remove allow scripts

build.sh

@@ -12,7 +12,7 @@
 # Eclipse Foundation. All other trademarks are the property of their respective owners.
 #
 
-helm plugin install --version "0.2.11" https://github.com/quintush/helm-unittest
+helm plugin install https://github.com/quintush/helm-unittest
 
 set -e
 

nexus-repository-manager/Chart.yaml

@@ -3,10 +3,10 @@ name: nexus-repository-manager
 
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
-version: 54.1.0
+version: 49.0.0
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application.
-appVersion: 3.54.1
+appVersion: 3.49.0
 
 description: Sonatype Nexus Repository Manager - Universal Binary repository
 

nexus-repository-manager/values.yaml

@@ -6,7 +6,7 @@ deploymentStrategy: Recreate
 image:
   # Sonatype Official Public Image
   repository: sonatype/nexus3
-  tag: 3.54.1
+  tag: 3.49.0
   pullPolicy: IfNotPresent
 imagePullSecrets:
 # for image registries that require login, specify the name of the existing
@@ -35,7 +35,6 @@ nexus:
   properties:
     override: false
     data:
-      nexus.scripts.allowCreation: true
       # See this article for ldap configuratioon options https://support.sonatype.com/hc/en-us/articles/216597138-Setting-Advanced-LDAP-Connection-Properties-in-Nexus-Repository-Manager
       # nexus.ldap.env.java.naming.security.authentication: simple
   # nodeSelector:

nxrm-aws-resiliency/Chart.yaml

@@ -15,13 +15,13 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 54.1.0
+version: 49.0.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
 # It is recommended to use it with quotes.
-appVersion: 3.54.1
+appVersion: 3.49.0
 
 keywords:
   - artifacts

nxrm-aws-resiliency/templates/external-dns-rbac.yml

@@ -1,4 +1,4 @@
-{{- if .Values.externaldns.enabled }}
+# comment out sa if it was previously created
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
@@ -64,4 +64,3 @@ spec:
           env:
             - name: AWS_DEFAULT_REGION
               value: {{ .Values.deployment.clusterRegion }}
-{{- end }}

nxrm-aws-resiliency/templates/fluent-bit.yaml

@@ -1,4 +1,3 @@
-{{- if .Values.fluentbit.enabled -}}
 apiVersion: v1
 kind: ServiceAccount
 metadata:
@@ -78,7 +77,7 @@ data:
     [INPUT]
         Name                tail
         Tag                 nexus.nexus-log
-        Path                /var/log/containers/{{ .Chart.Name }}-{{ .Chart.Version }}.{{ .Release.Name }}-{{ .Values.deployment.name }}*{{ .Values.namespaces.nexusNs }}_nxrm-app-*.log
+        Path                /var/log/containers/{{ .Chart.Name }}-{{ .Chart.Version }}.{{ .Release.Name }}-nxrm.deployment*{{ .Values.namespaces.nexusNs }}_nxrm-app-*.log
         Parser              docker
         DB                  /var/fluent-bit/state/flb_container.db
         Mem_Buf_Limit       5MB
@@ -113,7 +112,7 @@ data:
     [INPUT]
         Name                tail
         Tag                 nexus.request-log
-        Path                /var/log/containers/{{ .Chart.Name }}-{{ .Chart.Version }}.{{ .Release.Name }}-{{ .Values.deployment.name }}*{{ .Values.namespaces.nexusNs }}_request-log-*.log
+        Path                /var/log/containers/{{ .Chart.Name }}-{{ .Chart.Version }}.{{ .Release.Name }}-nxrm.deployment*{{ .Values.namespaces.nexusNs }}_request-log-*.log
         Parser              docker
         DB                  /var/fluent-bit/state/flb_container.db
         Mem_Buf_Limit       5MB
@@ -148,7 +147,7 @@ data:
     [INPUT]
         Name                tail
         Tag                 nexus.audit-log
-        Path                /var/log/containers/{{ .Chart.Name }}-{{ .Chart.Version }}.{{ .Release.Name }}-{{ .Values.deployment.name }}*{{ .Values.namespaces.nexusNs }}_audit-log-*.log
+        Path                /var/log/containers/{{ .Chart.Name }}-{{ .Chart.Version }}.{{ .Release.Name }}-nxrm.deployment*{{ .Values.namespaces.nexusNs }}_audit-log-*.log
         Parser              docker
         DB                  /var/fluent-bit/state/flb_container.db
         Mem_Buf_Limit       5MB
@@ -183,7 +182,7 @@ data:
     [INPUT]
         Name                tail
         Tag                 nexus.tasks-log
-        Path                /var/log/containers/{{ .Chart.Name }}-{{ .Chart.Version }}.{{ .Release.Name }}-{{ .Values.deployment.name }}*{{ .Values.namespaces.nexusNs }}_tasks-log-*.log
+        Path                /var/log/containers/{{ .Chart.Name }}-{{ .Chart.Version }}.{{ .Release.Name }}-nxrm.deployment*{{ .Values.namespaces.nexusNs }}_tasks-log-*.log
         Parser              docker
         DB                  /var/fluent-bit/state/flb_container.db
         Mem_Buf_Limit       5MB
@@ -359,4 +358,3 @@ spec:
           effect: "NoExecute"
         - operator: "Exists"
           effect: "NoSchedule"
-{{- end }}

nxrm-aws-resiliency/templates/ingress.yaml

@@ -24,7 +24,6 @@ spec:
                 port:
                   number: {{ .Values.service.nexus.port }}
 ---
-{{- if .Values.ingress.dockerIngress.enabled -}}
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
@@ -50,4 +49,3 @@ spec:
                 name: {{ .Chart.Name }}-docker-service
                 port:
                   number: {{ .Values.service.docker.port }}
-{{- end }}

nxrm-aws-resiliency/templates/namespaces.yaml

@@ -3,16 +3,13 @@ kind: Namespace
 metadata:
   name: {{ .Values.namespaces.nexusNs }}
 ---
-{{- if .Values.fluentbit.enabled }}
 apiVersion: v1
 kind: Namespace
 metadata:
   name: {{ .Values.namespaces.cloudwatchNs }}
-{{- end }}
 ---
-{{- if .Values.externaldns.enabled }}
 apiVersion: v1
 kind: Namespace
 metadata:
   name: {{ .Values.namespaces.externaldnsNs }}
-{{- end }}
+---

nxrm-aws-resiliency/templates/serviceaccount.yaml

@@ -6,7 +6,6 @@ metadata:
   annotations:
     eks.amazonaws.com/role-arn: {{ .Values.serviceAccount.role }}
 ---
-{{- if .Values.externaldns.enabled }}
 apiVersion: v1
 kind: ServiceAccount
 metadata:
@@ -14,4 +13,4 @@ metadata:
   namespace: {{ .Values.namespaces.externaldnsNs }}
   annotations:
     eks.amazonaws.com/role-arn: {{ .Values.serviceAccount.externaldns.role }}
-{{- end }}
+---

nxrm-aws-resiliency/templates/services.yaml

@@ -14,7 +14,6 @@ spec:
       port: {{ .Values.service.nexus.port }}
       targetPort: {{ .Values.service.nexus.targetPort }}
 ---
-{{- if .Values.service.docker.enabled -}}
 apiVersion: v1
 kind: Service
 metadata:
@@ -31,4 +30,3 @@ spec:
       protocol: {{ .Values.service.docker.protocol }}
       port: {{ .Values.service.docker.port }}
       targetPort: {{ .Values.service.docker.targetPort }}
-{{- end }}

nxrm-aws-resiliency/values.yaml

@@ -4,11 +4,8 @@ namespaces:
   cloudwatchNs: amazon-cloudwatch
   externaldnsNs: nexus-externaldns
 externaldns:
-  enabled: false
   domainFilter: example.com #your root domain e.g example.com
   awsZoneType: private # hosted zone to look at (valid values are public, private or no value for both)
-fluentbit:
-  enabled: false
 deployment:
   clusterRegion: us-east-1
   name: nxrm.deployment
@@ -57,8 +54,7 @@ ingress:
     alb.ingress.kubernetes.io/subnets: subnet-1,subnet-2 #comma separated list of subnet ids
     #alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS":443}]' uncomment for https
     #alb.ingress.kubernetes.io/certificate-arn: arn:aws:acm:us-east-1:0000000000000:certificate/00000000-1111-2222-3333-444444444444  # Uncomment for https. The AWS Certificate Manager ARN for your HTTPS certificate    
-  dockerIngress: #Ingress for Docker Connector - comment out if you don't use docker repositories
-    enabled: false
+  dockerIngress:  #Ingress for Docker Connector - comment out if you don't use docker repositories
     annotations:
       kubernetes.io/ingress.class: alb # comment out if you don't use docker repositories
       alb.ingress.kubernetes.io/scheme: internal # scheme comment out if you don't use docker repositories
@@ -80,28 +76,27 @@ pv:
   reclaimPolicy: Retain
   path: /nexus-repo-mgr-work-dir/work
   zones:
-    zone1: us-east-1a
-    zone2: us-east-1b
+    - us-east-1a
+    - us-east-1b
 pvc:
   accessModes: ReadWriteOnce
   storage: 100Gi
 
-service: #Nexus Repo NodePort Service
+service:  #Nexus Repo NodePort Service
   nexus:
-    type: NodePort
-    protocol: TCP
-    port: 80
-    targetPort: 8081
-  docker: #Nodeport Service for Docker Service
-    enabled: false
-    type: NodePort
-    protocol: TCP
-    port: 9090
-    targetPort: 8081
+   type: NodePort
+   protocol: TCP
+   port: 80
+   targetPort: 8081
+  docker:  #Nodeport Service for Docker Service
+   type: NodePort
+   protocol: TCP
+   port: 9090
+   targetPort: 8081
 secret:
   license:
-    arn: arn:aws:secretsmanager:us-east-1:000000000000:secret:nxrm-nexus-license
-    alias: nxrm-license.lic
+   arn: arn:aws:secretsmanager:us-east-1:000000000000:secret:nxrm-nexus-license
+   alias: nxrm-license.lic
   rds:
     arn: arn:aws:secretsmanager:us-east-1:000000000000:secret:nxrmrds-cred-nexus
   adminpassword: