UNCLASSIFIED - NO CUI

Skip to content

Commits on Source 6

Show whitespace changes
Inline Side-by-side
CHANGELOG.md
View file @ d47f67c9
......@@ -3,6 +3,13 @@
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
---
## [20.13.2-bb.0] - 2025-05-05
### Changed
- Updated registry1.dso.mil/ironbank/bitnami/redis (source) 7.4.2 -> 7.4.3
- Updated Chart version to 20.13.2
## [20.13.0-bb.0] - 2025-04-16
### Changed
......
CODEOWNERS
View file @ d47f67c9
* @kershaw.jacob @benjamin.starks @dchen @michaelmartin @chukwuka.c.akagbusi @pchristiel @justinguidry11 @chris.oconnell
\ No newline at end of file
* @justinguidry11 @pchristiel @michaelmartin @dchen @chukwuka.c.akagbusi @chris.oconnell @kershaw.jacob
\ No newline at end of file
README.md
View file @ d47f67c9
<!-- Warning: Do not manually edit this file. See notes on gluon + helm-docs at the end of this file for more information. -->
# redis
![Version: 20.13.0-bb.0](https://img.shields.io/badge/Version-20.13.0--bb.0-informational?style=flat-square) ![AppVersion: 7.4.2](https://img.shields.io/badge/AppVersion-7.4.2-informational?style=flat-square) ![Maintenance Track: bb_maintained](https://img.shields.io/badge/Maintenance_Track-bb_maintained-yellow?style=flat-square)
![Version: 20.13.2-bb.0](https://img.shields.io/badge/Version-20.13.2--bb.0-informational?style=flat-square) ![AppVersion: 7.4.3](https://img.shields.io/badge/AppVersion-7.4.3-informational?style=flat-square) ![Maintenance Track: bb_maintained](https://img.shields.io/badge/Maintenance_Track-bb_maintained-yellow?style=flat-square)
Redis(R) is an open source, advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets.
......@@ -92,7 +92,7 @@ helm install redis chart/
| diagnosticMode.args[0] | string | `"infinity"` | |
| image.registry | string | `"registry1.dso.mil"` | |
| image.repository | string | `"ironbank/bitnami/redis"` | |
| image.tag | string | `"7.4.2"` | |
| image.tag | string | `"7.4.3"` | |
| image.digest | string | `""` | |
| image.pullPolicy | string | `"IfNotPresent"` | |
| image.pullSecrets | list | `[]` | |
......@@ -365,7 +365,7 @@ helm install redis chart/
| sentinel.enabled | bool | `false` | |
| sentinel.image.registry | string | `"docker.io"` | |
| sentinel.image.repository | string | `"bitnami/redis-sentinel"` | |
| sentinel.image.tag | string | `"7.4.2-debian-12-r11"` | |
| sentinel.image.tag | string | `"7.4.3-debian-12-r0"` | |
| sentinel.image.digest | string | `""` | |
| sentinel.image.pullPolicy | string | `"IfNotPresent"` | |
| sentinel.image.pullSecrets | list | `[]` | |
......@@ -612,7 +612,7 @@ helm install redis chart/
| volumePermissions.enabled | bool | `false` | |
| volumePermissions.image.registry | string | `"docker.io"` | |
| volumePermissions.image.repository | string | `"bitnami/os-shell"` | |
| volumePermissions.image.tag | string | `"12-debian-12-r40"` | |
| volumePermissions.image.tag | string | `"12-debian-12-r43"` | |
| volumePermissions.image.digest | string | `""` | |
| volumePermissions.image.pullPolicy | string | `"IfNotPresent"` | |
| volumePermissions.image.pullSecrets | list | `[]` | |
......@@ -628,7 +628,7 @@ helm install redis chart/
| kubectl.enabled | bool | `false` | |
| kubectl.image.registry | string | `"docker.io"` | |
| kubectl.image.repository | string | `"bitnami/kubectl"` | |
| kubectl.image.tag | string | `"1.32.3-debian-12-r1"` | |
| kubectl.image.tag | string | `"1.32.4-debian-12-r0"` | |
| kubectl.image.digest | string | `""` | |
| kubectl.image.pullPolicy | string | `"IfNotPresent"` | |
| kubectl.image.pullSecrets | list | `[]` | |
......@@ -649,7 +649,7 @@ helm install redis chart/
| sysctl.enabled | bool | `false` | |
| sysctl.image.registry | string | `"docker.io"` | |
| sysctl.image.repository | string | `"bitnami/os-shell"` | |
| sysctl.image.tag | string | `"12-debian-12-r40"` | |
| sysctl.image.tag | string | `"12-debian-12-r43"` | |
| sysctl.image.digest | string | `""` | |
| sysctl.image.pullPolicy | string | `"IfNotPresent"` | |
| sysctl.image.pullSecrets | list | `[]` | |
......
chart/CHANGELOG.md
View file @ d47f67c9
# Changelog
## 20.13.2 (2025-04-24)
* [bitnami/redis] Release 20.13.2 ([#33157](https://github.com/bitnami/charts/pull/33157))
## <small>20.13.1 (2025-04-23)</small>
* [bitnami/redis] Release 20.13.1 (#33089) ([f23fc62](https://github.com/bitnami/charts/commit/f23fc626c47a6f041bdbbbf36ad4b8033c4b4f83)), closes [#33089](https://github.com/bitnami/charts/issues/33089)
## 20.13.0 (2025-04-22)
* [bitnami/redis] feat: :sparkles: Disable empty-dirs when readOnlyRootFS is disabled ([#33108](https://github.com/bitnami/charts/pull/33108))
* [bitnami/redis] feat: :sparkles: Disable empty-dirs when readOnlyRootFS is disabled (#33108) ([ed03d4d](https://github.com/bitnami/charts/commit/ed03d4d35176239e124e5fd7ed26f92eb49db9ba)), closes [#33108](https://github.com/bitnami/charts/issues/33108)
## <small>20.12.2 (2025-04-21)</small>
......
chart/Chart.yaml
View file @ d47f67c9
......@@ -6,15 +6,15 @@ annotations:
category: Database
licenses: Apache-2.0
bigbang.dev/applicationVersions: |
- Redis: 7.4.2
- Redis: 7.4.3
helm.sh/images: |
- name: redis
image: registry1.dso.mil/ironbank/bitnami/redis:7.4.2
image: registry1.dso.mil/ironbank/bitnami/redis:7.4.3
- name: exporter
image: registry1.dso.mil/ironbank/bitnami/analytics/redis-exporter:v1.70.0
tanzuCategory: service
apiVersion: v2
appVersion: 7.4.2
appVersion: 7.4.3
dependencies:
- name: common
repository: oci://registry-1.docker.io/bitnamicharts
......@@ -34,4 +34,4 @@ maintainers:
name: redis
sources:
- https://github.com/bitnami/charts/tree/main/bitnami/redis
version: 20.13.0-bb.0
version: 20.13.2-bb.0
chart/Kptfile
View file @ d47f67c9
......@@ -5,7 +5,7 @@ metadata:
upstream:
type: git
git:
commit: ed03d4d35176239e124e5fd7ed26f92eb49db9ba
commit: 98a2ec9cce9ab777eea217ff76dae19ccfe519f2
repo: https://github.com/bitnami/charts
directory: bitnami/redis
ref: redis/20.13.0
ref: redis/20.13.2
chart/values.yaml
View file @ d47f67c9
......@@ -171,7 +171,7 @@ diagnosticMode:
image:
registry: registry1.dso.mil
repository: ironbank/bitnami/redis
tag: 7.4.2
tag: 7.4.3
digest: ""
## Specify a imagePullPolicy
## ref: https://kubernetes.io/docs/concepts/containers/images/#pre-pulled-images
......@@ -1261,7 +1261,7 @@ sentinel:
image:
registry: docker.io
repository: bitnami/redis-sentinel
tag: 7.4.2-debian-12-r11
tag: 7.4.3-debian-12-r0
digest: ""
## Specify a imagePullPolicy
## ref: https://kubernetes.io/docs/concepts/containers/images/#pre-pulled-images
......@@ -2251,7 +2251,7 @@ volumePermissions:
image:
registry: docker.io
repository: bitnami/os-shell
tag: 12-debian-12-r40
tag: 12-debian-12-r43
digest: ""
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
......@@ -2326,7 +2326,7 @@ kubectl:
image:
registry: docker.io
repository: bitnami/kubectl
tag: 1.32.3-debian-12-r1
tag: 1.32.4-debian-12-r0
digest: ""
## Specify a imagePullPolicy
## ref: https://kubernetes.io/docs/concepts/containers/images/#pre-pulled-images
......@@ -2400,7 +2400,7 @@ sysctl:
image:
registry: docker.io
repository: bitnami/os-shell
tag: 12-debian-12-r40
tag: 12-debian-12-r43
digest: ""
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
......
docs/DEVELOPMENT_MAINTENANCE.md
View file @ d47f67c9
# Code Changes for Updates
# How to Upgrade Redis Package chart
Redis is a modified/customized version of an upstream chart. The below details the steps required to update to a new version of the Redis package.
1. Checkout the branch that renovate created. This branch will have the image tag updates and typically some other necessary version changes that you will want. You can either work off of this branch or branch off of it.
1. Navigate to the [upstream chart repo and folder](https://github.com/bitnami/charts/tree/main/bitnami/redis) and find the tag that corresponds to the version of this chart. Start with the newest chart version to make sure we get the latest patches. For changes to redis-exporter, the changelog is located [here](https://github.com/oliver006/redis_exporter/releases/).
1. For changes to bitnami container images, locating the changelog is not straightforward. Tags and releases are not used. Containers are stored in [the upstream repo](https://github.com/bitnami/containers/) in a hierarchical directory structure under `./bitnami/<CHART_NAME>/<MAJOR_VERSION>/<OS_ARCH>/`. The material differences can be determined by examining the differences between the directories containing the two versions in question, but the changelog has to be determined from the git history. This can be done by grepping the version from the git history (`git log --all --grep="VERSION_NUMBER"`) for the previous version and the new version, and then asking git for the history between the two revisions. You can exclude the bitnami bot merge messages for a cleaner output (`git log --perl-regexp --author='^((?!Bitnami Bot).*)$' OLD_REV..NEW_REV -- bitnami/kubectl/` for example).
1. From the root of the repo run `kpt pkg update chart@<tag> --strategy alpha-git-patch` replacing `<tag>` with the version tag from step 1. You may be prompted to resolve some conflicts - choose what makes sense (if there are BB additions/changes keep them, if there are upstream additions/changes keep them).
1. From the root of the repo run `kpt pkg update chart@<tag> --strategy alpha-git-patch` replacing `<tag>` with the version tag from step 1 (ex. redis/20.11.4). You may be prompted to resolve some conflicts - choose what makes sense (if there are BB additions/changes keep them, if there are upstream additions/changes keep them).
1. Modify the `version` in `Chart.yaml` - you will want to append `-bb.0` to the chart version from upstream.
1. Update `CHANGELOG.md` adding an entry for the new version and noting all changes (at minimum should include `Updated Redis chart to x.x.x` and `Updated image versions to latest in IB (redis: x.x.x, redis-exporter: x.x.x)`.
1. Generate the `README.md` updates by following the [guide in gluon](https://repo1.dso.mil/platform-one/big-bang/apps/library-charts/gluon/-/blob/master/docs/bb-package-readme.md).
1. Push up your changes, validate that CI passes in the renovate MR (or create an MR if necessary). If there are any failures follow the information in the pipeline to make the necessary updates and reach out to the team if needed.
1. Perform the steps below for manual testing. CI provides a good set of basic smoke tests but it is beneficial to run some additional checks.
1. Push up your changes, validate that CI passes. If there are any failures follow the information in the pipeline to make the necessary updates and reach out to the team if needed.
# Testing new Redis version
1. Perform the steps below for manual testing. CI provides a good set of basic smoke tests but it is beneficial to run some additional checks.
Bigbang umbrella does not deploy Redis as a package. Instead redis should be tested as part of the AuthService package. Follow the steps below for testing. You should perform these steps on both a clean install and an upgrade from BB master.
## Manual Testing for Updates
## Package Redis/Create AuthService Branch
NOTE: For these testing steps it is good to do them on both a clean install and an upgrade. For clean install, point monitoring to your branch. For an upgrade do an install with monitoring pointing to the latest tag, then perform a helm upgrade with monitoring pointing to your branch.
1. Create a branch on AuthService package repo (https://repo1.dso.mil/big-bang/product/packages/authservice)
1. Helm Package your local Redis chart and copy to the AuthService branch under authservice/chart/charts/redis.x.tgz
From within the Redis package:
```
helm package ./chart
```
1. Modify the chart/chart.yaml in your AuthService branch for the redis dependency so that it matches the .tgz you copied over in the previous step.
```
dependencies:
- name: redis
version: x.x.x-bb.x
```
1. Push AuthService branch to repo1
Since Bigbang umbrella does not deploy Redis as a package, we can deploy Redis as part of the AuthService package:
1. Create a branch on AuthService package repo
2. Helm Package your local Redis chart and copy to the AuthService branch under authservice/chart/charts/redis.x.tgz
3. Push AuthService branch to repo1
4. Modify your BB values to use the AuthService git branch that you pushed to repo1
5. Deploy Bigbang with Monitoring and AuthService packages enabled. Set AuthService, Redis enabled to true (see below for sample values config). Deploy with SSO enabled [sample SSO values](https://repo1.dso.mil/big-bang/bigbang/-/blob/master/docs/assets/configs/example/dev-sso-values.yaml).
```yaml
## Branch/Tag Config
If you'd like to install from a specific branch or tag, then the code block under authservice needs to be uncommented and used to target your changes.
For example, this would target the `renovate/ironbank` branch.
```
addons:
authservice:
enabled: true
<other config/labels>
...
...
# Add git branch or tag information to test against a specific branch or tag instead of using `main`
# Must set the unused label to null
git:
tag: ""
branch: "your-branch"
values:
monitoring:
enabled: true
redis:
enabled: true
redis-bb:
monitoring:
enabled: true
metrics:
enabled: true # To test redis-exporter image
tag: null
branch: "renovate/ironbank"
```
6. Login to Grafana and check that Redis dashboards are receiving data. The "Redis Dashboard for Prometheus" will only populate if redis metrics are enabled.
7. Login to Prometheus and Alert Manager using SSO. These logins use the AuthService which will rely on Redis for session persistence if Redis is enabled.
8. Pull logs for AuthService controller, verify connection to Redis is established. Output should be seen in logs.
9. Pull logs for AuthService Redis Master pod, verify connection from master to replica pods is successful. Output should be seen in logs.
10. Cleanup/Delete your AuthService branch
### Big Bang Integration Testing
## Cluster setup
As part of your MR that modifies bigbang packages, you should modify the bigbang [bigbang/tests/test-values.yaml](https://repo1.dso.mil/big-bang/bigbang/-/blob/master/tests/test-values.yaml?ref_type=heads) against your branch for the CI/CD MR testing by enabling your packages.
⚠️ Always make sure your local bigbang repo is current before deploying.
- To do this, at a minimum, you will need to follow the instructions at [bigbang/docs/developer/test-package-against-bb.md](https://repo1.dso.mil/big-bang/bigbang/-/blob/master/docs/developer/test-package-against-bb.md?ref_type=heads) with changes for Redis enabled (the below is a reference, actual changes could be more depending on what changes where made to Redis in the pakcage MR).
1. Export your Ironbank/Harbor credentials (this can be done in your `~/.bashrc` or `~/.zshrc` file if desired). These specific variables are expected by the `k3d-dev.sh` script when deploying metallb, and are referenced in other commands for consistency:
```
export REGISTRY_USERNAME='<your_username>'
export REGISTRY_PASSWORD='<your_password>'
```
1. Export the path to your local bigbang repo (without a trailing `/`):
### [test-values.yaml](https://repo1.dso.mil/big-bang/bigbang/-/blob/master/tests/test-values.yaml?ref_type=heads)
```yaml
addons:
authservice:
enabled: true
git:
tag: ""
branch: "your-branch"
values:
monitoring:
enabled: true
redis:
enabled: true
redis-bb:
monitoring:
enabled: true
metrics:
enabled: true # To test redis-exporter image
### Additional compononents of Redis should be changed to reflect testing changes introduced in the package MR
⚠️ Note that wrapping your file path in quotes when exporting will break expansion of `~`.
```
export BIGBANG_REPO_DIR=<absolute_path_to_local_bigbang_repo>
```
e.g.
```
export BIGBANG_REPO_DIR=~/repos/bigbang
```
1. Run the [k3d_dev.sh](https://repo1.dso.mil/big-bang/bigbang/-/blob/master/docs/assets/scripts/developer/k3d-dev.sh) script to deploy a dev cluster (`-a` flag required if deploying a local Keycloak):
For `login.dso.mil` Keycloak:
```
"${BIGBANG_REPO_DIR}/docs/assets/scripts/developer/k3d-dev.sh"
```
For local `keycloak.dev.bigbang.mil` Keycloak (`-a` deploys instance with a second public IP and metallb):
```
"${BIGBANG_REPO_DIR}/docs/assets/scripts/developer/k3d-dev.sh -a"
```
1. Export your kubeconfig:
```
export KUBECONFIG=~/.kube/<your_kubeconfig_file>
```
e.g.
```
export KUBECONFIG=~/.kube/Sam.Sarnowski-dev-config
```
1. [Deploy flux to your cluster](https://repo1.dso.mil/big-bang/bigbang/-/blob/master/scripts/install_flux.sh):
```
"${BIGBANG_REPO_DIR}/scripts/install_flux.sh -u ${REGISTRY_USERNAME} -p ${REGISTRY_PASSWORD}"
```
## Deploy Bigbang
⚠️ Note that testing against your local branch or tag is only possible if you edit the overrides file to point to your changes.
From the root of this repo, run one of the following deploy commands depending on which Keycloak you wish to reference:
For `login.dso.mil` Keycloak:
```sh
helm upgrade -i bigbang ${BIGBANG_REPO_DIR}/chart/ -n bigbang --create-namespace \
--set registryCredentials.username=${REGISTRY_USERNAME} --set registryCredentials.password=${REGISTRY_PASSWORD} \
-f https://repo1.dso.mil/big-bang/bigbang/-/raw/master/tests/test-values.yaml \
-f https://repo1.dso.mil/big-bang/bigbang/-/raw/master/chart/ingress-certs.yaml \
-f https://repo1.dso.mil/big-bang/bigbang/-/raw/master/docs/assets/configs/example/dev-sso-values.yaml \
-f docs/dev-overrides/minimal.yaml \
-f docs/dev-overrides/redis-testing.yaml
```
For local `keycloak.dev.bigbang.mil` Keycloak:
```sh
helm upgrade -i bigbang ${BIGBANG_REPO_DIR}/chart/ -n bigbang --create-namespace \
--set registryCredentials.username=${REGISTRY_USERNAME} --set registryCredentials.password=${REGISTRY_PASSWORD} \
-f https://repo1.dso.mil/big-bang/bigbang/-/raw/master/tests/test-values.yaml \
-f https://repo1.dso.mil/big-bang/bigbang/-/raw/master/chart/ingress-certs.yaml \
-f docs/dev-overrides/minimal.yaml \
-f docs/dev-overrides/redis-testing-local-keycloak.yaml
```
- Authservice (with Redis Dependency), Keycloak
- Jaeger, Kiali and Monitoring (including Grafana), all with SSO enabled
## Validation/Testing Steps
# Files that need integration testing
1. Login to Grafana and check that Redis dashboards are receiving data. The "Redis Dashboard for Prometheus" will only populate if redis metrics are enabled.
1. Login to Prometheus and Alert Manager using SSO. These logins use the AuthService which will rely on Redis for session persistence if Redis is enabled.
1. Pull logs for AuthService controller, verify connection to Redis is established. Output should be seen in logs.
1. Pull logs for AuthService Redis Master pod, verify connection from master to replica pods is successful. Output should be seen in logs.
## Files that need integration testing
If you modify any of these things, you should perform an integration test with your branch against the rest of bigbang. Some of these files have automatic tests already defined, but those automatic tests may not model corner cases found in full integration scenarios.
......@@ -102,6 +160,32 @@ If you modify any of these things, you should perform an integration test with y
Follow [the standard process](https://repo1.dso.mil/big-bang/bigbang/-/blob/master/docs/developer/test-package-against-bb.md?ref_type=heads) for performing an integration test against bigbang.
### Big Bang Integration Testing
As part of your MR that modifies bigbang packages, you should modify the bigbang [bigbang/tests/test-values.yaml](https://repo1.dso.mil/big-bang/bigbang/-/blob/master/tests/test-values.yaml?ref_type=heads) against your branch for the CI/CD MR testing by enabling your packages.
- To do this, at a minimum, you will need to follow the instructions at [bigbang/docs/developer/test-package-against-bb.md](https://repo1.dso.mil/big-bang/bigbang/-/blob/master/docs/developer/test-package-against-bb.md?ref_type=heads) with changes for Redis enabled (the below is a reference, actual changes could be more depending on what changes where made to Redis in the pakcage MR).
### [test-values.yaml](https://repo1.dso.mil/big-bang/bigbang/-/blob/master/tests/test-values.yaml?ref_type=heads)
```yaml
addons:
authservice:
enabled: true
git:
tag: ""
branch: "your-branch"
values:
monitoring:
enabled: true
redis:
enabled: true
redis-bb:
monitoring:
enabled: true
metrics:
enabled: true # To test redis-exporter image
### Additional compononents of Redis should be changed to reflect testing changes introduced in the package MR
```
### automountServiceAccountToken
The mutating Kyverno policy named `update-automountserviceaccounttokens` is leveraged to harden all ServiceAccounts in this package with `automountServiceAccountToken: false`. This policy is configured by namespace in the Big Bang umbrella chart repository at [chart/templates/kyverno-policies/values.yaml](https://repo1.dso.mil/big-bang/bigbang/-/blob/master/chart/templates/kyverno-policies/values.yaml?ref_type=heads).
......
docs/dev-overrides/minimal.yaml 0 → 100644
View file @ d47f67c9
# Many of these are disabled by default, but for clarity turn them off explicitly
# Notably, the following have not been disabled
# - networkPolicies - not disabled due to ease of use when deploying via k3d_dev
clusterAuditor:
enabled: false
eckOperator:
enabled: false
elasticsearchKibana:
enabled: false
fluentbit:
enabled: false
gatekeeper:
enabled: false
grafana:
enabled: false
istio:
enabled: false
istioOperator:
enabled: false
jaeger:
enabled: false
kiali:
enabled: false
kyverno:
enabled: false
kyvernoPolicies:
enabled: false
kyvernoReporter:
enabled: false
loki:
enabled: false
monitoring:
enabled: false
neuvector:
enabled: false
promtail:
enabled: false
tempo:
enabled: false
twistlock:
enabled: false
addons:
anchore:
enabled: false
argocd:
enabled: false
authservice:
enabled: false
fortify:
enabled: false
gitlab:
enabled: false
gitlabRunner:
enabled: false
haproxy:
enabled: false
harbor:
enabled: false
holocron:
enabled: false
keycloak:
enabled: false
mattermost:
enabled: false
mattermostOperator:
enabled: false
metricsServer:
enabled: false
minio:
enabled: false
minioOperator:
enabled: false
nexusRepositoryManager:
enabled: false
sonarqube:
enabled: false
thanos:
enabled: false
vault:
enabled: false
velero:
enabled: false
docs/dev-overrides/redis-testing-local-keycloak.yaml 0 → 100644
View file @ d47f67c9
# This overrides file is for deploying only the packages needed to test authservice during renovate or other update/change work, and should be used in combination with the testing steps called out in docs/DEVELOPMENT_MAINTENANCE.md
# This is for deploying with a local keycloak (keycloak.dev.bigbang.mil)
# Please use docs/dev-overrides/authservice-testing.yaml for testing with the login.dso.mil keycloak instead
# Sample deploy command, to be run from the package repo root:
# helm upgrade -i bigbang <absolute_path_to_local_bigbang_repo>/chart/ -n bigbang --create-namespace \
# --set registryCredentials.username=${REGISTRY_USERNAME} --set registryCredentials.password=${REGISTRY_PASSWORD} \
# -f https://repo1.dso.mil/big-bang/bigbang/-/raw/master/tests/test-values.yaml \
# -f https://repo1.dso.mil/big-bang/bigbang/-/raw/master/chart/ingress-certs.yaml \
# -f docs/dev-overrides/minimal.yaml \
# -f docs/dev-overrides/authservice-testing-local-keycloak.yaml
grafana:
enabled: true
sso:
enabled: true
grafana:
client_id: platform1_a8604cc9-f5e9-4656-802d-d05624370245_bb8-grafana
scopes: "openid Grafana"
istio:
enabled: true
istioOperator:
enabled: true
# Enable jaeger and prometheus (within monitoring) for testing
jaeger:
enabled: true
sso:
enabled: true
monitoring:
enabled: true
sso:
enabled: true
addons:
authservice:
enabled: true
# Add git branch or tag information to test against a specific branch or tag instead of using `main`
# Must set the unused label to null
# sourceType: "git"
# git:
# tag: null
# branch: "renovate/ironbank"
values:
monitoring:
enabled: true
redis:
enabled: true
redis-bb:
monitoring:
enabled: true
metrics:
enabled: true # To test redis-exporter image
keycloak:
enabled: true
docs/dev-overrides/redis-testing.yaml 0 → 100644
View file @ d47f67c9
# This overrides file is for deploying only the packages needed to test authservice during renovate or other update/change work, and should be used in combination with the testing steps called out in docs/DEVELOPMENT_MAINTENANCE.md
# This is meant to be combined with the https://repo1.dso.mil/big-bang/bigbang/-/raw/master/docs/assets/configs/example/dev-sso-values.yaml file for SSO against login.dso.mil
# Please use docs/dev-overrides/authservice-testing-local-keycloak.yaml for testing with a local keycloak instead
# Sample deploy command, to be run from the package repo root:
# helm upgrade -i bigbang <absolute_path_to_local_bigbang_repo>/chart/ -n bigbang --create-namespace \
# --set registryCredentials.username=${REGISTRY_USERNAME} --set registryCredentials.password=${REGISTRY_PASSWORD} \
# -f https://repo1.dso.mil/big-bang/bigbang/-/raw/master/tests/test-values.yaml \
# -f https://repo1.dso.mil/big-bang/bigbang/-/raw/master/chart/ingress-certs.yaml \
# -f https://repo1.dso.mil/big-bang/bigbang/-/raw/master/docs/assets/configs/example/dev-sso-values.yaml \
# -f docs/dev-overrides/minimal.yaml \
# -f docs/dev-overrides/authservice-testing.yaml
sso:
# This is needed because test-values.yaml overrides it to reference the internal keycloak
url: https://login.dso.mil/auth/realms/baby-yoda
grafana:
enabled: true
sso:
enabled: true
grafana:
client_id: platform1_a8604cc9-f5e9-4656-802d-d05624370245_bb8-grafana
scopes: "openid Grafana"
istio:
enabled: true
ingressGateways:
passthrough-ingressgateway:
enabled: false
gateways:
passthrough:
enabled: false
istioOperator:
enabled: true
# Enable jaeger and prometheus (within monitoring) for testing
jaeger:
enabled: true
monitoring:
enabled: true
addons:
authservice:
enabled: true
# Add git branch or tag information to test against a specific branch or tag instead of using `main`
# Must set the unused label to null
# sourceType: "git"
# git:
# tag: null
# branch: "renovate/ironbank"
values:
monitoring:
enabled: true
redis:
enabled: true
redis-bb:
monitoring:
enabled: true
metrics:
enabled: true

UNCLASSIFIED - NO CUI