diff --git a/Dockerfile b/Dockerfile
index fdb207afc83b0dec8106a7ccca8de6c215992743..280e361188d3a850c4988d2e7f06ebff61f4f84d 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -2,20 +2,20 @@ ARG BASE_REGISTRY=registry1.dsop.io
ARG BASE_IMAGE=ironbank/redhat/ubi/ubi8
ARG BASE_TAG=8.2
-FROM docker.bintray.io/jfrog/artifactory-oss:7.11.5 AS base
+FROM docker.bintray.io/jfrog/artifactory-oss:7.12.5 AS base
FROM ${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_TAG}
LABEL org.opencontainers.image.title="JFrog Artifactory OSS" \
org.opencontainers.image.description="JFrog Artifactory OSS image based on the Red Hat Universal Base Image for DSOP." \
org.opencontainers.image.url="https://jfrog.com" \
- org.opencontainers.image.version="7.11.5" \
+ org.opencontainers.image.version="7.12.5" \
maintainer="cht@dsop.io"
USER root
# Set vars
-ARG ARTIFACTORY_VERSION=7.11.5
+ARG ARTIFACTORY_VERSION=7.12.5
ENV JF_ARTIFACTORY_USER=artifactory \
ARTIFACTORY_VERSION=${ARTIFACTORY_VERSION} \
ARTIFACTORY_BOOTSTRAP=/artifactory_bootstrap \
diff --git a/Jenkinsfile b/Jenkinsfile
index b0199e3fd9888385524c72a2349b06f5c9a5b18b..ac3b07f2bd31dbe0229efdea7bc5f3c50edb4929 100644
--- a/Jenkinsfile
+++ b/Jenkinsfile
@@ -1,2 +1,2 @@
@Library('DCCSCR@master') _
-dccscrPipeline(version: "7.11.5")
+dccscrPipeline(version: "7.12.5")
diff --git a/Jenkinsfile.tmp b/Jenkinsfile.tmp
new file mode 100644
index 0000000000000000000000000000000000000000..ac3b07f2bd31dbe0229efdea7bc5f3c50edb4929
--- /dev/null
+++ b/Jenkinsfile.tmp
@@ -0,0 +1,2 @@
+@Library('DCCSCR@master') _
+dccscrPipeline(version: "7.12.5")
diff --git a/download.yaml b/download.yaml
index 4fffb70168a3c3c465cf4f77d7a56ecf532f067b..1e5b306815a5557f0e1583daa92f1d7ef2e23084 100644
--- a/download.yaml
+++ b/download.yaml
@@ -1,3 +1,3 @@
resources:
- - url: "docker://docker.bintray.io/jfrog/artifactory-oss@sha256:9792ca19a3a723a23ad6b41ad34fd7c2e5b6a5088ebd8b2a79cd7cd45067dbda"
- tag: "docker.bintray.io/jfrog/artifactory-oss:7.11.5"
\ No newline at end of file
+ - url: "docker://docker.bintray.io/jfrog/artifactory-oss@sha256:bc53370d6cc3457c56fe7cb11a38cb606ea4b2116f9dbd3a5b84e70ea3b531de"
+ tag: "docker.bintray.io/jfrog/artifactory-oss:7.12.5"
\ No newline at end of file
diff --git a/helm/CHANGELOG.md b/helm/CHANGELOG.md
index fe189f65dc3c99222bdce6beee6a51ff998307c1..1d53cbaa855419a82d4c6a37a60c5e280c34d53d 100644
--- a/helm/CHANGELOG.md
+++ b/helm/CHANGELOG.md
@@ -1,6 +1,9 @@
# JFrog Artifactory OSS Chart Changelog
All changes to this chart will be documented in this file.
+## [3.4.0] - Jan 4, 2020
+* Update dependency Artifactory chart version to 11.7.4 (Artifactory 7.12.5)
+
## [3.3.1] - Dec 1, 2020
* Update dependency Artifactory chart version to 11.5.4 (Artifactory 7.11.5)
diff --git a/helm/Chart.yaml b/helm/Chart.yaml
index 1634703cc726bfedb6bd7bf138ab94ebc73d3df1..640dedd9199a1e6884b8cd60739aac564c1f5b1c 100644
--- a/helm/Chart.yaml
+++ b/helm/Chart.yaml
@@ -1,5 +1,5 @@
apiVersion: v1
-appVersion: 7.11.5
+appVersion: 7.12.5
description: JFrog Artifactory OSS
home: https://www.jfrog.com/artifactory/
icon: https://raw.githubusercontent.com/jfrog/charts/master/stable/artifactory/logo/artifactory-logo.png
@@ -15,4 +15,4 @@ maintainers:
name: artifactory-oss
sources:
- https://github.com/jfrog/charts
-version: 3.3.1
+version: 3.4.0
diff --git a/helm/charts/artifactory/CHANGELOG.md b/helm/charts/artifactory/CHANGELOG.md
index 792e8d21b52cc498a54b5b9427f29bd6128e657c..9a35fa0e6275cbb4b7b7e0a827a04b9a5aeb5471 100644
--- a/helm/charts/artifactory/CHANGELOG.md
+++ b/helm/charts/artifactory/CHANGELOG.md
@@ -1,6 +1,36 @@
# JFrog Artifactory Chart Changelog
All changes to this chart will be documented in this file.
+## [11.7.4] - Jan 04, 2020
+* Fixed gid support for statefulset
+
+## [11.7.3] - Dec 31, 2020
+* Added gid support for statefulset
+* Add setSecurityContext flag to allow securityContext block to be removed from artifactory statefulset
+
+## [11.7.2] - Dec 29, 2020
+* **Important:** Removed `.Values.metrics` and `.Values.fluentd` (Fluentd and Prometheus integrations)
+* Add support for creating additional kubernetes resources - [refer here](https://github.com/jfrog/log-analytics-prometheus/blob/master/artifactory-values.yaml)
+* Updated Artifactory version to 7.12.5
+
+## [11.7.1] - Dec 21, 2020
+* Updated Artifactory version to 7.12.3
+
+## [11.7.0] - Dec 18, 2020
+* Updated Artifactory version to 7.12.2
+* Added `.Values.artifactory.openMetrics.enabled`
+
+## [11.6.1] - Dec 11, 2020
+* Added configurable `.Values.global.versions.artifactory` in values.yaml
+
+## [11.6.0] - Dec 10, 2020
+* Update postgresql tag version to `12.5.0-debian-10-r25`
+* Fixed `artifactory.persistence.googleStorage.endpoint` from `storage.googleapis.com` to `commondatastorage.googleapis.com`
+* Updated chart maintainers email
+
+## [11.5.5] - Dec 4, 2020
+* **Important:** Renamed `.Values.systemYaml` to `.Values.systemYamlOverride`
+
## [11.5.4] - Dec 1, 2020
* Improve error message returned when attempting helm upgrade command
diff --git a/helm/charts/artifactory/Chart.yaml b/helm/charts/artifactory/Chart.yaml
index 33ef6d04e3bac312b4611d2ef9e73262f9784850..4f98e28e340432a56af891e89f648a1f62010e01 100644
--- a/helm/charts/artifactory/Chart.yaml
+++ b/helm/charts/artifactory/Chart.yaml
@@ -1,5 +1,5 @@
apiVersion: v1
-appVersion: 7.11.5
+appVersion: 7.12.5
description: Universal Repository Manager supporting all major packaging formats,
build tools and CI servers.
home: https://www.jfrog.com/artifactory/
@@ -9,10 +9,10 @@ keywords:
- jfrog
- devops
maintainers:
-- email: helm@jfrog.com
+- email: installers@jfrog.com
name: Chart Maintainers at JFrog
name: artifactory
sources:
- https://bintray.com/jfrog/product/JFrog-Artifactory-Pro/view
- https://github.com/jfrog/charts
-version: 11.5.4
+version: 11.7.4
diff --git a/helm/charts/artifactory/README.md b/helm/charts/artifactory/README.md
index 7e82fcdd9c46ba6e4b8863b348376dadb9f83f8b..9c7551c92ac2dc543b9bff8aeeecc0edaa81aeba 100644
--- a/helm/charts/artifactory/README.md
+++ b/helm/charts/artifactory/README.md
@@ -1134,35 +1134,16 @@ helm upgrade --install nginx-ingress --namespace nginx-ingress center/kubernetes
```
This will start sending your Artifactory logs to the log aggregator of your choice, based on your configuration in the `filebeatYml`
-### Prometheus Metrics
+### Log Analytics
-If you want to enable Prometheus metrics you can use the `metrics` configuration options. By default this option requires that the Promtheus Operator already be deployed and the associated CRDs created.
+#### FluentD, Prometheus and Grafana
-The simplest way is to install Artifactory with the following command:
+To configure Prometheus and Grafana to gather metrics from Artifactory through the use of FluentD, please refer to the log analytics repo:
-```bash
-helm upgrade --install artifactory --namespace artifactory --set metrics.enabled=true center/jfrog/artifactory
-```
-
-This will create a new service exposing the Prometheus metrics as well as a ServiceMonitor object for the Prometheus Operator to start scraping.
-
-The `ServiceMonitor` creation can be disabled by setting `metrics.serviceMonitor.enabled` to `false` for environments that are not using the Prometheus Operator.
-
-```bash
-helm upgrade --install artifactory --namespace artifactory --set metrics.enabled=true --set metrics.serviceMonitor.enabled=false center/jfrog/artifactory
-```
-
-NOTE: Enabling this does NOT create a container which actually parses the log files for metrics. See the Fluentd section below.
-
-### Fluentd
+https://github.com/jfrog/log-analytics-prometheus
-The suggested way to parse the log files for metrics is to install Fluentd as a sidecar container. This can be done with the `fluentd` configuration options.
-
-```bash
-helm upgrade --install artifactory --namespace artifactory --set fluentd.enabled=true center/jfrog/artifactory
-```
+That repo contains a file `artifactory-values.yaml` that can be used to deploy Prometheus, Service Monitor, and Grafana with this chart.
-This will install Artifactory with Fluentd running as a sidecar container sharing the persistent volume where the log files are written.
## Useful links
- https://www.jfrog.com/confluence/display/EP/Getting+Started
diff --git a/helm/charts/artifactory/ci/access-tls-values.yaml b/helm/charts/artifactory/ci/access-tls-values.yaml
index 10d8f0047249a59f199622a8c823fc7c44958225..4dabc956eeb1f27ef0f8b826f4a2b017f46d4a68 100644
--- a/helm/charts/artifactory/ci/access-tls-values.yaml
+++ b/helm/charts/artifactory/ci/access-tls-values.yaml
@@ -1,6 +1,8 @@
databaseUpgradeReady: true
# To Fix ct tool --reuse-values - PASSWORDS ERROR: you must provide your current passwords when upgrade the release
postgresql:
+ image:
+ tag: 12.3.0-debian-10-r71
postgresqlPassword: password
access:
accessConfig:
diff --git a/helm/charts/artifactory/ci/global-values.yaml b/helm/charts/artifactory/ci/global-values.yaml
index 970036095f3f55fcf592ea0fb70a4780540e6ac4..8c964a8228eb7b449990031946cfdc6d2dd812fa 100644
--- a/helm/charts/artifactory/ci/global-values.yaml
+++ b/helm/charts/artifactory/ci/global-values.yaml
@@ -3,6 +3,8 @@ databaseUpgradeReady: true
postgresql:
postgresqlPassword: password
global:
+ versions:
+ artifactory: 7.11.2
masterKey: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
joinKey: EEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEE
customInitContainers: |
diff --git a/helm/charts/artifactory/templates/_helpers.tpl b/helm/charts/artifactory/templates/_helpers.tpl
index 24c607883c79426ac6de029ba3b4fab5c6c375a9..14b571f91df0a6d3ef4aa7d970097e6858995b48 100644
--- a/helm/charts/artifactory/templates/_helpers.tpl
+++ b/helm/charts/artifactory/templates/_helpers.tpl
@@ -214,6 +214,9 @@ Return the proper artifactory chart image names
{{- $repositoryName := index $dot.Values $indexReference "image" "repository" -}}
{{- $tag := default $dot.Chart.AppVersion (index $dot.Values $indexReference "image" "tag") | toString -}}
{{- if $dot.Values.global }}
+ {{- if and $dot.Values.global.versions.artifactory (or (eq $indexReference "artifactory") (eq $indexReference "nginx") ) }}
+ {{- $tag = $dot.Values.global.versions.artifactory | toString -}}
+ {{- end -}}
{{- if $dot.Values.global.imageRegistry }}
{{- printf "%s/%s:%s" $dot.Values.global.imageRegistry $repositoryName $tag -}}
{{- else -}}
@@ -222,4 +225,13 @@ Return the proper artifactory chart image names
{{- else -}}
{{- printf "%s/%s:%s" $registryName $repositoryName $tag -}}
{{- end -}}
-{{- end -}}
\ No newline at end of file
+{{- end -}}
+
+{{/*
+Return the proper artifactory app version
+*/}}
+{{- define "artifactory.app.version" -}}
+{{- $image := split ":" ((include "artifactory.getImageInfoByValue" (list . "artifactory")) | toString) -}}
+{{- $tag := $image._1 -}}
+{{- printf "%s" $tag -}}
+{{- end -}}
diff --git a/helm/charts/artifactory/templates/additional-resources.yaml b/helm/charts/artifactory/templates/additional-resources.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..c4d06f08ad3f38d9feeb9c414a7af4f662601150
--- /dev/null
+++ b/helm/charts/artifactory/templates/additional-resources.yaml
@@ -0,0 +1,3 @@
+{{ if .Values.additionalResources }}
+{{ tpl .Values.additionalResources . }}
+{{- end -}}
diff --git a/helm/charts/artifactory/templates/artifactory-statefulset.yaml b/helm/charts/artifactory/templates/artifactory-statefulset.yaml
index f93e59683017d5c24fab645734169fcebda1a6c2..524fcbcbf33d589485cddae7e32e5eee488d40ff 100644
--- a/helm/charts/artifactory/templates/artifactory-statefulset.yaml
+++ b/helm/charts/artifactory/templates/artifactory-statefulset.yaml
@@ -62,9 +62,11 @@ spec:
{{- if or .Values.imagePullSecrets .Values.global.imagePullSecrets }}
{{- include "artifactory.imagePullSecrets" . | indent 6 }}
{{- end }}
+ {{- if .Values.artifactory.setSecurityContext }}
securityContext:
runAsUser: {{ .Values.artifactory.uid }}
- fsGroup: {{ .Values.artifactory.uid }}
+ fsGroup: {{ .Values.artifactory.gid }}
+ {{- end }}
initContainers:
{{- if or .Values.artifactory.customInitContainersBegin .Values.global.customInitContainersBegin }}
{{ tpl (include "artifactory.customInitContainersBegin" .) . | indent 6 }}
@@ -133,8 +135,8 @@ spec:
echo "Copy system.yaml to {{ .Values.artifactory.persistence.mountPath }}/etc";
mkdir -p {{ .Values.artifactory.persistence.mountPath }}/etc;
mkdir -p {{ .Values.artifactory.persistence.mountPath }}/etc/access/keys/trusted;
- {{- if .Values.systemYaml.existingSecret }}
- cp -fv /tmp/etc/{{ .Values.systemYaml.dataKey }} {{ .Values.artifactory.persistence.mountPath }}/etc/system.yaml;
+ {{- if .Values.systemYamlOverride.existingSecret }}
+ cp -fv /tmp/etc/{{ .Values.systemYamlOverride.dataKey }} {{ .Values.artifactory.persistence.mountPath }}/etc/system.yaml;
{{- else }}
cp -fv /tmp/etc/system.yaml {{ .Values.artifactory.persistence.mountPath }}/etc/system.yaml;
{{- end }}
@@ -184,11 +186,11 @@ spec:
volumeMounts:
- name: artifactory-volume
mountPath: {{ .Values.artifactory.persistence.mountPath | quote }}
- {{- if or .Values.systemYaml.existingSecret .Values.artifactory.systemYaml }}
+ {{- if or .Values.systemYamlOverride.existingSecret .Values.artifactory.systemYaml }}
- name: systemyaml
- {{- if .Values.systemYaml.existingSecret }}
- mountPath: "/tmp/etc/{{.Values.systemYaml.dataKey}}"
- subPath: {{ .Values.systemYaml.dataKey }}
+ {{- if .Values.systemYamlOverride.existingSecret }}
+ mountPath: "/tmp/etc/{{.Values.systemYamlOverride.dataKey}}"
+ subPath: {{ .Values.systemYamlOverride.dataKey }}
{{- else if .Values.artifactory.systemYaml }}
mountPath: "/tmp/etc/system.yaml"
subPath: system.yaml
@@ -216,8 +218,8 @@ spec:
- 'sh'
- '-c'
- >
- echo "Setting ownership {{ .Values.artifactory.uid }}:{{ .Values.artifactory.uid }} on PVC {{ .Values.artifactory.customPersistentPodVolumeClaim.name }}"
- chown -Rv {{ .Values.artifactory.uid }}:{{ .Values.artifactory.uid }} {{ .Values.artifactory.customPersistentPodVolumeClaim.mountPath }}
+ echo "Setting ownership {{ .Values.artifactory.uid }}:{{ .Values.artifactory.gid }} on PVC {{ .Values.artifactory.customPersistentPodVolumeClaim.name }}"
+ chown -Rv {{ .Values.artifactory.uid }}:{{ .Values.artifactory.gid }} {{ .Values.artifactory.customPersistentPodVolumeClaim.mountPath }}
securityContext:
runAsUser: 0
volumeMounts:
@@ -263,7 +265,7 @@ spec:
cp -fv /tmp/migrationHelmInfo.yaml $scriptsPath/migrationHelmInfo.yaml;
cp -fv /tmp/migrationStatus.sh $scriptsPath/migrationStatus.sh;
mkdir -p {{ .Values.artifactory.persistence.mountPath }}/log;
- bash $scriptsPath/migrationStatus.sh {{ default .Chart.AppVersion .Values.artifactory.image.tag }} {{ .Values.artifactory.migration.timeoutSeconds }} > >(tee {{ .Values.artifactory.persistence.mountPath }}/log/helm-migration.log) 2>&1;
+ bash $scriptsPath/migrationStatus.sh {{ include "artifactory.app.version" . }} {{ .Values.artifactory.migration.timeoutSeconds }} > >(tee {{ .Values.artifactory.persistence.mountPath }}/log/helm-migration.log) 2>&1;
env:
{{- if and (not .Values.waitForDatabase) (not .Values.postgresql.enabled) }}
- name: SKIP_WAIT_FOR_EXTERNAL_DB
@@ -568,20 +570,6 @@ spec:
{{ toYaml .Values.filebeat.resources | indent 10 }}
terminationGracePeriodSeconds: {{ .Values.terminationGracePeriod }}
{{- end }}
- {{- if .Values.fluentd.enabled }}
- - name: fluentd
- image: "{{ .Values.fluentd.image.repository }}:{{ .Values.fluentd.image.tag }}"
- volumeMounts:
- - mountPath: /opt/bitnami/fluentd/conf/
- name: fluentd-config
- - mountPath: "{{ .Values.artifactory.persistence.mountPath }}"
- name: artifactory-volume
- env:
- - name: JF_PRODUCT_DATA_INTERNAL
- value: {{ .Values.artifactory.persistence.mountPath }}
- - name: FLUENTD_CONF
- value: fluentd.conf
- {{- end }}
{{- if or .Values.artifactory.customSidecarContainers .Values.global.customSidecarContainers }}
{{ tpl (include "artifactory.customSidecarContainers" .) . | indent 6 }}
{{- end }}
@@ -673,10 +661,10 @@ spec:
emptyDir:
sizeLimit: {{ .Values.artifactory.persistence.size }}
{{- end }}
- {{- if or .Values.systemYaml.existingSecret .Values.artifactory.systemYaml }}
+ {{- if or .Values.systemYamlOverride.existingSecret .Values.artifactory.systemYaml }}
- name: systemyaml
secret:
- secretName: {{ default (printf "%s-%s" (include "artifactory.fullname" .) "systemyaml") .Values.systemYaml.existingSecret }}
+ secretName: {{ default (printf "%s-%s" (include "artifactory.fullname" .) "systemyaml") .Values.systemYamlOverride.existingSecret }}
{{- end }}
{{- if .Values.access.accessConfig }}
- name: access-config
@@ -706,11 +694,6 @@ spec:
emptyDir:
sizeLimit: {{ .Values.artifactory.persistence.size }}
{{- end }}
- {{- if .Values.fluentd.enabled }}
- - name: fluentd-config
- configMap:
- name: {{ template "artifactory.name" . }}-fluentd-config
- {{- end }}
{{- with .Values.artifactory.persistence }}
{{- if and .enabled (not .existingClaim) }}
volumeClaimTemplates:
diff --git a/helm/charts/artifactory/templates/artifactory-system-yaml.yaml b/helm/charts/artifactory/templates/artifactory-system-yaml.yaml
index 2efebcf08e7050f5c1fb3c318374241030fa7567..f36879218b2d2ec1e6b44f33326a3236b6235126 100644
--- a/helm/charts/artifactory/templates/artifactory-system-yaml.yaml
+++ b/helm/charts/artifactory/templates/artifactory-system-yaml.yaml
@@ -1,4 +1,4 @@
-{{- if not .Values.systemYaml.existingSecret }}
+{{- if not .Values.systemYamlOverride.existingSecret }}
apiVersion: v1
kind: Secret
metadata:
diff --git a/helm/charts/artifactory/templates/fluentd-configmap.yaml b/helm/charts/artifactory/templates/fluentd-configmap.yaml
deleted file mode 100644
index 7d6e09a340af83cf633746633d4b65f268884c40..0000000000000000000000000000000000000000
--- a/helm/charts/artifactory/templates/fluentd-configmap.yaml
+++ /dev/null
@@ -1,14 +0,0 @@
-{{- if .Values.fluentd.enabled }}
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ template "artifactory.name" . }}-fluentd-config
- labels:
- app: {{ template "artifactory.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version }}
- heritage: {{ .Release.Service | quote }}
- release: {{ .Release.Name | quote }}
-data:
- fluentd.conf: |
-{{ tpl .Values.fluentd.fluentdConf . | indent 4 }}
-{{- end -}}
diff --git a/helm/charts/artifactory/templates/metrics-service.yaml b/helm/charts/artifactory/templates/metrics-service.yaml
deleted file mode 100644
index 277b6d5eb9b3e662b897fd3351d80c3dbd9260ed..0000000000000000000000000000000000000000
--- a/helm/charts/artifactory/templates/metrics-service.yaml
+++ /dev/null
@@ -1,25 +0,0 @@
-{{- if .Values.metrics.enabled }}
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ template "artifactory.fullname" . }}-metrics
- labels:
- app: {{ template "artifactory.name" . }}
- chart: {{ template "artifactory.chart" . }}
- component: metrics
- heritage: {{ .Release.Service }}
- release: {{ .Release.Name }}
- {{- with .Values.artifactory.labels }}
-{{ toYaml . | indent 4 }}
- {{- end }}
-spec:
- type: {{ .Values.metrics.service.type }}
- ports:
- - name: tcp-metrics
- port: {{ .Values.metrics.service.port }}
- protocol: TCP
- selector:
- app: {{ template "artifactory.name" . }}
- component: "{{ .Values.artifactory.name }}"
- release: {{ .Release.Name }}
-{{- end }}
diff --git a/helm/charts/artifactory/templates/servicemonitor.yaml b/helm/charts/artifactory/templates/servicemonitor.yaml
deleted file mode 100644
index c8aa72ad8b0f746df9eb2d29e3dce59caebe2bd2..0000000000000000000000000000000000000000
--- a/helm/charts/artifactory/templates/servicemonitor.yaml
+++ /dev/null
@@ -1,31 +0,0 @@
-{{- if and .Values.metrics.enabled .Values.metrics.serviceMonitor.enabled }}
-apiVersion: monitoring.coreos.com/v1
-kind: ServiceMonitor
-metadata:
- name: {{ template "artifactory.fullname" . }}
- labels:
- app: {{ template "artifactory.name" . }}
- chart: {{ template "artifactory.chart" . }}
- heritage: {{ .Release.Service }}
- release: {{ .Release.Name }}
- {{- with .Values.metrics.serviceMonitor.labels }}
-{{ toYaml . | indent 4 }}
- {{- end }}
-spec:
- selector:
- matchLabels:
- app: {{ template "artifactory.name" . }}
- component: metrics
- release: {{ .Release.Name }}
- endpoints:
- - port: tcp-metrics
- {{- with .Values.metrics.serviceMonitor }}
- path: {{ .path }}
- {{- with .interval }}
- interval: {{ . }}
- {{- end }}
- {{- with .scrapeTimeout }}
- scrapeTimeout: {{ . }}
- {{- end }}
- {{- end }}
-{{- end }}
diff --git a/helm/charts/artifactory/values.yaml b/helm/charts/artifactory/values.yaml
index 8504c95281c729a8fb4871978bd8b47c0fd8582e..dcbf72fdb08e315579ab65ece56f4573b2d56095 100644
--- a/helm/charts/artifactory/values.yaml
+++ b/helm/charts/artifactory/values.yaml
@@ -5,9 +5,15 @@
# Access the values with {{ .Values.key.subkey }}
-global: {}
+global:
+ # imageRegistry: docker.bintray.io
# imagePullSecrets:
# - myRegistryKeySecretName
+ ## Chart.AppVersion can be overidden using global.versions.artifactory or .Values.artifactory.image.tag
+ ## Note: Order of preference is 1) global.versions 2) .Values.artifactory.image.tag 3) Chart.AppVersion
+ ## This applies also for nginx images (.Values.nginx.image.tag)
+ versions: {}
+ # artifactory:
# joinKey:
# masterKey:
# joinKeySecretName:
@@ -48,10 +54,10 @@ installerInfo: '{"productId": "Helm_artifactory/{{ .Chart.Version }}", "features
## Artifactory systemYaml override
## This is for advanced usecases where users wants to provide their own systemYaml for configuring artifactory
## Refer: https://www.jfrog.com/confluence/display/JFROG/Artifactory+System+YAML
-## Note: This will override existing systemYaml in values.yaml
+## Note: This will override existing (default) .Values.artifactory.systemYaml in values.yaml
## Alternatively, systemYaml can be overidden via customInitContainers using external sources like vaults, external repositories etc. Please refer customInitContainer section below for an example.
-## Note: Order of preference is 1) customInitContainers 2) systemYaml existingSecret 3) default systemYaml in values.yaml
-systemYaml:
+## Note: Order of preference is 1) customInitContainers 2) systemYamlOverride existingSecret 3) default systemYaml in values.yaml
+systemYamlOverride:
## You can use a pre-existing secret by specifying existingSecret
existingSecret:
## The dataKey should be the name of the secret data key created.
@@ -174,6 +180,12 @@ artifactory:
maxThreads: 200
extraConfig: 'acceptCount="100"'
+ # Support for open metrics is only available for Artifactory 7.7.x (appVersions) and above.
+ # To enable set `.Values.artifactory.openMetrics.enabled` to `true`
+ # Refer - https://www.jfrog.com/confluence/display/JFROG/Open+Metrics
+ openMetrics:
+ enabled: false
+
# Files to copy to ARTIFACTORY_HOME/ on each Artifactory startup
copyOnEveryStartup:
# # Absolute path
@@ -477,6 +489,10 @@ artifactory:
{{- end }}
{{- end }}
artifactory:
+ {{- if .Values.artifactory.openMetrics }}
+ metrics:
+ enabled: {{ .Values.artifactory.openMetrics.enabled }}
+ {{- end }}
database:
maxOpenConnections: {{ .Values.artifactory.database.maxOpenConnections }}
tomcat:
@@ -538,8 +554,13 @@ artifactory:
externalArtifactoryPort: 8081
internalArtifactoryPort: 8081
uid: 1030
+ gid: 1030
terminationGracePeriodSeconds: 30
+ ## By default, the Artifactory StatefulSet is created with a securityContext that sets the `runAsUser` and the `fsGroup` to the `artifactory.uid` value.
+ ## If you want to disable the securityContext for the Artifactory StatefulSet, set this tag to false
+ setSecurityContext: true
+
## The following settings are to configure the frequency of the liveness and readiness probes
livenessProbe:
enabled: true
@@ -813,7 +834,7 @@ artifactory:
## For artifactory.persistence.type google-storage
googleStorage:
- endpoint: storage.googleapis.com
+ endpoint: commondatastorage.googleapis.com
httpsOnly: false
# Set a unique bucket name
bucketName: "artifactory-gcp"
@@ -1235,7 +1256,7 @@ postgresql:
image:
registry: docker.bintray.io
repository: bitnami/postgresql
- tag: 12.3.0-debian-10-r71
+ tag: 12.5.0-debian-10-r25
postgresqlUsername: artifactory
postgresqlPassword: ""
postgresqlDatabase: artifactory
@@ -1349,372 +1370,7 @@ filebeat:
logstash:
hosts: ["{{ .Values.filebeat.logstashUrl }}"]
-## Prometheus Exporter / Metrics
-##
-metrics:
- enabled: false
-
- service:
- port: 24231
- type: ClusterIP
-
- ## Prometheus Operator ServiceMonitor configuration
- ##
- serviceMonitor:
- enabled: true
- path: "/metrics"
- labels: {}
-
- ## Interval at which metrics should be scraped
- ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint
- ##
- # interval:
-
- ## Timeout after which the scrape is ended
- ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#endpoint
- ##
- # scrapeTimeout:
-
-## Fluentd Sidecar Container
-##
-fluentd:
- enabled: false
-
- image:
- ## The Bitnami Fluentd image has the Prometheus plugin pre-installed.
- ##
- repository: docker.io/bitnami/fluentd
- tag: 1.11.2
-
- fluentdConf: |
- ## Prometheus Input Plugin Configuration
-
- # input plugin that exports metrics
-
- @type prometheus
- port {{ .Values.metrics.service.port }}
- metrics_path {{ .Values.metrics.serviceMonitor.path }}
-
-
-
- @type monitor_agent
-
-
-
- @type forward
-
-
- # input plugin that collects metrics from MonitorAgent
-
- @type prometheus_monitor
-
- host ${hostname}
-
-
-
- # input plugin that collects metrics for output plugin
-
- @type prometheus_output_monitor
-
- host ${hostname}
-
-
-
- # input plugin that collects metrics for in_tail plugin
-
- @type prometheus_tail_monitor
-
- host ${hostname}
-
-
-
-
- @type tail
- @id access_service_tail
- path "#{ENV['JF_PRODUCT_DATA_INTERNAL']}/log/access-service.log"
- pos_file "#{ENV['JF_PRODUCT_DATA_INTERNAL']}/log/access-service.log.pos"
- tag jfrog.rt.access.service
-
- @type none
-
-
-
- @type tail
- @id artifactory_service_tail
- path "#{ENV['JF_PRODUCT_DATA_INTERNAL']}/log/artifactory-service.log"
- pos_file "#{ENV['JF_PRODUCT_DATA_INTERNAL']}/log/artifactory-service.log.pos"
- tag jfrog.rt.artifactory.service
-
- @type none
-
-
-
- @type tail
- @id frontend_service_tail
- path "#{ENV['JF_PRODUCT_DATA_INTERNAL']}/log/frontend-service.log"
- pos_file "#{ENV['JF_PRODUCT_DATA_INTERNAL']}/log/frontend-service.log.pos"
- tag jfrog.rt.frontend.service
-
- @type none
-
-
-
- @type tail
- @id metadata_service_tail
- path "#{ENV['JF_PRODUCT_DATA_INTERNAL']}/log/metadata-service.log"
- pos_file "#{ENV['JF_PRODUCT_DATA_INTERNAL']}/log/metadata-service.log.pos"
- tag jfrog.rt.metadata.service
-
- @type none
-
-
-
- @type tail
- @id router_service_tail
- path "#{ENV['JF_PRODUCT_DATA_INTERNAL']}/log/router-service.log"
- pos_file "#{ENV['JF_PRODUCT_DATA_INTERNAL']}/log/router-service.log.pos"
- tag jfrog.rt.router.service
-
- @type none
-
-
- # Strip out color codes then field extract the service fields
-
- @type record_transformer
- enable_ruby true
-
- message ${record["message"].gsub(/\e\[([;\d]+)?m/, '')}
-
-
-
- @type parser
- key_name message
-
- @type multiline
- format_firstline /\d{4}-\d{1,2}-\d{1,2}/
- format1 /^(?[^ ]*) \[(?[^\]]*)\] \[(?[^\]]*)\] \[(?[^\]]*)\] \[(?.*)\] \[(?.*)\] -(?.*)$/
- time_key timestamp
- time_format %Y-%m-%dT%H:%M:%S.%LZ
-
-
- # End Service Fields Extraction
-
- @type tail
- @id router_traefik_tail
- path "#{ENV['JF_PRODUCT_DATA_INTERNAL']}/log/router-traefik.log"
- pos_file "#{ENV['JF_PRODUCT_DATA_INTERNAL']}/log/router-traefik.log.pos"
- tag jfrog.rt.router.traefik
-
- @type multiline
- format_firstline /\d{4}-\d{1,2}-\d{1,2}/
- format1 /^(?[^ ]*) \[(?[^\]]*)\] \[(?[^\]]*)\] \[(?[^\]]*)\] \[(?.*)\] \[(?.*)\] - (?.+)$/
- time_key timestamp
- time_format %Y-%m-%dT%H:%M:%S.%LZ
-
-
-
- @type tail
- @id access_request_tail
- path "#{ENV['JF_PRODUCT_DATA_INTERNAL']}/log/access-request.log"
- pos_file "#{ENV['JF_PRODUCT_DATA_INTERNAL']}/log/access-request.log.pos"
- tag jfrog.rt.access.request
-
- @type regexp
- expression ^(?[^ ]*)\|(?[^\|]*)\|(?[^\|]*)\|(?[^\|]*)\|(?[^\|]*)\|(?[^\|]*)\|(?[^\|]*)\|(?[^\|]*)\|(?[^\|]*)\|(?[^\|]*)\|(?.+)$
- time_key timestamp
- time_format %Y-%m-%dT%H:%M:%S.%LZ
-
-
-
- @type tail
- @id artifactory_request_tail
- path "#{ENV['JF_PRODUCT_DATA_INTERNAL']}/log/artifactory-request.log"
- pos_file "#{ENV['JF_PRODUCT_DATA_INTERNAL']}/log/artifactory-request.log.pos"
- tag jfrog.rt.artifactory.request
-
- @type regexp
- expression ^(?[^ ]*)\|(?[^\|]*)\|(?[^\|]*)\|(?[^\|]*)\|(?[^\|]*)\|(?[^\|]*)\|(?[^\|]*)\|(?[^\|]*)\|(?[^\|]*)\|(?[^\|]*)\|(?.+)$
- time_key timestamp
- time_format %Y-%m-%dT%H:%M:%S.%LZ
- types response_content_length:integer, request_content_length:integer, return_status_code:integer
-
-
-
- @type record_transformer
- enable_ruby true
-
- repo ${!record["request_url"].strip().start_with?("/api") ? (record["request_url"].strip().split('/')[1]) : ("")}
- artifact ${!record["request_url"].strip().start_with?("/api") ? (val = record["request_url"].strip().split('/'); val[val.length()-1]) : ("")}
- dockerRepo ${record["request_url"].strip().include?("/api/docker") && !record["request_url"].include?("/api/docker/null") && !record["request_url"].include?("/api/docker/v2") ? (record["request_url"].strip().split('/')[3]) : ("")}
- dockerImage ${record["request_url"].strip().include?("/api/docker") && !record["request_url"].include?("/api/docker/null") && !record["request_url"].include?("/api/docker/v2") ? (record["request_url"].strip().split('/')[5]) : ("")}
- data_download ${record["response_content_length"] == -1 ? 0 : record["response_content_length"]}
- data_upload ${record["request_content_length"] == -1 ? 0 : record["request_content_length"]}
-
-
-
- @type tail
- @id frontend_request_tail
- path "#{ENV['JF_PRODUCT_DATA_INTERNAL']}/log/frontend-request.log"
- pos_file "#{ENV['JF_PRODUCT_DATA_INTERNAL']}/log/frontend-request.log.pos"
- tag jfrog.rt.frontend.request
-
- @type regexp
- expression ^(?[^ ]*)\|(?[^\|]*)\|(?[^\|]*)\|(?[^\|]*)\|(?[^\|]*)\|(?[^\|]*)\|(?[^\|]*)\|(?[^\|]*)\|(?[^\|]*)\|(?[^\|]*)\|(?.+)$
- time_key timestamp
- time_format %Y-%m-%dT%H:%M:%S.%LZ
-
-
-
- @type tail
- @id metadata_request_tail
- path "#{ENV['JF_PRODUCT_DATA_INTERNAL']}/log/metadata-request.log"
- pos_file "#{ENV['JF_PRODUCT_DATA_INTERNAL']}/log/metadata-request.log.pos"
- tag jfrog.rt.metadata.request
-
- @type regexp
- expression ^(?[^ ]*)\|(?[^\|]*)\|(?[^\|]*)\|(?[^\|]*)\|(?[^\|]*)\|(?[^\|]*)\|(?[^\|]*)\|(?[^\|]*)\|(?[^\|]*)\|(?[^\|]*)\|(?.+)$
- time_key timestamp
- time_format %Y-%m-%dT%H:%M:%S.%LZ
-
-
-
- @type tail
- @id router_request_tail
- path "#{ENV['JF_PRODUCT_DATA_INTERNAL']}/log/router-request.log"
- pos_file "#{ENV['JF_PRODUCT_DATA_INTERNAL']}/log/router-request.log.pos"
- tag jfrog.rt.router.request
-
- @type json
- time_key time
- time_format %Y-%m-%dT%H:%M:%SZ
-
-
-
- @type tail
- @id artifactory_access_tail
- path "#{ENV['JF_PRODUCT_DATA_INTERNAL']}/log/artifactory-access.log"
- pos_file "#{ENV['JF_PRODUCT_DATA_INTERNAL']}/log/artifactory-access.log.pos"
- tag jfrog.rt.artifactory.access
-
- @type regexp
- expression /^(?[^ ]*) \[(?[^\]]*)\] \[(?[^\]]*)\] (?.*) for client : (?.+)/(?.+)$/
- time_key timestamp
- time_format %Y-%m-%dT%H:%M:%S.%LZ
-
-
-
- @type tail
- @id access_security_audit_tail
- path "#{ENV['JF_PRODUCT_DATA_INTERNAL']}/log/access-security-audit.log"
- pos_file "#{ENV['JF_PRODUCT_DATA_INTERNAL']}/log/access-security-audit.log.pos"
- tag jfrog.rt.access.audit
-
- @type regexp
- expression /^(?[^ ]*)\|(?[^ ]*)\|(?[^ ]*)\|(?[^ ]*)\|(?[^ ]*)\|(?[^ ]*)\|(?[^ ]*)\|(?[^ ]*)\|(?.*)/
- time_key timestamp
- time_format %Y-%m-%dT%H:%M:%S.%LZ
-
-
-
- # WHAT LOG IT WAS INTO THE JSON
-
- @type record_transformer
-
- log_source ${tag}
-
-
-
-
- @type prometheus
-
-
- name jfrog_rt_data_download
- type gauge
- desc artifactory data download
- key data_download
-
- host ${hostname}
- remote_address ${remote_address}
- repo ${repo}
- response_content_length ${response_content_length}
- data_download ${data_download}
-
-
-
-
- name jfrog_rt_data_upload
- type gauge
- desc artifactory data upload
- key data_upload
-
- host ${hostname}
- remote_address ${remote_address}
- repo ${repo}
- request_content_length ${request_content_length}
- data_upload ${data_upload}
-
-
-
-
- name jfrog_rt_req
- type counter
- desc artifactory requests
-
- host ${hostname}
- request_url ${request_url}
- return_status ${return_status}
- repo ${repo}
- artifact ${artifact}
- dockerRepo ${dockerRepo}
- dockerImage ${dockerImage}
- remote_address ${remote_address}
-
-
-
-
-
- @type prometheus
-
- name jfrog_rt_log_level
- type counter
- desc artifactory log_levels
-
- host ${hostname}
- log_level ${log_level}
-
-
-
-
-
- @type prometheus
-
-
- name jfrog_rt_access
- type counter
- desc artifactory access
-
- host ${hostname}
- username ${username}
- action_response ${action_response}
- ip ${ip}
-
-
-
-
-
-
- @type prometheus
-
-
- name jfrog_rt_access_audit
- type counter
- desc artifactory access audit
-
- host ${hostname}
- user ${user}
- event_type ${event_type}
- event ${event}
-
-
-
-
+## Allows to add additional kubernetes resources
+## Use --- as a separator between multiple resources
+## For an example, refer - https://github.com/jfrog/log-analytics-prometheus/blob/master/artifactory-values.yaml
+additionalResources: |
diff --git a/helm/requirements.lock b/helm/requirements.lock
index 4cdfd3bf89d9b5c11b3106f50fabcb52656b4310..30dc8894a7d4b59b223bc22fa1cb460bae0717a6 100644
--- a/helm/requirements.lock
+++ b/helm/requirements.lock
@@ -1,6 +1,6 @@
dependencies:
- name: artifactory
repository: https://charts.jfrog.io/
- version: 11.5.4
-digest: sha256:90c74353267158f68a4967bc39f60a72bb591dea2459efcf58f73e5d3fb1b0e1
-generated: "2020-12-01T21:29:51.210319+05:30"
+ version: 11.7.4
+digest: sha256:a4c52f49f154be6434a9a37474eee556de8d97a487be9dec923124a64651aac8
+generated: "2021-01-04T14:56:47.550996+05:30"
diff --git a/helm/requirements.yaml b/helm/requirements.yaml
index 4f90becd4544be4c06b66c5c1330ea3ea21c5fa2..4ad868b8a386e56d07c19c21c2045bcc6e2be3f6 100644
--- a/helm/requirements.yaml
+++ b/helm/requirements.yaml
@@ -1,4 +1,4 @@
dependencies:
- name: artifactory
- version: 11.5.4
- repository: https://charts.jfrog.io/
\ No newline at end of file
+ version: 11.7.4
+ repository: https://charts.jfrog.io/