UNCLASSIFIED - NO CUI

Skip to content
Snippets Groups Projects
helmrelease.yaml 2.90 KiB
{{- $fluxSettingsLoki := merge .Values.loki.flux .Values.flux -}}
{{- if .Values.loki.enabled }}
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
  name: loki
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: loki
    app.kubernetes.io/component: "core"
    {{- include "commonLabels" . | nindent 4}}
  annotations:
    checksum/bigbang-values: {{ include (print $.Template.BasePath "/loki/values.yaml") . | sha256sum }}
spec:
  driftDetection:
    mode: warn
    ignore:
      - paths: [""]
        target:
          kind: Tenant
      - paths: [""]
        target:
         kind: Sidecar
  releaseName: {{ default "logging-loki" .Values.loki.releaseName }}
  targetNamespace: logging
  chart:
    spec:
      {{- if eq .Values.loki.sourceType "git" }}
      chart: {{ .Values.loki.git.path }}
      sourceRef:
        kind: GitRepository
        name: loki
        namespace: {{ .Release.Namespace }}
      {{- else }}
      chart: {{ .Values.loki.helmRepo.chartName }}
      version: {{ .Values.loki.helmRepo.tag }}
      sourceRef:
        kind: HelmRepository
        name: {{ .Values.loki.helmRepo.repoName }}
        namespace: {{ .Release.Namespace }}
      {{- $repoType := include "getRepoType" (dict "repoName" .Values.loki.helmRepo.repoName "allRepos" $.Values.helmRepositories) -}}
      {{- if (and .Values.loki.helmRepo.cosignVerify (eq $repoType "oci")) }} # Needs to be an OCI repo
      verify:
        provider: cosign
        secretRef:
          name: {{ printf "%s-cosign-pub" .Values.loki.helmRepo.repoName }}
      {{- end }}
      {{- end }}
      interval: 5m

  {{- toYaml $fluxSettingsLoki | nindent 2 }}

  {{- if .Values.loki.postRenderers }}
  postRenderers:
  {{ toYaml .Values.loki.postRenderers | nindent 4 }}
  {{- end }}
  valuesFrom:
    - name: {{ .Release.Name }}-loki-values
      kind: Secret
      valuesKey: "common"
    - name: {{ .Release.Name }}-loki-values
      kind: Secret
      valuesKey: "defaults"
    - name: {{ .Release.Name }}-loki-values
      kind: Secret
      valuesKey: "overlays"
  {{- if or .Values.monitoring.enabled .Values.gatekeeper.enabled .Values.istio.enabled .Values.kyvernoPolicies.enabled }}
  dependsOn:
    {{- if  .Values.monitoring.enabled }}
    - name: monitoring