UNCLASSIFIED

Skip to content

GitLab

Commit ecfdde65 authored by Christopher McGrath's avatar Christopher McGrath
Browse files

Initial commit with scaffolding for BB Package structure

parent e4d6dc0f
Expand all Hide whitespace changes
Inline Side-by-side
Showing with 1204 additions and 0 deletions
CODEOWNERS 0 → 100644
View file @ ecfdde65
* @kevin.wilder @ariel.shnitzer @grant.duncklee
\ No newline at end of file
README.md
View file @ ecfdde65
# Nexus # Nexus
This is a fork of the upstream Helm charts for installing Nexus Artifactor Repository Pro (i.e. Licenced Paid Version)
## Originally sourced from upstream, and minimially modified.
Steps performed:
```
kpt pkg get https://github.com/Oteemo/charts.git/charts/sonatype-nexus@sonatype-nexus-4.2.0 chart/
```
## Upstream Changes
* TODO: no diff from upstream yet
## Iron Bank
You can `pull` the registry1 images for:
* Nexus [here](https://registry1.dso.mil/harbor/projects/3/repositories/sonatype%2Fnexus%2Fnexus) and view the container approval [here](https://ironbank.dso.mil/repomap/sonatype/nexus)
* Nexus IQ Server [here](https://registry1.dso.mil/harbor/projects/3/repositories/sonatype%2Fnexus-iq-server%2Fnexus-iq-server) and view the container approval [here](https://ironbank.dso.mil/repomap/sonatype/nexus-iq-server)
chart/.helmignore 0 → 100644
View file @ ecfdde65
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*~
# Various IDEs
.project
.idea/
*.tmproj
# OWNERS file for Kubernetes
OWNERS
*.tar
chart/Chart.yaml 0 → 100644
View file @ ecfdde65
apiVersion: v1
name: sonatype-nexus
version: 4.2.0
appVersion: 3.27.0
description: Sonatype Nexus is an open source repository manager
keywords:
- artifacts
- dependency
- management
- sonatype
- nexus
- repository
home: https://www.sonatype.com/nexus-repository-oss
icon: http://www.sonatype.org/nexus/content/uploads/2015/06/Nexus-Logo.jpg
sources:
- https://github.com/sonatype/nexus-public
- https://github.com/travelaudience/docker-nexus
- https://github.com/travelaudience/kubernetes-nexus
- https://github.com/travelaudience/docker-nexus-backup
- https://github.com/dbccompany/docker-nexus-backup
maintainers:
- name: rjkernick
email: rjkernick@gmail.com
- name: tsiddique
email: tsiddique@live.com
chart/Kptfile 0 → 100644
View file @ ecfdde65
apiVersion: kpt.dev/v1alpha1
kind: Kptfile
metadata:
name: chart
upstream:
type: git
git:
commit: 17a9c316624427587ac197ebfcd368ac89883278
repo: https://github.com/Oteemo/charts
directory: /charts/sonatype-nexus
ref: sonatype-nexus-4.2.0
chart/OWNERS 0 → 100644
View file @ ecfdde65
approvers:
- rjkernick
- tsiddique
reviewers:
- rjkernick
- tsiddique
chart/README.md 0 → 100644
View file @ ecfdde65
This diff is collapsed.
chart/templates/NOTES.txt 0 → 100644
View file @ ecfdde65
- To access Nexus:
NOTE: It may take a few minutes for the ingress load balancer to become available or the backends to become HEALTHY.
You can watch the status of the backends by running:
`kubectl get ingress -o jsonpath='{.items[*].metadata.annotations.ingress\.kubernetes\.io/backends}'`
To access Nexus you can check:
{{- if .Values.nexusProxy.env.enforceHttps }}
https://{{ .Values.nexusProxy.env.nexusHttpHost }}
{{- else }}
http://{{ .Values.nexusProxy.env.nexusHttpHost }}
{{- end }}
- Login with the following credentials
username: admin
{{- if .Values.initAdminPassword.enabled }}
password: {{ .Values.initAdminPassword.password }}
{{- else }}
password: {{ .Values.nexusBackup.nexusAdminPassword }}
{{- end }}
{{- if .Values.initAdminPassword.enabled }}
- Change Your password after the first login
{{- if .Values.nexusBackup.enabled }}
Once you login you should change your admin password to match the value of `nexusBackup.env.nexusAdminPassword`
This is important for security reasons and also because backup container needs this password set for admin user
to access Nexus API to run backups.
{{- end }}
{{- end }}
- Next steps in configuration
Please follow the link below to the README for nexus configuration, usage, backups and DR info:
https://github.com/Oteemo/charts/tree/master/charts/sonatype-nexus#after-installing-the-chart
chart/templates/_helpers.tpl 0 → 100644
View file @ ecfdde65
{{/* vim: set filetype=mustache: */}}
{{/*
Expand the name of the chart.
*/}}
{{- define "nexus.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "nexus.fullname" -}}
{{- if .Values.fullnameOverride -}}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
{{- if contains $name .Release.Name -}}
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{/*
Allow the release namespace to be overridden for multi-namespace deployments in combined charts.
*/}}
{{- define "nexus.namespace" -}}
{{- if .Values.namespaceOverride -}}
{{- .Values.namespaceOverride -}}
{{- else -}}
{{- .Release.Namespace -}}
{{- end -}}
{{- end -}}
{{/*
Create a default fully qualified name for proxy keystore secret.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
*/}}
{{- define "nexus.proxy-ks.name" -}}
{{- printf "%s-%s" (include "nexus.fullname" .) "proxy-ks" | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/* Manage the labels for each entity */}}
{{- define "nexus.labels" -}}
app: {{ template "nexus.name" . }}
fullname: {{ template "nexus.fullname" . }}
chart: {{ .Chart.Name }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
{{- end -}}
{{/*
Create a fully qualified name for docker ingress.
*/}}
{{- define "nexus.ingres.docker" -}}
{{- printf "%s-%s" (include "nexus.fullname" .) "docker" | trunc 63 | trimSuffix "-" -}}
{{- end -}}
chart/templates/adtl-configmap.yaml 0 → 100644
View file @ ecfdde65
{{ $root := . }}
{{- if .Values.additionalConfigMaps }}
{{- range $cm := .Values.additionalConfigMaps }}
---
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ $cm.name }}
namespace: {{ template "nexus.namespace" $root }}
labels:
{{ include "nexus.labels" $root | indent 4 }}
{{- if $.Values.nexus.labels }}
{{ toYaml $.Values.nexus.labels | indent 4 }}
{{- end }}
{{- if $cm.labels }}
{{ toYaml $cm.labels | indent 4 }}
{{- end }}
data:
{{ toYaml $cm.data | indent 2 }}
{{- end }}
{{- end }}
chart/templates/backup-pv.yaml 0 → 100644
View file @ ecfdde65
{{- if and .Values.nexusBackup.enabled (not .Values.statefulset.enabled) }}
{{- if .Values.nexusBackup.persistence.pdName -}}
apiVersion: v1
kind: PersistentVolume
metadata:
name: {{ .Values.nexusBackup.persistence.pdName }}
namespace: {{ template "nexus.namespace" . }}
labels:
{{ include "nexus.labels" . | indent 4 }}
spec:
capacity:
storage: {{ .Values.nexusBackup.persistence.storageSize }}
accessModes:
- ReadWriteOnce
claimRef:
name: {{ template "nexus.fullname" . }}-backup
namespace: {{ .Release.Namespace }}
gcePersistentDisk:
pdName: {{ .Values.nexusBackup.persistence.pdName }}
fsType: {{ .Values.nexusBackup.persistence.fsType }}
{{- end }}
{{- end }}
chart/templates/backup-pvc.yaml 0 → 100644
View file @ ecfdde65
{{- if and .Values.nexusBackup.enabled (not .Values.statefulset.enabled) }}
{{- if and .Values.nexusBackup.persistence.enabled (not .Values.nexusBackup.persistence.existingClaim) }}
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: {{ template "nexus.fullname" . }}-backup
namespace: {{ template "nexus.namespace" . }}
labels:
{{ include "nexus.labels" . | indent 4 }}
{{- if .Values.nexusBackup.persistence.annotations }}
annotations:
{{ toYaml .Values.nexusBackup.persistence.annotations | indent 4 }}
{{- end }}
spec:
accessModes:
- {{ .Values.nexusBackup.persistence.accessMode }}
resources:
requests:
storage: {{ .Values.nexusBackup.persistence.storageSize | quote }}
{{- if .Values.nexusBackup.persistence.storageClass }}
{{- if (eq "-" .Values.nexusBackup.persistence.storageClass) }}
storageClassName: ""
{{- else }}
storageClassName: "{{ .Values.nexusBackup.persistence.storageClass }}"
{{- end }}
{{- end }}
{{- end }}
{{- end }}
chart/templates/backup-secret.yaml 0 → 100644
View file @ ecfdde65
{{- if and .Values.nexusBackup.enabled (not .Values.nexusBackup.env.nexusAuthorization) }}
apiVersion: v1
kind: Secret
metadata:
name: {{ template "nexus.fullname" . }}
namespace: {{ template "nexus.namespace" . }}
labels:
{{ include "nexus.labels" . | indent 4 }}
type: Opaque
data:
nexus.nexusAdminPassword: {{ printf "%s%s" "Basic " (printf "%s%s" "admin:" .Values.nexusBackup.nexusAdminPassword | b64enc) | cat | b64enc | quote }}
{{- end }}
chart/templates/cloudiam-pv.yaml 0 → 100644
View file @ ecfdde65
{{- if and .Values.nexusCloudiam.enabled (not .Values.statefulset.enabled) }}
{{- if .Values.nexusCloudiam.persistence.pdName -}}
apiVersion: v1
kind: PersistentVolume
metadata:
name: {{ .Values.nexusCloudiam.persistence.pdName }}
namespace: {{ template "nexus.namespace" . }}
labels:
{{ include "nexus.labels" . | indent 4 }}
spec:
capacity:
storage: {{ .Values.nexusCloudiam.persistence.storageSize }}
accessModes:
- ReadWriteOnce
claimRef:
name: {{ template "nexus.fullname" . }}-cloudiam
namespace: {{ .Release.Namespace }}
gcePersistentDisk:
pdName: {{ .Values.nexusCloudiam.persistence.pdName }}
fsType: {{ .Values.nexusCloudiam.persistence.fsType }}
{{- end }}
{{- end }}
chart/templates/cloudiam-pvc.yaml 0 → 100644
View file @ ecfdde65
{{- if and .Values.nexusCloudiam.enabled (not .Values.statefulset.enabled) }}
{{- if and .Values.nexusCloudiam.persistence.enabled (not .Values.nexusCloudiam.persistence.existingClaim) }}
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: {{ template "nexus.fullname" . }}-cloudiam
namespace: {{ template "nexus.namespace" . }}
labels:
{{ include "nexus.labels" . | indent 4 }}
{{- if .Values.nexusCloudiam.persistence.annotations }}
annotations:
{{ toYaml .Values.nexusCloudiam.persistence.annotations | indent 4 }}
{{- end }}
spec:
accessModes:
- {{ .Values.nexusCloudiam.persistence.accessMode }}
resources:
requests:
storage: {{ .Values.nexusCloudiam.persistence.storageSize | quote }}
{{- if .Values.nexusCloudiam.persistence.storageClass }}
{{- if (eq "-" .Values.nexusCloudiam.persistence.storageClass) }}
storageClassName: ""
{{- else }}
storageClassName: "{{ .Values.nexusCloudiam.persistence.storageClass }}"
{{- end }}
{{- end }}
{{- end }}
{{- end }}
chart/templates/clusterrolebinding.yaml 0 → 100644
View file @ ecfdde65
{{- if .Values.rbac.create -}}
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
name: {{ template "nexus.fullname" . }}
labels:
{{ include "nexus.labels" . | indent 4 }}
{{- with .Values.rbac.annotations }}
annotations:
{{ toYaml . | indent 4 }}
{{- end }}
roleRef:
{{- with .Values.rbac.roleRef }}
{{ toYaml . | indent 2 }}
{{- end }}
subjects:
- kind: ServiceAccount
{{- if .Values.serviceAccount.name }}
name: {{ .Values.serviceAccount.name }}
{{- else }}
name: {{ template "nexus.fullname" . }}
{{- end }}
namespace: {{ template "nexus.namespace" . }}
{{- end -}}
\ No newline at end of file
chart/templates/configmap.yaml 0 → 100644
View file @ ecfdde65
{{- if .Values.config.enabled -}}
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ template "nexus.name" . }}-conf
namespace: {{ template "nexus.namespace" . }}
labels:
{{ include "nexus.labels" . | indent 4 }}
{{- if .Values.nexus.labels }}
{{ toYaml .Values.nexus.labels | indent 4 }}
{{- end }}
data:
{{ toYaml .Values.config.data | indent 2 }}
{{- end }}
\ No newline at end of file
chart/templates/deployment-statefulset.yaml 0 → 100644
View file @ ecfdde65
{{- if .Values.statefulset.enabled }}
apiVersion: apps/v1
kind: StatefulSet
{{- else }}
apiVersion: apps/v1
kind: Deployment
{{- end }}
metadata:
name: {{ template "nexus.fullname" . }}
namespace: {{ template "nexus.namespace" . }}
labels:
{{ include "nexus.labels" . | indent 4 }}
{{- if .Values.nexus.labels }}
{{ toYaml .Values.nexus.labels | indent 4 }}
{{- end }}
{{- if .Values.deployment.annotations }}
annotations:
{{ toYaml .Values.deployment.annotations | indent 4 }}
{{- end }}
spec:
replicas: {{ .Values.replicaCount }}
{{- if .Values.statefulset.enabled }}
{{- if .Values.nexusProxy.svcName }}
serviceName: {{ .Values.nexusProxy.svcName }}
{{- else }}
serviceName: {{ template "nexus.fullname" . }}
{{- end }}
{{- end }}
{{- if .Values.deploymentStrategy }}
strategy:
{{ toYaml .Values.deploymentStrategy | indent 4 }}
{{- end }}
selector:
matchLabels:
app: {{ template "nexus.name" . }}
release: {{ .Release.Name }}
template:
metadata:
{{- if .Values.nexus.podAnnotations }}
annotations:
{{ toYaml .Values.nexus.podAnnotations | indent 8}}
{{- end }}
labels:
app: {{ template "nexus.name" . }}
release: {{ .Release.Name }}
spec:
{{- if .Values.deployment.initContainers }}
initContainers:
{{ toYaml .Values.deployment.initContainers | indent 6 }}
{{- end }}
{{- if .Values.nexus.nodeSelector }}
nodeSelector:
{{ toYaml .Values.nexus.nodeSelector | indent 8 }}
{{- end }}
{{- if .Values.nexus.hostAliases }}
hostAliases:
{{ toYaml .Values.nexus.hostAliases | indent 8 }}
{{- end }}
{{- if .Values.nexus.imagePullSecret }}
imagePullSecrets:
- name: {{ .Values.nexus.imagePullSecret }}
{{- end }}
{{- if .Values.serviceAccount.name }}
serviceAccountName: {{ .Values.serviceAccount.name | quote }}
{{- else if .Values.serviceAccount.create }}
serviceAccountName: {{ template "nexus.fullname" . }}
{{- end }}
{{- if .Values.nexus.priorityClassName }}
priorityClassName: {{ .Values.nexus.priorityClassName }}
{{- end }}
containers:
- name: nexus
image: {{ .Values.nexus.imageName }}:{{ .Values.nexus.imageTag }}
imagePullPolicy: {{ .Values.nexus.imagePullPolicy }}
{{- if .Values.deployment.postStart.command }}
lifecycle:
postStart:
exec:
command: {{ .Values.deployment.postStart.command }}
{{- end }}
env:
{{ toYaml .Values.nexus.env | indent 12 }}
- name: NEXUS_DATA_CHOWN
value: {{ .Values.nexus.chownNexusData | quote }}
{{- if .Values.nexus.context }}
- name: NEXUS_CONTEXT
value: {{ .Values.nexus.context }}
{{- end }}
resources:
{{ toYaml .Values.nexus.resources | indent 12 }}
ports:
- containerPort: {{ .Values.nexus.dockerPort }}
name: nexus-docker-g
- containerPort: {{ .Values.nexus.nexusPort }}
name: nexus-http
{{- with .Values.nexus.additionalPorts }}
{{ toYaml . | indent 12 }}
{{- end }}
livenessProbe:
httpGet:
path: {{ .Values.nexus.livenessProbe.path }}
port: {{ .Values.nexus.nexusPort }}
initialDelaySeconds: {{ .Values.nexus.livenessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.nexus.livenessProbe.periodSeconds }}
failureThreshold: {{ .Values.nexus.livenessProbe.failureThreshold }}
{{- if .Values.nexus.livenessProbe.timeoutSeconds }}
timeoutSeconds: {{ .Values.nexus.livenessProbe.timeoutSeconds }}
{{- end }}
readinessProbe:
httpGet:
path: {{ .Values.nexus.readinessProbe.path }}
port: {{ .Values.nexus.nexusPort }}
initialDelaySeconds: {{ .Values.nexus.readinessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.nexus.readinessProbe.periodSeconds }}
failureThreshold: {{ .Values.nexus.readinessProbe.failureThreshold }}
{{- if .Values.nexus.readinessProbe.timeoutSeconds }}
timeoutSeconds: {{ .Values.nexus.readinessProbe.timeoutSeconds }}
{{- end }}
volumeMounts:
- mountPath: /nexus-data
name: {{ template "nexus.fullname" . }}-data
{{- if .Values.nexusBackup.enabled }}
- mountPath: /nexus-data/backup
name: {{ template "nexus.fullname" . }}-backup
{{- end }}
{{- if .Values.nexusCloudiam.enabled }}
- mountPath: /nexus-data/cloudiam
name: {{ template "nexus.fullname" . }}-cloudiam
{{- end }}
{{- if .Values.config.enabled }}
- mountPath: {{ .Values.config.mountPath }}
name: {{ template "nexus.name" . }}-conf
{{- end }}
{{- if .Values.secret.enabled }}
- mountPath: {{ .Values.secret.mountPath }}
name: {{ template "nexus.name" . }}-secret
readOnly: {{ .Values.secret.readOnly }}
{{- end }}
{{- if .Values.deployment.additionalVolumeMounts}}
{{ toYaml .Values.deployment.additionalVolumeMounts | indent 12 }}
{{- end }}
{{- if .Values.nexusProxy.enabled }}
- name: nexus-proxy
image: {{ .Values.nexusProxy.imageName }}:{{ .Values.nexusProxy.imageTag }}
resources:
{{ toYaml .Values.nexusProxy.resources | indent 12 }}
imagePullPolicy: {{ .Values.nexusProxy.imagePullPolicy }}
env:
- name: ALLOWED_USER_AGENTS_ON_ROOT_REGEX
value: {{ default "GoogleHC" .Values.nexusProxy.env.allowedUserAgentsOnRootRegex | quote }}
- name: CLOUD_IAM_AUTH_ENABLED
value: {{ .Values.nexusProxy.env.cloudIamAuthEnabled | quote }}
- name: BIND_PORT
value: {{ .Values.nexusProxy.targetPort | quote }}
- name: ENFORCE_HTTPS
value: {{ .Values.nexusProxy.env.enforceHttps | quote }}
- name: NEXUS_DOCKER_HOST
value: {{ .Values.nexusProxy.env.nexusDockerHost | quote }}
- name: NEXUS_HTTP_HOST
value: {{ .Values.nexusProxy.env.nexusHttpHost | quote }}
- name: UPSTREAM_DOCKER_PORT
value: {{ .Values.nexus.dockerPort | quote }}
- name: UPSTREAM_HTTP_PORT
value: {{ .Values.nexus.nexusPort | quote }}
- name: UPSTREAM_HOST
value: "localhost"
{{- if .Values.nexusProxy.env.cloudIamAuthEnabled }}
- name: NEXUS_RUT_HEADER
value: "X-Forwarded-User"
- name: CLIENT_ID
value: {{ .Values.nexusProxy.env.clientId | quote }}
- name: CLIENT_SECRET
value: {{ .Values.nexusProxy.env.clientSecret | quote }}
- name: ORGANIZATION_ID
value: {{ .Values.nexusProxy.env.organizationId | quote }}
- name: REDIRECT_URL
value: {{ .Values.nexusProxy.env.redirectUrl | quote }}
- name: KEYSTORE_PASS
valueFrom:
secretKeyRef:
name: {{ template "nexus.proxy-ks.name" . }}
key: password
- name: KEYSTORE_PATH
value: "/nexus-proxy-ks/keystore"
- name: AUTH_CACHE_TTL
value: "60000"
- name: SESSION_TTL
value: "86400000"
- name: JWT_REQUIRES_MEMBERSHIP_VERIFICATION
value: {{ .Values.nexusProxy.env.requiredMembershipVerification | quote }}
{{- end }}
ports:
- containerPort: {{ .Values.nexusProxy.targetPort }}
name: nexus-proxy
{{- if .Values.nexusProxy.env.cloudIamAuthEnabled }}
volumeMounts:
- mountPath: /nexus-proxy-ks
name: {{ template "nexus.proxy-ks.name" . }}
readOnly: true
{{- end }}
{{- end }}
{{- if .Values.nexusBackup.enabled }}
- name: nexus-backup
image: {{ .Values.nexusBackup.imageName }}:{{ .Values.nexusBackup.imageTag }}
imagePullPolicy: {{ .Values.nexusBackup.imagePullPolicy }}
resources:
{{ toYaml .Values.nexusBackup.resources | indent 12 }}
env:
- name: NEXUS_AUTHORIZATION
{{- if not .Values.nexusBackup.env.nexusAuthorization }}
valueFrom:
secretKeyRef:
key: nexus.nexusAdminPassword
name: {{ template "nexus.fullname" . }}
{{- else }}
value: {{ .Values.nexusBackup.env.nexusAuthorization | quote }}
{{- end }}
- name: NEXUS_BACKUP_DIRECTORY
value: /nexus-data/backup
- name: NEXUS_DATA_DIRECTORY
value: /nexus-data
- name: NEXUS_LOCAL_HOST_PORT
value: "localhost:{{ .Values.nexus.nexusPort }}"
- name: OFFLINE_REPOS
value: {{ .Values.nexusBackup.env.offlineRepos | quote }}
- name: TARGET_BUCKET
value: {{ .Values.nexusBackup.env.targetBucket | quote }}
- name: GRACE_PERIOD
value: {{ .Values.nexusBackup.env.gracePeriod | quote }}
- name: TRIGGER_FILE
value: .backup
- name: RCLONE_REMOTE
value: {{ .Values.nexusBackup.env.rcloneRemote | quote }}
- name: STREAMING_UPLOAD_CUTOFF
value: {{ .Values.nexusBackup.env.streamingUploadCutoff | default "5000000" | quote }}
{{- if .Values.nexusCloudiam.enabled }}
- name: CLOUD_IAM_SERVICE_ACCOUNT_KEY_PATH
value: /nexus-data/cloudiam/service-account-key.json
{{- end }}
volumeMounts:
- mountPath: /nexus-data
name: {{ template "nexus.fullname" . }}-data
- mountPath: /nexus-data/backup
name: {{ template "nexus.fullname" . }}-backup
{{- if .Values.nexusCloudiam.enabled }}
- mountPath: /nexus-data/cloudiam
name: {{ template "nexus.fullname" . }}-cloudiam
{{- end }}
- mountPath: /root/.config/rclone
name: {{ template "nexus.fullname" . }}-rclone-config
{{- end }}
{{- if .Values.deployment.additionalContainers }}
{{ toYaml .Values.deployment.additionalContainers | indent 8 }}
{{- end }}
{{- if .Values.nexus.securityContextEnabled }}
securityContext:
{{ toYaml .Values.nexus.securityContext | indent 8 }}
{{- end }}
volumes:
{{- if .Values.nexusBackup.enabled }}
- name: {{ template "nexus.fullname" . }}-rclone-config
secret:
secretName: {{ template "nexus.name" . }}-rclone-config-secret
{{- end }}
{{- if .Values.nexusProxy.env.cloudIamAuthEnabled }}
- name: {{ template "nexus.proxy-ks.name" . }}
secret:
secretName: {{ template "nexus.proxy-ks.name" . }}
{{- end }}
{{- if .Values.statefulset.enabled }}
{{- if not .Values.persistence.enabled }}
- name: {{ template "nexus.fullname" . }}-data
emptyDir: {}
{{- end }}
{{- if and .Values.nexusBackup.enabled (not .Values.nexusBackup.persistence.enabled) }}
- name: {{ template "nexus.fullname" . }}-backup
emptyDir: {}
{{- end }}
{{- if and .Values.nexusCloudiam.enabled (not .Values.nexusCloudiam.persistence.enabled) }}
- name: {{ template "nexus.fullname" . }}-cloudiam
emptyDir: {}
{{- end }}
{{- else }}
- name: {{ template "nexus.fullname" . }}-data
{{- if .Values.persistence.enabled }}
persistentVolumeClaim:
claimName: {{ .Values.persistence.existingClaim | default (printf "%s-%s" (include "nexus.fullname" .) "data") }}
{{- else }}
emptyDir: {}
{{- end }}
{{- if .Values.nexusBackup.enabled }}
- name: {{ template "nexus.fullname" . }}-backup
{{- if and .Values.nexusBackup.persistence.enabled .Values.nexusBackup.enabled }}
persistentVolumeClaim:
claimName: {{ .Values.nexusBackup.persistence.existingClaim | default (printf "%s-%s" (include "nexus.fullname" .) "backup") }}
{{- else }}
emptyDir: {}
{{- end }}
{{- end }}
{{- if .Values.nexusCloudiam.enabled }}
- name: {{ template "nexus.fullname" . }}-cloudiam
{{- if and .Values.nexusCloudiam.persistence.enabled .Values.nexusCloudiam.enabled }}
persistentVolumeClaim:
claimName: {{ .Values.nexusCloudiam.persistence.existingClaim | default (printf "%s-%s" (include "nexus.fullname" .) "cloudiam") }}
{{- else }}
emptyDir: {}
{{- end }}
{{- end }}
{{- end }}
{{- if .Values.config.enabled }}
- name: {{ template "nexus.name" . }}-conf
configMap:
name: {{ template "nexus.name" . }}-conf
{{- end }}
{{- if .Values.secret.enabled }}
- name: {{ template "nexus.name" . }}-secret
secret:
secretName: {{ template "nexus.name" . }}-secret
{{- end }}
{{- if .Values.deployment.additionalVolumes }}
{{ toYaml .Values.deployment.additionalVolumes | indent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{ toYaml . | indent 8 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{ toYaml . | indent 8 }}
{{- end }}
## create pvc in case of statefulsets
{{- if .Values.statefulset.enabled }}
volumeClaimTemplates:
{{- if .Values.persistence.enabled }}
- metadata:
name: {{ template "nexus.fullname" . }}-data
labels:
{{ include "nexus.labels" . | indent 10 }}
{{- if .Values.persistence.annotations }}
annotations:
{{ toYaml .Values.persistence.annotations | indent 10 }}
{{- end }}
spec:
accessModes:
- {{ .Values.persistence.accessMode | quote }}
resources:
requests:
storage: {{ .Values.persistence.storageSize | quote }}
{{- if .Values.persistence.storageClass }}
{{- if (eq "-" .Values.persistence.storageClass) }}
storageClassName: ""
{{- else }}
storageClassName: "{{ .Values.persistence.storageClass }}"
{{- end }}
{{- end }}
{{- end }}
{{- if .Values.nexusBackup.persistence.enabled }}
- metadata:
name: {{ template "nexus.fullname" . }}-backup
labels:
{{ include "nexus.labels" . | indent 10 }}
{{- if .Values.nexusBackup.persistence.annotations }}
annotations:
{{ toYaml .Values.nexusBackup.persistence.annotations | indent 10 }}
{{- end }}
spec:
accessModes:
- {{ .Values.nexusBackup.persistence.accessMode }}
resources:
requests:
storage: {{ .Values.nexusBackup.persistence.storageSize | quote }}
{{- if .Values.nexusBackup.persistence.storageClass }}
{{- if (eq "-" .Values.nexusBackup.persistence.storageClass) }}
storageClassName: ""
{{- else }}
storageClassName: "{{ .Values.nexusBackup.persistence.storageClass }}"
{{- end }}
{{- end }}
{{- end }}
{{- if .Values.nexusCloudiam.persistence.enabled }}
- metadata:
name: {{ template "nexus.fullname" . }}-cloudiam
labels:
{{ include "nexus.labels" . | indent 10 }}
{{- if .Values.nexusCloudiam.persistence.annotations }}
annotations:
{{ toYaml .Values.nexusCloudiam.persistence.annotations | indent 10 }}
{{- end }}
spec:
accessModes:
- {{ .Values.nexusCloudiam.persistence.accessMode }}
resources:
requests:
storage: {{ .Values.nexusCloudiam.persistence.storageSize | quote }}
{{- if .Values.nexusCloudiam.persistence.storageClass }}
{{- if (eq "-" .Values.nexusCloudiam.persistence.storageClass) }}
storageClassName: ""
{{- else }}
storageClassName: "{{ .Values.nexusCloudiam.persistence.storageClass }}"
{{- end }}
{{- end }}
{{- end }}
{{- end }}
chart/templates/ingress-docker.yaml 0 → 100644
View file @ ecfdde65
{{- if .Values.ingressDocker.enabled }}
apiVersion: {{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1" }} networking.k8s.io/v1beta1 {{- else }} extensions/v1beta1 {{- end }}
kind: Ingress
metadata:
name: {{ template "nexus.ingres.docker" . }}
namespace: {{ template "nexus.namespace" . }}
labels:
{{ include "nexus.labels" . | indent 4 }}
{{- range $key, $value := .Values.ingressDocker.labels }}
{{ $key }}: {{ $value | quote }}
{{- end }}
annotations:
{{- range $key, $value := .Values.ingressDocker.annotations }}
{{ $key }}: {{ $value | quote }}
{{- end }}
spec:
rules:
{{- if .Values.nexusProxy.env.nexusDockerHost }}
- host: {{ .Values.nexusProxy.env.nexusDockerHost }}
http:
paths:
- backend:
{{- if .Values.nexusProxy.svcName }}
serviceName: {{ .Values.nexusProxy.svcName }}
{{- else }}
serviceName: {{ template "nexus.fullname" . }}
{{- end }}
{{- if .Values.nexusProxy.enabled }}
servicePort: {{ .Values.nexusProxy.port }}
{{- else }}
servicePort: {{ .Values.nexus.dockerPort }}
{{- end }}
path: {{ .Values.ingress.path }}
{{- end }}
{{- with .Values.ingressDocker.rules }}
{{- toYaml . | nindent 4 }}
{{- end -}}
{{- if .Values.ingress.tls.enabled }}
tls:
- hosts:
{{- if .Values.nexusProxy.env.nexusDockerHost }}
- {{ .Values.nexusProxy.env.nexusDockerHost }}
{{- end }}
{{- if .Values.ingressDocker.tls.secretName }}
secretName: {{ .Values.ingressDocker.tls.secretName | quote }}
{{- end }}
{{- end -}}
{{- end }}
chart/templates/ingress.yaml 0 → 100644
View file @ ecfdde65
{{- if .Values.ingress.enabled -}}
apiVersion: {{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1" }} networking.k8s.io/v1beta1 {{- else }} extensions/v1beta1 {{- end }}
kind: Ingress
metadata:
name: {{ template "nexus.fullname" . }}
namespace: {{ template "nexus.namespace" . }}
labels:
{{ include "nexus.labels" . | indent 4 }}
{{- range $key, $value := .Values.ingress.labels }}
{{ $key }}: {{ $value | quote }}
{{- end }}
annotations:
{{- range $key, $value := .Values.ingress.annotations }}
{{ $key }}: {{ $value | quote }}
{{- end }}
spec:
rules:
{{- if .Values.nexusProxy.env.nexusHttpHost }}
- host: {{ .Values.nexusProxy.env.nexusHttpHost }}
http:
paths:
- backend:
{{- if .Values.nexusProxy.svcName }}
serviceName: {{ .Values.nexusProxy.svcName }}
{{- else }}
serviceName: {{ template "nexus.fullname" . }}
{{- end }}
{{- if .Values.nexusProxy.enabled }}
servicePort: {{ .Values.nexusProxy.port }}
{{- else }}
servicePort: {{ .Values.nexus.nexusPort }}
{{- end }}
path: {{ .Values.ingress.path }}
{{- end }}
{{- with .Values.ingress.rules }}
{{- toYaml . | nindent 4 }}
{{- end -}}
{{- if .Values.ingress.tls.enabled }}
tls:
- hosts:
{{- if .Values.nexusProxy.env.nexusHttpHost }}
- {{ .Values.nexusProxy.env.nexusHttpHost }}
{{- end }}
{{- if .Values.ingress.tls.secretName }}
secretName: {{ .Values.ingress.tls.secretName | quote }}
{{- end }}
{{- end -}}
{{- end }}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

UNCLASSIFIED