diff --git a/.github/workflows/lint-test-chart.yaml b/.github/workflows/lint-test-chart.yaml
index eb22146ebf..f0bfda6a75 100644
--- a/.github/workflows/lint-test-chart.yaml
+++ b/.github/workflows/lint-test-chart.yaml
@@ -18,6 +18,27 @@ jobs:
with:
fetch-depth: 0
+ - name: Install Helm Docs
+ uses: action-stars/install-tool-from-github-release@58e2dd20166c0eb19ab9ac4d0966c930a647ee69 # v0.2.0
+ with:
+ github_token: ${{ secrets.GITHUB_TOKEN }}
+ owner: norwoodj
+ repository: helm-docs
+ arch_amd64: x86_64
+ os_linux: Linux
+ check_command: helm-docs --version
+ version: latest
+
+ - name: Run Helm Docs check
+ run: |
+ set -euo pipefail
+ helm-docs
+ if [[ -n "$(git status --porcelain --untracked-files=no)" ]]
+ then
+ echo "Documentation not up to date. Please run helm-docs and commit changes!" >&2
+ exit 1
+ fi
+
- name: Install Artifact Hub CLI
uses: action-stars/install-tool-from-github-release@58e2dd20166c0eb19ab9ac4d0966c930a647ee69 # v0.2.0
with:
diff --git a/charts/external-dns/README.md b/charts/external-dns/README.md
index 3aa899a645..f1b8fb8681 100644
--- a/charts/external-dns/README.md
+++ b/charts/external-dns/README.md
@@ -1,6 +1,20 @@
-# ExternalDNS
+# external-dns
-[ExternalDNS](https://github.com/kubernetes-sigs/external-dns/) synchronizes exposed Kubernetes Services and Ingresses with DNS providers.
+  
+
+ExternalDNS synchronizes exposed Kubernetes Services and Ingresses with DNS providers.
+
+**Homepage:**
+
+## Maintainers
+
+| Name | Email | Url |
+| ---- | ------ | --- |
+| stevehipwell | | |
+
+## Source Code
+
+*
## Installing the Chart
@@ -13,87 +27,28 @@ helm repo add external-dns https://kubernetes-sigs.github.io/external-dns/
After you've installed the repo you can install the chart.
```shell
-helm upgrade --install external-dns external-dns/external-dns
+helm upgrade --install external-dns external-dns/external-dns --version 1.13.1
```
-## Configuration
-
-The following table lists the configurable parameters of the _ExternalDNS_ chart and their default values.
-
-| Parameter | Description | Default |
-|-----------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|---------------------------------------------|
-| `image.repository` | Image repository. | `registry.k8s.io/external-dns/external-dns` |
-| `image.tag` | Image tag, will override the default tag derived from the chart app version. | `""` |
-| `image.pullPolicy` | Image pull policy. | `IfNotPresent` |
-| `imagePullSecrets` | Image pull secrets. | `[]` |
-| `nameOverride` | Override the `name` of the chart. | `""` |
-| `fullnameOverride` | Override the `fullname` of the chart. | `""` |
-| `serviceAccount.create` | If `true`, create a new `serviceaccount`. | `true` |
-| `serviceAccount.annotations` | Annotations to add to the service account. | `{}` |
-| `serviceAccount.labels` | Labels to add to the service account. | `{}` |
-| `serviceAccount.name` | Service account to be used. If not set and `serviceAccount.create` is `true`, a name is generated using the full name template. | `""` |
-| `serviceAccount.automountServiceAccountToken` | Opt out of the [service account token automounting feature](https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#opt-out-of-api-credential-automounting) for the service account | `null` |
-| `rbac.create` | If `true`, create the RBAC resources. | `true` |
-| `rbac.additionalPermissions` | Additional permissions to be added to the cluster role. | `{}` |
-| `initContainers` | Add init containers to the pod. | `[]` |
-| `deploymentAnnotations` | Annotations to add to the Deployment. | `{}` |
-| `podLabels` | Labels to add to the pod. | `{}` |
-| `podAnnotations` | Annotations to add to the pod. | `{}` |
-| `podSecurityContext` | Security context for the pod, this supports the full [PodSecurityContext](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.22/#podsecuritycontext-v1-core) API. | _see values.yaml_ |
-| `shareProcessNamespace` | If `true` enable [Process Namespace Sharing](https://kubernetes.io/docs/tasks/configure-pod-container/share-process-namespace/) | `false` |
-| `securityContext` | Security context for the _external-dns_ container, this supports the full [SecurityContext](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.22/#securitycontext-v1-core) API. | _see values.yaml_ |
-| `priorityClassName` | Priority class name to use for the pod. | `""` |
-| `terminationGracePeriodSeconds` | Termination grace period for the pod. | `null` |
-| `serviceMonitor.enabled` | If `true`, create a _Prometheus_ service monitor. | `false` |
-| `serviceMonitor.namespace` | Forced namespace for ServiceMonitor. | `null` |
-| `serviceMonitor.annotations` | Annotations to be set on the ServiceMonitor. | `{}` |
-| `serviceMonitor.additionalLabels` | Additional labels to be set on the ServiceMonitor. | `{}` |
-| `serviceMonitor.interval` | _Prometheus_ scrape frequency. | `null` |
-| `serviceMonitor.scrapeTimeout` | _Prometheus_ scrape timeout. | `null` |
-| `serviceMonitor.scheme` | _Prometheus_ scrape scheme. | `null` |
-| `serviceMonitor.tlsConfig` | _Prometheus_ scrape tlsConfig. | `{}` |
-| `serviceMonitor.metricRelabelings` | _Prometheus_ scrape metricRelabelings. | `[]` |
-| `serviceMonitor.relabelings` | _Prometheus_ scrape relabelings. | `[]` |
-| `serviceMonitor.targetLabels` | _Prometheus_ scrape targetLabels. | `[]` |
-| `env` | [Environment variables](https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/) for the _external-dns_ container, this supports the full [EnvVar](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.22/#envvar-v1-core) API including secrets and configmaps. | `[]` |
-| `livenessProbe` | [Liveness probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/) for the _external-dns_ container, this supports the full [Probe](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.22/#probe-v1-core) API. | See _values.yaml_ |
-| `readinessProbe` | [Readiness probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/) for the _external-dns_ container, this supports the full [Probe](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.22/#probe-v1-core) API. | See _values.yaml_ |
-| `service.annotations` | Annotations to add to the service. | `{}` |
-| `service.port` | Port to expose via the service. | `7979` |
-| `extraVolumes` | Additional volumes for the pod, this supports the full [VolumeDevice](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.22/#volumedevice-v1-core) API. | `[]` |
-| `extraVolumeMounts` | Additional volume mounts for the _external-dns_ container, this supports the full [VolumeMount](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.22/#volumemount-v1-core) API. | `[]` |
-| `resources` | Resource requests and limits for the _external-dns_ container, this supports the full [ResourceRequirements](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.22/#resourcerequirements-v1-core) API. | `{}` |
-| `nodeSelector` | Node labels for pod assignment. | `{}` |
-| `tolerations` | Tolerations for pod assignment, this supports the full [Toleration](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.22/#toleration-v1-core) API. | `[]` |
-| `affinity` | Affinity settings for pod assignment, this supports the full [Affinity](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.22/#affinity-v1-core) API. | `{}` |
-| `topologySpreadConstraints` | TopologySpreadConstraint settings for pod assignment, this supports the full [TopologySpreadConstraints](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.22/#topologyspreadconstraint-v1-core) API. | `[]` |
-| `logLevel` | Verbosity of the logs, available values are: `panic`, `debug`, `info`, `warning`, `error`, `fatal`. | `info` |
-| `logFormat` | Formats of the logs, available values are: `text`, `json`. | `text` |
-| `interval` | The interval for DNS updates. | `1m` |
-| `triggerLoopOnEvent` | When enabled, triggers run loop on create/update/delete events in addition of regular interval. | `false` |
-| `namespaced` | When enabled, external-dns runs on namespace scope. Additionally, Role and Rolebinding will be namespaced, too. | `false` |
-| `sources` | K8s resources type to be observed for new DNS entries. | See _values.yaml_ |
-| `policy` | How DNS records are synchronized between sources and providers, available values are: `sync`, `upsert-only`. | `upsert-only` |
-| `registry` | Registry Type, available types are: `txt`, `noop`. | `txt` |
-| `txtOwnerId` | TXT registry identifier. | `""` |
-| `txtPrefix` | Prefix to create a TXT record with a name following the pattern `prefix.`. | `""` |
-| `domainFilters` | Limit possible target zones by domain suffixes. | `[]` |
-| `provider` | DNS provider where the DNS records will be created, for the available providers and how to configure them see the [README](https://github.com/kubernetes-sigs/external-dns#deploying-to-a-cluster) (this can be templated). | `aws` |
-| `extraArgs` | Extra arguments to pass to the _external-dns_ container, these are needed for provider specific arguments (these can be templated). | `[]` |
-| `deploymentStrategy` | .spec.strategy of the external-dns Deployment. Defaults to 'Recreate' since multiple external-dns pods may conflict with each other. | `{type: Recreate}` |
-| `secretConfiguration.enabled` | Enable additional secret configuration. | `false` |
-| `secretConfiguration.mountPath` | Mount path of secret configuration secret (this can be templated). | `""` |
-| `secretConfiguration.data` | Secret configuration secret data. Could be used to store DNS provider credentials. | `{}` |
-| `secretConfiguration.subPath` | Sub-path of secret configuration secret (this can be templated). | `""` |
-| `automountServiceAccountToken` | Opt out of the [service account token automounting feature](https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#opt-out-of-api-credential-automounting) for the pod | `null` |
-| `revisionHistoryLimit` | Optional field that specifies the number of old ReplicaSets to retain to allow rollback with the Deployment. | `null` |
-
-## Namespaced scoped installation
+## Providers
+
+Configuring the _ExternalDNS_ provider should be done via the `provider.name` value with provider specific configuration being set via the
+`provider..` values, where supported, and the `extraArgs` value. For legacy support `provider` can be set to the name of the
+provider with all additional configuration being set via the `extraArgs` value.
+
+### Providers with Specific Configuration Support
+
+| Provider | Supported |
+|------------------------|------------|
+| `webhook` | ❌ |
+
+## Namespaced Scoped Installation
external-dns supports running on a namespaced only scope, too.
If `namespaced=true` is defined, the helm chart will setup `Roles` and `RoleBindings` instead `ClusterRoles` and `ClusterRoleBindings`.
-### Limited supported
+### Limited Supported
+
Not all sources are supported in namespaced scope, since some sources depends on cluster-wide resources.
For example: Source `node` isn't supported, since `kind: Node` has scope `Cluster`.
Sources like `istio-virtualservice` only work, if all resources like `Gateway` and `VirtualService` are present in the same
@@ -101,12 +56,12 @@ namespaces as `external-dns`.
The annotation `external-dns.alpha.kubernetes.io/endpoints-type: NodeExternalIP` is not supported.
-If `namespaced` is set to `true`, please ensure that `sources` my only contains supported sources (Default: `service,ingress`.
+If `namespaced` is set to `true`, please ensure that `sources` my only contains supported sources (Default: `service,ingress`).
-### Support matrix
+### Support Matrix
-| Source | Supported | Infos |
-|------------------------|-----------|------------------------|
+| Source | Supported | Infos |
+|------------------------|------------|------------------------|
| `ingress` | ✅ | |
| `istio-gateway` | ✅ | |
| `istio-virtualservice` | ✅ | |
@@ -116,6 +71,84 @@ If `namespaced` is set to `true`, please ensure that `sources` my only contains
| `skipper-routegroup` | ✅ | |
| `gloo-proxy` | ✅ | |
| `contour-httpproxy` | ✅ | |
-| `service` | ⚠️️ | NodePort not supported |
+| `service` | ⚠️️ | NodePort not supported |
| `node` | ❌ | |
| `pod` | ❌ | |
+
+## Values
+
+| Key | Type | Default | Description |
+|-----|------|---------|-------------|
+| affinity | object | `{}` | Affinity settings for `Pod` [scheduling](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/). If an explicit label selector is not provided for pod affinity or pod anti-affinity one will be created from the pod selector labels. |
+| automountServiceAccountToken | bool | `nil` | Set this to `false` to [opt out of API credential automounting](https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#opt-out-of-api-credential-automounting) for the `Pod`. |
+| commonLabels | object | `{}` | Labels to add to all chart resources. |
+| deploymentAnnotations | object | `{}` | Annotations to add to the `Deployment`. |
+| deploymentStrategy | object | `{"type":"Recreate"}` | [Deployment Strategy](https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy). |
+| dnsPolicy | string | `nil` | [DNS policy](https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-s-dns-policy) for the pod, if not set the default will be used. |
+| domainFilters | list | `[]` | |
+| env | list | `[]` | [Environment variables](https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/) for the `external-dns` container. |
+| extraArgs | list | `[]` | Extra arguments to provide to _ExternalDNS_. |
+| extraVolumeMounts | list | `[]` | Extra [volume mounts](https://kubernetes.io/docs/concepts/storage/volumes/) for the `external-dns` container. |
+| extraVolumes | list | `[]` | Extra [volumes](https://kubernetes.io/docs/concepts/storage/volumes/) for the `Pod`. |
+| fullnameOverride | string | `nil` | Override the full name of the chart. |
+| image.pullPolicy | string | `"IfNotPresent"` | Image pull policy for the `external-dns` container. |
+| image.repository | string | `"registry.k8s.io/external-dns/external-dns"` | Image repository for the `external-dns` container. |
+| image.tag | string | `nil` | Image tag for the `external-dns` container, this will default to `.Chart.AppVersion` if not set. |
+| imagePullSecrets | list | `[]` | Image pull secrets. |
+| initContainers | list | `[]` | [Init containers](https://kubernetes.io/docs/concepts/workloads/pods/init-containers/) to add to the `Pod` definition. |
+| interval | string | `"1m"` | Interval for DNS updates. |
+| livenessProbe | object | See _values.yaml_ | [Liveness probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/) configuration for the `external-dns` container. |
+| logFormat | string | `"text"` | Log format. |
+| logLevel | string | `"info"` | Log level. |
+| nameOverride | string | `nil` | Override the name of the chart. |
+| namespaced | bool | `false` | if `true`, _ExternalDNS_ will run in a namespaced scope (`Role`` and `Rolebinding`` will be namespaced too). |
+| nodeSelector | object | `{}` | Node labels to match for `Pod` [scheduling](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/). |
+| podAnnotations | object | `{}` | Annotations to add to the `Pod`. |
+| podLabels | object | `{}` | Labels to add to the `Pod`. |
+| podSecurityContext | object | See _values.yaml_ | [Pod security context](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.22/#podsecuritycontext-v1-core), this supports full customisation. |
+| policy | string | `"upsert-only"` | How DNS records are synchronized between sources and providers; available values are `sync` & `upsert-only`. |
+| priorityClassName | string | `nil` | Priority class name for the `Pod`. |
+| provider.name | string | `"aws"` | _ExternalDNS_ provider name; for the available providers and how to configure them see the [README](https://github.com/kubernetes-sigs/external-dns#deploying-to-a-cluster). |
+| rbac.additionalPermissions | list | `[]` | Additional rules to add to the `ClusterRole`. |
+| rbac.create | bool | `true` | If `true`, create a `ClusterRole` & `ClusterRoleBinding` with access to the Kubernetes API. |
+| readinessProbe | object | See _values.yaml_ | Readiness probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/) configuration for the `external-dns` container. |
+| registry | string | `"txt"` | Specify the registry for storing ownership and labels. Valid values are `txt`, `aws-sd`, `dynamodb` & `noop`. |
+| resources | object | `{}` | [Resources](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) for the `external-dns` container. |
+| revisionHistoryLimit | int | `nil` | Specify the number of old `ReplicaSets` to retain to allow rollback of the `Deployment``. |
+| secretConfiguration.data | object | `{}` | `Secret` data. |
+| secretConfiguration.enabled | bool | `false` | If `true`, create a `Secret` to store sensitive provider configuration. |
+| secretConfiguration.mountPath | string | `nil` | Mount path for the `Secret`, this can be templated. |
+| secretConfiguration.subPath | string | `nil` | Sub-path for mounting the `Secret`, this can be templated. |
+| securityContext | object | See _values.yaml_ | [Security context](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.22/#securitycontext-v1-core) for the `external-dns` container. |
+| service.annotations | object | `{}` | Service annotations. |
+| service.port | int | `7979` | Service HTTP port. |
+| serviceAccount.annotations | object | `{}` | Annotations to add to the service account. |
+| serviceAccount.automountServiceAccountToken | string | `nil` | Set this to `false` to [opt out of API credential automounting](https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#opt-out-of-api-credential-automounting) for the `ServiceAccount`. |
+| serviceAccount.create | bool | `true` | If `true`, create a new `ServiceAccount`. |
+| serviceAccount.labels | object | `{}` | Labels to add to the service account. |
+| serviceAccount.name | string | `nil` | If this is set and `serviceAccount.create` is `true` this will be used for the created `ServiceAccount` name, if set and `serviceAccount.create` is `false` then this will define an existing `ServiceAccount` to use. |
+| serviceMonitor.additionalLabels | object | `{}` | Additional labels for the `ServiceMonitor`. |
+| serviceMonitor.annotations | object | `{}` | Annotations to add to the `ServiceMonitor`. |
+| serviceMonitor.bearerTokenFile | string | `nil` | Provide a bearer token file for the `ServiceMonitor`. |
+| serviceMonitor.enabled | bool | `false` | If `true`, create a `ServiceMonitor` resource to support the _Prometheus Operator_. |
+| serviceMonitor.interval | string | `nil` | If set override the _Prometheus_ default interval. |
+| serviceMonitor.metricRelabelings | list | `[]` | [Metric relabel configs](https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs) to apply to samples before ingestion. |
+| serviceMonitor.namespace | string | `nil` | If set create the `ServiceMonitor` in an alternate namespace. |
+| serviceMonitor.relabelings | list | `[]` | [Relabel configs](https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config) to apply to samples before ingestion. |
+| serviceMonitor.scheme | string | `nil` | If set overrides the _Prometheus_ default scheme. |
+| serviceMonitor.scrapeTimeout | string | `nil` | If set override the _Prometheus_ default scrape timeout. |
+| serviceMonitor.targetLabels | list | `[]` | Provide target labels for the `ServiceMonitor`. |
+| serviceMonitor.tlsConfig | object | `{}` | Configure the `ServiceMonitor` [TLS config](https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#tlsconfig). |
+| shareProcessNamespace | bool | `false` | If `true`, the `Pod` will have [process namespace sharing](https://kubernetes.io/docs/tasks/configure-pod-container/share-process-namespace/) enabled. |
+| sources | list | `["service","ingress"]` | _Kubernetes_ resources to monitor for DNS entries. |
+| terminationGracePeriodSeconds | int | `nil` | Termination grace period for the `Pod` in seconds. |
+| tolerations | list | `[]` | Node taints which will be tolerated for `Pod` [scheduling](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/). |
+| topologySpreadConstraints | list | `[]` | Topology spread constraints for `Pod` [scheduling](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/). If an explicit label selector is not provided one will be created from the pod selector labels. |
+| triggerLoopOnEvent | bool | `false` | If `true`, triggers run loop on create/update/delete events in addition of regular interval. |
+| txtOwnerId | string | `nil` | Specify an identifier for this instance of _ExternalDNS_ wWhen using a registry other than `noop`. |
+| txtPrefix | string | `nil` | Specify a prefix for the domain names of TXT records created for the `txt` registry. Mutually exclusive with `txtSuffix`. |
+| txtSuffix | string | `nil` | Specify a suffix for the domain names of TXT records created for the `txt` registry. Mutually exclusive with `txtPrefix`. |
+
+----------------------------------------------
+
+Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs/).
diff --git a/charts/external-dns/README.md.gotmpl b/charts/external-dns/README.md.gotmpl
new file mode 100644
index 0000000000..40dd65f125
--- /dev/null
+++ b/charts/external-dns/README.md.gotmpl
@@ -0,0 +1,80 @@
+{{ template "chart.header" . }}
+{{ template "chart.deprecationWarning" . }}
+
+{{ template "chart.badgesSection" . }}
+
+{{ template "chart.description" . }}
+
+{{ template "chart.homepageLine" . }}
+
+{{ template "chart.maintainersSection" . }}
+
+{{ template "chart.sourcesSection" . }}
+
+## Installing the Chart
+
+Before you can install the chart you will need to add the `external-dns` repo to [Helm](https://helm.sh/).
+
+```shell
+helm repo add external-dns https://kubernetes-sigs.github.io/external-dns/
+```
+
+After you've installed the repo you can install the chart.
+
+```shell
+helm upgrade --install {{ template "chart.name" . }} external-dns/{{ template "chart.name" . }} --version {{ template "chart.version" . }}
+```
+
+## Providers
+
+Configuring the _ExternalDNS_ provider should be done via the `provider.name` value with provider specific configuration being set via the
+`provider..` values, where supported, and the `extraArgs` value. For legacy support `provider` can be set to the name of the
+provider with all additional configuration being set via the `extraArgs` value.
+
+### Providers with Specific Configuration Support
+
+| Provider | Supported |
+|------------------------|------------|
+| `webhook` | ❌ |
+
+## Namespaced Scoped Installation
+
+external-dns supports running on a namespaced only scope, too.
+If `namespaced=true` is defined, the helm chart will setup `Roles` and `RoleBindings` instead `ClusterRoles` and `ClusterRoleBindings`.
+
+### Limited Supported
+
+Not all sources are supported in namespaced scope, since some sources depends on cluster-wide resources.
+For example: Source `node` isn't supported, since `kind: Node` has scope `Cluster`.
+Sources like `istio-virtualservice` only work, if all resources like `Gateway` and `VirtualService` are present in the same
+namespaces as `external-dns`.
+
+The annotation `external-dns.alpha.kubernetes.io/endpoints-type: NodeExternalIP` is not supported.
+
+If `namespaced` is set to `true`, please ensure that `sources` my only contains supported sources (Default: `service,ingress`).
+
+### Support Matrix
+
+| Source | Supported | Infos |
+|------------------------|------------|------------------------|
+| `ingress` | ✅ | |
+| `istio-gateway` | ✅ | |
+| `istio-virtualservice` | ✅ | |
+| `crd` | ✅ | |
+| `kong-tcpingress` | ✅ | |
+| `openshift-route` | ✅ | |
+| `skipper-routegroup` | ✅ | |
+| `gloo-proxy` | ✅ | |
+| `contour-httpproxy` | ✅ | |
+| `service` | ⚠️️ | NodePort not supported |
+| `node` | ❌ | |
+| `pod` | ❌ | |
+
+
+{{ template "chart.requirementsSection" . }}
+
+{{ template "chart.valuesSection" . }}
+
+----------------------------------------------
+
+Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs/).
diff --git a/charts/external-dns/ci/ci-values.yaml b/charts/external-dns/ci/ci-values.yaml
index 6c1735cbac..4d278e94be 100644
--- a/charts/external-dns/ci/ci-values.yaml
+++ b/charts/external-dns/ci/ci-values.yaml
@@ -1 +1,2 @@
-provider: inmemory
+provider:
+ name: inmemory
diff --git a/charts/external-dns/templates/_helpers.tpl b/charts/external-dns/templates/_helpers.tpl
index 4f70ccdd8c..a24eec53f6 100644
--- a/charts/external-dns/templates/_helpers.tpl
+++ b/charts/external-dns/templates/_helpers.tpl
@@ -70,3 +70,14 @@ The image to use
{{- define "external-dns.image" -}}
{{- printf "%s:%s" .Values.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.image.tag) }}
{{- end }}
+
+{{/*
+Provider name, Keeps backward compatibility on provider
+*/}}
+{{- define "external-dns.providerName" -}}
+{{- if eq (typeOf .Values.provider) "string" }}
+{{- .Values.provider }}
+{{- else }}
+{{- .Values.provider.name }}
+{{- end }}
+{{- end }}
diff --git a/charts/external-dns/templates/deployment.yaml b/charts/external-dns/templates/deployment.yaml
index 6d4646590c..ef8ad2e200 100644
--- a/charts/external-dns/templates/deployment.yaml
+++ b/charts/external-dns/templates/deployment.yaml
@@ -103,7 +103,7 @@ spec:
{{- range .Values.domainFilters }}
- --domain-filter={{ . }}
{{- end }}
- - --provider={{ tpl .Values.provider $ }}
+ - --provider={{ include "external-dns.providerName" . }}
{{- range .Values.extraArgs }}
- {{ tpl . $ }}
{{- end }}
diff --git a/charts/external-dns/values.schema.json b/charts/external-dns/values.schema.json
index 7b2fd22b99..94b043afe0 100644
--- a/charts/external-dns/values.schema.json
+++ b/charts/external-dns/values.schema.json
@@ -3,7 +3,19 @@
"type": "object",
"properties": {
"provider": {
- "type": "string"
+ "anyOf": [
+ {
+ "type": "string"
+ },
+ {
+ "type": "object",
+ "properties": {
+ "name": {
+ "type": "string"
+ }
+ }
+ }
+ ]
},
"extraArgs": {
"type": "array",
@@ -14,8 +26,20 @@
"secretConfiguration": {
"type": "object",
"properties": {
+ "enabled": {
+ "type": "boolean"
+ },
"mountPath": {
- "type": "string"
+ "type": [
+ "string",
+ "null"
+ ]
+ },
+ "subPath": {
+ "type": [
+ "string",
+ "null"
+ ]
},
"data": {
"type": "object",
diff --git a/charts/external-dns/values.yaml b/charts/external-dns/values.yaml
index 5bc9003645..e12eed3cfc 100644
--- a/charts/external-dns/values.yaml
+++ b/charts/external-dns/values.yaml
@@ -3,118 +3,108 @@
# Declare variables to be passed into your templates.
image:
+ # -- Image repository for the `external-dns` container.
repository: registry.k8s.io/external-dns/external-dns
- # Overrides the image tag whose default is v{{ .Chart.AppVersion }}
- tag: ""
+ # -- (string) Image tag for the `external-dns` container, this will default to `.Chart.AppVersion` if not set.
+ tag:
+ # -- Image pull policy for the `external-dns` container.
pullPolicy: IfNotPresent
+# -- Image pull secrets.
imagePullSecrets: []
-nameOverride: ""
-fullnameOverride: ""
+# -- (string) Override the name of the chart.
+nameOverride:
+# -- (string) Override the full name of the chart.
+fullnameOverride:
+
+# -- Labels to add to all chart resources.
commonLabels: {}
serviceAccount:
- # opt out of the service account token automounting (at the service account level)
+ # -- If `true`, create a new `ServiceAccount`.
+ create: true
+ # -- Labels to add to the service account.
+ labels: {}
+ # -- Annotations to add to the service account.
+ annotations: {}
+ # -- (string) If this is set and `serviceAccount.create` is `true` this will be used for the created `ServiceAccount` name, if set and `serviceAccount.create` is `false` then this will define an existing `ServiceAccount` to use.
+ name:
+ # -- Set this to `false` to [opt out of API credential automounting](https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#opt-out-of-api-credential-automounting) for the `ServiceAccount`.
automountServiceAccountToken:
- # Specifies whether a service account should be created
- create: true
- # Annotations to add to the service account
+service:
+ # -- Service annotations.
annotations: {}
- # Labels to add to the service account
- labels: {}
- # The name of the service account to use.
- # If not set and create is true, a name is generated using the fullname template
- name: ""
+ # -- Service HTTP port.
+ port: 7979
rbac:
- # Specifies whether RBAC resources should be created
+ # -- If `true`, create a `ClusterRole` & `ClusterRoleBinding` with access to the Kubernetes API.
create: true
+ # -- Additional rules to add to the `ClusterRole`.
additionalPermissions: []
-initContainers: []
-
-# Annotations to add to the Deployment
+# -- Annotations to add to the `Deployment`.
deploymentAnnotations: {}
+# -- [Deployment Strategy](https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy).
+deploymentStrategy:
+ type: Recreate
+
+# -- (int) Specify the number of old `ReplicaSets` to retain to allow rollback of the `Deployment``.
+revisionHistoryLimit:
+
+# -- Labels to add to the `Pod`.
podLabels: {}
-# Annotations to add to the Pod
+# -- Annotations to add to the `Pod`.
podAnnotations: {}
+# -- (bool) Set this to `false` to [opt out of API credential automounting](https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#opt-out-of-api-credential-automounting) for the `Pod`.
+automountServiceAccountToken:
+
+# -- If `true`, the `Pod` will have [process namespace sharing](https://kubernetes.io/docs/tasks/configure-pod-container/share-process-namespace/) enabled.
shareProcessNamespace: false
+# -- [Pod security context](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.22/#podsecuritycontext-v1-core), this supports full customisation.
+# @default -- See _values.yaml_
podSecurityContext:
+ runAsNonRoot: true
fsGroup: 65534
seccompProfile:
type: RuntimeDefault
-securityContext:
- allowPrivilegeEscalation: false
- runAsNonRoot: true
- runAsUser: 65534
- readOnlyRootFilesystem: true
- capabilities:
- drop: ["ALL"]
-
-# Defaults to `ClusterFirst`.
-# Valid values are: `ClusterFirstWithHostNet`, `ClusterFirst`, `Default` or `None`.
-dnsPolicy:
-
-priorityClassName: ""
+# -- (string) Priority class name for the `Pod`.
+priorityClassName:
+# -- (int) Termination grace period for the `Pod` in seconds.
terminationGracePeriodSeconds:
-serviceMonitor:
- enabled: false
- # force namespace
- # namespace: monitoring
-
- # Fallback to the prometheus default unless specified
- # interval: 10s
-
- ## scheme: HTTP scheme to use for scraping. Can be used with `tlsConfig` for example if using istio mTLS.
- # scheme: ""
-
- ## tlsConfig: TLS configuration to use when scraping the endpoint. For example if using istio mTLS.
- ## Of type: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#tlsconfig
- # tlsConfig: {}
-
- # bearerTokenFile:
- # Fallback to the prometheus default unless specified
- # scrapeTimeout: 30s
-
- ## Used to pass Labels that are used by the Prometheus installed in your cluster to select Service Monitors to work with
- ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#prometheusspec
- additionalLabels: {}
-
- ## Used to pass annotations that are used by the Prometheus installed in your cluster to select Service Monitors to work with
- ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#prometheusspec
- annotations: {}
-
- ## Metric relabel configs to apply to samples before ingestion.
- ## [Metric Relabeling](https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs)
- metricRelabelings: []
- # - action: keep
- # regex: 'kube_(daemonset|deployment|pod|namespace|node|statefulset).+'
- # sourceLabels: [__name__]
+# -- (string) [DNS policy](https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-s-dns-policy) for the pod, if not set the default will be used.
+dnsPolicy:
- ## Relabel configs to apply to samples before ingestion.
- ## [Relabeling](https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config)
- relabelings: []
- # - sourceLabels: [__meta_kubernetes_pod_node_name]
- # separator: ;
- # regex: ^(.*)$
- # targetLabel: nodename
- # replacement: $1
- # action: replace
+# -- [Init containers](https://kubernetes.io/docs/concepts/workloads/pods/init-containers/) to add to the `Pod` definition.
+initContainers: []
- targetLabels: []
+# -- [Security context](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.22/#securitycontext-v1-core) for the `external-dns` container.
+# @default -- See _values.yaml_
+securityContext:
+ privileged: false
+ allowPrivilegeEscalation: false
+ readOnlyRootFilesystem: true
+ runAsNonRoot: true
+ runAsUser: 65532
+ runAsGroup: 65532
+ capabilities:
+ drop: ["ALL"]
+# -- [Environment variables](https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/) for the `external-dns` container.
env: []
+# -- [Liveness probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/) configuration for the `external-dns` container.
+# @default -- See _values.yaml_
livenessProbe:
httpGet:
path: /healthz
@@ -125,6 +115,8 @@ livenessProbe:
failureThreshold: 2
successThreshold: 1
+# -- Readiness probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/) configuration for the `external-dns` container.
+# @default -- See _values.yaml_
readinessProbe:
httpGet:
path: /healthz
@@ -135,70 +127,104 @@ readinessProbe:
failureThreshold: 6
successThreshold: 1
-service:
- port: 7979
- annotations: {}
-
+# -- Extra [volumes](https://kubernetes.io/docs/concepts/storage/volumes/) for the `Pod`.
extraVolumes: []
+# -- Extra [volume mounts](https://kubernetes.io/docs/concepts/storage/volumes/) for the `external-dns` container.
extraVolumeMounts: []
+# -- [Resources](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) for the `external-dns` container.
resources: {}
+# -- Node labels to match for `Pod` [scheduling](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/).
nodeSelector: {}
-tolerations: []
-
+# -- Affinity settings for `Pod` [scheduling](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/). If an explicit label selector is not provided for pod affinity or pod anti-affinity one will be created from the pod selector labels.
affinity: {}
+# -- Topology spread constraints for `Pod` [scheduling](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/). If an explicit label selector is not provided one will be created from the pod selector labels.
topologySpreadConstraints: []
+# -- Node taints which will be tolerated for `Pod` [scheduling](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/).
+tolerations: []
+
+serviceMonitor:
+ # -- If `true`, create a `ServiceMonitor` resource to support the _Prometheus Operator_.
+ enabled: false
+ # -- Additional labels for the `ServiceMonitor`.
+ additionalLabels: {}
+ # -- Annotations to add to the `ServiceMonitor`.
+ annotations: {}
+ # -- (string) If set create the `ServiceMonitor` in an alternate namespace.
+ namespace:
+ # -- (string) If set override the _Prometheus_ default interval.
+ interval:
+ # -- (string) If set override the _Prometheus_ default scrape timeout.
+ scrapeTimeout:
+ # -- (string) If set overrides the _Prometheus_ default scheme.
+ scheme:
+ # -- Configure the `ServiceMonitor` [TLS config](https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#tlsconfig).
+ tlsConfig: {}
+ # -- (string) Provide a bearer token file for the `ServiceMonitor`.
+ bearerTokenFile:
+ # -- [Relabel configs](https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config) to apply to samples before ingestion.
+ relabelings: []
+ # -- [Metric relabel configs](https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs) to apply to samples before ingestion.
+ metricRelabelings: []
+ # -- Provide target labels for the `ServiceMonitor`.
+ targetLabels: []
+
+# -- Log level.
logLevel: info
+
+# -- Log format.
logFormat: text
+# -- Interval for DNS updates.
interval: 1m
+
+# -- If `true`, triggers run loop on create/update/delete events in addition of regular interval.
triggerLoopOnEvent: false
+# -- if `true`, _ExternalDNS_ will run in a namespaced scope (`Role`` and `Rolebinding`` will be namespaced too).
namespaced: false
+# -- _Kubernetes_ resources to monitor for DNS entries.
sources:
- service
- ingress
+# -- How DNS records are synchronized between sources and providers; available values are `sync` & `upsert-only`.
policy: upsert-only
-# Specifies the registry for storing ownership and labels.
-# Valid values are "aws-sd", "noop", "dynamodb", and "txt".
+# -- Specify the registry for storing ownership and labels.
+# Valid values are `txt`, `aws-sd`, `dynamodb` & `noop`.
registry: txt
-# When using a registry other than "noop", specifies a name that
-# uniquely identifies this instance of external-dns.
-txtOwnerId: ""
-# Specifies a prefix for the domain names of TXT records created by the "txt" registry. Optional. Mutually exclusive with `txtSuffix`.
-txtPrefix: ""
-# Specifies a suffix for the domain names of TXT records created by the "txt" registry. Optional. Mutually exclusive with `txtPrefix`.
-txtSuffix: ""
-
+# -- (string) Specify an identifier for this instance of _ExternalDNS_ wWhen using a registry other than `noop`.
+txtOwnerId:
+# -- (string) Specify a prefix for the domain names of TXT records created for the `txt` registry.
+# Mutually exclusive with `txtSuffix`.
+txtPrefix:
+# -- (string) Specify a suffix for the domain names of TXT records created for the `txt` registry.
+# Mutually exclusive with `txtPrefix`.
+txtSuffix:
+
+## - Limit possible target zones by domain suffixes.
domainFilters: []
-provider: aws
+provider:
+ # -- _ExternalDNS_ provider name; for the available providers and how to configure them see the [README](https://github.com/kubernetes-sigs/external-dns#deploying-to-a-cluster).
+ name: aws
+# -- Extra arguments to provide to _ExternalDNS_.
extraArgs: []
secretConfiguration:
+ # -- If `true`, create a `Secret` to store sensitive provider configuration.
enabled: false
- mountPath: ""
- subPath: ""
+ # -- Mount path for the `Secret`, this can be templated.
+ mountPath:
+ # -- Sub-path for mounting the `Secret`, this can be templated.
+ subPath:
+ # -- `Secret` data.
data: {}
- # credentials: |
- # [default]
- # aws_access_key_id = $SECRET_ACCESS_KEY
- # aws_secret_access_key = $SECRET_ACCESS_KEY
-
-deploymentStrategy:
- type: Recreate
-
-# Optional field that specifies the number of old ReplicaSets to retain to allow rollback with the Deployment.
-revisionHistoryLimit:
-
-# opt out of the service account token automounting (at the pod level)
-automountServiceAccountToken: