feat(charts)!: Update Helm release yourls to 7.1.18 #2506

chore(deps): update docker.io/bitnami/apache-exporter docker tag to v1.0.9-debian-12-r16 by @renovate in https://github.com/YOURLS/charts/pull/434

Full Changelog: YOURLS/charts@yourls-7.1.13...yourls-7.1.14

`v7.1.13`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update docker.io/bitnami/apache-exporter docker tag to v1.0.9-debian-12-r15 by @renovate in https://github.com/YOURLS/charts/pull/431

Full Changelog: YOURLS/charts@yourls-7.1.12...yourls-7.1.13

`v7.1.12`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update common docker tag to v2.30.0 by @renovate in https://github.com/YOURLS/charts/pull/433

Full Changelog: YOURLS/charts@yourls-7.1.11...yourls-7.1.12

`v7.1.11`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): bump azure/setup-helm from 4.2.0 to 4.3.0 by @dependabot in https://github.com/YOURLS/charts/pull/430
chore(deps): update docker.io/bitnami/os-shell docker tag to v12-debian-12-r38 by @renovate in https://github.com/YOURLS/charts/pull/432

Full Changelog: YOURLS/charts@yourls-7.1.10...yourls-7.1.11

`v7.1.10`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update mariadb docker tag to v20.2.4 by @renovate in https://github.com/YOURLS/charts/pull/429

Full Changelog: YOURLS/charts@yourls-7.1.9...yourls-7.1.10

`v7.1.9`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update docker.io/bitnami/apache-exporter docker tag to v1.0.9-debian-12-r13 by @renovate in https://github.com/YOURLS/charts/pull/428

Full Changelog: YOURLS/charts@yourls-7.1.8...yourls-7.1.9

`v7.1.8`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update docker.io/bitnami/apache-exporter docker tag to v1.0.9-debian-12-r12 by @renovate in https://github.com/YOURLS/charts/pull/426

Full Changelog: YOURLS/charts@yourls-7.1.7...yourls-7.1.8

`v7.1.7`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update docker.io/bitnami/os-shell docker tag to v12-debian-12-r37 by @renovate in https://github.com/YOURLS/charts/pull/427

Full Changelog: YOURLS/charts@yourls-7.1.6...yourls-7.1.7

`v7.1.6`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update docker.io/bitnami/apache-exporter docker tag to v1.0.9-debian-12-r11 by @renovate in https://github.com/YOURLS/charts/pull/425

Full Changelog: YOURLS/charts@yourls-7.1.5...yourls-7.1.6

`v7.1.5`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update docker.io/bitnami/os-shell docker tag to v12-debian-12-r36 by @renovate in https://github.com/YOURLS/charts/pull/424

Full Changelog: YOURLS/charts@yourls-7.1.4...yourls-7.1.5

`v7.1.4`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update docker.io/bitnami/apache-exporter docker tag to v1.0.9-debian-12-r10 by @renovate in https://github.com/YOURLS/charts/pull/423

Full Changelog: YOURLS/charts@yourls-7.1.3...yourls-7.1.4

`v7.1.3`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update mariadb docker tag to v20.2.2 by @renovate in https://github.com/YOURLS/charts/pull/422

Full Changelog: YOURLS/charts@yourls-7.1.2...yourls-7.1.3

`v7.1.2`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): bump helm/chart-testing-action from 2.6.1 to 2.7.0 by @dependabot in https://github.com/YOURLS/charts/pull/420
chore(deps): bump helm/chart-releaser-action from 1.6.0 to 1.7.0 by @dependabot in https://github.com/YOURLS/charts/pull/419
chore(deps): update common docker tag to v2.29.1 by @renovate in https://github.com/YOURLS/charts/pull/421

Full Changelog: YOURLS/charts@yourls-7.1.1...yourls-7.1.2

`v7.1.1`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update docker.io/bitnami/apache-exporter docker tag to v1.0.9-debian-12-r8 by @renovate in https://github.com/YOURLS/charts/pull/418

Full Changelog: YOURLS/charts@yourls-7.1.0...yourls-7.1.1

`v7.1.0`

Compare Source

Your Own URL Shortener

What's Changed

Switch to Bitnami OS Shell image by @LeoColomb in https://github.com/YOURLS/charts/pull/417

Full Changelog: YOURLS/charts@yourls-7.0.12...yourls-7.1.0

`v7.0.12`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update docker.io/bitnami/apache-exporter docker tag to v1.0.9-debian-12-r7 by @renovate in https://github.com/YOURLS/charts/pull/416

Full Changelog: YOURLS/charts@yourls-7.0.11...yourls-7.0.12

`v7.0.11`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): bump helm/kind-action from 1.10.0 to 1.11.0 by @dependabot in https://github.com/YOURLS/charts/pull/413
chore(deps): bump helm/kind-action from 1.11.0 to 1.12.0 by @dependabot in https://github.com/YOURLS/charts/pull/414
chore(deps): update common docker tag to v2.29.0 by @renovate in https://github.com/YOURLS/charts/pull/415

Full Changelog: YOURLS/charts@yourls-7.0.10...yourls-7.0.11

`v7.0.10`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update mariadb docker tag to v20.2.1 by @renovate in https://github.com/YOURLS/charts/pull/412

Full Changelog: YOURLS/charts@yourls-7.0.9...yourls-7.0.10

`v7.0.9`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update mariadb docker tag to v20.2.0 by @renovate in https://github.com/YOURLS/charts/pull/411

Full Changelog: YOURLS/charts@yourls-7.0.8...yourls-7.0.9

`v7.0.8`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update common docker tag to v2.28.0 by @renovate in https://github.com/YOURLS/charts/pull/410

Full Changelog: YOURLS/charts@yourls-7.0.7...yourls-7.0.8

`v7.0.7`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update docker.io/bitnami/apache-exporter docker tag to v1.0.9-debian-12-r6 by @renovate in https://github.com/YOURLS/charts/pull/409

Full Changelog: YOURLS/charts@yourls-7.0.6...yourls-7.0.7

`v7.0.6`

Compare Source

Your Own URL Shortener

What's Changed

Ensure the presence of the port in database host variable by @halkeye in https://github.com/YOURLS/charts/pull/407

Full Changelog: YOURLS/charts@yourls-7.0.5...yourls-7.0.6

`v7.0.5`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update docker.io/bitnami/apache-exporter docker tag to v1.0.9-debian-12-r5 by @renovate in https://github.com/YOURLS/charts/pull/408

Full Changelog: YOURLS/charts@yourls-7.0.4...yourls-7.0.5

`v7.0.4`

Compare Source

Your Own URL Shortener

Your Own URL Shortener

What's Changed

chore(deps): update mariadb docker tag to v20.1.1 by @renovate in https://github.com/YOURLS/charts/pull/405

Full Changelog: YOURLS/charts@yourls-7.0.2...yourls-7.0.3

`v7.0.2`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update common docker tag to v2.27.2 by @renovate in https://github.com/YOURLS/charts/pull/404

Full Changelog: YOURLS/charts@yourls-7.0.1...yourls-7.0.2

`v7.0.1`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update mariadb docker tag to v20.1.0 by @renovate in https://github.com/YOURLS/charts/pull/403

Full Changelog: YOURLS/charts@yourls-7.0.0...yourls-7.0.1

`v7.0.0`

Compare Source

Your Own URL Shortener

Upgrade Notes

This major bump updates the MariaDB sub-chart to version 20.0.0.
This sub-chart updates the StatefulSet objects serviceName to use a headless service, as the current non-headless service attached to it was not providing DNS entries.
This will cause an upgrade issue because it changes "immutable fields". To workaround it, delete the StatefulSet objects as follows (replace the RELEASE_NAME placeholder):

kubectl delete sts RELEASE_NAME-mariadb --cascade=false

Then execute helm upgrade as usual.

What's Changed

chore(deps): update mariadb docker tag to v20 by @renovate in https://github.com/YOURLS/charts/pull/402

Full Changelog: YOURLS/charts@yourls-6.1.14...yourls-7.0.0

`v6.1.14`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update docker.io/bitnami/apache-exporter docker tag to v1.0.9-debian-12-r3 by @renovate in https://github.com/YOURLS/charts/pull/400

Full Changelog: YOURLS/charts@yourls-6.1.13...yourls-6.1.14

`v6.1.13`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update common docker tag to v2.27.0 by @renovate in https://github.com/YOURLS/charts/pull/401

Full Changelog: YOURLS/charts@yourls-6.1.12...yourls-6.1.13

`v6.1.12`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update mariadb docker tag to v19.1.2 by @renovate in https://github.com/YOURLS/charts/pull/399

Full Changelog: YOURLS/charts@yourls-6.1.11...yourls-6.1.12

`v6.1.11`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update mariadb docker tag to v19.1.1 by @renovate in https://github.com/YOURLS/charts/pull/398

Full Changelog: YOURLS/charts@yourls-6.1.10...yourls-6.1.11

`v6.1.10`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update docker.io/bitnami/apache-exporter docker tag to v1.0.9-debian-12-r2 by @renovate in https://github.com/YOURLS/charts/pull/397

Full Changelog: YOURLS/charts@yourls-6.1.9...yourls-6.1.10

`v6.1.9`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update common docker tag to v2.26.0 by @renovate in https://github.com/YOURLS/charts/pull/396

Full Changelog: YOURLS/charts@yourls-6.1.8...yourls-6.1.9

`v6.1.8`

Compare Source

Your Own URL Shortener

What's Changed

Embrace upstream Renovate custom presets by @LeoColomb in https://github.com/YOURLS/charts/pull/394
Cleanup capabilities compatibility helpers by @LeoColomb in https://github.com/YOURLS/charts/pull/395

Full Changelog: YOURLS/charts@yourls-6.1.7...yourls-6.1.8

`v6.1.7`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update mariadb docker tag to v19.1.0 by @renovate in https://github.com/YOURLS/charts/pull/393

Full Changelog: YOURLS/charts@yourls-6.1.6...yourls-6.1.7

`v6.1.6`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update common docker tag to v2.24.0 by @renovate in https://github.com/YOURLS/charts/pull/392

Full Changelog: YOURLS/charts@yourls-6.1.5...yourls-6.1.6

`v6.1.5`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update docker.io/bitnami/apache-exporter docker tag to v1.0.9-debian-12-r1 by @renovate in https://github.com/YOURLS/charts/pull/391

Full Changelog: YOURLS/charts@yourls-6.1.4...yourls-6.1.5

`v6.1.4`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update mariadb docker tag to v19.0.7 by @renovate in https://github.com/YOURLS/charts/pull/390

Full Changelog: YOURLS/charts@yourls-6.1.3...yourls-6.1.4

`v6.1.3`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update docker.io/bitnami/apache-exporter docker tag to v1.0.9-debian-12-r0 by @renovate in https://github.com/YOURLS/charts/pull/389

Full Changelog: YOURLS/charts@yourls-6.1.2...yourls-6.1.3

`v6.1.2`

Compare Source

Your Own URL Shortener

What's Changed

Workaround non-run CI for required workflow by @LeoColomb in https://github.com/YOURLS/charts/pull/386
chore(deps): update mariadb docker tag to v19.0.6 by @renovate in https://github.com/YOURLS/charts/pull/388

Full Changelog: YOURLS/charts@yourls-6.1.1...yourls-6.1.2

`v6.1.1`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update common docker tag to v2.23.0 by @renovate in https://github.com/YOURLS/charts/pull/385

Full Changelog: YOURLS/charts@yourls-6.1.0...yourls-6.1.1

`v6.1.0`

Compare Source

Your Own URL Shortener

What's Changed

Creat appropriate vhost for httpd metrics by @LeoColomb in https://github.com/YOURLS/charts/pull/384

Full Changelog: YOURLS/charts@yourls-6.0.0...yourls-6.1.0

`v6.0.0`

Compare Source

Your Own URL Shortener

What's Changed

✨ Ensure availability of all probes (liveness, readiness, startup, and lifecycle) by @LeoColomb in https://github.com/YOURLS/charts/pull/383
Use common templating system broadly by @LeoColomb in https://github.com/YOURLS/charts/pull/383

Full Changelog: YOURLS/charts@yourls-5.15.0...yourls-6.0.0

`v5.15.0`

Compare Source

Your Own URL Shortener

What's Changed

Use upstream secret helper for MariaDB password by @LeoColomb in https://github.com/YOURLS/charts/pull/382

Full Changelog: YOURLS/charts@yourls-5.14.12...yourls-5.15.0

`v5.14.12`

Compare Source

Your Own URL Shortener

What's Changed

Improve global lint workflow by @LeoColomb in https://github.com/YOURLS/charts/pull/379
Improve global lint workflow by @LeoColomb in https://github.com/YOURLS/charts/pull/380
chore(deps): update docker.io/bitnami/apache-exporter docker tag to v1.0.8-debian-12-r9 by @renovate in https://github.com/YOURLS/charts/pull/381

Full Changelog: YOURLS/charts@yourls-5.14.11...yourls-5.14.12

`v5.14.11`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update docker.io/bitnami/apache-exporter docker tag to v1.0.8-debian-12-r8 by @renovate in https://github.com/YOURLS/charts/pull/378

Full Changelog: YOURLS/charts@yourls-5.14.10...yourls-5.14.11

`v5.14.10`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update mariadb docker tag to v19.0.5 by @renovate in https://github.com/YOURLS/charts/pull/377

Full Changelog: YOURLS/charts@yourls-5.14.9...yourls-5.14.10

`v5.14.9`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update mariadb docker tag to v19.0.4 by @renovate in https://github.com/YOURLS/charts/pull/376

Full Changelog: YOURLS/charts@yourls-5.14.8...yourls-5.14.9

`v5.14.8`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update common docker tag to v2.22.0 by @renovate in https://github.com/YOURLS/charts/pull/375

Full Changelog: YOURLS/charts@yourls-5.14.7...yourls-5.14.8

`v5.14.7`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update docker.io/bitnami/apache-exporter docker tag to v1.0.8-debian-12-r7 by @renovate in https://github.com/YOURLS/charts/pull/374

Full Changelog: YOURLS/charts@yourls-5.14.6...yourls-5.14.7

`v5.14.6`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update common docker tag to v2.21.0 by @renovate in https://github.com/YOURLS/charts/pull/373

Full Changelog: YOURLS/charts@yourls-5.14.5...yourls-5.14.6

`v5.14.5`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update docker.io/bitnami/apache-exporter docker tag to v1.0.8-debian-12-r6 by @renovate in https://github.com/YOURLS/charts/pull/371

Full Changelog: YOURLS/charts@yourls-5.14.4...yourls-5.14.5

`v5.14.4`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update mariadb docker tag to v19.0.3 by @renovate in https://github.com/YOURLS/charts/pull/372

Full Changelog: YOURLS/charts@yourls-5.14.3...yourls-5.14.4

`v5.14.3`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update mariadb docker tag to v19.0.2 by @renovate in https://github.com/YOURLS/charts/pull/370

Full Changelog: YOURLS/charts@yourls-5.14.2...yourls-5.14.3

`v5.14.2`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update docker.io/bitnami/apache-exporter docker tag to v1.0.8-debian-12-r5 by @renovate in https://github.com/YOURLS/charts/pull/369

Full Changelog: YOURLS/charts@yourls-5.14.1...yourls-5.14.2

`v5.14.1`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update mariadb docker tag to v19.0.1 by @renovate in https://github.com/YOURLS/charts/pull/368

Full Changelog: YOURLS/charts@yourls-5.14.0...yourls-5.14.1

`v5.14.0`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update mariadb docker tag to v19 by @renovate in https://github.com/YOURLS/charts/pull/366

Full Changelog: YOURLS/charts@yourls-5.13.3...yourls-5.14.0

`v5.13.3`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update common docker tag to v2.20.5 by @renovate in https://github.com/YOURLS/charts/pull/367

Full Changelog: YOURLS/charts@yourls-5.13.2...yourls-5.13.3

`v5.13.2`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update common docker tag to v2.20.4 by @renovate in https://github.com/YOURLS/charts/pull/365

Full Changelog: YOURLS/charts@yourls-5.13.1...yourls-5.13.2

`v5.13.1`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update docker.io/bitnami/apache-exporter docker tag to v1.0.8-debian-12-r3 by @renovate in https://github.com/YOURLS/charts/pull/364

Full Changelog: YOURLS/charts@yourls-5.13.0...yourls-5.13.1

`v5.13.0`

Compare Source

Your Own URL Shortener

What's Changed

feat: Add support for topology spread constraints. by @cfiehe in https://github.com/YOURLS/charts/pull/360

New Contributors

@cfiehe made their first contribution in https://github.com/YOURLS/charts/pull/360

Full Changelog: YOURLS/charts@yourls-5.12.10...yourls-5.13.0

`v5.12.10`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update docker.io/bitnami/apache-exporter docker tag to v1.0.8-debian-12-r2 by @renovate in https://github.com/YOURLS/charts/pull/361

Full Changelog: YOURLS/charts@yourls-5.12.9...yourls-5.12.10

`v5.12.9`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update mariadb docker tag to v18.2.6 by @renovate in https://github.com/YOURLS/charts/pull/363

Full Changelog: YOURLS/charts@yourls-5.12.8...yourls-5.12.9

`v5.12.8`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update mariadb docker tag to v18.2.5 by @renovate in https://github.com/YOURLS/charts/pull/362

Full Changelog: YOURLS/charts@yourls-5.12.7...yourls-5.12.8

`v5.12.7`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update mariadb docker tag to v18.2.4 by @renovate in https://github.com/YOURLS/charts/pull/359

Full Changelog: YOURLS/charts@yourls-5.12.6...yourls-5.12.7

`v5.12.6`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update mariadb docker tag to v18.2.3 by @renovate in https://github.com/YOURLS/charts/pull/358

Full Changelog: YOURLS/charts@yourls-5.12.5...yourls-5.12.6

`v5.12.5`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update common docker tag to v2.20.3 by @renovate in https://github.com/YOURLS/charts/pull/357

Full Changelog: YOURLS/charts@yourls-5.12.4...yourls-5.12.5

`v5.12.4`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update common docker tag to v2.20.2 by @renovate in https://github.com/YOURLS/charts/pull/356

Full Changelog: YOURLS/charts@yourls-5.12.3...yourls-5.12.4

`v5.12.3`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update mariadb docker tag to v18.2.2 by @renovate in https://github.com/YOURLS/charts/pull/355

Full Changelog: YOURLS/charts@yourls-5.12.2...yourls-5.12.3

`v5.12.2`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update common docker tag to v2.20.0 by @renovate in https://github.com/YOURLS/charts/pull/354

Full Changelog: YOURLS/charts@yourls-5.12.1...yourls-5.12.2

`v5.12.1`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update docker.io/bitnami/apache-exporter docker tag to v1.0.7-debian-12-r9 by @renovate in https://github.com/YOURLS/charts/pull/353

Full Changelog: YOURLS/charts@yourls-5.12.0...yourls-5.12.1

`v5.12.0`

Compare Source

Your Own URL Shortener

Full Changelog: YOURLS/charts@yourls-5.11.3...yourls-5.12.0

`v5.11.3`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update helm release mariadb to ^18.2.1 by @renovate in https://github.com/YOURLS/charts/pull/352

Full Changelog: YOURLS/charts@yourls-5.11.2...yourls-5.11.3

`v5.11.2`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update helm release mariadb to ^18.2.0 by @renovate in https://github.com/YOURLS/charts/pull/351

Full Changelog: YOURLS/charts@yourls-5.11.1...yourls-5.11.2

`v5.11.1`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update helm release mariadb to ^18.1.0 by @renovate in https://github.com/YOURLS/charts/pull/350

Full Changelog: YOURLS/charts@yourls-5.11.0...yourls-5.11.1

`v5.11.0`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update docker.io/bitnami/apache-exporter docker tag to v1 by @renovate in https://github.com/YOURLS/charts/pull/348
chore(deps): update docker.io/bitnami/bitnami-shell docker tag to v11 by @renovate in https://github.com/YOURLS/charts/pull/349

Full Changelog: YOURLS/charts@yourls-5.10.7...yourls-5.11.0

`v5.10.7`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update helm release common to ^2.19.3 by @renovate in https://github.com/YOURLS/charts/pull/345

Full Changelog: YOURLS/charts@yourls-5.10.6...yourls-5.10.7

`v5.10.6`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update helm release mariadb to ^18.0.6 by @renovate in https://github.com/YOURLS/charts/pull/344

Full Changelog: YOURLS/charts@yourls-5.10.5...yourls-5.10.6

`v5.10.5`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update helm release mariadb to ^18.0.5 by @renovate in https://github.com/YOURLS/charts/pull/343

Full Changelog: YOURLS/charts@yourls-5.10.4...yourls-5.10.5

`v5.10.4`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update helm release mariadb to ^18.0.4 by @renovate in https://github.com/YOURLS/charts/pull/342

Full Changelog: YOURLS/charts@yourls-5.10.3...yourls-5.10.4

`v5.10.3`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update helm release mariadb to ^18.0.3 by @renovate in https://github.com/YOURLS/charts/pull/341

Full Changelog: YOURLS/charts@yourls-5.10.2...yourls-5.10.3

`v5.10.2`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): bump azure/setup-helm from 4.1.0 to 4.2.0 by @dependabot in https://github.com/YOURLS/charts/pull/338
chore(deps): bump helm/kind-action from 1.9.0 to 1.10.0 by @dependabot in https://github.com/YOURLS/charts/pull/339
chore(deps): update helm release common to ^2.19.2 by @renovate in https://github.com/YOURLS/charts/pull/340

Full Changelog: YOURLS/charts@yourls-5.10.1...yourls-5.10.2

`v5.10.1`

Compare Source

Your Own URL Shortener

What's Changed

Upgrade GHA components by @LeoColomb in https://github.com/YOURLS/charts/pull/336
chore(deps): update helm release mariadb to ^18.0.2 by @renovate in https://github.com/YOURLS/charts/pull/337

Full Changelog: YOURLS/charts@yourls-5.10.0...yourls-5.10.1

`v5.10.0`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update helm release mariadb to v18 by @renovate in https://github.com/YOURLS/charts/pull/335

Full Changelog: YOURLS/charts@yourls-5.9.1...yourls-5.10.0

`v5.9.1`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update helm release common to ^2.19.1 by @renovate in https://github.com/YOURLS/charts/pull/334

Full Changelog: YOURLS/charts@yourls-5.9.0...yourls-5.9.1

`v5.9.0`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update helm release mariadb to v17 by @renovate in https://github.com/YOURLS/charts/pull/333

Full Changelog: YOURLS/charts@yourls-5.8.17...yourls-5.9.0

`v5.8.17`

Compare Source

Your Own URL Shortener

What's Changed

Fix when update strategy type is recreate by @ggarson in https://github.com/YOURLS/charts/pull/330

Full Changelog: YOURLS/charts@yourls-5.8.16...yourls-5.8.17

`v5.8.16`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update helm release common to ^2.19.0 by @renovate in https://github.com/YOURLS/charts/pull/332

Full Changelog: YOURLS/charts@yourls-5.8.15...yourls-5.8.16

`v5.8.15`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update helm release mariadb to ^16.5.0 by @renovate in https://github.com/YOURLS/charts/pull/331

Full Changelog: YOURLS/charts@yourls-5.8.14...yourls-5.8.15

`v5.8.14`

Compare Source

Your Own URL Shortener

What's Changed

fix: extraEnvVars support by @ggarson in https://github.com/YOURLS/charts/pull/329

New Contributors

@ggarson made their first contribution in https://github.com/YOURLS/charts/pull/329

Full Changelog: YOURLS/charts@yourls-5.8.13...yourls-5.8.14

`v5.8.13`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update helm release common to ^2.18.0 by @renovate in https://github.com/YOURLS/charts/pull/328

Full Changelog: YOURLS/charts@yourls-5.8.12...yourls-5.8.13

`v5.8.12`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update helm release mariadb to ^16.4.0 by @renovate in https://github.com/YOURLS/charts/pull/327

Full Changelog: YOURLS/charts@yourls-5.8.11...yourls-5.8.12

`v5.8.11`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update helm release mariadb to ^16.3.2 by @renovate in https://github.com/YOURLS/charts/pull/326

Full Changelog: YOURLS/charts@yourls-5.8.10...yourls-5.8.11

`v5.8.10`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update helm release mariadb to ^16.3.1 by @renovate in https://github.com/YOURLS/charts/pull/325

Full Changelog: YOURLS/charts@yourls-5.8.9...yourls-5.8.10

`v5.8.9`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update helm release mariadb to ^16.2.0 by @renovate in https://github.com/YOURLS/charts/pull/324

Full Changelog: YOURLS/charts@yourls-5.8.8...yourls-5.8.9

`v5.8.8`

Compare Source

Your Own URL Shortener

What's Changed

chore(deps): update helm release common to ^2.16.

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

github-actions · 2024-11-15T11:24:26Z

Path: cluster/apps/collab/yourls/helm-release.yaml
Version: 5.2.7 -> 7.0.0

@@ -1,3 +1,52 @@
+# Source: yourls/charts/mariadb/templates/networkpolicy.yaml
+kind: NetworkPolicy
+apiVersion: networking.k8s.io/v1
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+spec:
+  podSelector:
+    matchLabels:
+      app.kubernetes.io/instance: yourls
+      app.kubernetes.io/managed-by: Helm
+      app.kubernetes.io/name: mariadb
+      app.kubernetes.io/version: 11.4.4
+      helm.sh/chart: mariadb-20.0.0
+  policyTypes:
+    - Ingress
+    - Egress
+  egress:
+    - {}
+  ingress:
+    - ports:
+        - port: 3306
+        - port: 3306
+---
+# Source: yourls/charts/mariadb/templates/primary/pdb.yaml
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+    app.kubernetes.io/component: primary
+spec:
+  maxUnavailable: 1
+  selector:
+    matchLabels:
+      app.kubernetes.io/instance: yourls
+      app.kubernetes.io/name: mariadb
+      app.kubernetes.io/component: primary
+---
 # Source: yourls/charts/mariadb/templates/serviceaccount.yaml
 apiVersion: v1
 kind: ServiceAccount
@@ -5,10 +54,10 @@
   name: yourls-mariadb
   namespace: "default"
   labels:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
-  annotations:
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
 automountServiceAccountToken: false
 ---
 # Source: yourls/charts/mariadb/templates/secrets.yaml
@@ -18,13 +67,14 @@
   name: yourls-mariadb
   namespace: "default"
   labels:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
 type: Opaque
 data:
-  mariadb-root-password: "V2N2bE5nSlFEWg=="
-  mariadb-password: "MmpIbEpFRWw0Ug=="
+  mariadb-root-password: "WjltZWU3YnpRRw=="
+  mariadb-password: "WXNxZml0S3ZXag=="
 ---
 # Source: yourls/templates/secrets.yaml
 apiVersion: v1
@@ -33,9 +83,9 @@
   name: yourls
   namespace: "default"
   labels:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
 type: kubernetes.io/basic-auth
 data:
   username: "ZGZyb2Jlcmc="
@@ -48,9 +98,10 @@
   name: yourls-mariadb
   namespace: "default"
   labels:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
     app.kubernetes.io/component: primary
 data:
   my.cnf: |-
@@ -58,6 +109,7 @@
     skip-name-resolve
     explicit_defaults_for_timestamp
     basedir=/opt/bitnami/mariadb
+    datadir=/bitnami/mariadb/data
     plugin_dir=/opt/bitnami/mariadb/plugin
     port=3306
     socket=/opt/bitnami/mariadb/tmp/mysql.sock
@@ -69,8 +121,8 @@
     character-set-server=UTF8
     collation-server=utf8_general_ci
     slow_query_log=0
-    slow_query_log_file=/opt/bitnami/mariadb/logs/mysqld.log
     long_query_time=10.0
+    binlog_expire_logs_seconds=2592000
 
     [client]
     port=3306
@@ -83,6 +135,51 @@
     socket=/opt/bitnami/mariadb/tmp/mysql.sock
     pid-file=/opt/bitnami/mariadb/tmp/mysqld.pid
 ---
+# Source: yourls/templates/metrics-httpd-configmap.yaml
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: yourls-apache-metrics
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
+data:
+  00_status-vhost.conf: |-
+    <VirtualHost 127.0.0.1:80>
+      ServerName status.localhost
+      <Location /server-status>
+        Require local
+        SetHandler server-status
+      </Location>
+    </VirtualHost>
+---
+# Source: yourls/charts/mariadb/templates/headless-svc.yaml
+apiVersion: v1
+kind: Service
+metadata:
+  name: yourls-mariadb-headless
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+spec:
+  type: ClusterIP
+  publishNotReadyAddresses: true
+  clusterIP: None
+  ports:
+    - name: mysql
+      port: 3306
+      protocol: TCP
+      targetPort: mysql
+  selector:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+---
 # Source: yourls/charts/mariadb/templates/primary/svc.yaml
 apiVersion: v1
 kind: Service
@@ -90,9 +187,10 @@
   name: yourls-mariadb
   namespace: "default"
   labels:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
     app.kubernetes.io/component: primary
   annotations:
 spec:
@@ -105,8 +203,8 @@
       targetPort: mysql
       nodePort: null
   selector:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: mariadb
     app.kubernetes.io/component: primary
 ---
 # Source: yourls/templates/metrics-svc.yaml
@@ -116,12 +214,12 @@
   name: yourls-metrics
   namespace: "default"
   labels:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
     app.kubernetes.io/component: metrics
   annotations:
-    prometheus.io/port: '9117'
+    prometheus.io/port: "9117"
     prometheus.io/scrape: "true"
 spec:
   type: ClusterIP
@@ -131,8 +229,8 @@
       protocol: TCP
       targetPort: metrics
   selector:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: yourls
 ---
 # Source: yourls/templates/service.yaml
 apiVersion: v1
@@ -141,9 +239,9 @@
   name: yourls
   namespace: "default"
   labels:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
 spec:
   type: ClusterIP
   ports:
@@ -158,8 +256,8 @@
       targetPort: https
       nodePort: null
   selector:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: yourls
 ---
 # Source: yourls/templates/deployment.yaml
 apiVersion: apps/v1
@@ -168,24 +266,23 @@
   name: yourls
   namespace: "default"
   labels:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
 spec:
   selector:
     matchLabels:
-      app.kubernetes.io/name: yourls
       app.kubernetes.io/instance: yourls
+      app.kubernetes.io/name: yourls
   strategy:
-    rollingUpdate: {}
     type: RollingUpdate
   replicas: 1
   template:
     metadata:
       labels:
-        app.kubernetes.io/name: yourls
         app.kubernetes.io/instance: yourls
         app.kubernetes.io/managed-by: Helm
+        app.kubernetes.io/name: yourls
       annotations:
         prometheus.io/port: '9117'
         prometheus.io/scrape: "true"
@@ -204,10 +301,8 @@
             - podAffinityTerm:
                 labelSelector:
                   matchLabels:
-                    app.kubernetes.io/name: yourls
                     app.kubernetes.io/instance: yourls
-                namespaces:
-                  - "default"
+                    app.kubernetes.io/name: yourls
                 topologyKey: kubernetes.io/hostname
               weight: 1
         nodeAffinity:
@@ -289,8 +384,11 @@
           volumeMounts:
             - mountPath: /var/www/html
               name: yourls-data
+            - name: apache-metrics
+              mountPath: /etc/apache2/sites-available/00_status-vhost.conf
+              subPath: 00_status-vhost.conf
         - name: metrics
-          image: docker.io/bitnami/apache-exporter:0.11.0-debian-10-r36
+          image: docker.io/bitnami/apache-exporter:1.0.9-debian-12-r3
           imagePullPolicy: "Always"
           command:
             - /bin/apache_exporter
@@ -300,21 +398,50 @@
             - name: metrics
               containerPort: 9117
           livenessProbe:
+            failureThreshold: 3
+            initialDelaySeconds: 15
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 5
             httpGet:
               path: /metrics
               port: metrics
-            initialDelaySeconds: 15
-            timeoutSeconds: 5
           readinessProbe:
+            failureThreshold: 3
+            initialDelaySeconds: 5
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 3
             httpGet:
               path: /metrics
               port: metrics
-            initialDelaySeconds: 5
-            timeoutSeconds: 1
           resources:
-            limits: {}
-            requests: {}
+            limits:
+              cpu: 150m
+              ephemeral-storage: 2Gi
+              memory: 192Mi
+            requests:
+              cpu: 100m
+              ephemeral-storage: 50Mi
+              memory: 128Mi
+          securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            privileged: false
+            readOnlyRootFilesystem: true
+            runAsGroup: 1001
+            runAsNonRoot: true
+            runAsUser: 1001
+            seLinuxOptions: {}
+            seccompProfile:
+              type: RuntimeDefault
       volumes:
+        - name: apache-metrics
+          configMap:
+            name: yourls-apache-metrics
+            defaultMode: 0644
         - name: yourls-data
           persistentVolumeClaim:
             claimName: yourls-config-pvc
@@ -326,31 +453,35 @@
   name: yourls-mariadb
   namespace: "default"
   labels:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
     app.kubernetes.io/component: primary
 spec:
   replicas: 1
   revisionHistoryLimit: 10
   selector:
     matchLabels:
-      app.kubernetes.io/name: mariadb
       app.kubernetes.io/instance: yourls
+      app.kubernetes.io/name: mariadb
+      app.kubernetes.io/part-of: mariadb
       app.kubernetes.io/component: primary
-  serviceName: yourls-mariadb
+  serviceName: yourls-mariadb-headless
   updateStrategy:
     type: RollingUpdate
   template:
     metadata:
       annotations:
-        checksum/configuration: af5c671ff745ded0f8434c386e4bfffd387106e11527eecb5adb4f3e6fa0a454
+        checksum/configuration: 9c334eee0dda0d7d9ac425dc0c3643c25c864208a96a28ce5974070623b680ad
       labels:
-        app.kubernetes.io/name: mariadb
         app.kubernetes.io/instance: yourls
         app.kubernetes.io/managed-by: Helm
+        app.kubernetes.io/name: mariadb
+        app.kubernetes.io/part-of: mariadb
         app.kubernetes.io/component: primary
     spec:
+      automountServiceAccountToken: false
       serviceAccountName: yourls-mariadb
       affinity:
         podAffinity:
@@ -359,23 +490,75 @@
             - podAffinityTerm:
                 labelSelector:
                   matchLabels:
-                    app.kubernetes.io/name: mariadb
                     app.kubernetes.io/instance: yourls
+                    app.kubernetes.io/name: mariadb
                     app.kubernetes.io/component: primary
-                namespaces:
-                  - "default"
                 topologyKey: kubernetes.io/hostname
               weight: 1
         nodeAffinity:
       securityContext:
         fsGroup: 1001
+        fsGroupChangePolicy: Always
+        supplementalGroups: []
+        sysctls: []
+      initContainers:
+        - name: preserve-logs-symlinks
+          image: docker.io/bitnami/mariadb:11.4.4-debian-12-r0
+          imagePullPolicy: "IfNotPresent"
+          securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            privileged: false
+            readOnlyRootFilesystem: true
+            runAsGroup: 1001
+            runAsNonRoot: true
+            runAsUser: 1001
+            seLinuxOptions: {}
+            seccompProfile:
+              type: RuntimeDefault
+          resources:
+            limits:
+              cpu: 375m
+              ephemeral-storage: 2Gi
+              memory: 384Mi
+            requests:
+              cpu: 250m
+              ephemeral-storage: 50Mi
+              memory: 256Mi
+          command:
+            - /bin/bash
+          args:
+            - -ec
+            - |
+              #!/bin/bash
+
+              . /opt/bitnami/scripts/libfs.sh
+              # We copy the logs folder because it has symlinks to stdout and stderr
+              if ! is_dir_empty /opt/bitnami/mariadb/logs; then
+                cp -r /opt/bitnami/mariadb/logs /emptydir/app-logs-dir
+              fi
+          volumeMounts:
+            - name: empty-dir
+              mountPath: /emptydir
       containers:
         - name: mariadb
-          image: docker.io/bitnami/mariadb:10.6.10-debian-11-r6
+          image: docker.io/bitnami/mariadb:11.4.4-debian-12-r0
           imagePullPolicy: "IfNotPresent"
           securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            privileged: false
+            readOnlyRootFilesystem: true
+            runAsGroup: 1001
             runAsNonRoot: true
             runAsUser: 1001
+            seLinuxOptions: {}
+            seccompProfile:
+              type: RuntimeDefault
           env:
             - name: BITNAMI_DEBUG
               value: "false"
@@ -411,7 +594,7 @@
                   if [[ -f "${MARIADB_ROOT_PASSWORD_FILE:-}" ]]; then
                       password_aux=$(cat "$MARIADB_ROOT_PASSWORD_FILE")
                   fi
-                  mysqladmin status -uroot -p"${password_aux}"
+                  mariadb-admin status -uroot -p"${password_aux}"
           readinessProbe:
             failureThreshold: 3
             initialDelaySeconds: 30
@@ -427,17 +610,37 @@
                   if [[ -f "${MARIADB_ROOT_PASSWORD_FILE:-}" ]]; then
                       password_aux=$(cat "$MARIADB_ROOT_PASSWORD_FILE")
                   fi
-                  mysqladmin status -uroot -p"${password_aux}"
+                  mariadb-admin ping -uroot -p"${password_aux}"
           resources:
-            limits: {}
-            requests: {}
+            limits:
+              cpu: 375m
+              ephemeral-storage: 2Gi
+              memory: 384Mi
+            requests:
+              cpu: 250m
+              ephemeral-storage: 50Mi
+              memory: 256Mi
           volumeMounts:
             - name: data
               mountPath: /bitnami/mariadb
             - name: config
               mountPath: /opt/bitnami/mariadb/conf/my.cnf
               subPath: my.cnf
+            - name: empty-dir
+              mountPath: /tmp
+              subPath: tmp-dir
+            - name: empty-dir
+              mountPath: /opt/bitnami/mariadb/conf
+              subPath: app-conf-dir
+            - name: empty-dir
+              mountPath: /opt/bitnami/mariadb/tmp
+              subPath: app-tmp-dir
+            - name: empty-dir
+              mountPath: /opt/bitnami/mariadb/logs
+              subPath: app-logs-dir
       volumes:
+        - name: empty-dir
+          emptyDir: {}
         - name: config
           configMap:
             name: yourls-mariadb
@@ -445,8 +648,8 @@
     - metadata:
         name: data
         labels:
-          app.kubernetes.io/name: mariadb
           app.kubernetes.io/instance: yourls
+          app.kubernetes.io/name: mariadb
           app.kubernetes.io/component: primary
       spec:
         accessModes:
@@ -462,9 +665,9 @@
   name: yourls
   namespace: "default"
   labels:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
   annotations:
     external-dns.alpha.kubernetes.io/target: ipv4.${SECRET_DOMAIN}
     external-dns/is-public: "true"

github-actions · 2024-11-27T13:54:15Z

Path: cluster/apps/collab/yourls/helm-release.yaml
Version: 5.2.7 -> 7.0.1

@@ -1,3 +1,52 @@
+# Source: yourls/charts/mariadb/templates/networkpolicy.yaml
+kind: NetworkPolicy
+apiVersion: networking.k8s.io/v1
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+spec:
+  podSelector:
+    matchLabels:
+      app.kubernetes.io/instance: yourls
+      app.kubernetes.io/managed-by: Helm
+      app.kubernetes.io/name: mariadb
+      app.kubernetes.io/version: 11.4.4
+      helm.sh/chart: mariadb-20.1.0
+  policyTypes:
+    - Ingress
+    - Egress
+  egress:
+    - {}
+  ingress:
+    - ports:
+        - port: 3306
+        - port: 3306
+---
+# Source: yourls/charts/mariadb/templates/primary/pdb.yaml
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+    app.kubernetes.io/component: primary
+spec:
+  maxUnavailable: 1
+  selector:
+    matchLabels:
+      app.kubernetes.io/instance: yourls
+      app.kubernetes.io/name: mariadb
+      app.kubernetes.io/component: primary
+---
 # Source: yourls/charts/mariadb/templates/serviceaccount.yaml
 apiVersion: v1
 kind: ServiceAccount
@@ -5,10 +54,10 @@
   name: yourls-mariadb
   namespace: "default"
   labels:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
-  annotations:
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
 automountServiceAccountToken: false
 ---
 # Source: yourls/charts/mariadb/templates/secrets.yaml
@@ -18,13 +67,14 @@
   name: yourls-mariadb
   namespace: "default"
   labels:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
 type: Opaque
 data:
-  mariadb-root-password: "YzNabjg0dGZCUw=="
-  mariadb-password: "TGFWQzBVY1EwYQ=="
+  mariadb-root-password: "dmhEelBENFoyRQ=="
+  mariadb-password: "SzNsWGVZa2JuTw=="
 ---
 # Source: yourls/templates/secrets.yaml
 apiVersion: v1
@@ -33,9 +83,9 @@
   name: yourls
   namespace: "default"
   labels:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
 type: kubernetes.io/basic-auth
 data:
   username: "ZGZyb2Jlcmc="
@@ -48,9 +98,10 @@
   name: yourls-mariadb
   namespace: "default"
   labels:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
     app.kubernetes.io/component: primary
 data:
   my.cnf: |-
@@ -58,6 +109,7 @@
     skip-name-resolve
     explicit_defaults_for_timestamp
     basedir=/opt/bitnami/mariadb
+    datadir=/bitnami/mariadb/data
     plugin_dir=/opt/bitnami/mariadb/plugin
     port=3306
     socket=/opt/bitnami/mariadb/tmp/mysql.sock
@@ -69,9 +121,8 @@
     character-set-server=UTF8
     collation-server=utf8_general_ci
     slow_query_log=0
-    slow_query_log_file=/opt/bitnami/mariadb/logs/mysqld.log
     long_query_time=10.0
-
+    binlog_expire_logs_seconds=2592000
     [client]
     port=3306
     socket=/opt/bitnami/mariadb/tmp/mysql.sock
@@ -83,6 +134,51 @@
     socket=/opt/bitnami/mariadb/tmp/mysql.sock
     pid-file=/opt/bitnami/mariadb/tmp/mysqld.pid
 ---
+# Source: yourls/templates/metrics-httpd-configmap.yaml
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: yourls-apache-metrics
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
+data:
+  00_status-vhost.conf: |-
+    <VirtualHost 127.0.0.1:80>
+      ServerName status.localhost
+      <Location /server-status>
+        Require local
+        SetHandler server-status
+      </Location>
+    </VirtualHost>
+---
+# Source: yourls/charts/mariadb/templates/headless-svc.yaml
+apiVersion: v1
+kind: Service
+metadata:
+  name: yourls-mariadb-headless
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+spec:
+  type: ClusterIP
+  publishNotReadyAddresses: true
+  clusterIP: None
+  ports:
+    - name: mysql
+      port: 3306
+      protocol: TCP
+      targetPort: mysql
+  selector:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+---
 # Source: yourls/charts/mariadb/templates/primary/svc.yaml
 apiVersion: v1
 kind: Service
@@ -90,9 +186,10 @@
   name: yourls-mariadb
   namespace: "default"
   labels:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
     app.kubernetes.io/component: primary
   annotations:
 spec:
@@ -105,8 +202,8 @@
       targetPort: mysql
       nodePort: null
   selector:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: mariadb
     app.kubernetes.io/component: primary
 ---
 # Source: yourls/templates/metrics-svc.yaml
@@ -116,12 +213,12 @@
   name: yourls-metrics
   namespace: "default"
   labels:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
     app.kubernetes.io/component: metrics
   annotations:
-    prometheus.io/port: '9117'
+    prometheus.io/port: "9117"
     prometheus.io/scrape: "true"
 spec:
   type: ClusterIP
@@ -131,8 +228,8 @@
       protocol: TCP
       targetPort: metrics
   selector:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: yourls
 ---
 # Source: yourls/templates/service.yaml
 apiVersion: v1
@@ -141,9 +238,9 @@
   name: yourls
   namespace: "default"
   labels:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
 spec:
   type: ClusterIP
   ports:
@@ -158,8 +255,8 @@
       targetPort: https
       nodePort: null
   selector:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: yourls
 ---
 # Source: yourls/templates/deployment.yaml
 apiVersion: apps/v1
@@ -168,24 +265,23 @@
   name: yourls
   namespace: "default"
   labels:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
 spec:
   selector:
     matchLabels:
-      app.kubernetes.io/name: yourls
       app.kubernetes.io/instance: yourls
+      app.kubernetes.io/name: yourls
   strategy:
-    rollingUpdate: {}
     type: RollingUpdate
   replicas: 1
   template:
     metadata:
       labels:
-        app.kubernetes.io/name: yourls
         app.kubernetes.io/instance: yourls
         app.kubernetes.io/managed-by: Helm
+        app.kubernetes.io/name: yourls
       annotations:
         prometheus.io/port: '9117'
         prometheus.io/scrape: "true"
@@ -204,10 +300,8 @@
             - podAffinityTerm:
                 labelSelector:
                   matchLabels:
-                    app.kubernetes.io/name: yourls
                     app.kubernetes.io/instance: yourls
-                namespaces:
-                  - "default"
+                    app.kubernetes.io/name: yourls
                 topologyKey: kubernetes.io/hostname
               weight: 1
         nodeAffinity:
@@ -289,8 +383,11 @@
           volumeMounts:
             - mountPath: /var/www/html
               name: yourls-data
+            - name: apache-metrics
+              mountPath: /etc/apache2/sites-available/00_status-vhost.conf
+              subPath: 00_status-vhost.conf
         - name: metrics
-          image: docker.io/bitnami/apache-exporter:0.11.0-debian-10-r36
+          image: docker.io/bitnami/apache-exporter:1.0.9-debian-12-r3
           imagePullPolicy: "Always"
           command:
             - /bin/apache_exporter
@@ -300,21 +397,50 @@
             - name: metrics
               containerPort: 9117
           livenessProbe:
+            failureThreshold: 3
+            initialDelaySeconds: 15
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 5
             httpGet:
               path: /metrics
               port: metrics
-            initialDelaySeconds: 15
-            timeoutSeconds: 5
           readinessProbe:
+            failureThreshold: 3
+            initialDelaySeconds: 5
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 3
             httpGet:
               path: /metrics
               port: metrics
-            initialDelaySeconds: 5
-            timeoutSeconds: 1
           resources:
-            limits: {}
-            requests: {}
+            limits:
+              cpu: 150m
+              ephemeral-storage: 2Gi
+              memory: 192Mi
+            requests:
+              cpu: 100m
+              ephemeral-storage: 50Mi
+              memory: 128Mi
+          securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            privileged: false
+            readOnlyRootFilesystem: true
+            runAsGroup: 1001
+            runAsNonRoot: true
+            runAsUser: 1001
+            seLinuxOptions: {}
+            seccompProfile:
+              type: RuntimeDefault
       volumes:
+        - name: apache-metrics
+          configMap:
+            name: yourls-apache-metrics
+            defaultMode: 0644
         - name: yourls-data
           persistentVolumeClaim:
             claimName: yourls-config-pvc
@@ -326,31 +452,35 @@
   name: yourls-mariadb
   namespace: "default"
   labels:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
     app.kubernetes.io/component: primary
 spec:
   replicas: 1
   revisionHistoryLimit: 10
   selector:
     matchLabels:
-      app.kubernetes.io/name: mariadb
       app.kubernetes.io/instance: yourls
+      app.kubernetes.io/name: mariadb
+      app.kubernetes.io/part-of: mariadb
       app.kubernetes.io/component: primary
-  serviceName: yourls-mariadb
+  serviceName: yourls-mariadb-headless
   updateStrategy:
     type: RollingUpdate
   template:
     metadata:
       annotations:
-        checksum/configuration: af5c671ff745ded0f8434c386e4bfffd387106e11527eecb5adb4f3e6fa0a454
+        checksum/configuration: 1fee1dd6752bbc8db72a4d5e77298f5179a7b8cebad2c74f8064506dd3fb5d30
       labels:
-        app.kubernetes.io/name: mariadb
         app.kubernetes.io/instance: yourls
         app.kubernetes.io/managed-by: Helm
+        app.kubernetes.io/name: mariadb
+        app.kubernetes.io/part-of: mariadb
         app.kubernetes.io/component: primary
     spec:
+      automountServiceAccountToken: false
       serviceAccountName: yourls-mariadb
       affinity:
         podAffinity:
@@ -359,23 +489,75 @@
             - podAffinityTerm:
                 labelSelector:
                   matchLabels:
-                    app.kubernetes.io/name: mariadb
                     app.kubernetes.io/instance: yourls
+                    app.kubernetes.io/name: mariadb
                     app.kubernetes.io/component: primary
-                namespaces:
-                  - "default"
                 topologyKey: kubernetes.io/hostname
               weight: 1
         nodeAffinity:
       securityContext:
         fsGroup: 1001
+        fsGroupChangePolicy: Always
+        supplementalGroups: []
+        sysctls: []
+      initContainers:
+        - name: preserve-logs-symlinks
+          image: docker.io/bitnami/mariadb:11.4.4-debian-12-r0
+          imagePullPolicy: "IfNotPresent"
+          securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            privileged: false
+            readOnlyRootFilesystem: true
+            runAsGroup: 1001
+            runAsNonRoot: true
+            runAsUser: 1001
+            seLinuxOptions: {}
+            seccompProfile:
+              type: RuntimeDefault
+          resources:
+            limits:
+              cpu: 375m
+              ephemeral-storage: 2Gi
+              memory: 384Mi
+            requests:
+              cpu: 250m
+              ephemeral-storage: 50Mi
+              memory: 256Mi
+          command:
+            - /bin/bash
+          args:
+            - -ec
+            - |
+              #!/bin/bash
+
+              . /opt/bitnami/scripts/libfs.sh
+              # We copy the logs folder because it has symlinks to stdout and stderr
+              if ! is_dir_empty /opt/bitnami/mariadb/logs; then
+                cp -r /opt/bitnami/mariadb/logs /emptydir/app-logs-dir
+              fi
+          volumeMounts:
+            - name: empty-dir
+              mountPath: /emptydir
       containers:
         - name: mariadb
-          image: docker.io/bitnami/mariadb:10.6.10-debian-11-r6
+          image: docker.io/bitnami/mariadb:11.4.4-debian-12-r0
           imagePullPolicy: "IfNotPresent"
           securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            privileged: false
+            readOnlyRootFilesystem: true
+            runAsGroup: 1001
             runAsNonRoot: true
             runAsUser: 1001
+            seLinuxOptions: {}
+            seccompProfile:
+              type: RuntimeDefault
           env:
             - name: BITNAMI_DEBUG
               value: "false"
@@ -393,6 +575,8 @@
                   key: mariadb-password
             - name: MARIADB_DATABASE
               value: "yourls"
+            - name: MARIADB_ENABLE_SSL
+              value: "no"
           ports:
             - name: mysql
               containerPort: 3306
@@ -411,7 +595,7 @@
                   if [[ -f "${MARIADB_ROOT_PASSWORD_FILE:-}" ]]; then
                       password_aux=$(cat "$MARIADB_ROOT_PASSWORD_FILE")
                   fi
-                  mysqladmin status -uroot -p"${password_aux}"
+                  mariadb-admin status -uroot -p"${password_aux}"
           readinessProbe:
             failureThreshold: 3
             initialDelaySeconds: 30
@@ -427,17 +611,37 @@
                   if [[ -f "${MARIADB_ROOT_PASSWORD_FILE:-}" ]]; then
                       password_aux=$(cat "$MARIADB_ROOT_PASSWORD_FILE")
                   fi
-                  mysqladmin status -uroot -p"${password_aux}"
+                  mariadb-admin ping -uroot -p"${password_aux}"
           resources:
-            limits: {}
-            requests: {}
+            limits:
+              cpu: 375m
+              ephemeral-storage: 2Gi
+              memory: 384Mi
+            requests:
+              cpu: 250m
+              ephemeral-storage: 50Mi
+              memory: 256Mi
           volumeMounts:
             - name: data
               mountPath: /bitnami/mariadb
             - name: config
               mountPath: /opt/bitnami/mariadb/conf/my.cnf
               subPath: my.cnf
+            - name: empty-dir
+              mountPath: /tmp
+              subPath: tmp-dir
+            - name: empty-dir
+              mountPath: /opt/bitnami/mariadb/conf
+              subPath: app-conf-dir
+            - name: empty-dir
+              mountPath: /opt/bitnami/mariadb/tmp
+              subPath: app-tmp-dir
+            - name: empty-dir
+              mountPath: /opt/bitnami/mariadb/logs
+              subPath: app-logs-dir
       volumes:
+        - name: empty-dir
+          emptyDir: {}
         - name: config
           configMap:
             name: yourls-mariadb
@@ -445,8 +649,8 @@
     - metadata:
         name: data
         labels:
-          app.kubernetes.io/name: mariadb
           app.kubernetes.io/instance: yourls
+          app.kubernetes.io/name: mariadb
           app.kubernetes.io/component: primary
       spec:
         accessModes:
@@ -462,9 +666,9 @@
   name: yourls
   namespace: "default"
   labels:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
   annotations:
     external-dns.alpha.kubernetes.io/target: ipv4.${SECRET_DOMAIN}
     external-dns/is-public: "true"

github-actions · 2024-11-27T21:46:17Z

Path: cluster/apps/collab/yourls/helm-release.yaml
Version: 5.2.7 -> 7.0.2

@@ -1,3 +1,52 @@
+# Source: yourls/charts/mariadb/templates/networkpolicy.yaml
+kind: NetworkPolicy
+apiVersion: networking.k8s.io/v1
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+spec:
+  podSelector:
+    matchLabels:
+      app.kubernetes.io/instance: yourls
+      app.kubernetes.io/managed-by: Helm
+      app.kubernetes.io/name: mariadb
+      app.kubernetes.io/version: 11.4.4
+      helm.sh/chart: mariadb-20.1.0
+  policyTypes:
+    - Ingress
+    - Egress
+  egress:
+    - {}
+  ingress:
+    - ports:
+        - port: 3306
+        - port: 3306
+---
+# Source: yourls/charts/mariadb/templates/primary/pdb.yaml
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+    app.kubernetes.io/component: primary
+spec:
+  maxUnavailable: 1
+  selector:
+    matchLabels:
+      app.kubernetes.io/instance: yourls
+      app.kubernetes.io/name: mariadb
+      app.kubernetes.io/component: primary
+---
 # Source: yourls/charts/mariadb/templates/serviceaccount.yaml
 apiVersion: v1
 kind: ServiceAccount
@@ -5,10 +54,10 @@
   name: yourls-mariadb
   namespace: "default"
   labels:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
-  annotations:
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
 automountServiceAccountToken: false
 ---
 # Source: yourls/charts/mariadb/templates/secrets.yaml
@@ -18,13 +67,14 @@
   name: yourls-mariadb
   namespace: "default"
   labels:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
 type: Opaque
 data:
-  mariadb-root-password: "ZENqdFdFeGFwRw=="
-  mariadb-password: "UVBhTG1sMjN2YQ=="
+  mariadb-root-password: "OTVtZDR0VkNLQQ=="
+  mariadb-password: "TVg4Q3dCVE0wZQ=="
 ---
 # Source: yourls/templates/secrets.yaml
 apiVersion: v1
@@ -33,9 +83,9 @@
   name: yourls
   namespace: "default"
   labels:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
 type: kubernetes.io/basic-auth
 data:
   username: "ZGZyb2Jlcmc="
@@ -48,9 +98,10 @@
   name: yourls-mariadb
   namespace: "default"
   labels:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
     app.kubernetes.io/component: primary
 data:
   my.cnf: |-
@@ -58,6 +109,7 @@
     skip-name-resolve
     explicit_defaults_for_timestamp
     basedir=/opt/bitnami/mariadb
+    datadir=/bitnami/mariadb/data
     plugin_dir=/opt/bitnami/mariadb/plugin
     port=3306
     socket=/opt/bitnami/mariadb/tmp/mysql.sock
@@ -69,9 +121,8 @@
     character-set-server=UTF8
     collation-server=utf8_general_ci
     slow_query_log=0
-    slow_query_log_file=/opt/bitnami/mariadb/logs/mysqld.log
     long_query_time=10.0
-
+    binlog_expire_logs_seconds=2592000
     [client]
     port=3306
     socket=/opt/bitnami/mariadb/tmp/mysql.sock
@@ -83,6 +134,51 @@
     socket=/opt/bitnami/mariadb/tmp/mysql.sock
     pid-file=/opt/bitnami/mariadb/tmp/mysqld.pid
 ---
+# Source: yourls/templates/metrics-httpd-configmap.yaml
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: yourls-apache-metrics
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
+data:
+  00_status-vhost.conf: |-
+    <VirtualHost 127.0.0.1:80>
+      ServerName status.localhost
+      <Location /server-status>
+        Require local
+        SetHandler server-status
+      </Location>
+    </VirtualHost>
+---
+# Source: yourls/charts/mariadb/templates/headless-svc.yaml
+apiVersion: v1
+kind: Service
+metadata:
+  name: yourls-mariadb-headless
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+spec:
+  type: ClusterIP
+  publishNotReadyAddresses: true
+  clusterIP: None
+  ports:
+    - name: mysql
+      port: 3306
+      protocol: TCP
+      targetPort: mysql
+  selector:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+---
 # Source: yourls/charts/mariadb/templates/primary/svc.yaml
 apiVersion: v1
 kind: Service
@@ -90,9 +186,10 @@
   name: yourls-mariadb
   namespace: "default"
   labels:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
     app.kubernetes.io/component: primary
   annotations:
 spec:
@@ -105,8 +202,8 @@
       targetPort: mysql
       nodePort: null
   selector:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: mariadb
     app.kubernetes.io/component: primary
 ---
 # Source: yourls/templates/metrics-svc.yaml
@@ -116,12 +213,12 @@
   name: yourls-metrics
   namespace: "default"
   labels:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
     app.kubernetes.io/component: metrics
   annotations:
-    prometheus.io/port: '9117'
+    prometheus.io/port: "9117"
     prometheus.io/scrape: "true"
 spec:
   type: ClusterIP
@@ -131,8 +228,8 @@
       protocol: TCP
       targetPort: metrics
   selector:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: yourls
 ---
 # Source: yourls/templates/service.yaml
 apiVersion: v1
@@ -141,9 +238,9 @@
   name: yourls
   namespace: "default"
   labels:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
 spec:
   type: ClusterIP
   ports:
@@ -158,8 +255,8 @@
       targetPort: https
       nodePort: null
   selector:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: yourls
 ---
 # Source: yourls/templates/deployment.yaml
 apiVersion: apps/v1
@@ -168,24 +265,23 @@
   name: yourls
   namespace: "default"
   labels:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
 spec:
   selector:
     matchLabels:
-      app.kubernetes.io/name: yourls
       app.kubernetes.io/instance: yourls
+      app.kubernetes.io/name: yourls
   strategy:
-    rollingUpdate: {}
     type: RollingUpdate
   replicas: 1
   template:
     metadata:
       labels:
-        app.kubernetes.io/name: yourls
         app.kubernetes.io/instance: yourls
         app.kubernetes.io/managed-by: Helm
+        app.kubernetes.io/name: yourls
       annotations:
         prometheus.io/port: '9117'
         prometheus.io/scrape: "true"
@@ -204,10 +300,8 @@
             - podAffinityTerm:
                 labelSelector:
                   matchLabels:
-                    app.kubernetes.io/name: yourls
                     app.kubernetes.io/instance: yourls
-                namespaces:
-                  - "default"
+                    app.kubernetes.io/name: yourls
                 topologyKey: kubernetes.io/hostname
               weight: 1
         nodeAffinity:
@@ -289,8 +383,11 @@
           volumeMounts:
             - mountPath: /var/www/html
               name: yourls-data
+            - name: apache-metrics
+              mountPath: /etc/apache2/sites-available/00_status-vhost.conf
+              subPath: 00_status-vhost.conf
         - name: metrics
-          image: docker.io/bitnami/apache-exporter:0.11.0-debian-10-r36
+          image: docker.io/bitnami/apache-exporter:1.0.9-debian-12-r3
           imagePullPolicy: "Always"
           command:
             - /bin/apache_exporter
@@ -300,21 +397,50 @@
             - name: metrics
               containerPort: 9117
           livenessProbe:
+            failureThreshold: 3
+            initialDelaySeconds: 15
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 5
             httpGet:
               path: /metrics
               port: metrics
-            initialDelaySeconds: 15
-            timeoutSeconds: 5
           readinessProbe:
+            failureThreshold: 3
+            initialDelaySeconds: 5
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 3
             httpGet:
               path: /metrics
               port: metrics
-            initialDelaySeconds: 5
-            timeoutSeconds: 1
           resources:
-            limits: {}
-            requests: {}
+            limits:
+              cpu: 150m
+              ephemeral-storage: 2Gi
+              memory: 192Mi
+            requests:
+              cpu: 100m
+              ephemeral-storage: 50Mi
+              memory: 128Mi
+          securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            privileged: false
+            readOnlyRootFilesystem: true
+            runAsGroup: 1001
+            runAsNonRoot: true
+            runAsUser: 1001
+            seLinuxOptions: {}
+            seccompProfile:
+              type: RuntimeDefault
       volumes:
+        - name: apache-metrics
+          configMap:
+            name: yourls-apache-metrics
+            defaultMode: 0644
         - name: yourls-data
           persistentVolumeClaim:
             claimName: yourls-config-pvc
@@ -326,31 +452,35 @@
   name: yourls-mariadb
   namespace: "default"
   labels:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
     app.kubernetes.io/component: primary
 spec:
   replicas: 1
   revisionHistoryLimit: 10
   selector:
     matchLabels:
-      app.kubernetes.io/name: mariadb
       app.kubernetes.io/instance: yourls
+      app.kubernetes.io/name: mariadb
+      app.kubernetes.io/part-of: mariadb
       app.kubernetes.io/component: primary
-  serviceName: yourls-mariadb
+  serviceName: yourls-mariadb-headless
   updateStrategy:
     type: RollingUpdate
   template:
     metadata:
       annotations:
-        checksum/configuration: af5c671ff745ded0f8434c386e4bfffd387106e11527eecb5adb4f3e6fa0a454
+        checksum/configuration: 1fee1dd6752bbc8db72a4d5e77298f5179a7b8cebad2c74f8064506dd3fb5d30
       labels:
-        app.kubernetes.io/name: mariadb
         app.kubernetes.io/instance: yourls
         app.kubernetes.io/managed-by: Helm
+        app.kubernetes.io/name: mariadb
+        app.kubernetes.io/part-of: mariadb
         app.kubernetes.io/component: primary
     spec:
+      automountServiceAccountToken: false
       serviceAccountName: yourls-mariadb
       affinity:
         podAffinity:
@@ -359,23 +489,75 @@
             - podAffinityTerm:
                 labelSelector:
                   matchLabels:
-                    app.kubernetes.io/name: mariadb
                     app.kubernetes.io/instance: yourls
+                    app.kubernetes.io/name: mariadb
                     app.kubernetes.io/component: primary
-                namespaces:
-                  - "default"
                 topologyKey: kubernetes.io/hostname
               weight: 1
         nodeAffinity:
       securityContext:
         fsGroup: 1001
+        fsGroupChangePolicy: Always
+        supplementalGroups: []
+        sysctls: []
+      initContainers:
+        - name: preserve-logs-symlinks
+          image: docker.io/bitnami/mariadb:11.4.4-debian-12-r0
+          imagePullPolicy: "IfNotPresent"
+          securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            privileged: false
+            readOnlyRootFilesystem: true
+            runAsGroup: 1001
+            runAsNonRoot: true
+            runAsUser: 1001
+            seLinuxOptions: {}
+            seccompProfile:
+              type: RuntimeDefault
+          resources:
+            limits:
+              cpu: 375m
+              ephemeral-storage: 2Gi
+              memory: 384Mi
+            requests:
+              cpu: 250m
+              ephemeral-storage: 50Mi
+              memory: 256Mi
+          command:
+            - /bin/bash
+          args:
+            - -ec
+            - |
+              #!/bin/bash
+
+              . /opt/bitnami/scripts/libfs.sh
+              # We copy the logs folder because it has symlinks to stdout and stderr
+              if ! is_dir_empty /opt/bitnami/mariadb/logs; then
+                cp -r /opt/bitnami/mariadb/logs /emptydir/app-logs-dir
+              fi
+          volumeMounts:
+            - name: empty-dir
+              mountPath: /emptydir
       containers:
         - name: mariadb
-          image: docker.io/bitnami/mariadb:10.6.10-debian-11-r6
+          image: docker.io/bitnami/mariadb:11.4.4-debian-12-r0
           imagePullPolicy: "IfNotPresent"
           securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            privileged: false
+            readOnlyRootFilesystem: true
+            runAsGroup: 1001
             runAsNonRoot: true
             runAsUser: 1001
+            seLinuxOptions: {}
+            seccompProfile:
+              type: RuntimeDefault
           env:
             - name: BITNAMI_DEBUG
               value: "false"
@@ -393,6 +575,8 @@
                   key: mariadb-password
             - name: MARIADB_DATABASE
               value: "yourls"
+            - name: MARIADB_ENABLE_SSL
+              value: "no"
           ports:
             - name: mysql
               containerPort: 3306
@@ -411,7 +595,7 @@
                   if [[ -f "${MARIADB_ROOT_PASSWORD_FILE:-}" ]]; then
                       password_aux=$(cat "$MARIADB_ROOT_PASSWORD_FILE")
                   fi
-                  mysqladmin status -uroot -p"${password_aux}"
+                  mariadb-admin status -uroot -p"${password_aux}"
           readinessProbe:
             failureThreshold: 3
             initialDelaySeconds: 30
@@ -427,17 +611,37 @@
                   if [[ -f "${MARIADB_ROOT_PASSWORD_FILE:-}" ]]; then
                       password_aux=$(cat "$MARIADB_ROOT_PASSWORD_FILE")
                   fi
-                  mysqladmin status -uroot -p"${password_aux}"
+                  mariadb-admin ping -uroot -p"${password_aux}"
           resources:
-            limits: {}
-            requests: {}
+            limits:
+              cpu: 375m
+              ephemeral-storage: 2Gi
+              memory: 384Mi
+            requests:
+              cpu: 250m
+              ephemeral-storage: 50Mi
+              memory: 256Mi
           volumeMounts:
             - name: data
               mountPath: /bitnami/mariadb
             - name: config
               mountPath: /opt/bitnami/mariadb/conf/my.cnf
               subPath: my.cnf
+            - name: empty-dir
+              mountPath: /tmp
+              subPath: tmp-dir
+            - name: empty-dir
+              mountPath: /opt/bitnami/mariadb/conf
+              subPath: app-conf-dir
+            - name: empty-dir
+              mountPath: /opt/bitnami/mariadb/tmp
+              subPath: app-tmp-dir
+            - name: empty-dir
+              mountPath: /opt/bitnami/mariadb/logs
+              subPath: app-logs-dir
       volumes:
+        - name: empty-dir
+          emptyDir: {}
         - name: config
           configMap:
             name: yourls-mariadb
@@ -445,8 +649,8 @@
     - metadata:
         name: data
         labels:
-          app.kubernetes.io/name: mariadb
           app.kubernetes.io/instance: yourls
+          app.kubernetes.io/name: mariadb
           app.kubernetes.io/component: primary
       spec:
         accessModes:
@@ -462,9 +666,9 @@
   name: yourls
   namespace: "default"
   labels:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
   annotations:
     external-dns.alpha.kubernetes.io/target: ipv4.${SECRET_DOMAIN}
     external-dns/is-public: "true"

github-actions · 2024-11-28T21:36:58Z

Path: cluster/apps/collab/yourls/helm-release.yaml
Version: 5.2.7 -> 7.0.3

@@ -1,3 +1,52 @@
+# Source: yourls/charts/mariadb/templates/networkpolicy.yaml
+kind: NetworkPolicy
+apiVersion: networking.k8s.io/v1
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+spec:
+  podSelector:
+    matchLabels:
+      app.kubernetes.io/instance: yourls
+      app.kubernetes.io/managed-by: Helm
+      app.kubernetes.io/name: mariadb
+      app.kubernetes.io/version: 11.4.4
+      helm.sh/chart: mariadb-20.1.1
+  policyTypes:
+    - Ingress
+    - Egress
+  egress:
+    - {}
+  ingress:
+    - ports:
+        - port: 3306
+        - port: 3306
+---
+# Source: yourls/charts/mariadb/templates/primary/pdb.yaml
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+    app.kubernetes.io/component: primary
+spec:
+  maxUnavailable: 1
+  selector:
+    matchLabels:
+      app.kubernetes.io/instance: yourls
+      app.kubernetes.io/name: mariadb
+      app.kubernetes.io/component: primary
+---
 # Source: yourls/charts/mariadb/templates/serviceaccount.yaml
 apiVersion: v1
 kind: ServiceAccount
@@ -5,10 +54,10 @@
   name: yourls-mariadb
   namespace: "default"
   labels:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
-  annotations:
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
 automountServiceAccountToken: false
 ---
 # Source: yourls/charts/mariadb/templates/secrets.yaml
@@ -18,13 +67,14 @@
   name: yourls-mariadb
   namespace: "default"
   labels:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
 type: Opaque
 data:
-  mariadb-root-password: "dUZrb2FuS0NWbA=="
-  mariadb-password: "THo2YWRiQ21jVw=="
+  mariadb-root-password: "VE90QWc2V0JGZg=="
+  mariadb-password: "cXVGdDlrUmlVQw=="
 ---
 # Source: yourls/templates/secrets.yaml
 apiVersion: v1
@@ -33,9 +83,9 @@
   name: yourls
   namespace: "default"
   labels:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
 type: kubernetes.io/basic-auth
 data:
   username: "ZGZyb2Jlcmc="
@@ -48,9 +98,10 @@
   name: yourls-mariadb
   namespace: "default"
   labels:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
     app.kubernetes.io/component: primary
 data:
   my.cnf: |-
@@ -58,6 +109,7 @@
     skip-name-resolve
     explicit_defaults_for_timestamp
     basedir=/opt/bitnami/mariadb
+    datadir=/bitnami/mariadb/data
     plugin_dir=/opt/bitnami/mariadb/plugin
     port=3306
     socket=/opt/bitnami/mariadb/tmp/mysql.sock
@@ -69,9 +121,8 @@
     character-set-server=UTF8
     collation-server=utf8_general_ci
     slow_query_log=0
-    slow_query_log_file=/opt/bitnami/mariadb/logs/mysqld.log
     long_query_time=10.0
-
+    binlog_expire_logs_seconds=2592000
     [client]
     port=3306
     socket=/opt/bitnami/mariadb/tmp/mysql.sock
@@ -83,6 +134,51 @@
     socket=/opt/bitnami/mariadb/tmp/mysql.sock
     pid-file=/opt/bitnami/mariadb/tmp/mysqld.pid
 ---
+# Source: yourls/templates/metrics-httpd-configmap.yaml
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: yourls-apache-metrics
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
+data:
+  00_status-vhost.conf: |-
+    <VirtualHost 127.0.0.1:80>
+      ServerName status.localhost
+      <Location /server-status>
+        Require local
+        SetHandler server-status
+      </Location>
+    </VirtualHost>
+---
+# Source: yourls/charts/mariadb/templates/headless-svc.yaml
+apiVersion: v1
+kind: Service
+metadata:
+  name: yourls-mariadb-headless
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+spec:
+  type: ClusterIP
+  publishNotReadyAddresses: true
+  clusterIP: None
+  ports:
+    - name: mysql
+      port: 3306
+      protocol: TCP
+      targetPort: mysql
+  selector:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+---
 # Source: yourls/charts/mariadb/templates/primary/svc.yaml
 apiVersion: v1
 kind: Service
@@ -90,9 +186,10 @@
   name: yourls-mariadb
   namespace: "default"
   labels:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
     app.kubernetes.io/component: primary
   annotations:
 spec:
@@ -105,8 +202,8 @@
       targetPort: mysql
       nodePort: null
   selector:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: mariadb
     app.kubernetes.io/component: primary
 ---
 # Source: yourls/templates/metrics-svc.yaml
@@ -116,12 +213,12 @@
   name: yourls-metrics
   namespace: "default"
   labels:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
     app.kubernetes.io/component: metrics
   annotations:
-    prometheus.io/port: '9117'
+    prometheus.io/port: "9117"
     prometheus.io/scrape: "true"
 spec:
   type: ClusterIP
@@ -131,8 +228,8 @@
       protocol: TCP
       targetPort: metrics
   selector:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: yourls
 ---
 # Source: yourls/templates/service.yaml
 apiVersion: v1
@@ -141,9 +238,9 @@
   name: yourls
   namespace: "default"
   labels:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
 spec:
   type: ClusterIP
   ports:
@@ -158,8 +255,8 @@
       targetPort: https
       nodePort: null
   selector:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: yourls
 ---
 # Source: yourls/templates/deployment.yaml
 apiVersion: apps/v1
@@ -168,24 +265,23 @@
   name: yourls
   namespace: "default"
   labels:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
 spec:
   selector:
     matchLabels:
-      app.kubernetes.io/name: yourls
       app.kubernetes.io/instance: yourls
+      app.kubernetes.io/name: yourls
   strategy:
-    rollingUpdate: {}
     type: RollingUpdate
   replicas: 1
   template:
     metadata:
       labels:
-        app.kubernetes.io/name: yourls
         app.kubernetes.io/instance: yourls
         app.kubernetes.io/managed-by: Helm
+        app.kubernetes.io/name: yourls
       annotations:
         prometheus.io/port: '9117'
         prometheus.io/scrape: "true"
@@ -204,10 +300,8 @@
             - podAffinityTerm:
                 labelSelector:
                   matchLabels:
-                    app.kubernetes.io/name: yourls
                     app.kubernetes.io/instance: yourls
-                namespaces:
-                  - "default"
+                    app.kubernetes.io/name: yourls
                 topologyKey: kubernetes.io/hostname
               weight: 1
         nodeAffinity:
@@ -289,8 +383,11 @@
           volumeMounts:
             - mountPath: /var/www/html
               name: yourls-data
+            - name: apache-metrics
+              mountPath: /etc/apache2/sites-available/00_status-vhost.conf
+              subPath: 00_status-vhost.conf
         - name: metrics
-          image: docker.io/bitnami/apache-exporter:0.11.0-debian-10-r36
+          image: docker.io/bitnami/apache-exporter:1.0.9-debian-12-r3
           imagePullPolicy: "Always"
           command:
             - /bin/apache_exporter
@@ -300,21 +397,50 @@
             - name: metrics
               containerPort: 9117
           livenessProbe:
+            failureThreshold: 3
+            initialDelaySeconds: 15
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 5
             httpGet:
               path: /metrics
               port: metrics
-            initialDelaySeconds: 15
-            timeoutSeconds: 5
           readinessProbe:
+            failureThreshold: 3
+            initialDelaySeconds: 5
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 3
             httpGet:
               path: /metrics
               port: metrics
-            initialDelaySeconds: 5
-            timeoutSeconds: 1
           resources:
-            limits: {}
-            requests: {}
+            limits:
+              cpu: 150m
+              ephemeral-storage: 2Gi
+              memory: 192Mi
+            requests:
+              cpu: 100m
+              ephemeral-storage: 50Mi
+              memory: 128Mi
+          securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            privileged: false
+            readOnlyRootFilesystem: true
+            runAsGroup: 1001
+            runAsNonRoot: true
+            runAsUser: 1001
+            seLinuxOptions: {}
+            seccompProfile:
+              type: RuntimeDefault
       volumes:
+        - name: apache-metrics
+          configMap:
+            name: yourls-apache-metrics
+            defaultMode: 0644
         - name: yourls-data
           persistentVolumeClaim:
             claimName: yourls-config-pvc
@@ -326,31 +452,35 @@
   name: yourls-mariadb
   namespace: "default"
   labels:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
     app.kubernetes.io/component: primary
 spec:
   replicas: 1
   revisionHistoryLimit: 10
   selector:
     matchLabels:
-      app.kubernetes.io/name: mariadb
       app.kubernetes.io/instance: yourls
+      app.kubernetes.io/name: mariadb
+      app.kubernetes.io/part-of: mariadb
       app.kubernetes.io/component: primary
-  serviceName: yourls-mariadb
+  serviceName: yourls-mariadb-headless
   updateStrategy:
     type: RollingUpdate
   template:
     metadata:
       annotations:
-        checksum/configuration: af5c671ff745ded0f8434c386e4bfffd387106e11527eecb5adb4f3e6fa0a454
+        checksum/configuration: b137c12cb19eb6808c39bb0a58af301b721fc06f98b3ac77407f49311d422cbc
       labels:
-        app.kubernetes.io/name: mariadb
         app.kubernetes.io/instance: yourls
         app.kubernetes.io/managed-by: Helm
+        app.kubernetes.io/name: mariadb
+        app.kubernetes.io/part-of: mariadb
         app.kubernetes.io/component: primary
     spec:
+      automountServiceAccountToken: false
       serviceAccountName: yourls-mariadb
       affinity:
         podAffinity:
@@ -359,23 +489,75 @@
             - podAffinityTerm:
                 labelSelector:
                   matchLabels:
-                    app.kubernetes.io/name: mariadb
                     app.kubernetes.io/instance: yourls
+                    app.kubernetes.io/name: mariadb
                     app.kubernetes.io/component: primary
-                namespaces:
-                  - "default"
                 topologyKey: kubernetes.io/hostname
               weight: 1
         nodeAffinity:
       securityContext:
         fsGroup: 1001
+        fsGroupChangePolicy: Always
+        supplementalGroups: []
+        sysctls: []
+      initContainers:
+        - name: preserve-logs-symlinks
+          image: docker.io/bitnami/mariadb:11.4.4-debian-12-r0
+          imagePullPolicy: "IfNotPresent"
+          securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            privileged: false
+            readOnlyRootFilesystem: true
+            runAsGroup: 1001
+            runAsNonRoot: true
+            runAsUser: 1001
+            seLinuxOptions: {}
+            seccompProfile:
+              type: RuntimeDefault
+          resources:
+            limits:
+              cpu: 375m
+              ephemeral-storage: 2Gi
+              memory: 384Mi
+            requests:
+              cpu: 250m
+              ephemeral-storage: 50Mi
+              memory: 256Mi
+          command:
+            - /bin/bash
+          args:
+            - -ec
+            - |
+              #!/bin/bash
+
+              . /opt/bitnami/scripts/libfs.sh
+              # We copy the logs folder because it has symlinks to stdout and stderr
+              if ! is_dir_empty /opt/bitnami/mariadb/logs; then
+                cp -r /opt/bitnami/mariadb/logs /emptydir/app-logs-dir
+              fi
+          volumeMounts:
+            - name: empty-dir
+              mountPath: /emptydir
       containers:
         - name: mariadb
-          image: docker.io/bitnami/mariadb:10.6.10-debian-11-r6
+          image: docker.io/bitnami/mariadb:11.4.4-debian-12-r0
           imagePullPolicy: "IfNotPresent"
           securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            privileged: false
+            readOnlyRootFilesystem: true
+            runAsGroup: 1001
             runAsNonRoot: true
             runAsUser: 1001
+            seLinuxOptions: {}
+            seccompProfile:
+              type: RuntimeDefault
           env:
             - name: BITNAMI_DEBUG
               value: "false"
@@ -393,6 +575,8 @@
                   key: mariadb-password
             - name: MARIADB_DATABASE
               value: "yourls"
+            - name: MARIADB_ENABLE_SSL
+              value: "no"
           ports:
             - name: mysql
               containerPort: 3306
@@ -411,7 +595,7 @@
                   if [[ -f "${MARIADB_ROOT_PASSWORD_FILE:-}" ]]; then
                       password_aux=$(cat "$MARIADB_ROOT_PASSWORD_FILE")
                   fi
-                  mysqladmin status -uroot -p"${password_aux}"
+                  mariadb-admin status -uroot -p"${password_aux}"
           readinessProbe:
             failureThreshold: 3
             initialDelaySeconds: 30
@@ -427,17 +611,37 @@
                   if [[ -f "${MARIADB_ROOT_PASSWORD_FILE:-}" ]]; then
                       password_aux=$(cat "$MARIADB_ROOT_PASSWORD_FILE")
                   fi
-                  mysqladmin status -uroot -p"${password_aux}"
+                  mariadb-admin ping -uroot -p"${password_aux}"
           resources:
-            limits: {}
-            requests: {}
+            limits:
+              cpu: 375m
+              ephemeral-storage: 2Gi
+              memory: 384Mi
+            requests:
+              cpu: 250m
+              ephemeral-storage: 50Mi
+              memory: 256Mi
           volumeMounts:
             - name: data
               mountPath: /bitnami/mariadb
             - name: config
               mountPath: /opt/bitnami/mariadb/conf/my.cnf
               subPath: my.cnf
+            - name: empty-dir
+              mountPath: /tmp
+              subPath: tmp-dir
+            - name: empty-dir
+              mountPath: /opt/bitnami/mariadb/conf
+              subPath: app-conf-dir
+            - name: empty-dir
+              mountPath: /opt/bitnami/mariadb/tmp
+              subPath: app-tmp-dir
+            - name: empty-dir
+              mountPath: /opt/bitnami/mariadb/logs
+              subPath: app-logs-dir
       volumes:
+        - name: empty-dir
+          emptyDir: {}
         - name: config
           configMap:
             name: yourls-mariadb
@@ -445,8 +649,8 @@
     - metadata:
         name: data
         labels:
-          app.kubernetes.io/name: mariadb
           app.kubernetes.io/instance: yourls
+          app.kubernetes.io/name: mariadb
           app.kubernetes.io/component: primary
       spec:
         accessModes:
@@ -462,9 +666,9 @@
   name: yourls
   namespace: "default"
   labels:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
   annotations:
     external-dns.alpha.kubernetes.io/target: ipv4.${SECRET_DOMAIN}
     external-dns/is-public: "true"

github-actions · 2024-11-29T10:36:05Z

Path: cluster/apps/collab/yourls/helm-release.yaml
Version: 5.2.7 -> 7.0.4

@@ -1,3 +1,52 @@
+# Source: yourls/charts/mariadb/templates/networkpolicy.yaml
+kind: NetworkPolicy
+apiVersion: networking.k8s.io/v1
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+spec:
+  podSelector:
+    matchLabels:
+      app.kubernetes.io/instance: yourls
+      app.kubernetes.io/managed-by: Helm
+      app.kubernetes.io/name: mariadb
+      app.kubernetes.io/version: 11.4.4
+      helm.sh/chart: mariadb-20.1.1
+  policyTypes:
+    - Ingress
+    - Egress
+  egress:
+    - {}
+  ingress:
+    - ports:
+        - port: 3306
+        - port: 3306
+---
+# Source: yourls/charts/mariadb/templates/primary/pdb.yaml
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+    app.kubernetes.io/component: primary
+spec:
+  maxUnavailable: 1
+  selector:
+    matchLabels:
+      app.kubernetes.io/instance: yourls
+      app.kubernetes.io/name: mariadb
+      app.kubernetes.io/component: primary
+---
 # Source: yourls/charts/mariadb/templates/serviceaccount.yaml
 apiVersion: v1
 kind: ServiceAccount
@@ -5,10 +54,10 @@
   name: yourls-mariadb
   namespace: "default"
   labels:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
-  annotations:
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
 automountServiceAccountToken: false
 ---
 # Source: yourls/charts/mariadb/templates/secrets.yaml
@@ -18,13 +67,14 @@
   name: yourls-mariadb
   namespace: "default"
   labels:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
 type: Opaque
 data:
-  mariadb-root-password: "c1pQYkpnRDJOdg=="
-  mariadb-password: "U2IzeG1FOHhlUQ=="
+  mariadb-root-password: "WjlyUVZtME9QeQ=="
+  mariadb-password: "cVhMeUdjVGRPYw=="
 ---
 # Source: yourls/templates/secrets.yaml
 apiVersion: v1
@@ -33,9 +83,9 @@
   name: yourls
   namespace: "default"
   labels:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
 type: kubernetes.io/basic-auth
 data:
   username: "ZGZyb2Jlcmc="
@@ -48,9 +98,10 @@
   name: yourls-mariadb
   namespace: "default"
   labels:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
     app.kubernetes.io/component: primary
 data:
   my.cnf: |-
@@ -58,6 +109,7 @@
     skip-name-resolve
     explicit_defaults_for_timestamp
     basedir=/opt/bitnami/mariadb
+    datadir=/bitnami/mariadb/data
     plugin_dir=/opt/bitnami/mariadb/plugin
     port=3306
     socket=/opt/bitnami/mariadb/tmp/mysql.sock
@@ -69,9 +121,8 @@
     character-set-server=UTF8
     collation-server=utf8_general_ci
     slow_query_log=0
-    slow_query_log_file=/opt/bitnami/mariadb/logs/mysqld.log
     long_query_time=10.0
-
+    binlog_expire_logs_seconds=2592000
     [client]
     port=3306
     socket=/opt/bitnami/mariadb/tmp/mysql.sock
@@ -83,6 +134,51 @@
     socket=/opt/bitnami/mariadb/tmp/mysql.sock
     pid-file=/opt/bitnami/mariadb/tmp/mysqld.pid
 ---
+# Source: yourls/templates/metrics-httpd-configmap.yaml
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: yourls-apache-metrics
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
+data:
+  00_status-vhost.conf: |-
+    <VirtualHost 127.0.0.1:80>
+      ServerName status.localhost
+      <Location /server-status>
+        Require local
+        SetHandler server-status
+      </Location>
+    </VirtualHost>
+---
+# Source: yourls/charts/mariadb/templates/headless-svc.yaml
+apiVersion: v1
+kind: Service
+metadata:
+  name: yourls-mariadb-headless
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+spec:
+  type: ClusterIP
+  publishNotReadyAddresses: true
+  clusterIP: None
+  ports:
+    - name: mysql
+      port: 3306
+      protocol: TCP
+      targetPort: mysql
+  selector:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+---
 # Source: yourls/charts/mariadb/templates/primary/svc.yaml
 apiVersion: v1
 kind: Service
@@ -90,9 +186,10 @@
   name: yourls-mariadb
   namespace: "default"
   labels:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
     app.kubernetes.io/component: primary
   annotations:
 spec:
@@ -105,8 +202,8 @@
       targetPort: mysql
       nodePort: null
   selector:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: mariadb
     app.kubernetes.io/component: primary
 ---
 # Source: yourls/templates/metrics-svc.yaml
@@ -116,12 +213,12 @@
   name: yourls-metrics
   namespace: "default"
   labels:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
     app.kubernetes.io/component: metrics
   annotations:
-    prometheus.io/port: '9117'
+    prometheus.io/port: "9117"
     prometheus.io/scrape: "true"
 spec:
   type: ClusterIP
@@ -131,8 +228,8 @@
       protocol: TCP
       targetPort: metrics
   selector:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: yourls
 ---
 # Source: yourls/templates/service.yaml
 apiVersion: v1
@@ -141,9 +238,9 @@
   name: yourls
   namespace: "default"
   labels:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
 spec:
   type: ClusterIP
   ports:
@@ -158,8 +255,8 @@
       targetPort: https
       nodePort: null
   selector:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: yourls
 ---
 # Source: yourls/templates/deployment.yaml
 apiVersion: apps/v1
@@ -168,24 +265,23 @@
   name: yourls
   namespace: "default"
   labels:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
 spec:
   selector:
     matchLabels:
-      app.kubernetes.io/name: yourls
       app.kubernetes.io/instance: yourls
+      app.kubernetes.io/name: yourls
   strategy:
-    rollingUpdate: {}
     type: RollingUpdate
   replicas: 1
   template:
     metadata:
       labels:
-        app.kubernetes.io/name: yourls
         app.kubernetes.io/instance: yourls
         app.kubernetes.io/managed-by: Helm
+        app.kubernetes.io/name: yourls
       annotations:
         prometheus.io/port: '9117'
         prometheus.io/scrape: "true"
@@ -204,10 +300,8 @@
             - podAffinityTerm:
                 labelSelector:
                   matchLabels:
-                    app.kubernetes.io/name: yourls
                     app.kubernetes.io/instance: yourls
-                namespaces:
-                  - "default"
+                    app.kubernetes.io/name: yourls
                 topologyKey: kubernetes.io/hostname
               weight: 1
         nodeAffinity:
@@ -289,32 +383,64 @@
           volumeMounts:
             - mountPath: /var/www/html
               name: yourls-data
+            - name: apache-metrics
+              mountPath: /etc/apache2/sites-available/00_status-vhost.conf
+              subPath: 00_status-vhost.conf
         - name: metrics
-          image: docker.io/bitnami/apache-exporter:0.11.0-debian-10-r36
+          image: docker.io/bitnami/apache-exporter:1.0.9-debian-12-r3
           imagePullPolicy: "Always"
           command:
             - /bin/apache_exporter
             - --scrape_uri
-            - http://status.localhost:8080/server-status/?auto
+            - http://status.localhost:80/server-status/?auto
           ports:
             - name: metrics
               containerPort: 9117
           livenessProbe:
+            failureThreshold: 3
+            initialDelaySeconds: 15
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 5
             httpGet:
               path: /metrics
               port: metrics
-            initialDelaySeconds: 15
-            timeoutSeconds: 5
           readinessProbe:
+            failureThreshold: 3
+            initialDelaySeconds: 5
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 3
             httpGet:
               path: /metrics
               port: metrics
-            initialDelaySeconds: 5
-            timeoutSeconds: 1
           resources:
-            limits: {}
-            requests: {}
+            limits:
+              cpu: 150m
+              ephemeral-storage: 2Gi
+              memory: 192Mi
+            requests:
+              cpu: 100m
+              ephemeral-storage: 50Mi
+              memory: 128Mi
+          securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            privileged: false
+            readOnlyRootFilesystem: true
+            runAsGroup: 1001
+            runAsNonRoot: true
+            runAsUser: 1001
+            seLinuxOptions: {}
+            seccompProfile:
+              type: RuntimeDefault
       volumes:
+        - name: apache-metrics
+          configMap:
+            name: yourls-apache-metrics
+            defaultMode: 0644
         - name: yourls-data
           persistentVolumeClaim:
             claimName: yourls-config-pvc
@@ -326,31 +452,35 @@
   name: yourls-mariadb
   namespace: "default"
   labels:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
     app.kubernetes.io/component: primary
 spec:
   replicas: 1
   revisionHistoryLimit: 10
   selector:
     matchLabels:
-      app.kubernetes.io/name: mariadb
       app.kubernetes.io/instance: yourls
+      app.kubernetes.io/name: mariadb
+      app.kubernetes.io/part-of: mariadb
       app.kubernetes.io/component: primary
-  serviceName: yourls-mariadb
+  serviceName: yourls-mariadb-headless
   updateStrategy:
     type: RollingUpdate
   template:
     metadata:
       annotations:
-        checksum/configuration: af5c671ff745ded0f8434c386e4bfffd387106e11527eecb5adb4f3e6fa0a454
+        checksum/configuration: b137c12cb19eb6808c39bb0a58af301b721fc06f98b3ac77407f49311d422cbc
       labels:
-        app.kubernetes.io/name: mariadb
         app.kubernetes.io/instance: yourls
         app.kubernetes.io/managed-by: Helm
+        app.kubernetes.io/name: mariadb
+        app.kubernetes.io/part-of: mariadb
         app.kubernetes.io/component: primary
     spec:
+      automountServiceAccountToken: false
       serviceAccountName: yourls-mariadb
       affinity:
         podAffinity:
@@ -359,23 +489,75 @@
             - podAffinityTerm:
                 labelSelector:
                   matchLabels:
-                    app.kubernetes.io/name: mariadb
                     app.kubernetes.io/instance: yourls
+                    app.kubernetes.io/name: mariadb
                     app.kubernetes.io/component: primary
-                namespaces:
-                  - "default"
                 topologyKey: kubernetes.io/hostname
               weight: 1
         nodeAffinity:
       securityContext:
         fsGroup: 1001
+        fsGroupChangePolicy: Always
+        supplementalGroups: []
+        sysctls: []
+      initContainers:
+        - name: preserve-logs-symlinks
+          image: docker.io/bitnami/mariadb:11.4.4-debian-12-r0
+          imagePullPolicy: "IfNotPresent"
+          securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            privileged: false
+            readOnlyRootFilesystem: true
+            runAsGroup: 1001
+            runAsNonRoot: true
+            runAsUser: 1001
+            seLinuxOptions: {}
+            seccompProfile:
+              type: RuntimeDefault
+          resources:
+            limits:
+              cpu: 375m
+              ephemeral-storage: 2Gi
+              memory: 384Mi
+            requests:
+              cpu: 250m
+              ephemeral-storage: 50Mi
+              memory: 256Mi
+          command:
+            - /bin/bash
+          args:
+            - -ec
+            - |
+              #!/bin/bash
+
+              . /opt/bitnami/scripts/libfs.sh
+              # We copy the logs folder because it has symlinks to stdout and stderr
+              if ! is_dir_empty /opt/bitnami/mariadb/logs; then
+                cp -r /opt/bitnami/mariadb/logs /emptydir/app-logs-dir
+              fi
+          volumeMounts:
+            - name: empty-dir
+              mountPath: /emptydir
       containers:
         - name: mariadb
-          image: docker.io/bitnami/mariadb:10.6.10-debian-11-r6
+          image: docker.io/bitnami/mariadb:11.4.4-debian-12-r0
           imagePullPolicy: "IfNotPresent"
           securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            privileged: false
+            readOnlyRootFilesystem: true
+            runAsGroup: 1001
             runAsNonRoot: true
             runAsUser: 1001
+            seLinuxOptions: {}
+            seccompProfile:
+              type: RuntimeDefault
           env:
             - name: BITNAMI_DEBUG
               value: "false"
@@ -393,6 +575,8 @@
                   key: mariadb-password
             - name: MARIADB_DATABASE
               value: "yourls"
+            - name: MARIADB_ENABLE_SSL
+              value: "no"
           ports:
             - name: mysql
               containerPort: 3306
@@ -411,7 +595,7 @@
                   if [[ -f "${MARIADB_ROOT_PASSWORD_FILE:-}" ]]; then
                       password_aux=$(cat "$MARIADB_ROOT_PASSWORD_FILE")
                   fi
-                  mysqladmin status -uroot -p"${password_aux}"
+                  mariadb-admin status -uroot -p"${password_aux}"
           readinessProbe:
             failureThreshold: 3
             initialDelaySeconds: 30
@@ -427,17 +611,37 @@
                   if [[ -f "${MARIADB_ROOT_PASSWORD_FILE:-}" ]]; then
                       password_aux=$(cat "$MARIADB_ROOT_PASSWORD_FILE")
                   fi
-                  mysqladmin status -uroot -p"${password_aux}"
+                  mariadb-admin ping -uroot -p"${password_aux}"
           resources:
-            limits: {}
-            requests: {}
+            limits:
+              cpu: 375m
+              ephemeral-storage: 2Gi
+              memory: 384Mi
+            requests:
+              cpu: 250m
+              ephemeral-storage: 50Mi
+              memory: 256Mi
           volumeMounts:
             - name: data
               mountPath: /bitnami/mariadb
             - name: config
               mountPath: /opt/bitnami/mariadb/conf/my.cnf
               subPath: my.cnf
+            - name: empty-dir
+              mountPath: /tmp
+              subPath: tmp-dir
+            - name: empty-dir
+              mountPath: /opt/bitnami/mariadb/conf
+              subPath: app-conf-dir
+            - name: empty-dir
+              mountPath: /opt/bitnami/mariadb/tmp
+              subPath: app-tmp-dir
+            - name: empty-dir
+              mountPath: /opt/bitnami/mariadb/logs
+              subPath: app-logs-dir
       volumes:
+        - name: empty-dir
+          emptyDir: {}
         - name: config
           configMap:
             name: yourls-mariadb
@@ -445,8 +649,8 @@
     - metadata:
         name: data
         labels:
-          app.kubernetes.io/name: mariadb
           app.kubernetes.io/instance: yourls
+          app.kubernetes.io/name: mariadb
           app.kubernetes.io/component: primary
       spec:
         accessModes:
@@ -462,9 +666,9 @@
   name: yourls
   namespace: "default"
   labels:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
   annotations:
     external-dns.alpha.kubernetes.io/target: ipv4.${SECRET_DOMAIN}
     external-dns/is-public: "true"

github-actions · 2024-12-04T12:47:14Z

Path: cluster/apps/collab/yourls/helm-release.yaml
Version: 5.2.7 -> 7.0.6

@@ -1,3 +1,52 @@
+# Source: yourls/charts/mariadb/templates/networkpolicy.yaml
+kind: NetworkPolicy
+apiVersion: networking.k8s.io/v1
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+spec:
+  podSelector:
+    matchLabels:
+      app.kubernetes.io/instance: yourls
+      app.kubernetes.io/managed-by: Helm
+      app.kubernetes.io/name: mariadb
+      app.kubernetes.io/version: 11.4.4
+      helm.sh/chart: mariadb-20.1.1
+  policyTypes:
+    - Ingress
+    - Egress
+  egress:
+    - {}
+  ingress:
+    - ports:
+        - port: 3306
+        - port: 3306
+---
+# Source: yourls/charts/mariadb/templates/primary/pdb.yaml
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+    app.kubernetes.io/component: primary
+spec:
+  maxUnavailable: 1
+  selector:
+    matchLabels:
+      app.kubernetes.io/instance: yourls
+      app.kubernetes.io/name: mariadb
+      app.kubernetes.io/component: primary
+---
 # Source: yourls/charts/mariadb/templates/serviceaccount.yaml
 apiVersion: v1
 kind: ServiceAccount
@@ -5,10 +54,10 @@
   name: yourls-mariadb
   namespace: "default"
   labels:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
-  annotations:
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
 automountServiceAccountToken: false
 ---
 # Source: yourls/charts/mariadb/templates/secrets.yaml
@@ -18,13 +67,14 @@
   name: yourls-mariadb
   namespace: "default"
   labels:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
 type: Opaque
 data:
-  mariadb-root-password: "Mm16VXJGdE51Ug=="
-  mariadb-password: "dmltTlM0bEtLZA=="
+  mariadb-root-password: "VWhIZkJYSU1aZQ=="
+  mariadb-password: "NkxiY1BURGdmUQ=="
 ---
 # Source: yourls/templates/secrets.yaml
 apiVersion: v1
@@ -33,9 +83,9 @@
   name: yourls
   namespace: "default"
   labels:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
 type: kubernetes.io/basic-auth
 data:
   username: "ZGZyb2Jlcmc="
@@ -48,9 +98,10 @@
   name: yourls-mariadb
   namespace: "default"
   labels:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
     app.kubernetes.io/component: primary
 data:
   my.cnf: |-
@@ -58,6 +109,7 @@
     skip-name-resolve
     explicit_defaults_for_timestamp
     basedir=/opt/bitnami/mariadb
+    datadir=/bitnami/mariadb/data
     plugin_dir=/opt/bitnami/mariadb/plugin
     port=3306
     socket=/opt/bitnami/mariadb/tmp/mysql.sock
@@ -69,9 +121,8 @@
     character-set-server=UTF8
     collation-server=utf8_general_ci
     slow_query_log=0
-    slow_query_log_file=/opt/bitnami/mariadb/logs/mysqld.log
     long_query_time=10.0
-
+    binlog_expire_logs_seconds=2592000
     [client]
     port=3306
     socket=/opt/bitnami/mariadb/tmp/mysql.sock
@@ -83,6 +134,51 @@
     socket=/opt/bitnami/mariadb/tmp/mysql.sock
     pid-file=/opt/bitnami/mariadb/tmp/mysqld.pid
 ---
+# Source: yourls/templates/metrics-httpd-configmap.yaml
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: yourls-apache-metrics
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
+data:
+  00_status-vhost.conf: |-
+    <VirtualHost 127.0.0.1:80>
+      ServerName status.localhost
+      <Location /server-status>
+        Require local
+        SetHandler server-status
+      </Location>
+    </VirtualHost>
+---
+# Source: yourls/charts/mariadb/templates/headless-svc.yaml
+apiVersion: v1
+kind: Service
+metadata:
+  name: yourls-mariadb-headless
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+spec:
+  type: ClusterIP
+  publishNotReadyAddresses: true
+  clusterIP: None
+  ports:
+    - name: mysql
+      port: 3306
+      protocol: TCP
+      targetPort: mysql
+  selector:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+---
 # Source: yourls/charts/mariadb/templates/primary/svc.yaml
 apiVersion: v1
 kind: Service
@@ -90,9 +186,10 @@
   name: yourls-mariadb
   namespace: "default"
   labels:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
     app.kubernetes.io/component: primary
   annotations:
 spec:
@@ -105,8 +202,8 @@
       targetPort: mysql
       nodePort: null
   selector:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: mariadb
     app.kubernetes.io/component: primary
 ---
 # Source: yourls/templates/metrics-svc.yaml
@@ -116,12 +213,12 @@
   name: yourls-metrics
   namespace: "default"
   labels:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
     app.kubernetes.io/component: metrics
   annotations:
-    prometheus.io/port: '9117'
+    prometheus.io/port: "9117"
     prometheus.io/scrape: "true"
 spec:
   type: ClusterIP
@@ -131,8 +228,8 @@
       protocol: TCP
       targetPort: metrics
   selector:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: yourls
 ---
 # Source: yourls/templates/service.yaml
 apiVersion: v1
@@ -141,9 +238,9 @@
   name: yourls
   namespace: "default"
   labels:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
 spec:
   type: ClusterIP
   ports:
@@ -158,8 +255,8 @@
       targetPort: https
       nodePort: null
   selector:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: yourls
 ---
 # Source: yourls/templates/deployment.yaml
 apiVersion: apps/v1
@@ -168,24 +265,23 @@
   name: yourls
   namespace: "default"
   labels:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
 spec:
   selector:
     matchLabels:
-      app.kubernetes.io/name: yourls
       app.kubernetes.io/instance: yourls
+      app.kubernetes.io/name: yourls
   strategy:
-    rollingUpdate: {}
     type: RollingUpdate
   replicas: 1
   template:
     metadata:
       labels:
-        app.kubernetes.io/name: yourls
         app.kubernetes.io/instance: yourls
         app.kubernetes.io/managed-by: Helm
+        app.kubernetes.io/name: yourls
       annotations:
         prometheus.io/port: '9117'
         prometheus.io/scrape: "true"
@@ -204,10 +300,8 @@
             - podAffinityTerm:
                 labelSelector:
                   matchLabels:
-                    app.kubernetes.io/name: yourls
                     app.kubernetes.io/instance: yourls
-                namespaces:
-                  - "default"
+                    app.kubernetes.io/name: yourls
                 topologyKey: kubernetes.io/hostname
               weight: 1
         nodeAffinity:
@@ -227,7 +321,7 @@
             - name: MARIADB_PORT_NUMBER
               value: "3306"
             - name: YOURLS_DB_HOST
-              value: "yourls-mariadb"
+              value: yourls-mariadb:3306
             - name: YOURLS_DB_NAME
               value: "yourls"
             - name: YOURLS_DB_USER
@@ -289,32 +383,64 @@
           volumeMounts:
             - mountPath: /var/www/html
               name: yourls-data
+            - name: apache-metrics
+              mountPath: /etc/apache2/sites-available/00_status-vhost.conf
+              subPath: 00_status-vhost.conf
         - name: metrics
-          image: docker.io/bitnami/apache-exporter:0.11.0-debian-10-r36
+          image: docker.io/bitnami/apache-exporter:1.0.9-debian-12-r5
           imagePullPolicy: "Always"
           command:
             - /bin/apache_exporter
             - --scrape_uri
-            - http://status.localhost:8080/server-status/?auto
+            - http://status.localhost:80/server-status/?auto
           ports:
             - name: metrics
               containerPort: 9117
           livenessProbe:
+            failureThreshold: 3
+            initialDelaySeconds: 15
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 5
             httpGet:
               path: /metrics
               port: metrics
-            initialDelaySeconds: 15
-            timeoutSeconds: 5
           readinessProbe:
+            failureThreshold: 3
+            initialDelaySeconds: 5
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 3
             httpGet:
               path: /metrics
               port: metrics
-            initialDelaySeconds: 5
-            timeoutSeconds: 1
           resources:
-            limits: {}
-            requests: {}
+            limits:
+              cpu: 150m
+              ephemeral-storage: 2Gi
+              memory: 192Mi
+            requests:
+              cpu: 100m
+              ephemeral-storage: 50Mi
+              memory: 128Mi
+          securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            privileged: false
+            readOnlyRootFilesystem: true
+            runAsGroup: 1001
+            runAsNonRoot: true
+            runAsUser: 1001
+            seLinuxOptions: {}
+            seccompProfile:
+              type: RuntimeDefault
       volumes:
+        - name: apache-metrics
+          configMap:
+            name: yourls-apache-metrics
+            defaultMode: 0644
         - name: yourls-data
           persistentVolumeClaim:
             claimName: yourls-config-pvc
@@ -326,31 +452,35 @@
   name: yourls-mariadb
   namespace: "default"
   labels:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
     app.kubernetes.io/component: primary
 spec:
   replicas: 1
   revisionHistoryLimit: 10
   selector:
     matchLabels:
-      app.kubernetes.io/name: mariadb
       app.kubernetes.io/instance: yourls
+      app.kubernetes.io/name: mariadb
+      app.kubernetes.io/part-of: mariadb
       app.kubernetes.io/component: primary
-  serviceName: yourls-mariadb
+  serviceName: yourls-mariadb-headless
   updateStrategy:
     type: RollingUpdate
   template:
     metadata:
       annotations:
-        checksum/configuration: af5c671ff745ded0f8434c386e4bfffd387106e11527eecb5adb4f3e6fa0a454
+        checksum/configuration: b137c12cb19eb6808c39bb0a58af301b721fc06f98b3ac77407f49311d422cbc
       labels:
-        app.kubernetes.io/name: mariadb
         app.kubernetes.io/instance: yourls
         app.kubernetes.io/managed-by: Helm
+        app.kubernetes.io/name: mariadb
+        app.kubernetes.io/part-of: mariadb
         app.kubernetes.io/component: primary
     spec:
+      automountServiceAccountToken: false
       serviceAccountName: yourls-mariadb
       affinity:
         podAffinity:
@@ -359,23 +489,75 @@
             - podAffinityTerm:
                 labelSelector:
                   matchLabels:
-                    app.kubernetes.io/name: mariadb
                     app.kubernetes.io/instance: yourls
+                    app.kubernetes.io/name: mariadb
                     app.kubernetes.io/component: primary
-                namespaces:
-                  - "default"
                 topologyKey: kubernetes.io/hostname
               weight: 1
         nodeAffinity:
       securityContext:
         fsGroup: 1001
+        fsGroupChangePolicy: Always
+        supplementalGroups: []
+        sysctls: []
+      initContainers:
+        - name: preserve-logs-symlinks
+          image: docker.io/bitnami/mariadb:11.4.4-debian-12-r0
+          imagePullPolicy: "IfNotPresent"
+          securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            privileged: false
+            readOnlyRootFilesystem: true
+            runAsGroup: 1001
+            runAsNonRoot: true
+            runAsUser: 1001
+            seLinuxOptions: {}
+            seccompProfile:
+              type: RuntimeDefault
+          resources:
+            limits:
+              cpu: 375m
+              ephemeral-storage: 2Gi
+              memory: 384Mi
+            requests:
+              cpu: 250m
+              ephemeral-storage: 50Mi
+              memory: 256Mi
+          command:
+            - /bin/bash
+          args:
+            - -ec
+            - |
+              #!/bin/bash
+
+              . /opt/bitnami/scripts/libfs.sh
+              # We copy the logs folder because it has symlinks to stdout and stderr
+              if ! is_dir_empty /opt/bitnami/mariadb/logs; then
+                cp -r /opt/bitnami/mariadb/logs /emptydir/app-logs-dir
+              fi
+          volumeMounts:
+            - name: empty-dir
+              mountPath: /emptydir
       containers:
         - name: mariadb
-          image: docker.io/bitnami/mariadb:10.6.10-debian-11-r6
+          image: docker.io/bitnami/mariadb:11.4.4-debian-12-r0
           imagePullPolicy: "IfNotPresent"
           securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            privileged: false
+            readOnlyRootFilesystem: true
+            runAsGroup: 1001
             runAsNonRoot: true
             runAsUser: 1001
+            seLinuxOptions: {}
+            seccompProfile:
+              type: RuntimeDefault
           env:
             - name: BITNAMI_DEBUG
               value: "false"
@@ -393,6 +575,8 @@
                   key: mariadb-password
             - name: MARIADB_DATABASE
               value: "yourls"
+            - name: MARIADB_ENABLE_SSL
+              value: "no"
           ports:
             - name: mysql
               containerPort: 3306
@@ -411,7 +595,7 @@
                   if [[ -f "${MARIADB_ROOT_PASSWORD_FILE:-}" ]]; then
                       password_aux=$(cat "$MARIADB_ROOT_PASSWORD_FILE")
                   fi
-                  mysqladmin status -uroot -p"${password_aux}"
+                  mariadb-admin status -uroot -p"${password_aux}"
           readinessProbe:
             failureThreshold: 3
             initialDelaySeconds: 30
@@ -427,17 +611,37 @@
                   if [[ -f "${MARIADB_ROOT_PASSWORD_FILE:-}" ]]; then
                       password_aux=$(cat "$MARIADB_ROOT_PASSWORD_FILE")
                   fi
-                  mysqladmin status -uroot -p"${password_aux}"
+                  mariadb-admin ping -uroot -p"${password_aux}"
           resources:
-            limits: {}
-            requests: {}
+            limits:
+              cpu: 375m
+              ephemeral-storage: 2Gi
+              memory: 384Mi
+            requests:
+              cpu: 250m
+              ephemeral-storage: 50Mi
+              memory: 256Mi
           volumeMounts:
             - name: data
               mountPath: /bitnami/mariadb
             - name: config
               mountPath: /opt/bitnami/mariadb/conf/my.cnf
               subPath: my.cnf
+            - name: empty-dir
+              mountPath: /tmp
+              subPath: tmp-dir
+            - name: empty-dir
+              mountPath: /opt/bitnami/mariadb/conf
+              subPath: app-conf-dir
+            - name: empty-dir
+              mountPath: /opt/bitnami/mariadb/tmp
+              subPath: app-tmp-dir
+            - name: empty-dir
+              mountPath: /opt/bitnami/mariadb/logs
+              subPath: app-logs-dir
       volumes:
+        - name: empty-dir
+          emptyDir: {}
         - name: config
           configMap:
             name: yourls-mariadb
@@ -445,8 +649,8 @@
     - metadata:
         name: data
         labels:
-          app.kubernetes.io/name: mariadb
           app.kubernetes.io/instance: yourls
+          app.kubernetes.io/name: mariadb
           app.kubernetes.io/component: primary
       spec:
         accessModes:
@@ -462,9 +666,9 @@
   name: yourls
   namespace: "default"
   labels:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
   annotations:
     external-dns.alpha.kubernetes.io/target: ipv4.${SECRET_DOMAIN}
     external-dns/is-public: "true"

github-actions · 2024-12-08T19:48:21Z

Path: cluster/apps/collab/yourls/helm-release.yaml
Version: 5.2.7 -> 7.0.7

@@ -1,3 +1,52 @@
+# Source: yourls/charts/mariadb/templates/networkpolicy.yaml
+kind: NetworkPolicy
+apiVersion: networking.k8s.io/v1
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+spec:
+  podSelector:
+    matchLabels:
+      app.kubernetes.io/instance: yourls
+      app.kubernetes.io/managed-by: Helm
+      app.kubernetes.io/name: mariadb
+      app.kubernetes.io/version: 11.4.4
+      helm.sh/chart: mariadb-20.1.1
+  policyTypes:
+    - Ingress
+    - Egress
+  egress:
+    - {}
+  ingress:
+    - ports:
+        - port: 3306
+        - port: 3306
+---
+# Source: yourls/charts/mariadb/templates/primary/pdb.yaml
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+    app.kubernetes.io/component: primary
+spec:
+  maxUnavailable: 1
+  selector:
+    matchLabels:
+      app.kubernetes.io/instance: yourls
+      app.kubernetes.io/name: mariadb
+      app.kubernetes.io/component: primary
+---
 # Source: yourls/charts/mariadb/templates/serviceaccount.yaml
 apiVersion: v1
 kind: ServiceAccount
@@ -5,10 +54,10 @@
   name: yourls-mariadb
   namespace: "default"
   labels:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
-  annotations:
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
 automountServiceAccountToken: false
 ---
 # Source: yourls/charts/mariadb/templates/secrets.yaml
@@ -18,13 +67,14 @@
   name: yourls-mariadb
   namespace: "default"
   labels:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
 type: Opaque
 data:
-  mariadb-root-password: "UG40dVpRaEJKcg=="
-  mariadb-password: "bXNuMFVGcUNFTw=="
+  mariadb-root-password: "NDhxTXJqVU00eg=="
+  mariadb-password: "WmdrQTd4dVM3bQ=="
 ---
 # Source: yourls/templates/secrets.yaml
 apiVersion: v1
@@ -33,9 +83,9 @@
   name: yourls
   namespace: "default"
   labels:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
 type: kubernetes.io/basic-auth
 data:
   username: "ZGZyb2Jlcmc="
@@ -48,9 +98,10 @@
   name: yourls-mariadb
   namespace: "default"
   labels:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
     app.kubernetes.io/component: primary
 data:
   my.cnf: |-
@@ -58,6 +109,7 @@
     skip-name-resolve
     explicit_defaults_for_timestamp
     basedir=/opt/bitnami/mariadb
+    datadir=/bitnami/mariadb/data
     plugin_dir=/opt/bitnami/mariadb/plugin
     port=3306
     socket=/opt/bitnami/mariadb/tmp/mysql.sock
@@ -69,9 +121,8 @@
     character-set-server=UTF8
     collation-server=utf8_general_ci
     slow_query_log=0
-    slow_query_log_file=/opt/bitnami/mariadb/logs/mysqld.log
     long_query_time=10.0
-
+    binlog_expire_logs_seconds=2592000
     [client]
     port=3306
     socket=/opt/bitnami/mariadb/tmp/mysql.sock
@@ -83,6 +134,51 @@
     socket=/opt/bitnami/mariadb/tmp/mysql.sock
     pid-file=/opt/bitnami/mariadb/tmp/mysqld.pid
 ---
+# Source: yourls/templates/metrics-httpd-configmap.yaml
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: yourls-apache-metrics
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
+data:
+  00_status-vhost.conf: |-
+    <VirtualHost 127.0.0.1:80>
+      ServerName status.localhost
+      <Location /server-status>
+        Require local
+        SetHandler server-status
+      </Location>
+    </VirtualHost>
+---
+# Source: yourls/charts/mariadb/templates/headless-svc.yaml
+apiVersion: v1
+kind: Service
+metadata:
+  name: yourls-mariadb-headless
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+spec:
+  type: ClusterIP
+  publishNotReadyAddresses: true
+  clusterIP: None
+  ports:
+    - name: mysql
+      port: 3306
+      protocol: TCP
+      targetPort: mysql
+  selector:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+---
 # Source: yourls/charts/mariadb/templates/primary/svc.yaml
 apiVersion: v1
 kind: Service
@@ -90,9 +186,10 @@
   name: yourls-mariadb
   namespace: "default"
   labels:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
     app.kubernetes.io/component: primary
   annotations:
 spec:
@@ -105,8 +202,8 @@
       targetPort: mysql
       nodePort: null
   selector:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: mariadb
     app.kubernetes.io/component: primary
 ---
 # Source: yourls/templates/metrics-svc.yaml
@@ -116,12 +213,12 @@
   name: yourls-metrics
   namespace: "default"
   labels:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
     app.kubernetes.io/component: metrics
   annotations:
-    prometheus.io/port: '9117'
+    prometheus.io/port: "9117"
     prometheus.io/scrape: "true"
 spec:
   type: ClusterIP
@@ -131,8 +228,8 @@
       protocol: TCP
       targetPort: metrics
   selector:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: yourls
 ---
 # Source: yourls/templates/service.yaml
 apiVersion: v1
@@ -141,9 +238,9 @@
   name: yourls
   namespace: "default"
   labels:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
 spec:
   type: ClusterIP
   ports:
@@ -158,8 +255,8 @@
       targetPort: https
       nodePort: null
   selector:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: yourls
 ---
 # Source: yourls/templates/deployment.yaml
 apiVersion: apps/v1
@@ -168,24 +265,23 @@
   name: yourls
   namespace: "default"
   labels:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
 spec:
   selector:
     matchLabels:
-      app.kubernetes.io/name: yourls
       app.kubernetes.io/instance: yourls
+      app.kubernetes.io/name: yourls
   strategy:
-    rollingUpdate: {}
     type: RollingUpdate
   replicas: 1
   template:
     metadata:
       labels:
-        app.kubernetes.io/name: yourls
         app.kubernetes.io/instance: yourls
         app.kubernetes.io/managed-by: Helm
+        app.kubernetes.io/name: yourls
       annotations:
         prometheus.io/port: '9117'
         prometheus.io/scrape: "true"
@@ -204,10 +300,8 @@
             - podAffinityTerm:
                 labelSelector:
                   matchLabels:
-                    app.kubernetes.io/name: yourls
                     app.kubernetes.io/instance: yourls
-                namespaces:
-                  - "default"
+                    app.kubernetes.io/name: yourls
                 topologyKey: kubernetes.io/hostname
               weight: 1
         nodeAffinity:
@@ -227,7 +321,7 @@
             - name: MARIADB_PORT_NUMBER
               value: "3306"
             - name: YOURLS_DB_HOST
-              value: "yourls-mariadb"
+              value: yourls-mariadb:3306
             - name: YOURLS_DB_NAME
               value: "yourls"
             - name: YOURLS_DB_USER
@@ -289,32 +383,64 @@
           volumeMounts:
             - mountPath: /var/www/html
               name: yourls-data
+            - name: apache-metrics
+              mountPath: /etc/apache2/sites-available/00_status-vhost.conf
+              subPath: 00_status-vhost.conf
         - name: metrics
-          image: docker.io/bitnami/apache-exporter:0.11.0-debian-10-r36
+          image: docker.io/bitnami/apache-exporter:1.0.9-debian-12-r6
           imagePullPolicy: "Always"
           command:
             - /bin/apache_exporter
             - --scrape_uri
-            - http://status.localhost:8080/server-status/?auto
+            - http://status.localhost:80/server-status/?auto
           ports:
             - name: metrics
               containerPort: 9117
           livenessProbe:
+            failureThreshold: 3
+            initialDelaySeconds: 15
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 5
             httpGet:
               path: /metrics
               port: metrics
-            initialDelaySeconds: 15
-            timeoutSeconds: 5
           readinessProbe:
+            failureThreshold: 3
+            initialDelaySeconds: 5
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 3
             httpGet:
               path: /metrics
               port: metrics
-            initialDelaySeconds: 5
-            timeoutSeconds: 1
           resources:
-            limits: {}
-            requests: {}
+            limits:
+              cpu: 150m
+              ephemeral-storage: 2Gi
+              memory: 192Mi
+            requests:
+              cpu: 100m
+              ephemeral-storage: 50Mi
+              memory: 128Mi
+          securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            privileged: false
+            readOnlyRootFilesystem: true
+            runAsGroup: 1001
+            runAsNonRoot: true
+            runAsUser: 1001
+            seLinuxOptions: {}
+            seccompProfile:
+              type: RuntimeDefault
       volumes:
+        - name: apache-metrics
+          configMap:
+            name: yourls-apache-metrics
+            defaultMode: 0644
         - name: yourls-data
           persistentVolumeClaim:
             claimName: yourls-config-pvc
@@ -326,31 +452,35 @@
   name: yourls-mariadb
   namespace: "default"
   labels:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
     app.kubernetes.io/component: primary
 spec:
   replicas: 1
   revisionHistoryLimit: 10
   selector:
     matchLabels:
-      app.kubernetes.io/name: mariadb
       app.kubernetes.io/instance: yourls
+      app.kubernetes.io/name: mariadb
+      app.kubernetes.io/part-of: mariadb
       app.kubernetes.io/component: primary
-  serviceName: yourls-mariadb
+  serviceName: yourls-mariadb-headless
   updateStrategy:
     type: RollingUpdate
   template:
     metadata:
       annotations:
-        checksum/configuration: af5c671ff745ded0f8434c386e4bfffd387106e11527eecb5adb4f3e6fa0a454
+        checksum/configuration: b137c12cb19eb6808c39bb0a58af301b721fc06f98b3ac77407f49311d422cbc
       labels:
-        app.kubernetes.io/name: mariadb
         app.kubernetes.io/instance: yourls
         app.kubernetes.io/managed-by: Helm
+        app.kubernetes.io/name: mariadb
+        app.kubernetes.io/part-of: mariadb
         app.kubernetes.io/component: primary
     spec:
+      automountServiceAccountToken: false
       serviceAccountName: yourls-mariadb
       affinity:
         podAffinity:
@@ -359,23 +489,75 @@
             - podAffinityTerm:
                 labelSelector:
                   matchLabels:
-                    app.kubernetes.io/name: mariadb
                     app.kubernetes.io/instance: yourls
+                    app.kubernetes.io/name: mariadb
                     app.kubernetes.io/component: primary
-                namespaces:
-                  - "default"
                 topologyKey: kubernetes.io/hostname
               weight: 1
         nodeAffinity:
       securityContext:
         fsGroup: 1001
+        fsGroupChangePolicy: Always
+        supplementalGroups: []
+        sysctls: []
+      initContainers:
+        - name: preserve-logs-symlinks
+          image: docker.io/bitnami/mariadb:11.4.4-debian-12-r0
+          imagePullPolicy: "IfNotPresent"
+          securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            privileged: false
+            readOnlyRootFilesystem: true
+            runAsGroup: 1001
+            runAsNonRoot: true
+            runAsUser: 1001
+            seLinuxOptions: {}
+            seccompProfile:
+              type: RuntimeDefault
+          resources:
+            limits:
+              cpu: 375m
+              ephemeral-storage: 2Gi
+              memory: 384Mi
+            requests:
+              cpu: 250m
+              ephemeral-storage: 50Mi
+              memory: 256Mi
+          command:
+            - /bin/bash
+          args:
+            - -ec
+            - |
+              #!/bin/bash
+
+              . /opt/bitnami/scripts/libfs.sh
+              # We copy the logs folder because it has symlinks to stdout and stderr
+              if ! is_dir_empty /opt/bitnami/mariadb/logs; then
+                cp -r /opt/bitnami/mariadb/logs /emptydir/app-logs-dir
+              fi
+          volumeMounts:
+            - name: empty-dir
+              mountPath: /emptydir
       containers:
         - name: mariadb
-          image: docker.io/bitnami/mariadb:10.6.10-debian-11-r6
+          image: docker.io/bitnami/mariadb:11.4.4-debian-12-r0
           imagePullPolicy: "IfNotPresent"
           securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            privileged: false
+            readOnlyRootFilesystem: true
+            runAsGroup: 1001
             runAsNonRoot: true
             runAsUser: 1001
+            seLinuxOptions: {}
+            seccompProfile:
+              type: RuntimeDefault
           env:
             - name: BITNAMI_DEBUG
               value: "false"
@@ -393,6 +575,8 @@
                   key: mariadb-password
             - name: MARIADB_DATABASE
               value: "yourls"
+            - name: MARIADB_ENABLE_SSL
+              value: "no"
           ports:
             - name: mysql
               containerPort: 3306
@@ -411,7 +595,7 @@
                   if [[ -f "${MARIADB_ROOT_PASSWORD_FILE:-}" ]]; then
                       password_aux=$(cat "$MARIADB_ROOT_PASSWORD_FILE")
                   fi
-                  mysqladmin status -uroot -p"${password_aux}"
+                  mariadb-admin status -uroot -p"${password_aux}"
           readinessProbe:
             failureThreshold: 3
             initialDelaySeconds: 30
@@ -427,17 +611,37 @@
                   if [[ -f "${MARIADB_ROOT_PASSWORD_FILE:-}" ]]; then
                       password_aux=$(cat "$MARIADB_ROOT_PASSWORD_FILE")
                   fi
-                  mysqladmin status -uroot -p"${password_aux}"
+                  mariadb-admin ping -uroot -p"${password_aux}"
           resources:
-            limits: {}
-            requests: {}
+            limits:
+              cpu: 375m
+              ephemeral-storage: 2Gi
+              memory: 384Mi
+            requests:
+              cpu: 250m
+              ephemeral-storage: 50Mi
+              memory: 256Mi
           volumeMounts:
             - name: data
               mountPath: /bitnami/mariadb
             - name: config
               mountPath: /opt/bitnami/mariadb/conf/my.cnf
               subPath: my.cnf
+            - name: empty-dir
+              mountPath: /tmp
+              subPath: tmp-dir
+            - name: empty-dir
+              mountPath: /opt/bitnami/mariadb/conf
+              subPath: app-conf-dir
+            - name: empty-dir
+              mountPath: /opt/bitnami/mariadb/tmp
+              subPath: app-tmp-dir
+            - name: empty-dir
+              mountPath: /opt/bitnami/mariadb/logs
+              subPath: app-logs-dir
       volumes:
+        - name: empty-dir
+          emptyDir: {}
         - name: config
           configMap:
             name: yourls-mariadb
@@ -445,8 +649,8 @@
     - metadata:
         name: data
         labels:
-          app.kubernetes.io/name: mariadb
           app.kubernetes.io/instance: yourls
+          app.kubernetes.io/name: mariadb
           app.kubernetes.io/component: primary
       spec:
         accessModes:
@@ -462,9 +666,9 @@
   name: yourls
   namespace: "default"
   labels:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
   annotations:
     external-dns.alpha.kubernetes.io/target: ipv4.${SECRET_DOMAIN}
     external-dns/is-public: "true"

github-actions · 2024-12-10T18:05:33Z

Path: cluster/apps/collab/yourls/helm-release.yaml
Version: 5.2.7 -> 7.0.8

@@ -1,3 +1,52 @@
+# Source: yourls/charts/mariadb/templates/networkpolicy.yaml
+kind: NetworkPolicy
+apiVersion: networking.k8s.io/v1
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+spec:
+  podSelector:
+    matchLabels:
+      app.kubernetes.io/instance: yourls
+      app.kubernetes.io/managed-by: Helm
+      app.kubernetes.io/name: mariadb
+      app.kubernetes.io/version: 11.4.4
+      helm.sh/chart: mariadb-20.1.1
+  policyTypes:
+    - Ingress
+    - Egress
+  egress:
+    - {}
+  ingress:
+    - ports:
+        - port: 3306
+        - port: 3306
+---
+# Source: yourls/charts/mariadb/templates/primary/pdb.yaml
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+    app.kubernetes.io/component: primary
+spec:
+  maxUnavailable: 1
+  selector:
+    matchLabels:
+      app.kubernetes.io/instance: yourls
+      app.kubernetes.io/name: mariadb
+      app.kubernetes.io/component: primary
+---
 # Source: yourls/charts/mariadb/templates/serviceaccount.yaml
 apiVersion: v1
 kind: ServiceAccount
@@ -5,10 +54,10 @@
   name: yourls-mariadb
   namespace: "default"
   labels:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
-  annotations:
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
 automountServiceAccountToken: false
 ---
 # Source: yourls/charts/mariadb/templates/secrets.yaml
@@ -18,13 +67,14 @@
   name: yourls-mariadb
   namespace: "default"
   labels:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
 type: Opaque
 data:
-  mariadb-root-password: "U1VSWmVEUWxWRQ=="
-  mariadb-password: "Y3F4SzJkUFRMVw=="
+  mariadb-root-password: "ZlljcHNyU1JWUA=="
+  mariadb-password: "bEM0YU52SXFacw=="
 ---
 # Source: yourls/templates/secrets.yaml
 apiVersion: v1
@@ -33,9 +83,9 @@
   name: yourls
   namespace: "default"
   labels:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
 type: kubernetes.io/basic-auth
 data:
   username: "ZGZyb2Jlcmc="
@@ -48,9 +98,10 @@
   name: yourls-mariadb
   namespace: "default"
   labels:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
     app.kubernetes.io/component: primary
 data:
   my.cnf: |-
@@ -58,6 +109,7 @@
     skip-name-resolve
     explicit_defaults_for_timestamp
     basedir=/opt/bitnami/mariadb
+    datadir=/bitnami/mariadb/data
     plugin_dir=/opt/bitnami/mariadb/plugin
     port=3306
     socket=/opt/bitnami/mariadb/tmp/mysql.sock
@@ -69,9 +121,8 @@
     character-set-server=UTF8
     collation-server=utf8_general_ci
     slow_query_log=0
-    slow_query_log_file=/opt/bitnami/mariadb/logs/mysqld.log
     long_query_time=10.0
-
+    binlog_expire_logs_seconds=2592000
     [client]
     port=3306
     socket=/opt/bitnami/mariadb/tmp/mysql.sock
@@ -83,6 +134,51 @@
     socket=/opt/bitnami/mariadb/tmp/mysql.sock
     pid-file=/opt/bitnami/mariadb/tmp/mysqld.pid
 ---
+# Source: yourls/templates/metrics-httpd-configmap.yaml
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: yourls-apache-metrics
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
+data:
+  00_status-vhost.conf: |-
+    <VirtualHost 127.0.0.1:80>
+      ServerName status.localhost
+      <Location /server-status>
+        Require local
+        SetHandler server-status
+      </Location>
+    </VirtualHost>
+---
+# Source: yourls/charts/mariadb/templates/headless-svc.yaml
+apiVersion: v1
+kind: Service
+metadata:
+  name: yourls-mariadb-headless
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+spec:
+  type: ClusterIP
+  publishNotReadyAddresses: true
+  clusterIP: None
+  ports:
+    - name: mysql
+      port: 3306
+      protocol: TCP
+      targetPort: mysql
+  selector:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+---
 # Source: yourls/charts/mariadb/templates/primary/svc.yaml
 apiVersion: v1
 kind: Service
@@ -90,9 +186,10 @@
   name: yourls-mariadb
   namespace: "default"
   labels:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
     app.kubernetes.io/component: primary
   annotations:
 spec:
@@ -105,8 +202,8 @@
       targetPort: mysql
       nodePort: null
   selector:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: mariadb
     app.kubernetes.io/component: primary
 ---
 # Source: yourls/templates/metrics-svc.yaml
@@ -116,12 +213,12 @@
   name: yourls-metrics
   namespace: "default"
   labels:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
     app.kubernetes.io/component: metrics
   annotations:
-    prometheus.io/port: '9117'
+    prometheus.io/port: "9117"
     prometheus.io/scrape: "true"
 spec:
   type: ClusterIP
@@ -131,8 +228,8 @@
       protocol: TCP
       targetPort: metrics
   selector:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: yourls
 ---
 # Source: yourls/templates/service.yaml
 apiVersion: v1
@@ -141,9 +238,9 @@
   name: yourls
   namespace: "default"
   labels:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
 spec:
   type: ClusterIP
   ports:
@@ -158,8 +255,8 @@
       targetPort: https
       nodePort: null
   selector:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: yourls
 ---
 # Source: yourls/templates/deployment.yaml
 apiVersion: apps/v1
@@ -168,24 +265,23 @@
   name: yourls
   namespace: "default"
   labels:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
 spec:
   selector:
     matchLabels:
-      app.kubernetes.io/name: yourls
       app.kubernetes.io/instance: yourls
+      app.kubernetes.io/name: yourls
   strategy:
-    rollingUpdate: {}
     type: RollingUpdate
   replicas: 1
   template:
     metadata:
       labels:
-        app.kubernetes.io/name: yourls
         app.kubernetes.io/instance: yourls
         app.kubernetes.io/managed-by: Helm
+        app.kubernetes.io/name: yourls
       annotations:
         prometheus.io/port: '9117'
         prometheus.io/scrape: "true"
@@ -204,10 +300,8 @@
             - podAffinityTerm:
                 labelSelector:
                   matchLabels:
-                    app.kubernetes.io/name: yourls
                     app.kubernetes.io/instance: yourls
-                namespaces:
-                  - "default"
+                    app.kubernetes.io/name: yourls
                 topologyKey: kubernetes.io/hostname
               weight: 1
         nodeAffinity:
@@ -227,7 +321,7 @@
             - name: MARIADB_PORT_NUMBER
               value: "3306"
             - name: YOURLS_DB_HOST
-              value: "yourls-mariadb"
+              value: yourls-mariadb:3306
             - name: YOURLS_DB_NAME
               value: "yourls"
             - name: YOURLS_DB_USER
@@ -289,32 +383,64 @@
           volumeMounts:
             - mountPath: /var/www/html
               name: yourls-data
+            - name: apache-metrics
+              mountPath: /etc/apache2/sites-available/00_status-vhost.conf
+              subPath: 00_status-vhost.conf
         - name: metrics
-          image: docker.io/bitnami/apache-exporter:0.11.0-debian-10-r36
+          image: docker.io/bitnami/apache-exporter:1.0.9-debian-12-r6
           imagePullPolicy: "Always"
           command:
             - /bin/apache_exporter
             - --scrape_uri
-            - http://status.localhost:8080/server-status/?auto
+            - http://status.localhost:80/server-status/?auto
           ports:
             - name: metrics
               containerPort: 9117
           livenessProbe:
+            failureThreshold: 3
+            initialDelaySeconds: 15
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 5
             httpGet:
               path: /metrics
               port: metrics
-            initialDelaySeconds: 15
-            timeoutSeconds: 5
           readinessProbe:
+            failureThreshold: 3
+            initialDelaySeconds: 5
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 3
             httpGet:
               path: /metrics
               port: metrics
-            initialDelaySeconds: 5
-            timeoutSeconds: 1
           resources:
-            limits: {}
-            requests: {}
+            limits:
+              cpu: 150m
+              ephemeral-storage: 2Gi
+              memory: 192Mi
+            requests:
+              cpu: 100m
+              ephemeral-storage: 50Mi
+              memory: 128Mi
+          securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            privileged: false
+            readOnlyRootFilesystem: true
+            runAsGroup: 1001
+            runAsNonRoot: true
+            runAsUser: 1001
+            seLinuxOptions: {}
+            seccompProfile:
+              type: RuntimeDefault
       volumes:
+        - name: apache-metrics
+          configMap:
+            name: yourls-apache-metrics
+            defaultMode: 0644
         - name: yourls-data
           persistentVolumeClaim:
             claimName: yourls-config-pvc
@@ -326,31 +452,35 @@
   name: yourls-mariadb
   namespace: "default"
   labels:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
     app.kubernetes.io/component: primary
 spec:
   replicas: 1
   revisionHistoryLimit: 10
   selector:
     matchLabels:
-      app.kubernetes.io/name: mariadb
       app.kubernetes.io/instance: yourls
+      app.kubernetes.io/name: mariadb
+      app.kubernetes.io/part-of: mariadb
       app.kubernetes.io/component: primary
-  serviceName: yourls-mariadb
+  serviceName: yourls-mariadb-headless
   updateStrategy:
     type: RollingUpdate
   template:
     metadata:
       annotations:
-        checksum/configuration: af5c671ff745ded0f8434c386e4bfffd387106e11527eecb5adb4f3e6fa0a454
+        checksum/configuration: b137c12cb19eb6808c39bb0a58af301b721fc06f98b3ac77407f49311d422cbc
       labels:
-        app.kubernetes.io/name: mariadb
         app.kubernetes.io/instance: yourls
         app.kubernetes.io/managed-by: Helm
+        app.kubernetes.io/name: mariadb
+        app.kubernetes.io/part-of: mariadb
         app.kubernetes.io/component: primary
     spec:
+      automountServiceAccountToken: false
       serviceAccountName: yourls-mariadb
       affinity:
         podAffinity:
@@ -359,23 +489,75 @@
             - podAffinityTerm:
                 labelSelector:
                   matchLabels:
-                    app.kubernetes.io/name: mariadb
                     app.kubernetes.io/instance: yourls
+                    app.kubernetes.io/name: mariadb
                     app.kubernetes.io/component: primary
-                namespaces:
-                  - "default"
                 topologyKey: kubernetes.io/hostname
               weight: 1
         nodeAffinity:
       securityContext:
         fsGroup: 1001
+        fsGroupChangePolicy: Always
+        supplementalGroups: []
+        sysctls: []
+      initContainers:
+        - name: preserve-logs-symlinks
+          image: docker.io/bitnami/mariadb:11.4.4-debian-12-r0
+          imagePullPolicy: "IfNotPresent"
+          securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            privileged: false
+            readOnlyRootFilesystem: true
+            runAsGroup: 1001
+            runAsNonRoot: true
+            runAsUser: 1001
+            seLinuxOptions: {}
+            seccompProfile:
+              type: RuntimeDefault
+          resources:
+            limits:
+              cpu: 375m
+              ephemeral-storage: 2Gi
+              memory: 384Mi
+            requests:
+              cpu: 250m
+              ephemeral-storage: 50Mi
+              memory: 256Mi
+          command:
+            - /bin/bash
+          args:
+            - -ec
+            - |
+              #!/bin/bash
+
+              . /opt/bitnami/scripts/libfs.sh
+              # We copy the logs folder because it has symlinks to stdout and stderr
+              if ! is_dir_empty /opt/bitnami/mariadb/logs; then
+                cp -r /opt/bitnami/mariadb/logs /emptydir/app-logs-dir
+              fi
+          volumeMounts:
+            - name: empty-dir
+              mountPath: /emptydir
       containers:
         - name: mariadb
-          image: docker.io/bitnami/mariadb:10.6.10-debian-11-r6
+          image: docker.io/bitnami/mariadb:11.4.4-debian-12-r0
           imagePullPolicy: "IfNotPresent"
           securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            privileged: false
+            readOnlyRootFilesystem: true
+            runAsGroup: 1001
             runAsNonRoot: true
             runAsUser: 1001
+            seLinuxOptions: {}
+            seccompProfile:
+              type: RuntimeDefault
           env:
             - name: BITNAMI_DEBUG
               value: "false"
@@ -393,6 +575,8 @@
                   key: mariadb-password
             - name: MARIADB_DATABASE
               value: "yourls"
+            - name: MARIADB_ENABLE_SSL
+              value: "no"
           ports:
             - name: mysql
               containerPort: 3306
@@ -411,7 +595,7 @@
                   if [[ -f "${MARIADB_ROOT_PASSWORD_FILE:-}" ]]; then
                       password_aux=$(cat "$MARIADB_ROOT_PASSWORD_FILE")
                   fi
-                  mysqladmin status -uroot -p"${password_aux}"
+                  mariadb-admin status -uroot -p"${password_aux}"
           readinessProbe:
             failureThreshold: 3
             initialDelaySeconds: 30
@@ -427,17 +611,37 @@
                   if [[ -f "${MARIADB_ROOT_PASSWORD_FILE:-}" ]]; then
                       password_aux=$(cat "$MARIADB_ROOT_PASSWORD_FILE")
                   fi
-                  mysqladmin status -uroot -p"${password_aux}"
+                  mariadb-admin ping -uroot -p"${password_aux}"
           resources:
-            limits: {}
-            requests: {}
+            limits:
+              cpu: 375m
+              ephemeral-storage: 2Gi
+              memory: 384Mi
+            requests:
+              cpu: 250m
+              ephemeral-storage: 50Mi
+              memory: 256Mi
           volumeMounts:
             - name: data
               mountPath: /bitnami/mariadb
             - name: config
               mountPath: /opt/bitnami/mariadb/conf/my.cnf
               subPath: my.cnf
+            - name: empty-dir
+              mountPath: /tmp
+              subPath: tmp-dir
+            - name: empty-dir
+              mountPath: /opt/bitnami/mariadb/conf
+              subPath: app-conf-dir
+            - name: empty-dir
+              mountPath: /opt/bitnami/mariadb/tmp
+              subPath: app-tmp-dir
+            - name: empty-dir
+              mountPath: /opt/bitnami/mariadb/logs
+              subPath: app-logs-dir
       volumes:
+        - name: empty-dir
+          emptyDir: {}
         - name: config
           configMap:
             name: yourls-mariadb
@@ -445,8 +649,8 @@
     - metadata:
         name: data
         labels:
-          app.kubernetes.io/name: mariadb
           app.kubernetes.io/instance: yourls
+          app.kubernetes.io/name: mariadb
           app.kubernetes.io/component: primary
       spec:
         accessModes:
@@ -462,9 +666,9 @@
   name: yourls
   namespace: "default"
   labels:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
   annotations:
     external-dns.alpha.kubernetes.io/target: ipv4.${SECRET_DOMAIN}
     external-dns/is-public: "true"

github-actions · 2024-12-11T04:04:42Z

Path: cluster/apps/collab/yourls/helm-release.yaml
Version: 5.2.7 -> 7.0.9

@@ -1,3 +1,52 @@
+# Source: yourls/charts/mariadb/templates/networkpolicy.yaml
+kind: NetworkPolicy
+apiVersion: networking.k8s.io/v1
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+spec:
+  podSelector:
+    matchLabels:
+      app.kubernetes.io/instance: yourls
+      app.kubernetes.io/managed-by: Helm
+      app.kubernetes.io/name: mariadb
+      app.kubernetes.io/version: 11.4.4
+      helm.sh/chart: mariadb-20.2.0
+  policyTypes:
+    - Ingress
+    - Egress
+  egress:
+    - {}
+  ingress:
+    - ports:
+        - port: 3306
+        - port: 3306
+---
+# Source: yourls/charts/mariadb/templates/primary/pdb.yaml
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+    app.kubernetes.io/component: primary
+spec:
+  maxUnavailable: 1
+  selector:
+    matchLabels:
+      app.kubernetes.io/instance: yourls
+      app.kubernetes.io/name: mariadb
+      app.kubernetes.io/component: primary
+---
 # Source: yourls/charts/mariadb/templates/serviceaccount.yaml
 apiVersion: v1
 kind: ServiceAccount
@@ -5,10 +54,10 @@
   name: yourls-mariadb
   namespace: "default"
   labels:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
-  annotations:
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
 automountServiceAccountToken: false
 ---
 # Source: yourls/charts/mariadb/templates/secrets.yaml
@@ -18,13 +67,14 @@
   name: yourls-mariadb
   namespace: "default"
   labels:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
 type: Opaque
 data:
-  mariadb-root-password: "ekJvVW5LWWdwcw=="
-  mariadb-password: "QnZiSUFOSHdqNQ=="
+  mariadb-root-password: "NlBtNEZ6cHNHQQ=="
+  mariadb-password: "aFA3a3RWQWZXWQ=="
 ---
 # Source: yourls/templates/secrets.yaml
 apiVersion: v1
@@ -33,9 +83,9 @@
   name: yourls
   namespace: "default"
   labels:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
 type: kubernetes.io/basic-auth
 data:
   username: "ZGZyb2Jlcmc="
@@ -48,9 +98,10 @@
   name: yourls-mariadb
   namespace: "default"
   labels:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
     app.kubernetes.io/component: primary
 data:
   my.cnf: |-
@@ -58,6 +109,7 @@
     skip-name-resolve
     explicit_defaults_for_timestamp
     basedir=/opt/bitnami/mariadb
+    datadir=/bitnami/mariadb/data
     plugin_dir=/opt/bitnami/mariadb/plugin
     port=3306
     socket=/opt/bitnami/mariadb/tmp/mysql.sock
@@ -69,9 +121,8 @@
     character-set-server=UTF8
     collation-server=utf8_general_ci
     slow_query_log=0
-    slow_query_log_file=/opt/bitnami/mariadb/logs/mysqld.log
     long_query_time=10.0
-
+    binlog_expire_logs_seconds=2592000
     [client]
     port=3306
     socket=/opt/bitnami/mariadb/tmp/mysql.sock
@@ -83,6 +134,51 @@
     socket=/opt/bitnami/mariadb/tmp/mysql.sock
     pid-file=/opt/bitnami/mariadb/tmp/mysqld.pid
 ---
+# Source: yourls/templates/metrics-httpd-configmap.yaml
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: yourls-apache-metrics
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
+data:
+  00_status-vhost.conf: |-
+    <VirtualHost 127.0.0.1:80>
+      ServerName status.localhost
+      <Location /server-status>
+        Require local
+        SetHandler server-status
+      </Location>
+    </VirtualHost>
+---
+# Source: yourls/charts/mariadb/templates/headless-svc.yaml
+apiVersion: v1
+kind: Service
+metadata:
+  name: yourls-mariadb-headless
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+spec:
+  type: ClusterIP
+  publishNotReadyAddresses: true
+  clusterIP: None
+  ports:
+    - name: mysql
+      port: 3306
+      protocol: TCP
+      targetPort: mysql
+  selector:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+---
 # Source: yourls/charts/mariadb/templates/primary/svc.yaml
 apiVersion: v1
 kind: Service
@@ -90,9 +186,10 @@
   name: yourls-mariadb
   namespace: "default"
   labels:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
     app.kubernetes.io/component: primary
   annotations:
 spec:
@@ -105,8 +202,8 @@
       targetPort: mysql
       nodePort: null
   selector:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: mariadb
     app.kubernetes.io/component: primary
 ---
 # Source: yourls/templates/metrics-svc.yaml
@@ -116,12 +213,12 @@
   name: yourls-metrics
   namespace: "default"
   labels:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
     app.kubernetes.io/component: metrics
   annotations:
-    prometheus.io/port: '9117'
+    prometheus.io/port: "9117"
     prometheus.io/scrape: "true"
 spec:
   type: ClusterIP
@@ -131,8 +228,8 @@
       protocol: TCP
       targetPort: metrics
   selector:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: yourls
 ---
 # Source: yourls/templates/service.yaml
 apiVersion: v1
@@ -141,9 +238,9 @@
   name: yourls
   namespace: "default"
   labels:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
 spec:
   type: ClusterIP
   ports:
@@ -158,8 +255,8 @@
       targetPort: https
       nodePort: null
   selector:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: yourls
 ---
 # Source: yourls/templates/deployment.yaml
 apiVersion: apps/v1
@@ -168,24 +265,23 @@
   name: yourls
   namespace: "default"
   labels:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
 spec:
   selector:
     matchLabels:
-      app.kubernetes.io/name: yourls
       app.kubernetes.io/instance: yourls
+      app.kubernetes.io/name: yourls
   strategy:
-    rollingUpdate: {}
     type: RollingUpdate
   replicas: 1
   template:
     metadata:
       labels:
-        app.kubernetes.io/name: yourls
         app.kubernetes.io/instance: yourls
         app.kubernetes.io/managed-by: Helm
+        app.kubernetes.io/name: yourls
       annotations:
         prometheus.io/port: '9117'
         prometheus.io/scrape: "true"
@@ -204,10 +300,8 @@
             - podAffinityTerm:
                 labelSelector:
                   matchLabels:
-                    app.kubernetes.io/name: yourls
                     app.kubernetes.io/instance: yourls
-                namespaces:
-                  - "default"
+                    app.kubernetes.io/name: yourls
                 topologyKey: kubernetes.io/hostname
               weight: 1
         nodeAffinity:
@@ -227,7 +321,7 @@
             - name: MARIADB_PORT_NUMBER
               value: "3306"
             - name: YOURLS_DB_HOST
-              value: "yourls-mariadb"
+              value: yourls-mariadb:3306
             - name: YOURLS_DB_NAME
               value: "yourls"
             - name: YOURLS_DB_USER
@@ -289,32 +383,64 @@
           volumeMounts:
             - mountPath: /var/www/html
               name: yourls-data
+            - name: apache-metrics
+              mountPath: /etc/apache2/sites-available/00_status-vhost.conf
+              subPath: 00_status-vhost.conf
         - name: metrics
-          image: docker.io/bitnami/apache-exporter:0.11.0-debian-10-r36
+          image: docker.io/bitnami/apache-exporter:1.0.9-debian-12-r6
           imagePullPolicy: "Always"
           command:
             - /bin/apache_exporter
             - --scrape_uri
-            - http://status.localhost:8080/server-status/?auto
+            - http://status.localhost:80/server-status/?auto
           ports:
             - name: metrics
               containerPort: 9117
           livenessProbe:
+            failureThreshold: 3
+            initialDelaySeconds: 15
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 5
             httpGet:
               path: /metrics
               port: metrics
-            initialDelaySeconds: 15
-            timeoutSeconds: 5
           readinessProbe:
+            failureThreshold: 3
+            initialDelaySeconds: 5
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 3
             httpGet:
               path: /metrics
               port: metrics
-            initialDelaySeconds: 5
-            timeoutSeconds: 1
           resources:
-            limits: {}
-            requests: {}
+            limits:
+              cpu: 150m
+              ephemeral-storage: 2Gi
+              memory: 192Mi
+            requests:
+              cpu: 100m
+              ephemeral-storage: 50Mi
+              memory: 128Mi
+          securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            privileged: false
+            readOnlyRootFilesystem: true
+            runAsGroup: 1001
+            runAsNonRoot: true
+            runAsUser: 1001
+            seLinuxOptions: {}
+            seccompProfile:
+              type: RuntimeDefault
       volumes:
+        - name: apache-metrics
+          configMap:
+            name: yourls-apache-metrics
+            defaultMode: 0644
         - name: yourls-data
           persistentVolumeClaim:
             claimName: yourls-config-pvc
@@ -326,31 +452,35 @@
   name: yourls-mariadb
   namespace: "default"
   labels:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
     app.kubernetes.io/component: primary
 spec:
   replicas: 1
   revisionHistoryLimit: 10
   selector:
     matchLabels:
-      app.kubernetes.io/name: mariadb
       app.kubernetes.io/instance: yourls
+      app.kubernetes.io/name: mariadb
+      app.kubernetes.io/part-of: mariadb
       app.kubernetes.io/component: primary
-  serviceName: yourls-mariadb
+  serviceName: yourls-mariadb-headless
   updateStrategy:
     type: RollingUpdate
   template:
     metadata:
       annotations:
-        checksum/configuration: af5c671ff745ded0f8434c386e4bfffd387106e11527eecb5adb4f3e6fa0a454
+        checksum/configuration: 0f0603bf6de3ec5fa95b90e252d6c2d0257e2f49ef3b3a87c670f5cf009babf7
       labels:
-        app.kubernetes.io/name: mariadb
         app.kubernetes.io/instance: yourls
         app.kubernetes.io/managed-by: Helm
+        app.kubernetes.io/name: mariadb
+        app.kubernetes.io/part-of: mariadb
         app.kubernetes.io/component: primary
     spec:
+      automountServiceAccountToken: false
       serviceAccountName: yourls-mariadb
       affinity:
         podAffinity:
@@ -359,23 +489,75 @@
             - podAffinityTerm:
                 labelSelector:
                   matchLabels:
-                    app.kubernetes.io/name: mariadb
                     app.kubernetes.io/instance: yourls
+                    app.kubernetes.io/name: mariadb
                     app.kubernetes.io/component: primary
-                namespaces:
-                  - "default"
                 topologyKey: kubernetes.io/hostname
               weight: 1
         nodeAffinity:
       securityContext:
         fsGroup: 1001
+        fsGroupChangePolicy: Always
+        supplementalGroups: []
+        sysctls: []
+      initContainers:
+        - name: preserve-logs-symlinks
+          image: docker.io/bitnami/mariadb:11.4.4-debian-12-r0
+          imagePullPolicy: "IfNotPresent"
+          securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            privileged: false
+            readOnlyRootFilesystem: true
+            runAsGroup: 1001
+            runAsNonRoot: true
+            runAsUser: 1001
+            seLinuxOptions: {}
+            seccompProfile:
+              type: RuntimeDefault
+          resources:
+            limits:
+              cpu: 375m
+              ephemeral-storage: 2Gi
+              memory: 384Mi
+            requests:
+              cpu: 250m
+              ephemeral-storage: 50Mi
+              memory: 256Mi
+          command:
+            - /bin/bash
+          args:
+            - -ec
+            - |
+              #!/bin/bash
+
+              . /opt/bitnami/scripts/libfs.sh
+              # We copy the logs folder because it has symlinks to stdout and stderr
+              if ! is_dir_empty /opt/bitnami/mariadb/logs; then
+                cp -r /opt/bitnami/mariadb/logs /emptydir/app-logs-dir
+              fi
+          volumeMounts:
+            - name: empty-dir
+              mountPath: /emptydir
       containers:
         - name: mariadb
-          image: docker.io/bitnami/mariadb:10.6.10-debian-11-r6
+          image: docker.io/bitnami/mariadb:11.4.4-debian-12-r0
           imagePullPolicy: "IfNotPresent"
           securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            privileged: false
+            readOnlyRootFilesystem: true
+            runAsGroup: 1001
             runAsNonRoot: true
             runAsUser: 1001
+            seLinuxOptions: {}
+            seccompProfile:
+              type: RuntimeDefault
           env:
             - name: BITNAMI_DEBUG
               value: "false"
@@ -393,6 +575,8 @@
                   key: mariadb-password
             - name: MARIADB_DATABASE
               value: "yourls"
+            - name: MARIADB_ENABLE_SSL
+              value: "no"
           ports:
             - name: mysql
               containerPort: 3306
@@ -411,7 +595,7 @@
                   if [[ -f "${MARIADB_ROOT_PASSWORD_FILE:-}" ]]; then
                       password_aux=$(cat "$MARIADB_ROOT_PASSWORD_FILE")
                   fi
-                  mysqladmin status -uroot -p"${password_aux}"
+                  mariadb-admin status -uroot -p"${password_aux}"
           readinessProbe:
             failureThreshold: 3
             initialDelaySeconds: 30
@@ -427,17 +611,37 @@
                   if [[ -f "${MARIADB_ROOT_PASSWORD_FILE:-}" ]]; then
                       password_aux=$(cat "$MARIADB_ROOT_PASSWORD_FILE")
                   fi
-                  mysqladmin status -uroot -p"${password_aux}"
+                  mariadb-admin ping -uroot -p"${password_aux}"
           resources:
-            limits: {}
-            requests: {}
+            limits:
+              cpu: 375m
+              ephemeral-storage: 2Gi
+              memory: 384Mi
+            requests:
+              cpu: 250m
+              ephemeral-storage: 50Mi
+              memory: 256Mi
           volumeMounts:
             - name: data
               mountPath: /bitnami/mariadb
             - name: config
               mountPath: /opt/bitnami/mariadb/conf/my.cnf
               subPath: my.cnf
+            - name: empty-dir
+              mountPath: /tmp
+              subPath: tmp-dir
+            - name: empty-dir
+              mountPath: /opt/bitnami/mariadb/conf
+              subPath: app-conf-dir
+            - name: empty-dir
+              mountPath: /opt/bitnami/mariadb/tmp
+              subPath: app-tmp-dir
+            - name: empty-dir
+              mountPath: /opt/bitnami/mariadb/logs
+              subPath: app-logs-dir
       volumes:
+        - name: empty-dir
+          emptyDir: {}
         - name: config
           configMap:
             name: yourls-mariadb
@@ -445,8 +649,8 @@
     - metadata:
         name: data
         labels:
-          app.kubernetes.io/name: mariadb
           app.kubernetes.io/instance: yourls
+          app.kubernetes.io/name: mariadb
           app.kubernetes.io/component: primary
       spec:
         accessModes:
@@ -462,9 +666,9 @@
   name: yourls
   namespace: "default"
   labels:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
   annotations:
     external-dns.alpha.kubernetes.io/target: ipv4.${SECRET_DOMAIN}
     external-dns/is-public: "true"

github-actions · 2024-12-15T04:11:07Z

Path: cluster/apps/collab/yourls/helm-release.yaml
Version: 5.2.7 -> 7.0.10

@@ -1,3 +1,52 @@
+# Source: yourls/charts/mariadb/templates/networkpolicy.yaml
+kind: NetworkPolicy
+apiVersion: networking.k8s.io/v1
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+spec:
+  podSelector:
+    matchLabels:
+      app.kubernetes.io/instance: yourls
+      app.kubernetes.io/managed-by: Helm
+      app.kubernetes.io/name: mariadb
+      app.kubernetes.io/version: 11.4.4
+      helm.sh/chart: mariadb-20.2.1
+  policyTypes:
+    - Ingress
+    - Egress
+  egress:
+    - {}
+  ingress:
+    - ports:
+        - port: 3306
+        - port: 3306
+---
+# Source: yourls/charts/mariadb/templates/primary/pdb.yaml
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+    app.kubernetes.io/component: primary
+spec:
+  maxUnavailable: 1
+  selector:
+    matchLabels:
+      app.kubernetes.io/instance: yourls
+      app.kubernetes.io/name: mariadb
+      app.kubernetes.io/component: primary
+---
 # Source: yourls/charts/mariadb/templates/serviceaccount.yaml
 apiVersion: v1
 kind: ServiceAccount
@@ -5,10 +54,10 @@
   name: yourls-mariadb
   namespace: "default"
   labels:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
-  annotations:
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
 automountServiceAccountToken: false
 ---
 # Source: yourls/charts/mariadb/templates/secrets.yaml
@@ -18,13 +67,14 @@
   name: yourls-mariadb
   namespace: "default"
   labels:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
 type: Opaque
 data:
-  mariadb-root-password: "UkRrY3J1R3VWVw=="
-  mariadb-password: "U05vdWVWYmZuSw=="
+  mariadb-root-password: "U0lvWTVqUFllRA=="
+  mariadb-password: "MHY0cGV3Mm1RUw=="
 ---
 # Source: yourls/templates/secrets.yaml
 apiVersion: v1
@@ -33,9 +83,9 @@
   name: yourls
   namespace: "default"
   labels:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
 type: kubernetes.io/basic-auth
 data:
   username: "ZGZyb2Jlcmc="
@@ -48,9 +98,10 @@
   name: yourls-mariadb
   namespace: "default"
   labels:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
     app.kubernetes.io/component: primary
 data:
   my.cnf: |-
@@ -58,6 +109,7 @@
     skip-name-resolve
     explicit_defaults_for_timestamp
     basedir=/opt/bitnami/mariadb
+    datadir=/bitnami/mariadb/data
     plugin_dir=/opt/bitnami/mariadb/plugin
     port=3306
     socket=/opt/bitnami/mariadb/tmp/mysql.sock
@@ -69,9 +121,8 @@
     character-set-server=UTF8
     collation-server=utf8_general_ci
     slow_query_log=0
-    slow_query_log_file=/opt/bitnami/mariadb/logs/mysqld.log
     long_query_time=10.0
-
+    binlog_expire_logs_seconds=2592000
     [client]
     port=3306
     socket=/opt/bitnami/mariadb/tmp/mysql.sock
@@ -83,6 +134,51 @@
     socket=/opt/bitnami/mariadb/tmp/mysql.sock
     pid-file=/opt/bitnami/mariadb/tmp/mysqld.pid
 ---
+# Source: yourls/templates/metrics-httpd-configmap.yaml
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: yourls-apache-metrics
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
+data:
+  00_status-vhost.conf: |-
+    <VirtualHost 127.0.0.1:80>
+      ServerName status.localhost
+      <Location /server-status>
+        Require local
+        SetHandler server-status
+      </Location>
+    </VirtualHost>
+---
+# Source: yourls/charts/mariadb/templates/headless-svc.yaml
+apiVersion: v1
+kind: Service
+metadata:
+  name: yourls-mariadb-headless
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+spec:
+  type: ClusterIP
+  publishNotReadyAddresses: true
+  clusterIP: None
+  ports:
+    - name: mysql
+      port: 3306
+      protocol: TCP
+      targetPort: mysql
+  selector:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+---
 # Source: yourls/charts/mariadb/templates/primary/svc.yaml
 apiVersion: v1
 kind: Service
@@ -90,9 +186,10 @@
   name: yourls-mariadb
   namespace: "default"
   labels:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
     app.kubernetes.io/component: primary
   annotations:
 spec:
@@ -105,8 +202,8 @@
       targetPort: mysql
       nodePort: null
   selector:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: mariadb
     app.kubernetes.io/component: primary
 ---
 # Source: yourls/templates/metrics-svc.yaml
@@ -116,12 +213,12 @@
   name: yourls-metrics
   namespace: "default"
   labels:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
     app.kubernetes.io/component: metrics
   annotations:
-    prometheus.io/port: '9117'
+    prometheus.io/port: "9117"
     prometheus.io/scrape: "true"
 spec:
   type: ClusterIP
@@ -131,8 +228,8 @@
       protocol: TCP
       targetPort: metrics
   selector:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: yourls
 ---
 # Source: yourls/templates/service.yaml
 apiVersion: v1
@@ -141,9 +238,9 @@
   name: yourls
   namespace: "default"
   labels:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
 spec:
   type: ClusterIP
   ports:
@@ -158,8 +255,8 @@
       targetPort: https
       nodePort: null
   selector:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: yourls
 ---
 # Source: yourls/templates/deployment.yaml
 apiVersion: apps/v1
@@ -168,24 +265,23 @@
   name: yourls
   namespace: "default"
   labels:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
 spec:
   selector:
     matchLabels:
-      app.kubernetes.io/name: yourls
       app.kubernetes.io/instance: yourls
+      app.kubernetes.io/name: yourls
   strategy:
-    rollingUpdate: {}
     type: RollingUpdate
   replicas: 1
   template:
     metadata:
       labels:
-        app.kubernetes.io/name: yourls
         app.kubernetes.io/instance: yourls
         app.kubernetes.io/managed-by: Helm
+        app.kubernetes.io/name: yourls
       annotations:
         prometheus.io/port: '9117'
         prometheus.io/scrape: "true"
@@ -204,10 +300,8 @@
             - podAffinityTerm:
                 labelSelector:
                   matchLabels:
-                    app.kubernetes.io/name: yourls
                     app.kubernetes.io/instance: yourls
-                namespaces:
-                  - "default"
+                    app.kubernetes.io/name: yourls
                 topologyKey: kubernetes.io/hostname
               weight: 1
         nodeAffinity:
@@ -227,7 +321,7 @@
             - name: MARIADB_PORT_NUMBER
               value: "3306"
             - name: YOURLS_DB_HOST
-              value: "yourls-mariadb"
+              value: yourls-mariadb:3306
             - name: YOURLS_DB_NAME
               value: "yourls"
             - name: YOURLS_DB_USER
@@ -289,32 +383,64 @@
           volumeMounts:
             - mountPath: /var/www/html
               name: yourls-data
+            - name: apache-metrics
+              mountPath: /etc/apache2/sites-available/00_status-vhost.conf
+              subPath: 00_status-vhost.conf
         - name: metrics
-          image: docker.io/bitnami/apache-exporter:0.11.0-debian-10-r36
+          image: docker.io/bitnami/apache-exporter:1.0.9-debian-12-r6
           imagePullPolicy: "Always"
           command:
             - /bin/apache_exporter
             - --scrape_uri
-            - http://status.localhost:8080/server-status/?auto
+            - http://status.localhost:80/server-status/?auto
           ports:
             - name: metrics
               containerPort: 9117
           livenessProbe:
+            failureThreshold: 3
+            initialDelaySeconds: 15
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 5
             httpGet:
               path: /metrics
               port: metrics
-            initialDelaySeconds: 15
-            timeoutSeconds: 5
           readinessProbe:
+            failureThreshold: 3
+            initialDelaySeconds: 5
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 3
             httpGet:
               path: /metrics
               port: metrics
-            initialDelaySeconds: 5
-            timeoutSeconds: 1
           resources:
-            limits: {}
-            requests: {}
+            limits:
+              cpu: 150m
+              ephemeral-storage: 2Gi
+              memory: 192Mi
+            requests:
+              cpu: 100m
+              ephemeral-storage: 50Mi
+              memory: 128Mi
+          securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            privileged: false
+            readOnlyRootFilesystem: true
+            runAsGroup: 1001
+            runAsNonRoot: true
+            runAsUser: 1001
+            seLinuxOptions: {}
+            seccompProfile:
+              type: RuntimeDefault
       volumes:
+        - name: apache-metrics
+          configMap:
+            name: yourls-apache-metrics
+            defaultMode: 0644
         - name: yourls-data
           persistentVolumeClaim:
             claimName: yourls-config-pvc
@@ -326,31 +452,35 @@
   name: yourls-mariadb
   namespace: "default"
   labels:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
     app.kubernetes.io/component: primary
 spec:
   replicas: 1
   revisionHistoryLimit: 10
   selector:
     matchLabels:
-      app.kubernetes.io/name: mariadb
       app.kubernetes.io/instance: yourls
+      app.kubernetes.io/name: mariadb
+      app.kubernetes.io/part-of: mariadb
       app.kubernetes.io/component: primary
-  serviceName: yourls-mariadb
+  serviceName: yourls-mariadb-headless
   updateStrategy:
     type: RollingUpdate
   template:
     metadata:
       annotations:
-        checksum/configuration: af5c671ff745ded0f8434c386e4bfffd387106e11527eecb5adb4f3e6fa0a454
+        checksum/configuration: 24fcd01a81fe09fa400b99a0f76aeb84f942080cb1701bed94180d6b8b4beb14
       labels:
-        app.kubernetes.io/name: mariadb
         app.kubernetes.io/instance: yourls
         app.kubernetes.io/managed-by: Helm
+        app.kubernetes.io/name: mariadb
+        app.kubernetes.io/part-of: mariadb
         app.kubernetes.io/component: primary
     spec:
+      automountServiceAccountToken: false
       serviceAccountName: yourls-mariadb
       affinity:
         podAffinity:
@@ -359,23 +489,75 @@
             - podAffinityTerm:
                 labelSelector:
                   matchLabels:
-                    app.kubernetes.io/name: mariadb
                     app.kubernetes.io/instance: yourls
+                    app.kubernetes.io/name: mariadb
                     app.kubernetes.io/component: primary
-                namespaces:
-                  - "default"
                 topologyKey: kubernetes.io/hostname
               weight: 1
         nodeAffinity:
       securityContext:
         fsGroup: 1001
+        fsGroupChangePolicy: Always
+        supplementalGroups: []
+        sysctls: []
+      initContainers:
+        - name: preserve-logs-symlinks
+          image: docker.io/bitnami/mariadb:11.4.4-debian-12-r2
+          imagePullPolicy: "IfNotPresent"
+          securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            privileged: false
+            readOnlyRootFilesystem: true
+            runAsGroup: 1001
+            runAsNonRoot: true
+            runAsUser: 1001
+            seLinuxOptions: {}
+            seccompProfile:
+              type: RuntimeDefault
+          resources:
+            limits:
+              cpu: 375m
+              ephemeral-storage: 2Gi
+              memory: 384Mi
+            requests:
+              cpu: 250m
+              ephemeral-storage: 50Mi
+              memory: 256Mi
+          command:
+            - /bin/bash
+          args:
+            - -ec
+            - |
+              #!/bin/bash
+
+              . /opt/bitnami/scripts/libfs.sh
+              # We copy the logs folder because it has symlinks to stdout and stderr
+              if ! is_dir_empty /opt/bitnami/mariadb/logs; then
+                cp -r /opt/bitnami/mariadb/logs /emptydir/app-logs-dir
+              fi
+          volumeMounts:
+            - name: empty-dir
+              mountPath: /emptydir
       containers:
         - name: mariadb
-          image: docker.io/bitnami/mariadb:10.6.10-debian-11-r6
+          image: docker.io/bitnami/mariadb:11.4.4-debian-12-r2
           imagePullPolicy: "IfNotPresent"
           securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            privileged: false
+            readOnlyRootFilesystem: true
+            runAsGroup: 1001
             runAsNonRoot: true
             runAsUser: 1001
+            seLinuxOptions: {}
+            seccompProfile:
+              type: RuntimeDefault
           env:
             - name: BITNAMI_DEBUG
               value: "false"
@@ -393,6 +575,8 @@
                   key: mariadb-password
             - name: MARIADB_DATABASE
               value: "yourls"
+            - name: MARIADB_ENABLE_SSL
+              value: "no"
           ports:
             - name: mysql
               containerPort: 3306
@@ -411,7 +595,7 @@
                   if [[ -f "${MARIADB_ROOT_PASSWORD_FILE:-}" ]]; then
                       password_aux=$(cat "$MARIADB_ROOT_PASSWORD_FILE")
                   fi
-                  mysqladmin status -uroot -p"${password_aux}"
+                  mariadb-admin status -uroot -p"${password_aux}"
           readinessProbe:
             failureThreshold: 3
             initialDelaySeconds: 30
@@ -427,17 +611,37 @@
                   if [[ -f "${MARIADB_ROOT_PASSWORD_FILE:-}" ]]; then
                       password_aux=$(cat "$MARIADB_ROOT_PASSWORD_FILE")
                   fi
-                  mysqladmin status -uroot -p"${password_aux}"
+                  mariadb-admin ping -uroot -p"${password_aux}"
           resources:
-            limits: {}
-            requests: {}
+            limits:
+              cpu: 375m
+              ephemeral-storage: 2Gi
+              memory: 384Mi
+            requests:
+              cpu: 250m
+              ephemeral-storage: 50Mi
+              memory: 256Mi
           volumeMounts:
             - name: data
               mountPath: /bitnami/mariadb
             - name: config
               mountPath: /opt/bitnami/mariadb/conf/my.cnf
               subPath: my.cnf
+            - name: empty-dir
+              mountPath: /tmp
+              subPath: tmp-dir
+            - name: empty-dir
+              mountPath: /opt/bitnami/mariadb/conf
+              subPath: app-conf-dir
+            - name: empty-dir
+              mountPath: /opt/bitnami/mariadb/tmp
+              subPath: app-tmp-dir
+            - name: empty-dir
+              mountPath: /opt/bitnami/mariadb/logs
+              subPath: app-logs-dir
       volumes:
+        - name: empty-dir
+          emptyDir: {}
         - name: config
           configMap:
             name: yourls-mariadb
@@ -445,8 +649,8 @@
     - metadata:
         name: data
         labels:
-          app.kubernetes.io/name: mariadb
           app.kubernetes.io/instance: yourls
+          app.kubernetes.io/name: mariadb
           app.kubernetes.io/component: primary
       spec:
         accessModes:
@@ -462,9 +666,9 @@
   name: yourls
   namespace: "default"
   labels:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
   annotations:
     external-dns.alpha.kubernetes.io/target: ipv4.${SECRET_DOMAIN}
     external-dns/is-public: "true"

github-actions · 2025-02-13T12:44:27Z

Path: cluster/apps/collab/yourls/helm-release.yaml
Version: 5.2.7 -> 7.1.9

@@ -1,3 +1,52 @@
+# Source: yourls/charts/mariadb/templates/networkpolicy.yaml
+kind: NetworkPolicy
+apiVersion: networking.k8s.io/v1
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+spec:
+  podSelector:
+    matchLabels:
+      app.kubernetes.io/instance: yourls
+      app.kubernetes.io/managed-by: Helm
+      app.kubernetes.io/name: mariadb
+      app.kubernetes.io/version: 11.4.4
+      helm.sh/chart: mariadb-20.2.2
+  policyTypes:
+    - Ingress
+    - Egress
+  egress:
+    - {}
+  ingress:
+    - ports:
+        - port: 3306
+        - port: 3306
+---
+# Source: yourls/charts/mariadb/templates/primary/pdb.yaml
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+    app.kubernetes.io/component: primary
+spec:
+  maxUnavailable: 1
+  selector:
+    matchLabels:
+      app.kubernetes.io/instance: yourls
+      app.kubernetes.io/name: mariadb
+      app.kubernetes.io/component: primary
+---
 # Source: yourls/charts/mariadb/templates/serviceaccount.yaml
 apiVersion: v1
 kind: ServiceAccount
@@ -5,10 +54,10 @@
   name: yourls-mariadb
   namespace: "default"
   labels:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
-  annotations:
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
 automountServiceAccountToken: false
 ---
 # Source: yourls/charts/mariadb/templates/secrets.yaml
@@ -18,13 +67,14 @@
   name: yourls-mariadb
   namespace: "default"
   labels:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
 type: Opaque
 data:
-  mariadb-root-password: "WklSOGNDUDVrVg=="
-  mariadb-password: "cmxUZktrNnFkcg=="
+  mariadb-root-password: "T3Jac2VObGQzbw=="
+  mariadb-password: "ajNES044WEhmZw=="
 ---
 # Source: yourls/templates/secrets.yaml
 apiVersion: v1
@@ -33,9 +83,9 @@
   name: yourls
   namespace: "default"
   labels:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
 type: kubernetes.io/basic-auth
 data:
   username: "ZGZyb2Jlcmc="
@@ -48,9 +98,10 @@
   name: yourls-mariadb
   namespace: "default"
   labels:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
     app.kubernetes.io/component: primary
 data:
   my.cnf: |-
@@ -58,6 +109,7 @@
     skip-name-resolve
     explicit_defaults_for_timestamp
     basedir=/opt/bitnami/mariadb
+    datadir=/bitnami/mariadb/data
     plugin_dir=/opt/bitnami/mariadb/plugin
     port=3306
     socket=/opt/bitnami/mariadb/tmp/mysql.sock
@@ -69,9 +121,8 @@
     character-set-server=UTF8
     collation-server=utf8_general_ci
     slow_query_log=0
-    slow_query_log_file=/opt/bitnami/mariadb/logs/mysqld.log
     long_query_time=10.0
-
+    binlog_expire_logs_seconds=2592000
     [client]
     port=3306
     socket=/opt/bitnami/mariadb/tmp/mysql.sock
@@ -83,6 +134,51 @@
     socket=/opt/bitnami/mariadb/tmp/mysql.sock
     pid-file=/opt/bitnami/mariadb/tmp/mysqld.pid
 ---
+# Source: yourls/templates/metrics-httpd-configmap.yaml
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: yourls-apache-metrics
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
+data:
+  00_status-vhost.conf: |-
+    <VirtualHost 127.0.0.1:80>
+      ServerName status.localhost
+      <Location /server-status>
+        Require local
+        SetHandler server-status
+      </Location>
+    </VirtualHost>
+---
+# Source: yourls/charts/mariadb/templates/headless-svc.yaml
+apiVersion: v1
+kind: Service
+metadata:
+  name: yourls-mariadb-headless
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+spec:
+  type: ClusterIP
+  publishNotReadyAddresses: true
+  clusterIP: None
+  ports:
+    - name: mysql
+      port: 3306
+      protocol: TCP
+      targetPort: mysql
+  selector:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+---
 # Source: yourls/charts/mariadb/templates/primary/svc.yaml
 apiVersion: v1
 kind: Service
@@ -90,9 +186,10 @@
   name: yourls-mariadb
   namespace: "default"
   labels:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
     app.kubernetes.io/component: primary
   annotations:
 spec:
@@ -105,8 +202,8 @@
       targetPort: mysql
       nodePort: null
   selector:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: mariadb
     app.kubernetes.io/component: primary
 ---
 # Source: yourls/templates/metrics-svc.yaml
@@ -116,12 +213,12 @@
   name: yourls-metrics
   namespace: "default"
   labels:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
     app.kubernetes.io/component: metrics
   annotations:
-    prometheus.io/port: '9117'
+    prometheus.io/port: "9117"
     prometheus.io/scrape: "true"
 spec:
   type: ClusterIP
@@ -131,8 +228,8 @@
       protocol: TCP
       targetPort: metrics
   selector:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: yourls
 ---
 # Source: yourls/templates/service.yaml
 apiVersion: v1
@@ -141,9 +238,9 @@
   name: yourls
   namespace: "default"
   labels:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
 spec:
   type: ClusterIP
   ports:
@@ -158,8 +255,8 @@
       targetPort: https
       nodePort: null
   selector:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: yourls
 ---
 # Source: yourls/templates/deployment.yaml
 apiVersion: apps/v1
@@ -168,24 +265,23 @@
   name: yourls
   namespace: "default"
   labels:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
 spec:
   selector:
     matchLabels:
-      app.kubernetes.io/name: yourls
       app.kubernetes.io/instance: yourls
+      app.kubernetes.io/name: yourls
   strategy:
-    rollingUpdate: {}
     type: RollingUpdate
   replicas: 1
   template:
     metadata:
       labels:
-        app.kubernetes.io/name: yourls
         app.kubernetes.io/instance: yourls
         app.kubernetes.io/managed-by: Helm
+        app.kubernetes.io/name: yourls
       annotations:
         prometheus.io/port: '9117'
         prometheus.io/scrape: "true"
@@ -204,10 +300,8 @@
             - podAffinityTerm:
                 labelSelector:
                   matchLabels:
-                    app.kubernetes.io/name: yourls
                     app.kubernetes.io/instance: yourls
-                namespaces:
-                  - "default"
+                    app.kubernetes.io/name: yourls
                 topologyKey: kubernetes.io/hostname
               weight: 1
         nodeAffinity:
@@ -227,7 +321,7 @@
             - name: MARIADB_PORT_NUMBER
               value: "3306"
             - name: YOURLS_DB_HOST
-              value: "yourls-mariadb"
+              value: yourls-mariadb:3306
             - name: YOURLS_DB_NAME
               value: "yourls"
             - name: YOURLS_DB_USER
@@ -289,32 +383,64 @@
           volumeMounts:
             - mountPath: /var/www/html
               name: yourls-data
+            - name: apache-metrics
+              mountPath: /etc/apache2/sites-available/00_status-vhost.conf
+              subPath: 00_status-vhost.conf
         - name: metrics
-          image: docker.io/bitnami/apache-exporter:0.11.0-debian-10-r36
+          image: docker.io/bitnami/apache-exporter:1.0.9-debian-12-r13
           imagePullPolicy: "Always"
           command:
             - /bin/apache_exporter
             - --scrape_uri
-            - http://status.localhost:8080/server-status/?auto
+            - http://status.localhost:80/server-status/?auto
           ports:
             - name: metrics
               containerPort: 9117
           livenessProbe:
+            failureThreshold: 3
+            initialDelaySeconds: 15
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 5
             httpGet:
               path: /metrics
               port: metrics
-            initialDelaySeconds: 15
-            timeoutSeconds: 5
           readinessProbe:
+            failureThreshold: 3
+            initialDelaySeconds: 5
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 3
             httpGet:
               path: /metrics
               port: metrics
-            initialDelaySeconds: 5
-            timeoutSeconds: 1
           resources:
-            limits: {}
-            requests: {}
+            limits:
+              cpu: 150m
+              ephemeral-storage: 2Gi
+              memory: 192Mi
+            requests:
+              cpu: 100m
+              ephemeral-storage: 50Mi
+              memory: 128Mi
+          securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            privileged: false
+            readOnlyRootFilesystem: true
+            runAsGroup: 1001
+            runAsNonRoot: true
+            runAsUser: 1001
+            seLinuxOptions: {}
+            seccompProfile:
+              type: RuntimeDefault
       volumes:
+        - name: apache-metrics
+          configMap:
+            name: yourls-apache-metrics
+            defaultMode: 0644
         - name: yourls-data
           persistentVolumeClaim:
             claimName: yourls-config-pvc
@@ -326,31 +452,35 @@
   name: yourls-mariadb
   namespace: "default"
   labels:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
     app.kubernetes.io/component: primary
 spec:
   replicas: 1
   revisionHistoryLimit: 10
   selector:
     matchLabels:
-      app.kubernetes.io/name: mariadb
       app.kubernetes.io/instance: yourls
+      app.kubernetes.io/name: mariadb
+      app.kubernetes.io/part-of: mariadb
       app.kubernetes.io/component: primary
-  serviceName: yourls-mariadb
+  serviceName: yourls-mariadb-headless
   updateStrategy:
     type: RollingUpdate
   template:
     metadata:
       annotations:
-        checksum/configuration: af5c671ff745ded0f8434c386e4bfffd387106e11527eecb5adb4f3e6fa0a454
+        checksum/configuration: 218fb9f55909b440a362fa11087f413d1032e8af189df1ac38fac2a2ba745d0f
       labels:
-        app.kubernetes.io/name: mariadb
         app.kubernetes.io/instance: yourls
         app.kubernetes.io/managed-by: Helm
+        app.kubernetes.io/name: mariadb
+        app.kubernetes.io/part-of: mariadb
         app.kubernetes.io/component: primary
     spec:
+      automountServiceAccountToken: false
       serviceAccountName: yourls-mariadb
       affinity:
         podAffinity:
@@ -359,23 +489,75 @@
             - podAffinityTerm:
                 labelSelector:
                   matchLabels:
-                    app.kubernetes.io/name: mariadb
                     app.kubernetes.io/instance: yourls
+                    app.kubernetes.io/name: mariadb
                     app.kubernetes.io/component: primary
-                namespaces:
-                  - "default"
                 topologyKey: kubernetes.io/hostname
               weight: 1
         nodeAffinity:
       securityContext:
         fsGroup: 1001
+        fsGroupChangePolicy: Always
+        supplementalGroups: []
+        sysctls: []
+      initContainers:
+        - name: preserve-logs-symlinks
+          image: docker.io/bitnami/mariadb:11.4.4-debian-12-r3
+          imagePullPolicy: "IfNotPresent"
+          securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            privileged: false
+            readOnlyRootFilesystem: true
+            runAsGroup: 1001
+            runAsNonRoot: true
+            runAsUser: 1001
+            seLinuxOptions: {}
+            seccompProfile:
+              type: RuntimeDefault
+          resources:
+            limits:
+              cpu: 375m
+              ephemeral-storage: 2Gi
+              memory: 384Mi
+            requests:
+              cpu: 250m
+              ephemeral-storage: 50Mi
+              memory: 256Mi
+          command:
+            - /bin/bash
+          args:
+            - -ec
+            - |
+              #!/bin/bash
+
+              . /opt/bitnami/scripts/libfs.sh
+              # We copy the logs folder because it has symlinks to stdout and stderr
+              if ! is_dir_empty /opt/bitnami/mariadb/logs; then
+                cp -r /opt/bitnami/mariadb/logs /emptydir/app-logs-dir
+              fi
+          volumeMounts:
+            - name: empty-dir
+              mountPath: /emptydir
       containers:
         - name: mariadb
-          image: docker.io/bitnami/mariadb:10.6.10-debian-11-r6
+          image: docker.io/bitnami/mariadb:11.4.4-debian-12-r3
           imagePullPolicy: "IfNotPresent"
           securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            privileged: false
+            readOnlyRootFilesystem: true
+            runAsGroup: 1001
             runAsNonRoot: true
             runAsUser: 1001
+            seLinuxOptions: {}
+            seccompProfile:
+              type: RuntimeDefault
           env:
             - name: BITNAMI_DEBUG
               value: "false"
@@ -393,6 +575,8 @@
                   key: mariadb-password
             - name: MARIADB_DATABASE
               value: "yourls"
+            - name: MARIADB_ENABLE_SSL
+              value: "no"
           ports:
             - name: mysql
               containerPort: 3306
@@ -411,7 +595,7 @@
                   if [[ -f "${MARIADB_ROOT_PASSWORD_FILE:-}" ]]; then
                       password_aux=$(cat "$MARIADB_ROOT_PASSWORD_FILE")
                   fi
-                  mysqladmin status -uroot -p"${password_aux}"
+                  mariadb-admin status -uroot -p"${password_aux}"
           readinessProbe:
             failureThreshold: 3
             initialDelaySeconds: 30
@@ -427,17 +611,37 @@
                   if [[ -f "${MARIADB_ROOT_PASSWORD_FILE:-}" ]]; then
                       password_aux=$(cat "$MARIADB_ROOT_PASSWORD_FILE")
                   fi
-                  mysqladmin status -uroot -p"${password_aux}"
+                  mariadb-admin ping -uroot -p"${password_aux}"
           resources:
-            limits: {}
-            requests: {}
+            limits:
+              cpu: 375m
+              ephemeral-storage: 2Gi
+              memory: 384Mi
+            requests:
+              cpu: 250m
+              ephemeral-storage: 50Mi
+              memory: 256Mi
           volumeMounts:
             - name: data
               mountPath: /bitnami/mariadb
             - name: config
               mountPath: /opt/bitnami/mariadb/conf/my.cnf
               subPath: my.cnf
+            - name: empty-dir
+              mountPath: /tmp
+              subPath: tmp-dir
+            - name: empty-dir
+              mountPath: /opt/bitnami/mariadb/conf
+              subPath: app-conf-dir
+            - name: empty-dir
+              mountPath: /opt/bitnami/mariadb/tmp
+              subPath: app-tmp-dir
+            - name: empty-dir
+              mountPath: /opt/bitnami/mariadb/logs
+              subPath: app-logs-dir
       volumes:
+        - name: empty-dir
+          emptyDir: {}
         - name: config
           configMap:
             name: yourls-mariadb
@@ -445,8 +649,8 @@
     - metadata:
         name: data
         labels:
-          app.kubernetes.io/name: mariadb
           app.kubernetes.io/instance: yourls
+          app.kubernetes.io/name: mariadb
           app.kubernetes.io/component: primary
       spec:
         accessModes:
@@ -462,9 +666,9 @@
   name: yourls
   namespace: "default"
   labels:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
   annotations:
     external-dns.alpha.kubernetes.io/target: ipv4.${SECRET_DOMAIN}
     external-dns/is-public: "true"

github-actions · 2025-02-17T23:13:53Z

Path: cluster/apps/collab/yourls/helm-release.yaml
Version: 5.2.7 -> 7.1.10

@@ -1,3 +1,52 @@
+# Source: yourls/charts/mariadb/templates/networkpolicy.yaml
+kind: NetworkPolicy
+apiVersion: networking.k8s.io/v1
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+spec:
+  podSelector:
+    matchLabels:
+      app.kubernetes.io/instance: yourls
+      app.kubernetes.io/managed-by: Helm
+      app.kubernetes.io/name: mariadb
+      app.kubernetes.io/version: 11.4.5
+      helm.sh/chart: mariadb-20.2.4
+  policyTypes:
+    - Ingress
+    - Egress
+  egress:
+    - {}
+  ingress:
+    - ports:
+        - port: 3306
+        - port: 3306
+---
+# Source: yourls/charts/mariadb/templates/primary/pdb.yaml
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+    app.kubernetes.io/component: primary
+spec:
+  maxUnavailable: 1
+  selector:
+    matchLabels:
+      app.kubernetes.io/instance: yourls
+      app.kubernetes.io/name: mariadb
+      app.kubernetes.io/component: primary
+---
 # Source: yourls/charts/mariadb/templates/serviceaccount.yaml
 apiVersion: v1
 kind: ServiceAccount
@@ -5,10 +54,10 @@
   name: yourls-mariadb
   namespace: "default"
   labels:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
-  annotations:
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
 automountServiceAccountToken: false
 ---
 # Source: yourls/charts/mariadb/templates/secrets.yaml
@@ -18,13 +67,14 @@
   name: yourls-mariadb
   namespace: "default"
   labels:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
 type: Opaque
 data:
-  mariadb-root-password: "TWNVSE1wTGVVYw=="
-  mariadb-password: "SzZqQkpaUkpReQ=="
+  mariadb-root-password: "UDMyWTBScjFRNg=="
+  mariadb-password: "amhKZVMzYXg4Sw=="
 ---
 # Source: yourls/templates/secrets.yaml
 apiVersion: v1
@@ -33,9 +83,9 @@
   name: yourls
   namespace: "default"
   labels:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
 type: kubernetes.io/basic-auth
 data:
   username: "ZGZyb2Jlcmc="
@@ -48,9 +98,10 @@
   name: yourls-mariadb
   namespace: "default"
   labels:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
     app.kubernetes.io/component: primary
 data:
   my.cnf: |-
@@ -58,6 +109,7 @@
     skip-name-resolve
     explicit_defaults_for_timestamp
     basedir=/opt/bitnami/mariadb
+    datadir=/bitnami/mariadb/data
     plugin_dir=/opt/bitnami/mariadb/plugin
     port=3306
     socket=/opt/bitnami/mariadb/tmp/mysql.sock
@@ -69,9 +121,8 @@
     character-set-server=UTF8
     collation-server=utf8_general_ci
     slow_query_log=0
-    slow_query_log_file=/opt/bitnami/mariadb/logs/mysqld.log
     long_query_time=10.0
-
+    binlog_expire_logs_seconds=2592000
     [client]
     port=3306
     socket=/opt/bitnami/mariadb/tmp/mysql.sock
@@ -83,6 +134,51 @@
     socket=/opt/bitnami/mariadb/tmp/mysql.sock
     pid-file=/opt/bitnami/mariadb/tmp/mysqld.pid
 ---
+# Source: yourls/templates/metrics-httpd-configmap.yaml
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: yourls-apache-metrics
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
+data:
+  00_status-vhost.conf: |-
+    <VirtualHost 127.0.0.1:80>
+      ServerName status.localhost
+      <Location /server-status>
+        Require local
+        SetHandler server-status
+      </Location>
+    </VirtualHost>
+---
+# Source: yourls/charts/mariadb/templates/headless-svc.yaml
+apiVersion: v1
+kind: Service
+metadata:
+  name: yourls-mariadb-headless
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+spec:
+  type: ClusterIP
+  publishNotReadyAddresses: true
+  clusterIP: None
+  ports:
+    - name: mysql
+      port: 3306
+      protocol: TCP
+      targetPort: mysql
+  selector:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+---
 # Source: yourls/charts/mariadb/templates/primary/svc.yaml
 apiVersion: v1
 kind: Service
@@ -90,9 +186,10 @@
   name: yourls-mariadb
   namespace: "default"
   labels:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
     app.kubernetes.io/component: primary
   annotations:
 spec:
@@ -105,8 +202,8 @@
       targetPort: mysql
       nodePort: null
   selector:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: mariadb
     app.kubernetes.io/component: primary
 ---
 # Source: yourls/templates/metrics-svc.yaml
@@ -116,12 +213,12 @@
   name: yourls-metrics
   namespace: "default"
   labels:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
     app.kubernetes.io/component: metrics
   annotations:
-    prometheus.io/port: '9117'
+    prometheus.io/port: "9117"
     prometheus.io/scrape: "true"
 spec:
   type: ClusterIP
@@ -131,8 +228,8 @@
       protocol: TCP
       targetPort: metrics
   selector:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: yourls
 ---
 # Source: yourls/templates/service.yaml
 apiVersion: v1
@@ -141,9 +238,9 @@
   name: yourls
   namespace: "default"
   labels:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
 spec:
   type: ClusterIP
   ports:
@@ -158,8 +255,8 @@
       targetPort: https
       nodePort: null
   selector:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: yourls
 ---
 # Source: yourls/templates/deployment.yaml
 apiVersion: apps/v1
@@ -168,24 +265,23 @@
   name: yourls
   namespace: "default"
   labels:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
 spec:
   selector:
     matchLabels:
-      app.kubernetes.io/name: yourls
       app.kubernetes.io/instance: yourls
+      app.kubernetes.io/name: yourls
   strategy:
-    rollingUpdate: {}
     type: RollingUpdate
   replicas: 1
   template:
     metadata:
       labels:
-        app.kubernetes.io/name: yourls
         app.kubernetes.io/instance: yourls
         app.kubernetes.io/managed-by: Helm
+        app.kubernetes.io/name: yourls
       annotations:
         prometheus.io/port: '9117'
         prometheus.io/scrape: "true"
@@ -204,10 +300,8 @@
             - podAffinityTerm:
                 labelSelector:
                   matchLabels:
-                    app.kubernetes.io/name: yourls
                     app.kubernetes.io/instance: yourls
-                namespaces:
-                  - "default"
+                    app.kubernetes.io/name: yourls
                 topologyKey: kubernetes.io/hostname
               weight: 1
         nodeAffinity:
@@ -227,7 +321,7 @@
             - name: MARIADB_PORT_NUMBER
               value: "3306"
             - name: YOURLS_DB_HOST
-              value: "yourls-mariadb"
+              value: yourls-mariadb:3306
             - name: YOURLS_DB_NAME
               value: "yourls"
             - name: YOURLS_DB_USER
@@ -289,32 +383,64 @@
           volumeMounts:
             - mountPath: /var/www/html
               name: yourls-data
+            - name: apache-metrics
+              mountPath: /etc/apache2/sites-available/00_status-vhost.conf
+              subPath: 00_status-vhost.conf
         - name: metrics
-          image: docker.io/bitnami/apache-exporter:0.11.0-debian-10-r36
+          image: docker.io/bitnami/apache-exporter:1.0.9-debian-12-r13
           imagePullPolicy: "Always"
           command:
             - /bin/apache_exporter
             - --scrape_uri
-            - http://status.localhost:8080/server-status/?auto
+            - http://status.localhost:80/server-status/?auto
           ports:
             - name: metrics
               containerPort: 9117
           livenessProbe:
+            failureThreshold: 3
+            initialDelaySeconds: 15
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 5
             httpGet:
               path: /metrics
               port: metrics
-            initialDelaySeconds: 15
-            timeoutSeconds: 5
           readinessProbe:
+            failureThreshold: 3
+            initialDelaySeconds: 5
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 3
             httpGet:
               path: /metrics
               port: metrics
-            initialDelaySeconds: 5
-            timeoutSeconds: 1
           resources:
-            limits: {}
-            requests: {}
+            limits:
+              cpu: 150m
+              ephemeral-storage: 2Gi
+              memory: 192Mi
+            requests:
+              cpu: 100m
+              ephemeral-storage: 50Mi
+              memory: 128Mi
+          securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            privileged: false
+            readOnlyRootFilesystem: true
+            runAsGroup: 1001
+            runAsNonRoot: true
+            runAsUser: 1001
+            seLinuxOptions: {}
+            seccompProfile:
+              type: RuntimeDefault
       volumes:
+        - name: apache-metrics
+          configMap:
+            name: yourls-apache-metrics
+            defaultMode: 0644
         - name: yourls-data
           persistentVolumeClaim:
             claimName: yourls-config-pvc
@@ -326,31 +452,35 @@
   name: yourls-mariadb
   namespace: "default"
   labels:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
     app.kubernetes.io/component: primary
 spec:
   replicas: 1
   revisionHistoryLimit: 10
   selector:
     matchLabels:
-      app.kubernetes.io/name: mariadb
       app.kubernetes.io/instance: yourls
+      app.kubernetes.io/name: mariadb
+      app.kubernetes.io/part-of: mariadb
       app.kubernetes.io/component: primary
-  serviceName: yourls-mariadb
+  serviceName: yourls-mariadb-headless
   updateStrategy:
     type: RollingUpdate
   template:
     metadata:
       annotations:
-        checksum/configuration: af5c671ff745ded0f8434c386e4bfffd387106e11527eecb5adb4f3e6fa0a454
+        checksum/configuration: 95e20bb77efbec9f80d769c228d6218631af498103b169e9586bac40e86c5318
       labels:
-        app.kubernetes.io/name: mariadb
         app.kubernetes.io/instance: yourls
         app.kubernetes.io/managed-by: Helm
+        app.kubernetes.io/name: mariadb
+        app.kubernetes.io/part-of: mariadb
         app.kubernetes.io/component: primary
     spec:
+      automountServiceAccountToken: false
       serviceAccountName: yourls-mariadb
       affinity:
         podAffinity:
@@ -359,23 +489,75 @@
             - podAffinityTerm:
                 labelSelector:
                   matchLabels:
-                    app.kubernetes.io/name: mariadb
                     app.kubernetes.io/instance: yourls
+                    app.kubernetes.io/name: mariadb
                     app.kubernetes.io/component: primary
-                namespaces:
-                  - "default"
                 topologyKey: kubernetes.io/hostname
               weight: 1
         nodeAffinity:
       securityContext:
         fsGroup: 1001
+        fsGroupChangePolicy: Always
+        supplementalGroups: []
+        sysctls: []
+      initContainers:
+        - name: preserve-logs-symlinks
+          image: docker.io/bitnami/mariadb:11.4.5-debian-12-r2
+          imagePullPolicy: "IfNotPresent"
+          securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            privileged: false
+            readOnlyRootFilesystem: true
+            runAsGroup: 1001
+            runAsNonRoot: true
+            runAsUser: 1001
+            seLinuxOptions: {}
+            seccompProfile:
+              type: RuntimeDefault
+          resources:
+            limits:
+              cpu: 750m
+              ephemeral-storage: 2Gi
+              memory: 768Mi
+            requests:
+              cpu: 500m
+              ephemeral-storage: 50Mi
+              memory: 512Mi
+          command:
+            - /bin/bash
+          args:
+            - -ec
+            - |
+              #!/bin/bash
+
+              . /opt/bitnami/scripts/libfs.sh
+              # We copy the logs folder because it has symlinks to stdout and stderr
+              if ! is_dir_empty /opt/bitnami/mariadb/logs; then
+                cp -r /opt/bitnami/mariadb/logs /emptydir/app-logs-dir
+              fi
+          volumeMounts:
+            - name: empty-dir
+              mountPath: /emptydir
       containers:
         - name: mariadb
-          image: docker.io/bitnami/mariadb:10.6.10-debian-11-r6
+          image: docker.io/bitnami/mariadb:11.4.5-debian-12-r2
           imagePullPolicy: "IfNotPresent"
           securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            privileged: false
+            readOnlyRootFilesystem: true
+            runAsGroup: 1001
             runAsNonRoot: true
             runAsUser: 1001
+            seLinuxOptions: {}
+            seccompProfile:
+              type: RuntimeDefault
           env:
             - name: BITNAMI_DEBUG
               value: "false"
@@ -393,6 +575,8 @@
                   key: mariadb-password
             - name: MARIADB_DATABASE
               value: "yourls"
+            - name: MARIADB_ENABLE_SSL
+              value: "no"
           ports:
             - name: mysql
               containerPort: 3306
@@ -411,7 +595,7 @@
                   if [[ -f "${MARIADB_ROOT_PASSWORD_FILE:-}" ]]; then
                       password_aux=$(cat "$MARIADB_ROOT_PASSWORD_FILE")
                   fi
-                  mysqladmin status -uroot -p"${password_aux}"
+                  mariadb-admin status -uroot -p"${password_aux}"
           readinessProbe:
             failureThreshold: 3
             initialDelaySeconds: 30
@@ -427,17 +611,37 @@
                   if [[ -f "${MARIADB_ROOT_PASSWORD_FILE:-}" ]]; then
                       password_aux=$(cat "$MARIADB_ROOT_PASSWORD_FILE")
                   fi
-                  mysqladmin status -uroot -p"${password_aux}"
+                  mariadb-admin ping -uroot -p"${password_aux}"
           resources:
-            limits: {}
-            requests: {}
+            limits:
+              cpu: 750m
+              ephemeral-storage: 2Gi
+              memory: 768Mi
+            requests:
+              cpu: 500m
+              ephemeral-storage: 50Mi
+              memory: 512Mi
           volumeMounts:
             - name: data
               mountPath: /bitnami/mariadb
             - name: config
               mountPath: /opt/bitnami/mariadb/conf/my.cnf
               subPath: my.cnf
+            - name: empty-dir
+              mountPath: /tmp
+              subPath: tmp-dir
+            - name: empty-dir
+              mountPath: /opt/bitnami/mariadb/conf
+              subPath: app-conf-dir
+            - name: empty-dir
+              mountPath: /opt/bitnami/mariadb/tmp
+              subPath: app-tmp-dir
+            - name: empty-dir
+              mountPath: /opt/bitnami/mariadb/logs
+              subPath: app-logs-dir
       volumes:
+        - name: empty-dir
+          emptyDir: {}
         - name: config
           configMap:
             name: yourls-mariadb
@@ -445,8 +649,8 @@
     - metadata:
         name: data
         labels:
-          app.kubernetes.io/name: mariadb
           app.kubernetes.io/instance: yourls
+          app.kubernetes.io/name: mariadb
           app.kubernetes.io/component: primary
       spec:
         accessModes:
@@ -462,9 +666,9 @@
   name: yourls
   namespace: "default"
   labels:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
   annotations:
     external-dns.alpha.kubernetes.io/target: ipv4.${SECRET_DOMAIN}
     external-dns/is-public: "true"

github-actions · 2025-02-19T03:01:13Z

Path: cluster/apps/collab/yourls/helm-release.yaml
Version: 5.2.7 -> 7.1.11

@@ -1,3 +1,52 @@
+# Source: yourls/charts/mariadb/templates/networkpolicy.yaml
+kind: NetworkPolicy
+apiVersion: networking.k8s.io/v1
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+spec:
+  podSelector:
+    matchLabels:
+      app.kubernetes.io/instance: yourls
+      app.kubernetes.io/managed-by: Helm
+      app.kubernetes.io/name: mariadb
+      app.kubernetes.io/version: 11.4.5
+      helm.sh/chart: mariadb-20.2.4
+  policyTypes:
+    - Ingress
+    - Egress
+  egress:
+    - {}
+  ingress:
+    - ports:
+        - port: 3306
+        - port: 3306
+---
+# Source: yourls/charts/mariadb/templates/primary/pdb.yaml
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+    app.kubernetes.io/component: primary
+spec:
+  maxUnavailable: 1
+  selector:
+    matchLabels:
+      app.kubernetes.io/instance: yourls
+      app.kubernetes.io/name: mariadb
+      app.kubernetes.io/component: primary
+---
 # Source: yourls/charts/mariadb/templates/serviceaccount.yaml
 apiVersion: v1
 kind: ServiceAccount
@@ -5,10 +54,10 @@
   name: yourls-mariadb
   namespace: "default"
   labels:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
-  annotations:
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
 automountServiceAccountToken: false
 ---
 # Source: yourls/charts/mariadb/templates/secrets.yaml
@@ -18,13 +67,14 @@
   name: yourls-mariadb
   namespace: "default"
   labels:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
 type: Opaque
 data:
-  mariadb-root-password: "NkR5dGlqY2R6Tw=="
-  mariadb-password: "bHA5T2dNQ3BkeA=="
+  mariadb-root-password: "VHg2NWdJUjZUVA=="
+  mariadb-password: "dkhzRmdmb3QxcA=="
 ---
 # Source: yourls/templates/secrets.yaml
 apiVersion: v1
@@ -33,9 +83,9 @@
   name: yourls
   namespace: "default"
   labels:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
 type: kubernetes.io/basic-auth
 data:
   username: "ZGZyb2Jlcmc="
@@ -48,9 +98,10 @@
   name: yourls-mariadb
   namespace: "default"
   labels:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
     app.kubernetes.io/component: primary
 data:
   my.cnf: |-
@@ -58,6 +109,7 @@
     skip-name-resolve
     explicit_defaults_for_timestamp
     basedir=/opt/bitnami/mariadb
+    datadir=/bitnami/mariadb/data
     plugin_dir=/opt/bitnami/mariadb/plugin
     port=3306
     socket=/opt/bitnami/mariadb/tmp/mysql.sock
@@ -69,9 +121,8 @@
     character-set-server=UTF8
     collation-server=utf8_general_ci
     slow_query_log=0
-    slow_query_log_file=/opt/bitnami/mariadb/logs/mysqld.log
     long_query_time=10.0
-
+    binlog_expire_logs_seconds=2592000
     [client]
     port=3306
     socket=/opt/bitnami/mariadb/tmp/mysql.sock
@@ -83,6 +134,51 @@
     socket=/opt/bitnami/mariadb/tmp/mysql.sock
     pid-file=/opt/bitnami/mariadb/tmp/mysqld.pid
 ---
+# Source: yourls/templates/metrics-httpd-configmap.yaml
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: yourls-apache-metrics
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
+data:
+  00_status-vhost.conf: |-
+    <VirtualHost 127.0.0.1:80>
+      ServerName status.localhost
+      <Location /server-status>
+        Require local
+        SetHandler server-status
+      </Location>
+    </VirtualHost>
+---
+# Source: yourls/charts/mariadb/templates/headless-svc.yaml
+apiVersion: v1
+kind: Service
+metadata:
+  name: yourls-mariadb-headless
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+spec:
+  type: ClusterIP
+  publishNotReadyAddresses: true
+  clusterIP: None
+  ports:
+    - name: mysql
+      port: 3306
+      protocol: TCP
+      targetPort: mysql
+  selector:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+---
 # Source: yourls/charts/mariadb/templates/primary/svc.yaml
 apiVersion: v1
 kind: Service
@@ -90,9 +186,10 @@
   name: yourls-mariadb
   namespace: "default"
   labels:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
     app.kubernetes.io/component: primary
   annotations:
 spec:
@@ -105,8 +202,8 @@
       targetPort: mysql
       nodePort: null
   selector:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: mariadb
     app.kubernetes.io/component: primary
 ---
 # Source: yourls/templates/metrics-svc.yaml
@@ -116,12 +213,12 @@
   name: yourls-metrics
   namespace: "default"
   labels:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
     app.kubernetes.io/component: metrics
   annotations:
-    prometheus.io/port: '9117'
+    prometheus.io/port: "9117"
     prometheus.io/scrape: "true"
 spec:
   type: ClusterIP
@@ -131,8 +228,8 @@
       protocol: TCP
       targetPort: metrics
   selector:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: yourls
 ---
 # Source: yourls/templates/service.yaml
 apiVersion: v1
@@ -141,9 +238,9 @@
   name: yourls
   namespace: "default"
   labels:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
 spec:
   type: ClusterIP
   ports:
@@ -158,8 +255,8 @@
       targetPort: https
       nodePort: null
   selector:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: yourls
 ---
 # Source: yourls/templates/deployment.yaml
 apiVersion: apps/v1
@@ -168,24 +265,23 @@
   name: yourls
   namespace: "default"
   labels:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
 spec:
   selector:
     matchLabels:
-      app.kubernetes.io/name: yourls
       app.kubernetes.io/instance: yourls
+      app.kubernetes.io/name: yourls
   strategy:
-    rollingUpdate: {}
     type: RollingUpdate
   replicas: 1
   template:
     metadata:
       labels:
-        app.kubernetes.io/name: yourls
         app.kubernetes.io/instance: yourls
         app.kubernetes.io/managed-by: Helm
+        app.kubernetes.io/name: yourls
       annotations:
         prometheus.io/port: '9117'
         prometheus.io/scrape: "true"
@@ -204,10 +300,8 @@
             - podAffinityTerm:
                 labelSelector:
                   matchLabels:
-                    app.kubernetes.io/name: yourls
                     app.kubernetes.io/instance: yourls
-                namespaces:
-                  - "default"
+                    app.kubernetes.io/name: yourls
                 topologyKey: kubernetes.io/hostname
               weight: 1
         nodeAffinity:
@@ -227,7 +321,7 @@
             - name: MARIADB_PORT_NUMBER
               value: "3306"
             - name: YOURLS_DB_HOST
-              value: "yourls-mariadb"
+              value: yourls-mariadb:3306
             - name: YOURLS_DB_NAME
               value: "yourls"
             - name: YOURLS_DB_USER
@@ -289,32 +383,64 @@
           volumeMounts:
             - mountPath: /var/www/html
               name: yourls-data
+            - name: apache-metrics
+              mountPath: /etc/apache2/sites-available/00_status-vhost.conf
+              subPath: 00_status-vhost.conf
         - name: metrics
-          image: docker.io/bitnami/apache-exporter:0.11.0-debian-10-r36
+          image: docker.io/bitnami/apache-exporter:1.0.9-debian-12-r13
           imagePullPolicy: "Always"
           command:
             - /bin/apache_exporter
             - --scrape_uri
-            - http://status.localhost:8080/server-status/?auto
+            - http://status.localhost:80/server-status/?auto
           ports:
             - name: metrics
               containerPort: 9117
           livenessProbe:
+            failureThreshold: 3
+            initialDelaySeconds: 15
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 5
             httpGet:
               path: /metrics
               port: metrics
-            initialDelaySeconds: 15
-            timeoutSeconds: 5
           readinessProbe:
+            failureThreshold: 3
+            initialDelaySeconds: 5
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 3
             httpGet:
               path: /metrics
               port: metrics
-            initialDelaySeconds: 5
-            timeoutSeconds: 1
           resources:
-            limits: {}
-            requests: {}
+            limits:
+              cpu: 150m
+              ephemeral-storage: 2Gi
+              memory: 192Mi
+            requests:
+              cpu: 100m
+              ephemeral-storage: 50Mi
+              memory: 128Mi
+          securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            privileged: false
+            readOnlyRootFilesystem: true
+            runAsGroup: 1001
+            runAsNonRoot: true
+            runAsUser: 1001
+            seLinuxOptions: {}
+            seccompProfile:
+              type: RuntimeDefault
       volumes:
+        - name: apache-metrics
+          configMap:
+            name: yourls-apache-metrics
+            defaultMode: 0644
         - name: yourls-data
           persistentVolumeClaim:
             claimName: yourls-config-pvc
@@ -326,31 +452,35 @@
   name: yourls-mariadb
   namespace: "default"
   labels:
-    app.kubernetes.io/name: mariadb
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
     app.kubernetes.io/component: primary
 spec:
   replicas: 1
   revisionHistoryLimit: 10
   selector:
     matchLabels:
-      app.kubernetes.io/name: mariadb
       app.kubernetes.io/instance: yourls
+      app.kubernetes.io/name: mariadb
+      app.kubernetes.io/part-of: mariadb
       app.kubernetes.io/component: primary
-  serviceName: yourls-mariadb
+  serviceName: yourls-mariadb-headless
   updateStrategy:
     type: RollingUpdate
   template:
     metadata:
       annotations:
-        checksum/configuration: af5c671ff745ded0f8434c386e4bfffd387106e11527eecb5adb4f3e6fa0a454
+        checksum/configuration: 95e20bb77efbec9f80d769c228d6218631af498103b169e9586bac40e86c5318
       labels:
-        app.kubernetes.io/name: mariadb
         app.kubernetes.io/instance: yourls
         app.kubernetes.io/managed-by: Helm
+        app.kubernetes.io/name: mariadb
+        app.kubernetes.io/part-of: mariadb
         app.kubernetes.io/component: primary
     spec:
+      automountServiceAccountToken: false
       serviceAccountName: yourls-mariadb
       affinity:
         podAffinity:
@@ -359,23 +489,75 @@
             - podAffinityTerm:
                 labelSelector:
                   matchLabels:
-                    app.kubernetes.io/name: mariadb
                     app.kubernetes.io/instance: yourls
+                    app.kubernetes.io/name: mariadb
                     app.kubernetes.io/component: primary
-                namespaces:
-                  - "default"
                 topologyKey: kubernetes.io/hostname
               weight: 1
         nodeAffinity:
       securityContext:
         fsGroup: 1001
+        fsGroupChangePolicy: Always
+        supplementalGroups: []
+        sysctls: []
+      initContainers:
+        - name: preserve-logs-symlinks
+          image: docker.io/bitnami/mariadb:11.4.5-debian-12-r2
+          imagePullPolicy: "IfNotPresent"
+          securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            privileged: false
+            readOnlyRootFilesystem: true
+            runAsGroup: 1001
+            runAsNonRoot: true
+            runAsUser: 1001
+            seLinuxOptions: {}
+            seccompProfile:
+              type: RuntimeDefault
+          resources:
+            limits:
+              cpu: 750m
+              ephemeral-storage: 2Gi
+              memory: 768Mi
+            requests:
+              cpu: 500m
+              ephemeral-storage: 50Mi
+              memory: 512Mi
+          command:
+            - /bin/bash
+          args:
+            - -ec
+            - |
+              #!/bin/bash
+
+              . /opt/bitnami/scripts/libfs.sh
+              # We copy the logs folder because it has symlinks to stdout and stderr
+              if ! is_dir_empty /opt/bitnami/mariadb/logs; then
+                cp -r /opt/bitnami/mariadb/logs /emptydir/app-logs-dir
+              fi
+          volumeMounts:
+            - name: empty-dir
+              mountPath: /emptydir
       containers:
         - name: mariadb
-          image: docker.io/bitnami/mariadb:10.6.10-debian-11-r6
+          image: docker.io/bitnami/mariadb:11.4.5-debian-12-r2
           imagePullPolicy: "IfNotPresent"
           securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            privileged: false
+            readOnlyRootFilesystem: true
+            runAsGroup: 1001
             runAsNonRoot: true
             runAsUser: 1001
+            seLinuxOptions: {}
+            seccompProfile:
+              type: RuntimeDefault
           env:
             - name: BITNAMI_DEBUG
               value: "false"
@@ -393,6 +575,8 @@
                   key: mariadb-password
             - name: MARIADB_DATABASE
               value: "yourls"
+            - name: MARIADB_ENABLE_SSL
+              value: "no"
           ports:
             - name: mysql
               containerPort: 3306
@@ -411,7 +595,7 @@
                   if [[ -f "${MARIADB_ROOT_PASSWORD_FILE:-}" ]]; then
                       password_aux=$(cat "$MARIADB_ROOT_PASSWORD_FILE")
                   fi
-                  mysqladmin status -uroot -p"${password_aux}"
+                  mariadb-admin status -uroot -p"${password_aux}"
           readinessProbe:
             failureThreshold: 3
             initialDelaySeconds: 30
@@ -427,17 +611,37 @@
                   if [[ -f "${MARIADB_ROOT_PASSWORD_FILE:-}" ]]; then
                       password_aux=$(cat "$MARIADB_ROOT_PASSWORD_FILE")
                   fi
-                  mysqladmin status -uroot -p"${password_aux}"
+                  mariadb-admin ping -uroot -p"${password_aux}"
           resources:
-            limits: {}
-            requests: {}
+            limits:
+              cpu: 750m
+              ephemeral-storage: 2Gi
+              memory: 768Mi
+            requests:
+              cpu: 500m
+              ephemeral-storage: 50Mi
+              memory: 512Mi
           volumeMounts:
             - name: data
               mountPath: /bitnami/mariadb
             - name: config
               mountPath: /opt/bitnami/mariadb/conf/my.cnf
               subPath: my.cnf
+            - name: empty-dir
+              mountPath: /tmp
+              subPath: tmp-dir
+            - name: empty-dir
+              mountPath: /opt/bitnami/mariadb/conf
+              subPath: app-conf-dir
+            - name: empty-dir
+              mountPath: /opt/bitnami/mariadb/tmp
+              subPath: app-tmp-dir
+            - name: empty-dir
+              mountPath: /opt/bitnami/mariadb/logs
+              subPath: app-logs-dir
       volumes:
+        - name: empty-dir
+          emptyDir: {}
         - name: config
           configMap:
             name: yourls-mariadb
@@ -445,8 +649,8 @@
     - metadata:
         name: data
         labels:
-          app.kubernetes.io/name: mariadb
           app.kubernetes.io/instance: yourls
+          app.kubernetes.io/name: mariadb
           app.kubernetes.io/component: primary
       spec:
         accessModes:
@@ -462,9 +666,9 @@
   name: yourls
   namespace: "default"
   labels:
-    app.kubernetes.io/name: yourls
     app.kubernetes.io/instance: yourls
     app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
   annotations:
     external-dns.alpha.kubernetes.io/target: ipv4.${SECRET_DOMAIN}
     external-dns/is-public: "true"

github-actions · 2025-02-19T11:51:32Z

Path: cluster/apps/collab/yourls/helm-release.yaml
Version: 5.2.7 -> 7.1.12

@@ -1 +1,690 @@
+# Source: yourls/charts/mariadb/templates/networkpolicy.yaml
+kind: NetworkPolicy
+apiVersion: networking.k8s.io/v1
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+spec:
+  podSelector:
+    matchLabels:
+      app.kubernetes.io/instance: yourls
+      app.kubernetes.io/managed-by: Helm
+      app.kubernetes.io/name: mariadb
+      app.kubernetes.io/version: 11.4.5
+      helm.sh/chart: mariadb-20.2.4
+  policyTypes:
+    - Ingress
+    - Egress
+  egress:
+    - {}
+  ingress:
+    - ports:
+        - port: 3306
+        - port: 3306
+---
+# Source: yourls/charts/mariadb/templates/primary/pdb.yaml
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+    app.kubernetes.io/component: primary
+spec:
+  maxUnavailable: 1
+  selector:
+    matchLabels:
+      app.kubernetes.io/instance: yourls
+      app.kubernetes.io/name: mariadb
+      app.kubernetes.io/component: primary
+---
+# Source: yourls/charts/mariadb/templates/serviceaccount.yaml
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+automountServiceAccountToken: false
+---
+# Source: yourls/charts/mariadb/templates/secrets.yaml
+apiVersion: v1
+kind: Secret
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+type: Opaque
+data:
+  mariadb-root-password: "T3J3cXJ4VmVTVA=="
+  mariadb-password: "aWVWT1VtVDIwZA=="
+---
+# Source: yourls/templates/secrets.yaml
+apiVersion: v1
+kind: Secret
+metadata:
+  name: yourls
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
+type: kubernetes.io/basic-auth
+data:
+  username: "ZGZyb2Jlcmc="
+  password: "JHtTRUNSRVRfWU9VUkxTX0FETUlOX1BBU1NXT1JEfQ=="
+---
+# Source: yourls/charts/mariadb/templates/primary/configmap.yaml
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+    app.kubernetes.io/component: primary
+data:
+  my.cnf: |-
+    [mysqld]
+    skip-name-resolve
+    explicit_defaults_for_timestamp
+    basedir=/opt/bitnami/mariadb
+    datadir=/bitnami/mariadb/data
+    plugin_dir=/opt/bitnami/mariadb/plugin
+    port=3306
+    socket=/opt/bitnami/mariadb/tmp/mysql.sock
+    tmpdir=/opt/bitnami/mariadb/tmp
+    max_allowed_packet=16M
+    bind-address=*
+    pid-file=/opt/bitnami/mariadb/tmp/mysqld.pid
+    log-error=/opt/bitnami/mariadb/logs/mysqld.log
+    character-set-server=UTF8
+    collation-server=utf8_general_ci
+    slow_query_log=0
+    long_query_time=10.0
+    binlog_expire_logs_seconds=2592000
+    [client]
+    port=3306
+    socket=/opt/bitnami/mariadb/tmp/mysql.sock
+    default-character-set=UTF8
+    plugin_dir=/opt/bitnami/mariadb/plugin
 
+    [manager]
+    port=3306
+    socket=/opt/bitnami/mariadb/tmp/mysql.sock
+    pid-file=/opt/bitnami/mariadb/tmp/mysqld.pid
+---
+# Source: yourls/templates/metrics-httpd-configmap.yaml
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: yourls-apache-metrics
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
+data:
+  00_status-vhost.conf: |-
+    <VirtualHost 127.0.0.1:80>
+      ServerName status.localhost
+      <Location /server-status>
+        Require local
+        SetHandler server-status
+      </Location>
+    </VirtualHost>
+---
+# Source: yourls/charts/mariadb/templates/headless-svc.yaml
+apiVersion: v1
+kind: Service
+metadata:
+  name: yourls-mariadb-headless
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+spec:
+  type: ClusterIP
+  publishNotReadyAddresses: true
+  clusterIP: None
+  ports:
+    - name: mysql
+      port: 3306
+      protocol: TCP
+      targetPort: mysql
+  selector:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+---
+# Source: yourls/charts/mariadb/templates/primary/svc.yaml
+apiVersion: v1
+kind: Service
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+    app.kubernetes.io/component: primary
+  annotations:
+spec:
+  type: ClusterIP
+  sessionAffinity: None
+  ports:
+    - name: mysql
+      port: 3306
+      protocol: TCP
+      targetPort: mysql
+      nodePort: null
+  selector:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/component: primary
+---
+# Source: yourls/templates/metrics-svc.yaml
+apiVersion: v1
+kind: Service
+metadata:
+  name: yourls-metrics
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
+    app.kubernetes.io/component: metrics
+  annotations:
+    prometheus.io/port: "9117"
+    prometheus.io/scrape: "true"
+spec:
+  type: ClusterIP
+  ports:
+    - name: metrics
+      port: 9117
+      protocol: TCP
+      targetPort: metrics
+  selector:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: yourls
+---
+# Source: yourls/templates/service.yaml
+apiVersion: v1
+kind: Service
+metadata:
+  name: yourls
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
+spec:
+  type: ClusterIP
+  ports:
+    - name: http
+      port: 80
+      protocol: TCP
+      targetPort: http
+      nodePort: null
+    - name: https
+      port: 443
+      protocol: TCP
+      targetPort: https
+      nodePort: null
+  selector:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: yourls
+---
+# Source: yourls/templates/deployment.yaml
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: yourls
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
+spec:
+  selector:
+    matchLabels:
+      app.kubernetes.io/instance: yourls
+      app.kubernetes.io/name: yourls
+  strategy:
+    type: RollingUpdate
+  replicas: 1
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/instance: yourls
+        app.kubernetes.io/managed-by: Helm
+        app.kubernetes.io/name: yourls
+      annotations:
+        prometheus.io/port: '9117'
+        prometheus.io/scrape: "true"
+    spec:
+      serviceAccountName: default
+      # yamllint disable rule:indentation
+      hostAliases:
+        - hostnames:
+            - status.localhost
+          ip: 127.0.0.1
+      # yamllint enable rule:indentation
+      affinity:
+        podAffinity:
+        podAntiAffinity:
+          preferredDuringSchedulingIgnoredDuringExecution:
+            - podAffinityTerm:
+                labelSelector:
+                  matchLabels:
+                    app.kubernetes.io/instance: yourls
+                    app.kubernetes.io/name: yourls
+                topologyKey: kubernetes.io/hostname
+              weight: 1
+        nodeAffinity:
+      securityContext:
+        fsGroup: 1001
+      containers:
+        - name: yourls
+          image: docker.io/yourls:1.9.1-fpm-alpine
+          imagePullPolicy: "Always"
+          env:
+            - name: APP_DEBUG
+              value: "false"
+            - name: ALLOW_EMPTY_PASSWORD
+              value: "yes"
+            - name: MARIADB_HOST
+              value: "yourls-mariadb"
+            - name: MARIADB_PORT_NUMBER
+              value: "3306"
+            - name: YOURLS_DB_HOST
+              value: yourls-mariadb:3306
+            - name: YOURLS_DB_NAME
+              value: "yourls"
+            - name: YOURLS_DB_USER
+              value: "yourls"
+            - name: YOURLS_DB_PASS
+              valueFrom:
+                secretKeyRef:
+                  name: yourls-mariadb
+                  key: mariadb-password
+            - name: YOURLS_DB_PREFIX
+              value: "yourls_"
+            - name: YOURLS_SITE
+              value: "http://yourls"
+            - name: YOURLS_USER
+              valueFrom:
+                secretKeyRef:
+                  name: yourls
+                  key: username
+            - name: YOURLS_PASS
+              valueFrom:
+                secretKeyRef:
+                  name: yourls
+                  key: password
+            - name: APACHE_HTTP_PORT_NUMBER
+              value: "80"
+            - name: APACHE_HTTPS_PORT_NUMBER
+              value: "443"
+          envFrom:
+          ports:
+            - name: http
+              containerPort: 80
+            - name: https
+              containerPort: 443
+          livenessProbe:
+            failureThreshold: 6
+            httpGet:
+              httpHeaders: []
+              path: /admin/install.php
+              port: http
+            initialDelaySeconds: 120
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 5
+          readinessProbe:
+            failureThreshold: 6
+            httpGet:
+              httpHeaders: []
+              path: /admin/install.php
+              port: http
+            initialDelaySeconds: 30
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 5
+          resources:
+            limits: {}
+            requests:
+              cpu: 300m
+              memory: 512Mi
+          volumeMounts:
+            - mountPath: /var/www/html
+              name: yourls-data
+            - name: apache-metrics
+              mountPath: /etc/apache2/sites-available/00_status-vhost.conf
+              subPath: 00_status-vhost.conf
+        - name: metrics
+          image: docker.io/bitnami/apache-exporter:1.0.9-debian-12-r13
+          imagePullPolicy: "Always"
+          command:
+            - /bin/apache_exporter
+            - --scrape_uri
+            - http://status.localhost:80/server-status/?auto
+          ports:
+            - name: metrics
+              containerPort: 9117
+          livenessProbe:
+            failureThreshold: 3
+            initialDelaySeconds: 15
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 5
+            httpGet:
+              path: /metrics
+              port: metrics
+          readinessProbe:
+            failureThreshold: 3
+            initialDelaySeconds: 5
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 3
+            httpGet:
+              path: /metrics
+              port: metrics
+          resources:
+            limits:
+              cpu: 150m
+              ephemeral-storage: 2Gi
+              memory: 192Mi
+            requests:
+              cpu: 100m
+              ephemeral-storage: 50Mi
+              memory: 128Mi
+          securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            privileged: false
+            readOnlyRootFilesystem: true
+            runAsGroup: 1001
+            runAsNonRoot: true
+            runAsUser: 1001
+            seLinuxOptions: {}
+            seccompProfile:
+              type: RuntimeDefault
+      volumes:
+        - name: apache-metrics
+          configMap:
+            name: yourls-apache-metrics
+            defaultMode: 0644
+        - name: yourls-data
+          persistentVolumeClaim:
+            claimName: yourls-config-pvc
+---
+# Source: yourls/charts/mariadb/templates/primary/statefulset.yaml
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+    app.kubernetes.io/component: primary
+spec:
+  replicas: 1
+  revisionHistoryLimit: 10
+  selector:
+    matchLabels:
+      app.kubernetes.io/instance: yourls
+      app.kubernetes.io/name: mariadb
+      app.kubernetes.io/part-of: mariadb
+      app.kubernetes.io/component: primary
+  serviceName: yourls-mariadb-headless
+  updateStrategy:
+    type: RollingUpdate
+  template:
+    metadata:
+      annotations:
+        checksum/configuration: 95e20bb77efbec9f80d769c228d6218631af498103b169e9586bac40e86c5318
+      labels:
+        app.kubernetes.io/instance: yourls
+        app.kubernetes.io/managed-by: Helm
+        app.kubernetes.io/name: mariadb
+        app.kubernetes.io/part-of: mariadb
+        app.kubernetes.io/component: primary
+    spec:
+      automountServiceAccountToken: false
+      serviceAccountName: yourls-mariadb
+      affinity:
+        podAffinity:
+        podAntiAffinity:
+          preferredDuringSchedulingIgnoredDuringExecution:
+            - podAffinityTerm:
+                labelSelector:
+                  matchLabels:
+                    app.kubernetes.io/instance: yourls
+                    app.kubernetes.io/name: mariadb
+                    app.kubernetes.io/component: primary
+                topologyKey: kubernetes.io/hostname
+              weight: 1
+        nodeAffinity:
+      securityContext:
+        fsGroup: 1001
+        fsGroupChangePolicy: Always
+        supplementalGroups: []
+        sysctls: []
+      initContainers:
+        - name: preserve-logs-symlinks
+          image: docker.io/bitnami/mariadb:11.4.5-debian-12-r2
+          imagePullPolicy: "IfNotPresent"
+          securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            privileged: false
+            readOnlyRootFilesystem: true
+            runAsGroup: 1001
+            runAsNonRoot: true
+            runAsUser: 1001
+            seLinuxOptions: {}
+            seccompProfile:
+              type: RuntimeDefault
+          resources:
+            limits:
+              cpu: 750m
+              ephemeral-storage: 2Gi
+              memory: 768Mi
+            requests:
+              cpu: 500m
+              ephemeral-storage: 50Mi
+              memory: 512Mi
+          command:
+            - /bin/bash
+          args:
+            - -ec
+            - |
+              #!/bin/bash
+
+              . /opt/bitnami/scripts/libfs.sh
+              # We copy the logs folder because it has symlinks to stdout and stderr
+              if ! is_dir_empty /opt/bitnami/mariadb/logs; then
+                cp -r /opt/bitnami/mariadb/logs /emptydir/app-logs-dir
+              fi
+          volumeMounts:
+            - name: empty-dir
+              mountPath: /emptydir
+      containers:
+        - name: mariadb
+          image: docker.io/bitnami/mariadb:11.4.5-debian-12-r2
+          imagePullPolicy: "IfNotPresent"
+          securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            privileged: false
+            readOnlyRootFilesystem: true
+            runAsGroup: 1001
+            runAsNonRoot: true
+            runAsUser: 1001
+            seLinuxOptions: {}
+            seccompProfile:
+              type: RuntimeDefault
+          env:
+            - name: BITNAMI_DEBUG
+              value: "false"
+            - name: MARIADB_ROOT_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: yourls-mariadb
+                  key: mariadb-root-password
+            - name: MARIADB_USER
+              value: "yourls"
+            - name: MARIADB_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: yourls-mariadb
+                  key: mariadb-password
+            - name: MARIADB_DATABASE
+              value: "yourls"
+            - name: MARIADB_ENABLE_SSL
+              value: "no"
+          ports:
+            - name: mysql
+              containerPort: 3306
+          livenessProbe:
+            failureThreshold: 3
+            initialDelaySeconds: 120
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 1
+            exec:
+              command:
+                - /bin/bash
+                - -ec
+                - |
+                  password_aux="${MARIADB_ROOT_PASSWORD:-}"
+                  if [[ -f "${MARIADB_ROOT_PASSWORD_FILE:-}" ]]; then
+                      password_aux=$(cat "$MARIADB_ROOT_PASSWORD_FILE")
+                  fi
+                  mariadb-admin status -uroot -p"${password_aux}"
+          readinessProbe:
+            failureThreshold: 3
+            initialDelaySeconds: 30
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 1
+            exec:
+              command:
+                - /bin/bash
+                - -ec
+                - |
+                  password_aux="${MARIADB_ROOT_PASSWORD:-}"
+                  if [[ -f "${MARIADB_ROOT_PASSWORD_FILE:-}" ]]; then
+                      password_aux=$(cat "$MARIADB_ROOT_PASSWORD_FILE")
+                  fi
+                  mariadb-admin ping -uroot -p"${password_aux}"
+          resources:
+            limits:
+              cpu: 750m
+              ephemeral-storage: 2Gi
+              memory: 768Mi
+            requests:
+              cpu: 500m
+              ephemeral-storage: 50Mi
+              memory: 512Mi
+          volumeMounts:
+            - name: data
+              mountPath: /bitnami/mariadb
+            - name: config
+              mountPath: /opt/bitnami/mariadb/conf/my.cnf
+              subPath: my.cnf
+            - name: empty-dir
+              mountPath: /tmp
+              subPath: tmp-dir
+            - name: empty-dir
+              mountPath: /opt/bitnami/mariadb/conf
+              subPath: app-conf-dir
+            - name: empty-dir
+              mountPath: /opt/bitnami/mariadb/tmp
+              subPath: app-tmp-dir
+            - name: empty-dir
+              mountPath: /opt/bitnami/mariadb/logs
+              subPath: app-logs-dir
+      volumes:
+        - name: empty-dir
+          emptyDir: {}
+        - name: config
+          configMap:
+            name: yourls-mariadb
+  volumeClaimTemplates:
+    - metadata:
+        name: data
+        labels:
+          app.kubernetes.io/instance: yourls
+          app.kubernetes.io/name: mariadb
+          app.kubernetes.io/component: primary
+      spec:
+        accessModes:
+          - "ReadWriteOnce"
+        resources:
+          requests:
+            storage: "8Gi"
+---
+# Source: yourls/templates/ingress.yaml
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: yourls
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
+  annotations:
+    external-dns.alpha.kubernetes.io/target: ipv4.${SECRET_DOMAIN}
+    external-dns/is-public: "true"
+    haproxy-ingress-proxy.pfsense.org/backend: nginx-443
+    haproxy-ingress-proxy.pfsense.org/enabled: "true"
+    haproxy-ingress-proxy.pfsense.org/frontend: https-443
+    kubernetes.io/ingress.class: nginx
+spec:
+  rules:
+    - host: "yourls.local"
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: yourls
+                port:
+                  name: http

github-actions · 2025-02-19T16:36:05Z

Path: cluster/apps/collab/yourls/helm-release.yaml
Version: 5.2.7 -> 7.1.13

@@ -1 +1,690 @@
+# Source: yourls/charts/mariadb/templates/networkpolicy.yaml
+kind: NetworkPolicy
+apiVersion: networking.k8s.io/v1
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+spec:
+  podSelector:
+    matchLabels:
+      app.kubernetes.io/instance: yourls
+      app.kubernetes.io/managed-by: Helm
+      app.kubernetes.io/name: mariadb
+      app.kubernetes.io/version: 11.4.5
+      helm.sh/chart: mariadb-20.2.4
+  policyTypes:
+    - Ingress
+    - Egress
+  egress:
+    - {}
+  ingress:
+    - ports:
+        - port: 3306
+        - port: 3306
+---
+# Source: yourls/charts/mariadb/templates/primary/pdb.yaml
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+    app.kubernetes.io/component: primary
+spec:
+  maxUnavailable: 1
+  selector:
+    matchLabels:
+      app.kubernetes.io/instance: yourls
+      app.kubernetes.io/name: mariadb
+      app.kubernetes.io/component: primary
+---
+# Source: yourls/charts/mariadb/templates/serviceaccount.yaml
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+automountServiceAccountToken: false
+---
+# Source: yourls/charts/mariadb/templates/secrets.yaml
+apiVersion: v1
+kind: Secret
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+type: Opaque
+data:
+  mariadb-root-password: "MU96cUxFNFhiWQ=="
+  mariadb-password: "SVB6cmZnb0h1UA=="
+---
+# Source: yourls/templates/secrets.yaml
+apiVersion: v1
+kind: Secret
+metadata:
+  name: yourls
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
+type: kubernetes.io/basic-auth
+data:
+  username: "ZGZyb2Jlcmc="
+  password: "JHtTRUNSRVRfWU9VUkxTX0FETUlOX1BBU1NXT1JEfQ=="
+---
+# Source: yourls/charts/mariadb/templates/primary/configmap.yaml
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+    app.kubernetes.io/component: primary
+data:
+  my.cnf: |-
+    [mysqld]
+    skip-name-resolve
+    explicit_defaults_for_timestamp
+    basedir=/opt/bitnami/mariadb
+    datadir=/bitnami/mariadb/data
+    plugin_dir=/opt/bitnami/mariadb/plugin
+    port=3306
+    socket=/opt/bitnami/mariadb/tmp/mysql.sock
+    tmpdir=/opt/bitnami/mariadb/tmp
+    max_allowed_packet=16M
+    bind-address=*
+    pid-file=/opt/bitnami/mariadb/tmp/mysqld.pid
+    log-error=/opt/bitnami/mariadb/logs/mysqld.log
+    character-set-server=UTF8
+    collation-server=utf8_general_ci
+    slow_query_log=0
+    long_query_time=10.0
+    binlog_expire_logs_seconds=2592000
+    [client]
+    port=3306
+    socket=/opt/bitnami/mariadb/tmp/mysql.sock
+    default-character-set=UTF8
+    plugin_dir=/opt/bitnami/mariadb/plugin
 
+    [manager]
+    port=3306
+    socket=/opt/bitnami/mariadb/tmp/mysql.sock
+    pid-file=/opt/bitnami/mariadb/tmp/mysqld.pid
+---
+# Source: yourls/templates/metrics-httpd-configmap.yaml
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: yourls-apache-metrics
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
+data:
+  00_status-vhost.conf: |-
+    <VirtualHost 127.0.0.1:80>
+      ServerName status.localhost
+      <Location /server-status>
+        Require local
+        SetHandler server-status
+      </Location>
+    </VirtualHost>
+---
+# Source: yourls/charts/mariadb/templates/headless-svc.yaml
+apiVersion: v1
+kind: Service
+metadata:
+  name: yourls-mariadb-headless
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+spec:
+  type: ClusterIP
+  publishNotReadyAddresses: true
+  clusterIP: None
+  ports:
+    - name: mysql
+      port: 3306
+      protocol: TCP
+      targetPort: mysql
+  selector:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+---
+# Source: yourls/charts/mariadb/templates/primary/svc.yaml
+apiVersion: v1
+kind: Service
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+    app.kubernetes.io/component: primary
+  annotations:
+spec:
+  type: ClusterIP
+  sessionAffinity: None
+  ports:
+    - name: mysql
+      port: 3306
+      protocol: TCP
+      targetPort: mysql
+      nodePort: null
+  selector:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/component: primary
+---
+# Source: yourls/templates/metrics-svc.yaml
+apiVersion: v1
+kind: Service
+metadata:
+  name: yourls-metrics
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
+    app.kubernetes.io/component: metrics
+  annotations:
+    prometheus.io/port: "9117"
+    prometheus.io/scrape: "true"
+spec:
+  type: ClusterIP
+  ports:
+    - name: metrics
+      port: 9117
+      protocol: TCP
+      targetPort: metrics
+  selector:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: yourls
+---
+# Source: yourls/templates/service.yaml
+apiVersion: v1
+kind: Service
+metadata:
+  name: yourls
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
+spec:
+  type: ClusterIP
+  ports:
+    - name: http
+      port: 80
+      protocol: TCP
+      targetPort: http
+      nodePort: null
+    - name: https
+      port: 443
+      protocol: TCP
+      targetPort: https
+      nodePort: null
+  selector:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: yourls
+---
+# Source: yourls/templates/deployment.yaml
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: yourls
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
+spec:
+  selector:
+    matchLabels:
+      app.kubernetes.io/instance: yourls
+      app.kubernetes.io/name: yourls
+  strategy:
+    type: RollingUpdate
+  replicas: 1
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/instance: yourls
+        app.kubernetes.io/managed-by: Helm
+        app.kubernetes.io/name: yourls
+      annotations:
+        prometheus.io/port: '9117'
+        prometheus.io/scrape: "true"
+    spec:
+      serviceAccountName: default
+      # yamllint disable rule:indentation
+      hostAliases:
+        - hostnames:
+            - status.localhost
+          ip: 127.0.0.1
+      # yamllint enable rule:indentation
+      affinity:
+        podAffinity:
+        podAntiAffinity:
+          preferredDuringSchedulingIgnoredDuringExecution:
+            - podAffinityTerm:
+                labelSelector:
+                  matchLabels:
+                    app.kubernetes.io/instance: yourls
+                    app.kubernetes.io/name: yourls
+                topologyKey: kubernetes.io/hostname
+              weight: 1
+        nodeAffinity:
+      securityContext:
+        fsGroup: 1001
+      containers:
+        - name: yourls
+          image: docker.io/yourls:1.9.1-fpm-alpine
+          imagePullPolicy: "Always"
+          env:
+            - name: APP_DEBUG
+              value: "false"
+            - name: ALLOW_EMPTY_PASSWORD
+              value: "yes"
+            - name: MARIADB_HOST
+              value: "yourls-mariadb"
+            - name: MARIADB_PORT_NUMBER
+              value: "3306"
+            - name: YOURLS_DB_HOST
+              value: yourls-mariadb:3306
+            - name: YOURLS_DB_NAME
+              value: "yourls"
+            - name: YOURLS_DB_USER
+              value: "yourls"
+            - name: YOURLS_DB_PASS
+              valueFrom:
+                secretKeyRef:
+                  name: yourls-mariadb
+                  key: mariadb-password
+            - name: YOURLS_DB_PREFIX
+              value: "yourls_"
+            - name: YOURLS_SITE
+              value: "http://yourls"
+            - name: YOURLS_USER
+              valueFrom:
+                secretKeyRef:
+                  name: yourls
+                  key: username
+            - name: YOURLS_PASS
+              valueFrom:
+                secretKeyRef:
+                  name: yourls
+                  key: password
+            - name: APACHE_HTTP_PORT_NUMBER
+              value: "80"
+            - name: APACHE_HTTPS_PORT_NUMBER
+              value: "443"
+          envFrom:
+          ports:
+            - name: http
+              containerPort: 80
+            - name: https
+              containerPort: 443
+          livenessProbe:
+            failureThreshold: 6
+            httpGet:
+              httpHeaders: []
+              path: /admin/install.php
+              port: http
+            initialDelaySeconds: 120
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 5
+          readinessProbe:
+            failureThreshold: 6
+            httpGet:
+              httpHeaders: []
+              path: /admin/install.php
+              port: http
+            initialDelaySeconds: 30
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 5
+          resources:
+            limits: {}
+            requests:
+              cpu: 300m
+              memory: 512Mi
+          volumeMounts:
+            - mountPath: /var/www/html
+              name: yourls-data
+            - name: apache-metrics
+              mountPath: /etc/apache2/sites-available/00_status-vhost.conf
+              subPath: 00_status-vhost.conf
+        - name: metrics
+          image: docker.io/bitnami/apache-exporter:1.0.9-debian-12-r15
+          imagePullPolicy: "Always"
+          command:
+            - /bin/apache_exporter
+            - --scrape_uri
+            - http://status.localhost:80/server-status/?auto
+          ports:
+            - name: metrics
+              containerPort: 9117
+          livenessProbe:
+            failureThreshold: 3
+            initialDelaySeconds: 15
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 5
+            httpGet:
+              path: /metrics
+              port: metrics
+          readinessProbe:
+            failureThreshold: 3
+            initialDelaySeconds: 5
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 3
+            httpGet:
+              path: /metrics
+              port: metrics
+          resources:
+            limits:
+              cpu: 150m
+              ephemeral-storage: 2Gi
+              memory: 192Mi
+            requests:
+              cpu: 100m
+              ephemeral-storage: 50Mi
+              memory: 128Mi
+          securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            privileged: false
+            readOnlyRootFilesystem: true
+            runAsGroup: 1001
+            runAsNonRoot: true
+            runAsUser: 1001
+            seLinuxOptions: {}
+            seccompProfile:
+              type: RuntimeDefault
+      volumes:
+        - name: apache-metrics
+          configMap:
+            name: yourls-apache-metrics
+            defaultMode: 0644
+        - name: yourls-data
+          persistentVolumeClaim:
+            claimName: yourls-config-pvc
+---
+# Source: yourls/charts/mariadb/templates/primary/statefulset.yaml
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+    app.kubernetes.io/component: primary
+spec:
+  replicas: 1
+  revisionHistoryLimit: 10
+  selector:
+    matchLabels:
+      app.kubernetes.io/instance: yourls
+      app.kubernetes.io/name: mariadb
+      app.kubernetes.io/part-of: mariadb
+      app.kubernetes.io/component: primary
+  serviceName: yourls-mariadb-headless
+  updateStrategy:
+    type: RollingUpdate
+  template:
+    metadata:
+      annotations:
+        checksum/configuration: 95e20bb77efbec9f80d769c228d6218631af498103b169e9586bac40e86c5318
+      labels:
+        app.kubernetes.io/instance: yourls
+        app.kubernetes.io/managed-by: Helm
+        app.kubernetes.io/name: mariadb
+        app.kubernetes.io/part-of: mariadb
+        app.kubernetes.io/component: primary
+    spec:
+      automountServiceAccountToken: false
+      serviceAccountName: yourls-mariadb
+      affinity:
+        podAffinity:
+        podAntiAffinity:
+          preferredDuringSchedulingIgnoredDuringExecution:
+            - podAffinityTerm:
+                labelSelector:
+                  matchLabels:
+                    app.kubernetes.io/instance: yourls
+                    app.kubernetes.io/name: mariadb
+                    app.kubernetes.io/component: primary
+                topologyKey: kubernetes.io/hostname
+              weight: 1
+        nodeAffinity:
+      securityContext:
+        fsGroup: 1001
+        fsGroupChangePolicy: Always
+        supplementalGroups: []
+        sysctls: []
+      initContainers:
+        - name: preserve-logs-symlinks
+          image: docker.io/bitnami/mariadb:11.4.5-debian-12-r2
+          imagePullPolicy: "IfNotPresent"
+          securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            privileged: false
+            readOnlyRootFilesystem: true
+            runAsGroup: 1001
+            runAsNonRoot: true
+            runAsUser: 1001
+            seLinuxOptions: {}
+            seccompProfile:
+              type: RuntimeDefault
+          resources:
+            limits:
+              cpu: 750m
+              ephemeral-storage: 2Gi
+              memory: 768Mi
+            requests:
+              cpu: 500m
+              ephemeral-storage: 50Mi
+              memory: 512Mi
+          command:
+            - /bin/bash
+          args:
+            - -ec
+            - |
+              #!/bin/bash
+
+              . /opt/bitnami/scripts/libfs.sh
+              # We copy the logs folder because it has symlinks to stdout and stderr
+              if ! is_dir_empty /opt/bitnami/mariadb/logs; then
+                cp -r /opt/bitnami/mariadb/logs /emptydir/app-logs-dir
+              fi
+          volumeMounts:
+            - name: empty-dir
+              mountPath: /emptydir
+      containers:
+        - name: mariadb
+          image: docker.io/bitnami/mariadb:11.4.5-debian-12-r2
+          imagePullPolicy: "IfNotPresent"
+          securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            privileged: false
+            readOnlyRootFilesystem: true
+            runAsGroup: 1001
+            runAsNonRoot: true
+            runAsUser: 1001
+            seLinuxOptions: {}
+            seccompProfile:
+              type: RuntimeDefault
+          env:
+            - name: BITNAMI_DEBUG
+              value: "false"
+            - name: MARIADB_ROOT_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: yourls-mariadb
+                  key: mariadb-root-password
+            - name: MARIADB_USER
+              value: "yourls"
+            - name: MARIADB_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: yourls-mariadb
+                  key: mariadb-password
+            - name: MARIADB_DATABASE
+              value: "yourls"
+            - name: MARIADB_ENABLE_SSL
+              value: "no"
+          ports:
+            - name: mysql
+              containerPort: 3306
+          livenessProbe:
+            failureThreshold: 3
+            initialDelaySeconds: 120
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 1
+            exec:
+              command:
+                - /bin/bash
+                - -ec
+                - |
+                  password_aux="${MARIADB_ROOT_PASSWORD:-}"
+                  if [[ -f "${MARIADB_ROOT_PASSWORD_FILE:-}" ]]; then
+                      password_aux=$(cat "$MARIADB_ROOT_PASSWORD_FILE")
+                  fi
+                  mariadb-admin status -uroot -p"${password_aux}"
+          readinessProbe:
+            failureThreshold: 3
+            initialDelaySeconds: 30
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 1
+            exec:
+              command:
+                - /bin/bash
+                - -ec
+                - |
+                  password_aux="${MARIADB_ROOT_PASSWORD:-}"
+                  if [[ -f "${MARIADB_ROOT_PASSWORD_FILE:-}" ]]; then
+                      password_aux=$(cat "$MARIADB_ROOT_PASSWORD_FILE")
+                  fi
+                  mariadb-admin ping -uroot -p"${password_aux}"
+          resources:
+            limits:
+              cpu: 750m
+              ephemeral-storage: 2Gi
+              memory: 768Mi
+            requests:
+              cpu: 500m
+              ephemeral-storage: 50Mi
+              memory: 512Mi
+          volumeMounts:
+            - name: data
+              mountPath: /bitnami/mariadb
+            - name: config
+              mountPath: /opt/bitnami/mariadb/conf/my.cnf
+              subPath: my.cnf
+            - name: empty-dir
+              mountPath: /tmp
+              subPath: tmp-dir
+            - name: empty-dir
+              mountPath: /opt/bitnami/mariadb/conf
+              subPath: app-conf-dir
+            - name: empty-dir
+              mountPath: /opt/bitnami/mariadb/tmp
+              subPath: app-tmp-dir
+            - name: empty-dir
+              mountPath: /opt/bitnami/mariadb/logs
+              subPath: app-logs-dir
+      volumes:
+        - name: empty-dir
+          emptyDir: {}
+        - name: config
+          configMap:
+            name: yourls-mariadb
+  volumeClaimTemplates:
+    - metadata:
+        name: data
+        labels:
+          app.kubernetes.io/instance: yourls
+          app.kubernetes.io/name: mariadb
+          app.kubernetes.io/component: primary
+      spec:
+        accessModes:
+          - "ReadWriteOnce"
+        resources:
+          requests:
+            storage: "8Gi"
+---
+# Source: yourls/templates/ingress.yaml
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: yourls
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
+  annotations:
+    external-dns.alpha.kubernetes.io/target: ipv4.${SECRET_DOMAIN}
+    external-dns/is-public: "true"
+    haproxy-ingress-proxy.pfsense.org/backend: nginx-443
+    haproxy-ingress-proxy.pfsense.org/enabled: "true"
+    haproxy-ingress-proxy.pfsense.org/frontend: https-443
+    kubernetes.io/ingress.class: nginx
+spec:
+  rules:
+    - host: "yourls.local"
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: yourls
+                port:
+                  name: http

github-actions · 2025-02-20T18:37:55Z

Path: cluster/apps/collab/yourls/helm-release.yaml
Version: 5.2.7 -> 7.1.14

@@ -1 +1,690 @@
+# Source: yourls/charts/mariadb/templates/networkpolicy.yaml
+kind: NetworkPolicy
+apiVersion: networking.k8s.io/v1
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+spec:
+  podSelector:
+    matchLabels:
+      app.kubernetes.io/instance: yourls
+      app.kubernetes.io/managed-by: Helm
+      app.kubernetes.io/name: mariadb
+      app.kubernetes.io/version: 11.4.5
+      helm.sh/chart: mariadb-20.2.4
+  policyTypes:
+    - Ingress
+    - Egress
+  egress:
+    - {}
+  ingress:
+    - ports:
+        - port: 3306
+        - port: 3306
+---
+# Source: yourls/charts/mariadb/templates/primary/pdb.yaml
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+    app.kubernetes.io/component: primary
+spec:
+  maxUnavailable: 1
+  selector:
+    matchLabels:
+      app.kubernetes.io/instance: yourls
+      app.kubernetes.io/name: mariadb
+      app.kubernetes.io/component: primary
+---
+# Source: yourls/charts/mariadb/templates/serviceaccount.yaml
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+automountServiceAccountToken: false
+---
+# Source: yourls/charts/mariadb/templates/secrets.yaml
+apiVersion: v1
+kind: Secret
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+type: Opaque
+data:
+  mariadb-root-password: "UllqTjNYbE1hZw=="
+  mariadb-password: "V0ZFYU1DdWx4MA=="
+---
+# Source: yourls/templates/secrets.yaml
+apiVersion: v1
+kind: Secret
+metadata:
+  name: yourls
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
+type: kubernetes.io/basic-auth
+data:
+  username: "ZGZyb2Jlcmc="
+  password: "JHtTRUNSRVRfWU9VUkxTX0FETUlOX1BBU1NXT1JEfQ=="
+---
+# Source: yourls/charts/mariadb/templates/primary/configmap.yaml
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+    app.kubernetes.io/component: primary
+data:
+  my.cnf: |-
+    [mysqld]
+    skip-name-resolve
+    explicit_defaults_for_timestamp
+    basedir=/opt/bitnami/mariadb
+    datadir=/bitnami/mariadb/data
+    plugin_dir=/opt/bitnami/mariadb/plugin
+    port=3306
+    socket=/opt/bitnami/mariadb/tmp/mysql.sock
+    tmpdir=/opt/bitnami/mariadb/tmp
+    max_allowed_packet=16M
+    bind-address=*
+    pid-file=/opt/bitnami/mariadb/tmp/mysqld.pid
+    log-error=/opt/bitnami/mariadb/logs/mysqld.log
+    character-set-server=UTF8
+    collation-server=utf8_general_ci
+    slow_query_log=0
+    long_query_time=10.0
+    binlog_expire_logs_seconds=2592000
+    [client]
+    port=3306
+    socket=/opt/bitnami/mariadb/tmp/mysql.sock
+    default-character-set=UTF8
+    plugin_dir=/opt/bitnami/mariadb/plugin
 
+    [manager]
+    port=3306
+    socket=/opt/bitnami/mariadb/tmp/mysql.sock
+    pid-file=/opt/bitnami/mariadb/tmp/mysqld.pid
+---
+# Source: yourls/templates/metrics-httpd-configmap.yaml
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: yourls-apache-metrics
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
+data:
+  00_status-vhost.conf: |-
+    <VirtualHost 127.0.0.1:80>
+      ServerName status.localhost
+      <Location /server-status>
+        Require local
+        SetHandler server-status
+      </Location>
+    </VirtualHost>
+---
+# Source: yourls/charts/mariadb/templates/headless-svc.yaml
+apiVersion: v1
+kind: Service
+metadata:
+  name: yourls-mariadb-headless
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+spec:
+  type: ClusterIP
+  publishNotReadyAddresses: true
+  clusterIP: None
+  ports:
+    - name: mysql
+      port: 3306
+      protocol: TCP
+      targetPort: mysql
+  selector:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+---
+# Source: yourls/charts/mariadb/templates/primary/svc.yaml
+apiVersion: v1
+kind: Service
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+    app.kubernetes.io/component: primary
+  annotations:
+spec:
+  type: ClusterIP
+  sessionAffinity: None
+  ports:
+    - name: mysql
+      port: 3306
+      protocol: TCP
+      targetPort: mysql
+      nodePort: null
+  selector:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/component: primary
+---
+# Source: yourls/templates/metrics-svc.yaml
+apiVersion: v1
+kind: Service
+metadata:
+  name: yourls-metrics
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
+    app.kubernetes.io/component: metrics
+  annotations:
+    prometheus.io/port: "9117"
+    prometheus.io/scrape: "true"
+spec:
+  type: ClusterIP
+  ports:
+    - name: metrics
+      port: 9117
+      protocol: TCP
+      targetPort: metrics
+  selector:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: yourls
+---
+# Source: yourls/templates/service.yaml
+apiVersion: v1
+kind: Service
+metadata:
+  name: yourls
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
+spec:
+  type: ClusterIP
+  ports:
+    - name: http
+      port: 80
+      protocol: TCP
+      targetPort: http
+      nodePort: null
+    - name: https
+      port: 443
+      protocol: TCP
+      targetPort: https
+      nodePort: null
+  selector:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: yourls
+---
+# Source: yourls/templates/deployment.yaml
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: yourls
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
+spec:
+  selector:
+    matchLabels:
+      app.kubernetes.io/instance: yourls
+      app.kubernetes.io/name: yourls
+  strategy:
+    type: RollingUpdate
+  replicas: 1
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/instance: yourls
+        app.kubernetes.io/managed-by: Helm
+        app.kubernetes.io/name: yourls
+      annotations:
+        prometheus.io/port: '9117'
+        prometheus.io/scrape: "true"
+    spec:
+      serviceAccountName: default
+      # yamllint disable rule:indentation
+      hostAliases:
+        - hostnames:
+            - status.localhost
+          ip: 127.0.0.1
+      # yamllint enable rule:indentation
+      affinity:
+        podAffinity:
+        podAntiAffinity:
+          preferredDuringSchedulingIgnoredDuringExecution:
+            - podAffinityTerm:
+                labelSelector:
+                  matchLabels:
+                    app.kubernetes.io/instance: yourls
+                    app.kubernetes.io/name: yourls
+                topologyKey: kubernetes.io/hostname
+              weight: 1
+        nodeAffinity:
+      securityContext:
+        fsGroup: 1001
+      containers:
+        - name: yourls
+          image: docker.io/yourls:1.9.1-fpm-alpine
+          imagePullPolicy: "Always"
+          env:
+            - name: APP_DEBUG
+              value: "false"
+            - name: ALLOW_EMPTY_PASSWORD
+              value: "yes"
+            - name: MARIADB_HOST
+              value: "yourls-mariadb"
+            - name: MARIADB_PORT_NUMBER
+              value: "3306"
+            - name: YOURLS_DB_HOST
+              value: yourls-mariadb:3306
+            - name: YOURLS_DB_NAME
+              value: "yourls"
+            - name: YOURLS_DB_USER
+              value: "yourls"
+            - name: YOURLS_DB_PASS
+              valueFrom:
+                secretKeyRef:
+                  name: yourls-mariadb
+                  key: mariadb-password
+            - name: YOURLS_DB_PREFIX
+              value: "yourls_"
+            - name: YOURLS_SITE
+              value: "http://yourls"
+            - name: YOURLS_USER
+              valueFrom:
+                secretKeyRef:
+                  name: yourls
+                  key: username
+            - name: YOURLS_PASS
+              valueFrom:
+                secretKeyRef:
+                  name: yourls
+                  key: password
+            - name: APACHE_HTTP_PORT_NUMBER
+              value: "80"
+            - name: APACHE_HTTPS_PORT_NUMBER
+              value: "443"
+          envFrom:
+          ports:
+            - name: http
+              containerPort: 80
+            - name: https
+              containerPort: 443
+          livenessProbe:
+            failureThreshold: 6
+            httpGet:
+              httpHeaders: []
+              path: /admin/install.php
+              port: http
+            initialDelaySeconds: 120
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 5
+          readinessProbe:
+            failureThreshold: 6
+            httpGet:
+              httpHeaders: []
+              path: /admin/install.php
+              port: http
+            initialDelaySeconds: 30
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 5
+          resources:
+            limits: {}
+            requests:
+              cpu: 300m
+              memory: 512Mi
+          volumeMounts:
+            - mountPath: /var/www/html
+              name: yourls-data
+            - name: apache-metrics
+              mountPath: /etc/apache2/sites-available/00_status-vhost.conf
+              subPath: 00_status-vhost.conf
+        - name: metrics
+          image: docker.io/bitnami/apache-exporter:1.0.9-debian-12-r16
+          imagePullPolicy: "Always"
+          command:
+            - /bin/apache_exporter
+            - --scrape_uri
+            - http://status.localhost:80/server-status/?auto
+          ports:
+            - name: metrics
+              containerPort: 9117
+          livenessProbe:
+            failureThreshold: 3
+            initialDelaySeconds: 15
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 5
+            httpGet:
+              path: /metrics
+              port: metrics
+          readinessProbe:
+            failureThreshold: 3
+            initialDelaySeconds: 5
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 3
+            httpGet:
+              path: /metrics
+              port: metrics
+          resources:
+            limits:
+              cpu: 150m
+              ephemeral-storage: 2Gi
+              memory: 192Mi
+            requests:
+              cpu: 100m
+              ephemeral-storage: 50Mi
+              memory: 128Mi
+          securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            privileged: false
+            readOnlyRootFilesystem: true
+            runAsGroup: 1001
+            runAsNonRoot: true
+            runAsUser: 1001
+            seLinuxOptions: {}
+            seccompProfile:
+              type: RuntimeDefault
+      volumes:
+        - name: apache-metrics
+          configMap:
+            name: yourls-apache-metrics
+            defaultMode: 0644
+        - name: yourls-data
+          persistentVolumeClaim:
+            claimName: yourls-config-pvc
+---
+# Source: yourls/charts/mariadb/templates/primary/statefulset.yaml
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+    app.kubernetes.io/component: primary
+spec:
+  replicas: 1
+  revisionHistoryLimit: 10
+  selector:
+    matchLabels:
+      app.kubernetes.io/instance: yourls
+      app.kubernetes.io/name: mariadb
+      app.kubernetes.io/part-of: mariadb
+      app.kubernetes.io/component: primary
+  serviceName: yourls-mariadb-headless
+  updateStrategy:
+    type: RollingUpdate
+  template:
+    metadata:
+      annotations:
+        checksum/configuration: 95e20bb77efbec9f80d769c228d6218631af498103b169e9586bac40e86c5318
+      labels:
+        app.kubernetes.io/instance: yourls
+        app.kubernetes.io/managed-by: Helm
+        app.kubernetes.io/name: mariadb
+        app.kubernetes.io/part-of: mariadb
+        app.kubernetes.io/component: primary
+    spec:
+      automountServiceAccountToken: false
+      serviceAccountName: yourls-mariadb
+      affinity:
+        podAffinity:
+        podAntiAffinity:
+          preferredDuringSchedulingIgnoredDuringExecution:
+            - podAffinityTerm:
+                labelSelector:
+                  matchLabels:
+                    app.kubernetes.io/instance: yourls
+                    app.kubernetes.io/name: mariadb
+                    app.kubernetes.io/component: primary
+                topologyKey: kubernetes.io/hostname
+              weight: 1
+        nodeAffinity:
+      securityContext:
+        fsGroup: 1001
+        fsGroupChangePolicy: Always
+        supplementalGroups: []
+        sysctls: []
+      initContainers:
+        - name: preserve-logs-symlinks
+          image: docker.io/bitnami/mariadb:11.4.5-debian-12-r2
+          imagePullPolicy: "IfNotPresent"
+          securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            privileged: false
+            readOnlyRootFilesystem: true
+            runAsGroup: 1001
+            runAsNonRoot: true
+            runAsUser: 1001
+            seLinuxOptions: {}
+            seccompProfile:
+              type: RuntimeDefault
+          resources:
+            limits:
+              cpu: 750m
+              ephemeral-storage: 2Gi
+              memory: 768Mi
+            requests:
+              cpu: 500m
+              ephemeral-storage: 50Mi
+              memory: 512Mi
+          command:
+            - /bin/bash
+          args:
+            - -ec
+            - |
+              #!/bin/bash
+
+              . /opt/bitnami/scripts/libfs.sh
+              # We copy the logs folder because it has symlinks to stdout and stderr
+              if ! is_dir_empty /opt/bitnami/mariadb/logs; then
+                cp -r /opt/bitnami/mariadb/logs /emptydir/app-logs-dir
+              fi
+          volumeMounts:
+            - name: empty-dir
+              mountPath: /emptydir
+      containers:
+        - name: mariadb
+          image: docker.io/bitnami/mariadb:11.4.5-debian-12-r2
+          imagePullPolicy: "IfNotPresent"
+          securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            privileged: false
+            readOnlyRootFilesystem: true
+            runAsGroup: 1001
+            runAsNonRoot: true
+            runAsUser: 1001
+            seLinuxOptions: {}
+            seccompProfile:
+              type: RuntimeDefault
+          env:
+            - name: BITNAMI_DEBUG
+              value: "false"
+            - name: MARIADB_ROOT_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: yourls-mariadb
+                  key: mariadb-root-password
+            - name: MARIADB_USER
+              value: "yourls"
+            - name: MARIADB_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: yourls-mariadb
+                  key: mariadb-password
+            - name: MARIADB_DATABASE
+              value: "yourls"
+            - name: MARIADB_ENABLE_SSL
+              value: "no"
+          ports:
+            - name: mysql
+              containerPort: 3306
+          livenessProbe:
+            failureThreshold: 3
+            initialDelaySeconds: 120
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 1
+            exec:
+              command:
+                - /bin/bash
+                - -ec
+                - |
+                  password_aux="${MARIADB_ROOT_PASSWORD:-}"
+                  if [[ -f "${MARIADB_ROOT_PASSWORD_FILE:-}" ]]; then
+                      password_aux=$(cat "$MARIADB_ROOT_PASSWORD_FILE")
+                  fi
+                  mariadb-admin status -uroot -p"${password_aux}"
+          readinessProbe:
+            failureThreshold: 3
+            initialDelaySeconds: 30
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 1
+            exec:
+              command:
+                - /bin/bash
+                - -ec
+                - |
+                  password_aux="${MARIADB_ROOT_PASSWORD:-}"
+                  if [[ -f "${MARIADB_ROOT_PASSWORD_FILE:-}" ]]; then
+                      password_aux=$(cat "$MARIADB_ROOT_PASSWORD_FILE")
+                  fi
+                  mariadb-admin ping -uroot -p"${password_aux}"
+          resources:
+            limits:
+              cpu: 750m
+              ephemeral-storage: 2Gi
+              memory: 768Mi
+            requests:
+              cpu: 500m
+              ephemeral-storage: 50Mi
+              memory: 512Mi
+          volumeMounts:
+            - name: data
+              mountPath: /bitnami/mariadb
+            - name: config
+              mountPath: /opt/bitnami/mariadb/conf/my.cnf
+              subPath: my.cnf
+            - name: empty-dir
+              mountPath: /tmp
+              subPath: tmp-dir
+            - name: empty-dir
+              mountPath: /opt/bitnami/mariadb/conf
+              subPath: app-conf-dir
+            - name: empty-dir
+              mountPath: /opt/bitnami/mariadb/tmp
+              subPath: app-tmp-dir
+            - name: empty-dir
+              mountPath: /opt/bitnami/mariadb/logs
+              subPath: app-logs-dir
+      volumes:
+        - name: empty-dir
+          emptyDir: {}
+        - name: config
+          configMap:
+            name: yourls-mariadb
+  volumeClaimTemplates:
+    - metadata:
+        name: data
+        labels:
+          app.kubernetes.io/instance: yourls
+          app.kubernetes.io/name: mariadb
+          app.kubernetes.io/component: primary
+      spec:
+        accessModes:
+          - "ReadWriteOnce"
+        resources:
+          requests:
+            storage: "8Gi"
+---
+# Source: yourls/templates/ingress.yaml
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: yourls
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
+  annotations:
+    external-dns.alpha.kubernetes.io/target: ipv4.${SECRET_DOMAIN}
+    external-dns/is-public: "true"
+    haproxy-ingress-proxy.pfsense.org/backend: nginx-443
+    haproxy-ingress-proxy.pfsense.org/enabled: "true"
+    haproxy-ingress-proxy.pfsense.org/frontend: https-443
+    kubernetes.io/ingress.class: nginx
+spec:
+  rules:
+    - host: "yourls.local"
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: yourls
+                port:
+                  name: http

github-actions · 2025-02-20T21:57:15Z

Path: cluster/apps/collab/yourls/helm-release.yaml
Version: 5.2.7 -> 7.1.15

@@ -1 +1,691 @@
+# Source: yourls/charts/mariadb/templates/networkpolicy.yaml
+kind: NetworkPolicy
+apiVersion: networking.k8s.io/v1
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+spec:
+  podSelector:
+    matchLabels:
+      app.kubernetes.io/instance: yourls
+      app.kubernetes.io/managed-by: Helm
+      app.kubernetes.io/name: mariadb
+      app.kubernetes.io/version: 11.4.5
+      helm.sh/chart: mariadb-20.3.1
+  policyTypes:
+    - Ingress
+    - Egress
+  egress:
+    - {}
+  ingress:
+    - ports:
+        - port: 3306
+        - port: 3306
+---
+# Source: yourls/charts/mariadb/templates/primary/pdb.yaml
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+    app.kubernetes.io/component: primary
+spec:
+  maxUnavailable: 1
+  selector:
+    matchLabels:
+      app.kubernetes.io/instance: yourls
+      app.kubernetes.io/name: mariadb
+      app.kubernetes.io/component: primary
+---
+# Source: yourls/charts/mariadb/templates/serviceaccount.yaml
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+automountServiceAccountToken: false
+---
+# Source: yourls/charts/mariadb/templates/secrets.yaml
+apiVersion: v1
+kind: Secret
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+type: Opaque
+data:
+  mariadb-root-password: "U0w1SW9LNE5BdA=="
+  mariadb-password: "NkRxcUVmSXl2ZQ=="
+---
+# Source: yourls/templates/secrets.yaml
+apiVersion: v1
+kind: Secret
+metadata:
+  name: yourls
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
+type: kubernetes.io/basic-auth
+data:
+  username: "ZGZyb2Jlcmc="
+  password: "JHtTRUNSRVRfWU9VUkxTX0FETUlOX1BBU1NXT1JEfQ=="
+---
+# Source: yourls/charts/mariadb/templates/primary/configmap.yaml
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+    app.kubernetes.io/component: primary
+data:
+  my.cnf: |-
+    [mysqld]
+    skip-name-resolve
+    explicit_defaults_for_timestamp
+    basedir=/opt/bitnami/mariadb
+    datadir=/bitnami/mariadb/data
+    plugin_dir=/opt/bitnami/mariadb/plugin
+    port=3306
+    socket=/opt/bitnami/mariadb/tmp/mysql.sock
+    tmpdir=/opt/bitnami/mariadb/tmp
+    max_allowed_packet=16M
+    bind-address=*
+    pid-file=/opt/bitnami/mariadb/tmp/mysqld.pid
+    log-error=/opt/bitnami/mariadb/logs/mysqld.log
+    character-set-server=UTF8
+    collation-server=utf8_general_ci
+    slow_query_log=0
+    long_query_time=10.0
+    binlog_expire_logs_seconds=2592000
 
+    [client]
+    port=3306
+    socket=/opt/bitnami/mariadb/tmp/mysql.sock
+    default-character-set=UTF8
+    plugin_dir=/opt/bitnami/mariadb/plugin
+
+    [manager]
+    port=3306
+    socket=/opt/bitnami/mariadb/tmp/mysql.sock
+    pid-file=/opt/bitnami/mariadb/tmp/mysqld.pid
+---
+# Source: yourls/templates/metrics-httpd-configmap.yaml
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: yourls-apache-metrics
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
+data:
+  00_status-vhost.conf: |-
+    <VirtualHost 127.0.0.1:80>
+      ServerName status.localhost
+      <Location /server-status>
+        Require local
+        SetHandler server-status
+      </Location>
+    </VirtualHost>
+---
+# Source: yourls/charts/mariadb/templates/headless-svc.yaml
+apiVersion: v1
+kind: Service
+metadata:
+  name: yourls-mariadb-headless
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+spec:
+  type: ClusterIP
+  publishNotReadyAddresses: true
+  clusterIP: None
+  ports:
+    - name: mysql
+      port: 3306
+      protocol: TCP
+      targetPort: mysql
+  selector:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+---
+# Source: yourls/charts/mariadb/templates/primary/svc.yaml
+apiVersion: v1
+kind: Service
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+    app.kubernetes.io/component: primary
+  annotations:
+spec:
+  type: ClusterIP
+  sessionAffinity: None
+  ports:
+    - name: mysql
+      port: 3306
+      protocol: TCP
+      targetPort: mysql
+      nodePort: null
+  selector:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/component: primary
+---
+# Source: yourls/templates/metrics-svc.yaml
+apiVersion: v1
+kind: Service
+metadata:
+  name: yourls-metrics
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
+    app.kubernetes.io/component: metrics
+  annotations:
+    prometheus.io/port: "9117"
+    prometheus.io/scrape: "true"
+spec:
+  type: ClusterIP
+  ports:
+    - name: metrics
+      port: 9117
+      protocol: TCP
+      targetPort: metrics
+  selector:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: yourls
+---
+# Source: yourls/templates/service.yaml
+apiVersion: v1
+kind: Service
+metadata:
+  name: yourls
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
+spec:
+  type: ClusterIP
+  ports:
+    - name: http
+      port: 80
+      protocol: TCP
+      targetPort: http
+      nodePort: null
+    - name: https
+      port: 443
+      protocol: TCP
+      targetPort: https
+      nodePort: null
+  selector:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: yourls
+---
+# Source: yourls/templates/deployment.yaml
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: yourls
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
+spec:
+  selector:
+    matchLabels:
+      app.kubernetes.io/instance: yourls
+      app.kubernetes.io/name: yourls
+  strategy:
+    type: RollingUpdate
+  replicas: 1
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/instance: yourls
+        app.kubernetes.io/managed-by: Helm
+        app.kubernetes.io/name: yourls
+      annotations:
+        prometheus.io/port: '9117'
+        prometheus.io/scrape: "true"
+    spec:
+      serviceAccountName: default
+      # yamllint disable rule:indentation
+      hostAliases:
+        - hostnames:
+            - status.localhost
+          ip: 127.0.0.1
+      # yamllint enable rule:indentation
+      affinity:
+        podAffinity:
+        podAntiAffinity:
+          preferredDuringSchedulingIgnoredDuringExecution:
+            - podAffinityTerm:
+                labelSelector:
+                  matchLabels:
+                    app.kubernetes.io/instance: yourls
+                    app.kubernetes.io/name: yourls
+                topologyKey: kubernetes.io/hostname
+              weight: 1
+        nodeAffinity:
+      securityContext:
+        fsGroup: 1001
+      containers:
+        - name: yourls
+          image: docker.io/yourls:1.9.1-fpm-alpine
+          imagePullPolicy: "Always"
+          env:
+            - name: APP_DEBUG
+              value: "false"
+            - name: ALLOW_EMPTY_PASSWORD
+              value: "yes"
+            - name: MARIADB_HOST
+              value: "yourls-mariadb"
+            - name: MARIADB_PORT_NUMBER
+              value: "3306"
+            - name: YOURLS_DB_HOST
+              value: yourls-mariadb:3306
+            - name: YOURLS_DB_NAME
+              value: "yourls"
+            - name: YOURLS_DB_USER
+              value: "yourls"
+            - name: YOURLS_DB_PASS
+              valueFrom:
+                secretKeyRef:
+                  name: yourls-mariadb
+                  key: mariadb-password
+            - name: YOURLS_DB_PREFIX
+              value: "yourls_"
+            - name: YOURLS_SITE
+              value: "http://yourls"
+            - name: YOURLS_USER
+              valueFrom:
+                secretKeyRef:
+                  name: yourls
+                  key: username
+            - name: YOURLS_PASS
+              valueFrom:
+                secretKeyRef:
+                  name: yourls
+                  key: password
+            - name: APACHE_HTTP_PORT_NUMBER
+              value: "80"
+            - name: APACHE_HTTPS_PORT_NUMBER
+              value: "443"
+          envFrom:
+          ports:
+            - name: http
+              containerPort: 80
+            - name: https
+              containerPort: 443
+          livenessProbe:
+            failureThreshold: 6
+            httpGet:
+              httpHeaders: []
+              path: /admin/install.php
+              port: http
+            initialDelaySeconds: 120
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 5
+          readinessProbe:
+            failureThreshold: 6
+            httpGet:
+              httpHeaders: []
+              path: /admin/install.php
+              port: http
+            initialDelaySeconds: 30
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 5
+          resources:
+            limits: {}
+            requests:
+              cpu: 300m
+              memory: 512Mi
+          volumeMounts:
+            - mountPath: /var/www/html
+              name: yourls-data
+            - name: apache-metrics
+              mountPath: /etc/apache2/sites-available/00_status-vhost.conf
+              subPath: 00_status-vhost.conf
+        - name: metrics
+          image: docker.io/bitnami/apache-exporter:1.0.9-debian-12-r16
+          imagePullPolicy: "Always"
+          command:
+            - /bin/apache_exporter
+            - --scrape_uri
+            - http://status.localhost:80/server-status/?auto
+          ports:
+            - name: metrics
+              containerPort: 9117
+          livenessProbe:
+            failureThreshold: 3
+            initialDelaySeconds: 15
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 5
+            httpGet:
+              path: /metrics
+              port: metrics
+          readinessProbe:
+            failureThreshold: 3
+            initialDelaySeconds: 5
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 3
+            httpGet:
+              path: /metrics
+              port: metrics
+          resources:
+            limits:
+              cpu: 150m
+              ephemeral-storage: 2Gi
+              memory: 192Mi
+            requests:
+              cpu: 100m
+              ephemeral-storage: 50Mi
+              memory: 128Mi
+          securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            privileged: false
+            readOnlyRootFilesystem: true
+            runAsGroup: 1001
+            runAsNonRoot: true
+            runAsUser: 1001
+            seLinuxOptions: {}
+            seccompProfile:
+              type: RuntimeDefault
+      volumes:
+        - name: apache-metrics
+          configMap:
+            name: yourls-apache-metrics
+            defaultMode: 0644
+        - name: yourls-data
+          persistentVolumeClaim:
+            claimName: yourls-config-pvc
+---
+# Source: yourls/charts/mariadb/templates/primary/statefulset.yaml
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+    app.kubernetes.io/component: primary
+spec:
+  replicas: 1
+  revisionHistoryLimit: 10
+  selector:
+    matchLabels:
+      app.kubernetes.io/instance: yourls
+      app.kubernetes.io/name: mariadb
+      app.kubernetes.io/part-of: mariadb
+      app.kubernetes.io/component: primary
+  serviceName: yourls-mariadb-headless
+  updateStrategy:
+    type: RollingUpdate
+  template:
+    metadata:
+      annotations:
+        checksum/configuration: bc4b40fe9dc10df074aa2e9f0d0e0b6d54901bf5b749b8ba9cb187d54cc82868
+      labels:
+        app.kubernetes.io/instance: yourls
+        app.kubernetes.io/managed-by: Helm
+        app.kubernetes.io/name: mariadb
+        app.kubernetes.io/part-of: mariadb
+        app.kubernetes.io/component: primary
+    spec:
+      automountServiceAccountToken: false
+      serviceAccountName: yourls-mariadb
+      affinity:
+        podAffinity:
+        podAntiAffinity:
+          preferredDuringSchedulingIgnoredDuringExecution:
+            - podAffinityTerm:
+                labelSelector:
+                  matchLabels:
+                    app.kubernetes.io/instance: yourls
+                    app.kubernetes.io/name: mariadb
+                    app.kubernetes.io/component: primary
+                topologyKey: kubernetes.io/hostname
+              weight: 1
+        nodeAffinity:
+      securityContext:
+        fsGroup: 1001
+        fsGroupChangePolicy: Always
+        supplementalGroups: []
+        sysctls: []
+      initContainers:
+        - name: preserve-logs-symlinks
+          image: docker.io/bitnami/mariadb:11.4.5-debian-12-r4
+          imagePullPolicy: "IfNotPresent"
+          securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            privileged: false
+            readOnlyRootFilesystem: true
+            runAsGroup: 1001
+            runAsNonRoot: true
+            runAsUser: 1001
+            seLinuxOptions: {}
+            seccompProfile:
+              type: RuntimeDefault
+          resources:
+            limits:
+              cpu: 750m
+              ephemeral-storage: 2Gi
+              memory: 768Mi
+            requests:
+              cpu: 500m
+              ephemeral-storage: 50Mi
+              memory: 512Mi
+          command:
+            - /bin/bash
+          args:
+            - -ec
+            - |
+              #!/bin/bash
+
+              . /opt/bitnami/scripts/libfs.sh
+              # We copy the logs folder because it has symlinks to stdout and stderr
+              if ! is_dir_empty /opt/bitnami/mariadb/logs; then
+                cp -r /opt/bitnami/mariadb/logs /emptydir/app-logs-dir
+              fi
+          volumeMounts:
+            - name: empty-dir
+              mountPath: /emptydir
+      containers:
+        - name: mariadb
+          image: docker.io/bitnami/mariadb:11.4.5-debian-12-r4
+          imagePullPolicy: "IfNotPresent"
+          securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            privileged: false
+            readOnlyRootFilesystem: true
+            runAsGroup: 1001
+            runAsNonRoot: true
+            runAsUser: 1001
+            seLinuxOptions: {}
+            seccompProfile:
+              type: RuntimeDefault
+          env:
+            - name: BITNAMI_DEBUG
+              value: "false"
+            - name: MARIADB_ROOT_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: yourls-mariadb
+                  key: mariadb-root-password
+            - name: MARIADB_USER
+              value: "yourls"
+            - name: MARIADB_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: yourls-mariadb
+                  key: mariadb-password
+            - name: MARIADB_DATABASE
+              value: "yourls"
+            - name: MARIADB_ENABLE_SSL
+              value: "no"
+          ports:
+            - name: mysql
+              containerPort: 3306
+          livenessProbe:
+            failureThreshold: 3
+            initialDelaySeconds: 120
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 1
+            exec:
+              command:
+                - /bin/bash
+                - -ec
+                - |
+                  password_aux="${MARIADB_ROOT_PASSWORD:-}"
+                  if [[ -f "${MARIADB_ROOT_PASSWORD_FILE:-}" ]]; then
+                      password_aux=$(cat "$MARIADB_ROOT_PASSWORD_FILE")
+                  fi
+                  mariadb-admin status -uroot -p"${password_aux}"
+          readinessProbe:
+            failureThreshold: 3
+            initialDelaySeconds: 30
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 1
+            exec:
+              command:
+                - /bin/bash
+                - -ec
+                - |
+                  password_aux="${MARIADB_ROOT_PASSWORD:-}"
+                  if [[ -f "${MARIADB_ROOT_PASSWORD_FILE:-}" ]]; then
+                      password_aux=$(cat "$MARIADB_ROOT_PASSWORD_FILE")
+                  fi
+                  mariadb-admin ping -uroot -p"${password_aux}"
+          resources:
+            limits:
+              cpu: 750m
+              ephemeral-storage: 2Gi
+              memory: 768Mi
+            requests:
+              cpu: 500m
+              ephemeral-storage: 50Mi
+              memory: 512Mi
+          volumeMounts:
+            - name: data
+              mountPath: /bitnami/mariadb
+            - name: config
+              mountPath: /opt/bitnami/mariadb/conf/my.cnf
+              subPath: my.cnf
+            - name: empty-dir
+              mountPath: /tmp
+              subPath: tmp-dir
+            - name: empty-dir
+              mountPath: /opt/bitnami/mariadb/conf
+              subPath: app-conf-dir
+            - name: empty-dir
+              mountPath: /opt/bitnami/mariadb/tmp
+              subPath: app-tmp-dir
+            - name: empty-dir
+              mountPath: /opt/bitnami/mariadb/logs
+              subPath: app-logs-dir
+      volumes:
+        - name: empty-dir
+          emptyDir: {}
+        - name: config
+          configMap:
+            name: yourls-mariadb
+  volumeClaimTemplates:
+    - metadata:
+        name: data
+        labels:
+          app.kubernetes.io/instance: yourls
+          app.kubernetes.io/name: mariadb
+          app.kubernetes.io/component: primary
+      spec:
+        accessModes:
+          - "ReadWriteOnce"
+        resources:
+          requests:
+            storage: "8Gi"
+---
+# Source: yourls/templates/ingress.yaml
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: yourls
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
+  annotations:
+    external-dns.alpha.kubernetes.io/target: ipv4.${SECRET_DOMAIN}
+    external-dns/is-public: "true"
+    haproxy-ingress-proxy.pfsense.org/backend: nginx-443
+    haproxy-ingress-proxy.pfsense.org/enabled: "true"
+    haproxy-ingress-proxy.pfsense.org/frontend: https-443
+    kubernetes.io/ingress.class: nginx
+spec:
+  rules:
+    - host: "yourls.local"
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: yourls
+                port:
+                  name: http

github-actions · 2025-02-21T18:11:28Z

Path: cluster/apps/collab/yourls/helm-release.yaml
Version: 5.2.7 -> 7.1.16

@@ -1 +1,691 @@
+# Source: yourls/charts/mariadb/templates/networkpolicy.yaml
+kind: NetworkPolicy
+apiVersion: networking.k8s.io/v1
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+spec:
+  podSelector:
+    matchLabels:
+      app.kubernetes.io/instance: yourls
+      app.kubernetes.io/managed-by: Helm
+      app.kubernetes.io/name: mariadb
+      app.kubernetes.io/version: 11.4.5
+      helm.sh/chart: mariadb-20.3.1
+  policyTypes:
+    - Ingress
+    - Egress
+  egress:
+    - {}
+  ingress:
+    - ports:
+        - port: 3306
+        - port: 3306
+---
+# Source: yourls/charts/mariadb/templates/primary/pdb.yaml
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+    app.kubernetes.io/component: primary
+spec:
+  maxUnavailable: 1
+  selector:
+    matchLabels:
+      app.kubernetes.io/instance: yourls
+      app.kubernetes.io/name: mariadb
+      app.kubernetes.io/component: primary
+---
+# Source: yourls/charts/mariadb/templates/serviceaccount.yaml
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+automountServiceAccountToken: false
+---
+# Source: yourls/charts/mariadb/templates/secrets.yaml
+apiVersion: v1
+kind: Secret
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+type: Opaque
+data:
+  mariadb-root-password: "QnJMbVRvT1g3TQ=="
+  mariadb-password: "NlhQblJZM2xaTw=="
+---
+# Source: yourls/templates/secrets.yaml
+apiVersion: v1
+kind: Secret
+metadata:
+  name: yourls
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
+type: kubernetes.io/basic-auth
+data:
+  username: "ZGZyb2Jlcmc="
+  password: "JHtTRUNSRVRfWU9VUkxTX0FETUlOX1BBU1NXT1JEfQ=="
+---
+# Source: yourls/charts/mariadb/templates/primary/configmap.yaml
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+    app.kubernetes.io/component: primary
+data:
+  my.cnf: |-
+    [mysqld]
+    skip-name-resolve
+    explicit_defaults_for_timestamp
+    basedir=/opt/bitnami/mariadb
+    datadir=/bitnami/mariadb/data
+    plugin_dir=/opt/bitnami/mariadb/plugin
+    port=3306
+    socket=/opt/bitnami/mariadb/tmp/mysql.sock
+    tmpdir=/opt/bitnami/mariadb/tmp
+    max_allowed_packet=16M
+    bind-address=*
+    pid-file=/opt/bitnami/mariadb/tmp/mysqld.pid
+    log-error=/opt/bitnami/mariadb/logs/mysqld.log
+    character-set-server=UTF8
+    collation-server=utf8_general_ci
+    slow_query_log=0
+    long_query_time=10.0
+    binlog_expire_logs_seconds=2592000
 
+    [client]
+    port=3306
+    socket=/opt/bitnami/mariadb/tmp/mysql.sock
+    default-character-set=UTF8
+    plugin_dir=/opt/bitnami/mariadb/plugin
+
+    [manager]
+    port=3306
+    socket=/opt/bitnami/mariadb/tmp/mysql.sock
+    pid-file=/opt/bitnami/mariadb/tmp/mysqld.pid
+---
+# Source: yourls/templates/metrics-httpd-configmap.yaml
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: yourls-apache-metrics
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
+data:
+  00_status-vhost.conf: |-
+    <VirtualHost 127.0.0.1:80>
+      ServerName status.localhost
+      <Location /server-status>
+        Require local
+        SetHandler server-status
+      </Location>
+    </VirtualHost>
+---
+# Source: yourls/charts/mariadb/templates/headless-svc.yaml
+apiVersion: v1
+kind: Service
+metadata:
+  name: yourls-mariadb-headless
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+spec:
+  type: ClusterIP
+  publishNotReadyAddresses: true
+  clusterIP: None
+  ports:
+    - name: mysql
+      port: 3306
+      protocol: TCP
+      targetPort: mysql
+  selector:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+---
+# Source: yourls/charts/mariadb/templates/primary/svc.yaml
+apiVersion: v1
+kind: Service
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+    app.kubernetes.io/component: primary
+  annotations:
+spec:
+  type: ClusterIP
+  sessionAffinity: None
+  ports:
+    - name: mysql
+      port: 3306
+      protocol: TCP
+      targetPort: mysql
+      nodePort: null
+  selector:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/component: primary
+---
+# Source: yourls/templates/metrics-svc.yaml
+apiVersion: v1
+kind: Service
+metadata:
+  name: yourls-metrics
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
+    app.kubernetes.io/component: metrics
+  annotations:
+    prometheus.io/port: "9117"
+    prometheus.io/scrape: "true"
+spec:
+  type: ClusterIP
+  ports:
+    - name: metrics
+      port: 9117
+      protocol: TCP
+      targetPort: metrics
+  selector:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: yourls
+---
+# Source: yourls/templates/service.yaml
+apiVersion: v1
+kind: Service
+metadata:
+  name: yourls
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
+spec:
+  type: ClusterIP
+  ports:
+    - name: http
+      port: 80
+      protocol: TCP
+      targetPort: http
+      nodePort: null
+    - name: https
+      port: 443
+      protocol: TCP
+      targetPort: https
+      nodePort: null
+  selector:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: yourls
+---
+# Source: yourls/templates/deployment.yaml
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: yourls
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
+spec:
+  selector:
+    matchLabels:
+      app.kubernetes.io/instance: yourls
+      app.kubernetes.io/name: yourls
+  strategy:
+    type: RollingUpdate
+  replicas: 1
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/instance: yourls
+        app.kubernetes.io/managed-by: Helm
+        app.kubernetes.io/name: yourls
+      annotations:
+        prometheus.io/port: '9117'
+        prometheus.io/scrape: "true"
+    spec:
+      serviceAccountName: default
+      # yamllint disable rule:indentation
+      hostAliases:
+        - hostnames:
+            - status.localhost
+          ip: 127.0.0.1
+      # yamllint enable rule:indentation
+      affinity:
+        podAffinity:
+        podAntiAffinity:
+          preferredDuringSchedulingIgnoredDuringExecution:
+            - podAffinityTerm:
+                labelSelector:
+                  matchLabels:
+                    app.kubernetes.io/instance: yourls
+                    app.kubernetes.io/name: yourls
+                topologyKey: kubernetes.io/hostname
+              weight: 1
+        nodeAffinity:
+      securityContext:
+        fsGroup: 1001
+      containers:
+        - name: yourls
+          image: docker.io/yourls:1.9.1-fpm-alpine
+          imagePullPolicy: "Always"
+          env:
+            - name: APP_DEBUG
+              value: "false"
+            - name: ALLOW_EMPTY_PASSWORD
+              value: "yes"
+            - name: MARIADB_HOST
+              value: "yourls-mariadb"
+            - name: MARIADB_PORT_NUMBER
+              value: "3306"
+            - name: YOURLS_DB_HOST
+              value: yourls-mariadb:3306
+            - name: YOURLS_DB_NAME
+              value: "yourls"
+            - name: YOURLS_DB_USER
+              value: "yourls"
+            - name: YOURLS_DB_PASS
+              valueFrom:
+                secretKeyRef:
+                  name: yourls-mariadb
+                  key: mariadb-password
+            - name: YOURLS_DB_PREFIX
+              value: "yourls_"
+            - name: YOURLS_SITE
+              value: "http://yourls"
+            - name: YOURLS_USER
+              valueFrom:
+                secretKeyRef:
+                  name: yourls
+                  key: username
+            - name: YOURLS_PASS
+              valueFrom:
+                secretKeyRef:
+                  name: yourls
+                  key: password
+            - name: APACHE_HTTP_PORT_NUMBER
+              value: "80"
+            - name: APACHE_HTTPS_PORT_NUMBER
+              value: "443"
+          envFrom:
+          ports:
+            - name: http
+              containerPort: 80
+            - name: https
+              containerPort: 443
+          livenessProbe:
+            failureThreshold: 6
+            httpGet:
+              httpHeaders: []
+              path: /admin/install.php
+              port: http
+            initialDelaySeconds: 120
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 5
+          readinessProbe:
+            failureThreshold: 6
+            httpGet:
+              httpHeaders: []
+              path: /admin/install.php
+              port: http
+            initialDelaySeconds: 30
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 5
+          resources:
+            limits: {}
+            requests:
+              cpu: 300m
+              memory: 512Mi
+          volumeMounts:
+            - mountPath: /var/www/html
+              name: yourls-data
+            - name: apache-metrics
+              mountPath: /etc/apache2/sites-available/00_status-vhost.conf
+              subPath: 00_status-vhost.conf
+        - name: metrics
+          image: docker.io/bitnami/apache-exporter:1.0.9-debian-12-r16
+          imagePullPolicy: "Always"
+          command:
+            - /bin/apache_exporter
+            - --scrape_uri
+            - http://status.localhost:80/server-status/?auto
+          ports:
+            - name: metrics
+              containerPort: 9117
+          livenessProbe:
+            failureThreshold: 3
+            initialDelaySeconds: 15
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 5
+            httpGet:
+              path: /metrics
+              port: metrics
+          readinessProbe:
+            failureThreshold: 3
+            initialDelaySeconds: 5
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 3
+            httpGet:
+              path: /metrics
+              port: metrics
+          resources:
+            limits:
+              cpu: 150m
+              ephemeral-storage: 2Gi
+              memory: 192Mi
+            requests:
+              cpu: 100m
+              ephemeral-storage: 50Mi
+              memory: 128Mi
+          securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            privileged: false
+            readOnlyRootFilesystem: true
+            runAsGroup: 1001
+            runAsNonRoot: true
+            runAsUser: 1001
+            seLinuxOptions: {}
+            seccompProfile:
+              type: RuntimeDefault
+      volumes:
+        - name: apache-metrics
+          configMap:
+            name: yourls-apache-metrics
+            defaultMode: 0644
+        - name: yourls-data
+          persistentVolumeClaim:
+            claimName: yourls-config-pvc
+---
+# Source: yourls/charts/mariadb/templates/primary/statefulset.yaml
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+    app.kubernetes.io/component: primary
+spec:
+  replicas: 1
+  revisionHistoryLimit: 10
+  selector:
+    matchLabels:
+      app.kubernetes.io/instance: yourls
+      app.kubernetes.io/name: mariadb
+      app.kubernetes.io/part-of: mariadb
+      app.kubernetes.io/component: primary
+  serviceName: yourls-mariadb-headless
+  updateStrategy:
+    type: RollingUpdate
+  template:
+    metadata:
+      annotations:
+        checksum/configuration: bc4b40fe9dc10df074aa2e9f0d0e0b6d54901bf5b749b8ba9cb187d54cc82868
+      labels:
+        app.kubernetes.io/instance: yourls
+        app.kubernetes.io/managed-by: Helm
+        app.kubernetes.io/name: mariadb
+        app.kubernetes.io/part-of: mariadb
+        app.kubernetes.io/component: primary
+    spec:
+      automountServiceAccountToken: false
+      serviceAccountName: yourls-mariadb
+      affinity:
+        podAffinity:
+        podAntiAffinity:
+          preferredDuringSchedulingIgnoredDuringExecution:
+            - podAffinityTerm:
+                labelSelector:
+                  matchLabels:
+                    app.kubernetes.io/instance: yourls
+                    app.kubernetes.io/name: mariadb
+                    app.kubernetes.io/component: primary
+                topologyKey: kubernetes.io/hostname
+              weight: 1
+        nodeAffinity:
+      securityContext:
+        fsGroup: 1001
+        fsGroupChangePolicy: Always
+        supplementalGroups: []
+        sysctls: []
+      initContainers:
+        - name: preserve-logs-symlinks
+          image: docker.io/bitnami/mariadb:11.4.5-debian-12-r4
+          imagePullPolicy: "IfNotPresent"
+          securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            privileged: false
+            readOnlyRootFilesystem: true
+            runAsGroup: 1001
+            runAsNonRoot: true
+            runAsUser: 1001
+            seLinuxOptions: {}
+            seccompProfile:
+              type: RuntimeDefault
+          resources:
+            limits:
+              cpu: 750m
+              ephemeral-storage: 2Gi
+              memory: 768Mi
+            requests:
+              cpu: 500m
+              ephemeral-storage: 50Mi
+              memory: 512Mi
+          command:
+            - /bin/bash
+          args:
+            - -ec
+            - |
+              #!/bin/bash
+
+              . /opt/bitnami/scripts/libfs.sh
+              # We copy the logs folder because it has symlinks to stdout and stderr
+              if ! is_dir_empty /opt/bitnami/mariadb/logs; then
+                cp -r /opt/bitnami/mariadb/logs /emptydir/app-logs-dir
+              fi
+          volumeMounts:
+            - name: empty-dir
+              mountPath: /emptydir
+      containers:
+        - name: mariadb
+          image: docker.io/bitnami/mariadb:11.4.5-debian-12-r4
+          imagePullPolicy: "IfNotPresent"
+          securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            privileged: false
+            readOnlyRootFilesystem: true
+            runAsGroup: 1001
+            runAsNonRoot: true
+            runAsUser: 1001
+            seLinuxOptions: {}
+            seccompProfile:
+              type: RuntimeDefault
+          env:
+            - name: BITNAMI_DEBUG
+              value: "false"
+            - name: MARIADB_ROOT_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: yourls-mariadb
+                  key: mariadb-root-password
+            - name: MARIADB_USER
+              value: "yourls"
+            - name: MARIADB_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: yourls-mariadb
+                  key: mariadb-password
+            - name: MARIADB_DATABASE
+              value: "yourls"
+            - name: MARIADB_ENABLE_SSL
+              value: "no"
+          ports:
+            - name: mysql
+              containerPort: 3306
+          livenessProbe:
+            failureThreshold: 3
+            initialDelaySeconds: 120
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 1
+            exec:
+              command:
+                - /bin/bash
+                - -ec
+                - |
+                  password_aux="${MARIADB_ROOT_PASSWORD:-}"
+                  if [[ -f "${MARIADB_ROOT_PASSWORD_FILE:-}" ]]; then
+                      password_aux=$(cat "$MARIADB_ROOT_PASSWORD_FILE")
+                  fi
+                  mariadb-admin status -uroot -p"${password_aux}"
+          readinessProbe:
+            failureThreshold: 3
+            initialDelaySeconds: 30
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 1
+            exec:
+              command:
+                - /bin/bash
+                - -ec
+                - |
+                  password_aux="${MARIADB_ROOT_PASSWORD:-}"
+                  if [[ -f "${MARIADB_ROOT_PASSWORD_FILE:-}" ]]; then
+                      password_aux=$(cat "$MARIADB_ROOT_PASSWORD_FILE")
+                  fi
+                  mariadb-admin ping -uroot -p"${password_aux}"
+          resources:
+            limits:
+              cpu: 750m
+              ephemeral-storage: 2Gi
+              memory: 768Mi
+            requests:
+              cpu: 500m
+              ephemeral-storage: 50Mi
+              memory: 512Mi
+          volumeMounts:
+            - name: data
+              mountPath: /bitnami/mariadb
+            - name: config
+              mountPath: /opt/bitnami/mariadb/conf/my.cnf
+              subPath: my.cnf
+            - name: empty-dir
+              mountPath: /tmp
+              subPath: tmp-dir
+            - name: empty-dir
+              mountPath: /opt/bitnami/mariadb/conf
+              subPath: app-conf-dir
+            - name: empty-dir
+              mountPath: /opt/bitnami/mariadb/tmp
+              subPath: app-tmp-dir
+            - name: empty-dir
+              mountPath: /opt/bitnami/mariadb/logs
+              subPath: app-logs-dir
+      volumes:
+        - name: empty-dir
+          emptyDir: {}
+        - name: config
+          configMap:
+            name: yourls-mariadb
+  volumeClaimTemplates:
+    - metadata:
+        name: data
+        labels:
+          app.kubernetes.io/instance: yourls
+          app.kubernetes.io/name: mariadb
+          app.kubernetes.io/component: primary
+      spec:
+        accessModes:
+          - "ReadWriteOnce"
+        resources:
+          requests:
+            storage: "8Gi"
+---
+# Source: yourls/templates/ingress.yaml
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: yourls
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
+  annotations:
+    external-dns.alpha.kubernetes.io/target: ipv4.${SECRET_DOMAIN}
+    external-dns/is-public: "true"
+    haproxy-ingress-proxy.pfsense.org/backend: nginx-443
+    haproxy-ingress-proxy.pfsense.org/enabled: "true"
+    haproxy-ingress-proxy.pfsense.org/frontend: https-443
+    kubernetes.io/ingress.class: nginx
+spec:
+  rules:
+    - host: "yourls.local"
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: yourls
+                port:
+                  name: http

github-actions · 2025-02-24T23:18:45Z

Path: cluster/apps/collab/yourls/helm-release.yaml
Version: 5.2.7 -> 7.1.17

@@ -1 +1,695 @@
+# Source: yourls/charts/mariadb/templates/networkpolicy.yaml
+kind: NetworkPolicy
+apiVersion: networking.k8s.io/v1
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+spec:
+  podSelector:
+    matchLabels:
+      app.kubernetes.io/instance: yourls
+      app.kubernetes.io/managed-by: Helm
+      app.kubernetes.io/name: mariadb
+      app.kubernetes.io/version: 11.4.5
+      helm.sh/chart: mariadb-20.4.0
+  policyTypes:
+    - Ingress
+    - Egress
+  egress:
+    - {}
+  ingress:
+    - ports:
+        - port: 3306
+        - port: 3306
+---
+# Source: yourls/charts/mariadb/templates/primary/pdb.yaml
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+    app.kubernetes.io/component: primary
+spec:
+  maxUnavailable: 1
+  selector:
+    matchLabels:
+      app.kubernetes.io/instance: yourls
+      app.kubernetes.io/name: mariadb
+      app.kubernetes.io/component: primary
+---
+# Source: yourls/charts/mariadb/templates/serviceaccount.yaml
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+automountServiceAccountToken: false
+---
+# Source: yourls/charts/mariadb/templates/secrets.yaml
+apiVersion: v1
+kind: Secret
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+type: Opaque
+data:
+  mariadb-root-password: "M2JZZThUZ0ZPQg=="
+  mariadb-password: "VzVWMjlEdnNBWg=="
+---
+# Source: yourls/templates/secrets.yaml
+apiVersion: v1
+kind: Secret
+metadata:
+  name: yourls
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
+type: kubernetes.io/basic-auth
+data:
+  username: "ZGZyb2Jlcmc="
+  password: "JHtTRUNSRVRfWU9VUkxTX0FETUlOX1BBU1NXT1JEfQ=="
+---
+# Source: yourls/charts/mariadb/templates/primary/configmap.yaml
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+    app.kubernetes.io/component: primary
+data:
+  my.cnf: |-
+    [mysqld]
+    skip-name-resolve
+    explicit_defaults_for_timestamp
+    basedir=/opt/bitnami/mariadb
+    datadir=/bitnami/mariadb/data
+    plugin_dir=/opt/bitnami/mariadb/plugin
+    port=3306
+    socket=/opt/bitnami/mariadb/tmp/mysql.sock
+    tmpdir=/opt/bitnami/mariadb/tmp
+    max_allowed_packet=16M
+    bind-address=*
+    pid-file=/opt/bitnami/mariadb/tmp/mysqld.pid
+    log-error=/opt/bitnami/mariadb/logs/mysqld.log
+    character-set-server=UTF8
+    collation-server=utf8_general_ci
+    slow_query_log=0
+    long_query_time=10.0
+    binlog_expire_logs_seconds=2592000
 
+    [client]
+    port=3306
+    socket=/opt/bitnami/mariadb/tmp/mysql.sock
+    default-character-set=UTF8
+    plugin_dir=/opt/bitnami/mariadb/plugin
+
+    [manager]
+    port=3306
+    socket=/opt/bitnami/mariadb/tmp/mysql.sock
+    pid-file=/opt/bitnami/mariadb/tmp/mysqld.pid
+---
+# Source: yourls/templates/metrics-httpd-configmap.yaml
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: yourls-apache-metrics
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
+data:
+  00_status-vhost.conf: |-
+    <VirtualHost 127.0.0.1:80>
+      ServerName status.localhost
+      <Location /server-status>
+        Require local
+        SetHandler server-status
+      </Location>
+    </VirtualHost>
+---
+# Source: yourls/charts/mariadb/templates/headless-svc.yaml
+apiVersion: v1
+kind: Service
+metadata:
+  name: yourls-mariadb-headless
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+spec:
+  type: ClusterIP
+  publishNotReadyAddresses: true
+  clusterIP: None
+  ports:
+    - name: mysql
+      port: 3306
+      protocol: TCP
+      targetPort: mysql
+  selector:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+---
+# Source: yourls/charts/mariadb/templates/primary/svc.yaml
+apiVersion: v1
+kind: Service
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+    app.kubernetes.io/component: primary
+  annotations:
+spec:
+  type: ClusterIP
+  sessionAffinity: None
+  ports:
+    - name: mysql
+      port: 3306
+      protocol: TCP
+      targetPort: mysql
+      nodePort: null
+  selector:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/component: primary
+---
+# Source: yourls/templates/metrics-svc.yaml
+apiVersion: v1
+kind: Service
+metadata:
+  name: yourls-metrics
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
+    app.kubernetes.io/component: metrics
+  annotations:
+    prometheus.io/port: "9117"
+    prometheus.io/scrape: "true"
+spec:
+  type: ClusterIP
+  ports:
+    - name: metrics
+      port: 9117
+      protocol: TCP
+      targetPort: metrics
+  selector:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: yourls
+---
+# Source: yourls/templates/service.yaml
+apiVersion: v1
+kind: Service
+metadata:
+  name: yourls
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
+spec:
+  type: ClusterIP
+  ports:
+    - name: http
+      port: 80
+      protocol: TCP
+      targetPort: http
+      nodePort: null
+    - name: https
+      port: 443
+      protocol: TCP
+      targetPort: https
+      nodePort: null
+  selector:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: yourls
+---
+# Source: yourls/templates/deployment.yaml
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: yourls
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
+spec:
+  selector:
+    matchLabels:
+      app.kubernetes.io/instance: yourls
+      app.kubernetes.io/name: yourls
+  strategy:
+    type: RollingUpdate
+  replicas: 1
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/instance: yourls
+        app.kubernetes.io/managed-by: Helm
+        app.kubernetes.io/name: yourls
+      annotations:
+        prometheus.io/port: '9117'
+        prometheus.io/scrape: "true"
+    spec:
+      serviceAccountName: default
+      # yamllint disable rule:indentation
+      hostAliases:
+        - hostnames:
+            - status.localhost
+          ip: 127.0.0.1
+      # yamllint enable rule:indentation
+      affinity:
+        podAffinity:
+        podAntiAffinity:
+          preferredDuringSchedulingIgnoredDuringExecution:
+            - podAffinityTerm:
+                labelSelector:
+                  matchLabels:
+                    app.kubernetes.io/instance: yourls
+                    app.kubernetes.io/name: yourls
+                topologyKey: kubernetes.io/hostname
+              weight: 1
+        nodeAffinity:
+      securityContext:
+        fsGroup: 1001
+      containers:
+        - name: yourls
+          image: docker.io/yourls:1.9.1-fpm-alpine
+          imagePullPolicy: "Always"
+          env:
+            - name: APP_DEBUG
+              value: "false"
+            - name: ALLOW_EMPTY_PASSWORD
+              value: "yes"
+            - name: MARIADB_HOST
+              value: "yourls-mariadb"
+            - name: MARIADB_PORT_NUMBER
+              value: "3306"
+            - name: YOURLS_DB_HOST
+              value: yourls-mariadb:3306
+            - name: YOURLS_DB_NAME
+              value: "yourls"
+            - name: YOURLS_DB_USER
+              value: "yourls"
+            - name: YOURLS_DB_PASS
+              valueFrom:
+                secretKeyRef:
+                  name: yourls-mariadb
+                  key: mariadb-password
+            - name: YOURLS_DB_PREFIX
+              value: "yourls_"
+            - name: YOURLS_SITE
+              value: "http://yourls"
+            - name: YOURLS_USER
+              valueFrom:
+                secretKeyRef:
+                  name: yourls
+                  key: username
+            - name: YOURLS_PASS
+              valueFrom:
+                secretKeyRef:
+                  name: yourls
+                  key: password
+            - name: APACHE_HTTP_PORT_NUMBER
+              value: "80"
+            - name: APACHE_HTTPS_PORT_NUMBER
+              value: "443"
+          envFrom:
+          ports:
+            - name: http
+              containerPort: 80
+            - name: https
+              containerPort: 443
+          livenessProbe:
+            failureThreshold: 6
+            httpGet:
+              httpHeaders: []
+              path: /admin/install.php
+              port: http
+            initialDelaySeconds: 120
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 5
+          readinessProbe:
+            failureThreshold: 6
+            httpGet:
+              httpHeaders: []
+              path: /admin/install.php
+              port: http
+            initialDelaySeconds: 30
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 5
+          resources:
+            limits: {}
+            requests:
+              cpu: 300m
+              memory: 512Mi
+          volumeMounts:
+            - mountPath: /var/www/html
+              name: yourls-data
+            - name: apache-metrics
+              mountPath: /etc/apache2/sites-available/00_status-vhost.conf
+              subPath: 00_status-vhost.conf
+        - name: metrics
+          image: docker.io/bitnami/apache-exporter:1.0.9-debian-12-r16
+          imagePullPolicy: "Always"
+          command:
+            - /bin/apache_exporter
+            - --scrape_uri
+            - http://status.localhost:80/server-status/?auto
+          ports:
+            - name: metrics
+              containerPort: 9117
+          livenessProbe:
+            failureThreshold: 3
+            initialDelaySeconds: 15
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 5
+            httpGet:
+              path: /metrics
+              port: metrics
+          readinessProbe:
+            failureThreshold: 3
+            initialDelaySeconds: 5
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 3
+            httpGet:
+              path: /metrics
+              port: metrics
+          resources:
+            limits:
+              cpu: 150m
+              ephemeral-storage: 2Gi
+              memory: 192Mi
+            requests:
+              cpu: 100m
+              ephemeral-storage: 50Mi
+              memory: 128Mi
+          securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            privileged: false
+            readOnlyRootFilesystem: true
+            runAsGroup: 1001
+            runAsNonRoot: true
+            runAsUser: 1001
+            seLinuxOptions: {}
+            seccompProfile:
+              type: RuntimeDefault
+      volumes:
+        - name: apache-metrics
+          configMap:
+            name: yourls-apache-metrics
+            defaultMode: 0644
+        - name: yourls-data
+          persistentVolumeClaim:
+            claimName: yourls-config-pvc
+---
+# Source: yourls/charts/mariadb/templates/primary/statefulset.yaml
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+    app.kubernetes.io/component: primary
+spec:
+  replicas: 1
+  revisionHistoryLimit: 10
+  selector:
+    matchLabels:
+      app.kubernetes.io/instance: yourls
+      app.kubernetes.io/name: mariadb
+      app.kubernetes.io/part-of: mariadb
+      app.kubernetes.io/component: primary
+  serviceName: yourls-mariadb-headless
+  updateStrategy:
+    type: RollingUpdate
+  template:
+    metadata:
+      annotations:
+        checksum/configuration: e5d683a28c4b41e90f74459deaa86193e3b5e424cfdad7e5b5f52b116e63eec4
+      labels:
+        app.kubernetes.io/instance: yourls
+        app.kubernetes.io/managed-by: Helm
+        app.kubernetes.io/name: mariadb
+        app.kubernetes.io/part-of: mariadb
+        app.kubernetes.io/component: primary
+    spec:
+      automountServiceAccountToken: false
+      serviceAccountName: yourls-mariadb
+      affinity:
+        podAffinity:
+        podAntiAffinity:
+          preferredDuringSchedulingIgnoredDuringExecution:
+            - podAffinityTerm:
+                labelSelector:
+                  matchLabels:
+                    app.kubernetes.io/instance: yourls
+                    app.kubernetes.io/name: mariadb
+                    app.kubernetes.io/component: primary
+                topologyKey: kubernetes.io/hostname
+              weight: 1
+        nodeAffinity:
+      securityContext:
+        fsGroup: 1001
+        fsGroupChangePolicy: Always
+        supplementalGroups: []
+        sysctls: []
+      initContainers:
+        - name: preserve-logs-symlinks
+          image: docker.io/bitnami/mariadb:11.4.5-debian-12-r4
+          imagePullPolicy: "IfNotPresent"
+          securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            privileged: false
+            readOnlyRootFilesystem: true
+            runAsGroup: 1001
+            runAsNonRoot: true
+            runAsUser: 1001
+            seLinuxOptions: {}
+            seccompProfile:
+              type: RuntimeDefault
+          resources:
+            limits:
+              cpu: 750m
+              ephemeral-storage: 2Gi
+              memory: 768Mi
+            requests:
+              cpu: 500m
+              ephemeral-storage: 50Mi
+              memory: 512Mi
+          command:
+            - /bin/bash
+          args:
+            - -ec
+            - |
+              #!/bin/bash
+
+              . /opt/bitnami/scripts/libfs.sh
+              # We copy the logs folder because it has symlinks to stdout and stderr
+              if ! is_dir_empty /opt/bitnami/mariadb/logs; then
+                cp -r /opt/bitnami/mariadb/logs /emptydir/app-logs-dir
+              fi
+          volumeMounts:
+            - name: empty-dir
+              mountPath: /emptydir
+      containers:
+        - name: mariadb
+          image: docker.io/bitnami/mariadb:11.4.5-debian-12-r4
+          imagePullPolicy: "IfNotPresent"
+          securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            privileged: false
+            readOnlyRootFilesystem: true
+            runAsGroup: 1001
+            runAsNonRoot: true
+            runAsUser: 1001
+            seLinuxOptions: {}
+            seccompProfile:
+              type: RuntimeDefault
+          env:
+            - name: BITNAMI_DEBUG
+              value: "false"
+            - name: MARIADB_ROOT_PASSWORD_FILE
+              value: /opt/bitnami/mariadb/secrets/mariadb-root-password
+            - name: MARIADB_USER
+              value: "yourls"
+            - name: MARIADB_PASSWORD_FILE
+              value: /opt/bitnami/mariadb/secrets/mariadb-password
+            - name: MARIADB_DATABASE
+              value: "yourls"
+            - name: MARIADB_ENABLE_SSL
+              value: "no"
+          ports:
+            - name: mysql
+              containerPort: 3306
+          livenessProbe:
+            failureThreshold: 3
+            initialDelaySeconds: 120
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 1
+            exec:
+              command:
+                - /bin/bash
+                - -ec
+                - |
+                  password_aux="${MARIADB_ROOT_PASSWORD:-}"
+                  if [[ -f "${MARIADB_ROOT_PASSWORD_FILE:-}" ]]; then
+                      password_aux=$(cat "$MARIADB_ROOT_PASSWORD_FILE")
+                  fi
+                  mariadb-admin status -uroot -p"${password_aux}"
+          readinessProbe:
+            failureThreshold: 3
+            initialDelaySeconds: 30
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 1
+            exec:
+              command:
+                - /bin/bash
+                - -ec
+                - |
+                  password_aux="${MARIADB_ROOT_PASSWORD:-}"
+                  if [[ -f "${MARIADB_ROOT_PASSWORD_FILE:-}" ]]; then
+                      password_aux=$(cat "$MARIADB_ROOT_PASSWORD_FILE")
+                  fi
+                  mariadb-admin ping -uroot -p"${password_aux}"
+          resources:
+            limits:
+              cpu: 750m
+              ephemeral-storage: 2Gi
+              memory: 768Mi
+            requests:
+              cpu: 500m
+              ephemeral-storage: 50Mi
+              memory: 512Mi
+          volumeMounts:
+            - name: data
+              mountPath: /bitnami/mariadb
+            - name: config
+              mountPath: /opt/bitnami/mariadb/conf/my.cnf
+              subPath: my.cnf
+            - name: mariadb-credentials
+              mountPath: /opt/bitnami/mariadb/secrets/
+            - name: empty-dir
+              mountPath: /tmp
+              subPath: tmp-dir
+            - name: empty-dir
+              mountPath: /opt/bitnami/mariadb/conf
+              subPath: app-conf-dir
+            - name: empty-dir
+              mountPath: /opt/bitnami/mariadb/tmp
+              subPath: app-tmp-dir
+            - name: empty-dir
+              mountPath: /opt/bitnami/mariadb/logs
+              subPath: app-logs-dir
+      volumes:
+        - name: empty-dir
+          emptyDir: {}
+        - name: config
+          configMap:
+            name: yourls-mariadb
+        - name: mariadb-credentials
+          secret:
+            secretName: yourls-mariadb
+            items:
+              - key: mariadb-root-password
+                path: mariadb-root-password
+              - key: mariadb-password
+                path: mariadb-password
+  volumeClaimTemplates:
+    - metadata:
+        name: data
+        labels:
+          app.kubernetes.io/instance: yourls
+          app.kubernetes.io/name: mariadb
+          app.kubernetes.io/component: primary
+      spec:
+        accessModes:
+          - "ReadWriteOnce"
+        resources:
+          requests:
+            storage: "8Gi"
+---
+# Source: yourls/templates/ingress.yaml
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: yourls
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
+  annotations:
+    external-dns.alpha.kubernetes.io/target: ipv4.${SECRET_DOMAIN}
+    external-dns/is-public: "true"
+    haproxy-ingress-proxy.pfsense.org/backend: nginx-443
+    haproxy-ingress-proxy.pfsense.org/enabled: "true"
+    haproxy-ingress-proxy.pfsense.org/frontend: https-443
+    kubernetes.io/ingress.class: nginx
+spec:
+  rules:
+    - host: "yourls.local"
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: yourls
+                port:
+                  name: http

Signed-off-by: Danny Froberg <dfroberg@users.noreply.github.com>

github-actions · 2025-02-25T22:01:51Z

Path: cluster/apps/collab/yourls/helm-release.yaml
Version: 5.2.7 -> 7.1.18

@@ -1 +1,695 @@
+# Source: yourls/charts/mariadb/templates/networkpolicy.yaml
+kind: NetworkPolicy
+apiVersion: networking.k8s.io/v1
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+spec:
+  podSelector:
+    matchLabels:
+      app.kubernetes.io/instance: yourls
+      app.kubernetes.io/managed-by: Helm
+      app.kubernetes.io/name: mariadb
+      app.kubernetes.io/version: 11.4.5
+      helm.sh/chart: mariadb-20.4.1
+  policyTypes:
+    - Ingress
+    - Egress
+  egress:
+    - {}
+  ingress:
+    - ports:
+        - port: 3306
+        - port: 3306
+---
+# Source: yourls/charts/mariadb/templates/primary/pdb.yaml
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+    app.kubernetes.io/component: primary
+spec:
+  maxUnavailable: 1
+  selector:
+    matchLabels:
+      app.kubernetes.io/instance: yourls
+      app.kubernetes.io/name: mariadb
+      app.kubernetes.io/component: primary
+---
+# Source: yourls/charts/mariadb/templates/serviceaccount.yaml
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+automountServiceAccountToken: false
+---
+# Source: yourls/charts/mariadb/templates/secrets.yaml
+apiVersion: v1
+kind: Secret
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+type: Opaque
+data:
+  mariadb-root-password: "SzlBZlIyclFkNQ=="
+  mariadb-password: "czVZQzdiTnVEdQ=="
+---
+# Source: yourls/templates/secrets.yaml
+apiVersion: v1
+kind: Secret
+metadata:
+  name: yourls
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
+type: kubernetes.io/basic-auth
+data:
+  username: "ZGZyb2Jlcmc="
+  password: "JHtTRUNSRVRfWU9VUkxTX0FETUlOX1BBU1NXT1JEfQ=="
+---
+# Source: yourls/charts/mariadb/templates/primary/configmap.yaml
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+    app.kubernetes.io/component: primary
+data:
+  my.cnf: |-
+    [mysqld]
+    skip-name-resolve
+    explicit_defaults_for_timestamp
+    basedir=/opt/bitnami/mariadb
+    datadir=/bitnami/mariadb/data
+    plugin_dir=/opt/bitnami/mariadb/plugin
+    port=3306
+    socket=/opt/bitnami/mariadb/tmp/mysql.sock
+    tmpdir=/opt/bitnami/mariadb/tmp
+    max_allowed_packet=16M
+    bind-address=*
+    pid-file=/opt/bitnami/mariadb/tmp/mysqld.pid
+    log-error=/opt/bitnami/mariadb/logs/mysqld.log
+    character-set-server=UTF8
+    collation-server=utf8_general_ci
+    slow_query_log=0
+    long_query_time=10.0
+    binlog_expire_logs_seconds=2592000
 
+    [client]
+    port=3306
+    socket=/opt/bitnami/mariadb/tmp/mysql.sock
+    default-character-set=UTF8
+    plugin_dir=/opt/bitnami/mariadb/plugin
+
+    [manager]
+    port=3306
+    socket=/opt/bitnami/mariadb/tmp/mysql.sock
+    pid-file=/opt/bitnami/mariadb/tmp/mysqld.pid
+---
+# Source: yourls/templates/metrics-httpd-configmap.yaml
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: yourls-apache-metrics
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
+data:
+  00_status-vhost.conf: |-
+    <VirtualHost 127.0.0.1:80>
+      ServerName status.localhost
+      <Location /server-status>
+        Require local
+        SetHandler server-status
+      </Location>
+    </VirtualHost>
+---
+# Source: yourls/charts/mariadb/templates/headless-svc.yaml
+apiVersion: v1
+kind: Service
+metadata:
+  name: yourls-mariadb-headless
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+spec:
+  type: ClusterIP
+  publishNotReadyAddresses: true
+  clusterIP: None
+  ports:
+    - name: mysql
+      port: 3306
+      protocol: TCP
+      targetPort: mysql
+  selector:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+---
+# Source: yourls/charts/mariadb/templates/primary/svc.yaml
+apiVersion: v1
+kind: Service
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+    app.kubernetes.io/component: primary
+  annotations:
+spec:
+  type: ClusterIP
+  sessionAffinity: None
+  ports:
+    - name: mysql
+      port: 3306
+      protocol: TCP
+      targetPort: mysql
+      nodePort: null
+  selector:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/component: primary
+---
+# Source: yourls/templates/metrics-svc.yaml
+apiVersion: v1
+kind: Service
+metadata:
+  name: yourls-metrics
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
+    app.kubernetes.io/component: metrics
+  annotations:
+    prometheus.io/port: "9117"
+    prometheus.io/scrape: "true"
+spec:
+  type: ClusterIP
+  ports:
+    - name: metrics
+      port: 9117
+      protocol: TCP
+      targetPort: metrics
+  selector:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: yourls
+---
+# Source: yourls/templates/service.yaml
+apiVersion: v1
+kind: Service
+metadata:
+  name: yourls
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
+spec:
+  type: ClusterIP
+  ports:
+    - name: http
+      port: 80
+      protocol: TCP
+      targetPort: http
+      nodePort: null
+    - name: https
+      port: 443
+      protocol: TCP
+      targetPort: https
+      nodePort: null
+  selector:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/name: yourls
+---
+# Source: yourls/templates/deployment.yaml
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: yourls
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
+spec:
+  selector:
+    matchLabels:
+      app.kubernetes.io/instance: yourls
+      app.kubernetes.io/name: yourls
+  strategy:
+    type: RollingUpdate
+  replicas: 1
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/instance: yourls
+        app.kubernetes.io/managed-by: Helm
+        app.kubernetes.io/name: yourls
+      annotations:
+        prometheus.io/port: '9117'
+        prometheus.io/scrape: "true"
+    spec:
+      serviceAccountName: default
+      # yamllint disable rule:indentation
+      hostAliases:
+        - hostnames:
+            - status.localhost
+          ip: 127.0.0.1
+      # yamllint enable rule:indentation
+      affinity:
+        podAffinity:
+        podAntiAffinity:
+          preferredDuringSchedulingIgnoredDuringExecution:
+            - podAffinityTerm:
+                labelSelector:
+                  matchLabels:
+                    app.kubernetes.io/instance: yourls
+                    app.kubernetes.io/name: yourls
+                topologyKey: kubernetes.io/hostname
+              weight: 1
+        nodeAffinity:
+      securityContext:
+        fsGroup: 1001
+      containers:
+        - name: yourls
+          image: docker.io/yourls:1.9.1-fpm-alpine
+          imagePullPolicy: "Always"
+          env:
+            - name: APP_DEBUG
+              value: "false"
+            - name: ALLOW_EMPTY_PASSWORD
+              value: "yes"
+            - name: MARIADB_HOST
+              value: "yourls-mariadb"
+            - name: MARIADB_PORT_NUMBER
+              value: "3306"
+            - name: YOURLS_DB_HOST
+              value: yourls-mariadb:3306
+            - name: YOURLS_DB_NAME
+              value: "yourls"
+            - name: YOURLS_DB_USER
+              value: "yourls"
+            - name: YOURLS_DB_PASS
+              valueFrom:
+                secretKeyRef:
+                  name: yourls-mariadb
+                  key: mariadb-password
+            - name: YOURLS_DB_PREFIX
+              value: "yourls_"
+            - name: YOURLS_SITE
+              value: "http://yourls"
+            - name: YOURLS_USER
+              valueFrom:
+                secretKeyRef:
+                  name: yourls
+                  key: username
+            - name: YOURLS_PASS
+              valueFrom:
+                secretKeyRef:
+                  name: yourls
+                  key: password
+            - name: APACHE_HTTP_PORT_NUMBER
+              value: "80"
+            - name: APACHE_HTTPS_PORT_NUMBER
+              value: "443"
+          envFrom:
+          ports:
+            - name: http
+              containerPort: 80
+            - name: https
+              containerPort: 443
+          livenessProbe:
+            failureThreshold: 6
+            httpGet:
+              httpHeaders: []
+              path: /admin/install.php
+              port: http
+            initialDelaySeconds: 120
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 5
+          readinessProbe:
+            failureThreshold: 6
+            httpGet:
+              httpHeaders: []
+              path: /admin/install.php
+              port: http
+            initialDelaySeconds: 30
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 5
+          resources:
+            limits: {}
+            requests:
+              cpu: 300m
+              memory: 512Mi
+          volumeMounts:
+            - mountPath: /var/www/html
+              name: yourls-data
+            - name: apache-metrics
+              mountPath: /etc/apache2/sites-available/00_status-vhost.conf
+              subPath: 00_status-vhost.conf
+        - name: metrics
+          image: docker.io/bitnami/apache-exporter:1.0.9-debian-12-r16
+          imagePullPolicy: "Always"
+          command:
+            - /bin/apache_exporter
+            - --scrape_uri
+            - http://status.localhost:80/server-status/?auto
+          ports:
+            - name: metrics
+              containerPort: 9117
+          livenessProbe:
+            failureThreshold: 3
+            initialDelaySeconds: 15
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 5
+            httpGet:
+              path: /metrics
+              port: metrics
+          readinessProbe:
+            failureThreshold: 3
+            initialDelaySeconds: 5
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 3
+            httpGet:
+              path: /metrics
+              port: metrics
+          resources:
+            limits:
+              cpu: 150m
+              ephemeral-storage: 2Gi
+              memory: 192Mi
+            requests:
+              cpu: 100m
+              ephemeral-storage: 50Mi
+              memory: 128Mi
+          securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            privileged: false
+            readOnlyRootFilesystem: true
+            runAsGroup: 1001
+            runAsNonRoot: true
+            runAsUser: 1001
+            seLinuxOptions: {}
+            seccompProfile:
+              type: RuntimeDefault
+      volumes:
+        - name: apache-metrics
+          configMap:
+            name: yourls-apache-metrics
+            defaultMode: 0644
+        - name: yourls-data
+          persistentVolumeClaim:
+            claimName: yourls-config-pvc
+---
+# Source: yourls/charts/mariadb/templates/primary/statefulset.yaml
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: yourls-mariadb
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: mariadb
+    app.kubernetes.io/part-of: mariadb
+    app.kubernetes.io/component: primary
+spec:
+  replicas: 1
+  revisionHistoryLimit: 10
+  selector:
+    matchLabels:
+      app.kubernetes.io/instance: yourls
+      app.kubernetes.io/name: mariadb
+      app.kubernetes.io/part-of: mariadb
+      app.kubernetes.io/component: primary
+  serviceName: yourls-mariadb-headless
+  updateStrategy:
+    type: RollingUpdate
+  template:
+    metadata:
+      annotations:
+        checksum/configuration: 38a31a6aacbbad69927cc9de63e67bbe08f8fcc7d521879fea0b30f7c480b2ba
+      labels:
+        app.kubernetes.io/instance: yourls
+        app.kubernetes.io/managed-by: Helm
+        app.kubernetes.io/name: mariadb
+        app.kubernetes.io/part-of: mariadb
+        app.kubernetes.io/component: primary
+    spec:
+      automountServiceAccountToken: false
+      serviceAccountName: yourls-mariadb
+      affinity:
+        podAffinity:
+        podAntiAffinity:
+          preferredDuringSchedulingIgnoredDuringExecution:
+            - podAffinityTerm:
+                labelSelector:
+                  matchLabels:
+                    app.kubernetes.io/instance: yourls
+                    app.kubernetes.io/name: mariadb
+                    app.kubernetes.io/component: primary
+                topologyKey: kubernetes.io/hostname
+              weight: 1
+        nodeAffinity:
+      securityContext:
+        fsGroup: 1001
+        fsGroupChangePolicy: Always
+        supplementalGroups: []
+        sysctls: []
+      initContainers:
+        - name: preserve-logs-symlinks
+          image: docker.io/bitnami/mariadb:11.4.5-debian-12-r4
+          imagePullPolicy: "IfNotPresent"
+          securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            privileged: false
+            readOnlyRootFilesystem: true
+            runAsGroup: 1001
+            runAsNonRoot: true
+            runAsUser: 1001
+            seLinuxOptions: {}
+            seccompProfile:
+              type: RuntimeDefault
+          resources:
+            limits:
+              cpu: 750m
+              ephemeral-storage: 2Gi
+              memory: 768Mi
+            requests:
+              cpu: 500m
+              ephemeral-storage: 50Mi
+              memory: 512Mi
+          command:
+            - /bin/bash
+          args:
+            - -ec
+            - |
+              #!/bin/bash
+
+              . /opt/bitnami/scripts/libfs.sh
+              # We copy the logs folder because it has symlinks to stdout and stderr
+              if ! is_dir_empty /opt/bitnami/mariadb/logs; then
+                cp -r /opt/bitnami/mariadb/logs /emptydir/app-logs-dir
+              fi
+          volumeMounts:
+            - name: empty-dir
+              mountPath: /emptydir
+      containers:
+        - name: mariadb
+          image: docker.io/bitnami/mariadb:11.4.5-debian-12-r4
+          imagePullPolicy: "IfNotPresent"
+          securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            privileged: false
+            readOnlyRootFilesystem: true
+            runAsGroup: 1001
+            runAsNonRoot: true
+            runAsUser: 1001
+            seLinuxOptions: {}
+            seccompProfile:
+              type: RuntimeDefault
+          env:
+            - name: BITNAMI_DEBUG
+              value: "false"
+            - name: MARIADB_ROOT_PASSWORD_FILE
+              value: /opt/bitnami/mariadb/secrets/mariadb-root-password
+            - name: MARIADB_USER
+              value: "yourls"
+            - name: MARIADB_PASSWORD_FILE
+              value: /opt/bitnami/mariadb/secrets/mariadb-password
+            - name: MARIADB_DATABASE
+              value: "yourls"
+            - name: MARIADB_ENABLE_SSL
+              value: "no"
+          ports:
+            - name: mysql
+              containerPort: 3306
+          livenessProbe:
+            failureThreshold: 3
+            initialDelaySeconds: 120
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 1
+            exec:
+              command:
+                - /bin/bash
+                - -ec
+                - |
+                  password_aux="${MARIADB_ROOT_PASSWORD:-}"
+                  if [[ -f "${MARIADB_ROOT_PASSWORD_FILE:-}" ]]; then
+                      password_aux=$(cat "$MARIADB_ROOT_PASSWORD_FILE")
+                  fi
+                  mariadb-admin status -uroot -p"${password_aux}"
+          readinessProbe:
+            failureThreshold: 3
+            initialDelaySeconds: 30
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 1
+            exec:
+              command:
+                - /bin/bash
+                - -ec
+                - |
+                  password_aux="${MARIADB_ROOT_PASSWORD:-}"
+                  if [[ -f "${MARIADB_ROOT_PASSWORD_FILE:-}" ]]; then
+                      password_aux=$(cat "$MARIADB_ROOT_PASSWORD_FILE")
+                  fi
+                  mariadb-admin ping -uroot -p"${password_aux}"
+          resources:
+            limits:
+              cpu: 750m
+              ephemeral-storage: 2Gi
+              memory: 768Mi
+            requests:
+              cpu: 500m
+              ephemeral-storage: 50Mi
+              memory: 512Mi
+          volumeMounts:
+            - name: data
+              mountPath: /bitnami/mariadb
+            - name: config
+              mountPath: /opt/bitnami/mariadb/conf/my.cnf
+              subPath: my.cnf
+            - name: mariadb-credentials
+              mountPath: /opt/bitnami/mariadb/secrets/
+            - name: empty-dir
+              mountPath: /tmp
+              subPath: tmp-dir
+            - name: empty-dir
+              mountPath: /opt/bitnami/mariadb/conf
+              subPath: app-conf-dir
+            - name: empty-dir
+              mountPath: /opt/bitnami/mariadb/tmp
+              subPath: app-tmp-dir
+            - name: empty-dir
+              mountPath: /opt/bitnami/mariadb/logs
+              subPath: app-logs-dir
+      volumes:
+        - name: empty-dir
+          emptyDir: {}
+        - name: config
+          configMap:
+            name: yourls-mariadb
+        - name: mariadb-credentials
+          secret:
+            secretName: yourls-mariadb
+            items:
+              - key: mariadb-root-password
+                path: mariadb-root-password
+              - key: mariadb-password
+                path: mariadb-password
+  volumeClaimTemplates:
+    - metadata:
+        name: data
+        labels:
+          app.kubernetes.io/instance: yourls
+          app.kubernetes.io/name: mariadb
+          app.kubernetes.io/component: primary
+      spec:
+        accessModes:
+          - "ReadWriteOnce"
+        resources:
+          requests:
+            storage: "8Gi"
+---
+# Source: yourls/templates/ingress.yaml
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: yourls
+  namespace: "default"
+  labels:
+    app.kubernetes.io/instance: yourls
+    app.kubernetes.io/managed-by: Helm
+    app.kubernetes.io/name: yourls
+  annotations:
+    external-dns.alpha.kubernetes.io/target: ipv4.${SECRET_DOMAIN}
+    external-dns/is-public: "true"
+    haproxy-ingress-proxy.pfsense.org/backend: nginx-443
+    haproxy-ingress-proxy.pfsense.org/enabled: "true"
+    haproxy-ingress-proxy.pfsense.org/frontend: https-443
+    kubernetes.io/ingress.class: nginx
+spec:
+  rules:
+    - host: "yourls.local"
+      http:
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: yourls
+                port:
+                  name: http

renovate bot requested a review from dfroberg as a code owner November 15, 2024 11:23

renovate bot added the renovate/helm label Nov 15, 2024

renovate bot force-pushed the renovate/yourls-7.x branch from 12e5579 to 9aa2b0a Compare November 27, 2024 13:53

renovate bot changed the title ~~feat(charts)!: Update Helm release yourls to 7.0.0~~ feat(charts)!: Update Helm release yourls to 7.0.1 Nov 27, 2024

renovate bot force-pushed the renovate/yourls-7.x branch from 9aa2b0a to fb14bcb Compare November 27, 2024 21:45

renovate bot changed the title ~~feat(charts)!: Update Helm release yourls to 7.0.1~~ feat(charts)!: Update Helm release yourls to 7.0.2 Nov 27, 2024

renovate bot force-pushed the renovate/yourls-7.x branch from fb14bcb to 9ec54ef Compare November 28, 2024 21:36

renovate bot changed the title ~~feat(charts)!: Update Helm release yourls to 7.0.2~~ feat(charts)!: Update Helm release yourls to 7.0.3 Nov 28, 2024

renovate bot force-pushed the renovate/yourls-7.x branch from 9ec54ef to f01d5ac Compare November 29, 2024 10:35

renovate bot changed the title ~~feat(charts)!: Update Helm release yourls to 7.0.3~~ feat(charts)!: Update Helm release yourls to 7.0.4 Nov 29, 2024

renovate bot force-pushed the renovate/yourls-7.x branch from f01d5ac to d8b941f Compare December 4, 2024 12:46

renovate bot changed the title ~~feat(charts)!: Update Helm release yourls to 7.0.4~~ feat(charts)!: Update Helm release yourls to 7.0.6 Dec 4, 2024

renovate bot force-pushed the renovate/yourls-7.x branch from d8b941f to 50f9a1e Compare December 8, 2024 19:47

renovate bot changed the title ~~feat(charts)!: Update Helm release yourls to 7.0.6~~ feat(charts)!: Update Helm release yourls to 7.0.7 Dec 8, 2024

renovate bot force-pushed the renovate/yourls-7.x branch from 50f9a1e to 57f2b8c Compare December 10, 2024 18:03

renovate bot changed the title ~~feat(charts)!: Update Helm release yourls to 7.0.7~~ feat(charts)!: Update Helm release yourls to 7.0.8 Dec 10, 2024

renovate bot force-pushed the renovate/yourls-7.x branch from 57f2b8c to 0a90ac1 Compare December 11, 2024 04:04

renovate bot changed the title ~~feat(charts)!: Update Helm release yourls to 7.0.8~~ feat(charts)!: Update Helm release yourls to 7.0.9 Dec 11, 2024

renovate bot force-pushed the renovate/yourls-7.x branch from 0a90ac1 to 564bc5d Compare December 15, 2024 04:10

renovate bot changed the title ~~feat(charts)!: Update Helm release yourls to 7.0.9~~ feat(charts)!: Update Helm release yourls to 7.0.10 Dec 15, 2024

renovate bot changed the title ~~feat(charts)!: Update Helm release yourls to 7.1.8~~ feat(charts)!: Update Helm release yourls to 7.1.9 Feb 13, 2025

renovate bot force-pushed the renovate/yourls-7.x branch from c93f41b to cca2013 Compare February 17, 2025 23:13

renovate bot changed the title ~~feat(charts)!: Update Helm release yourls to 7.1.9~~ feat(charts)!: Update Helm release yourls to 7.1.10 Feb 17, 2025

renovate bot force-pushed the renovate/yourls-7.x branch from cca2013 to 951809e Compare February 19, 2025 03:00

renovate bot changed the title ~~feat(charts)!: Update Helm release yourls to 7.1.10~~ feat(charts)!: Update Helm release yourls to 7.1.11 Feb 19, 2025

renovate bot force-pushed the renovate/yourls-7.x branch from 951809e to aa5a9bc Compare February 19, 2025 11:51

renovate bot changed the title ~~feat(charts)!: Update Helm release yourls to 7.1.11~~ feat(charts)!: Update Helm release yourls to 7.1.12 Feb 19, 2025

renovate bot force-pushed the renovate/yourls-7.x branch from aa5a9bc to 738deb3 Compare February 19, 2025 16:35

renovate bot changed the title ~~feat(charts)!: Update Helm release yourls to 7.1.12~~ feat(charts)!: Update Helm release yourls to 7.1.13 Feb 19, 2025

renovate bot force-pushed the renovate/yourls-7.x branch from 738deb3 to 84a11f5 Compare February 20, 2025 18:37

renovate bot changed the title ~~feat(charts)!: Update Helm release yourls to 7.1.13~~ feat(charts)!: Update Helm release yourls to 7.1.14 Feb 20, 2025

renovate bot force-pushed the renovate/yourls-7.x branch from 84a11f5 to 285a83b Compare February 20, 2025 21:56

renovate bot changed the title ~~feat(charts)!: Update Helm release yourls to 7.1.14~~ feat(charts)!: Update Helm release yourls to 7.1.15 Feb 20, 2025

renovate bot force-pushed the renovate/yourls-7.x branch from 285a83b to 1ce0d9b Compare February 21, 2025 18:11

renovate bot changed the title ~~feat(charts)!: Update Helm release yourls to 7.1.15~~ feat(charts)!: Update Helm release yourls to 7.1.16 Feb 21, 2025

renovate bot force-pushed the renovate/yourls-7.x branch from 1ce0d9b to 7a1cf8c Compare February 24, 2025 23:18

renovate bot changed the title ~~feat(charts)!: Update Helm release yourls to 7.1.16~~ feat(charts)!: Update Helm release yourls to 7.1.17 Feb 24, 2025

feat(charts)!: Update Helm release yourls to 7.1.18

ad236d5

Signed-off-by: Danny Froberg <dfroberg@users.noreply.github.com>

renovate bot force-pushed the renovate/yourls-7.x branch from 7a1cf8c to ad236d5 Compare February 25, 2025 22:01

renovate bot changed the title ~~feat(charts)!: Update Helm release yourls to 7.1.17~~ feat(charts)!: Update Helm release yourls to 7.1.18 Feb 25, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

feat(charts)!: Update Helm release yourls to 7.1.18 #2506

feat(charts)!: Update Helm release yourls to 7.1.18 #2506

renovate bot commented Nov 15, 2024 •

edited

Loading

github-actions bot commented Nov 15, 2024

github-actions bot commented Nov 27, 2024

github-actions bot commented Nov 27, 2024

github-actions bot commented Nov 28, 2024

github-actions bot commented Nov 29, 2024

github-actions bot commented Dec 4, 2024

github-actions bot commented Dec 8, 2024

github-actions bot commented Dec 10, 2024

github-actions bot commented Dec 11, 2024

github-actions bot commented Dec 15, 2024

github-actions bot commented Feb 13, 2025

github-actions bot commented Feb 17, 2025

github-actions bot commented Feb 19, 2025

github-actions bot commented Feb 19, 2025

github-actions bot commented Feb 19, 2025

github-actions bot commented Feb 20, 2025

github-actions bot commented Feb 20, 2025

github-actions bot commented Feb 21, 2025

github-actions bot commented Feb 24, 2025

github-actions bot commented Feb 25, 2025

feat(charts)!: Update Helm release yourls to 7.1.18 #2506

Are you sure you want to change the base?

feat(charts)!: Update Helm release yourls to 7.1.18 #2506

Conversation

renovate bot commented Nov 15, 2024 • edited Loading

Release Notes

What's Changed

What's Changed

What's Changed

What's Changed

What's Changed

What's Changed

What's Changed

What's Changed

What's Changed

What's Changed

What's Changed

What's Changed

What's Changed

What's Changed

What's Changed

What's Changed

What's Changed

What's Changed

What's Changed

What's Changed

What's Changed

What's Changed

What's Changed

What's Changed

What's Changed

What's Changed

What's Changed

What's Changed

New Contributors

What's Changed

What's Changed

What's Changed

Upgrade Notes

What's Changed

What's Changed

What's Changed

What's Changed

What's Changed

What's Changed

What's Changed

What's Changed

What's Changed

What's Changed

What's Changed

What's Changed

What's Changed

What's Changed

What's Changed

What's Changed

What's Changed

What's Changed

What's Changed

What's Changed

What's Changed

What's Changed

What's Changed

What's Changed

What's Changed

What's Changed

What's Changed

What's Changed

What's Changed

What's Changed

What's Changed

What's Changed

What's Changed

What's Changed

What's Changed

New Contributors

What's Changed

What's Changed

renovate bot commented Nov 15, 2024 •

edited

Loading