helmrelease.yaml 2.90 KiB
{{- $fluxSettingsLoki := merge .Values.loki.flux .Values.flux -}}
{{- if .Values.loki.enabled }}
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
name: loki
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: loki
app.kubernetes.io/component: "core"
{{- include "commonLabels" . | nindent 4}}
annotations:
checksum/bigbang-values: {{ include (print $.Template.BasePath "/loki/values.yaml") . | sha256sum }}
spec:
driftDetection:
mode: warn
ignore:
- paths: [""]
target:
kind: Tenant
- paths: [""]
target:
kind: Sidecar
releaseName: {{ default "logging-loki" .Values.loki.releaseName }}
targetNamespace: logging
chart:
spec:
{{- if eq .Values.loki.sourceType "git" }}
chart: {{ .Values.loki.git.path }}
sourceRef:
kind: GitRepository
name: loki
namespace: {{ .Release.Namespace }}
{{- else }}
chart: {{ .Values.loki.helmRepo.chartName }}
version: {{ .Values.loki.helmRepo.tag }}
sourceRef:
kind: HelmRepository
name: {{ .Values.loki.helmRepo.repoName }}
namespace: {{ .Release.Namespace }}
{{- $repoType := include "getRepoType" (dict "repoName" .Values.loki.helmRepo.repoName "allRepos" $.Values.helmRepositories) -}}
{{- if (and .Values.loki.helmRepo.cosignVerify (eq $repoType "oci")) }} # Needs to be an OCI repo
verify:
provider: cosign
secretRef:
name: {{ printf "%s-cosign-pub" .Values.loki.helmRepo.repoName }}
{{- end }}
{{- end }}
interval: 5m
{{- toYaml $fluxSettingsLoki | nindent 2 }}
{{- if .Values.loki.postRenderers }}
postRenderers:
{{ toYaml .Values.loki.postRenderers | nindent 4 }}
{{- end }}
valuesFrom:
- name: {{ .Release.Name }}-loki-values
kind: Secret
valuesKey: "common"
- name: {{ .Release.Name }}-loki-values
kind: Secret
valuesKey: "defaults"
- name: {{ .Release.Name }}-loki-values
kind: Secret
valuesKey: "overlays"
{{- if or .Values.monitoring.enabled .Values.gatekeeper.enabled .Values.istio.enabled .Values.kyvernoPolicies.enabled }}
dependsOn:
{{- if .Values.monitoring.enabled }}
- name: monitoring