diff --git a/charts/kube-images-sync-operator/Chart.yaml b/charts/kube-images-sync-operator/Chart.yaml index 02b4d09..fd312e1 100644 --- a/charts/kube-images-sync-operator/Chart.yaml +++ b/charts/kube-images-sync-operator/Chart.yaml @@ -3,16 +3,16 @@ name: kube-images-sync description: | A Helm chart for Kubernetes Images Sync Operator. Kubernetes Images Sync Operator is responsible for backing up and restoring images from a Kubernetes cluster. - It's ultimate goal is to provide synchonization of images between multiple environments, quite often air-gapped. + Its ultimate goal is to provide synchronization of images between multiple environments, quite often air-gapped. It compiles the list of images currently present in the cluster and uploads them to the specified storage. - Whenever new CRD is created - it will try to figure out which images were already uploaded and which are new and + Whenever a new CRD is created - it will try to figure out which images were already uploaded and which are new and upload only the new ones to avoid repetition. type: application -version: 0.5.54 +version: 0.5.57 -appVersion: "0.5.54" +appVersion: "0.5.57" home: https://github.com/lukaszraczylo/kubernetes-images-sync-operator diff --git a/charts/kube-images-sync-operator/templates/clusterimage-crd.yaml b/charts/kube-images-sync-operator/templates/clusterimage-crd.yaml index b8237dd..e75508b 100644 --- a/charts/kube-images-sync-operator/templates/clusterimage-crd.yaml +++ b/charts/kube-images-sync-operator/templates/clusterimage-crd.yaml @@ -3,7 +3,7 @@ kind: CustomResourceDefinition metadata: name: clusterimages.raczylo.com annotations: - controller-gen.kubebuilder.io/version: v0.16.1 + controller-gen.kubebuilder.io/version: v0.17.1 labels: {{- include "chart.labels" . | nindent 4 }} spec: @@ -124,9 +124,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] \ No newline at end of file diff --git a/charts/kube-images-sync-operator/templates/clusterimageexport-crd.yaml b/charts/kube-images-sync-operator/templates/clusterimageexport-crd.yaml index 562a97d..485daf7 100644 --- a/charts/kube-images-sync-operator/templates/clusterimageexport-crd.yaml +++ b/charts/kube-images-sync-operator/templates/clusterimageexport-crd.yaml @@ -3,7 +3,7 @@ kind: CustomResourceDefinition metadata: name: clusterimageexports.raczylo.com annotations: - controller-gen.kubebuilder.io/version: v0.16.1 + controller-gen.kubebuilder.io/version: v0.17.1 labels: {{- include "chart.labels" . | nindent 4 }} spec: @@ -37,7 +37,8 @@ spec: name: v1 schema: openAPIV3Schema: - description: ClusterImageExport is the Schema for the clusterimageexports API + description: ClusterImageExport is the Schema for the clusterimageexports + API properties: apiVersion: description: |- @@ -108,6 +109,9 @@ spec: type: string type: object maxConcurrentJobs: + default: 5 + maximum: 100 + minimum: 1 type: integer name: type: string @@ -116,7 +120,8 @@ spec: type: string type: array storage: - description: ClusterImageStorageSpec defines the desired state of ClusterImageStorage + description: ClusterImageStorageSpec defines the desired state of + ClusterImageStorage properties: s3: properties: @@ -134,8 +139,8 @@ spec: region: type: string roleARN: - description: RoleARN is the ARN of the role to be used for the - deployment + description: RoleARN is the ARN of the role to be used for + the deployment type: string secretKey: type: string @@ -150,7 +155,7 @@ spec: type: object target: enum: - - file + - FILE - S3 type: string required: @@ -179,9 +184,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] \ No newline at end of file diff --git a/charts/kube-images-sync-operator/templates/deployment.yaml b/charts/kube-images-sync-operator/templates/deployment.yaml index 9a54433..2816498 100644 --- a/charts/kube-images-sync-operator/templates/deployment.yaml +++ b/charts/kube-images-sync-operator/templates/deployment.yaml @@ -1,39 +1,61 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: {{ include "chart.fullname" . }}-sa + name: {{ include "chart.fullname" . }}-controller-manager labels: - control-plane: sa + control-plane: controller-manager {{- include "chart.labels" . | nindent 4 }} spec: - replicas: {{ .Values.sa.replicas }} + replicas: {{ .Values.controllerManager.replicas }} selector: matchLabels: - control-plane: sa + control-plane: controller-manager {{- include "chart.selectorLabels" . | nindent 6 }} template: metadata: labels: - control-plane: sa + control-plane: controller-manager {{- include "chart.selectorLabels" . | nindent 8 }} annotations: kubectl.kubernetes.io/default-container: manager spec: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: kubernetes.io/arch + operator: In + values: + - amd64 + - arm64 + - key: kubernetes.io/os + operator: In + values: + - linux containers: - - args: {{- toYaml .Values.sa.manager.args | nindent 8 }} + - args: + {{- toYaml .Values.controllerManager.manager.args | nindent 8 }} command: - /manager env: + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace - name: POD_SERVICE_ACCOUNT valueFrom: fieldRef: fieldPath: spec.serviceAccountName - name: WORKER_IMAGE - value: {{ quote .Values.sa.manager.env.workerImage }} + value: {{ quote .Values.controllerManager.manager.env.workerImage }} - name: KUBERNETES_CLUSTER_DOMAIN value: {{ quote .Values.kubernetesClusterDomain }} - image: {{ .Values.sa.manager.image.repository }}:{{ .Values.sa.manager.image.tag - | default .Chart.AppVersion }} + image: {{ .Values.controllerManager.manager.image.repository }}:{{ .Values.controllerManager.manager.image.tag | default .Chart.AppVersion }} livenessProbe: httpGet: path: /healthz @@ -41,15 +63,21 @@ spec: initialDelaySeconds: 15 periodSeconds: 20 name: manager + ports: + - containerPort: 8443 + name: https + protocol: TCP readinessProbe: httpGet: path: /readyz port: 8081 initialDelaySeconds: 5 periodSeconds: 10 - resources: {{- toYaml .Values.sa.manager.resources | nindent 10 }} - securityContext: {{- toYaml .Values.sa.manager.containerSecurityContext | nindent - 10 }} - securityContext: {{- toYaml .Values.sa.podSecurityContext | nindent 8 }} - serviceAccountName: {{ include "chart.fullname" . }}-sa - terminationGracePeriodSeconds: 10 \ No newline at end of file + resources: + {{- toYaml .Values.controllerManager.manager.resources | nindent 10 }} + securityContext: + {{- toYaml .Values.controllerManager.manager.containerSecurityContext | nindent 10 }} + securityContext: + {{- toYaml .Values.controllerManager.podSecurityContext | nindent 8 }} + serviceAccountName: {{ include "chart.fullname" . }}-controller-manager + terminationGracePeriodSeconds: 10 diff --git a/charts/kube-images-sync-operator/templates/impex-mgrbinding-rbac.yaml b/charts/kube-images-sync-operator/templates/impex-mgrbinding-rbac.yaml index f18b4cb..0ec5cf7 100644 --- a/charts/kube-images-sync-operator/templates/impex-mgrbinding-rbac.yaml +++ b/charts/kube-images-sync-operator/templates/impex-mgrbinding-rbac.yaml @@ -10,5 +10,5 @@ roleRef: name: '{{ include "chart.fullname" . }}-impex-mgr' subjects: - kind: ServiceAccount - name: '{{ include "chart.fullname" . }}-sa' - namespace: '{{ .Release.Namespace }}' \ No newline at end of file + name: '{{ include "chart.fullname" . }}-controller-manager' + namespace: '{{ .Release.Namespace }}' diff --git a/charts/kube-images-sync-operator/templates/metrics-auth-raczylobinding-rbac.yaml b/charts/kube-images-sync-operator/templates/metrics-auth-raczylobinding-rbac.yaml index 8cc8b88..926db0f 100644 --- a/charts/kube-images-sync-operator/templates/metrics-auth-raczylobinding-rbac.yaml +++ b/charts/kube-images-sync-operator/templates/metrics-auth-raczylobinding-rbac.yaml @@ -10,5 +10,5 @@ roleRef: name: '{{ include "chart.fullname" . }}-metrics-auth-raczylo' subjects: - kind: ServiceAccount - name: '{{ include "chart.fullname" . }}-sa' + name: '{{ include "chart.fullname" . }}-controller-manager' namespace: '{{ .Release.Namespace }}' \ No newline at end of file diff --git a/charts/kube-images-sync-operator/templates/raczylo-com-leaderbinding-rbac.yaml b/charts/kube-images-sync-operator/templates/raczylo-com-leaderbinding-rbac.yaml index 0704e11..c83881e 100644 --- a/charts/kube-images-sync-operator/templates/raczylo-com-leaderbinding-rbac.yaml +++ b/charts/kube-images-sync-operator/templates/raczylo-com-leaderbinding-rbac.yaml @@ -10,5 +10,5 @@ roleRef: name: '{{ include "chart.fullname" . }}-raczylo-com-leader' subjects: - kind: ServiceAccount - name: '{{ include "chart.fullname" . }}-sa' + name: '{{ include "chart.fullname" . }}-controller-manager' namespace: '{{ .Release.Namespace }}' \ No newline at end of file diff --git a/charts/kube-images-sync-operator/templates/sa-metrics-service.yaml b/charts/kube-images-sync-operator/templates/sa-metrics-service.yaml index a32d364..10db04b 100644 --- a/charts/kube-images-sync-operator/templates/sa-metrics-service.yaml +++ b/charts/kube-images-sync-operator/templates/sa-metrics-service.yaml @@ -1,14 +1,14 @@ apiVersion: v1 kind: Service metadata: - name: {{ include "chart.fullname" . }}-sa-metrics-service + name: {{ include "chart.fullname" . }}-metrics-service labels: - control-plane: sa + control-plane: controller-manager {{- include "chart.labels" . | nindent 4 }} spec: - type: {{ .Values.saMetricsService.type }} + type: {{ .Values.metricsService.type }} selector: - control-plane: sa + control-plane: controller-manager {{- include "chart.selectorLabels" . | nindent 4 }} ports: - {{- .Values.saMetricsService.ports | toYaml | nindent 2 }} \ No newline at end of file + {{- .Values.metricsService.ports | toYaml | nindent 2 }} diff --git a/charts/kube-images-sync-operator/templates/serviceaccount.yaml b/charts/kube-images-sync-operator/templates/serviceaccount.yaml index 637f8a8..2e56324 100644 --- a/charts/kube-images-sync-operator/templates/serviceaccount.yaml +++ b/charts/kube-images-sync-operator/templates/serviceaccount.yaml @@ -1,8 +1,8 @@ apiVersion: v1 kind: ServiceAccount metadata: - name: {{ include "chart.fullname" . }}-sa + name: {{ include "chart.fullname" . }}-controller-manager labels: {{- include "chart.labels" . | nindent 4 }} annotations: - {{- toYaml .Values.sa.serviceAccount.annotations | nindent 4 }} \ No newline at end of file + {{- toYaml .Values.controllerManager.serviceAccount.annotations | nindent 4 }} diff --git a/charts/kube-images-sync-operator/templates/servicemonitor.yaml b/charts/kube-images-sync-operator/templates/servicemonitor.yaml new file mode 100644 index 0000000..08c728e --- /dev/null +++ b/charts/kube-images-sync-operator/templates/servicemonitor.yaml @@ -0,0 +1,31 @@ +{{- if .Values.serviceMonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ include "chart.fullname" . }}-metrics + {{- if .Values.serviceMonitor.namespace }} + namespace: {{ .Values.serviceMonitor.namespace }} + {{- end }} + labels: + {{- include "chart.labels" . | nindent 4 }} + {{- with .Values.serviceMonitor.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + endpoints: + - path: /metrics + port: https + scheme: https + interval: {{ .Values.serviceMonitor.interval }} + scrapeTimeout: {{ .Values.serviceMonitor.scrapeTimeout }} + tlsConfig: + insecureSkipVerify: true + bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token + namespaceSelector: + matchNames: + - {{ .Release.Namespace }} + selector: + matchLabels: + control-plane: controller-manager + {{- include "chart.selectorLabels" . | nindent 6 }} +{{- end }} diff --git a/charts/kube-images-sync-operator/values.yaml b/charts/kube-images-sync-operator/values.yaml index 29d2080..7a9f4e6 100644 --- a/charts/kube-images-sync-operator/values.yaml +++ b/charts/kube-images-sync-operator/values.yaml @@ -1,8 +1,11 @@ kubernetesClusterDomain: cluster.local -sa: + +controllerManager: manager: + # Command line arguments for the manager args: - --metrics-bind-address=:8443 + - --metrics-secure - --leader-elect - --health-probe-bind-address=:8081 containerSecurityContext: @@ -14,7 +17,7 @@ sa: workerImage: ghcr.io/lukaszraczylo/kubernetes-images-sync-worker:0.5.54 image: repository: ghcr.io/lukaszraczylo/kubernetes-images-sync-operator - tag: 0.5.54 + tag: "0.5.57" resources: limits: cpu: 500m @@ -27,10 +30,24 @@ sa: replicas: 1 serviceAccount: annotations: {} -saMetricsService: + +# Metrics service configuration +metricsService: ports: - name: https port: 8443 protocol: TCP targetPort: 8443 type: ClusterIP + +# ServiceMonitor for Prometheus Operator integration +serviceMonitor: + enabled: false + # Namespace where ServiceMonitor will be created (defaults to release namespace) + namespace: "" + # Additional labels for ServiceMonitor + labels: {} + # Scrape interval + interval: 30s + # Scrape timeout + scrapeTimeout: 10s diff --git a/charts/packages/kube-images-sync-0.5.57.tgz b/charts/packages/kube-images-sync-0.5.57.tgz new file mode 100644 index 0000000..a3c43d0 Binary files /dev/null and b/charts/packages/kube-images-sync-0.5.57.tgz differ diff --git a/index.yaml b/index.yaml index b0ff0a8..8f8acdb 100644 --- a/index.yaml +++ b/index.yaml @@ -260,6 +260,26 @@ entries: - https://github.com/lukaszraczylo/helm-charts/releases/download/jobs-manager-0.0.24/jobs-manager-0.0.24.tgz version: 0.0.24 kube-images-sync: + - apiVersion: v2 + appVersion: 0.5.57 + created: "2025-12-18T17:18:56.31315985Z" + description: 'A Helm chart for Kubernetes Images Sync Operator. Kubernetes Images + Sync Operator is responsible for backing up and restoring images from a Kubernetes + cluster. Its ultimate goal is to provide synchronization of images between multiple + environments, quite often air-gapped. It compiles the list of images currently + present in the cluster and uploads them to the specified storage. Whenever a + new CRD is created - it will try to figure out which images were already uploaded + and which are new and upload only the new ones to avoid repetition. ' + digest: bf4dbd8350ae98b7b0d821ddd1a6a059034bbea6d9270eb3bb65c4de3d6215ba + home: https://github.com/lukaszraczylo/kubernetes-images-sync-operator + maintainers: + - email: github-enquiries@raczylo.com + name: lukaszraczylo + name: kube-images-sync + type: application + urls: + - https://github.com/lukaszraczylo/helm-charts/releases/download/kube-images-sync-0.5.57/kube-images-sync-0.5.57.tgz + version: 0.5.57 - apiVersion: v2 appVersion: 0.5.54 created: "2025-01-14T01:28:32.957456Z" @@ -1260,4 +1280,4 @@ entries: urls: - https://github.com/lukaszraczylo/helm-charts/releases/download/kube-images-sync-0.1.5/kube-images-sync-0.1.5.tgz version: 0.1.5 -generated: "2025-12-17T23:44:28.783297163Z" +generated: "2025-12-18T17:18:56.312562636Z"