admin/kubesphere
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

chore: update ks-core helm chart

Browse Source 
Signed-off-by: hongming <coder.scala@gmail.com>
This commit is contained in:
hongming
2025-03-19 14:00:34 +08:00
committed by ks-ci-bot
parent 0e76a4bcc5
commit 3e12e76f43
7 changed files with 28 additions and 97 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
config/ks-core/templates/cert-manager.yaml
View File

@@ -26,7 +26,7 @@ spec:
privateKeySecretRef: privateKeySecretRef:
name: letsencrypt-{{ .Values.letsEncrypt.environment }} name: letsencrypt-{{ .Values.letsEncrypt.environment }}
{{- if or (.Capabilities.APIVersions.Has "certmanager.k8s.io/v1alpha1") }} {{- if or (.Capabilities.APIVersions.Has "certmanager.k8s.io/v1alpha1") }}
http01: { } http01: {}
{{- else }} {{- else }}
solvers: solvers:
- http01: - http01:

15
config/ks-core/templates/ks-console.yaml
View File

@@ -89,8 +89,8 @@ spec:
initContainers: initContainers:
- name: init-ca - name: init-ca
image: {{ template "kubectl.image" . }} image: {{ template "kubectl.image" . }}
command: [ "/bin/sh", "-c" ] command: ["/bin/sh", "-c"]
args: [ "cp /tmp/ca.crt /usr/local/share/ca-certificates/ \ args: ["cp /tmp/ca.crt /usr/local/share/ca-certificates/ \
&& update-ca-certificates && cp /etc/ssl/certs/ca-certificates.crt /certs/"] && update-ca-certificates && cp /etc/ssl/certs/ca-certificates.crt /certs/"]
volumeMounts: volumeMounts:
- name: tls-cert - name: tls-cert
@@ -171,8 +171,8 @@ spec:
- name: sys-cert - name: sys-cert
emptyDir: {} emptyDir: {}
{{- end }} {{- end }}
---
---
apiVersion: v1 apiVersion: v1
kind: Service kind: Service
metadata: metadata:
@@ -189,16 +189,15 @@ metadata:
spec: spec:
ports: ports:
- name: nginx - name: nginx
{{- if .Values.internalTLS }} {{- if .Values.internalTLS }}
port: 443 port: 443
{{- else }} {{- else }}
port: 80 port: 80
{{- end }} {{- end }}
protocol: TCP protocol: TCP
targetPort: 8000 targetPort: 8000
{{- with .Values.console.nodePort }} {{- with .Values.console.nodePort }}
nodePort: nodePort: {{ . }}
{{- toYaml . | nindent 6 }}
{{- end }} {{- end }}
selector: selector:
app: ks-console app: ks-console

4
config/ks-core/templates/post-patch-system-ns-job.yaml
View File

@@ -3,7 +3,7 @@ kind: Job
metadata: metadata:
name: "{{ .Release.Name }}-post-patch-system-ns" name: "{{ .Release.Name }}-post-patch-system-ns"
annotations: annotations:
"helm.sh/hook": post-install "helm.sh/hook": post-install,post-upgrade
"helm.sh/hook-weight": "-5" "helm.sh/hook-weight": "-5"
"helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded,hook-failed "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded,hook-failed
spec: spec:
@@ -28,5 +28,3 @@ spec:
kubectl label ns $ns kubesphere.io/managed=true kubectl label ns $ns kubesphere.io/managed=true
kubectl label ns $ns kubesphere.io/protected-resource=true kubectl label ns $ns kubesphere.io/protected-resource=true
done done
kubectl get ns -l 'kubesphere.io/workspace,!kubesphere.io/managed' --no-headers -o custom-columns=NAME:.metadata.name | \
xargs -I {} kubectl label ns {} kubesphere.io/managed=true

58
config/ks-core/templates/roletemplates.yaml
View File

@@ -1569,64 +1569,6 @@ spec:
--- ---
apiVersion: iam.kubesphere.io/v1beta1 apiVersion: iam.kubesphere.io/v1beta1
kind: RoleTemplate kind: RoleTemplate
metadata:
annotations:
iam.kubesphere.io/role-template-rules: '{"workloadtemplates": "view"}'
labels:
iam.kubesphere.io/aggregate-to-operator: ""
iam.kubesphere.io/aggregate-to-viewer: ""
iam.kubesphere.io/aggregate-to-regular: ""
iam.kubesphere.io/category: namespace-configuration-management
iam.kubesphere.io/scope: "namespace"
kubesphere.io/managed: "true"
name: namespace-view-workloadtemplates
spec:
description:
en: 'View workloadtemplates in the project.'
zh: '查看项目中的工作负载模板。'
displayName:
en: WorkloadTemplate Viewing
zh: '工作负载模板查看'
rules:
- apiGroups:
- 'workloadtemplate.kubesphere.io'
resources:
- "*"
verbs:
- get
- list
- watch
---
apiVersion: iam.kubesphere.io/v1beta1
kind: RoleTemplate
metadata:
annotations:
iam.kubesphere.io/dependencies: '["namespace-view-workloadtemplates"]'
iam.kubesphere.io/role-template-rules: '{"workloadtemplates": "manage"}'
labels:
iam.kubesphere.io/aggregate-to-operator: ""
iam.kubesphere.io/category: namespace-configuration-management
iam.kubesphere.io/scope: "namespace"
kubesphere.io/managed: "true"
name: namespace-manage-workloadtemplates
spec:
description:
en: 'Create, edit, and delete workloadtemplates in the project.'
zh: '创建、编辑和删除项目中的工作负载模板。'
displayName:
en: WorkloadTemplate Management
zh: '工作负载模板管理'
rules:
- apiGroups:
- 'workloadtemplate.kubesphere.io'
resources:
- "*"
verbs:
- '*'
---
apiVersion: iam.kubesphere.io/v1beta1
kind: RoleTemplate
metadata: metadata:
annotations: annotations:
iam.kubesphere.io/role-template-rules: '{"secrets": "view"}' iam.kubesphere.io/role-template-rules: '{"secrets": "view"}'

3
config/ks-core/templates/services.yaml
View File

@@ -15,8 +15,7 @@ spec:
{{- end }} {{- end }}
targetPort: 9090 targetPort: 9090
{{- with .Values.apiserver.nodePort }} {{- with .Values.apiserver.nodePort }}
nodePort: nodePort: {{ . }}
{{- toYaml . | nindent 8 }}
{{- end }} {{- end }}
selector: selector:
{{- if eq (include "multicluster.role" .) "host" }} {{- if eq (include "multicluster.role" .) "host" }}

7
config/ks-core/values.yaml
View File

@@ -436,13 +436,6 @@ ksCRDs:
repository: kubesphere/kubectl repository: kubesphere/kubectl
tag: "v1.27.16" tag: "v1.27.16"
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
resources:
limits:
cpu: 1
memory: 1024Mi
requests:
cpu: 20m
memory: 100Mi
# add museum for all ks-extensions # add museum for all ks-extensions
ksExtensionRepository: ksExtensionRepository: