chore(release): 1.1.0 [skip ci]

# [1.1.0](https://gitlab.souvap-univention.de/souvap/tooling/charts/sovereign-workplace-jitsi/compare/v1.0.1...v1.1.0) (2023-07-19) ### Features * **sovereign-workplace-jitsi:** Add JVB advertising job ([4a43f4c9](https://gitlab.souvap-univention.de/souvap/tooling/charts/sovereign-workplace-jitsi/commit/4a43f4c96fa0aaf98a0ecbfa2fa5ee6c83d68c74))

chore(release): 1.1.0 [skip ci]
9a0cfd0a · semantic-release-bot · 4a43f4c9 · 9a0cfd0a · 9a0cfd0a · 9a0cfd0a
Commit 9a0cfd0a authored 1 year ago by semantic-release-bot
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
+# [1.1.0](https://gitlab.souvap-univention.de/souvap/tooling/charts/sovereign-workplace-jitsi/compare/v1.0.1...v1.1.0) (2023-07-19)
+### Features
+* **sovereign-workplace-jitsi:** Add JVB advertising job ([4a43f4c](https://gitlab.souvap-univention.de/souvap/tooling/charts/sovereign-workplace-jitsi/commit/4a43f4c96fa0aaf98a0ecbfa2fa5ee6c83d68c74))
 ## [1.0.1](https://gitlab.souvap-univention.de/souvap/tooling/charts/sovereign-workplace-jitsi/compare/v1.0.0...v1.0.1) (2023-07-11)

--- a/charts/sovereign-workplace-jitsi/Chart.yaml
+++ b/charts/sovereign-workplace-jitsi/Chart.yaml
@@ -20,5 +20,5 @@ keywords:
  - "networking"
 name: "sovereign-workplace-jitsi"
 type: "application"
-version: "1.0.1"
+version: "1.1.0"
 ...
--- a/charts/sovereign-workplace-jitsi/README.md
+++ b/charts/sovereign-workplace-jitsi/README.md
@@ -26,9 +26,23 @@ helm install my-release sovereign-workplace-jitsi/sovereign-workplace-jitsi
 | Key | Type | Default | Description |
 |-----|------|---------|-------------|
+| affinity | object | `{}` | Affinity for pod assignment Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity Note: podAffinityPreset, podAntiAffinityPreset, and  nodeAffinityPreset will be ignored when it's set |
+| cleanup.deletePodsOnSuccess | bool | `true` | Keep Pods/Job logs after successful run. |
+| cleanup.keepPVCOnDelete | bool | `false` | Keep persistence on delete of this release. |
+| containerSecurityContext.allowPrivilegeEscalation | bool | `false` | Enable container privileged escalation. |
+| containerSecurityContext.enabled | bool | `true` | Enable security context. |
+| containerSecurityContext.readOnlyRootFilesystem | bool | `true` | Mounts the container's root filesystem as read-only. |
+| extraEnvVars | list | `[]` | Array with extra environment variables to add to containers.  extraEnvVars:   - name: FOO     value: "bar"  |
+| fullnameOverride | string | `""` | Provide a name to substitute for the full names of resources. |
 | global.domain | string | `"souvap-univention.de"` | The Top-Level-Domain (TLD) name which is used in f.e. in Ingress component. |
 | global.hosts.keycloak | string | `"id"` | Subdomain for Keycloak, results in "https://{{ keycloak }}.{{ domain }}". |
 | global.imagePullSecrets | list | `[]` | Credentials to fetch images from private registry Ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/  imagePullSecrets:   - "docker-registry"  |
+| global.registry | string | `"docker.io"` | Container registry address. |
+| image.imagePullPolicy | string | `"IfNotPresent"` | Define an ImagePullPolicy.  Ref.: https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy  "IfNotPresent" => The image is pulled only if it is not already present locally. "Always" => Every time the kubelet launches a container, the kubelet queries the container image registry to             resolve the name to an image digest. If the kubelet has a container image with that exact digest cached             locally, the kubelet uses its cached image; otherwise, the kubelet pulls the image with the resolved             digest, and uses that image to launch the container. "Never" => The kubelet does not try fetching the image. If the image is somehow already present locally, the            kubelet attempts to start the container; otherwise, startup fails  |
+| image.registry | string | `"ghcr.io"` | Container registry address. This setting has higher precedence than global.registry. |
+| image.repository | string | `"nordeck/jitsi-keycloak-adapter"` | Container repository string. |
+| image.tag | string | `"v20230425"` | Define image tag. |
+| imagePullSecrets | list | `[]` | Credentials to fetch images from private registry Ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/  imagePullSecrets:   - "docker-registry"  |
 | jitsi.enableAuth | bool | `true` |  |
 | jitsi.enableGuests | bool | `true` |  |
 | jitsi.extraCommonEnvs.ADAPTER_INTERNAL_URL | string | `"http://jitsi-keycloak-adapter:9000"` |  |
@@ -44,7 +58,9 @@ helm install my-release sovereign-workplace-jitsi/sovereign-workplace-jitsi
 | jitsi.jvb.image.pullPolicy | string | `"IfNotPresent"` |  |
 | jitsi.jvb.image.tag | string | `"stable-8615"` |  |
 | jitsi.jvb.replicaCount | int | `2` |  |
+| jitsi.jvb.service.enabled | bool | `true` |  |
 | jitsi.jvb.service.externalTrafficPolicy | string | `""` |  |
+| jitsi.jvb.service.type | string | `"LoadBalancer"` |  |
 | jitsi.prosody.extraEnvs[0].name | string | `"AUTH_TYPE"` |  |
 | jitsi.prosody.extraEnvs[0].value | string | `"jwt"` |  |
 | jitsi.prosody.image.pullPolicy | string | `"IfNotPresent"` |  |
@@ -93,21 +109,55 @@ helm install my-release sovereign-workplace-jitsi/sovereign-workplace-jitsi
 | jitsi.web.replicaCount | int | `1` |  |
 | jitsi.websockets.colibri.enabled | bool | `false` |  |
 | jitsi.websockets.xmpp.enabled | bool | `false` |  |
-| keycloakAdapter.enabled | bool | `true` | Enable keycloak adapter. |
+| lifecycleHooks | object | `{}` | Lifecycle to automate configuration before or after startup |
-| keycloakAdapter.image.pullPolicy | string | `"IfNotPresent"` |  |
+| nameOverride | string | `""` | String to partially override release name. |
-| keycloakAdapter.image.repository | string | `"ghcr.io/nordeck/jitsi-keycloak-adapter"` |  |
+| nodeSelector | object | `{}` | Node labels for pod assignment Ref: https://kubernetes.io/docs/user-guide/node-selection/ |
-| keycloakAdapter.image.tag | string | `"v20230425"` |  |
+| patchJVB.containerSecurityContext.allowPrivilegeEscalation | bool | `false` | Enable container privileged escalation. |
-| keycloakAdapter.service.port | int | `9000` |  |
+| patchJVB.containerSecurityContext.enabled | bool | `true` | Enable security context. |
-| keycloakAdapter.service.type | string | `"ClusterIP"` |  |
+| patchJVB.containerSecurityContext.readOnlyRootFilesystem | bool | `true` | Mounts the container's root filesystem as read-only. |
-| keycloakAdapter.settings.allowUnsecureCert | string | `"false"` | Set true if Keycloak has not a trusted certificate. For the production environment, Keycloak should have a trusted certificate and this value should be false. |
+| patchJVB.enabled | bool | `true` | Enable post deployment advertisement for LoadBalancer IP or NodePort port to JVB. |
-| keycloakAdapter.settings.internalHostname | string | `"0.0.0.0"` |  |
+| patchJVB.image.imagePullPolicy | string | `"IfNotPresent"` | Define an ImagePullPolicy.  Ref.: https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy  "IfNotPresent" => The image is pulled only if it is not already present locally. "Always" => Every time the kubelet launches a container, the kubelet queries the container image registry to             resolve the name to an image digest. If the kubelet has a container image with that exact digest cached             locally, the kubelet uses its cached image; otherwise, the kubelet pulls the image with the resolved             digest, and uses that image to launch the container. "Never" => The kubelet does not try fetching the image. If the image is somehow already present locally, the            kubelet attempts to start the container; otherwise, startup fails  |
-| keycloakAdapter.settings.jwtAlg | string | `"HS256"` |  |
+| patchJVB.image.registry | string | `""` | Container registry address. This setting has higher precedence than global.registry. |
-| keycloakAdapter.settings.jwtAppId | string | `"test"` |  |
+| patchJVB.image.repository | string | `"bitnami/kubectl"` | Container repository string. |
-| keycloakAdapter.settings.jwtAppSecret | string | `"test"` |  |
+| patchJVB.image.tag | string | `"1.26.6"` | Define image tag. |
-| keycloakAdapter.settings.jwtExpSecond | string | `"3600"` |  |
+| patchJVB.imagePullSecrets | list | `[]` | Credentials to fetch images from private registry Ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/  imagePullSecrets:   - "docker-registry"  |
-| keycloakAdapter.settings.jwtHash | string | `"SHA-256"` |  |
+| patchJVB.podSecurityContext.enabled | bool | `false` | Enable security context. |
-| keycloakAdapter.settings.keycloakClientId | string | `"jitsi"` | Configured client id in keycloak. |
+| patchJVB.resources.limits.cpu | string | `"100m"` | The max amount of CPUs to consume. |
-| keycloakAdapter.settings.keycloakRealm | string | `"souvap"` | Keycloak realm name. |
+| patchJVB.resources.limits.memory | string | `"128Mi"` | The max amount of RAM to consume. |
+| patchJVB.resources.requests.cpu | string | `"10m"` | The amount of CPUs which has to be available on the scheduled node. |
+| patchJVB.resources.requests.memory | string | `"16Mi"` | The amount of RAM which has to be available on the scheduled node. |
+| podAnnotations | object | `{}` | Pod Annotations. Ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ |
+| podLabels | object | `{}` | Pod Labels. Ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ |
+| podSecurityContext.enabled | bool | `false` | Enable security context. |
+| rbac.create | bool | `true` | Enable RBAC Role and RoleBinding creation. |
+| replicaCount | int | `1` | Set the amount of replicas of deployment. |
+| resources.limits.cpu | string | `"100m"` | The max amount of CPUs to consume. |
+| resources.limits.memory | string | `"128Mi"` | The max amount of RAM to consume. |
+| resources.requests.cpu | string | `"10m"` | The amount of CPUs which has to be available on the scheduled node. |
+| resources.requests.memory | string | `"16Mi"` | The amount of RAM which has to be available on the scheduled node. |
+| service.annotations | object | `{}` | Additional custom annotations |
+| service.enabled | bool | `true` | Enable kubernetes service creation. |
+| service.ports.adapter.containerPort | int | `9000` | Internal port for keycloak adapter. |
+| service.ports.adapter.port | int | `9000` | Accessible port for keycloak adapter. |
+| service.ports.adapter.protocol | string | `"TCP"` | Keycloak adapter service protocol. |
+| service.type | string | `"ClusterIP"` | Choose the kind of Service, one of "ClusterIP", "NodePort" or "LoadBalancer". |
+| serviceAccount.annotations | object | `{}` | Additional custom annotations for the ServiceAccount. |
+| serviceAccount.automountServiceAccountToken | bool | `true` | Allows auto mount of ServiceAccountToken on the serviceAccount created. Can be set to false if pods using this serviceAccount do not need to use K8s API. |
+| serviceAccount.create | bool | `true` | Enable creation of ServiceAccount for pod. |
+| serviceAccount.labels | object | `{}` | Additional custom labels for the ServiceAccount. |
+| settings.allowUnsecureCert | string | `"false"` | Set true if Keycloak has not a trusted certificate. For the production environment, Keycloak should have a trusted certificate and this value should be false. |
+| settings.internalHostname | string | `"0.0.0.0"` |  |
+| settings.jwtAlg | string | `"HS256"` |  |
+| settings.jwtAppId | string | `"myappid"` |  |
+| settings.jwtAppSecret | string | `""` |  |
+| settings.jwtExpSecond | string | `"3600"` |  |
+| settings.jwtHash | string | `"SHA-256"` |  |
+| settings.keycloakClientId | string | `"jitsi"` | Configured client id in keycloak. |
+| settings.keycloakRealm | string | `"souvap"` | Keycloak realm name. |
+| terminationGracePeriodSeconds | string | `""` | In seconds, time the given to the pod needs to terminate gracefully. Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod/#termination-of-pods |
+| tolerations | list | `[]` | Tolerations for pod assignment Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ |
+| topologySpreadConstraints | list | `[]` | Topology spread constraints rely on node labels to identify the topology domain(s) that each Node is in Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/  topologySpreadConstraints:   - maxSkew: 1     topologyKey: failure-domain.beta.kubernetes.io/zone     whenUnsatisfiable: DoNotSchedule |
+| updateStrategy.type | string | `"RollingUpdate"` | Set to Recreate if you use persistent volume that cannot be mounted by more than one pods to make sure the pods is destroyed first. |
 ## Uninstalling the Chart