* Apply security hardened defaults to values.yaml for all apps
* Add default common securityContext to all apps
* Adjust securityContext defaults in questions.yaml, according to values.yaml
* Add default common podSecurityContext to all apps
* Clean whitespace
* Clean more whitespace
* Adjust podSecurityContext defaults in questions.yaml, according to values.yaml
* fix pgadmin
Co-authored-by: Stavros kois <s.kois@outlook.com>
* add addon include to all apps
* move groups to include
* move controller to includes
* move container config to include
* move serviceList to include
* move persistence list to includes
* move ingressList to includes
* fix appdaemon digest
* move deviceList to includes and add to deconz
Fixes#967 related to #966
* remove strategy
* move runAsNonRoot to securityContext
* Add podSecurityContext and securityContext to values pt1
* Add podSecurityContext and securityContext to values pt2
* Add podSecurityContext and securityContext to values pt3
* Add podSecurityContext and securityContext to values pt4
* Add podSecurityContext and securityContext to values pt5
* fix empty lines
* Remove secCont from NC - values
* fixPermissions for some apps
* on apps with perm prob, set fsGroup to 0 also
* fix: move runAsNonRoot to container securityContext to prevent sidecarts from being affected
* also bump some versions...
* also override some of the problematic settings in common.yaml
* whoops
* add pre-commit to release container
* use pip install --no-cache-dir
* whoopsies
* lint fixes
* add some verbosity during pre-commit build process
* add more pre-commit checks
* repo pre-commit cleanup
* add pre-commit to release scripting
* try showing some more pre-commit dockerbuild verbosity
* some tweaks and polish to release scripting.
Also adds syncing primary tag and appversion
* Fix targetPort not being processed correctly
* Always use PVC in values.yaml just to be sure it actually works
* fix a small copy-paste mistake
* bump
* fix hyperion-ng mistake
* make nodePort optional
* do not enter nodeport when loadbalancer is default
* add extra security contexts to questions.yaml
* Move to common 6.10.7
(cherry picked from commit 47fa27341c9c7869d4a6484c7b1523398e821d20)
* bump patch version
(cherry picked from commit 427ff52d902412975c73e69971b33ec797458929)
* bump some more apps
* Fix authelia mistake
* add SCALE support for statefullset storageclass
* add phpldapadmin
* ad pgadmin and tweak phpldapdamin
* move them directly into stable
* some small patches
* pgadmin uses port 80 by default not 8080
* fix tags
* try 8080 again
* 80 with env vars
* try something else
* update readme
* add tooling to automate kah->truecharts porting somewhat
* small tweak for tooling
* another small tooling fix
* some more tweaking to the tooling
* initial temporary output
* process and output fixes
* More chart.yaml fixes
* pushing more fixes
* small fixes
* some little fixes
* another fix catched
* regenerate docs
* some more cleaning/tweaking
* remove more prometheus related Apps for now
* processing questions.yaml up to hyperion-ng
* questions.yaml till owncloud-ocis
* Finish questions.yaml setup and polish
* fix some deconz indent issues
* no message
* fix healtchecks questions.yaml
* another fix
* ser2sock fix
* move apps to normal trains
* chore(deps): update helm chart common to v6.3.1
* Fix KMS and Unifi
* try a collabora fix
* Temporarily disable nzbget probes waiting for next common
* try if firefly-iii wants https
* Fix a linting error on nzbget and path issues with jackett/prototypeGUI also disable for podgrab for now (just like NZBget, till next common)
* try polling the login path for firefly
* fireflyiii back to http
* APP_KEY typo and useless security context
* again
* fireflyiii fix broken db setup
Co-authored-by: Renovate Bot <bot@renovateapp.com>
* chore(deps): update helm chart common to v6
* Adapt persistence to new GUI
* Adapt additional storage GUI to new storage system
* Adapt values.yaml accordingly
* Move transmission settings to env
* fix a vaultwarden linting issue
* fix firefly-iii linting issues
* Use forceName to force a specific name for the DB PVC
* add force name to questions.yaml as well
* use newest common version
* try fixing db-linking issues on vaultwarden
* add deviceList option to zwave2mqtt
* Fixup the deviceList for all Apps
* fix linting error
* Fix more transmission issues
Co-authored-by: Renovate Bot <bot@renovateapp.com>
* Adapt labels for current GUI elements
* Add an extra place to dump App configuration
* Add Controller section
* Fix networking references/grouping
* add externalInterfaces
* Add some sane initial resource limits/requests
* Fixup KMS
* increase minor versions
* Do not use caps for deployment
* fix deployment type default
* increase prototypeGUI version accordingly just in case
* increase prototype GUI common version
* no message
* add test for discovery port/service
* add discovery service and port to questions.yaml
* fix questions.yaml not enabling ports on Syncthing
* Increase syncthing version number
* fix serviceports not being enabled on all other apps too.
* fix a small unrelated UI glitch/bug related to hostPathMounts
* bump patch versions for other apps
* adapt docs accordingly
* fix nzbget httpGet probe (or at least try to)
* allow the use of emptyDir for hostPathMount
* increase common version for all Apps
* Hide emptyDir subquestions when disabled
* fix podgrab and appdaemon
* some naming tweaks
* first work for allowing ramdisk usage
* add bump tooling.
Fixes: #157
* bump minor versions due to adding ramdisk emptydir to persistence
* allow disabling persistent storage
* actually push major as it is breaking in theory
* cleanup hpm example code
* Allow custom storageClass and fix bug using the wrong storageClass
* try fixing gabs
* cleanup
* update tests
* revert some permission job changes
* reverse some of the 3.0 common incompatible bitwarden changes
Squashed commit:
[a2bbe555] Update docs for services and groups
[f04d91cf] don't require loadbalancer ip settings
[188d40c0] fix typo
[50735ac0] fix description on persistent storage, fix port names on websockets
[42303b07] Refactor services part4
[9486e401] Refactor services part3
[2a0eb1a7] default ClusterIP on websocket (zwave)
[43a1ca1b] Refactor services part2
[a80ee6b3] Refactor services part1
[b561be7e] Remove securityContext and podSecurityContext from apps with PGID/PUID
[0ad14db2] move UMASK, PGID. PUID to env
[3ab8bc1d] Rename environmentVariables to envList and environmentVariable to envItem
[58b533af] Move securityContext to Security group
[8baefb23] Move podSecurityContext to Security group
[dcbf92ae] Rename reverse proxy to ingress
[4a72f6c2] Remove ingress for now
[9c3dac85] Refactor groups
remove common references to the addons (we don't use them yet) (+23 squashed commit)
Squashed commit:
[042fc006] try slight modification to testing framework
[6955bdad] another small qbittorrent fix
[30af6b78] fix one bitwarden error (anotherone left
[ac54db9f] enable firefly port
[a9e58eca] push qbittorrent fix
[99840038] fixed transmission
[ffe8a49e] template all the things...
[26c7b4d1] this should just work (tm)
[fcacae4c] try a transmission fix
[8d21bd91] merge unittests and app tests to limit amount of running jobs
[343ba579] more services polish
[c133342f] some small fixes
[5979e653] fix some port references
[15a1defa] oops
[2458d7e9] increase common version again
[7f74f1cf] change way ports are handled
[73c479cb] fix services naming scheme
[501aeffc] update common version again
[726954b0] fix emptydir reference for tests
[66774955] pump major versions
[6fa711d1] update common-version for all
[671a7b31] PUID and PGID changes for automated tests (non-gui changes)
[3dc21053] hostpathmounts and gpu changes