUq8f8J9of7yL6RJKI24dVITBmNfZBmri9zYZQrKkuXiKhyfPSu8tUhnVBB1iKXevvnlR4Ww==} - engines: {node: '>= 12'} - - common-path-prefix@3.0.0: - resolution: {integrity: sha512-QE33hToZseCH3jS0qN96O/bSh3kaw/h+Tq7ngyY9eWDUnTlTNUyqfqvCXioLe5Na5jFsL78ra/wuBU4iuEgd4w==} - - component-emitter@1.3.1: - resolution: {integrity: sha512-T0+barUSQRTUQASh8bx02dl+DhF54GtIDY13Y3m9oWTklKbb3Wv974meRpeZ3lp1JpLVECWWNHC4vaG2XHXouQ==} - - compressible@2.0.18: - resolution: {integrity: sha512-AF3r7P5dWxL8MxyITRMlORQNaOA2IkAFaTr4k7BUumjPtRpGDTZpl0Pb1XCO6JeDCBdp126Cgs9sMxqSjgYyRg==} - engines: {node: '>= 0.6'} - - compute-scroll-into-view@1.0.20: - resolution: {integrity: sha512-UCB0ioiyj8CRjtrvaceBLqqhZCVP+1B8+NWQhmdsm0VXOJtobBCf1dBQmebCCo34qZmUwZfIH2MZLqNHazrfjg==} - - compute-scroll-into-view@3.1.0: - resolution: {integrity: sha512-rj8l8pD4bJ1nx+dAkMhV1xB5RuZEyVysfxJqB1pRchh1KVvwOv9b7CGB8ZfjTImVv2oF+sYMUkMZq6Na5Ftmbg==} - - concat-map@0.0.1: - resolution: {integrity: sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==} - - concurrently@8.2.2: - resolution: {integrity: sha512-1dP4gpXFhei8IOtlXRE/T/4H88ElHgTiUzh71YUmtjTEHMSRS2Z/fgOxHSxxusGHogsRfxNq1vyAwxSC+EVyDg==} - engines: {node: ^14.13.0 || >=16.0.0} - hasBin: true - - config-chain@1.1.13: - resolution: {integrity: sha512-qj+f8APARXHrM0hraqXYb2/bOVSV4PvJQlNZ/DVj0QrmNM2q2euizkeuVckQ57J+W0mRH6Hvi+k50M4Jul2VRQ==} - - configstore@5.0.1: - resolution: {integrity: sha512-aMKprgk5YhBNyH25hj8wGt2+D52Sw1DRRIzqBwLp2Ya9mFmY8KPvvtvmna8SxVR9JMZ4kzMD68N22vlaRpkeFA==} - engines: {node: '>=8'} - - console-control-strings@1.1.0: - resolution: {integrity: sha512-ty/fTekppD2fIwRvnZAVdeOiGd1c7YXEixbgJTNzqcxJWKQnjJ/V1bNEEE6hygpM3WjwHFUVK6HTjWSzV4a8sQ==} - - constant-case@2.0.0: - resolution: {integrity: sha512-eS0N9WwmjTqrOmR3o83F5vW8Z+9R1HnVz3xmzT2PMFug9ly+Au/fxRWlEBSb6LcZwspSsEn9Xs1uw9YgzAg1EQ==} - - content-disposition@0.5.4: - resolution: {integrity: sha512-FveZTNuGw04cxlAiWbzi6zTAL/lhehaWbTtgluJh4/E95DqMwTmha3KZN1aAWA8cFIhHzMZUvLevkw5Rqk+tSQ==} - engines: {node: '>= 0.6'} - - content-type@1.0.5: - resolution: {integrity: sha512-nTjqfcBFEipKdXCv4YDQWCfmcLZKm81ldF0pAopTvyrFGVbcR6P/VAAd5G7N+0tTr8QqiU0tFadD6FK4NtJwOA==} - engines: {node: '>= 0.6'} - - convert-source-map@1.9.0: - resolution: {integrity: sha512-ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A==} - - cookie-signature@1.2.1: - resolution: {integrity: sha512-78KWk9T26NhzXtuL26cIJ8/qNHANyJ/ZYrmEXFzUmhZdjpBv+DlWlOANRTGBt48YcyslsLrj0bMLFTmXvLRCOw==} - engines: {node: '>=6.6.0'} - - cookie@0.4.2: - resolution: {integrity: sha512-aSWTXFzaKWkvHO1Ny/s+ePFpvKsPnjc551iI41v3ny/ow6tBG5Vd+FuqGNhh1LxOmVzOlGUriIlOaokOvhaStA==} - engines: {node: '>= 0.6'} - - cookie@0.5.0: - resolution: {integrity: sha512-YZ3GUyn/o8gfKJlnlX7g7xq4gyO6OSuhGPKaaGssGB2qgDUS0gPgtTvoyZLTt9Ab6dC4hfc9dV5arkvc/OCmrw==} - engines: {node: '>= 0.6'} - - cookies@0.8.0: - resolution: {integrity: sha512-8aPsApQfebXnuI+537McwYsDtjVxGm8gTIzQI3FDW6t5t/DAhERxtnbEPN/8RX+uZthoz4eCOgloXaE5cYyNow==} - engines: {node: '>= 0.8'} - - copy-descriptor@0.1.1: - resolution: {integrity: sha512-XgZ0pFcakEUlbwQEVNg3+QAis1FyTL3Qel9FYy8pSkQqoG3PNoT0bOCQtOXcOkur21r2Eq2kI+IE+gsmAEVlYw==} - engines: {node: '>=0.10.0'} - - copy-to@2.0.1: - resolution: {integrity: sha512-3DdaFaU/Zf1AnpLiFDeNCD4TOWe3Zl2RZaTzUvWiIk5ERzcCodOE20Vqq4fzCbNoHURFHT4/us/Lfq+S2zyY4w==} - - copyfiles@2.4.1: - resolution: {integrity: sha512-fereAvAvxDrQDOXybk3Qu3dPbOoKoysFMWtkY3mv5BsL8//OSZVL5DCLYqgRfY5cWirgRzlC+WSrxp6Bo3eNZg==} - hasBin: true - - core-js-pure@3.38.1: - resolution: {integrity: sha512-BY8Etc1FZqdw1glX0XNOq2FDwfrg/VGqoZOZCdaL+UmdaqDwQwYXkMJT4t6In+zfEfOJDcM9T0KdbBeJg8KKCQ==} - - core-util-is@1.0.3: - resolution: {integrity: sha512-ZQBvi1DcpJ4GDqanjucZ2Hj3wEO5pZDS89BWbkcrvdxksJorwUDDZamX9ldFkp9aw2lmBDLgkObEA4DWNJ9FYQ==} - - cosmiconfig@7.1.0: - resolution: {integrity: sha512-AdmX6xUzdNASswsFtmwSt7Vj8po9IuqXm0UXz7QKPuEUmPB4XyjGfaAr2PSuELMwkRMVH1EpIkX5bTZGRB3eCA==} - engines: {node: '>=10'} - - cosmiconfig@8.3.6: - resolution: {integrity: sha512-kcZ6+W5QzcJ3P1Mt+83OUv/oHFqZHIx8DuxG6eZ5RGMERoLqp4BuGjhHLYGK+Kf5XVkQvqBSmAy/nGWN3qDgEA==} - engines: {node: '>=14'} - peerDependencies: - typescript: '>=4.9.5' - peerDependenciesMeta: - typescript: - optional: true - - crc@3.8.0: - resolution: {integrity: sha512-iX3mfgcTMIq3ZKLIsVFAbv7+Mc10kxabAGQb8HvjA1o3T1PIYprbakQ65d3I+2HGHt6nSKkM9PYjgoJO2KcFBQ==} - - crelt@1.0.6: - resolution: {integrity: sha512-VQ2MBenTq1fWZUH9DJNGti7kKv6EeAuYr3cLwxUWhIu1baTaXh4Ib5W2CqHVqib4/MqbYGJqiL3Zb8GJZr3l4g==} - - cron-parser@4.9.0: - resolution: {integrity: sha512-p0SaNjrHOnQeR8/VnfGbmg9te2kfyYSQ7Sc/j/6DtPL3JQvKxmjO9TSjNFpujqV3vEYYBvNNvXSxzyksBWAx1Q==} - engines: {node: '>=12.0.0'} - - cropperjs@1.6.0: - resolution: {integrity: sha512-BzLU/ecrfsbflwxgu+o7sQTrTlo52pVRZkTVrugEK5uyj6n8qKwAHP4s6+DWHqlXLqQ5B9+cM2MKeXiNfAsF6Q==} - - cross-env@7.0.3: - resolution: {integrity: sha512-+/HKd6EgcQCJGh2PSjZuUitQBQynKor4wrFbRg4DtAgS1aWO+gU52xpH7M9ScGgXSYmAVS9bIJ8EzuaGw0oNAw==} - engines: {node: '>=10.14', npm: '>=6', yarn: '>=1'} - hasBin: true - - cross-spawn@7.0.3: - resolution: {integrity: sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==} - engines: {node: '>= 8'} - - crypto-random-string@2.0.0: - resolution: {integrity: sha512-v1plID3y9r/lPhviJ1wrXpLeyUIGAZ2SHNYTEapm7/8A9nLPoyvVp3RK/EPFqn5kEznyWgYZNsRtYYIWbuG8KA==} - engines: {node: '>=8'} - - css-color-keywords@1.0.0: - resolution: {integrity: sha512-FyyrDHZKEjXDpNJYvVsV960FiqQyXc/LlYmsxl2BcdMb2WPx0OGRVgTg55rPSyLSNMqP52R9r8geSp7apN3Ofg==} - engines: {node: '>=4'} - - css-loader@6.11.0: - resolution: {integrity: sha512-CTJ+AEQJjq5NzLga5pE39qdiSV56F8ywCIsqNIRF0r7BDgWsN25aazToqAFg7ZrtA/U016xudB3ffgweORxX7g==} - engines: {node: '>= 12.13.0'} - peerDependencies: - '@rspack/core': 0.x || 1.x - webpack: ^5.0.0 - peerDependenciesMeta: - '@rspack/core': - optional: true - webpack: - optional: true - - css-select@4.3.0: - resolution: {integrity: sha512-wPpOYtnsVontu2mODhA19JrqWxNsfdatRKd64kmpRbQgh1KtItko5sTnEpPdpSaJszTOhEMlF/RPz28qj4HqhQ==} - - css-to-react-native@3.2.0: - resolution: {integrity: sha512-e8RKaLXMOFii+02mOlqwjbD00KSEKqblnpO9e++1aXS1fPQOpS1YoqdVHBqPjHNoxeF2mimzVqawm2KCbEdtHQ==} - - css-what@6.1.0: - resolution: {integrity: sha512-HTUrgRJ7r4dsZKU6GjmpfRK1O76h97Z8MfS1G0FozR+oF2kG6Vfe8JE6zwrkbxigziPHinCJ+gCPjA9EaBDtRw==} - engines: {node: '>= 6'} - - cssesc@3.0.0: - resolution: {integrity: sha512-/Tb/JcjK111nNScGob5MNtsntNM1aCNUDipB/TkwZFhyDrrE47SOx/18wF2bbjgc3ZzCSKW1T5nt5EbFoAz/Vg==} - engines: {node: '>=4'} - hasBin: true - - csstype@3.1.3: - resolution: {integrity: sha512-M1uQkMl8rQK/szD0LNhtqxIPLpimGm8sOBwU7lLnCpSbTyY3yeU1Vc7l4KT5zT4s/yOxHH5O7tIuuLOCnLADRw==} - - data-uri-to-buffer@4.0.1: - resolution: {integrity: sha512-0R9ikRb668HB7QDxT1vkpuUBtqc53YyAwMwGeUFKRojY/NWKvdZ+9UYtRfGmhqNbRkTSVpMbmyhXipFFv2cb/A==} - engines: {node: '>= 12'} - - date-fns-tz@2.0.0: - resolution: {integrity: sha512-OAtcLdB9vxSXTWHdT8b398ARImVwQMyjfYGkKD2zaGpHseG2UPHbHjXELReErZFxWdSLph3c2zOaaTyHfOhERQ==} - peerDependencies: - date-fns: '>=2.0.0' - - date-fns@2.30.0: - resolution: {integrity: sha512-fnULvOpxnC5/Vg3NCiWelDsLiUc9bRwAPs/+LfTLNvetFCtCTN+yQz15C/fs4AwX1R9K5GLtLfn8QW+dWisaAw==} - engines: {node: '>=0.11'} - - date-fns@3.6.0: - resolution: {integrity: sha512-fRHTG8g/Gif+kSh50gaGEdToemgfj74aRX3swtiouboip5JDLAyDE9F11nHMIcvOaXeOC6D7SpNhi7uFyB7Uww==} - - debounce@1.2.1: - resolution: {integrity: sha512-XRRe6Glud4rd/ZGQfiV1ruXSfbvfJedlV9Y6zOlP+2K04vBYiJEte6stfFkCP03aMnY5tsipamumUjL14fofug==} - - debug@2.6.9: - resolution: {integrity: sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA==} - peerDependencies: - supports-color: '*' - peerDependenciesMeta: - supports-color: - optional: true - - debug@3.2.7: - resolution: {integrity: sha512-CFjzYYAi4ThfiQvizrFQevTTXHtnCqWfe7x1AhgEscTz6ZbLbfoLRLPugTQyBth6f8ZERVUSyWHFD/7Wu4t1XQ==} - peerDependencies: - supports-color: '*' - peerDependenciesMeta: - supports-color: - optional: true - - debug@4.3.4: - resolution: {integrity: sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==} - engines: {node: '>=6.0'} - peerDependencies: - supports-color: '*' - peerDependenciesMeta: - supports-color: - optional: true - - debug@4.3.6: - resolution: {integrity: sha512-O/09Bd4Z1fBrU4VzkhFqVgpPzaGbw6Sm9FEkBT1A/YBXQFGuuSxa1dN2nxgxS34JmKXqYx8CZAwEVoJFImUXIg==} - engines: {node: '>=6.0'} - peerDependencies: - supports-color: '*' - peerDependenciesMeta: - supports-color: - optional: true - - decode-uri-component@0.2.2: - resolution: {integrity: sha512-FqUYQ+8o158GyGTrMFJms9qh3CqTKvAqgqsTnkLI8sKu0028orqBhxNMFkFen0zGyg6epACD32pjVk58ngIErQ==} - engines: {node: '>=0.10'} - - decompress-response@4.2.1: - resolution: {integrity: sha512-jOSne2qbyE+/r8G1VU+G/82LBs2Fs4LAsTiLSHOCOMZQl2OKZ6i8i4IyHemTe+/yIXOtTcRQMzPcgyhoFlqPkw==} - engines: {node: '>=8'} - - decompress-response@6.0.0: - resolution: {integrity: sha512-aW35yZM6Bb/4oJlZncMH2LCoZtJXTRxES17vE3hoRiowU2kWHaJKFkSBDnDR+cm9J+9QhXmREyIfv0pji9ejCQ==} - engines: {node: '>=10'} - - decompress-response@7.0.0: - resolution: {integrity: sha512-6IvPrADQyyPGLpMnUh6kfKiqy7SrbXbjoUuZ90WMBJKErzv2pCiwlGEXjRX9/54OnTq+XFVnkOnOMzclLI5aEA==} - engines: {node: '>=10'} - - deep-equal@1.0.1: - resolution: {integrity: sha512-bHtC0iYvWhyaTzvV3CZgPeZQqCOBGyGsVV7v4eevpdkLHfiSrXUdBG+qAuSz4RI70sszvjQ1QSZ98An1yNwpSw==} - - deep-extend@0.6.0: - resolution: {integrity: sha512-LOHxIOaPYdHlJRtCQfDIVZtfw/ufM8+rVj649RIHzcm/vGwQRXFt6OPqIFWsm2XEMrNIEtWR64sY1LEKD2vAOA==} - engines: {node: '>=4.0.0'} - - deepmerge@2.2.1: - resolution: {integrity: sha512-R9hc1Xa/NOBi9WRVUWg19rl1UB7Tt4kuPd+thNJgFZoxXsTz7ncaPaeIm+40oSGuP33DfMb4sZt1QIGiJzC4EA==} - engines: {node: '>=0.10.0'} - - deepmerge@4.3.1: - resolution: {integrity: sha512-3sUqbMEc77XqpdNO7FRyRog+eW3ph+GYCbj+rK+uYyRMuwsVy0rMiVtPn+QJlKFvWP/1PYpapqYn0Me2knFn+A==} - engines: {node: '>=0.10.0'} - - default-browser-id@3.0.0: - resolution: {integrity: sha512-OZ1y3y0SqSICtE8DE4S8YOE9UZOJ8wO16fKWVP5J1Qz42kV9jcnMVFrEE/noXb/ss3Q4pZIH79kxofzyNNtUNA==} - engines: {node: '>=12'} - - default-browser@4.0.0: - resolution: {integrity: sha512-wX5pXO1+BrhMkSbROFsyxUm0i/cJEScyNhA4PPxc41ICuv05ZZB/MX28s8aZx6xjmatvebIapF6hLEKEcpneUA==} - engines: {node: '>=14.16'} - - defaults@1.0.4: - resolution: {integrity: sha512-eFuaLoy/Rxalv2kr+lqMlUnrDWV+3j4pljOIJgLIhI058IQfWJ7vXhyEIHu+HtC738klGALYxOKDO0bQP3tg8A==} - - defer-to-connect@2.0.1: - resolution: {integrity: sha512-4tvttepXG1VaYGrRibk5EwJd1t4udunSOVMdLSAL6mId1ix438oPwPZMALY41FCijukO1L0twNcGsdzS7dHgDg==} - engines: {node: '>=10'} - - define-data-property@1.1.4: - resolution: {integrity: sha512-rBMvIzlpA8v6E+SJZoo++HAYqsLrkg7MSfIinMPFhmkorw7X+dOXVJQs+QT69zGkzMyfDnIMN2Wid1+NbL3T+A==} - engines: {node: '>= 0.4'} - - define-lazy-prop@2.0.0: - resolution: {integrity: sha512-Ds09qNh8yw3khSjiJjiUInaGX9xlqZDY7JVryGxdxV7NPeuqQfplOpQ66yJFZut3jLa5zOwkXw1g9EI2uKh4Og==} - engines: {node: '>=8'} - - define-lazy-prop@3.0.0: - resolution: {integrity: sha512-N+MeXYoqr3pOgn8xfyRPREN7gHakLYjhsHhWGT3fWAiL4IkAt0iDw14QiiEm2bE30c5XX5q0FtAA3CK5f9/BUg==} - engines: {node: '>=12'} - - define-property@0.2.5: - resolution: {integrity: sha512-Rr7ADjQZenceVOAKop6ALkkRAmH1A4Gx9hV/7ZujPUN2rkATqFO0JZLZInbAjpZYoJ1gUx8MRMQVkYemcbMSTA==} - engines: {node: '>=0.10.0'} - - define-property@1.0.0: - resolution: {integrity: sha512-cZTYKFWspt9jZsMscWo8sc/5lbPC9Q0N5nBLgb+Yd915iL3udB1uFgS3B8YCx66UVHq018DAVFoee7x+gxggeA==} - engines: {node: '>=0.10.0'} - - define-property@2.0.2: - resolution: {integrity: sha512-jwK2UV4cnPpbcG7+VRARKTZPUWowwXA8bzH5NP6ud0oeAxyYPuGZUAC7hMugpCdz4BeSZl2Dl9k66CHJ/46ZYQ==} - engines: {node: '>=0.10.0'} - - del@5.1.0: - resolution: {integrity: sha512-wH9xOVHnczo9jN2IW68BabcecVPxacIA3g/7z6vhSU/4stOKQzeCRK0yD0A24WiAAUJmmVpWqrERcTxnLo3AnA==} - engines: {node: '>=8'} - - delayed-stream@1.0.0: - resolution: {integrity: sha512-ZySD7Nf91aLB0RxL4KGrKHBXl7Eds1DAmEdcoVawXnLD7SDhpNgtuII2aAkg7a7QS41jxPSZ17p4VdGnMHk3MQ==} - engines: {node: '>=0.4.0'} - - delegates@1.0.0: - resolution: {integrity: sha512-bd2L678uiWATM6m5Z1VzNCErI3jiGzt6HGY8OVICs40JQq/HALfbyNJmp0UDakEY4pMMaN0Ly5om/B1VI/+xfQ==} - - depd@1.1.2: - resolution: {integrity: sha512-7emPTl6Dpo6JRXOXjLRxck+FlLRX5847cLKEn00PLAgc3g2hTZZgr+e4c2v6QpSmLeFP3n5yUo7ft6avBK/5jQ==} - engines: {node: '>= 0.6'} - - depd@2.0.0: - resolution: {integrity: sha512-g7nH6P6dyDioJogAAGprGpCtVImJhpPk/roCzdb3fIh61/s/nPsfR6onyMwkCAR/OlC3yBC0lESvUoQEAssIrw==} - engines: {node: '>= 0.8'} - - destroy@1.2.0: - resolution: {integrity: sha512-2sJGJTaXIIaR1w4iJSNoN0hnMY7Gpc/n8D4qSCJw8QqFWXf7cuAgnEHxBpweaVcPevC2l3KpjYCx3NypQQgaJg==} - engines: {node: '>= 0.8', npm: 1.2.8000 || >= 1.4.16} - - detect-file@1.0.0: - resolution: {integrity: sha512-DtCOLG98P007x7wiiOmfI0fi3eIKyWiLTGJ2MDnVi/E04lWGbf+JzrRHMm0rgIIZJGtHpKpbVgLWHrv8xXpc3Q==} - engines: {node: '>=0.10.0'} - - detect-indent@6.1.0: - resolution: {integrity: sha512-reYkTUJAZb9gUuZ2RvVCNhVHdg62RHnJ7WJl8ftMi4diZ6NWlciOzQN88pUhSELEwflJht4oQDv0F0BMlwaYtA==} - engines: {node: '>=8'} - - detect-indent@7.0.1: - resolution: {integrity: sha512-Mc7QhQ8s+cLrnUfU/Ji94vG/r8M26m8f++vyres4ZoojaRDpZ1eSIh/EpzLNwlWuvzSZ3UbDFspjFvTDXe6e/g==} - engines: {node: '>=12.20'} - - detect-libc@2.0.3: - resolution: {integrity: sha512-bwy0MGW55bG41VqxxypOsdSdGqLwXPI/focwgTYCFMbdUiBAxLg9CFzG08sz2aqzknwiX7Hkl0bQENjg8iLByw==} - engines: {node: '>=8'} - - detect-newline@4.0.1: - resolution: {integrity: sha512-qE3Veg1YXzGHQhlA6jzebZN2qVf6NX+A7m7qlhCGG30dJixrAQhYOsJjsnBjJkCSmuOPpCk30145fr8FV0bzog==} - engines: {node: ^12.20.0 || ^14.13.1 || >=16.0.0} - - detect-node-es@1.1.0: - resolution: {integrity: sha512-ypdmJU/TbBby2Dxibuv7ZLW3Bs1QEmM7nHjEANfohJLvE0XVujisn1qPJcZxg+qDucsr+bP6fLD1rPS3AhJ7EQ==} - - detect-node@2.1.0: - resolution: {integrity: sha512-T0NIuQpnTvFDATNuHN5roPwSBG83rFsuO+MXXH9/3N1eFbn4wcPjttvjMLEPWJ0RGUYgQE7cGgS3tNxbqCGM7g==} - - dir-glob@3.0.1: - resolution: {integrity: sha512-WkrWp9GR4KXfKGYzOLmTuGVi1UWFfws377n9cc55/tb6DuqyF6pcQ5AbiHEshaDpY9v6oaSr2XCDidGmMwdzIA==} - engines: {node: '>=8'} - - direction@1.0.4: - resolution: {integrity: sha512-GYqKi1aH7PJXxdhTeZBFrg8vUBeKXi+cNprXsC1kpJcbcVnV9wBsrOu1cQEdG0WeQwlfHiy3XvnKfIrJ2R0NzQ==} - hasBin: true - - dkim-signer@0.2.2: - resolution: {integrity: sha512-24OZ3cCA30UTRz+Plpg+ibfPq3h7tDtsJRg75Bo0pGakZePXcPBddY80bKi1Bi7Jsz7tL5Cw527mhCRDvNFgfg==} - - dnd-core@16.0.1: - resolution: {integrity: sha512-HK294sl7tbw6F6IeuK16YSBUoorvHpY8RHO+9yFfaJyCDVb6n7PRcezrOEOa2SBCqiYpemh5Jx20ZcjKdFAVng==} - - dom-converter@0.2.0: - resolution: {integrity: sha512-gd3ypIPfOMr9h5jIKq8E3sHOTCjeirnl0WK5ZdS1AW0Odt0b1PaWaHdJ4Qk4klv+YB9aJBS7mESXjFoDQPu6DA==} - - dom-helpers@5.2.1: - resolution: {integrity: sha512-nRCa7CK3VTrM2NmGkIy4cbK7IZlgBE/PYMn55rrXefr5xXDP0LdtfPnblFDoVdcAfslJ7or6iqAUnx0CCGIWQA==} - - dom-serializer@1.4.1: - resolution: {integrity: sha512-VHwB3KfrcOOkelEG2ZOfxqLZdfkil8PtJi4P8N2MMXucZq2yLp75ClViUlOVwyoHEDjYU433Aq+5zWP61+RGag==} - - dom-serializer@2.0.0: - resolution: {integrity: sha512-wIkAryiqt/nV5EQKqQpo3SToSOV9J0DnbJqwK7Wv/Trc92zIAYZ4FlMu+JPFW1DfGFt81ZTCGgDEabffXeLyJg==} - - domelementtype@2.3.0: - resolution: {integrity: sha512-OLETBj6w0OsagBwdXnPdN0cnMfF9opN69co+7ZrbfPGrdpPVNBUj02spi6B1N7wChLQiPn4CSH/zJvXw56gmHw==} - - domhandler@4.3.1: - resolution: {integrity: sha512-GrwoxYN+uWlzO8uhUXRl0P+kHE4GtVPfYzVLcUxPL7KNdHKj66vvlhiweIHqYYXWlw+T8iLMp42Lm67ghw4WMQ==} - engines: {node: '>= 4'} - - domhandler@5.0.3: - resolution: {integrity: sha512-cgwlv/1iFQiFnU96XXgROh8xTeetsnJiDsTc7TYCLFd9+/WNkIqPTxiM/8pSd8VIrhXGTf1Ny1q1hquVqDJB5w==} - engines: {node: '>= 4'} - - domutils@2.8.0: - resolution: {integrity: sha512-w96Cjofp72M5IIhpjgobBimYEfoPjx1Vx0BSX9P30WBdZW2WIKU0T1Bd0kz2eNZ9ikjKgHbEyKx8BB6H1L3h3A==} - - domutils@3.1.0: - resolution: {integrity: sha512-H78uMmQtI2AhgDJjWeQmHwJJ2bLPD3GMmO7Zja/ZZh84wkm+4ut+IUnUdRa8uCGX88DiVx1j6FRe1XfxEgjEZA==} - - dot-case@2.1.1: - resolution: {integrity: sha512-HnM6ZlFqcajLsyudHq7LeeLDr2rFAVYtDv/hV5qchQEidSck8j9OPUsXY9KwJv/lHMtYlX4DjRQqwFYa+0r8Ug==} - - dot-case@3.0.4: - resolution: {integrity: sha512-Kv5nKlh6yRrdrGvxeJ2e5y2eRUpkUosIW4A2AS38zwSz27zu7ufDwQPi5Jhs3XAlGNetl3bmnGhQsMtkKJnj3w==} - - dot-prop@5.3.0: - resolution: {integrity: sha512-QM8q3zDe58hqUqjraQOmzZ1LIH9SWQJTlEKCH4kJ2oQvLZk7RbQXvtDM2XEq3fwkV9CCvvH4LA0AV+ogFsBM2Q==} - engines: {node: '>=8'} - - dotenv@14.2.0: - resolution: {integrity: sha512-05POuPJyPpO6jqzTNweQFfAyMSD4qa4lvsMOWyTRTdpHKy6nnnN+IYWaXF+lHivhBH/ufDKlR4IWCAN3oPnHuw==} - engines: {node: '>=12'} - - dotenv@16.4.5: - resolution: {integrity: sha512-ZmdL2rui+eB2YwhsWzjInR8LldtZHGDoQ1ugH85ppHKwpUHL7j7rN0Ti9NCnGiQbhaZ11FpR+7ao1dNsmduNUg==} - engines: {node: '>=12'} - - duplexer@0.1.2: - resolution: {integrity: sha512-jtD6YG370ZCIi/9GTaJKQxWTZD045+4R4hTk/x1UyoqadyJ9x9CgSi1RlVDQF8U2sxLLSnFkCaMihqljHIWgMg==} - - eastasianwidth@0.2.0: - resolution: {integrity: sha512-I88TYZWc9XiYHRQ4/3c5rjjfgkjhLyW2luGIheGERbNQ6OY7yTybanSpDXZa8y7VUP9YmDcYa+eyq4ca7iLqWA==} - - ecdsa-sig-formatter@1.0.11: - resolution: {integrity: sha512-nagl3RYrbNv6kQkeJIpt6NJZy8twLB/2vtz6yN9Z4vRKHN4/QZJIEbqohALSgwKdnksuY3k5Addp5lg8sVoVcQ==} - - ee-first@1.1.1: - resolution: {integrity: sha512-WMwm9LhRUo+WUaRN+vRuETqG89IgZphVSNkdFgeb6sS/E4OrDIN7t48CAewSHXc6C8lefD8KKfr5vY61brQlow==} - - electron-to-chromium@1.5.13: - resolution: {integrity: sha512-lbBcvtIJ4J6sS4tb5TLp1b4LyfCdMkwStzXPyAgVgTRAsep4bvrAGaBOP7ZJtQMNJpSQ9SqG4brWOroNaQtm7Q==} - - elliptic@6.5.7: - resolution: {integrity: sha512-ESVCtTwiA+XhY3wyh24QqRGBoP3rEdDUl3EDUUo9tft074fi19IrdpH7hLCMMP3CIj7jb3W96rn8lt/BqIlt5Q==} - - emittery@0.12.1: - resolution: {integrity: sha512-pYyW59MIZo0HxPFf+Vb3+gacUu0gxVS3TZwB2ClwkEZywgF9f9OJDoVmNLojTn0vKX3tO9LC+pdQEcLP4Oz/bQ==} - engines: {node: '>=12'} - - emoji-regex@8.0.0: - resolution: {integrity: sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==} - - emoji-regex@9.2.2: - resolution: {integrity: sha512-L18DaJsXSUk2+42pv8mLs5jJT2hqFkFE4j21wOmgbUqsZ2hL72NsUU785g9RXgo3s0ZNgVl42TiHp3ZtOv/Vyg==} - - emojis-list@3.0.0: - resolution: {integrity: sha512-/kyM18EfinwXZbno9FyUGeFh87KC8HRQBQGildHZbEuRyWFOmv1U10o9BBp8XVZDVNNuQKyIGIu5ZYAAXJ0V2Q==} - engines: {node: '>= 4'} - - enabled@2.0.0: - resolution: {integrity: sha512-AKrN98kuwOzMIdAizXGI86UFBoo26CL21UM763y1h/GMSJ4/OHU9k2YlsmBpyScFo/wbLzWQJBMCW4+IO3/+OQ==} - - encodeurl@1.0.2: - resolution: {integrity: sha512-TPJXq8JqFaVYm2CWmPvnP2Iyo4ZSM7/QKcSmuMLDObfpH5fi7RUGmd/rTDf+rut/saiDiQEeVTNgAmJEdAOx0w==} - engines: {node: '>= 0.8'} - - end-of-stream@1.4.4: - resolution: {integrity: sha512-+uw1inIHVPQoaVuHzRyXd21icM+cnt4CzD5rW+NC1wjOUSTOs+Te7FOv7AhN7vS9x/oIyhLP5PR1H+phQAHu5Q==} - - enhanced-resolve@5.17.1: - resolution: {integrity: sha512-LMHl3dXhTcfv8gM4kEzIUeTQ+7fpdA0l2tUf34BddXPkz2A5xJ5L/Pchd5BL6rdccM9QGvu0sWZzK1Z1t4wwyg==} - engines: {node: '>=10.13.0'} - - entities@2.1.0: - resolution: {integrity: sha512-hCx1oky9PFrJ611mf0ifBLBRW8lUUVRlFolb5gWRfIELabBlbp9xZvrqZLZAs+NxFnbfQoeGd8wDkygjg7U85w==} - - entities@2.2.0: - resolution: {integrity: sha512-p92if5Nz619I0w+akJrLZH0MX0Pb5DX39XOwQTtXSdQQOaYH03S1uIQp4mhOZtAXrxq4ViO67YTiLBo2638o9A==} - - entities@4.5.0: - resolution: {integrity: sha512-V0hjH4dGPh9Ao5p0MoRY6BVqtwCjhz6vI5LT8AJ55H+4g9/4vbHx1I54fS0XuclLhDHArPQCiMjDxjaL8fPxhw==} - engines: {node: '>=0.12'} - - error-ex@1.3.2: - resolution: {integrity: sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==} - - error-stack-parser@2.1.4: - resolution: {integrity: sha512-Sk5V6wVazPhq5MhpO+AUxJn5x7XSXGl1R93Vn7i+zS15KDVxQijejNCrz8340/2bgLBjR9GtEG8ZVKONDjcqGQ==} - - es-define-property@1.0.0: - resolution: {integrity: sha512-jxayLKShrEqqzJ0eumQbVhTYQM27CfT1T35+gCgDFoL82JLsXqTJ76zv6A0YLOgEnLUMvLzsDsGIrl8NFpT2gQ==} - engines: {node: '>= 0.4'} - - es-errors@1.3.0: - resolution: {integrity: sha512-Zf5H2Kxt2xjTvbJvP2ZWLEICxA6j+hAmMzIlypy4xcBg1vKVnx89Wy0GbS+kf5cwCVFFzdCFh2XSCFNULS6csw==} - engines: {node: '>= 0.4'} - - es-module-lexer@1.5.4: - resolution: {integrity: sha512-MVNK56NiMrOwitFB7cqDwq0CQutbw+0BvLshJSse0MUNU+y1FC3bUS/AQg7oUng+/wKrrki7JfmwtVHkVfPLlw==} - - esbuild-loader@2.21.0: - resolution: {integrity: sha512-k7ijTkCT43YBSZ6+fBCW1Gin7s46RrJ0VQaM8qA7lq7W+OLsGgtLyFV8470FzYi/4TeDexniTBTPTwZUnXXR5g==} - peerDependencies: - webpack: ^4.40.0 || ^5.0.0 - - esbuild-register@3.5.0: - resolution: {integrity: sha512-+4G/XmakeBAsvJuDugJvtyF1x+XJT4FMocynNpxrvEBViirpfUn2PgNpCHedfWhF4WokNsO/OvMKrmJOIJsI5A==} - peerDependencies: - esbuild: '>=0.12 <1' - - esbuild@0.16.17: - resolution: {integrity: sha512-G8LEkV0XzDMNwXKgM0Jwu3nY3lSTwSGY6XbxM9cr9+s0T/qSV1q1JVPBGzm3dcjhCic9+emZDmMffkwgPeOeLg==} - engines: {node: '>=12'} - hasBin: true - - esbuild@0.19.11: - resolution: {integrity: sha512-HJ96Hev2hX/6i5cDVwcqiJBBtuo9+FeIJOtZ9W1kA5M6AMJRHUZlpYZ1/SbEwtO0ioNAW8rUooVpC/WehY2SfA==} - engines: {node: '>=12'} - hasBin: true - - escalade@3.2.0: - resolution: {integrity: sha512-WUj2qlxaQtO4g6Pq5c29GTcWGDyd8itL8zTlipgECz3JesAiiOKotd8JU6otB3PACgG6xkJUyVhboMS+bje/jA==} - engines: {node: '>=6'} - - escape-html@1.0.3: - resolution: {integrity: sha512-NiSupZ4OeuGwr68lGIeym/ksIZMJodUGOSCZ/FSnTxcrekbvqrgdUxlJOMpijaKZVjAJrWrGs/6Jy8OMuyj9ow==} - - escape-string-regexp@1.0.5: - resolution: {integrity: sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==} - engines: {node: '>=0.8.0'} - - escape-string-regexp@2.0.0: - resolution: {integrity: sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==} - engines: {node: '>=8'} - - escape-string-regexp@4.0.0: - resolution: {integrity: sha512-TtpcNJ3XAzx3Gq8sWRzJaVajRs0uVxA2YAkdb1jm2YkPz4G6egUFAyA3n5vtEIZefPk5Wa4UXbKuS5fKkJWdgA==} - engines: {node: '>=10'} - - eslint-scope@5.1.1: - resolution: {integrity: sha512-2NxwbF/hZ0KpepYN0cNbo+FN6XoK7GaHlQhgx/hIZl6Va0bF45RQOOwhLIy8lQDbuCiadSLCBnH2CFYquit5bw==} - engines: {node: '>=8.0.0'} - - esm@3.2.25: - resolution: {integrity: sha512-U1suiZ2oDVWv4zPO56S0NcR5QriEahGtdN2OR6FiOG4WJvcjBVFB0qI4+eKoWFH483PKGuLuu6V8Z4T5g63UVA==} - engines: {node: '>=6'} - - esrecurse@4.3.0: - resolution: {integrity: sha512-KmfKL3b6G+RXvP8N1vr3Tq1kL/oCFgn2NYXEtqP8/L3pKapUA4G8cFVaoF3SU323CD4XypR/ffioHmkti6/Tag==} - engines: {node: '>=4.0'} - - estraverse@4.3.0: - resolution: {integrity: sha512-39nnKffWz8xN1BU/2c79n9nB9HDzo0niYUqx6xyqUnyoAnQyyWpOTdZEeiCch8BBu515t4wp9ZmgVfVhn9EBpw==} - engines: {node: '>=4.0'} - - estraverse@5.3.0: - resolution: {integrity: sha512-MMdARuVEQziNTeJD8DgMqmhwR11BRQ/cBP+pLtYdSTnf3MIO8fFeiINEbX36ZdNlfU/7A9f3gUw49B3oQsvwBA==} - engines: {node: '>=4.0'} - - event-target-shim@5.0.1: - resolution: {integrity: sha512-i/2XbnSz/uxRCU6+NdVJgKWDTM427+MqYbkQzD321DuCQJUqOuJKIA0IM2+W2xtYHdKOmZ4dR6fExsd4SXL+WQ==} - engines: {node: '>=6'} - - eventemitter3@4.0.7: - resolution: {integrity: sha512-8guHBZCwKnFhYdHr2ysuRWErTwhoN2X8XELRlrRwpmfeY2jjuUN4taQMsULKUVo1K4DvZl+0pgfyoysHxvmvEw==} - - events@3.3.0: - resolution: {integrity: sha512-mQw+2fkQbALzQ7V0MY0IqdnXNOeTtP4r0lN9z7AAawCXgqea7bDii20AYrIBrFd/Hx0M2Ocz6S111CaFkUcb0Q==} - engines: {node: '>=0.8.x'} - - eventsource@2.0.2: - resolution: {integrity: sha512-IzUmBGPR3+oUG9dUeXynyNmf91/3zUSJg1lCktzKw47OXuhco54U3r9B7O4XX+Rb1Itm9OZ2b0RkTs10bICOxA==} - engines: {node: '>=12.0.0'} - - execa@5.1.1: - resolution: {integrity: sha512-8uSpZZocAZRBAPIEINJj3Lo9HyGitllczc27Eh5YYojjMFMn8yHMDMaUHE2Jqfq05D/wucwI4JGURyXt1vchyg==} - engines: {node: '>=10'} - - execa@7.2.0: - resolution: {integrity: sha512-UduyVP7TLB5IcAQl+OzLyLcS/l32W/GLg+AhHJ+ow40FOk2U3SAllPwR44v4vmdFwIWqpdwxxpQbF1n5ta9seA==} - engines: {node: ^14.18.0 || ^16.14.0 || >=18.0.0} - - expand-brackets@2.1.4: - resolution: {integrity: sha512-w/ozOKR9Obk3qoWeY/WDi6MFta9AoMR+zud60mdnbniMcBxRuFJyDt2LdX/14A1UABeqk+Uk+LDfUpvoGKppZA==} - engines: {node: '>=0.10.0'} - - expand-template@2.0.3: - resolution: {integrity: sha512-XYfuKMvj4O35f/pOXLObndIRvyQ+/+6AhODh+OKWj9S9498pHHn/IMszH+gt0fBCRWMNfk1ZSp5x3AifmnI2vg==} - engines: {node: '>=6'} - - expand-tilde@2.0.2: - resolution: {integrity: sha512-A5EmesHW6rfnZ9ysHQjPdJRni0SRar0tjtG5MNtm9n5TUvsYU8oozprtRD4AqHxcZWWlVuAmQo2nWKfN9oyjTw==} - engines: {node: '>=0.10.0'} - - extend-shallow@2.0.1: - resolution: {integrity: sha512-zCnTtlxNoAiDc3gqY2aYAWFx7XWWiasuF2K8Me5WbN8otHKTUKBwjPtNpRs/rbUZm7KxWAaNj7P1a/p52GbVug==} - engines: {node: '>=0.10.0'} - - extend-shallow@3.0.2: - resolution: {integrity: sha512-BwY5b5Ql4+qZoefgMj2NUmx+tehVTH/Kf4k1ZEtOHNFcm2wSxMRo992l6X3TIgni2eZVTZ85xMOjF31fwZAj6Q==} - engines: {node: '>=0.10.0'} - - extend@3.0.2: - resolution: {integrity: sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==} - - external-editor@3.1.0: - resolution: {integrity: sha512-hMQ4CX1p1izmuLYyZqLMO/qGNw10wSv9QDCPfzXfyFrOaCSSoRfqE1Kf1s5an66J5JZC62NewG+mK49jOCtQew==} - engines: {node: '>=4'} - - extglob@2.0.4: - resolution: {integrity: sha512-Nmb6QXkELsuBr24CJSkilo6UHHgbekK5UiZgfE6UHD3Eb27YC6oD+bhcT+tJ6cl8dmsgdQxnWlcry8ksBIBLpw==} - engines: {node: '>=0.10.0'} - - fast-deep-equal@3.1.3: - resolution: {integrity: sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q==} - - fast-fifo@1.3.2: - resolution: {integrity: sha512-/d9sfos4yxzpwkDkuN7k2SqFKtYNmCTzgfEpz82x34IM9/zc8KGxQoXg1liNC/izpRM/MBdt44Nmx41ZWqk+FQ==} - - fast-glob@3.3.2: - resolution: {integrity: sha512-oX2ruAFQwf/Orj8m737Y5adxDQO0LAB7/S5MnxCdTNDd4p6BsyIVsv9JQsATbTSq8KHRpLwIHbVlUNatxd+1Ow==} - engines: {node: '>=8.6.0'} - - fast-json-stable-stringify@2.1.0: - resolution: {integrity: sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==} - - fast-safe-stringify@2.1.1: - resolution: {integrity: sha512-W+KJc2dmILlPplD/H4K9l9LcAHAfPtP6BY84uVLXQ6Evcz9Lcg33Y2z1IVblT6xdY54PXYVHEv+0Wpq8Io6zkA==} - - fast-uri@3.0.1: - resolution: {integrity: sha512-MWipKbbYiYI0UC7cl8m/i/IWTqfC8YXsqjzybjddLsFjStroQzsHXkc73JutMvBiXmOvapk+axIl79ig5t55Bw==} - - fast-xml-parser@4.4.1: - resolution: {integrity: sha512-xkjOecfnKGkSsOwtZ5Pz7Us/T6mrbPQrq0nh+aCO5V9nk5NLWmasAHumTKjiPJPWANe+kAZ84Jc8ooJkzZ88Sw==} - hasBin: true - - fastq@1.17.1: - resolution: {integrity: sha512-sRVD3lWVIXWg6By68ZN7vho9a1pQcN/WBFaAAsDDFzlJjvoGx0P8z7V1t72grFJfJhu3YPZBuu25f7Kaw2jN1w==} - - fecha@4.2.3: - resolution: {integrity: sha512-OP2IUU6HeYKJi3i0z4A19kHMQoLVs4Hc+DPqqxI2h/DPZHTm/vjsfC6P0b4jCMy14XizLBqvndQ+UilD7707Jw==} - - fetch-blob@3.2.0: - resolution: {integrity: sha512-7yAQpD2UMJzLi1Dqv7qFYnPbaPx7ZfFK6PiIxQ4PfkGPyNyl2Ugx+a/umUonmKqjhM4DnfbMvdX6otXq83soQQ==} - engines: {node: ^12.20 || >= 14.13} - - figures@3.2.0: - resolution: {integrity: sha512-yaduQFRKLXYOGgEn6AZau90j3ggSOyiqXU0F9JZfeXYhNa+Jk4X+s45A2zg5jns87GAFa34BBm2kXw4XpNcbdg==} - engines: {node: '>=8'} - - fill-range@4.0.0: - resolution: {integrity: sha512-VcpLTWqWDiTerugjj8e3+esbg+skS3M9e54UuR3iCeIDMXCLTsAH8hTSzDQU/X6/6t3eYkOKoZSef2PlU6U1XQ==} - engines: {node: '>=0.10.0'} - - fill-range@7.1.1: - resolution: {integrity: sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==} - engines: {node: '>=8'} - - find-root@1.1.0: - resolution: {integrity: sha512-NKfW6bec6GfKc0SGx1e07QZY9PE99u0Bft/0rzSD5k3sO/vwkVUpDUKVm5Gpp5Ue3YfShPFTX2070tDs5kB9Ng==} - - find-up@3.0.0: - resolution: {integrity: sha512-1yD6RmLI1XBfxugvORwlck6f75tYL+iR0jqwsOrOxMZyGYqUuDhJ0l4AXdO1iX/FTs9cBAMEk1gWSEx1kSbylg==} - engines: {node: '>=6'} - - find-up@4.1.0: - resolution: {integrity: sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==} - engines: {node: '>=8'} - - find-up@5.0.0: - resolution: {integrity: sha512-78/PXT1wlLLDgTzDs7sjq9hzz0vXD+zn+7wypEe4fXQxCmdmqfGsEPQxmiCSQI3ajFV91bVSsvNtrJRiW6nGng==} - engines: {node: '>=10'} - - findup-sync@2.0.0: - resolution: {integrity: sha512-vs+3unmJT45eczmcAZ6zMJtxN3l/QXeccaXQx5cu/MeJMhewVfoWZqibRkOxPnmoR59+Zy5hjabfQc6JLSah4g==} - engines: {node: '>= 0.10'} - - fined@1.2.0: - resolution: {integrity: sha512-ZYDqPLGxDkDhDZBjZBb+oD1+j0rA4E0pXY50eplAAOPg2N/gUBSSk5IM1/QhPfyVo19lJ+CvXpqfvk+b2p/8Ng==} - engines: {node: '>= 0.10'} - - flagged-respawn@1.0.1: - resolution: {integrity: sha512-lNaHNVymajmk0OJMBn8fVUAU1BtDeKIqKoVhk4xAALB57aALg6b4W0MfJ/cUE0g9YBXy5XhSlPIpYIJ7HaY/3Q==} - engines: {node: '>= 0.10'} - - flat-cache@3.2.0: - resolution: {integrity: sha512-CYcENa+FtcUKLmhhqyctpclsq7QF38pKjZHsGNiSQF5r4FtoKDWabFDl3hzaEQMvT1LHEysw5twgLvpYYb4vbw==} - engines: {node: ^10.12.0 || >=12.0.0} - - flatted@3.3.1: - resolution: {integrity: sha512-X8cqMLLie7KsNUDSdzeN8FYK9rEt4Dt67OsG/DNGnYTSDBG4uFAJFBnUeiV+zCVAvwFy56IjM9sH51jVaEhNxw==} - - fn.name@1.1.0: - resolution: {integrity: sha512-GRnmB5gPyJpAhTQdSZTSp9uaPSvl09KoYcMQtsB9rQoOmzs9dH6ffeccH+Z+cv6P68Hu5bC6JjRh4Ah/mHSNRw==} - - follow-redirects@1.15.6: - resolution: {integrity: sha512-wWN62YITEaOpSK584EZXJafH1AGpO8RVgElfkuXbTOrPX4fIfOyEpW/CsiNd8JdYrAoOvafRTOEnvsO++qCqFA==} - engines: {node: '>=4.0'} - peerDependencies: - debug: '*' - peerDependenciesMeta: - debug: - optional: true - - for-in@1.0.2: - resolution: {integrity: sha512-7EwmXrOjyL+ChxMhmG5lnW9MPt1aIeZEwKhQzoBUdTV0N3zuwWDZYVJatDvZ2OyzPUvdIAZDsCetk3coyMfcnQ==} - engines: {node: '>=0.10.0'} - - for-own@1.0.0: - resolution: {integrity: sha512-0OABksIGrxKK8K4kynWkQ7y1zounQxP+CWnyclVwj81KW3vlLlGUx57DKGcP/LH216GzqnstnPocF16Nxs0Ycg==} - engines: {node: '>=0.10.0'} - - foreground-child@3.3.0: - resolution: {integrity: sha512-Ld2g8rrAyMYFXBhEqMz8ZAHBi4J4uS1i/CxGMDnjyFWddMXLVcDp051DZfu+t7+ab7Wv6SMqpWmyFIj5UbfFvg==} - engines: {node: '>=14'} - - fork-ts-checker-webpack-plugin@9.0.2: - resolution: {integrity: sha512-Uochze2R8peoN1XqlSi/rGUkDQpRogtLFocP9+PGu68zk1BDAKXfdeCdyVZpgTk8V8WFVQXdEz426VKjXLO1Gg==} - engines: {node: '>=12.13.0', yarn: '>=1.0.0'} - peerDependencies: - typescript: '>3.6.0' - webpack: ^5.11.0 - - form-data-encoder@1.7.2: - resolution: {integrity: sha512-qfqtYan3rxrnCk1VYaA4H+Ms9xdpPqvLZa6xmMgFvhO32x7/3J/ExcTd6qpxM0vH2GdMI+poehyBZvqfMTto8A==} - - form-data@4.0.0: - resolution: {integrity: sha512-ETEklSGi5t0QMZuiXoA/Q6vcnxcLQP5vdugSpuAyi6SVGi2clPPp+xgEhuMaHC+zGgn31Kd235W35f7Hykkaww==} - engines: {node: '>= 6'} - - formdata-node@4.4.1: - resolution: {integrity: sha512-0iirZp3uVDjVGt9p49aTaqjk84TrglENEDuqfdlZQ1roC9CWlPk6Avf8EEnZNcAqPonwkG35x4n3ww/1THYAeQ==} - engines: {node: '>= 12.20'} - - formdata-polyfill@4.0.10: - resolution: {integrity: sha512-buewHzMvYL29jdeQTVILecSaZKnt/RJWjoZCF5OW60Z67/GmSLBkOFM7qh1PI3zFNtJbaZL5eQu1vLfazOwj4g==} - engines: {node: '>=12.20.0'} - - formidable@1.2.6: - resolution: {integrity: sha512-KcpbcpuLNOwrEjnbpMC0gS+X8ciDoZE1kkqzat4a8vrprf+s9pKNQ/QIwWfbfs4ltgmFl3MD177SNTkve3BwGQ==} - deprecated: 'Please upgrade to latest, formidable@v2 or formidable@v3! Check these notes: https://bit.ly/2ZEqIau' - - formik@2.4.0: - resolution: {integrity: sha512-QZiWztt9fD84EYcF7Bmr431ZhIm1xUVgBACbTuJ6azPrUpVp7o6q+t9HJaIQsFZrMfcBPNBotYtDgyDpzQ3z0Q==} - peerDependencies: - react: '>=16.8.0' - - fractional-indexing@3.2.0: - resolution: {integrity: sha512-PcOxmqwYCW7O2ovKRU8OoQQj2yqTfEB/yeTYk4gPid6dN5ODRfU1hXd9tTVZzax/0NkO7AxpHykvZnT1aYp/BQ==} - engines: {node: ^14.13.1 || >=16.0.0} - - fragment-cache@0.2.1: - resolution: {integrity: sha512-GMBAbW9antB8iZRHLoGw0b3HANt57diZYFO/HL1JGIC1MjKrdmhxvrJbupnVvpys0zsz7yBApXdQyfepKly2kA==} - engines: {node: '>=0.10.0'} - - fresh@0.5.2: - resolution: {integrity: sha512-zJ2mQYM18rEFOudeV4GShTGIQ7RbzA7ozbU9I/XBpm7kqgMywgmylMwXHxZJmkVoYkna9d2pVXVXPdYTP9ej8Q==} - engines: {node: '>= 0.6'} - - fs-constants@1.0.0: - resolution: {integrity: sha512-y6OAwoSIf7FyjMIv94u+b5rdheZEjzR63GTyZJm5qh4Bi+2YgwLCcI/fPFZkL5PSixOt6ZNKm+w+Hfp/Bciwow==} - - fs-extra@10.0.0: - resolution: {integrity: sha512-C5owb14u9eJwizKGdchcDUQeFtlSHHthBk8pbX9Vc1PFZrLombudjDnNns88aYslCyF6IY5SUw3Roz6xShcEIQ==} - engines: {node: '>=12'} - - fs-extra@7.0.1: - resolution: {integrity: sha512-YJDaCJZEnBmcbw13fvdAM9AwNOJwOzrE4pqMqBq5nFiEqXUqHwlK4B+3pUw6JNvfSPtX05xFHtYy/1ni01eGCw==} - engines: {node: '>=6 <7 || >=8'} - - fs-extra@8.1.0: - resolution: {integrity: sha512-yhlQgA6mnOJUKOsRUFsgJdQCvkKhcz8tlZG5HBQfReYZy46OwLcY+Zia0mtdHsOo9y/hP+CxMN0TU9QxoOtG4g==} - engines: {node: '>=6 <7 || >=8'} - - fs-jetpack@4.3.1: - resolution: {integrity: sha512-dbeOK84F6BiQzk2yqqCVwCPWTxAvVGJ3fMQc6E2wuEohS28mR6yHngbrKuVCK1KHRx/ccByDylqu4H5PCP2urQ==} - - fs-minipass@2.1.0: - resolution: {integrity: sha512-V/JgOLFCS+R6Vcq0slCuaeWEdNC3ouDlJMNIsacH2VtALiu9mV4LPrHc5cDl8k5aw6J8jwgWWpiTo5RYhmIzvg==} - engines: {node: '>= 8'} - - fs-monkey@1.0.6: - resolution: {integrity: sha512-b1FMfwetIKymC0eioW7mTywihSQE4oLzQn1dB6rZB5fx/3NpNEdAWeCSMB+60/AeT0TCXsxzAlcYVEFCTAksWg==} - - fs.realpath@1.0.0: - resolution: {integrity: sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==} - - fsevents@2.3.3: - resolution: {integrity: sha512-5xoDfX+fL7faATnagmWPpbFtwh/R77WmMMqqHGS65C3vvB0YHrgF+B1YmZ3441tMj5n63k0212XNoJwzlhffQw==} - engines: {node: ^8.16.0 || ^10.6.0 || >=11.0.0} - os: [darwin] - - function-bind@1.1.2: - resolution: {integrity: sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA==} - - fuzzysort@3.0.2: - resolution: {integrity: sha512-ZyahVgxvckB1Qosn7YGWLDJJp2XlyaQ2WmZeI+d0AzW0AMqVYnz5N89G6KAKa6m/LOtv+kzJn4lhDF/yVg11Cg==} - - gauge@3.0.2: - resolution: {integrity: sha512-+5J6MS/5XksCuXq++uFRsnUd7Ovu1XenbeuIuNRJxYWjgQbPuFhT14lAvsWfqfAmnwluf1OwMjz39HjfLPci0Q==} - engines: {node: '>=10'} - deprecated: This package is no longer supported. - - get-caller-file@2.0.5: - resolution: {integrity: sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==} - engines: {node: 6.* || 8.* || >= 10.*} - - get-intrinsic@1.2.4: - resolution: {integrity: sha512-5uYhsJH8VJBTv7oslg4BznJYhDoRI6waYCxMmCdnTrcCrHA/fCFKoTFz2JKKE0HdDFUF7/oQuhzumXJK7paBRQ==} - engines: {node: '>= 0.4'} - - get-it@8.6.5: - resolution: {integrity: sha512-o1hjPwrb/icm3WJbCweTSq8mKuDfJlqwbFauI+Pdgid99at/BFaBXFBJZE+uqvHyOVARE4z680S44vrDm8SsCw==} - engines: {node: '>=14.0.0'} - - get-latest-version@5.1.0: - resolution: {integrity: sha512-Q6IBWr/zzw57zIkJmNhI23eRTw3nZ4BWWK034meLwOYU9L3J3IpXiyM73u2pYUwN6U7ahkerCwg2T0jlxiLwsw==} - engines: {node: '>=14.18'} - - get-nonce@1.0.1: - resolution: {integrity: sha512-FJhYRoDaiatfEkUK8HKlicmu/3SGFD51q3itKDGoSTysQJBnfOcxU5GxnhE1E6soB76MbT0MBtnKJuXyAx+96Q==} - engines: {node: '>=6'} - - get-package-type@0.1.0: - resolution: {integrity: sha512-pjzuKtY64GYfWizNAJ0fr9VqttZkNiK2iS430LtIHzjBEr6bX8Am2zm4sW4Ro5wjWW5cAlRL1qAMTcXbjNAO2Q==} - engines: {node: '>=8.0.0'} - - get-stdin@9.0.0: - resolution: {integrity: sha512-dVKBjfWisLAicarI2Sf+JuBE/DghV4UzNAVe9yhEJuzeREd3JhOTE9cUaJTeSa77fsbQUK3pcOpJfM59+VKZaA==} - engines: {node: '>=12'} - - get-stream@5.2.0: - resolution: {integrity: sha512-nBF+F1rAZVCu/p7rjzgA+Yb4lfYXrpl7a6VmJrU8wF9I1CKvP/QwPNZHnOlwbTkY6dvtFIzFMSyQXbLoTQPRpA==} - engines: {node: '>=8'} - - get-stream@6.0.1: - resolution: {integrity: sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg==} - engines: {node: '>=10'} - - get-value@2.0.6: - resolution: {integrity: sha512-Ln0UQDlxH1BapMu3GPtf7CuYNwRZf2gwCuPqbyG6pB8WfmFpzqcy4xtAaAMUhnNqjMKTiCPZG2oMT3YSx8U2NA==} - engines: {node: '>=0.10.0'} - - getopts@2.3.0: - resolution: {integrity: sha512-5eDf9fuSXwxBL6q5HX+dhDj+dslFGWzU5thZ9kNKUkcPtaPdatmUFKwHFrLb/uf/WpA4BHET+AX3Scl56cAjpA==} - - git-hooks-list@3.1.0: - resolution: {integrity: sha512-LF8VeHeR7v+wAbXqfgRlTSX/1BJR9Q1vEMR8JAz1cEg6GX07+zyj3sAdDvYjj/xnlIfVuGgj4qBei1K3hKH+PA==} - - git-up@7.0.0: - resolution: {integrity: sha512-ONdIrbBCFusq1Oy0sC71F5azx8bVkvtZtMJAsv+a6lz5YAmbNnLD6HAB4gptHZVLPR8S2/kVN6Gab7lryq5+lQ==} - - git-url-parse@13.1.0: - resolution: {integrity: sha512-5FvPJP/70WkIprlUZ33bm4UAaFdjcLkJLpWft1BeZKqwR0uhhNGoKwlUaPtVb4LxCSQ++erHapRak9kWGj+FCA==} - - github-from-package@0.0.0: - resolution: {integrity: sha512-SyHy3T1v2NUXn29OsWdxmK6RwHD+vkj3v8en8AOBZ1wBQ/hCAQ5bAQTD02kW4W9tUp/3Qh6J8r9EvntiyCmOOw==} - - glob-parent@5.1.2: - resolution: {integrity: sha512-AOIgSQCepiJYwP3ARnGx+5VnTu2HBYdzbGP45eLw1vr3zB3vZLeyed1sC9hnbcOc9/SrMyM5RPQrkGz4aS9Zow==} - engines: {node: '>= 6'} - - glob-to-regexp@0.4.1: - resolution: {integrity: sha512-lkX1HJXwyMcprw/5YUZc2s7DrpAiHB21/V+E1rHUrVNokkvB6bqMzT0VfV6/86ZNabt1k14YOIaT7nDvOX3Iiw==} - - glob@10.4.2: - resolution: {integrity: sha512-GwMlUF6PkPo3Gk21UxkCohOv0PLcIXVtKyLlpEI28R/cO/4eNOdmLk3CMW1wROV/WR/EsZOWAfBbBOqYvs88/w==} - engines: {node: '>=16 || 14 >=14.18'} - hasBin: true - - glob@7.2.3: - resolution: {integrity: sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==} - deprecated: Glob versions prior to v9 are no longer supported - - glob@8.1.0: - resolution: {integrity: sha512-r8hpEjiQEYlF2QU0df3dS+nxxSIreXQS1qRhMJM0Q5NDdR386C7jb7Hwwod8Fgiuex+k0GFjgft18yvxm5XoCQ==} - engines: {node: '>=12'} - deprecated: Glob versions prior to v9 are no longer supported - - global-modules@1.0.0: - resolution: {integrity: sha512-sKzpEkf11GpOFuw0Zzjzmt4B4UZwjOcG757PPvrfhxcLFbq0wpsgpOqxpxtxFiCG4DtG93M6XRVbF2oGdev7bg==} - engines: {node: '>=0.10.0'} - - global-prefix@1.0.2: - resolution: {integrity: sha512-5lsx1NUDHtSjfg0eHlmYvZKv8/nVqX4ckFbM+FrGcQ+04KWcWFo9P5MxPZYSzUvyzmdTbI7Eix8Q4IbELDqzKg==} - engines: {node: '>=0.10.0'} - - globals@11.12.0: - resolution: {integrity: sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==} - engines: {node: '>=4'} - - globby@10.0.2: - resolution: {integrity: sha512-7dUi7RvCoT/xast/o/dLN53oqND4yk0nsHkhRgn9w65C4PofCLOoJ39iSOg+qVDdWQPIEj+eszMHQ+aLVwwQSg==} - engines: {node: '>=8'} - - globby@13.2.2: - resolution: {integrity: sha512-Y1zNGV+pzQdh7H39l9zgB4PJqjRNqydvdYCDG4HFXM4XuvSaQQlEc91IU1yALL8gUTDomgBAfz3XJdmUS+oo0w==} - engines: {node: ^12.20.0 || ^14.13.1 || >=16.0.0} - - gopd@1.0.1: - resolution: {integrity: sha512-d65bNlIadxvpb/A2abVdlqKqV563juRnZ1Wtk6s1sIR8uNsXR70xqIzVqxVf1eTqDunwT2MkczEeaezCKTZhwA==} - - got@11.8.6: - resolution: {integrity: sha512-6tfZ91bOr7bOXnK7PRDCGBLa1H4U080YHNaAQ2KsMGlLEzRbk44nsZF2E1IeRc3vtJHPVbKCYgdFbaGO2ljd8g==} - engines: {node: '>=10.19.0'} - - graceful-fs@4.2.10: - resolution: {integrity: sha512-9ByhssR2fPVsNZj478qUUbKfmL0+t5BDVyjShtyZZLiK7ZDAArFFfopyOTj0M05wE2tJPisA4iTnnXl2YoPvOA==} - - graceful-fs@4.2.11: - resolution: {integrity: sha512-RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ==} - - grant-koa@5.4.8: - resolution: {integrity: sha512-Kw8np9AL3Z3mZuvoSUklHJpTe3xx7iLBDauRyIwwbDLRr/5Ll6APmOFHixXj+Vw+LGEnreTxO35CyhAf9oBUMA==} - engines: {node: '>=8.0.0'} - peerDependencies: - koa: '>=2.0.0' - - grant@5.4.22: - resolution: {integrity: sha512-DEi+/JjXT84mmFYhSmv+SX14v+3Z7vuCIYAMwtdPCTXHMSLhWqSYqWAMXDUQZuV7yaJv2d84AYnkCFNooLKBsA==} - engines: {node: '>=12.0.0'} - - gzip-size@6.0.0: - resolution: {integrity: sha512-ax7ZYomf6jqPTQ4+XCpUGyXKHk5WweS+e05MBO4/y3WJ5RkmPXNKvX+bx1behVILVwr6JSQvZAku021CHPXG3Q==} - engines: {node: '>=10'} - - handlebars@4.7.8: - resolution: {integrity: sha512-vafaFqs8MZkRrSX7sFVUdo3ap/eNiLnb4IakshzvP56X5Nr1iGKAIqdX6tMlm6HcNRIkr6AxO5jFEoJzzpT8aQ==} - engines: {node: '>=0.4.7'} - hasBin: true - - has-ansi@2.0.0: - resolution: {integrity: sha512-C8vBJ8DwUCx19vhm7urhTuUsr4/IyP6l4VzNQDv+ryHQObW3TTTp9yB68WpYgRe2bbaGuZ/se74IqFeVnMnLZg==} - engines: {node: '>=0.10.0'} - - has-flag@3.0.0: - resolution: {integrity: sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==} - engines: {node: '>=4'} - - has-flag@4.0.0: - resolution: {integrity: sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==} - engines: {node: '>=8'} - - has-property-descriptors@1.0.2: - resolution: {integrity: sha512-55JNKuIW+vq4Ke1BjOTjM2YctQIvCT7GFzHwmfZPGo5wnrgkid0YQtnAleFSqumZm4az3n2BS+erby5ipJdgrg==} - - has-proto@1.0.3: - resolution: {integrity: sha512-SJ1amZAJUiZS+PhsVLf5tGydlaVB8EdFpaSO4gmiUKUOxk8qzn5AIy4ZeJUmh22znIdk/uMAUT2pl3FxzVUH+Q==} - engines: {node: '>= 0.4'} - - has-symbols@1.0.3: - resolution: {integrity: sha512-l3LCuF6MgDNwTDKkdYGEihYjt5pRPbEg46rtlmnSPlUbgmB8LOIrKJbYYFBSbnPaJexMKtiPO8hmeRjRz2Td+A==} - engines: {node: '>= 0.4'} - - has-tostringtag@1.0.2: - resolution: {integrity: sha512-NqADB8VjPFLM2V0VvHUewwwsw0ZWBaIdgo+ieHtK3hasLz4qeCRjYcqfB6AQrBggRKppKF8L52/VqdVsO47Dlw==} - engines: {node: '>= 0.4'} - - has-unicode@2.0.1: - resolution: {integrity: sha512-8Rf9Y83NBReMnx0gFzA8JImQACstCYWUplepDa9xprwwtmgEZUF0h/i5xSA625zB/I37EtrswSST6OXxwaaIJQ==} - - has-value@0.3.1: - resolution: {integrity: sha512-gpG936j8/MzaeID5Yif+577c17TxaDmhuyVgSwtnL/q8UUTySg8Mecb+8Cf1otgLoD7DDH75axp86ER7LFsf3Q==} - engines: {node: '>=0.10.0'} - - has-value@1.0.0: - resolution: {integrity: sha512-IBXk4GTsLYdQ7Rvt+GRBrFSVEkmuOUy4re0Xjd9kJSUQpnTrWR4/y9RpfexN9vkAPMFuQoeWKwqzPozRTlasGw==} - engines: {node: '>=0.10.0'} - - has-values@0.1.4: - resolution: {integrity: sha512-J8S0cEdWuQbqD9//tlZxiMuMNmxB8PlEwvYwuxsTmR1G5RXUePEX/SJn7aD0GMLieuZYSwNH0cQuJGwnYunXRQ==} - engines: {node: '>=0.10.0'} - - has-values@1.0.0: - resolution: {integrity: sha512-ODYZC64uqzmtfGMEAX/FvZiRyWLpAC3vYnNunURUnkGVTS+mI0smVsWaPydRBsE3g+ok7h960jChO8mFcWlHaQ==} - engines: {node: '>=0.10.0'} - - hash.js@1.1.7: - resolution: {integrity: sha512-taOaskGt4z4SOANNseOviYDvjEJinIkRgmp7LbKP2YTTmVxWBl87s/uzK9r+44BclBSp2X7K1hqeNfz9JbBeXA==} - - hasown@2.0.2: - resolution: {integrity: sha512-0hJU9SCPvmMzIBdZFqNPXWa6dqh7WdH0cII9y+CyS8rG3nL48Bclra9HmKhVVUHyPWNH5Y7xDwAB7bfgSjkUMQ==} - engines: {node: '>= 0.4'} - - he@1.2.0: - resolution: {integrity: sha512-F/1DnUGPopORZi0ni+CvrCgHQ5FyEAHRLSApuYWMmrbSwoN2Mn/7k+Gl38gJnR7yyDZk6WLXwiGod1JOWNDKGw==} - hasBin: true - - header-case@1.0.1: - resolution: {integrity: sha512-i0q9mkOeSuhXw6bGgiQCCBgY/jlZuV/7dZXyZ9c6LcBrqwvT8eT719E9uxE5LiZftdl+z81Ugbg/VvXV4OJOeQ==} - - helmet@6.2.0: - resolution: {integrity: sha512-DWlwuXLLqbrIOltR6tFQXShj/+7Cyp0gLi6uAb8qMdFh/YBBFbKSgQ6nbXmScYd8emMctuthmgIa7tUfo9Rtyg==} - engines: {node: '>=14.0.0'} - - highlight.js@10.7.3: - resolution: {integrity: sha512-tzcUFauisWKNHaRkN4Wjl/ZA07gENAjFl3J/c480dprkGTg5EQstgaNFqBfUqCq54kZRIEcreTsAgF/m2quD7A==} - - history@4.10.1: - resolution: {integrity: sha512-36nwAD620w12kuzPAsyINPWJqlNbij+hpK1k9XRloDtym8mxzGYl2c17LnV6IAGB2Dmg4tEa7G7DlawS0+qjew==} - - hmac-drbg@1.0.1: - resolution: {integrity: sha512-Tti3gMqLdZfhOQY1Mzf/AanLiqh1WTiJgEj26ZuYQ9fbkLomzGchCws4FyrSd4VkpBfiNhaE1On+lOz894jvXg==} - - hoist-non-react-statics@3.3.2: - resolution: {integrity: sha512-/gGivxi8JPKWNm/W0jSmzcMPpfpPLc3dY/6GxhX2hQ9iGj3aDfklV4ET7NjKpSinLpJ5vafa9iiGIEZg10SfBw==} - - homedir-polyfill@1.0.3: - resolution: {integrity: sha512-eSmmWE5bZTK2Nou4g0AI3zZ9rswp7GRKoKXS1BLUkvPviOqs4YTN1djQIqrXy9k5gEtdLPy86JjRwsNM9tnDcA==} - engines: {node: '>=0.10.0'} - - hosted-git-info@2.8.9: - resolution: {integrity: sha512-mxIDAb9Lsm6DoOJ7xH+5+X4y1LU/4Hi50L9C5sIswK3JzULS4bwk1FvjdBgvYR4bzT4tuUQiC15FE2f5HbLvYw==} - - html-entities@2.5.2: - resolution: {integrity: sha512-K//PSRMQk4FZ78Kyau+mZurHn3FH0Vwr+H36eE0rPbeYkRRi9YxceYPhuN60UwWorxyKHhqoAJl2OFKa4BVtaA==} - - html-escaper@2.0.2: - resolution: {integrity: sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg==} - - html-minifier-terser@6.1.0: - resolution: {integrity: sha512-YXxSlJBZTP7RS3tWnQw74ooKa6L9b9i9QYXY21eUEvhZ3u9XLfv6OnFsQq6RxkhHygsaUMvYsZRV5rU/OVNZxw==} - engines: {node: '>=12'} - hasBin: true - - html-webpack-plugin@5.6.0: - resolution: {integrity: sha512-iwaY4wzbe48AfKLZ/Cc8k0L+FKG6oSNRaZ8x5A/T/IVDGyXcbHncM9TdDa93wn0FsSm82FhTKW7f3vS61thXAw==} - engines: {node: '>=10.13.0'} - peerDependencies: - '@rspack/core': 0.x || 1.x - webpack: ^5.20.0 - peerDependenciesMeta: - '@rspack/core': - optional: true - webpack: - optional: true - - htmlparser2@6.1.0: - resolution: {integrity: sha512-gyyPk6rgonLFEDGoeRgQNaEUvdJ4ktTmmUh/h2t7s+M8oPpIPxgNACWa+6ESR57kXstwqPiCut0V8NRpcwgU7A==} - - htmlparser2@8.0.2: - resolution: {integrity: sha512-GYdjWKDkbRLkZ5geuHs5NY1puJ+PXwP7+fHPRz06Eirsb9ugf6d8kkXav6ADhcODhFFPMIXyxkxSuMf3D6NCFA==} - - http-assert@1.5.0: - resolution: {integrity: sha512-uPpH7OKX4H25hBmU6G1jWNaqJGpTXxey+YOUizJUAgu0AjLUeC8D73hTrhvDS5D+GJN1DN1+hhc/eF/wpxtp0w==} - engines: {node: '>= 0.8'} - - http-cache-semantics@4.1.1: - resolution: {integrity: sha512-er295DKPVsV82j5kw1Gjt+ADA/XYHsajl82cGNQG2eyoPkvgUhX+nDIyelzhIWbbsXP39EHcI6l5tYs2FYqYXQ==} - - http-errors@1.6.3: - resolution: {integrity: sha512-lks+lVC8dgGyh97jxvxeYTWQFvh4uw4yC12gVl63Cg30sjPX4wuGcdkICVXDAESr6OJGjqGA8Iz5mkeN6zlD7A==} - engines: {node: '>= 0.6'} - - http-errors@1.8.1: - resolution: {integrity: sha512-Kpk9Sm7NmI+RHhnj6OIWDI1d6fIoFAtFt9RLaTMRlg/8w49juAStsrBgp0Dp4OdxdVbRIeKhtCUvoi/RuAhO4g==} - engines: {node: '>= 0.6'} - - http-errors@2.0.0: - resolution: {integrity: sha512-FtwrG/euBzaEjYeRqOgly7G0qviiXoJWnvEH2Z1plBdXgbyjv34pHTSb9zoeHMyDy33+DWy5Wt9Wo+TURtOYSQ==} - engines: {node: '>= 0.8'} - - http2-wrapper@1.0.3: - resolution: {integrity: sha512-V+23sDMr12Wnz7iTcDeJr3O6AIxlnvT/bmaAAAP/Xda35C90p9599p0F1eHR/N1KILWSoWVAiOMFjBBXaXSMxg==} - engines: {node: '>=10.19.0'} - - https-proxy-agent@5.0.1: - resolution: {integrity: sha512-dFcAjpTQFgoLMzC2VwU+C/CbS7uRL0lWmxDITmqm7C+7F0Odmj6s9l6alZc6AELXhrnggM2CeWSXHGOdX2YtwA==} - engines: {node: '>= 6'} - - human-signals@2.1.0: - resolution: {integrity: sha512-B4FFZ6q/T2jhhksgkbEW3HBvWIfDW85snkQgawt07S7J5QXTk6BkNV+0yAeZrM5QpMAdYlocGoljn0sJ/WQkFw==} - engines: {node: '>=10.17.0'} - - human-signals@4.3.1: - resolution: {integrity: sha512-nZXjEF2nbo7lIw3mgYjItAfgQXog3OjJogSbKa2CQIIvSGWcKgeJnQlNXip6NglNzYH45nSRiEVimMvYL8DDqQ==} - engines: {node: '>=14.18.0'} - - humanize-ms@1.2.1: - resolution: {integrity: sha512-Fl70vYtsAFb/C06PTS9dZBo7ihau+Tu/DNCk/OyHhea07S+aeMWpFFkUaXRa8fI+ScZbEI8dfSxwY7gxZ9SAVQ==} - - iconv-lite@0.4.13: - resolution: {integrity: sha512-QwVuTNQv7tXC5mMWFX5N5wGjmybjNBBD8P3BReTkPmipoxTUFgWM2gXNvldHQr6T14DH0Dh6qBVg98iJt7u4mQ==} - engines: {node: '>=0.8.0'} - - iconv-lite@0.4.15: - resolution: {integrity: sha512-RGR+c9Lm+tLsvU57FTJJtdbv2hQw42Yl2n26tVIBaYmZzLN+EGfroUugN/z9nJf9kOXd49hBmpoGr4FEm+A4pw==} - engines: {node: '>=0.10.0'} - - iconv-lite@0.4.24: - resolution: {integrity: sha512-v3MXnZAcvnywkTUEZomIActle7RXXeedOR31wwl7VlyoXO4Qi9arvSenNQWne1TcRwhCL1HwLI21bEqdpj8/rA==} - engines: {node: '>=0.10.0'} - - icss-utils@5.1.0: - resolution: {integrity: sha512-soFhflCVWLfRNOPU3iv5Z9VUdT44xFRbzjLsEzSr5AQmgqPMTHdU3PMT1Cf1ssx8fLNJDA1juftYl+PUcv3MqA==} - engines: {node: ^10 || ^12 || >= 14} - peerDependencies: - postcss: ^8.1.0 - - ieee754@1.2.1: - resolution: {integrity: sha512-dcyqhDvX1C46lXZcVqCpK+FtMRQVdIMN6/Df5js2zouUsqG7I6sFxitIC+7KYK29KdXOLHdu9zL4sFnoVQnqaA==} - - ignore-by-default@1.0.1: - resolution: {integrity: sha512-Ius2VYcGNk7T90CppJqcIkS5ooHUZyIQK+ClZfMfMNFEF9VSE73Fq+906u/CWu92x4gzZMWOwfFYckPObzdEbA==} - - ignore-walk@3.0.4: - resolution: {integrity: sha512-PY6Ii8o1jMRA1z4F2hRkH/xN59ox43DavKvD3oDpfurRlOJyAHpifIwpbdv1n4jt4ov0jSpw3kQ4GhJnpBL6WQ==} - - ignore@5.3.2: - resolution: {integrity: sha512-hsBTNUqQTDwkWtcdYI2i06Y/nUBEsNEDJKjWdigLvegy8kDuJAS8uRlpkkcQpyEXL0Z/pjDy5HBmMjRCJ2gq+g==} - engines: {node: '>= 4'} - - immer@9.0.19: - resolution: {integrity: sha512-eY+Y0qcsB4TZKwgQzLaE/lqYMlKhv5J9dyd2RhhtGhNo2njPXDqU9XPfcNfa3MIDsdtZt5KlkIsirlo4dHsWdQ==} - - immer@9.0.21: - resolution: {integrity: sha512-bc4NBHqOqSfRW7POMkHd51LvClaeMXpm8dx0e8oE2GORbq5aRK7Bxl4FyzVLdGtLmvLKL7BTDBG5ACQm4HWjTA==} - - import-fresh@3.3.0: - resolution: {integrity: sha512-veYYhQa+D1QBKznvhUHxb8faxlrwUnxseDAbAp457E0wLNio2bOSKnjYDhMj+YiAq61xrMGhQk9iXVk5FzgQMw==} - engines: {node: '>=6'} - - import-lazy@4.0.0: - resolution: {integrity: sha512-rKtvo6a868b5Hu3heneU+L4yEQ4jYKLtjpnPeUdK7h0yzXGmyBTypknlkCvHFBqfX9YlorEiMM6Dnq/5atfHkw==} - engines: {node: '>=8'} - - imurmurhash@0.1.4: - resolution: {integrity: sha512-JmXMZ6wuvDmLiHEml9ykzqO6lwFbof0GG4IkcGaENdCRDDmMVnny7s5HsIgHCbaq0w2MyPhDqkhTUgS2LU2PHA==} - engines: {node: '>=0.8.19'} - - indent-string@4.0.0: - resolution: {integrity: sha512-EdDDZu4A2OyIK7Lr/2zG+w5jmbuk1DVBnEwREQvBzspBJkCEbRa8GxU1lghYcaGJCnRWibjDXlq779X1/y5xwg==} - engines: {node: '>=8'} - - inflation@2.1.0: - resolution: {integrity: sha512-t54PPJHG1Pp7VQvxyVCJ9mBbjG3Hqryges9bXoOO6GExCPa+//i/d5GSuFtpx3ALLd7lgIAur6zrIlBQyJuMlQ==} - engines: {node: '>= 0.8.0'} - - inflight@1.0.6: - resolution: {integrity: sha512-k92I/b08q4wvFscXCLvqfsHCrjrF7yiXsQuIVvVE7N82W3+aqpzuUdBbfhWcy/FZR3/4IgflMgKLOsvPDrGCJA==} - deprecated: This module is not supported, and leaks memory. Do not use it. Check out lru-cache if you want a good and tested way to coalesce async requests by a key value, which is much more comprehensive and powerful. - - inherits@2.0.3: - resolution: {integrity: sha512-x00IRNXNy63jwGkJmzPigoySHbaqpNuzKbBOmzK+g2OdZpQ9w+sxCN+VSB3ja7IAge2OP2qpfxTjeNcyjmW1uw==} - - inherits@2.0.4: - resolution: {integrity: sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==} - - ini@1.3.8: - resolution: {integrity: sha512-JV/yugV2uzW5iMRSiZAyDtQd+nxtUnjeLt0acNdw98kKLrvuRVyB80tsREOE7yvGVgalhZ6RNXCmEHkUKBKxew==} - - ini@2.0.0: - resolution: {integrity: sha512-7PnF4oN3CvZF23ADhA5wRaYEQpJ8qygSkbtTXWBeXWXmEVRXK+1ITciHWwHhsjv1TmW0MgacIv6hEi5pX5NQdA==} - engines: {node: '>=10'} - - ini@4.1.1: - resolution: {integrity: sha512-QQnnxNyfvmHFIsj7gkPcYymR8Jdw/o7mp5ZFihxn6h8Ci6fh3Dx4E1gPjpQEpIuPo9XVNY/ZUwh4BPMjGyL01g==} - engines: {node: ^14.17.0 || ^16.13.0 || >=18.0.0} - - inquirer@7.3.3: - resolution: {integrity: sha512-JG3eIAj5V9CwcGvuOmoo6LB9kbAYT8HXffUl6memuszlwDC/qvFAJw49XJ5NROSFNPxp3iQg1GqkFhaY/CR0IA==} - engines: {node: '>=8.0.0'} - - inquirer@8.2.5: - resolution: {integrity: sha512-QAgPDQMEgrDssk1XiwwHoOGYF9BAbUcc1+j+FhEvaOt8/cKRqyLn0U5qA6F74fGhTMGxf92pOvPBeh29jQJDTQ==} - engines: {node: '>=12.0.0'} - - interpret@1.4.0: - resolution: {integrity: sha512-agE4QfB2Lkp9uICn7BAqoscw4SZP9kTE2hxiFI3jBPmXJfdqiahTbUuKGsMoN2GtqL9AxhYioAcVvgsb1HvRbA==} - engines: {node: '>= 0.10'} - - interpret@2.2.0: - resolution: {integrity: sha512-Ju0Bz/cEia55xDwUWEa8+olFpCiQoypjnQySseKtmjNrnps3P+xfpUmGr90T7yjlVJmOtybRvPXhKMbHr+fWnw==} - engines: {node: '>= 0.10'} - - intl-messageformat@10.3.4: - resolution: {integrity: sha512-/FxUIrlbPtuykSNX85CB5sp2FjLVeTmdD7TfRkVFPft2n4FgcSlAcilFytYiFAEmPHc+0PvpLCIPXeaGFzIvOg==} - - invariant@2.2.4: - resolution: {integrity: sha512-phJfQVBuaJM5raOpJjSfkiD6BpbCE4Ns//LaXl6wGYtUBY83nWS6Rf9tXm2e8VaK60JEjYldbPif/A2B1C2gNA==} - - is-absolute@1.0.0: - resolution: {integrity: sha512-dOWoqflvcydARa360Gvv18DZ/gRuHKi2NU/wU5X1ZFzdYfH29nkiNZsF3mp4OJ3H4yo9Mx8A/uAGNzpzPN3yBA==} - engines: {node: '>=0.10.0'} - - is-accessor-descriptor@1.0.1: - resolution: {integrity: sha512-YBUanLI8Yoihw923YeFUS5fs0fF2f5TSFTNiYAAzhhDscDa3lEqYuz1pDOEP5KvX94I9ey3vsqjJcLVFVU+3QA==} - engines: {node: '>= 0.10'} - - is-arrayish@0.2.1: - resolution: {integrity: sha512-zz06S8t0ozoDXMG+ube26zeCTNXcKIPJZJi8hBrF4idCLms4CG9QtK7qBl1boi5ODzFpjswb5JPmHCbMpjaYzg==} - - is-arrayish@0.3.2: - resolution: {integrity: sha512-eVRqCvVlZbuw3GrM63ovNSNAeA1K16kaR/LRY/92w0zxQ5/1YzwblUX652i4Xs9RwAGjW9d9y6X88t8OaAJfWQ==} - - is-binary-path@2.1.0: - resolution: {integrity: sha512-ZMERYes6pDydyuGidse7OsHxtbI7WVeUEozgR/g7rd0xUimYNlvZRE/K2MgZTjWy725IfelLeVcEM97mmtRGXw==} - engines: {node: '>=8'} - - is-buffer@1.1.6: - resolution: {integrity: sha512-NcdALwpXkTm5Zvvbk7owOUSvVvBKDgKP5/ewfXEznmQFfs4ZRmanOeKBTjRVjka3QFoN6XJ+9F3USqfHqTaU5w==} - - is-class-hotfix@0.0.6: - resolution: {integrity: sha512-0n+pzCC6ICtVr/WXnN2f03TK/3BfXY7me4cjCAqT8TYXEl0+JBRoqBo94JJHXcyDSLUeWbNX8Fvy5g5RJdAstQ==} - - is-core-module@2.15.1: - resolution: {integrity: sha512-z0vtXSwucUJtANQWldhbtbt7BnL0vxiFjIdDLAatwhDYty2bad6s+rijD6Ri4YuYJubLzIJLUidCh09e1djEVQ==} - engines: {node: '>= 0.4'} - - is-data-descriptor@1.0.1: - resolution: {integrity: sha512-bc4NlCDiCr28U4aEsQ3Qs2491gVq4V8G7MQyws968ImqjKuYtTJXrl7Vq7jsN7Ly/C3xj5KWFrY7sHNeDkAzXw==} - engines: {node: '>= 0.4'} - - is-descriptor@0.1.7: - resolution: {integrity: sha512-C3grZTvObeN1xud4cRWl366OMXZTj0+HGyk4hvfpx4ZHt1Pb60ANSXqCK7pdOTeUQpRzECBSTphqvD7U+l22Eg==} - engines: {node: '>= 0.4'} - - is-descriptor@1.0.3: - resolution: {integrity: sha512-JCNNGbwWZEVaSPtS45mdtrneRWJFp07LLmykxeFV5F6oBvNF8vHSfJuJgoT472pSfk+Mf8VnlrspaFBHWM8JAw==} - engines: {node: '>= 0.4'} - - is-docker@2.2.1: - resolution: {integrity: sha512-F+i2BKsFrH66iaUFc0woD8sLy8getkwTwtOBjvs56Cx4CgJDeKQeqfz8wAYiSb8JOprWhHH5p77PbmYCvvUuXQ==} - engines: {node: '>=8'} - hasBin: true - - is-docker@3.0.0: - resolution: {integrity: sha512-eljcgEDlEns/7AXFosB5K/2nCM4P7FQPkGc/DWLy5rmFEWvZayGrik1d9/QIY5nJ4f9YsVvBkA6kJpHn9rISdQ==} - engines: {node: ^12.20.0 || ^14.13.1 || >=16.0.0} - hasBin: true - - is-extendable@0.1.1: - resolution: {integrity: sha512-5BMULNob1vgFX6EjQw5izWDxrecWK9AM72rugNr0TFldMOi0fj6Jk+zeKIt0xGj4cEfQIJth4w3OKWOJ4f+AFw==} - engines: {node: '>=0.10.0'} - - is-extendable@1.0.1: - resolution: {integrity: sha512-arnXMxT1hhoKo9k1LZdmlNyJdDDfy2v0fXjFlmok4+i8ul/6WlbVge9bhM74OpNPQPMGUToDtz+KXa1PneJxOA==} - engines: {node: '>=0.10.0'} - - is-extglob@2.1.1: - resolution: {integrity: sha512-SbKbANkN603Vi4jEZv49LeVJMn4yGwsbzZworEoyEiutsN3nJYdbO36zfhGJ6QEDpOZIFkDtnq5JRxmvl3jsoQ==} - engines: {node: '>=0.10.0'} - - is-fullwidth-code-point@3.0.0: - resolution: {integrity: sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==} - engines: {node: '>=8'} - - is-generator-function@1.0.10: - resolution: {integrity: sha512-jsEjy9l3yiXEQ+PsXdmBwEPcOxaXWLspKdplFUVI9vq1iZgIekeC0L167qeu86czQaxed3q/Uzuw0swL0irL8A==} - engines: {node: '>= 0.4'} - - is-glob@3.1.0: - resolution: {integrity: sha512-UFpDDrPgM6qpnFNI+rh/p3bUaq9hKLZN8bMUWzxmcnZVS3omf4IPK+BrewlnWjO1WmUsMYuSjKh4UJuV4+Lqmw==} - engines: {node: '>=0.10.0'} - - is-glob@4.0.3: - resolution: {integrity: sha512-xelSayHH36ZgE7ZWhli7pW34hNbNl8Ojv5KVmkJD4hBdD3th8Tfk9vYasLM+mXWOZhFkgZfxhLSnrwRr4elSSg==} - engines: {node: '>=0.10.0'} - - is-hotkey@0.1.8: - resolution: {integrity: sha512-qs3NZ1INIS+H+yeo7cD9pDfwYV/jqRh1JG9S9zYrNudkoUQg7OL7ziXqRKu+InFjUIDoP2o6HIkLYMh1pcWgyQ==} - - is-inside-container@1.0.0: - resolution: {integrity: sha512-KIYLCCJghfHZxqjYBE7rEy0OBuTd5xCHS7tHVgvCLkx7StIoaxwNW3hCALgEUjFfeRk+MG/Qxmp/vtETEF3tRA==} - engines: {node: '>=14.16'} - hasBin: true - - is-interactive@1.0.0: - resolution: {integrity: sha512-2HvIEKRoqS62guEC+qBjpvRubdX910WCMuJTZ+I9yvqKU2/12eSL549HMwtabb4oupdj2sMP50k+XJfB/8JE6w==} - engines: {node: '>=8'} - - is-localhost-ip@2.0.0: - resolution: {integrity: sha512-vlgs2cSgMOfnKU8c1ewgKPyum9rVrjjLLW2HBdL5i0iAJjOs8NY55ZBd/hqUTaYR0EO9CKZd3hVSC2HlIbygTQ==} - engines: {node: '>=12'} - - is-lower-case@1.1.3: - resolution: {integrity: sha512-+5A1e/WJpLLXZEDlgz4G//WYSHyQBD32qa4Jd3Lw06qQlv3fJHnp3YIHjTQSGzHMgzmVKz2ZP3rBxTHkPw/lxA==} - - is-number@3.0.0: - resolution: {integrity: sha512-4cboCqIpliH+mAvFNegjZQ4kgKc3ZUhQVr3HvWbSh5q3WH2v82ct+T2Y1hdU5Gdtorx/cLifQjqCbL7bpznLTg==} - engines: {node: '>=0.10.0'} - - is-number@7.0.0: - resolution: {integrity: sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==} - engines: {node: '>=0.12.0'} - - is-obj@2.0.0: - resolution: {integrity: sha512-drqDG3cbczxxEJRoOXcOjtdp1J/lyp1mNn0xaznRs8+muBhgQcrnbspox5X5fOw0HnMnbfDzvnEMEtqDEJEo8w==} - engines: {node: '>=8'} - - is-path-cwd@2.2.0: - resolution: {integrity: sha512-w942bTcih8fdJPJmQHFzkS76NEP8Kzzvmw92cXsazb8intwLqPibPPdXf4ANdKV3rYMuuQYGIWtvz9JilB3NFQ==} - engines: {node: '>=6'} - - is-path-inside@3.0.3: - resolution: {integrity: sha512-Fd4gABb+ycGAmKou8eMftCupSir5lRxqf4aD/vd0cD2qc4HL07OjCeuHMr8Ro4CoMaeCKDB0/ECBOVWjTwUvPQ==} - engines: {node: '>=8'} - - is-plain-obj@4.1.0: - resolution: {integrity: sha512-+Pgi+vMuUNkJyExiMBt5IlFoMyKnr5zhJ4Uspz58WOhBF5QoIZkFyNHIbBAtHwzVAgk5RtndVNsDRN61/mmDqg==} - engines: {node: '>=12'} - - is-plain-object@2.0.4: - resolution: {integrity: sha512-h5PpgXkWitc38BBMYawTYMWJHFZJVnBquFE57xFpjB8pJFiF6gZ+bU+WyI/yqXiFR5mdLsgYNaPe8uao6Uv9Og==} - engines: {node: '>=0.10.0'} - - is-plain-object@5.0.0: - resolution: {integrity: sha512-VRSzKkbMm5jMDoKLbltAkFQ5Qr7VDiTFGXxYFXXowVj387GeGNOCsOH6Msy00SGZ3Fp84b1Naa1psqgcCIEP5Q==} - engines: {node: '>=0.10.0'} - - is-relative@1.0.0: - resolution: {integrity: sha512-Kw/ReK0iqwKeu0MITLFuj0jbPAmEiOsIwyIXvvbfa6QfmN9pkD1M+8pdk7Rl/dTKbH34/XBFMbgD4iMJhLQbGA==} - engines: {node: '>=0.10.0'} - - is-retry-allowed@2.2.0: - resolution: {integrity: sha512-XVm7LOeLpTW4jV19QSH38vkswxoLud8sQ57YwJVTPWdiaI9I8keEhGFpBlslyVsgdQy4Opg8QOLb8YRgsyZiQg==} - engines: {node: '>=10'} - - is-ssh@1.4.0: - resolution: {integrity: sha512-x7+VxdxOdlV3CYpjvRLBv5Lo9OJerlYanjwFrPR9fuGPjCiNiCzFgAWpiLAohSbsnH4ZAys3SBh+hq5rJosxUQ==} - - is-stream@2.0.1: - resolution: {integrity: sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg==} - engines: {node: '>=8'} - - is-stream@3.0.0: - resolution: {integrity: sha512-LnQR4bZ9IADDRSkvpqMGvt/tEJWclzklNgSw48V5EAaAeDd6qGvN8ei6k5p0tvxSR171VmGyHuTiAOfxAbr8kA==} - engines: {node: ^12.20.0 || ^14.13.1 || >=16.0.0} - - is-type-of@1.4.0: - resolution: {integrity: sha512-EddYllaovi5ysMLMEN7yzHEKh8A850cZ7pykrY1aNRQGn/CDjRDE9qEWbIdt7xGEVJmjBXzU/fNnC4ABTm8tEQ==} - - is-typedarray@1.0.0: - resolution: {integrity: sha512-cyA56iCMHAh5CdzjJIa4aohJyeO1YbwLi3Jc35MmRU6poroFjIGZzUzupGiRPOjgHg9TLu43xbpwXk523fMxKA==} - - is-unc-path@1.0.0: - resolution: {integrity: sha512-mrGpVd0fs7WWLfVsStvgF6iEJnbjDFZh9/emhRDcGWTduTfNHd9CHeUwH3gYIjdbwo4On6hunkztwOaAw0yllQ==} - engines: {node: '>=0.10.0'} - - is-unicode-supported@0.1.0: - resolution: {integrity: sha512-knxG2q4UC3u8stRGyAVJCOdxFmv5DZiRcdlIaAQXAbSfJya+OhopNotLQrstBhququ4ZpuKbDc/8S6mgXgPFPw==} - engines: {node: '>=10'} - - is-upper-case@1.1.2: - resolution: {integrity: sha512-GQYSJMgfeAmVwh9ixyk888l7OIhNAGKtY6QA+IrWlu9MDTCaXmeozOZ2S9Knj7bQwBO/H6J2kb+pbyTUiMNbsw==} - - is-windows@1.0.2: - resolution: {integrity: sha512-eXK1UInq2bPmjyX6e3VHIzMLobc4J94i4AWn+Hpq3OU5KkrRC96OAcR3PRJ/pGu6m8TRnBHP9dkXQVsT/COVIA==} - engines: {node: '>=0.10.0'} - - is-wsl@2.2.0: - resolution: {integrity: sha512-fKzAra0rGJUUBwGBgNkHZuToZcn+TtXHpeCgmkMJMMYx1sQDYaCSyjJBSCa2nH1DGm7s3n1oBnohoVTBaN7Lww==} - engines: {node: '>=8'} - - isarray@0.0.1: - resolution: {integrity: sha512-D2S+3GLxWH+uhrNEcoh/fnmYeP8E8/zHl644d/jdA0g2uyXvy3sb0qxotE+ne0LtccHknQzWwZEzhak7oJ0COQ==} - - isarray@1.0.0: - resolution: {integrity: sha512-VLghIWNM6ELQzo7zwmcg0NmTVyWKYjvIeM83yjp0wRDTmUnrM678fQbcKBo6n2CJEF0szoG//ytg+TKla89ALQ==} - - isbinaryfile@4.0.10: - resolution: {integrity: sha512-iHrqe5shvBUcFbmZq9zOQHBoeOhZJu6RQGrDpBgenUm/Am+F3JM2MgQj+rK3Z601fzrL5gLZWtAPH2OBaSVcyw==} - engines: {node: '>= 8.0.0'} - - isexe@2.0.0: - resolution: {integrity: sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==} - - isobject@2.1.0: - resolution: {integrity: sha512-+OUdGJlgjOBZDfxnDjYYG6zp487z0JGNQq3cYQYg5f5hKR+syHMsaztzGeml/4kGG55CSpKSpWTY+jYGgsHLgA==} - engines: {node: '>=0.10.0'} - - isobject@3.0.1: - resolution: {integrity: sha512-WhB9zCku7EGTj/HQQRz5aUQEUeoQZH2bWcltRErOpymJ4boYE6wL9Tbr23krRPSZ+C5zqNSrSw+Cc7sZZ4b7vg==} - engines: {node: '>=0.10.0'} - - isstream@0.1.2: - resolution: {integrity: sha512-Yljz7ffyPbrLpLngrMtZ7NduUgVvi6wG9RJ9IUcyCd59YQ911PBJphODUcbOVbqYfxe1wuYf/LJ8PauMRwsM/g==} - - jackspeak@3.4.3: - resolution: {integrity: sha512-OGlZQpz2yfahA/Rd1Y8Cd9SIEsqvXkLVoSw/cgwhnhFMDbsQFeZYoJJ7bIZBS9BcamUW96asq/npPWugM+RQBw==} - - jest-worker@27.5.1: - resolution: {integrity: sha512-7vuh85V5cdDofPyxn58nrPjBktZo0u9x1g8WtjQol+jZDaE+fhN+cIvTj11GndBnMnyfrUOG1sZQxCdjKh+DKg==} - engines: {node: '>= 10.13.0'} - - jju@1.4.0: - resolution: {integrity: sha512-8wb9Yw966OSxApiCt0K3yNJL8pnNeIv+OEq2YMidz4FKP6nonSRoOXc80iXY4JaN2FC11B9qsNmDsm+ZOfMROA==} - - jose@4.15.9: - resolution: {integrity: sha512-1vUQX+IdDMVPj4k8kOxgUqlcK518yluMuGZwqlr44FS1ppZB/5GWh4rZG89erpOBOJjU/OBsnCVFfapsRz6nEA==} - - joycon@3.1.1: - resolution: {integrity: sha512-34wB/Y7MW7bzjKRjUKTa46I2Z7eV62Rkhva+KkopW7Qvv/OSWBqvkSY7vusOPrNuZcUG3tApvdVgNB8POj3SPw==} - engines: {node: '>=10'} - - js-cookie@2.2.1: - resolution: {integrity: sha512-HvdH2LzI/EAZcUwA8+0nKNtWHqS+ZmijLA30RwZA0bo7ToCckjK5MkGhjED9KoRcXO6BaGI3I9UIzSA1FKFPOQ==} - - js-sha3@0.8.0: - resolution: {integrity: sha512-gF1cRrHhIzNfToc802P800N8PpXS+evLLXfsVpowqmAFR9uwbi89WvXg2QspOmXL8QL86J4T1EpFu+yUkwJY3Q==} - - js-tokens@4.0.0: - resolution: {integrity: sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==} - - js-yaml@4.1.0: - resolution: {integrity: sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA==} - hasBin: true - - jsesc@2.5.2: - resolution: {integrity: sha512-OYu7XEzjkCQ3C5Ps3QIZsQfNpqoJyZZA99wd9aWd05NCtC5pWOkShK2mkL6HXQR6/Cy2lbNdPlZBpuQHXE63gA==} - engines: {node: '>=4'} - hasBin: true - - json-buffer@3.0.1: - resolution: {integrity: sha512-4bV5BfR2mqfQTJm+V5tPPdf+ZpuhiIvTuAB5g8kcrXOZpTT/QwwVRWBywX1ozr6lEuPdbHxwaJlm9G6mI2sfSQ==} - - json-parse-even-better-errors@2.3.1: - resolution: {integrity: sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==} - - json-schema-traverse@0.4.1: - resolution: {integrity: sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==} - - json-schema-traverse@1.0.0: - resolution: {integrity: sha512-NM8/P9n3XjXhIZn1lLhkFaACTOURQXjWhV4BA/RnOv8xvgqtqpAX9IO4mRQxSx1Rlo4tqzeqb0sOlruaOy3dug==} - - json5@2.2.3: - resolution: {integrity: sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==} - engines: {node: '>=6'} - hasBin: true - - jsonfile@4.0.0: - resolution: {integrity: sha512-m6F1R3z8jjlf2imQHS2Qez5sjKWQzbuuhuJ/FKYFRZvPE3PuHcSMVZzfsLhGVOkfd20obL5SWEBew5ShlquNxg==} - - jsonfile@6.1.0: - resolution: {integrity: sha512-5dgndWOriYSm5cnYaJNhalLNDKOqFwyDB/rr1E9ZsGciGvKPs8R2xYGCacuf3z6K1YKDz182fd+fY3cn3pMqXQ==} - - jsonwebtoken@9.0.0: - resolution: {integrity: sha512-tuGfYXxkQGDPnLJ7SibiQgVgeDgfbPq2k2ICcbgqW8WxWLBAxKQM/ZCu/IT8SOSwmaYl4dpTFCW5xZv7YbbWUw==} - engines: {node: '>=12', npm: '>=6'} - - jwa@1.4.1: - resolution: {integrity: sha512-qiLX/xhEEFKUAJ6FiBMbes3w9ATzyk5W7Hvzpa/SLYdxNtng+gcurvrI7TbACjIXlsJyr05/S1oUhZrc63evQA==} - - jwa@2.0.0: - resolution: {integrity: sha512-jrZ2Qx916EA+fq9cEAeCROWPTfCwi1IVHqT2tapuqLEVVDKFDENFw1oL+MwrTvH6msKxsd1YTDVw6uKEcsrLEA==} - - jwk-to-pem@2.0.5: - resolution: {integrity: sha512-L90jwellhO8jRKYwbssU9ifaMVqajzj3fpRjDKcsDzrslU9syRbFqfkXtT4B89HYAap+xsxNcxgBSB09ig+a7A==} - - jwks-rsa@3.1.0: - resolution: {integrity: sha512-v7nqlfezb9YfHHzYII3ef2a2j1XnGeSE/bK3WfumaYCqONAIstJbrEGapz4kadScZzEt7zYCN7bucj8C0Mv/Rg==} - engines: {node: '>=14'} - - jws@3.2.2: - resolution: {integrity: sha512-YHlZCB6lMTllWDtSPHz/ZXTsi8S00usEV6v1tjq8tOUZzw7DpSDWVXjXDre6ed1w/pd495ODpHZYSdkRTsa0HA==} - - jws@4.0.0: - resolution: {integrity: sha512-KDncfTmOZoOMTFG4mBlG0qUIOlc03fmzH+ru6RgYVZhPkyiy/92Owlt/8UEN+a4TXR1FQetfIpJE8ApdvdVxTg==} - - keygrip@1.1.0: - resolution: {integrity: sha512-iYSchDJ+liQ8iwbSI2QqsQOvqv58eJCEanyJPJi+Khyu8smkcKSFUCbPwzFcL7YVtZ6eONjqRX/38caJ7QjRAQ==} - engines: {node: '>= 0.6'} - - keyv@4.5.4: - resolution: {integrity: sha512-oxVHkHR/EJf2CNXnWxRLW6mg7JyCCUcG0DtEGmL2ctUo1PNTin1PUil+r/+4r5MpVgC/fn1kjsx7mjSujKqIpw==} - - kind-of@3.2.2: - resolution: {integrity: sha512-NOW9QQXMoZGg/oqnVNoNTTIFEIid1627WCffUBJEdMxYApq7mNE7CpzucIPc+ZQg25Phej7IJSmX3hO+oblOtQ==} - engines: {node: '>=0.10.0'} - - kind-of@4.0.0: - resolution: {integrity: sha512-24XsCxmEbRwEDbz/qz3stgin8TTzZ1ESR56OMCN0ujYg+vRutNSiOj9bHH9u85DKgXguraugV5sFuvbD4FW/hw==} - engines: {node: '>=0.10.0'} - - kind-of@6.0.3: - resolution: {integrity: sha512-dcS1ul+9tmeD95T+x28/ehLgd9mENa3LsvDTtzm3vyBEO7RPptvAD+t44WVXaUjTBRcrpFeFlC8WCruUR456hw==} - engines: {node: '>=0.10.0'} - - kleur@3.0.3: - resolution: {integrity: sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w==} - engines: {node: '>=6'} - - knex@2.5.0: - resolution: {integrity: sha512-h6Ru3PJmZjCDUEqLgwQ/RJUu06Bz7MTzY6sD90udLIa9qwtC7Rnicr7TBiWSaswZmDqk4EZ8xysdg1fkvhYM6w==} - engines: {node: '>=12'} - hasBin: true - peerDependencies: - better-sqlite3: '*' - mysql: '*' - mysql2: '*' - pg: '*' - pg-native: '*' - sqlite3: '*' - tedious: '*' - peerDependenciesMeta: - better-sqlite3: - optional: true - mysql: - optional: true - mysql2: - optional: true - pg: - optional: true - pg-native: - optional: true - sqlite3: - optional: true - tedious: - optional: true - - koa-body@4.2.0: - resolution: {integrity: sha512-wdGu7b9amk4Fnk/ytH8GuWwfs4fsB5iNkY8kZPpgQVb04QZSv85T0M8reb+cJmvLE8cjPYvBzRikD3s6qz8OoA==} - - koa-bodyparser@4.4.1: - resolution: {integrity: sha512-kBH3IYPMb+iAXnrxIhXnW+gXV8OTzCu8VPDqvcDHW9SQrbkHmqPQtiZwrltNmSq6/lpipHnT7k7PsjlVD7kK0w==} - engines: {node: '>=8.0.0'} - - koa-compose@4.1.0: - resolution: {integrity: sha512-8ODW8TrDuMYvXRwra/Kh7/rJo9BtOfPc6qO8eAfC80CnCvSjSl0bkRM24X6/XBBEyj0v1nRUQ1LyOy3dbqOWXw==} - - koa-compress@5.1.0: - resolution: {integrity: sha512-G3Ppo9jrUwlchp6qdoRgQNMiGZtM0TAHkxRZQ7EoVvIG8E47J4nAsMJxXHAUQ+0oc7t0MDxSdONWTFcbzX7/Bg==} - engines: {node: '>= 8.0.0'} - - koa-convert@2.0.0: - resolution: {integrity: sha512-asOvN6bFlSnxewce2e/DK3p4tltyfC4VM7ZwuTuepI7dEQVcvpyFuBcEARu1+Hxg8DIwytce2n7jrZtRlPrARA==} - engines: {node: '>= 10'} - - koa-favicon@2.1.0: - resolution: {integrity: sha512-LvukcooYjxKtnZq0RXdBup+JDhaHwLgnLlDHB/xvjwQEjbc4rbp/0WkmOzpOvaHujc+fIwPear0dpKX1V+dHVg==} - - koa-helmet@7.0.2: - resolution: {integrity: sha512-AvzS6VuEfFgbAm0mTUnkk/BpMarMcs5A56g+f0sfrJ6m63wII48d2GDrnUQGp0Nj+RR950vNtgqXm9UJSe7GOg==} - engines: {node: '>= 14.0.0'} - - koa-ip@2.1.3: - resolution: {integrity: sha512-QLVBByImwDq9enZXVOD3Astk876B7N0IYta7Kik4iyNB462rVzBB1/LD0Ek1F+v9nGUTHBFyhh8043EIlskK9Q==} - - koa-is-json@1.0.0: - resolution: {integrity: sha512-+97CtHAlWDx0ndt0J8y3P12EWLwTLMXIfMnYDev3wOTwH/RpBGMlfn4bDXlMEg1u73K6XRE9BbUp+5ZAYoRYWw==} - - koa-passport@5.0.0: - resolution: {integrity: sha512-eNGg3TGgZ4ydm9DYCOqaa0ySSA/44BS6X+v4CKjP/nHOoXlADRonHsZvS3QWok6EV0ZL0V7FhfWxRYfD2B5kTQ==} - engines: {node: '>= 4'} - - koa-range@0.3.0: - resolution: {integrity: sha512-Ich3pCz6RhtbajYXRWjIl6O5wtrLs6kE3nkXc9XmaWe+MysJyZO7K4L3oce1Jpg/iMgCbj+5UCiMm/rqVtcDIg==} - engines: {node: '>=7'} - - koa-send@5.0.1: - resolution: {integrity: sha512-tmcyQ/wXXuxpDxyNXv5yNNkdAMdFRqwtegBXUaowiQzUKqJehttS0x2j0eOZDQAyloAth5w6wwBImnFzkUz3pQ==} - engines: {node: '>= 8'} - - koa-session@6.4.0: - resolution: {integrity: sha512-h/dxmSOvNEXpHQPRs4TV03TZVFyZIjmYQiTAW5JBFTYBOZ0VdpZ8QEE6Dud75g8z9JNGXi3m++VqRmqToB+c2A==} - engines: {node: '>=8.0.0'} - - koa-static@5.0.0: - resolution: {integrity: sha512-UqyYyH5YEXaJrf9S8E23GoJFQZXkBVJ9zYYMPGz919MSX1KuvAcycIuS0ci150HCoPf4XQVhQ84Qf8xRPWxFaQ==} - engines: {node: '>= 7.6.0'} - - koa2-ratelimit@1.1.3: - resolution: {integrity: sha512-gdrIw6m/D7pmScScL4dz50qLbRR3UGqvO1Vuy2dc7hVIuFAl1OVTnu6WFyEJ5GbfyLZFaCMWzRw6t4krvzvUTg==} - engines: {node: '>=7.10.1'} - peerDependencies: - mongoose: '>= 5' - redis: '>= 4.0.0' - sequelize: '>=5.8.7' - peerDependenciesMeta: - mongoose: - optional: true - redis: - optional: true - sequelize: - optional: true - - koa@2.13.4: - resolution: {integrity: sha512-43zkIKubNbnrULWlHdN5h1g3SEKXOEzoAlRsHOTFpnlDu8JlAOZSMJBLULusuXRequboiwJcj5vtYXKB3k7+2g==} - engines: {node: ^4.8.4 || ^6.10.1 || ^7.10.1 || >= 8.1.4} - - kuler@2.0.0: - resolution: {integrity: sha512-Xq9nH7KlWZmXAtodXDDRE7vs6DU1gTU8zYDHDiWLSip45Egwq3plLHzPn27NgvzL2r1LMPC1vdqh98sQxtqj4A==} - - libbase64@0.1.0: - resolution: {integrity: sha512-B91jifmFw1DKEqEWstSpg1PbtUbBzR4yQAPT86kCQXBtud1AJVA+Z6RSklSrqmKe4q2eiEufgnhqJKPgozzfIQ==} - - libmime@2.1.0: - resolution: {integrity: sha512-4be2R6/jOasyPTw0BkpIZBVk2cElqjdIdS0PRPhbOCV4wWuL/ZcYYpN1BCTVB+6eIQ0uuAwp5hQTHFrM5Joa8w==} - - libmime@2.1.3: - resolution: {integrity: sha512-ABr2f4O+K99sypmkF/yPz2aXxUFHEZzv+iUkxItCeKZWHHXdQPpDXd6rV1kBBwL4PserzLU09EIzJ2lxC9hPfQ==} - - libqp@1.1.0: - resolution: {integrity: sha512-4Rgfa0hZpG++t1Vi2IiqXG9Ad1ig4QTmtuZF946QJP4bPqOYC78ixUXgz5TW/wE7lNaNKlplSYTxQ+fR2KZ0EA==} - - liftoff@2.5.0: - resolution: {integrity: sha512-01zfGFqfORP1CGmZZP2Zn51zsqz4RltDi0RDOhbGoLYdUT5Lw+I2gX6QdwXhPITF6hPOHEOp+At6/L24hIg9WQ==} - engines: {node: '>= 0.8'} - - limiter@1.1.5: - resolution: {integrity: sha512-FWWMIEOxz3GwUI4Ts/IvgVy6LPvoMPgjMdQ185nN6psJyBJ4yOpzqm695/h5umdLJg2vW3GR5iG11MAkR2AzJA==} - - lines-and-columns@1.2.4: - resolution: {integrity: sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg==} - - linkify-it@3.0.3: - resolution: {integrity: sha512-ynTsyrFSdE5oZ/O9GEf00kPngmOfVwazR5GKDq6EYfhlpFug3J2zybX56a2PRRpc9P+FuSoGNAwjlbDs9jJBPQ==} - - loader-runner@4.3.0: - resolution: {integrity: sha512-3R/1M+yS3j5ou80Me59j7F9IMs4PXs3VqRrm0TU3AbKPxlmpoY1TNscJV/oGJXo8qCatFGTfDbY6W6ipGOYXfg==} - engines: {node: '>=6.11.5'} - - loader-utils@2.0.4: - resolution: {integrity: sha512-xXqpXoINfFhgua9xiqD8fPFHgkoq1mmmpE92WlDbm9rNRd/EbRb+Gqf908T2DMfuHjjJlksiK2RbHVOdD/MqSw==} - engines: {node: '>=8.9.0'} - - locate-path@3.0.0: - resolution: {integrity: sha512-7AO748wWnIhNqAuaty2ZWHkQHRSNfPVIsPIfwEOWO22AmaoVrWavlOcMR5nzTLNYvp36X220/maaRsrec1G65A==} - engines: {node: '>=6'} - - locate-path@5.0.0: - resolution: {integrity: sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==} - engines: {node: '>=8'} - - locate-path@6.0.0: - resolution: {integrity: sha512-iPZK6eYjbxRu3uB4/WZ3EsEIMJFMqAoopl3R+zuq0UjcAm/MO6KCweDgPfP3elTztoKP3KtnVHxTn2NHBSDVUw==} - engines: {node: '>=10'} - - lodash-es@4.17.21: - resolution: {integrity: sha512-mKnC+QJ9pWVzv+C4/U3rRsHapFfHvQFoFB92e52xeyGMcX6/OlIl78je1u8vePzYZSkkogMPJ2yjxxsb89cxyw==} - - lodash.clonedeep@4.5.0: - resolution: {integrity: sha512-H5ZhCF25riFd9uB5UCkVKo61m3S/xZk1x4wA6yp/L3RFP6Z/eHH1ymQcGLo7J3GMPfm0V/7m1tryHuGVxpqEBQ==} - - lodash.deburr@4.1.0: - resolution: {integrity: sha512-m/M1U1f3ddMCs6Hq2tAsYThTBDaAKFDX3dwDo97GEYzamXi9SqUpjWi/Rrj/gf3X2n8ktwgZrlP1z6E3v/IExQ==} - - lodash.get@4.4.2: - resolution: {integrity: sha512-z+Uw/vLuy6gQe8cfaFWD7p0wVv8fJl3mbzXh33RS+0oW2wvUqiRXiQ69gLWSLpgB5/6sU+r6BlQR0MBILadqTQ==} - - lodash.isplainobject@4.0.6: - resolution: {integrity: sha512-oSXzaWypCMHkPC3NvBEaPHf0KsA5mvPrOPgQWDsbg8n7orZ290M0BmC/jgRZ4vcJ6DTAhjrsSYgdsW/F+MFOBA==} - - lodash@4.17.21: - resolution: {integrity: sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==} - - log-symbols@2.2.0: - resolution: {integrity: sha512-VeIAFslyIerEJLXHziedo2basKbMKtTw3vfn5IzG0XTjhAVEJyNHnL2p7vc+wBDSdQuUpNw3M2u6xb9QsAY5Eg==} - engines: {node: '>=4'} - - log-symbols@4.1.0: - resolution: {integrity: sha512-8XPvpAA8uyhfteu8pIvQxpJZ7SYYdpUivZpGy6sFsBuKRY/7rQGavedeB8aK+Zkyq6upMFVL/9AW6vOYzfRyLg==} - engines: {node: '>=10'} - - logform@2.6.1: - resolution: {integrity: sha512-CdaO738xRapbKIMVn2m4F6KTj4j7ooJ8POVnebSgKo3KBz5axNXRAL7ZdRjIV6NOr2Uf4vjtRkxrFETOioCqSA==} - engines: {node: '>= 12.0.0'} - - long-timeout@0.1.1: - resolution: {integrity: sha512-BFRuQUqc7x2NWxfJBCyUrN8iYUYznzL9JROmRz1gZ6KlOIgmoD+njPVbb+VNn2nGMKggMsK79iUNErillsrx7w==} - - loose-envify@1.4.0: - resolution: {integrity: sha512-lyuxPGr/Wfhrlem2CL/UcnUc1zcqKAImBDzukY7Y5F/yQiNdko6+fRLevlw1HgMySw7f611UIY408EtxRSoK3Q==} - hasBin: true - - lower-case-first@1.0.2: - resolution: {integrity: sha512-UuxaYakO7XeONbKrZf5FEgkantPf5DUqDayzP5VXZrtRPdH86s4kN47I8B3TW10S4QKiE3ziHNf3kRN//okHjA==} - - lower-case@1.1.4: - resolution: {integrity: sha512-2Fgx1Ycm599x+WGpIYwJOvsjmXFzTSc34IwDWALRA/8AopUKAVPwfJ+h5+f85BCp0PWmmJcWzEpxOpoXycMpdA==} - - lower-case@2.0.2: - resolution: {integrity: sha512-7fm3l3NAF9WfN6W3JOmf5drwpVqX78JtoGJ3A6W0a6ZnldM41w2fV5D490psKFTpMds8TJse/eHLFFsNHHjHgg==} - - lowercase-keys@2.0.0: - resolution: {integrity: sha512-tqNXrS78oMOE73NMxK4EMLQsQowWf8jKooH9g7xPavRT706R6bkQJ6DY2Te7QukaZsulxa30wQ7bk0pm4XiHmA==} - engines: {node: '>=8'} - - lru-cache@10.4.3: - resolution: {integrity: sha512-JNAzZcXrCt42VGLuYz0zfAzDfAvJWW6AfYlDBQyDV5DClI2m5sAmK+OIO7s59XfsRsWHp02jAJrRadPRGTt6SQ==} - - lru-cache@6.0.0: - resolution: {integrity: sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==} - engines: {node: '>=10'} - - lru-memoizer@2.3.0: - resolution: {integrity: sha512-GXn7gyHAMhO13WSKrIiNfztwxodVsP8IoZ3XfrJV4yH2x0/OeTO/FIaAHTY5YekdGgW94njfuKmyyt1E0mR6Ug==} - - lru_map@0.3.3: - resolution: {integrity: sha512-Pn9cox5CsMYngeDbmChANltQl+5pi6XmTrraMSzhPmMBbmgcxmqWry0U3PGapCU1yB4/LqCcom7qhHZiF/jGfQ==} - - luxon@3.5.0: - resolution: {integrity: sha512-rh+Zjr6DNfUYR3bPwJEnuwDdqMbxZW7LOQfUN4B54+Cl+0o5zaU9RJ6bcidfDtC1cWCZXQ+nvX8bf6bAji37QQ==} - engines: {node: '>=12'} - - mailcomposer@3.12.0: - resolution: {integrity: sha512-zBeDoKUTNI8IAsazoMQFt3eVSVRtDtgrvBjBVdBjxDEX+5KLlKtEFCrBXnxPhs8aTYufUS1SmbFnGpjHS53deg==} - deprecated: This project is unmaintained - - make-dir@3.1.0: - resolution: {integrity: sha512-g3FeP20LNwhALb/6Cz6Dd4F2ngze0jz7tbzrD2wAV+o9FeNHe4rL+yK2md0J/fiSf1sa1ADhXqi5+oVwOM/eGw==} - engines: {node: '>=8'} - - make-iterator@1.0.1: - resolution: {integrity: sha512-pxiuXh0iVEq7VM7KMIhs5gxsfxCux2URptUQaXo4iZZJxBAzTPOLE2BumO5dbfVYq/hBJFBR/a1mFDmOx5AGmw==} - engines: {node: '>=0.10.0'} - - map-cache@0.2.2: - resolution: {integrity: sha512-8y/eV9QQZCiyn1SprXSrCmqJN0yNRATe+PO8ztwqrvrbdRLA3eYJF0yaR0YayLWkMbsQSKWS9N2gPcGEc4UsZg==} - engines: {node: '>=0.10.0'} - - map-visit@1.0.0: - resolution: {integrity: sha512-4y7uGv8bd2WdM9vpQsiQNo41Ln1NvhvDRuVt0k2JZQ+ezN2uaQes7lZeZ+QQUHOLQAtDaBJ+7wCbi+ab/KFs+w==} - engines: {node: '>=0.10.0'} - - markdown-it-abbr@1.0.4: - resolution: {integrity: sha512-ZeA4Z4SaBbYysZap5iZcxKmlPL6bYA8grqhzJIHB1ikn7njnzaP8uwbtuXc4YXD5LicI4/2Xmc0VwmSiFV04gg==} - - markdown-it-container@3.0.0: - resolution: {integrity: sha512-y6oKTq4BB9OQuY/KLfk/O3ysFhB3IMYoIWhGJEidXt1NQFocFK2sA2t0NYZAMyMShAGL6x5OPIbrmXPIqaN9rw==} - - markdown-it-deflist@2.1.0: - resolution: {integrity: sha512-3OuqoRUlSxJiuQYu0cWTLHNhhq2xtoSFqsZK8plANg91+RJQU1ziQ6lA2LzmFAEes18uPBsHZpcX6We5l76Nzg==} - - markdown-it-emoji@2.0.2: - resolution: {integrity: sha512-zLftSaNrKuYl0kR5zm4gxXjHaOI3FAOEaloKmRA5hijmJZvSjmxcokOLlzycb/HXlUFWzXqpIEoyEMCE4i9MvQ==} - - markdown-it-footnote@3.0.3: - resolution: {integrity: sha512-YZMSuCGVZAjzKMn+xqIco9d1cLGxbELHZ9do/TSYVzraooV8ypsppKNmUJ0fVH5ljkCInQAtFpm8Rb3eXSrt5w==} - - markdown-it-ins@3.0.1: - resolution: {integrity: sha512-32SSfZqSzqyAmmQ4SHvhxbFqSzPDqsZgMHDwxqPzp+v+t8RsmqsBZRG+RfRQskJko9PfKC2/oxyOs4Yg/CfiRw==} - - markdown-it-mark@3.0.1: - resolution: {integrity: sha512-HyxjAu6BRsdt6Xcv6TKVQnkz/E70TdGXEFHRYBGLncRE9lBFwDNLVtFojKxjJWgJ+5XxUwLaHXy+2sGBbDn+4A==} - - markdown-it-sub@1.0.0: - resolution: {integrity: sha512-z2Rm/LzEE1wzwTSDrI+FlPEveAAbgdAdPhdWarq/ZGJrGW/uCQbKAnhoCsE4hAbc3SEym26+W2z/VQB0cQiA9Q==} - - markdown-it-sup@1.0.0: - resolution: {integrity: sha512-E32m0nV9iyhRR7CrhnzL5msqic7rL1juWre6TQNxsnApg7Uf+F97JOKxUijg5YwXz86lZ0mqfOnutoryyNdntQ==} - - markdown-it@12.3.2: - resolution: {integrity: sha512-TchMembfxfNVpHkbtriWltGWc+m3xszaRD0CZup7GFFhzIgQqxIfn3eGj1yZpfuflzPvfkt611B2Q/Bsk1YnGg==} - hasBin: true - - match-sorter@6.3.4: - resolution: {integrity: sha512-jfZW7cWS5y/1xswZo8VBOdudUiSd9nifYRWphc9M5D/ee4w4AoXLgBEdRbgVaxbMuagBPeUC5y2Hi8DO6o9aDg==} - - mdurl@1.0.1: - resolution: {integrity: sha512-/sKlQJCBYVY9Ers9hqzKou4H6V5UWc/M59TH2dvkt+84itfnq7uFOMLpOiOS4ujvHP4etln18fmIxA5R5fll0g==} - - media-typer@0.3.0: - resolution: {integrity: sha512-dq+qelQ9akHpcOl/gUVRTxVIOkAJ1wR3QAvb4RsVjS8oVoFjDGTc679wJYmUmknUF5HwMLOgb5O+a3KxfWapPQ==} - engines: {node: '>= 0.6'} - - memfs@3.5.3: - resolution: {integrity: sha512-UERzLsxzllchadvbPs5aolHh65ISpKpM+ccLbOJ8/vvpBKmAWf+la7dXFy7Mr0ySHbdHrFv5kGFCUHHe6GFEmw==} - engines: {node: '>= 4.0.0'} - - memoize-one@5.2.1: - resolution: {integrity: sha512-zYiwtZUcYyXKo/np96AGZAckk+FWWsUdJ3cHGGmld7+AhvcWmQyGCYUh1hc4Q/pkOhb65dQR/pqCyK0cOaHz4Q==} - - memoize-one@6.0.0: - resolution: {integrity: sha512-rkpe71W0N0c0Xz6QD0eJETuWAJGnJ9afsl1srmwPrI+yBCkge5EycXXbYRyvL29zZVUWQCY7InPRCv3GDXuZNw==} - - merge-stream@2.0.0: - resolution: {integrity: sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==} - - merge2@1.4.1: - resolution: {integrity: sha512-8q7VEgMJW4J8tcfVPy8g09NcQwZdbwFEqhe/WZkoIzjn/3TGDwtOCYtXGxA3O8tPzpczCCDgv+P2P5y00ZJOOg==} - engines: {node: '>= 8'} - - methods@1.1.2: - resolution: {integrity: sha512-iclAHeNqNm68zFtnZ0e+1L2yUIdvzNoauKU4WBA3VvH/vPFieF7qfRlwUZU+DA9P9bPXIS90ulxoUoCH23sV2w==} - engines: {node: '>= 0.6'} - - micromatch@3.1.10: - resolution: {integrity: sha512-MWikgl9n9M3w+bpsY3He8L+w9eF9338xRl8IAO5viDizwSzziFEyUzo2xrrloB64ADbTf8uA8vRqqttDTOmccg==} - engines: {node: '>=0.10.0'} - - micromatch@4.0.8: - resolution: {integrity: sha512-PXwfBhYu0hBCPw8Dn0E+WDYb7af3dSLVWKi3HGv84IdF4TyFoC0ysxFd0Goxw7nSv4T/PzEJQxsYsEiFCKo2BA==} - engines: {node: '>=8.6'} - - microseconds@0.2.0: - resolution: {integrity: sha512-n7DHHMjR1avBbSpsTBj6fmMGh2AGrifVV4e+WYc3Q9lO+xnSZ3NyhcBND3vzzatt05LFhoKFRxrIyklmLlUtyA==} - - mime-db@1.52.0: - resolution: {integrity: sha512-sPU4uV7dYlvtWJxwwxHD0PuihVNiE7TyAbQ5SWxDCB9mUYvOgroQOwYQQOKPJ8CIbE+1ETVlOoK1UC2nU3gYvg==} - engines: {node: '>= 0.6'} - - mime-db@1.53.0: - resolution: {integrity: sha512-oHlN/w+3MQ3rba9rqFr6V/ypF10LSkdwUysQL7GkXoTgIWeV+tcXGA852TBxH+gsh8UWoyhR1hKcoMJTuWflpg==} - engines: {node: '>= 0.6'} - - mime-types@2.1.35: - resolution: {integrity: sha512-ZDY+bPm5zTTF+YpCrAU9nK0UgICYPT0QtT1NZWFv4s++TNkcgVaT0g6+4R2uI4MjQjzysHB1zxuWL50hzaeXiw==} - engines: {node: '>= 0.6'} - - mimic-fn@1.2.0: - resolution: {integrity: sha512-jf84uxzwiuiIVKiOLpfYk7N46TSy8ubTonmneY9vrpHNAnp0QBt2BxWV9dO3/j+BoVAb+a5G6YDPW3M5HOdMWQ==} - engines: {node: '>=4'} - - mimic-fn@2.1.0: - resolution: {integrity: sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==} - engines: {node: '>=6'} - - mimic-fn@4.0.0: - resolution: {integrity: sha512-vqiC06CuhBTUdZH+RYl8sFrL096vA45Ok5ISO6sE/Mr1jRbGH4Csnhi8f3wKVl7x8mO4Au7Ir9D3Oyv1VYMFJw==} - engines: {node: '>=12'} - - mimic-response@1.0.1: - resolution: {integrity: sha512-j5EctnkH7amfV/q5Hgmoal1g2QHFJRraOtmx0JpIqkxhBhI/lJSl1nMpQ45hVarwNETOoWEimndZ4QK0RHxuxQ==} - engines: {node: '>=4'} - - mimic-response@2.1.0: - resolution: {integrity: sha512-wXqjST+SLt7R009ySCglWBCFpjUygmCIfD790/kVbiGmUgfYGuB14PiTd5DwVxSV4NcYHjzMkoj5LjQZwTQLEA==} - engines: {node: '>=8'} - - mimic-response@3.1.0: - resolution: {integrity: sha512-z0yWI+4FDrrweS8Zmt4Ej5HdJmky15+L2e6Wgn3+iK5fWzb6T3fhNFq2+MeTRb064c6Wr4N/wv0DzQTjNzHNGQ==} - engines: {node: '>=10'} - - mini-css-extract-plugin@2.7.7: - resolution: {integrity: sha512-+0n11YGyRavUR3IlaOzJ0/4Il1avMvJ1VJfhWfCn24ITQXhRr1gghbhhrda6tgtNcpZaWKdSuwKq20Jb7fnlyw==} - engines: {node: '>= 12.13.0'} - peerDependencies: - webpack: ^5.0.0 - - minimalistic-assert@1.0.1: - resolution: {integrity: sha512-UtJcAD4yEaGtjPezWuO9wC4nwUnVH/8/Im3yEHQP4b67cXlD/Qr9hdITCU1xDbSEXg2XKNaP8jsReV7vQd00/A==} - - minimalistic-crypto-utils@1.0.1: - resolution: {integrity: sha512-JIYlbt6g8i5jKfJ3xz7rF0LXmv2TkDxBLUkiBeZ7bAx4GnnNMr8xFpGnOxn6GhTEHx3SjRrZEoU+j04prX1ktg==} - - minimatch@3.1.2: - resolution: {integrity: sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==} - - minimatch@5.1.6: - resolution: {integrity: sha512-lKwV/1brpG6mBUFHtb7NUmtABCb2WZZmm2wNiOA5hAb8VdCS4B3dtMWyvcoViccwAW/COERjXLt0zP1zXUN26g==} - engines: {node: '>=10'} - - minimatch@9.0.3: - resolution: {integrity: sha512-RHiac9mvaRw0x3AYRgDC1CxAP7HTcNrrECeA8YYJeWnpo+2Q5CegtZjaotWTWxDG3UeGA1coE05iH1mPjT/2mg==} - engines: {node: '>=16 || 14 >=14.17'} - - minimatch@9.0.5: - resolution: {integrity: sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow==} - engines: {node: '>=16 || 14 >=14.17'} - - minimist@1.2.8: - resolution: {integrity: sha512-2yyAR8qBkN3YuheJanUpWC5U3bb5osDywNB8RzDVlDwDHbocAJveqqj1u8+SVD7jkWT4yvsHCpWqqWqAxb0zCA==} - - minipass@3.3.6: - resolution: {integrity: sha512-DxiNidxSEK+tHG6zOIklvNOwm3hvCrbUrdtzY74U6HKTJxvIDfOUL5W5P2Ghd3DTkhhKPYGqeNUIh5qcM4YBfw==} - engines: {node: '>=8'} - - minipass@4.2.8: - resolution: {integrity: sha512-fNzuVyifolSLFL4NzpF+wEF4qrgqaaKX0haXPQEdQ7NKAN+WecoKMHV09YcuL/DHxrUsYQOK3MiuDf7Ip2OXfQ==} - engines: {node: '>=8'} - - minipass@5.0.0: - resolution: {integrity: sha512-3FnjYuehv9k6ovOEbyOswadCDPX1piCfhV8ncmYtHOjuPwylVWsghTLo7rabjC3Rx5xD4HDx8Wm1xnMF7S5qFQ==} - engines: {node: '>=8'} - - minipass@7.1.2: - resolution: {integrity: sha512-qOOzS1cBTWYF4BH8fVePDBOO9iptMnGUEZwNc/cMWnTV2nVLZ7VoNWEPHkYczZA0pdoA7dl6e7FL659nX9S2aw==} - engines: {node: '>=16 || 14 >=14.17'} - - minizlib@2.1.2: - resolution: {integrity: sha512-bAxsR8BVfj60DWXHE3u30oHzfl4G7khkSuPW+qvpd7jFRHm7dLxOjUk1EHACJ/hxLY8phGJ0YhYHZo7jil7Qdg==} - engines: {node: '>= 8'} - - mixin-deep@1.3.2: - resolution: {integrity: sha512-WRoDn//mXBiJ1H40rqa3vH0toePwSsGb45iInWlTySa+Uu4k3tYUSxa2v1KqAiLtvlrSzaExqS1gtk96A9zvEA==} - engines: {node: '>=0.10.0'} - - mkdirp-classic@0.5.3: - resolution: {integrity: sha512-gKLcREMhtuZRwRAfqP3RFW+TK4JqApVBtOIftVgjuABpAtpxhPGaDcfvbhNvD0B8iD1oUr/txX35NjcaY6Ns/A==} - - mkdirp@0.5.6: - resolution: {integrity: sha512-FP+p8RB8OWpF3YZBCrP5gtADmtXApB5AMLn+vdyA+PyxCjrCs00mjyUozssO33cwDeT3wNGdLxJ5M//YqtHAJw==} - hasBin: true - - mkdirp@1.0.4: - resolution: {integrity: sha512-vVqVZQyf3WLx2Shd0qJ9xuvqgAyKPLAiqITEtqW0oIUjzo3PePDd6fW9iFz30ef7Ysp/oiWqbhszeGWW2T6Gzw==} - engines: {node: '>=10'} - hasBin: true - - mrmime@2.0.0: - resolution: {integrity: sha512-eu38+hdgojoyq63s+yTpN4XMBdt5l8HhMhc4VKLO9KM5caLIBvUm4thi7fFaxyTmCKeNnXZ5pAlBwCUnhA09uw==} - engines: {node: '>=10'} - - ms@2.0.0: - resolution: {integrity: sha512-Tpp60P6IUJDTuOq/5Z8cdskzJujfwqfOTkrwIwj7IRISpnkJnT6SyJ4PCPnGMoFjC9ddhal5KVIYtAt97ix05A==} - - ms@2.1.2: - resolution: {integrity: sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==} - - ms@2.1.3: - resolution: {integrity: sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==} - - multistream@4.1.0: - resolution: {integrity: sha512-J1XDiAmmNpRCBfIWJv+n0ymC4ABcf/Pl+5YvC5B/D2f/2+8PtHvCNxMPKiQcZyi922Hq69J2YOpb1pTywfifyw==} - - mute-stream@0.0.8: - resolution: {integrity: sha512-nnbWWOkoWyUsTjKrhgD0dcz22mdkSnpYqbEjIm2nhwhuxlSkpywJmBo8h0ZqJdkp73mb90SssHkN4rsRaBAfAA==} - - mz@2.7.0: - resolution: {integrity: sha512-z81GNO7nnYMEhrGh9LeymoE4+Yr0Wn5McHIZMK5cfQCl+NDX08sCZgUc9/6MHni9IWuFLm1Z3HTCXu2z9fN62Q==} - - nan@2.20.0: - resolution: {integrity: sha512-bk3gXBZDGILuuo/6sKtr0DQmSThYHLtNCdSdXk9YkxD/jK6X2vmCyyXBBxyqZ4XcnzTyYEAThfX3DCEnLf6igw==} - - nano-time@1.0.0: - resolution: {integrity: sha512-flnngywOoQ0lLQOTRNexn2gGSNuM9bKj9RZAWSzhQ+UJYaAFG9bac4DW9VHjUAzrOaIcajHybCTHe/bkvozQqA==} - - nanoclone@0.2.1: - resolution: {integrity: sha512-wynEP02LmIbLpcYw8uBKpcfF6dmg2vcpKqxeH5UcoKEYdExslsdUA4ugFauuaeYdTB76ez6gJW8XAZ6CgkXYxA==} - - nanoid@3.3.7: - resolution: {integrity: sha512-eSRppjcPIatRIMC1U6UngP8XFcz8MQWGQdt1MTBQ7NaAmvXDfvNxbvWV3x2y6CdEUciCSsDHDQZbhYaB8QEo2g==} - engines: {node: ^10 || ^12 || ^13.7 || ^14 || >=15.0.1} - hasBin: true - - nanomatch@1.2.13: - resolution: {integrity: sha512-fpoe2T0RbHwBTBUOftAfBPaDEi06ufaUai0mE6Yn1kacc3SnTErfb/h+X94VXzI64rKFHYImXSvdwGGCmwOqCA==} - engines: {node: '>=0.10.0'} - - napi-build-utils@1.0.2: - resolution: {integrity: sha512-ONmRUqK7zj7DWX0D9ADe03wbwOBZxNAfF20PlGfCWQcD3+/MakShIHrMqx9YwPTfxDdF1zLeL+RGZiR9kGMLdg==} - - negotiator@0.6.3: - resolution: {integrity: sha512-+EUsqGPLsM+j/zdChZjsnX51g4XrHFOIXwfnCVPGlQk/k5giakcKsuxCObBRu6DSm9opw/O6slWbJdghQM4bBg==} - engines: {node: '>= 0.6'} - - neo-async@2.6.2: - resolution: {integrity: sha512-Yd3UES5mWCSqR+qNT93S3UoYUkqAZ9lLg8a7g9rimsWmYGK8cVToA4/sF3RrshdyV3sAGMXVUmpMYOw+dLpOuw==} - - no-case@2.3.2: - resolution: {integrity: sha512-rmTZ9kz+f3rCvK2TD1Ue/oZlns7OGoIWP4fc3llxxRXlOkHKoWPPWJOfFYpITabSow43QJbRIoHQXtt10VldyQ==} - - no-case@3.0.4: - resolution: {integrity: sha512-fgAN3jGAh+RoxUGZHTSOLJIqUc2wmoBwGR4tbpNAKmmovFoWq0OdRkb0VkldReO2a2iBT/OEulG9XSUc10r3zg==} - - node-abi@3.67.0: - resolution: {integrity: sha512-bLn/fU/ALVBE9wj+p4Y21ZJWYFjUXLXPi/IewyLZkx3ApxKDNBWCKdReeKOtD8dWpOdDCeMyLh6ZewzcLsG2Nw==} - engines: {node: '>=10'} - - node-abort-controller@3.1.1: - resolution: {integrity: sha512-AGK2yQKIjRuqnc6VkX2Xj5d+QW8xZ87pa1UK6yA6ouUyuxfHuMP6umE5QK7UmTeOAymo+Zx1Fxiuw9rVx8taHQ==} - - node-addon-api@6.1.0: - resolution: {integrity: sha512-+eawOlIgy680F0kBzPUNFhMZGtJ1YmqM6l4+Crf4IkImjYrO/mqPwRMh352g23uIaQKFItcQ64I7KMaJxHgAVA==} - - node-domexception@1.0.0: - resolution: {integrity: sha512-/jKZoMpw0F8GRwl4/eLROPA3cfcXtLApP0QzLmUT/HuPCZWyB7IY9ZrMeKw2O/nFIqPQB3PVM9aYm0F312AXDQ==} - engines: {node: '>=10.5.0'} - - node-fetch@2.7.0: - resolution: {integrity: sha512-c4FRfUm/dbcWZ7U+1Wq0AwCyFL+3nt2bEw05wfxSz+DWpWsitgmSgYmy2dQdWyKC1694ELPqMs/YzUSNozLt8A==} - engines: {node: 4.x || >=6.0.0} - peerDependencies: - encoding: ^0.1.0 - peerDependenciesMeta: - encoding: - optional: true - - node-fetch@3.3.2: - resolution: {integrity: sha512-dRB78srN/l6gqWulah9SrxeYnxeddIG30+GOqK/9OlLVyLg3HPnr6SqOWTWOXKRwC2eGYCkZ59NNuSgvSrpgOA==} - engines: {node: ^12.20.0 || ^14.13.1 || >=16.0.0} - - node-machine-id@1.1.12: - resolution: {integrity: sha512-QNABxbrPa3qEIfrE6GOJ7BYIuignnJw7iQ2YPbc3Nla1HzRJjXzZOiikfF8m7eAMfichLt3M4VgLOetqgDmgGQ==} - - node-plop@0.26.3: - resolution: {integrity: sha512-Cov028YhBZ5aB7MdMWJEmwyBig43aGL5WT4vdoB28Oitau1zZAcHUn8Sgfk9HM33TqhtLJ9PlM/O0Mv+QpV/4Q==} - engines: {node: '>=8.9.4'} - - node-releases@2.0.18: - resolution: {integrity: sha512-d9VeXT4SJ7ZeOqGX6R5EM022wpL+eWPooLI+5UpWn2jCT1aosUQEhQP214x33Wkwx3JQMvIm+tIoVOdodFS40g==} - - node-schedule@2.1.1: - resolution: {integrity: sha512-OXdegQq03OmXEjt2hZP33W2YPs/E5BcFQks46+G2gAxs4gHOIVD1u7EqlYLYSKsaIpyKCK9Gbk0ta1/gjRSMRQ==} - engines: {node: '>=6'} - - nodemailer-fetch@1.6.0: - resolution: {integrity: sha512-P7S5CEVGAmDrrpn351aXOLYs1R/7fD5NamfMCHyi6WIkbjS2eeZUB/TkuvpOQr0bvRZicVqo59+8wbhR3yrJbQ==} - - nodemailer-shared@1.1.0: - resolution: {integrity: sha512-68xW5LSyPWv8R0GLm6veAvm7E+XFXkVgvE3FW0FGxNMMZqMkPFeGDVALfR1DPdSfcoO36PnW7q5AAOgFImEZGg==} - - nodemon@3.0.2: - resolution: {integrity: sha512-9qIN2LNTrEzpOPBaWHTm4Asy1LxXLSickZStAQ4IZe7zsoIpD/A7LWxhZV3t4Zu352uBcqVnRsDXSMR2Sc3lTA==} - engines: {node: '>=10'} - hasBin: true - - noms@0.0.0: - resolution: {integrity: sha512-lNDU9VJaOPxUmXcLb+HQFeUgQQPtMI24Gt6hgfuMHRJgMRHMF/qZ4HJD3GDru4sSw9IQl2jPjAYnQrdIeLbwow==} - - nopt@5.0.0: - resolution: {integrity: sha512-Tbj67rffqceeLpcRXrT7vKAN8CwfPeIBgM7E6iBkmKLV7bEMwpGgYLGv0jACUsECaa/vuxP0IjEont6umdMgtQ==} - engines: {node: '>=6'} - hasBin: true - - normalize-package-data@2.5.0: - resolution: {integrity: sha512-/5CMN3T0R4XTj4DcGaexo+roZSdSFW/0AOOTROrjxzCG1wrWXEsGbRKevjlIL+ZDE4sZlJr5ED4YW0yqmkK+eA==} - - normalize-path@3.0.0: - resolution: {integrity: sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==} - engines: {node: '>=0.10.0'} - - normalize-url@6.1.0: - resolution: {integrity: sha512-DlL+XwOy3NxAQ8xuC0okPgK46iuVNAK01YN7RueYBqqFeGsBjV9XmCAzAdgt+667bCl5kPh9EqKKDwnaPG1I7A==} - engines: {node: '>=10'} - - npm-bundled@1.1.2: - resolution: {integrity: sha512-x5DHup0SuyQcmL3s7Rx/YQ8sbw/Hzg0rj48eN0dV7hf5cmQq5PXIeioroH3raV1QC1yh3uTYuMThvEQF3iKgGQ==} - - npm-normalize-package-bin@1.0.1: - resolution: {integrity: sha512-EPfafl6JL5/rU+ot6P3gRSCpPDW5VmIzX959Ob1+ySFUuuYHWHekXpwdUZcKP5C+DS4GEtdJluwBjnsNDl+fSA==} - - npm-packlist@2.2.2: - resolution: {integrity: sha512-Jt01acDvJRhJGthnUJVF/w6gumWOZxO7IkpY/lsX9//zqQgnF7OJaxgQXcerd4uQOLu7W5bkb4mChL9mdfm+Zg==} - engines: {node: '>=10'} - hasBin: true - - npm-run-path@4.0.1: - resolution: {integrity: sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw==} - engines: {node: '>=8'} - - npm-run-path@5.3.0: - resolution: {integrity: sha512-ppwTtiJZq0O/ai0z7yfudtBpWIoxM8yE6nHi1X47eFR2EWORqfbu6CnPlNsjeN683eT0qG6H/Pyf9fCcvjnnnQ==} - engines: {node: ^12.20.0 || ^14.13.1 || >=16.0.0} - - npmlog@5.0.1: - resolution: {integrity: sha512-AqZtDUWOMKs1G/8lwylVjrdYgqA4d9nu8hc+0gzRxlDb1I10+FHBGMXs6aiQHFdCUUlqH99MUMuLfzWDNDtfxw==} - deprecated: This package is no longer supported. - - nth-check@2.1.1: - resolution: {integrity: sha512-lqjrjmaOoAnWfMmBPL+XNnynZh2+swxiX3WUE0s4yEHI6m+AwrK2UZOimIRl3X/4QctVqS8AiZjFqyOGrMXb/w==} - - oauth-sign@0.9.0: - resolution: {integrity: sha512-fexhUFFPTGV8ybAtSIGbV6gOkSv8UtRbDBnAyLQw4QPKkgNlsH2ByPGtMUqdWkos6YCRmAqViwgZrJc/mRDzZQ==} - - object-assign@4.1.1: - resolution: {integrity: sha512-rJgTQnkUnH1sFw8yT6VSU3zD3sWmu6sZhIseY8VX+GRu3P6F7Fu+JNDoXfklElbLJSnc3FUQHVe4cU5hj+BcUg==} - engines: {node: '>=0.10.0'} - - object-copy@0.1.0: - resolution: {integrity: sha512-79LYn6VAb63zgtmAteVOWo9Vdj71ZVBy3Pbse+VqxDpEP83XuujMrGqHIwAXJ5I/aM0zU7dIyIAhifVTPrNItQ==} - engines: {node: '>=0.10.0'} - - object-inspect@1.13.2: - resolution: {integrity: sha512-IRZSRuzJiynemAXPYtPe5BoI/RESNYR7TYm50MC5Mqbd3Jmw5y790sErYw3V6SryFJD64b74qQQs9wn5Bg/k3g==} - engines: {node: '>= 0.4'} - - object-visit@1.0.1: - resolution: {integrity: sha512-GBaMwwAVK9qbQN3Scdo0OyvgPW7l3lnaVMj84uTOZlswkX0KpF6fyDBJhtTthf7pymztoN36/KEr1DyhF96zEA==} - engines: {node: '>=0.10.0'} - - object.defaults@1.1.0: - resolution: {integrity: sha512-c/K0mw/F11k4dEUBMW8naXUuBuhxRCfG7W+yFy8EcijU/rSmazOUd1XAEEe6bC0OuXY4HUKjTJv7xbxIMqdxrA==} - engines: {node: '>=0.10.0'} - - object.map@1.0.1: - resolution: {integrity: sha512-3+mAJu2PLfnSVGHwIWubpOFLscJANBKuB/6A4CxBstc4aqwQY0FWcsppuy4jU5GSB95yES5JHSI+33AWuS4k6w==} - engines: {node: '>=0.10.0'} - - object.pick@1.3.0: - resolution: {integrity: sha512-tqa/UMy/CCoYmj+H5qc07qvSL9dqcs/WZENZ1JbtWBlATP+iVOe778gE6MSijnyCnORzDuX6hU+LA4SZ09YjFQ==} - engines: {node: '>=0.10.0'} - - oblivious-set@1.0.0: - resolution: {integrity: sha512-z+pI07qxo4c2CulUHCDf9lcqDlMSo72N/4rLUpRXf6fu+q8vjt8y0xS+Tlf8NTJDdTXHbdeO1n3MlbctwEoXZw==} - - on-finished@2.4.1: - resolution: {integrity: sha512-oVlzkg3ENAhCk2zdv7IJwd/QUD4z2RxRwpkcGY8psCVcCYZNq4wYnVWALHM+brtuJjePWiYF/ClmuDr8Ch5+kg==} - engines: {node: '>= 0.8'} - - once@1.4.0: - resolution: {integrity: sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==} - - one-time@1.0.0: - resolution: {integrity: sha512-5DXOiRKwuSEcQ/l0kGCF6Q3jcADFv5tSmRaJck/OqkVFcOzutB134KRSfF0xDrL39MNnqxbHBbUUcjZIhTgb2g==} - - onetime@2.0.1: - resolution: {integrity: sha512-oyyPpiMaKARvvcgip+JV+7zci5L8D1W9RZIz2l1o08AM3pfspitVWnPt3mzHcBPp12oYMTy0pqrFs/C+m3EwsQ==} - engines: {node: '>=4'} - - onetime@5.1.2: - resolution: {integrity: sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==} - engines: {node: '>=6'} - - onetime@6.0.0: - resolution: {integrity: sha512-1FlR+gjXK7X+AsAHso35MnyN5KqGwJRi/31ft6x0M194ht7S+rWAvd7PHss9xSKMzE0asv1pyIHaJYq+BbacAQ==} - engines: {node: '>=12'} - - only@0.0.2: - resolution: {integrity: sha512-Fvw+Jemq5fjjyWz6CpKx6w9s7xxqo3+JCyM0WXWeCSOboZ8ABkyvP8ID4CZuChA/wxSx+XSJmdOm8rGVyJ1hdQ==} - - open@8.4.0: - resolution: {integrity: sha512-XgFPPM+B28FtCCgSb9I+s9szOC1vZRSwgWsRUA5ylIxRTgKozqjOCrVOqGsYABPYK5qnfqClxZTFBa8PKt2v6Q==} - engines: {node: '>=12'} - - open@9.1.0: - resolution: {integrity: sha512-OS+QTnw1/4vrf+9hh1jc1jnYjzSG4ttTBB8UxOwAnInG3Uo4ssetzC1ihqaIHjLJnA5GGlRl6QlZXOTQhRBUvg==} - engines: {node: '>=14.16'} - - opener@1.5.2: - resolution: {integrity: sha512-ur5UIdyw5Y7yEj9wLzhqXiy6GZ3Mwx0yGI+5sMn2r0N0v3cKJvUmFH5yPP+WXh9e0xfyzyJX95D8l088DNFj7A==} - hasBin: true - - ora@3.4.0: - resolution: {integrity: sha512-eNwHudNbO1folBP3JsZ19v9azXWtQZjICdr3Q0TDPIaeBQ3mXLrh54wM+er0+hSp+dWKf+Z8KM58CYzEyIYxYg==} - engines: {node: '>=6'} - - ora@5.4.1: - resolution: {integrity: sha512-5b6Y85tPxZZ7QytO+BQzysW31HJku27cRIlkbAXaNx+BdcVi+LlRFmVXzeF6a7JCwJpyw5c4b+YSVImQIrBpuQ==} - engines: {node: '>=10'} - - os-paths@7.4.0: - resolution: {integrity: sha512-Ux1J4NUqC6tZayBqLN1kUlDAEvLiQlli/53sSddU4IN+h+3xxnv2HmRSMpVSvr1hvJzotfMs3ERvETGK+f4OwA==} - engines: {node: '>= 4.0'} - - os-tmpdir@1.0.2: - resolution: {integrity: sha512-D2FR03Vir7FIu45XBY20mTb+/ZSWB00sjU9jdQXt83gDrI4Ztz5Fs7/yy74g2N5SVQY4xY1qDr4rNddwYRVX0g==} - engines: {node: '>=0.10.0'} - - outdent@0.8.0: - resolution: {integrity: sha512-KiOAIsdpUTcAXuykya5fnVVT+/5uS0Q1mrkRHcF89tpieSmY33O/tmc54CqwA+bfhbtEfZUNLHaPUiB9X3jt1A==} - - p-cancelable@2.1.1: - resolution: {integrity: sha512-BZOr3nRQHOntUjTrH8+Lh54smKHoHyur8We1V8DSMVrl5A2malOOwuJRnKRDjSnkoeBh4at6BwEnb5I7Jl31wg==} - engines: {node: '>=8'} - - p-finally@1.0.0: - resolution: {integrity: sha512-LICb2p9CB7FS+0eR1oqWnHhp0FljGLZCWBE9aix0Uye9W8LTQPwMTYVGWQWIw9RdQiDg4+epXQODwIYJtSJaow==} - engines: {node: '>=4'} - - p-limit@2.3.0: - resolution: {integrity: sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==} - engines: {node: '>=6'} - - p-limit@3.1.0: - resolution: {integrity: sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==} - engines: {node: '>=10'} - - p-locate@3.0.0: - resolution: {integrity: sha512-x+12w/To+4GFfgJhBEpiDcLozRJGegY+Ei7/z0tSLkMmxGZNybVMSfWj9aJn8Z5Fc7dBUNJOOVgPv2H7IwulSQ==} - engines: {node: '>=6'} - - p-locate@4.1.0: - resolution: {integrity: sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==} - engines: {node: '>=8'} - - p-locate@5.0.0: - resolution: {integrity: sha512-LaNjtRWUBY++zB5nE/NwcaoMylSPk+S+ZHNB1TzdbMJMny6dynpAGt7X/tl/QYq3TIeE6nxHppbo2LGymrG5Pw==} - engines: {node: '>=10'} - - p-map@3.0.0: - resolution: {integrity: sha512-d3qXVTF/s+W+CdJ5A29wywV2n8CQQYahlgz2bFiA+4eVNJbHJodPZ+/gXwPGh0bOqA+j8S+6+ckmvLGPk1QpxQ==} - engines: {node: '>=8'} - - p-map@4.0.0: - resolution: {integrity: sha512-/bjOqmgETBYB5BoEeGVea8dmvHb2m9GLy1E9W43yeyfP6QQCZGFNa+XRceJEuDB6zqr+gKpIAmlLebMpykw/MQ==} - engines: {node: '>=10'} - - p-queue@6.6.2: - resolution: {integrity: sha512-RwFpb72c/BhQLEXIZ5K2e+AhgNVmIejGlTgiB9MzZ0e93GRvqZ7uSi0dvRF7/XIXDeNkra2fNHBxTyPDGySpjQ==} - engines: {node: '>=8'} - - p-timeout@3.2.0: - resolution: {integrity: sha512-rhIwUycgwwKcP9yTOOFK/AKsAopjjCakVqLHePO3CC6Mir1Z99xT+R63jZxAT5lFZLa2inS5h+ZS2GvR99/FBg==} - engines: {node: '>=8'} - - p-try@2.2.0: - resolution: {integrity: sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==} - engines: {node: '>=6'} - - package-json-from-dist@1.0.0: - resolution: {integrity: sha512-dATvCeZN/8wQsGywez1mzHtTlP22H8OEfPrVMLNr4/eGa+ijtLn/6M5f0dY8UKNrC2O9UCU6SSoG3qRKnt7STw==} - - package-json@7.0.0: - resolution: {integrity: sha512-CHJqc94AA8YfSLHGQT3DbvSIuE12NLFekpM4n7LRrAd3dOJtA911+4xe9q6nC3/jcKraq7nNS9VxgtT0KC+diA==} - engines: {node: '>=12'} - - param-case@2.1.1: - resolution: {integrity: sha512-eQE845L6ot89sk2N8liD8HAuH4ca6Vvr7VWAWwt7+kvvG5aBcPmmphQ68JsEG2qa9n1TykS2DLeMt363AAH8/w==} - - param-case@3.0.4: - resolution: {integrity: sha512-RXlj7zCYokReqWpOPH9oYivUzLYZ5vAPIfEmCTNViosC78F8F0H9y7T7gG2M39ymgutxF5gcFEsyZQSph9Bp3A==} - - parent-module@1.0.1: - resolution: {integrity: sha512-GQ2EWRpQV8/o+Aw8YqtfZZPfNRWZYkbidE9k5rpl/hC3vtHHBfGm2Ifi6qWV+coDGkrUKZAxE3Lot5kcsRlh+g==} - engines: {node: '>=6'} - - parse-filepath@1.0.2: - resolution: {integrity: sha512-FwdRXKCohSVeXqwtYonZTXtbGJKrn+HNyWDYVcp5yuJlesTwNH4rsmRZ+GrKAPJ5bLpRxESMeS+Rl0VCHRvB2Q==} - engines: {node: '>=0.8'} - - parse-json@5.2.0: - resolution: {integrity: sha512-ayCKvm/phCGxOkYRSCM82iDwct8/EonSEgCSxWxD7ve6jHggsFl4fZVQBPRNgQoKiuV/odhFrGzQXZwbifC8Rg==} - engines: {node: '>=8'} - - parse-passwd@1.0.0: - resolution: {integrity: sha512-1Y1A//QUXEZK7YKz+rD9WydcE1+EuPr6ZBgKecAB8tmoW6UFv0NREVJe1p+jRxtThkcbbKkfwIbWJe/IeE6m2Q==} - engines: {node: '>=0.10.0'} - - parse-path@7.0.0: - resolution: {integrity: sha512-Euf9GG8WT9CdqwuWJGdf3RkUcTBArppHABkO7Lm8IzRQp0e2r/kkFnmhu4TSK30Wcu5rVAZLmfPKSBBi9tWFog==} - - parse-srcset@1.0.2: - resolution: {integrity: sha512-/2qh0lav6CmI15FzA3i/2Bzk2zCgQhGMkvhOhKNcBVQ1ldgpbfiNTVslmooUmWJcADi1f1kIeynbDRVzNlfR6Q==} - - parse-url@8.1.0: - resolution: {integrity: sha512-xDvOoLU5XRrcOZvnI6b8zA6n9O9ejNk/GExuz1yBuWUGn9KA97GI6HTs6u02wKara1CeVmZhH+0TZFdWScR89w==} - - parseurl@1.3.3: - resolution: {integrity: sha512-CiyeOxFT/JZyN5m0z9PfXw4SCBJ6Sygz1Dpl0wqjlhDEGGBP1GnsUVEL0p63hoG1fcj3fHynXi9NYO4nWOL+qQ==} - engines: {node: '>= 0.8'} - - pascal-case@2.0.1: - resolution: {integrity: sha512-qjS4s8rBOJa2Xm0jmxXiyh1+OFf6ekCWOvUaRgAQSktzlTbMotS0nmG9gyYAybCWBcuP4fsBeRCKNwGBnMe2OQ==} - - pascal-case@3.1.2: - resolution: {integrity: sha512-uWlGT3YSnK9x3BQJaOdcZwrnV6hPpd8jFH1/ucpiLRPh/2zCVJKS19E4GvYHvaCcACn3foXZ0cLB9Wrx1KGe5g==} - - pascalcase@0.1.1: - resolution: {integrity: sha512-XHXfu/yOQRy9vYOtUDVMN60OEJjW013GoObG1o+xwQTpB9eYJX/BjXMsdW13ZDPruFhYYn0AG22w0xgQMwl3Nw==} - engines: {node: '>=0.10.0'} - - passport-local@1.0.0: - resolution: {integrity: sha512-9wCE6qKznvf9mQYYbgJ3sVOHmCWoUNMVFoZzNoznmISbhnNNPhN9xfY3sLmScHMetEJeoY7CXwfhCe7argfQow==} - engines: {node: '>= 0.4.0'} - - passport-strategy@1.0.0: - resolution: {integrity: sha512-CB97UUvDKJde2V0KDWWB3lyf6PC3FaZP7YxZ2G8OAtn9p4HI9j9JLP9qjOGZFvyl8uwNT8qM+hGnz/n16NI7oA==} - engines: {node: '>= 0.4.0'} - - passport@0.6.0: - resolution: {integrity: sha512-0fe+p3ZnrWRW74fe8+SvCyf4a3Pb2/h7gFkQ8yTJpAO50gDzlfjZUZTO1k5Eg9kUct22OxHLqDZoKUWRHOh9ug==} - engines: {node: '>= 0.4.0'} - - path-case@2.1.1: - resolution: {integrity: sha512-Ou0N05MioItesaLr9q8TtHVWmJ6fxWdqKB2RohFmNWVyJ+2zeKIeDNWAN6B/Pe7wpzWChhZX6nONYmOnMeJQ/Q==} - - path-exists@3.0.0: - resolution: {integrity: sha512-bpC7GYwiDYQ4wYLe+FA8lhRjhQCMcQGuSgGGqDkg/QerRWw9CmGRT0iSOVRSZJ29NMLZgIzqaljJ63oaL4NIJQ==} - engines: {node: '>=4'} - - path-exists@4.0.0: - resolution: {integrity: sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==} - engines: {node: '>=8'} - - path-is-absolute@1.0.1: - resolution: {integrity: sha512-AVbw3UJ2e9bq64vSaS9Am0fje1Pa8pbGqTTsmXfaIiMpnr5DlDhfJOuLj9Sf95ZPVDAUerDfEk88MPmPe7UCQg==} - engines: {node: '>=0.10.0'} - - path-key@3.1.1: - resolution: {integrity: sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==} - engines: {node: '>=8'} - - path-key@4.0.0: - resolution: {integrity: sha512-haREypq7xkM7ErfgIyA0z+Bj4AGKlMSdlQE2jvJo6huWD1EdkKYV+G/T4nq0YEF2vgTT8kqMFKo1uHn950r4SQ==} - engines: {node: '>=12'} - - path-parse@1.0.7: - resolution: {integrity: sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==} - - path-root-regex@0.1.2: - resolution: {integrity: sha512-4GlJ6rZDhQZFE0DPVKh0e9jmZ5egZfxTkp7bcRDuPlJXbAwhxcl2dINPUAsjLdejqaLsCeg8axcLjIbvBjN4pQ==} - engines: {node: '>=0.10.0'} - - path-root@0.1.1: - resolution: {integrity: sha512-QLcPegTHF11axjfojBIoDygmS2E3Lf+8+jI6wOVmNVenrKSo3mFdSGiIgdSHenczw3wPtlVMQaFVwGmM7BJdtg==} - engines: {node: '>=0.10.0'} - - path-scurry@1.11.1: - resolution: {integrity: sha512-Xa4Nw17FS9ApQFJ9umLiJS4orGjm7ZzwUrwamcGQuHSzDyth9boKDaycYdDcZDuqYATXw4HFXgaqWTctW/v1HA==} - engines: {node: '>=16 || 14 >=14.18'} - - path-to-regexp@6.2.2: - resolution: {integrity: sha512-GQX3SSMokngb36+whdpRXE+3f9V8UzyAorlYvOGx87ufGHehNTn5lCxrKtLyZ4Yl/wEKnNnr98ZzOwwDZV5ogw==} - - path-type@4.0.0: - resolution: {integrity: sha512-gDKb8aZMDeD/tZWs9P6+q0J9Mwkdl6xMV8TjnGP3qJVJ06bdMgkbBlLU8IdfOsIsFz2BW1rNVT3XuNEl8zPAvw==} - engines: {node: '>=8'} - - pause@0.0.1: - resolution: {integrity: sha512-KG8UEiEVkR3wGEb4m5yZkVCzigAD+cVEJck2CzYZO37ZGJfctvVptVO192MwrtPhzONn6go8ylnOdMhKqi4nfg==} - - pg-cloudflare@1.1.1: - resolution: {integrity: sha512-xWPagP/4B6BgFO+EKz3JONXv3YDgvkbVrGw2mTo3D6tVDQRh1e7cqVGvyR3BE+eQgAvx1XhW/iEASj4/jCWl3Q==} - - pg-connection-string@2.6.1: - resolution: {integrity: sha512-w6ZzNu6oMmIzEAYVw+RLK0+nqHPt8K3ZnknKi+g48Ak2pr3dtljJW3o+D/n2zzCG07Zoe9VOX3aiKpj+BN0pjg==} - - pg-connection-string@2.6.4: - resolution: {integrity: sha512-v+Z7W/0EO707aNMaAEfiGnGL9sxxumwLl2fJvCQtMn9Fxsg+lPpPkdcyBSv/KFgpGdYkMfn+EI1Or2EHjpgLCA==} - - pg-int8@1.0.1: - resolution: {integrity: sha512-WCtabS6t3c8SkpDBUlb1kjOs7l66xsGdKpIPZsg4wR+B3+u9UAum2odSsF9tnvxg80h4ZxLWMy4pRjOsFIqQpw==} - engines: {node: '>=4.0.0'} - - pg-pool@3.6.2: - resolution: {integrity: sha512-Htjbg8BlwXqSBQ9V8Vjtc+vzf/6fVUuak/3/XXKA9oxZprwW3IMDQTGHP+KDmVL7rtd+R1QjbnCFPuTHm3G4hg==} - peerDependencies: - pg: '>=8.0' - - pg-protocol@1.6.1: - resolution: {integrity: sha512-jPIlvgoD63hrEuihvIg+tJhoGjUsLPn6poJY9N5CnlPd91c2T18T/9zBtLxZSb1EhYxBRoZJtzScCaWlYLtktg==} - - pg-types@2.2.0: - resolution: {integrity: sha512-qTAAlrEsl8s4OiEQY69wDvcMIdQN6wdz5ojQiOy6YRMuynxenON0O5oCpJI6lshc6scgAY8qvJ2On/p+CXY0GA==} - engines: {node: '>=4'} - - pg@8.12.0: - resolution: {integrity: sha512-A+LHUSnwnxrnL/tZ+OLfqR1SxLN3c/pgDztZ47Rpbsd4jUytsTtwQo/TLPRzPJMp/1pbhYVhH9cuSZLAajNfjQ==} - engines: {node: '>= 8.0.0'} - peerDependencies: - pg-native: '>=3.0.1' - peerDependenciesMeta: - pg-native: - optional: true - - pgpass@1.0.5: - resolution: {integrity: sha512-FdW9r/jQZhSeohs1Z3sI1yxFQNFvMcnmfuj4WBMUTxOrAyLMaTcE1aAMBiTlbMNaXvBCQuVi0R7hd8udDSP7ug==} - - picocolors@1.1.0: - resolution: {integrity: sha512-TQ92mBOW0l3LeMeyLV6mzy/kWr8lkd/hp3mTg7wYK7zJhuBStmGMBG0BdeDZS/dZx1IukaX6Bk11zcln25o1Aw==} - - picomatch@2.3.1: - resolution: {integrity: sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==} - engines: {node: '>=8.6'} - - pkg-up@3.1.0: - resolution: {integrity: sha512-nDywThFk1i4BQK4twPQ6TA4RT8bDY96yeuCVBWL3ePARCiEKDRSrNGbFIgUJpLp+XeIR65v8ra7WuJOFUBtkMA==} - engines: {node: '>=8'} - - plop@2.7.6: - resolution: {integrity: sha512-IgnYAsC3Ni7t1cDU7wH2151CD22YhMxH8PFh+iPzCf+WuGEWXslJ5t1Tpr0N/gjL23CAV/HbLAWug2IPM2YrHg==} - engines: {node: '>=8.9.4'} - hasBin: true - - pluralize@8.0.0: - resolution: {integrity: sha512-Nc3IT5yHzflTfbjgqWcCPpo7DaKy4FnpB0l/zCAW0Tc7jxAiuqSxHasntB3D7887LSrA93kDJ9IXovxJYxyLCA==} - engines: {node: '>=4'} - - pony-cause@2.1.11: - resolution: {integrity: sha512-M7LhCsdNbNgiLYiP4WjsfLUuFmCfnjdF6jKe2R9NKl4WFN+HZPGHJZ9lnLP7f9ZnKe3U9nuWD0szirmj+migUg==} - engines: {node: '>=12.0.0'} - - posix-character-classes@0.1.1: - resolution: {integrity: sha512-xTgYBc3fuo7Yt7JbiuFxSYGToMoz8fLoE6TC9Wx1P/u+LfeThMOAqmuyECnlBaaJb+u1m9hHiXUEtwW4OzfUJg==} - engines: {node: '>=0.10.0'} - - postcss-modules-extract-imports@3.1.0: - resolution: {integrity: sha512-k3kNe0aNFQDAZGbin48pL2VNidTF0w4/eASDsxlyspobzU3wZQLOGj7L9gfRe0Jo9/4uud09DsjFNH7winGv8Q==} - engines: {node: ^10 || ^12 || >= 14} - peerDependencies: - postcss: ^8.1.0 - - postcss-modules-local-by-default@4.0.5: - resolution: {integrity: sha512-6MieY7sIfTK0hYfafw1OMEG+2bg8Q1ocHCpoWLqOKj3JXlKu4G7btkmM/B7lFubYkYWmRSPLZi5chid63ZaZYw==} - engines: {node: ^10 || ^12 || >= 14} - peerDependencies: - postcss: ^8.1.0 - - postcss-modules-scope@3.2.0: - resolution: {integrity: sha512-oq+g1ssrsZOsx9M96c5w8laRmvEu9C3adDSjI8oTcbfkrTE8hx/zfyobUoWIxaKPO8bt6S62kxpw5GqypEw1QQ==} - engines: {node: ^10 || ^12 || >= 14} - peerDependencies: - postcss: ^8.1.0 - - postcss-modules-values@4.0.0: - resolution: {integrity: sha512-RDxHkAiEGI78gS2ofyvCsu7iycRv7oqw5xMWn9iMoR0N/7mf9D50ecQqUo5BZ9Zh2vH4bCUR/ktCqbB9m8vJjQ==} - engines: {node: ^10 || ^12 || >= 14} - peerDependencies: - postcss: ^8.1.0 - - postcss-selector-parser@6.1.2: - resolution: {integrity: sha512-Q8qQfPiZ+THO/3ZrOrO0cJJKfpYCagtMUkXbnEfmgUjwXg6z/WBeOyS9APBBPCTSiDV+s4SwQGu8yFsiMRIudg==} - engines: {node: '>=4'} - - postcss-value-parser@4.2.0: - resolution: {integrity: sha512-1NNCs6uurfkVbeXG4S8JFT9t19m45ICnif8zWLd5oPSZ50QnwMfK+H3jv408d4jw/7Bttv5axS5IiHoLaVNHeQ==} - - postcss@8.4.38: - resolution: {integrity: sha512-Wglpdk03BSfXkHoQa3b/oulrotAkwrlLDRSOb9D0bN86FdRyE9lppSp33aHNPgBa0JKCoB+drFLZkQoRRYae5A==} - engines: {node: ^10 || ^12 || >=14} - - postcss@8.4.44: - resolution: {integrity: sha512-Aweb9unOEpQ3ezu4Q00DPvvM2ZTUitJdNKeP/+uQgr1IBIqu574IaZoURId7BKtWMREwzKa9OgzPzezWGPWFQw==} - engines: {node: ^10 || ^12 || >=14} - - postgres-array@2.0.0: - resolution: {integrity: sha512-VpZrUqU5A69eQyW2c5CA1jtLecCsN2U/bD6VilrFDWq5+5UIEVO7nazS3TEcHf1zuPYO/sqGvUvW62g86RXZuA==} - engines: {node: '>=4'} - - postgres-bytea@1.0.0: - resolution: {integrity: sha512-xy3pmLuQqRBZBXDULy7KbaitYqLcmxigw14Q5sj8QBVLqEwXfeybIKVWiqAXTlcvdvb0+xkOtDbfQMOf4lST1w==} - engines: {node: '>=0.10.0'} - - postgres-date@1.0.7: - resolution: {integrity: sha512-suDmjLVQg78nMK2UZ454hAG+OAW+HQPZ6n++TNDUX+L0+uUlLywnoxJKDou51Zm+zTCjrCl0Nq6J9C5hP9vK/Q==} - engines: {node: '>=0.10.0'} - - postgres-interval@1.2.0: - resolution: {integrity: sha512-9ZhXKM/rw350N1ovuWHbGxnGh/SNJ4cnxHiM0rxE4VN41wsg8P8zWn9hv/buK00RP4WvlOyr/RBDiptyxVbkZQ==} - engines: {node: '>=0.10.0'} - - prebuild-install@7.1.2: - resolution: {integrity: sha512-UnNke3IQb6sgarcZIDU3gbMeTp/9SSU1DAIkil7PrqG1vZlBtY5msYccSKSHDqa3hNg436IXK+SNImReuA1wEQ==} - engines: {node: '>=10'} - hasBin: true - - prettier-plugin-packagejson@2.4.5: - resolution: {integrity: sha512-glG71jE1gO3y5+JNAhC8X+4yrlN28rub6Aj461SKbaPie9RgMiHKcInH2Moi2VGOfkTXaEHBhg4uVMBqa+kBUA==} - peerDependencies: - prettier: '>= 1.16.0' - peerDependenciesMeta: - prettier: - optional: true - - prettier@2.8.4: - resolution: {integrity: sha512-vIS4Rlc2FNh0BySk3Wkd6xmwxB0FpOndW5fisM5H8hsZSxU2VWVB5CWIkIjWvrHjIhxk2g3bfMKM87zNTrZddw==} - engines: {node: '>=10.13.0'} - hasBin: true - - pretty-error@4.0.0: - resolution: {integrity: sha512-AoJ5YMAcXKYxKhuJGdcvse+Voc6v1RgnsR3nWcYU7q4t6z0Q6T86sv5Zq8VIRbOWWFpvdGE83LtdSMNd+6Y0xw==} - - process-nextick-args@2.0.1: - resolution: {integrity: sha512-3ouUOpQhtgrbOa17J7+uxOTpITYWaGP7/AhoR3+A+/1e9skrzelGi/dXzEYyvbxubEF6Wn2ypscTKiKJFFn1ag==} - - progress-stream@2.0.0: - resolution: {integrity: sha512-xJwOWR46jcXUq6EH9yYyqp+I52skPySOeHfkxOZ2IY1AiBi/sFJhbhAKHoV3OTw/omQ45KTio9215dRJ2Yxd3Q==} - - prompts@2.4.2: - resolution: {integrity: sha512-NxNv/kLguCA7p3jE8oL2aEBsrJWgAakBpgmgK6lpPWV+WuOmY6r2/zbAVnP+T8bQlA0nzHXSJSJW0Hq7ylaD2Q==} - engines: {node: '>= 6'} - - prop-types@15.8.1: - resolution: {integrity: sha512-oj87CgZICdulUohogVAR7AjlC0327U4el4L6eAvOqCeudMDVU0NThNaV+b9Df4dXgSP1gXMTnPdhfe/2qDH5cg==} - - property-expr@2.0.6: - resolution: {integrity: sha512-SVtmxhRE/CGkn3eZY1T6pC8Nln6Fr/lu1mKSgRud0eC73whjGfoAogbn78LkD8aFL0zz3bAFerKSnOl7NlErBA==} - - proto-list@1.2.4: - resolution: {integrity: sha512-vtK/94akxsTMhe0/cbfpR+syPuszcuwhqVjJq26CuNDgFGj682oRBXOP5MJpv2r7JtE8MsiepGIqvvOTBwn2vA==} - - protocols@2.0.1: - resolution: {integrity: sha512-/XJ368cyBJ7fzLMwLKv1e4vLxOju2MNAIokcr7meSaNcVbWz/CPcW22cP04mwxOErdA5mwjA8Q6w/cdAQxVn7Q==} - - proxy-from-env@1.1.0: - resolution: {integrity: sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg==} - - pstree.remy@1.1.8: - resolution: {integrity: sha512-77DZwxQmxKnu3aR542U+X8FypNzbfJ+C5XQDk3uWjWxn6151aIMGthWYRXTqT1E5oJvg+ljaa2OJi+VfvCOQ8w==} - - pump@3.0.0: - resolution: {integrity: sha512-LwZy+p3SFs1Pytd/jYct4wpv49HiYCqd9Rlc5ZVdk0V+8Yzv6jR5Blk3TRmPL1ft69TxP0IMZGJ+WPFU2BFhww==} - - punycode@2.3.1: - resolution: {integrity: sha512-vYt7UD1U9Wg6138shLtLOvdAu+8DsC/ilFtEVHcH+wydcSpNE20AfSOduf6MkRFahL5FY7X1oU7nKVZFtfq8Fg==} - engines: {node: '>=6'} - - purest@4.0.2: - resolution: {integrity: sha512-Uq6kdia8zGVHOb/0zAOb7FvKFMKeyeTZTLEwpO0JR3cIFEkpH6asv3ls9M9URDjHiYIdgAPmht5ecSbvPacfyg==} - engines: {node: '>=12.0.0'} - - qs@6.11.1: - resolution: {integrity: sha512-0wsrzgTz/kAVIeuxSjnpGC56rzYtr6JT/2BwEvMaPhFIoYa1aGO8LbzuU1R0uUYQkLpWBTOj0l/CLAJB64J6nQ==} - engines: {node: '>=0.6'} - - qs@6.13.0: - resolution: {integrity: sha512-+38qI9SOr8tfZ4QmJNplMUxqjbe7LKvvZgWdExBOmd+egZTtjLB67Gu0HRX3u/XOq7UU2Nx6nsjvS16Z9uwfpg==} - engines: {node: '>=0.6'} - - queue-microtask@1.2.3: - resolution: {integrity: sha512-NuaNSa6flKT5JaSYQzJok04JzTL1CA6aGhv5rfLW3PgqA+M2ChpZQnAC8h8i4ZFkBS8X5RqkDBHA7r4hej3K9A==} - - queue-tick@1.0.1: - resolution: {integrity: sha512-kJt5qhMxoszgU/62PLP1CJytzd2NKetjSRnyuj31fDd3Rlcz3fzlFdFLD1SItunPwyqEOkca6GbV612BWfaBag==} - - quick-lru@5.1.1: - resolution: {integrity: sha512-WuyALRjWPDGtt/wzJiadO5AXY+8hZ80hVpe6MyivgraREW751X3SbhRvG3eLKOYN+8VEvqLcf3wdnt44Z4S4SA==} - engines: {node: '>=10'} - - randombytes@2.1.0: - resolution: {integrity: sha512-vYl3iOX+4CKUWuxGi9Ukhie6fsqXqS9FE2Zaic4tNFD2N2QQaXOMFbuKK4QmDHC0JO6B1Zp41J0LpT0oR68amQ==} - - range-parser@1.2.1: - resolution: {integrity: sha512-Hrgsx+orqoygnmhFbKaHE6c296J+HTAQXoxEF6gNupROmmGJRoyzfG3ccAveqCBrwr/2yxQ5BVd/GTl5agOwSg==} - engines: {node: '>= 0.6'} - - raw-body@2.5.2: - resolution: {integrity: sha512-8zGqypfENjCIqGhgXToC8aB2r7YrBX+AQAfIPs/Mlk+BtPTztOvTS01NRW/3Eh60J+a48lt8qsCzirQ6loCVfA==} - engines: {node: '>= 0.8'} - - rc@1.2.8: - resolution: {integrity: sha512-y3bGgqKj3QBdxLbLkomlohkvsA8gdAiUQlSBJnBhfn+BPxg4bc62d8TcBW15wavDfgexCgccckhcZvywyQYPOw==} - hasBin: true - - react-dnd-html5-backend@16.0.1: - resolution: {integrity: sha512-Wu3dw5aDJmOGw8WjH1I1/yTH+vlXEL4vmjk5p+MHxP8HuHJS1lAGeIdG/hze1AvNeXWo/JgULV87LyQOr+r5jw==} - - react-dnd@16.0.1: - resolution: {integrity: sha512-QeoM/i73HHu2XF9aKksIUuamHPDvRglEwdHL4jsp784BgUuWcg6mzfxT0QDdQz8Wj0qyRKx2eMg8iZtWvU4E2Q==} - peerDependencies: - '@types/hoist-non-react-statics': '>= 3.3.1' - '@types/node': '>= 12' - '@types/react': '>= 16' - react: '>= 16.14' - peerDependenciesMeta: - '@types/hoist-non-react-statics': - optional: true - '@types/node': - optional: true - '@types/react': - optional: true - - react-dom@18.3.1: - resolution: {integrity: sha512-5m4nQKp+rZRb09LNH59GM4BxTh9251/ylbKIbpe7TpGxfJ+9kv6BLkLBXIjjspbgbnIBNqlI23tRnTWT0snUIw==} - peerDependencies: - react: ^18.3.1 - - react-error-boundary@3.1.4: - resolution: {integrity: sha512-uM9uPzZJTF6wRQORmSrvOIgt4lJ9MC1sNgEOj2XGsDTRE4kmpWxg7ENK9EWNKJRMAOY9z0MuF4yIfl6gp4sotA==} - engines: {node: '>=10', npm: '>=6'} - peerDependencies: - react: '>=16.13.1' - - react-fast-compare@2.0.4: - resolution: {integrity: sha512-suNP+J1VU1MWFKcyt7RtjiSWUjvidmQSlqu+eHslq+342xCbGTYmC0mEhPCOHxlW0CywylOC1u2DFAT+bv4dBw==} - - react-fast-compare@3.2.2: - resolution: {integrity: sha512-nsO+KSNgo1SbJqJEYRE9ERzo7YtYbou/OqjSQKxV7jcKox7+usiUVZOAC+XnDOABXggQTno0Y1CpVnuWEc1boQ==} - - react-helmet@6.1.0: - resolution: {integrity: sha512-4uMzEY9nlDlgxr61NL3XbKRy1hEkXmKNXhjbAIOVw5vcFrsdYbH2FEwcNyWvWinl103nXgzYNlns9ca+8kFiWw==} - peerDependencies: - react: '>=16.3.0' - - react-intl@6.4.1: - resolution: {integrity: sha512-/aT5595AEMZ+Pjmt8W2R5/ZkYJmyyd6jTzHzqhJ1LnfeG36+N5huBtykxYhHqLc1BrIRQ1fTX1orYC0Ej5ojtg==} - peerDependencies: - react: ^16.6.0 || 17 || 18 - typescript: ^4.7 || 5 - peerDependenciesMeta: - typescript: - optional: true - - react-is@16.13.1: - resolution: {integrity: sha512-24e6ynE2H+OKt4kqsOvNd8kBpV65zoxbA4BVsEOB3ARVWQki/DHzaUoC5KuON/BiccDaCCTZBuOcfZs70kR8bQ==} - - react-is@18.3.1: - resolution: {integrity: sha512-/LLMVyas0ljjAtoYiPqYiL8VWXzUUdThrmU5+n20DZv+a+ClRoevUzw5JxU+Ieh5/c87ytoTBV9G1FiKfNJdmg==} - - react-query@3.39.3: - resolution: {integrity: sha512-nLfLz7GiohKTJDuT4us4X3h/8unOh+00MLb2yJoGTPjxKs2bc1iDhkNx2bd5MKklXnOD3NrVZ+J2UXujA5In4g==} - peerDependencies: - react: ^16.8.0 || ^17.0.0 || ^18.0.0 - react-dom: '*' - react-native: '*' - peerDependenciesMeta: - react-dom: - optional: true - react-native: - optional: true - - react-redux@8.1.1: - resolution: {integrity: sha512-5W0QaKtEhj+3bC0Nj0NkqkhIv8gLADH/2kYFMTHxCVqQILiWzLv6MaLuV5wJU3BQEdHKzTfcvPN0WMS6SC1oyA==} - peerDependencies: - '@types/react': ^16.8 || ^17.0 || ^18.0 - '@types/react-dom': ^16.8 || ^17.0 || ^18.0 - react: ^16.8 || ^17.0 || ^18.0 - react-dom: ^16.8 || ^17.0 || ^18.0 - react-native: '>=0.59' - redux: ^4 || ^5.0.0-beta.0 - peerDependenciesMeta: - '@types/react': - optional: true - '@types/react-dom': - optional: true - react-dom: - optional: true - react-native: - optional: true - redux: - optional: true - - react-refresh@0.14.0: - resolution: {integrity: sha512-wViHqhAd8OHeLS/IRMJjTSDHF3U9eWi62F/MledQGPdJGDhodXJ9PBLNGr6WWL7qlH12Mt3TyTpbS+hGXMjCzQ==} - engines: {node: '>=0.10.0'} - - react-remove-scroll-bar@2.3.6: - resolution: {integrity: sha512-DtSYaao4mBmX+HDo5YWYdBWQwYIQQshUV/dVxFxK+KM26Wjwp1gZ6rv6OC3oujI6Bfu6Xyg3TwK533AQutsn/g==} - engines: {node: '>=10'} - peerDependencies: - '@types/react': ^16.8.0 || ^17.0.0 || ^18.0.0 - react: ^16.8.0 || ^17.0.0 || ^18.0.0 - peerDependenciesMeta: - '@types/react': - optional: true - - react-remove-scroll@2.5.10: - resolution: {integrity: sha512-m3zvBRANPBw3qxVVjEIPEQinkcwlFZ4qyomuWVpNJdv4c6MvHfXV0C3L9Jx5rr3HeBHKNRX+1jreB5QloDIJjA==} - engines: {node: '>=10'} - peerDependencies: - '@types/react': ^16.8.0 || ^17.0.0 || ^18.0.0 - react: ^16.8.0 || ^17.0.0 || ^18.0.0 - peerDependenciesMeta: - '@types/react': - optional: true - - react-remove-scroll@2.5.7: - resolution: {integrity: sha512-FnrTWO4L7/Bhhf3CYBNArEG/yROV0tKmTv7/3h9QCFvH6sndeFf1wPqOcbFVu5VAulS5dV1wGT3GZZ/1GawqiA==} - engines: {node: '>=10'} - peerDependencies: - '@types/react': ^16.8.0 || ^17.0.0 || ^18.0.0 - react: ^16.8.0 || ^17.0.0 || ^18.0.0 - peerDependenciesMeta: - '@types/react': - optional: true - - react-router-dom@6.26.1: - resolution: {integrity: sha512-veut7m41S1fLql4pLhxeSW3jlqs+4MtjRLj0xvuCEXsxusJCbs6I8yn9BxzzDX2XDgafrccY6hwjmd/bL54tFw==} - engines: {node: '>=14.0.0'} - peerDependencies: - react: '>=16.8' - react-dom: '>=16.8' - - react-router@6.26.1: - resolution: {integrity: sha512-kIwJveZNwp7teQRI5QmwWo39A5bXRyqpH0COKKmPnyD2vBvDwgFXSqDUYtt1h+FEyfnE8eXr7oe0MxRzVwCcvQ==} - engines: {node: '>=14.0.0'} - peerDependencies: - react: '>=16.8' - - react-select@5.7.0: - resolution: {integrity: sha512-lJGiMxCa3cqnUr2Jjtg9YHsaytiZqeNOKeibv6WF5zbK/fPegZ1hg3y/9P1RZVLhqBTs0PfqQLKuAACednYGhQ==} - peerDependencies: - react: ^16.8.0 || ^17.0.0 || ^18.0.0 - react-dom: ^16.8.0 || ^17.0.0 || ^18.0.0 - - react-side-effect@2.1.2: - resolution: {integrity: sha512-PVjOcvVOyIILrYoyGEpDN3vmYNLdy1CajSFNt4TDsVQC5KpTijDvWVoR+/7Rz2xT978D8/ZtFceXxzsPwZEDvw==} - peerDependencies: - react: ^16.3.0 || ^17.0.0 || ^18.0.0 - - react-style-singleton@2.2.1: - resolution: {integrity: sha512-ZWj0fHEMyWkHzKYUr2Bs/4zU6XLmq9HsgBURm7g5pAVfyn49DgUiNgY2d4lXRlYSiCif9YBGpQleewkcqddc7g==} - engines: {node: '>=10'} - peerDependencies: - '@types/react': ^16.8.0 || ^17.0.0 || ^18.0.0 - react: ^16.8.0 || ^17.0.0 || ^18.0.0 - peerDependenciesMeta: - '@types/react': - optional: true - - react-transition-group@4.4.5: - resolution: {integrity: sha512-pZcd1MCJoiKiBR2NRxeCRg13uCXbydPnmB4EOeRrY7480qNWO8IIgQG6zlDkm6uRMsURXPuKq0GWtiM59a5Q6g==} - peerDependencies: - react: '>=16.6.0' - react-dom: '>=16.6.0' - - react-window@1.8.8: - resolution: {integrity: sha512-D4IiBeRtGXziZ1n0XklnFGu7h9gU684zepqyKzgPNzrsrk7xOCxni+TCckjg2Nr/DiaEEGVVmnhYSlT2rB47dQ==} - engines: {node: '>8.0.0'} - peerDependencies: - react: ^15.0.0 || ^16.0.0 || ^17.0.0 || ^18.0.0 - react-dom: ^15.0.0 || ^16.0.0 || ^17.0.0 || ^18.0.0 - - react@18.3.1: - resolution: {integrity: sha512-wS+hAgJShR0KhEvPJArfuPVN1+Hz1t0Y6n5jLrGQbkb4urgPE/0Rve+1kMB1v/oWgHgm4WIcV+i7F2pTVj+2iQ==} - engines: {node: '>=0.10.0'} - - read-pkg-up@7.0.1: - resolution: {integrity: sha512-zK0TB7Xd6JpCLmlLmufqykGE+/TlOePD6qKClNW7hHDKFh/J7/7gCWGR7joEQEW1bKq3a3yUZSObOoWLFQ4ohg==} - engines: {node: '>=8'} - - read-pkg@5.2.0: - resolution: {integrity: sha512-Ug69mNOpfvKDAc2Q8DRpMjjzdtrnv9HcSMX+4VsZxD1aZ6ZzrIE7rlzXBtWTyhULSMKg076AW6WR5iZpD0JiOg==} - engines: {node: '>=8'} - - readable-stream@1.0.34: - resolution: {integrity: sha512-ok1qVCJuRkNmvebYikljxJA/UEsKwLl2nI1OmaqAu4/UE+h0wKCHok4XkL/gvi39OacXvw59RJUOFUkDib2rHg==} - - readable-stream@2.3.8: - resolution: {integrity: sha512-8p0AUk4XODgIewSi0l8Epjs+EVnWiK7NoDIEGU0HhE7+ZyY8D1IMY7odu5lRrFXGg71L15KG8QrPmum45RTtdA==} - - readable-stream@3.6.2: - resolution: {integrity: sha512-9u/sniCrY3D5WdsERHzHE4G2YCXqoG5FTHUiCC4SIbr6XcLZBY05ya9EKjYek9O5xOAwjGq+1JdGBAS7Q9ScoA==} - engines: {node: '>= 6'} - - readdirp@3.6.0: - resolution: {integrity: sha512-hOS089on8RduqdbhvQ5Z37A0ESjsqz6qnRcffsMU3495FuTdqSm+7bhJ29JvIOsBDEEnan5DPu9t3To9VRlMzA==} - engines: {node: '>=8.10.0'} - - rechoir@0.6.2: - resolution: {integrity: sha512-HFM8rkZ+i3zrV+4LQjwQ0W+ez98pApMGM3HUrN04j3CqzPOzl9nmP15Y8YXNm8QHGv/eacOVEjqhmWpkRV0NAw==} - engines: {node: '>= 0.10'} - - rechoir@0.8.0: - resolution: {integrity: sha512-/vxpCXddiX8NGfGO/mTafwjq4aFa/71pvamip0++IQk3zG8cbCj0fifNPrjjF1XMXUne91jL9OoxmdykoEtifQ==} - engines: {node: '>= 10.13.0'} - - redux-thunk@2.4.2: - resolution: {integrity: sha512-+P3TjtnP0k/FEjcBL5FZpoovtvrTNT/UXd4/sluaSyrURlSlhLSzEdfsTBW7WsKB6yPvgd7q/iZPICFjW4o57Q==} - peerDependencies: - redux: ^4 - - redux@4.2.1: - resolution: {integrity: sha512-LAUYz4lc+Do8/g7aeRa8JkyDErK6ekstQaqWQrNRW//MY1TvCEpMtpTWvlQ+FPbWCx+Xixu/6SHt5N0HR+SB4w==} - - regenerator-runtime@0.14.1: - resolution: {integrity: sha512-dYnhHh0nJoMfnkZs6GmmhFknAGRrLznOu5nc9ML+EJxGvrx6H7teuevqVqCuPcPK//3eDrrjQhehXVx9cnkGdw==} - - regex-not@1.0.2: - resolution: {integrity: sha512-J6SDjUgDxQj5NusnOtdFxDwN/+HWykR8GELwctJ7mdqhcyy1xEc4SRFHUXvxTp661YaVKAjfRLZ9cCqS6tn32A==} - engines: {node: '>=0.10.0'} - - registry-auth-token@4.2.2: - resolution: {integrity: sha512-PC5ZysNb42zpFME6D/XlIgtNGdTl8bBOCw90xQLVMpzuuubJKYDWFAEuUNc+Cn8Z8724tg2SDhDRrkVEsqfDMg==} - engines: {node: '>=6.0.0'} - - registry-auth-token@5.0.2: - resolution: {integrity: sha512-o/3ikDxtXaA59BmZuZrJZDJv8NMDGSj+6j6XaeBmHw8eY1i1qd9+6H+LjVvQXx3HN6aRCGa1cUdJ9RaJZUugnQ==} - engines: {node: '>=14'} - - registry-url@5.1.0: - resolution: {integrity: sha512-8acYXXTI0AkQv6RAOjE3vOaIXZkT9wo4LOFbBKYQEEnnMNBpKqdUrI6S4NT0KPIo/WVvJ5tE/X5LF/TQUf0ekw==} - engines: {node: '>=8'} - - relateurl@0.2.7: - resolution: {integrity: sha512-G08Dxvm4iDN3MLM0EsP62EDV9IuhXPR6blNz6Utcp7zyV3tr4HVNINt6MpaRWbxoOHT3Q7YN2P+jaHX8vUbgog==} - engines: {node: '>= 0.10'} - - remove-accents@0.5.0: - resolution: {integrity: sha512-8g3/Otx1eJaVD12e31UbJj1YzdtVvzH85HV7t+9MJYk/u3XmkOUJ5Ys9wQrf9PCPK8+xn4ymzqYCiZl6QWKn+A==} - - renderkid@3.0.0: - resolution: {integrity: sha512-q/7VIQA8lmM1hF+jn+sFSPWGlMkSAeNYcPLmDQx2zzuiDfaLrOmumR8iaUKlenFgh0XRPIUeSPlH3A+AW3Z5pg==} - - repeat-element@1.1.4: - resolution: {integrity: sha512-LFiNfRcSu7KK3evMyYOuCzv3L10TW7yC1G2/+StMjK8Y6Vqd2MG7r/Qjw4ghtuCOjFvlnms/iMmLqpvW/ES/WQ==} - engines: {node: '>=0.10.0'} - - repeat-string@1.6.1: - resolution: {integrity: sha512-PV0dzCYDNfRi1jCDbJzpW7jNNDRuCOG/jI5ctQcGKt/clZD+YcPS3yIlWuTJMmESC8aevCFmWJy5wjAFgNqN6w==} - engines: {node: '>=0.10'} - - request-compose@2.1.6: - resolution: {integrity: sha512-S07L+2VbJB32WddD/o/PnYGKym63zLVbymygVWXvt8L79VAngcjAxhHaGuFOICLxEV90EasEPzqPKKHPspXP8w==} - engines: {node: '>=12.0.0'} - - request-ip@3.3.0: - resolution: {integrity: sha512-cA6Xh6e0fDBBBwH77SLJaJPBmD3nWVAcF9/XAcsrIHdjhFzFiB5aNQFytdjCGPezU3ROwrR11IddKAM08vohxA==} - - request-multipart@1.0.0: - resolution: {integrity: sha512-dazx88T19dIKFNc0XdlZV8H46D2RmNFdR4mipcbrFOaN70PSSSMM3urVY+eVbrpraf/fHXccxFhLvG1wkSUtKQ==} - engines: {node: '>=8.0.0'} - - request-oauth@1.0.1: - resolution: {integrity: sha512-85THTg1RgOYtqQw42JON6AqvHLptlj1biw265Tsq4fD4cPdUvhDB2Qh9NTv17yCD322ROuO9aOmpc4GyayGVBA==} - engines: {node: '>=8.0.0'} - - require-directory@2.1.1: - resolution: {integrity: sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==} - engines: {node: '>=0.10.0'} - - require-from-string@2.0.2: - resolution: {integrity: sha512-Xf0nWe6RseziFMu+Ap9biiUbmplq6S9/p+7w7YXP/JBHhrUDDUhwa+vANyubuqfZWTveU//DYVGsDG7RKL/vEw==} - engines: {node: '>=0.10.0'} - - reselect@4.1.8: - resolution: {integrity: sha512-ab9EmR80F/zQTMNeneUr4cv+jSwPJgIlvEmVwLerwrWVbpLlBuls9XHzIeTFy4cegU2NHBp3va0LKOzU5qFEYQ==} - - resolve-alpn@1.2.1: - resolution: {integrity: sha512-0a1F4l73/ZFZOakJnQ3FvkJ2+gSTQWz/r2KE5OdDY0TxPm5h4GkqkWWfM47T7HsbnOtcJVEF4epCVy6u7Q3K+g==} - - resolve-cwd@3.0.0: - resolution: {integrity: sha512-OrZaX2Mb+rJCpH/6CpSqt9xFVpN++x01XnN2ie9g6P5/3xelLAkXWVADpdz1IHD/KFfEXyE6V0U01OQ3UO2rEg==} - engines: {node: '>=8'} - - resolve-dir@1.0.1: - resolution: {integrity: sha512-R7uiTjECzvOsWSfdM0QKFNBVFcK27aHOUwdvK53BcW8zqnGdYp0Fbj82cy54+2A4P2tFM22J5kRfe1R+lM/1yg==} - engines: {node: '>=0.10.0'} - - resolve-from@4.0.0: - resolution: {integrity: sha512-pb/MYmXstAkysRFx8piNI1tGFNQIFA3vkE3Gq4EuA1dF6gHp/+vgZqsCGJapvy8N3Q+4o7FwvquPJcnZ7RYy4g==} - engines: {node: '>=4'} - - resolve-from@5.0.0: - resolution: {integrity: sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==} - engines: {node: '>=8'} - - resolve-path@1.4.0: - resolution: {integrity: sha512-i1xevIst/Qa+nA9olDxLWnLk8YZbi8R/7JPbCMcgyWaFR6bKWaexgJgEB5oc2PKMjYdrHynyz0NY+if+H98t1w==} - engines: {node: '>= 0.8'} - - resolve-pathname@3.0.0: - resolution: {integrity: sha512-C7rARubxI8bXFNB/hqcp/4iUeIXJhJZvFPFPiSPRnhU5UPxzMFIl+2E6yY6c4k9giDJAhtV+enfA+G89N6Csng==} - - resolve-url@0.2.1: - resolution: {integrity: sha512-ZuF55hVUQaaczgOIwqWzkEcEidmlD/xl44x1UZnhOXcYuFN2S6+rcxpG+C1N3So0wvNI3DmJICUFfu2SxhBmvg==} - deprecated: https://github.com/lydell/resolve-url#deprecated - - resolve@1.22.8: - resolution: {integrity: sha512-oKWePCxqpd6FlLvGV1VU0x7bkPmmCNolxzjMf4NczoDnQcIWrAF+cPtZn5i6n+RfD2d9i0tzpKnG6Yk168yIyw==} - hasBin: true - - responselike@2.0.1: - resolution: {integrity: sha512-4gl03wn3hj1HP3yzgdI7d3lCkF95F21Pz4BPGvKHinyQzALR5CapwC8yIi0Rh58DEMQ/SguC03wFj2k0M/mHhw==} - - restore-cursor@2.0.0: - resolution: {integrity: sha512-6IzJLuGi4+R14vwagDHX+JrXmPVtPpn4mffDJ1UdR7/Edm87fl6yi8mMBIVvFtJaNTUvjughmW4hwLhRG7gC1Q==} - engines: {node: '>=4'} - - restore-cursor@3.1.0: - resolution: {integrity: sha512-l+sSefzHpj5qimhFSE5a8nufZYAM3sBSVMAPtYkmC+4EH2anSGaEMXSD0izRQbu9nfyQ9y5JrVmp7E8oZrUjvA==} - engines: {node: '>=8'} - - ret@0.1.15: - resolution: {integrity: sha512-TTlYpa+OL+vMMNG24xSlQGEJ3B/RzEfUlLct7b5G/ytav+wPrplCpVMFuwzXbkecJrb6IYo1iFb0S9v37754mg==} - engines: {node: '>=0.12'} - - reusify@1.0.4: - resolution: {integrity: sha512-U9nH88a3fc/ekCF1l0/UP1IosiuIjyTh7hBvXVMHYgVcfGvt897Xguj2UOLDeI5BG2m7/uwyaLVT6fbtCwTyzw==} - engines: {iojs: '>=1.0.0', node: '>=0.10.0'} - - rimraf@2.7.1: - resolution: {integrity: sha512-uWjbaKIK3T1OSVptzX7Nl6PvQ3qAGtKEtVRjRuazjfL3Bx5eI409VZSqgND+4UNnmzLVdPj9FqFJNPqBZFve4w==} - deprecated: Rimraf versions prior to v4 are no longer supported - hasBin: true - - rimraf@3.0.2: - resolution: {integrity: sha512-JZkJMZkAGFFPP2YqXZXPbMlMBgsxzE8ILs4lMIX/2o0L9UBw9O/Y3o6wFw/i9YLapcUJWwqbi3kdxIPdC62TIA==} - deprecated: Rimraf versions prior to v4 are no longer supported - hasBin: true - - rollup@4.21.2: - resolution: {integrity: sha512-e3TapAgYf9xjdLvKQCkQTnbTKd4a6jwlpQSJJFokHGaX2IVjoEqkIIhiQfqsi0cdwlOD+tQGuOd5AJkc5RngBw==} - engines: {node: '>=18.0.0', npm: '>=8.0.0'} - hasBin: true - - run-applescript@5.0.0: - resolution: {integrity: sha512-XcT5rBksx1QdIhlFOCtgZkB99ZEouFZ1E2Kc2LHqNW13U3/74YGdkQRmThTwxy4QIyookibDKYZOPqX//6BlAg==} - engines: {node: '>=12'} - - run-async@2.4.1: - resolution: {integrity: sha512-tvVnVv01b8c1RrA6Ep7JkStj85Guv/YrMcwqYQnwjsAS2cTmmPGBBjAjpCW7RrSodNSoE2/qg9O4bceNvUuDgQ==} - engines: {node: '>=0.12.0'} - - run-parallel@1.2.0: - resolution: {integrity: sha512-5l4VyZR86LZ/lDxZTR6jqL8AFE2S0IFLMP26AbjsLVADxHdhB/c0GUsH+y39UfCi3dzz8OlQuPmnaJOMoDHQBA==} - - rxjs@6.6.7: - resolution: {integrity: sha512-hTdwr+7yYNIT5n4AMYp85KA6yw2Va0FLa3Rguvbpa4W3I5xynaBZo41cM3XM+4Q6fRMj3sBYIR1VAmZMXYJvRQ==} - engines: {npm: '>=2.0.0'} - - rxjs@7.8.1: - resolution: {integrity: sha512-AA3TVj+0A2iuIoQkWEK/tqFjBq2j+6PO6Y0zJcvzLAFhEFIO3HL0vls9hWLncZbAAbK0mar7oZ4V079I/qPMxg==} - - safe-buffer@5.1.2: - resolution: {integrity: sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==} - - safe-buffer@5.2.1: - resolution: {integrity: sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ==} - - safe-regex@1.1.0: - resolution: {integrity: sha512-aJXcif4xnaNUzvUuC5gcb46oTS7zvg4jpMTnuqtrEPlR3vFr4pxtdTwaF1Qs3Enjn9HK+ZlwQui+a7z0SywIzg==} - - safe-stable-stringify@2.5.0: - resolution: {integrity: sha512-b3rppTKm9T+PsVCBEOUR46GWI7fdOs00VKZ1+9c1EWDaDMvjQc6tUwuFyIprgGgTcWoVHSKrU8H31ZHA2e0RHA==} - engines: {node: '>=10'} - - safer-buffer@2.1.2: - resolution: {integrity: sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==} - - sanitize-html@2.13.0: - resolution: {integrity: sha512-Xff91Z+4Mz5QiNSLdLWwjgBDm5b1RU6xBT0+12rapjiaR7SwfRdjw8f+6Rir2MXKLrDicRFHdb51hGOAxmsUIA==} - - scheduler@0.23.2: - resolution: {integrity: sha512-UOShsPwz7NrMUqhR6t0hWjFduvOzbtv7toDH1/hIrfRNIDBnnBWd0CwJTGvTpngVlmwGCdP9/Zl/tVrDqcuYzQ==} - - schema-utils@3.3.0: - resolution: {integrity: sha512-pN/yOAvcC+5rQ5nERGuwrjLlYvLTbCibnZ1I7B1LaiAz9BRBlE9GMgE/eqV30P7aJQUf7Ddimy/RsbYO/GrVGg==} - engines: {node: '>= 10.13.0'} - - schema-utils@4.2.0: - resolution: {integrity: sha512-L0jRsrPpjdckP3oPug3/VxNKt2trR8TcabrM6FOAAlvC/9Phcmm+cuAgTlxBqdBR1WJx7Naj9WHw+aOmheSVbw==} - engines: {node: '>= 12.13.0'} - - scroll-into-view-if-needed@2.2.31: - resolution: {integrity: sha512-dGCXy99wZQivjmjIqihaBQNjryrz5rueJY7eHfTdyWEiR4ttYpsajb14rn9s5d4DY4EcY6+4+U/maARBXJedkA==} - - semver@5.7.2: - resolution: {integrity: sha512-cBznnQ9KjJqU67B52RMC65CMarK2600WFnbkcaiwWq3xy/5haFJlshgnpjovMVJ+Hff49d8GEn0b87C5pDQ10g==} - hasBin: true - - semver@6.3.1: - resolution: {integrity: sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==} - hasBin: true - - semver@7.5.4: - resolution: {integrity: sha512-1bCSESV6Pv+i21Hvpxp3Dx+pSD8lIPt8uVjRrxAUt/nbswYc+tK6Y2btiULjd4+fnq15PX+nqQDC7Oft7WkwcA==} - engines: {node: '>=10'} - hasBin: true - - semver@7.6.3: - resolution: {integrity: sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==} - engines: {node: '>=10'} - hasBin: true - - sendmail@1.6.1: - resolution: {integrity: sha512-lIhvnjSi5e5jL8wA1GPP6j2QVlx6JOEfmdn0QIfmuJdmXYGmJ375kcOU0NSm/34J+nypm4sa1AXrYE5w3uNIIA==} - engines: {node: '>=6.0.0'} - - sentence-case@2.1.1: - resolution: {integrity: sha512-ENl7cYHaK/Ktwk5OTD+aDbQ3uC8IByu/6Bkg+HDv8Mm+XnBnppVNalcfJTNsp1ibstKh030/JKQQWglDvtKwEQ==} - - serialize-javascript@6.0.2: - resolution: {integrity: sha512-Saa1xPByTTq2gdeFZYLLo+RFE35NHZkAbqZeWNd3BpzppeVisAqpDjcp8dyf6uIvEqJRd46jemmyA4iFIeVk8g==} - - set-blocking@2.0.0: - resolution: {integrity: sha512-KiKBS8AnWGEyLzofFfmvKwpdPzqiy16LvQfK3yv/fVH7Bj13/wl3JSR1J+rfgRE9q7xUJK4qvgS8raSOeLUehw==} - - set-function-length@1.2.2: - resolution: {integrity: sha512-pgRc4hJ4/sNjWCSS9AmnS40x3bNMDTknHgL5UaMBTMyJnU90EgWh1Rz+MC9eFu4BuN/UwZjKQuY/1v3rM7HMfg==} - engines: {node: '>= 0.4'} - - set-value@2.0.1: - resolution: {integrity: sha512-JxHc1weCN68wRY0fhCoXpyK55m/XPHafOmK4UWD7m2CI14GMcFypt4w/0+NV5f/ZMby2F6S2wwA7fgynh9gWSw==} - engines: {node: '>=0.10.0'} - - setprototypeof@1.1.0: - resolution: {integrity: sha512-BvE/TwpZX4FXExxOxZyRGQQv651MSwmWKZGqvmPcRIjDqWub67kTKuIMx43cZZrS/cBBzwBcNDWoFxt2XEFIpQ==} - - setprototypeof@1.2.0: - resolution: {integrity: sha512-E5LDX7Wrp85Kil5bhZv46j8jOeboKq5JMmYM3gVGdGH8xFpPWXUMsNrlODCrkoxMEeNi/XZIwuRvY4XNwYMJpw==} - - shallowequal@1.1.0: - resolution: {integrity: sha512-y0m1JoUZSlPAjXVtPPW70aZWfIL/dSP7AFkRnniLCrK/8MDKog3TySTBmckD+RObVxH0v4Tox67+F14PdED2oQ==} - - sharp@0.32.6: - resolution: {integrity: sha512-KyLTWwgcR9Oe4d9HwCwNM2l7+J0dUQwn/yf7S0EnTtb0eVS4RxO0eUSvxPtzT4F3SY+C4K6fqdv/DO27sJ/v/w==} - engines: {node: '>=14.15.0'} - - sharp@0.33.5: - resolution: {integrity: sha512-haPVm1EkS9pgvHrQ/F3Xy+hgcuMV0Wm9vfIBSiwZ05k+xgb0PkBQpGsAA/oWdDobNaZTH5ppvHtzCFbnSEwHVw==} - engines: {node: ^18.17.0 || ^20.3.0 || >=21.0.0} - - shebang-command@2.0.0: - resolution: {integrity: sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==} - engines: {node: '>=8'} - - shebang-regex@3.0.0: - resolution: {integrity: sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==} - engines: {node: '>=8'} - - shell-quote@1.8.1: - resolution: {integrity: sha512-6j1W9l1iAs/4xYBI1SYOVZyFcCis9b4KCLQ8fgAGG07QvzaRLVVRQvAy85yNmmZSjYjg4MWh4gNvlPujU/5LpA==} - - side-channel@1.0.6: - resolution: {integrity: sha512-fDW/EZ6Q9RiO8eFG8Hj+7u/oW+XrPTIChwCOM2+th2A6OblDtYYIpve9m+KvI9Z4C9qSEXlaGR6bTEYHReuglA==} - engines: {node: '>= 0.4'} - - sift@16.0.1: - resolution: {integrity: sha512-Wv6BjQ5zbhW7VFefWusVP33T/EM0vYikCaQ2qR8yULbsilAT8/wQaXvuQ3ptGLpoKx+lihJE3y2UTgKDyyNHZQ==} - - signal-exit@3.0.7: - resolution: {integrity: sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==} - - signal-exit@4.1.0: - resolution: {integrity: sha512-bzyZ1e88w9O1iNJbKnOlvYTrWPDl46O1bG0D3XInv+9tkPrxrN8jUUTiFlDkkmKWgn1M6CfIA13SuGqOa9Korw==} - engines: {node: '>=14'} - - simple-concat@1.0.1: - resolution: {integrity: sha512-cSFtAPtRhljv69IK0hTVZQ+OfE9nePi/rtJmw5UjHeVyVroEqJXP1sFztKUy1qU+xvz3u/sfYJLa947b7nAN2Q==} - - simple-get@3.1.1: - resolution: {integrity: sha512-CQ5LTKGfCpvE1K0n2us+kuMPbk/q0EKl82s4aheV9oXjFEz6W/Y7oQFVJuU6QG77hRT4Ghb5RURteF5vnWjupA==} - - simple-get@4.0.1: - resolution: {integrity: sha512-brv7p5WgH0jmQJr1ZDDfKDOSeWWg+OVypG99A/5vYGPqJ6pxiaHLy8nxtFjBA7oMa01ebA9gfh1uMCFqOuXxvA==} - - simple-swizzle@0.2.2: - resolution: {integrity: sha512-JA//kQgZtbuY83m+xT+tXJkmJncGMTFT+C+g2h2R9uxkYIrE2yy9sgmcLhCnw57/WSD+Eh3J97FPEDFnbXnDUg==} - - simple-update-notifier@2.0.0: - resolution: {integrity: sha512-a2B9Y0KlNXl9u/vsW6sTIu9vGEpfKu2wRV6l1H3XEas/0gUIzGzBoP/IouTcUQbm9JWZLH3COxyn03TYlFax6w==} - engines: {node: '>=10'} - - sirv@2.0.4: - resolution: {integrity: sha512-94Bdh3cC2PKrbgSOUqTiGPWVZeSiXfKOVZNJniWoqrWrRkB1CJzBU3NEbiTsPcYy1lDsANA/THzS+9WBiy5nfQ==} - engines: {node: '>= 10'} - - sisteransi@1.0.5: - resolution: {integrity: sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==} - - slash@3.0.0: - resolution: {integrity: sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==} - engines: {node: '>=8'} - - slash@4.0.0: - resolution: {integrity: sha512-3dOsAHXXUkQTpOYcoAxLIorMTp4gIQr5IW3iVb7A7lFIp0VHhnynm9izx6TssdrIcVIESAlVjtnO2K8bg+Coew==} - engines: {node: '>=12'} - - slate-history@0.93.0: - resolution: {integrity: sha512-Gr1GMGPipRuxIz41jD2/rbvzPj8eyar56TVMyJBvBeIpQSSjNISssvGNDYfJlSWM8eaRqf6DAcxMKzsLCYeX6g==} - peerDependencies: - slate: '>=0.65.3' - - slate-react@0.98.3: - resolution: {integrity: sha512-p1BnF9eRyRM0i5hkgOb11KgmpWLQm9Zyp6jVkOAj5fPdIGheKhg48Z7aWKrayeJ4nmRyi/NjRZz/io5hQcphmw==} - peerDependencies: - react: '>=16.8.0' - react-dom: '>=16.8.0' - slate: '>=0.65.3' - - slate@0.94.1: - resolution: {integrity: sha512-GH/yizXr1ceBoZ9P9uebIaHe3dC/g6Plpf9nlUwnvoyf6V1UOYrRwkabtOCd3ZfIGxomY4P7lfgLr7FPH8/BKA==} - - snake-case@2.1.0: - resolution: {integrity: sha512-FMR5YoPFwOLuh4rRz92dywJjyKYZNLpMn1R5ujVpIYkbA9p01fq8RMg0FkO4M+Yobt4MjHeLTJVm5xFFBHSV2Q==} - - snapdragon-node@2.1.1: - resolution: {integrity: sha512-O27l4xaMYt/RSQ5TR3vpWCAB5Kb/czIcqUFOM/C4fYcLnbZUc1PkjTAMjof2pBWaSTwOUd6qUHcFGVGj7aIwnw==} - engines: {node: '>=0.10.0'} - - snapdragon-util@3.0.1: - resolution: {integrity: sha512-mbKkMdQKsjX4BAL4bRYTj21edOf8cN7XHdYUJEe+Zn99hVEYcMvKPct1IqNe7+AZPirn8BCDOQBHQZknqmKlZQ==} - engines: {node: '>=0.10.0'} - - snapdragon@0.8.2: - resolution: {integrity: sha512-FtyOnWN/wCHTVXOMwvSv26d+ko5vWlIDD6zoUJ7LW8vh+ZBC8QdljveRP+crNrtBwioEUWy/4dMtbBjA4ioNlg==} - engines: {node: '>=0.10.0'} - - sort-object-keys@1.1.3: - resolution: {integrity: sha512-855pvK+VkU7PaKYPc+Jjnmt4EzejQHyhhF33q31qG8x7maDzkeFhAAThdCYay11CISO+qAMwjOBP+fPZe0IPyg==} - - sort-package-json@2.5.1: - resolution: {integrity: sha512-vx/KoZxm8YNMUqdlw7SGTfqR5pqZ/sUfgOuRtDILiOy/3AvzhAibyUe2cY3OpLs3oRSow9up4yLVtQaM24rbDQ==} - hasBin: true - - sorted-array-functions@1.3.0: - resolution: {integrity: sha512-2sqgzeFlid6N4Z2fUQ1cvFmTOLRi/sEDzSQ0OKYchqgoPmQBVyM3959qYx3fpS6Esef80KjmpgPeEr028dP3OA==} - - source-list-map@2.0.1: - resolution: {integrity: sha512-qnQ7gVMxGNxsiL4lEuJwe/To8UnK7fAnmbGEEH8RpLouuKbeEm0lhbQVFIrNSuB+G7tVrAlVsZgETT5nljf+Iw==} - - source-map-js@1.2.0: - resolution: {integrity: sha512-itJW8lvSA0TXEphiRoawsCksnlf8SyvmFzIhltqAHluXd88pkCd+cXJVHTDwdCr0IzwptSm035IHQktUu1QUMg==} - engines: {node: '>=0.10.0'} - - source-map-resolve@0.5.3: - resolution: {integrity: sha512-Htz+RnsXWk5+P2slx5Jh3Q66vhQj1Cllm0zvnaY98+NFx+Dv2CF/f5O/t8x+KaNdrdIAsruNzoh/KpialbqAnw==} - deprecated: See https://github.com/lydell/source-map-resolve#deprecated - - source-map-support@0.5.21: - resolution: {integrity: sha512-uBHU3L3czsIyYXKX88fdrGovxdSCoTGDRZ6SYXtSRxLZUzHg5P/66Ht6uoUlHu9EZod+inXhKo3qQgwXUT/y1w==} - - source-map-url@0.4.1: - resolution: {integrity: sha512-cPiFOTLUKvJFIg4SKVScy4ilPPW6rFgMgfuZJPNoDuMs3nC1HbMUycBoJw77xFIp6z1UJQJOfx6C9GMH80DiTw==} - deprecated: See https://github.com/lydell/source-map-url#deprecated - - source-map@0.5.7: - resolution: {integrity: sha512-LbrmJOMUSdEVxIKvdcJzQC+nQhe8FUZQTXQy6+I75skNgn3OoQ0DZA8YnFa7gp8tqtL3KPf1kmo0R5DoApeSGQ==} - engines: {node: '>=0.10.0'} - - source-map@0.6.1: - resolution: {integrity: sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==} - engines: {node: '>=0.10.0'} - - source-map@0.7.4: - resolution: {integrity: sha512-l3BikUxvPOcn5E74dZiq5BGsTb5yEwhaTSzccU6t4sDOH8NWJCstKO5QT2CvtFoK6F0saL7p9xHAqHOlCPJygA==} - engines: {node: '>= 8'} - - spawn-command@0.0.2: - resolution: {integrity: sha512-zC8zGoGkmc8J9ndvml8Xksr1Amk9qBujgbF0JAIWO7kXr43w0h/0GJNM/Vustixu+YE8N/MTrQ7N31FvHUACxQ==} - - spdx-correct@3.2.0: - resolution: {integrity: sha512-kN9dJbvnySHULIluDHy32WHRUu3Og7B9sbY7tsFLctQkIqnMh3hErYgdMjTYuqmcXX+lK5T1lnUt3G7zNswmZA==} - - spdx-exceptions@2.5.0: - resolution: {integrity: sha512-PiU42r+xO4UbUS1buo3LPJkjlO7430Xn5SVAhdpzzsPHsjbYVflnnFdATgabnLude+Cqu25p6N+g2lw/PFsa4w==} - - spdx-expression-parse@3.0.1: - resolution: {integrity: sha512-cbqHunsQWnJNE6KhVSMsMeH5H/L9EpymbzqTQ3uLwNCLZ1Q481oWaofqH7nO6V07xlXwY6PhQdQ2IedWx/ZK4Q==} - - spdx-license-ids@3.0.20: - resolution: {integrity: sha512-jg25NiDV/1fLtSgEgyvVyDunvaNHbuwF9lfNV17gSmPFAlYzdfNBlLtLzXTevwkPj7DhGbmN9VnmJIgLnhvaBw==} - - speedometer@1.0.0: - resolution: {integrity: sha512-lgxErLl/7A5+vgIIXsh9MbeukOaCb2axgQ+bKCdIE+ibNT4XNYGNCR1qFEGq6F+YDASXK3Fh/c5FgtZchFolxw==} - - split-string@3.1.0: - resolution: {integrity: sha512-NzNVhJDYpwceVVii8/Hu6DKfD2G+NrQHlS/V/qgv763EYudVwEcMQNxd2lh+0VrUByXN/oJkl5grOhYWvQUYiw==} - engines: {node: '>=0.10.0'} - - split2@4.2.0: - resolution: {integrity: sha512-UcjcJOWknrNkF6PLX83qcHM6KHgVKNkV62Y8a5uYDVv9ydGQVwAHMKqHdJje1VTWpljG0WYpCDhrCdAOYH4TWg==} - engines: {node: '>= 10.x'} - - sprintf-js@1.0.3: - resolution: {integrity: sha512-D9cPgkvLlV3t3IzL0D0YLvGA9Ahk4PcvVwUbN0dSGr1aP0Nrt4AEnTUbuGvquEC0mA64Gqt1fzirlRs5ibXx8g==} - - stack-trace@0.0.10: - resolution: {integrity: sha512-KGzahc7puUKkzyMt+IqAep+TVNbKP+k2Lmwhub39m1AsTSkaDutx56aDCo+HLDzf/D26BIHTJWNiTG1KAJiQCg==} - - stackframe@1.3.4: - resolution: {integrity: sha512-oeVtt7eWQS+Na6F//S4kJ2K2VbRlS9D43mAlMyVpVWovy9o+jfgH8O9agzANzaiLjclA0oYzUXEM4PurhSUChw==} - - static-extend@0.1.2: - resolution: {integrity: sha512-72E9+uLc27Mt718pMHt9VMNiAL4LMsmDbBva8mxWUCkT07fSzEGMYUCk0XWY6lp0j6RBAG4cJ3mWuZv2OE3s0g==} - engines: {node: '>=0.10.0'} - - statuses@1.5.0: - resolution: {integrity: sha512-OpZ3zP+jT1PI7I8nemJX4AKmAX070ZkYPVWV/AaKTJl+tXCTGyVdC1a4SL8RUQYEwk/f34ZX8UTykN68FwrqAA==} - engines: {node: '>= 0.6'} - - statuses@2.0.1: - resolution: {integrity: sha512-RwNA9Z/7PrK06rYLIzFMlaF+l73iwpzsqRIFgbMLbTcLD6cOao82TaWefPXQvB2fOC4AjuYSEndS7N/mTCbkdQ==} - engines: {node: '>= 0.8'} - - strapi-plugin-fuzzy-search@3.0.0: - resolution: {integrity: sha512-8qtgfHbpDfAzjGU4RnE63a19+NGtgtpDIow5gEMdgN4vkG/YlhaE4ffenla67iaCuQGuNM2qsgwaEgdq3qxFOg==} - engines: {node: '>=18.x.x <=20.x.x', npm: '>=6.0.0'} - peerDependencies: - '@strapi/strapi': ^4.25.0 - '@strapi/utils': ^4.25.0 - yup: ^0.32.9 - - stream-chain@2.2.5: - resolution: {integrity: sha512-1TJmBx6aSWqZ4tx7aTpBDXK0/e2hhcNSTV8+CbFJtDjbb+I1mZ8lHit0Grw9GRT+6JbIrrDd8esncgBi8aBXGA==} - - stream-json@1.8.0: - resolution: {integrity: sha512-HZfXngYHUAr1exT4fxlbc1IOce1RYxp2ldeaf97LYCOPSoOqY/1Psp7iGvpb+6JIOgkra9zDYnPX01hGAHzEPw==} - - stream-slice@0.1.2: - resolution: {integrity: sha512-QzQxpoacatkreL6jsxnVb7X5R/pGw9OUv2qWTYWnmLpg4NdN31snPy/f3TdQE1ZUXaThRvj1Zw4/OGg0ZkaLMA==} - - streamx@2.20.0: - resolution: {integrity: sha512-ZGd1LhDeGFucr1CUCTBOS58ZhEendd0ttpGT3usTvosS4ntIwKN9LJFp+OeCSprsCPL14BXVRZlHGRY1V9PVzQ==} - - string-argv@0.3.2: - resolution: {integrity: sha512-aqD2Q0144Z+/RqG52NeHEkZauTAUWJO8c6yTftGJKO3Tja5tUgIfmIl6kExvhtxSDP7fXB6DvzkfMpCd/F3G+Q==} - engines: {node: '>=0.6.19'} - - string-width@4.2.3: - resolution: {integrity: sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==} - engines: {node: '>=8'} - - string-width@5.1.2: - resolution: {integrity: sha512-HnLOCR3vjcY8beoNLtcjZ5/nxn2afmME6lhrDrebokqMap+XbeW8n9TXpPDOqdGK5qcI3oT0GKTW6wC7EMiVqA==} - engines: {node: '>=12'} - - string_decoder@0.10.31: - resolution: {integrity: sha512-ev2QzSzWPYmy9GuqfIVildA4OdcGLeFZQrq5ys6RtiuF+RQQiZWr8TZNyAcuVXyQRYfEO+MsoB/1BuQVhOJuoQ==} - - string_decoder@1.1.1: - resolution: {integrity: sha512-n/ShnvDi6FHbbVfviro+WojiFzv+s8MPMHBczVePfUpDJLwoLT0ht1l4YwBCbi8pJAveEEdnkHyPyTP/mzRfwg==} - - string_decoder@1.3.0: - resolution: {integrity: sha512-hkRX8U1WjJFd8LsDJ2yQ/wWWxaopEsABU1XfkM8A+j0+85JAGppt16cr1Whg6KIbb4okU6Mql6BOj+uup/wKeA==} - - strip-ansi@3.0.1: - resolution: {integrity: sha512-VhumSSbBqDTP8p2ZLKj40UjBCV4+v8bUSEpUb4KjRgWk9pbqGF4REFj6KEagidb2f/M6AzC0EmFyDNGaw9OCzg==} - engines: {node: '>=0.10.0'} - - strip-ansi@5.2.0: - resolution: {integrity: sha512-DuRs1gKbBqsMKIZlrffwlug8MHkcnpjs5VPmL1PAh+mA30U0DTotfDZ0d2UUsXpPmPmMMJ6W773MaA3J+lbiWA==} - engines: {node: '>=6'} - - strip-ansi@6.0.1: - resolution: {integrity: sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==} - engines: {node: '>=8'} - - strip-ansi@7.1.0: - resolution: {integrity: sha512-iq6eVVI64nQQTRYq2KtEg2d2uU7LElhTJwsH4YzIHZshxlgZms/wIc4VoDQTlG/IvVIrBKG06CrZnp0qv7hkcQ==} - engines: {node: '>=12'} - - strip-final-newline@2.0.0: - resolution: {integrity: sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA==} - engines: {node: '>=6'} - - strip-final-newline@3.0.0: - resolution: {integrity: sha512-dOESqjYr96iWYylGObzd39EuNTa5VJxyvVAEm5Jnh7KGo75V43Hk1odPQkNDyXNmUR6k+gEiDVXnjB8HJ3crXw==} - engines: {node: '>=12'} - - strip-json-comments@2.0.1: - resolution: {integrity: sha512-4gB8na07fecVVkOI6Rs4e7T6NOTki5EmL7TUduTs6bu3EdnSycntVJ4re8kgZA+wx9IueI2Y11bfbgwtzuE0KQ==} - engines: {node: '>=0.10.0'} - - strnum@1.0.5: - resolution: {integrity: sha512-J8bbNyKKXl5qYcR36TIO8W3mVGVHrmmxsd5PAItGkmyzwJvybiw2IVq5nqd0i4LSNSkB/sx9VHllbfFdr9k1JA==} - - style-loader@3.3.4: - resolution: {integrity: sha512-0WqXzrsMTyb8yjZJHDqwmnwRJvhALK9LfRtRc6B4UTWe8AijYLZYZ9thuJTZc2VfQWINADW/j+LiJnfy2RoC1w==} - engines: {node: '>= 12.13.0'} - peerDependencies: - webpack: ^5.0.0 - - style-mod@4.1.2: - resolution: {integrity: sha512-wnD1HyVqpJUI2+eKZ+eo1UwghftP6yuFheBqqe+bWCotBjC2K1YnteJILRMs3SM4V/0dLEW1SC27MWP5y+mwmw==} - - styled-components@6.1.13: - resolution: {integrity: sha512-M0+N2xSnAtwcVAQeFEsGWFFxXDftHUD7XrKla06QbpUMmbmtFBMMTcKWvFXtWxuD5qQkB8iU5gk6QASlx2ZRMw==} - engines: {node: '>= 16'} - peerDependencies: - react: '>= 16.8.0' - react-dom: '>= 16.8.0' - - stylis@4.2.0: - resolution: {integrity: sha512-Orov6g6BB1sDfYgzWfTHDOxamtX1bE/zo104Dh9e6fqJ3PooipYyfJ0pUmrZO2wAvO8YbEyeFrkV91XTsGMSrw==} - - stylis@4.3.2: - resolution: {integrity: sha512-bhtUjWd/z6ltJiQwg0dUfxEJ+W+jdqQd8TbWLWyeIJHlnsqmGLRFFd8e5mA0AZi/zx90smXRlN66YMTcaSFifg==} - - supports-color@2.0.0: - resolution: {integrity: sha512-KKNVtd6pCYgPIKU4cp2733HWYCpplQhddZLBUryaAHou723x+FRzQ5Df824Fj+IyyuiQTRoub4SnIFfIcrp70g==} - engines: {node: '>=0.8.0'} - - supports-color@5.5.0: - resolution: {integrity: sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==} - engines: {node: '>=4'} - - supports-color@7.2.0: - resolution: {integrity: sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==} - engines: {node: '>=8'} - - supports-color@8.1.1: - resolution: {integrity: sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==} - engines: {node: '>=10'} - - supports-preserve-symlinks-flag@1.0.0: - resolution: {integrity: sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==} - engines: {node: '>= 0.4'} - - swap-case@1.1.2: - resolution: {integrity: sha512-BAmWG6/bx8syfc6qXPprof3Mn5vQgf5dwdUNJhsNqU9WdPt5P+ES/wQ5bxfijy8zwZgZZHslC3iAsxsuQMCzJQ==} - - synckit@0.8.5: - resolution: {integrity: sha512-L1dapNV6vu2s/4Sputv8xGsCdAVlb5nRDMFU/E27D44l5U6cw1g0dGd45uLc+OXjNMmF4ntiMdCimzcjFKQI8Q==} - engines: {node: ^14.18.0 || >=16.0.0} - - tapable@2.2.1: - resolution: {integrity: sha512-GNzQvQTOIP6RyTfE2Qxb8ZVlNmw0n88vp1szwWRimP02mnTsx3Wtn5qRdqY9w2XduFNUgvOwhNnQsjwCp+kqaQ==} - engines: {node: '>=6'} - - tar-fs@2.1.1: - resolution: {integrity: sha512-V0r2Y9scmbDRLCNex/+hYzvp/zyYjvFbHPNgVTKfQvVrb6guiE/fxP+XblDNR011utopbkex2nM4dHNV6GDsng==} - - tar-fs@3.0.6: - resolution: {integrity: sha512-iokBDQQkUyeXhgPYaZxmczGPhnhXZ0CmrqI+MOb/WFGS9DW5wnfrLgtjUJBvz50vQ3qfRwJ62QVoCFu8mPVu5w==} - - tar-stream@2.2.0: - resolution: {integrity: sha512-ujeqbceABgwMZxEJnk2HDY2DlnUZ+9oEcb1KzTVfYHio0UE6dG71n60d8D2I4qNvleWrrXpmjpt7vZeF1LnMZQ==} - engines: {node: '>=6'} - - tar-stream@3.1.7: - resolution: {integrity: sha512-qJj60CXt7IU1Ffyc3NJMjh6EkuCFej46zUqJ4J7pqYlThyd9bO0XBTmcOIhSzZJVWfsLks0+nle/j538YAW9RQ==} - - tar@6.1.13: - resolution: {integrity: sha512-jdIBIN6LTIe2jqzay/2vtYLlBHa3JF42ot3h1dW8Q0PaAG4v8rm0cvpVePtau5C6OKXGGcgO9q2AMNSWxiLqKw==} - engines: {node: '>=10'} - - tar@6.2.1: - resolution: {integrity: sha512-DZ4yORTwrbTj/7MZYq2w+/ZFdI6OZ/f9SFHR+71gIVUZhOQPHzVCLpvRnPgyaMpfWxxk/4ONva3GQSyNIKRv6A==} - engines: {node: '>=10'} - - tarn@3.0.2: - resolution: {integrity: sha512-51LAVKUSZSVfI05vjPESNc5vwqqZpbXCsU+/+wxlOrUjk2SnFTt97v9ZgQrD4YmxYW1Px6w2KjaDitCfkvgxMQ==} - engines: {node: '>=8.0.0'} - - terser-webpack-plugin@5.3.10: - resolution: {integrity: sha512-BKFPWlPDndPs+NGGCr1U59t0XScL5317Y0UReNrHaw9/FwhPENlq6bfgs+4yPfyP51vqC1bQ4rp1EfXW5ZSH9w==} - engines: {node: '>= 10.13.0'} - peerDependencies: - '@swc/core': '*' - esbuild: '*' - uglify-js: '*' - webpack: ^5.1.0 - peerDependenciesMeta: - '@swc/core': - optional: true - esbuild: - optional: true - uglify-js: - optional: true - - terser@5.31.6: - resolution: {integrity: sha512-PQ4DAriWzKj+qgehQ7LK5bQqCFNMmlhjR2PFFLuqGCpuCAauxemVBWwWOxo3UIwWQx8+Pr61Df++r76wDmkQBg==} - engines: {node: '>=10'} - hasBin: true - - text-decoder@1.1.1: - resolution: {integrity: sha512-8zll7REEv4GDD3x4/0pW+ppIxSNs7H1J10IKFZsuOMscumCdM2a+toDGLPA3T+1+fLBql4zbt5z83GEQGGV5VA==} - - text-hex@1.0.0: - resolution: {integrity: sha512-uuVGNWzgJ4yhRaNSiubPY7OjISw4sw4E5Uv0wbjp+OzcbmVU/rsT8ujgcXJhn9ypzsgr5vlzpPqP+MBBKcGvbg==} - - thenify-all@1.6.0: - resolution: {integrity: sha512-RNxQH/qI8/t3thXJDwcstUO4zeqo64+Uy/+sNVRBx4Xn2OX+OZ9oP+iJnNFqplFra2ZUVeKCSa2oVWi3T4uVmA==} - engines: {node: '>=0.8'} - - thenify@3.3.1: - resolution: {integrity: sha512-RVZSIV5IG10Hk3enotrhvz0T9em6cyHBLkH/YAZuKqd8hRkKhSfCGIcP2KUY0EPxndzANBmNllzWPwak+bheSw==} - - through2@2.0.5: - resolution: {integrity: sha512-/mrRod8xqpA+IHSLyGCQ2s8SPHiCDEeQJSep1jqLYeEUClOFG2Qsh+4FU6G9VeqpZnGW/Su8LQGc4YKni5rYSQ==} - - through@2.3.8: - resolution: {integrity: sha512-w89qg7PI8wAdvX60bMDP+bFoD5Dvhm9oLheFp5O4a2QF0cSBGsBX4qZmadPMvVqlLJBBci+WqGGOAPvcDeNSVg==} - - tildify@2.0.0: - resolution: {integrity: sha512-Cc+OraorugtXNfs50hU9KS369rFXCfgGLpfCfvlc+Ud5u6VWmUQsOAa9HbTvheQdYnrdJqqv1e5oIqXppMYnSw==} - engines: {node: '>=8'} - - tiny-invariant@1.0.6: - resolution: {integrity: sha512-FOyLWWVjG+aC0UqG76V53yAWdXfH8bO6FNmyZOuUrzDzK8DI3/JRY25UD7+g49JWM1LXwymsKERB+DzI0dTEQA==} - - tiny-invariant@1.3.3: - resolution: {integrity: sha512-+FbBPE1o9QAYvviau/qC5SE3caw21q3xkvWKBtja5vgqOWIHHJ3ioaq1VPfn/Szqctz2bU/oYeKd9/z5BL+PVg==} - - tiny-warning@1.0.3: - resolution: {integrity: sha512-lBN9zLN/oAf68o3zNXYrdCt1kP8WsiGW8Oo2ka41b2IM5JL/S1CTyX1rW0mb/zSuJun0ZUrDxx4sqvYS2FWzPA==} - - title-case@2.1.1: - resolution: {integrity: sha512-EkJoZ2O3zdCz3zJsYCsxyq2OC5hrxR9mfdd5I+w8h/tmFfeOxJ+vvkxsKxdmN0WtS9zLdHEgfgVOiMVgv+Po4Q==} - - titleize@3.0.0: - resolution: {integrity: sha512-KxVu8EYHDPBdUYdKZdKtU2aj2XfEx9AfjXxE/Aj0vT06w2icA09Vus1rh6eSu1y01akYg6BjIK/hxyLJINoMLQ==} - engines: {node: '>=12'} - - tmp@0.0.33: - resolution: {integrity: sha512-jRCJlojKnZ3addtTOjdIqoRuPEKBvNXcGYqzO6zWZX8KfKEpnGY5jfggJQ3EjKuu8D4bJRr0y+cYJFmYbImXGw==} - engines: {node: '>=0.6.0'} - - to-fast-properties@2.0.0: - resolution: {integrity: sha512-/OaKK0xYrs3DmxRYqL/yDc+FxFUVYhDlXMhRmv3z915w2HF1tnN1omB354j8VUGO/hbRzyD6Y3sA7v7GS/ceog==} - engines: {node: '>=4'} - - to-object-path@0.3.0: - resolution: {integrity: sha512-9mWHdnGRuh3onocaHzukyvCZhzvr6tiflAy/JRFXcJX0TjgfWA9pk9t8CMbzmBE4Jfw58pXbkngtBtqYxzNEyg==} - engines: {node: '>=0.10.0'} - - to-regex-range@2.1.1: - resolution: {integrity: sha512-ZZWNfCjUokXXDGXFpZehJIkZqq91BcULFq/Pi7M5i4JnxXdhMKAK682z8bCW3o8Hj1wuuzoKcW3DfVzaP6VuNg==} - engines: {node: '>=0.10.0'} - - to-regex-range@5.0.1: - resolution: {integrity: sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==} - engines: {node: '>=8.0'} - - to-regex@3.0.2: - resolution: {integrity: sha512-FWtleNAtZ/Ki2qtqej2CXTOayOH9bHDQF+Q48VpWyDXjbYxA4Yz8iDB31zXOBUlOHHKidDbqGVrTUvQMPmBGBw==} - engines: {node: '>=0.10.0'} - - toidentifier@1.0.1: - resolution: {integrity: sha512-o5sSPKEkg/DIQNmH43V0/uerLrpzVedkUh8tGNvaeXpfpuwjKenlSox/2O/BTlZUtEe+JG7s5YhEz608PlAHRA==} - engines: {node: '>=0.6'} - - toposort@2.0.2: - resolution: {integrity: sha512-0a5EOkAUp8D4moMi2W8ZF8jcga7BgZd91O/yabJCFY8az+XSzeGyTKs0Aoo897iV1Nj6guFq8orWDS96z91oGg==} - - totalist@3.0.1: - resolution: {integrity: sha512-sf4i37nQ2LBx4m3wB74y+ubopq6W/dIzXg0FDGjsYnZHVa1Da8FH853wlL2gtUhg+xJXjfk3kUZS3BRoQeoQBQ==} - engines: {node: '>=6'} - - touch@3.1.1: - resolution: {integrity: sha512-r0eojU4bI8MnHr8c5bNo7lJDdI2qXlWWJk6a9EAFG7vbhTjElYhBVS3/miuE0uOuoLdb8Mc/rVfsmm6eo5o9GA==} - hasBin: true - - tr46@0.0.3: - resolution: {integrity: sha512-N3WMsuqV66lT30CrXNbEjx4GEwlow3v6rr4mCcv6prnfwhS01rkgyFdjPNBYd9br7LpXV1+Emh01fHnq2Gdgrw==} - - transliteration@2.3.5: - resolution: {integrity: sha512-HAGI4Lq4Q9dZ3Utu2phaWgtm3vB6PkLUFqWAScg/UW+1eZ/Tg6Exo4oC0/3VUol/w4BlefLhUUSVBr/9/ZGQOw==} - engines: {node: '>=6.0.0'} - hasBin: true - - tree-kill@1.2.2: - resolution: {integrity: sha512-L0Orpi8qGpRG//Nd+H90vFB+3iHnue1zSSGmNOOCh1GLJ7rUKVwV2HvijphGQS2UmhUZewS9VgvxYIdgr+fG1A==} - hasBin: true - - triple-beam@1.4.1: - resolution: {integrity: sha512-aZbgViZrg1QNcG+LULa7nhZpJTZSLm/mXnHXnbAbjmN5aSa0y7V+wvv6+4WaBtpISJzThKy+PIPxc1Nq1EJ9mg==} - engines: {node: '>= 14.0.0'} - - tslib@1.14.1: - resolution: {integrity: sha512-Xni35NKzjgMrwevysHTCArtLDpPvye8zV/0E4EyYn43P7/7qvQwPh9BGkHewbMulVntbigmcT7rdX3BNo9wRJg==} - - tslib@2.6.2: - resolution: {integrity: sha512-AEYxH93jGFPn/a2iVAwW87VuUIkR1FVUKB77NwMF7nBTDkDrrT/Hpt/IrCJ0QXhW27jTBDcf5ZY7w6RiqTMw2Q==} - - tslib@2.7.0: - resolution: {integrity: sha512-gLXCKdN1/j47AiHiOkJN69hJmcbGTHI0ImLmbYLHykhgeN0jVGola9yVjFgzCUklsZQMW55o+dW7IXv3RCXDzA==} - - tsscmp@1.0.6: - resolution: {integrity: sha512-LxhtAkPDTkVCMQjt2h6eBVY28KCjikZqZfMcC15YBeNjkgUpdCfBu5HoiOTDu86v6smE8yOjyEktJ8hlbANHQA==} - engines: {node: '>=0.6.x'} - - tunnel-agent@0.6.0: - resolution: {integrity: sha512-McnNiV1l8RYeY8tBgEpuodCC1mLUdbSN+CYBL7kJsJNInOP8UjDDEwdk6Mw60vdLLrr5NHKZhMAOSrR2NZuQ+w==} - - type-fest@0.20.2: - resolution: {integrity: sha512-Ne+eE4r0/iWnpAxD852z3A+N0Bt5RN//NjJwRd2VFHEmrywxf5vsZlh4R6lixl6B+wz/8d+maTSAkN1FIkI3LQ==} - engines: {node: '>=10'} - - type-fest@0.21.3: - resolution: {integrity: sha512-t0rzBq87m3fVcduHDUFhKmyyX+9eo6WQjZvf51Ea/M0Q7+T374Jp1aUiyUl0GKxp8M/OETVHSDvmkyPgvX+X2w==} - engines: {node: '>=10'} - - type-fest@0.6.0: - resolution: {integrity: sha512-q+MB8nYR1KDLrgr4G5yemftpMC7/QLqVndBmEEdqzmNj5dcFOO4Oo8qlwZE3ULT3+Zim1F8Kq4cBnikNhlCMlg==} - engines: {node: '>=8'} - - type-fest@0.8.1: - resolution: {integrity: sha512-4dbzIzqvjtgiM5rw1k5rEHtBANKmdudhGyBEajN01fEyhaAIhsoKNy6y7+IN93IfpFtwY9iqi7kD+xwKhQsNJA==} - engines: {node: '>=8'} - - type-fest@2.19.0: - resolution: {integrity: sha512-RAH822pAdBgcNMAfWnCBU3CFZcfZ/i1eZjwFU/dsLKumyuuP3niueg2UAukXYF0E2AAoc82ZSSf9J0WQBinzHA==} - engines: {node: '>=12.20'} - - type-is@1.6.18: - resolution: {integrity: sha512-TkRKr9sUTxEH8MdfuCSP7VizJyzRNMjj2J2do2Jr3Kym598JVdEksuzPQCnlFPW4ky9Q+iA+ma9BGm06XQBy8g==} - engines: {node: '>= 0.6'} - - typedarray-to-buffer@3.1.5: - resolution: {integrity: sha512-zdu8XMNEDepKKR+XYOXAVPtWui0ly0NtohUscw+UmaHiAWT8hrV1rr//H6V+0DvJ3OQ19S979M0laLfX8rm82Q==} - - typescript@5.2.2: - resolution: {integrity: sha512-mI4WrpHsbCIcwT9cF4FZvr80QUeKvsUsUvKDoR+X/7XHQH98xYD8YHZg7ANtz2GtZt/CBq2QJ0thkGJMHfqc1w==} - engines: {node: '>=14.17'} - hasBin: true - - uc.micro@1.0.6: - resolution: {integrity: sha512-8Y75pvTYkLJW2hWQHXxoqRgV7qb9B+9vFEtidML+7koHUFapnVJAZ6cKs+Qjz5Aw3aZWHMC6u0wJE3At+nSGwA==} - - uglify-js@3.19.3: - resolution: {integrity: sha512-v3Xu+yuwBXisp6QYTcH4UbH+xYJXqnq2m/LtQVWKWzYc1iehYnLixoQDN9FH6/j9/oybfd6W9Ghwkl8+UMKTKQ==} - engines: {node: '>=0.8.0'} - hasBin: true - - umzug@3.2.1: - resolution: {integrity: sha512-XyWQowvP9CKZycKc/Zg9SYWrAWX/gJCE799AUTFqk8yC3tp44K1xWr3LoFF0MNEjClKOo1suCr5ASnoy+KltdA==} - engines: {node: '>=12'} - - unc-path-regex@0.1.2: - resolution: {integrity: sha512-eXL4nmJT7oCpkZsHZUOJo8hcX3GbsiDOa0Qu9F646fi8dT3XuSVopVqAcEiVzSKKH7UoDti23wNX3qGFxcW5Qg==} - engines: {node: '>=0.10.0'} - - undefsafe@2.0.5: - resolution: {integrity: sha512-WxONCrssBM8TSPRqN5EmsjVrsv4A8X12J4ArBiiayv3DyyG3ZlIg6yysuuSYdZsVz3TKcTg2fd//Ujd4CHV1iA==} - - undici-types@5.26.5: - resolution: {integrity: sha512-JlCMO+ehdEIKqlFxk6IfVoAUVmgz7cU7zD/h9XZ0qzeosSHmUJVOzSQvvYSYWXkFXC+IfLKSIffhv0sVZup6pA==} - - undici-types@6.19.8: - resolution: {integrity: sha512-ve2KP6f/JnbPBFyobGHuerC9g1FYGn/F8n1LWTwNxCEzd6IfqTwUQcNXgEtmmQ6DlRrC1hrSrBnCZPokRrDHjw==} - - union-value@1.0.1: - resolution: {integrity: sha512-tJfXmxMeWYnczCVs7XAEvIV7ieppALdyepWMkHkwciRpZraG/xwT+s2JN8+pr1+8jCRf80FFzvr+MpQeeoF4Xg==} - engines: {node: '>=0.10.0'} - - unique-string@2.0.0: - resolution: {integrity: sha512-uNaeirEPvpZWSgzwsPGtU2zVSTrn/8L5q/IexZmH0eH6SA73CmAA5U4GwORTxQAZs95TAXLNqeLoPPNO5gZfWg==} - engines: {node: '>=8'} - - universalify@0.1.2: - resolution: {integrity: sha512-rBJeI5CXAlmy1pV+617WB9J63U6XcazHHF2f2dbJix4XzpUF0RS3Zbj0FGIOCAva5P/d/GBOYaACQ1w+0azUkg==} - engines: {node: '>= 4.0.0'} - - universalify@2.0.1: - resolution: {integrity: sha512-gptHNQghINnc/vTGIk0SOFGFNXw7JVrlRUtConJRlvaw6DuX0wO5Jeko9sWrMBhh+PsYAZ7oXAiOnf/UKogyiw==} - engines: {node: '>= 10.0.0'} - - unload@2.2.0: - resolution: {integrity: sha512-B60uB5TNBLtN6/LsgAf3udH9saB5p7gqJwcFfbOEZ8BcBHnGwCf6G/TGiEqkRAxX7zAFIUtzdrXQSdL3Q/wqNA==} - - unpipe@1.0.0: - resolution: {integrity: sha512-pjy2bYhSsufwWlKwPc+l3cN7+wuJlK6uz0YdJEOlQDbl6jo/YlPi4mb8agUkVC8BF7V8NuzeyPNqRksA3hztKQ==} - engines: {node: '>= 0.8'} - - unset-value@1.0.0: - resolution: {integrity: sha512-PcA2tsuGSF9cnySLHTLSh2qrQiJ70mn+r+Glzxv2TWZblxsxCC52BDlZoPCsz7STd9pN7EZetkWZBAvk4cgZdQ==} - engines: {node: '>=0.10.0'} - - untildify@4.0.0: - resolution: {integrity: sha512-KK8xQ1mkzZeg9inewmFVDNkg3l5LUhoq9kN6iWYB/CC9YMG8HA+c1Q8HwDe6dEX7kErrEVNVBO3fWsVq5iDgtw==} - engines: {node: '>=8'} - - update-browserslist-db@1.1.0: - resolution: {integrity: sha512-EdRAaAyk2cUE1wOf2DkEhzxqOQvFOoRJFNS6NeyJ01Gp2beMRpBAINjM2iDXE3KCuKhwnvHIQCJm6ThL2Z+HzQ==} - hasBin: true - peerDependencies: - browserslist: '>= 4.21.0' - - upper-case-first@1.1.2: - resolution: {integrity: sha512-wINKYvI3Db8dtjikdAqoBbZoP6Q+PZUyfMR7pmwHzjC2quzSkUq5DmPrTtPEqHaz8AGtmsB4TqwapMTM1QAQOQ==} - - upper-case@1.1.3: - resolution: {integrity: sha512-WRbjgmYzgXkCV7zNVpy5YgrHgbBv126rMALQQMrmzOVC4GM2waQ9x7xtm8VU+1yF2kWyPzI9zbZ48n4vSxwfSA==} - - uri-js@4.4.1: - resolution: {integrity: sha512-7rKUyy33Q1yc98pQ1DAmLtwX109F7TIfWlW1Ydo8Wl1ii1SeHieeh0HHfPeL2fMXK6z0s8ecKs9frCuLJvndBg==} - - urix@0.1.0: - resolution: {integrity: sha512-Am1ousAhSLBeB9cG/7k7r2R0zj50uDRlZHPGbazid5s9rlF1F/QKYObEKSIunSjIOkJZqwRRLpvewjEkM7pSqg==} - deprecated: Please see https://github.com/lydell/urix#deprecated - - url-join@4.0.1: - resolution: {integrity: sha512-jk1+QP6ZJqyOiuEI9AEWQfju/nB2Pw466kbA0LEZljHwKeMgd9WrAEgEGxjPDD2+TNbbb37rTyhEfrCXfuKXnA==} - - use-callback-ref@1.3.2: - resolution: {integrity: sha512-elOQwe6Q8gqZgDA8mrh44qRTQqpIHDcZ3hXTLjBe1i4ph8XpNJnO+aQf3NaG+lriLopI4HMx9VjQLfPQ6vhnoA==} - engines: {node: '>=10'} - peerDependencies: - '@types/react': ^16.8.0 || ^17.0.0 || ^18.0.0 - react: ^16.8.0 || ^17.0.0 || ^18.0.0 - peerDependenciesMeta: - '@types/react': - optional: true - - use-isomorphic-layout-effect@1.1.2: - resolution: {integrity: sha512-49L8yCO3iGT/ZF9QttjwLF/ZD9Iwto5LnH5LmEdk/6cFmXddqi2ulF0edxTwjj+7mqvpVVGQWvbXZdn32wRSHA==} - peerDependencies: - '@types/react': '*' - react: ^16.8.0 || ^17.0.0 || ^18.0.0 - peerDependenciesMeta: - '@types/react': - optional: true - - use-sidecar@1.1.2: - resolution: {integrity: sha512-epTbsLuzZ7lPClpz2TyryBfztm7m+28DlEv2ZCQ3MDr5ssiwyOwGH/e5F9CkfWjJ1t4clvI58yF822/GUkjjhw==} - engines: {node: '>=10'} - peerDependencies: - '@types/react': ^16.9.0 || ^17.0.0 || ^18.0.0 - react: ^16.8.0 || ^17.0.0 || ^18.0.0 - peerDependenciesMeta: - '@types/react': - optional: true - - use-sync-external-store@1.2.2: - resolution: {integrity: sha512-PElTlVMwpblvbNqQ82d2n6RjStvdSoNe9FG28kNfz3WiXilJm4DdNkEzRhCZuIDwY8U08WVihhGR5iRqAwfDiw==} - peerDependencies: - react: ^16.8.0 || ^17.0.0 || ^18.0.0 - - use@3.1.1: - resolution: {integrity: sha512-cwESVXlO3url9YWlFW/TA9cshCEhtu7IKJ/p5soJ/gGpj7vbvFrAY/eIioQ6Dw23KjZhYgiIo8HOs1nQ2vr/oQ==} - engines: {node: '>=0.10.0'} - - user-home@1.1.1: - resolution: {integrity: sha512-aggiKfEEubv3UwRNqTzLInZpAOmKzwdHqEBmW/hBA/mt99eg+b4VrX6i+IRLxU8+WJYfa33rGwRseg4eElUgsQ==} - engines: {node: '>=0.10.0'} - hasBin: true - - util-deprecate@1.0.2: - resolution: {integrity: sha512-EPD5q1uXyFxJpCrLnCc1nHnq3gOa6DZBocAIiI2TaSCA7VCJ1UJDMagCzIkXNsUYfD1daK//LTEQ8xiIbrHtcw==} - - utila@0.4.0: - resolution: {integrity: sha512-Z0DbgELS9/L/75wZbro8xAnT50pBVFQZ+hUEueGDU5FN51YSCYM+jdxsfCiHjwNP/4LCDD0i/graKpeBnOXKRA==} - - utils-merge@1.0.1: - resolution: {integrity: sha512-pMZTvIkT1d+TFGvDOqodOclx0QWkkgi6Tdoa8gC8ffGAAqz9pzPTZWAybbsHHoED/ztMtkv/VoYTYyShUn81hA==} - engines: {node: '>= 0.4.0'} - - uuid@8.3.2: - resolution: {integrity: sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==} - hasBin: true - - uuid@9.0.1: - resolution: {integrity: sha512-b+1eJOlsR9K8HJpow9Ok3fiWOWSIcIzXodvv0rQjVoOVNpWMpxf1wZNpt4y9h10odCNrqnYp1OBzRktckBe3sA==} - hasBin: true - - v8flags@2.1.1: - resolution: {integrity: sha512-SKfhk/LlaXzvtowJabLZwD4K6SGRYeoxA7KJeISlUMAB/NT4CBkZjMq3WceX2Ckm4llwqYVo8TICgsDYCBU2tA==} - engines: {node: '>= 0.10.0'} - - validate-npm-package-license@3.0.4: - resolution: {integrity: sha512-DpKm2Ui/xN7/HQKCtpZxoRWBhZ9Z0kqtygG8XCgNQ8ZlDnxuQmWhj566j8fN4Cu3/JmbhsDo7fcAJq4s9h27Ew==} - - value-equal@1.0.1: - resolution: {integrity: sha512-NOJ6JZCAWr0zlxZt+xqCHNTEKOsrks2HQd4MqhP1qy4z1SkbEP467eNx6TgDKXMvUOb+OENfJCZwM+16n7fRfw==} - - vary@1.1.2: - resolution: {integrity: sha512-BNGbWLfd0eUPabhkXUVm0j8uuvREyTh5ovRa/dyow/BqAbZJyC+5fU+IzQOzmAKzYqYRAISoRhdQr3eIZ/PXqg==} - engines: {node: '>= 0.8'} - - vite@5.0.13: - resolution: {integrity: sha512-/9ovhv2M2dGTuA+dY93B9trfyWMDRQw2jdVBhHNP6wr0oF34wG2i/N55801iZIpgUpnHDm4F/FabGQLyc+eOgg==} - engines: {node: ^18.0.0 || >=20.0.0} - hasBin: true - peerDependencies: - '@types/node': ^18.0.0 || >=20.0.0 - less: '*' - lightningcss: ^1.21.0 - sass: '*' - stylus: '*' - sugarss: '*' - terser: ^5.4.0 - peerDependenciesMeta: - '@types/node': - optional: true - less: - optional: true - lightningcss: - optional: true - sass: - optional: true - stylus: - optional: true - sugarss: - optional: true - terser: - optional: true - - w3c-keyname@2.2.8: - resolution: {integrity: sha512-dpojBhNsCNN7T82Tm7k26A6G9ML3NkhDsnw9n/eoxSRlVBB4CEtIQ/KTCLI2Fwf3ataSXRhYFkQi3SlnFwPvPQ==} - - watchpack@2.4.2: - resolution: {integrity: sha512-TnbFSbcOCcDgjZ4piURLCbJ3nJhznVh9kw6F6iokjiFPl8ONxe9A6nMDVXDiNbrSfLILs6vB07F7wLBrwPYzJw==} - engines: {node: '>=10.13.0'} - - wcwidth@1.0.1: - resolution: {integrity: sha512-XHPEwS0q6TaxcvG85+8EYkbiCux2XtWG2mkc47Ng2A77BQu9+DqIOJldST4HgPkuea7dvKSj5VgX3P1d4rW8Tg==} - - web-streams-polyfill@3.3.3: - resolution: {integrity: sha512-d2JWLCivmZYTSIoge9MsgFCZrt571BikcWGYkjC1khllbTeDlGqZ2D8vD8E/lJa8WGWbb7Plm8/XJYV7IJHZZw==} - engines: {node: '>= 8'} - - web-streams-polyfill@4.0.0-beta.3: - resolution: {integrity: sha512-QW95TCTaHmsYfHDybGMwO5IJIM93I/6vTRk+daHTWFPhwh+C8Cg7j7XyKrwrj8Ib6vYXe0ocYNrmzY4xAAN6ug==} - engines: {node: '>= 14'} - - webidl-conversions@3.0.1: - resolution: {integrity: sha512-2JAn3z8AR6rjK8Sm8orRC0h/bcl/DqL7tRPdGZ4I1CjdF+EaMLmYxBHyXuKL849eucPFhvBoxMsflfOb8kxaeQ==} - - webpack-bundle-analyzer@4.10.2: - resolution: {integrity: sha512-vJptkMm9pk5si4Bv922ZbKLV8UTT4zib4FPgXMhgzUny0bfDDkLXAVQs3ly3fS4/TN9ROFtb0NFrm04UXFE/Vw==} - engines: {node: '>= 10.13.0'} - hasBin: true - - webpack-dev-middleware@6.1.2: - resolution: {integrity: sha512-Wu+EHmX326YPYUpQLKmKbTyZZJIB8/n6R09pTmB03kJmnMsVPTo9COzHZFr01txwaCAuZvfBJE4ZCHRcKs5JaQ==} - engines: {node: '>= 14.15.0'} - peerDependencies: - webpack: ^5.0.0 - peerDependenciesMeta: - webpack: - optional: true - - webpack-hot-middleware@2.26.0: - resolution: {integrity: sha512-okzjec5sAEy4t+7rzdT8eRyxsk0FDSmBPN2KwX4Qd+6+oQCfe5Ve07+u7cJvofgB+B4w5/4dO4Pz0jhhHyyPLQ==} - - webpack-sources@1.4.3: - resolution: {integrity: sha512-lgTS3Xhv1lCOKo7SA5TjKXMjpSM4sBjNV5+q2bqesbSPs5FjGmU6jjtBSkX9b4qW87vDIsCIlUPOEhbZrMdjeQ==} - - webpack-sources@3.2.3: - resolution: {integrity: sha512-/DyMEOrDgLKKIG0fmvtz+4dUX/3Ghozwgm6iPp8KRhvn+eQf9+Q7GWxVNMk3+uCPWfdXYC4ExGBckIXdFEfH1w==} - engines: {node: '>=10.13.0'} - - webpack@5.94.0: - resolution: {integrity: sha512-KcsGn50VT+06JH/iunZJedYGUJS5FGjow8wb9c0v5n1Om8O1g4L6LjtfxwlXIATopoQu+vOXXa7gYisWxCoPyg==} - engines: {node: '>=10.13.0'} - hasBin: true - peerDependencies: - webpack-cli: '*' - peerDependenciesMeta: - webpack-cli: - optional: true - - whatwg-url@5.0.0: - resolution: {integrity: sha512-saE57nupxk6v3HY35+jzBwYa0rKSy0XR8JSxZPwgLr7ys0IBzhGviA1/TUGJLmSVqs8pb9AnvICXEuOHLprYTw==} - - which@1.3.1: - resolution: {integrity: sha512-HxJdYWq1MTIQbJ3nw0cqssHoTNU267KlrDuGZ1WYlxDStUtKUhOaJmh112/TZmHxxUfuJqPXSOm7tDyas0OSIQ==} - hasBin: true - - which@2.0.2: - resolution: {integrity: sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==} - engines: {node: '>= 8'} - hasBin: true - - wide-align@1.1.5: - resolution: {integrity: sha512-eDMORYaPNZ4sQIuuYPDHdQvf4gyCF9rEEV/yPxGfwPkRodwEgiMUUXTx/dex+Me0wxx53S+NgUHaP7y3MGlDmg==} - - widest-line@3.1.0: - resolution: {integrity: sha512-NsmoXalsWVDMGupxZ5R08ka9flZjjiLvHVAWYOKtiKM8ujtZWr9cRffak+uSE48+Ob8ObalXpwyeUiyDD6QFgg==} - engines: {node: '>=8'} - - winston-transport@4.7.1: - resolution: {integrity: sha512-wQCXXVgfv/wUPOfb2x0ruxzwkcZfxcktz6JIMUaPLmcNhO4bZTwA/WtDWK74xV3F2dKu8YadrFv0qhwYjVEwhA==} - engines: {node: '>= 12.0.0'} - - winston@3.10.0: - resolution: {integrity: sha512-nT6SIDaE9B7ZRO0u3UvdrimG0HkB7dSTAgInQnNR2SOPJ4bvq5q79+pXLftKmP52lJGW15+H5MCK0nM9D3KB/g==} - engines: {node: '>= 12.0.0'} - - wordwrap@1.0.0: - resolution: {integrity: sha512-gvVzJFlPycKc5dZN4yPkP8w7Dc37BtP1yczEneOb4uq34pXZcvrtRTmWV8W+Ume+XCxKgbjM+nevkyFPMybd4Q==} - - wrap-ansi@7.0.0: - resolution: {integrity: sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==} - engines: {node: '>=10'} - - wrap-ansi@8.1.0: - resolution: {integrity: sha512-si7QWI6zUMq56bESFvagtmzMdGOtoxfR+Sez11Mobfc7tm+VkUckk9bW2UeffTGVUbOksxmSw0AA2gs8g71NCQ==} - engines: {node: '>=12'} - - wrappy@1.0.2: - resolution: {integrity: sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==} - - write-file-atomic@3.0.3: - resolution: {integrity: sha512-AvHcyZ5JnSfq3ioSyjrBkH9yW4m7Ayk8/9My/DD9onKeu/94fwrMocemO2QAJFAlnnDN+ZDS+ZjAR5ua1/PV/Q==} - - ws@7.5.10: - resolution: {integrity: sha512-+dbF1tHwZpXcbOJdVOkzLDxZP1ailvSxM6ZweXTegylPny803bFhA+vqBYw4s31NSAk4S2Qz+AKXK9a4wkdjcQ==} - engines: {node: '>=8.3.0'} - peerDependencies: - bufferutil: ^4.0.1 - utf-8-validate: ^5.0.2 - peerDependenciesMeta: - bufferutil: - optional: true - utf-8-validate: - optional: true - - ws@8.13.0: - resolution: {integrity: sha512-x9vcZYTrFPC7aSIbj7sRCYo7L/Xb8Iy+pW0ng0wt2vCJv7M9HOMy0UoN3rr+IFC7hb7vXoqS+P9ktyLLLhO+LA==} - engines: {node: '>=10.0.0'} - peerDependencies: - bufferutil: ^4.0.1 - utf-8-validate: '>=5.0.2' - peerDependenciesMeta: - bufferutil: - optional: true - utf-8-validate: - optional: true - - xdg-app-paths@8.3.0: - resolution: {integrity: sha512-mgxlWVZw0TNWHoGmXq+NC3uhCIc55dDpAlDkMQUaIAcQzysb0kxctwv//fvuW61/nAAeUBJMQ8mnZjMmuYwOcQ==} - engines: {node: '>= 4.0'} - - xdg-basedir@4.0.0: - resolution: {integrity: sha512-PSNhEJDejZYV7h50BohL09Er9VaIefr2LMAf3OEmpCkjOi34eYyQYAXUTjEQtZJTKcF0E2UKTh+osDLsgNim9Q==} - engines: {node: '>=8'} - - xdg-portable@10.6.0: - resolution: {integrity: sha512-xrcqhWDvtZ7WLmt8G4f3hHy37iK7D2idtosRgkeiSPZEPmBShp0VfmRBLWAPC6zLF48APJ21yfea+RfQMF4/Aw==} - engines: {node: '>= 4.0'} - - xtend@4.0.2: - resolution: {integrity: sha512-LKYU1iAXJXUgAXn9URjiu+MWhyUXHsvfp7mcuYm9dSUKK0/CjtrUwFAxD82/mCWbtLsGjFIad0wIsod4zrTAEQ==} - engines: {node: '>=0.4'} - - y18n@5.0.8: - resolution: {integrity: sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==} - engines: {node: '>=10'} - - yalc@1.0.0-pre.53: - resolution: {integrity: sha512-tpNqBCpTXplnduzw5XC+FF8zNJ9L/UXmvQyyQj7NKrDNavbJtHvzmZplL5ES/RCnjX7JR7W9wz5GVDXVP3dHUQ==} - hasBin: true - - yallist@4.0.0: - resolution: {integrity: sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==} - - yaml@1.10.2: - resolution: {integrity: sha512-r3vXyErRCYJ7wg28yvBY5VSoAF8ZvlcW9/BwUzEtUsjvX/DKs24dIkuwjtuprwJJHsbyUbLApepYTR1BN4uHrg==} - engines: {node: '>= 6'} - - yargs-parser@20.2.9: - resolution: {integrity: sha512-y11nGElTIV+CT3Zv9t7VKl+Q3hTQoT9a1Qzezhhl6Rp21gJ/IVTW7Z3y9EWXhuUBC2Shnf+DX0antecpAwSP8w==} - engines: {node: '>=10'} - - yargs-parser@21.1.1: - resolution: {integrity: sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw==} - engines: {node: '>=12'} - - yargs@16.2.0: - resolution: {integrity: sha512-D1mvvtDG0L5ft/jGWkLpG1+m0eQxOfaBvTNELraWj22wSVUMWxZUvYgJYcKh6jGGIkJFhH4IZPQhR4TKpc8mBw==} - engines: {node: '>=10'} - - yargs@17.7.2: - resolution: {integrity: sha512-7dSzzRQ++CKnNI/krKnYRV7JKKPUXMEh61soaHKg9mrWEhzFWhFnxPxGl+69cD1Ou63C13NUPCnmIcrvqCuM6w==} - engines: {node: '>=12'} - - ylru@1.4.0: - resolution: {integrity: sha512-2OQsPNEmBCvXuFlIni/a+Rn+R2pHW9INm0BxXJ4hVDA8TirqMj+J/Rp9ItLatT/5pZqWwefVrTQcHpixsxnVlA==} - engines: {node: '>= 4.0.0'} - - yocto-queue@0.1.0: - resolution: {integrity: sha512-rVksvsnNCdJ/ohGc6xgPwyN8eheCxsiLM8mxuE/t/mOVqJewPuO1miLpTHQiRgTKCLexL4MeAFVagts7HmNZ2Q==} - engines: {node: '>=10'} - - yup@0.32.9: - resolution: {integrity: sha512-Ci1qN+i2H0XpY7syDQ0k5zKQ/DoxO0LzPg8PAR/X4Mpj6DqaeCoIYEEjDJwhArh3Fa7GWbQQVDZKeXYlSH4JMg==} - engines: {node: '>=10'} - -snapshots: - - '@11ty/eleventy-fetch@4.0.1': - dependencies: - debug: 4.3.6 - flat-cache: 3.2.0 - node-fetch: 2.7.0 - p-queue: 6.6.2 - transitivePeerDependencies: - - encoding - - supports-color - - '@aws-crypto/crc32@5.2.0': - dependencies: - '@aws-crypto/util': 5.2.0 - '@aws-sdk/types': 3.609.0 - tslib: 2.7.0 - - '@aws-crypto/crc32c@5.2.0': - dependencies: - '@aws-crypto/util': 5.2.0 - '@aws-sdk/types': 3.609.0 - tslib: 2.7.0 - - '@aws-crypto/sha1-browser@5.2.0': - dependencies: - '@aws-crypto/supports-web-crypto': 5.2.0 - '@aws-crypto/util': 5.2.0 - '@aws-sdk/types': 3.609.0 - '@aws-sdk/util-locate-window': 3.568.0 - '@smithy/util-utf8': 2.3.0 - tslib: 2.7.0 - - '@aws-crypto/sha256-browser@5.2.0': - dependencies: - '@aws-crypto/sha256-js': 5.2.0 - '@aws-crypto/supports-web-crypto': 5.2.0 - '@aws-crypto/util': 5.2.0 - '@aws-sdk/types': 3.609.0 - '@aws-sdk/util-locate-window': 3.568.0 - '@smithy/util-utf8': 2.3.0 - tslib: 2.7.0 - - '@aws-crypto/sha256-js@5.2.0': - dependencies: - '@aws-crypto/util': 5.2.0 - '@aws-sdk/types': 3.609.0 - tslib: 2.7.0 - - '@aws-crypto/supports-web-crypto@5.2.0': - dependencies: - tslib: 2.7.0 - - '@aws-crypto/util@5.2.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/util-utf8': 2.3.0 - tslib: 2.7.0 - - '@aws-sdk/client-s3@3.637.0': - dependencies: - '@aws-crypto/sha1-browser': 5.2.0 - '@aws-crypto/sha256-browser': 5.2.0 - '@aws-crypto/sha256-js': 5.2.0 - '@aws-sdk/client-sso-oidc': 3.637.0(@aws-sdk/client-sts@3.637.0) - '@aws-sdk/client-sts': 3.637.0 - '@aws-sdk/core': 3.635.0 - '@aws-sdk/credential-provider-node': 3.637.0(@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0))(@aws-sdk/client-sts@3.637.0) - '@aws-sdk/middleware-bucket-endpoint': 3.620.0 - '@aws-sdk/middleware-expect-continue': 3.620.0 - '@aws-sdk/middleware-flexible-checksums': 3.620.0 - '@aws-sdk/middleware-host-header': 3.620.0 - '@aws-sdk/middleware-location-constraint': 3.609.0 - '@aws-sdk/middleware-logger': 3.609.0 - '@aws-sdk/middleware-recursion-detection': 3.620.0 - '@aws-sdk/middleware-sdk-s3': 3.635.0 - '@aws-sdk/middleware-ssec': 3.609.0 - '@aws-sdk/middleware-user-agent': 3.637.0 - '@aws-sdk/region-config-resolver': 3.614.0 - '@aws-sdk/signature-v4-multi-region': 3.635.0 - '@aws-sdk/types': 3.609.0 - '@aws-sdk/util-endpoints': 3.637.0 - '@aws-sdk/util-user-agent-browser': 3.609.0 - '@aws-sdk/util-user-agent-node': 3.614.0 - '@aws-sdk/xml-builder': 3.609.0 - '@smithy/config-resolver': 3.0.5 - '@smithy/core': 2.4.0 - '@smithy/eventstream-serde-browser': 3.0.6 - '@smithy/eventstream-serde-config-resolver': 3.0.3 - '@smithy/eventstream-serde-node': 3.0.5 - '@smithy/fetch-http-handler': 3.2.4 - '@smithy/hash-blob-browser': 3.1.2 - '@smithy/hash-node': 3.0.3 - '@smithy/hash-stream-node': 3.1.2 - '@smithy/invalid-dependency': 3.0.3 - '@smithy/md5-js': 3.0.3 - '@smithy/middleware-content-length': 3.0.5 - '@smithy/middleware-endpoint': 3.1.0 - '@smithy/middleware-retry': 3.0.15 - '@smithy/middleware-serde': 3.0.3 - '@smithy/middleware-stack': 3.0.3 - '@smithy/node-config-provider': 3.1.4 - '@smithy/node-http-handler': 3.1.4 - '@smithy/protocol-http': 4.1.0 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - '@smithy/url-parser': 3.0.3 - '@smithy/util-base64': 3.0.0 - '@smithy/util-body-length-browser': 3.0.0 - '@smithy/util-body-length-node': 3.0.0 - '@smithy/util-defaults-mode-browser': 3.0.15 - '@smithy/util-defaults-mode-node': 3.0.15 - '@smithy/util-endpoints': 2.0.5 - '@smithy/util-middleware': 3.0.3 - '@smithy/util-retry': 3.0.3 - '@smithy/util-stream': 3.1.3 - '@smithy/util-utf8': 3.0.0 - '@smithy/util-waiter': 3.1.2 - tslib: 2.7.0 - transitivePeerDependencies: - - aws-crt - - '@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0)': - dependencies: - '@aws-crypto/sha256-browser': 5.2.0 - '@aws-crypto/sha256-js': 5.2.0 - '@aws-sdk/client-sts': 3.637.0 - '@aws-sdk/core': 3.635.0 - '@aws-sdk/credential-provider-node': 3.637.0(@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0))(@aws-sdk/client-sts@3.637.0) - '@aws-sdk/middleware-host-header': 3.620.0 - '@aws-sdk/middleware-logger': 3.609.0 - '@aws-sdk/middleware-recursion-detection': 3.620.0 - '@aws-sdk/middleware-user-agent': 3.637.0 - '@aws-sdk/region-config-resolver': 3.614.0 - '@aws-sdk/types': 3.609.0 - '@aws-sdk/util-endpoints': 3.637.0 - '@aws-sdk/util-user-agent-browser': 3.609.0 - '@aws-sdk/util-user-agent-node': 3.614.0 - '@smithy/config-resolver': 3.0.5 - '@smithy/core': 2.4.0 - '@smithy/fetch-http-handler': 3.2.4 - '@smithy/hash-node': 3.0.3 - '@smithy/invalid-dependency': 3.0.3 - '@smithy/middleware-content-length': 3.0.5 - '@smithy/middleware-endpoint': 3.1.0 - '@smithy/middleware-retry': 3.0.15 - '@smithy/middleware-serde': 3.0.3 - '@smithy/middleware-stack': 3.0.3 - '@smithy/node-config-provider': 3.1.4 - '@smithy/node-http-handler': 3.1.4 - '@smithy/protocol-http': 4.1.0 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - '@smithy/url-parser': 3.0.3 - '@smithy/util-base64': 3.0.0 - '@smithy/util-body-length-browser': 3.0.0 - '@smithy/util-body-length-node': 3.0.0 - '@smithy/util-defaults-mode-browser': 3.0.15 - '@smithy/util-defaults-mode-node': 3.0.15 - '@smithy/util-endpoints': 2.0.5 - '@smithy/util-middleware': 3.0.3 - '@smithy/util-retry': 3.0.3 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - transitivePeerDependencies: - - aws-crt - - '@aws-sdk/client-sso@3.637.0': - dependencies: - '@aws-crypto/sha256-browser': 5.2.0 - '@aws-crypto/sha256-js': 5.2.0 - '@aws-sdk/core': 3.635.0 - '@aws-sdk/middleware-host-header': 3.620.0 - '@aws-sdk/middleware-logger': 3.609.0 - '@aws-sdk/middleware-recursion-detection': 3.620.0 - '@aws-sdk/middleware-user-agent': 3.637.0 - '@aws-sdk/region-config-resolver': 3.614.0 - '@aws-sdk/types': 3.609.0 - '@aws-sdk/util-endpoints': 3.637.0 - '@aws-sdk/util-user-agent-browser': 3.609.0 - '@aws-sdk/util-user-agent-node': 3.614.0 - '@smithy/config-resolver': 3.0.5 - '@smithy/core': 2.4.0 - '@smithy/fetch-http-handler': 3.2.4 - '@smithy/hash-node': 3.0.3 - '@smithy/invalid-dependency': 3.0.3 - '@smithy/middleware-content-length': 3.0.5 - '@smithy/middleware-endpoint': 3.1.0 - '@smithy/middleware-retry': 3.0.15 - '@smithy/middleware-serde': 3.0.3 - '@smithy/middleware-stack': 3.0.3 - '@smithy/node-config-provider': 3.1.4 - '@smithy/node-http-handler': 3.1.4 - '@smithy/protocol-http': 4.1.0 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - '@smithy/url-parser': 3.0.3 - '@smithy/util-base64': 3.0.0 - '@smithy/util-body-length-browser': 3.0.0 - '@smithy/util-body-length-node': 3.0.0 - '@smithy/util-defaults-mode-browser': 3.0.15 - '@smithy/util-defaults-mode-node': 3.0.15 - '@smithy/util-endpoints': 2.0.5 - '@smithy/util-middleware': 3.0.3 - '@smithy/util-retry': 3.0.3 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - transitivePeerDependencies: - - aws-crt - - '@aws-sdk/client-sts@3.637.0': - dependencies: - '@aws-crypto/sha256-browser': 5.2.0 - '@aws-crypto/sha256-js': 5.2.0 - '@aws-sdk/client-sso-oidc': 3.637.0(@aws-sdk/client-sts@3.637.0) - '@aws-sdk/core': 3.635.0 - '@aws-sdk/credential-provider-node': 3.637.0(@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0))(@aws-sdk/client-sts@3.637.0) - '@aws-sdk/middleware-host-header': 3.620.0 - '@aws-sdk/middleware-logger': 3.609.0 - '@aws-sdk/middleware-recursion-detection': 3.620.0 - '@aws-sdk/middleware-user-agent': 3.637.0 - '@aws-sdk/region-config-resolver': 3.614.0 - '@aws-sdk/types': 3.609.0 - '@aws-sdk/util-endpoints': 3.637.0 - '@aws-sdk/util-user-agent-browser': 3.609.0 - '@aws-sdk/util-user-agent-node': 3.614.0 - '@smithy/config-resolver': 3.0.5 - '@smithy/core': 2.4.0 - '@smithy/fetch-http-handler': 3.2.4 - '@smithy/hash-node': 3.0.3 - '@smithy/invalid-dependency': 3.0.3 - '@smithy/middleware-content-length': 3.0.5 - '@smithy/middleware-endpoint': 3.1.0 - '@smithy/middleware-retry': 3.0.15 - '@smithy/middleware-serde': 3.0.3 - '@smithy/middleware-stack': 3.0.3 - '@smithy/node-config-provider': 3.1.4 - '@smithy/node-http-handler': 3.1.4 - '@smithy/protocol-http': 4.1.0 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - '@smithy/url-parser': 3.0.3 - '@smithy/util-base64': 3.0.0 - '@smithy/util-body-length-browser': 3.0.0 - '@smithy/util-body-length-node': 3.0.0 - '@smithy/util-defaults-mode-browser': 3.0.15 - '@smithy/util-defaults-mode-node': 3.0.15 - '@smithy/util-endpoints': 2.0.5 - '@smithy/util-middleware': 3.0.3 - '@smithy/util-retry': 3.0.3 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - transitivePeerDependencies: - - aws-crt - - '@aws-sdk/core@3.635.0': - dependencies: - '@smithy/core': 2.4.0 - '@smithy/node-config-provider': 3.1.4 - '@smithy/property-provider': 3.1.3 - '@smithy/protocol-http': 4.1.0 - '@smithy/signature-v4': 4.1.0 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - '@smithy/util-middleware': 3.0.3 - fast-xml-parser: 4.4.1 - tslib: 2.7.0 - - '@aws-sdk/credential-provider-env@3.620.1': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/property-provider': 3.1.3 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/credential-provider-http@3.635.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/fetch-http-handler': 3.2.4 - '@smithy/node-http-handler': 3.1.4 - '@smithy/property-provider': 3.1.3 - '@smithy/protocol-http': 4.1.0 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - '@smithy/util-stream': 3.1.3 - tslib: 2.7.0 - - '@aws-sdk/credential-provider-ini@3.637.0(@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0))(@aws-sdk/client-sts@3.637.0)': - dependencies: - '@aws-sdk/client-sts': 3.637.0 - '@aws-sdk/credential-provider-env': 3.620.1 - '@aws-sdk/credential-provider-http': 3.635.0 - '@aws-sdk/credential-provider-process': 3.620.1 - '@aws-sdk/credential-provider-sso': 3.637.0(@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0)) - '@aws-sdk/credential-provider-web-identity': 3.621.0(@aws-sdk/client-sts@3.637.0) - '@aws-sdk/types': 3.609.0 - '@smithy/credential-provider-imds': 3.2.0 - '@smithy/property-provider': 3.1.3 - '@smithy/shared-ini-file-loader': 3.1.4 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - transitivePeerDependencies: - - '@aws-sdk/client-sso-oidc' - - aws-crt - - '@aws-sdk/credential-provider-node@3.637.0(@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0))(@aws-sdk/client-sts@3.637.0)': - dependencies: - '@aws-sdk/credential-provider-env': 3.620.1 - '@aws-sdk/credential-provider-http': 3.635.0 - '@aws-sdk/credential-provider-ini': 3.637.0(@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0))(@aws-sdk/client-sts@3.637.0) - '@aws-sdk/credential-provider-process': 3.620.1 - '@aws-sdk/credential-provider-sso': 3.637.0(@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0)) - '@aws-sdk/credential-provider-web-identity': 3.621.0(@aws-sdk/client-sts@3.637.0) - '@aws-sdk/types': 3.609.0 - '@smithy/credential-provider-imds': 3.2.0 - '@smithy/property-provider': 3.1.3 - '@smithy/shared-ini-file-loader': 3.1.4 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - transitivePeerDependencies: - - '@aws-sdk/client-sso-oidc' - - '@aws-sdk/client-sts' - - aws-crt - - '@aws-sdk/credential-provider-process@3.620.1': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/property-provider': 3.1.3 - '@smithy/shared-ini-file-loader': 3.1.4 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/credential-provider-sso@3.637.0(@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0))': - dependencies: - '@aws-sdk/client-sso': 3.637.0 - '@aws-sdk/token-providers': 3.614.0(@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0)) - '@aws-sdk/types': 3.609.0 - '@smithy/property-provider': 3.1.3 - '@smithy/shared-ini-file-loader': 3.1.4 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - transitivePeerDependencies: - - '@aws-sdk/client-sso-oidc' - - aws-crt - - '@aws-sdk/credential-provider-web-identity@3.621.0(@aws-sdk/client-sts@3.637.0)': - dependencies: - '@aws-sdk/client-sts': 3.637.0 - '@aws-sdk/types': 3.609.0 - '@smithy/property-provider': 3.1.3 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/middleware-bucket-endpoint@3.620.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@aws-sdk/util-arn-parser': 3.568.0 - '@smithy/node-config-provider': 3.1.4 - '@smithy/protocol-http': 4.1.0 - '@smithy/types': 3.3.0 - '@smithy/util-config-provider': 3.0.0 - tslib: 2.7.0 - - '@aws-sdk/middleware-expect-continue@3.620.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/protocol-http': 4.1.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/middleware-flexible-checksums@3.620.0': - dependencies: - '@aws-crypto/crc32': 5.2.0 - '@aws-crypto/crc32c': 5.2.0 - '@aws-sdk/types': 3.609.0 - '@smithy/is-array-buffer': 3.0.0 - '@smithy/protocol-http': 4.1.0 - '@smithy/types': 3.3.0 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - - '@aws-sdk/middleware-host-header@3.620.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/protocol-http': 4.1.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/middleware-location-constraint@3.609.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/middleware-logger@3.609.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/middleware-recursion-detection@3.620.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/protocol-http': 4.1.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/middleware-sdk-s3@3.635.0': - dependencies: - '@aws-sdk/core': 3.635.0 - '@aws-sdk/types': 3.609.0 - '@aws-sdk/util-arn-parser': 3.568.0 - '@smithy/core': 2.4.0 - '@smithy/node-config-provider': 3.1.4 - '@smithy/protocol-http': 4.1.0 - '@smithy/signature-v4': 4.1.0 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - '@smithy/util-config-provider': 3.0.0 - '@smithy/util-middleware': 3.0.3 - '@smithy/util-stream': 3.1.3 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - - '@aws-sdk/middleware-ssec@3.609.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/middleware-user-agent@3.637.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@aws-sdk/util-endpoints': 3.637.0 - '@smithy/protocol-http': 4.1.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/region-config-resolver@3.614.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/node-config-provider': 3.1.4 - '@smithy/types': 3.3.0 - '@smithy/util-config-provider': 3.0.0 - '@smithy/util-middleware': 3.0.3 - tslib: 2.7.0 - - '@aws-sdk/signature-v4-multi-region@3.635.0': - dependencies: - '@aws-sdk/middleware-sdk-s3': 3.635.0 - '@aws-sdk/types': 3.609.0 - '@smithy/protocol-http': 4.1.0 - '@smithy/signature-v4': 4.1.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/token-providers@3.614.0(@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0))': - dependencies: - '@aws-sdk/client-sso-oidc': 3.637.0(@aws-sdk/client-sts@3.637.0) - '@aws-sdk/types': 3.609.0 - '@smithy/property-provider': 3.1.3 - '@smithy/shared-ini-file-loader': 3.1.4 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/types@3.609.0': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/util-arn-parser@3.568.0': - dependencies: - tslib: 2.7.0 - - '@aws-sdk/util-endpoints@3.637.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/types': 3.3.0 - '@smithy/util-endpoints': 2.0.5 - tslib: 2.7.0 - - '@aws-sdk/util-locate-window@3.568.0': - dependencies: - tslib: 2.7.0 - - '@aws-sdk/util-user-agent-browser@3.609.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/types': 3.3.0 - bowser: 2.11.0 - tslib: 2.7.0 - - '@aws-sdk/util-user-agent-node@3.614.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/node-config-provider': 3.1.4 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/xml-builder@3.609.0': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@babel/code-frame@7.24.7': - dependencies: - '@babel/highlight': 7.24.7 - picocolors: 1.1.0 - - '@babel/generator@7.25.6': - dependencies: - '@babel/types': 7.25.6 - '@jridgewell/gen-mapping': 0.3.5 - '@jridgewell/trace-mapping': 0.3.25 - jsesc: 2.5.2 - - '@babel/helper-module-imports@7.24.7': - dependencies: - '@babel/traverse': 7.25.6 - '@babel/types': 7.25.6 - transitivePeerDependencies: - - supports-color - - '@babel/helper-string-parser@7.24.8': {} - - '@babel/helper-validator-identifier@7.24.7': {} - - '@babel/highlight@7.24.7': - dependencies: - '@babel/helper-validator-identifier': 7.24.7 - chalk: 2.4.2 - js-tokens: 4.0.0 - picocolors: 1.1.0 - - '@babel/parser@7.25.6': - dependencies: - '@babel/types': 7.25.6 - - '@babel/runtime-corejs3@7.25.6': - dependencies: - core-js-pure: 3.38.1 - regenerator-runtime: 0.14.1 - - '@babel/runtime@7.25.6': - dependencies: - regenerator-runtime: 0.14.1 - - '@babel/template@7.25.0': - dependencies: - '@babel/code-frame': 7.24.7 - '@babel/parser': 7.25.6 - '@babel/types': 7.25.6 - - '@babel/traverse@7.25.6': - dependencies: - '@babel/code-frame': 7.24.7 - '@babel/generator': 7.25.6 - '@babel/parser': 7.25.6 - '@babel/template': 7.25.0 - '@babel/types': 7.25.6 - debug: 4.3.6 - globals: 11.12.0 - transitivePeerDependencies: - - supports-color - - '@babel/types@7.25.6': - dependencies: - '@babel/helper-string-parser': 7.24.8 - '@babel/helper-validator-identifier': 7.24.7 - to-fast-properties: 2.0.0 - - '@casl/ability@6.5.0': - dependencies: - '@ucast/mongo2js': 1.3.4 - - '@codemirror/autocomplete@6.18.0(@codemirror/language@6.10.2)(@codemirror/state@6.4.1)(@codemirror/view@6.33.0)(@lezer/common@1.2.1)': - dependencies: - '@codemirror/language': 6.10.2 - '@codemirror/state': 6.4.1 - '@codemirror/view': 6.33.0 - '@lezer/common': 1.2.1 - - '@codemirror/commands@6.6.1': - dependencies: - '@codemirror/language': 6.10.2 - '@codemirror/state': 6.4.1 - '@codemirror/view': 6.33.0 - '@lezer/common': 1.2.1 - - '@codemirror/lang-json@6.0.1': - dependencies: - '@codemirror/language': 6.10.2 - '@lezer/json': 1.0.2 - - '@codemirror/language@6.10.2': - dependencies: - '@codemirror/state': 6.4.1 - '@codemirror/view': 6.33.0 - '@lezer/common': 1.2.1 - '@lezer/highlight': 1.2.1 - '@lezer/lr': 1.4.2 - style-mod: 4.1.2 - - '@codemirror/lint@6.8.1': - dependencies: - '@codemirror/state': 6.4.1 - '@codemirror/view': 6.33.0 - crelt: 1.0.6 - - '@codemirror/search@6.5.6': - dependencies: - '@codemirror/state': 6.4.1 - '@codemirror/view': 6.33.0 - crelt: 1.0.6 - - '@codemirror/state@6.4.1': {} - - '@codemirror/theme-one-dark@6.1.2': - dependencies: - '@codemirror/language': 6.10.2 - '@codemirror/state': 6.4.1 - '@codemirror/view': 6.33.0 - '@lezer/highlight': 1.2.1 - - '@codemirror/view@6.33.0': - dependencies: - '@codemirror/state': 6.4.1 - style-mod: 4.1.2 - w3c-keyname: 2.2.8 - - '@colors/colors@1.5.0': {} - - '@colors/colors@1.6.0': {} - - '@dabh/diagnostics@2.0.3': - dependencies: - colorspace: 1.1.4 - enabled: 2.0.0 - kuler: 2.0.0 - - '@discoveryjs/json-ext@0.5.7': {} - - '@emnapi/runtime@1.2.0': - dependencies: - tslib: 2.7.0 - optional: true - - '@emotion/babel-plugin@11.12.0': - dependencies: - '@babel/helper-module-imports': 7.24.7 - '@babel/runtime': 7.25.6 - '@emotion/hash': 0.9.2 - '@emotion/memoize': 0.9.0 - '@emotion/serialize': 1.3.1 - babel-plugin-macros: 3.1.0 - convert-source-map: 1.9.0 - escape-string-regexp: 4.0.0 - find-root: 1.1.0 - source-map: 0.5.7 - stylis: 4.2.0 - transitivePeerDependencies: - - supports-color - - '@emotion/cache@11.13.1': - dependencies: - '@emotion/memoize': 0.9.0 - '@emotion/sheet': 1.4.0 - '@emotion/utils': 1.4.0 - '@emotion/weak-memoize': 0.4.0 - stylis: 4.2.0 - - '@emotion/hash@0.9.2': {} - - '@emotion/is-prop-valid@1.2.2': - dependencies: - '@emotion/memoize': 0.8.1 - - '@emotion/memoize@0.8.1': {} - - '@emotion/memoize@0.9.0': {} - - '@emotion/react@11.13.3(@types/react@18.3.5)(react@18.3.1)': - dependencies: - '@babel/runtime': 7.25.6 - '@emotion/babel-plugin': 11.12.0 - '@emotion/cache': 11.13.1 - '@emotion/serialize': 1.3.1 - '@emotion/use-insertion-effect-with-fallbacks': 1.1.0(react@18.3.1) - '@emotion/utils': 1.4.0 - '@emotion/weak-memoize': 0.4.0 - hoist-non-react-statics: 3.3.2 - react: 18.3.1 - optionalDependencies: - '@types/react': 18.3.5 - transitivePeerDependencies: - - supports-color - - '@emotion/serialize@1.3.1': - dependencies: - '@emotion/hash': 0.9.2 - '@emotion/memoize': 0.9.0 - '@emotion/unitless': 0.10.0 - '@emotion/utils': 1.4.0 - csstype: 3.1.3 - - '@emotion/sheet@1.4.0': {} - - '@emotion/unitless@0.10.0': {} - - '@emotion/unitless@0.8.1': {} - - '@emotion/use-insertion-effect-with-fallbacks@1.1.0(react@18.3.1)': - dependencies: - react: 18.3.1 - - '@emotion/utils@1.4.0': {} - - '@emotion/weak-memoize@0.4.0': {} - - '@esbuild/aix-ppc64@0.19.11': - optional: true - - '@esbuild/android-arm64@0.16.17': - optional: true - - '@esbuild/android-arm64@0.19.11': - optional: true - - '@esbuild/android-arm@0.16.17': - optional: true - - '@esbuild/android-arm@0.19.11': - optional: true - - '@esbuild/android-x64@0.16.17': - optional: true - - '@esbuild/android-x64@0.19.11': - optional: true - - '@esbuild/darwin-arm64@0.16.17': - optional: true - - '@esbuild/darwin-arm64@0.19.11': - optional: true - - '@esbuild/darwin-x64@0.16.17': - optional: true - - '@esbuild/darwin-x64@0.19.11': - optional: true - - '@esbuild/freebsd-arm64@0.16.17': - optional: true - - '@esbuild/freebsd-arm64@0.19.11': - optional: true - - '@esbuild/freebsd-x64@0.16.17': - optional: true - - '@esbuild/freebsd-x64@0.19.11': - optional: true - - '@esbuild/linux-arm64@0.16.17': - optional: true - - '@esbuild/linux-arm64@0.19.11': - optional: true - - '@esbuild/linux-arm@0.16.17': - optional: true - - '@esbuild/linux-arm@0.19.11': - optional: true - - '@esbuild/linux-ia32@0.16.17': - optional: true - - '@esbuild/linux-ia32@0.19.11': - optional: true - - '@esbuild/linux-loong64@0.16.17': - optional: true - - '@esbuild/linux-loong64@0.19.11': - optional: true - - '@esbuild/linux-mips64el@0.16.17': - optional: true - - '@esbuild/linux-mips64el@0.19.11': - optional: true - - '@esbuild/linux-ppc64@0.16.17': - optional: true - - '@esbuild/linux-ppc64@0.19.11': - optional: true - - '@esbuild/linux-riscv64@0.16.17': - optional: true - - '@esbuild/linux-riscv64@0.19.11': - optional: true - - '@esbuild/linux-s390x@0.16.17': - optional: true - - '@esbuild/linux-s390x@0.19.11': - optional: true - - '@esbuild/linux-x64@0.16.17': - optional: true - - '@esbuild/linux-x64@0.19.11': - optional: true - - '@esbuild/netbsd-x64@0.16.17': - optional: true - - '@esbuild/netbsd-x64@0.19.11': - optional: true - - '@esbuild/openbsd-x64@0.16.17': - optional: true - - '@esbuild/openbsd-x64@0.19.11': - optional: true - - '@esbuild/sunos-x64@0.16.17': - optional: true - - '@esbuild/sunos-x64@0.19.11': - optional: true - - '@esbuild/win32-arm64@0.16.17': - optional: true - - '@esbuild/win32-arm64@0.19.11': - optional: true - - '@esbuild/win32-ia32@0.16.17': - optional: true - - '@esbuild/win32-ia32@0.19.11': - optional: true - - '@esbuild/win32-x64@0.16.17': - optional: true - - '@esbuild/win32-x64@0.19.11': - optional: true - - '@floating-ui/core@1.6.7': - dependencies: - '@floating-ui/utils': 0.2.7 - - '@floating-ui/dom@1.6.10': - dependencies: - '@floating-ui/core': 1.6.7 - '@floating-ui/utils': 0.2.7 - - '@floating-ui/react-dom@2.1.1(react-dom@18.3.1(react@18.3.1))(react@18.3.1)': - dependencies: - '@floating-ui/dom': 1.6.10 - react: 18.3.1 - react-dom: 18.3.1(react@18.3.1) - - '@floating-ui/utils@0.2.7': {} - - '@formatjs/ecma402-abstract@1.14.3': - dependencies: - '@formatjs/intl-localematcher': 0.2.32 - tslib: 2.7.0 - - '@formatjs/fast-memoize@2.0.1': - dependencies: - tslib: 2.7.0 - - '@formatjs/icu-messageformat-parser@2.3.1': - dependencies: - '@formatjs/ecma402-abstract': 1.14.3 - '@formatjs/icu-skeleton-parser': 1.3.18 - tslib: 2.7.0 - - '@formatjs/icu-skeleton-parser@1.3.18': - dependencies: - '@formatjs/ecma402-abstract': 1.14.3 - tslib: 2.7.0 - - '@formatjs/intl-displaynames@6.3.1': - dependencies: - '@formatjs/ecma402-abstract': 1.14.3 - '@formatjs/intl-localematcher': 0.2.32 - tslib: 2.7.0 - - '@formatjs/intl-listformat@7.2.1': - dependencies: - '@formatjs/ecma402-abstract': 1.14.3 - '@formatjs/intl-localematcher': 0.2.32 - tslib: 2.7.0 - - '@formatjs/intl-localematcher@0.2.32': - dependencies: - tslib: 2.7.0 - - '@formatjs/intl@2.7.1(typescript@5.2.2)': - dependencies: - '@formatjs/ecma402-abstract': 1.14.3 - '@formatjs/fast-memoize': 2.0.1 - '@formatjs/icu-messageformat-parser': 2.3.1 - '@formatjs/intl-displaynames': 6.3.1 - '@formatjs/intl-listformat': 7.2.1 - intl-messageformat: 10.3.4 - tslib: 2.7.0 - optionalDependencies: - typescript: 5.2.2 - - '@hapi/bourne@3.0.0': {} - - '@img/sharp-darwin-arm64@0.33.5': - optionalDependencies: - '@img/sharp-libvips-darwin-arm64': 1.0.4 - optional: true - - '@img/sharp-darwin-x64@0.33.5': - optionalDependencies: - '@img/sharp-libvips-darwin-x64': 1.0.4 - optional: true - - '@img/sharp-libvips-darwin-arm64@1.0.4': - optional: true - - '@img/sharp-libvips-darwin-x64@1.0.4': - optional: true - - '@img/sharp-libvips-linux-arm64@1.0.4': - optional: true - - '@img/sharp-libvips-linux-arm@1.0.5': - optional: true - - '@img/sharp-libvips-linux-s390x@1.0.4': - optional: true - - '@img/sharp-libvips-linux-x64@1.0.4': - optional: true - - '@img/sharp-libvips-linuxmusl-arm64@1.0.4': - optional: true - - '@img/sharp-libvips-linuxmusl-x64@1.0.4': - optional: true - - '@img/sharp-linux-arm64@0.33.5': - optionalDependencies: - '@img/sharp-libvips-linux-arm64': 1.0.4 - optional: true - - '@img/sharp-linux-arm@0.33.5': - optionalDependencies: - '@img/sharp-libvips-linux-arm': 1.0.5 - optional: true - - '@img/sharp-linux-s390x@0.33.5': - optionalDependencies: - '@img/sharp-libvips-linux-s390x': 1.0.4 - optional: true - - '@img/sharp-linux-x64@0.33.5': - optionalDependencies: - '@img/sharp-libvips-linux-x64': 1.0.4 - optional: true - - '@img/sharp-linuxmusl-arm64@0.33.5': - optionalDependencies: - '@img/sharp-libvips-linuxmusl-arm64': 1.0.4 - optional: true - - '@img/sharp-linuxmusl-x64@0.33.5': - optionalDependencies: - '@img/sharp-libvips-linuxmusl-x64': 1.0.4 - optional: true - - '@img/sharp-wasm32@0.33.5': - dependencies: - '@emnapi/runtime': 1.2.0 - optional: true - - '@img/sharp-win32-ia32@0.33.5': - optional: true - - '@img/sharp-win32-x64@0.33.5': - optional: true - - '@internationalized/date@3.5.5': - dependencies: - '@swc/helpers': 0.5.13 - - '@internationalized/number@3.5.3': - dependencies: - '@swc/helpers': 0.5.13 - - '@isaacs/cliui@8.0.2': - dependencies: - string-width: 5.1.2 - string-width-cjs: string-width@4.2.3 - strip-ansi: 7.1.0 - strip-ansi-cjs: strip-ansi@6.0.1 - wrap-ansi: 8.1.0 - wrap-ansi-cjs: wrap-ansi@7.0.0 - - '@jridgewell/gen-mapping@0.3.5': - dependencies: - '@jridgewell/set-array': 1.2.1 - '@jridgewell/sourcemap-codec': 1.5.0 - '@jridgewell/trace-mapping': 0.3.25 - - '@jridgewell/resolve-uri@3.1.2': {} - - '@jridgewell/set-array@1.2.1': {} - - '@jridgewell/source-map@0.3.6': - dependencies: - '@jridgewell/gen-mapping': 0.3.5 - '@jridgewell/trace-mapping': 0.3.25 - - '@jridgewell/sourcemap-codec@1.5.0': {} - - '@jridgewell/trace-mapping@0.3.25': - dependencies: - '@jridgewell/resolve-uri': 3.1.2 - '@jridgewell/sourcemap-codec': 1.5.0 - - '@juggle/resize-observer@3.4.0': {} - - '@koa/cors@5.0.0': - dependencies: - vary: 1.1.2 - - '@koa/router@10.1.1': - dependencies: - debug: 4.3.4(supports-color@5.5.0) - http-errors: 1.8.1 - koa-compose: 4.1.0 - methods: 1.1.2 - path-to-regexp: 6.2.2 - transitivePeerDependencies: - - supports-color - - '@lezer/common@1.2.1': {} - - '@lezer/highlight@1.2.1': - dependencies: - '@lezer/common': 1.2.1 - - '@lezer/json@1.0.2': - dependencies: - '@lezer/common': 1.2.1 - '@lezer/highlight': 1.2.1 - '@lezer/lr': 1.4.2 - - '@lezer/lr@1.4.2': - dependencies: - '@lezer/common': 1.2.1 - - '@mapbox/node-pre-gyp@1.0.11': - dependencies: - detect-libc: 2.0.3 - https-proxy-agent: 5.0.1 - make-dir: 3.1.0 - node-fetch: 2.7.0 - nopt: 5.0.0 - npmlog: 5.0.1 - rimraf: 3.0.2 - semver: 7.6.3 - tar: 6.2.1 - transitivePeerDependencies: - - encoding - - supports-color - - '@mux/mux-node@8.8.0': - dependencies: - '@types/node': 18.19.48 - '@types/node-fetch': 2.6.11 - '@types/qs': 6.9.15 - abort-controller: 3.0.0 - agentkeepalive: 4.5.0 - form-data-encoder: 1.7.2 - formdata-node: 4.4.1 - jose: 4.15.9 - node-fetch: 2.7.0 - qs: 6.13.0 - web-streams-polyfill: 3.3.3 - transitivePeerDependencies: - - encoding - - '@noble/hashes@1.5.0': {} - - '@nodelib/fs.scandir@2.1.5': - dependencies: - '@nodelib/fs.stat': 2.0.5 - run-parallel: 1.2.0 - - '@nodelib/fs.stat@2.0.5': {} - - '@nodelib/fs.walk@1.2.8': - dependencies: - '@nodelib/fs.scandir': 2.1.5 - fastq: 1.17.1 - - '@paralleldrive/cuid2@2.2.2': - dependencies: - '@noble/hashes': 1.5.0 - - '@pkgjs/parseargs@0.11.0': - optional: true - - '@pkgr/utils@2.4.2': - dependencies: - cross-spawn: 7.0.3 - fast-glob: 3.3.2 - is-glob: 4.0.3 - open: 9.1.0 - picocolors: 1.1.0 - tslib: 2.7.0 - - '@pmmmwh/react-refresh-webpack-plugin@0.5.11(react-refresh@0.14.0)(type-fest@2.19.0)(webpack-hot-middleware@2.26.0)(webpack@5.94.0(esbuild@0.19.11))': - dependencies: - ansi-html-community: 0.0.8 - common-path-prefix: 3.0.0 - core-js-pure: 3.38.1 - error-stack-parser: 2.1.4 - find-up: 5.0.0 - html-entities: 2.5.2 - loader-utils: 2.0.4 - react-refresh: 0.14.0 - schema-utils: 3.3.0 - source-map: 0.7.4 - webpack: 5.94.0(esbuild@0.19.11) - optionalDependencies: - type-fest: 2.19.0 - webpack-hot-middleware: 2.26.0 - - '@pnpm/config.env-replace@1.1.0': {} - - '@pnpm/network.ca-file@1.0.2': - dependencies: - graceful-fs: 4.2.10 - - '@pnpm/npm-conf@2.3.1': - dependencies: - '@pnpm/config.env-replace': 1.1.0 - '@pnpm/network.ca-file': 1.0.2 - config-chain: 1.1.13 - - '@polka/url@1.0.0-next.25': {} - - '@radix-ui/number@1.1.0': {} - - '@radix-ui/primitive@1.0.1': - dependencies: - '@babel/runtime': 7.25.6 - - '@radix-ui/primitive@1.1.0': {} - - '@radix-ui/react-arrow@1.1.0(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1)': - dependencies: - '@radix-ui/react-primitive': 2.0.0(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - react: 18.3.1 - react-dom: 18.3.1(react@18.3.1) - optionalDependencies: - '@types/react': 18.3.5 - - '@radix-ui/react-collection@1.0.3(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1)': - dependencies: - '@babel/runtime': 7.25.6 - '@radix-ui/react-compose-refs': 1.0.1(@types/react@18.3.5)(react@18.3.1) - '@radix-ui/react-context': 1.0.1(@types/react@18.3.5)(react@18.3.1) - '@radix-ui/react-primitive': 1.0.3(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - '@radix-ui/react-slot': 1.0.2(@types/react@18.3.5)(react@18.3.1) - react: 18.3.1 - react-dom: 18.3.1(react@18.3.1) - optionalDependencies: - '@types/react': 18.3.5 - - '@radix-ui/react-collection@1.1.0(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1)': - dependencies: - '@radix-ui/react-compose-refs': 1.1.0(@types/react@18.3.5)(react@18.3.1) - '@radix-ui/react-context': 1.1.0(@types/react@18.3.5)(react@18.3.1) - '@radix-ui/react-primitive': 2.0.0(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - '@radix-ui/react-slot': 1.1.0(@types/react@18.3.5)(react@18.3.1) - react: 18.3.1 - react-dom: 18.3.1(react@18.3.1) - optionalDependencies: - '@types/react': 18.3.5 - - '@radix-ui/react-compose-refs@1.0.1(@types/react@18.3.5)(react@18.3.1)': - dependencies: - '@babel/runtime': 7.25.6 - react: 18.3.1 - optionalDependencies: - '@types/react': 18.3.5 - - '@radix-ui/react-compose-refs@1.1.0(@types/react@18.3.5)(react@18.3.1)': - dependencies: - react: 18.3.1 - optionalDependencies: - '@types/react': 18.3.5 - - '@radix-ui/react-context@1.0.1(@types/react@18.3.5)(react@18.3.1)': - dependencies: - '@babel/runtime': 7.25.6 - react: 18.3.1 - optionalDependencies: - '@types/react': 18.3.5 - - '@radix-ui/react-context@1.1.0(@types/react@18.3.5)(react@18.3.1)': - dependencies: - react: 18.3.1 - optionalDependencies: - '@types/react': 18.3.5 - - '@radix-ui/react-direction@1.0.1(@types/react@18.3.5)(react@18.3.1)': - dependencies: - '@babel/runtime': 7.25.6 - react: 18.3.1 - optionalDependencies: - '@types/react': 18.3.5 - - '@radix-ui/react-direction@1.1.0(@types/react@18.3.5)(react@18.3.1)': - dependencies: - react: 18.3.1 - optionalDependencies: - '@types/react': 18.3.5 - - '@radix-ui/react-dismissable-layer@1.1.0(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1)': - dependencies: - '@radix-ui/primitive': 1.1.0 - '@radix-ui/react-compose-refs': 1.1.0(@types/react@18.3.5)(react@18.3.1) - '@radix-ui/react-primitive': 2.0.0(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - '@radix-ui/react-use-callback-ref': 1.1.0(@types/react@18.3.5)(react@18.3.1) - '@radix-ui/react-use-escape-keydown': 1.1.0(@types/react@18.3.5)(react@18.3.1) - react: 18.3.1 - react-dom: 18.3.1(react@18.3.1) - optionalDependencies: - '@types/react': 18.3.5 - - '@radix-ui/react-dropdown-menu@2.1.1(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1)': - dependencies: - '@radix-ui/primitive': 1.1.0 - '@radix-ui/react-compose-refs': 1.1.0(@types/react@18.3.5)(react@18.3.1) - '@radix-ui/react-context': 1.1.0(@types/react@18.3.5)(react@18.3.1) - '@radix-ui/react-id': 1.1.0(@types/react@18.3.5)(react@18.3.1) - '@radix-ui/react-menu': 2.1.1(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - '@radix-ui/react-primitive': 2.0.0(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - '@radix-ui/react-use-controllable-state': 1.1.0(@types/react@18.3.5)(react@18.3.1) - react: 18.3.1 - react-dom: 18.3.1(react@18.3.1) - optionalDependencies: - '@types/react': 18.3.5 - - '@radix-ui/react-focus-guards@1.0.1(@types/react@18.3.5)(react@18.3.1)': - dependencies: - '@babel/runtime': 7.25.6 - react: 18.3.1 - optionalDependencies: - '@types/react': 18.3.5 - - '@radix-ui/react-focus-guards@1.1.0(@types/react@18.3.5)(react@18.3.1)': - dependencies: - react: 18.3.1 - optionalDependencies: - '@types/react': 18.3.5 - - '@radix-ui/react-focus-scope@1.0.4(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1)': - dependencies: - '@babel/runtime': 7.25.6 - '@radix-ui/react-compose-refs': 1.0.1(@types/react@18.3.5)(react@18.3.1) - '@radix-ui/react-primitive': 1.0.3(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - '@radix-ui/react-use-callback-ref': 1.0.1(@types/react@18.3.5)(react@18.3.1) - react: 18.3.1 - react-dom: 18.3.1(react@18.3.1) - optionalDependencies: - '@types/react': 18.3.5 - - '@radix-ui/react-focus-scope@1.1.0(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1)': - dependencies: - '@radix-ui/react-compose-refs': 1.1.0(@types/react@18.3.5)(react@18.3.1) - '@radix-ui/react-primitive': 2.0.0(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - '@radix-ui/react-use-callback-ref': 1.1.0(@types/react@18.3.5)(react@18.3.1) - react: 18.3.1 - react-dom: 18.3.1(react@18.3.1) - optionalDependencies: - '@types/react': 18.3.5 - - '@radix-ui/react-id@1.0.1(@types/react@18.3.5)(react@18.3.1)': - dependencies: - '@babel/runtime': 7.25.6 - '@radix-ui/react-use-layout-effect': 1.0.1(@types/react@18.3.5)(react@18.3.1) - react: 18.3.1 - optionalDependencies: - '@types/react': 18.3.5 - - '@radix-ui/react-id@1.1.0(@types/react@18.3.5)(react@18.3.1)': - dependencies: - '@radix-ui/react-use-layout-effect': 1.1.0(@types/react@18.3.5)(react@18.3.1) - react: 18.3.1 - optionalDependencies: - '@types/react': 18.3.5 - - '@radix-ui/react-menu@2.1.1(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1)': - dependencies: - '@radix-ui/primitive': 1.1.0 - '@radix-ui/react-collection': 1.1.0(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - '@radix-ui/react-compose-refs': 1.1.0(@types/react@18.3.5)(react@18.3.1) - '@radix-ui/react-context': 1.1.0(@types/react@18.3.5)(react@18.3.1) - '@radix-ui/react-direction': 1.1.0(@types/react@18.3.5)(react@18.3.1) - '@radix-ui/react-dismissable-layer': 1.1.0(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - '@radix-ui/react-focus-guards': 1.1.0(@types/react@18.3.5)(react@18.3.1) - '@radix-ui/react-focus-scope': 1.1.0(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - '@radix-ui/react-id': 1.1.0(@types/react@18.3.5)(react@18.3.1) - '@radix-ui/react-popper': 1.2.0(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - '@radix-ui/react-portal': 1.1.1(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - '@radix-ui/react-presence': 1.1.0(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - '@radix-ui/react-primitive': 2.0.0(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - '@radix-ui/react-roving-focus': 1.1.0(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - '@radix-ui/react-slot': 1.1.0(@types/react@18.3.5)(react@18.3.1) - '@radix-ui/react-use-callback-ref': 1.1.0(@types/react@18.3.5)(react@18.3.1) - aria-hidden: 1.2.4 - react: 18.3.1 - react-dom: 18.3.1(react@18.3.1) - react-remove-scroll: 2.5.7(@types/react@18.3.5)(react@18.3.1) - optionalDependencies: - '@types/react': 18.3.5 - - '@radix-ui/react-popper@1.2.0(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1)': - dependencies: - '@floating-ui/react-dom': 2.1.1(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - '@radix-ui/react-arrow': 1.1.0(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - '@radix-ui/react-compose-refs': 1.1.0(@types/react@18.3.5)(react@18.3.1) - '@radix-ui/react-context': 1.1.0(@types/react@18.3.5)(react@18.3.1) - '@radix-ui/react-primitive': 2.0.0(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - '@radix-ui/react-use-callback-ref': 1.1.0(@types/react@18.3.5)(react@18.3.1) - '@radix-ui/react-use-layout-effect': 1.1.0(@types/react@18.3.5)(react@18.3.1) - '@radix-ui/react-use-rect': 1.1.0(@types/react@18.3.5)(react@18.3.1) - '@radix-ui/react-use-size': 1.1.0(@types/react@18.3.5)(react@18.3.1) - '@radix-ui/rect': 1.1.0 - react: 18.3.1 - react-dom: 18.3.1(react@18.3.1) - optionalDependencies: - '@types/react': 18.3.5 - - '@radix-ui/react-portal@1.1.1(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1)': - dependencies: - '@radix-ui/react-primitive': 2.0.0(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - '@radix-ui/react-use-layout-effect': 1.1.0(@types/react@18.3.5)(react@18.3.1) - react: 18.3.1 - react-dom: 18.3.1(react@18.3.1) - optionalDependencies: - '@types/react': 18.3.5 - - '@radix-ui/react-presence@1.1.0(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1)': - dependencies: - '@radix-ui/react-compose-refs': 1.1.0(@types/react@18.3.5)(react@18.3.1) - '@radix-ui/react-use-layout-effect': 1.1.0(@types/react@18.3.5)(react@18.3.1) - react: 18.3.1 - react-dom: 18.3.1(react@18.3.1) - optionalDependencies: - '@types/react': 18.3.5 - - '@radix-ui/react-primitive@1.0.3(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1)': - dependencies: - '@babel/runtime': 7.25.6 - '@radix-ui/react-slot': 1.0.2(@types/react@18.3.5)(react@18.3.1) - react: 18.3.1 - react-dom: 18.3.1(react@18.3.1) - optionalDependencies: - '@types/react': 18.3.5 - - '@radix-ui/react-primitive@2.0.0(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1)': - dependencies: - '@radix-ui/react-slot': 1.1.0(@types/react@18.3.5)(react@18.3.1) - react: 18.3.1 - react-dom: 18.3.1(react@18.3.1) - optionalDependencies: - '@types/react': 18.3.5 - - '@radix-ui/react-roving-focus@1.0.4(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1)': - dependencies: - '@babel/runtime': 7.25.6 - '@radix-ui/primitive': 1.0.1 - '@radix-ui/react-collection': 1.0.3(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - '@radix-ui/react-compose-refs': 1.0.1(@types/react@18.3.5)(react@18.3.1) - '@radix-ui/react-context': 1.0.1(@types/react@18.3.5)(react@18.3.1) - '@radix-ui/react-direction': 1.0.1(@types/react@18.3.5)(react@18.3.1) - '@radix-ui/react-id': 1.0.1(@types/react@18.3.5)(react@18.3.1) - '@radix-ui/react-primitive': 1.0.3(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - '@radix-ui/react-use-callback-ref': 1.0.1(@types/react@18.3.5)(react@18.3.1) - '@radix-ui/react-use-controllable-state': 1.0.1(@types/react@18.3.5)(react@18.3.1) - react: 18.3.1 - react-dom: 18.3.1(react@18.3.1) - optionalDependencies: - '@types/react': 18.3.5 - - '@radix-ui/react-roving-focus@1.1.0(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1)': - dependencies: - '@radix-ui/primitive': 1.1.0 - '@radix-ui/react-collection': 1.1.0(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - '@radix-ui/react-compose-refs': 1.1.0(@types/react@18.3.5)(react@18.3.1) - '@radix-ui/react-context': 1.1.0(@types/react@18.3.5)(react@18.3.1) - '@radix-ui/react-direction': 1.1.0(@types/react@18.3.5)(react@18.3.1) - '@radix-ui/react-id': 1.1.0(@types/react@18.3.5)(react@18.3.1) - '@radix-ui/react-primitive': 2.0.0(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - '@radix-ui/react-use-callback-ref': 1.1.0(@types/react@18.3.5)(react@18.3.1) - '@radix-ui/react-use-controllable-state': 1.1.0(@types/react@18.3.5)(react@18.3.1) - react: 18.3.1 - react-dom: 18.3.1(react@18.3.1) - optionalDependencies: - '@types/react': 18.3.5 - - '@radix-ui/react-separator@1.0.3(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1)': - dependencies: - '@babel/runtime': 7.25.6 - '@radix-ui/react-primitive': 1.0.3(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - react: 18.3.1 - react-dom: 18.3.1(react@18.3.1) - optionalDependencies: - '@types/react': 18.3.5 - - '@radix-ui/react-slot@1.0.2(@types/react@18.3.5)(react@18.3.1)': - dependencies: - '@babel/runtime': 7.25.6 - '@radix-ui/react-compose-refs': 1.0.1(@types/react@18.3.5)(react@18.3.1) - react: 18.3.1 - optionalDependencies: - '@types/react': 18.3.5 - - '@radix-ui/react-slot@1.1.0(@types/react@18.3.5)(react@18.3.1)': - dependencies: - '@radix-ui/react-compose-refs': 1.1.0(@types/react@18.3.5)(react@18.3.1) - react: 18.3.1 - optionalDependencies: - '@types/react': 18.3.5 - - '@radix-ui/react-toggle-group@1.0.4(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1)': - dependencies: - '@babel/runtime': 7.25.6 - '@radix-ui/primitive': 1.0.1 - '@radix-ui/react-context': 1.0.1(@types/react@18.3.5)(react@18.3.1) - '@radix-ui/react-direction': 1.0.1(@types/react@18.3.5)(react@18.3.1) - '@radix-ui/react-primitive': 1.0.3(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - '@radix-ui/react-roving-focus': 1.0.4(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - '@radix-ui/react-toggle': 1.0.3(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - '@radix-ui/react-use-controllable-state': 1.0.1(@types/react@18.3.5)(react@18.3.1) - react: 18.3.1 - react-dom: 18.3.1(react@18.3.1) - optionalDependencies: - '@types/react': 18.3.5 - - '@radix-ui/react-toggle@1.0.3(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1)': - dependencies: - '@babel/runtime': 7.25.6 - '@radix-ui/primitive': 1.0.1 - '@radix-ui/react-primitive': 1.0.3(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - '@radix-ui/react-use-controllable-state': 1.0.1(@types/react@18.3.5)(react@18.3.1) - react: 18.3.1 - react-dom: 18.3.1(react@18.3.1) - optionalDependencies: - '@types/react': 18.3.5 - - '@radix-ui/react-toolbar@1.0.4(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1)': - dependencies: - '@babel/runtime': 7.25.6 - '@radix-ui/primitive': 1.0.1 - '@radix-ui/react-context': 1.0.1(@types/react@18.3.5)(react@18.3.1) - '@radix-ui/react-direction': 1.0.1(@types/react@18.3.5)(react@18.3.1) - '@radix-ui/react-primitive': 1.0.3(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - '@radix-ui/react-roving-focus': 1.0.4(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - '@radix-ui/react-separator': 1.0.3(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - '@radix-ui/react-toggle-group': 1.0.4(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - react: 18.3.1 - react-dom: 18.3.1(react@18.3.1) - optionalDependencies: - '@types/react': 18.3.5 - - '@radix-ui/react-use-callback-ref@1.0.1(@types/react@18.3.5)(react@18.3.1)': - dependencies: - '@babel/runtime': 7.25.6 - react: 18.3.1 - optionalDependencies: - '@types/react': 18.3.5 - - '@radix-ui/react-use-callback-ref@1.1.0(@types/react@18.3.5)(react@18.3.1)': - dependencies: - react: 18.3.1 - optionalDependencies: - '@types/react': 18.3.5 - - '@radix-ui/react-use-controllable-state@1.0.1(@types/react@18.3.5)(react@18.3.1)': - dependencies: - '@babel/runtime': 7.25.6 - '@radix-ui/react-use-callback-ref': 1.0.1(@types/react@18.3.5)(react@18.3.1) - react: 18.3.1 - optionalDependencies: - '@types/react': 18.3.5 - - '@radix-ui/react-use-controllable-state@1.1.0(@types/react@18.3.5)(react@18.3.1)': - dependencies: - '@radix-ui/react-use-callback-ref': 1.1.0(@types/react@18.3.5)(react@18.3.1) - react: 18.3.1 - optionalDependencies: - '@types/react': 18.3.5 - - '@radix-ui/react-use-escape-keydown@1.1.0(@types/react@18.3.5)(react@18.3.1)': - dependencies: - '@radix-ui/react-use-callback-ref': 1.1.0(@types/react@18.3.5)(react@18.3.1) - react: 18.3.1 - optionalDependencies: - '@types/react': 18.3.5 - - '@radix-ui/react-use-layout-effect@1.0.1(@types/react@18.3.5)(react@18.3.1)': - dependencies: - '@babel/runtime': 7.25.6 - react: 18.3.1 - optionalDependencies: - '@types/react': 18.3.5 - - '@radix-ui/react-use-layout-effect@1.1.0(@types/react@18.3.5)(react@18.3.1)': - dependencies: - react: 18.3.1 - optionalDependencies: - '@types/react': 18.3.5 - - '@radix-ui/react-use-previous@1.1.0(@types/react@18.3.5)(react@18.3.1)': - dependencies: - react: 18.3.1 - optionalDependencies: - '@types/react': 18.3.5 - - '@radix-ui/react-use-rect@1.1.0(@types/react@18.3.5)(react@18.3.1)': - dependencies: - '@radix-ui/rect': 1.1.0 - react: 18.3.1 - optionalDependencies: - '@types/react': 18.3.5 - - '@radix-ui/react-use-size@1.1.0(@types/react@18.3.5)(react@18.3.1)': - dependencies: - '@radix-ui/react-use-layout-effect': 1.1.0(@types/react@18.3.5)(react@18.3.1) - react: 18.3.1 - optionalDependencies: - '@types/react': 18.3.5 - - '@radix-ui/react-visually-hidden@1.1.0(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1)': - dependencies: - '@radix-ui/react-primitive': 2.0.0(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - react: 18.3.1 - react-dom: 18.3.1(react@18.3.1) - optionalDependencies: - '@types/react': 18.3.5 - - '@radix-ui/rect@1.1.0': {} - - '@react-dnd/asap@5.0.2': {} - - '@react-dnd/invariant@4.0.2': {} - - '@react-dnd/shallowequal@4.0.2': {} - - '@reduxjs/toolkit@1.9.7(react-redux@8.1.1(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1)(redux@4.2.1))(react@18.3.1)': - dependencies: - immer: 9.0.21 - redux: 4.2.1 - redux-thunk: 2.4.2(redux@4.2.1) - reselect: 4.1.8 - optionalDependencies: - react: 18.3.1 - react-redux: 8.1.1(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1)(redux@4.2.1) - - '@remix-run/router@1.19.1': {} - - '@rollup/rollup-android-arm-eabi@4.21.2': - optional: true - - '@rollup/rollup-android-arm64@4.21.2': - optional: true - - '@rollup/rollup-darwin-arm64@4.21.2': - optional: true - - '@rollup/rollup-darwin-x64@4.21.2': - optional: true - - '@rollup/rollup-linux-arm-gnueabihf@4.21.2': - optional: true - - '@rollup/rollup-linux-arm-musleabihf@4.21.2': - optional: true - - '@rollup/rollup-linux-arm64-gnu@4.21.2': - optional: true - - '@rollup/rollup-linux-arm64-musl@4.21.2': - optional: true - - '@rollup/rollup-linux-powerpc64le-gnu@4.21.2': - optional: true - - '@rollup/rollup-linux-riscv64-gnu@4.21.2': - optional: true - - '@rollup/rollup-linux-s390x-gnu@4.21.2': - optional: true - - '@rollup/rollup-linux-x64-gnu@4.21.2': - optional: true - - '@rollup/rollup-linux-x64-musl@4.21.2': - optional: true - - '@rollup/rollup-win32-arm64-msvc@4.21.2': - optional: true - - '@rollup/rollup-win32-ia32-msvc@4.21.2': - optional: true - - '@rollup/rollup-win32-x64-msvc@4.21.2': - optional: true - - '@rushstack/node-core-library@5.7.0(@types/node@22.5.2)': - dependencies: - ajv: 8.13.0 - ajv-draft-04: 1.0.0(ajv@8.13.0) - ajv-formats: 3.0.1(ajv@8.13.0) - fs-extra: 7.0.1 - import-lazy: 4.0.0 - jju: 1.4.0 - resolve: 1.22.8 - semver: 7.5.4 - optionalDependencies: - '@types/node': 22.5.2 - - '@rushstack/terminal@0.14.0(@types/node@22.5.2)': - dependencies: - '@rushstack/node-core-library': 5.7.0(@types/node@22.5.2) - supports-color: 8.1.1 - optionalDependencies: - '@types/node': 22.5.2 - - '@rushstack/ts-command-line@4.22.6(@types/node@22.5.2)': - dependencies: - '@rushstack/terminal': 0.14.0(@types/node@22.5.2) - '@types/argparse': 1.0.38 - argparse: 1.0.10 - string-argv: 0.3.2 - transitivePeerDependencies: - - '@types/node' - - '@sentry/core@6.19.7': - dependencies: - '@sentry/hub': 6.19.7 - '@sentry/minimal': 6.19.7 - '@sentry/types': 6.19.7 - '@sentry/utils': 6.19.7 - tslib: 1.14.1 - - '@sentry/hub@6.19.7': - dependencies: - '@sentry/types': 6.19.7 - '@sentry/utils': 6.19.7 - tslib: 1.14.1 - - '@sentry/minimal@6.19.7': - dependencies: - '@sentry/hub': 6.19.7 - '@sentry/types': 6.19.7 - tslib: 1.14.1 - - '@sentry/node@6.19.7': - dependencies: - '@sentry/core': 6.19.7 - '@sentry/hub': 6.19.7 - '@sentry/types': 6.19.7 - '@sentry/utils': 6.19.7 - cookie: 0.4.2 - https-proxy-agent: 5.0.1 - lru_map: 0.3.3 - tslib: 1.14.1 - transitivePeerDependencies: - - supports-color - - '@sentry/types@6.19.7': {} - - '@sentry/utils@6.19.7': - dependencies: - '@sentry/types': 6.19.7 - tslib: 1.14.1 - - '@simov/deep-extend@1.0.0': {} - - '@sindresorhus/is@4.6.0': {} - - '@sindresorhus/slugify@1.1.0': - dependencies: - '@sindresorhus/transliterate': 0.1.2 - escape-string-regexp: 4.0.0 - - '@sindresorhus/transliterate@0.1.2': - dependencies: - escape-string-regexp: 2.0.0 - lodash.deburr: 4.1.0 - - '@smithy/abort-controller@3.1.1': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/chunked-blob-reader-native@3.0.0': - dependencies: - '@smithy/util-base64': 3.0.0 - tslib: 2.7.0 - - '@smithy/chunked-blob-reader@3.0.0': - dependencies: - tslib: 2.7.0 - - '@smithy/config-resolver@3.0.5': - dependencies: - '@smithy/node-config-provider': 3.1.4 - '@smithy/types': 3.3.0 - '@smithy/util-config-provider': 3.0.0 - '@smithy/util-middleware': 3.0.3 - tslib: 2.7.0 - - '@smithy/core@2.4.0': - dependencies: - '@smithy/middleware-endpoint': 3.1.0 - '@smithy/middleware-retry': 3.0.15 - '@smithy/middleware-serde': 3.0.3 - '@smithy/protocol-http': 4.1.0 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - '@smithy/util-body-length-browser': 3.0.0 - '@smithy/util-middleware': 3.0.3 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - - '@smithy/credential-provider-imds@3.2.0': - dependencies: - '@smithy/node-config-provider': 3.1.4 - '@smithy/property-provider': 3.1.3 - '@smithy/types': 3.3.0 - '@smithy/url-parser': 3.0.3 - tslib: 2.7.0 - - '@smithy/eventstream-codec@3.1.2': - dependencies: - '@aws-crypto/crc32': 5.2.0 - '@smithy/types': 3.3.0 - '@smithy/util-hex-encoding': 3.0.0 - tslib: 2.7.0 - - '@smithy/eventstream-serde-browser@3.0.6': - dependencies: - '@smithy/eventstream-serde-universal': 3.0.5 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/eventstream-serde-config-resolver@3.0.3': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/eventstream-serde-node@3.0.5': - dependencies: - '@smithy/eventstream-serde-universal': 3.0.5 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/eventstream-serde-universal@3.0.5': - dependencies: - '@smithy/eventstream-codec': 3.1.2 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/fetch-http-handler@3.2.4': - dependencies: - '@smithy/protocol-http': 4.1.0 - '@smithy/querystring-builder': 3.0.3 - '@smithy/types': 3.3.0 - '@smithy/util-base64': 3.0.0 - tslib: 2.7.0 - - '@smithy/hash-blob-browser@3.1.2': - dependencies: - '@smithy/chunked-blob-reader': 3.0.0 - '@smithy/chunked-blob-reader-native': 3.0.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/hash-node@3.0.3': - dependencies: - '@smithy/types': 3.3.0 - '@smithy/util-buffer-from': 3.0.0 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - - '@smithy/hash-stream-node@3.1.2': - dependencies: - '@smithy/types': 3.3.0 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - - '@smithy/invalid-dependency@3.0.3': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/is-array-buffer@2.2.0': - dependencies: - tslib: 2.7.0 - - '@smithy/is-array-buffer@3.0.0': - dependencies: - tslib: 2.7.0 - - '@smithy/md5-js@3.0.3': - dependencies: - '@smithy/types': 3.3.0 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - - '@smithy/middleware-content-length@3.0.5': - dependencies: - '@smithy/protocol-http': 4.1.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/middleware-endpoint@3.1.0': - dependencies: - '@smithy/middleware-serde': 3.0.3 - '@smithy/node-config-provider': 3.1.4 - '@smithy/shared-ini-file-loader': 3.1.4 - '@smithy/types': 3.3.0 - '@smithy/url-parser': 3.0.3 - '@smithy/util-middleware': 3.0.3 - tslib: 2.7.0 - - '@smithy/middleware-retry@3.0.15': - dependencies: - '@smithy/node-config-provider': 3.1.4 - '@smithy/protocol-http': 4.1.0 - '@smithy/service-error-classification': 3.0.3 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - '@smithy/util-middleware': 3.0.3 - '@smithy/util-retry': 3.0.3 - tslib: 2.7.0 - uuid: 9.0.1 - - '@smithy/middleware-serde@3.0.3': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/middleware-stack@3.0.3': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/node-config-provider@3.1.4': - dependencies: - '@smithy/property-provider': 3.1.3 - '@smithy/shared-ini-file-loader': 3.1.4 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/node-http-handler@3.1.4': - dependencies: - '@smithy/abort-controller': 3.1.1 - '@smithy/protocol-http': 4.1.0 - '@smithy/querystring-builder': 3.0.3 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/property-provider@3.1.3': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/protocol-http@4.1.0': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/querystring-builder@3.0.3': - dependencies: - '@smithy/types': 3.3.0 - '@smithy/util-uri-escape': 3.0.0 - tslib: 2.7.0 - - '@smithy/querystring-parser@3.0.3': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/service-error-classification@3.0.3': - dependencies: - '@smithy/types': 3.3.0 - - '@smithy/shared-ini-file-loader@3.1.4': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/signature-v4@4.1.0': - dependencies: - '@smithy/is-array-buffer': 3.0.0 - '@smithy/protocol-http': 4.1.0 - '@smithy/types': 3.3.0 - '@smithy/util-hex-encoding': 3.0.0 - '@smithy/util-middleware': 3.0.3 - '@smithy/util-uri-escape': 3.0.0 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - - '@smithy/smithy-client@3.2.0': - dependencies: - '@smithy/middleware-endpoint': 3.1.0 - '@smithy/middleware-stack': 3.0.3 - '@smithy/protocol-http': 4.1.0 - '@smithy/types': 3.3.0 - '@smithy/util-stream': 3.1.3 - tslib: 2.7.0 - - '@smithy/types@3.3.0': - dependencies: - tslib: 2.7.0 - - '@smithy/url-parser@3.0.3': - dependencies: - '@smithy/querystring-parser': 3.0.3 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/util-base64@3.0.0': - dependencies: - '@smithy/util-buffer-from': 3.0.0 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - - '@smithy/util-body-length-browser@3.0.0': - dependencies: - tslib: 2.7.0 - - '@smithy/util-body-length-node@3.0.0': - dependencies: - tslib: 2.7.0 - - '@smithy/util-buffer-from@2.2.0': - dependencies: - '@smithy/is-array-buffer': 2.2.0 - tslib: 2.7.0 - - '@smithy/util-buffer-from@3.0.0': - dependencies: - '@smithy/is-array-buffer': 3.0.0 - tslib: 2.7.0 - - '@smithy/util-config-provider@3.0.0': - dependencies: - tslib: 2.7.0 - - '@smithy/util-defaults-mode-browser@3.0.15': - dependencies: - '@smithy/property-provider': 3.1.3 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - bowser: 2.11.0 - tslib: 2.7.0 - - '@smithy/util-defaults-mode-node@3.0.15': - dependencies: - '@smithy/config-resolver': 3.0.5 - '@smithy/credential-provider-imds': 3.2.0 - '@smithy/node-config-provider': 3.1.4 - '@smithy/property-provider': 3.1.3 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/util-endpoints@2.0.5': - dependencies: - '@smithy/node-config-provider': 3.1.4 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/util-hex-encoding@3.0.0': - dependencies: - tslib: 2.7.0 - - '@smithy/util-middleware@3.0.3': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/util-retry@3.0.3': - dependencies: - '@smithy/service-error-classification': 3.0.3 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/util-stream@3.1.3': - dependencies: - '@smithy/fetch-http-handler': 3.2.4 - '@smithy/node-http-handler': 3.1.4 - '@smithy/types': 3.3.0 - '@smithy/util-base64': 3.0.0 - '@smithy/util-buffer-from': 3.0.0 - '@smithy/util-hex-encoding': 3.0.0 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - - '@smithy/util-uri-escape@3.0.0': - dependencies: - tslib: 2.7.0 - - '@smithy/util-utf8@2.3.0': - dependencies: - '@smithy/util-buffer-from': 2.2.0 - tslib: 2.7.0 - - '@smithy/util-utf8@3.0.0': - dependencies: - '@smithy/util-buffer-from': 3.0.0 - tslib: 2.7.0 - - '@smithy/util-waiter@3.1.2': - dependencies: - '@smithy/abort-controller': 3.1.1 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@strapi/admin@4.25.9(kgi7qayoxmh7jdvj26fzdxk4ry)': - dependencies: - '@casl/ability': 6.5.0 - '@pmmmwh/react-refresh-webpack-plugin': 0.5.11(react-refresh@0.14.0)(type-fest@2.19.0)(webpack-hot-middleware@2.26.0)(webpack@5.94.0(esbuild@0.19.11)) - '@radix-ui/react-context': 1.0.1(@types/react@18.3.5)(react@18.3.1) - '@radix-ui/react-toolbar': 1.0.4(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - '@reduxjs/toolkit': 1.9.7(react-redux@8.1.1(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1)(redux@4.2.1))(react@18.3.1) - '@strapi/data-transfer': 4.25.9(@strapi/strapi@4.25.9(@babel/runtime@7.25.6)(@codemirror/autocomplete@6.18.0(@codemirror/language@6.10.2)(@codemirror/state@6.4.1)(@codemirror/view@6.33.0)(@lezer/common@1.2.1))(@codemirror/language@6.10.2)(@codemirror/lint@6.8.1)(@codemirror/search@6.5.6)(@codemirror/state@6.4.1)(@codemirror/theme-one-dark@6.1.2)(@codemirror/view@6.33.0)(@swc/helpers@0.5.13)(@types/hoist-non-react-statics@3.3.5)(@types/node@22.5.2)(@types/react@18.3.5)(codemirror@5.65.17)(pg@8.12.0)(react-dom@18.3.1(react@18.3.1))(react-router-dom@6.26.1(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(react@18.3.1)(redux@4.2.1)(styled-components@6.1.13(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(terser@5.31.6)(type-fest@2.19.0))(@types/node@22.5.2)(pg@8.12.0) - '@strapi/design-system': 1.19.0(@babel/runtime@7.25.6)(@codemirror/autocomplete@6.18.0(@codemirror/language@6.10.2)(@codemirror/state@6.4.1)(@codemirror/view@6.33.0)(@lezer/common@1.2.1))(@codemirror/language@6.10.2)(@codemirror/lint@6.8.1)(@codemirror/search@6.5.6)(@codemirror/state@6.4.1)(@codemirror/theme-one-dark@6.1.2)(@codemirror/view@6.33.0)(@strapi/icons@1.19.0(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(@types/react@18.3.5)(codemirror@5.65.17)(react-dom@18.3.1(react@18.3.1))(react-router-dom@6.26.1(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(react@18.3.1)(styled-components@6.1.13(react-dom@18.3.1(react@18.3.1))(react@18.3.1)) - '@strapi/helper-plugin': 4.25.9(@strapi/design-system@1.19.0(@babel/runtime@7.25.6)(@codemirror/autocomplete@6.18.0(@codemirror/language@6.10.2)(@codemirror/state@6.4.1)(@codemirror/view@6.33.0)(@lezer/common@1.2.1))(@codemirror/language@6.10.2)(@codemirror/lint@6.8.1)(@codemirror/search@6.5.6)(@codemirror/state@6.4.1)(@codemirror/theme-one-dark@6.1.2)(@codemirror/view@6.33.0)(@strapi/icons@1.19.0(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(@types/react@18.3.5)(codemirror@5.65.17)(react-dom@18.3.1(react@18.3.1))(react-router-dom@6.26.1(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(react@18.3.1)(styled-components@6.1.13(react-dom@18.3.1(react@18.3.1))(react@18.3.1)))(@strapi/icons@1.19.0(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(@types/react@18.3.5)(debug@4.3.4)(react-dom@18.3.1(react@18.3.1))(react-router-dom@6.26.1(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(react@18.3.1)(styled-components@6.1.13(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(typescript@5.2.2) - '@strapi/icons': 1.19.0(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - '@strapi/permissions': 4.25.9 - '@strapi/provider-audit-logs-local': 4.25.9 - '@strapi/strapi': 4.25.9(@babel/runtime@7.25.6)(@codemirror/autocomplete@6.18.0(@codemirror/language@6.10.2)(@codemirror/state@6.4.1)(@codemirror/view@6.33.0)(@lezer/common@1.2.1))(@codemirror/language@6.10.2)(@codemirror/lint@6.8.1)(@codemirror/search@6.5.6)(@codemirror/state@6.4.1)(@codemirror/theme-one-dark@6.1.2)(@codemirror/view@6.33.0)(@swc/helpers@0.5.13)(@types/hoist-non-react-statics@3.3.5)(@types/node@22.5.2)(@types/react@18.3.5)(codemirror@5.65.17)(pg@8.12.0)(react-dom@18.3.1(react@18.3.1))(react-router-dom@6.26.1(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(react@18.3.1)(redux@4.2.1)(styled-components@6.1.13(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(terser@5.31.6)(type-fest@2.19.0) - '@strapi/types': 4.25.9(@types/node@22.5.2)(pg@8.12.0) - '@strapi/typescript-utils': 4.25.9 - '@strapi/utils': 4.25.9 - '@vitejs/plugin-react-swc': 3.5.0(@swc/helpers@0.5.13)(vite@5.0.13(@types/node@22.5.2)(terser@5.31.6)) - axios: 1.7.4(debug@4.3.4) - bcryptjs: 2.4.3 - boxen: 5.1.2 - browserslist: 4.23.3 - browserslist-to-esbuild: 1.2.0 - chalk: 4.1.2 - chokidar: 3.5.3 - codemirror5: codemirror@5.65.17 - cross-env: 7.0.3 - css-loader: 6.11.0(webpack@5.94.0(esbuild@0.19.11)) - date-fns: 2.30.0 - dotenv: 14.2.0 - esbuild: 0.19.11 - esbuild-loader: 2.21.0(webpack@5.94.0(esbuild@0.19.11)) - esbuild-register: 3.5.0(esbuild@0.19.11) - execa: 5.1.1 - fast-deep-equal: 3.1.3 - find-root: 1.1.0 - fork-ts-checker-webpack-plugin: 9.0.2(typescript@5.2.2)(webpack@5.94.0(esbuild@0.19.11)) - formik: 2.4.0(react@18.3.1) - fractional-indexing: 3.2.0 - fs-extra: 10.0.0 - highlight.js: 10.7.3 - history: 4.10.1 - html-webpack-plugin: 5.6.0(webpack@5.94.0(esbuild@0.19.11)) - immer: 9.0.19 - inquirer: 8.2.5 - invariant: 2.2.4 - is-localhost-ip: 2.0.0 - js-cookie: 2.2.1 - jsonwebtoken: 9.0.0 - koa: 2.13.4 - koa-bodyparser: 4.4.1 - koa-compose: 4.1.0 - koa-passport: 5.0.0 - koa-static: 5.0.0 - koa2-ratelimit: 1.1.3 - lodash: 4.17.21 - markdown-it: 12.3.2 - markdown-it-abbr: 1.0.4 - markdown-it-container: 3.0.0 - markdown-it-deflist: 2.1.0 - markdown-it-emoji: 2.0.2 - markdown-it-footnote: 3.0.3 - markdown-it-ins: 3.0.1 - markdown-it-mark: 3.0.1 - markdown-it-sub: 1.0.0 - markdown-it-sup: 1.0.0 - mini-css-extract-plugin: 2.7.7(webpack@5.94.0(esbuild@0.19.11)) - node-schedule: 2.1.1 - ora: 5.4.1 - outdent: 0.8.0 - p-map: 4.0.0 - passport-local: 1.0.0 - pluralize: 8.0.0 - prettier: 2.8.4 - prop-types: 15.8.1 - punycode: 2.3.1 - qs: 6.11.1 - react: 18.3.1 - react-dnd: 16.0.1(@types/hoist-non-react-statics@3.3.5)(@types/node@22.5.2)(@types/react@18.3.5)(react@18.3.1) - react-dnd-html5-backend: 16.0.1 - react-dom: 18.3.1(react@18.3.1) - react-error-boundary: 3.1.4(react@18.3.1) - react-helmet: 6.1.0(react@18.3.1) - react-intl: 6.4.1(react@18.3.1)(typescript@5.2.2) - react-is: 18.3.1 - react-query: 3.39.3(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - react-redux: 8.1.1(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1)(redux@4.2.1) - react-refresh: 0.14.0 - react-router-dom: 6.26.1(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - react-select: 5.7.0(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - react-window: 1.8.8(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - read-pkg-up: 7.0.1 - resolve-from: 5.0.0 - rimraf: 3.0.2 - sanitize-html: 2.13.0 - semver: 7.5.4 - sift: 16.0.1 - slate: 0.94.1 - slate-history: 0.93.0(slate@0.94.1) - slate-react: 0.98.3(react-dom@18.3.1(react@18.3.1))(react@18.3.1)(slate@0.94.1) - style-loader: 3.3.4(webpack@5.94.0(esbuild@0.19.11)) - styled-components: 6.1.13(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - typescript: 5.2.2 - vite: 5.0.13(@types/node@22.5.2)(terser@5.31.6) - webpack: 5.94.0(esbuild@0.19.11) - webpack-bundle-analyzer: 4.10.2 - webpack-dev-middleware: 6.1.2(webpack@5.94.0(esbuild@0.19.11)) - webpack-hot-middleware: 2.26.0 - yup: 0.32.9 - transitivePeerDependencies: - - '@babel/runtime' - - '@codemirror/autocomplete' - - '@codemirror/language' - - '@codemirror/lint' - - '@codemirror/search' - - '@codemirror/state' - - '@codemirror/theme-one-dark' - - '@codemirror/view' - - '@rspack/core' - - '@swc/core' - - '@swc/helpers' - - '@types/hoist-non-react-statics' - - '@types/node' - - '@types/react' - - '@types/react-dom' - - '@types/webpack' - - better-sqlite3 - - bufferutil - - codemirror - - debug - - encoding - - less - - lightningcss - - mongoose - - mysql - - mysql2 - - pg - - pg-native - - react-native - - redis - - redux - - sass - - sequelize - - sockjs-client - - sqlite3 - - stylus - - sugarss - - supports-color - - tedious - - terser - - type-fest - - uglify-js - - utf-8-validate - - webpack-cli - - webpack-dev-server - - webpack-plugin-serve - - '@strapi/cloud-cli@4.25.9(debug@4.3.4)': - dependencies: - '@strapi/utils': 4.25.9 - axios: 1.7.4(debug@4.3.4) - chalk: 4.1.2 - cli-progress: 3.12.0 - commander: 8.3.0 - eventsource: 2.0.2 - fast-safe-stringify: 2.1.1 - fs-extra: 10.0.0 - inquirer: 8.2.5 - jsonwebtoken: 9.0.0 - jwks-rsa: 3.1.0 - lodash: 4.17.21 - minimatch: 9.0.3 - open: 8.4.0 - ora: 5.4.1 - pkg-up: 3.1.0 - tar: 6.1.13 - xdg-app-paths: 8.3.0 - yup: 0.32.9 - transitivePeerDependencies: - - debug - - supports-color - - '@strapi/content-releases@4.25.9(q7vptuqps424wczizevu7bwk2q)': - dependencies: - '@reduxjs/toolkit': 1.9.7(react-redux@8.1.1(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1)(redux@4.2.1))(react@18.3.1) - '@strapi/admin': 4.25.9(kgi7qayoxmh7jdvj26fzdxk4ry) - '@strapi/design-system': 1.19.0(@babel/runtime@7.25.6)(@codemirror/autocomplete@6.18.0(@codemirror/language@6.10.2)(@codemirror/state@6.4.1)(@codemirror/view@6.33.0)(@lezer/common@1.2.1))(@codemirror/language@6.10.2)(@codemirror/lint@6.8.1)(@codemirror/search@6.5.6)(@codemirror/state@6.4.1)(@codemirror/theme-one-dark@6.1.2)(@codemirror/view@6.33.0)(@strapi/icons@1.19.0(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(@types/react@18.3.5)(codemirror@5.65.17)(react-dom@18.3.1(react@18.3.1))(react-router-dom@6.26.1(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(react@18.3.1)(styled-components@6.1.13(react-dom@18.3.1(react@18.3.1))(react@18.3.1)) - '@strapi/helper-plugin': 4.25.9(@strapi/design-system@1.19.0(@babel/runtime@7.25.6)(@codemirror/autocomplete@6.18.0(@codemirror/language@6.10.2)(@codemirror/state@6.4.1)(@codemirror/view@6.33.0)(@lezer/common@1.2.1))(@codemirror/language@6.10.2)(@codemirror/lint@6.8.1)(@codemirror/search@6.5.6)(@codemirror/state@6.4.1)(@codemirror/theme-one-dark@6.1.2)(@codemirror/view@6.33.0)(@strapi/icons@1.19.0(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(@types/react@18.3.5)(codemirror@5.65.17)(react-dom@18.3.1(react@18.3.1))(react-router-dom@6.26.1(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(react@18.3.1)(styled-components@6.1.13(react-dom@18.3.1(react@18.3.1))(react@18.3.1)))(@strapi/icons@1.19.0(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(@types/react@18.3.5)(debug@4.3.4)(react-dom@18.3.1(react@18.3.1))(react-router-dom@6.26.1(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(react@18.3.1)(styled-components@6.1.13(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(typescript@5.2.2) - '@strapi/icons': 1.19.0(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - '@strapi/strapi': 4.25.9(@babel/runtime@7.25.6)(@codemirror/autocomplete@6.18.0(@codemirror/language@6.10.2)(@codemirror/state@6.4.1)(@codemirror/view@6.33.0)(@lezer/common@1.2.1))(@codemirror/language@6.10.2)(@codemirror/lint@6.8.1)(@codemirror/search@6.5.6)(@codemirror/state@6.4.1)(@codemirror/theme-one-dark@6.1.2)(@codemirror/view@6.33.0)(@swc/helpers@0.5.13)(@types/hoist-non-react-statics@3.3.5)(@types/node@22.5.2)(@types/react@18.3.5)(codemirror@5.65.17)(pg@8.12.0)(react-dom@18.3.1(react@18.3.1))(react-router-dom@6.26.1(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(react@18.3.1)(redux@4.2.1)(styled-components@6.1.13(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(terser@5.31.6)(type-fest@2.19.0) - '@strapi/types': 4.25.9(@types/node@22.5.2)(pg@8.12.0) - '@strapi/utils': 4.25.9 - axios: 1.7.4(debug@4.3.4) - date-fns: 2.30.0 - date-fns-tz: 2.0.0(date-fns@2.30.0) - formik: 2.4.0(react@18.3.1) - lodash: 4.17.21 - node-schedule: 2.1.1 - react: 18.3.1 - react-dom: 18.3.1(react@18.3.1) - react-intl: 6.4.1(react@18.3.1)(typescript@5.2.2) - react-redux: 8.1.1(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1)(redux@4.2.1) - react-router-dom: 6.26.1(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - styled-components: 6.1.13(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - yup: 0.32.9 - transitivePeerDependencies: - - '@babel/runtime' - - '@codemirror/autocomplete' - - '@codemirror/language' - - '@codemirror/lint' - - '@codemirror/search' - - '@codemirror/state' - - '@codemirror/theme-one-dark' - - '@codemirror/view' - - '@types/node' - - '@types/react' - - '@types/react-dom' - - better-sqlite3 - - codemirror - - debug - - encoding - - mysql - - mysql2 - - pg - - pg-native - - react-native - - redux - - sqlite3 - - supports-color - - tedious - - typescript - - '@strapi/data-transfer@4.25.9(@strapi/strapi@4.25.9(@babel/runtime@7.25.6)(@codemirror/autocomplete@6.18.0(@codemirror/language@6.10.2)(@codemirror/state@6.4.1)(@codemirror/view@6.33.0)(@lezer/common@1.2.1))(@codemirror/language@6.10.2)(@codemirror/lint@6.8.1)(@codemirror/search@6.5.6)(@codemirror/state@6.4.1)(@codemirror/theme-one-dark@6.1.2)(@codemirror/view@6.33.0)(@swc/helpers@0.5.13)(@types/hoist-non-react-statics@3.3.5)(@types/node@22.5.2)(@types/react@18.3.5)(codemirror@5.65.17)(pg@8.12.0)(react-dom@18.3.1(react@18.3.1))(react-router-dom@6.26.1(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(react@18.3.1)(redux@4.2.1)(styled-components@6.1.13(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(terser@5.31.6)(type-fest@2.19.0))(@types/node@22.5.2)(pg@8.12.0)': - dependencies: - '@strapi/logger': 4.25.9 - '@strapi/strapi': 4.25.9(@babel/runtime@7.25.6)(@codemirror/autocomplete@6.18.0(@codemirror/language@6.10.2)(@codemirror/state@6.4.1)(@codemirror/view@6.33.0)(@lezer/common@1.2.1))(@codemirror/language@6.10.2)(@codemirror/lint@6.8.1)(@codemirror/search@6.5.6)(@codemirror/state@6.4.1)(@codemirror/theme-one-dark@6.1.2)(@codemirror/view@6.33.0)(@swc/helpers@0.5.13)(@types/hoist-non-react-statics@3.3.5)(@types/node@22.5.2)(@types/react@18.3.5)(codemirror@5.65.17)(pg@8.12.0)(react-dom@18.3.1(react@18.3.1))(react-router-dom@6.26.1(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(react@18.3.1)(redux@4.2.1)(styled-components@6.1.13(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(terser@5.31.6)(type-fest@2.19.0) - '@strapi/types': 4.25.9(@types/node@22.5.2)(pg@8.12.0) - '@strapi/utils': 4.25.9 - chalk: 4.1.2 - cli-table3: 0.6.5 - commander: 8.3.0 - fs-extra: 10.0.0 - inquirer: 8.2.5 - lodash: 4.17.21 - ora: 5.4.1 - resolve-cwd: 3.0.0 - semver: 7.5.4 - stream-chain: 2.2.5 - stream-json: 1.8.0 - tar: 6.1.13 - tar-stream: 2.2.0 - ws: 8.13.0 - transitivePeerDependencies: - - '@types/node' - - better-sqlite3 - - bufferutil - - encoding - - mysql - - mysql2 - - pg - - pg-native - - sqlite3 - - supports-color - - tedious - - utf-8-validate - - '@strapi/database@4.25.9(@types/node@22.5.2)(pg@8.12.0)': - dependencies: - '@strapi/utils': 4.25.9 - date-fns: 2.30.0 - debug: 4.3.4(supports-color@5.5.0) - fs-extra: 10.0.0 - knex: 2.5.0(pg@8.12.0) - lodash: 4.17.21 - semver: 7.5.4 - umzug: 3.2.1(@types/node@22.5.2) - transitivePeerDependencies: - - '@types/node' - - better-sqlite3 - - mysql - - mysql2 - - pg - - pg-native - - sqlite3 - - supports-color - - tedious - - '@strapi/design-system@1.19.0(@babel/runtime@7.25.6)(@codemirror/autocomplete@6.18.0(@codemirror/language@6.10.2)(@codemirror/state@6.4.1)(@codemirror/view@6.33.0)(@lezer/common@1.2.1))(@codemirror/language@6.10.2)(@codemirror/lint@6.8.1)(@codemirror/search@6.5.6)(@codemirror/state@6.4.1)(@codemirror/theme-one-dark@6.1.2)(@codemirror/view@6.33.0)(@strapi/icons@1.19.0(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(@types/react@18.3.5)(codemirror@5.65.17)(react-dom@18.3.1(react@18.3.1))(react-router-dom@6.26.1(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(react@18.3.1)(styled-components@6.1.13(react-dom@18.3.1(react@18.3.1))(react@18.3.1))': - dependencies: - '@codemirror/lang-json': 6.0.1 - '@floating-ui/react-dom': 2.1.1(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - '@internationalized/date': 3.5.5 - '@internationalized/number': 3.5.3 - '@radix-ui/react-dismissable-layer': 1.1.0(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - '@radix-ui/react-dropdown-menu': 2.1.1(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - '@radix-ui/react-focus-scope': 1.0.4(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - '@strapi/icons': 1.19.0(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - '@strapi/ui-primitives': 1.19.0(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - '@uiw/react-codemirror': 4.23.0(@babel/runtime@7.25.6)(@codemirror/autocomplete@6.18.0(@codemirror/language@6.10.2)(@codemirror/state@6.4.1)(@codemirror/view@6.33.0)(@lezer/common@1.2.1))(@codemirror/language@6.10.2)(@codemirror/lint@6.8.1)(@codemirror/search@6.5.6)(@codemirror/state@6.4.1)(@codemirror/theme-one-dark@6.1.2)(@codemirror/view@6.33.0)(codemirror@5.65.17)(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - aria-hidden: 1.2.4 - compute-scroll-into-view: 3.1.0 - prop-types: 15.8.1 - react: 18.3.1 - react-dom: 18.3.1(react@18.3.1) - react-remove-scroll: 2.5.10(@types/react@18.3.5)(react@18.3.1) - react-router-dom: 6.26.1(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - styled-components: 6.1.13(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - transitivePeerDependencies: - - '@babel/runtime' - - '@codemirror/autocomplete' - - '@codemirror/language' - - '@codemirror/lint' - - '@codemirror/search' - - '@codemirror/state' - - '@codemirror/theme-one-dark' - - '@codemirror/view' - - '@types/react' - - '@types/react-dom' - - codemirror - - '@strapi/generate-new@4.25.9': - dependencies: - '@sentry/node': 6.19.7 - chalk: 4.1.2 - execa: 5.1.1 - fs-extra: 10.0.0 - inquirer: 8.2.5 - lodash: 4.17.21 - node-fetch: 2.7.0 - node-machine-id: 1.1.12 - ora: 5.4.1 - semver: 7.5.4 - tar: 6.1.13 - transitivePeerDependencies: - - encoding - - supports-color - - '@strapi/generators@4.25.9': - dependencies: - '@sindresorhus/slugify': 1.1.0 - '@strapi/typescript-utils': 4.25.9 - '@strapi/utils': 4.25.9 - chalk: 4.1.2 - copyfiles: 2.4.1 - fs-extra: 10.0.0 - node-plop: 0.26.3 - plop: 2.7.6 - pluralize: 8.0.0 - transitivePeerDependencies: - - supports-color - - '@strapi/helper-plugin@4.25.9(@strapi/design-system@1.19.0(@babel/runtime@7.25.6)(@codemirror/autocomplete@6.18.0(@codemirror/language@6.10.2)(@codemirror/state@6.4.1)(@codemirror/view@6.33.0)(@lezer/common@1.2.1))(@codemirror/language@6.10.2)(@codemirror/lint@6.8.1)(@codemirror/search@6.5.6)(@codemirror/state@6.4.1)(@codemirror/theme-one-dark@6.1.2)(@codemirror/view@6.33.0)(@strapi/icons@1.19.0(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(@types/react@18.3.5)(codemirror@5.65.17)(react-dom@18.3.1(react@18.3.1))(react-router-dom@6.26.1(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(react@18.3.1)(styled-components@6.1.13(react-dom@18.3.1(react@18.3.1))(react@18.3.1)))(@strapi/icons@1.19.0(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(@types/react@18.3.5)(debug@4.3.4)(react-dom@18.3.1(react@18.3.1))(react-router-dom@6.26.1(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(react@18.3.1)(styled-components@6.1.13(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(typescript@5.2.2)': - dependencies: - '@strapi/design-system': 1.19.0(@babel/runtime@7.25.6)(@codemirror/autocomplete@6.18.0(@codemirror/language@6.10.2)(@codemirror/state@6.4.1)(@codemirror/view@6.33.0)(@lezer/common@1.2.1))(@codemirror/language@6.10.2)(@codemirror/lint@6.8.1)(@codemirror/search@6.5.6)(@codemirror/state@6.4.1)(@codemirror/theme-one-dark@6.1.2)(@codemirror/view@6.33.0)(@strapi/icons@1.19.0(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(@types/react@18.3.5)(codemirror@5.65.17)(react-dom@18.3.1(react@18.3.1))(react-router-dom@6.26.1(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(react@18.3.1)(styled-components@6.1.13(react-dom@18.3.1(react@18.3.1))(react@18.3.1)) - '@strapi/icons': 1.19.0(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - axios: 1.7.4(debug@4.3.4) - date-fns: 2.30.0 - formik: 2.4.0(react@18.3.1) - immer: 9.0.19 - lodash: 4.17.21 - qs: 6.11.1 - react: 18.3.1 - react-dom: 18.3.1(react@18.3.1) - react-helmet: 6.1.0(react@18.3.1) - react-intl: 6.4.1(react@18.3.1)(typescript@5.2.2) - react-query: 3.39.3(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - react-router-dom: 6.26.1(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - react-select: 5.7.0(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - styled-components: 6.1.13(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - transitivePeerDependencies: - - '@types/react' - - debug - - react-native - - supports-color - - typescript - - '@strapi/icons@1.19.0(react-dom@18.3.1(react@18.3.1))(react@18.3.1)': - dependencies: - react: 18.3.1 - react-dom: 18.3.1(react@18.3.1) - - '@strapi/logger@4.25.9': - dependencies: - lodash: 4.17.21 - winston: 3.10.0 - - '@strapi/pack-up@4.23.0(@swc/helpers@0.5.13)(@types/node@22.5.2)(debug@4.3.4)(terser@5.31.6)': - dependencies: - '@vitejs/plugin-react-swc': 3.5.0(@swc/helpers@0.5.13)(vite@5.0.13(@types/node@22.5.2)(terser@5.31.6)) - boxen: 5.1.2 - browserslist-to-esbuild: 1.2.0 - chalk: 4.1.2 - chokidar: 3.5.3 - commander: 8.3.0 - esbuild: 0.19.11 - esbuild-register: 3.5.0(esbuild@0.19.11) - get-latest-version: 5.1.0(debug@4.3.4) - git-url-parse: 13.1.0 - ini: 4.1.1 - ora: 5.4.1 - outdent: 0.8.0 - pkg-up: 3.1.0 - prettier: 2.8.4 - prettier-plugin-packagejson: 2.4.5(prettier@2.8.4) - prompts: 2.4.2 - rxjs: 7.8.1 - typescript: 5.2.2 - vite: 5.0.13(@types/node@22.5.2)(terser@5.31.6) - yup: 0.32.9 - transitivePeerDependencies: - - '@swc/helpers' - - '@types/node' - - debug - - less - - lightningcss - - sass - - stylus - - sugarss - - supports-color - - terser - - '@strapi/permissions@4.25.9': - dependencies: - '@casl/ability': 6.5.0 - '@strapi/utils': 4.25.9 - lodash: 4.17.21 - qs: 6.11.1 - sift: 16.0.1 - - '@strapi/plugin-cloud@4.25.9(vz4izpmlclysylnr54rpbz6mea)': - dependencies: - '@strapi/design-system': 1.19.0(@babel/runtime@7.25.6)(@codemirror/autocomplete@6.18.0(@codemirror/language@6.10.2)(@codemirror/state@6.4.1)(@codemirror/view@6.33.0)(@lezer/common@1.2.1))(@codemirror/language@6.10.2)(@codemirror/lint@6.8.1)(@codemirror/search@6.5.6)(@codemirror/state@6.4.1)(@codemirror/theme-one-dark@6.1.2)(@codemirror/view@6.33.0)(@strapi/icons@1.19.0(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(@types/react@18.3.5)(codemirror@5.65.17)(react-dom@18.3.1(react@18.3.1))(react-router-dom@6.26.1(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(react@18.3.1)(styled-components@6.1.13(react-dom@18.3.1(react@18.3.1))(react@18.3.1)) - '@strapi/helper-plugin': 4.25.9(@strapi/design-system@1.19.0(@babel/runtime@7.25.6)(@codemirror/autocomplete@6.18.0(@codemirror/language@6.10.2)(@codemirror/state@6.4.1)(@codemirror/view@6.33.0)(@lezer/common@1.2.1))(@codemirror/language@6.10.2)(@codemirror/lint@6.8.1)(@codemirror/search@6.5.6)(@codemirror/state@6.4.1)(@codemirror/theme-one-dark@6.1.2)(@codemirror/view@6.33.0)(@strapi/icons@1.19.0(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(@types/react@18.3.5)(codemirror@5.65.17)(react-dom@18.3.1(react@18.3.1))(react-router-dom@6.26.1(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(react@18.3.1)(styled-components@6.1.13(react-dom@18.3.1(react@18.3.1))(react@18.3.1)))(@strapi/icons@1.19.0(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(@types/react@18.3.5)(debug@4.3.4)(react-dom@18.3.1(react@18.3.1))(react-router-dom@6.26.1(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(react@18.3.1)(styled-components@6.1.13(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(typescript@5.2.2) - '@strapi/icons': 1.19.0(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - '@strapi/strapi': 4.25.9(@babel/runtime@7.25.6)(@codemirror/autocomplete@6.18.0(@codemirror/language@6.10.2)(@codemirror/state@6.4.1)(@codemirror/view@6.33.0)(@lezer/common@1.2.1))(@codemirror/language@6.10.2)(@codemirror/lint@6.8.1)(@codemirror/search@6.5.6)(@codemirror/state@6.4.1)(@codemirror/theme-one-dark@6.1.2)(@codemirror/view@6.33.0)(@swc/helpers@0.5.13)(@types/hoist-non-react-statics@3.3.5)(@types/node@22.5.2)(@types/react@18.3.5)(codemirror@5.65.17)(pg@8.12.0)(react-dom@18.3.1(react@18.3.1))(react-router-dom@6.26.1(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(react@18.3.1)(redux@4.2.1)(styled-components@6.1.13(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(terser@5.31.6)(type-fest@2.19.0) - react: 18.3.1 - react-dom: 18.3.1(react@18.3.1) - react-intl: 6.4.1(react@18.3.1)(typescript@5.2.2) - react-router-dom: 6.26.1(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - styled-components: 6.1.13(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - transitivePeerDependencies: - - '@babel/runtime' - - '@codemirror/autocomplete' - - '@codemirror/language' - - '@codemirror/lint' - - '@codemirror/search' - - '@codemirror/state' - - '@codemirror/theme-one-dark' - - '@codemirror/view' - - '@types/react' - - '@types/react-dom' - - codemirror - - debug - - react-native - - supports-color - - typescript - - '@strapi/plugin-content-manager@4.25.9(@types/node@22.5.2)(pg@8.12.0)': - dependencies: - '@sindresorhus/slugify': 1.1.0 - '@strapi/types': 4.25.9(@types/node@22.5.2)(pg@8.12.0) - '@strapi/utils': 4.25.9 - koa: 2.13.4 - koa-bodyparser: 4.4.1 - lodash: 4.17.21 - qs: 6.11.1 - transitivePeerDependencies: - - '@types/node' - - better-sqlite3 - - encoding - - mysql - - mysql2 - - pg - - pg-native - - sqlite3 - - supports-color - - tedious - - '@strapi/plugin-content-type-builder@4.25.9(z44l57356hx7plbwj2tww36tbi)': - dependencies: - '@reduxjs/toolkit': 1.9.7(react-redux@8.1.1(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1)(redux@4.2.1))(react@18.3.1) - '@sindresorhus/slugify': 1.1.0 - '@strapi/design-system': 1.19.0(@babel/runtime@7.25.6)(@codemirror/autocomplete@6.18.0(@codemirror/language@6.10.2)(@codemirror/state@6.4.1)(@codemirror/view@6.33.0)(@lezer/common@1.2.1))(@codemirror/language@6.10.2)(@codemirror/lint@6.8.1)(@codemirror/search@6.5.6)(@codemirror/state@6.4.1)(@codemirror/theme-one-dark@6.1.2)(@codemirror/view@6.33.0)(@strapi/icons@1.19.0(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(@types/react@18.3.5)(codemirror@5.65.17)(react-dom@18.3.1(react@18.3.1))(react-router-dom@6.26.1(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(react@18.3.1)(styled-components@6.1.13(react-dom@18.3.1(react@18.3.1))(react@18.3.1)) - '@strapi/generators': 4.25.9 - '@strapi/helper-plugin': 4.25.9(@strapi/design-system@1.19.0(@babel/runtime@7.25.6)(@codemirror/autocomplete@6.18.0(@codemirror/language@6.10.2)(@codemirror/state@6.4.1)(@codemirror/view@6.33.0)(@lezer/common@1.2.1))(@codemirror/language@6.10.2)(@codemirror/lint@6.8.1)(@codemirror/search@6.5.6)(@codemirror/state@6.4.1)(@codemirror/theme-one-dark@6.1.2)(@codemirror/view@6.33.0)(@strapi/icons@1.19.0(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(@types/react@18.3.5)(codemirror@5.65.17)(react-dom@18.3.1(react@18.3.1))(react-router-dom@6.26.1(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(react@18.3.1)(styled-components@6.1.13(react-dom@18.3.1(react@18.3.1))(react@18.3.1)))(@strapi/icons@1.19.0(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(@types/react@18.3.5)(debug@4.3.4)(react-dom@18.3.1(react@18.3.1))(react-router-dom@6.26.1(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(react@18.3.1)(styled-components@6.1.13(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(typescript@5.2.2) - '@strapi/icons': 1.19.0(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - '@strapi/strapi': 4.25.9(@babel/runtime@7.25.6)(@codemirror/autocomplete@6.18.0(@codemirror/language@6.10.2)(@codemirror/state@6.4.1)(@codemirror/view@6.33.0)(@lezer/common@1.2.1))(@codemirror/language@6.10.2)(@codemirror/lint@6.8.1)(@codemirror/search@6.5.6)(@codemirror/state@6.4.1)(@codemirror/theme-one-dark@6.1.2)(@codemirror/view@6.33.0)(@swc/helpers@0.5.13)(@types/hoist-non-react-statics@3.3.5)(@types/node@22.5.2)(@types/react@18.3.5)(codemirror@5.65.17)(pg@8.12.0)(react-dom@18.3.1(react@18.3.1))(react-router-dom@6.26.1(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(react@18.3.1)(redux@4.2.1)(styled-components@6.1.13(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(terser@5.31.6)(type-fest@2.19.0) - '@strapi/utils': 4.25.9 - fs-extra: 10.0.0 - immer: 9.0.19 - koa-bodyparser: 4.4.1 - lodash: 4.17.21 - pluralize: 8.0.0 - prop-types: 15.8.1 - qs: 6.11.1 - react: 18.3.1 - react-dom: 18.3.1(react@18.3.1) - react-helmet: 6.1.0(react@18.3.1) - react-intl: 6.4.1(react@18.3.1)(typescript@5.2.2) - react-redux: 8.1.1(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1)(redux@4.2.1) - react-router-dom: 6.26.1(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - styled-components: 6.1.13(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - yup: 0.32.9 - transitivePeerDependencies: - - '@babel/runtime' - - '@codemirror/autocomplete' - - '@codemirror/language' - - '@codemirror/lint' - - '@codemirror/search' - - '@codemirror/state' - - '@codemirror/theme-one-dark' - - '@codemirror/view' - - '@types/react' - - '@types/react-dom' - - codemirror - - debug - - react-native - - redux - - supports-color - - typescript - - '@strapi/plugin-email@4.25.9(@babel/runtime@7.25.6)(@codemirror/autocomplete@6.18.0(@codemirror/language@6.10.2)(@codemirror/state@6.4.1)(@codemirror/view@6.33.0)(@lezer/common@1.2.1))(@codemirror/language@6.10.2)(@codemirror/lint@6.8.1)(@codemirror/search@6.5.6)(@codemirror/state@6.4.1)(@codemirror/theme-one-dark@6.1.2)(@codemirror/view@6.33.0)(@types/react@18.3.5)(codemirror@5.65.17)(debug@4.3.4)(koa@2.13.4)(react-dom@18.3.1(react@18.3.1))(react-router-dom@6.26.1(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(react@18.3.1)(styled-components@6.1.13(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(typescript@5.2.2)': - dependencies: - '@strapi/design-system': 1.19.0(@babel/runtime@7.25.6)(@codemirror/autocomplete@6.18.0(@codemirror/language@6.10.2)(@codemirror/state@6.4.1)(@codemirror/view@6.33.0)(@lezer/common@1.2.1))(@codemirror/language@6.10.2)(@codemirror/lint@6.8.1)(@codemirror/search@6.5.6)(@codemirror/state@6.4.1)(@codemirror/theme-one-dark@6.1.2)(@codemirror/view@6.33.0)(@strapi/icons@1.19.0(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(@types/react@18.3.5)(codemirror@5.65.17)(react-dom@18.3.1(react@18.3.1))(react-router-dom@6.26.1(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(react@18.3.1)(styled-components@6.1.13(react-dom@18.3.1(react@18.3.1))(react@18.3.1)) - '@strapi/helper-plugin': 4.25.9(@strapi/design-system@1.19.0(@babel/runtime@7.25.6)(@codemirror/autocomplete@6.18.0(@codemirror/language@6.10.2)(@codemirror/state@6.4.1)(@codemirror/view@6.33.0)(@lezer/common@1.2.1))(@codemirror/language@6.10.2)(@codemirror/lint@6.8.1)(@codemirror/search@6.5.6)(@codemirror/state@6.4.1)(@codemirror/theme-one-dark@6.1.2)(@codemirror/view@6.33.0)(@strapi/icons@1.19.0(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(@types/react@18.3.5)(codemirror@5.65.17)(react-dom@18.3.1(react@18.3.1))(react-router-dom@6.26.1(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(react@18.3.1)(styled-components@6.1.13(react-dom@18.3.1(react@18.3.1))(react@18.3.1)))(@strapi/icons@1.19.0(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(@types/react@18.3.5)(debug@4.3.4)(react-dom@18.3.1(react@18.3.1))(react-router-dom@6.26.1(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(react@18.3.1)(styled-components@6.1.13(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(typescript@5.2.2) - '@strapi/icons': 1.19.0(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - '@strapi/provider-email-sendmail': 4.25.9 - '@strapi/utils': 4.25.9 - koa: 2.13.4 - lodash: 4.17.21 - prop-types: 15.8.1 - react: 18.3.1 - react-dom: 18.3.1(react@18.3.1) - react-intl: 6.4.1(react@18.3.1)(typescript@5.2.2) - react-query: 3.39.3(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - react-router-dom: 6.26.1(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - styled-components: 6.1.13(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - yup: 0.32.9 - transitivePeerDependencies: - - '@babel/runtime' - - '@codemirror/autocomplete' - - '@codemirror/language' - - '@codemirror/lint' - - '@codemirror/search' - - '@codemirror/state' - - '@codemirror/theme-one-dark' - - '@codemirror/view' - - '@types/react' - - '@types/react-dom' - - codemirror - - debug - - react-native - - supports-color - - typescript - - '@strapi/plugin-i18n@4.25.9(22se43zwxmtuqqjkykcc76uoqe)': - dependencies: - '@reduxjs/toolkit': 1.9.7(react-redux@8.1.1(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1)(redux@4.2.1))(react@18.3.1) - '@strapi/design-system': 1.19.0(@babel/runtime@7.25.6)(@codemirror/autocomplete@6.18.0(@codemirror/language@6.10.2)(@codemirror/state@6.4.1)(@codemirror/view@6.33.0)(@lezer/common@1.2.1))(@codemirror/language@6.10.2)(@codemirror/lint@6.8.1)(@codemirror/search@6.5.6)(@codemirror/state@6.4.1)(@codemirror/theme-one-dark@6.1.2)(@codemirror/view@6.33.0)(@strapi/icons@1.19.0(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(@types/react@18.3.5)(codemirror@5.65.17)(react-dom@18.3.1(react@18.3.1))(react-router-dom@6.26.1(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(react@18.3.1)(styled-components@6.1.13(react-dom@18.3.1(react@18.3.1))(react@18.3.1)) - '@strapi/helper-plugin': 4.25.9(@strapi/design-system@1.19.0(@babel/runtime@7.25.6)(@codemirror/autocomplete@6.18.0(@codemirror/language@6.10.2)(@codemirror/state@6.4.1)(@codemirror/view@6.33.0)(@lezer/common@1.2.1))(@codemirror/language@6.10.2)(@codemirror/lint@6.8.1)(@codemirror/search@6.5.6)(@codemirror/state@6.4.1)(@codemirror/theme-one-dark@6.1.2)(@codemirror/view@6.33.0)(@strapi/icons@1.19.0(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(@types/react@18.3.5)(codemirror@5.65.17)(react-dom@18.3.1(react@18.3.1))(react-router-dom@6.26.1(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(react@18.3.1)(styled-components@6.1.13(react-dom@18.3.1(react@18.3.1))(react@18.3.1)))(@strapi/icons@1.19.0(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(@types/react@18.3.5)(debug@4.3.4)(react-dom@18.3.1(react@18.3.1))(react-router-dom@6.26.1(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(react@18.3.1)(styled-components@6.1.13(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(typescript@5.2.2) - '@strapi/icons': 1.19.0(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - '@strapi/strapi': 4.25.9(@babel/runtime@7.25.6)(@codemirror/autocomplete@6.18.0(@codemirror/language@6.10.2)(@codemirror/state@6.4.1)(@codemirror/view@6.33.0)(@lezer/common@1.2.1))(@codemirror/language@6.10.2)(@codemirror/lint@6.8.1)(@codemirror/search@6.5.6)(@codemirror/state@6.4.1)(@codemirror/theme-one-dark@6.1.2)(@codemirror/view@6.33.0)(@swc/helpers@0.5.13)(@types/hoist-non-react-statics@3.3.5)(@types/node@22.5.2)(@types/react@18.3.5)(codemirror@5.65.17)(pg@8.12.0)(react-dom@18.3.1(react@18.3.1))(react-router-dom@6.26.1(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(react@18.3.1)(redux@4.2.1)(styled-components@6.1.13(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(terser@5.31.6)(type-fest@2.19.0) - '@strapi/utils': 4.25.9 - axios: 1.7.4(debug@4.3.4) - formik: 2.4.0(react@18.3.1) - immer: 9.0.19 - lodash: 4.17.21 - prop-types: 15.8.1 - qs: 6.11.1 - react: 18.3.1 - react-dom: 18.3.1(react@18.3.1) - react-intl: 6.4.1(react@18.3.1)(typescript@5.2.2) - react-query: 3.39.3(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - react-redux: 8.1.1(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1)(redux@4.2.1) - react-router-dom: 6.26.1(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - styled-components: 6.1.13(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - yup: 0.32.9 - transitivePeerDependencies: - - '@babel/runtime' - - '@codemirror/autocomplete' - - '@codemirror/language' - - '@codemirror/lint' - - '@codemirror/search' - - '@codemirror/state' - - '@codemirror/theme-one-dark' - - '@codemirror/view' - - '@types/react' - - '@types/react-dom' - - codemirror - - debug - - react-native - - redux - - supports-color - - typescript - - '@strapi/plugin-upload@4.25.9(wsugwobvzvzlrujvaffvc4jxhe)': - dependencies: - '@strapi/design-system': 1.19.0(@babel/runtime@7.25.6)(@codemirror/autocomplete@6.18.0(@codemirror/language@6.10.2)(@codemirror/state@6.4.1)(@codemirror/view@6.33.0)(@lezer/common@1.2.1))(@codemirror/language@6.10.2)(@codemirror/lint@6.8.1)(@codemirror/search@6.5.6)(@codemirror/state@6.4.1)(@codemirror/theme-one-dark@6.1.2)(@codemirror/view@6.33.0)(@strapi/icons@1.19.0(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(@types/react@18.3.5)(codemirror@5.65.17)(react-dom@18.3.1(react@18.3.1))(react-router-dom@6.26.1(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(react@18.3.1)(styled-components@6.1.13(react-dom@18.3.1(react@18.3.1))(react@18.3.1)) - '@strapi/helper-plugin': 4.25.9(@strapi/design-system@1.19.0(@babel/runtime@7.25.6)(@codemirror/autocomplete@6.18.0(@codemirror/language@6.10.2)(@codemirror/state@6.4.1)(@codemirror/view@6.33.0)(@lezer/common@1.2.1))(@codemirror/language@6.10.2)(@codemirror/lint@6.8.1)(@codemirror/search@6.5.6)(@codemirror/state@6.4.1)(@codemirror/theme-one-dark@6.1.2)(@codemirror/view@6.33.0)(@strapi/icons@1.19.0(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(@types/react@18.3.5)(codemirror@5.65.17)(react-dom@18.3.1(react@18.3.1))(react-router-dom@6.26.1(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(react@18.3.1)(styled-components@6.1.13(react-dom@18.3.1(react@18.3.1))(react@18.3.1)))(@strapi/icons@1.19.0(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(@types/react@18.3.5)(debug@4.3.4)(react-dom@18.3.1(react@18.3.1))(react-router-dom@6.26.1(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(react@18.3.1)(styled-components@6.1.13(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(typescript@5.2.2) - '@strapi/icons': 1.19.0(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - '@strapi/provider-upload-local': 4.25.9 - '@strapi/strapi': 4.25.9(@babel/runtime@7.25.6)(@codemirror/autocomplete@6.18.0(@codemirror/language@6.10.2)(@codemirror/state@6.4.1)(@codemirror/view@6.33.0)(@lezer/common@1.2.1))(@codemirror/language@6.10.2)(@codemirror/lint@6.8.1)(@codemirror/search@6.5.6)(@codemirror/state@6.4.1)(@codemirror/theme-one-dark@6.1.2)(@codemirror/view@6.33.0)(@swc/helpers@0.5.13)(@types/hoist-non-react-statics@3.3.5)(@types/node@22.5.2)(@types/react@18.3.5)(codemirror@5.65.17)(pg@8.12.0)(react-dom@18.3.1(react@18.3.1))(react-router-dom@6.26.1(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(react@18.3.1)(redux@4.2.1)(styled-components@6.1.13(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(terser@5.31.6)(type-fest@2.19.0) - '@strapi/utils': 4.25.9 - axios: 1.7.4(debug@4.3.4) - byte-size: 7.0.1 - cropperjs: 1.6.0 - date-fns: 2.30.0 - formik: 2.4.0(react@18.3.1) - fs-extra: 10.0.0 - immer: 9.0.19 - koa-range: 0.3.0 - koa-static: 5.0.0 - lodash: 4.17.21 - mime-types: 2.1.35 - prop-types: 15.8.1 - qs: 6.11.1 - react: 18.3.1 - react-dnd: 16.0.1(@types/hoist-non-react-statics@3.3.5)(@types/node@22.5.2)(@types/react@18.3.5)(react@18.3.1) - react-dom: 18.3.1(react@18.3.1) - react-helmet: 6.1.0(react@18.3.1) - react-intl: 6.4.1(react@18.3.1)(typescript@5.2.2) - react-query: 3.39.3(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - react-redux: 8.1.1(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1)(redux@4.2.1) - react-router-dom: 6.26.1(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - react-select: 5.7.0(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - sharp: 0.32.6 - styled-components: 6.1.13(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - yup: 0.32.9 - transitivePeerDependencies: - - '@babel/runtime' - - '@codemirror/autocomplete' - - '@codemirror/language' - - '@codemirror/lint' - - '@codemirror/search' - - '@codemirror/state' - - '@codemirror/theme-one-dark' - - '@codemirror/view' - - '@types/hoist-non-react-statics' - - '@types/node' - - '@types/react' - - '@types/react-dom' - - codemirror - - debug - - react-native - - redux - - supports-color - - typescript - - '@strapi/plugin-users-permissions@4.25.9(22se43zwxmtuqqjkykcc76uoqe)': - dependencies: - '@strapi/design-system': 1.19.0(@babel/runtime@7.25.6)(@codemirror/autocomplete@6.18.0(@codemirror/language@6.10.2)(@codemirror/state@6.4.1)(@codemirror/view@6.33.0)(@lezer/common@1.2.1))(@codemirror/language@6.10.2)(@codemirror/lint@6.8.1)(@codemirror/search@6.5.6)(@codemirror/state@6.4.1)(@codemirror/theme-one-dark@6.1.2)(@codemirror/view@6.33.0)(@strapi/icons@1.19.0(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(@types/react@18.3.5)(codemirror@5.65.17)(react-dom@18.3.1(react@18.3.1))(react-router-dom@6.26.1(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(react@18.3.1)(styled-components@6.1.13(react-dom@18.3.1(react@18.3.1))(react@18.3.1)) - '@strapi/helper-plugin': 4.25.9(@strapi/design-system@1.19.0(@babel/runtime@7.25.6)(@codemirror/autocomplete@6.18.0(@codemirror/language@6.10.2)(@codemirror/state@6.4.1)(@codemirror/view@6.33.0)(@lezer/common@1.2.1))(@codemirror/language@6.10.2)(@codemirror/lint@6.8.1)(@codemirror/search@6.5.6)(@codemirror/state@6.4.1)(@codemirror/theme-one-dark@6.1.2)(@codemirror/view@6.33.0)(@strapi/icons@1.19.0(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(@types/react@18.3.5)(codemirror@5.65.17)(react-dom@18.3.1(react@18.3.1))(react-router-dom@6.26.1(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(react@18.3.1)(styled-components@6.1.13(react-dom@18.3.1(react@18.3.1))(react@18.3.1)))(@strapi/icons@1.19.0(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(@types/react@18.3.5)(debug@4.3.4)(react-dom@18.3.1(react@18.3.1))(react-router-dom@6.26.1(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(react@18.3.1)(styled-components@6.1.13(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(typescript@5.2.2) - '@strapi/icons': 1.19.0(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - '@strapi/strapi': 4.25.9(@babel/runtime@7.25.6)(@codemirror/autocomplete@6.18.0(@codemirror/language@6.10.2)(@codemirror/state@6.4.1)(@codemirror/view@6.33.0)(@lezer/common@1.2.1))(@codemirror/language@6.10.2)(@codemirror/lint@6.8.1)(@codemirror/search@6.5.6)(@codemirror/state@6.4.1)(@codemirror/theme-one-dark@6.1.2)(@codemirror/view@6.33.0)(@swc/helpers@0.5.13)(@types/hoist-non-react-statics@3.3.5)(@types/node@22.5.2)(@types/react@18.3.5)(codemirror@5.65.17)(pg@8.12.0)(react-dom@18.3.1(react@18.3.1))(react-router-dom@6.26.1(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(react@18.3.1)(redux@4.2.1)(styled-components@6.1.13(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(terser@5.31.6)(type-fest@2.19.0) - '@strapi/utils': 4.25.9 - bcryptjs: 2.4.3 - formik: 2.4.0(react@18.3.1) - grant-koa: 5.4.8(koa@2.13.4) - immer: 9.0.19 - jsonwebtoken: 9.0.0 - jwk-to-pem: 2.0.5 - koa: 2.13.4 - koa2-ratelimit: 1.1.3 - lodash: 4.17.21 - prop-types: 15.8.1 - purest: 4.0.2 - react: 18.3.1 - react-dom: 18.3.1(react@18.3.1) - react-intl: 6.4.1(react@18.3.1)(typescript@5.2.2) - react-query: 3.39.3(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - react-redux: 8.1.1(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1)(redux@4.2.1) - react-router-dom: 6.26.1(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - styled-components: 6.1.13(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - url-join: 4.0.1 - yup: 0.32.9 - transitivePeerDependencies: - - '@babel/runtime' - - '@codemirror/autocomplete' - - '@codemirror/language' - - '@codemirror/lint' - - '@codemirror/search' - - '@codemirror/state' - - '@codemirror/theme-one-dark' - - '@codemirror/view' - - '@types/react' - - '@types/react-dom' - - codemirror - - debug - - mongoose - - react-native - - redis - - redux - - sequelize - - supports-color - - typescript - - '@strapi/provider-audit-logs-local@4.25.9': {} - - '@strapi/provider-email-sendmail@4.25.9': - dependencies: - '@strapi/utils': 4.25.9 - sendmail: 1.6.1 - - '@strapi/provider-upload-local@4.25.9': - dependencies: - '@strapi/utils': 4.25.9 - fs-extra: 10.0.0 - - '@strapi/strapi@4.25.9(@babel/runtime@7.25.6)(@codemirror/autocomplete@6.18.0(@codemirror/language@6.10.2)(@codemirror/state@6.4.1)(@codemirror/view@6.33.0)(@lezer/common@1.2.1))(@codemirror/language@6.10.2)(@codemirror/lint@6.8.1)(@codemirror/search@6.5.6)(@codemirror/state@6.4.1)(@codemirror/theme-one-dark@6.1.2)(@codemirror/view@6.33.0)(@swc/helpers@0.5.13)(@types/hoist-non-react-statics@3.3.5)(@types/node@22.5.2)(@types/react@18.3.5)(codemirror@5.65.17)(pg@8.12.0)(react-dom@18.3.1(react@18.3.1))(react-router-dom@6.26.1(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(react@18.3.1)(redux@4.2.1)(styled-components@6.1.13(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(terser@5.31.6)(type-fest@2.19.0)': - dependencies: - '@koa/cors': 5.0.0 - '@koa/router': 10.1.1 - '@strapi/admin': 4.25.9(kgi7qayoxmh7jdvj26fzdxk4ry) - '@strapi/cloud-cli': 4.25.9(debug@4.3.4) - '@strapi/content-releases': 4.25.9(q7vptuqps424wczizevu7bwk2q) - '@strapi/data-transfer': 4.25.9(@strapi/strapi@4.25.9(@babel/runtime@7.25.6)(@codemirror/autocomplete@6.18.0(@codemirror/language@6.10.2)(@codemirror/state@6.4.1)(@codemirror/view@6.33.0)(@lezer/common@1.2.1))(@codemirror/language@6.10.2)(@codemirror/lint@6.8.1)(@codemirror/search@6.5.6)(@codemirror/state@6.4.1)(@codemirror/theme-one-dark@6.1.2)(@codemirror/view@6.33.0)(@swc/helpers@0.5.13)(@types/hoist-non-react-statics@3.3.5)(@types/node@22.5.2)(@types/react@18.3.5)(codemirror@5.65.17)(pg@8.12.0)(react-dom@18.3.1(react@18.3.1))(react-router-dom@6.26.1(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(react@18.3.1)(redux@4.2.1)(styled-components@6.1.13(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(terser@5.31.6)(type-fest@2.19.0))(@types/node@22.5.2)(pg@8.12.0) - '@strapi/database': 4.25.9(@types/node@22.5.2)(pg@8.12.0) - '@strapi/generate-new': 4.25.9 - '@strapi/generators': 4.25.9 - '@strapi/logger': 4.25.9 - '@strapi/pack-up': 4.23.0(@swc/helpers@0.5.13)(@types/node@22.5.2)(debug@4.3.4)(terser@5.31.6) - '@strapi/permissions': 4.25.9 - '@strapi/plugin-content-manager': 4.25.9(@types/node@22.5.2)(pg@8.12.0) - '@strapi/plugin-content-type-builder': 4.25.9(z44l57356hx7plbwj2tww36tbi) - '@strapi/plugin-email': 4.25.9(@babel/runtime@7.25.6)(@codemirror/autocomplete@6.18.0(@codemirror/language@6.10.2)(@codemirror/state@6.4.1)(@codemirror/view@6.33.0)(@lezer/common@1.2.1))(@codemirror/language@6.10.2)(@codemirror/lint@6.8.1)(@codemirror/search@6.5.6)(@codemirror/state@6.4.1)(@codemirror/theme-one-dark@6.1.2)(@codemirror/view@6.33.0)(@types/react@18.3.5)(codemirror@5.65.17)(debug@4.3.4)(koa@2.13.4)(react-dom@18.3.1(react@18.3.1))(react-router-dom@6.26.1(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(react@18.3.1)(styled-components@6.1.13(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(typescript@5.2.2) - '@strapi/plugin-upload': 4.25.9(wsugwobvzvzlrujvaffvc4jxhe) - '@strapi/types': 4.25.9(@types/node@22.5.2)(pg@8.12.0) - '@strapi/typescript-utils': 4.25.9 - '@strapi/utils': 4.25.9 - bcryptjs: 2.4.3 - boxen: 5.1.2 - chalk: 4.1.2 - ci-info: 3.8.0 - cli-progress: 3.12.0 - cli-table3: 0.6.5 - commander: 8.3.0 - concurrently: 8.2.2 - configstore: 5.0.1 - copyfiles: 2.4.1 - debug: 4.3.4(supports-color@5.5.0) - delegates: 1.0.0 - dotenv: 14.2.0 - execa: 5.1.1 - fs-extra: 10.0.0 - get-latest-version: 5.1.0(debug@4.3.4) - git-url-parse: 13.1.0 - glob: 10.4.2 - http-errors: 1.8.1 - https-proxy-agent: 5.0.1 - inquirer: 8.2.5 - is-docker: 2.2.1 - koa: 2.13.4 - koa-body: 4.2.0 - koa-compose: 4.1.0 - koa-compress: 5.1.0 - koa-favicon: 2.1.0 - koa-helmet: 7.0.2 - koa-ip: 2.1.3 - koa-session: 6.4.0 - koa-static: 5.0.0 - lodash: 4.17.21 - mime-types: 2.1.35 - node-fetch: 2.7.0 - node-machine-id: 1.1.12 - node-schedule: 2.1.1 - nodemon: 3.0.2 - open: 8.4.0 - ora: 5.4.1 - outdent: 0.8.0 - package-json: 7.0.0 - pkg-up: 3.1.0 - qs: 6.11.1 - semver: 7.5.4 - statuses: 2.0.1 - typescript: 5.2.2 - yalc: 1.0.0-pre.53 - yup: 0.32.9 - transitivePeerDependencies: - - '@babel/runtime' - - '@codemirror/autocomplete' - - '@codemirror/language' - - '@codemirror/lint' - - '@codemirror/search' - - '@codemirror/state' - - '@codemirror/theme-one-dark' - - '@codemirror/view' - - '@rspack/core' - - '@swc/core' - - '@swc/helpers' - - '@types/hoist-non-react-statics' - - '@types/node' - - '@types/react' - - '@types/react-dom' - - '@types/webpack' - - better-sqlite3 - - bufferutil - - codemirror - - encoding - - less - - lightningcss - - mongoose - - mysql - - mysql2 - - pg - - pg-native - - react - - react-dom - - react-native - - react-router-dom - - redis - - redux - - sass - - sequelize - - sockjs-client - - sqlite3 - - styled-components - - stylus - - sugarss - - supports-color - - tedious - - terser - - type-fest - - uglify-js - - utf-8-validate - - webpack-cli - - webpack-dev-server - - webpack-plugin-serve - - '@strapi/types@4.25.9(@types/node@22.5.2)(pg@8.12.0)': - dependencies: - '@casl/ability': 6.5.0 - '@koa/cors': 5.0.0 - '@koa/router': 10.1.1 - '@strapi/database': 4.25.9(@types/node@22.5.2)(pg@8.12.0) - '@strapi/logger': 4.25.9 - '@strapi/permissions': 4.25.9 - '@strapi/utils': 4.25.9 - commander: 8.3.0 - https-proxy-agent: 5.0.1 - koa: 2.13.4 - node-fetch: 2.7.0 - node-schedule: 2.1.1 - transitivePeerDependencies: - - '@types/node' - - better-sqlite3 - - encoding - - mysql - - mysql2 - - pg - - pg-native - - sqlite3 - - supports-color - - tedious - - '@strapi/typescript-utils@4.25.9': - dependencies: - chalk: 4.1.2 - cli-table3: 0.6.5 - fs-extra: 10.0.0 - lodash: 4.17.21 - prettier: 2.8.4 - typescript: 5.2.2 - - '@strapi/ui-primitives@1.19.0(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1)': - dependencies: - '@radix-ui/number': 1.1.0 - '@radix-ui/primitive': 1.1.0 - '@radix-ui/react-collection': 1.0.3(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - '@radix-ui/react-compose-refs': 1.1.0(@types/react@18.3.5)(react@18.3.1) - '@radix-ui/react-context': 1.1.0(@types/react@18.3.5)(react@18.3.1) - '@radix-ui/react-direction': 1.0.1(@types/react@18.3.5)(react@18.3.1) - '@radix-ui/react-dismissable-layer': 1.1.0(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - '@radix-ui/react-focus-guards': 1.0.1(@types/react@18.3.5)(react@18.3.1) - '@radix-ui/react-focus-scope': 1.0.4(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - '@radix-ui/react-id': 1.1.0(@types/react@18.3.5)(react@18.3.1) - '@radix-ui/react-popper': 1.2.0(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - '@radix-ui/react-portal': 1.1.1(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - '@radix-ui/react-primitive': 1.0.3(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - '@radix-ui/react-slot': 1.1.0(@types/react@18.3.5)(react@18.3.1) - '@radix-ui/react-use-callback-ref': 1.1.0(@types/react@18.3.5)(react@18.3.1) - '@radix-ui/react-use-controllable-state': 1.1.0(@types/react@18.3.5)(react@18.3.1) - '@radix-ui/react-use-layout-effect': 1.0.1(@types/react@18.3.5)(react@18.3.1) - '@radix-ui/react-use-previous': 1.1.0(@types/react@18.3.5)(react@18.3.1) - '@radix-ui/react-visually-hidden': 1.1.0(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - aria-hidden: 1.2.4 - react: 18.3.1 - react-dom: 18.3.1(react@18.3.1) - react-remove-scroll: 2.5.10(@types/react@18.3.5)(react@18.3.1) - transitivePeerDependencies: - - '@types/react' - - '@types/react-dom' - - '@strapi/utils@4.25.9': - dependencies: - '@sindresorhus/slugify': 1.1.0 - date-fns: 2.30.0 - http-errors: 1.8.1 - lodash: 4.17.21 - p-map: 4.0.0 - yup: 0.32.9 - - '@swc/core-darwin-arm64@1.7.23': - optional: true - - '@swc/core-darwin-x64@1.7.23': - optional: true - - '@swc/core-linux-arm-gnueabihf@1.7.23': - optional: true - - '@swc/core-linux-arm64-gnu@1.7.23': - optional: true - - '@swc/core-linux-arm64-musl@1.7.23': - optional: true - - '@swc/core-linux-x64-gnu@1.7.23': - optional: true - - '@swc/core-linux-x64-musl@1.7.23': - optional: true - - '@swc/core-win32-arm64-msvc@1.7.23': - optional: true - - '@swc/core-win32-ia32-msvc@1.7.23': - optional: true - - '@swc/core-win32-x64-msvc@1.7.23': - optional: true - - '@swc/core@1.7.23(@swc/helpers@0.5.13)': - dependencies: - '@swc/counter': 0.1.3 - '@swc/types': 0.1.12 - optionalDependencies: - '@swc/core-darwin-arm64': 1.7.23 - '@swc/core-darwin-x64': 1.7.23 - '@swc/core-linux-arm-gnueabihf': 1.7.23 - '@swc/core-linux-arm64-gnu': 1.7.23 - '@swc/core-linux-arm64-musl': 1.7.23 - '@swc/core-linux-x64-gnu': 1.7.23 - '@swc/core-linux-x64-musl': 1.7.23 - '@swc/core-win32-arm64-msvc': 1.7.23 - '@swc/core-win32-ia32-msvc': 1.7.23 - '@swc/core-win32-x64-msvc': 1.7.23 - '@swc/helpers': 0.5.13 - - '@swc/counter@0.1.3': {} - - '@swc/helpers@0.5.13': - dependencies: - tslib: 2.7.0 - - '@swc/types@0.1.12': - dependencies: - '@swc/counter': 0.1.3 - - '@szmarczak/http-timer@4.0.6': - dependencies: - defer-to-connect: 2.0.1 - - '@types/argparse@1.0.38': {} - - '@types/body-parser@1.19.5': - dependencies: - '@types/connect': 3.4.38 - '@types/node': 22.5.2 - - '@types/cacheable-request@6.0.3': - dependencies: - '@types/http-cache-semantics': 4.0.4 - '@types/keyv': 3.1.4 - '@types/node': 22.5.2 - '@types/responselike': 1.0.3 - - '@types/connect@3.4.38': - dependencies: - '@types/node': 22.5.2 - - '@types/estree@1.0.5': {} - - '@types/express-serve-static-core@4.19.5': - dependencies: - '@types/node': 22.5.2 - '@types/qs': 6.9.15 - '@types/range-parser': 1.2.7 - '@types/send': 0.17.4 - - '@types/express@4.17.21': - dependencies: - '@types/body-parser': 1.19.5 - '@types/express-serve-static-core': 4.19.5 - '@types/qs': 6.9.15 - '@types/serve-static': 1.15.7 - - '@types/fined@1.1.5': {} - - '@types/follow-redirects@1.14.4': - dependencies: - '@types/node': 22.5.2 - - '@types/formidable@1.2.8': - dependencies: - '@types/node': 22.5.2 - - '@types/glob@7.2.0': - dependencies: - '@types/minimatch': 5.1.2 - '@types/node': 22.5.2 - - '@types/hoist-non-react-statics@3.3.5': - dependencies: - '@types/react': 18.3.5 - hoist-non-react-statics: 3.3.2 - - '@types/html-minifier-terser@6.1.0': {} - - '@types/http-cache-semantics@4.0.4': {} - - '@types/http-errors@2.0.4': {} - - '@types/inquirer@6.5.0': - dependencies: - '@types/through': 0.0.33 - rxjs: 6.6.7 - - '@types/interpret@1.1.3': - dependencies: - '@types/node': 22.5.2 - - '@types/is-hotkey@0.1.10': {} - - '@types/json-schema@7.0.15': {} - - '@types/jsonwebtoken@9.0.6': - dependencies: - '@types/node': 22.5.2 - - '@types/keyv@3.1.4': - dependencies: - '@types/node': 22.5.2 - - '@types/liftoff@2.5.1': - dependencies: - '@types/fined': 1.1.5 - '@types/interpret': 1.1.3 - '@types/node': 22.5.2 - - '@types/lodash@4.17.7': {} - - '@types/mime@1.3.5': {} - - '@types/minimatch@5.1.2': {} - - '@types/node-fetch@2.6.11': - dependencies: - '@types/node': 18.19.48 - form-data: 4.0.0 - - '@types/node@18.19.48': - dependencies: - undici-types: 5.26.5 - - '@types/node@22.5.2': - dependencies: - undici-types: 6.19.8 - - '@types/normalize-package-data@2.4.4': {} - - '@types/parse-json@4.0.2': {} - - '@types/progress-stream@2.0.5': - dependencies: - '@types/node': 22.5.2 - - '@types/prop-types@15.7.12': {} - - '@types/qs@6.9.15': {} - - '@types/range-parser@1.2.7': {} - - '@types/react-transition-group@4.4.11': - dependencies: - '@types/react': 18.3.5 - - '@types/react@18.3.5': - dependencies: - '@types/prop-types': 15.7.12 - csstype: 3.1.3 - - '@types/responselike@1.0.3': - dependencies: - '@types/node': 22.5.2 - - '@types/send@0.17.4': - dependencies: - '@types/mime': 1.3.5 - '@types/node': 22.5.2 - - '@types/serve-static@1.15.7': - dependencies: - '@types/http-errors': 2.0.4 - '@types/node': 22.5.2 - '@types/send': 0.17.4 - - '@types/stylis@4.2.5': {} - - '@types/through@0.0.33': - dependencies: - '@types/node': 22.5.2 - - '@types/triple-beam@1.3.5': {} - - '@types/use-sync-external-store@0.0.3': {} - - '@ucast/core@1.10.2': {} - - '@ucast/js@3.0.4': - dependencies: - '@ucast/core': 1.10.2 - - '@ucast/mongo2js@1.3.4': - dependencies: - '@ucast/core': 1.10.2 - '@ucast/js': 3.0.4 - '@ucast/mongo': 2.4.3 - - '@ucast/mongo@2.4.3': - dependencies: - '@ucast/core': 1.10.2 - - '@uiw/codemirror-extensions-basic-setup@4.23.0(@codemirror/autocomplete@6.18.0(@codemirror/language@6.10.2)(@codemirror/state@6.4.1)(@codemirror/view@6.33.0)(@lezer/common@1.2.1))(@codemirror/commands@6.6.1)(@codemirror/language@6.10.2)(@codemirror/lint@6.8.1)(@codemirror/search@6.5.6)(@codemirror/state@6.4.1)(@codemirror/view@6.33.0)': - dependencies: - '@codemirror/autocomplete': 6.18.0(@codemirror/language@6.10.2)(@codemirror/state@6.4.1)(@codemirror/view@6.33.0)(@lezer/common@1.2.1) - '@codemirror/commands': 6.6.1 - '@codemirror/language': 6.10.2 - '@codemirror/lint': 6.8.1 - '@codemirror/search': 6.5.6 - '@codemirror/state': 6.4.1 - '@codemirror/view': 6.33.0 - - '@uiw/react-codemirror@4.23.0(@babel/runtime@7.25.6)(@codemirror/autocomplete@6.18.0(@codemirror/language@6.10.2)(@codemirror/state@6.4.1)(@codemirror/view@6.33.0)(@lezer/common@1.2.1))(@codemirror/language@6.10.2)(@codemirror/lint@6.8.1)(@codemirror/search@6.5.6)(@codemirror/state@6.4.1)(@codemirror/theme-one-dark@6.1.2)(@codemirror/view@6.33.0)(codemirror@5.65.17)(react-dom@18.3.1(react@18.3.1))(react@18.3.1)': - dependencies: - '@babel/runtime': 7.25.6 - '@codemirror/commands': 6.6.1 - '@codemirror/state': 6.4.1 - '@codemirror/theme-one-dark': 6.1.2 - '@codemirror/view': 6.33.0 - '@uiw/codemirror-extensions-basic-setup': 4.23.0(@codemirror/autocomplete@6.18.0(@codemirror/language@6.10.2)(@codemirror/state@6.4.1)(@codemirror/view@6.33.0)(@lezer/common@1.2.1))(@codemirror/commands@6.6.1)(@codemirror/language@6.10.2)(@codemirror/lint@6.8.1)(@codemirror/search@6.5.6)(@codemirror/state@6.4.1)(@codemirror/view@6.33.0) - codemirror: 5.65.17 - react: 18.3.1 - react-dom: 18.3.1(react@18.3.1) - transitivePeerDependencies: - - '@codemirror/autocomplete' - - '@codemirror/language' - - '@codemirror/lint' - - '@codemirror/search' - - '@vitejs/plugin-react-swc@3.5.0(@swc/helpers@0.5.13)(vite@5.0.13(@types/node@22.5.2)(terser@5.31.6))': - dependencies: - '@swc/core': 1.7.23(@swc/helpers@0.5.13) - vite: 5.0.13(@types/node@22.5.2)(terser@5.31.6) - transitivePeerDependencies: - - '@swc/helpers' - - '@webassemblyjs/ast@1.12.1': - dependencies: - '@webassemblyjs/helper-numbers': 1.11.6 - '@webassemblyjs/helper-wasm-bytecode': 1.11.6 - - '@webassemblyjs/floating-point-hex-parser@1.11.6': {} - - '@webassemblyjs/helper-api-error@1.11.6': {} - - '@webassemblyjs/helper-buffer@1.12.1': {} - - '@webassemblyjs/helper-numbers@1.11.6': - dependencies: - '@webassemblyjs/floating-point-hex-parser': 1.11.6 - '@webassemblyjs/helper-api-error': 1.11.6 - '@xtuc/long': 4.2.2 - - '@webassemblyjs/helper-wasm-bytecode@1.11.6': {} - - '@webassemblyjs/helper-wasm-section@1.12.1': - dependencies: - '@webassemblyjs/ast': 1.12.1 - '@webassemblyjs/helper-buffer': 1.12.1 - '@webassemblyjs/helper-wasm-bytecode': 1.11.6 - '@webassemblyjs/wasm-gen': 1.12.1 - - '@webassemblyjs/ieee754@1.11.6': - dependencies: - '@xtuc/ieee754': 1.2.0 - - '@webassemblyjs/leb128@1.11.6': - dependencies: - '@xtuc/long': 4.2.2 - - '@webassemblyjs/utf8@1.11.6': {} - - '@webassemblyjs/wasm-edit@1.12.1': - dependencies: - '@webassemblyjs/ast': 1.12.1 - '@webassemblyjs/helper-buffer': 1.12.1 - '@webassemblyjs/helper-wasm-bytecode': 1.11.6 - '@webassemblyjs/helper-wasm-section': 1.12.1 - '@webassemblyjs/wasm-gen': 1.12.1 - '@webassemblyjs/wasm-opt': 1.12.1 - '@webassemblyjs/wasm-parser': 1.12.1 - '@webassemblyjs/wast-printer': 1.12.1 - - '@webassemblyjs/wasm-gen@1.12.1': - dependencies: - '@webassemblyjs/ast': 1.12.1 - '@webassemblyjs/helper-wasm-bytecode': 1.11.6 - '@webassemblyjs/ieee754': 1.11.6 - '@webassemblyjs/leb128': 1.11.6 - '@webassemblyjs/utf8': 1.11.6 - - '@webassemblyjs/wasm-opt@1.12.1': - dependencies: - '@webassemblyjs/ast': 1.12.1 - '@webassemblyjs/helper-buffer': 1.12.1 - '@webassemblyjs/wasm-gen': 1.12.1 - '@webassemblyjs/wasm-parser': 1.12.1 - - '@webassemblyjs/wasm-parser@1.12.1': - dependencies: - '@webassemblyjs/ast': 1.12.1 - '@webassemblyjs/helper-api-error': 1.11.6 - '@webassemblyjs/helper-wasm-bytecode': 1.11.6 - '@webassemblyjs/ieee754': 1.11.6 - '@webassemblyjs/leb128': 1.11.6 - '@webassemblyjs/utf8': 1.11.6 - - '@webassemblyjs/wast-printer@1.12.1': - dependencies: - '@webassemblyjs/ast': 1.12.1 - '@xtuc/long': 4.2.2 - - '@xtuc/ieee754@1.2.0': {} - - '@xtuc/long@4.2.2': {} - - abbrev@1.1.1: {} - - abort-controller@3.0.0: - dependencies: - event-target-shim: 5.0.1 - - accepts@1.3.8: - dependencies: - mime-types: 2.1.35 - negotiator: 0.6.3 - - acorn-import-attributes@1.9.5(acorn@8.12.1): - dependencies: - acorn: 8.12.1 - - acorn-walk@8.3.3: - dependencies: - acorn: 8.12.1 - - acorn@8.12.1: {} - - addressparser@1.0.1: {} - - agent-base@6.0.2: - dependencies: - debug: 4.3.4(supports-color@5.5.0) - transitivePeerDependencies: - - supports-color - - agentkeepalive@4.5.0: - dependencies: - humanize-ms: 1.2.1 - - aggregate-error@3.1.0: - dependencies: - clean-stack: 2.2.0 - indent-string: 4.0.0 - - ajv-draft-04@1.0.0(ajv@8.13.0): - optionalDependencies: - ajv: 8.13.0 - - ajv-formats@2.1.1(ajv@8.17.1): - optionalDependencies: - ajv: 8.17.1 - - ajv-formats@3.0.1(ajv@8.13.0): - optionalDependencies: - ajv: 8.13.0 - - ajv-keywords@3.5.2(ajv@6.12.6): - dependencies: - ajv: 6.12.6 - - ajv-keywords@5.1.0(ajv@8.17.1): - dependencies: - ajv: 8.17.1 - fast-deep-equal: 3.1.3 - - ajv@6.12.6: - dependencies: - fast-deep-equal: 3.1.3 - fast-json-stable-stringify: 2.1.0 - json-schema-traverse: 0.4.1 - uri-js: 4.4.1 - - ajv@8.13.0: - dependencies: - fast-deep-equal: 3.1.3 - json-schema-traverse: 1.0.0 - require-from-string: 2.0.2 - uri-js: 4.4.1 - - ajv@8.17.1: - dependencies: - fast-deep-equal: 3.1.3 - fast-uri: 3.0.1 - json-schema-traverse: 1.0.0 - require-from-string: 2.0.2 - - ansi-align@3.0.1: - dependencies: - string-width: 4.2.3 - - ansi-escapes@4.3.2: - dependencies: - type-fest: 0.21.3 - - ansi-html-community@0.0.8: {} - - ansi-regex@2.1.1: {} - - ansi-regex@4.1.1: {} - - ansi-regex@5.0.1: {} - - ansi-regex@6.0.1: {} - - ansi-styles@2.2.1: {} - - ansi-styles@3.2.1: - dependencies: - color-convert: 1.9.3 - - ansi-styles@4.3.0: - dependencies: - color-convert: 2.0.1 - - ansi-styles@6.2.1: {} - - any-promise@1.3.0: {} - - anymatch@3.1.3: - dependencies: - normalize-path: 3.0.0 - picomatch: 2.3.1 - - aproba@2.0.0: {} - - are-we-there-yet@2.0.0: - dependencies: - delegates: 1.0.0 - readable-stream: 3.6.2 - - argparse@1.0.10: - dependencies: - sprintf-js: 1.0.3 - - argparse@2.0.1: {} - - aria-hidden@1.2.4: - dependencies: - tslib: 2.7.0 - - arr-diff@4.0.0: {} - - arr-flatten@1.1.0: {} - - arr-union@3.1.0: {} - - array-each@1.0.1: {} - - array-slice@1.1.0: {} - - array-union@2.1.0: {} - - array-unique@0.3.2: {} - - asn1.js@5.4.1: - dependencies: - bn.js: 4.12.0 - inherits: 2.0.4 - minimalistic-assert: 1.0.1 - safer-buffer: 2.1.2 - - assign-symbols@1.0.0: {} - - async@3.2.6: {} - - asynckit@0.4.0: {} - - atob@2.1.2: {} - - axios@1.7.4(debug@4.3.4): - dependencies: - follow-redirects: 1.15.6(debug@4.3.4) - form-data: 4.0.0 - proxy-from-env: 1.1.0 - transitivePeerDependencies: - - debug - - b4a@1.6.6: {} - - babel-plugin-macros@3.1.0: - dependencies: - '@babel/runtime': 7.25.6 - cosmiconfig: 7.1.0 - resolve: 1.22.8 - - balanced-match@1.0.2: {} - - bare-events@2.4.2: - optional: true - - bare-fs@2.3.3: - dependencies: - bare-events: 2.4.2 - bare-path: 2.1.3 - bare-stream: 2.2.0 - optional: true - - bare-os@2.4.2: - optional: true - - bare-path@2.1.3: - dependencies: - bare-os: 2.4.2 - optional: true - - bare-stream@2.2.0: - dependencies: - streamx: 2.20.0 - optional: true - - base64-js@1.5.1: {} - - base@0.11.2: - dependencies: - cache-base: 1.0.1 - class-utils: 0.3.6 - component-emitter: 1.3.1 - define-property: 1.0.0 - isobject: 3.0.1 - mixin-deep: 1.3.2 - pascalcase: 0.1.1 - - bcryptjs@2.4.3: {} - - big-integer@1.6.52: {} - - big.js@5.2.2: {} - - binary-extensions@2.3.0: {} - - bl@4.1.0: - dependencies: - buffer: 5.7.1 - inherits: 2.0.4 - readable-stream: 3.6.2 - - bn.js@4.12.0: {} - - boolbase@1.0.0: {} - - bowser@2.11.0: {} - - boxen@5.1.2: - dependencies: - ansi-align: 3.0.1 - camelcase: 6.3.0 - chalk: 4.1.2 - cli-boxes: 2.2.1 - string-width: 4.2.3 - type-fest: 0.20.2 - widest-line: 3.1.0 - wrap-ansi: 7.0.0 - - bplist-parser@0.2.0: - dependencies: - big-integer: 1.6.52 - - brace-expansion@1.1.11: - dependencies: - balanced-match: 1.0.2 - concat-map: 0.0.1 - - brace-expansion@2.0.1: - dependencies: - balanced-match: 1.0.2 - - braces@2.3.2: - dependencies: - arr-flatten: 1.1.0 - array-unique: 0.3.2 - extend-shallow: 2.0.1 - fill-range: 4.0.0 - isobject: 3.0.1 - repeat-element: 1.1.4 - snapdragon: 0.8.2 - snapdragon-node: 2.1.1 - split-string: 3.1.0 - to-regex: 3.0.2 - transitivePeerDependencies: - - supports-color - - braces@3.0.3: - dependencies: - fill-range: 7.1.1 - - broadcast-channel@3.7.0: - dependencies: - '@babel/runtime': 7.25.6 - detect-node: 2.1.0 - js-sha3: 0.8.0 - microseconds: 0.2.0 - nano-time: 1.0.0 - oblivious-set: 1.0.0 - rimraf: 3.0.2 - unload: 2.2.0 - - brorand@1.1.0: {} - - browserslist-to-esbuild@1.2.0: - dependencies: - browserslist: 4.23.3 - - browserslist@4.23.3: - dependencies: - caniuse-lite: 1.0.30001655 - electron-to-chromium: 1.5.13 - node-releases: 2.0.18 - update-browserslist-db: 1.1.0(browserslist@4.23.3) - - buffer-equal-constant-time@1.0.1: {} - - buffer-from@1.1.2: {} - - buffer@5.7.1: - dependencies: - base64-js: 1.5.1 - ieee754: 1.2.1 - - buildmail@3.10.0: - dependencies: - addressparser: 1.0.1 - libbase64: 0.1.0 - libmime: 2.1.0 - libqp: 1.1.0 - nodemailer-fetch: 1.6.0 - nodemailer-shared: 1.1.0 - - bundle-name@3.0.0: - dependencies: - run-applescript: 5.0.0 - - byte-size@7.0.1: {} - - bytes@3.1.2: {} - - cache-base@1.0.1: - dependencies: - collection-visit: 1.0.0 - component-emitter: 1.3.1 - get-value: 2.0.6 - has-value: 1.0.0 - isobject: 3.0.1 - set-value: 2.0.1 - to-object-path: 0.3.0 - union-value: 1.0.1 - unset-value: 1.0.0 - - cache-content-type@1.0.1: - dependencies: - mime-types: 2.1.35 - ylru: 1.4.0 - - cacheable-lookup@5.0.4: {} - - cacheable-request@7.0.4: - dependencies: - clone-response: 1.0.3 - get-stream: 5.2.0 - http-cache-semantics: 4.1.1 - keyv: 4.5.4 - lowercase-keys: 2.0.0 - normalize-url: 6.1.0 - responselike: 2.0.1 - - call-bind@1.0.7: - dependencies: - es-define-property: 1.0.0 - es-errors: 1.3.0 - function-bind: 1.1.2 - get-intrinsic: 1.2.4 - set-function-length: 1.2.2 - - callsites@3.1.0: {} - - camel-case@3.0.0: - dependencies: - no-case: 2.3.2 - upper-case: 1.1.3 - - camel-case@4.1.2: - dependencies: - pascal-case: 3.1.2 - tslib: 2.7.0 - - camelcase@6.3.0: {} - - camelize@1.0.1: {} - - caniuse-lite@1.0.30001655: {} - - canvas@2.11.2: - dependencies: - '@mapbox/node-pre-gyp': 1.0.11 - nan: 2.20.0 - simple-get: 3.1.1 - transitivePeerDependencies: - - encoding - - supports-color - - chalk@1.1.3: - dependencies: - ansi-styles: 2.2.1 - escape-string-regexp: 1.0.5 - has-ansi: 2.0.0 - strip-ansi: 3.0.1 - supports-color: 2.0.0 - - chalk@2.4.2: - dependencies: - ansi-styles: 3.2.1 - escape-string-regexp: 1.0.5 - supports-color: 5.5.0 - - chalk@4.1.2: - dependencies: - ansi-styles: 4.3.0 - supports-color: 7.2.0 - - change-case@3.1.0: - dependencies: - camel-case: 3.0.0 - constant-case: 2.0.0 - dot-case: 2.1.1 - header-case: 1.0.1 - is-lower-case: 1.1.3 - is-upper-case: 1.1.2 - lower-case: 1.1.4 - lower-case-first: 1.0.2 - no-case: 2.3.2 - param-case: 2.1.1 - pascal-case: 2.0.1 - path-case: 2.1.1 - sentence-case: 2.1.1 - snake-case: 2.1.0 - swap-case: 1.1.2 - title-case: 2.1.1 - upper-case: 1.1.3 - upper-case-first: 1.1.2 - - chardet@0.7.0: {} - - chokidar@3.5.3: - dependencies: - anymatch: 3.1.3 - braces: 3.0.3 - glob-parent: 5.1.2 - is-binary-path: 2.1.0 - is-glob: 4.0.3 - normalize-path: 3.0.0 - readdirp: 3.6.0 - optionalDependencies: - fsevents: 2.3.3 - - chokidar@3.6.0: - dependencies: - anymatch: 3.1.3 - braces: 3.0.3 - glob-parent: 5.1.2 - is-binary-path: 2.1.0 - is-glob: 4.0.3 - normalize-path: 3.0.0 - readdirp: 3.6.0 - optionalDependencies: - fsevents: 2.3.3 - - chownr@1.1.4: {} - - chownr@2.0.0: {} - - chrome-trace-event@1.0.4: {} - - ci-info@3.8.0: {} - - class-utils@0.3.6: - dependencies: - arr-union: 3.1.0 - define-property: 0.2.5 - isobject: 3.0.1 - static-extend: 0.1.2 - - clean-css@5.3.3: - dependencies: - source-map: 0.6.1 - - clean-stack@2.2.0: {} - - cli-boxes@2.2.1: {} - - cli-cursor@2.1.0: - dependencies: - restore-cursor: 2.0.0 - - cli-cursor@3.1.0: - dependencies: - restore-cursor: 3.1.0 - - cli-progress@3.12.0: - dependencies: - string-width: 4.2.3 - - cli-spinners@2.9.2: {} - - cli-table3@0.6.5: - dependencies: - string-width: 4.2.3 - optionalDependencies: - '@colors/colors': 1.5.0 - - cli-width@3.0.0: {} - - cliui@7.0.4: - dependencies: - string-width: 4.2.3 - strip-ansi: 6.0.1 - wrap-ansi: 7.0.0 - - cliui@8.0.1: - dependencies: - string-width: 4.2.3 - strip-ansi: 6.0.1 - wrap-ansi: 7.0.0 - - clone-response@1.0.3: - dependencies: - mimic-response: 1.0.1 - - clone@1.0.4: {} - - co-body@5.2.0: - dependencies: - inflation: 2.1.0 - qs: 6.11.1 - raw-body: 2.5.2 - type-is: 1.6.18 - - co-body@6.2.0: - dependencies: - '@hapi/bourne': 3.0.0 - inflation: 2.1.0 - qs: 6.11.1 - raw-body: 2.5.2 - type-is: 1.6.18 - - co@4.6.0: {} - - codemirror@5.65.17: {} - - collection-visit@1.0.0: - dependencies: - map-visit: 1.0.0 - object-visit: 1.0.1 - - color-convert@1.9.3: - dependencies: - color-name: 1.1.3 - - color-convert@2.0.1: - dependencies: - color-name: 1.1.4 - - color-name@1.1.3: {} - - color-name@1.1.4: {} - - color-string@1.9.1: - dependencies: - color-name: 1.1.4 - simple-swizzle: 0.2.2 - - color-support@1.1.3: {} - - color@3.2.1: - dependencies: - color-convert: 1.9.3 - color-string: 1.9.1 - - color@4.2.3: - dependencies: - color-convert: 2.0.1 - color-string: 1.9.1 - - colorette@2.0.19: {} - - colorette@2.0.20: {} - - colorspace@1.1.4: - dependencies: - color: 3.2.1 - text-hex: 1.0.0 - - combined-stream@1.0.8: - dependencies: - delayed-stream: 1.0.0 - - commander@10.0.1: {} - - commander@2.20.3: {} - - commander@7.2.0: {} - - commander@8.3.0: {} - - common-path-prefix@3.0.0: {} - - component-emitter@1.3.1: {} - - compressible@2.0.18: - dependencies: - mime-db: 1.53.0 - - compute-scroll-into-view@1.0.20: {} - - compute-scroll-into-view@3.1.0: {} - - concat-map@0.0.1: {} - - concurrently@8.2.2: - dependencies: - chalk: 4.1.2 - date-fns: 2.30.0 - lodash: 4.17.21 - rxjs: 7.8.1 - shell-quote: 1.8.1 - spawn-command: 0.0.2 - supports-color: 8.1.1 - tree-kill: 1.2.2 - yargs: 17.7.2 - - config-chain@1.1.13: - dependencies: - ini: 1.3.8 - proto-list: 1.2.4 - - configstore@5.0.1: - dependencies: - dot-prop: 5.3.0 - graceful-fs: 4.2.11 - make-dir: 3.1.0 - unique-string: 2.0.0 - write-file-atomic: 3.0.3 - xdg-basedir: 4.0.0 - - console-control-strings@1.1.0: {} - - constant-case@2.0.0: - dependencies: - snake-case: 2.1.0 - upper-case: 1.1.3 - - content-disposition@0.5.4: - dependencies: - safe-buffer: 5.2.1 - - content-type@1.0.5: {} - - convert-source-map@1.9.0: {} - - cookie-signature@1.2.1: - optional: true - - cookie@0.4.2: {} - - cookie@0.5.0: - optional: true - - cookies@0.8.0: - dependencies: - depd: 2.0.0 - keygrip: 1.1.0 - - copy-descriptor@0.1.1: {} - - copy-to@2.0.1: {} - - copyfiles@2.4.1: - dependencies: - glob: 7.2.3 - minimatch: 3.1.2 - mkdirp: 1.0.4 - noms: 0.0.0 - through2: 2.0.5 - untildify: 4.0.0 - yargs: 16.2.0 - - core-js-pure@3.38.1: {} - - core-util-is@1.0.3: {} - - cosmiconfig@7.1.0: - dependencies: - '@types/parse-json': 4.0.2 - import-fresh: 3.3.0 - parse-json: 5.2.0 - path-type: 4.0.0 - yaml: 1.10.2 - - cosmiconfig@8.3.6(typescript@5.2.2): - dependencies: - import-fresh: 3.3.0 - js-yaml: 4.1.0 - parse-json: 5.2.0 - path-type: 4.0.0 - optionalDependencies: - typescript: 5.2.2 - - crc@3.8.0: - dependencies: - buffer: 5.7.1 - - crelt@1.0.6: {} - - cron-parser@4.9.0: - dependencies: - luxon: 3.5.0 - - cropperjs@1.6.0: {} - - cross-env@7.0.3: - dependencies: - cross-spawn: 7.0.3 - - cross-spawn@7.0.3: - dependencies: - path-key: 3.1.1 - shebang-command: 2.0.0 - which: 2.0.2 - - crypto-random-string@2.0.0: {} - - css-color-keywords@1.0.0: {} - - css-loader@6.11.0(webpack@5.94.0(esbuild@0.19.11)): - dependencies: - icss-utils: 5.1.0(postcss@8.4.44) - postcss: 8.4.44 - postcss-modules-extract-imports: 3.1.0(postcss@8.4.44) - postcss-modules-local-by-default: 4.0.5(postcss@8.4.44) - postcss-modules-scope: 3.2.0(postcss@8.4.44) - postcss-modules-values: 4.0.0(postcss@8.4.44) - postcss-value-parser: 4.2.0 - semver: 7.5.4 - optionalDependencies: - webpack: 5.94.0(esbuild@0.19.11) - - css-select@4.3.0: - dependencies: - boolbase: 1.0.0 - css-what: 6.1.0 - domhandler: 4.3.1 - domutils: 2.8.0 - nth-check: 2.1.1 - - css-to-react-native@3.2.0: - dependencies: - camelize: 1.0.1 - css-color-keywords: 1.0.0 - postcss-value-parser: 4.2.0 - - css-what@6.1.0: {} - - cssesc@3.0.0: {} - - csstype@3.1.3: {} - - data-uri-to-buffer@4.0.1: {} - - date-fns-tz@2.0.0(date-fns@2.30.0): - dependencies: - date-fns: 2.30.0 - - date-fns@2.30.0: - dependencies: - '@babel/runtime': 7.25.6 - - date-fns@3.6.0: {} - - debounce@1.2.1: {} - - debug@2.6.9: - dependencies: - ms: 2.0.0 - - debug@3.2.7: - dependencies: - ms: 2.1.3 - - debug@4.3.4(supports-color@5.5.0): - dependencies: - ms: 2.1.2 - optionalDependencies: - supports-color: 5.5.0 - - debug@4.3.6: - dependencies: - ms: 2.1.2 - - decode-uri-component@0.2.2: {} - - decompress-response@4.2.1: - dependencies: - mimic-response: 2.1.0 - - decompress-response@6.0.0: - dependencies: - mimic-response: 3.1.0 - - decompress-response@7.0.0: - dependencies: - mimic-response: 3.1.0 - - deep-equal@1.0.1: {} - - deep-extend@0.6.0: {} - - deepmerge@2.2.1: {} - - deepmerge@4.3.1: {} - - default-browser-id@3.0.0: - dependencies: - bplist-parser: 0.2.0 - untildify: 4.0.0 - - default-browser@4.0.0: - dependencies: - bundle-name: 3.0.0 - default-browser-id: 3.0.0 - execa: 7.2.0 - titleize: 3.0.0 - - defaults@1.0.4: - dependencies: - clone: 1.0.4 - - defer-to-connect@2.0.1: {} - - define-data-property@1.1.4: - dependencies: - es-define-property: 1.0.0 - es-errors: 1.3.0 - gopd: 1.0.1 - - define-lazy-prop@2.0.0: {} - - define-lazy-prop@3.0.0: {} - - define-property@0.2.5: - dependencies: - is-descriptor: 0.1.7 - - define-property@1.0.0: - dependencies: - is-descriptor: 1.0.3 - - define-property@2.0.2: - dependencies: - is-descriptor: 1.0.3 - isobject: 3.0.1 - - del@5.1.0: - dependencies: - globby: 10.0.2 - graceful-fs: 4.2.11 - is-glob: 4.0.3 - is-path-cwd: 2.2.0 - is-path-inside: 3.0.3 - p-map: 3.0.0 - rimraf: 3.0.2 - slash: 3.0.0 - - delayed-stream@1.0.0: {} - - delegates@1.0.0: {} - - depd@1.1.2: {} - - depd@2.0.0: {} - - destroy@1.2.0: {} - - detect-file@1.0.0: {} - - detect-indent@6.1.0: {} - - detect-indent@7.0.1: {} - - detect-libc@2.0.3: {} - - detect-newline@4.0.1: {} - - detect-node-es@1.1.0: {} - - detect-node@2.1.0: {} - - dir-glob@3.0.1: - dependencies: - path-type: 4.0.0 - - direction@1.0.4: {} - - dkim-signer@0.2.2: - dependencies: - libmime: 2.1.3 - - dnd-core@16.0.1: - dependencies: - '@react-dnd/asap': 5.0.2 - '@react-dnd/invariant': 4.0.2 - redux: 4.2.1 - - dom-converter@0.2.0: - dependencies: - utila: 0.4.0 - - dom-helpers@5.2.1: - dependencies: - '@babel/runtime': 7.25.6 - csstype: 3.1.3 - - dom-serializer@1.4.1: - dependencies: - domelementtype: 2.3.0 - domhandler: 4.3.1 - entities: 2.2.0 - - dom-serializer@2.0.0: - dependencies: - domelementtype: 2.3.0 - domhandler: 5.0.3 - entities: 4.5.0 - - domelementtype@2.3.0: {} - - domhandler@4.3.1: - dependencies: - domelementtype: 2.3.0 - - domhandler@5.0.3: - dependencies: - domelementtype: 2.3.0 - - domutils@2.8.0: - dependencies: - dom-serializer: 1.4.1 - domelementtype: 2.3.0 - domhandler: 4.3.1 - - domutils@3.1.0: - dependencies: - dom-serializer: 2.0.0 - domelementtype: 2.3.0 - domhandler: 5.0.3 - - dot-case@2.1.1: - dependencies: - no-case: 2.3.2 - - dot-case@3.0.4: - dependencies: - no-case: 3.0.4 - tslib: 2.7.0 - - dot-prop@5.3.0: - dependencies: - is-obj: 2.0.0 - - dotenv@14.2.0: {} - - dotenv@16.4.5: {} - - duplexer@0.1.2: {} - - eastasianwidth@0.2.0: {} - - ecdsa-sig-formatter@1.0.11: - dependencies: - safe-buffer: 5.2.1 - - ee-first@1.1.1: {} - - electron-to-chromium@1.5.13: {} - - elliptic@6.5.7: - dependencies: - bn.js: 4.12.0 - brorand: 1.1.0 - hash.js: 1.1.7 - hmac-drbg: 1.0.1 - inherits: 2.0.4 - minimalistic-assert: 1.0.1 - minimalistic-crypto-utils: 1.0.1 - - emittery@0.12.1: {} - - emoji-regex@8.0.0: {} - - emoji-regex@9.2.2: {} - - emojis-list@3.0.0: {} - - enabled@2.0.0: {} - - encodeurl@1.0.2: {} - - end-of-stream@1.4.4: - dependencies: - once: 1.4.0 - - enhanced-resolve@5.17.1: - dependencies: - graceful-fs: 4.2.11 - tapable: 2.2.1 - - entities@2.1.0: {} - - entities@2.2.0: {} - - entities@4.5.0: {} - - error-ex@1.3.2: - dependencies: - is-arrayish: 0.2.1 - - error-stack-parser@2.1.4: - dependencies: - stackframe: 1.3.4 - - es-define-property@1.0.0: - dependencies: - get-intrinsic: 1.2.4 - - es-errors@1.3.0: {} - - es-module-lexer@1.5.4: {} - - esbuild-loader@2.21.0(webpack@5.94.0(esbuild@0.19.11)): - dependencies: - esbuild: 0.16.17 - joycon: 3.1.1 - json5: 2.2.3 - loader-utils: 2.0.4 - tapable: 2.2.1 - webpack: 5.94.0(esbuild@0.19.11) - webpack-sources: 1.4.3 - - esbuild-register@3.5.0(esbuild@0.19.11): - dependencies: - debug: 4.3.4(supports-color@5.5.0) - esbuild: 0.19.11 - transitivePeerDependencies: - - supports-color - - esbuild@0.16.17: - optionalDependencies: - '@esbuild/android-arm': 0.16.17 - '@esbuild/android-arm64': 0.16.17 - '@esbuild/android-x64': 0.16.17 - '@esbuild/darwin-arm64': 0.16.17 - '@esbuild/darwin-x64': 0.16.17 - '@esbuild/freebsd-arm64': 0.16.17 - '@esbuild/freebsd-x64': 0.16.17 - '@esbuild/linux-arm': 0.16.17 - '@esbuild/linux-arm64': 0.16.17 - '@esbuild/linux-ia32': 0.16.17 - '@esbuild/linux-loong64': 0.16.17 - '@esbuild/linux-mips64el': 0.16.17 - '@esbuild/linux-ppc64': 0.16.17 - '@esbuild/linux-riscv64': 0.16.17 - '@esbuild/linux-s390x': 0.16.17 - '@esbuild/linux-x64': 0.16.17 - '@esbuild/netbsd-x64': 0.16.17 - '@esbuild/openbsd-x64': 0.16.17 - '@esbuild/sunos-x64': 0.16.17 - '@esbuild/win32-arm64': 0.16.17 - '@esbuild/win32-ia32': 0.16.17 - '@esbuild/win32-x64': 0.16.17 - - esbuild@0.19.11: - optionalDependencies: - '@esbuild/aix-ppc64': 0.19.11 - '@esbuild/android-arm': 0.19.11 - '@esbuild/android-arm64': 0.19.11 - '@esbuild/android-x64': 0.19.11 - '@esbuild/darwin-arm64': 0.19.11 - '@esbuild/darwin-x64': 0.19.11 - '@esbuild/freebsd-arm64': 0.19.11 - '@esbuild/freebsd-x64': 0.19.11 - '@esbuild/linux-arm': 0.19.11 - '@esbuild/linux-arm64': 0.19.11 - '@esbuild/linux-ia32': 0.19.11 - '@esbuild/linux-loong64': 0.19.11 - '@esbuild/linux-mips64el': 0.19.11 - '@esbuild/linux-ppc64': 0.19.11 - '@esbuild/linux-riscv64': 0.19.11 - '@esbuild/linux-s390x': 0.19.11 - '@esbuild/linux-x64': 0.19.11 - '@esbuild/netbsd-x64': 0.19.11 - '@esbuild/openbsd-x64': 0.19.11 - '@esbuild/sunos-x64': 0.19.11 - '@esbuild/win32-arm64': 0.19.11 - '@esbuild/win32-ia32': 0.19.11 - '@esbuild/win32-x64': 0.19.11 - - escalade@3.2.0: {} - - escape-html@1.0.3: {} - - escape-string-regexp@1.0.5: {} - - escape-string-regexp@2.0.0: {} - - escape-string-regexp@4.0.0: {} - - eslint-scope@5.1.1: - dependencies: - esrecurse: 4.3.0 - estraverse: 4.3.0 - - esm@3.2.25: {} - - esrecurse@4.3.0: - dependencies: - estraverse: 5.3.0 - - estraverse@4.3.0: {} - - estraverse@5.3.0: {} - - event-target-shim@5.0.1: {} - - eventemitter3@4.0.7: {} - - events@3.3.0: {} - - eventsource@2.0.2: {} - - execa@5.1.1: - dependencies: - cross-spawn: 7.0.3 - get-stream: 6.0.1 - human-signals: 2.1.0 - is-stream: 2.0.1 - merge-stream: 2.0.0 - npm-run-path: 4.0.1 - onetime: 5.1.2 - signal-exit: 3.0.7 - strip-final-newline: 2.0.0 - - execa@7.2.0: - dependencies: - cross-spawn: 7.0.3 - get-stream: 6.0.1 - human-signals: 4.3.1 - is-stream: 3.0.0 - merge-stream: 2.0.0 - npm-run-path: 5.3.0 - onetime: 6.0.0 - signal-exit: 3.0.7 - strip-final-newline: 3.0.0 - - expand-brackets@2.1.4: - dependencies: - debug: 2.6.9 - define-property: 0.2.5 - extend-shallow: 2.0.1 - posix-character-classes: 0.1.1 - regex-not: 1.0.2 - snapdragon: 0.8.2 - to-regex: 3.0.2 - transitivePeerDependencies: - - supports-color - - expand-template@2.0.3: {} - - expand-tilde@2.0.2: - dependencies: - homedir-polyfill: 1.0.3 - - extend-shallow@2.0.1: - dependencies: - is-extendable: 0.1.1 - - extend-shallow@3.0.2: - dependencies: - assign-symbols: 1.0.0 - is-extendable: 1.0.1 - - extend@3.0.2: {} - - external-editor@3.1.0: - dependencies: - chardet: 0.7.0 - iconv-lite: 0.4.24 - tmp: 0.0.33 - - extglob@2.0.4: - dependencies: - array-unique: 0.3.2 - define-property: 1.0.0 - expand-brackets: 2.1.4 - extend-shallow: 2.0.1 - fragment-cache: 0.2.1 - regex-not: 1.0.2 - snapdragon: 0.8.2 - to-regex: 3.0.2 - transitivePeerDependencies: - - supports-color - - fast-deep-equal@3.1.3: {} - - fast-fifo@1.3.2: {} - - fast-glob@3.3.2: - dependencies: - '@nodelib/fs.stat': 2.0.5 - '@nodelib/fs.walk': 1.2.8 - glob-parent: 5.1.2 - merge2: 1.4.1 - micromatch: 4.0.8 - - fast-json-stable-stringify@2.1.0: {} - - fast-safe-stringify@2.1.1: {} - - fast-uri@3.0.1: {} - - fast-xml-parser@4.4.1: - dependencies: - strnum: 1.0.5 - - fastq@1.17.1: - dependencies: - reusify: 1.0.4 - - fecha@4.2.3: {} - - fetch-blob@3.2.0: - dependencies: - node-domexception: 1.0.0 - web-streams-polyfill: 3.3.3 - - figures@3.2.0: - dependencies: - escape-string-regexp: 1.0.5 - - fill-range@4.0.0: - dependencies: - extend-shallow: 2.0.1 - is-number: 3.0.0 - repeat-string: 1.6.1 - to-regex-range: 2.1.1 - - fill-range@7.1.1: - dependencies: - to-regex-range: 5.0.1 - - find-root@1.1.0: {} - - find-up@3.0.0: - dependencies: - locate-path: 3.0.0 - - find-up@4.1.0: - dependencies: - locate-path: 5.0.0 - path-exists: 4.0.0 - - find-up@5.0.0: - dependencies: - locate-path: 6.0.0 - path-exists: 4.0.0 - - findup-sync@2.0.0: - dependencies: - detect-file: 1.0.0 - is-glob: 3.1.0 - micromatch: 3.1.10 - resolve-dir: 1.0.1 - transitivePeerDependencies: - - supports-color - - fined@1.2.0: - dependencies: - expand-tilde: 2.0.2 - is-plain-object: 2.0.4 - object.defaults: 1.1.0 - object.pick: 1.3.0 - parse-filepath: 1.0.2 - - flagged-respawn@1.0.1: {} - - flat-cache@3.2.0: - dependencies: - flatted: 3.3.1 - keyv: 4.5.4 - rimraf: 3.0.2 - - flatted@3.3.1: {} - - fn.name@1.1.0: {} - - follow-redirects@1.15.6(debug@4.3.4): - optionalDependencies: - debug: 4.3.4(supports-color@5.5.0) - - for-in@1.0.2: {} - - for-own@1.0.0: - dependencies: - for-in: 1.0.2 - - foreground-child@3.3.0: - dependencies: - cross-spawn: 7.0.3 - signal-exit: 4.1.0 - - fork-ts-checker-webpack-plugin@9.0.2(typescript@5.2.2)(webpack@5.94.0(esbuild@0.19.11)): - dependencies: - '@babel/code-frame': 7.24.7 - chalk: 4.1.2 - chokidar: 3.5.3 - cosmiconfig: 8.3.6(typescript@5.2.2) - deepmerge: 4.3.1 - fs-extra: 10.0.0 - memfs: 3.5.3 - minimatch: 3.1.2 - node-abort-controller: 3.1.1 - schema-utils: 3.3.0 - semver: 7.5.4 - tapable: 2.2.1 - typescript: 5.2.2 - webpack: 5.94.0(esbuild@0.19.11) - - form-data-encoder@1.7.2: {} - - form-data@4.0.0: - dependencies: - asynckit: 0.4.0 - combined-stream: 1.0.8 - mime-types: 2.1.35 - - formdata-node@4.4.1: - dependencies: - node-domexception: 1.0.0 - web-streams-polyfill: 4.0.0-beta.3 - - formdata-polyfill@4.0.10: - dependencies: - fetch-blob: 3.2.0 - - formidable@1.2.6: {} - - formik@2.4.0(react@18.3.1): - dependencies: - deepmerge: 2.2.1 - hoist-non-react-statics: 3.3.2 - lodash: 4.17.21 - lodash-es: 4.17.21 - react: 18.3.1 - react-fast-compare: 2.0.4 - tiny-warning: 1.0.3 - tslib: 1.14.1 - - fractional-indexing@3.2.0: {} - - fragment-cache@0.2.1: - dependencies: - map-cache: 0.2.2 - - fresh@0.5.2: {} - - fs-constants@1.0.0: {} - - fs-extra@10.0.0: - dependencies: - graceful-fs: 4.2.11 - jsonfile: 6.1.0 - universalify: 2.0.1 - - fs-extra@7.0.1: - dependencies: - graceful-fs: 4.2.11 - jsonfile: 4.0.0 - universalify: 0.1.2 - - fs-extra@8.1.0: - dependencies: - graceful-fs: 4.2.11 - jsonfile: 4.0.0 - universalify: 0.1.2 - - fs-jetpack@4.3.1: - dependencies: - minimatch: 3.1.2 - rimraf: 2.7.1 - - fs-minipass@2.1.0: - dependencies: - minipass: 3.3.6 - - fs-monkey@1.0.6: {} - - fs.realpath@1.0.0: {} - - fsevents@2.3.3: - optional: true - - function-bind@1.1.2: {} - - fuzzysort@3.0.2: {} - - gauge@3.0.2: - dependencies: - aproba: 2.0.0 - color-support: 1.1.3 - console-control-strings: 1.1.0 - has-unicode: 2.0.1 - object-assign: 4.1.1 - signal-exit: 3.0.7 - string-width: 4.2.3 - strip-ansi: 6.0.1 - wide-align: 1.1.5 - - get-caller-file@2.0.5: {} - - get-intrinsic@1.2.4: - dependencies: - es-errors: 1.3.0 - function-bind: 1.1.2 - has-proto: 1.0.3 - has-symbols: 1.0.3 - hasown: 2.0.2 - - get-it@8.6.5(debug@4.3.4): - dependencies: - '@types/follow-redirects': 1.14.4 - '@types/progress-stream': 2.0.5 - decompress-response: 7.0.0 - follow-redirects: 1.15.6(debug@4.3.4) - is-retry-allowed: 2.2.0 - progress-stream: 2.0.0 - tunnel-agent: 0.6.0 - transitivePeerDependencies: - - debug - - get-latest-version@5.1.0(debug@4.3.4): - dependencies: - get-it: 8.6.5(debug@4.3.4) - registry-auth-token: 5.0.2 - registry-url: 5.1.0 - semver: 7.5.4 - transitivePeerDependencies: - - debug - - get-nonce@1.0.1: {} - - get-package-type@0.1.0: {} - - get-stdin@9.0.0: {} - - get-stream@5.2.0: - dependencies: - pump: 3.0.0 - - get-stream@6.0.1: {} - - get-value@2.0.6: {} - - getopts@2.3.0: {} - - git-hooks-list@3.1.0: {} - - git-up@7.0.0: - dependencies: - is-ssh: 1.4.0 - parse-url: 8.1.0 - - git-url-parse@13.1.0: - dependencies: - git-up: 7.0.0 - - github-from-package@0.0.0: {} - - glob-parent@5.1.2: - dependencies: - is-glob: 4.0.3 - - glob-to-regexp@0.4.1: {} - - glob@10.4.2: - dependencies: - foreground-child: 3.3.0 - jackspeak: 3.4.3 - minimatch: 9.0.5 - minipass: 7.1.2 - package-json-from-dist: 1.0.0 - path-scurry: 1.11.1 - - glob@7.2.3: - dependencies: - fs.realpath: 1.0.0 - inflight: 1.0.6 - inherits: 2.0.4 - minimatch: 3.1.2 - once: 1.4.0 - path-is-absolute: 1.0.1 - - glob@8.1.0: - dependencies: - fs.realpath: 1.0.0 - inflight: 1.0.6 - inherits: 2.0.4 - minimatch: 5.1.6 - once: 1.4.0 - - global-modules@1.0.0: - dependencies: - global-prefix: 1.0.2 - is-windows: 1.0.2 - resolve-dir: 1.0.1 - - global-prefix@1.0.2: - dependencies: - expand-tilde: 2.0.2 - homedir-polyfill: 1.0.3 - ini: 1.3.8 - is-windows: 1.0.2 - which: 1.3.1 - - globals@11.12.0: {} - - globby@10.0.2: - dependencies: - '@types/glob': 7.2.0 - array-union: 2.1.0 - dir-glob: 3.0.1 - fast-glob: 3.3.2 - glob: 7.2.3 - ignore: 5.3.2 - merge2: 1.4.1 - slash: 3.0.0 - - globby@13.2.2: - dependencies: - dir-glob: 3.0.1 - fast-glob: 3.3.2 - ignore: 5.3.2 - merge2: 1.4.1 - slash: 4.0.0 - - gopd@1.0.1: - dependencies: - get-intrinsic: 1.2.4 - - got@11.8.6: - dependencies: - '@sindresorhus/is': 4.6.0 - '@szmarczak/http-timer': 4.0.6 - '@types/cacheable-request': 6.0.3 - '@types/responselike': 1.0.3 - cacheable-lookup: 5.0.4 - cacheable-request: 7.0.4 - decompress-response: 6.0.0 - http2-wrapper: 1.0.3 - lowercase-keys: 2.0.0 - p-cancelable: 2.1.1 - responselike: 2.0.1 - - graceful-fs@4.2.10: {} - - graceful-fs@4.2.11: {} - - grant-koa@5.4.8(koa@2.13.4): - dependencies: - grant: 5.4.22 - koa: 2.13.4 - - grant@5.4.22: - dependencies: - qs: 6.13.0 - request-compose: 2.1.6 - request-oauth: 1.0.1 - optionalDependencies: - cookie: 0.5.0 - cookie-signature: 1.2.1 - jwk-to-pem: 2.0.5 - jws: 4.0.0 - - gzip-size@6.0.0: - dependencies: - duplexer: 0.1.2 - - handlebars@4.7.8: - dependencies: - minimist: 1.2.8 - neo-async: 2.6.2 - source-map: 0.6.1 - wordwrap: 1.0.0 - optionalDependencies: - uglify-js: 3.19.3 - - has-ansi@2.0.0: - dependencies: - ansi-regex: 2.1.1 - - has-flag@3.0.0: {} - - has-flag@4.0.0: {} - - has-property-descriptors@1.0.2: - dependencies: - es-define-property: 1.0.0 - - has-proto@1.0.3: {} - - has-symbols@1.0.3: {} - - has-tostringtag@1.0.2: - dependencies: - has-symbols: 1.0.3 - - has-unicode@2.0.1: {} - - has-value@0.3.1: - dependencies: - get-value: 2.0.6 - has-values: 0.1.4 - isobject: 2.1.0 - - has-value@1.0.0: - dependencies: - get-value: 2.0.6 - has-values: 1.0.0 - isobject: 3.0.1 - - has-values@0.1.4: {} - - has-values@1.0.0: - dependencies: - is-number: 3.0.0 - kind-of: 4.0.0 - - hash.js@1.1.7: - dependencies: - inherits: 2.0.4 - minimalistic-assert: 1.0.1 - - hasown@2.0.2: - dependencies: - function-bind: 1.1.2 - - he@1.2.0: {} - - header-case@1.0.1: - dependencies: - no-case: 2.3.2 - upper-case: 1.1.3 - - helmet@6.2.0: {} - - highlight.js@10.7.3: {} - - history@4.10.1: - dependencies: - '@babel/runtime': 7.25.6 - loose-envify: 1.4.0 - resolve-pathname: 3.0.0 - tiny-invariant: 1.3.3 - tiny-warning: 1.0.3 - value-equal: 1.0.1 - - hmac-drbg@1.0.1: - dependencies: - hash.js: 1.1.7 - minimalistic-assert: 1.0.1 - minimalistic-crypto-utils: 1.0.1 - - hoist-non-react-statics@3.3.2: - dependencies: - react-is: 16.13.1 - - homedir-polyfill@1.0.3: - dependencies: - parse-passwd: 1.0.0 - - hosted-git-info@2.8.9: {} - - html-entities@2.5.2: {} - - html-escaper@2.0.2: {} - - html-minifier-terser@6.1.0: - dependencies: - camel-case: 4.1.2 - clean-css: 5.3.3 - commander: 8.3.0 - he: 1.2.0 - param-case: 3.0.4 - relateurl: 0.2.7 - terser: 5.31.6 - - html-webpack-plugin@5.6.0(webpack@5.94.0(esbuild@0.19.11)): - dependencies: - '@types/html-minifier-terser': 6.1.0 - html-minifier-terser: 6.1.0 - lodash: 4.17.21 - pretty-error: 4.0.0 - tapable: 2.2.1 - optionalDependencies: - webpack: 5.94.0(esbuild@0.19.11) - - htmlparser2@6.1.0: - dependencies: - domelementtype: 2.3.0 - domhandler: 4.3.1 - domutils: 2.8.0 - entities: 2.2.0 - - htmlparser2@8.0.2: - dependencies: - domelementtype: 2.3.0 - domhandler: 5.0.3 - domutils: 3.1.0 - entities: 4.5.0 - - http-assert@1.5.0: - dependencies: - deep-equal: 1.0.1 - http-errors: 1.8.1 - - http-cache-semantics@4.1.1: {} - - http-errors@1.6.3: - dependencies: - depd: 1.1.2 - inherits: 2.0.3 - setprototypeof: 1.1.0 - statuses: 1.5.0 - - http-errors@1.8.1: - dependencies: - depd: 1.1.2 - inherits: 2.0.4 - setprototypeof: 1.2.0 - statuses: 1.5.0 - toidentifier: 1.0.1 - - http-errors@2.0.0: - dependencies: - depd: 2.0.0 - inherits: 2.0.4 - setprototypeof: 1.2.0 - statuses: 2.0.1 - toidentifier: 1.0.1 - - http2-wrapper@1.0.3: - dependencies: - quick-lru: 5.1.1 - resolve-alpn: 1.2.1 - - https-proxy-agent@5.0.1: - dependencies: - agent-base: 6.0.2 - debug: 4.3.4(supports-color@5.5.0) - transitivePeerDependencies: - - supports-color - - human-signals@2.1.0: {} - - human-signals@4.3.1: {} - - humanize-ms@1.2.1: - dependencies: - ms: 2.1.3 - - iconv-lite@0.4.13: {} - - iconv-lite@0.4.15: {} - - iconv-lite@0.4.24: - dependencies: - safer-buffer: 2.1.2 - - icss-utils@5.1.0(postcss@8.4.44): - dependencies: - postcss: 8.4.44 - - ieee754@1.2.1: {} - - ignore-by-default@1.0.1: {} - - ignore-walk@3.0.4: - dependencies: - minimatch: 3.1.2 - - ignore@5.3.2: {} - - immer@9.0.19: {} - - immer@9.0.21: {} - - import-fresh@3.3.0: - dependencies: - parent-module: 1.0.1 - resolve-from: 4.0.0 - - import-lazy@4.0.0: {} - - imurmurhash@0.1.4: {} - - indent-string@4.0.0: {} - - inflation@2.1.0: {} - - inflight@1.0.6: - dependencies: - once: 1.4.0 - wrappy: 1.0.2 - - inherits@2.0.3: {} - - inherits@2.0.4: {} - - ini@1.3.8: {} - - ini@2.0.0: {} - - ini@4.1.1: {} - - inquirer@7.3.3: - dependencies: - ansi-escapes: 4.3.2 - chalk: 4.1.2 - cli-cursor: 3.1.0 - cli-width: 3.0.0 - external-editor: 3.1.0 - figures: 3.2.0 - lodash: 4.17.21 - mute-stream: 0.0.8 - run-async: 2.4.1 - rxjs: 6.6.7 - string-width: 4.2.3 - strip-ansi: 6.0.1 - through: 2.3.8 - - inquirer@8.2.5: - dependencies: - ansi-escapes: 4.3.2 - chalk: 4.1.2 - cli-cursor: 3.1.0 - cli-width: 3.0.0 - external-editor: 3.1.0 - figures: 3.2.0 - lodash: 4.17.21 - mute-stream: 0.0.8 - ora: 5.4.1 - run-async: 2.4.1 - rxjs: 7.8.1 - string-width: 4.2.3 - strip-ansi: 6.0.1 - through: 2.3.8 - wrap-ansi: 7.0.0 - - interpret@1.4.0: {} - - interpret@2.2.0: {} - - intl-messageformat@10.3.4: - dependencies: - '@formatjs/ecma402-abstract': 1.14.3 - '@formatjs/fast-memoize': 2.0.1 - '@formatjs/icu-messageformat-parser': 2.3.1 - tslib: 2.7.0 - - invariant@2.2.4: - dependencies: - loose-envify: 1.4.0 - - is-absolute@1.0.0: - dependencies: - is-relative: 1.0.0 - is-windows: 1.0.2 - - is-accessor-descriptor@1.0.1: - dependencies: - hasown: 2.0.2 - - is-arrayish@0.2.1: {} - - is-arrayish@0.3.2: {} - - is-binary-path@2.1.0: - dependencies: - binary-extensions: 2.3.0 - - is-buffer@1.1.6: {} - - is-class-hotfix@0.0.6: {} - - is-core-module@2.15.1: - dependencies: - hasown: 2.0.2 - - is-data-descriptor@1.0.1: - dependencies: - hasown: 2.0.2 - - is-descriptor@0.1.7: - dependencies: - is-accessor-descriptor: 1.0.1 - is-data-descriptor: 1.0.1 - - is-descriptor@1.0.3: - dependencies: - is-accessor-descriptor: 1.0.1 - is-data-descriptor: 1.0.1 - - is-docker@2.2.1: {} - - is-docker@3.0.0: {} - - is-extendable@0.1.1: {} - - is-extendable@1.0.1: - dependencies: - is-plain-object: 2.0.4 - - is-extglob@2.1.1: {} - - is-fullwidth-code-point@3.0.0: {} - - is-generator-function@1.0.10: - dependencies: - has-tostringtag: 1.0.2 - - is-glob@3.1.0: - dependencies: - is-extglob: 2.1.1 - - is-glob@4.0.3: - dependencies: - is-extglob: 2.1.1 - - is-hotkey@0.1.8: {} - - is-inside-container@1.0.0: - dependencies: - is-docker: 3.0.0 - - is-interactive@1.0.0: {} - - is-localhost-ip@2.0.0: {} - - is-lower-case@1.1.3: - dependencies: - lower-case: 1.1.4 - - is-number@3.0.0: - dependencies: - kind-of: 3.2.2 - - is-number@7.0.0: {} - - is-obj@2.0.0: {} - - is-path-cwd@2.2.0: {} - - is-path-inside@3.0.3: {} - - is-plain-obj@4.1.0: {} - - is-plain-object@2.0.4: - dependencies: - isobject: 3.0.1 - - is-plain-object@5.0.0: {} - - is-relative@1.0.0: - dependencies: - is-unc-path: 1.0.0 - - is-retry-allowed@2.2.0: {} - - is-ssh@1.4.0: - dependencies: - protocols: 2.0.1 - - is-stream@2.0.1: {} - - is-stream@3.0.0: {} - - is-type-of@1.4.0: - dependencies: - core-util-is: 1.0.3 - is-class-hotfix: 0.0.6 - isstream: 0.1.2 - - is-typedarray@1.0.0: {} - - is-unc-path@1.0.0: - dependencies: - unc-path-regex: 0.1.2 - - is-unicode-supported@0.1.0: {} - - is-upper-case@1.1.2: - dependencies: - upper-case: 1.1.3 - - is-windows@1.0.2: {} - - is-wsl@2.2.0: - dependencies: - is-docker: 2.2.1 - - isarray@0.0.1: {} - - isarray@1.0.0: {} - - isbinaryfile@4.0.10: {} - - isexe@2.0.0: {} - - isobject@2.1.0: - dependencies: - isarray: 1.0.0 - - isobject@3.0.1: {} - - isstream@0.1.2: {} - - jackspeak@3.4.3: - dependencies: - '@isaacs/cliui': 8.0.2 - optionalDependencies: - '@pkgjs/parseargs': 0.11.0 - - jest-worker@27.5.1: - dependencies: - '@types/node': 22.5.2 - merge-stream: 2.0.0 - supports-color: 8.1.1 - - jju@1.4.0: {} - - jose@4.15.9: {} - - joycon@3.1.1: {} - - js-cookie@2.2.1: {} - - js-sha3@0.8.0: {} - - js-tokens@4.0.0: {} - - js-yaml@4.1.0: - dependencies: - argparse: 2.0.1 - - jsesc@2.5.2: {} - - json-buffer@3.0.1: {} - - json-parse-even-better-errors@2.3.1: {} - - json-schema-traverse@0.4.1: {} - - json-schema-traverse@1.0.0: {} - - json5@2.2.3: {} - - jsonfile@4.0.0: - optionalDependencies: - graceful-fs: 4.2.11 - - jsonfile@6.1.0: - dependencies: - universalify: 2.0.1 - optionalDependencies: - graceful-fs: 4.2.11 - - jsonwebtoken@9.0.0: - dependencies: - jws: 3.2.2 - lodash: 4.17.21 - ms: 2.1.3 - semver: 7.6.3 - - jwa@1.4.1: - dependencies: - buffer-equal-constant-time: 1.0.1 - ecdsa-sig-formatter: 1.0.11 - safe-buffer: 5.2.1 - - jwa@2.0.0: - dependencies: - buffer-equal-constant-time: 1.0.1 - ecdsa-sig-formatter: 1.0.11 - safe-buffer: 5.2.1 - optional: true - - jwk-to-pem@2.0.5: - dependencies: - asn1.js: 5.4.1 - elliptic: 6.5.7 - safe-buffer: 5.2.1 - - jwks-rsa@3.1.0: - dependencies: - '@types/express': 4.17.21 - '@types/jsonwebtoken': 9.0.6 - debug: 4.3.4(supports-color@5.5.0) - jose: 4.15.9 - limiter: 1.1.5 - lru-memoizer: 2.3.0 - transitivePeerDependencies: - - supports-color - - jws@3.2.2: - dependencies: - jwa: 1.4.1 - safe-buffer: 5.2.1 - - jws@4.0.0: - dependencies: - jwa: 2.0.0 - safe-buffer: 5.2.1 - optional: true - - keygrip@1.1.0: - dependencies: - tsscmp: 1.0.6 - - keyv@4.5.4: - dependencies: - json-buffer: 3.0.1 - - kind-of@3.2.2: - dependencies: - is-buffer: 1.1.6 - - kind-of@4.0.0: - dependencies: - is-buffer: 1.1.6 - - kind-of@6.0.3: {} - - kleur@3.0.3: {} - - knex@2.5.0(pg@8.12.0): - dependencies: - colorette: 2.0.19 - commander: 10.0.1 - debug: 4.3.4(supports-color@5.5.0) - escalade: 3.2.0 - esm: 3.2.25 - get-package-type: 0.1.0 - getopts: 2.3.0 - interpret: 2.2.0 - lodash: 4.17.21 - pg-connection-string: 2.6.1 - rechoir: 0.8.0 - resolve-from: 5.0.0 - tarn: 3.0.2 - tildify: 2.0.0 - optionalDependencies: - pg: 8.12.0 - transitivePeerDependencies: - - supports-color - - koa-body@4.2.0: - dependencies: - '@types/formidable': 1.2.8 - co-body: 5.2.0 - formidable: 1.2.6 - - koa-bodyparser@4.4.1: - dependencies: - co-body: 6.2.0 - copy-to: 2.0.1 - type-is: 1.6.18 - - koa-compose@4.1.0: {} - - koa-compress@5.1.0: - dependencies: - bytes: 3.1.2 - compressible: 2.0.18 - http-errors: 1.8.1 - koa-is-json: 1.0.0 - statuses: 2.0.1 - - koa-convert@2.0.0: - dependencies: - co: 4.6.0 - koa-compose: 4.1.0 - - koa-favicon@2.1.0: - dependencies: - mz: 2.7.0 - - koa-helmet@7.0.2: - dependencies: - helmet: 6.2.0 - - koa-ip@2.1.3: - dependencies: - debug: 4.3.4(supports-color@5.5.0) - lodash.isplainobject: 4.0.6 - request-ip: 3.3.0 - transitivePeerDependencies: - - supports-color - - koa-is-json@1.0.0: {} - - koa-passport@5.0.0: - dependencies: - passport: 0.6.0 - - koa-range@0.3.0: - dependencies: - stream-slice: 0.1.2 - - koa-send@5.0.1: - dependencies: - debug: 4.3.4(supports-color@5.5.0) - http-errors: 1.8.1 - resolve-path: 1.4.0 - transitivePeerDependencies: - - supports-color - - koa-session@6.4.0: - dependencies: - crc: 3.8.0 - debug: 4.3.4(supports-color@5.5.0) - is-type-of: 1.4.0 - uuid: 8.3.2 - transitivePeerDependencies: - - supports-color - - koa-static@5.0.0: - dependencies: - debug: 3.2.7 - koa-send: 5.0.1 - transitivePeerDependencies: - - supports-color - - koa2-ratelimit@1.1.3: {} - - koa@2.13.4: - dependencies: - accepts: 1.3.8 - cache-content-type: 1.0.1 - content-disposition: 0.5.4 - content-type: 1.0.5 - cookies: 0.8.0 - debug: 4.3.6 - delegates: 1.0.0 - depd: 2.0.0 - destroy: 1.2.0 - encodeurl: 1.0.2 - escape-html: 1.0.3 - fresh: 0.5.2 - http-assert: 1.5.0 - http-errors: 1.8.1 - is-generator-function: 1.0.10 - koa-compose: 4.1.0 - koa-convert: 2.0.0 - on-finished: 2.4.1 - only: 0.0.2 - parseurl: 1.3.3 - statuses: 1.5.0 - type-is: 1.6.18 - vary: 1.1.2 - transitivePeerDependencies: - - supports-color - - kuler@2.0.0: {} - - libbase64@0.1.0: {} - - libmime@2.1.0: - dependencies: - iconv-lite: 0.4.13 - libbase64: 0.1.0 - libqp: 1.1.0 - - libmime@2.1.3: - dependencies: - iconv-lite: 0.4.15 - libbase64: 0.1.0 - libqp: 1.1.0 - - libqp@1.1.0: {} - - liftoff@2.5.0: - dependencies: - extend: 3.0.2 - findup-sync: 2.0.0 - fined: 1.2.0 - flagged-respawn: 1.0.1 - is-plain-object: 2.0.4 - object.map: 1.0.1 - rechoir: 0.6.2 - resolve: 1.22.8 - transitivePeerDependencies: - - supports-color - - limiter@1.1.5: {} - - lines-and-columns@1.2.4: {} - - linkify-it@3.0.3: - dependencies: - uc.micro: 1.0.6 - - loader-runner@4.3.0: {} - - loader-utils@2.0.4: - dependencies: - big.js: 5.2.2 - emojis-list: 3.0.0 - json5: 2.2.3 - - locate-path@3.0.0: - dependencies: - p-locate: 3.0.0 - path-exists: 3.0.0 - - locate-path@5.0.0: - dependencies: - p-locate: 4.1.0 - - locate-path@6.0.0: - dependencies: - p-locate: 5.0.0 - - lodash-es@4.17.21: {} - - lodash.clonedeep@4.5.0: {} - - lodash.deburr@4.1.0: {} - - lodash.get@4.4.2: {} - - lodash.isplainobject@4.0.6: {} - - lodash@4.17.21: {} - - log-symbols@2.2.0: - dependencies: - chalk: 2.4.2 - - log-symbols@4.1.0: - dependencies: - chalk: 4.1.2 - is-unicode-supported: 0.1.0 - - logform@2.6.1: - dependencies: - '@colors/colors': 1.6.0 - '@types/triple-beam': 1.3.5 - fecha: 4.2.3 - ms: 2.1.3 - safe-stable-stringify: 2.5.0 - triple-beam: 1.4.1 - - long-timeout@0.1.1: {} - - loose-envify@1.4.0: - dependencies: - js-tokens: 4.0.0 - - lower-case-first@1.0.2: - dependencies: - lower-case: 1.1.4 - - lower-case@1.1.4: {} - - lower-case@2.0.2: - dependencies: - tslib: 2.7.0 - - lowercase-keys@2.0.0: {} - - lru-cache@10.4.3: {} - - lru-cache@6.0.0: - dependencies: - yallist: 4.0.0 - - lru-memoizer@2.3.0: - dependencies: - lodash.clonedeep: 4.5.0 - lru-cache: 6.0.0 - - lru_map@0.3.3: {} - - luxon@3.5.0: {} - - mailcomposer@3.12.0: - dependencies: - buildmail: 3.10.0 - libmime: 2.1.0 - - make-dir@3.1.0: - dependencies: - semver: 6.3.1 - - make-iterator@1.0.1: - dependencies: - kind-of: 6.0.3 - - map-cache@0.2.2: {} - - map-visit@1.0.0: - dependencies: - object-visit: 1.0.1 - - markdown-it-abbr@1.0.4: {} - - markdown-it-container@3.0.0: {} - - markdown-it-deflist@2.1.0: {} - - markdown-it-emoji@2.0.2: {} - - markdown-it-footnote@3.0.3: {} - - markdown-it-ins@3.0.1: {} - - markdown-it-mark@3.0.1: {} - - markdown-it-sub@1.0.0: {} - - markdown-it-sup@1.0.0: {} - - markdown-it@12.3.2: - dependencies: - argparse: 2.0.1 - entities: 2.1.0 - linkify-it: 3.0.3 - mdurl: 1.0.1 - uc.micro: 1.0.6 - - match-sorter@6.3.4: - dependencies: - '@babel/runtime': 7.25.6 - remove-accents: 0.5.0 - - mdurl@1.0.1: {} - - media-typer@0.3.0: {} - - memfs@3.5.3: - dependencies: - fs-monkey: 1.0.6 - - memoize-one@5.2.1: {} - - memoize-one@6.0.0: {} - - merge-stream@2.0.0: {} - - merge2@1.4.1: {} - - methods@1.1.2: {} - - micromatch@3.1.10: - dependencies: - arr-diff: 4.0.0 - array-unique: 0.3.2 - braces: 2.3.2 - define-property: 2.0.2 - extend-shallow: 3.0.2 - extglob: 2.0.4 - fragment-cache: 0.2.1 - kind-of: 6.0.3 - nanomatch: 1.2.13 - object.pick: 1.3.0 - regex-not: 1.0.2 - snapdragon: 0.8.2 - to-regex: 3.0.2 - transitivePeerDependencies: - - supports-color - - micromatch@4.0.8: - dependencies: - braces: 3.0.3 - picomatch: 2.3.1 - - microseconds@0.2.0: {} - - mime-db@1.52.0: {} - - mime-db@1.53.0: {} - - mime-types@2.1.35: - dependencies: - mime-db: 1.52.0 - - mimic-fn@1.2.0: {} - - mimic-fn@2.1.0: {} - - mimic-fn@4.0.0: {} - - mimic-response@1.0.1: {} - - mimic-response@2.1.0: {} - - mimic-response@3.1.0: {} - - mini-css-extract-plugin@2.7.7(webpack@5.94.0(esbuild@0.19.11)): - dependencies: - schema-utils: 4.2.0 - webpack: 5.94.0(esbuild@0.19.11) - - minimalistic-assert@1.0.1: {} - - minimalistic-crypto-utils@1.0.1: {} - - minimatch@3.1.2: - dependencies: - brace-expansion: 1.1.11 - - minimatch@5.1.6: - dependencies: - brace-expansion: 2.0.1 - - minimatch@9.0.3: - dependencies: - brace-expansion: 2.0.1 - - minimatch@9.0.5: - dependencies: - brace-expansion: 2.0.1 - - minimist@1.2.8: {} - - minipass@3.3.6: - dependencies: - yallist: 4.0.0 - - minipass@4.2.8: {} - - minipass@5.0.0: {} - - minipass@7.1.2: {} - - minizlib@2.1.2: - dependencies: - minipass: 3.3.6 - yallist: 4.0.0 - - mixin-deep@1.3.2: - dependencies: - for-in: 1.0.2 - is-extendable: 1.0.1 - - mkdirp-classic@0.5.3: {} - - mkdirp@0.5.6: - dependencies: - minimist: 1.2.8 - - mkdirp@1.0.4: {} - - mrmime@2.0.0: {} - - ms@2.0.0: {} - - ms@2.1.2: {} - - ms@2.1.3: {} - - multistream@4.1.0: - dependencies: - once: 1.4.0 - readable-stream: 3.6.2 - - mute-stream@0.0.8: {} - - mz@2.7.0: - dependencies: - any-promise: 1.3.0 - object-assign: 4.1.1 - thenify-all: 1.6.0 - - nan@2.20.0: {} - - nano-time@1.0.0: - dependencies: - big-integer: 1.6.52 - - nanoclone@0.2.1: {} - - nanoid@3.3.7: {} - - nanomatch@1.2.13: - dependencies: - arr-diff: 4.0.0 - array-unique: 0.3.2 - define-property: 2.0.2 - extend-shallow: 3.0.2 - fragment-cache: 0.2.1 - is-windows: 1.0.2 - kind-of: 6.0.3 - object.pick: 1.3.0 - regex-not: 1.0.2 - snapdragon: 0.8.2 - to-regex: 3.0.2 - transitivePeerDependencies: - - supports-color - - napi-build-utils@1.0.2: {} - - negotiator@0.6.3: {} - - neo-async@2.6.2: {} - - no-case@2.3.2: - dependencies: - lower-case: 1.1.4 - - no-case@3.0.4: - dependencies: - lower-case: 2.0.2 - tslib: 2.7.0 - - node-abi@3.67.0: - dependencies: - semver: 7.5.4 - - node-abort-controller@3.1.1: {} - - node-addon-api@6.1.0: {} - - node-domexception@1.0.0: {} - - node-fetch@2.7.0: - dependencies: - whatwg-url: 5.0.0 - - node-fetch@3.3.2: - dependencies: - data-uri-to-buffer: 4.0.1 - fetch-blob: 3.2.0 - formdata-polyfill: 4.0.10 - - node-machine-id@1.1.12: {} - - node-plop@0.26.3: - dependencies: - '@babel/runtime-corejs3': 7.25.6 - '@types/inquirer': 6.5.0 - change-case: 3.1.0 - del: 5.1.0 - globby: 10.0.2 - handlebars: 4.7.8 - inquirer: 7.3.3 - isbinaryfile: 4.0.10 - lodash.get: 4.4.2 - mkdirp: 0.5.6 - resolve: 1.22.8 - - node-releases@2.0.18: {} - - node-schedule@2.1.1: - dependencies: - cron-parser: 4.9.0 - long-timeout: 0.1.1 - sorted-array-functions: 1.3.0 - - nodemailer-fetch@1.6.0: {} - - nodemailer-shared@1.1.0: - dependencies: - nodemailer-fetch: 1.6.0 - - nodemon@3.0.2: - dependencies: - chokidar: 3.6.0 - debug: 4.3.4(supports-color@5.5.0) - ignore-by-default: 1.0.1 - minimatch: 3.1.2 - pstree.remy: 1.1.8 - semver: 7.5.4 - simple-update-notifier: 2.0.0 - supports-color: 5.5.0 - touch: 3.1.1 - undefsafe: 2.0.5 - - noms@0.0.0: - dependencies: - inherits: 2.0.4 - readable-stream: 1.0.34 - - nopt@5.0.0: - dependencies: - abbrev: 1.1.1 - - normalize-package-data@2.5.0: - dependencies: - hosted-git-info: 2.8.9 - resolve: 1.22.8 - semver: 5.7.2 - validate-npm-package-license: 3.0.4 - - normalize-path@3.0.0: {} - - normalize-url@6.1.0: {} - - npm-bundled@1.1.2: - dependencies: - npm-normalize-package-bin: 1.0.1 - - npm-normalize-package-bin@1.0.1: {} - - npm-packlist@2.2.2: - dependencies: - glob: 7.2.3 - ignore-walk: 3.0.4 - npm-bundled: 1.1.2 - npm-normalize-package-bin: 1.0.1 - - npm-run-path@4.0.1: - dependencies: - path-key: 3.1.1 - - npm-run-path@5.3.0: - dependencies: - path-key: 4.0.0 - - npmlog@5.0.1: - dependencies: - are-we-there-yet: 2.0.0 - console-control-strings: 1.1.0 - gauge: 3.0.2 - set-blocking: 2.0.0 - - nth-check@2.1.1: - dependencies: - boolbase: 1.0.0 - - oauth-sign@0.9.0: {} - - object-assign@4.1.1: {} - - object-copy@0.1.0: - dependencies: - copy-descriptor: 0.1.1 - define-property: 0.2.5 - kind-of: 3.2.2 - - object-inspect@1.13.2: {} - - object-visit@1.0.1: - dependencies: - isobject: 3.0.1 - - object.defaults@1.1.0: - dependencies: - array-each: 1.0.1 - array-slice: 1.1.0 - for-own: 1.0.0 - isobject: 3.0.1 - - object.map@1.0.1: - dependencies: - for-own: 1.0.0 - make-iterator: 1.0.1 - - object.pick@1.3.0: - dependencies: - isobject: 3.0.1 - - oblivious-set@1.0.0: {} - - on-finished@2.4.1: - dependencies: - ee-first: 1.1.1 - - once@1.4.0: - dependencies: - wrappy: 1.0.2 - - one-time@1.0.0: - dependencies: - fn.name: 1.1.0 - - onetime@2.0.1: - dependencies: - mimic-fn: 1.2.0 - - onetime@5.1.2: - dependencies: - mimic-fn: 2.1.0 - - onetime@6.0.0: - dependencies: - mimic-fn: 4.0.0 - - only@0.0.2: {} - - open@8.4.0: - dependencies: - define-lazy-prop: 2.0.0 - is-docker: 2.2.1 - is-wsl: 2.2.0 - - open@9.1.0: - dependencies: - default-browser: 4.0.0 - define-lazy-prop: 3.0.0 - is-inside-container: 1.0.0 - is-wsl: 2.2.0 - - opener@1.5.2: {} - - ora@3.4.0: - dependencies: - chalk: 2.4.2 - cli-cursor: 2.1.0 - cli-spinners: 2.9.2 - log-symbols: 2.2.0 - strip-ansi: 5.2.0 - wcwidth: 1.0.1 - - ora@5.4.1: - dependencies: - bl: 4.1.0 - chalk: 4.1.2 - cli-cursor: 3.1.0 - cli-spinners: 2.9.2 - is-interactive: 1.0.0 - is-unicode-supported: 0.1.0 - log-symbols: 4.1.0 - strip-ansi: 6.0.1 - wcwidth: 1.0.1 - - os-paths@7.4.0: - optionalDependencies: - fsevents: 2.3.3 - - os-tmpdir@1.0.2: {} - - outdent@0.8.0: {} - - p-cancelable@2.1.1: {} - - p-finally@1.0.0: {} - - p-limit@2.3.0: - dependencies: - p-try: 2.2.0 - - p-limit@3.1.0: - dependencies: - yocto-queue: 0.1.0 - - p-locate@3.0.0: - dependencies: - p-limit: 2.3.0 - - p-locate@4.1.0: - dependencies: - p-limit: 2.3.0 - - p-locate@5.0.0: - dependencies: - p-limit: 3.1.0 - - p-map@3.0.0: - dependencies: - aggregate-error: 3.1.0 - - p-map@4.0.0: - dependencies: - aggregate-error: 3.1.0 - - p-queue@6.6.2: - dependencies: - eventemitter3: 4.0.7 - p-timeout: 3.2.0 - - p-timeout@3.2.0: - dependencies: - p-finally: 1.0.0 - - p-try@2.2.0: {} - - package-json-from-dist@1.0.0: {} - - package-json@7.0.0: - dependencies: - got: 11.8.6 - registry-auth-token: 4.2.2 - registry-url: 5.1.0 - semver: 7.5.4 - - param-case@2.1.1: - dependencies: - no-case: 2.3.2 - - param-case@3.0.4: - dependencies: - dot-case: 3.0.4 - tslib: 2.7.0 - - parent-module@1.0.1: - dependencies: - callsites: 3.1.0 - - parse-filepath@1.0.2: - dependencies: - is-absolute: 1.0.0 - map-cache: 0.2.2 - path-root: 0.1.1 - - parse-json@5.2.0: - dependencies: - '@babel/code-frame': 7.24.7 - error-ex: 1.3.2 - json-parse-even-better-errors: 2.3.1 - lines-and-columns: 1.2.4 - - parse-passwd@1.0.0: {} - - parse-path@7.0.0: - dependencies: - protocols: 2.0.1 - - parse-srcset@1.0.2: {} - - parse-url@8.1.0: - dependencies: - parse-path: 7.0.0 - - parseurl@1.3.3: {} - - pascal-case@2.0.1: - dependencies: - camel-case: 3.0.0 - upper-case-first: 1.1.2 - - pascal-case@3.1.2: - dependencies: - no-case: 3.0.4 - tslib: 2.7.0 - - pascalcase@0.1.1: {} - - passport-local@1.0.0: - dependencies: - passport-strategy: 1.0.0 - - passport-strategy@1.0.0: {} - - passport@0.6.0: - dependencies: - passport-strategy: 1.0.0 - pause: 0.0.1 - utils-merge: 1.0.1 - - path-case@2.1.1: - dependencies: - no-case: 2.3.2 - - path-exists@3.0.0: {} - - path-exists@4.0.0: {} - - path-is-absolute@1.0.1: {} - - path-key@3.1.1: {} - - path-key@4.0.0: {} - - path-parse@1.0.7: {} - - path-root-regex@0.1.2: {} - - path-root@0.1.1: - dependencies: - path-root-regex: 0.1.2 - - path-scurry@1.11.1: - dependencies: - lru-cache: 10.4.3 - minipass: 7.1.2 - - path-to-regexp@6.2.2: {} - - path-type@4.0.0: {} - - pause@0.0.1: {} - - pg-cloudflare@1.1.1: - optional: true - - pg-connection-string@2.6.1: {} - - pg-connection-string@2.6.4: {} - - pg-int8@1.0.1: {} - - pg-pool@3.6.2(pg@8.12.0): - dependencies: - pg: 8.12.0 - - pg-protocol@1.6.1: {} - - pg-types@2.2.0: - dependencies: - pg-int8: 1.0.1 - postgres-array: 2.0.0 - postgres-bytea: 1.0.0 - postgres-date: 1.0.7 - postgres-interval: 1.2.0 - - pg@8.12.0: - dependencies: - pg-connection-string: 2.6.4 - pg-pool: 3.6.2(pg@8.12.0) - pg-protocol: 1.6.1 - pg-types: 2.2.0 - pgpass: 1.0.5 - optionalDependencies: - pg-cloudflare: 1.1.1 - - pgpass@1.0.5: - dependencies: - split2: 4.2.0 - - picocolors@1.1.0: {} - - picomatch@2.3.1: {} - - pkg-up@3.1.0: - dependencies: - find-up: 3.0.0 - - plop@2.7.6: - dependencies: - '@types/liftoff': 2.5.1 - chalk: 1.1.3 - interpret: 1.4.0 - liftoff: 2.5.0 - minimist: 1.2.8 - node-plop: 0.26.3 - ora: 3.4.0 - v8flags: 2.1.1 - transitivePeerDependencies: - - supports-color - - pluralize@8.0.0: {} - - pony-cause@2.1.11: {} - - posix-character-classes@0.1.1: {} - - postcss-modules-extract-imports@3.1.0(postcss@8.4.44): - dependencies: - postcss: 8.4.44 - - postcss-modules-local-by-default@4.0.5(postcss@8.4.44): - dependencies: - icss-utils: 5.1.0(postcss@8.4.44) - postcss: 8.4.44 - postcss-selector-parser: 6.1.2 - postcss-value-parser: 4.2.0 - - postcss-modules-scope@3.2.0(postcss@8.4.44): - dependencies: - postcss: 8.4.44 - postcss-selector-parser: 6.1.2 - - postcss-modules-values@4.0.0(postcss@8.4.44): - dependencies: - icss-utils: 5.1.0(postcss@8.4.44) - postcss: 8.4.44 - - postcss-selector-parser@6.1.2: - dependencies: - cssesc: 3.0.0 - util-deprecate: 1.0.2 - - postcss-value-parser@4.2.0: {} - - postcss@8.4.38: - dependencies: - nanoid: 3.3.7 - picocolors: 1.1.0 - source-map-js: 1.2.0 - - postcss@8.4.44: - dependencies: - nanoid: 3.3.7 - picocolors: 1.1.0 - source-map-js: 1.2.0 - - postgres-array@2.0.0: {} - - postgres-bytea@1.0.0: {} - - postgres-date@1.0.7: {} - - postgres-interval@1.2.0: - dependencies: - xtend: 4.0.2 - - prebuild-install@7.1.2: - dependencies: - detect-libc: 2.0.3 - expand-template: 2.0.3 - github-from-package: 0.0.0 - minimist: 1.2.8 - mkdirp-classic: 0.5.3 - napi-build-utils: 1.0.2 - node-abi: 3.67.0 - pump: 3.0.0 - rc: 1.2.8 - simple-get: 4.0.1 - tar-fs: 2.1.1 - tunnel-agent: 0.6.0 - - prettier-plugin-packagejson@2.4.5(prettier@2.8.4): - dependencies: - sort-package-json: 2.5.1 - synckit: 0.8.5 - optionalDependencies: - prettier: 2.8.4 - - prettier@2.8.4: {} - - pretty-error@4.0.0: - dependencies: - lodash: 4.17.21 - renderkid: 3.0.0 - - process-nextick-args@2.0.1: {} - - progress-stream@2.0.0: - dependencies: - speedometer: 1.0.0 - through2: 2.0.5 - - prompts@2.4.2: - dependencies: - kleur: 3.0.3 - sisteransi: 1.0.5 - - prop-types@15.8.1: - dependencies: - loose-envify: 1.4.0 - object-assign: 4.1.1 - react-is: 16.13.1 - - property-expr@2.0.6: {} - - proto-list@1.2.4: {} - - protocols@2.0.1: {} - - proxy-from-env@1.1.0: {} - - pstree.remy@1.1.8: {} - - pump@3.0.0: - dependencies: - end-of-stream: 1.4.4 - once: 1.4.0 - - punycode@2.3.1: {} - - purest@4.0.2: - dependencies: - '@simov/deep-extend': 1.0.0 - qs: 6.13.0 - request-compose: 2.1.6 - request-multipart: 1.0.0 - request-oauth: 1.0.1 - - qs@6.11.1: - dependencies: - side-channel: 1.0.6 - - qs@6.13.0: - dependencies: - side-channel: 1.0.6 - - queue-microtask@1.2.3: {} - - queue-tick@1.0.1: {} - - quick-lru@5.1.1: {} - - randombytes@2.1.0: - dependencies: - safe-buffer: 5.2.1 - - range-parser@1.2.1: {} - - raw-body@2.5.2: - dependencies: - bytes: 3.1.2 - http-errors: 2.0.0 - iconv-lite: 0.4.24 - unpipe: 1.0.0 - - rc@1.2.8: - dependencies: - deep-extend: 0.6.0 - ini: 1.3.8 - minimist: 1.2.8 - strip-json-comments: 2.0.1 - - react-dnd-html5-backend@16.0.1: - dependencies: - dnd-core: 16.0.1 - - react-dnd@16.0.1(@types/hoist-non-react-statics@3.3.5)(@types/node@22.5.2)(@types/react@18.3.5)(react@18.3.1): - dependencies: - '@react-dnd/invariant': 4.0.2 - '@react-dnd/shallowequal': 4.0.2 - dnd-core: 16.0.1 - fast-deep-equal: 3.1.3 - hoist-non-react-statics: 3.3.2 - react: 18.3.1 - optionalDependencies: - '@types/hoist-non-react-statics': 3.3.5 - '@types/node': 22.5.2 - '@types/react': 18.3.5 - - react-dom@18.3.1(react@18.3.1): - dependencies: - loose-envify: 1.4.0 - react: 18.3.1 - scheduler: 0.23.2 - - react-error-boundary@3.1.4(react@18.3.1): - dependencies: - '@babel/runtime': 7.25.6 - react: 18.3.1 - - react-fast-compare@2.0.4: {} - - react-fast-compare@3.2.2: {} - - react-helmet@6.1.0(react@18.3.1): - dependencies: - object-assign: 4.1.1 - prop-types: 15.8.1 - react: 18.3.1 - react-fast-compare: 3.2.2 - react-side-effect: 2.1.2(react@18.3.1) - - react-intl@6.4.1(react@18.3.1)(typescript@5.2.2): - dependencies: - '@formatjs/ecma402-abstract': 1.14.3 - '@formatjs/icu-messageformat-parser': 2.3.1 - '@formatjs/intl': 2.7.1(typescript@5.2.2) - '@formatjs/intl-displaynames': 6.3.1 - '@formatjs/intl-listformat': 7.2.1 - '@types/hoist-non-react-statics': 3.3.5 - '@types/react': 18.3.5 - hoist-non-react-statics: 3.3.2 - intl-messageformat: 10.3.4 - react: 18.3.1 - tslib: 2.7.0 - optionalDependencies: - typescript: 5.2.2 - - react-is@16.13.1: {} - - react-is@18.3.1: {} - - react-query@3.39.3(react-dom@18.3.1(react@18.3.1))(react@18.3.1): - dependencies: - '@babel/runtime': 7.25.6 - broadcast-channel: 3.7.0 - match-sorter: 6.3.4 - react: 18.3.1 - optionalDependencies: - react-dom: 18.3.1(react@18.3.1) - - react-redux@8.1.1(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1)(redux@4.2.1): - dependencies: - '@babel/runtime': 7.25.6 - '@types/hoist-non-react-statics': 3.3.5 - '@types/use-sync-external-store': 0.0.3 - hoist-non-react-statics: 3.3.2 - react: 18.3.1 - react-is: 18.3.1 - use-sync-external-store: 1.2.2(react@18.3.1) - optionalDependencies: - '@types/react': 18.3.5 - react-dom: 18.3.1(react@18.3.1) - redux: 4.2.1 - - react-refresh@0.14.0: {} - - react-remove-scroll-bar@2.3.6(@types/react@18.3.5)(react@18.3.1): - dependencies: - react: 18.3.1 - react-style-singleton: 2.2.1(@types/react@18.3.5)(react@18.3.1) - tslib: 2.7.0 - optionalDependencies: - '@types/react': 18.3.5 - - react-remove-scroll@2.5.10(@types/react@18.3.5)(react@18.3.1): - dependencies: - react: 18.3.1 - react-remove-scroll-bar: 2.3.6(@types/react@18.3.5)(react@18.3.1) - react-style-singleton: 2.2.1(@types/react@18.3.5)(react@18.3.1) - tslib: 2.7.0 - use-callback-ref: 1.3.2(@types/react@18.3.5)(react@18.3.1) - use-sidecar: 1.1.2(@types/react@18.3.5)(react@18.3.1) - optionalDependencies: - '@types/react': 18.3.5 - - react-remove-scroll@2.5.7(@types/react@18.3.5)(react@18.3.1): - dependencies: - react: 18.3.1 - react-remove-scroll-bar: 2.3.6(@types/react@18.3.5)(react@18.3.1) - react-style-singleton: 2.2.1(@types/react@18.3.5)(react@18.3.1) - tslib: 2.7.0 - use-callback-ref: 1.3.2(@types/react@18.3.5)(react@18.3.1) - use-sidecar: 1.1.2(@types/react@18.3.5)(react@18.3.1) - optionalDependencies: - '@types/react': 18.3.5 - - react-router-dom@6.26.1(react-dom@18.3.1(react@18.3.1))(react@18.3.1): - dependencies: - '@remix-run/router': 1.19.1 - react: 18.3.1 - react-dom: 18.3.1(react@18.3.1) - react-router: 6.26.1(react@18.3.1) - - react-router@6.26.1(react@18.3.1): - dependencies: - '@remix-run/router': 1.19.1 - react: 18.3.1 - - react-select@5.7.0(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1): - dependencies: - '@babel/runtime': 7.25.6 - '@emotion/cache': 11.13.1 - '@emotion/react': 11.13.3(@types/react@18.3.5)(react@18.3.1) - '@floating-ui/dom': 1.6.10 - '@types/react-transition-group': 4.4.11 - memoize-one: 6.0.0 - prop-types: 15.8.1 - react: 18.3.1 - react-dom: 18.3.1(react@18.3.1) - react-transition-group: 4.4.5(react-dom@18.3.1(react@18.3.1))(react@18.3.1) - use-isomorphic-layout-effect: 1.1.2(@types/react@18.3.5)(react@18.3.1) - transitivePeerDependencies: - - '@types/react' - - supports-color - - react-side-effect@2.1.2(react@18.3.1): - dependencies: - react: 18.3.1 - - react-style-singleton@2.2.1(@types/react@18.3.5)(react@18.3.1): - dependencies: - get-nonce: 1.0.1 - invariant: 2.2.4 - react: 18.3.1 - tslib: 2.7.0 - optionalDependencies: - '@types/react': 18.3.5 - - react-transition-group@4.4.5(react-dom@18.3.1(react@18.3.1))(react@18.3.1): - dependencies: - '@babel/runtime': 7.25.6 - dom-helpers: 5.2.1 - loose-envify: 1.4.0 - prop-types: 15.8.1 - react: 18.3.1 - react-dom: 18.3.1(react@18.3.1) - - react-window@1.8.8(react-dom@18.3.1(react@18.3.1))(react@18.3.1): - dependencies: - '@babel/runtime': 7.25.6 - memoize-one: 5.2.1 - react: 18.3.1 - react-dom: 18.3.1(react@18.3.1) - - react@18.3.1: - dependencies: - loose-envify: 1.4.0 - - read-pkg-up@7.0.1: - dependencies: - find-up: 4.1.0 - read-pkg: 5.2.0 - type-fest: 0.8.1 - - read-pkg@5.2.0: - dependencies: - '@types/normalize-package-data': 2.4.4 - normalize-package-data: 2.5.0 - parse-json: 5.2.0 - type-fest: 0.6.0 - - readable-stream@1.0.34: - dependencies: - core-util-is: 1.0.3 - inherits: 2.0.4 - isarray: 0.0.1 - string_decoder: 0.10.31 - - readable-stream@2.3.8: - dependencies: - core-util-is: 1.0.3 - inherits: 2.0.4 - isarray: 1.0.0 - process-nextick-args: 2.0.1 - safe-buffer: 5.1.2 - string_decoder: 1.1.1 - util-deprecate: 1.0.2 - - readable-stream@3.6.2: - dependencies: - inherits: 2.0.4 - string_decoder: 1.3.0 - util-deprecate: 1.0.2 - - readdirp@3.6.0: - dependencies: - picomatch: 2.3.1 - - rechoir@0.6.2: - dependencies: - resolve: 1.22.8 - - rechoir@0.8.0: - dependencies: - resolve: 1.22.8 - - redux-thunk@2.4.2(redux@4.2.1): - dependencies: - redux: 4.2.1 - - redux@4.2.1: - dependencies: - '@babel/runtime': 7.25.6 - - regenerator-runtime@0.14.1: {} - - regex-not@1.0.2: - dependencies: - extend-shallow: 3.0.2 - safe-regex: 1.1.0 - - registry-auth-token@4.2.2: - dependencies: - rc: 1.2.8 - - registry-auth-token@5.0.2: - dependencies: - '@pnpm/npm-conf': 2.3.1 - - registry-url@5.1.0: - dependencies: - rc: 1.2.8 - - relateurl@0.2.7: {} - - remove-accents@0.5.0: {} - - renderkid@3.0.0: - dependencies: - css-select: 4.3.0 - dom-converter: 0.2.0 - htmlparser2: 6.1.0 - lodash: 4.17.21 - strip-ansi: 6.0.1 - - repeat-element@1.1.4: {} - - repeat-string@1.6.1: {} - - request-compose@2.1.6: {} - - request-ip@3.3.0: {} - - request-multipart@1.0.0: - dependencies: - bl: 4.1.0 - isstream: 0.1.2 - mime-types: 2.1.35 - multistream: 4.1.0 - uuid: 8.3.2 - - request-oauth@1.0.1: - dependencies: - oauth-sign: 0.9.0 - qs: 6.13.0 - uuid: 8.3.2 - - require-directory@2.1.1: {} - - require-from-string@2.0.2: {} - - reselect@4.1.8: {} - - resolve-alpn@1.2.1: {} - - resolve-cwd@3.0.0: - dependencies: - resolve-from: 5.0.0 - - resolve-dir@1.0.1: - dependencies: - expand-tilde: 2.0.2 - global-modules: 1.0.0 - - resolve-from@4.0.0: {} - - resolve-from@5.0.0: {} - - resolve-path@1.4.0: - dependencies: - http-errors: 1.6.3 - path-is-absolute: 1.0.1 - - resolve-pathname@3.0.0: {} - - resolve-url@0.2.1: {} - - resolve@1.22.8: - dependencies: - is-core-module: 2.15.1 - path-parse: 1.0.7 - supports-preserve-symlinks-flag: 1.0.0 - - responselike@2.0.1: - dependencies: - lowercase-keys: 2.0.0 - - restore-cursor@2.0.0: - dependencies: - onetime: 2.0.1 - signal-exit: 3.0.7 - - restore-cursor@3.1.0: - dependencies: - onetime: 5.1.2 - signal-exit: 3.0.7 - - ret@0.1.15: {} - - reusify@1.0.4: {} - - rimraf@2.7.1: - dependencies: - glob: 7.2.3 - - rimraf@3.0.2: - dependencies: - glob: 7.2.3 - - rollup@4.21.2: - dependencies: - '@types/estree': 1.0.5 - optionalDependencies: - '@rollup/rollup-android-arm-eabi': 4.21.2 - '@rollup/rollup-android-arm64': 4.21.2 - '@rollup/rollup-darwin-arm64': 4.21.2 - '@rollup/rollup-darwin-x64': 4.21.2 - '@rollup/rollup-linux-arm-gnueabihf': 4.21.2 - '@rollup/rollup-linux-arm-musleabihf': 4.21.2 - '@rollup/rollup-linux-arm64-gnu': 4.21.2 - '@rollup/rollup-linux-arm64-musl': 4.21.2 - '@rollup/rollup-linux-powerpc64le-gnu': 4.21.2 - '@rollup/rollup-linux-riscv64-gnu': 4.21.2 - '@rollup/rollup-linux-s390x-gnu': 4.21.2 - '@rollup/rollup-linux-x64-gnu': 4.21.2 - '@rollup/rollup-linux-x64-musl': 4.21.2 - '@rollup/rollup-win32-arm64-msvc': 4.21.2 - '@rollup/rollup-win32-ia32-msvc': 4.21.2 - '@rollup/rollup-win32-x64-msvc': 4.21.2 - fsevents: 2.3.3 - - run-applescript@5.0.0: - dependencies: - execa: 5.1.1 - - run-async@2.4.1: {} - - run-parallel@1.2.0: - dependencies: - queue-microtask: 1.2.3 - - rxjs@6.6.7: - dependencies: - tslib: 1.14.1 - - rxjs@7.8.1: - dependencies: - tslib: 2.7.0 - - safe-buffer@5.1.2: {} - - safe-buffer@5.2.1: {} - - safe-regex@1.1.0: - dependencies: - ret: 0.1.15 - - safe-stable-stringify@2.5.0: {} - - safer-buffer@2.1.2: {} - - sanitize-html@2.13.0: - dependencies: - deepmerge: 4.3.1 - escape-string-regexp: 4.0.0 - htmlparser2: 8.0.2 - is-plain-object: 5.0.0 - parse-srcset: 1.0.2 - postcss: 8.4.44 - - scheduler@0.23.2: - dependencies: - loose-envify: 1.4.0 - - schema-utils@3.3.0: - dependencies: - '@types/json-schema': 7.0.15 - ajv: 6.12.6 - ajv-keywords: 3.5.2(ajv@6.12.6) - - schema-utils@4.2.0: - dependencies: - '@types/json-schema': 7.0.15 - ajv: 8.17.1 - ajv-formats: 2.1.1(ajv@8.17.1) - ajv-keywords: 5.1.0(ajv@8.17.1) - - scroll-into-view-if-needed@2.2.31: - dependencies: - compute-scroll-into-view: 1.0.20 - - semver@5.7.2: {} - - semver@6.3.1: {} - - semver@7.5.4: - dependencies: - lru-cache: 6.0.0 - - semver@7.6.3: {} - - sendmail@1.6.1: - dependencies: - dkim-signer: 0.2.2 - mailcomposer: 3.12.0 - - sentence-case@2.1.1: - dependencies: - no-case: 2.3.2 - upper-case-first: 1.1.2 - - serialize-javascript@6.0.2: - dependencies: - randombytes: 2.1.0 - - set-blocking@2.0.0: {} - - set-function-length@1.2.2: - dependencies: - define-data-property: 1.1.4 - es-errors: 1.3.0 - function-bind: 1.1.2 - get-intrinsic: 1.2.4 - gopd: 1.0.1 - has-property-descriptors: 1.0.2 - - set-value@2.0.1: - dependencies: - extend-shallow: 2.0.1 - is-extendable: 0.1.1 - is-plain-object: 2.0.4 - split-string: 3.1.0 - - setprototypeof@1.1.0: {} - - setprototypeof@1.2.0: {} - - shallowequal@1.1.0: {} - - sharp@0.32.6: - dependencies: - color: 4.2.3 - detect-libc: 2.0.3 - node-addon-api: 6.1.0 - prebuild-install: 7.1.2 - semver: 7.5.4 - simple-get: 4.0.1 - tar-fs: 3.0.6 - tunnel-agent: 0.6.0 - - sharp@0.33.5: - dependencies: - color: 4.2.3 - detect-libc: 2.0.3 - semver: 7.6.3 - optionalDependencies: - '@img/sharp-darwin-arm64': 0.33.5 - '@img/sharp-darwin-x64': 0.33.5 - '@img/sharp-libvips-darwin-arm64': 1.0.4 - '@img/sharp-libvips-darwin-x64': 1.0.4 - '@img/sharp-libvips-linux-arm': 1.0.5 - '@img/sharp-libvips-linux-arm64': 1.0.4 - '@img/sharp-libvips-linux-s390x': 1.0.4 - '@img/sharp-libvips-linux-x64': 1.0.4 - '@img/sharp-libvips-linuxmusl-arm64': 1.0.4 - '@img/sharp-libvips-linuxmusl-x64': 1.0.4 - '@img/sharp-linux-arm': 0.33.5 - '@img/sharp-linux-arm64': 0.33.5 - '@img/sharp-linux-s390x': 0.33.5 - '@img/sharp-linux-x64': 0.33.5 - '@img/sharp-linuxmusl-arm64': 0.33.5 - '@img/sharp-linuxmusl-x64': 0.33.5 - '@img/sharp-wasm32': 0.33.5 - '@img/sharp-win32-ia32': 0.33.5 - '@img/sharp-win32-x64': 0.33.5 - - shebang-command@2.0.0: - dependencies: - shebang-regex: 3.0.0 - - shebang-regex@3.0.0: {} - - shell-quote@1.8.1: {} - - side-channel@1.0.6: - dependencies: - call-bind: 1.0.7 - es-errors: 1.3.0 - get-intrinsic: 1.2.4 - object-inspect: 1.13.2 - - sift@16.0.1: {} - - signal-exit@3.0.7: {} - - signal-exit@4.1.0: {} - - simple-concat@1.0.1: {} - - simple-get@3.1.1: - dependencies: - decompress-response: 4.2.1 - once: 1.4.0 - simple-concat: 1.0.1 - - simple-get@4.0.1: - dependencies: - decompress-response: 6.0.0 - once: 1.4.0 - simple-concat: 1.0.1 - - simple-swizzle@0.2.2: - dependencies: - is-arrayish: 0.3.2 - - simple-update-notifier@2.0.0: - dependencies: - semver: 7.5.4 - - sirv@2.0.4: - dependencies: - '@polka/url': 1.0.0-next.25 - mrmime: 2.0.0 - totalist: 3.0.1 - - sisteransi@1.0.5: {} - - slash@3.0.0: {} - - slash@4.0.0: {} - - slate-history@0.93.0(slate@0.94.1): - dependencies: - is-plain-object: 5.0.0 - slate: 0.94.1 - - slate-react@0.98.3(react-dom@18.3.1(react@18.3.1))(react@18.3.1)(slate@0.94.1): - dependencies: - '@juggle/resize-observer': 3.4.0 - '@types/is-hotkey': 0.1.10 - '@types/lodash': 4.17.7 - direction: 1.0.4 - is-hotkey: 0.1.8 - is-plain-object: 5.0.0 - lodash: 4.17.21 - react: 18.3.1 - react-dom: 18.3.1(react@18.3.1) - scroll-into-view-if-needed: 2.2.31 - slate: 0.94.1 - tiny-invariant: 1.0.6 - - slate@0.94.1: - dependencies: - immer: 9.0.19 - is-plain-object: 5.0.0 - tiny-warning: 1.0.3 - - snake-case@2.1.0: - dependencies: - no-case: 2.3.2 - - snapdragon-node@2.1.1: - dependencies: - define-property: 1.0.0 - isobject: 3.0.1 - snapdragon-util: 3.0.1 - - snapdragon-util@3.0.1: - dependencies: - kind-of: 3.2.2 - - snapdragon@0.8.2: - dependencies: - base: 0.11.2 - debug: 2.6.9 - define-property: 0.2.5 - extend-shallow: 2.0.1 - map-cache: 0.2.2 - source-map: 0.5.7 - source-map-resolve: 0.5.3 - use: 3.1.1 - transitivePeerDependencies: - - supports-color - - sort-object-keys@1.1.3: {} - - sort-package-json@2.5.1: - dependencies: - detect-indent: 7.0.1 - detect-newline: 4.0.1 - get-stdin: 9.0.0 - git-hooks-list: 3.1.0 - globby: 13.2.2 - is-plain-obj: 4.1.0 - sort-object-keys: 1.1.3 - - sorted-array-functions@1.3.0: {} - - source-list-map@2.0.1: {} - - source-map-js@1.2.0: {} - - source-map-resolve@0.5.3: - dependencies: - atob: 2.1.2 - decode-uri-component: 0.2.2 - resolve-url: 0.2.1 - source-map-url: 0.4.1 - urix: 0.1.0 - - source-map-support@0.5.21: - dependencies: - buffer-from: 1.1.2 - source-map: 0.6.1 - - source-map-url@0.4.1: {} - - source-map@0.5.7: {} - - source-map@0.6.1: {} - - source-map@0.7.4: {} - - spawn-command@0.0.2: {} - - spdx-correct@3.2.0: - dependencies: - spdx-expression-parse: 3.0.1 - spdx-license-ids: 3.0.20 - - spdx-exceptions@2.5.0: {} - - spdx-expression-parse@3.0.1: - dependencies: - spdx-exceptions: 2.5.0 - spdx-license-ids: 3.0.20 - - spdx-license-ids@3.0.20: {} - - speedometer@1.0.0: {} - - split-string@3.1.0: - dependencies: - extend-shallow: 3.0.2 - - split2@4.2.0: {} - - sprintf-js@1.0.3: {} - - stack-trace@0.0.10: {} - - stackframe@1.3.4: {} - - static-extend@0.1.2: - dependencies: - define-property: 0.2.5 - object-copy: 0.1.0 - - statuses@1.5.0: {} - - statuses@2.0.1: {} - - strapi-plugin-fuzzy-search@3.0.0(@strapi/strapi@4.25.9(@babel/runtime@7.25.6)(@codemirror/autocomplete@6.18.0(@codemirror/language@6.10.2)(@codemirror/state@6.4.1)(@codemirror/view@6.33.0)(@lezer/common@1.2.1))(@codemirror/language@6.10.2)(@codemirror/lint@6.8.1)(@codemirror/search@6.5.6)(@codemirror/state@6.4.1)(@codemirror/theme-one-dark@6.1.2)(@codemirror/view@6.33.0)(@swc/helpers@0.5.13)(@types/hoist-non-react-statics@3.3.5)(@types/node@22.5.2)(@types/react@18.3.5)(codemirror@5.65.17)(pg@8.12.0)(react-dom@18.3.1(react@18.3.1))(react-router-dom@6.26.1(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(react@18.3.1)(redux@4.2.1)(styled-components@6.1.13(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(terser@5.31.6)(type-fest@2.19.0))(@strapi/utils@4.25.9)(yup@0.32.9): - dependencies: - '@strapi/strapi': 4.25.9(@babel/runtime@7.25.6)(@codemirror/autocomplete@6.18.0(@codemirror/language@6.10.2)(@codemirror/state@6.4.1)(@codemirror/view@6.33.0)(@lezer/common@1.2.1))(@codemirror/language@6.10.2)(@codemirror/lint@6.8.1)(@codemirror/search@6.5.6)(@codemirror/state@6.4.1)(@codemirror/theme-one-dark@6.1.2)(@codemirror/view@6.33.0)(@swc/helpers@0.5.13)(@types/hoist-non-react-statics@3.3.5)(@types/node@22.5.2)(@types/react@18.3.5)(codemirror@5.65.17)(pg@8.12.0)(react-dom@18.3.1(react@18.3.1))(react-router-dom@6.26.1(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(react@18.3.1)(redux@4.2.1)(styled-components@6.1.13(react-dom@18.3.1(react@18.3.1))(react@18.3.1))(terser@5.31.6)(type-fest@2.19.0) - '@strapi/utils': 4.25.9 - fuzzysort: 3.0.2 - transliteration: 2.3.5 - yup: 0.32.9 - - stream-chain@2.2.5: {} - - stream-json@1.8.0: - dependencies: - stream-chain: 2.2.5 - - stream-slice@0.1.2: {} - - streamx@2.20.0: - dependencies: - fast-fifo: 1.3.2 - queue-tick: 1.0.1 - text-decoder: 1.1.1 - optionalDependencies: - bare-events: 2.4.2 - - string-argv@0.3.2: {} - - string-width@4.2.3: - dependencies: - emoji-regex: 8.0.0 - is-fullwidth-code-point: 3.0.0 - strip-ansi: 6.0.1 - - string-width@5.1.2: - dependencies: - eastasianwidth: 0.2.0 - emoji-regex: 9.2.2 - strip-ansi: 7.1.0 - - string_decoder@0.10.31: {} - - string_decoder@1.1.1: - dependencies: - safe-buffer: 5.1.2 - - string_decoder@1.3.0: - dependencies: - safe-buffer: 5.2.1 - - strip-ansi@3.0.1: - dependencies: - ansi-regex: 2.1.1 - - strip-ansi@5.2.0: - dependencies: - ansi-regex: 4.1.1 - - strip-ansi@6.0.1: - dependencies: - ansi-regex: 5.0.1 - - strip-ansi@7.1.0: - dependencies: - ansi-regex: 6.0.1 - - strip-final-newline@2.0.0: {} - - strip-final-newline@3.0.0: {} - - strip-json-comments@2.0.1: {} - - strnum@1.0.5: {} - - style-loader@3.3.4(webpack@5.94.0(esbuild@0.19.11)): - dependencies: - webpack: 5.94.0(esbuild@0.19.11) - - style-mod@4.1.2: {} - - styled-components@6.1.13(react-dom@18.3.1(react@18.3.1))(react@18.3.1): - dependencies: - '@emotion/is-prop-valid': 1.2.2 - '@emotion/unitless': 0.8.1 - '@types/stylis': 4.2.5 - css-to-react-native: 3.2.0 - csstype: 3.1.3 - postcss: 8.4.38 - react: 18.3.1 - react-dom: 18.3.1(react@18.3.1) - shallowequal: 1.1.0 - stylis: 4.3.2 - tslib: 2.6.2 - - stylis@4.2.0: {} - - stylis@4.3.2: {} - - supports-color@2.0.0: {} - - supports-color@5.5.0: - dependencies: - has-flag: 3.0.0 - - supports-color@7.2.0: - dependencies: - has-flag: 4.0.0 - - supports-color@8.1.1: - dependencies: - has-flag: 4.0.0 - - supports-preserve-symlinks-flag@1.0.0: {} - - swap-case@1.1.2: - dependencies: - lower-case: 1.1.4 - upper-case: 1.1.3 - - synckit@0.8.5: - dependencies: - '@pkgr/utils': 2.4.2 - tslib: 2.7.0 - - tapable@2.2.1: {} - - tar-fs@2.1.1: - dependencies: - chownr: 1.1.4 - mkdirp-classic: 0.5.3 - pump: 3.0.0 - tar-stream: 2.2.0 - - tar-fs@3.0.6: - dependencies: - pump: 3.0.0 - tar-stream: 3.1.7 - optionalDependencies: - bare-fs: 2.3.3 - bare-path: 2.1.3 - - tar-stream@2.2.0: - dependencies: - bl: 4.1.0 - end-of-stream: 1.4.4 - fs-constants: 1.0.0 - inherits: 2.0.4 - readable-stream: 3.6.2 - - tar-stream@3.1.7: - dependencies: - b4a: 1.6.6 - fast-fifo: 1.3.2 - streamx: 2.20.0 - - tar@6.1.13: - dependencies: - chownr: 2.0.0 - fs-minipass: 2.1.0 - minipass: 4.2.8 - minizlib: 2.1.2 - mkdirp: 1.0.4 - yallist: 4.0.0 - - tar@6.2.1: - dependencies: - chownr: 2.0.0 - fs-minipass: 2.1.0 - minipass: 5.0.0 - minizlib: 2.1.2 - mkdirp: 1.0.4 - yallist: 4.0.0 - - tarn@3.0.2: {} - - terser-webpack-plugin@5.3.10(esbuild@0.19.11)(webpack@5.94.0(esbuild@0.19.11)): - dependencies: - '@jridgewell/trace-mapping': 0.3.25 - jest-worker: 27.5.1 - schema-utils: 3.3.0 - serialize-javascript: 6.0.2 - terser: 5.31.6 - webpack: 5.94.0(esbuild@0.19.11) - optionalDependencies: - esbuild: 0.19.11 - - terser@5.31.6: - dependencies: - '@jridgewell/source-map': 0.3.6 - acorn: 8.12.1 - commander: 2.20.3 - source-map-support: 0.5.21 - - text-decoder@1.1.1: - dependencies: - b4a: 1.6.6 - - text-hex@1.0.0: {} - - thenify-all@1.6.0: - dependencies: - thenify: 3.3.1 - - thenify@3.3.1: - dependencies: - any-promise: 1.3.0 - - through2@2.0.5: - dependencies: - readable-stream: 2.3.8 - xtend: 4.0.2 - - through@2.3.8: {} - - tildify@2.0.0: {} - - tiny-invariant@1.0.6: {} - - tiny-invariant@1.3.3: {} - - tiny-warning@1.0.3: {} - - title-case@2.1.1: - dependencies: - no-case: 2.3.2 - upper-case: 1.1.3 - - titleize@3.0.0: {} - - tmp@0.0.33: - dependencies: - os-tmpdir: 1.0.2 - - to-fast-properties@2.0.0: {} - - to-object-path@0.3.0: - dependencies: - kind-of: 3.2.2 - - to-regex-range@2.1.1: - dependencies: - is-number: 3.0.0 - repeat-string: 1.6.1 - - to-regex-range@5.0.1: - dependencies: - is-number: 7.0.0 - - to-regex@3.0.2: - dependencies: - define-property: 2.0.2 - extend-shallow: 3.0.2 - regex-not: 1.0.2 - safe-regex: 1.1.0 - - toidentifier@1.0.1: {} - - toposort@2.0.2: {} - - totalist@3.0.1: {} - - touch@3.1.1: {} - - tr46@0.0.3: {} - - transliteration@2.3.5: - dependencies: - yargs: 17.7.2 - - tree-kill@1.2.2: {} - - triple-beam@1.4.1: {} - - tslib@1.14.1: {} - - tslib@2.6.2: {} - - tslib@2.7.0: {} - - tsscmp@1.0.6: {} - - tunnel-agent@0.6.0: - dependencies: - safe-buffer: 5.2.1 - - type-fest@0.20.2: {} - - type-fest@0.21.3: {} - - type-fest@0.6.0: {} - - type-fest@0.8.1: {} - - type-fest@2.19.0: {} - - type-is@1.6.18: - dependencies: - media-typer: 0.3.0 - mime-types: 2.1.35 - - typedarray-to-buffer@3.1.5: - dependencies: - is-typedarray: 1.0.0 - - typescript@5.2.2: {} - - uc.micro@1.0.6: {} - - uglify-js@3.19.3: - optional: true - - umzug@3.2.1(@types/node@22.5.2): - dependencies: - '@rushstack/ts-command-line': 4.22.6(@types/node@22.5.2) - emittery: 0.12.1 - fs-jetpack: 4.3.1 - glob: 8.1.0 - pony-cause: 2.1.11 - type-fest: 2.19.0 - transitivePeerDependencies: - - '@types/node' - - unc-path-regex@0.1.2: {} - - undefsafe@2.0.5: {} - - undici-types@5.26.5: {} - - undici-types@6.19.8: {} - - union-value@1.0.1: - dependencies: - arr-union: 3.1.0 - get-value: 2.0.6 - is-extendable: 0.1.1 - set-value: 2.0.1 - - unique-string@2.0.0: - dependencies: - crypto-random-string: 2.0.0 - - universalify@0.1.2: {} - - universalify@2.0.1: {} - - unload@2.2.0: - dependencies: - '@babel/runtime': 7.25.6 - detect-node: 2.1.0 - - unpipe@1.0.0: {} - - unset-value@1.0.0: - dependencies: - has-value: 0.3.1 - isobject: 3.0.1 - - untildify@4.0.0: {} - - update-browserslist-db@1.1.0(browserslist@4.23.3): - dependencies: - browserslist: 4.23.3 - escalade: 3.2.0 - picocolors: 1.1.0 - - upper-case-first@1.1.2: - dependencies: - upper-case: 1.1.3 - - upper-case@1.1.3: {} - - uri-js@4.4.1: - dependencies: - punycode: 2.3.1 - - urix@0.1.0: {} - - url-join@4.0.1: {} - - use-callback-ref@1.3.2(@types/react@18.3.5)(react@18.3.1): - dependencies: - react: 18.3.1 - tslib: 2.7.0 - optionalDependencies: - '@types/react': 18.3.5 - - use-isomorphic-layout-effect@1.1.2(@types/react@18.3.5)(react@18.3.1): - dependencies: - react: 18.3.1 - optionalDependencies: - '@types/react': 18.3.5 - - use-sidecar@1.1.2(@types/react@18.3.5)(react@18.3.1): - dependencies: - detect-node-es: 1.1.0 - react: 18.3.1 - tslib: 2.7.0 - optionalDependencies: - '@types/react': 18.3.5 - - use-sync-external-store@1.2.2(react@18.3.1): - dependencies: - react: 18.3.1 - - use@3.1.1: {} - - user-home@1.1.1: {} - - util-deprecate@1.0.2: {} - - utila@0.4.0: {} - - utils-merge@1.0.1: {} - - uuid@8.3.2: {} - - uuid@9.0.1: {} - - v8flags@2.1.1: - dependencies: - user-home: 1.1.1 - - validate-npm-package-license@3.0.4: - dependencies: - spdx-correct: 3.2.0 - spdx-expression-parse: 3.0.1 - - value-equal@1.0.1: {} - - vary@1.1.2: {} - - vite@5.0.13(@types/node@22.5.2)(terser@5.31.6): - dependencies: - esbuild: 0.19.11 - postcss: 8.4.44 - rollup: 4.21.2 - optionalDependencies: - '@types/node': 22.5.2 - fsevents: 2.3.3 - terser: 5.31.6 - - w3c-keyname@2.2.8: {} - - watchpack@2.4.2: - dependencies: - glob-to-regexp: 0.4.1 - graceful-fs: 4.2.11 - - wcwidth@1.0.1: - dependencies: - defaults: 1.0.4 - - web-streams-polyfill@3.3.3: {} - - web-streams-polyfill@4.0.0-beta.3: {} - - webidl-conversions@3.0.1: {} - - webpack-bundle-analyzer@4.10.2: - dependencies: - '@discoveryjs/json-ext': 0.5.7 - acorn: 8.12.1 - acorn-walk: 8.3.3 - commander: 7.2.0 - debounce: 1.2.1 - escape-string-regexp: 4.0.0 - gzip-size: 6.0.0 - html-escaper: 2.0.2 - opener: 1.5.2 - picocolors: 1.1.0 - sirv: 2.0.4 - ws: 7.5.10 - transitivePeerDependencies: - - bufferutil - - utf-8-validate - - webpack-dev-middleware@6.1.2(webpack@5.94.0(esbuild@0.19.11)): - dependencies: - colorette: 2.0.20 - memfs: 3.5.3 - mime-types: 2.1.35 - range-parser: 1.2.1 - schema-utils: 4.2.0 - optionalDependencies: - webpack: 5.94.0(esbuild@0.19.11) - - webpack-hot-middleware@2.26.0: - dependencies: - ansi-html-community: 0.0.8 - html-entities: 2.5.2 - strip-ansi: 6.0.1 - - webpack-sources@1.4.3: - dependencies: - source-list-map: 2.0.1 - source-map: 0.6.1 - - webpack-sources@3.2.3: {} - - webpack@5.94.0(esbuild@0.19.11): - dependencies: - '@types/estree': 1.0.5 - '@webassemblyjs/ast': 1.12.1 - '@webassemblyjs/wasm-edit': 1.12.1 - '@webassemblyjs/wasm-parser': 1.12.1 - acorn: 8.12.1 - acorn-import-attributes: 1.9.5(acorn@8.12.1) - browserslist: 4.23.3 - chrome-trace-event: 1.0.4 - enhanced-resolve: 5.17.1 - es-module-lexer: 1.5.4 - eslint-scope: 5.1.1 - events: 3.3.0 - glob-to-regexp: 0.4.1 - graceful-fs: 4.2.11 - json-parse-even-better-errors: 2.3.1 - loader-runner: 4.3.0 - mime-types: 2.1.35 - neo-async: 2.6.2 - schema-utils: 3.3.0 - tapable: 2.2.1 - terser-webpack-plugin: 5.3.10(esbuild@0.19.11)(webpack@5.94.0(esbuild@0.19.11)) - watchpack: 2.4.2 - webpack-sources: 3.2.3 - transitivePeerDependencies: - - '@swc/core' - - esbuild - - uglify-js - - whatwg-url@5.0.0: - dependencies: - tr46: 0.0.3 - webidl-conversions: 3.0.1 - - which@1.3.1: - dependencies: - isexe: 2.0.0 - - which@2.0.2: - dependencies: - isexe: 2.0.0 - - wide-align@1.1.5: - dependencies: - string-width: 4.2.3 - - widest-line@3.1.0: - dependencies: - string-width: 4.2.3 - - winston-transport@4.7.1: - dependencies: - logform: 2.6.1 - readable-stream: 3.6.2 - triple-beam: 1.4.1 - - winston@3.10.0: - dependencies: - '@colors/colors': 1.5.0 - '@dabh/diagnostics': 2.0.3 - async: 3.2.6 - is-stream: 2.0.1 - logform: 2.6.1 - one-time: 1.0.0 - readable-stream: 3.6.2 - safe-stable-stringify: 2.5.0 - stack-trace: 0.0.10 - triple-beam: 1.4.1 - winston-transport: 4.7.1 - - wordwrap@1.0.0: {} - - wrap-ansi@7.0.0: - dependencies: - ansi-styles: 4.3.0 - string-width: 4.2.3 - strip-ansi: 6.0.1 - - wrap-ansi@8.1.0: - dependencies: - ansi-styles: 6.2.1 - string-width: 5.1.2 - strip-ansi: 7.1.0 - - wrappy@1.0.2: {} - - write-file-atomic@3.0.3: - dependencies: - imurmurhash: 0.1.4 - is-typedarray: 1.0.0 - signal-exit: 3.0.7 - typedarray-to-buffer: 3.1.5 - - ws@7.5.10: {} - - ws@8.13.0: {} - - xdg-app-paths@8.3.0: - dependencies: - xdg-portable: 10.6.0 - optionalDependencies: - fsevents: 2.3.3 - - xdg-basedir@4.0.0: {} - - xdg-portable@10.6.0: - dependencies: - os-paths: 7.4.0 - optionalDependencies: - fsevents: 2.3.3 - - xtend@4.0.2: {} - - y18n@5.0.8: {} - - yalc@1.0.0-pre.53: - dependencies: - chalk: 4.1.2 - detect-indent: 6.1.0 - fs-extra: 8.1.0 - glob: 7.2.3 - ignore: 5.3.2 - ini: 2.0.0 - npm-packlist: 2.2.2 - yargs: 16.2.0 - - yallist@4.0.0: {} - - yaml@1.10.2: {} - - yargs-parser@20.2.9: {} - - yargs-parser@21.1.1: {} - - yargs@16.2.0: - dependencies: - cliui: 7.0.4 - escalade: 3.2.0 - get-caller-file: 2.0.5 - require-directory: 2.1.1 - string-width: 4.2.3 - y18n: 5.0.8 - yargs-parser: 20.2.9 - - yargs@17.7.2: - dependencies: - cliui: 8.0.1 - escalade: 3.2.0 - get-caller-file: 2.0.5 - require-directory: 2.1.1 - string-width: 4.2.3 - y18n: 5.0.8 - yargs-parser: 21.1.1 - - ylru@1.4.0: {} - - yocto-queue@0.1.0: {} - - yup@0.32.9: - dependencies: - '@babel/runtime': 7.25.6 - '@types/lodash': 4.17.7 - lodash: 4.17.21 - lodash-es: 4.17.21 - nanoclone: 0.2.1 - property-expr: 2.0.6 - toposort: 2.0.2 diff --git a/services/strapi/public/robots.txt b/services/strapi/public/robots.txt deleted file mode 100644 index ff5d316..0000000 --- a/services/strapi/public/robots.txt +++ /dev/null @@ -1,3 +0,0 @@ -# To prevent search engines from seeing the site altogether, uncomment the next two lines: -# User-Agent: * -# Disallow: / diff --git a/services/strapi/public/uploads/.gitkeep b/services/strapi/public/uploads/.gitkeep deleted file mode 100644 index e69de29..0000000 diff --git a/services/strapi/src/admin/app.example.js b/services/strapi/src/admin/app.example.js deleted file mode 100644 index 45cad61..0000000 --- a/services/strapi/src/admin/app.example.js +++ /dev/null @@ -1,39 +0,0 @@ -const config = { - locales: [ - // 'ar', - // 'fr', - // 'cs', - // 'de', - // 'dk', - // 'es', - // 'he', - // 'id', - // 'it', - // 'ja', - // 'ko', - // 'ms', - // 'nl', - // 'no', - // 'pl', - // 'pt-BR', - // 'pt', - // 'ru', - // 'sk', - // 'sv', - // 'th', - // 'tr', - // 'uk', - // 'vi', - // 'zh-Hans', - // 'zh', - ], -}; - -const bootstrap = (app) => { - console.log(app); -}; - -export default { - config, - bootstrap, -}; diff --git a/services/strapi/src/admin/webpack.config.example.js b/services/strapi/src/admin/webpack.config.example.js deleted file mode 100644 index 1ca45c2..0000000 --- a/services/strapi/src/admin/webpack.config.example.js +++ /dev/null @@ -1,9 +0,0 @@ -'use strict'; - -/* eslint-disable no-unused-vars */ -module.exports = (config, webpack) => { - // Note: we provide webpack above so you should not `require` it - // Perform customizations to webpack config - // Important: return the modified config - return config; -}; diff --git a/services/strapi/src/api/.gitkeep b/services/strapi/src/api/.gitkeep deleted file mode 100644 index e69de29..0000000 diff --git a/services/strapi/src/api/b2-file/content-types/b2-file/schema.json b/services/strapi/src/api/b2-file/content-types/b2-file/schema.json deleted file mode 100644 index ba68a4c..0000000 --- a/services/strapi/src/api/b2-file/content-types/b2-file/schema.json +++ /dev/null @@ -1,36 +0,0 @@ -{ - "kind": "collectionType", - "collectionName": "b2_files", - "info": { - "singularName": "b2-file", - "pluralName": "b2-files", - "displayName": "B2 File", - "description": "" - }, - "options": { - "draftAndPublish": false - }, - "pluginOptions": {}, - "attributes": { - "url": { - "type": "string", - "required": false, - "unique": false - }, - "key": { - "type": "string", - "unique": true, - "required": true - }, - "uploadId": { - "type": "string", - "unique": true, - "required": true - }, - "cdnUrl": { - "type": "string", - "unique": true, - "required": true - } - } -} diff --git a/services/strapi/src/api/b2-file/controllers/b2-file.js b/services/strapi/src/api/b2-file/controllers/b2-file.js deleted file mode 100644 index 65f936a..0000000 --- a/services/strapi/src/api/b2-file/controllers/b2-file.js +++ /dev/null @@ -1,9 +0,0 @@ -'use strict'; - -/** - * b2-file controller - */ - -const { createCoreController } = require('@strapi/strapi').factories; - -module.exports = createCoreController('api::b2-file.b2-file'); diff --git a/services/strapi/src/api/b2-file/routes/b2-file.js b/services/strapi/src/api/b2-file/routes/b2-file.js deleted file mode 100644 index a74a8d9..0000000 --- a/services/strapi/src/api/b2-file/routes/b2-file.js +++ /dev/null @@ -1,9 +0,0 @@ -'use strict'; - -/** - * b2-file router - */ - -const { createCoreRouter } = require('@strapi/strapi').factories; - -module.exports = createCoreRouter('api::b2-file.b2-file'); diff --git a/services/strapi/src/api/b2-file/services/b2-file.js b/services/strapi/src/api/b2-file/services/b2-file.js deleted file mode 100644 index 03e2bdf..0000000 --- a/services/strapi/src/api/b2-file/services/b2-file.js +++ /dev/null @@ -1,9 +0,0 @@ -'use strict'; - -/** - * b2-file service - */ - -const { createCoreService } = require('@strapi/strapi').factories; - -module.exports = createCoreService('api::b2-file.b2-file'); diff --git a/services/strapi/src/api/contributor/content-types/contributor/schema.json b/services/strapi/src/api/contributor/content-types/contributor/schema.json deleted file mode 100644 index 3cc046c..0000000 --- a/services/strapi/src/api/contributor/content-types/contributor/schema.json +++ /dev/null @@ -1,30 +0,0 @@ -{ - "kind": "collectionType", - "collectionName": "contributors", - "info": { - "singularName": "contributor", - "pluralName": "contributors", - "displayName": "Contributor", - "description": "" - }, - "options": { - "draftAndPublish": false - }, - "pluginOptions": {}, - "attributes": { - "name": { - "type": "string", - "required": true - }, - "url": { - "type": "string" - }, - "isFinancialDonor": { - "type": "boolean", - "default": false - }, - "isVodProvider": { - "type": "boolean" - } - } -} diff --git a/services/strapi/src/api/contributor/controllers/contributor.js b/services/strapi/src/api/contributor/controllers/contributor.js deleted file mode 100644 index 22b9cf6..0000000 --- a/services/strapi/src/api/contributor/controllers/contributor.js +++ /dev/null @@ -1,9 +0,0 @@ -'use strict'; - -/** - * contributor controller - */ - -const { createCoreController } = require('@strapi/strapi').factories; - -module.exports = createCoreController('api::contributor.contributor'); diff --git a/services/strapi/src/api/contributor/routes/contributor.js b/services/strapi/src/api/contributor/routes/contributor.js deleted file mode 100644 index cf61a59..0000000 --- a/services/strapi/src/api/contributor/routes/contributor.js +++ /dev/null @@ -1,9 +0,0 @@ -'use strict'; - -/** - * contributor router - */ - -const { createCoreRouter } = require('@strapi/strapi').factories; - -module.exports = createCoreRouter('api::contributor.contributor'); diff --git a/services/strapi/src/api/contributor/services/contributor.js b/services/strapi/src/api/contributor/services/contributor.js deleted file mode 100644 index ca75442..0000000 --- a/services/strapi/src/api/contributor/services/contributor.js +++ /dev/null @@ -1,9 +0,0 @@ -'use strict'; - -/** - * contributor service - */ - -const { createCoreService } = require('@strapi/strapi').factories; - -module.exports = createCoreService('api::contributor.contributor'); diff --git a/services/strapi/src/api/discord-interaction/content-types/discord-interaction/schema.json b/services/strapi/src/api/discord-interaction/content-types/discord-interaction/schema.json deleted file mode 100644 index f36a2ed..0000000 --- a/services/strapi/src/api/discord-interaction/content-types/discord-interaction/schema.json +++ /dev/null @@ -1,26 +0,0 @@ -{ - "kind": "collectionType", - "collectionName": "discord_interactions", - "info": { - "singularName": "discord-interaction", - "pluralName": "discord-interactions", - "displayName": "Discord Interaction", - "description": "" - }, - "options": { - "draftAndPublish": false - }, - "pluginOptions": {}, - "attributes": { - "interactionId": { - "type": "string", - "required": true - }, - "userSubmittedContent": { - "type": "relation", - "relation": "oneToOne", - "target": "api::user-submitted-content.user-submitted-content", - "inversedBy": "discordInteraction" - } - } -} diff --git a/services/strapi/src/api/discord-interaction/controllers/discord-interaction.js b/services/strapi/src/api/discord-interaction/controllers/discord-interaction.js deleted file mode 100644 index cdd8502..0000000 --- a/services/strapi/src/api/discord-interaction/controllers/discord-interaction.js +++ /dev/null @@ -1,9 +0,0 @@ -'use strict'; - -/** - * discord-interaction controller - */ - -const { createCoreController } = require('@strapi/strapi').factories; - -module.exports = createCoreController('api::discord-interaction.discord-interaction'); diff --git a/services/strapi/src/api/discord-interaction/routes/discord-interaction.js b/services/strapi/src/api/discord-interaction/routes/discord-interaction.js deleted file mode 100644 index 65807ee..0000000 --- a/services/strapi/src/api/discord-interaction/routes/discord-interaction.js +++ /dev/null @@ -1,9 +0,0 @@ -'use strict'; - -/** - * discord-interaction router - */ - -const { createCoreRouter } = require('@strapi/strapi').factories; - -module.exports = createCoreRouter('api::discord-interaction.discord-interaction'); diff --git a/services/strapi/src/api/discord-interaction/services/discord-interaction.js b/services/strapi/src/api/discord-interaction/services/discord-interaction.js deleted file mode 100644 index 59f8199..0000000 --- a/services/strapi/src/api/discord-interaction/services/discord-interaction.js +++ /dev/null @@ -1,9 +0,0 @@ -'use strict'; - -/** - * discord-interaction service - */ - -const { createCoreService } = require('@strapi/strapi').factories; - -module.exports = createCoreService('api::discord-interaction.discord-interaction'); diff --git a/services/strapi/src/api/goal/content-types/goal/schema.json b/services/strapi/src/api/goal/content-types/goal/schema.json deleted file mode 100644 index 0580c6f..0000000 --- a/services/strapi/src/api/goal/content-types/goal/schema.json +++ /dev/null @@ -1,30 +0,0 @@ -{ - "kind": "collectionType", - "collectionName": "goals", - "info": { - "singularName": "goal", - "pluralName": "goals", - "displayName": "Goal", - "description": "" - }, - "options": { - "draftAndPublish": false - }, - "pluginOptions": {}, - "attributes": { - "amountCents": { - "type": "string", - "required": true, - "unique": true - }, - "description": { - "type": "string", - "required": true, - "unique": true - }, - "name": { - "type": "string", - "unique": true - } - } -} diff --git a/services/strapi/src/api/goal/controllers/goal.js b/services/strapi/src/api/goal/controllers/goal.js deleted file mode 100644 index 2b8e3a3..0000000 --- a/services/strapi/src/api/goal/controllers/goal.js +++ /dev/null @@ -1,9 +0,0 @@ -'use strict'; - -/** - * goal controller - */ - -const { createCoreController } = require('@strapi/strapi').factories; - -module.exports = createCoreController('api::goal.goal'); diff --git a/services/strapi/src/api/goal/routes/goal.js b/services/strapi/src/api/goal/routes/goal.js deleted file mode 100644 index e836728..0000000 --- a/services/strapi/src/api/goal/routes/goal.js +++ /dev/null @@ -1,9 +0,0 @@ -'use strict'; - -/** - * goal router - */ - -const { createCoreRouter } = require('@strapi/strapi').factories; - -module.exports = createCoreRouter('api::goal.goal'); diff --git a/services/strapi/src/api/goal/services/goal.js b/services/strapi/src/api/goal/services/goal.js deleted file mode 100644 index 6c047ac..0000000 --- a/services/strapi/src/api/goal/services/goal.js +++ /dev/null @@ -1,11 +0,0 @@ -'use strict'; - -/** - * goal service - */ - -const { createCoreService } = require('@strapi/strapi').factories; - -module.exports = createCoreService('api::goal.goal'); - - diff --git a/services/strapi/src/api/gogs/content-types/gogs/schema.json b/services/strapi/src/api/gogs/content-types/gogs/schema.json deleted file mode 100644 index d933d5d..0000000 --- a/services/strapi/src/api/gogs/content-types/gogs/schema.json +++ /dev/null @@ -1,24 +0,0 @@ -{ - "kind": "singleType", - "collectionName": "gogss", - "info": { - "singularName": "gogs", - "pluralName": "gogss", - "displayName": "Gogs" - }, - "options": { - "draftAndPublish": false - }, - "pluginOptions": {}, - "attributes": { - "apiKey": { - "type": "string", - "required": true - }, - "url": { - "type": "string", - "required": true, - "default": "https://git.futureporn.net" - } - } -} diff --git a/services/strapi/src/api/gogs/controllers/gogs.js b/services/strapi/src/api/gogs/controllers/gogs.js deleted file mode 100644 index 5d83874..0000000 --- a/services/strapi/src/api/gogs/controllers/gogs.js +++ /dev/null @@ -1,29 +0,0 @@ -'use strict'; - -/** - * gogs controller - */ - -const { createCoreController } = require('@strapi/strapi').factories; - -module.exports = createCoreController('api::gogs.gogs', ({ strapi }) => ({ - issues: async (ctx) => { - try { - // Fetch the 'gogs' single type from Strapi - const gogsConfig = await strapi.query('api::gogs.gogs').findOne(); - - if (!gogsConfig) { - return ctx.badRequest('Gogs configuration not found'); - } - - const { url, apiKey } = gogsConfig; - const openIssues = await strapi.service('api::gogs.gogs').fetchAllPagesFromGogsAPI(`${url}/api/v1/repos/futureporn/pm/issues?state=open`, apiKey) - const closedIssues = await strapi.service('api::gogs.gogs').fetchAllPagesFromGogsAPI(`${url}/api/v1/repos/futureporn/pm/issues?state=closed`, apiKey) - - return { openIssues, closedIssues } - } catch (error) { - console.error('Error fetching Gogs issues:', error); - return ctx.badRequest('Failed to fetch issues from Gogs'); - } - } -})); \ No newline at end of file diff --git a/services/strapi/src/api/gogs/routes/gogs.js b/services/strapi/src/api/gogs/routes/gogs.js deleted file mode 100644 index 50c6544..0000000 --- a/services/strapi/src/api/gogs/routes/gogs.js +++ /dev/null @@ -1,34 +0,0 @@ -'use strict'; - -/** - * gogs router - */ - -const { createCoreRouter } = require('@strapi/strapi').factories; - -const defaultRouter = createCoreRouter('api::gogs.gogs'); - -// greets https://forum.strapi.io/t/how-to-add-custom-routes-to-core-routes-in-strapi-4/14070/7 -const customRouter = (innerRouter, extraRoutes = []) => { - let routes; - return { - get prefix() { - return innerRouter.prefix; - }, - get routes() { - if (!routes) routes = extraRoutes.concat(innerRouter.routes) - return routes; - }, - }; -}; - -const myExtraRoutes = [ - { - method: "GET", - path: "/gogs/issues", - handler: "api::gogs.gogs.issues" - } -]; - -module.exports = customRouter(defaultRouter, myExtraRoutes); - diff --git a/services/strapi/src/api/gogs/services/gogs.js b/services/strapi/src/api/gogs/services/gogs.js deleted file mode 100644 index 13afb2f..0000000 --- a/services/strapi/src/api/gogs/services/gogs.js +++ /dev/null @@ -1,42 +0,0 @@ -'use strict'; - -/** - * gogs service - */ - -const { createCoreService } = require('@strapi/strapi').factories; - - - -module.exports = createCoreService('api::gogs.gogs', ({ strapi }) => ({ - - async fetchAllPagesFromGogsAPI(url, apiKey) { - - // Fetch the first page - const response = await fetch(url, { - headers: { - 'Authorization': `token ${apiKey}` - } - }); - - if (!response.ok) { - throw new Error(`Request failed with status: ${response.status}`); - } - - const data = await response.json(); - - // Check if there are more pages available - if (response.headers.has('link')) { - const linkHeader = response.headers.get('link'); - const nextPageMatch = /<([^>]+)>;\s*rel="next"/.exec(linkHeader); - - if (nextPageMatch) { - const nextPageUrl = nextPageMatch[1]; - const nextPageData = await this.fetchAllPagesFromGogsAPI(nextPageUrl, apiKey); - return [...data, ...nextPageData]; - } - } - - return data; - } -})) \ No newline at end of file diff --git a/services/strapi/src/api/issue/content-types/issue/schema.json b/services/strapi/src/api/issue/content-types/issue/schema.json deleted file mode 100644 index b8c6768..0000000 --- a/services/strapi/src/api/issue/content-types/issue/schema.json +++ /dev/null @@ -1,36 +0,0 @@ -{ - "kind": "collectionType", - "collectionName": "issues", - "info": { - "singularName": "issue", - "pluralName": "issues", - "displayName": "issue", - "description": "" - }, - "options": { - "draftAndPublish": false - }, - "pluginOptions": {}, - "attributes": { - "url": { - "type": "string", - "required": true - }, - "sla": { - "type": "enumeration", - "enum": [ - "public", - "patron", - "authenticated" - ], - "default": "public", - "required": true - }, - "type": { - "type": "enumeration", - "enum": [ - "stall" - ] - } - } -} diff --git a/services/strapi/src/api/issue/controllers/issue.js b/services/strapi/src/api/issue/controllers/issue.js deleted file mode 100644 index a9c83e3..0000000 --- a/services/strapi/src/api/issue/controllers/issue.js +++ /dev/null @@ -1,9 +0,0 @@ -'use strict'; - -/** - * issue controller - */ - -const { createCoreController } = require('@strapi/strapi').factories; - -module.exports = createCoreController('api::issue.issue'); diff --git a/services/strapi/src/api/issue/routes/issue.js b/services/strapi/src/api/issue/routes/issue.js deleted file mode 100644 index 146d9fe..0000000 --- a/services/strapi/src/api/issue/routes/issue.js +++ /dev/null @@ -1,9 +0,0 @@ -'use strict'; - -/** - * issue router - */ - -const { createCoreRouter } = require('@strapi/strapi').factories; - -module.exports = createCoreRouter('api::issue.issue'); diff --git a/services/strapi/src/api/issue/services/issue.js b/services/strapi/src/api/issue/services/issue.js deleted file mode 100644 index 9782a38..0000000 --- a/services/strapi/src/api/issue/services/issue.js +++ /dev/null @@ -1,9 +0,0 @@ -'use strict'; - -/** - * issue service - */ - -const { createCoreService } = require('@strapi/strapi').factories; - -module.exports = createCoreService('api::issue.issue'); diff --git a/services/strapi/src/api/mux-asset/content-types/mux-asset/schema.json b/services/strapi/src/api/mux-asset/content-types/mux-asset/schema.json deleted file mode 100644 index 736ba34..0000000 --- a/services/strapi/src/api/mux-asset/content-types/mux-asset/schema.json +++ /dev/null @@ -1,28 +0,0 @@ -{ - "kind": "collectionType", - "collectionName": "mux_assets", - "info": { - "singularName": "mux-asset", - "pluralName": "mux-assets", - "displayName": "Mux Asset", - "description": "" - }, - "options": { - "draftAndPublish": false - }, - "pluginOptions": {}, - "attributes": { - "playbackId": { - "type": "string", - "required": false, - "unique": true - }, - "assetId": { - "type": "string", - "unique": true - }, - "deletionQueuedAt": { - "type": "datetime" - } - } -} diff --git a/services/strapi/src/api/mux-asset/controllers/mux-asset.js b/services/strapi/src/api/mux-asset/controllers/mux-asset.js deleted file mode 100644 index e02adbc..0000000 --- a/services/strapi/src/api/mux-asset/controllers/mux-asset.js +++ /dev/null @@ -1,56 +0,0 @@ -'use strict'; - -const { JWT } = require('@mux/mux-node'); - -const MUX_SIGNING_KEY_ID = process.env.MUX_SIGNING_KEY_ID; -const MUX_SIGNING_KEY_PRIVATE_KEY = process.env.MUX_SIGNING_KEY_PRIVATE_KEY; -const MUX_PLAYBACK_RESTRICTION_ID = process.env.MUX_PLAYBACK_RESTRICTION_ID - -if (!MUX_SIGNING_KEY_PRIVATE_KEY) throw new Error('MUX_SIGNING_KEY_PRIVATE_KEY must be defined in env'); -if (!MUX_SIGNING_KEY_ID) throw new Error('MUX_SIGNING_KEY_ID must be defined in env'); -if (!MUX_PLAYBACK_RESTRICTION_ID) throw new Error('MUX_PLAYBACK_RESTRICTION_ID must be defined in env'); - - -/** - * mux-asset controller - */ - -const { createCoreController } = require('@strapi/strapi').factories; - -module.exports = createCoreController('api::mux-asset.mux-asset', ({ strapi }) => ({ - - async secure (ctx, next) { - - if (ctx?.query?.id === undefined) { - ctx.throw(400, 'id query param was missing!') - return - } - - const tokens = {} - - tokens.playbackToken = JWT.signPlaybackId(ctx.query.id, { - keyId: MUX_SIGNING_KEY_ID, - keySecret: MUX_SIGNING_KEY_PRIVATE_KEY, - params: { - playback_restriction_id: MUX_PLAYBACK_RESTRICTION_ID - }, - }) - - - tokens.storyboardToken = JWT.signPlaybackId(ctx.query.id, { - keyId: MUX_SIGNING_KEY_ID, - keySecret: MUX_SIGNING_KEY_PRIVATE_KEY, - type: 'storyboard' - }) - - tokens.thumbnailToken = JWT.signPlaybackId(ctx.query.id, { - keyId: MUX_SIGNING_KEY_ID, - keySecret: MUX_SIGNING_KEY_PRIVATE_KEY, - type: 'thumbnail' - }) - - - ctx.body = tokens - } -})) - diff --git a/services/strapi/src/api/mux-asset/routes/mux-asset.js b/services/strapi/src/api/mux-asset/routes/mux-asset.js deleted file mode 100644 index 2dc38eb..0000000 --- a/services/strapi/src/api/mux-asset/routes/mux-asset.js +++ /dev/null @@ -1,33 +0,0 @@ -'use strict'; - -/** - * mux-asset router - */ - -const { createCoreRouter } = require('@strapi/strapi').factories; - -const defaultRouter = createCoreRouter('api::mux-asset.mux-asset'); - -// greets https://forum.strapi.io/t/how-to-add-custom-routes-to-core-routes-in-strapi-4/14070/7 -const customRouter = (innerRouter, extraRoutes = []) => { - let routes; - return { - get prefix() { - return innerRouter.prefix; - }, - get routes() { - if (!routes) routes = extraRoutes.concat(innerRouter.routes) - return routes; - }, - }; -}; - -const myExtraRoutes = [ - { - method: "GET", - path: "/mux-asset/secure", - handler: "mux-asset.secure" - } -]; - -module.exports = customRouter(defaultRouter, myExtraRoutes); \ No newline at end of file diff --git a/services/strapi/src/api/mux-asset/services/mux-asset.js b/services/strapi/src/api/mux-asset/services/mux-asset.js deleted file mode 100644 index a4cbcb5..0000000 --- a/services/strapi/src/api/mux-asset/services/mux-asset.js +++ /dev/null @@ -1,78 +0,0 @@ -'use strict'; - -const { JWT } = require('@mux/mux-node'); -const { createCoreService } = require('@strapi/strapi').factories; - -/** - * mux-asset service - */ - - -module.exports = createCoreService('api::mux-asset.mux-asset', ({strapi}) => ({ - - - /** - * reference: https://docs.mux.com/guides/video/secure-video-playback#4-generate-a-json-web-token-jwt - * reference: https://docs.mux.com/guides/video/secure-video-playback#5-sign-the-json-web-token-jwt - * - * @param {String} playbackId - signed playback ID - * @param {String} keyId - signing key ID - * @param {String} keySecret - base64 encoded private key - * @param {String} playbackRestructionId - https://docs.mux.com/guides/video/secure-video-playback#create-a-playback-restriction - * @returns {Object} jwt - - * @returns {String} jwt.token - - * @returns {String} jwt.gifToken - - * @returns {String} jwt.thumbnailToken - - */ - async signJwt (playbackId, keyId, keySecret, playbackRestrictionId) { - // Set some base options we can use for a few different signing types - // Type can be either video, thumbnail, gif, or storyboard - let baseOptions = { - keyId: keyId, // Enter your signing key id here - keySecret: keySecret, // Enter your base64 encoded private key here - expiration: '7d' // E.g 60, "2 days", "10h", "7d", numeric value interpreted as seconds - }; - - const playbackToken = JWT.signPlaybackId(playbackId, { - ...baseOptions , - type: 'video', - params: { playback_restriction_id: playbackRestrictionId } - }); - - // Now the signed playback url should look like this: - // https://stream.mux.com/${playbackId}.m3u8?token=${token} - - // If you wanted to pass in params for something like a gif, use the - // params key in the options object - // const gifToken = JWT.signPlaybackId(playbackId, { - // ...baseOptions, - // type: 'gif', - // params: { time: 10 }, - // }) - - const thumbnailToken = JWT.signPlaybackId(playbackId, { - type: 'thumbnail', - params: { playback_restriction_id: playbackRestrictionId }, - }) - - // Then, use this token in a URL like this: - // https://image.mux.com/${playbackId}/animated.gif?token=${gifToken} - - // A final example, if you wanted to sign a thumbnail url with a playback restriction - const storyboardToken = JWT.sign(playbackId, { - ...baseOptions, - type: 'storyboard', - params: { playback_restriction_id: playbackRestrictionId }, - }) - - // When used in a URL, it should look like this: - // https://image.mux.com/${playbackId}/thumbnail.png?token=${thumbnailToken} - - return { - playbackToken, - storyboardToken, - thumbnailToken - } - }, - -})); \ No newline at end of file diff --git a/services/strapi/src/api/patreon/content-types/patreon/schema.json b/services/strapi/src/api/patreon/content-types/patreon/schema.json deleted file mode 100644 index a76213c..0000000 --- a/services/strapi/src/api/patreon/content-types/patreon/schema.json +++ /dev/null @@ -1,39 +0,0 @@ -{ - "kind": "singleType", - "collectionName": "patreons", - "info": { - "singularName": "patreon", - "pluralName": "patreons", - "displayName": "Patreon", - "description": "" - }, - "options": { - "draftAndPublish": false - }, - "pluginOptions": {}, - "attributes": { - "benefitId": { - "type": "string", - "required": true, - "default": "4760169" - }, - "accessToken": { - "type": "string" - }, - "refreshToken": { - "type": "string" - }, - "campaignId": { - "type": "string", - "required": true - }, - "muxAllocationCostCents": { - "type": "integer", - "default": 50, - "required": true - }, - "membershipId": { - "type": "string" - } - } -} diff --git a/services/strapi/src/api/patreon/controllers/patreon.js b/services/strapi/src/api/patreon/controllers/patreon.js deleted file mode 100644 index c06944a..0000000 --- a/services/strapi/src/api/patreon/controllers/patreon.js +++ /dev/null @@ -1,37 +0,0 @@ -'use strict'; - -/** - * patreon controller - */ - -const { createCoreController } = require('@strapi/strapi').factories; - -module.exports = createCoreController('api::patreon.patreon', ({ strapi }) => ({ - async getPublicPatrons(ctx) { - const patrons = await strapi.entityService.findMany('plugin::users-permissions.user', { - fields: ['username', 'vanityLink', 'isNamePublic', 'isLinkPublic', 'patreonBenefits'], - }) - - let publicPatrons = [] - for (const patron of patrons) { - let publicPatron = {} - let benefits = (!!patron?.patreonBenefits) ? patron.patreonBenefits.split(',') : [] - if (patron.isNamePublic) publicPatron.username = patron.username; - - // if patron has "Your URL displayed on Futureporn.net" benefit, - // publically share their link if they want it shared - if (benefits.includes('10663202')) { - if (patron.isLinkPublic) publicPatron.vanityLink = patron.vanityLink; - } - - if (!!publicPatron.username || !!publicPatron.vanityLink) publicPatrons.push(publicPatron); - } - - return publicPatrons - }, - async muxAllocationCount(ctx) { - const count = await strapi.service('api::patreon.patreon').getMuxAllocationCount() - return count - } -})); - diff --git a/services/strapi/src/api/patreon/routes/patreon.js b/services/strapi/src/api/patreon/routes/patreon.js deleted file mode 100644 index 52af951..0000000 --- a/services/strapi/src/api/patreon/routes/patreon.js +++ /dev/null @@ -1,37 +0,0 @@ -'use strict'; - -/** - * patreon router - */ - -const { createCoreRouter } = require('@strapi/strapi').factories; - -const defaultRouter = createCoreRouter('api::patreon.patreon'); - -// greets https://forum.strapi.io/t/how-to-add-custom-routes-to-core-routes-in-strapi-4/14070/7 -const customRouter = (innerRouter, extraRoutes = []) => { - let routes; - return { - get prefix() { - return innerRouter.prefix; - }, - get routes() { - if (!routes) routes = extraRoutes.concat(innerRouter.routes) - return routes; - }, - }; -}; - -const myExtraRoutes = [ - { - method: "GET", - path: "/patreon/patrons", - handler: "api::patreon.patreon.getPublicPatrons" - }, { - method: 'GET', - path: '/patreon/muxAllocationCount', - handler: 'api::patreon.patreon.muxAllocationCount' - } -]; - -module.exports = customRouter(defaultRouter, myExtraRoutes); \ No newline at end of file diff --git a/services/strapi/src/api/patreon/services/patreon.js b/services/strapi/src/api/patreon/services/patreon.js deleted file mode 100644 index 147d2a4..0000000 --- a/services/strapi/src/api/patreon/services/patreon.js +++ /dev/null @@ -1,45 +0,0 @@ -'use strict'; - -/** - * patreon service - */ - -const EleventyFetch = require("@11ty/eleventy-fetch"); -const { createCoreService } = require('@strapi/strapi').factories; - - - -module.exports = createCoreService('api::patreon.patreon', ({strapi}) => ({ - - - async getPatreonCampaign() { - return EleventyFetch('https://www.patreon.com/api/campaigns/8012692', { - duration: "12h", - type: "json", - }) - }, - - - async getPatreonCampaignPledgeSum() { - const campaign = await this.getPatreonCampaign() - return campaign.data.attributes.pledge_sum - }, - - - /** - * Calculate how many mux allocations the site should have, based on the dollar amount of pledges from patreon - * - * @param {Number} pledgeSum - USD cents - */ - async getMuxAllocationCount() { - const patreonData = await strapi.entityService.findMany('api::patreon.patreon', { - fields: ['muxAllocationCostCents'] - }) - if (!patreonData) throw new Error('patreonData in Strapi was missing'); - const muxAllocationCostCents = patreonData.muxAllocationCostCents - const pledgeSum = await this.getPatreonCampaignPledgeSum() - const muxAllocationCount = Math.floor(pledgeSum / muxAllocationCostCents); // calculate the number of mux allocations required - return muxAllocationCount; - } -})); - diff --git a/services/strapi/src/api/platform-notification/content-types/platform-notification/schema.json b/services/strapi/src/api/platform-notification/content-types/platform-notification/schema.json deleted file mode 100644 index c5561e6..0000000 --- a/services/strapi/src/api/platform-notification/content-types/platform-notification/schema.json +++ /dev/null @@ -1,56 +0,0 @@ -{ - "kind": "collectionType", - "collectionName": "platform_notifications", - "info": { - "singularName": "platform-notification", - "pluralName": "platform-notifications", - "displayName": "Platform Notification", - "description": "" - }, - "options": { - "draftAndPublish": false - }, - "pluginOptions": {}, - "attributes": { - "source": { - "type": "enumeration", - "enum": [ - "email", - "manual" - ], - "default": "manual", - "required": true - }, - "platform": { - "type": "enumeration", - "enum": [ - "fansly", - "chaturbate" - ], - "default": "chaturbate", - "required": true - }, - "date": { - "type": "datetime", - "required": true, - "unique": false - }, - "date2": { - "type": "string", - "required": true, - "unique": false, - "regex": "\\d{4}-[01]\\d-[0-3]\\dT[0-2]\\d:[0-5]\\d:[0-5]\\d\\.\\d+([+-][0-2]\\d:[0-5]\\d|Z)" - }, - "vtuber": { - "type": "relation", - "relation": "oneToOne", - "target": "api::vtuber.vtuber" - }, - "stream": { - "type": "relation", - "relation": "manyToOne", - "target": "api::stream.stream", - "inversedBy": "platformNotifications" - } - } -} \ No newline at end of file diff --git a/services/strapi/src/api/platform-notification/controllers/platform-notification.js b/services/strapi/src/api/platform-notification/controllers/platform-notification.js deleted file mode 100644 index b845147..0000000 --- a/services/strapi/src/api/platform-notification/controllers/platform-notification.js +++ /dev/null @@ -1,9 +0,0 @@ -'use strict'; - -/** - * platform-notification controller - */ - -const { createCoreController } = require('@strapi/strapi').factories; - -module.exports = createCoreController('api::platform-notification.platform-notification'); diff --git a/services/strapi/src/api/platform-notification/routes/platform-notification.js b/services/strapi/src/api/platform-notification/routes/platform-notification.js deleted file mode 100644 index 1bc4837..0000000 --- a/services/strapi/src/api/platform-notification/routes/platform-notification.js +++ /dev/null @@ -1,9 +0,0 @@ -'use strict'; - -/** - * platform-notification router - */ - -const { createCoreRouter } = require('@strapi/strapi').factories; - -module.exports = createCoreRouter('api::platform-notification.platform-notification'); diff --git a/services/strapi/src/api/platform-notification/services/platform-notification.js b/services/strapi/src/api/platform-notification/services/platform-notification.js deleted file mode 100644 index a505fc9..0000000 --- a/services/strapi/src/api/platform-notification/services/platform-notification.js +++ /dev/null @@ -1,9 +0,0 @@ -'use strict'; - -/** - * platform-notification service - */ - -const { createCoreService } = require('@strapi/strapi').factories; - -module.exports = createCoreService('api::platform-notification.platform-notification'); diff --git a/services/strapi/src/api/profile/controllers/profile.js b/services/strapi/src/api/profile/controllers/profile.js deleted file mode 100644 index 610a88d..0000000 --- a/services/strapi/src/api/profile/controllers/profile.js +++ /dev/null @@ -1,21 +0,0 @@ -'use strict'; - - - -module.exports = { - update: async (ctx, next) => { - const update = strapi.plugin('users-permissions').controllers.user.update - await update(ctx); - }, - me: async (ctx) => { - const userId = ctx?.state?.user?.id; - if (!userId) return ctx.badRequest("There was no user id in the request!"); - const user = await strapi.entityService.findOne('plugin::users-permissions.user', userId, { - populate: 'role' - }); - return user - }, - test: async (ctx) => { - return 'blah' - } -}; diff --git a/services/strapi/src/api/profile/routes/profile.js b/services/strapi/src/api/profile/routes/profile.js deleted file mode 100644 index 7a33f1c..0000000 --- a/services/strapi/src/api/profile/routes/profile.js +++ /dev/null @@ -1,23 +0,0 @@ -module.exports = { - routes: [ - { - method: 'PUT', - path: '/profile/:id', - handler: 'profile.update', - config: { - prefix: '', - policies: ['global::updateOwnerOnly'] - }, - }, - { - method: 'GET', - path: '/profile/me', - handler: 'profile.me' - }, - { - method: 'GET', - path: '/profile/test', - handler: 'profile.test' - } - ], -}; diff --git a/services/strapi/src/api/profile/services/profile.js b/services/strapi/src/api/profile/services/profile.js deleted file mode 100644 index 56ac091..0000000 --- a/services/strapi/src/api/profile/services/profile.js +++ /dev/null @@ -1,7 +0,0 @@ -'use strict'; - -/** - * profile service - */ - -module.exports = () => ({}); diff --git a/services/strapi/src/api/stream/content-types/stream/lifecycles.js b/services/strapi/src/api/stream/content-types/stream/lifecycles.js deleted file mode 100644 index 852633c..0000000 --- a/services/strapi/src/api/stream/content-types/stream/lifecycles.js +++ /dev/null @@ -1,119 +0,0 @@ -const { init } = require('@paralleldrive/cuid2'); - - - -module.exports = { - async beforeUpdate(event) { - const { data } = event.params; - if (!data.cuid) { - const length = 10; // 50% odds of collision after ~51,386,368 ids - const cuid = init({ length }); - event.params.data.cuid = cuid(); - } - /** - * Here we set the stream platform based on related platformNotifications. - * For example, if there is a related fansly platformNotification, we set isFanslyStream to true. - */ - console.log('hello my good sir, we are about to set the stream platform based on related platformNotifications.') - console.log('in order to make sure we have the data we need, let us console log the data.') - console.log(data) - - }, - async afterUpdate(event) { - - - - console.log(`>>>>>>>>>>>>>> STREAM is afterUpdate !!!!!!!!!!!!`); - const { data, where, select, populate } = event.params; - console.log(data); - const id = where.id; - - - /** - * This is where we populate the archiveStatus, based on the vods we have (or do not have.) - * We do this to display to the visitor the archival state of this stream. - * This state is what populates the any% archival speedrun on the `/vt/:slug` pages. - * - * Vods with a note are automatically considered, 'issue' - * A stream with no vods is considered, 'missing' - * At least 1 vod with no notes is considred, 'good' - * - * greets https://forum.strapi.io/t/how-to-get-previous-component-data-in-lifecycle-hook/25892/4?u=ggr247 - */ - const existingData = await strapi.entityService.findOne("api::stream.stream", id, { - populate: ['vods', 'tweet'] - }) - - // Initialize archiveStatus to a default value - let archiveStatus = 'missing'; - - // Iterate through all vods to determine archiveStatus - for (const vod of existingData.vods) { - if (!!vod.videoSrcHash) { - if (!!vod.note) { - // If a vod has both videoSrcHash and note, set archiveStatus to 'issue' - archiveStatus = 'issue'; - break; // No need to check further - } else { - // If a vod has videoSrcHash but no note, set archiveStatus to 'good' - archiveStatus = 'good'; - } - } - } - - // we can't use query engine here, because that would trigger an infinite loop - // where this - // instead we access knex instance - await strapi.db.connection("streams").where({ id: id }).update({ - archive_status: archiveStatus, - }); - - - - - /** - * This is where we populate platform, based on the related platformNotification content-types. - * We do this so the UI has the data it needs to display the platform on which the stream took place. - * - * If any platformNotification is from fansly, isFanslyStream is set to true. - * If any platformNotification is from chaturbate, isChaturbateStream is set to true. - */ - const existingData2 = await strapi.entityService.findOne("api::stream.stream", id, { - populate: {'platformNotifications': true} - }) - - let isFanslyStream = false - let isChaturbateStream = false - - console.log(`lets find the platformNotifications`) - console.log(JSON.stringify(existingData2, null, 2)) - - // Iterate through all platformNotifications to determine platform - if (existingData2?.platformNotifications) { - for (const pn of existingData2.platformNotifications) { - if (pn.platform === 'fansly') { - isFanslyStream = true - } else if (pn.platform === 'chaturbate') { - isChaturbateStream = true - } - } - } - - // we can't use query engine here, because that would trigger an infinite loop - // where this - // instead we access knex instance - await strapi.db.connection("streams").where({ id: id }).update({ - is_fansly_stream: isFanslyStream, - is_chaturbate_stream: isChaturbateStream - }); - - // Old way, @deprecated. keeping as a comment until I'm sure I don't need it - // if (!!existingData.tweet) { - // await strapi.db.connection("streams").where({ id: id }).update({ - // is_chaturbate_stream: existingData.tweet.isChaturbateInvite, - // is_fansly_stream: existingData.tweet.isFanslyInvite - // }); - // } - - } -}; \ No newline at end of file diff --git a/services/strapi/src/api/stream/content-types/stream/schema.json b/services/strapi/src/api/stream/content-types/stream/schema.json deleted file mode 100644 index 63fab1f..0000000 --- a/services/strapi/src/api/stream/content-types/stream/schema.json +++ /dev/null @@ -1,79 +0,0 @@ -{ - "kind": "collectionType", - "collectionName": "streams", - "info": { - "singularName": "stream", - "pluralName": "streams", - "displayName": "Stream", - "description": "" - }, - "options": { - "draftAndPublish": false - }, - "pluginOptions": {}, - "attributes": { - "platformNotifications": { - "type": "relation", - "relation": "oneToMany", - "target": "api::platform-notification.platform-notification", - "mappedBy": "stream" - }, - "date_str": { - "type": "string", - "required": true, - "unique": true, - "regex": "\\d{4}-[01]\\d-[0-3]\\dT[0-2]\\d:[0-5]\\d:[0-5]\\d\\.\\d+([+-][0-2]\\d:[0-5]\\d|Z)" - }, - "date2": { - "type": "string", - "required": true, - "unique": true, - "regex": "\\d{4}-[01]\\d-[0-3]\\dT[0-2]\\d:[0-5]\\d:[0-5]\\d\\.\\d+([+-][0-2]\\d:[0-5]\\d|Z)" - }, - "vods": { - "type": "relation", - "relation": "oneToMany", - "target": "api::vod.vod", - "mappedBy": "stream" - }, - "vtuber": { - "type": "relation", - "relation": "manyToOne", - "target": "api::vtuber.vtuber", - "inversedBy": "streams" - }, - "tweet": { - "type": "relation", - "relation": "oneToOne", - "target": "api::tweet.tweet" - }, - "date": { - "type": "datetime", - "required": true, - "unique": true - }, - "archiveStatus": { - "type": "enumeration", - "enum": [ - "missing", - "issue", - "good" - ], - "required": true, - "default": "missing" - }, - "cuid": { - "type": "string", - "unique": true, - "required": false - }, - "isChaturbateStream": { - "type": "boolean", - "default": false - }, - "isFanslyStream": { - "type": "boolean", - "default": false - } - } -} diff --git a/services/strapi/src/api/stream/controllers/stream.js b/services/strapi/src/api/stream/controllers/stream.js deleted file mode 100644 index aaee46e..0000000 --- a/services/strapi/src/api/stream/controllers/stream.js +++ /dev/null @@ -1,9 +0,0 @@ -'use strict'; - -/** - * stream controller - */ - -const { createCoreController } = require('@strapi/strapi').factories; - -module.exports = createCoreController('api::stream.stream'); diff --git a/services/strapi/src/api/stream/routes/stream.js b/services/strapi/src/api/stream/routes/stream.js deleted file mode 100644 index 6af6923..0000000 --- a/services/strapi/src/api/stream/routes/stream.js +++ /dev/null @@ -1,9 +0,0 @@ -'use strict'; - -/** - * stream router - */ - -const { createCoreRouter } = require('@strapi/strapi').factories; - -module.exports = createCoreRouter('api::stream.stream'); diff --git a/services/strapi/src/api/stream/services/stream.js b/services/strapi/src/api/stream/services/stream.js deleted file mode 100644 index b0311da..0000000 --- a/services/strapi/src/api/stream/services/stream.js +++ /dev/null @@ -1,9 +0,0 @@ -'use strict'; - -/** - * stream service - */ - -const { createCoreService } = require('@strapi/strapi').factories; - -module.exports = createCoreService('api::stream.stream'); diff --git a/services/strapi/src/api/tag-vod-relation/content-types/tag-vod-relation/schema.json b/services/strapi/src/api/tag-vod-relation/content-types/tag-vod-relation/schema.json deleted file mode 100644 index 129ef5a..0000000 --- a/services/strapi/src/api/tag-vod-relation/content-types/tag-vod-relation/schema.json +++ /dev/null @@ -1,39 +0,0 @@ -{ - "kind": "collectionType", - "collectionName": "tag_vod_relations", - "info": { - "singularName": "tag-vod-relation", - "pluralName": "tag-vod-relations", - "displayName": "Tag Vod Relation", - "description": "" - }, - "options": { - "draftAndPublish": false - }, - "pluginOptions": {}, - "attributes": { - "votes": { - "type": "integer" - }, - "creator": { - "type": "relation", - "relation": "oneToOne", - "target": "plugin::users-permissions.user" - }, - "tag": { - "type": "relation", - "relation": "oneToOne", - "target": "api::tag.tag" - }, - "creatorId": { - "type": "integer", - "required": true - }, - "vod": { - "type": "relation", - "relation": "manyToOne", - "target": "api::vod.vod", - "inversedBy": "tagVodRelations" - } - } -} diff --git a/services/strapi/src/api/tag-vod-relation/controllers/tag-vod-relation.js b/services/strapi/src/api/tag-vod-relation/controllers/tag-vod-relation.js deleted file mode 100644 index 8face45..0000000 --- a/services/strapi/src/api/tag-vod-relation/controllers/tag-vod-relation.js +++ /dev/null @@ -1,222 +0,0 @@ -'use strict'; - -/** - * tag-vod-relation controller - */ - -const { createCoreController } = require('@strapi/strapi').factories; - -module.exports = createCoreController('api::tag-vod-relation.tag-vod-relation', ({ strapi }) => ({ - async relate(ctx) { - - const userId = ctx?.state?.user?.id; - if (!userId) return ctx.badRequest("There was no user id in the request!"); - if (!ctx.request.body.data) return ctx.badRequest('data was missing from body'); - if (!ctx.request.body.data.tag) return ctx.badRequest('tag was missing from data'); - if (!ctx.request.body.data.vod) return ctx.badRequest('vod was missing from data'); - - const { tag: tagId, vod: vodId } = ctx.request.body.data; - - const tagVodRelation = await strapi.entityService.create('api::tag-vod-relation.tag-vod-relation', { - data: { - vod: vodId, - tag: tagId, - creator: userId, - creatorId: userId, - publishedAt: new Date(), - votes: 2 - } - }) - - return tagVodRelation - }, - async vote(ctx) { - // @todo - }, - - // // greets https://docs.strapi.io/dev-docs/backend-customization/controllers#extending-core-controllers - // // greets https://docs.strapi.io/dev-docs/backend-customization/controllers#adding-a-new-controller - // // Method 2: Wrapping a core action (leaves core logic in place) - // async find(ctx) { - // // // some custom logic here - // // ctx.query = { ...ctx.query, local: 'en' } - - // const userId = ctx?.state?.user?.id; - // if (!userId) return ctx.badRequest("There was no user id in the request!"); - - - - // // Calling the default core action - // const { data, meta } = await super.find(ctx); - - // // add isCreator if the tvr was created by this user - // let dataWithCreator = data.map((d) => { - // if (d.data.attributes.) - // }) - - // // // some more custom logic - // // meta.date = Date.now() - - // return { data, meta }; - // }, - - // greets https://docs.strapi.io/dev-docs/backend-customization/controllers#extending-core-controllers - // greets https://docs.strapi.io/dev-docs/backend-customization/controllers#adding-a-new-controller - // Method 2: Wrapping a core action (leaves core logic in place) - async create(ctx) { - console.log('>> create a tag vod relation') - // only allow unique tag, vod combos - - const { query } = ctx.request; - - const userId = ctx?.state?.user?.id; - if (!userId) return ctx.badRequest("There was no user id in the request!"); - if (!ctx.request.body.data) return ctx.badRequest('data was missing from body'); - if (!ctx.request.body.data.tag) return ctx.badRequest('tag was missing from data'); - if (!ctx.request.body.data.vod) return ctx.badRequest('vod was missing from data'); - - const { tag: tagId, vod: vodId } = ctx.request.body.data; - - console.log(`lets make a combo entityService.findMany`) - const combo = await strapi.entityService.findMany('api::tag-vod-relation.tag-vod-relation', { - populate: ['tag', 'vod'], - filters: { - $and: [{ - tag: { - id: { - $eq: ctx.request.body.data.tag - } - } - }, { - vod: { - id: { - $eq: ctx.request.body.data.vod - } - } - }] - } - }) - - if (combo.length > 0) { - return ctx.badRequest('this vod already has that tag'); - } - - // @todo add votes and creator - ctx.request.body.data.creator = userId - ctx.request.body.data.votes = 2 - - const parseBody = (ctx) => { - if (ctx.is('multipart')) { - return parseMultipartData(ctx); - } - - const { data } = ctx.request.body || {}; - - return { data }; - }; - - - const sanitizedInputData = { - vod: vodId, - tag: tagId, - publishedAt: new Date(), - creator: userId, - creatorId: userId, - votes: 2 - } - - - - - - const entity = await strapi - .service('api::tag-vod-relation.tag-vod-relation') - .create({ - ...query, - data: sanitizedInputData, - populate: { vod: true, tag: true } - }); - - const sanitizedEntity = await this.sanitizeOutput(entity, ctx); - - return this.transformResponse({ ...sanitizedEntity }); - }, - - - async tagVod (ctx) { - - // create tag if needed - const userId = ctx?.state?.user?.id; - if (!userId) return ctx.badRequest("There was no user id in the request!"); - if (!ctx.request.body.data) return ctx.badRequest('data was missing from body'); - if (!ctx.request.body.data.tagName) return ctx.badRequest('tagName was missing from data'); - if (!ctx.request.body.data.vodId) return ctx.badRequest('vodId was missing from data'); - - const { tagName, vodId } = ctx.request.body.data; - - - const tag = await strapi.service('api::tag.tag').assertTag(tagName, userId); - - - try { - const tvr = await strapi.service('api::tag-vod-relation.tag-vod-relation').assertTvr(tag.id, vodId, userId); - - - const sanitizedEntity = await this.sanitizeOutput(tvr, ctx); - return this.transformResponse({ ...sanitizedEntity }); - } catch (e) { - console.error(e) - ctx.badRequest('Vod Tag could not be created.') - } - - }, - - async deleteMine (ctx) { - // // some custom logic here - // ctx.query = { ...ctx.query, local: 'en' } - - - - const userId = ctx?.state?.user?.id; - if (!userId) return ctx.badRequest("There was no user id in the request!"); - if (!ctx.request.params.id) return ctx.badRequest('id was missing from params'); - const { id } = ctx.request.params; - - // constraints - // only able to delete tagVodRelation if - // * creator - // * publishedAt isBefore(now-24h) - - - // get the tvr the user wants to delete - const tvrToDelete = await strapi.entityService.findOne('api::tag-vod-relation.tag-vod-relation', id, { - populate: { - tag: true, - vod: true, - creator: true, - } - }) - - if (!tvrToDelete) return ctx.badRequest('Tag to be deleted does not exist.'); - - if (tvrToDelete.creator.id !== userId) - ctx.forbidden('only the creator of the tag can delete it'); - - if ((new Date(tvrToDelete.createdAt).valueOf()+86400000) < new Date().valueOf()) - ctx.forbidden('cannot delete tags older than 24 hours') - - // Calling the default core action - const { data, meta } = await super.delete(ctx); - - // delete the related tag if it has no other vod - // @todo?? or maybe this is handled by lifecycle hook? - - // // some more custom logic - // meta.date = Date.now() - - return { data, meta }; - } - - -})); - diff --git a/services/strapi/src/api/tag-vod-relation/routes/tag-vod-relation.js b/services/strapi/src/api/tag-vod-relation/routes/tag-vod-relation.js deleted file mode 100644 index 2564f0f..0000000 --- a/services/strapi/src/api/tag-vod-relation/routes/tag-vod-relation.js +++ /dev/null @@ -1,51 +0,0 @@ -'use strict'; - -/** - * tag-vod-relation router - */ - -const { createCoreRouter } = require('@strapi/strapi').factories; - -const defaultRouter = createCoreRouter('api::tag-vod-relation.tag-vod-relation'); - -// greets https://forum.strapi.io/t/how-to-add-custom-routes-to-core-routes-in-strapi-4/14070/7 -const customRouter = (innerRouter, extraRoutes = []) => { - let routes; - return { - get prefix() { - return innerRouter.prefix; - }, - get routes() { - if (!routes) routes = extraRoutes.concat(innerRouter.routes) - return routes; - }, - }; -}; - -const myExtraRoutes = [ - { - method: "POST", - path: "/tag-vod-relations/relate", - handler: "api::tag-vod-relation.tag-vod-relation.relate" - }, - // { - // method: 'GET', - // path: '/tag-vod-relations', - // handler: 'api::tag-vod-relation.tag-vod-relation.find' - // }, - { - method: "PUT", - path: "/tag-vod-relations/vote", - handler: "api::tag-vod-relation.tag-vod-relation.vote" - }, { - method: 'POST', - path: '/tag-vod-relations/tag', - handler: 'api::tag-vod-relation.tag-vod-relation.tagVod' - }, { - method: 'DELETE', - path: '/tag-vod-relations/deleteMine/:id', - handler: 'api::tag-vod-relation.tag-vod-relation.deleteMine' - } -]; - -module.exports = customRouter(defaultRouter, myExtraRoutes); \ No newline at end of file diff --git a/services/strapi/src/api/tag-vod-relation/services/tag-vod-relation.js b/services/strapi/src/api/tag-vod-relation/services/tag-vod-relation.js deleted file mode 100644 index e958bbc..0000000 --- a/services/strapi/src/api/tag-vod-relation/services/tag-vod-relation.js +++ /dev/null @@ -1,69 +0,0 @@ -'use strict'; - -/** - * tag-vod-relation service - */ - -const { createCoreService } = require('@strapi/strapi').factories; - -module.exports = createCoreService('api::tag-vod-relation.tag-vod-relation', ({ strapi }) => ({ - - - async assertTvr(tagId, vodId, userId) { - - if (!tagId) throw new Error('tagId was missing in request'); - if (!vodId) throw new Error('vodId was missing in request'); - if (!userId) throw new Error('userId was missing in request'); - - - - let existingTvr; - existingTvr = await strapi.entityService - .findMany('api::tag-vod-relation.tag-vod-relation', { - limit: 1, - filters: { - $and: [ - { - tag: { - id: tagId, - }, - }, - { - vod: { - id: vodId - } - } - ] - }, - populate: ['tag', 'vod'] - }) - - - if (existingTvr.length === 0) { - const newTvr = await strapi.entityService.create('api::tag-vod-relation.tag-vod-relation', { - data: { - tag: tagId, - vod: vodId, - creator: userId, - creatorId: userId, - }, - populate: { - tag: true, - vod: true - } - }) - - // trigger data revalidation in next.js server - // fetch(`${nextJsServerUrl}/`) - return newTvr; - } else { - - return existingTvr[0]; - } - - - }, - -})); - - diff --git a/services/strapi/src/api/tag/content-types/tag/schema.json b/services/strapi/src/api/tag/content-types/tag/schema.json deleted file mode 100644 index 2884619..0000000 --- a/services/strapi/src/api/tag/content-types/tag/schema.json +++ /dev/null @@ -1,38 +0,0 @@ -{ - "kind": "collectionType", - "collectionName": "tags", - "info": { - "singularName": "tag", - "pluralName": "tags", - "displayName": "Tag", - "description": "" - }, - "options": { - "draftAndPublish": true - }, - "pluginOptions": {}, - "attributes": { - "name": { - "type": "string", - "unique": true, - "required": true - }, - "toy": { - "type": "relation", - "relation": "manyToOne", - "target": "api::toy.toy", - "inversedBy": "tags" - }, - "vods": { - "type": "relation", - "relation": "manyToMany", - "target": "api::vod.vod", - "inversedBy": "tags" - }, - "creator": { - "type": "relation", - "relation": "oneToOne", - "target": "plugin::users-permissions.user" - } - } -} diff --git a/services/strapi/src/api/tag/controllers/tag.js b/services/strapi/src/api/tag/controllers/tag.js deleted file mode 100644 index 51669a9..0000000 --- a/services/strapi/src/api/tag/controllers/tag.js +++ /dev/null @@ -1,87 +0,0 @@ -'use strict'; - -/** - * tag controller - */ - -const { createCoreController } = require('@strapi/strapi').factories; -const { sanitize } = require('@strapi/utils'); - - -module.exports = createCoreController('api::tag.tag', ({ strapi }) => ({ - - async random(ctx) { - const numberOfTags = 10; // Change this number to the desired number of random tags - const contentType = strapi.contentType('api::vod.vod'); - - // Fetch only the 'id' field of all tags - const tagIds = (await strapi.entityService.findMany( - "api::tag.tag", - { - fields: ['id'], - } - )).map(tag => tag.id); - - - const selectedTags = []; - - // Randomly select the specified number of tag IDs - for (let i = 0; i < numberOfTags; i++) { - const randomIndex = Math.floor(Math.random() * tagIds.length); - const randomTagId = tagIds[randomIndex]; - - - // Fetch the full details of the randomly selected tag using its ID - const rawTag = await strapi.entityService.findOne( - "api::tag.tag", - randomTagId, // Use the tag's ID - { - filter: { - publishedAt: { - $notNull: true, - }, - }, - fields: ['id', 'name'] - } - ); - - selectedTags.push(await sanitize.contentAPI.output(rawTag, contentType, { auth: ctx.state.auth })); - - // Remove the selected tag ID from the array to avoid duplicates - tagIds.splice(randomIndex, 1); - } - - ctx.body = selectedTags; - }, - - - - async createTagRelation(ctx) { - - // we have this controller which associates a tag with a vod - // this exists so users can indirectly update vod records which they dont have permissions to update - // first we need to get the user's request. - // they are telling us a vod ID and a tag ID - // our job is to get a reference to the vod, and add the tag relation. - - if (!ctx.request.body.data) return ctx.badRequest('data was missing from body'); - if (!ctx.request.body.data.tag) return ctx.badRequest('tag was missing from data'); - if (!ctx.request.body.data.vod) return ctx.badRequest('vod was missing from data'); - - const { tag, vod: vodId } = ctx.request.body.data; - - - - await strapi.entityService.update('api::vod.vod', vodId, { - data: { - tags: { - connect: [tag] - } - } - }) - - return 'OK' - - }, -})); - diff --git a/services/strapi/src/api/tag/routes/tag.js b/services/strapi/src/api/tag/routes/tag.js deleted file mode 100644 index db82f8f..0000000 --- a/services/strapi/src/api/tag/routes/tag.js +++ /dev/null @@ -1,37 +0,0 @@ -'use strict'; - -/** - * tag router - */ - -const { createCoreRouter } = require('@strapi/strapi').factories; -const defaultRouter = createCoreRouter('api::tag.tag'); - -// greets https://forum.strapi.io/t/how-to-add-custom-routes-to-core-routes-in-strapi-4/14070/7 -const customRouter = (innerRouter, extraRoutes = []) => { - let routes; - return { - get prefix() { - return innerRouter.prefix; - }, - get routes() { - if (!routes) routes = extraRoutes.concat(innerRouter.routes) - return routes; - }, - }; -}; - -const myExtraRoutes = [ - { - method: "POST", - path: "/tag/tagRelation", - handler: "api::tag.tag.createTagRelation" - }, - { - method: 'GET', - path: '/tag/random', - handler: 'api::tag.tag.random' - } -]; - -module.exports = customRouter(defaultRouter, myExtraRoutes) diff --git a/services/strapi/src/api/tag/services/tag.js b/services/strapi/src/api/tag/services/tag.js deleted file mode 100644 index 538bebc..0000000 --- a/services/strapi/src/api/tag/services/tag.js +++ /dev/null @@ -1,46 +0,0 @@ -'use strict'; - -/** - * tag service - */ - -const { createCoreService } = require('@strapi/strapi').factories; - -module.exports = createCoreService('api::tag.tag', ({ strapi }) => ({ - async assertTag(tagName, userId) { - - if (!tagName) throw new Error('tagName was missing from request'); - if (!userId) throw new Error('userId was missing from request'); - - let tagEntry; - - // does the named tag already exist? - // tagEntry = await strapi.db.query('api::tag.tag') - // .findOne({ where: { name: tagName } }); - tagEntry = (await strapi.entityService.findMany('api::tag.tag', { - limit: 1, - filters: { - $and: [ - { - publishedAt: { $notNull: true }, - }, - { - name: tagName - } - ] - } - }))[0] - - if (!tagEntry) { - tagEntry = await strapi.entityService.create('api::tag.tag', { - data: { - name: tagName, - creator: userId, - publishedAt: new Date(), - } - }) - } - - return tagEntry; - }, -})); diff --git a/services/strapi/src/api/timestamp/content-types/timestamp/schema.json b/services/strapi/src/api/timestamp/content-types/timestamp/schema.json deleted file mode 100644 index 71b8ffb..0000000 --- a/services/strapi/src/api/timestamp/content-types/timestamp/schema.json +++ /dev/null @@ -1,47 +0,0 @@ -{ - "kind": "collectionType", - "collectionName": "timestamps", - "info": { - "singularName": "timestamp", - "pluralName": "timestamps", - "displayName": "Timestamp", - "description": "" - }, - "options": { - "draftAndPublish": false, - "populateCreatorFields": true - }, - "pluginOptions": {}, - "attributes": { - "time": { - "type": "integer", - "required": true - }, - "tag": { - "type": "relation", - "relation": "oneToOne", - "target": "api::tag.tag", - "required": true - }, - "vod": { - "type": "relation", - "relation": "manyToOne", - "target": "api::vod.vod", - "inversedBy": "timestamps" - }, - "creatorId": { - "type": "integer", - "required": true - }, - "upvoters": { - "type": "relation", - "relation": "oneToMany", - "target": "plugin::users-permissions.user" - }, - "downvoters": { - "type": "relation", - "relation": "oneToMany", - "target": "plugin::users-permissions.user" - } - } -} diff --git a/services/strapi/src/api/timestamp/controllers/timestamp.js b/services/strapi/src/api/timestamp/controllers/timestamp.js deleted file mode 100644 index a131f44..0000000 --- a/services/strapi/src/api/timestamp/controllers/timestamp.js +++ /dev/null @@ -1,166 +0,0 @@ -'use strict'; - -/** - * timestamp controller - */ - -const { createCoreController } = require('@strapi/strapi').factories; - -module.exports = createCoreController('api::timestamp.timestamp', ({ strapi }) => ({ - - - async find(ctx) { - const { data, meta } = await super.find(ctx); - - // Iterate over each timestamp in the data array - const timestampsWithVotes = await Promise.all(data.map(async (timestamp) => { - // Retrieve the upvoters count for the current timestamp - // Retrieve the downvoters count for the current timestamp - const entry = await strapi.db - .query('api::timestamp.timestamp') - .findOne({ - populate: ['upvoters', 'downvoters'], - where: { - id: timestamp.id - } - }); - - const upvotesCount = entry.upvoters.length - const downvotesCount = entry.downvoters.length - - // Create new properties "upvotes" and "downvotes" on the timestamp object - timestamp.attributes.upvotes = upvotesCount; - timestamp.attributes.downvotes = downvotesCount; - - return timestamp; - })); - - - return { data: timestampsWithVotes, meta }; - }, - - - async assert(ctx) { - const userId = ctx?.state?.user?.id; - if (!userId) return ctx.badRequest("There was no user id in the request!"); - if (!ctx.request.body.data) return ctx.badRequest('data was missing from body'); - if (!ctx.request.body.data.tagId) return ctx.badRequest('tagId was missing from data'); - if (ctx.request.body.data.time === undefined || ctx.request.body.data.time === null || ctx.request.body.data.time < 0) return ctx.badRequest('time was missing from data'); - if (!ctx.request.body.data.vodId) return ctx.badRequest('vodId was missing from data'); - const { time, tagId, vodId } = ctx.request.body.data; - const timestamp = await strapi.service('api::timestamp.timestamp').assertTimestamp(userId, tagId, vodId, time); - return timestamp; - }, - - - // greets https://docs.strapi.io/dev-docs/backend-customization/controllers#extending-core-controllers - // greets https://docs.strapi.io/dev-docs/backend-customization/controllers#adding-a-new-controller - // Method 2: Wrapping a core action (leaves core logic in place) - async create(ctx) { - // add creatorId to the record - const userId = ctx?.state?.user?.id; - if (!userId) return ctx.badRequest("There was no user id in the request!"); - if (!ctx.request.body.data) return ctx.badRequest('data was missing from body'); - if (!ctx.request.body.data.tag) return ctx.badRequest('tag was missing from data'); - const { time, tag } = ctx.request.body.data; - - ctx.request.body.data.creatorId = userId - - // does the timestamp already exist with same combination of time+tag? - const duplicate = await strapi.db.query('api::timestamp.timestamp') - .findOne({ where: { time, tag }}) - - if (!!duplicate) return ctx.badRequest('A duplicate timestamp already exists!'); - - // Calling the default core action - const res = await super.create(ctx); - - return res - }, - - - async vote(ctx) { - const userId = ctx?.state?.user?.id; - const { direction } = ctx.request.body.data; - if (!ctx.request.params.id) return ctx.badRequest('id was missing from params'); - const { id } = ctx.request.params; - // get the ts to be voted on - const ts = await strapi.entityService.findOne('api::timestamp.timestamp', id) - if (!ts) return ctx.badRequest('timestamp does not exist'); - const res = await strapi.entityService.update('api::timestamp.timestamp', id, { - data: { - upvoters: direction === 1 ? { connect: [userId] } : { disconnect: [userId] }, - downvoters: direction === 1 ? { disconnect: [userId] } : { connect: [userId] } - } - }); - return res; - }, - - - - async delete(ctx) { - const userId = ctx?.state?.user?.id; - const { id } = ctx.request.params; - - // get the ts to be deleted - const ts = await strapi.entityService.findOne('api::timestamp.timestamp', id) - if (!ts) return ctx.badRequest('Timestamp does not exist') - - - // Refuse to delete if not the tag creator - if (ts.creatorId !== userId) return ctx.forbidden('Only the timestamp creator can delete the timestamp.') - - - const res = await super.delete(ctx) - return res - - }, - - - async deleteMine (ctx) { - // // some custom logic here - // ctx.query = { ...ctx.query, local: 'en' } - - const userId = ctx?.state?.user?.id; - if (!userId) return ctx.badRequest("There was no user id in the request!"); - if (!ctx.request.params.id) return ctx.badRequest('id was missing from params'); - const { id } = ctx.request.params; - - // constraints - // only able to delete tagVodRelation if - // * creator - // * publishedAt isBefore(now-24h) - - - // get the tvr the user wants to delete - const timestampToDelete = await strapi.entityService.findOne('api::timestamp.timestamp', id, { - populate: { - tag: true, - vod: true - } - }) - - if (!timestampToDelete) return ctx.badRequest('Timestamp to be deleted does not exist.'); - - - if (timestampToDelete.creatorId !== userId) - ctx.forbidden('only the creator of the timestamp can delete it'); - - if ((new Date(timestampToDelete.createdAt).valueOf()+86400000) < new Date().valueOf()) - ctx.forbidden('cannot delete tags older than 24 hours') - - // Calling the default core action - const { data, meta } = await super.delete(ctx); - - // delete the related tag if it has no other vod - // @todo?? or maybe this is handled by lifecycle hook? - - // // some more custom logic - // meta.date = Date.now() - - return { data, meta }; - } - - -})) - diff --git a/services/strapi/src/api/timestamp/routes/timestamp.js b/services/strapi/src/api/timestamp/routes/timestamp.js deleted file mode 100644 index 1c8e7c6..0000000 --- a/services/strapi/src/api/timestamp/routes/timestamp.js +++ /dev/null @@ -1,53 +0,0 @@ -'use strict'; - -/** - * timestamp router - */ - -const { createCoreRouter } = require('@strapi/strapi').factories; - - -const defaultRouter = createCoreRouter('api::timestamp.timestamp'); - -// greets https://forum.strapi.io/t/how-to-add-custom-routes-to-core-routes-in-strapi-4/14070/7 -const customRouter = (innerRouter, extraRoutes = []) => { - let routes; - return { - get prefix() { - return innerRouter.prefix; - }, - get routes() { - if (!routes) routes = extraRoutes.concat(innerRouter.routes) - return routes; - }, - }; -}; - - - -const myExtraRoutes = [ - { - method: 'POST', - path: '/timestamps/assert', - handler: 'api::timestamp.timestamp.assert' - }, - { - method: "PUT", - path: "/timestamps/:id/vote", - handler: "api::timestamp.timestamp.vote" - }, - { - method: 'DELETE', - path: '/timestamps/:id', - handler: 'api::timestamp.timestamp.delete' - }, - { - method: 'DELETE', - path: '/timestamps/deleteMine/:id', - handler: 'api::timestamp.timestamp.deleteMine' - } -]; - -module.exports = customRouter(defaultRouter, myExtraRoutes); - - diff --git a/services/strapi/src/api/timestamp/services/timestamp.js b/services/strapi/src/api/timestamp/services/timestamp.js deleted file mode 100644 index bfa84c2..0000000 --- a/services/strapi/src/api/timestamp/services/timestamp.js +++ /dev/null @@ -1,44 +0,0 @@ -'use strict'; - -/** - * timestamp service - */ - -const { createCoreService } = require('@strapi/strapi').factories; - -module.exports = createCoreService('api::timestamp.timestamp', ({ strapi }) => ({ - async assertTimestamp(userId, tagId, vodId, time) { - const existingTimestamp = await strapi.entityService.findMany('api::timestamp.timestamp', { - populate: ['vod', 'tag'], - filters: { - $and: [ - { - tag: { - id: tagId - } - }, - { - vod: { - id: vodId - } - }, - { - time: parseInt(time) - } - ] - }, - limit: 1 - }) - if (existingTimestamp.length > 0) return existingTimestamp[0]; - const newTimestamp = await strapi.entityService.create('api::timestamp.timestamp', { - data: { - tag: tagId, - vod: vodId, - creatorId: userId, - time: time, - } - }); - - return newTimestamp; - } -})); diff --git a/services/strapi/src/api/toy/content-types/toy/schema.json b/services/strapi/src/api/toy/content-types/toy/schema.json deleted file mode 100644 index 4e2baba..0000000 --- a/services/strapi/src/api/toy/content-types/toy/schema.json +++ /dev/null @@ -1,51 +0,0 @@ -{ - "kind": "collectionType", - "collectionName": "toys", - "info": { - "singularName": "toy", - "pluralName": "toys", - "displayName": "Toy", - "description": "" - }, - "options": { - "draftAndPublish": false - }, - "pluginOptions": {}, - "attributes": { - "tags": { - "type": "relation", - "relation": "oneToMany", - "target": "api::tag.tag", - "mappedBy": "toy" - }, - "make": { - "type": "string", - "required": true - }, - "model": { - "type": "string", - "required": true - }, - "aspectRatio": { - "type": "string", - "default": "2:1", - "required": true - }, - "image2": { - "type": "string", - "default": "https://futureporn-b2.b-cdn.net/default-thumbnail.webp", - "required": true - }, - "linkTag": { - "type": "relation", - "relation": "oneToOne", - "target": "api::tag.tag" - }, - "vtubers": { - "type": "relation", - "relation": "oneToMany", - "target": "api::vtuber.vtuber", - "mappedBy": "toy" - } - } -} diff --git a/services/strapi/src/api/toy/controllers/toy.js b/services/strapi/src/api/toy/controllers/toy.js deleted file mode 100644 index 32bae69..0000000 --- a/services/strapi/src/api/toy/controllers/toy.js +++ /dev/null @@ -1,9 +0,0 @@ -'use strict'; - -/** - * toy controller - */ - -const { createCoreController } = require('@strapi/strapi').factories; - -module.exports = createCoreController('api::toy.toy'); diff --git a/services/strapi/src/api/toy/routes/toy.js b/services/strapi/src/api/toy/routes/toy.js deleted file mode 100644 index 21d9d6a..0000000 --- a/services/strapi/src/api/toy/routes/toy.js +++ /dev/null @@ -1,9 +0,0 @@ -'use strict'; - -/** - * toy router - */ - -const { createCoreRouter } = require('@strapi/strapi').factories; - -module.exports = createCoreRouter('api::toy.toy'); diff --git a/services/strapi/src/api/toy/services/toy.js b/services/strapi/src/api/toy/services/toy.js deleted file mode 100644 index cd2dd6d..0000000 --- a/services/strapi/src/api/toy/services/toy.js +++ /dev/null @@ -1,9 +0,0 @@ -'use strict'; - -/** - * toy service - */ - -const { createCoreService } = require('@strapi/strapi').factories; - -module.exports = createCoreService('api::toy.toy'); diff --git a/services/strapi/src/api/tweet/content-types/tweet/lifecycles.js b/services/strapi/src/api/tweet/content-types/tweet/lifecycles.js deleted file mode 100644 index e8cc61f..0000000 --- a/services/strapi/src/api/tweet/content-types/tweet/lifecycles.js +++ /dev/null @@ -1,136 +0,0 @@ -const generateCuid = require('../../../../../misc/generateCuid.js'); - -const cbUrlRegex = /chaturbate\.com/i; -const fanslyUrlRegex = /https?:\/\/(?:www\.)?fans(?:\.ly|ly\.com)\/r\/[a-zA-Z0-9_]+/; - -const cbAlternativeUrls = [ - 'shorturl.at/tNUVY' // used by ProjektMelody in the early days -] - - -/** - * Returns true if the tweet contains a chaturbate.com link - * - * @param {Object} tweet - * @returns {Boolean} - */ -const containsCBInviteLink = (tweet) => { - const containsCbUrl = (link) => { - if (!link?.url) return false; - const isCbUrl = cbUrlRegex.test(link.url); - const isAlternativeCbUrl = cbAlternativeUrls.some(alternativeUrl => link.url.includes(alternativeUrl)); - return isCbUrl || isAlternativeCbUrl; - } - try { - if (!tweet?.links) return false; - return tweet.links.some(containsCbUrl) - } catch (e) { - logger.log({ level: 'error', message: 'ERROR ERROR ERROR ERROR ERROR ERROR ERROR ERROR ERROR ERROR ERROR ERROR ERROR ERROR ERROR ERROR ERROR ERROR' }); - logger.log({ level: 'error', message: e }); - return false; - } -}; - -const containsFanslyInviteLink = (tweet) => { - const containsFanslyUrl = (link) => { - if (!link?.url) return false; - return (fanslyUrlRegex.test(link?.url)) - } - try { - if (!tweet?.links) return false; - return tweet.links.some(containsFanslyUrl) - } catch (e) { - logger.log({ level: 'error', message: 'ERROR ERROR ERROR ERROR ERROR ERROR ERROR ERROR ERROR ERROR ERROR ERROR ERROR ERROR ERROR ERROR ERROR ERROR' }); - logger.log({ level: 'error', message: e }); - return false; - } -}; - - -const deriveTitle = (text) => { - // @see https://www.urlregex.com/ - const urlRegex = /((([A-Za-z]{3,9}:(?:\/\/)?)(?:[\-;:&=\+\$,\w]+@)?[A-Za-z0-9\.\-]+|(?:www\.|[\-;:&=\+\$,\w]+@)[A-Za-z0-9\.\-]+)((?:\/[\+~%\/\.\w\-_]*)?\??(?:[\-\+=&;%@\.\w_]*)#?(?:[\.\!\/\\\w]*))?)/g; - let title = text - .replace(urlRegex, '') // remove urls - .replace(/\n/g, ' ') // replace newlines with spaces - .replace(/>/g, '>') // gimme dem greater-than brackets - .replace(/</g, '<') // i want them less-thans too - .replace(/&/g, '&') // ampersands are sexy - .replace(/\s+$/, ''); // remove trailing whitespace - return title; -}; - - - - -module.exports = { - async afterCreate(event) { - // * [ ] Create Stream - const id = event.result.id; - console.log(`>>> tweet afterCreate id=${id}`); - const { data } = event.params; - - console.log(data); - - // IF this tweet was a fansly or chaturbate invite, create & associate Stream - if (data.isChaturbateInvite || data.isFanslyInvite) { - const stream = await strapi.entityService.create('api::stream.stream', { - data: { - tweet: id, - vtuber: data.vtuber, - date: data.date, - date_str: data.date, - date2: data.date, - archiveStatus: 'missing', - cuid: generateCuid() - } - }); - - // console.log(data) - console.log(`stream.id=${stream.id}`); - - // const existingData = await strapi.entityService.findOne("api::stream.stream", id, { - // populate: ['vods'] - // }) - } - }, - async beforeCreate(event) { - // * [x] Set platform to CB or Fansly - // * [x] Set vtuber - // * [x] Set date - // * [x] Set id_str - // * [x] Set url - - const { data, where, select, populate } = event.params; - console.log('>>> tweet beforeCreate!'); - - const tweet = JSON.parse(data.json); - // console.log(tweet); - console.log(`containsCBInviteLink=${containsCBInviteLink(tweet)}, containsFanslyInviteLink=${containsFanslyInviteLink(tweet)}`); - - - data.isChaturbateInvite = containsCBInviteLink(tweet); - data.isFanslyInvite = containsFanslyInviteLink(tweet); - - const tweetDate = new Date(tweet.date).toISOString(); - data.id_str = tweet.id_str; - data.date = tweetDate; - data.date2 = tweetDate; - data.url = tweet.url; - - // Set VTuber - const twitterUsername = tweet.user.username; - const vtuberRecords = await strapi.entityService.findMany("api::vtuber.vtuber", { - fields: ['displayName', 'slug', 'id'], - filters: { - twitter: { - $endsWithi: twitterUsername - } - } - }); - if (!!vtuberRecords[0]) data.vtuber = vtuberRecords[0].id; - - - - } -} diff --git a/services/strapi/src/api/tweet/content-types/tweet/schema.json b/services/strapi/src/api/tweet/content-types/tweet/schema.json deleted file mode 100644 index 3d94b7c..0000000 --- a/services/strapi/src/api/tweet/content-types/tweet/schema.json +++ /dev/null @@ -1,49 +0,0 @@ -{ - "kind": "collectionType", - "collectionName": "tweets", - "info": { - "singularName": "tweet", - "pluralName": "tweets", - "displayName": "Tweet", - "description": "" - }, - "options": { - "draftAndPublish": false - }, - "pluginOptions": {}, - "attributes": { - "id_str": { - "type": "string", - "required": false, - "unique": true - }, - "url": { - "type": "string", - "required": false - }, - "date2": { - "type": "string", - "required": false, - "unique": true - }, - "json": { - "type": "text", - "required": true - }, - "vtuber": { - "type": "relation", - "relation": "oneToOne", - "target": "api::vtuber.vtuber" - }, - "isChaturbateInvite": { - "type": "boolean" - }, - "isFanslyInvite": { - "type": "boolean" - }, - "date": { - "type": "datetime", - "unique": true - } - } -} diff --git a/services/strapi/src/api/tweet/controllers/tweet.js b/services/strapi/src/api/tweet/controllers/tweet.js deleted file mode 100644 index bbb1fed..0000000 --- a/services/strapi/src/api/tweet/controllers/tweet.js +++ /dev/null @@ -1,9 +0,0 @@ -'use strict'; - -/** - * tweet controller - */ - -const { createCoreController } = require('@strapi/strapi').factories; - -module.exports = createCoreController('api::tweet.tweet'); diff --git a/services/strapi/src/api/tweet/routes/tweet.js b/services/strapi/src/api/tweet/routes/tweet.js deleted file mode 100644 index efce886..0000000 --- a/services/strapi/src/api/tweet/routes/tweet.js +++ /dev/null @@ -1,9 +0,0 @@ -'use strict'; - -/** - * tweet router - */ - -const { createCoreRouter } = require('@strapi/strapi').factories; - -module.exports = createCoreRouter('api::tweet.tweet'); diff --git a/services/strapi/src/api/tweet/services/tweet.js b/services/strapi/src/api/tweet/services/tweet.js deleted file mode 100644 index 9be1baf..0000000 --- a/services/strapi/src/api/tweet/services/tweet.js +++ /dev/null @@ -1,9 +0,0 @@ -'use strict'; - -/** - * tweet service - */ - -const { createCoreService } = require('@strapi/strapi').factories; - -module.exports = createCoreService('api::tweet.tweet'); diff --git a/services/strapi/src/api/user-submitted-content/content-types/user-submitted-content/lifecycles.js b/services/strapi/src/api/user-submitted-content/content-types/user-submitted-content/lifecycles.js deleted file mode 100644 index 0b4ed24..0000000 --- a/services/strapi/src/api/user-submitted-content/content-types/user-submitted-content/lifecycles.js +++ /dev/null @@ -1,57 +0,0 @@ -const { S3Client, DeleteObjectCommand } = require("@aws-sdk/client-s3"); -require('dotenv').config() - -if (!process.env.S3_USC_BUCKET_NAME) throw new Error('S3_USC_BUCKET_NAME must be defined in env'); -if (!process.env.S3_USC_BUCKET_ENDPOINT) throw new Error('S3_USC_BUCKET_ENDPOINT must be defined in env'); -if (!process.env.S3_USC_BUCKET_REGION) throw new Error('S3_USC_BUCKET_REGION must be defined in env'); - -// AWS.config.loadFromPath('./credentials-ehl.json'); - - - -module.exports = { - - - // when strapi deletes a USC, we delete the related files in the S3 bucket. - async afterDelete(event) { - - console.log('>>> afterDelete'); - console.log(event); - - const { result } = event; - - - - // a client can be shared by different commands. - const client = new S3Client({ - endpoint: process.env.S3_USC_BUCKET_ENDPOINT, - region: process.env.S3_USC_BUCKET_REGION - }); - // https://fp-usc-dev.s3.us-west-000.backblazeb2.com/GEB7_QcaUAAQ29O.jpg - - for (const file of result.files) { - console.log(`deleting ${file.key}`); - const res = await client.send(new DeleteObjectCommand({ - Bucket: process.env.S3_USC_BUCKET_NAME, - Key: file.key - })); - - console.log(res); - } - - - - // var s3 = new S3(); - // var params = { Bucket: process.env.S3_USC_BUCKET, Key: 'your object' }; - - // const res = await s3.deleteObject(params).promise(); - - // console.log('deletion complete.'); - // console.log(res); - - // , function(err, data) { - // if (err) console.log(err, err.stack); // error - // else console.log(); // deleted - // }); - } -} \ No newline at end of file diff --git a/services/strapi/src/api/user-submitted-content/content-types/user-submitted-content/schema.json b/services/strapi/src/api/user-submitted-content/content-types/user-submitted-content/schema.json deleted file mode 100644 index e0e5896..0000000 --- a/services/strapi/src/api/user-submitted-content/content-types/user-submitted-content/schema.json +++ /dev/null @@ -1,57 +0,0 @@ -{ - "kind": "collectionType", - "collectionName": "user_submitted_contents", - "info": { - "singularName": "user-submitted-content", - "pluralName": "user-submitted-contents", - "displayName": "User Submitted Content", - "description": "" - }, - "options": { - "draftAndPublish": false - }, - "pluginOptions": {}, - "attributes": { - "uploader": { - "type": "relation", - "relation": "oneToOne", - "target": "plugin::users-permissions.user" - }, - "attribution": { - "type": "boolean", - "default": false - }, - "date": { - "type": "string", - "required": true - }, - "notes": { - "type": "richtext" - }, - "files": { - "type": "json", - "required": true - }, - "approved": { - "type": "boolean", - "default": false - }, - "vtuber": { - "type": "relation", - "relation": "oneToOne", - "target": "api::vtuber.vtuber" - }, - "uploaderId": { - "type": "integer" - }, - "streamCuid": { - "type": "string" - }, - "discordInteraction": { - "type": "relation", - "relation": "oneToOne", - "target": "api::discord-interaction.discord-interaction", - "mappedBy": "userSubmittedContent" - } - } -} diff --git a/services/strapi/src/api/user-submitted-content/controllers/user-submitted-content.js b/services/strapi/src/api/user-submitted-content/controllers/user-submitted-content.js deleted file mode 100644 index cda33f8..0000000 --- a/services/strapi/src/api/user-submitted-content/controllers/user-submitted-content.js +++ /dev/null @@ -1,64 +0,0 @@ - -'use strict'; - -require('dotenv').config() - -if (!process.env.CDN_BUCKET_USC_URL) throw new Error('CDN_BUCKET_USC_URL environment variable is required!'); - -/** - * user-submitted-content controller - */ - -const { createCoreController } = require('@strapi/strapi').factories; - -// greets https://docs.strapi.io/dev-docs/backend-customization/controllers#adding-a-new-controller -module.exports = createCoreController('api::user-submitted-content.user-submitted-content', ({ strapi }) => ({ - - async createFromUppy(ctx) { - try { - // Destructure data from the request body - const { data } = ctx.request.body; - - console.log(data); - - // Check for required fields in the data - const requiredFields = ['files', 'vtuber', 'date', 'notes', 'attribution']; - if (!data) { - return ctx.badRequest('ctx.request.body.data was missing.'); - } - for (const field of requiredFields) { - console.log(`checking field=${field} data[field]=${data[field]}`); - if (data[field] === undefined || data[field] === null) { - return ctx.badRequest(`${field} was missing from request data.`); - } - } - - // Extract relevant data - const { files, vtuber, streamCuid, date, notes, attribution } = data; - const uploader = ctx.state.user.id; - const uploaderId = ctx.state.user.id; - - console.log('Creating user-submitted content'); - const usc = await strapi.entityService.create('api::user-submitted-content.user-submitted-content', { - data: { - uploader, - uploaderId, - files: files.map((f) => ({ ...f, cdnUrl: `${process.env.CDN_BUCKET_USC_URL}/${f.key}` })), - vtuber, - streamCuid, - date, - notes, - attribution, - } - }); - - return usc; - } catch (error) { - // Handle unexpected errors - console.error(error); - return ctx.badRequest('An error occurred while processing the request'); - } - } - - })); - \ No newline at end of file diff --git a/services/strapi/src/api/user-submitted-content/routes/user-submitted-content.js b/services/strapi/src/api/user-submitted-content/routes/user-submitted-content.js deleted file mode 100644 index ed91c49..0000000 --- a/services/strapi/src/api/user-submitted-content/routes/user-submitted-content.js +++ /dev/null @@ -1,33 +0,0 @@ -'use strict'; - -/** - * user-submitted-content router - */ - -const { createCoreRouter } = require('@strapi/strapi').factories; - -const defaultRouter = createCoreRouter('api::user-submitted-content.user-submitted-content'); - -// greets https://forum.strapi.io/t/how-to-add-custom-routes-to-core-routes-in-strapi-4/14070/7 -const customRouter = (innerRouter, extraRoutes = []) => { - let routes; - return { - get prefix() { - return innerRouter.prefix; - }, - get routes() { - if (!routes) routes = extraRoutes.concat(innerRouter.routes) - return routes; - }, - }; -}; - -const myExtraRoutes = [ - { - method: "POST", - path: "/user-submitted-contents/createFromUppy", - handler: "api::user-submitted-content.user-submitted-content.createFromUppy" - } -]; - -module.exports = customRouter(defaultRouter, myExtraRoutes); \ No newline at end of file diff --git a/services/strapi/src/api/user-submitted-content/services/user-submitted-content.js b/services/strapi/src/api/user-submitted-content/services/user-submitted-content.js deleted file mode 100644 index 9c176aa..0000000 --- a/services/strapi/src/api/user-submitted-content/services/user-submitted-content.js +++ /dev/null @@ -1,9 +0,0 @@ -'use strict'; - -/** - * user-submitted-content service - */ - -const { createCoreService } = require('@strapi/strapi').factories; - -module.exports = createCoreService('api::user-submitted-content.user-submitted-content'); diff --git a/services/strapi/src/api/vod/content-types/vod/lifecycles.js b/services/strapi/src/api/vod/content-types/vod/lifecycles.js deleted file mode 100644 index 879eeee..0000000 --- a/services/strapi/src/api/vod/content-types/vod/lifecycles.js +++ /dev/null @@ -1,27 +0,0 @@ -const { init } = require('@paralleldrive/cuid2'); - -function generateCuid(event) { - const { data } = event.params; - if (!data.cuid) { - const length = 10; // 50% odds of collision after ~51,386,368 ids - const cuid = init({ length }); - event.params.data.cuid = cuid(); - } -} - -module.exports = { - async beforeUpdate(event) { - console.log(`>> beforeUpdate! We are generating a CUID`); - generateCuid(event); - }, - async beforeCreate(event) { - console.log(`>> beforeCreate! We are generating a CUID`); - generateCuid(event); - }, - async afterCreate(event) { - console.log(`>> afterCreate! We are generating a CUID`); - generateCuid(event); - } -} - - diff --git a/services/strapi/src/api/vod/content-types/vod/schema.json b/services/strapi/src/api/vod/content-types/vod/schema.json deleted file mode 100644 index 2446a76..0000000 --- a/services/strapi/src/api/vod/content-types/vod/schema.json +++ /dev/null @@ -1,142 +0,0 @@ -{ - "kind": "collectionType", - "collectionName": "vods", - "info": { - "singularName": "vod", - "pluralName": "vods", - "displayName": "VOD", - "description": "" - }, - "options": { - "draftAndPublish": true - }, - "pluginOptions": {}, - "attributes": { - "videoSrcHash": { - "type": "string", - "regex": "Qm[1-9A-HJ-NP-Za-km-z]{44,}|b[A-Za-z2-7]{58,}|B[A-Z2-7]{58,}|z[1-9A-HJ-NP-Za-km-z]{48,}|F[0-9A-F]{50,}", - "required": false, - "unique": true - }, - "video720Hash": { - "type": "string", - "unique": true, - "regex": "Qm[1-9A-HJ-NP-Za-km-z]{44,}|b[A-Za-z2-7]{58,}|B[A-Z2-7]{58,}|z[1-9A-HJ-NP-Za-km-z]{48,}|F[0-9A-F]{50,}" - }, - "video480Hash": { - "type": "string", - "regex": "Qm[1-9A-HJ-NP-Za-km-z]{44,}|b[A-Za-z2-7]{58,}|B[A-Z2-7]{58,}|z[1-9A-HJ-NP-Za-km-z]{48,}|F[0-9A-F]{50,}", - "unique": true - }, - "video360Hash": { - "type": "string", - "regex": "Qm[1-9A-HJ-NP-Za-km-z]{44,}|b[A-Za-z2-7]{58,}|B[A-Z2-7]{58,}|z[1-9A-HJ-NP-Za-km-z]{48,}|F[0-9A-F]{50,}", - "unique": true - }, - "video240Hash": { - "type": "string", - "regex": "Qm[1-9A-HJ-NP-Za-km-z]{44,}|b[A-Za-z2-7]{58,}|B[A-Z2-7]{58,}|z[1-9A-HJ-NP-Za-km-z]{48,}|F[0-9A-F]{50,}", - "unique": true - }, - "thinHash": { - "type": "string", - "regex": "Qm[1-9A-HJ-NP-Za-km-z]{44,}|b[A-Za-z2-7]{58,}|B[A-Z2-7]{58,}|z[1-9A-HJ-NP-Za-km-z]{48,}|F[0-9A-F]{50,}", - "unique": true - }, - "thiccHash": { - "type": "string", - "regex": "Qm[1-9A-HJ-NP-Za-km-z]{44,}|b[A-Za-z2-7]{58,}|B[A-Z2-7]{58,}|z[1-9A-HJ-NP-Za-km-z]{48,}|F[0-9A-F]{50,}", - "unique": true - }, - "announceTitle": { - "type": "string" - }, - "announceUrl": { - "type": "string", - "unique": false - }, - "note": { - "type": "text" - }, - "date": { - "type": "datetime" - }, - "date2": { - "type": "string", - "required": true - }, - "spoilers": { - "type": "richtext" - }, - "title": { - "type": "string" - }, - "uploader": { - "type": "relation", - "relation": "oneToOne", - "target": "plugin::users-permissions.user" - }, - "muxAsset": { - "type": "relation", - "relation": "oneToOne", - "target": "api::mux-asset.mux-asset" - }, - "videoSrcB2": { - "type": "relation", - "relation": "oneToOne", - "target": "api::b2-file.b2-file" - }, - "thumbnail": { - "type": "relation", - "relation": "oneToOne", - "target": "api::b2-file.b2-file" - }, - "chatLog": { - "type": "richtext" - }, - "tags": { - "type": "relation", - "relation": "manyToMany", - "target": "api::tag.tag", - "mappedBy": "vods" - }, - "timestamps": { - "type": "relation", - "relation": "oneToMany", - "target": "api::timestamp.timestamp", - "mappedBy": "vod" - }, - "tagVodRelations": { - "type": "relation", - "relation": "oneToMany", - "target": "api::tag-vod-relation.tag-vod-relation", - "mappedBy": "vod" - }, - "vtuber": { - "type": "relation", - "relation": "manyToOne", - "target": "api::vtuber.vtuber", - "inversedBy": "vods" - }, - "stream": { - "type": "relation", - "relation": "manyToOne", - "target": "api::stream.stream", - "inversedBy": "vods" - }, - "archiveStatus": { - "type": "enumeration", - "enum": [ - "missing", - "issue", - "good" - ], - "required": false, - "default": "issue" - }, - "cuid": { - "type": "string", - "unique": true - } - } -} diff --git a/services/strapi/src/api/vod/controllers/vod.js b/services/strapi/src/api/vod/controllers/vod.js deleted file mode 100644 index 9dc9ff2..0000000 --- a/services/strapi/src/api/vod/controllers/vod.js +++ /dev/null @@ -1,85 +0,0 @@ -'use strict'; - - -const { sanitize } = require('@strapi/utils'); - -if (!process.env.CDN_BUCKET_USC_URL) throw new Error('CDN_BUCKET_USC_URL environment variable is required!'); - -/** - * vod controller - */ - -const { createCoreController } = require('@strapi/strapi').factories; - -// greets https://docs.strapi.io/dev-docs/backend-customization/controllers#adding-a-new-controller -module.exports = createCoreController('api::vod.vod', ({ strapi }) => ({ - - async createFromUppy(ctx) { - - const uploaderId = ctx.state.user.id; - - if (!ctx.request.body.data) return ctx.badRequest("data was missing in request body"); - if (!ctx.request.body.data.date) return ctx.badRequest("date was missing"); - if (!ctx.request.body.data.b2Key) return ctx.badRequest("b2Key was missing"); - if (!ctx.request.body.data.b2UploadId) return ctx.badRequest("b2UploadId was missing"); - - - const videoSrcB2 = await strapi.entityService.create('api::b2-file.b2-file', { - data: { - url: `https://f000.backblazeb2.com/b2api/v1/b2_download_file_by_id?fileId=${ctx.request.body.data.b2UploadId}`, - key: ctx.request.body.data.b2Key, - uploadId: ctx.request.body.data.b2UploadId, - cdnUrl: `${process.env.CDN_BUCKET_USC_URL}/${ctx.request.body.data.b2Key}` - } - }); - - const vod = await strapi.entityService.create('api::vod.vod', { - data: { - notes: ctx.request.body.data.notes, - date: ctx.request.body.data.date, - videoSrcB2: videoSrcB2.id, - publishedAt: null, - uploader: uploaderId, - } - }); - - return vod; - }, - - // greets https://stackoverflow.com/a/73929966/1004931 - async random(ctx) { - const numberOfEntries = 1; - const contentType = strapi.contentType('api::vod.vod') - - // Fetch only the 'id' field of all VODs - const entries = await strapi.entityService.findMany( - "api::vod.vod", - { - fields: ['id'], - filters: { - publishedAt: { - $notNull: true, - }, - } - } - ); - - // Randomly select one entry - const randomEntry = entries[Math.floor(Math.random() * entries.length)]; - - // Fetch the full details of the randomly selected VOD - const rawVod = await strapi.entityService.findOne( - "api::vod.vod", - randomEntry.id, - { - populate: '*', - }, - ); - - const sanitizedOutput = await sanitize.contentAPI.output(rawVod, contentType, { auth: ctx.state.auth }); - - ctx.body = sanitizedOutput; - } - - }) -) \ No newline at end of file diff --git a/services/strapi/src/api/vod/routes/vod.js b/services/strapi/src/api/vod/routes/vod.js deleted file mode 100644 index 132dacf..0000000 --- a/services/strapi/src/api/vod/routes/vod.js +++ /dev/null @@ -1,38 +0,0 @@ -'use strict'; - -/** - * vod router - */ - -const { createCoreRouter } = require('@strapi/strapi').factories; - -const defaultRouter = createCoreRouter('api::vod.vod'); - -// greets https://forum.strapi.io/t/how-to-add-custom-routes-to-core-routes-in-strapi-4/14070/7 -const customRouter = (innerRouter, extraRoutes = []) => { - let routes; - return { - get prefix() { - return innerRouter.prefix; - }, - get routes() { - if (!routes) routes = extraRoutes.concat(innerRouter.routes) - return routes; - }, - }; -}; - -const myExtraRoutes = [ - { - method: "POST", - path: "/vods/createFromUppy", - handler: "api::vod.vod.createFromUppy" - }, - { - method: "GET", - path: "/vods/random", - handler: "api::vod.vod.random" - } -]; - -module.exports = customRouter(defaultRouter, myExtraRoutes); \ No newline at end of file diff --git a/services/strapi/src/api/vod/services/vod.js b/services/strapi/src/api/vod/services/vod.js deleted file mode 100644 index 56fcec1..0000000 --- a/services/strapi/src/api/vod/services/vod.js +++ /dev/null @@ -1,9 +0,0 @@ -'use strict'; - -/** - * vod service - */ - -const { createCoreService } = require('@strapi/strapi').factories; - -module.exports = createCoreService('api::vod.vod'); diff --git a/services/strapi/src/api/vtuber/content-types/vtuber/lifecycles.js b/services/strapi/src/api/vtuber/content-types/vtuber/lifecycles.js deleted file mode 100644 index 2be365a..0000000 --- a/services/strapi/src/api/vtuber/content-types/vtuber/lifecycles.js +++ /dev/null @@ -1,23 +0,0 @@ -const { createCanvas } = require('canvas'); - -function hexColorToBase64Image(hexColor) { - const canvas = createCanvas(1, 1); // Create a canvas - const ctx = canvas.getContext('2d'); - // Draw a rectangle filled with the hex color - ctx.fillStyle = hexColor; - ctx.fillRect(0, 0, canvas.width, canvas.height); - // Convert canvas content to base64 encoded image - const base64Image = canvas.toDataURL('image/png'); - return base64Image; -} - - - -module.exports = { - beforeUpdate(event) { - const { data, where, select, populate } = event.params; - const themeColor = event.params.data.themeColor; - const imageBlur = hexColorToBase64Image(themeColor); - event.params.data.imageBlur = imageBlur; - } -}; \ No newline at end of file diff --git a/services/strapi/src/api/vtuber/content-types/vtuber/schema.json b/services/strapi/src/api/vtuber/content-types/vtuber/schema.json deleted file mode 100644 index 4c64af0..0000000 --- a/services/strapi/src/api/vtuber/content-types/vtuber/schema.json +++ /dev/null @@ -1,127 +0,0 @@ -{ - "kind": "collectionType", - "collectionName": "vtubers", - "info": { - "singularName": "vtuber", - "pluralName": "vtubers", - "displayName": "Vtuber", - "description": "" - }, - "options": { - "draftAndPublish": true - }, - "pluginOptions": {}, - "attributes": { - "displayName": { - "type": "string", - "required": true - }, - "chaturbate": { - "type": "string" - }, - "twitter": { - "type": "string" - }, - "patreon": { - "type": "string" - }, - "twitch": { - "type": "string" - }, - "tiktok": { - "type": "string" - }, - "onlyfans": { - "type": "string" - }, - "youtube": { - "type": "string" - }, - "linktree": { - "type": "string" - }, - "carrd": { - "type": "string" - }, - "fansly": { - "type": "string" - }, - "pornhub": { - "type": "string" - }, - "discord": { - "type": "string" - }, - "reddit": { - "type": "string" - }, - "throne": { - "type": "string" - }, - "instagram": { - "type": "string" - }, - "facebook": { - "type": "string" - }, - "merch": { - "type": "string" - }, - "slug": { - "type": "string", - "required": true - }, - "vods": { - "type": "relation", - "relation": "oneToMany", - "target": "api::vod.vod", - "mappedBy": "vtuber" - }, - "description1": { - "type": "text", - "required": false - }, - "description2": { - "type": "text" - }, - "image": { - "type": "string", - "required": true - }, - "themeColor": { - "type": "string", - "default": "#353FFF", - "required": true - }, - "imageBlur": { - "type": "string", - "default": "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAABmJLR0QA/wD/AP+gvaeTAAAADUlEQVQImWMwtf//HwAEkwJzh0T9qwAAAABJRU5ErkJggg==" - }, - "toys": { - "type": "relation", - "relation": "oneToMany", - "target": "api::toy.toy" - }, - "toy": { - "type": "relation", - "relation": "manyToOne", - "target": "api::toy.toy", - "inversedBy": "vtubers" - }, - "streams": { - "type": "relation", - "relation": "oneToMany", - "target": "api::stream.stream", - "mappedBy": "vtuber" - }, - "fanslyId": { - "type": "string" - }, - "chaturbateId": { - "type": "string" - }, - "twitterId": { - "type": "string" - } - } -} diff --git a/services/strapi/src/api/vtuber/controllers/vtuber.js b/services/strapi/src/api/vtuber/controllers/vtuber.js deleted file mode 100644 index e13bb5e..0000000 --- a/services/strapi/src/api/vtuber/controllers/vtuber.js +++ /dev/null @@ -1,9 +0,0 @@ -'use strict'; - -/** - * vtuber controller - */ - -const { createCoreController } = require('@strapi/strapi').factories; - -module.exports = createCoreController('api::vtuber.vtuber'); diff --git a/services/strapi/src/api/vtuber/routes/vtuber.js b/services/strapi/src/api/vtuber/routes/vtuber.js deleted file mode 100644 index 8936096..0000000 --- a/services/strapi/src/api/vtuber/routes/vtuber.js +++ /dev/null @@ -1,9 +0,0 @@ -'use strict'; - -/** - * vtuber router - */ - -const { createCoreRouter } = require('@strapi/strapi').factories; - -module.exports = createCoreRouter('api::vtuber.vtuber'); diff --git a/services/strapi/src/api/vtuber/services/vtuber.js b/services/strapi/src/api/vtuber/services/vtuber.js deleted file mode 100644 index c792042..0000000 --- a/services/strapi/src/api/vtuber/services/vtuber.js +++ /dev/null @@ -1,9 +0,0 @@ -'use strict'; - -/** - * vtuber service - */ - -const { createCoreService } = require('@strapi/strapi').factories; - -module.exports = createCoreService('api::vtuber.vtuber'); diff --git a/services/strapi/src/extensions/.gitkeep b/services/strapi/src/extensions/.gitkeep deleted file mode 100644 index e69de29..0000000 diff --git a/services/strapi/src/extensions/README.md b/services/strapi/src/extensions/README.md deleted file mode 100644 index 52db426..0000000 --- a/services/strapi/src/extensions/README.md +++ /dev/null @@ -1,13 +0,0 @@ -# strapi extensions - -note by CJ - -Reminder: Plugins don't go here. Plugins are added using pnpm. example: `pnpm add strapi-chatgpt` - - -This extensions directory is the place for plugin override code. - -@see https://docs.strapi.io/dev-docs/plugins-extension - - -We are using overrides patch in patreon support. In ./users-permissions/services/providers-registry.js we make some changes. When user logs in via Patreon, we determine if the Patreon account is a Futureporn supporter. Based on that information, we update the user role to one of 'Authenticated' or 'Patron'. \ No newline at end of file diff --git a/services/strapi/src/index.js b/services/strapi/src/index.js deleted file mode 100644 index ac5feae..0000000 --- a/services/strapi/src/index.js +++ /dev/null @@ -1,20 +0,0 @@ -'use strict'; - -module.exports = { - /** - * An asynchronous register function that runs before - * your application is initialized. - * - * This gives you an opportunity to extend code. - */ - register(/*{ strapi }*/) {}, - - /** - * An asynchronous bootstrap function that runs before - * your application gets started. - * - * This gives you an opportunity to set up your data model, - * run jobs, or perform some special logic. - */ - bootstrap(/*{ strapi }*/) {}, -}; diff --git a/services/strapi/src/policies/updateOwnerOnly.js b/services/strapi/src/policies/updateOwnerOnly.js deleted file mode 100644 index 86d2786..0000000 --- a/services/strapi/src/policies/updateOwnerOnly.js +++ /dev/null @@ -1,34 +0,0 @@ -'use strict'; - -/** - * `updateOwnerOnly` policy. - */ -module.exports = (policyContext, config, { strapi }) => { - const { PolicyError } = require("@strapi/utils").errors; - - if (policyContext.state.auth.strategy.name === "api-token") { - if (policyContext.state.auth.credentials.type === "full-access") - return true; - } else if ( - policyContext.state.auth.strategy.name === "users-permissions" - ) { - - // Skip for admins - if (policyContext.state.auth.credentials.role.type === "admin") { - return true; - } - - const currentUserId = policyContext.state.auth.credentials.id; - const userToUpdate = policyContext.params.id; - - // Unable that an user can update another user - if (currentUserId != userToUpdate) { - strapi.log.info(`WARNING: User ${currentUserId} tried to edit user ${userToUpdate}`); - throw new PolicyError('Unable to edit this user ID'); - } - - return true - } - - return false; -}; \ No newline at end of file diff --git a/services/uppy/.gitignore b/services/uppy/.gitignore deleted file mode 100644 index 7610089..0000000 --- a/services/uppy/.gitignore +++ /dev/null @@ -1,145 +0,0 @@ -# Created by https://www.toptal.com/developers/gitignore/api/node -# Edit at https://www.toptal.com/developers/gitignore?templates=node - -### Node ### -# Logs -logs -*.log -npm-debug.log* -yarn-debug.log* -yarn-error.log* -lerna-debug.log* -.pnpm-debug.log* - -# Diagnostic reports (https://nodejs.org/api/report.html) -report.[0-9]*.[0-9]*.[0-9]*.[0-9]*.json - -# Runtime data -pids -*.pid -*.seed -*.pid.lock - -# Directory for instrumented libs generated by jscoverage/JSCover -lib-cov - -# Coverage directory used by tools like istanbul -coverage -*.lcov - -# nyc test coverage -.nyc_output - -# Grunt intermediate storage (https://gruntjs.com/creating-plugins#storing-task-files) -.grunt - -# Bower dependency directory (https://bower.io/) -bower_components - -# node-waf configuration -.lock-wscript - -# Compiled binary addons (https://nodejs.org/api/addons.html) -build/Release - -# Dependency directories -node_modules/ -jspm_packages/ - -# Snowpack dependency directory (https://snowpack.dev/) -web_modules/ - -# TypeScript cache -*.tsbuildinfo - -# Optional npm cache directory -.npm - -# Optional eslint cache -.eslintcache - -# Optional stylelint cache -.stylelintcache - -# Microbundle cache -.rpt2_cache/ -.rts2_cache_cjs/ -.rts2_cache_es/ -.rts2_cache_umd/ - -# Optional REPL history -.node_repl_history - -# Output of 'npm pack' -*.tgz - -# Yarn Integrity file -.yarn-integrity - -# dotenv environment variable files -.env -.env.development.local -.env.test.local -.env.production.local -.env.local - -# parcel-bundler cache (https://parceljs.org/) -.cache -.parcel-cache - -# Next.js build output -.next -out - -# Nuxt.js build / generate output -.nuxt -dist - -# Gatsby files -.cache/ -# Comment in the public line in if your project uses Gatsby and not Next.js -# https://nextjs.org/blog/next-9-1#public-directory-support -# public - -# vuepress build output -.vuepress/dist - -# vuepress v2.x temp and cache directory -.temp - -# Docusaurus cache and generated files -.docusaurus - -# Serverless directories -.serverless/ - -# FuseBox cache -.fusebox/ - -# DynamoDB Local files -.dynamodb/ - -# TernJS port file -.tern-port - -# Stores VSCode versions used for testing VSCode extensions -.vscode-test - -# yarn v2 -.yarn/cache -.yarn/unplugged -.yarn/build-state.yml -.yarn/install-state.gz -.pnp.* - -### Node Patch ### -# Serverless Webpack directories -.webpack/ - -# Optional stylelint cache - -# SvelteKit build / generate output -.svelte-kit - -# End of https://www.toptal.com/developers/gitignore/api/node - diff --git a/services/uppy/README.md b/services/uppy/README.md deleted file mode 100644 index 3df56eb..0000000 --- a/services/uppy/README.md +++ /dev/null @@ -1,16 +0,0 @@ -# uppy - -This is the server-side component, "Companion" which handles user uploads. It is especially useful for allowing users to upload directly from their Dropbox, GoogleDrive, etc. - -## B2 Bucket CORS configuration - -Apply the rules to the bucket, using b2 CLI - -See **apply-backblaze-cors-rules.sh** - -Verify using `b2-linux get-bucket futureporn-uppy-dev` - -### Reference - -https://www.backblaze.com/docs/cloud-storage-enable-cors-with-the-cli -https://uppy.io/docs/aws-s3-multipart/#setting-up-your-s3-bucket \ No newline at end of file diff --git a/services/uppy/apply-backblaze-cors-rules.sh b/services/uppy/apply-backblaze-cors-rules.sh deleted file mode 100755 index 82b56c9..0000000 --- a/services/uppy/apply-backblaze-cors-rules.sh +++ /dev/null @@ -1,8 +0,0 @@ -#/bin/bash - -source ../../.env -echo "allowedOrigin ${NEXT_PUBLIC_SITE_URL} to bucket ${UPPY_B2_BUCKET}" -b2-linux \ - update-bucket \ - --corsRules "[{\"corsRuleName\":\"allowUploads\", \"allowedOrigins\": [\"${NEXT_PUBLIC_SITE_URL}\"], \"allowedHeaders\": [\"*\"], \"allowedOperations\": [\"s3_head\", \"s3_get\", \"s3_put\"], \"exposeHeaders\": [\"x-bz-content-sha1\", \"etag\"], \"maxAgeSeconds\": 3600}]" \ - "${UPPY_B2_BUCKET}" allPrivate diff --git a/services/uppy/index.js b/services/uppy/index.js deleted file mode 100644 index f9460e8..0000000 --- a/services/uppy/index.js +++ /dev/null @@ -1,125 +0,0 @@ -#!/usr/bin/env node - -import 'dotenv/config' -import express from 'express' -import bodyParser from 'body-parser' -import session from 'express-session' -import companion from '@uppy/companion' -import $MemoryStore from 'memorystore' -import cors from 'cors' -import jwt from 'jsonwebtoken' - - -const appEnv = new Array( - 'COMPANION_DOMAINS', - 'HOST', - 'SESSION_SECRET', - 'PORT', - 'FILEPATH', - 'UPLOAD_URLS', - 'SECRET', - 'B2_KEY', - 'B2_SECRET', - 'B2_BUCKET', - 'B2_ENDPOINT', - 'DRIVE_KEY', - 'DRIVE_SECRET', - 'DROPBOX_KEY', - 'DROPBOX_SECRET', - 'JWT_SECRET', - 'NEXT_PUBLIC_SITE_URL' -) - -const appContext = { - env: appEnv.reduce((acc, ev) => { - if (typeof process.env[ev] === 'undefined') throw new Error(`${ev} is undefined in env`); - acc[ev] = process.env[ev]; - return acc; - }, {}) -}; - - -const MemoryStore = $MemoryStore(session) - -console.log(`NEXT_PUBLIC_SITE_URL=${process.env.NEXT_PUBLIC_SITE_URL}`); -const corsOptions = { - origin: process.env.NEXT_PUBLIC_SITE_URL, - methods: ['POST','OPTIONS'], - allowedHeaders: ['Authorization', 'X-Easter-Egg', 'Content-Type', 'Uppy-Versions', 'Accept'], - exposedHeaders: ['Access-Control-Allow-Headers'] -} - - -const app = express(); -app.use(cors(corsOptions)) -app.use(bodyParser.json()) -app.use( - session({ - store: new MemoryStore({ - checkPeriod: 86400000 // prune expired entries every 24h - }), - saveUninitialized: false, - secret: process.env.SESSION_SECRET, - resave: false, - }) -) - -function verifyToken(req, res, next) { - const authHeader = req.headers['authorization']; - const token = authHeader && authHeader.split(' ')[1]; - - if (!token) { - return res.sendStatus(401); - } - - jwt.verify(token, new Buffer.from(process.env.JWT_SECRET, 'base64'), (err, user) => { - if (err) { - return res.sendStatus(403); - } - req.user = user; - next(); - }); -} - - -const config = { - debug: true, - logClientVersion: true, - secret: process.env.SECRET, - filePath: process.env.FILEPATH, - server: { - host: process.env.HOST - }, - uploadUrls: process.env.UPLOAD_URLS, - s3: { - key: process.env.B2_KEY, - secret: process.env.B2_SECRET, - bucket: process.env.B2_BUCKET, - region: process.env.B2_REGION, - endpoint: process.env.B2_ENDPOINT, - getAccelerateEndpoint: false - }, - // providerOptions: { - // drive: { - // key: process.env.DRIVE_KEY, - // secret: process.env.DRIVE_SECRET, - // }, - // dropbox: { - // key: process.env.DROPBOX_KEY, - // secret: process.env.DROPBOX_SECRET, - // }, - // } -} - - -const { app: companionApp, emitter } = companion.app(config); - - -app.use(verifyToken, companionApp); - - -const server = app.listen(process.env.PORT) - -companion.socket(server) - - diff --git a/services/uppy/package.json b/services/uppy/package.json deleted file mode 100644 index cd3acf0..0000000 --- a/services/uppy/package.json +++ /dev/null @@ -1,28 +0,0 @@ -{ - "type": "module", - "name": "uppy", - "version": "1.0.5", - "description": "", - "main": "index.js", - "scripts": { - "start": "node index", - "clean": "rm -rf dist", - "superclean": "rm -rf node_modules && rm -rf pnpm-lock.yaml && rm -rf dist" - }, - "keywords": [], - "author": "", - "license": "Unlicense", - "dependencies": { - "@uppy/aws-s3-multipart": "^4.0.0", - "@uppy/companion": "5.1.0", - "body-parser": "^1.20.2", - "cors": "^2.8.5", - "dotenv": "^16.4.5", - "express": "^4.19.2", - "express-session": "^1.18.0", - "jsonwebtoken": "^9.0.2", - "memorystore": "^1.6.7", - "react-hook-form": "^7.53.0", - "yup": "link:@hookform/resolvers/yup" - } -} diff --git a/services/uppy/pnpm-lock.yaml b/services/uppy/pnpm-lock.yaml deleted file mode 100644 index 9158792..0000000 --- a/services/uppy/pnpm-lock.yaml +++ /dev/null @@ -1,3177 +0,0 @@ -lockfileVersion: '9.0' - -settings: - autoInstallPeers: true - excludeLinksFromLockfile: false - -importers: - - .: - dependencies: - '@uppy/aws-s3-multipart': - specifier: ^4.0.0 - version: 4.0.0(@uppy/core@4.2.0) - '@uppy/companion': - specifier: 5.1.0 - version: 5.1.0 - body-parser: - specifier: ^1.20.2 - version: 1.20.2(supports-color@8.1.1) - cors: - specifier: ^2.8.5 - version: 2.8.5 - dotenv: - specifier: ^16.4.5 - version: 16.4.5 - express: - specifier: ^4.19.2 - version: 4.19.2(supports-color@8.1.1) - express-session: - specifier: ^1.18.0 - version: 1.18.0(supports-color@8.1.1) - jsonwebtoken: - specifier: ^9.0.2 - version: 9.0.2 - memorystore: - specifier: ^1.6.7 - version: 1.6.7 - react-hook-form: - specifier: ^7.53.0 - version: 7.53.0(react@18.3.1) - yup: - specifier: link:@hookform/resolvers/yup - version: link:@hookform/resolvers/yup - -packages: - - '@aws-crypto/crc32@5.2.0': - resolution: {integrity: sha512-nLbCWqQNgUiwwtFsen1AdzAtvuLRsQS8rYgMuxCrdKf9kOssamGLuPwyTY9wyYblNr9+1XM8v6zoDTPPSIeANg==} - engines: {node: '>=16.0.0'} - - '@aws-crypto/crc32c@5.2.0': - resolution: {integrity: sha512-+iWb8qaHLYKrNvGRbiYRHSdKRWhto5XlZUEBwDjYNf+ly5SVYG6zEoYIdxvf5R3zyeP16w4PLBn3rH1xc74Rag==} - - '@aws-crypto/sha1-browser@5.2.0': - resolution: {integrity: sha512-OH6lveCFfcDjX4dbAvCFSYUjJZjDr/3XJ3xHtjn3Oj5b9RjojQo8npoLeA/bNwkOkrSQ0wgrHzXk4tDRxGKJeg==} - - '@aws-crypto/sha256-browser@5.2.0': - resolution: {integrity: sha512-AXfN/lGotSQwu6HNcEsIASo7kWXZ5HYWvfOmSNKDsEqC4OashTp8alTmaz+F7TC2L083SFv5RdB+qU3Vs1kZqw==} - - '@aws-crypto/sha256-js@5.2.0': - resolution: {integrity: sha512-FFQQyu7edu4ufvIZ+OadFpHHOt+eSTBaYaki44c+akjg7qZg9oOQeLlk77F6tSYqjDAFClrHJk9tMf0HdVyOvA==} - engines: {node: '>=16.0.0'} - - '@aws-crypto/supports-web-crypto@5.2.0': - resolution: {integrity: sha512-iAvUotm021kM33eCdNfwIN//F77/IADDSs58i+MDaOqFrVjZo9bAal0NK7HurRuWLLpF1iLX7gbWrjHjeo+YFg==} - - '@aws-crypto/util@5.2.0': - resolution: {integrity: sha512-4RkU9EsI6ZpBve5fseQlGNUWKMa1RLPQ1dnjnQoe07ldfIzcsGb5hC5W0Dm7u423KWzawlrpbjXBrXCEv9zazQ==} - - '@aws-sdk/client-s3@3.637.0': - resolution: {integrity: sha512-y6UC94fsMvhKbf0dzfnjVP1HePeGjplfcYfilZU1COIJLyTkMcUv4XcT4I407CGIrvgEafONHkiC09ygqUauNA==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/client-sso-oidc@3.637.0': - resolution: {integrity: sha512-27bHALN6Qb6m6KZmPvRieJ/QRlj1lyac/GT2Rn5kJpre8Mpp+yxrtvp3h9PjNBty4lCeFEENfY4dGNSozBuBcw==} - engines: {node: '>=16.0.0'} - peerDependencies: - '@aws-sdk/client-sts': ^3.637.0 - - '@aws-sdk/client-sso@3.637.0': - resolution: {integrity: sha512-+KjLvgX5yJYROWo3TQuwBJlHCY0zz9PsLuEolmXQn0BVK1L/m9GteZHtd+rEdAoDGBpE0Xqjy1oz5+SmtsaRUw==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/client-sts@3.637.0': - resolution: {integrity: sha512-xUi7x4qDubtA8QREtlblPuAcn91GS/09YVEY/RwU7xCY0aqGuFwgszAANlha4OUIqva8oVj2WO4gJuG+iaSnhw==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/core@3.635.0': - resolution: {integrity: sha512-i1x/E/sgA+liUE1XJ7rj1dhyXpAKO1UKFUcTTHXok2ARjWTvszHnSXMOsB77aPbmn0fUp1JTx2kHUAZ1LVt5Bg==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/credential-provider-env@3.620.1': - resolution: {integrity: sha512-ExuILJ2qLW5ZO+rgkNRj0xiAipKT16Rk77buvPP8csR7kkCflT/gXTyzRe/uzIiETTxM7tr8xuO9MP/DQXqkfg==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/credential-provider-http@3.635.0': - resolution: {integrity: sha512-iJyRgEjOCQlBMXqtwPLIKYc7Bsc6nqjrZybdMDenPDa+kmLg7xh8LxHsu9088e+2/wtLicE34FsJJIfzu3L82g==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/credential-provider-ini@3.637.0': - resolution: {integrity: sha512-h+PFCWfZ0Q3Dx84SppET/TFpcQHmxFW8/oV9ArEvMilw4EBN+IlxgbL0CnHwjHW64szcmrM0mbebjEfHf4FXmw==} - engines: {node: '>=16.0.0'} - peerDependencies: - '@aws-sdk/client-sts': ^3.637.0 - - '@aws-sdk/credential-provider-node@3.637.0': - resolution: {integrity: sha512-yoEhoxJJfs7sPVQ6Is939BDQJZpZCoUgKr/ySse4YKOZ24t4VqgHA6+wV7rYh+7IW24Rd91UTvEzSuHYTlxlNA==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/credential-provider-process@3.620.1': - resolution: {integrity: sha512-hWqFMidqLAkaV9G460+1at6qa9vySbjQKKc04p59OT7lZ5cO5VH5S4aI05e+m4j364MBROjjk2ugNvfNf/8ILg==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/credential-provider-sso@3.637.0': - resolution: {integrity: sha512-Mvz+h+e62/tl+dVikLafhv+qkZJ9RUb8l2YN/LeKMWkxQylPT83CPk9aimVhCV89zth1zpREArl97+3xsfgQvA==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/credential-provider-web-identity@3.621.0': - resolution: {integrity: sha512-w7ASSyfNvcx7+bYGep3VBgC3K6vEdLmlpjT7nSIHxxQf+WSdvy+HynwJosrpZax0sK5q0D1Jpn/5q+r5lwwW6w==} - engines: {node: '>=16.0.0'} - peerDependencies: - '@aws-sdk/client-sts': ^3.621.0 - - '@aws-sdk/lib-storage@3.637.0': - resolution: {integrity: sha512-HiNGOP4a1QrCWwO1joKw4mCp19nLXoF9K52PislBaYDI35IlHC3DP6MeOg5zmElwtL1GtEHFBy5olfPWPsLyLg==} - engines: {node: '>=16.0.0'} - peerDependencies: - '@aws-sdk/client-s3': ^3.637.0 - - '@aws-sdk/middleware-bucket-endpoint@3.620.0': - resolution: {integrity: sha512-eGLL0W6L3HDb3OACyetZYOWpHJ+gLo0TehQKeQyy2G8vTYXqNTeqYhuI6up9HVjBzU9eQiULVQETmgQs7TFaRg==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/middleware-expect-continue@3.620.0': - resolution: {integrity: sha512-QXeRFMLfyQ31nAHLbiTLtk0oHzG9QLMaof5jIfqcUwnOkO8YnQdeqzakrg1Alpy/VQ7aqzIi8qypkBe2KXZz0A==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/middleware-flexible-checksums@3.620.0': - resolution: {integrity: sha512-ftz+NW7qka2sVuwnnO1IzBku5ccP+s5qZGeRTPgrKB7OzRW85gthvIo1vQR2w+OwHFk7WJbbhhWwbCbktnP4UA==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/middleware-host-header@3.620.0': - resolution: {integrity: sha512-VMtPEZwqYrII/oUkffYsNWY9PZ9xpNJpMgmyU0rlDQ25O1c0Hk3fJmZRe6pEkAJ0omD7kLrqGl1DUjQVxpd/Rg==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/middleware-location-constraint@3.609.0': - resolution: {integrity: sha512-xzsdoTkszGVqGVPjUmgoP7TORiByLueMHieI1fhQL888WPdqctwAx3ES6d/bA9Q/i8jnc6hs+Fjhy8UvBTkE9A==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/middleware-logger@3.609.0': - resolution: {integrity: sha512-S62U2dy4jMDhDFDK5gZ4VxFdWzCtLzwbYyFZx2uvPYTECkepLUfzLic2BHg2Qvtu4QjX+oGE3P/7fwaGIsGNuQ==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/middleware-recursion-detection@3.620.0': - resolution: {integrity: sha512-nh91S7aGK3e/o1ck64sA/CyoFw+gAYj2BDOnoNa6ouyCrVJED96ZXWbhye/fz9SgmNUZR2g7GdVpiLpMKZoI5w==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/middleware-sdk-s3@3.635.0': - resolution: {integrity: sha512-RLdYJPEV4JL/7NBoFUs7VlP90X++5FlJdxHz0DzCjmiD3qCviKy+Cym3qg1gBgHwucs5XisuClxDrGokhAdTQw==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/middleware-ssec@3.609.0': - resolution: {integrity: sha512-GZSD1s7+JswWOTamVap79QiDaIV7byJFssBW68GYjyRS5EBjNfwA/8s+6uE6g39R3ojyTbYOmvcANoZEhSULXg==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/middleware-user-agent@3.637.0': - resolution: {integrity: sha512-EYo0NE9/da/OY8STDsK2LvM4kNa79DBsf4YVtaG4P5pZ615IeFsD8xOHZeuJmUrSMlVQ8ywPRX7WMucUybsKug==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/region-config-resolver@3.614.0': - resolution: {integrity: sha512-vDCeMXvic/LU0KFIUjpC3RiSTIkkvESsEfbVHiHH0YINfl8HnEqR5rj+L8+phsCeVg2+LmYwYxd5NRz4PHxt5g==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/s3-presigned-post@3.637.0': - resolution: {integrity: sha512-NlsowCavLXx5OulbD8+tqfXpyxVulI2l/4naBI1i5Vj6M+FMuQvqH1Y5OQBgN42/QZlMLJ5Ff5G3aaoZjrb1pw==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/s3-request-presigner@3.637.0': - resolution: {integrity: sha512-URRiEDZEICyfAXmXcXREQCsvZrapITAymvg46p1Xjnuv7PTnUB0SF18B2omPL0E5d/X+T3O9NKdtot+BqJbIWw==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/signature-v4-multi-region@3.635.0': - resolution: {integrity: sha512-J6QY4/invOkpogCHjSaDON1hF03viPpOnsrzVuCvJMmclS/iG62R4EY0wq1alYll0YmSdmKlpJwHMWwGtqK63Q==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/token-providers@3.614.0': - resolution: {integrity: sha512-okItqyY6L9IHdxqs+Z116y5/nda7rHxLvROxtAJdLavWTYDydxrZstImNgGWTeVdmc0xX2gJCI77UYUTQWnhRw==} - engines: {node: '>=16.0.0'} - peerDependencies: - '@aws-sdk/client-sso-oidc': ^3.614.0 - - '@aws-sdk/types@3.609.0': - resolution: {integrity: sha512-+Tqnh9w0h2LcrUsdXyT1F8mNhXz+tVYBtP19LpeEGntmvHwa2XzvLUCWpoIAIVsHp5+HdB2X9Sn0KAtmbFXc2Q==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/util-arn-parser@3.568.0': - resolution: {integrity: sha512-XUKJWWo+KOB7fbnPP0+g/o5Ulku/X53t7i/h+sPHr5xxYTJJ9CYnbToo95mzxe7xWvkLrsNtJ8L+MnNn9INs2w==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/util-endpoints@3.637.0': - resolution: {integrity: sha512-pAqOKUHeVWHEXXDIp/qoMk/6jyxIb6GGjnK1/f8dKHtKIEs4tKsnnL563gceEvdad53OPXIt86uoevCcCzmBnw==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/util-format-url@3.609.0': - resolution: {integrity: sha512-fuk29BI/oLQlJ7pfm6iJ4gkEpHdavffAALZwXh9eaY1vQ0ip0aKfRTiNudPoJjyyahnz5yJ1HkmlcDitlzsOrQ==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/util-locate-window@3.568.0': - resolution: {integrity: sha512-3nh4TINkXYr+H41QaPelCceEB2FXP3fxp93YZXB/kqJvX0U9j0N0Uk45gvsjmEPzG8XxkPEeLIfT2I1M7A6Lig==} - engines: {node: '>=16.0.0'} - - '@aws-sdk/util-user-agent-browser@3.609.0': - resolution: {integrity: sha512-fojPU+mNahzQ0YHYBsx0ZIhmMA96H+ZIZ665ObU9tl+SGdbLneVZVikGve+NmHTQwHzwkFsZYYnVKAkreJLAtA==} - - '@aws-sdk/util-user-agent-node@3.614.0': - resolution: {integrity: sha512-15ElZT88peoHnq5TEoEtZwoXTXRxNrk60TZNdpl/TUBJ5oNJ9Dqb5Z4ryb8ofN6nm9aFf59GVAerFDz8iUoHBA==} - engines: {node: '>=16.0.0'} - peerDependencies: - aws-crt: '>=1.0.0' - peerDependenciesMeta: - aws-crt: - optional: true - - '@aws-sdk/xml-builder@3.609.0': - resolution: {integrity: sha512-l9XxNcA4HX98rwCC2/KoiWcmEiRfZe4G+mYwDbCFT87JIMj6GBhLDkAzr/W8KAaA2IDr8Vc6J8fZPgVulxxfMA==} - engines: {node: '>=16.0.0'} - - '@ioredis/commands@1.2.0': - resolution: {integrity: sha512-Sx1pU8EM64o2BrqNpEO1CNLtKQwyhuXuqyfH7oGKCk+1a33d2r5saW8zNwm3j6BTExtjrv2BxTgzzkMwts6vGg==} - - '@opentelemetry/api@1.9.0': - resolution: {integrity: sha512-3giAOQvZiH5F9bMlMiv8+GSPMeqg0dbaeo58/0SlA9sxSqZhnUtxzX9/2FzyhS9sWQf5S0GJE0AKBrFqjpeYcg==} - engines: {node: '>=8.0.0'} - - '@sindresorhus/is@5.6.0': - resolution: {integrity: sha512-TV7t8GKYaJWsn00tFDqBw8+Uqmr8A0fRU1tvTQhyZzGv0sJCGRQL3JGMI3ucuKo3XIZdUP+Lx7/gh2t3lewy7g==} - engines: {node: '>=14.16'} - - '@smithy/abort-controller@3.1.1': - resolution: {integrity: sha512-MBJBiidoe+0cTFhyxT8g+9g7CeVccLM0IOKKUMCNQ1CNMJ/eIfoo0RTfVrXOONEI1UCN1W+zkiHSbzUNE9dZtQ==} - engines: {node: '>=16.0.0'} - - '@smithy/chunked-blob-reader-native@3.0.0': - resolution: {integrity: sha512-VDkpCYW+peSuM4zJip5WDfqvg2Mo/e8yxOv3VF1m11y7B8KKMKVFtmZWDe36Fvk8rGuWrPZHHXZ7rR7uM5yWyg==} - - '@smithy/chunked-blob-reader@3.0.0': - resolution: {integrity: sha512-sbnURCwjF0gSToGlsBiAmd1lRCmSn72nu9axfJu5lIx6RUEgHu6GwTMbqCdhQSi0Pumcm5vFxsi9XWXb2mTaoA==} - - '@smithy/config-resolver@3.0.5': - resolution: {integrity: sha512-SkW5LxfkSI1bUC74OtfBbdz+grQXYiPYolyu8VfpLIjEoN/sHVBlLeGXMQ1vX4ejkgfv6sxVbQJ32yF2cl1veA==} - engines: {node: '>=16.0.0'} - - '@smithy/core@2.4.0': - resolution: {integrity: sha512-cHXq+FneIF/KJbt4q4pjN186+Jf4ZB0ZOqEaZMBhT79srEyGDDBV31NqBRBjazz8ppQ1bJbDJMY9ba5wKFV36w==} - engines: {node: '>=16.0.0'} - - '@smithy/credential-provider-imds@3.2.0': - resolution: {integrity: sha512-0SCIzgd8LYZ9EJxUjLXBmEKSZR/P/w6l7Rz/pab9culE/RWuqelAKGJvn5qUOl8BgX8Yj5HWM50A5hiB/RzsgA==} - engines: {node: '>=16.0.0'} - - '@smithy/eventstream-codec@3.1.2': - resolution: {integrity: sha512-0mBcu49JWt4MXhrhRAlxASNy0IjDRFU+aWNDRal9OtUJvJNiwDuyKMUONSOjLjSCeGwZaE0wOErdqULer8r7yw==} - - '@smithy/eventstream-serde-browser@3.0.6': - resolution: {integrity: sha512-2hM54UWQUOrki4BtsUI1WzmD13/SeaqT/AB3EUJKbcver/WgKNaiJ5y5F5XXuVe6UekffVzuUDrBZVAA3AWRpQ==} - engines: {node: '>=16.0.0'} - - '@smithy/eventstream-serde-config-resolver@3.0.3': - resolution: {integrity: sha512-NVTYjOuYpGfrN/VbRQgn31x73KDLfCXCsFdad8DiIc3IcdxL+dYA9zEQPyOP7Fy2QL8CPy2WE4WCUD+ZsLNfaQ==} - engines: {node: '>=16.0.0'} - - '@smithy/eventstream-serde-node@3.0.5': - resolution: {integrity: sha512-+upXvnHNyZP095s11jF5dhGw/Ihzqwl5G+/KtMnoQOpdfC3B5HYCcDVG9EmgkhJMXJlM64PyN5gjJl0uXFQehQ==} - engines: {node: '>=16.0.0'} - - '@smithy/eventstream-serde-universal@3.0.5': - resolution: {integrity: sha512-5u/nXbyoh1s4QxrvNre9V6vfyoLWuiVvvd5TlZjGThIikc3G+uNiG9uOTCWweSRjv1asdDIWK7nOmN7le4RYHQ==} - engines: {node: '>=16.0.0'} - - '@smithy/fetch-http-handler@3.2.4': - resolution: {integrity: sha512-kBprh5Gs5h7ug4nBWZi1FZthdqSM+T7zMmsZxx0IBvWUn7dK3diz2SHn7Bs4dQGFDk8plDv375gzenDoNwrXjg==} - - '@smithy/hash-blob-browser@3.1.2': - resolution: {integrity: sha512-hAbfqN2UbISltakCC2TP0kx4LqXBttEv2MqSPE98gVuDFMf05lU+TpC41QtqGP3Ff5A3GwZMPfKnEy0VmEUpmg==} - - '@smithy/hash-node@3.0.3': - resolution: {integrity: sha512-2ctBXpPMG+B3BtWSGNnKELJ7SH9e4TNefJS0cd2eSkOOROeBnnVBnAy9LtJ8tY4vUEoe55N4CNPxzbWvR39iBw==} - engines: {node: '>=16.0.0'} - - '@smithy/hash-stream-node@3.1.2': - resolution: {integrity: sha512-PBgDMeEdDzi6JxKwbfBtwQG9eT9cVwsf0dZzLXoJF4sHKHs5HEo/3lJWpn6jibfJwT34I1EBXpBnZE8AxAft6g==} - engines: {node: '>=16.0.0'} - - '@smithy/invalid-dependency@3.0.3': - resolution: {integrity: sha512-ID1eL/zpDULmHJbflb864k72/SNOZCADRc9i7Exq3RUNJw6raWUSlFEQ+3PX3EYs++bTxZB2dE9mEHTQLv61tw==} - - '@smithy/is-array-buffer@2.2.0': - resolution: {integrity: sha512-GGP3O9QFD24uGeAXYUjwSTXARoqpZykHadOmA8G5vfJPK0/DC67qa//0qvqrJzL1xc8WQWX7/yc7fwudjPHPhA==} - engines: {node: '>=14.0.0'} - - '@smithy/is-array-buffer@3.0.0': - resolution: {integrity: sha512-+Fsu6Q6C4RSJiy81Y8eApjEB5gVtM+oFKTffg+jSuwtvomJJrhUJBu2zS8wjXSgH/g1MKEWrzyChTBe6clb5FQ==} - engines: {node: '>=16.0.0'} - - '@smithy/md5-js@3.0.3': - resolution: {integrity: sha512-O/SAkGVwpWmelpj/8yDtsaVe6sINHLB1q8YE/+ZQbDxIw3SRLbTZuRaI10K12sVoENdnHqzPp5i3/H+BcZ3m3Q==} - - '@smithy/middleware-content-length@3.0.5': - resolution: {integrity: sha512-ILEzC2eyxx6ncej3zZSwMpB5RJ0zuqH7eMptxC4KN3f+v9bqT8ohssKbhNR78k/2tWW+KS5Spw+tbPF4Ejyqvw==} - engines: {node: '>=16.0.0'} - - '@smithy/middleware-endpoint@3.1.0': - resolution: {integrity: sha512-5y5aiKCEwg9TDPB4yFE7H6tYvGFf1OJHNczeY10/EFF8Ir8jZbNntQJxMWNfeQjC1mxPsaQ6mR9cvQbf+0YeMw==} - engines: {node: '>=16.0.0'} - - '@smithy/middleware-retry@3.0.15': - resolution: {integrity: sha512-iTMedvNt1ApdvkaoE8aSDuwaoc+BhvHqttbA/FO4Ty+y/S5hW6Ci/CTScG7vam4RYJWZxdTElc3MEfHRVH6cgQ==} - engines: {node: '>=16.0.0'} - - '@smithy/middleware-serde@3.0.3': - resolution: {integrity: sha512-puUbyJQBcg9eSErFXjKNiGILJGtiqmuuNKEYNYfUD57fUl4i9+mfmThtQhvFXU0hCVG0iEJhvQUipUf+/SsFdA==} - engines: {node: '>=16.0.0'} - - '@smithy/middleware-stack@3.0.3': - resolution: {integrity: sha512-r4klY9nFudB0r9UdSMaGSyjyQK5adUyPnQN/ZM6M75phTxOdnc/AhpvGD1fQUvgmqjQEBGCwpnPbDm8pH5PapA==} - engines: {node: '>=16.0.0'} - - '@smithy/node-config-provider@3.1.4': - resolution: {integrity: sha512-YvnElQy8HR4vDcAjoy7Xkx9YT8xZP4cBXcbJSgm/kxmiQu08DwUwj8rkGnyoJTpfl/3xYHH+d8zE+eHqoDCSdQ==} - engines: {node: '>=16.0.0'} - - '@smithy/node-http-handler@3.1.4': - resolution: {integrity: sha512-+UmxgixgOr/yLsUxcEKGH0fMNVteJFGkmRltYFHnBMlogyFdpzn2CwqWmxOrfJELhV34v0WSlaqG1UtE1uXlJg==} - engines: {node: '>=16.0.0'} - - '@smithy/property-provider@3.1.3': - resolution: {integrity: sha512-zahyOVR9Q4PEoguJ/NrFP4O7SMAfYO1HLhB18M+q+Z4KFd4V2obiMnlVoUFzFLSPeVt1POyNWneHHrZaTMoc/g==} - engines: {node: '>=16.0.0'} - - '@smithy/protocol-http@4.1.0': - resolution: {integrity: sha512-dPVoHYQ2wcHooGXg3LQisa1hH0e4y0pAddPMeeUPipI1tEOqL6A4N0/G7abeq+K8wrwSgjk4C0wnD1XZpJm5aA==} - engines: {node: '>=16.0.0'} - - '@smithy/querystring-builder@3.0.3': - resolution: {integrity: sha512-vyWckeUeesFKzCDaRwWLUA1Xym9McaA6XpFfAK5qI9DKJ4M33ooQGqvM4J+LalH4u/Dq9nFiC8U6Qn1qi0+9zw==} - engines: {node: '>=16.0.0'} - - '@smithy/querystring-parser@3.0.3': - resolution: {integrity: sha512-zahM1lQv2YjmznnfQsWbYojFe55l0SLG/988brlLv1i8z3dubloLF+75ATRsqPBboUXsW6I9CPGE5rQgLfY0vQ==} - engines: {node: '>=16.0.0'} - - '@smithy/service-error-classification@3.0.3': - resolution: {integrity: sha512-Jn39sSl8cim/VlkLsUhRFq/dKDnRUFlfRkvhOJaUbLBXUsLRLNf9WaxDv/z9BjuQ3A6k/qE8af1lsqcwm7+DaQ==} - engines: {node: '>=16.0.0'} - - '@smithy/shared-ini-file-loader@3.1.4': - resolution: {integrity: sha512-qMxS4hBGB8FY2GQqshcRUy1K6k8aBWP5vwm8qKkCT3A9K2dawUwOIJfqh9Yste/Bl0J2lzosVyrXDj68kLcHXQ==} - engines: {node: '>=16.0.0'} - - '@smithy/signature-v4@4.1.0': - resolution: {integrity: sha512-aRryp2XNZeRcOtuJoxjydO6QTaVhxx/vjaR+gx7ZjaFgrgPRyZ3HCTbfwqYj6ZWEBHkCSUfcaymKPURaByukag==} - engines: {node: '>=16.0.0'} - - '@smithy/smithy-client@3.2.0': - resolution: {integrity: sha512-pDbtxs8WOhJLJSeaF/eAbPgXg4VVYFlRcL/zoNYA5WbG3wBL06CHtBSg53ppkttDpAJ/hdiede+xApip1CwSLw==} - engines: {node: '>=16.0.0'} - - '@smithy/types@3.3.0': - resolution: {integrity: sha512-IxvBBCTFDHbVoK7zIxqA1ZOdc4QfM5HM7rGleCuHi7L1wnKv5Pn69xXJQ9hgxH60ZVygH9/JG0jRgtUncE3QUA==} - engines: {node: '>=16.0.0'} - - '@smithy/url-parser@3.0.3': - resolution: {integrity: sha512-pw3VtZtX2rg+s6HMs6/+u9+hu6oY6U7IohGhVNnjbgKy86wcIsSZwgHrFR+t67Uyxvp4Xz3p3kGXXIpTNisq8A==} - - '@smithy/util-base64@3.0.0': - resolution: {integrity: sha512-Kxvoh5Qtt0CDsfajiZOCpJxgtPHXOKwmM+Zy4waD43UoEMA+qPxxa98aE/7ZhdnBFZFXMOiBR5xbcaMhLtznQQ==} - engines: {node: '>=16.0.0'} - - '@smithy/util-body-length-browser@3.0.0': - resolution: {integrity: sha512-cbjJs2A1mLYmqmyVl80uoLTJhAcfzMOyPgjwAYusWKMdLeNtzmMz9YxNl3/jRLoxSS3wkqkf0jwNdtXWtyEBaQ==} - - '@smithy/util-body-length-node@3.0.0': - resolution: {integrity: sha512-Tj7pZ4bUloNUP6PzwhN7K386tmSmEET9QtQg0TgdNOnxhZvCssHji+oZTUIuzxECRfG8rdm2PMw2WCFs6eIYkA==} - engines: {node: '>=16.0.0'} - - '@smithy/util-buffer-from@2.2.0': - resolution: {integrity: sha512-IJdWBbTcMQ6DA0gdNhh/BwrLkDR+ADW5Kr1aZmd4k3DIF6ezMV4R2NIAmT08wQJ3yUK82thHWmC/TnK/wpMMIA==} - engines: {node: '>=14.0.0'} - - '@smithy/util-buffer-from@3.0.0': - resolution: {integrity: sha512-aEOHCgq5RWFbP+UDPvPot26EJHjOC+bRgse5A8V3FSShqd5E5UN4qc7zkwsvJPPAVsf73QwYcHN1/gt/rtLwQA==} - engines: {node: '>=16.0.0'} - - '@smithy/util-config-provider@3.0.0': - resolution: {integrity: sha512-pbjk4s0fwq3Di/ANL+rCvJMKM5bzAQdE5S/6RL5NXgMExFAi6UgQMPOm5yPaIWPpr+EOXKXRonJ3FoxKf4mCJQ==} - engines: {node: '>=16.0.0'} - - '@smithy/util-defaults-mode-browser@3.0.15': - resolution: {integrity: sha512-FZ4Psa3vjp8kOXcd3HJOiDPBCWtiilLl57r0cnNtq/Ga9RSDrM5ERL6xt+tO43+2af6Pn5Yp92x2n5vPuduNfg==} - engines: {node: '>= 10.0.0'} - - '@smithy/util-defaults-mode-node@3.0.15': - resolution: {integrity: sha512-KSyAAx2q6d0t6f/S4XB2+3+6aQacm3aLMhs9aLMqn18uYGUepbdssfogW5JQZpc6lXNBnp0tEnR5e9CEKmEd7A==} - engines: {node: '>= 10.0.0'} - - '@smithy/util-endpoints@2.0.5': - resolution: {integrity: sha512-ReQP0BWihIE68OAblC/WQmDD40Gx+QY1Ez8mTdFMXpmjfxSyz2fVQu3A4zXRfQU9sZXtewk3GmhfOHswvX+eNg==} - engines: {node: '>=16.0.0'} - - '@smithy/util-hex-encoding@3.0.0': - resolution: {integrity: sha512-eFndh1WEK5YMUYvy3lPlVmYY/fZcQE1D8oSf41Id2vCeIkKJXPcYDCZD+4+xViI6b1XSd7tE+s5AmXzz5ilabQ==} - engines: {node: '>=16.0.0'} - - '@smithy/util-middleware@3.0.3': - resolution: {integrity: sha512-l+StyYYK/eO3DlVPbU+4Bi06Jjal+PFLSMmlWM1BEwyLxZ3aKkf1ROnoIakfaA7mC6uw3ny7JBkau4Yc+5zfWw==} - engines: {node: '>=16.0.0'} - - '@smithy/util-retry@3.0.3': - resolution: {integrity: sha512-AFw+hjpbtVApzpNDhbjNG5NA3kyoMs7vx0gsgmlJF4s+yz1Zlepde7J58zpIRIsdjc+emhpAITxA88qLkPF26w==} - engines: {node: '>=16.0.0'} - - '@smithy/util-stream@3.1.3': - resolution: {integrity: sha512-FIv/bRhIlAxC0U7xM1BCnF2aDRPq0UaelqBHkM2lsCp26mcBbgI0tCVTv+jGdsQLUmAMybua/bjDsSu8RQHbmw==} - engines: {node: '>=16.0.0'} - - '@smithy/util-uri-escape@3.0.0': - resolution: {integrity: sha512-LqR7qYLgZTD7nWLBecUi4aqolw8Mhza9ArpNEQ881MJJIU2sE5iHCK6TdyqqzcDLy0OPe10IY4T8ctVdtynubg==} - engines: {node: '>=16.0.0'} - - '@smithy/util-utf8@2.3.0': - resolution: {integrity: sha512-R8Rdn8Hy72KKcebgLiv8jQcQkXoLMOGGv5uI1/k0l+snqkOzQ1R0ChUBCxWMlBsFMekWjq0wRudIweFs7sKT5A==} - engines: {node: '>=14.0.0'} - - '@smithy/util-utf8@3.0.0': - resolution: {integrity: sha512-rUeT12bxFnplYDe815GXbq/oixEGHfRFFtcTF3YdDi/JaENIM6aSYYLJydG83UNzLXeRI5K8abYd/8Sp/QM0kA==} - engines: {node: '>=16.0.0'} - - '@smithy/util-waiter@3.1.2': - resolution: {integrity: sha512-4pP0EV3iTsexDx+8PPGAKCQpd/6hsQBaQhqWzU4hqKPHN5epPsxKbvUTIiYIHTxaKt6/kEaqPBpu/ufvfbrRzw==} - engines: {node: '>=16.0.0'} - - '@szmarczak/http-timer@5.0.1': - resolution: {integrity: sha512-+PmQX0PiAYPMeVYe237LJAYvOMYW1j2rH5YROyS3b4CTVJum34HfRvKvAzozHAQG0TnHNdUfY9nCeUyRAs//cw==} - engines: {node: '>=14.16'} - - '@transloadit/prettier-bytes@0.3.4': - resolution: {integrity: sha512-8/SnIF9Q2k52mbjRVAYLranwkaDTLb+O9r4Z/uo8uNw//SjygKvvbF4BHSOuReufaAyum1q13602VcNud25Dfg==} - - '@types/body-parser@1.19.5': - resolution: {integrity: sha512-fB3Zu92ucau0iQ0JMCFQE7b/dv8Ot07NI3KaZIkIUNXq82k4eBAqUaneXfleGY9JWskeS9y+u0nXMyspcuQrCg==} - - '@types/connect@3.4.38': - resolution: {integrity: sha512-K6uROf1LD88uDQqJCktA4yzL1YYAK6NgfsI0v/mTgyPKWsX1CnJ0XPSDhViejru1GcRkLWb8RlzFYJRqGUbaug==} - - '@types/express-serve-static-core@4.19.5': - resolution: {integrity: sha512-y6W03tvrACO72aijJ5uF02FRq5cgDR9lUxddQ8vyF+GvmjJQqbzDcJngEjURc+ZsG31VI3hODNZJ2URj86pzmg==} - - '@types/express@4.17.21': - resolution: {integrity: sha512-ejlPM315qwLpaQlQDTjPdsUFSc6ZsP4AN6AlWnogPjQ7CVi7PYF3YVz+CY3jE2pwYf7E/7HlDAN0rV2GxTG0HQ==} - - '@types/http-cache-semantics@4.0.4': - resolution: {integrity: sha512-1m0bIFVc7eJWyve9S0RnuRgcQqF/Xd5QsUZAZeQFr1Q3/p9JWoQQEqmVy+DPTNpGXwhgIetAoYF8JSc33q29QA==} - - '@types/http-errors@2.0.4': - resolution: {integrity: sha512-D0CFMMtydbJAegzOyHjtiKPLlvnm3iTZyZRSZoLq2mRhDdmLfIWOCYPfQJ4cu2erKghU++QvjcUjp/5h7hESpA==} - - '@types/mime@1.3.5': - resolution: {integrity: sha512-/pyBZWSLD2n0dcHE3hq8s8ZvcETHtEuF+3E7XVt0Ig2nvsVQXdghHVcEkIWjy9A0wKfTn97a/PSDYohKIlnP/w==} - - '@types/node@22.5.2': - resolution: {integrity: sha512-acJsPTEqYqulZS/Yp/S3GgeE6GZ0qYODUR8aVr/DkhHQ8l9nd4j5x1/ZJy9/gHrRlFMqkO6i0I3E27Alu4jjPg==} - - '@types/qs@6.9.15': - resolution: {integrity: sha512-uXHQKES6DQKKCLh441Xv/dwxOq1TVS3JPUMlEqoEglvlhR6Mxnlew/Xq/LRVHpLyk7iK3zODe1qYHIMltO7XGg==} - - '@types/range-parser@1.2.7': - resolution: {integrity: sha512-hKormJbkJqzQGhziax5PItDUTMAM9uE2XXQmM37dyd4hVM+5aVl7oVxMVUiVQn2oCQFN/LKCZdvSM0pFRqbSmQ==} - - '@types/retry@0.12.2': - resolution: {integrity: sha512-XISRgDJ2Tc5q4TRqvgJtzsRkFYNJzZrhTdtMoGVBttwzzQJkPnS3WWTFc7kuDRoPtPakl+T+OfdEUjYJj7Jbow==} - - '@types/send@0.17.4': - resolution: {integrity: sha512-x2EM6TJOybec7c52BX0ZspPodMsQUd5L6PRwOunVyVUhXiBSKf3AezDL8Dgvgt5o0UfKNfuA0eMLr2wLT4AiBA==} - - '@types/serve-static@1.15.7': - resolution: {integrity: sha512-W8Ym+h8nhuRwaKPaDw34QUkwsGi6Rc4yYqvKFo5rm2FUEhCFbzVWrxXUxuKK8TASjWsysJY0nsmNCGhCOIsrOw==} - - '@uppy/aws-s3-multipart@4.0.0': - resolution: {integrity: sha512-tW7W1cBh/99PhYaYDQ4Bo5h0aCIjnCgx/n6d6h7OJMu4NRD703DV/D8AHKIRl5JgecDekiTbApy2iu3q4uKkyw==} - deprecated: Use @uppy/aws-s3 instead. - - '@uppy/aws-s3@4.1.0': - resolution: {integrity: sha512-xRip1Lo3He+3J3fP/SooEFQJKWMCVADTl8J375PzvpaeNnDFKa6W2XLEEl/fGy/K7vI4sH8Znz4+omdtSFCPSQ==} - peerDependencies: - '@uppy/core': ^4.2.0 - - '@uppy/companion-client@4.1.0': - resolution: {integrity: sha512-nQ8CQfZcYVBNtFQ6ePj7FDIq38DXlH0YpzP/91LR9gnDVISJKKUuvWfr6tPktj1lRw9FZV8jLmlMKT2ituVKiw==} - peerDependencies: - '@uppy/core': ^4.2.0 - - '@uppy/companion@5.1.0': - resolution: {integrity: sha512-8VBlmQHFfmu90eg7JbDLMJ7yjg70vd+Oo3Ywp3C8xI7Lbe4wAV6xm5Xd5wQEIC1S90abjxutGDA5JaQDGYJp7g==} - engines: {node: ^18.20.0 || ^20.15.0 || >=22.0.0} - hasBin: true - - '@uppy/core@4.2.0': - resolution: {integrity: sha512-/oQ2m/xubGfANR0UfMqYFR2mT94OpuXTp9N2cQLIQmWYZtpvfX2gyNBFtQJA3Njqpmox1RfIhOAsVFFuhYVa+Q==} - - '@uppy/store-default@4.1.0': - resolution: {integrity: sha512-z5VSc4PNXpAtrrUPg5hdKJO5Ul7u4ZYLyK+tYzvEgzgR4nLVZmpGzj/d4N90jXpUqEibWKXvevODEB5VlTLHzg==} - - '@uppy/utils@6.0.2': - resolution: {integrity: sha512-ZoNeAa1YTKSlcvXe1SP3POjzjRZ9jSojorbst03vwd1Ks9vHPGf6pne61DowTXHZ3HMj1vpcIaQ1VIEWeeADlA==} - - accepts@1.3.8: - resolution: {integrity: sha512-PYAthTa2m2VKxuvSD3DPC/Gy+U+sOA1LAuT8mkmRuvw+NACSaeXEQ+NHcVF7rONl6qcaxV3Uuemwawk+7+SJLw==} - engines: {node: '>= 0.6'} - - array-flatten@1.1.1: - resolution: {integrity: sha512-PCVAQswWemu6UdxsDFFX/+gVeYqKAod3D3UVm91jHwynguOwAvYPhx8nNlM++NqRcK6CxxpUafjmhIdKiHibqg==} - - asn1.js@5.4.1: - resolution: {integrity: sha512-+I//4cYPccV8LdmBLiX8CYvf9Sp3vQsrqu2QNXRcrbiWvcx/UdlFiqUJJzxRQxgsZmvhXhn4cSKeSmoFjVdupA==} - - base64-js@1.5.1: - resolution: {integrity: sha512-AKpaYlHn8t4SVbOHCy+b5+KKgvR4vrsD8vbvrbiQJps7fKDTkjkDry6ji0rUJjC0kzbNePLwzxq8iypo41qeWA==} - - basic-auth@2.0.1: - resolution: {integrity: sha512-NF+epuEdnUYVlGuhaxbbq+dvJttwLnGY+YixlXlME5KpQ5W3CnXA5cVTneY3SPbPDRkcjMbifrwmFYcClgOZeg==} - engines: {node: '>= 0.8'} - - bintrees@1.0.2: - resolution: {integrity: sha512-VOMgTMwjAaUG580SXn3LacVgjurrbMme7ZZNYGSSV7mmtY6QQRh0Eg3pwIcntQ77DErK1L0NxkbetjcoXzVwKw==} - - bn.js@4.12.0: - resolution: {integrity: sha512-c98Bf3tPniI+scsdk237ku1Dc3ujXQTSgyiPUDEOe7tRkhrqridvh8klBv0HCEso1OLOYcHuCv/cS6DNxKH+ZA==} - - body-parser@1.20.2: - resolution: {integrity: sha512-ml9pReCu3M61kGlqoTm2umSXTlRTuGTx0bfYj+uIUKKYycG5NtSbeetV3faSU6R7ajOPw0g/J1PvK4qNy7s5bA==} - engines: {node: '>= 0.8', npm: 1.2.8000 || >= 1.4.16} - - bowser@2.11.0: - resolution: {integrity: sha512-AlcaJBi/pqqJBIQ8U9Mcpc9i8Aqxn88Skv5d+xBX006BY5u8N3mGLHa5Lgppa7L/HfwgwLgZ6NYs+Ag6uUmJRA==} - - brorand@1.1.0: - resolution: {integrity: sha512-cKV8tMCEpQs4hK/ik71d6LrPOnpkpGBR0wzxqr68g2m/LB2GxVYQroAjMJZRVM1Y4BCjCKc3vAamxSzOY2RP+w==} - - buffer-equal-constant-time@1.0.1: - resolution: {integrity: sha512-zRpUiDwd/xk6ADqPMATG8vc9VPrkck7T07OIx0gnjmJAnHnTVXNQG3vfvWNuiZIkwu9KrKdA1iJKfsfTVxE6NA==} - - buffer-from@1.1.2: - resolution: {integrity: sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==} - - buffer@5.6.0: - resolution: {integrity: sha512-/gDYp/UtU0eA1ys8bOs9J6a+E/KWIY+DZ+Q2WESNUA0jFRsJOc0SNUO6xJ5SGA1xueg3NL65W6s+NY5l9cunuw==} - - bytes@3.1.2: - resolution: {integrity: sha512-/Nf7TyzTx6S3yRJObOAV7956r8cr2+Oj8AC5dt8wSP3BQAoeX58NoHyCU8P8zGkNXStjTSi6fzO6F0pBdcYbEg==} - engines: {node: '>= 0.8'} - - cacheable-lookup@7.0.0: - resolution: {integrity: sha512-+qJyx4xiKra8mZrcwhjMRMUhD5NR1R8esPkzIYxX96JiecFoxAXFuz/GpR3+ev4PE1WamHip78wV0vcmPQtp8w==} - engines: {node: '>=14.16'} - - cacheable-request@10.2.14: - resolution: {integrity: sha512-zkDT5WAF4hSSoUgyfg5tFIxz8XQK+25W/TLVojJTMKBaxevLBBtLxgqguAuVQB8PVW79FVjHcU+GJ9tVbDZ9mQ==} - engines: {node: '>=14.16'} - - call-bind@1.0.7: - resolution: {integrity: sha512-GHTSNSYICQ7scH7sZ+M2rFopRoLh8t2bLSW6BbgrtLsahOIB5iyAVJf9GjWK3cYTDaMj4XdBpM1cA6pIS0Kv2w==} - engines: {node: '>= 0.4'} - - cluster-key-slot@1.1.2: - resolution: {integrity: sha512-RMr0FhtfXemyinomL4hrWcYJxmX6deFdCxpJzhDttxgO1+bcCnkk+9drydLVDmAMG7NE6aN/fl4F7ucU/90gAA==} - engines: {node: '>=0.10.0'} - - combine-errors@3.0.3: - resolution: {integrity: sha512-C8ikRNRMygCwaTx+Ek3Yr+OuZzgZjduCOfSQBjbM8V3MfgcjSTeto/GXP6PAwKvJz/v15b7GHZvx5rOlczFw/Q==} - - common-tags@1.8.2: - resolution: {integrity: sha512-gk/Z852D2Wtb//0I+kRFNKKE9dIIVirjoqPoA1wJU+XePVXZfGeBpk45+A1rKO4Q43prqWBNY/MiIeRLbPWUaA==} - engines: {node: '>=4.0.0'} - - connect-redis@7.1.1: - resolution: {integrity: sha512-M+z7alnCJiuzKa8/1qAYdGUXHYfDnLolOGAUjOioB07pP39qxjG+X9ibsud7qUBc4jMV5Mcy3ugGv8eFcgamJQ==} - engines: {node: '>=16'} - peerDependencies: - express-session: '>=1' - - content-disposition@0.5.4: - resolution: {integrity: sha512-FveZTNuGw04cxlAiWbzi6zTAL/lhehaWbTtgluJh4/E95DqMwTmha3KZN1aAWA8cFIhHzMZUvLevkw5Rqk+tSQ==} - engines: {node: '>= 0.6'} - - content-type@1.0.5: - resolution: {integrity: sha512-nTjqfcBFEipKdXCv4YDQWCfmcLZKm81ldF0pAopTvyrFGVbcR6P/VAAd5G7N+0tTr8QqiU0tFadD6FK4NtJwOA==} - engines: {node: '>= 0.6'} - - cookie-parser@1.4.6: - resolution: {integrity: sha512-z3IzaNjdwUC2olLIB5/ITd0/setiaFMLYiZJle7xg5Fe9KWAceil7xszYfHHBtDFYLSgJduS2Ty0P1uJdPDJeA==} - engines: {node: '>= 0.8.0'} - - cookie-signature@1.0.6: - resolution: {integrity: sha512-QADzlaHc8icV8I7vbaJXJwod9HWYp8uCqf1xa4OfNu1T7JVxQIrUgOWtHdNDtPiywmFbiS12VjotIXLrKM3orQ==} - - cookie-signature@1.0.7: - resolution: {integrity: sha512-NXdYc3dLr47pBkpUCHtKSwIOQXLVn8dZEuywboCOJY/osA0wFSLlSawr3KN8qXJEyX66FcONTH8EIlVuK0yyFA==} - - cookie-signature@1.2.1: - resolution: {integrity: sha512-78KWk9T26NhzXtuL26cIJ8/qNHANyJ/ZYrmEXFzUmhZdjpBv+DlWlOANRTGBt48YcyslsLrj0bMLFTmXvLRCOw==} - engines: {node: '>=6.6.0'} - - cookie@0.4.1: - resolution: {integrity: sha512-ZwrFkGJxUR3EIoXtO+yVE69Eb7KlixbaeAWfBQB9vVsNn/o+Yw69gBWSSDK825hQNdN+wF8zELf3dFNl/kxkUA==} - engines: {node: '>= 0.6'} - - cookie@0.5.0: - resolution: {integrity: sha512-YZ3GUyn/o8gfKJlnlX7g7xq4gyO6OSuhGPKaaGssGB2qgDUS0gPgtTvoyZLTt9Ab6dC4hfc9dV5arkvc/OCmrw==} - engines: {node: '>= 0.6'} - - cookie@0.6.0: - resolution: {integrity: sha512-U71cyTamuh1CRNCfpGY6to28lxvNwPG4Guz/EVjgf3Jmzv0vlDp1atT9eS5dDjMYHucpHbWns6Lwf3BKz6svdw==} - engines: {node: '>= 0.6'} - - cors@2.8.5: - resolution: {integrity: sha512-KIHbLJqu73RGr/hnbrO9uBeixNGuvSQjul/jdFvS/KFSIH1hWVd1ng7zOHx+YrEfInLG7q4n6GHQ9cDtxv/P6g==} - engines: {node: '>= 0.10'} - - cron-parser@4.9.0: - resolution: {integrity: sha512-p0SaNjrHOnQeR8/VnfGbmg9te2kfyYSQ7Sc/j/6DtPL3JQvKxmjO9TSjNFpujqV3vEYYBvNNvXSxzyksBWAx1Q==} - engines: {node: '>=12.0.0'} - - custom-error-instance@2.1.1: - resolution: {integrity: sha512-p6JFxJc3M4OTD2li2qaHkDCw9SfMw82Ldr6OC9Je1aXiGfhx2W8p3GaoeaGrPJTUN9NirTM/KTxHWMUdR1rsUg==} - - debug@2.6.9: - resolution: {integrity: sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA==} - peerDependencies: - supports-color: '*' - peerDependenciesMeta: - supports-color: - optional: true - - debug@4.3.6: - resolution: {integrity: sha512-O/09Bd4Z1fBrU4VzkhFqVgpPzaGbw6Sm9FEkBT1A/YBXQFGuuSxa1dN2nxgxS34JmKXqYx8CZAwEVoJFImUXIg==} - engines: {node: '>=6.0'} - peerDependencies: - supports-color: '*' - peerDependenciesMeta: - supports-color: - optional: true - - decompress-response@6.0.0: - resolution: {integrity: sha512-aW35yZM6Bb/4oJlZncMH2LCoZtJXTRxES17vE3hoRiowU2kWHaJKFkSBDnDR+cm9J+9QhXmREyIfv0pji9ejCQ==} - engines: {node: '>=10'} - - defer-to-connect@2.0.1: - resolution: {integrity: sha512-4tvttepXG1VaYGrRibk5EwJd1t4udunSOVMdLSAL6mId1ix438oPwPZMALY41FCijukO1L0twNcGsdzS7dHgDg==} - engines: {node: '>=10'} - - define-data-property@1.1.4: - resolution: {integrity: sha512-rBMvIzlpA8v6E+SJZoo++HAYqsLrkg7MSfIinMPFhmkorw7X+dOXVJQs+QT69zGkzMyfDnIMN2Wid1+NbL3T+A==} - engines: {node: '>= 0.4'} - - denque@2.1.0: - resolution: {integrity: sha512-HVQE3AAb/pxF8fQAoiqpvg9i3evqug3hoiwakOyZAwJm+6vZehbkYXZ0l4JxS+I3QxM97v5aaRNhj8v5oBhekw==} - engines: {node: '>=0.10'} - - depd@2.0.0: - resolution: {integrity: sha512-g7nH6P6dyDioJogAAGprGpCtVImJhpPk/roCzdb3fIh61/s/nPsfR6onyMwkCAR/OlC3yBC0lESvUoQEAssIrw==} - engines: {node: '>= 0.8'} - - destroy@1.2.0: - resolution: {integrity: sha512-2sJGJTaXIIaR1w4iJSNoN0hnMY7Gpc/n8D4qSCJw8QqFWXf7cuAgnEHxBpweaVcPevC2l3KpjYCx3NypQQgaJg==} - engines: {node: '>= 0.8', npm: 1.2.8000 || >= 1.4.16} - - dotenv@16.4.5: - resolution: {integrity: sha512-ZmdL2rui+eB2YwhsWzjInR8LldtZHGDoQ1ugH85ppHKwpUHL7j7rN0Ti9NCnGiQbhaZ11FpR+7ao1dNsmduNUg==} - engines: {node: '>=12'} - - ecdsa-sig-formatter@1.0.11: - resolution: {integrity: sha512-nagl3RYrbNv6kQkeJIpt6NJZy8twLB/2vtz6yN9Z4vRKHN4/QZJIEbqohALSgwKdnksuY3k5Addp5lg8sVoVcQ==} - - ee-first@1.1.1: - resolution: {integrity: sha512-WMwm9LhRUo+WUaRN+vRuETqG89IgZphVSNkdFgeb6sS/E4OrDIN7t48CAewSHXc6C8lefD8KKfr5vY61brQlow==} - - elliptic@6.5.7: - resolution: {integrity: sha512-ESVCtTwiA+XhY3wyh24QqRGBoP3rEdDUl3EDUUo9tft074fi19IrdpH7hLCMMP3CIj7jb3W96rn8lt/BqIlt5Q==} - - encodeurl@1.0.2: - resolution: {integrity: sha512-TPJXq8JqFaVYm2CWmPvnP2Iyo4ZSM7/QKcSmuMLDObfpH5fi7RUGmd/rTDf+rut/saiDiQEeVTNgAmJEdAOx0w==} - engines: {node: '>= 0.8'} - - es-define-property@1.0.0: - resolution: {integrity: sha512-jxayLKShrEqqzJ0eumQbVhTYQM27CfT1T35+gCgDFoL82JLsXqTJ76zv6A0YLOgEnLUMvLzsDsGIrl8NFpT2gQ==} - engines: {node: '>= 0.4'} - - es-errors@1.3.0: - resolution: {integrity: sha512-Zf5H2Kxt2xjTvbJvP2ZWLEICxA6j+hAmMzIlypy4xcBg1vKVnx89Wy0GbS+kf5cwCVFFzdCFh2XSCFNULS6csw==} - engines: {node: '>= 0.4'} - - escape-goat@3.0.0: - resolution: {integrity: sha512-w3PwNZJwRxlp47QGzhuEBldEqVHHhh8/tIPcl6ecf2Bou99cdAt0knihBV0Ecc7CGxYduXVBDheH1K2oADRlvw==} - engines: {node: '>=10'} - - escape-html@1.0.3: - resolution: {integrity: sha512-NiSupZ4OeuGwr68lGIeym/ksIZMJodUGOSCZ/FSnTxcrekbvqrgdUxlJOMpijaKZVjAJrWrGs/6Jy8OMuyj9ow==} - - escape-string-regexp@4.0.0: - resolution: {integrity: sha512-TtpcNJ3XAzx3Gq8sWRzJaVajRs0uVxA2YAkdb1jm2YkPz4G6egUFAyA3n5vtEIZefPk5Wa4UXbKuS5fKkJWdgA==} - engines: {node: '>=10'} - - etag@1.8.1: - resolution: {integrity: sha512-aIL5Fx7mawVa300al2BnEE4iNvo1qETxLrPI/o05L7z6go7fCw1J6EQmbK4FmJ2AS7kgVF/KEZWufBfdClMcPg==} - engines: {node: '>= 0.6'} - - events@3.3.0: - resolution: {integrity: sha512-mQw+2fkQbALzQ7V0MY0IqdnXNOeTtP4r0lN9z7AAawCXgqea7bDii20AYrIBrFd/Hx0M2Ocz6S111CaFkUcb0Q==} - engines: {node: '>=0.8.x'} - - express-interceptor@1.2.0: - resolution: {integrity: sha512-fCbcJv8ZwabDg0M/3PmHUxfr/WKHGMpAicR9TfGdhANV4M1GBDSrBTenHIK3aegyRN5S6eDwlvyNFiLynnc19w==} - - express-prom-bundle@7.0.0: - resolution: {integrity: sha512-VwVaCyGBGHkHdecpTqRdW1Jm2fXK8weCUKjGjNWorc9g4M+cZ3xoj+N9uQzfRWfIPXJG5QOaiAziOIalQzMwgA==} - engines: {node: '>=18'} - peerDependencies: - prom-client: '>=15.0.0' - - express-session@1.18.0: - resolution: {integrity: sha512-m93QLWr0ju+rOwApSsyso838LQwgfs44QtOP/WBiwtAgPIo/SAh1a5c6nn2BR6mFNZehTpqKDESzP+fRHVbxwQ==} - engines: {node: '>= 0.8.0'} - - express@4.19.2: - resolution: {integrity: sha512-5T6nhjsT+EOMzuck8JjBHARTHfMht0POzlA60WV2pMD3gyXw2LZnZ+ueGdNxG+0calOJcWKbpFcuzLZ91YWq9Q==} - engines: {node: '>= 0.10.0'} - - fast-safe-stringify@2.1.1: - resolution: {integrity: sha512-W+KJc2dmILlPplD/H4K9l9LcAHAfPtP6BY84uVLXQ6Evcz9Lcg33Y2z1IVblT6xdY54PXYVHEv+0Wpq8Io6zkA==} - - fast-xml-parser@4.4.1: - resolution: {integrity: sha512-xkjOecfnKGkSsOwtZ5Pz7Us/T6mrbPQrq0nh+aCO5V9nk5NLWmasAHumTKjiPJPWANe+kAZ84Jc8ooJkzZ88Sw==} - hasBin: true - - finalhandler@1.2.0: - resolution: {integrity: sha512-5uXcUVftlQMFnWC9qu/svkWv3GTd2PfUhK/3PLkYNAe7FbqJMt3515HaxE6eRL74GdsriiwujiawdaB1BpEISg==} - engines: {node: '>= 0.8'} - - form-data-encoder@2.1.4: - resolution: {integrity: sha512-yDYSgNMraqvnxiEXO4hi88+YZxaHC6QKzb5N84iRCTDeRO7ZALpir/lVmf/uXUhnwUr2O4HU8s/n6x+yNjQkHw==} - engines: {node: '>= 14.17'} - - forwarded@0.2.0: - resolution: {integrity: sha512-buRG0fpBtRHSTCOASe6hD258tEubFoRLb4ZNA6NxMVHNw2gOcwHo9wyablzMzOA5z9xA9L1KNjk/Nt6MT9aYow==} - engines: {node: '>= 0.6'} - - fresh@0.5.2: - resolution: {integrity: sha512-zJ2mQYM18rEFOudeV4GShTGIQ7RbzA7ozbU9I/XBpm7kqgMywgmylMwXHxZJmkVoYkna9d2pVXVXPdYTP9ej8Q==} - engines: {node: '>= 0.6'} - - function-bind@1.1.2: - resolution: {integrity: sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA==} - - get-intrinsic@1.2.4: - resolution: {integrity: sha512-5uYhsJH8VJBTv7oslg4BznJYhDoRI6waYCxMmCdnTrcCrHA/fCFKoTFz2JKKE0HdDFUF7/oQuhzumXJK7paBRQ==} - engines: {node: '>= 0.4'} - - get-stream@6.0.1: - resolution: {integrity: sha512-ts6Wi+2j3jQjqi70w5AlN8DFnkSwC+MqmxEzdEALB2qXZYV3X/b1CTfgPLGJNMeAWxdPfU8FO1ms3NUfaHCPYg==} - engines: {node: '>=10'} - - gopd@1.0.1: - resolution: {integrity: sha512-d65bNlIadxvpb/A2abVdlqKqV563juRnZ1Wtk6s1sIR8uNsXR70xqIzVqxVf1eTqDunwT2MkczEeaezCKTZhwA==} - - got@13.0.0: - resolution: {integrity: sha512-XfBk1CxOOScDcMr9O1yKkNaQyy865NbYs+F7dr4H0LZMVgCj2Le59k6PqbNHoL5ToeaEQUYh6c6yMfVcc6SJxA==} - engines: {node: '>=16'} - - graceful-fs@4.2.11: - resolution: {integrity: sha512-RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ==} - - grant@5.4.22: - resolution: {integrity: sha512-DEi+/JjXT84mmFYhSmv+SX14v+3Z7vuCIYAMwtdPCTXHMSLhWqSYqWAMXDUQZuV7yaJv2d84AYnkCFNooLKBsA==} - engines: {node: '>=12.0.0'} - - has-flag@4.0.0: - resolution: {integrity: sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==} - engines: {node: '>=8'} - - has-property-descriptors@1.0.2: - resolution: {integrity: sha512-55JNKuIW+vq4Ke1BjOTjM2YctQIvCT7GFzHwmfZPGo5wnrgkid0YQtnAleFSqumZm4az3n2BS+erby5ipJdgrg==} - - has-proto@1.0.3: - resolution: {integrity: sha512-SJ1amZAJUiZS+PhsVLf5tGydlaVB8EdFpaSO4gmiUKUOxk8qzn5AIy4ZeJUmh22znIdk/uMAUT2pl3FxzVUH+Q==} - engines: {node: '>= 0.4'} - - has-symbols@1.0.3: - resolution: {integrity: sha512-l3LCuF6MgDNwTDKkdYGEihYjt5pRPbEg46rtlmnSPlUbgmB8LOIrKJbYYFBSbnPaJexMKtiPO8hmeRjRz2Td+A==} - engines: {node: '>= 0.4'} - - hash.js@1.1.7: - resolution: {integrity: sha512-taOaskGt4z4SOANNseOviYDvjEJinIkRgmp7LbKP2YTTmVxWBl87s/uzK9r+44BclBSp2X7K1hqeNfz9JbBeXA==} - - hasown@2.0.2: - resolution: {integrity: sha512-0hJU9SCPvmMzIBdZFqNPXWa6dqh7WdH0cII9y+CyS8rG3nL48Bclra9HmKhVVUHyPWNH5Y7xDwAB7bfgSjkUMQ==} - engines: {node: '>= 0.4'} - - helmet@7.1.0: - resolution: {integrity: sha512-g+HZqgfbpXdCkme/Cd/mZkV0aV3BZZZSugecH03kl38m/Kmdx8jKjBikpDj2cr+Iynv4KpYEviojNdTJActJAg==} - engines: {node: '>=16.0.0'} - - hmac-drbg@1.0.1: - resolution: {integrity: sha512-Tti3gMqLdZfhOQY1Mzf/AanLiqh1WTiJgEj26ZuYQ9fbkLomzGchCws4FyrSd4VkpBfiNhaE1On+lOz894jvXg==} - - http-cache-semantics@4.1.1: - resolution: {integrity: sha512-er295DKPVsV82j5kw1Gjt+ADA/XYHsajl82cGNQG2eyoPkvgUhX+nDIyelzhIWbbsXP39EHcI6l5tYs2FYqYXQ==} - - http-errors@2.0.0: - resolution: {integrity: sha512-FtwrG/euBzaEjYeRqOgly7G0qviiXoJWnvEH2Z1plBdXgbyjv34pHTSb9zoeHMyDy33+DWy5Wt9Wo+TURtOYSQ==} - engines: {node: '>= 0.8'} - - http2-wrapper@2.2.1: - resolution: {integrity: sha512-V5nVw1PAOgfI3Lmeaj2Exmeg7fenjhRUgz1lPSezy1CuhPYbgQtbQj4jZfEAEMlaL+vupsvhjqCyjzob0yxsmQ==} - engines: {node: '>=10.19.0'} - - iconv-lite@0.4.24: - resolution: {integrity: sha512-v3MXnZAcvnywkTUEZomIActle7RXXeedOR31wwl7VlyoXO4Qi9arvSenNQWne1TcRwhCL1HwLI21bEqdpj8/rA==} - engines: {node: '>=0.10.0'} - - ieee754@1.2.1: - resolution: {integrity: sha512-dcyqhDvX1C46lXZcVqCpK+FtMRQVdIMN6/Df5js2zouUsqG7I6sFxitIC+7KYK29KdXOLHdu9zL4sFnoVQnqaA==} - - inherits@2.0.4: - resolution: {integrity: sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==} - - ioredis@5.4.1: - resolution: {integrity: sha512-2YZsvl7jopIa1gaePkeMtd9rAcSjOOjPtpcLlOeusyO+XH2SK5ZcT+UCrElPP+WVIInh2TzeI4XW9ENaSLVVHA==} - engines: {node: '>=12.22.0'} - - ipaddr.js@1.9.1: - resolution: {integrity: sha512-0KI/607xoxSToH7GjN1FfSbLoU0+btTicjsQSWQlh/hZykN8KpmMf7uYwPW3R+akZ6R/w18ZlXSHBYXiYUPO3g==} - engines: {node: '>= 0.10'} - - ipaddr.js@2.2.0: - resolution: {integrity: sha512-Ag3wB2o37wslZS19hZqorUnrnzSkpOVy+IiiDEiTqNubEYpYuHWIf6K4psgN2ZWKExS4xhVCrRVfb/wfW8fWJA==} - engines: {node: '>= 10'} - - is-network-error@1.1.0: - resolution: {integrity: sha512-tUdRRAnhT+OtCZR/LxZelH/C7QtjtFrTu5tXCA8pl55eTUElUHT+GPYV8MBMBvea/j+NxQqVt3LbWMRir7Gx9g==} - engines: {node: '>=16'} - - is-stream@2.0.1: - resolution: {integrity: sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg==} - engines: {node: '>=8'} - - js-base64@3.7.7: - resolution: {integrity: sha512-7rCnleh0z2CkXhH67J8K1Ytz0b2Y+yxTPL+/KOJoa20hfnVQ/3/T6W/KflYI4bRHRagNeXeU2bkNGI3v1oS/lw==} - - js-tokens@4.0.0: - resolution: {integrity: sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==} - - json-buffer@3.0.1: - resolution: {integrity: sha512-4bV5BfR2mqfQTJm+V5tPPdf+ZpuhiIvTuAB5g8kcrXOZpTT/QwwVRWBywX1ozr6lEuPdbHxwaJlm9G6mI2sfSQ==} - - jsonwebtoken@9.0.2: - resolution: {integrity: sha512-PRp66vJ865SSqOlgqS8hujT5U4AOgMfhrwYIuIhfKaoSCZcirrmASQr8CX7cUg+RMih+hgznrjp99o+W4pJLHQ==} - engines: {node: '>=12', npm: '>=6'} - - jwa@1.4.1: - resolution: {integrity: sha512-qiLX/xhEEFKUAJ6FiBMbes3w9ATzyk5W7Hvzpa/SLYdxNtng+gcurvrI7TbACjIXlsJyr05/S1oUhZrc63evQA==} - - jwa@2.0.0: - resolution: {integrity: sha512-jrZ2Qx916EA+fq9cEAeCROWPTfCwi1IVHqT2tapuqLEVVDKFDENFw1oL+MwrTvH6msKxsd1YTDVw6uKEcsrLEA==} - - jwk-to-pem@2.0.6: - resolution: {integrity: sha512-zPC/5vjyR08TpknpTGW6Z3V3lDf9dU92oHbf0jJlG8tGOzslF9xk2UiO/seSx2llCUrNAe+AvmuGTICSXiYU7A==} - - jws@3.2.2: - resolution: {integrity: sha512-YHlZCB6lMTllWDtSPHz/ZXTsi8S00usEV6v1tjq8tOUZzw7DpSDWVXjXDre6ed1w/pd495ODpHZYSdkRTsa0HA==} - - jws@4.0.0: - resolution: {integrity: sha512-KDncfTmOZoOMTFG4mBlG0qUIOlc03fmzH+ru6RgYVZhPkyiy/92Owlt/8UEN+a4TXR1FQetfIpJE8ApdvdVxTg==} - - keyv@4.5.4: - resolution: {integrity: sha512-oxVHkHR/EJf2CNXnWxRLW6mg7JyCCUcG0DtEGmL2ctUo1PNTin1PUil+r/+4r5MpVgC/fn1kjsx7mjSujKqIpw==} - - lodash._baseiteratee@4.7.0: - resolution: {integrity: sha512-nqB9M+wITz0BX/Q2xg6fQ8mLkyfF7MU7eE+MNBNjTHFKeKaZAPEzEg+E8LWxKWf1DQVflNEn9N49yAuqKh2mWQ==} - - lodash._basetostring@4.12.0: - resolution: {integrity: sha512-SwcRIbyxnN6CFEEK4K1y+zuApvWdpQdBHM/swxP962s8HIxPO3alBH5t3m/dl+f4CMUug6sJb7Pww8d13/9WSw==} - - lodash._baseuniq@4.6.0: - resolution: {integrity: sha512-Ja1YevpHZctlI5beLA7oc5KNDhGcPixFhcqSiORHNsp/1QTv7amAXzw+gu4YOvErqVlMVyIJGgtzeepCnnur0A==} - - lodash._createset@4.0.3: - resolution: {integrity: sha512-GTkC6YMprrJZCYU3zcqZj+jkXkrXzq3IPBcF/fIPpNEAB4hZEtXU8zp/RwKOvZl43NUmwDbyRk3+ZTbeRdEBXA==} - - lodash._root@3.0.1: - resolution: {integrity: sha512-O0pWuFSK6x4EXhM1dhZ8gchNtG7JMqBtrHdoUFUWXD7dJnNSUze1GuyQr5sOs0aCvgGeI3o/OJW8f4ca7FDxmQ==} - - lodash._stringtopath@4.8.0: - resolution: {integrity: sha512-SXL66C731p0xPDC5LZg4wI5H+dJo/EO4KTqOMwLYCH3+FmmfAKJEZCm6ohGpI+T1xwsDsJCfL4OnhorllvlTPQ==} - - lodash.defaults@4.2.0: - resolution: {integrity: sha512-qjxPLHd3r5DnsdGacqOMU6pb/avJzdh9tFX2ymgoZE27BmjXrNy/y4LoaiTeAb+O3gL8AfpJGtqfX/ae2leYYQ==} - - lodash.includes@4.3.0: - resolution: {integrity: sha512-W3Bx6mdkRTGtlJISOvVD/lbqjTlPPUDTMnlXZFnVwi9NKJ6tiAk6LVdlhZMm17VZisqhKcgzpO5Wz91PCt5b0w==} - - lodash.isarguments@3.1.0: - resolution: {integrity: sha512-chi4NHZlZqZD18a0imDHnZPrDeBbTtVN7GXMwuGdRH9qotxAjYs3aVLKc7zNOG9eddR5Ksd8rvFEBc9SsggPpg==} - - lodash.isboolean@3.0.3: - resolution: {integrity: sha512-Bz5mupy2SVbPHURB98VAcw+aHh4vRV5IPNhILUCsOzRmsTmSQ17jIuqopAentWoehktxGd9e/hbIXq980/1QJg==} - - lodash.isinteger@4.0.4: - resolution: {integrity: sha512-DBwtEWN2caHQ9/imiNeEA5ys1JoRtRfY3d7V9wkqtbycnAmTvRRmbHKDV4a0EYc678/dia0jrte4tjYwVBaZUA==} - - lodash.isnumber@3.0.3: - resolution: {integrity: sha512-QYqzpfwO3/CWf3XP+Z+tkQsfaLL/EnUlXWVkIk5FUPc4sBdTehEqZONuyRt2P67PXAk+NXmTBcc97zw9t1FQrw==} - - lodash.isplainobject@4.0.6: - resolution: {integrity: sha512-oSXzaWypCMHkPC3NvBEaPHf0KsA5mvPrOPgQWDsbg8n7orZ290M0BmC/jgRZ4vcJ6DTAhjrsSYgdsW/F+MFOBA==} - - lodash.isstring@4.0.1: - resolution: {integrity: sha512-0wJxfxH1wgO3GrbuP+dTTk7op+6L41QCXbGINEmD+ny/G/eCqGzxyCsh7159S+mgDDcoarnBw6PC1PS5+wUGgw==} - - lodash.once@4.1.1: - resolution: {integrity: sha512-Sb487aTOCr9drQVL8pIxOzVhafOjZN9UU54hiN8PU3uAiSV7lx1yYNpbNmex2PK6dSJoNTSJUUswT651yww3Mg==} - - lodash.throttle@4.1.1: - resolution: {integrity: sha512-wIkUCfVKpVsWo3JSZlc+8MB5it+2AN5W8J7YVMST30UrvcQNZ1Okbj+rbVniijTWE6FGYy4XJq/rHkas8qJMLQ==} - - lodash.uniqby@4.5.0: - resolution: {integrity: sha512-IRt7cfTtHy6f1aRVA5n7kT8rgN3N1nH6MOWLcHfpWG2SH19E3JksLK38MktLxZDhlAjCP9jpIXkOnRXlu6oByQ==} - - lodash@4.17.21: - resolution: {integrity: sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==} - - long-timeout@0.1.1: - resolution: {integrity: sha512-BFRuQUqc7x2NWxfJBCyUrN8iYUYznzL9JROmRz1gZ6KlOIgmoD+njPVbb+VNn2nGMKggMsK79iUNErillsrx7w==} - - loose-envify@1.4.0: - resolution: {integrity: sha512-lyuxPGr/Wfhrlem2CL/UcnUc1zcqKAImBDzukY7Y5F/yQiNdko6+fRLevlw1HgMySw7f611UIY408EtxRSoK3Q==} - hasBin: true - - lowercase-keys@3.0.0: - resolution: {integrity: sha512-ozCC6gdQ+glXOQsveKD0YsDy8DSQFjDTz4zyzEHNV5+JP5D62LmfDZ6o1cycFx9ouG940M5dE8C8CTewdj2YWQ==} - engines: {node: ^12.20.0 || ^14.13.1 || >=16.0.0} - - lru-cache@4.1.5: - resolution: {integrity: sha512-sWZlbEP2OsHNkXrMl5GYk/jKk70MBng6UU4YI/qGDYbgf6YbP4EvmqISbXCoJiRKs+1bSpFHVgQxvJ17F2li5g==} - - luxon@3.5.0: - resolution: {integrity: sha512-rh+Zjr6DNfUYR3bPwJEnuwDdqMbxZW7LOQfUN4B54+Cl+0o5zaU9RJ6bcidfDtC1cWCZXQ+nvX8bf6bAji37QQ==} - engines: {node: '>=12'} - - media-typer@0.3.0: - resolution: {integrity: sha512-dq+qelQ9akHpcOl/gUVRTxVIOkAJ1wR3QAvb4RsVjS8oVoFjDGTc679wJYmUmknUF5HwMLOgb5O+a3KxfWapPQ==} - engines: {node: '>= 0.6'} - - memorystore@1.6.7: - resolution: {integrity: sha512-OZnmNY/NDrKohPQ+hxp0muBcBKrzKNtHr55DbqSx9hLsYVNnomSAMRAtI7R64t3gf3ID7tHQA7mG4oL3Hu9hdw==} - engines: {node: '>=0.10'} - - merge-descriptors@1.0.1: - resolution: {integrity: sha512-cCi6g3/Zr1iqQi6ySbseM1Xvooa98N0w31jzUYrXPX2xqObmFGHJ0tQ5u74H3mVh7wLouTseZyYIq39g8cNp1w==} - - methods@1.1.2: - resolution: {integrity: sha512-iclAHeNqNm68zFtnZ0e+1L2yUIdvzNoauKU4WBA3VvH/vPFieF7qfRlwUZU+DA9P9bPXIS90ulxoUoCH23sV2w==} - engines: {node: '>= 0.6'} - - mime-db@1.52.0: - resolution: {integrity: sha512-sPU4uV7dYlvtWJxwwxHD0PuihVNiE7TyAbQ5SWxDCB9mUYvOgroQOwYQQOKPJ8CIbE+1ETVlOoK1UC2nU3gYvg==} - engines: {node: '>= 0.6'} - - mime-match@1.0.2: - resolution: {integrity: sha512-VXp/ugGDVh3eCLOBCiHZMYWQaTNUHv2IJrut+yXA6+JbLPXHglHwfS/5A5L0ll+jkCY7fIzRJcH6OIunF+c6Cg==} - - mime-types@2.1.35: - resolution: {integrity: sha512-ZDY+bPm5zTTF+YpCrAU9nK0UgICYPT0QtT1NZWFv4s++TNkcgVaT0g6+4R2uI4MjQjzysHB1zxuWL50hzaeXiw==} - engines: {node: '>= 0.6'} - - mime@1.6.0: - resolution: {integrity: sha512-x0Vn8spI+wuJ1O6S7gnbaQg8Pxh4NNHb7KSINmEWKiPE4RKOplvijn+NkmYmmRgP68mc70j2EbeTFRsrswaQeg==} - engines: {node: '>=4'} - hasBin: true - - mimic-response@3.1.0: - resolution: {integrity: sha512-z0yWI+4FDrrweS8Zmt4Ej5HdJmky15+L2e6Wgn3+iK5fWzb6T3fhNFq2+MeTRb064c6Wr4N/wv0DzQTjNzHNGQ==} - engines: {node: '>=10'} - - mimic-response@4.0.0: - resolution: {integrity: sha512-e5ISH9xMYU0DzrT+jl8q2ze9D6eWBto+I8CNpe+VI+K2J/F/k3PdkdTdz4wvGVH4NTpo+NRYTVIuMQEMMcsLqg==} - engines: {node: ^12.20.0 || ^14.13.1 || >=16.0.0} - - minimalistic-assert@1.0.1: - resolution: {integrity: sha512-UtJcAD4yEaGtjPezWuO9wC4nwUnVH/8/Im3yEHQP4b67cXlD/Qr9hdITCU1xDbSEXg2XKNaP8jsReV7vQd00/A==} - - minimalistic-crypto-utils@1.0.1: - resolution: {integrity: sha512-JIYlbt6g8i5jKfJ3xz7rF0LXmv2TkDxBLUkiBeZ7bAx4GnnNMr8xFpGnOxn6GhTEHx3SjRrZEoU+j04prX1ktg==} - - moment-timezone@0.5.45: - resolution: {integrity: sha512-HIWmqA86KcmCAhnMAN0wuDOARV/525R2+lOLotuGFzn4HO+FH+/645z2wx0Dt3iDv6/p61SIvKnDstISainhLQ==} - - moment@2.30.1: - resolution: {integrity: sha512-uEmtNhbDOrWPFS+hdjFCBfy9f2YoyzRpwcl+DqpC6taX21FzsTLQVbMV/W7PzNSX6x/bhC1zA3c2UQ5NzH6how==} - - morgan@1.10.0: - resolution: {integrity: sha512-AbegBVI4sh6El+1gNwvD5YIck7nSA36weD7xvIxG4in80j/UoK8AEGaWnnz8v1GxonMCltmlNs5ZKbGvl9b1XQ==} - engines: {node: '>= 0.8.0'} - - ms@2.0.0: - resolution: {integrity: sha512-Tpp60P6IUJDTuOq/5Z8cdskzJujfwqfOTkrwIwj7IRISpnkJnT6SyJ4PCPnGMoFjC9ddhal5KVIYtAt97ix05A==} - - ms@2.1.2: - resolution: {integrity: sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==} - - ms@2.1.3: - resolution: {integrity: sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==} - - namespace-emitter@2.0.1: - resolution: {integrity: sha512-N/sMKHniSDJBjfrkbS/tpkPj4RAbvW3mr8UAzvlMHyun93XEm83IAvhWtJVHo+RHn/oO8Job5YN4b+wRjSVp5g==} - - nanoid@5.0.7: - resolution: {integrity: sha512-oLxFY2gd2IqnjcYyOXD8XGCftpGtZP2AbHbOkthDkvRywH5ayNtPVy9YlOPcHckXzbLTCHpkb7FB+yuxKV13pQ==} - engines: {node: ^18 || >=20} - hasBin: true - - negotiator@0.6.3: - resolution: {integrity: sha512-+EUsqGPLsM+j/zdChZjsnX51g4XrHFOIXwfnCVPGlQk/k5giakcKsuxCObBRu6DSm9opw/O6slWbJdghQM4bBg==} - engines: {node: '>= 0.6'} - - node-schedule@2.1.1: - resolution: {integrity: sha512-OXdegQq03OmXEjt2hZP33W2YPs/E5BcFQks46+G2gAxs4gHOIVD1u7EqlYLYSKsaIpyKCK9Gbk0ta1/gjRSMRQ==} - engines: {node: '>=6'} - - normalize-url@8.0.1: - resolution: {integrity: sha512-IO9QvjUMWxPQQhs60oOu10CRkWCiZzSUkzbXGGV9pviYl1fXYcvkzQ5jV9z8Y6un8ARoVRl4EtC6v6jNqbaJ/w==} - engines: {node: '>=14.16'} - - oauth-sign@0.9.0: - resolution: {integrity: sha512-fexhUFFPTGV8ybAtSIGbV6gOkSv8UtRbDBnAyLQw4QPKkgNlsH2ByPGtMUqdWkos6YCRmAqViwgZrJc/mRDzZQ==} - - object-assign@4.1.1: - resolution: {integrity: sha512-rJgTQnkUnH1sFw8yT6VSU3zD3sWmu6sZhIseY8VX+GRu3P6F7Fu+JNDoXfklElbLJSnc3FUQHVe4cU5hj+BcUg==} - engines: {node: '>=0.10.0'} - - object-inspect@1.13.2: - resolution: {integrity: sha512-IRZSRuzJiynemAXPYtPe5BoI/RESNYR7TYm50MC5Mqbd3Jmw5y790sErYw3V6SryFJD64b74qQQs9wn5Bg/k3g==} - engines: {node: '>= 0.4'} - - on-finished@2.3.0: - resolution: {integrity: sha512-ikqdkGAAyf/X/gPhXGvfgAytDZtDbr+bkNUJ0N9h5MI/dmdgCs3l6hoHrcUv41sRKew3jIwrp4qQDXiK99Utww==} - engines: {node: '>= 0.8'} - - on-finished@2.4.1: - resolution: {integrity: sha512-oVlzkg3ENAhCk2zdv7IJwd/QUD4z2RxRwpkcGY8psCVcCYZNq4wYnVWALHM+brtuJjePWiYF/ClmuDr8Ch5+kg==} - engines: {node: '>= 0.8'} - - on-headers@1.0.2: - resolution: {integrity: sha512-pZAE+FJLoyITytdqK0U5s+FIpjN0JP3OzFi/u8Rx+EV5/W+JTWGXG8xFzevE7AjBfDqHv/8vL8qQsIhHnqRkrA==} - engines: {node: '>= 0.8'} - - p-cancelable@3.0.0: - resolution: {integrity: sha512-mlVgR3PGuzlo0MmTdk4cXqXWlwQDLnONTAg6sm62XkMJEiRxN3GL3SffkYvqwonbkJBcrI7Uvv5Zh9yjvn2iUw==} - engines: {node: '>=12.20'} - - p-retry@6.2.0: - resolution: {integrity: sha512-JA6nkq6hKyWLLasXQXUrO4z8BUZGUt/LjlJxx8Gb2+2ntodU/SS63YZ8b0LUTbQ8ZB9iwOfhEPhg4ykKnn2KsA==} - engines: {node: '>=16.17'} - - parseurl@1.3.3: - resolution: {integrity: sha512-CiyeOxFT/JZyN5m0z9PfXw4SCBJ6Sygz1Dpl0wqjlhDEGGBP1GnsUVEL0p63hoG1fcj3fHynXi9NYO4nWOL+qQ==} - engines: {node: '>= 0.8'} - - path-to-regexp@0.1.7: - resolution: {integrity: sha512-5DFkuoqlv1uYQKxy8omFBeJPQcdoE07Kv2sferDCrAq1ohOU+MSDswDIbnx3YAM60qIOnYa53wBhXW0EbMonrQ==} - - preact@10.23.2: - resolution: {integrity: sha512-kKYfePf9rzKnxOAKDpsWhg/ysrHPqT+yQ7UW4JjdnqjFIeNUnNcEJvhuA8fDenxAGWzUqtd51DfVg7xp/8T9NA==} - - prom-client@15.1.2: - resolution: {integrity: sha512-on3h1iXb04QFLLThrmVYg1SChBQ9N1c+nKAjebBjokBqipddH3uxmOUcEkTnzmJ8Jh/5TSUnUqS40i2QB2dJHQ==} - engines: {node: ^16 || ^18 || >=20} - - proper-lockfile@4.1.2: - resolution: {integrity: sha512-TjNPblN4BwAWMXU8s9AEz4JmQxnD1NNL7bNOY/AKUzyamc379FWASUhc/K1pL2noVb+XmZKLL68cjzLsiOAMaA==} - - proxy-addr@2.0.7: - resolution: {integrity: sha512-llQsMLSUDUPT44jdrU/O37qlnifitDP+ZwrmmZcoSKyLKvtZxpyV0n2/bD/N4tBAAZ/gJEdZU7KMraoK1+XYAg==} - engines: {node: '>= 0.10'} - - pseudomap@1.0.2: - resolution: {integrity: sha512-b/YwNhb8lk1Zz2+bXXpS/LK9OisiZZ1SNsSLxN1x2OXVEhW2Ckr/7mWE5vrC1ZTiJlD9g19jWszTmJsB+oEpFQ==} - - qs@6.11.0: - resolution: {integrity: sha512-MvjoMCJwEarSbUYk5O+nmoSzSutSsTwF85zcHPQ9OrlFoZOYIjaqBAJIqIXjptyD5vThxGq52Xu/MaJzRkIk4Q==} - engines: {node: '>=0.6'} - - qs@6.13.0: - resolution: {integrity: sha512-+38qI9SOr8tfZ4QmJNplMUxqjbe7LKvvZgWdExBOmd+egZTtjLB67Gu0HRX3u/XOq7UU2Nx6nsjvS16Z9uwfpg==} - engines: {node: '>=0.6'} - - querystringify@2.2.0: - resolution: {integrity: sha512-FIqgj2EUvTa7R50u0rGsyTftzjYmv/a3hO345bZNrqabNqjtgiDMgmo4mkUjd+nzU5oF3dClKqFIPUKybUyqoQ==} - - quick-lru@5.1.1: - resolution: {integrity: sha512-WuyALRjWPDGtt/wzJiadO5AXY+8hZ80hVpe6MyivgraREW751X3SbhRvG3eLKOYN+8VEvqLcf3wdnt44Z4S4SA==} - engines: {node: '>=10'} - - random-bytes@1.0.0: - resolution: {integrity: sha512-iv7LhNVO047HzYR3InF6pUcUsPQiHTM1Qal51DcGSuZFBil1aBBWG5eHPNek7bvILMaYJ/8RU1e8w1AMdHmLQQ==} - engines: {node: '>= 0.8'} - - randombytes@2.1.0: - resolution: {integrity: sha512-vYl3iOX+4CKUWuxGi9Ukhie6fsqXqS9FE2Zaic4tNFD2N2QQaXOMFbuKK4QmDHC0JO6B1Zp41J0LpT0oR68amQ==} - - range-parser@1.2.1: - resolution: {integrity: sha512-Hrgsx+orqoygnmhFbKaHE6c296J+HTAQXoxEF6gNupROmmGJRoyzfG3ccAveqCBrwr/2yxQ5BVd/GTl5agOwSg==} - engines: {node: '>= 0.6'} - - raw-body@2.5.2: - resolution: {integrity: sha512-8zGqypfENjCIqGhgXToC8aB2r7YrBX+AQAfIPs/Mlk+BtPTztOvTS01NRW/3Eh60J+a48lt8qsCzirQ6loCVfA==} - engines: {node: '>= 0.8'} - - react-hook-form@7.53.0: - resolution: {integrity: sha512-M1n3HhqCww6S2hxLxciEXy2oISPnAzxY7gvwVPrtlczTM/1dDadXgUxDpHMrMTblDOcm/AXtXxHwZ3jpg1mqKQ==} - engines: {node: '>=18.0.0'} - peerDependencies: - react: ^16.8.0 || ^17 || ^18 || ^19 - - react@18.3.1: - resolution: {integrity: sha512-wS+hAgJShR0KhEvPJArfuPVN1+Hz1t0Y6n5jLrGQbkb4urgPE/0Rve+1kMB1v/oWgHgm4WIcV+i7F2pTVj+2iQ==} - engines: {node: '>=0.10.0'} - - readable-stream@3.6.2: - resolution: {integrity: sha512-9u/sniCrY3D5WdsERHzHE4G2YCXqoG5FTHUiCC4SIbr6XcLZBY05ya9EKjYek9O5xOAwjGq+1JdGBAS7Q9ScoA==} - engines: {node: '>= 6'} - - redis-errors@1.2.0: - resolution: {integrity: sha512-1qny3OExCf0UvUV/5wpYKf2YwPcOqXzkwKKSmKHiE6ZMQs5heeE/c8eXK+PNllPvmjgAbfnsbpkGZWy8cBpn9w==} - engines: {node: '>=4'} - - redis-parser@3.0.0: - resolution: {integrity: sha512-DJnGAeenTdpMEH6uAJRK/uiyEIH9WVsUmoLwzudwGJUwZPp80PDBWPHXSAGNPwNvIXAbe7MSUB1zQFugFml66A==} - engines: {node: '>=4'} - - request-compose@2.1.6: - resolution: {integrity: sha512-S07L+2VbJB32WddD/o/PnYGKym63zLVbymygVWXvt8L79VAngcjAxhHaGuFOICLxEV90EasEPzqPKKHPspXP8w==} - engines: {node: '>=12.0.0'} - - request-oauth@1.0.1: - resolution: {integrity: sha512-85THTg1RgOYtqQw42JON6AqvHLptlj1biw265Tsq4fD4cPdUvhDB2Qh9NTv17yCD322ROuO9aOmpc4GyayGVBA==} - engines: {node: '>=8.0.0'} - - requires-port@1.0.0: - resolution: {integrity: sha512-KigOCHcocU3XODJxsu8i/j8T9tzT4adHiecwORRQ0ZZFcp7ahwXuRU1m+yuO90C5ZUyGeGfocHDI14M3L3yDAQ==} - - resolve-alpn@1.2.1: - resolution: {integrity: sha512-0a1F4l73/ZFZOakJnQ3FvkJ2+gSTQWz/r2KE5OdDY0TxPm5h4GkqkWWfM47T7HsbnOtcJVEF4epCVy6u7Q3K+g==} - - responselike@3.0.0: - resolution: {integrity: sha512-40yHxbNcl2+rzXvZuVkrYohathsSJlMTXKryG5y8uciHv1+xDLHQpgjG64JUO9nrEq2jGLH6IZ8BcZyw3wrweg==} - engines: {node: '>=14.16'} - - retry@0.12.0: - resolution: {integrity: sha512-9LkiTwjUh6rT555DtE9rTX+BKByPfrMzEAtnlEtdEwr3Nkffwiihqe2bWADg+OQRjt9gl6ICdmB/ZFDCGAtSow==} - engines: {node: '>= 4'} - - retry@0.13.1: - resolution: {integrity: sha512-XQBQ3I8W1Cge0Seh+6gjj03LbmRFWuoszgK9ooCpwYIrhhoO80pfq4cUkU5DkknwfOfFteRwlZ56PYOGYyFWdg==} - engines: {node: '>= 4'} - - safe-buffer@5.1.2: - resolution: {integrity: sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==} - - safe-buffer@5.2.1: - resolution: {integrity: sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ==} - - safer-buffer@2.1.2: - resolution: {integrity: sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==} - - semver@7.6.3: - resolution: {integrity: sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==} - engines: {node: '>=10'} - hasBin: true - - send@0.18.0: - resolution: {integrity: sha512-qqWzuOjSFOuqPjFe4NOsMLafToQQwBSOEpS+FwEt3A2V3vKubTquT3vmLTQpFgMXp8AlFWFuP1qKaJZOtPpVXg==} - engines: {node: '>= 0.8.0'} - - serialize-error@11.0.3: - resolution: {integrity: sha512-2G2y++21dhj2R7iHAdd0FIzjGwuKZld+7Pl/bTU6YIkrC2ZMbVUjm+luj6A6V34Rv9XfKJDKpTWu9W4Gse1D9g==} - engines: {node: '>=14.16'} - - serialize-javascript@6.0.2: - resolution: {integrity: sha512-Saa1xPByTTq2gdeFZYLLo+RFE35NHZkAbqZeWNd3BpzppeVisAqpDjcp8dyf6uIvEqJRd46jemmyA4iFIeVk8g==} - - serve-static@1.15.0: - resolution: {integrity: sha512-XGuRDNjXUijsUL0vl6nSD7cwURuzEgglbOaFuZM9g3kwDXOWVTck0jLzjPzGD+TazWbboZYu52/9/XPdUgne9g==} - engines: {node: '>= 0.8.0'} - - set-function-length@1.2.2: - resolution: {integrity: sha512-pgRc4hJ4/sNjWCSS9AmnS40x3bNMDTknHgL5UaMBTMyJnU90EgWh1Rz+MC9eFu4BuN/UwZjKQuY/1v3rM7HMfg==} - engines: {node: '>= 0.4'} - - setprototypeof@1.2.0: - resolution: {integrity: sha512-E5LDX7Wrp85Kil5bhZv46j8jOeboKq5JMmYM3gVGdGH8xFpPWXUMsNrlODCrkoxMEeNi/XZIwuRvY4XNwYMJpw==} - - side-channel@1.0.6: - resolution: {integrity: sha512-fDW/EZ6Q9RiO8eFG8Hj+7u/oW+XrPTIChwCOM2+th2A6OblDtYYIpve9m+KvI9Z4C9qSEXlaGR6bTEYHReuglA==} - engines: {node: '>= 0.4'} - - signal-exit@3.0.7: - resolution: {integrity: sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==} - - sorted-array-functions@1.3.0: - resolution: {integrity: sha512-2sqgzeFlid6N4Z2fUQ1cvFmTOLRi/sEDzSQ0OKYchqgoPmQBVyM3959qYx3fpS6Esef80KjmpgPeEr028dP3OA==} - - standard-as-callback@2.1.0: - resolution: {integrity: sha512-qoRRSyROncaz1z0mvYqIE4lCd9p2R90i6GxW3uZv5ucSu8tU7B5HXUP1gG8pVZsYNVaXjk8ClXHPttLyxAL48A==} - - statuses@2.0.1: - resolution: {integrity: sha512-RwNA9Z/7PrK06rYLIzFMlaF+l73iwpzsqRIFgbMLbTcLD6cOao82TaWefPXQvB2fOC4AjuYSEndS7N/mTCbkdQ==} - engines: {node: '>= 0.8'} - - stream-browserify@3.0.0: - resolution: {integrity: sha512-H73RAHsVBapbim0tU2JwwOiXUj+fikfiaoYAKHF3VJfA0pe2BCzkhAHBlLG6REzE+2WNZcxOXjK7lkso+9euLA==} - - string_decoder@1.3.0: - resolution: {integrity: sha512-hkRX8U1WjJFd8LsDJ2yQ/wWWxaopEsABU1XfkM8A+j0+85JAGppt16cr1Whg6KIbb4okU6Mql6BOj+uup/wKeA==} - - strnum@1.0.5: - resolution: {integrity: sha512-J8bbNyKKXl5qYcR36TIO8W3mVGVHrmmxsd5PAItGkmyzwJvybiw2IVq5nqd0i4LSNSkB/sx9VHllbfFdr9k1JA==} - - supports-color@8.1.1: - resolution: {integrity: sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==} - engines: {node: '>=10'} - - tdigest@0.1.2: - resolution: {integrity: sha512-+G0LLgjjo9BZX2MfdvPfH+MKLCrxlXSYec5DaPYP1fe6Iyhf0/fSmJ0bFiZ1F8BT6cGXl2LpltQptzjXKWEkKA==} - - toidentifier@1.0.1: - resolution: {integrity: sha512-o5sSPKEkg/DIQNmH43V0/uerLrpzVedkUh8tGNvaeXpfpuwjKenlSox/2O/BTlZUtEe+JG7s5YhEz608PlAHRA==} - engines: {node: '>=0.6'} - - tslib@2.7.0: - resolution: {integrity: sha512-gLXCKdN1/j47AiHiOkJN69hJmcbGTHI0ImLmbYLHykhgeN0jVGola9yVjFgzCUklsZQMW55o+dW7IXv3RCXDzA==} - - tus-js-client@4.1.0: - resolution: {integrity: sha512-e/nC/kJahvNYBcnwcqzuhFIvVELMMpbVXIoOOKdUn74SdQCvJd2JjqV2jZLv2EFOVbV4qLiO0lV7BxBXF21b6Q==} - engines: {node: '>=18'} - - type-fest@2.19.0: - resolution: {integrity: sha512-RAH822pAdBgcNMAfWnCBU3CFZcfZ/i1eZjwFU/dsLKumyuuP3niueg2UAukXYF0E2AAoc82ZSSf9J0WQBinzHA==} - engines: {node: '>=12.20'} - - type-is@1.6.18: - resolution: {integrity: sha512-TkRKr9sUTxEH8MdfuCSP7VizJyzRNMjj2J2do2Jr3Kym598JVdEksuzPQCnlFPW4ky9Q+iA+ma9BGm06XQBy8g==} - engines: {node: '>= 0.6'} - - uid-safe@2.1.5: - resolution: {integrity: sha512-KPHm4VL5dDXKz01UuEd88Df+KzynaohSL9fBh096KWAxSKZQDI2uBrVqtvRM4rwrIrRRKsdLNML/lnaaVSRioA==} - engines: {node: '>= 0.8'} - - undici-types@6.19.8: - resolution: {integrity: sha512-ve2KP6f/JnbPBFyobGHuerC9g1FYGn/F8n1LWTwNxCEzd6IfqTwUQcNXgEtmmQ6DlRrC1hrSrBnCZPokRrDHjw==} - - unpipe@1.0.0: - resolution: {integrity: sha512-pjy2bYhSsufwWlKwPc+l3cN7+wuJlK6uz0YdJEOlQDbl6jo/YlPi4mb8agUkVC8BF7V8NuzeyPNqRksA3hztKQ==} - engines: {node: '>= 0.8'} - - url-parse@1.5.10: - resolution: {integrity: sha512-WypcfiRhfeUP9vvF0j6rw0J3hrWrw6iZv3+22h6iRMJ/8z1Tj6XfLP4DsUix5MhMPnXpiHDoKyoZ/bdCkwBCiQ==} - - url-value-parser@2.2.0: - resolution: {integrity: sha512-yIQdxJpgkPamPPAPuGdS7Q548rLhny42tg8d4vyTNzFqvOnwqrgHXvgehT09U7fwrzxi3RxCiXjoNUNnNOlQ8A==} - engines: {node: '>=6.0.0'} - - util-deprecate@1.0.2: - resolution: {integrity: sha512-EPD5q1uXyFxJpCrLnCc1nHnq3gOa6DZBocAIiI2TaSCA7VCJ1UJDMagCzIkXNsUYfD1daK//LTEQ8xiIbrHtcw==} - - utils-merge@1.0.1: - resolution: {integrity: sha512-pMZTvIkT1d+TFGvDOqodOclx0QWkkgi6Tdoa8gC8ffGAAqz9pzPTZWAybbsHHoED/ztMtkv/VoYTYyShUn81hA==} - engines: {node: '>= 0.4.0'} - - uuid@8.3.2: - resolution: {integrity: sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==} - hasBin: true - - uuid@9.0.1: - resolution: {integrity: sha512-b+1eJOlsR9K8HJpow9Ok3fiWOWSIcIzXodvv0rQjVoOVNpWMpxf1wZNpt4y9h10odCNrqnYp1OBzRktckBe3sA==} - hasBin: true - - validator@13.12.0: - resolution: {integrity: sha512-c1Q0mCiPlgdTVVVIJIrBuxNicYE+t/7oKeI9MWLj3fh/uq2Pxh/3eeWbVZ4OcGW1TUf53At0njHw5SMdA3tmMg==} - engines: {node: '>= 0.10'} - - vary@1.1.2: - resolution: {integrity: sha512-BNGbWLfd0eUPabhkXUVm0j8uuvREyTh5ovRa/dyow/BqAbZJyC+5fU+IzQOzmAKzYqYRAISoRhdQr3eIZ/PXqg==} - engines: {node: '>= 0.8'} - - wildcard@1.1.2: - resolution: {integrity: sha512-DXukZJxpHA8LuotRwL0pP1+rS6CS7FF2qStDDE1C7DDg2rLud2PXRMuEDYIPhgEezwnlHNL4c+N6MfMTjCGTng==} - - ws@8.17.1: - resolution: {integrity: sha512-6XQFvXTkbfUOZOKKILFG1PDK2NDQs4azKQl26T0YS5CxqWLgXajbPZ+h4gZekJyRqFU8pvnbAbbs/3TgRPy+GQ==} - engines: {node: '>=10.0.0'} - peerDependencies: - bufferutil: ^4.0.1 - utf-8-validate: '>=5.0.2' - peerDependenciesMeta: - bufferutil: - optional: true - utf-8-validate: - optional: true - - yallist@2.1.2: - resolution: {integrity: sha512-ncTzHV7NvsQZkYe1DW7cbDLm0YpzHmZF5r/iyP3ZnQtMiJ+pjzisCiMNI+Sj+xQF5pXhSHxSB3uDbsBTzY/c2A==} - -snapshots: - - '@aws-crypto/crc32@5.2.0': - dependencies: - '@aws-crypto/util': 5.2.0 - '@aws-sdk/types': 3.609.0 - tslib: 2.7.0 - - '@aws-crypto/crc32c@5.2.0': - dependencies: - '@aws-crypto/util': 5.2.0 - '@aws-sdk/types': 3.609.0 - tslib: 2.7.0 - - '@aws-crypto/sha1-browser@5.2.0': - dependencies: - '@aws-crypto/supports-web-crypto': 5.2.0 - '@aws-crypto/util': 5.2.0 - '@aws-sdk/types': 3.609.0 - '@aws-sdk/util-locate-window': 3.568.0 - '@smithy/util-utf8': 2.3.0 - tslib: 2.7.0 - - '@aws-crypto/sha256-browser@5.2.0': - dependencies: - '@aws-crypto/sha256-js': 5.2.0 - '@aws-crypto/supports-web-crypto': 5.2.0 - '@aws-crypto/util': 5.2.0 - '@aws-sdk/types': 3.609.0 - '@aws-sdk/util-locate-window': 3.568.0 - '@smithy/util-utf8': 2.3.0 - tslib: 2.7.0 - - '@aws-crypto/sha256-js@5.2.0': - dependencies: - '@aws-crypto/util': 5.2.0 - '@aws-sdk/types': 3.609.0 - tslib: 2.7.0 - - '@aws-crypto/supports-web-crypto@5.2.0': - dependencies: - tslib: 2.7.0 - - '@aws-crypto/util@5.2.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/util-utf8': 2.3.0 - tslib: 2.7.0 - - '@aws-sdk/client-s3@3.637.0': - dependencies: - '@aws-crypto/sha1-browser': 5.2.0 - '@aws-crypto/sha256-browser': 5.2.0 - '@aws-crypto/sha256-js': 5.2.0 - '@aws-sdk/client-sso-oidc': 3.637.0(@aws-sdk/client-sts@3.637.0) - '@aws-sdk/client-sts': 3.637.0 - '@aws-sdk/core': 3.635.0 - '@aws-sdk/credential-provider-node': 3.637.0(@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0))(@aws-sdk/client-sts@3.637.0) - '@aws-sdk/middleware-bucket-endpoint': 3.620.0 - '@aws-sdk/middleware-expect-continue': 3.620.0 - '@aws-sdk/middleware-flexible-checksums': 3.620.0 - '@aws-sdk/middleware-host-header': 3.620.0 - '@aws-sdk/middleware-location-constraint': 3.609.0 - '@aws-sdk/middleware-logger': 3.609.0 - '@aws-sdk/middleware-recursion-detection': 3.620.0 - '@aws-sdk/middleware-sdk-s3': 3.635.0 - '@aws-sdk/middleware-ssec': 3.609.0 - '@aws-sdk/middleware-user-agent': 3.637.0 - '@aws-sdk/region-config-resolver': 3.614.0 - '@aws-sdk/signature-v4-multi-region': 3.635.0 - '@aws-sdk/types': 3.609.0 - '@aws-sdk/util-endpoints': 3.637.0 - '@aws-sdk/util-user-agent-browser': 3.609.0 - '@aws-sdk/util-user-agent-node': 3.614.0 - '@aws-sdk/xml-builder': 3.609.0 - '@smithy/config-resolver': 3.0.5 - '@smithy/core': 2.4.0 - '@smithy/eventstream-serde-browser': 3.0.6 - '@smithy/eventstream-serde-config-resolver': 3.0.3 - '@smithy/eventstream-serde-node': 3.0.5 - '@smithy/fetch-http-handler': 3.2.4 - '@smithy/hash-blob-browser': 3.1.2 - '@smithy/hash-node': 3.0.3 - '@smithy/hash-stream-node': 3.1.2 - '@smithy/invalid-dependency': 3.0.3 - '@smithy/md5-js': 3.0.3 - '@smithy/middleware-content-length': 3.0.5 - '@smithy/middleware-endpoint': 3.1.0 - '@smithy/middleware-retry': 3.0.15 - '@smithy/middleware-serde': 3.0.3 - '@smithy/middleware-stack': 3.0.3 - '@smithy/node-config-provider': 3.1.4 - '@smithy/node-http-handler': 3.1.4 - '@smithy/protocol-http': 4.1.0 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - '@smithy/url-parser': 3.0.3 - '@smithy/util-base64': 3.0.0 - '@smithy/util-body-length-browser': 3.0.0 - '@smithy/util-body-length-node': 3.0.0 - '@smithy/util-defaults-mode-browser': 3.0.15 - '@smithy/util-defaults-mode-node': 3.0.15 - '@smithy/util-endpoints': 2.0.5 - '@smithy/util-middleware': 3.0.3 - '@smithy/util-retry': 3.0.3 - '@smithy/util-stream': 3.1.3 - '@smithy/util-utf8': 3.0.0 - '@smithy/util-waiter': 3.1.2 - tslib: 2.7.0 - transitivePeerDependencies: - - aws-crt - - '@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0)': - dependencies: - '@aws-crypto/sha256-browser': 5.2.0 - '@aws-crypto/sha256-js': 5.2.0 - '@aws-sdk/client-sts': 3.637.0 - '@aws-sdk/core': 3.635.0 - '@aws-sdk/credential-provider-node': 3.637.0(@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0))(@aws-sdk/client-sts@3.637.0) - '@aws-sdk/middleware-host-header': 3.620.0 - '@aws-sdk/middleware-logger': 3.609.0 - '@aws-sdk/middleware-recursion-detection': 3.620.0 - '@aws-sdk/middleware-user-agent': 3.637.0 - '@aws-sdk/region-config-resolver': 3.614.0 - '@aws-sdk/types': 3.609.0 - '@aws-sdk/util-endpoints': 3.637.0 - '@aws-sdk/util-user-agent-browser': 3.609.0 - '@aws-sdk/util-user-agent-node': 3.614.0 - '@smithy/config-resolver': 3.0.5 - '@smithy/core': 2.4.0 - '@smithy/fetch-http-handler': 3.2.4 - '@smithy/hash-node': 3.0.3 - '@smithy/invalid-dependency': 3.0.3 - '@smithy/middleware-content-length': 3.0.5 - '@smithy/middleware-endpoint': 3.1.0 - '@smithy/middleware-retry': 3.0.15 - '@smithy/middleware-serde': 3.0.3 - '@smithy/middleware-stack': 3.0.3 - '@smithy/node-config-provider': 3.1.4 - '@smithy/node-http-handler': 3.1.4 - '@smithy/protocol-http': 4.1.0 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - '@smithy/url-parser': 3.0.3 - '@smithy/util-base64': 3.0.0 - '@smithy/util-body-length-browser': 3.0.0 - '@smithy/util-body-length-node': 3.0.0 - '@smithy/util-defaults-mode-browser': 3.0.15 - '@smithy/util-defaults-mode-node': 3.0.15 - '@smithy/util-endpoints': 2.0.5 - '@smithy/util-middleware': 3.0.3 - '@smithy/util-retry': 3.0.3 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - transitivePeerDependencies: - - aws-crt - - '@aws-sdk/client-sso@3.637.0': - dependencies: - '@aws-crypto/sha256-browser': 5.2.0 - '@aws-crypto/sha256-js': 5.2.0 - '@aws-sdk/core': 3.635.0 - '@aws-sdk/middleware-host-header': 3.620.0 - '@aws-sdk/middleware-logger': 3.609.0 - '@aws-sdk/middleware-recursion-detection': 3.620.0 - '@aws-sdk/middleware-user-agent': 3.637.0 - '@aws-sdk/region-config-resolver': 3.614.0 - '@aws-sdk/types': 3.609.0 - '@aws-sdk/util-endpoints': 3.637.0 - '@aws-sdk/util-user-agent-browser': 3.609.0 - '@aws-sdk/util-user-agent-node': 3.614.0 - '@smithy/config-resolver': 3.0.5 - '@smithy/core': 2.4.0 - '@smithy/fetch-http-handler': 3.2.4 - '@smithy/hash-node': 3.0.3 - '@smithy/invalid-dependency': 3.0.3 - '@smithy/middleware-content-length': 3.0.5 - '@smithy/middleware-endpoint': 3.1.0 - '@smithy/middleware-retry': 3.0.15 - '@smithy/middleware-serde': 3.0.3 - '@smithy/middleware-stack': 3.0.3 - '@smithy/node-config-provider': 3.1.4 - '@smithy/node-http-handler': 3.1.4 - '@smithy/protocol-http': 4.1.0 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - '@smithy/url-parser': 3.0.3 - '@smithy/util-base64': 3.0.0 - '@smithy/util-body-length-browser': 3.0.0 - '@smithy/util-body-length-node': 3.0.0 - '@smithy/util-defaults-mode-browser': 3.0.15 - '@smithy/util-defaults-mode-node': 3.0.15 - '@smithy/util-endpoints': 2.0.5 - '@smithy/util-middleware': 3.0.3 - '@smithy/util-retry': 3.0.3 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - transitivePeerDependencies: - - aws-crt - - '@aws-sdk/client-sts@3.637.0': - dependencies: - '@aws-crypto/sha256-browser': 5.2.0 - '@aws-crypto/sha256-js': 5.2.0 - '@aws-sdk/client-sso-oidc': 3.637.0(@aws-sdk/client-sts@3.637.0) - '@aws-sdk/core': 3.635.0 - '@aws-sdk/credential-provider-node': 3.637.0(@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0))(@aws-sdk/client-sts@3.637.0) - '@aws-sdk/middleware-host-header': 3.620.0 - '@aws-sdk/middleware-logger': 3.609.0 - '@aws-sdk/middleware-recursion-detection': 3.620.0 - '@aws-sdk/middleware-user-agent': 3.637.0 - '@aws-sdk/region-config-resolver': 3.614.0 - '@aws-sdk/types': 3.609.0 - '@aws-sdk/util-endpoints': 3.637.0 - '@aws-sdk/util-user-agent-browser': 3.609.0 - '@aws-sdk/util-user-agent-node': 3.614.0 - '@smithy/config-resolver': 3.0.5 - '@smithy/core': 2.4.0 - '@smithy/fetch-http-handler': 3.2.4 - '@smithy/hash-node': 3.0.3 - '@smithy/invalid-dependency': 3.0.3 - '@smithy/middleware-content-length': 3.0.5 - '@smithy/middleware-endpoint': 3.1.0 - '@smithy/middleware-retry': 3.0.15 - '@smithy/middleware-serde': 3.0.3 - '@smithy/middleware-stack': 3.0.3 - '@smithy/node-config-provider': 3.1.4 - '@smithy/node-http-handler': 3.1.4 - '@smithy/protocol-http': 4.1.0 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - '@smithy/url-parser': 3.0.3 - '@smithy/util-base64': 3.0.0 - '@smithy/util-body-length-browser': 3.0.0 - '@smithy/util-body-length-node': 3.0.0 - '@smithy/util-defaults-mode-browser': 3.0.15 - '@smithy/util-defaults-mode-node': 3.0.15 - '@smithy/util-endpoints': 2.0.5 - '@smithy/util-middleware': 3.0.3 - '@smithy/util-retry': 3.0.3 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - transitivePeerDependencies: - - aws-crt - - '@aws-sdk/core@3.635.0': - dependencies: - '@smithy/core': 2.4.0 - '@smithy/node-config-provider': 3.1.4 - '@smithy/property-provider': 3.1.3 - '@smithy/protocol-http': 4.1.0 - '@smithy/signature-v4': 4.1.0 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - '@smithy/util-middleware': 3.0.3 - fast-xml-parser: 4.4.1 - tslib: 2.7.0 - - '@aws-sdk/credential-provider-env@3.620.1': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/property-provider': 3.1.3 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/credential-provider-http@3.635.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/fetch-http-handler': 3.2.4 - '@smithy/node-http-handler': 3.1.4 - '@smithy/property-provider': 3.1.3 - '@smithy/protocol-http': 4.1.0 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - '@smithy/util-stream': 3.1.3 - tslib: 2.7.0 - - '@aws-sdk/credential-provider-ini@3.637.0(@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0))(@aws-sdk/client-sts@3.637.0)': - dependencies: - '@aws-sdk/client-sts': 3.637.0 - '@aws-sdk/credential-provider-env': 3.620.1 - '@aws-sdk/credential-provider-http': 3.635.0 - '@aws-sdk/credential-provider-process': 3.620.1 - '@aws-sdk/credential-provider-sso': 3.637.0(@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0)) - '@aws-sdk/credential-provider-web-identity': 3.621.0(@aws-sdk/client-sts@3.637.0) - '@aws-sdk/types': 3.609.0 - '@smithy/credential-provider-imds': 3.2.0 - '@smithy/property-provider': 3.1.3 - '@smithy/shared-ini-file-loader': 3.1.4 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - transitivePeerDependencies: - - '@aws-sdk/client-sso-oidc' - - aws-crt - - '@aws-sdk/credential-provider-node@3.637.0(@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0))(@aws-sdk/client-sts@3.637.0)': - dependencies: - '@aws-sdk/credential-provider-env': 3.620.1 - '@aws-sdk/credential-provider-http': 3.635.0 - '@aws-sdk/credential-provider-ini': 3.637.0(@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0))(@aws-sdk/client-sts@3.637.0) - '@aws-sdk/credential-provider-process': 3.620.1 - '@aws-sdk/credential-provider-sso': 3.637.0(@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0)) - '@aws-sdk/credential-provider-web-identity': 3.621.0(@aws-sdk/client-sts@3.637.0) - '@aws-sdk/types': 3.609.0 - '@smithy/credential-provider-imds': 3.2.0 - '@smithy/property-provider': 3.1.3 - '@smithy/shared-ini-file-loader': 3.1.4 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - transitivePeerDependencies: - - '@aws-sdk/client-sso-oidc' - - '@aws-sdk/client-sts' - - aws-crt - - '@aws-sdk/credential-provider-process@3.620.1': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/property-provider': 3.1.3 - '@smithy/shared-ini-file-loader': 3.1.4 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/credential-provider-sso@3.637.0(@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0))': - dependencies: - '@aws-sdk/client-sso': 3.637.0 - '@aws-sdk/token-providers': 3.614.0(@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0)) - '@aws-sdk/types': 3.609.0 - '@smithy/property-provider': 3.1.3 - '@smithy/shared-ini-file-loader': 3.1.4 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - transitivePeerDependencies: - - '@aws-sdk/client-sso-oidc' - - aws-crt - - '@aws-sdk/credential-provider-web-identity@3.621.0(@aws-sdk/client-sts@3.637.0)': - dependencies: - '@aws-sdk/client-sts': 3.637.0 - '@aws-sdk/types': 3.609.0 - '@smithy/property-provider': 3.1.3 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/lib-storage@3.637.0(@aws-sdk/client-s3@3.637.0)': - dependencies: - '@aws-sdk/client-s3': 3.637.0 - '@smithy/abort-controller': 3.1.1 - '@smithy/middleware-endpoint': 3.1.0 - '@smithy/smithy-client': 3.2.0 - buffer: 5.6.0 - events: 3.3.0 - stream-browserify: 3.0.0 - tslib: 2.7.0 - - '@aws-sdk/middleware-bucket-endpoint@3.620.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@aws-sdk/util-arn-parser': 3.568.0 - '@smithy/node-config-provider': 3.1.4 - '@smithy/protocol-http': 4.1.0 - '@smithy/types': 3.3.0 - '@smithy/util-config-provider': 3.0.0 - tslib: 2.7.0 - - '@aws-sdk/middleware-expect-continue@3.620.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/protocol-http': 4.1.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/middleware-flexible-checksums@3.620.0': - dependencies: - '@aws-crypto/crc32': 5.2.0 - '@aws-crypto/crc32c': 5.2.0 - '@aws-sdk/types': 3.609.0 - '@smithy/is-array-buffer': 3.0.0 - '@smithy/protocol-http': 4.1.0 - '@smithy/types': 3.3.0 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - - '@aws-sdk/middleware-host-header@3.620.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/protocol-http': 4.1.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/middleware-location-constraint@3.609.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/middleware-logger@3.609.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/middleware-recursion-detection@3.620.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/protocol-http': 4.1.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/middleware-sdk-s3@3.635.0': - dependencies: - '@aws-sdk/core': 3.635.0 - '@aws-sdk/types': 3.609.0 - '@aws-sdk/util-arn-parser': 3.568.0 - '@smithy/core': 2.4.0 - '@smithy/node-config-provider': 3.1.4 - '@smithy/protocol-http': 4.1.0 - '@smithy/signature-v4': 4.1.0 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - '@smithy/util-config-provider': 3.0.0 - '@smithy/util-middleware': 3.0.3 - '@smithy/util-stream': 3.1.3 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - - '@aws-sdk/middleware-ssec@3.609.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/middleware-user-agent@3.637.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@aws-sdk/util-endpoints': 3.637.0 - '@smithy/protocol-http': 4.1.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/region-config-resolver@3.614.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/node-config-provider': 3.1.4 - '@smithy/types': 3.3.0 - '@smithy/util-config-provider': 3.0.0 - '@smithy/util-middleware': 3.0.3 - tslib: 2.7.0 - - '@aws-sdk/s3-presigned-post@3.637.0': - dependencies: - '@aws-sdk/client-s3': 3.637.0 - '@aws-sdk/types': 3.609.0 - '@aws-sdk/util-format-url': 3.609.0 - '@smithy/middleware-endpoint': 3.1.0 - '@smithy/signature-v4': 4.1.0 - '@smithy/types': 3.3.0 - '@smithy/util-hex-encoding': 3.0.0 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - transitivePeerDependencies: - - aws-crt - - '@aws-sdk/s3-request-presigner@3.637.0': - dependencies: - '@aws-sdk/signature-v4-multi-region': 3.635.0 - '@aws-sdk/types': 3.609.0 - '@aws-sdk/util-format-url': 3.609.0 - '@smithy/middleware-endpoint': 3.1.0 - '@smithy/protocol-http': 4.1.0 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/signature-v4-multi-region@3.635.0': - dependencies: - '@aws-sdk/middleware-sdk-s3': 3.635.0 - '@aws-sdk/types': 3.609.0 - '@smithy/protocol-http': 4.1.0 - '@smithy/signature-v4': 4.1.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/token-providers@3.614.0(@aws-sdk/client-sso-oidc@3.637.0(@aws-sdk/client-sts@3.637.0))': - dependencies: - '@aws-sdk/client-sso-oidc': 3.637.0(@aws-sdk/client-sts@3.637.0) - '@aws-sdk/types': 3.609.0 - '@smithy/property-provider': 3.1.3 - '@smithy/shared-ini-file-loader': 3.1.4 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/types@3.609.0': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/util-arn-parser@3.568.0': - dependencies: - tslib: 2.7.0 - - '@aws-sdk/util-endpoints@3.637.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/types': 3.3.0 - '@smithy/util-endpoints': 2.0.5 - tslib: 2.7.0 - - '@aws-sdk/util-format-url@3.609.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/querystring-builder': 3.0.3 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/util-locate-window@3.568.0': - dependencies: - tslib: 2.7.0 - - '@aws-sdk/util-user-agent-browser@3.609.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/types': 3.3.0 - bowser: 2.11.0 - tslib: 2.7.0 - - '@aws-sdk/util-user-agent-node@3.614.0': - dependencies: - '@aws-sdk/types': 3.609.0 - '@smithy/node-config-provider': 3.1.4 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@aws-sdk/xml-builder@3.609.0': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@ioredis/commands@1.2.0': {} - - '@opentelemetry/api@1.9.0': {} - - '@sindresorhus/is@5.6.0': {} - - '@smithy/abort-controller@3.1.1': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/chunked-blob-reader-native@3.0.0': - dependencies: - '@smithy/util-base64': 3.0.0 - tslib: 2.7.0 - - '@smithy/chunked-blob-reader@3.0.0': - dependencies: - tslib: 2.7.0 - - '@smithy/config-resolver@3.0.5': - dependencies: - '@smithy/node-config-provider': 3.1.4 - '@smithy/types': 3.3.0 - '@smithy/util-config-provider': 3.0.0 - '@smithy/util-middleware': 3.0.3 - tslib: 2.7.0 - - '@smithy/core@2.4.0': - dependencies: - '@smithy/middleware-endpoint': 3.1.0 - '@smithy/middleware-retry': 3.0.15 - '@smithy/middleware-serde': 3.0.3 - '@smithy/protocol-http': 4.1.0 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - '@smithy/util-body-length-browser': 3.0.0 - '@smithy/util-middleware': 3.0.3 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - - '@smithy/credential-provider-imds@3.2.0': - dependencies: - '@smithy/node-config-provider': 3.1.4 - '@smithy/property-provider': 3.1.3 - '@smithy/types': 3.3.0 - '@smithy/url-parser': 3.0.3 - tslib: 2.7.0 - - '@smithy/eventstream-codec@3.1.2': - dependencies: - '@aws-crypto/crc32': 5.2.0 - '@smithy/types': 3.3.0 - '@smithy/util-hex-encoding': 3.0.0 - tslib: 2.7.0 - - '@smithy/eventstream-serde-browser@3.0.6': - dependencies: - '@smithy/eventstream-serde-universal': 3.0.5 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/eventstream-serde-config-resolver@3.0.3': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/eventstream-serde-node@3.0.5': - dependencies: - '@smithy/eventstream-serde-universal': 3.0.5 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/eventstream-serde-universal@3.0.5': - dependencies: - '@smithy/eventstream-codec': 3.1.2 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/fetch-http-handler@3.2.4': - dependencies: - '@smithy/protocol-http': 4.1.0 - '@smithy/querystring-builder': 3.0.3 - '@smithy/types': 3.3.0 - '@smithy/util-base64': 3.0.0 - tslib: 2.7.0 - - '@smithy/hash-blob-browser@3.1.2': - dependencies: - '@smithy/chunked-blob-reader': 3.0.0 - '@smithy/chunked-blob-reader-native': 3.0.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/hash-node@3.0.3': - dependencies: - '@smithy/types': 3.3.0 - '@smithy/util-buffer-from': 3.0.0 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - - '@smithy/hash-stream-node@3.1.2': - dependencies: - '@smithy/types': 3.3.0 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - - '@smithy/invalid-dependency@3.0.3': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/is-array-buffer@2.2.0': - dependencies: - tslib: 2.7.0 - - '@smithy/is-array-buffer@3.0.0': - dependencies: - tslib: 2.7.0 - - '@smithy/md5-js@3.0.3': - dependencies: - '@smithy/types': 3.3.0 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - - '@smithy/middleware-content-length@3.0.5': - dependencies: - '@smithy/protocol-http': 4.1.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/middleware-endpoint@3.1.0': - dependencies: - '@smithy/middleware-serde': 3.0.3 - '@smithy/node-config-provider': 3.1.4 - '@smithy/shared-ini-file-loader': 3.1.4 - '@smithy/types': 3.3.0 - '@smithy/url-parser': 3.0.3 - '@smithy/util-middleware': 3.0.3 - tslib: 2.7.0 - - '@smithy/middleware-retry@3.0.15': - dependencies: - '@smithy/node-config-provider': 3.1.4 - '@smithy/protocol-http': 4.1.0 - '@smithy/service-error-classification': 3.0.3 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - '@smithy/util-middleware': 3.0.3 - '@smithy/util-retry': 3.0.3 - tslib: 2.7.0 - uuid: 9.0.1 - - '@smithy/middleware-serde@3.0.3': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/middleware-stack@3.0.3': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/node-config-provider@3.1.4': - dependencies: - '@smithy/property-provider': 3.1.3 - '@smithy/shared-ini-file-loader': 3.1.4 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/node-http-handler@3.1.4': - dependencies: - '@smithy/abort-controller': 3.1.1 - '@smithy/protocol-http': 4.1.0 - '@smithy/querystring-builder': 3.0.3 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/property-provider@3.1.3': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/protocol-http@4.1.0': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/querystring-builder@3.0.3': - dependencies: - '@smithy/types': 3.3.0 - '@smithy/util-uri-escape': 3.0.0 - tslib: 2.7.0 - - '@smithy/querystring-parser@3.0.3': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/service-error-classification@3.0.3': - dependencies: - '@smithy/types': 3.3.0 - - '@smithy/shared-ini-file-loader@3.1.4': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/signature-v4@4.1.0': - dependencies: - '@smithy/is-array-buffer': 3.0.0 - '@smithy/protocol-http': 4.1.0 - '@smithy/types': 3.3.0 - '@smithy/util-hex-encoding': 3.0.0 - '@smithy/util-middleware': 3.0.3 - '@smithy/util-uri-escape': 3.0.0 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - - '@smithy/smithy-client@3.2.0': - dependencies: - '@smithy/middleware-endpoint': 3.1.0 - '@smithy/middleware-stack': 3.0.3 - '@smithy/protocol-http': 4.1.0 - '@smithy/types': 3.3.0 - '@smithy/util-stream': 3.1.3 - tslib: 2.7.0 - - '@smithy/types@3.3.0': - dependencies: - tslib: 2.7.0 - - '@smithy/url-parser@3.0.3': - dependencies: - '@smithy/querystring-parser': 3.0.3 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/util-base64@3.0.0': - dependencies: - '@smithy/util-buffer-from': 3.0.0 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - - '@smithy/util-body-length-browser@3.0.0': - dependencies: - tslib: 2.7.0 - - '@smithy/util-body-length-node@3.0.0': - dependencies: - tslib: 2.7.0 - - '@smithy/util-buffer-from@2.2.0': - dependencies: - '@smithy/is-array-buffer': 2.2.0 - tslib: 2.7.0 - - '@smithy/util-buffer-from@3.0.0': - dependencies: - '@smithy/is-array-buffer': 3.0.0 - tslib: 2.7.0 - - '@smithy/util-config-provider@3.0.0': - dependencies: - tslib: 2.7.0 - - '@smithy/util-defaults-mode-browser@3.0.15': - dependencies: - '@smithy/property-provider': 3.1.3 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - bowser: 2.11.0 - tslib: 2.7.0 - - '@smithy/util-defaults-mode-node@3.0.15': - dependencies: - '@smithy/config-resolver': 3.0.5 - '@smithy/credential-provider-imds': 3.2.0 - '@smithy/node-config-provider': 3.1.4 - '@smithy/property-provider': 3.1.3 - '@smithy/smithy-client': 3.2.0 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/util-endpoints@2.0.5': - dependencies: - '@smithy/node-config-provider': 3.1.4 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/util-hex-encoding@3.0.0': - dependencies: - tslib: 2.7.0 - - '@smithy/util-middleware@3.0.3': - dependencies: - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/util-retry@3.0.3': - dependencies: - '@smithy/service-error-classification': 3.0.3 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@smithy/util-stream@3.1.3': - dependencies: - '@smithy/fetch-http-handler': 3.2.4 - '@smithy/node-http-handler': 3.1.4 - '@smithy/types': 3.3.0 - '@smithy/util-base64': 3.0.0 - '@smithy/util-buffer-from': 3.0.0 - '@smithy/util-hex-encoding': 3.0.0 - '@smithy/util-utf8': 3.0.0 - tslib: 2.7.0 - - '@smithy/util-uri-escape@3.0.0': - dependencies: - tslib: 2.7.0 - - '@smithy/util-utf8@2.3.0': - dependencies: - '@smithy/util-buffer-from': 2.2.0 - tslib: 2.7.0 - - '@smithy/util-utf8@3.0.0': - dependencies: - '@smithy/util-buffer-from': 3.0.0 - tslib: 2.7.0 - - '@smithy/util-waiter@3.1.2': - dependencies: - '@smithy/abort-controller': 3.1.1 - '@smithy/types': 3.3.0 - tslib: 2.7.0 - - '@szmarczak/http-timer@5.0.1': - dependencies: - defer-to-connect: 2.0.1 - - '@transloadit/prettier-bytes@0.3.4': {} - - '@types/body-parser@1.19.5': - dependencies: - '@types/connect': 3.4.38 - '@types/node': 22.5.2 - - '@types/connect@3.4.38': - dependencies: - '@types/node': 22.5.2 - - '@types/express-serve-static-core@4.19.5': - dependencies: - '@types/node': 22.5.2 - '@types/qs': 6.9.15 - '@types/range-parser': 1.2.7 - '@types/send': 0.17.4 - - '@types/express@4.17.21': - dependencies: - '@types/body-parser': 1.19.5 - '@types/express-serve-static-core': 4.19.5 - '@types/qs': 6.9.15 - '@types/serve-static': 1.15.7 - - '@types/http-cache-semantics@4.0.4': {} - - '@types/http-errors@2.0.4': {} - - '@types/mime@1.3.5': {} - - '@types/node@22.5.2': - dependencies: - undici-types: 6.19.8 - - '@types/qs@6.9.15': {} - - '@types/range-parser@1.2.7': {} - - '@types/retry@0.12.2': {} - - '@types/send@0.17.4': - dependencies: - '@types/mime': 1.3.5 - '@types/node': 22.5.2 - - '@types/serve-static@1.15.7': - dependencies: - '@types/http-errors': 2.0.4 - '@types/node': 22.5.2 - '@types/send': 0.17.4 - - '@uppy/aws-s3-multipart@4.0.0(@uppy/core@4.2.0)': - dependencies: - '@uppy/aws-s3': 4.1.0(@uppy/core@4.2.0) - transitivePeerDependencies: - - '@uppy/core' - - '@uppy/aws-s3@4.1.0(@uppy/core@4.2.0)': - dependencies: - '@uppy/companion-client': 4.1.0(@uppy/core@4.2.0) - '@uppy/core': 4.2.0 - '@uppy/utils': 6.0.2 - - '@uppy/companion-client@4.1.0(@uppy/core@4.2.0)': - dependencies: - '@uppy/core': 4.2.0 - '@uppy/utils': 6.0.2 - namespace-emitter: 2.0.1 - p-retry: 6.2.0 - - '@uppy/companion@5.1.0': - dependencies: - '@aws-sdk/client-s3': 3.637.0 - '@aws-sdk/client-sts': 3.637.0 - '@aws-sdk/lib-storage': 3.637.0(@aws-sdk/client-s3@3.637.0) - '@aws-sdk/s3-presigned-post': 3.637.0 - '@aws-sdk/s3-request-presigner': 3.637.0 - body-parser: 1.20.2(supports-color@8.1.1) - common-tags: 1.8.2 - connect-redis: 7.1.1(express-session@1.18.0(supports-color@8.1.1)) - content-disposition: 0.5.4 - cookie-parser: 1.4.6 - cors: 2.8.5 - escape-goat: 3.0.0 - escape-string-regexp: 4.0.0 - express: 4.19.2(supports-color@8.1.1) - express-interceptor: 1.2.0(supports-color@8.1.1) - express-prom-bundle: 7.0.0(prom-client@15.1.2)(supports-color@8.1.1) - express-session: 1.18.0(supports-color@8.1.1) - fast-safe-stringify: 2.1.1 - got: 13.0.0 - grant: 5.4.22 - helmet: 7.1.0 - ioredis: 5.4.1(supports-color@8.1.1) - ipaddr.js: 2.2.0 - jsonwebtoken: 9.0.2 - lodash: 4.17.21 - mime-types: 2.1.35 - moment: 2.30.1 - moment-timezone: 0.5.45 - morgan: 1.10.0(supports-color@8.1.1) - ms: 2.1.3 - node-schedule: 2.1.1 - prom-client: 15.1.2 - serialize-error: 11.0.3 - serialize-javascript: 6.0.2 - supports-color: 8.1.1 - tus-js-client: 4.1.0 - validator: 13.12.0 - ws: 8.17.1 - transitivePeerDependencies: - - aws-crt - - bufferutil - - utf-8-validate - - '@uppy/core@4.2.0': - dependencies: - '@transloadit/prettier-bytes': 0.3.4 - '@uppy/store-default': 4.1.0 - '@uppy/utils': 6.0.2 - lodash: 4.17.21 - mime-match: 1.0.2 - namespace-emitter: 2.0.1 - nanoid: 5.0.7 - preact: 10.23.2 - - '@uppy/store-default@4.1.0': {} - - '@uppy/utils@6.0.2': - dependencies: - lodash: 4.17.21 - preact: 10.23.2 - - accepts@1.3.8: - dependencies: - mime-types: 2.1.35 - negotiator: 0.6.3 - - array-flatten@1.1.1: {} - - asn1.js@5.4.1: - dependencies: - bn.js: 4.12.0 - inherits: 2.0.4 - minimalistic-assert: 1.0.1 - safer-buffer: 2.1.2 - optional: true - - base64-js@1.5.1: {} - - basic-auth@2.0.1: - dependencies: - safe-buffer: 5.1.2 - - bintrees@1.0.2: {} - - bn.js@4.12.0: - optional: true - - body-parser@1.20.2(supports-color@8.1.1): - dependencies: - bytes: 3.1.2 - content-type: 1.0.5 - debug: 2.6.9(supports-color@8.1.1) - depd: 2.0.0 - destroy: 1.2.0 - http-errors: 2.0.0 - iconv-lite: 0.4.24 - on-finished: 2.4.1 - qs: 6.11.0 - raw-body: 2.5.2 - type-is: 1.6.18 - unpipe: 1.0.0 - transitivePeerDependencies: - - supports-color - - bowser@2.11.0: {} - - brorand@1.1.0: - optional: true - - buffer-equal-constant-time@1.0.1: {} - - buffer-from@1.1.2: {} - - buffer@5.6.0: - dependencies: - base64-js: 1.5.1 - ieee754: 1.2.1 - - bytes@3.1.2: {} - - cacheable-lookup@7.0.0: {} - - cacheable-request@10.2.14: - dependencies: - '@types/http-cache-semantics': 4.0.4 - get-stream: 6.0.1 - http-cache-semantics: 4.1.1 - keyv: 4.5.4 - mimic-response: 4.0.0 - normalize-url: 8.0.1 - responselike: 3.0.0 - - call-bind@1.0.7: - dependencies: - es-define-property: 1.0.0 - es-errors: 1.3.0 - function-bind: 1.1.2 - get-intrinsic: 1.2.4 - set-function-length: 1.2.2 - - cluster-key-slot@1.1.2: {} - - combine-errors@3.0.3: - dependencies: - custom-error-instance: 2.1.1 - lodash.uniqby: 4.5.0 - - common-tags@1.8.2: {} - - connect-redis@7.1.1(express-session@1.18.0(supports-color@8.1.1)): - dependencies: - express-session: 1.18.0(supports-color@8.1.1) - - content-disposition@0.5.4: - dependencies: - safe-buffer: 5.2.1 - - content-type@1.0.5: {} - - cookie-parser@1.4.6: - dependencies: - cookie: 0.4.1 - cookie-signature: 1.0.6 - - cookie-signature@1.0.6: {} - - cookie-signature@1.0.7: {} - - cookie-signature@1.2.1: - optional: true - - cookie@0.4.1: {} - - cookie@0.5.0: - optional: true - - cookie@0.6.0: {} - - cors@2.8.5: - dependencies: - object-assign: 4.1.1 - vary: 1.1.2 - - cron-parser@4.9.0: - dependencies: - luxon: 3.5.0 - - custom-error-instance@2.1.1: {} - - debug@2.6.9(supports-color@8.1.1): - dependencies: - ms: 2.0.0 - optionalDependencies: - supports-color: 8.1.1 - - debug@4.3.6(supports-color@8.1.1): - dependencies: - ms: 2.1.2 - optionalDependencies: - supports-color: 8.1.1 - - decompress-response@6.0.0: - dependencies: - mimic-response: 3.1.0 - - defer-to-connect@2.0.1: {} - - define-data-property@1.1.4: - dependencies: - es-define-property: 1.0.0 - es-errors: 1.3.0 - gopd: 1.0.1 - - denque@2.1.0: {} - - depd@2.0.0: {} - - destroy@1.2.0: {} - - dotenv@16.4.5: {} - - ecdsa-sig-formatter@1.0.11: - dependencies: - safe-buffer: 5.2.1 - - ee-first@1.1.1: {} - - elliptic@6.5.7: - dependencies: - bn.js: 4.12.0 - brorand: 1.1.0 - hash.js: 1.1.7 - hmac-drbg: 1.0.1 - inherits: 2.0.4 - minimalistic-assert: 1.0.1 - minimalistic-crypto-utils: 1.0.1 - optional: true - - encodeurl@1.0.2: {} - - es-define-property@1.0.0: - dependencies: - get-intrinsic: 1.2.4 - - es-errors@1.3.0: {} - - escape-goat@3.0.0: {} - - escape-html@1.0.3: {} - - escape-string-regexp@4.0.0: {} - - etag@1.8.1: {} - - events@3.3.0: {} - - express-interceptor@1.2.0(supports-color@8.1.1): - dependencies: - debug: 2.6.9(supports-color@8.1.1) - transitivePeerDependencies: - - supports-color - - express-prom-bundle@7.0.0(prom-client@15.1.2)(supports-color@8.1.1): - dependencies: - '@types/express': 4.17.21 - express: 4.19.2(supports-color@8.1.1) - on-finished: 2.4.1 - prom-client: 15.1.2 - url-value-parser: 2.2.0 - transitivePeerDependencies: - - supports-color - - express-session@1.18.0(supports-color@8.1.1): - dependencies: - cookie: 0.6.0 - cookie-signature: 1.0.7 - debug: 2.6.9(supports-color@8.1.1) - depd: 2.0.0 - on-headers: 1.0.2 - parseurl: 1.3.3 - safe-buffer: 5.2.1 - uid-safe: 2.1.5 - transitivePeerDependencies: - - supports-color - - express@4.19.2(supports-color@8.1.1): - dependencies: - accepts: 1.3.8 - array-flatten: 1.1.1 - body-parser: 1.20.2(supports-color@8.1.1) - content-disposition: 0.5.4 - content-type: 1.0.5 - cookie: 0.6.0 - cookie-signature: 1.0.6 - debug: 2.6.9(supports-color@8.1.1) - depd: 2.0.0 - encodeurl: 1.0.2 - escape-html: 1.0.3 - etag: 1.8.1 - finalhandler: 1.2.0(supports-color@8.1.1) - fresh: 0.5.2 - http-errors: 2.0.0 - merge-descriptors: 1.0.1 - methods: 1.1.2 - on-finished: 2.4.1 - parseurl: 1.3.3 - path-to-regexp: 0.1.7 - proxy-addr: 2.0.7 - qs: 6.11.0 - range-parser: 1.2.1 - safe-buffer: 5.2.1 - send: 0.18.0(supports-color@8.1.1) - serve-static: 1.15.0(supports-color@8.1.1) - setprototypeof: 1.2.0 - statuses: 2.0.1 - type-is: 1.6.18 - utils-merge: 1.0.1 - vary: 1.1.2 - transitivePeerDependencies: - - supports-color - - fast-safe-stringify@2.1.1: {} - - fast-xml-parser@4.4.1: - dependencies: - strnum: 1.0.5 - - finalhandler@1.2.0(supports-color@8.1.1): - dependencies: - debug: 2.6.9(supports-color@8.1.1) - encodeurl: 1.0.2 - escape-html: 1.0.3 - on-finished: 2.4.1 - parseurl: 1.3.3 - statuses: 2.0.1 - unpipe: 1.0.0 - transitivePeerDependencies: - - supports-color - - form-data-encoder@2.1.4: {} - - forwarded@0.2.0: {} - - fresh@0.5.2: {} - - function-bind@1.1.2: {} - - get-intrinsic@1.2.4: - dependencies: - es-errors: 1.3.0 - function-bind: 1.1.2 - has-proto: 1.0.3 - has-symbols: 1.0.3 - hasown: 2.0.2 - - get-stream@6.0.1: {} - - gopd@1.0.1: - dependencies: - get-intrinsic: 1.2.4 - - got@13.0.0: - dependencies: - '@sindresorhus/is': 5.6.0 - '@szmarczak/http-timer': 5.0.1 - cacheable-lookup: 7.0.0 - cacheable-request: 10.2.14 - decompress-response: 6.0.0 - form-data-encoder: 2.1.4 - get-stream: 6.0.1 - http2-wrapper: 2.2.1 - lowercase-keys: 3.0.0 - p-cancelable: 3.0.0 - responselike: 3.0.0 - - graceful-fs@4.2.11: {} - - grant@5.4.22: - dependencies: - qs: 6.13.0 - request-compose: 2.1.6 - request-oauth: 1.0.1 - optionalDependencies: - cookie: 0.5.0 - cookie-signature: 1.2.1 - jwk-to-pem: 2.0.6 - jws: 4.0.0 - - has-flag@4.0.0: {} - - has-property-descriptors@1.0.2: - dependencies: - es-define-property: 1.0.0 - - has-proto@1.0.3: {} - - has-symbols@1.0.3: {} - - hash.js@1.1.7: - dependencies: - inherits: 2.0.4 - minimalistic-assert: 1.0.1 - optional: true - - hasown@2.0.2: - dependencies: - function-bind: 1.1.2 - - helmet@7.1.0: {} - - hmac-drbg@1.0.1: - dependencies: - hash.js: 1.1.7 - minimalistic-assert: 1.0.1 - minimalistic-crypto-utils: 1.0.1 - optional: true - - http-cache-semantics@4.1.1: {} - - http-errors@2.0.0: - dependencies: - depd: 2.0.0 - inherits: 2.0.4 - setprototypeof: 1.2.0 - statuses: 2.0.1 - toidentifier: 1.0.1 - - http2-wrapper@2.2.1: - dependencies: - quick-lru: 5.1.1 - resolve-alpn: 1.2.1 - - iconv-lite@0.4.24: - dependencies: - safer-buffer: 2.1.2 - - ieee754@1.2.1: {} - - inherits@2.0.4: {} - - ioredis@5.4.1(supports-color@8.1.1): - dependencies: - '@ioredis/commands': 1.2.0 - cluster-key-slot: 1.1.2 - debug: 4.3.6(supports-color@8.1.1) - denque: 2.1.0 - lodash.defaults: 4.2.0 - lodash.isarguments: 3.1.0 - redis-errors: 1.2.0 - redis-parser: 3.0.0 - standard-as-callback: 2.1.0 - transitivePeerDependencies: - - supports-color - - ipaddr.js@1.9.1: {} - - ipaddr.js@2.2.0: {} - - is-network-error@1.1.0: {} - - is-stream@2.0.1: {} - - js-base64@3.7.7: {} - - js-tokens@4.0.0: {} - - json-buffer@3.0.1: {} - - jsonwebtoken@9.0.2: - dependencies: - jws: 3.2.2 - lodash.includes: 4.3.0 - lodash.isboolean: 3.0.3 - lodash.isinteger: 4.0.4 - lodash.isnumber: 3.0.3 - lodash.isplainobject: 4.0.6 - lodash.isstring: 4.0.1 - lodash.once: 4.1.1 - ms: 2.1.3 - semver: 7.6.3 - - jwa@1.4.1: - dependencies: - buffer-equal-constant-time: 1.0.1 - ecdsa-sig-formatter: 1.0.11 - safe-buffer: 5.2.1 - - jwa@2.0.0: - dependencies: - buffer-equal-constant-time: 1.0.1 - ecdsa-sig-formatter: 1.0.11 - safe-buffer: 5.2.1 - optional: true - - jwk-to-pem@2.0.6: - dependencies: - asn1.js: 5.4.1 - elliptic: 6.5.7 - safe-buffer: 5.2.1 - optional: true - - jws@3.2.2: - dependencies: - jwa: 1.4.1 - safe-buffer: 5.2.1 - - jws@4.0.0: - dependencies: - jwa: 2.0.0 - safe-buffer: 5.2.1 - optional: true - - keyv@4.5.4: - dependencies: - json-buffer: 3.0.1 - - lodash._baseiteratee@4.7.0: - dependencies: - lodash._stringtopath: 4.8.0 - - lodash._basetostring@4.12.0: {} - - lodash._baseuniq@4.6.0: - dependencies: - lodash._createset: 4.0.3 - lodash._root: 3.0.1 - - lodash._createset@4.0.3: {} - - lodash._root@3.0.1: {} - - lodash._stringtopath@4.8.0: - dependencies: - lodash._basetostring: 4.12.0 - - lodash.defaults@4.2.0: {} - - lodash.includes@4.3.0: {} - - lodash.isarguments@3.1.0: {} - - lodash.isboolean@3.0.3: {} - - lodash.isinteger@4.0.4: {} - - lodash.isnumber@3.0.3: {} - - lodash.isplainobject@4.0.6: {} - - lodash.isstring@4.0.1: {} - - lodash.once@4.1.1: {} - - lodash.throttle@4.1.1: {} - - lodash.uniqby@4.5.0: - dependencies: - lodash._baseiteratee: 4.7.0 - lodash._baseuniq: 4.6.0 - - lodash@4.17.21: {} - - long-timeout@0.1.1: {} - - loose-envify@1.4.0: - dependencies: - js-tokens: 4.0.0 - - lowercase-keys@3.0.0: {} - - lru-cache@4.1.5: - dependencies: - pseudomap: 1.0.2 - yallist: 2.1.2 - - luxon@3.5.0: {} - - media-typer@0.3.0: {} - - memorystore@1.6.7: - dependencies: - debug: 4.3.6(supports-color@8.1.1) - lru-cache: 4.1.5 - transitivePeerDependencies: - - supports-color - - merge-descriptors@1.0.1: {} - - methods@1.1.2: {} - - mime-db@1.52.0: {} - - mime-match@1.0.2: - dependencies: - wildcard: 1.1.2 - - mime-types@2.1.35: - dependencies: - mime-db: 1.52.0 - - mime@1.6.0: {} - - mimic-response@3.1.0: {} - - mimic-response@4.0.0: {} - - minimalistic-assert@1.0.1: - optional: true - - minimalistic-crypto-utils@1.0.1: - optional: true - - moment-timezone@0.5.45: - dependencies: - moment: 2.30.1 - - moment@2.30.1: {} - - morgan@1.10.0(supports-color@8.1.1): - dependencies: - basic-auth: 2.0.1 - debug: 2.6.9(supports-color@8.1.1) - depd: 2.0.0 - on-finished: 2.3.0 - on-headers: 1.0.2 - transitivePeerDependencies: - - supports-color - - ms@2.0.0: {} - - ms@2.1.2: {} - - ms@2.1.3: {} - - namespace-emitter@2.0.1: {} - - nanoid@5.0.7: {} - - negotiator@0.6.3: {} - - node-schedule@2.1.1: - dependencies: - cron-parser: 4.9.0 - long-timeout: 0.1.1 - sorted-array-functions: 1.3.0 - - normalize-url@8.0.1: {} - - oauth-sign@0.9.0: {} - - object-assign@4.1.1: {} - - object-inspect@1.13.2: {} - - on-finished@2.3.0: - dependencies: - ee-first: 1.1.1 - - on-finished@2.4.1: - dependencies: - ee-first: 1.1.1 - - on-headers@1.0.2: {} - - p-cancelable@3.0.0: {} - - p-retry@6.2.0: - dependencies: - '@types/retry': 0.12.2 - is-network-error: 1.1.0 - retry: 0.13.1 - - parseurl@1.3.3: {} - - path-to-regexp@0.1.7: {} - - preact@10.23.2: {} - - prom-client@15.1.2: - dependencies: - '@opentelemetry/api': 1.9.0 - tdigest: 0.1.2 - - proper-lockfile@4.1.2: - dependencies: - graceful-fs: 4.2.11 - retry: 0.12.0 - signal-exit: 3.0.7 - - proxy-addr@2.0.7: - dependencies: - forwarded: 0.2.0 - ipaddr.js: 1.9.1 - - pseudomap@1.0.2: {} - - qs@6.11.0: - dependencies: - side-channel: 1.0.6 - - qs@6.13.0: - dependencies: - side-channel: 1.0.6 - - querystringify@2.2.0: {} - - quick-lru@5.1.1: {} - - random-bytes@1.0.0: {} - - randombytes@2.1.0: - dependencies: - safe-buffer: 5.2.1 - - range-parser@1.2.1: {} - - raw-body@2.5.2: - dependencies: - bytes: 3.1.2 - http-errors: 2.0.0 - iconv-lite: 0.4.24 - unpipe: 1.0.0 - - react-hook-form@7.53.0(react@18.3.1): - dependencies: - react: 18.3.1 - - react@18.3.1: - dependencies: - loose-envify: 1.4.0 - - readable-stream@3.6.2: - dependencies: - inherits: 2.0.4 - string_decoder: 1.3.0 - util-deprecate: 1.0.2 - - redis-errors@1.2.0: {} - - redis-parser@3.0.0: - dependencies: - redis-errors: 1.2.0 - - request-compose@2.1.6: {} - - request-oauth@1.0.1: - dependencies: - oauth-sign: 0.9.0 - qs: 6.13.0 - uuid: 8.3.2 - - requires-port@1.0.0: {} - - resolve-alpn@1.2.1: {} - - responselike@3.0.0: - dependencies: - lowercase-keys: 3.0.0 - - retry@0.12.0: {} - - retry@0.13.1: {} - - safe-buffer@5.1.2: {} - - safe-buffer@5.2.1: {} - - safer-buffer@2.1.2: {} - - semver@7.6.3: {} - - send@0.18.0(supports-color@8.1.1): - dependencies: - debug: 2.6.9(supports-color@8.1.1) - depd: 2.0.0 - destroy: 1.2.0 - encodeurl: 1.0.2 - escape-html: 1.0.3 - etag: 1.8.1 - fresh: 0.5.2 - http-errors: 2.0.0 - mime: 1.6.0 - ms: 2.1.3 - on-finished: 2.4.1 - range-parser: 1.2.1 - statuses: 2.0.1 - transitivePeerDependencies: - - supports-color - - serialize-error@11.0.3: - dependencies: - type-fest: 2.19.0 - - serialize-javascript@6.0.2: - dependencies: - randombytes: 2.1.0 - - serve-static@1.15.0(supports-color@8.1.1): - dependencies: - encodeurl: 1.0.2 - escape-html: 1.0.3 - parseurl: 1.3.3 - send: 0.18.0(supports-color@8.1.1) - transitivePeerDependencies: - - supports-color - - set-function-length@1.2.2: - dependencies: - define-data-property: 1.1.4 - es-errors: 1.3.0 - function-bind: 1.1.2 - get-intrinsic: 1.2.4 - gopd: 1.0.1 - has-property-descriptors: 1.0.2 - - setprototypeof@1.2.0: {} - - side-channel@1.0.6: - dependencies: - call-bind: 1.0.7 - es-errors: 1.3.0 - get-intrinsic: 1.2.4 - object-inspect: 1.13.2 - - signal-exit@3.0.7: {} - - sorted-array-functions@1.3.0: {} - - standard-as-callback@2.1.0: {} - - statuses@2.0.1: {} - - stream-browserify@3.0.0: - dependencies: - inherits: 2.0.4 - readable-stream: 3.6.2 - - string_decoder@1.3.0: - dependencies: - safe-buffer: 5.2.1 - - strnum@1.0.5: {} - - supports-color@8.1.1: - dependencies: - has-flag: 4.0.0 - - tdigest@0.1.2: - dependencies: - bintrees: 1.0.2 - - toidentifier@1.0.1: {} - - tslib@2.7.0: {} - - tus-js-client@4.1.0: - dependencies: - buffer-from: 1.1.2 - combine-errors: 3.0.3 - is-stream: 2.0.1 - js-base64: 3.7.7 - lodash.throttle: 4.1.1 - proper-lockfile: 4.1.2 - url-parse: 1.5.10 - - type-fest@2.19.0: {} - - type-is@1.6.18: - dependencies: - media-typer: 0.3.0 - mime-types: 2.1.35 - - uid-safe@2.1.5: - dependencies: - random-bytes: 1.0.0 - - undici-types@6.19.8: {} - - unpipe@1.0.0: {} - - url-parse@1.5.10: - dependencies: - querystringify: 2.2.0 - requires-port: 1.0.0 - - url-value-parser@2.2.0: {} - - util-deprecate@1.0.2: {} - - utils-merge@1.0.1: {} - - uuid@8.3.2: {} - - uuid@9.0.1: {} - - validator@13.12.0: {} - - vary@1.1.2: {} - - wildcard@1.1.2: {} - - ws@8.17.1: {} - - yallist@2.1.2: {}